9 votes

Microsoft reveals Pluton, a custom security chip to be built into Intel, AMD and Qualcomm processors

4 comments

  1. teaearlgraycold
    Link
    This sounds like Intel ME all over again. Except these computers will also have ME. Yeah, I'm not so sure about this. And for a user like myself these chips will probably only get noticed when...

    Pluton acts as a hardware root-of-trust, which in simple terms protects a device’s hardware from tampering, such as from hardware implants or by hackers exploiting flaws in the device’s low-level firmware

    This sounds like Intel ME all over again. Except these computers will also have ME.

    But that could come back to haunt the company if it got something wrong. Case in point: just last month, security researchers found an “unfixable” security flaw in Apple’s T2 security chip — a custom-built chip in most modern Macs that’s analogous to Microsoft’s Pluton — that could open up Macs to the very security threats that the chip is supposed to prevent.

    Yeah, I'm not so sure about this. And for a user like myself these chips will probably only get noticed when they get in the way of a hardware upgrade.

    10 votes
  2. [3]
    spit-evil-olive-tips
    Link
    Direct link to Microsoft's official announcement: https://www.microsoft.com/security/blog/2020/11/17/meet-the-microsoft-pluton-processor-the-security-chip-designed-for-the-future-of-windows-pcs/...

    Direct link to Microsoft's official announcement: https://www.microsoft.com/security/blog/2020/11/17/meet-the-microsoft-pluton-processor-the-security-chip-designed-for-the-future-of-windows-pcs/

    Ctrl-F Linux...nothing.

    Ctrl-F open source...nothing.

    Hmm. Color me skeptical.

    We've seen lots of moves in the past few years by Microsoft to embrace & extend Linux and open source. This makes me wonder if their end goal is a modified version of "extinguish" - bind Windows and the hardware more tightly together, so that keeping Windows as your bare metal OS is more attractive, while improving the experience of running the Linux subsystem. That way everyone still pays Microsoft for licenses, and meanwhile Linux becomes the top "power user app" in the Windows App Store.

    9 votes
    1. RNG
      Link Parent
      According to The Verge [1]: It does appear that Linux support will likely be trivially easy and incentivized to work with Microsoft's cloud Linux offerings. What concerns me is this: I also expect...

      According to The Verge [1]:

      There are no firm details on Linux support just yet, but Microsoft already uses Linux with Pluton in its Azure Sphere devices, so it’s likely to be available whenever these chips ship.

      It does appear that Linux support will likely be trivially easy and incentivized to work with Microsoft's cloud Linux offerings. What concerns me is this:

      New chips and security do mean new fears about DRM, and the fact that processors will now call back to Microsoft’s cloud infrastructure for updates. “This is about security, it’s not about DRM,” explains Weston. “The reality is we’ll create an API where people can leverage it, it’s definitely possible for folks to use that for protection of content, but this is really about mainstream security and protecting identify and encryption keys.”

      I also expect the same privacy and security issues raised by Intel ME to be present here. I'd like to see vendors like System76 continue to disable/remove Pluton in addition to their disabling of ME.


      [1] https://www.theverge.com/2020/11/17/21571069/microsoft-pluton-processor-security-windows-pc

      5 votes
    2. tindall
      Link Parent
      We currently see Apple doing this. I would be appalled but not surprised if Microsoft did it too.

      We currently see Apple doing this. I would be appalled but not surprised if Microsoft did it too.

      2 votes