Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
AMD Security Intel Microsoft

Microsoft Reveals Pluton, a Custom Security Chip Built Into Intel, AMD, and Qualcomm Processors (techcrunch.com) 143

An anonymous reader shares a report: For the past two years, some of the world's biggest chip makers have battled a series of hardware flaws, like Meltdown and Spectre, which made it possible -- though not easy -- to pluck passwords and other sensitive secrets directly from their processors. The chip makers rolled out patches, but required the companies to rethink how they approach chip security. Now, Microsoft thinks it has the answer with its new security chip, which it calls Pluton. The chip, announced today, is the brainchild of a partnership between Microsoft, and chip makers Intel, AMD, and Qualcomm. Pluton acts as a hardware root-of-trust, which in simple terms protects a device's hardware from tampering, such as from hardware implants or by hackers exploiting flaws in the device's low-level firmware. By integrating the chip inside future Intel, AMD, and Qualcomm central processor units, or CPUs, it makes it far more difficult for hackers with physical access to a computer to launch hardware attacks and extract sensitive data, the companies said. "The Microsoft Pluton design will create a much tighter integration between the hardware and the Windows operating system at the CPU that will reduce the available attack surface," said David Weston, director of enterprise and operating system security at Microsoft.
This discussion has been archived. No new comments can be posted.

Microsoft Reveals Pluton, a Custom Security Chip Built Into Intel, AMD, and Qualcomm Processors

Comments Filter:
  • by Z80a ( 971949 ) on Tuesday November 17, 2020 @11:48AM (#60734650)

    Or alternatively, yet another hidden CPU to be hacked and that you can't easily detect it was compromised or fix it because its a black box.

    • Oh, no. It's right there in the article. It's going to support Linux too. You see we love Open Source now!! </sarcasm>
      • by Thud457 ( 234763 ) on Tuesday November 17, 2020 @01:01PM (#60734926) Homepage Journal

        Three Rings for the Apple-kings under the sky,
        Seven for the Linux-lords in their halls of stone,
        Nine for Android Men doomed to die,
        One for the Dark Lord on his dark throne
        In the Land of Redmond where the Shadows lie.
        One Ring to rule them all, One Ring to find them,
        One Ring to bring them all, and in the darkness bind them,
        In the Land of Redmond where the Shadows lie.

        • by waveclaw ( 43274 )

          In Tolkin's tales the seven given to the stocky dwarves toiling in their dark caves did not turn them to the master as expected. Instead they honed their greed for delving deep.

          Likewise any security system is at the mercy of shipment. Once in hand it is the hardware owner who has the control.

          Your typical serf might not even be able to deal with the failure of a network card.

          But these Linux and GNU and BSD folk toil endlessly in those deep caves. They have proven time and time again to be quite capab

      • by AleRunner ( 4556245 ) on Tuesday November 17, 2020 @01:07PM (#60734942)

        Oh, no. It's right there in the article. It's going to support Linux too. You see we love Open Source now!! </sarcasm>

        Linux is now huge money. Amazon alone is now one of the biggest buyers of chips and is fully aware, from competing with Azure, that Microsoft has a long term aim of destroying them. Everyone loves "Open Source" now as long as the Open Source developers stay in their nice little MIT / Apache / GPLv2 box producing for free software that Amazon and Google can freely use whilst never having a chance to build a separate business of their own that might threaten those leaders.

        The threat here is not that Linux will be excluded. The threat is that this connected controlled and managed layer will be below Linux and Intel's definition of secure is "normal users and security researchers can't find the problems". The existing management functions [wikipedia.org] , running in ring -3, have already shown that. The secret services know how to manipulate them but the users have great difficulty disabling those functions.

        The only solution is first systematically moving off Microsoft and Apple controlled hardware designs and towards Linux dedicated hardware like System76 [system76.com] or even the DELL XPS series and then, as that becomes more common demanding more pure hardware like Pinephone and like librem was supposed to be delivering.

