Microsoftization

12 replies [Last post]
bandicooty98
Offline
Joined: 12/14/2017
andyprough
Offline
Joined: 02/12/2015

Not a big surprise.

I wasn't going to be using any new AMD chips anyway.

I wonder what Intel will do? They normally fold like a cheap suit, so they'll probably be next in line.

lanun
Offline
Joined: 04/01/2021

These monopolistic US companies are going to kill us all. What is Congress doing, may I ask?

Time to start manufacturing the Trabant of CPUs, somewhere near Budapest this time. We probably do not need more than the computing power already available in the average CPU from a decade ago. Another option would be to break down those evil corporations into smaller entities fighting for breadcrumbs of their previous market share. Again, what is Congress doing? You brave people in the US, what are you waiting for? You should already be writing to your representatives and senators. In fact, you would have started writing to them long ago if you were serious about this.

It appears chairman nadebula was probably right, we cannot trust the bourgeois US citizens to do even their very basic job, we must bring down the authoritarian bourgeois regime altogether. Only then can we have peace and freedom.

andyprough
Offline
Joined: 02/12/2015

>"These monopolistic US companies are going to kill us all."

Haven't you seen The Matrix? You are worth more as a living human battery cell than dead. Big tech companies aren't dumb, you know. They watch Keanu Reeves movies too.

Geshmy
Offline
Joined: 04/23/2015

Seems like that could really hurt AMD in the server market.

Legimet
Offline
Joined: 12/10/2013

What is the difference between this and PSP?

andyprough
Offline
Joined: 02/12/2015

This has "Trusted" in its name. So you know for sure you can trust it this time.

Lef
Lef
Online
Joined: 11/20/2021

From what I read this is not really like PSP/IME. This is instead moving the TPM (similar to Apple's T1 and Google's Titan) to the CPU itself.

From Microsoft:

Today, the heart of operating system security on most PCs lives in a chip separate from the CPU, called the Trusted Platform Module (TPM). The TPM is a hardware component which is used to help securely store keys and measurements that verify the integrity of the system. TPMs have been supported in Windows for more than 10 years and power many critical technologies such as Windows Hello and BitLocker. Given the effectiveness of the TPM at performing critical security tasks, attackers have begun to innovate ways to attack it... The Pluton design removes the potential for that communication channel to be attacked by building security directly into the CPU. Windows PCs using the Pluton architecture will first emulate a TPM that works with the existing TPM specifications and APIs, which will allow customers to immediately benefit from enhanced security for Windows features that rely on TPMs like BitLocker and System Guard. Windows devices with Pluton will use the Pluton security processor to protect credentials, user identities, encryption keys, and personal data. None of this information can be removed from Pluton even if an attacker has installed malware or has complete physical possession of the PC.[1]

The last two sentences are pretty interesting. If an attacker with complete physical possession of the PC cannot remove "this information" from Pluton (and it's unclear to me if Pluton actually stores things like personal data or merely software to protect it)... can you? Presumably this attacker doesn't know your password and you do know your password but I am still interested.

Something Pluton supports[2] is called "Measure Boot" which explained by Microsoft:

The Measured Boot feature provides AM (Anti-Malware) software with a trusted (resistant to spoofing and tampering) log of all boot components that started before AM software. AM software can use the log to determine whether components that ran before it are trustworthy or if they are infected with malware. The AM software on the local machine can send the log to a remote server for evaluation. The remote server may initiate remediation actions either by interacting with software on the client or through out-of-band mechanisms, as appropriate...In enterprise scenarios, the system administrator has control of how Measured Boot info is used. In end-user scenarios for example, online banking), the consumer must opt in to use Measured Boot for the specific service.[3]

I cannot wait to prove to the cloud that only the right EXEs started before Windows Defender.

Also some FUD theorizing:

I find it likely Pluton would store credentials somehow. What may happen is that when you sell your computer and another user sets it up most, but not all, data is removed, but other data is not removed but only hidden or obscured leaving behind a trace of ownership (call it a way for anti-theft measures). It would be plausible for various agencies to determine the exact line of ownership of the computer similar to a car or gun. Recall that Windows REALLY PREFERS you connect your local Windows account to an online Microsoft Account, making this actually tenable.

It may also be that Pluton would store an advertising ID. Since it's in Pluton you probably would never encounter this information in Windows dialogs and you may be completely unable to change it (rather than if it was just stored in Windows Registry or something).

Of course this is just FUD for now.

[1] https://www.microsoft.com/security/blog/2020/11/17/meet-the-microsoft-pluton-processor-the-security-chip-designed-for-the-future-of-windows-pcs/
[2] https://en.wikipedia.org/wiki/Azure_Sphere#Microsoft_Pluton
[3] https://docs.microsoft.com/en-us/windows/win32/w8cookbook/measured-boot

Avron
Offline
Joined: 08/18/2020

Thanks for the interesting explanations.

One small suggestion: use "speculation" rather than "FUD" to describe your own tentative guesses. Here, you are not trying to influence negatively others, you are trying to describe what this could mean, and you are making clear that this is just speculation at this stage.

PublicLewdness
Offline
Joined: 03/15/2020

The PSP and Intel ME already pushed me towards saving for a Talos II, Pluton just confirms that AMD and Intel CPUs are dead to me long term outside of a Libreboot setup or possibly an OSboot setup.

Lef
Lef
Online
Joined: 11/20/2021

All consumer hardware is dead on arrival thanks to DRM. DRM is among the primary reasons AMD is not releasing the source code to PSP[1]. Consumer ARM devices are not better since they have TrustZone.[2]

So yes, niche hardware like IBM POWER are the only serious candidates because IBM POWER doesn't care if they can play a video from itunes.

I wish they were cheaper, I would probably buy one for a grand but I can't really justify more than that on a computer.

[1] https://teddit.net/r/Amd/comments/950g8r/will_we_be_able_to_game_anytime_soon_using_amd/
[2] https://en.wikipedia.org/wiki/TrustZone#TrustZone_%28for_Cortex-A_profile%29

Geshmy
Offline
Joined: 04/23/2015

I have several AMD chips - A6 through A10. Maybe their value will go up now.

Lef
Lef
Online
Joined: 11/20/2021

Here's a blogpost from Matthew Garrett who seems like he would know what he's talking[1] about in which he concludes that Pluton is not currently a big deal.

https://mjg59.dreamwidth.org/58125.html

[1] https://en.wikipedia.org/wiki/Matthew_Garrett