Wednesday, November 18th 2020

Microsoft Announces Pluton Security Processor in Collaboration with AMD, Intel, and Qualcomm

The security of PCs has been an issue in the past few years as cyber-attack methods have been undergoing a transformation to hardware-specific malware that exploits different vulnerabilities of CPUs. That is why Microsoft, the developer of the most popular operating system, Windows 10, decided to engineer a hardware processor that will protect the OS and its user by having a specific job of maintaining the platform security. In collaboration with AMD, Intel, and Qualcomm, Microsoft is today introducing the Pluton security processor. The collaborator companies are going to integrate the new Pluton processor inside their CPUs and thus embed a new level of security in their PCs.
Microsoft
Our vision for the future of Windows PCs is security at the very core, built into the CPU, where hardware and software are tightly integrated in a unified approach designed to eliminate entire vectors of attack. This revolutionary security processor design will make it significantly more difficult for attackers to hide beneath the operating system, and improve our ability to guard against physical attacks, prevent the theft of credential and encryption keys, and provide the ability to recover from software bugs.
Microsoft Pluton Security Processor
Today, the core of OS security is based on a separate component called a Trusted Platform Module (TPM). The TPM is located off the CPU and it is used to verify various platform parameters and store keys. Over the years, attackers have used the bus interface between the CPU and TPM to develop new exploits, however, with the Pluton core, those entries are removed, as the new TPM (Pluton processor) is inside the CPU and possibly even more secured.

The collaborating companies are set to integrate the Pluton processors in their future products. Each company is expected to integrate this processor with the launch of next-generation CPUs. It is currently unknown if this will include server-class processors or just desktop platforms.
Sources: Microsoft, Forum member P4-630 (Thanks for the tip!)
Add your own comment

23 Comments on Microsoft Announces Pluton Security Processor in Collaboration with AMD, Intel, and Qualcomm

#1
hellrazor
Isn't that what the TPM and PSP are supposed to do?
Posted on Reply
#2
ratirt
I think the server segment and workstations are benefit mostly from this. Desktops as well but it is not the main reason MS did it, especially when most people switch the security measures off just to boost performance.
hellrazor
Isn't that what the TPM and PPSSPP are supposed to do?
What in your eyes PPSSPP has to do with security?
TPM may not be enough nowadays since a lot has changed in the architecture of the CPUs and they are more complex. This brings more performance but also more vulnerabilities.
Hardware protection is the best way to go.
Posted on Reply
#3
z1n0x
Smells like hardware rootkit/DRM/backdoor or whatever you want to call it, but it certainly doesn't smell well to me.
Posted on Reply
#4
DeathtoGnomes
ratirt
TPM may not be enough nowadays since a lot has changed in the architecture of the CPUs and they are more complex. This brings more performance but also more vulnerabilities.
Hardware protection is the best way to go.
I disagree, its another door for m$ to use for its telemetry as well as way to 'spy on you'.


This will be the TPM backdoor discussion all over again here
Posted on Reply
#6
tabascosauz
ratirt
I think the server segment and workstations are benefit mostly from this. Desktops as well but it is not the main reason MS did it, especially when most people switch the security measures off just to boost performance.

What in your eyes PPSSPP has to do with security?
TPM may not be enough nowadays since a lot has changed in the architecture of the CPUs and they are more complex. This brings more performance but also more vulnerabilities.
Hardware protection is the best way to go.
He's referring to the Ryzen Platform Security Processor, AMD's equivalent to Intel ME because AMD clearly couldn't learn any lessons from Intel's debacle about keeping shit secretive and closed-off.

This honestly just looks like ME with extra steps. The Ryzen PSP is a Cortex-A5 that runs the firmware TPM function on Ryzen, and is generally still inferior to an actual discrete TPM.
Posted on Reply
#7
R-T-B
hellrazor
Isn't that what the TPM and PSP are supposed to do?
Yes, and they all have failed in that objective, repeatedly. Hardware security is a dead model they insist on reviving repeatedly and act shocked as it fails.
laszlo
"Microsoft Announces Pluton Security Processor in Collaboration with NSA,AMD, Intel, and Qualcomm" :D
It's more likely than you may think, but not the way you think. The NSA has been dying for a unified platform I'm sure, so they can use the same discovered exploits and have them work across all hardware. So it's not necessarily a direct collaboration, but it does benefit them.
tabascosauz
This honestly just looks like ME with extra steps. The Ryzen PSP is a Cortex-A5 that runs the firmware TPM function on Ryzen, and is generally still inferior to an actual discrete TPM.
Even discrete TPMs are flawed and hackable. Hardware "security" just needs to die in a dumpster fire.
Posted on Reply
#8
bonehead123
Now they just have to do the right thing.....

Publish all the specs & info all over the web (if they haven't already), so the chineeze & ruskies can steal it, reverse-engineer it, and hack into ANY system that employs it, oh yea, uh huh.....this will definitely help improve our computer's security....

OR...