        • DMA-driven connectivity is the norm now that Thunderbolt found its way outside the Apple walled-garden and into USB-C. Throw RDMA into the mix for high performance file server requirements and this now means that the operating system needs to implement virtualisation (ring -1) by default to secure systems from a new class of hardware/firmware tampering vulnerabilities, assisted by IOMMU. Linux folks might associate IOMMU with vfio but in reality, it's used by almost every new computer running Windows for en
          • Anything which helps better enforce a secure root-of-trust from hardware through to application software is a good thing, as long as it's reprogrammable to allow the system administrator to choose what is and isn't trusted. If morons hadn't of rejected Palladium/NGSCB we would be in a far better shape security-wise already on both Linux and Windows.

            It's not good enough that this particular generation is reprogrammable. There has to be a guarantee that there will be future generations of the hardware which are fully controllable by Linux. Look at the problems of Android phones where, whilst Google needed open source developers they kept releasing nice easily reflashed phones and in the days of Cyanogenmod many phones worked. Now that Google has got what it wants, the new phones are no longer as easy to take control of and LineageOS [lineageos.org] has a harder time d

    • by MrL0G1C ( 867445 ) on Tuesday November 17, 2020 @12:03PM (#60734706) Journal

      Exactly that, a waste of silicon that you'll have to pay for whether you like it or not and it gives criminals and 3-letter agencies the chance to pawn your computer more easily than ever before.

      How will anti-virus be able to detect if it's being misused? Sounds like Intel management Engine all over again.

      • by Z80a ( 971949 )

        Management Engine's little brother.
        And you get both if you get intel.
        Of course, you get PSP if you get AMD

        • by DrYak ( 748999 ) on Tuesday November 17, 2020 @01:09PM (#60734954) Homepage

          Also, a few months for now:
          "Security researcher have successfully written an exploit that runs code inside Pluton itself. Results presented at upcoming CCC 2021 conference".

          (that's the Arstecnica title. Meanwhile
          On Phoronix: Benchmarking Linux running CPUs with Pluton turned on vs. legacy Pluton-less CPUs.
          On Hack-a-day: "I successfully ported SystemD to Pluton so I can administer my machine will it's powered down"
          On Phoronix: Benchmarking Linux running *on* Pluton.
          On Shodan: "Now you can also scan the whole interwebz for unpatched vulnerable pluton"
          On HaveIBeenPwnd: "Pluton microcode found to accidentally contain credential of half of Microsoft's staff"
          On Phoronix: new benchmark written by Michael that measures the time it takes to crack the pluton credentials.
          On /. : (various trolls copy-pasting sauwastika and trump propaganda under Pluton related articles

          In year 3121: GNU/Herd considering adding Pluton as a potential target architecture).

      • by nightflameauto ( 6607976 ) on Tuesday November 17, 2020 @12:46PM (#60734868)

        My first thought was if it's integrating hardware and OS that any configuration change is gonna have to be "approved" by Microsoft. New hard drive? Wait for approval. New GPU? Wait for approval. More memory? Wait for approval. And how long before each approval needs another licensing fee?

        I trust Microsoft's security track record about as far as I can theoretically throw a building.

        • This is 2013 all over again. Doomsayers preaching the world is going to end because Microsoft was involved in some low level security system like Secure Boot. At some point the crying wolf scenario just gets tiring.

        • by Jerry ( 6400 )
          My first suspicion is that Pluton would only recognize WSL2 or later, given M$ history of skulduggery and conviction for criminal activity.
      • by raymorris ( 2726007 ) on Tuesday November 17, 2020 @01:46PM (#60735094) Journal

        Pluton is pretty much the exact opposite of Intel Management Engine. IME added another component that has total access to everything. IME added access, a new way to get access to all data. Pluton makes it so that the Meltdown and Spectre ridden parts of the CPU have less access to your passwords, private keys, etc. Pluton removes ways for bad guys to access your secrets.

