The most important or let’s say sensitive parts of your computer have come to live in a distinct hardware component known as a “secure enclave.” These chips are designed not only to keep hackers from accessing your system’s crown jewels but to establish a “root of trust,” running cryptographic checks to ensure that no hacker has maliciously altered them. Historically, companies like Intel, AMD, and Qualcomm have developed their own versions of these protective tools.
But now Microsoft is partnering with all three to create a new secure chip aimed at bringing enhanced security to the Windows masses, So what is this new chip and Microsoft claims on it.
THE NEW CHIP- PLUTON
It’s a new security chip that’s designed to protect future Windows PCs. Microsoft Pluton is a security processor that is built directly into future CPUs and will replace the existing Trusted Platform Module (TPM), a chip that’s currently used to secure hardware and cryptographic keys. Pluton is based on the same security technologies used to protect Xbox consoles, and Microsoft is working with Intel, AMD, and Qualcomm to combine them into future CPUs.
This new chip is designed to block new and emerging attack vectors that are being used to compromise PCs, including CPU security flaws like Spectre and Meltdown. Intel revealed back in 2018 that it was redesigning its processors to protect against future attacks, and Pluton is an even bigger step in securing CPUs and Windows PCs in general.
HOW IT IS IMPROVED OR ADVANCED BY CURRENT PROCESSOR
Existing TPMs are separated from CPUs, and attackers have also been developing methods to steal the data and information that flows between a TPM and CPU when they have physical access to a device. Just like you can’t easily hack into an Xbox One to run pirated games, the hope is that it will be a lot more difficult to physically hack into a Windows PC in the future by integrating Pluton into the CPU.
“We shipped the Xbox which has this physical attack protection, so people can’t just hack it for games etc,” explains David Weston, director of the enterprise and OS security at Microsoft. “We learned principles of effective engineering strategies from that, and so we’re taking those learnings and partnering with Intel to build something for the PC that will stand up to that emerging attack vector.” A number of firms sell kits, or 0-day vulnerabilities, that let attackers gain access to machines and literally crack open PCs to steal critical data that can unlock other ways to get into company systems or access personal information. “Our dream for the future is that’s just not possible on the PC platform,” says Weston.
Pluton is essentially the evolution of the TPM, baked directly into a CPU. “This is a better, stronger, faster, more consistent TPM,” explains Weston. “We provide the same APIs as TPM today, so the idea is that anything that can use a TPM could use this.” That means features like BitLocker encryption or Windows Hello authentication will transition over to using Pluton in the future. Microsoft’s work with Intel, AMD, and Qualcomm also mean that Pluton will be updated from the cloud. Updates will be issued monthly on the same Patch Tuesday that regular Windows fixes arrive. The hope is that this should improve system firmware updates for both consumers and businesses that run Windows PCs.
WHEN WE WILL SEE IT ON PC’S
It’s not clear when PCs with Pluton chips will start shipping, but Intel, AMD, and Qualcomm are all committing to build this functionality into their future CPUs. You’ll still be able to build custom PCs with Pluton chips embedded inside, and there should even be support for Linux in the future, too. “This is a future thing we’re going to build in,” says Mike Nordquist, director of strategic planning and architecture at Intel. “The idea is that you don’t have to look for a motherboard with a TPM chip… so you just get it.” Nordquist says Intel also supports choice for operating systems, and that it doesn’t “want to start doing different things for a bunch of different OS vendors.” There are no firm details on Linux support just yet, but Microsoft already uses Linux with Pluton in its Azure Sphere devices, so it’s likely to be available whenever these chips ship.
New chips and security do mean new fears about DRM, and the fact that processors will now call back to Microsoft’s cloud infrastructure for updates. “This is about security, it’s not about DRM,” explains Weston. “The reality is we’ll create an API where people can leverage it, it’s definitely possible for folks to use that for protection of content, but this is really about mainstream security and protecting identity and encryption keys.”
Microsoft, Intel, AMD, and Qualcomm all clearly believe that processors that are continually updated with security built into them are the future for Windows PCs. Spectre and Meltdown were a wake-up call for the entire industry, and Pluton is a significant response to the complex security threats that modern PCs now face.
Checkout more such content at: https://gogomagazine.in/category/tech/