[HN Gopher] "Microsoft Pluton Hardware Security Coming to Our CP... ___________________________________________________________________ "Microsoft Pluton Hardware Security Coming to Our CPUs": AMD, Intel, Qualcomm Author : vanburen Score : 75 points Date : 2020-11-23 20:25 UTC (2 hours ago) (HTM) web link (www.anandtech.com) (TXT) w3m dump (www.anandtech.com) | intricatedetail wrote: | Call me sceptical, but I hope m$ is not pulling Apple tricks to | lock computers to their OS. Is this open source? Will consumer be | able to audit it down to the silicon level? | gotstad wrote: | They already said it is OS agnostic. MS 2020 is far away from | MS 2010. | | With regards to the auditing need, can you audit a CPU down to | the silicon level today? | Asmod4n wrote: | Apple allows you to boot any OS you want on their apple silicon | macs (as long as you have uploaded the key so it can verify the | kernel you tell it to boot) | gruez wrote: | Isn't this basically fTPM (basically software TPM implemented in | the trusted execution environment of the CPU) that both AMD and | Intel already offer? | warkdarrior wrote: | It'll be built into the CPU, instead of having a separate chip, | and seems to have secret-management functionality for user- | specified keys, biometrics, etc. | azalemeth wrote: | A previous HN link is here -- | https://news.ycombinator.com/item?id=25131431 -- which links to | MS's original press release -- | https://www.microsoft.com/security/blog/2020/11/17/meet-the-.... | | That article explicitly states that it was designed originally | for the xbox. I worry that going to be a very anti-consumer, | anti-free-speech, DRM heavy chip that MS want to popularise as an | alternative to the (still hated in some circles) TPM. Why else | would they design it for the xbox, of all things? Is it aimed to | stop speculative execution attacks on a cloud server, or provide | Level 4 DRM to Widevine's as-yet-unannounced competitor? | gotstad wrote: | How do you see it being anti-free-speech? | [deleted] | dpoochieni wrote: | Imagine it being capable of enforcing something like which | executables you are able to load... Quite in the vein of Apple | sending the executables hash to some random server | mtgx wrote: | > chip-to-cloud security | | I assume this also means _cloud_ -to-chip, which means it might | give Microsoft/NSA the ability to tap into it at will "from the | cloud"? | | After all, Windows 10's tracking features were like a longtime | wishlist from the FBI/NSA, so I wouldn't be surprised if this is | their "...one more thing" in the same vein. | imbuhuo wrote: | Locking out other OSes isn't a main goal of Pluton (although | technically it can), there are just too many issues (hey | Infineon, Intel and Qualcomm I am looking at you) with existing | dTPM and fTPM implementations. | darzu wrote: | I worked extensively with Pluton when I was employed on Azure | Sphere (an IoT platform marketed as highly secure and composed of | a linux-based OS, ARM SoC, and cloud service). I might be able to | answer questions about this. | | Here's a blog by the engineer lead on Azure Sphere that discusses | Pluton: https://azure.microsoft.com/en-us/blog/anatomy-of-a- | secured-... | | Disclaimer: I still work at MSFT but in a different org. | yellowapple wrote: | The pressing concern for me: what does this mean for non- | Windows operating systems running on Pluton-equipped systems? | Will there be a possibility for non-Windows software to use | Pluton's features? | darzu wrote: | I can only comment on the technical details I know of, not | the business objectives of the parties involved. | | From a technical standpoint, Azure Sphere's OS was built on | Linux. As far as I know, there isn't anything Windows | specific to Pluton. Pluton was a separate (heavily-modified) | ARM M4 core which we interfaced with from the main A7 core | via a secure mailbox channel, which was again OS agnostic. | chem83 wrote: | Greetings! | | - Was Pluton based on an RTOS or is it running on bare-metal on | top of the M4? - Is the architecture on the i.MX8-based Sphere | the same as the one on MT3620? - Does the Security Subsystem | running on the Cortex-A's secure world have any relationship | with Pluton? Is the Security Subsystem running on top of the | Sphere's modified Linux kernel like the normal world is? | | Thanks, cheers! | darzu wrote: | 1. Bare-metal 2. I only worked with the MT3620 so I cannot | comment on others 3. Pluton would boot the A7's Secure World | which would the boot A7 normal world. Secure World and Pluton | interfaced regularly but they're fundamentally different code | and purposes. | | Hope that helps! | cm2187 wrote: | A TPM integrated into the CPU makes sense (and I am puzzled why | TPMs aren't a standard feature of all MB given the modest | cost). But what about that diagram in the article with a link | to the cloud? Will this thing phone home outside of the control | of the OS? | darzu wrote: | In Azure Sphere, Pluton didn't do any direct network | communication, that was all handled by the main core. Also | there was no cellular so the whole system depended on user | interaction to get online. | | When the main core wanted to talk to the Azure Sphere cloud | service (from Linux user land), it would go through a remote | attestation process that involved Pluton. Pluton can securely | track what software was booted on the main core (called | "measure boot") and it basically sends a hash of that to the | cloud to prove to the cloud what software is currently | running. | | So I imagine the chip-to-cloud thing they're talking about is | this remote attestation protocol. | | Also, it's possible the term "Pluton" has been