        If you don't think Intel is trustworthy, than Pluton is for you. It means you don't have to trust your CPU as much.

        First, let's be clear about two concepts - trusted and trustworthy. Your keyboard sees everything you type. All of your passwords that you type. When you log in to your computer, you are trusting your keyboard. You have no choice but to trust your keyboard - you can't use your computer without trusting the keyboard. It's therefore part of what we call the "trusted computing base". These are components that you have to trust.

        If your keyboard is a Bluetooth keyboard made in China, maybe it's not *trustworthy*. Maybe you don't want to trust it, but you do. So it's trusted, whether or not it's trustworthy.

        Your CPU can also see all of the data coming into your computer and going out, so it's also trusted. Whether or not it's trustworthy is a different question, but if you use an Intel processor, you do trust Intel. That's a key point that bears repeating, in caps:
        YOU ALREADY COMPLETELY TRUST INTEL OR AMD.

        You *have* to trust your CPU. You can't use your computer without trusting your keyboard, CPU, OS, and the busses and other connections between those components. That's your trusted computing base, the things you trust - and have to trust.

        Because an Intel CPU is hugely complicated, hackers can do weird, clever things with it. It's less trustworthy because of the complexity of speculative execution, hyperthreading, etc. To make things safer / more trustworthy, we want to store and processour passwords, private keys etc with something smaller and simpler than a Core i9, and not in the same CPU registers that are used to run JavaScript.

        If you don't want to trust Intel to make the CPU safe and secure, you don't want your private key cryptography being done right there with Minecraft, in the same CPU core. If you don't trust Intel to get it right, you want to do your AES encryption in a simpler silicon that isn't also used for Zoom meetings at the same time.

        That simpler silicon, isolated from random applications, is the trusted platform module (TPM). It does cryptography, keeping your secrets, separate from the main CPU. That's a GOOD thing if you don't want to trust Intel (and I don't).

        The weakness with the TPM implementation is the bus between the CPU and TPM. That's where hackers have attacked, successfully. The can get your secrets by doing weird things to the bus.

        So how do we improve security? How do we make your secrets safer? One way to do that would be by getting rid of the bus between the main CPU and the TPM. Remove that attack point.

        That's what Pluton is - getting rid of that vulnerable bus by moving the TPM (the simpler core responsible for keeping your secrets) onto the same chip as the CPU.

        Using the TPM means that the main CPU doesn't have access to your private key, so it can't leak your private key. That's a good thing if you don't think Intel is trustworthy. Removing the vulnerable bus by going to Pluton gets rid of a way that attackers have been able to get your secrets.

        • by MrL0G1C ( 867445 )

          1. I don't trust any corporation at all. I simple hope that they don't do shitty things and that if they do, then I can switch to a competitor.
          2. I'd rather they not put yet another CPU in my CPU that can potentially allow a 3rd party secret control regardless of OS.
          3. More complication equals greater vulnerability foot-print.
          4. Hardware vulnerabilities are generally harder to fix than software vulnerabilities, don't put stuff in hardware that can't be fixed.

          From my point of view TPM is copyright bollocks a

        • by amorsen ( 7485 )

          Intel literally manufacturers the TPM. If they are malicious, it is much easier to hide that in the TPM, with its rarely used blackbox functions, than in regular instructions that give well-defined results.

          • by Immerman ( 2627577 ) on Tuesday November 17, 2020 @03:23PM (#60735366)

            Really? You think that if Intel were malicious, they would publicly document the "do evil things" instructions? You have no idea what undocumented instructions may or may not be lurking in your CPU. The only way to even begin to be sure is to attempt to run every possible instruction code - all 2^48 (281+ billion) possible combinations of opcode and prefix, and look for any obvious undocumented behavior. And of course even that would be completely ineffective at exposing even slightly obfuscated functionality - for example if you had to run the undocumented "unlock evil instructions" instruction with the right 256 bit "unlock code" parameter before the other instructions would do anything.

