back to article Microsoft brings Trusted Platform Module functionality directly to CPUs under securo-silicon architecture Pluton

Microsoft has joined hands with Intel, AMD, and Qualcomm to release a new security processor architecture called Pluton, which Redmond reckons will delete "entire vectors of attack" from the infosec landscape. "Our vision for the future of Windows PCs is security at the very core, built into the CPU, for a more integrated …

  1. alain williams Silver badge

    My next laptop ?

    Does that mean that I will be unable to install Linux on my next laptop ?

    Maybe they will say: "not a problem, install it under a Microsoft hypervisor" - in which case all trust is lost anyway.

    1. Bitsminer Silver badge

      Re: My next laptop ?

      Installing Linux or a BSD is considered an attack (on Microsoft revenue).

  2. Anonymous Coward
    Anonymous Coward

    Fine. As long as it's OPTIONAL.

    1. Daniel von Asmuth
      Windows

      Fine?

      As long a Windows Update provides regular fixes of your Trusted Platform Module.

  3. Will Godfrey Silver badge
    Facepalm

    Warning! Warning!

    Alien hardware approaching Will Robinson.

    So, we have a hardware element that can't be bypassed, and of course is completely bug free, and lets you run any OS you like. Now and in the future.

    Anyone want to buy this bridge?

    P.S.

    The only hardware security I want is a mechanical switch.

  4. whitepines
    Boffin

    Correct me if I'm wrong, but didn't AMD already do this? The TPM functionality is implemented by the PSP, which makes largely the same claims as Pluton here.

    Or was AMD lying somewhere about PSP capabilities?

    Oh, and the PSP has already been hacked. Along with the IME. Seems the super secure secret environments running God-knows-what signed proprietary firmware weren't so secure after all! How is Pluton (supposedly) different?

    1. Tom Chiverton 1

      Sounds like burnt in PKI. If your executable isn't signed by Microsoft it won't run.

      First they came for BIOS.

      Then they came for bootloaders..

      Now this

  5. jake Silver badge

    Because as we all know ...

    ... the very first thing a Security Professional reaches for in an emergency is something endorsed by Microsoft.

    Honestly, the mind boggles .. They can't write secure code, so they expect all of us to trust some hardware dingus that they endorse? Fuck that. I have better things to secure my systems with. And yes, that's a sight unseen statement. I have history on my side. Microsoft has NEVER been able to get security right. Only a fool would trust them at this point.

  6. NetBlackOps

    First example speaks volumes...

    Anti-piracy on the new XBox. DRM so deep, everything is locked to the processor. Dell is already getting heat for fusable links in AMD processors that on first boot lock the CPU to the motherboard and firmware. Kills grey market right there for those processors. Microsoft and much of the gaming industry has always been intent on killing resales of anything.

    1. Anonymous Coward
      Anonymous Coward

      Re: First example speaks volumes...

      Given how quickly CPU architectures evolve over time, how many people actually buy a new CPU without getting a newer, more-capable motherboard at the same time?

      1. Boothy Silver badge

        Re: First example speaks volumes...

        Quote: "how many people actually buy a new CPU without getting a newer, more-capable motherboard"

        Plenty from what I've seen, especially if on AMD.

        Only AMD have done any real architecture changes in recent years, and they've been on AM4 sockets for what, four main generations now? Granted if you doing a major generation jump on AM4, you might need a new board, but all AM4 boards, even budget ones, let you upgrade at least one generation, and if you've got an X***chipset board, then you can typically upgrade 3 generations of AMD, and those generations, are reasonably substantial architectural changes.

        For example many mid range B350 boards (original Zen), also support Zen+ & Zen2. All B450 and X470 boards support Zen, Zen+ & Zen2 with many even supporting the new Zen3 CPUs.

        Motherboards haven't really added any new killer features for years now, they all have multiple PCIe slots, SATA, NVMe M.2, DDR4, onboard sound, USB 3+ etc etc. The only thing that really differentiates one from the next, is how many of each item they have, so you buy based on requirements.

        The only real new feature to be added recently is PCIe 4.0, AMD added support back in Jan 2019, and Intel a few months back. But this doesn't really provide much benefit over PCIe 3.0 currently (small single digit % gains, not really noticeable in real use).

        People buy what they need, or what they can budget for, at the time of purchase. If a few years later they want something faster, (and unless you have money to burn), the first thing you do is check what you can fit in your current set-up.

        If you're on an AM4 board, then you can usually switch to newer generations of CPU. Even on Intel, whilst you're stuck with the same generation chip, going from an initial i3 or i5, to an i7 or i9 on the same board is still far easier and much more cost effective than switching out the motherboard as well.