expanded to | refer to more than just the M4 chip we used in Azure Sphere. | Asmod4n wrote: | So.. this basically means swapping your CPU gets rid of | anything you stored on its "TPM", or can it be backuped up to | the TPM of your Mainboard and restored to the new one you | install? | darzu wrote: | I think the whole idea here is that Pluton will be integrated | inside of the same physical chip as the CPU. So physically | swapping CPUs would swap your Pluton core too. | | But the Pluton I know of didn't really have any writeable | storage. It had some special ROM and fuses that it uses | internally for its private keys but that's basically it. | carlsborg wrote: | 1. Is this specific to Azure Sphere CPUs? Or are general | purpose intel CPUs going to have this capability. | | 2. If the latter, "Every piece of software on an Azure Sphere | device must be signed by Microsoft." what does the OS interface | look like? | skohan wrote: | Is Pluton specifically Windows related? Will this affect how easy | it is to run Linux on hardware using Pluton? | wmf wrote: | Booting Linux is really a policy question, not technical. | skohan wrote: | Is it a policy question without Pluton? I.e. will this allow | hardware vendors additional means to prevent me from | installing Linux? | qayxc wrote: | > will this allow hardware vendors additional means to | prevent me from installing Linux? | | No. Pluton serves as an on-chip secure enclave for | encryption keys and the like. This is unrelated to | installing operating systems. | 1vuio0pswjnm7 wrote: | Will the final purchaser of the computer chip, i.e., the | consumer, have access to the enclave? | smarx007 wrote: | I don't think so given how much share Linux has on Azure, it | simply would not be a wise move. | chungus_khan wrote: | If Qualcomm is implementing it, I'm sure it will on a technical | level. Linux is important to AMD and Intel, but Linux-running | devices represent nearly all of Qualcomm's non-embedded SOC | market. | | Whether vendors can use it to restrict such things, I don't | think anyone can say right now, but I would guess and hope not. | The TPM does not. | wahern wrote: | If Qualcomm is implementing it then it should be easy enough | to break. Qualcomm's secure enclave software for Android has | had an absolutely abysmal security track record. Apple gets | all the press precisely because it's such an achievement | (well, that and Apple is more well known). Qualcomm hacks | have come out like every 6 months for nearly a decade, and | nobody cares anymore. | merb wrote: | well apple's enclave is broken aswell. | https://arstechnica.com/information- | technology/2020/10/apple... | | well at least it needs physical access. | wahern wrote: | FWIW, I meant Apple secure enclave hacks get all the | attention because they're more of an achievement, at | least in terms of published hacks being more rare. I | tried to keep track of published Qualcomm breaks--which | usually don't require physical access as they involve | classic software bugs--several years ago but gave up | because they were too numerous yet not as widely | publicized. I had plenty of fodder by then, though I try | to take mental note of new breaks that [briefly] appear | on HN or elsewhere. | | I was keeping track of hacks for marketing material | related to a security startup I was working on. The | competition would have principally been smartphone-based | authentication apps, both Android and iPhone. | neerajsi wrote: | In the embodiment I've seen, it's a ARM M-class core with some | special crypto hardware and certain registers that allow the | use of crypto keys without software running on the core ever | seeing the key. There's a communication channel to the rest of | the system, which is completely OS-agnostic. | | In Azure Sphere, Windows is nowhere in sight. The device runs a | Linux Kernel. | smarx007 wrote: | Is this replacing the Cortex A5 used for the PSB? | https://www.servethehome.com/amd-psb-vendor-locks-epyc- | cpus-... | noch wrote: | Do the kids remember Microsoft's ghastly Palladium, from 2 | decades ago? | | >Known Elements of the Palladium System: | | > The system purports to stop viruses by preventing the running | of malicious programs. The system will store personal data | within an encrypted folder. | | > _The system will depend on hardware that has either a digital | signature or a tracking number._ | | > The system will filter spam. The system has a personal | information sharing agent called "My Man." | | > The system will incorporate Digital Rights Management | technologies for media files of all types (music, documents, | e-mail communications). Additionally, the system purports to | transmit data within the computer via encrypted paths | | https://epic.org/privacy/consumer/microsoft/palladium.html | [deleted] | [deleted] | shmerl wrote: | _> What the Pluton project from Microsoft and the agreement | between AMD, Intel, and Qualcomm will do is build a TPM- | equivalent directly into the silicon of every Windows-based PC of | the future._ | | CPUs with security modules controlled by MS? Who will guarantee | it won't be abused against non MS systems and users? | roywiggins wrote: | How many Qualcomm CPUs run Windows? | mixedCase wrote: | Not that I think Pluton will be a problem for Linux (as in, | one that won't be present on Windows also) but AFAIK Qualcomm | and Microsoft had partnered to not only run Windows on ARM, | but to run x86 software on ARM Windows. | wyldfire wrote: | Not many, but it's a growing market. Much of the Windows-on- | ARM market is Qualcomm SoCs. ___________________________________________________________________ (page generated 2020-11-23 23:00 UTC)