            The common name for such a search is "fuzzing", and it has in fact exposed tons of undocumented instructions in modern CPUS, including many that are shared between AMD and Intel - which strongly suggests that they were implemented and left documented intentionally, rather than simply being a CPU "misfire" when faced with an invalid instruction.

            • thats not true. there is now the cpu red pill attack and researchers have decrypted and are studying the microcode directly. they also have a hardware level debugger in the ME. https://github.com/chip-red-pi... [github.com]
              • by noodler ( 724788 )

                researchers have decrypted and are studying the microcode directly

                It would be 'trivial' for intel to have some sort of op code overlay inside the CPU that is fixed function (not encoded in the microcode but hard coded in the cpu architecture) which does nefarious things.
                If you don't know exactly what the microcode runs on you can't say with 100% certainty what the microcode will actually do.

                And even if you do what parent suggested, going over every single instruction, there could be a secret door knocking scheme where you have to run a particular (possibly completely illo

          • If Intel is malicious, that's game over. You are not verifying the circuits of your CPU with an electron-scanning microscope. If Intel is malicious, their CPU can do whatever it wants.

            What we can partially defend against is if Intel screws up.

            If you DID want to try to examine all the relevant gates with an electron-scanning microscope, do you think it would be easier to examine 3 billion transistors and the connections between them, or several thousand? The whole CPU is over 3 billion transistors. If you t

        • by AmiMoJo ( 196126 )

          AMD CPUs have the TPM built in so no need for an external bus. This thing must have some advantages over TPM, presumably.

          • AMD CPUs have the TPM built in so no need for an external bus. This thing must have some advantages over TPM, presumably.

            None that I've seen in any documents i can find from Microsoft or in the news. It literally sounds like an fTPM to me.

        • That's what Pluton is - getting rid of that vulnerable bus by moving the TPM (the simpler core responsible for keeping your secrets) onto the same chip as the CPU.

          I'm going to assume there's more to it than that since Pluton is also for AMD CPUs, AMD CPUs which already feature fTPM modules in them and thus don't have an external bus to attack.

          • That's what Pluton is - getting rid of that vulnerable bus by moving the TPM (the simpler core responsible for keeping your secrets) onto the same chip as the CPU.

            I'm going to assume there's more to it than that since Pluton is also for AMD CPUs, AMD CPUs which already feature fTPM modules in them and thus don't have an external bus to attack.

            I am not an expert here but I believe that you are incorrect - that the fTPM in the PSP is attackable over a bus. AFAIK the PSP is not in the CPU die itself. Either way, Intel already had an fTPM also.

        • Pluton removes ways for bad guys to access your secrets.

          If you have to use "bad guys" as a qualifier, your argument is invalid.

          • >> Pluton removes ways for bad guys to access your secrets.

            > If you have to use "bad guys" as a qualifier, your argument is invalid.

            Pluton removes ways for random ass people to access your passwords and other secrets. Do you like that better?

            I really have no idea what you might be trying to say, what your point could possibly be. Are you one of those people who think that if you pretend that criminals don't exist, they'll actually cease to exist, so the best thing you can do is be absolutely wrec

        • What insider knowledge are you basing this on? Because I've read the Microsoft press release and like 5 different news articles and to me it sounds exactly like a Microsoft rebranding of the fTPM inside of the PCH on Intel devices and the PSP in AMD devices. And if it is in the PCH it is literally no better than what you have now. But there is nothing inherently insecure about a discrete TPM as long as you're encrypting the bus traffic. Sure someone could DoS your physical bus but if this is in the PSP o
      • Sounds like Intel management Engine all over again.

        Sounds more like AMD's Platform Security Processor. IME has a bigger scope than just providing security.

    • These days, I am very suspicious of opaque hardware that is claimed to make systems more secure. Who knows what undocumented "features" this new chip might contain?