        1. Charles 9 Silver badge

          Re: First example speaks volumes...

          That depends on how old your current hardware is. Now, three-year-old mobos are one thing, but the difficulty rises from there. What happens if it's five years old? Or eight? For example, it would be tricky to upgrade from a Sandy Bridge CPU to say a Haswell or newer, as the CPU sockets differ. Now, AMD I'll grant you has been able to keep its AM4 socket running for a lot longer than usual, but even then there are caveats, such as not being able support the whole gamut of CPUs due to BIOS memory limitations . Plus, even AM4 is running out of time. AMD's commitment to it ends this year.

    2. Mage
      Windows

      Re: First example speaks volumes...

      My immediate reaction was is this really about the User/Owners security or MAINLY about DRM that they think can't be bypassed?

      Video, audio, ebooks etc are simple, point a camera and if audio, connect to earphone jack.

      I admit bypassing DRM on programs is a little harder. But it's more about corporate control than stopping piracy and removes rights users traditionally had.

      1. Anonymous Coward
        Anonymous Coward

        Re: First example speaks volumes...

        "... more about corporate control... "

        That's entirely the intent of what it is and I don't think these companies will deny that (apparently some of them want this). The problem is as always, it will bleed over to all "computers" and eventually your computer hardware won't be "chip to cloud" but "rental to MegaCorp." (and of course the usual CIA, NSA, etc.).

        On a up note, at least now all those "Microsoft is a new company!" fan boys can now be safely labeled as delusional and/or blind.

  7. This post has been deleted by its author

  8. Anonymous Coward
    Anonymous Coward

    Ho Hum ...... here we go again !!!

    Anything that can be built ..... can be unbuilt [Broken] !!!

    I expect that Pluton will be hacked by 2023 (at the latest) and more promises of 'Real Security' will be made by 2024.

    I would much rather have software that worked and was not 'patched' in a never ending process.

    i.e. Windows 10 and most[all ???!!!] software that runs on it !!!

    I am sure all that money could be better spent on improving the software we all use.

    1. sev.monster
      Alien

      Re: Ho Hum ...... here we go again !!!

      Hello, puny human. I am from the fuuuuutuuuure... 3 months after the release of Pluton.

      I am here to tell you about Plutonium, an exploit that gives you remote full memory access to the host operating system. A sexy Bootstrapped Angular React site designed by a CS grad has been set up at plutonium.io for your perusal/spook.

      Bow to your new gods... Plutoniuuuuum.

      1. jake Silver badge

        Re: Ho Hum ...... here we go again !!!

        I know Ludwig. You are no Ludwig.

  9. David 132 Silver badge
    Happy

    If their idea of "securing the processor"...

    ...is as shown in your lede photo - LGA package on a PGA socket - then we have nothing to worry about; it won't work and will fall apart instantly.

    Yes, I know that's just a generic shutterstock/alamy type image. Makes me laugh though. Did someone give the (non technical) photographer a pile of PC parts and say "take some photos we can license"?

    1. Anonymous Coward
      Anonymous Coward

      Re: If their idea of "securing the processor"...

      Yes, I know that's just a generic shutterstock/alamy type image. Makes me laugh though. Did someone give the (non technical) photographer a pile of PC parts and say "take some photos we can license"?

      You're not going to make yourself popular by giving away trade secrets :).

  10. John Smith 19 Gold badge
    FAIL

    Yup. "Trusted Computing" Means....

    Trusted by the Rights Holders to control your ability to execute their software and view your documents.

    IOW Its DRM.

    Again.

    And on chip silicon with un audited software and total control of your system.

    Yeay.

  11. thx1111

    What Choice Do You Have?

    Hmm - sounds like a full entrenchment of the proprietary "back door", provided by the likes of Intel's "Management Engine", but now covering every main stream processor architecture and vendor. For anyone unfamiliar with how secret and embedded this hardware has become, see for instance at https://libreboot.org/faq.html#intel . As it is, the only people who will know how the "security" actually works will be the same people whom you do *not* want rummaging around your files or your network. As far as I can tell, the only available generic hardware *without* a built-in "back door" processor would be something like the "HiFive Unmatched" system board from SiFive, based upon the open standard RISC-V Instruction Set. See for instance https://www.sifive.com/boards/hifive-unmatched . Perhaps RISC-V is the only thing left that will allow trusting the hardware, instead of "trusting big-brother".

