[Microsoft]Meet the Microsoft Pluton processor – The security chip designed for the future of Window

[Huzzug]

Quote

Today, Microsoft alongside our biggest silicon partners are announcing a new vision for Windows security to help ensure our customers are protected today and in the future. In collaboration with leading silicon partners AMD, Intel, and Qualcomm Technologies, Inc., we are announcing the Microsoft Pluton security processor. This chip-to-cloud security technology, pioneered in Xbox and Azure Sphere, will bring even more security advancements to future Windows PCs and signals the beginning of a journey with ecosystem and OEM partners.

https://www.microsoft.com/security/blog/2020/11/17/meet-the-microsoft-pluton-processor-the-security-chip-designed-for-the-future-of-windows-pcs/

 

Thoughts... 

[Darkpriest667]

So it's a TPM or PTT chip that also communicates with the cloud, no this won't have a million bugs.  I see how it's "separate" from the TPM chip and communicates with it. I can tell you this will be a nightmare to support. TPM already is because mom and pop shops use it when they really don't need it. 

[ENTERPRISE]

I tell you what, that cloud platform will need to be hella secure. Considering that the cloud platform...so basically the internet has access at a hardware level to your PC would in my mind be fairly catastrophic if there was a breach of some form. That is the main drawback for me.

[Huzzug]

I think the application for this chip is going to be more than just.....I can't think of anything other than DRM. I mean it's being implemented by every chip maker and with things moving towards cloud, MS could be selling it's DRM solution to streaming platforms, which seem to be popping up everywhere. 

[tictoc]

Can't wait to have to jailbreak my x86 CPU.  Security in silicon is a great idea until exploits and/or flaws are found. SGX is a nice dumpster fire, and I think it's on like round 40 of patches to try and plug it's holes to get it mainlined in the Linux kernel. 

 

This looks like another black box on top of the existing PSP and Intel ME, both of which have had more than a few security holes. 

[UltraMega]

CPUs and GPUs already have some hardware level DRM-like features for things like streaming copyrighted videos. Hardware level security features is something that's been slowing growing over time. 

[Diffident]

Why would we put specific proprietary OS functions in a CPU?  The OS should be written to leverage functions of a CPU, not the other way around...that's what OS's do. 

 

Will there now be a licensing fee paid to Microsoft included with the purchase of every CPU? 

 

Overall this sounds more like a way for Microsoft to collect telemetry with no way of turning it off. 

[Darkpriest667]

Quote

On 11/19/2020 at 5:44 PM, Diffident said:

Why would we put specific proprietary OS functions in a CPU?  The OS should be written to leverage functions of a CPU, not the other way around...that's what OS's do. 

 

Will there now be a licensing fee paid to Microsoft included with the purchase of every CPU? 

 

Overall this sounds more like a way for Microsoft to collect telemetry with no way of turning it off. 

 

Sorry I just sawt this. The reason is to force people to use two things:

 

#1 Your OS

 

#2 A registered copy of your OS

 

If Windows becomes subscription based this would be a good way to turn off any board that doesnt update their subscription. I've found no way to circumvent it. The chips are with ODMs and OEMs now.

[schuck6566]

“Intel continues to partner with Microsoft to advance the security of Windows PC platforms. The introduction of Microsoft Pluton into future Intel CPUs will further enable integration between Intel hardware and the Windows operating system.” – Mike Nordquist, Sr. Director, Commercial Client Security, Intel.

 

^^^^^^^^^

Because we ALL know how secure Intel is with their cpu's....  "Besides Meltdown and Spectre, other transient attacks were eventually discovered during the past two years, including the likes of Foreshadow, Zombieload, RIDL, Fallout, and LazyFP."  "LVI's position in all these attacks is, technically, of a reverse-Meltdown. While the original Meltdown bug allowed attackers to read an app's data from inside a CPU's memory while in a transient state, LVI allows the attacker to inject code inside the CPU and have it executed as a transient "temporary" operation, giving attackers more control over what happens."  3 Patches and counting in less than 1 years time.https://www.engadget.com/2020-01-27-intel-third-mds-patch.html

Not to mention the old processors they threw under the bus because it was too much trouble for too little return.https://www.digitaltrends.com/computing/intel-not-patching-spectre-older-cpu/

I trust MS partnering with the cpu makers for security about as much as I trust those "free" money emails I keep getting along with the girls who want to meet me.