      • by bjwest ( 14070 )
        Well, at least we know about this one. Who know what's on the silicon that we are completely unaware of.
      • Who knows what undocumented features your CPU already contains? There's TONS of undocumented instructions in modern CPUs

    • Well poindexter finally got his wish. Does it have a backdoor like the Clipper chip?

      • Hallelujah! Even were it to have a backdoor, it doesn't reduce overall platform security relative to what we have today.

        An attacker would still have to compromise a userland app, then attack the kernel without the hypervisor noticing, then attack the hypervisor itself, then attack the Minix OS (assuming Intel) which acts as a CPU Monitor to make use of any backdoors. This also doesn't take into account the security enhancement afforded by controlling what can and can't be executed in the first place, whi
  • Microsoft isn't going to rest until the ONLY operating system you can run on ANY computer is Windows...

    "The Microsoft Pluton design will create a much tighter integration between the hardware and the Windows operating system at the CPU that will reduce the available attack surface," said David Weston, director of enterprise and operating system security at Microsoft."

    • Well, at least there is enough old hardware around and it is quite capable of doing everyday tasks. Gaming needs Windows anyway so whatever.

      • "Gaming needs Windows anyway"

        Proof that they already got you there. Same method they would get you here.

    • by Vlad_the_Inhaler ( 32958 ) on Tuesday November 17, 2020 @12:10PM (#60734730)

      Well, this is obviously not going on Apple devices - unless they get their own version.
      I'm somewhat worried about how this is going to affect my ability to put Linux on a PC - particularly a Laptop - but anti-monopoly laws should render hardware lockdowns a non-starter.
      Linux is a big deal on the Server side of things nowadays so manufacturers are not going to start locking it out, but what about consumer devices? Not really wanting to pull politics into this but I'd be a lot more worried if the previous incumbent had been reelected in the US, he and his have a record of ignoring the past consensus.

      • by anss123 ( 985305 )

        Apple has the T2 chip, which has been shipping for a number of years now.

        Now, to keep Linux healthy on the laptop, what you can do is buy laptops that officially supports Linux instead of Macbooks or whatever. Then you're not supporting manufactures with an interest in locking down their platforms.

      • Remember when everyone here was getting their panties in a bunch over secure boot? Turned out to be absolutely nothing.

        • by amorsen ( 7485 )

          Remember when everyone here was getting their panties in a bunch over secure boot? Turned out to be absolutely nothing.

          Tell that to the people trying to run linux on the Surface Pro X.

          Secure boot on x86 was luckily neutered. Secure boot on non-x86 was not so lucky.

          • All 7 of them?

            • by amorsen ( 7485 )

              All 7 of them?

              That is exactly the point. There are none, because it does not work. Once the mainstream PC industry transitions to ARM, that is the reality.

          • Secure boot on x86 was luckily neutered.

            It hasn't changed, moreover the policy never said you couldn't simply turn it off, in fact just to be sure they even mandated that it must be able to be turned off lest some of the lazier OEMs just whack it in and not bother with an 'off' switch. Some people just had this imagined version where Microsoft was going to make secure boot mandatory everywhere and not allow it to be turned off and would enforce this across all PC hardware makers, obviously there's no reason for that and it wouldn't work anyway ev

            • by amorsen ( 7485 )

              Again, you can turn it off on x86. There is no such mandate on ARM.

              • Again, you can turn it off on x86. There is no such mandate on ARM.

                That's up to the vendors, same as x86. The point is that there is no mandate that it be on.

        • by dryeo ( 100693 )

          I've got a tablet, not too bad of specs (some quad core Atom) but with only 1 GB of ram and boot locked to Windows, it isn't very useful as Windows itself seems to use over a GB of ram. Sure I can run any x86 Windows program on it, as long as it doesn't use ram.
          Be nice to install a minimal Linux on it but due to secure boot, no.

    • and on server they need to give full update control aka NO working hours limited window for 2016 and higher.