    1. YetAnotherJoeBlow

      Re: What Choice Do You Have?

      The Hi-Five from Si-Five. What a stupid choice of a name - or is it?

    2. whitepines
      Happy

      Re: What Choice Do You Have?

      I use Power on my desktop (a Blackbird system). A bit more practical than RISC-V, since it's in the same performance class as Intel right now. Main reason I did this is the lack of IME/PSP and no closed source rubbish in the boot process.

      1. thx1111

        Re: What Choice Do You Have?

        Oh! Thanks for that. PowerPC is still a thing!

        https://en.wikipedia.org/wiki/List_of_open-source_computing_hardware

        https://www.raptorcs.com

        https://www.raptorcs.com/BB/

        Hmm - OpenBMC -

        https://developer.ibm.com/technologies/linux/articles/openbmc-overview/

        Your own Linux running in the Board Management Controller! That's better than proprietary - but maybe not better than nothing.

        Of all the - how many? - office and ordinary home PCs, whether branded as "Pluton" - is that meant to be a pun on "Putin"? - or Intel Management Engines or AMD Secure Platform Processors or just generic Baseboard Management Controllers, what number of these system's users have actually ever gone and remotely re-installed their system software? And really, how many of those users actually even know that such a thing is possible to do from the internet? This management controller doesn't come across as a "must-have checklist feature".

        More interestingly perhaps, what happens when some systemic side-channel hardware security flaw is discovered in all these built-in management controllers, and every internet connected PC in the world suddenly has its system software and user files unexpectedly rewritten? Cryptoviral extortion will seem like "old news". I suppose that someone could make the movie first, before we try it out in the real world.

    3. phuzz Silver badge
      Gimp

      Re: What Choice Do You Have?

      It sounds more like SecureBoot to me.

      Mind you, that was hailed as the end of being able to install Linux when it was announced too.

  12. pip25
    Alert

    So if I change my CPU for any reason...

    ...I'll be changing my TPM keys as well? Surely nothing can go wrong with that, right?

    1. Anonymous Coward
      Anonymous Coward

      Re: So if I change my CPU for any reason...

      Wouldn't that also happen if you change your motherboard as well...which tends to happen at the same time as a CPU change due to how quickly CPU architectures change as the years pass?

      1. You aint sin me, roit
        Trollface

        You ain't pushing yer rig hard enough

        If you don't regularly blow your motherboard, cpu, or power supply.

        1. Charles 9 Silver badge
          FAIL

          Re: You ain't pushing yer rig hard enough

          That's kinda harsh. That's like saying you're not exercising hard enough if you don't regularly tear a muscle or ligament or break a bone. Pushing it is one thing, but you're only supposed to take it to the brink: not ever the edge.

  13. Anonymous Coward
    Anonymous Coward

    Pluton

    as in Wealth, or as in Hell?

    1. TimMaher Silver badge
      Happy

      Re: Pluton

      Or Pluto.

      As in a large and stupid dog.

  14. YetAnotherJoeBlow

    Same old story

    I tire of this endless game. Submit a RFC and lets make it secure. Anything else is just theatre, or worse.

  15. Anonymous Coward
    Anonymous Coward

    The only right way is using Kerkhoff's principle ..

    .. so if it isn't fully open and also supports things like Linux directly on this hardware it's Just Another Lock IN Strategy in the guise of security and no, I don't buy it that opening it up would make it less safe. Keepings things closed is exactly where the problems hide in the first place.

    It would be interesting if Microsoft for once came up with something that was new, and not a new variant of an old tactic. Then again, I could agree that they don't have to because people keep falling for the shiny stuff without looking underneath.

    1. Anonymous Coward
      Anonymous Coward

      Re: The only right way is using Kerkhoff's principle ..

      Kerkhoff's principle or the Shannon maxim cannot apply in a fixed-hardware setting because of the Siege Problem; namely, everything about the hardware is by necessity pinned down at manufacture: including the keys. That means security through obscurity (at least of the keys) is the only option left. Furthermore, Kerkhoff may have been a bit naive when it comes to advances in cryptanalysis being able to poke holes in algorithms, be they open-source or not. And again, by necessity, most implementations are fixed in place and cannot be changed without breaking things. That was one reason Triple-DES had to be developed after holes were found in DES yet they couldn't really replace the hardware that depended on DES: it was a way to strengthen encryption while still using fixed DES hardware.

  16. Wolfclaw

    Until the hardware is found to have more holes that a string vest and to ensure that, let Intel design it.

  17. Norman Nescio Silver badge

    US Hegemony

    Microsoft, Intel, AMD, and Qualcomm are all companies headquartered in the USA.