Perhaps this is the whole plan from the start, and they have designed it so that once active on any system located in an unfriendly foreign country, the NSA/CIA/DOD etc will be able to backdoor their way into all of THEIR computers, and steal some of THEIR shit for once, hahaha :)

YEA, right.....
Posted on Reply
#9
wahdangun
R-T-B
Yes, and they all have failed in that objective, repeatedly. Hardware security is a dead model they insist on reviving repeatedly and act shocked as it fails.



It's more likely than you may think, but not the way you think. The NSA has been dying for a unified platform I'm sure, so they can use the same discovered exploits and have them work across all hardware. So it's not necessarily a direct collaboration, but it does benefit them.



Even discrete TPMs are flawed and hackable. Hardware "security" just needs to die in a dumpster fire.
Wtf, this hardware exploits raises because OS are much more secure nowadays.
Posted on Reply
#10
RoutedScripter
There is no doubt that this won't be exploited for fact-checked certified apps and miscrosoft store enforcement.

You want the latest OS version? Latest drivers? Latest games? You need MS Account, MS Store, no 3rd-party drivers or homebrew software allowed.

The open PC may be dead as we know it, at least on Windows. The security aspect may just be a bonus thing, and exploited as a cover story.
Posted on Reply
#11
LucianF
All these comments...have restored some of my faith in humanity! Good to see that anyone with a brain isn't buying Microsofts' BS
Posted on Reply
#12
enxo218
how to turn a pc into a windows walled garden and take control away from user
Posted on Reply
#13
halcyon
enxo218
how to turn a pc into a windows walled garden and take control away from user
This. And trusting Microsoft with your platforms security? Uh-oh... people lack sense of history.
Posted on Reply
#14
Mouth of Sauron
halcyon
This. And trusting Microsoft with your platforms security? Uh-oh... people lack sense of history.
I trust, deeply, for it to have proper backdoors, GPS, phoning-home and all the other respectable technologies used in other MS products... Customers do also, I mean - it wouldn't MS product otherwise, right?
Posted on Reply
#15
T4C Fantasy
CPU & GPU DB Maintainer
i think people are just a little too paranoid.
Posted on Reply
#16
neatfeatguy
T4C Fantasy
i think people are just a little too paranoid.
Better to be paranoid than outright trusting. In fact, I'm not too sure about your position on this matter....what's in it for you? Even if you gave me an answer I wouldn't buy it, you'd simply be telling me what you think I want to hear.

Posted on Reply
#17
InVasMani
Next generation CPU's does this mean Zen 4 or is it whatever comes after Ryzen architecture? I hope there is a least a bios option to disable it especially for people not running windows. It's understandable why people would be concerned with Microsoft having even more free reign to spy and data harvest with less user oversight over what's happening.
Posted on Reply
#18
T4C Fantasy
CPU & GPU DB Maintainer
neatfeatguy
Better to be paranoid than outright trusting. In fact, I'm not too sure about your position on this matter....what's in it for you? Even if you gave me an answer I wouldn't buy it, you'd simply be telling me what you think I want to hear.


it doesn't matter my point, you are just paranoid.
Posted on Reply
#19
Patr!ck
I'm fine with it as long as we get the possibility to de-activate it from the BIOS.
Posted on Reply
#20
mtcn77
Patr!ck
I'm fine with it as long as we get the possibility to de-activate it from the BIOS.
Then you have intel safe inside.
I presume all platform specific security unsafe, as they can be hidden from the psp. It will just generate a new class of psp-rootkit viruses.
Posted on Reply
#21
DeathtoGnomes
neatfeatguy
Better to be paranoid than outright trusting.
and outright ignorant. People that flat out trust tend to ignore the writing on the wall because they just dont know better.
Posted on Reply
#22
seth1911
Intel ME and AMDs PSP are critical but now in collaboration with MS no way :kookoo: :fear:
Posted on Reply
#23
R-T-B
RoutedScripter
There is no doubt that this won't be exploited for fact-checked certified apps and miscrosoft store enforcement.

You want the latest OS version? Latest drivers? Latest games? You need MS Account, MS Store, no 3rd-party drivers or homebrew software allowed.

The open PC may be dead as we know it, at least on Windows. The security aspect may just be a bonus thing, and exploited as a cover story.
Fearmongering, largely. They will almost certainly not push that far. Microsoft has always allowed you to install custom keys on protocols they engineer (secure boot being a prime example).
InVasMani
Next generation CPU's does this mean Zen 4 or is it whatever comes after Ryzen architecture? I hope there is a least a bios option to disable it especially for people not running windows. It's understandable why people would be concerned with Microsoft having even more free reign to spy and data harvest with less user oversight over what's happening.
Honestly, this excites me a little. It might be a new way for me to get famous if i can crack it like the ME.
T4C Fantasy
it doesn't matter my point, you are just paranoid.
The paranoia will run amok regardless, much of it unwarranted, but that isn't really the point. The whole point is this model is flawed from the getgo, so why bother anyways? It's a mess and doesn't help anyone. It does give me slight suspicion (not evidence, but suspicion) the NSA is indeed pushing for this. I have high doubts this will be used for a walled garden or anything. But I have suspicion that something nefarious is indeed at play, since they are reviving a broken idea for no good reason.
Posted on Reply
Add your own comment