    • Microsoft isn't going to rest until the ONLY operating system you can run on ANY computer is Windows...

      What is this 1992? Might struggle to get Windows running on a Mac (given the shift to apple's own processors), iPad, iPhone, Chromebook, Android device, etc... not to mention computers like the Raspberry Pi aren't going to exclusively run Windows. But more to the point this is really just moving the existing TPM onto the CPU rather than it being a separate chip and given they are using this in their datacenters that rely on Linux (because Windows is simply not viable in datacenters, Microsoft themselves kno

      • Google, the major consumer Linux supplier, relies on trusted boot for Android and Chrome OS. You can disable that and replace the OS but it comes with a big scary warning that trips a software fuse.

        So yes, Linux will function without those things. But bye-bye support for 4K Widevine Level 1 and various banking or streaming apps that check that a device hasn't been rooted.

        • So how is this "Pluton" any different?
          • In theory it isn't. The principle of DRM trusted hardware is now consistent across iOS, macOS, Chrome OS, Android and Windows 10.

            If that day comes when you can't disable this stuff in the BIOS (UEFI), we still have Linux-first offerings such as Raspberry Pi, Talos II and Pinebook Pro.

            • In theory it isn't.

              Right, you don't have to use it. Just like SecureBoot, it's there but I don't have to use it.

              If that day comes when you can't disable this stuff in the BIOS (UEFI), we still have Linux-first offerings such as Raspberry Pi, Talos II and Pinebook Pro.

              I don't think you can necessarily disable Pluton (or TPM for that matter) in the BIOS, but the question is really why would you need to?

    • And Apple isn't doing this exact thing as well with their M1 chips?

      Don't sound so surprised giant tech companies want their product to be the only product available
  • Fuck Off (Score:3, Insightful)

    by Smonster ( 2884001 ) on Tuesday November 17, 2020 @11:56AM (#60734680)
    And...the person who bought the computer can’t have full access either, right? Fuck you Microsoft.
  • by krray ( 605395 ) on Tuesday November 17, 2020 @11:58AM (#60734686)

    Apple fan boy here -- didn't Apple try this w/ the T2 chip.
    And how long did it take to hack that (it's been done).
    This security chip will be easily cracked in 3 ... 2 ...

    • Obvious reason why: MS itself wants to keep some access. And any access they have is by definition the backdoor.

    • This security chip will be easily cracked in 3 ... 2 ...

      This security chip is fundamentally a fix for the previous one (TPM) which has vulnerabilities. I for one welcome the continued game of cat and mouse. Life won't be improved if the engineers just say fuck it the hackers have won.

  • Each new generation of devices becomes increasingly locked down. Each new wave of vulnerabilities requires more integration between software and hardware. Where does this end? Do consumers care about owning a device they are free to run whatever OS or code they want? Will we be safer? Will we trade freedom for security?
  • I dont understand the hardware side of things well enough to really know what I'm talking about.

    But from the article it makes memtion that its used as a sort of DRM in the xbox console. Maybe DRM is the wrong word. Anyways, do we really want that sort of thing in our desktop computers?

    Could this suggest eventually being able to buy a computer only capable of runnimg windows, or paying extra for an actual computer? (Thinking about those old software based "win-modems")

    • Also came here because this sent up red flags for DRM potential. We must avoid inventing practically viable DRM at all costs, it would be the worst invention in computing history and one of the worst in human history.

  • by Spinlock_1977 ( 777598 ) <Spinlock_1977&yahoo,com> on Tuesday November 17, 2020 @12:04PM (#60734710) Journal

    There's a lot to scratch your head at in this article:
        - Adding complexity increases security
        - Four companies came up with a design that favored security over compromise
        - A security mechanism that is not open-source has nothing to hide, and you can trust your secrets to it
        - A security mechanism that is not open-source could ever be used in Risc-V processors or other open-source projects
        - They're doing this solely to benefit security. It's not hard to see lock-in potential here.