    Microsoft: headquartered in Redmond, incorporated in Washington State

    Intel: headquartered in Santa Clara, incorporated in Delaware

    AMD: headquartered in Santa Clara, incorporated in Delaware

    Qualcomm: headquartered in San Diego, incorporated in Delaware

    That means the NSA back door will be baked in. Which the 5 eyes / 9 eyes / 14 eyes will be happy with, and everyone else is either a minor player who doesn't matter, or 'the enemy'.

    Anyone (Government/Private organisation/Individual) not happy with that needs to find a hardware choice that can be audited, and if incorporating similar technology, have local control over master encryption keys. Obviously other large players are not concerned over whether the hardware/software combination is open: only that it is accessible and controllable by them (e.g. China, Russia).

    I don't see a bright future for open hardware.

    NN

  18. TimMaher Silver badge
    Unhappy

    Apple

    No wonder they are moving to Arm.

  19. phuzz Silver badge

    TPM and Bitlocker

    The thing I never quite understood about Bitlocker (MS's full drive encryption) working with a TPM is this:

    If you don't have a hardware TPM chip (which most non-OEM motherboards don't have), then Bitlocker will prompt you for a password on boot, without which you can't access the harddrive. Like most other full-drive encryption methods.

    However, with a TPM, Bootlocker knows that the harddrive is in the correct PC, and will unlock it automatically as part of the boot process.

    So as far as I can tell, if you have the 'extra security' of a TPM, it makes it less secure.

    Maybe I'm missing something.

    1. Anonymous Coward
      Anonymous Coward

      Re: TPM and Bitlocker

      A password can be snooped, blackmailed, or coerced. All they'd have to do then is physically remove the drive from its chassis and transplant it into another machine: either before or after getting the password.

      TPM Bitlocker is meant to block physical transplanting of the drive (think an Evil Maintenance Guy attack), and if set accordingly there's no way to bypass it. If it isn't in the same machine as that specific TPM, it's no-go, full stop.

      It's basically different horses, different courses.

      1. Norman Nescio Silver badge

        Re: TPM and Bitlocker

        TPM Bitlocker is meant to block physical transplanting of the drive (think an Evil Maintenance Guy attack), and if set accordingly there's no way to bypass it. If it isn't in the same machine as that specific TPM, it's no-go, full stop.

        That's not actually completely correct. If you have the Volume Master Key (or indeed the Full Volume Encryption Key), you can decrypt the storage device without the TPM.

        The Full Volume Encryption Key (FVEK) is encrypted with the Volume Master Key (VMK) , and stored on the storage device. What's more, if you have a recovery key enabled, then the Volume Master Key is encrypted with the Recovery Key and stored on the storage device. So far, no TPM involvement.

        So if you have the FVEK, you can decrypt the device.

        If you have the VMK, you can decrypt the device.

        If you know the recovery key (and that function is enabled), you can decrypt the device.

        All without the TPM.

        Getting hold of the above is quite possibly difficult, but not impossible.

        Pulse Security: Extracting BitLocker keys from a TPM

        Elcomsoft: Unlocking BitLocker: Can You Break That Password?

        Note that:

        If you have a modern device that supports automatic device encryption, the recovery key will most likely be in your Microsoft account. For more, see Device encryption in Windows 10.

        From: Microsoft: Finding your BitLocker recovery key in Windows 10

        So getting hold of your storage device's recovery key could be 'as simple' as compromising your Microsoft Account.

        NN

  20. StrangerHereMyself Bronze badge

    Smoke and mirrors

    All these secure enclaves and TPM chips are basically useless. Encrypt your hard drive and no one is going to be able to install rogue software on it.

    Apart from the fact that no one can probably bypass this security....except for the NSA in collaboration whom Microsoft designed this chip.

    I'll hold out for a suitable RISC-V desktop processor running open-source firmware and operating system to keep my privacy.

    1. conscience

      Re: Smoke and mirrors

      Smoke and mirrors is right, and I couldn't agree with you more. Nobody who values security would deliberately pick any CPU afflicted by this kind of nonsense. It is a terrible idea however you look at it.

      Any DRM will be cracked wide open sooner or later, and if the user has no access then it becomes a massive security problem that can't easily be fixed. I doubt it would take long before the backdoored chip was being accessed on a global scale by *all* the security services and criminals out there - and not just the ones who helped design it.

      And as for Microsoft doing security when they can't even manage to issue a Windows update without breaking their own hardware and software? No thanks!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like