Stories
Slash Boxes
Comments

SoylentNews is people

Microsoft Tells FTC Repair Poses a Cyber Risk

posted by Fnord666 on Friday July 05 2019, @05:01PM   Printer-friendly
from the not-so-trusted dept.

upstart writes:

Submitted via IRC for Bytram

Microsoft tells FTC Repair poses a Cyber Risk. It doesn't.

In comments submitted to the Federal Trade Commission, Microsoft Corp. is arguing that repairing its devices could jeopardize the cyber security of Trusted Platform Module (TPM) security chip. Don’t believe them.

The argument comes in an unsigned letter to the FTC from Microsoft and dated May 31st. The statement was submitted ahead of Nixing the Fix, an FTC workshop on repair restrictions that is scheduled for mid-July.

Microsoft was one of a number of companies that submitted comments to the Commission critical of so-called “right to repair” efforts at the state level to legally mandate that manufacturers make diagnostic information, tools and replacement parts available to owners and independent repair professionals.

The Redmond, Washington company, which makes a wide range of electronic devices ranging from X-Box gaming systems to Surface laptops said that repair poses a threat to the security of its devices.

“The unauthorized repair and replacement of device components can result in the disabling of key hardware security features or can impede the update of firmware that is important to device security or system integrity,” Microsoft wrote.

Specifically, Microsoft suggests that unscrupulous independent repair technicians with access to its devices could disable the Trusted Platform Module or other security protections.

“If the TPM or other hardware or software protections were compromised by a malicious or unqualified repair vendor, those security protections would be rendered ineffective and consumers' data and control of the device would be at risk,” the company wrote. “Moreover, a security breach of one device can potentially compromise the security of a platform or other devices connected to the network.”

Original Submission

 
This discussion has been archived. No new comments can be posted.
Microsoft Tells FTC Repair Poses a Cyber Risk | Log In/Create an Account | Top | 22 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Insightful) by Anonymous Coward on Saturday July 06 2019, @06:43PM

    by Anonymous Coward on Saturday July 06 2019, @06:43PM (#863904)

    good point. i just want to add that it also establishes who you can trust. m$ assumes everybody not paid by m$, thus not a employee cannot be trusted.
    it removes your "right" to decide who to trust.
    according to m$, only m$ can be trusted, even if they sold you a crappy/faulty device.
    no mention about a direct line from monitoring you (via various nefarious ways, one might be using the "spy chip to make things secure") and your online posts about m$ to the factory sending you devices from the "half faulty bin" when ordering online because "we don't like you" but you cannot do anything about it anymore ^_^

    Starting Score:    0  points
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Total Score:   1