    And finally, Pluton? Really? Pluton?? Sounds like a corny 50's-era sci-fi. Someone badly needs to go to Cool Name school. I sure hope it's good!

    • Re: (Score:3, Insightful)

      by thegarbz ( 1787294 )

      - Adding complexity increases security

      Yeah I've heard about this before but I don't by it. That's why I only have one account on my computer "root" and I leave the password blank. Otherwise it's too complex /s

      In reality yes complexity does increase security, after all the least complex thing to do is simply to ignore security. Okay let's implement a login system. Oh wait those passwords stored in plain text, let's implement encryption. Oh wait you can break that with rainbow tables and if you break one you break them all, fine let's implementin

    • See, the first thoughts I had, being someone who is running Ubuntu and not Windows on anything, are: will it require some proprietary, closed-source code, in order for Linux to even boot up and run? Can it be disabled permanently, say in BIOS settings? Or are you literally locked into it if you buy a CPU that has it? Depending on the answers, this could be very, very chilling indeed. I, for one, finally got away from Windows a couple years ago because with Windows 10 it had become so incredibly invasive and
    • And finally, Pluton? Really? Pluton?? Sounds like a corny 50's-era sci-fi. Someone badly needs to go to Cool Name school. I sure hope it's good!

      It's from geology -- a pluton is a body of intrusive igneous rock. So basically, they're saying that this new security hardware has been forced into a CPU design where it will be distinct from the regular CPU hardware.

  • by The Faywood Assassin ( 542375 ) <benyjr&yahoo,ca> on Tuesday November 17, 2020 @12:06PM (#60734718) Homepage

    Basically gatekeeping chips.

    Is this really the best idea? In five years are they going to suggest another chip that limits access to Pluton? And then another chip that limits access to that chip?

    What was the root cause of all this to begin with? Are gatekeeping chips just a bandaid for the real issue of not testing for exploits thoroughly enough?

    • by Rick Schumann ( 4662797 ) on Tuesday November 17, 2020 @01:04PM (#60734932) Journal
      I and others have suspected for quite a long time now that the Microsoft end-game is to exclude, or at best own, all operating systems that aren't Windows; that they'd prefer non-Windows operating systems didn't exist at all, but that they'd settle for having control of them. As I just stated to someone else, I think the litmus test in this instance is whether you have to have some closed-source proprietary code for this new embedded 'security' processor in order to even run any version of Linux; if so then Microsoft is clearly wanting to be the 'gatekeepers' as you say, and this must be fought against somehow. If it can't be disabled entirely that's also a problem. If we can't be 100% in control of the local machine for any reason then that's always going to be an unacceptable problem.
      • I and others have suspected for quite a long time now that the Microsoft end-game is to exclude, or at best own, all operating systems that aren't Windows; that they'd prefer non-Windows operating systems didn't exist at all, but that they'd settle for having control of them. As I just stated to someone else, I think the litmus test in this instance is whether you have to have some closed-source proprietary code for this new embedded 'security' processor in order to even run any version of Linux; if so then Microsoft is clearly wanting to be the 'gatekeepers' as you say, and this must be fought against somehow. If it can't be disabled entirely that's also a problem. If we can't be 100% in control of the local machine for any reason then that's always going to be an unacceptable problem.

        I think you're wrong here, honestly. First of all, Microsoft makes the bulk of their money from cloud now, which is almost all Linux based. Secondly, I don't think they have any interest in this sort of a monopoly. Third, their logo requirements force you to support installing Linux whether the hardware vendor wants to or not. Only Microsoft products (surface) can pass logo certification without 3rd party OS support.

  • by iggymanz ( 596061 ) on Tuesday November 17, 2020 @12:11PM (#60734732)

    so now we're going to make bandaid silicon instead of proper design? Hackers will target the bandaid too.

    • Sure if we take a Low-IQ approach at looking at the problem then every new feature is nothing more than a bandaid for something else.

