Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Friday March 11 2022, @06:37PM   Printer-friendly

Dell opts out of Microsoft's Pluton security for Windows

This doesn't align with our approach, PC giant tells us

Yet another top-tier PC maker seemingly isn't interested right now in Microsoft's vision of hardware-level security for Windows 11 systems.

Dell won't include Microsoft's Pluton technology in most of its commercial PCs, telling The Register: "Pluton does not align with Dell's approach to hardware security and our most secure commercial PC requirements."

Microsoft launched to much fanfare its Pluton security layer for PCs in 2020 after developing it with Intel, AMD, and Qualcomm. Pluton effectively bakes a co-processor in silicon that securely stores encryption keys, credentials, and other sensitive information. The idea being that this data is kept close to the CPU cores, within the same processor package, thwarting attempts extract the secret info by, say, snooping an external bus.

It also allows Microsoft to define a base level of security features in the chips that Windows runs on. For instance, Pluton provides a Trusted Platform Module (TPM), a technology required by Windows 11."

Lenovo had previously told The Register its Intel-powered ThinkPads "will not support Microsoft Pluton at launch."


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 3, Insightful) by Runaway1956 on Friday March 11 2022, @08:06PM (7 children)

    by Runaway1956 (2926) Subscriber Badge on Friday March 11 2022, @08:06PM (#1228610) Journal

    Why is it that Microsoft tells manufacturers what kind of hardware is necessary? Linux doesn't do that. Unix doesn't do that. BSD doesn't do that. Not even Apple does that - Apple just designs and makes their own hardware.

    If Microsoft wants some particular hardware installed on Microsoft machines, why doesn't Microsoft just make those machines?

    That damned tail is wagging the dog again, I tell you!

    https://soylentnews.org/comments.pl?noupdate=1&sid=48139&page=1&cid=1228481#commentwrap [soylentnews.org]

    • (Score: 4, Interesting) by Anonymous Coward on Friday March 11 2022, @09:07PM (3 children)

      by Anonymous Coward on Friday March 11 2022, @09:07PM (#1228621)

      From the article, AMD are on board, Intel aren't.

      All modern systems have some form of TPM/DRM/ hardware security layer. It's how they allow you to download stuff off iTunes, Google Play or stream Netflix in 4K. Microsoft merely turned that on with Windows 11 by default.

      Now if you're arguing Microsoft should resist the temptation to become as evil as Apple or Google, that's not the direction the industry is heading.

      You'll still be able to buy Rockchip RK3588 or a myriad of RISC-V solutions in coming years without all that Silicon Valley walled garden BS. Ironic that authoritarian dictator Xi perhaps cares less about violating your digital liberties than those greedy corporations from the land of the free and the home of the brave, eh. :)

      • (Score: 1, Insightful) by Anonymous Coward on Friday March 11 2022, @09:12PM (1 child)

        by Anonymous Coward on Friday March 11 2022, @09:12PM (#1228623)

        How do you know what Xi cares or not cares about on this topic?

        • (Score: 1, Funny) by Anonymous Coward on Friday March 11 2022, @09:45PM

          by Anonymous Coward on Friday March 11 2022, @09:45PM (#1228631)

          Because those cheap Android tv boxes come with that widevine drm stuff Google forces down your throat disabled?

      • (Score: 1, Informative) by Anonymous Coward on Friday March 11 2022, @10:08PM

        by Anonymous Coward on Friday March 11 2022, @10:08PM (#1228635)

        Intel is certainly on board, they helped design it, no doubt with the "assistance" of the NSA. They just haven't implemented it in Alder Lake. It probably won't be in Raptor Lake either. Maybe in Meteor Lake.

    • (Score: 4, Touché) by driverless on Saturday March 12 2022, @04:33AM

      by driverless (4770) on Saturday March 12 2022, @04:33AM (#1228682)

      Why is it that Microsoft tells manufacturers what kind of hardware is necessary?

      Because they can't do software-based security to save themselves so by pushing it into hardware, or more generally something that's someone else's product, they get to blame that someone else when the next 0day pops up. "Remote root via a buffer overflow in SMB? Well, that wouldn't have happened if you'd got Plutonium on your PC", or "That happened because of a problem with Plutonium in your PC".

    • (Score: -1, Spam) by Anonymous Coward on Saturday March 12 2022, @10:53AM

      by Anonymous Coward on Saturday March 12 2022, @10:53AM (#1228709)

      RunZaway is an ignorant moron, regardless of the platform, operating system, or reality. Really stupid guy.

    • (Score: 2) by mcgrew on Saturday March 12 2022, @03:35PM

      by mcgrew (701) <publish@mcgrewbooks.com> on Saturday March 12 2022, @03:35PM (#1228729) Homepage Journal

      Microsoft can't do security, so they try to leave it up to the hardware manufacturers. In a word: incompetence.

      --
      mcgrewbooks.com mcgrew.info nooze.org
  • (Score: 2, Insightful) by Anonymous Coward on Saturday March 12 2022, @05:45AM (2 children)

    by Anonymous Coward on Saturday March 12 2022, @05:45AM (#1228691)

    TPM is okay but only if...

    1) Completely under the owners control. No funny business.
    2) Firmware is audited by trusted 3rd party or open sourced. No funny business.

    Anything else?

    I think it's okay to have a really secure place to store your secret keys, etc., but only if it can be trusted and can't be used against you.

    • (Score: 2, Insightful) by Anonymous Coward on Saturday March 12 2022, @09:22AM (1 child)

      by Anonymous Coward on Saturday March 12 2022, @09:22AM (#1228705)

      The hardware needs to be audited as well, both for back doors and for general idiocy.

      The problem is that TPM is intended so that Microsoft, Sony, and MGM can trust your computer, because MS holds the master keys and can revoke yours. They haven't been able to make it mandatory for PC's due to antitrust scrutiny, but it hasn't been for lack of trying. Note that TPM is mandatory for Windows Mobile.

      • (Score: 1, Insightful) by Anonymous Coward on Saturday March 12 2022, @07:42PM

        by Anonymous Coward on Saturday March 12 2022, @07:42PM (#1228766)

        That needs to be turned around. The owner of the device should hold the root key and allow/disallow MS (or whoever) key as the owner desires.

  • (Score: 2) by sonamchauhan on Saturday March 12 2022, @04:49PM

    by sonamchauhan (6546) Subscriber Badge on Saturday March 12 2022, @04:49PM (#1228749)

    That is frequently written to

(1)