      • This is a band aid for the problem of insecure-by-design CPUs. It may work, but more likely they will fuck it up and it will create more vulnerabilities.

        • No. It's a band aid for the problem of attacks on hardware. It's purpose isn't limited to Spectre or Meltdown but rather an upgrade of the existing hardware level security chips that have been developed and subsequently attacked in the past.

          Thinking you can achieve security without dedicated hardware to prevent a hardware level attack is just silly.

  • by xack ( 5304745 ) on Tuesday November 17, 2020 @12:11PM (#60734734)
    And will be jailbroken by the first hacker that can't boot his Linux distro.
  • So, users are supposed to trust Microsoft, the company that has repeatedly pushed stuff down users throats forcefully such as windows 10, edge, etc installing stuff on their computers without asking or even after asking and being denied?! I myself saw a windows 7 system reboot in the middle of surgery, without warning, with the GPO set not to install windows 10, not to reboot without asking, etc etc, causing the surgeon to have to close up a patient and delay surgery a week and almost caused the entire ope
    • To be fair, the blame in this case lies 100% with whoever provided that medical equipment running Windows 7.

      Even though Microsoft's upgrade practices suck, it's never been any secret that Windows 7 would regularly interrupt your work to install crap and reboot. Anybody who uses that consumer-grade OS in a real-time mission-critical medical role is grossly negligent.

      Even if there is some valid reason they couldn't use a real highly reliable OS like VxWorks for whatever they were doing, they should have at le

  • How long before some media company wants to lock you out of your computer because you have media files on your computer that they think you should not have on your computer?
  • by chill ( 34294 )

    So, it looks like an on-die TPM instead of a separate package on an external bus.

  • It sounds to me like there has to be a way to disable this 'security processor' completely, or it might just be a deal-breaking non-starter. It sounds like a fundamentally flawed idea, and for that reason alone is suspect of being misrepresented.
  • Cowboy Neil tries not to step in them so as to not mess up his boots.

  • Just the other day, I was thinking, "You know, Microsoft really doesn't have enough control over my computers yet. How can I turn that screw a little tighter?"

  • Why on earth would you want this as part of the CPU?

    It seems destined to fail and fail badly.

  • TFA is behind a cookie-nag-screen so I refuse to click and read it.
    From Microsoft's "blog" [microsoft.com], I get the impression that this Pluton "chip" is a basically Trusted Platform Module [wikipedia.org] with a few new Microsoft-proprietary bells and whistles.
    The big feature touted is that because it is in the same die (or package) as the CPU and not a separate socket (like the one on almost every desktop PC's motherboard), it would be physically safe from attacks on the bus between them.

    Nowhere can I find how Pluton would protect aga

  • Oh, look, it's Palladium 2.0.

    Of course, Apple did it in phones and hardly anyone raised a fuss, and those that did were drowned out by the fanboys. Now that shit is everywhere.

    Stallman was right.

  • You boot into your favorite flavor of Linux and breathe a sigh of relief, glad to be free of the shackles of Windows, when suddenly an unwelcome visitor pops up on your desktop: "Hey! It looks like your using Linux. Would you like help? Please choose from one of the options below: -Reformat hard drive, install Windows 10. -Reformat hard drive, install Windows 10 -Reformat hard drive, install Windows 10
  • I've heard one or more groups are working on FOSS CPU designs; if these sorts of so-called 'security' embedded processors are going to be a problem, then a FOSS CPU would be one way to circumvent their control of people's computers.
  • Of course this does not loon very promising for the Linux.

    However Microsoft's hardware security has a proven track record (unlike their software). The Xbox One was never hacked. It was essentially a locked down PC.

    The same can be applied to off-the-shelf PCs. The issue is of course how much power will be given to the users. Ultimately, if they allow open source firmware it would be great. If it entirely depends on Microsoft trade secrets, it would be an issue.

"To take a significant step forward, you must make a series of finite improvements." -- Donald J. Atwood, General Motors

Working...