Hi, this is Wayne again with a topic “A New Chip From…Microsoft?! (Pluton Explained)”.
When it launched windows 11 confused a lot of people over its requirement that your pc have a security chip called a tpm or a trusted platform module. But now microsoft wants to transition away from the tpm and instead implement its own security chip inside of upcoming cpus microsoft calls this new chip pluton. But why is this a big deal? It helps to first understand the limitations of the current tpm system. Tpms contain the keys needed to encrypt and decrypt data on your devices, and they can either come in the form of a separate chip that sits on your motherboard.
You can actually buy them for for your desktop or as a firmware tpm, which consists of code. That hangs out either on your system’s chipset or on the cpu itself. Most cpu platforms manufactured these days have some form of firmware tpm built in. Hence the reason microsoft says: you’re, probably okay, to upgrade to windows 11. If you have a recently built pc, but tpm is far from perfect, it’s certainly better than nothing, but it turns out it’s not particularly hard to defeat.
If an attacker knows what they’re doing a key weakness can be found in the connection between the tpm and the bios, you can actually connect a sniffing device to the pins on the tpm chip and obtain the key you’re looking for in a matter of minutes. Of course, you need physical access to the target pc in order to pull off an attack like this, but seeing as how the tpm was meant to help protect computers. Even if a miscreant had physical access, it’s a pretty big liability but say you’re running a firmware. Tpm implementation: well, these can still have their own vulnerabilities. The well-publicized spectre and meltdown exploits have shown that attackers can grab data directly off a cpu. Even if that data is subject to enhanced security, it can still be obtained, such as in the platypus attack that bypasses intel software guard extensions or sgx. This feature is supposed to create a secured area of the processor, but not only does platypus defeat it. Physical access isn’t even required to attack the secured area.
Pluton is in theory. I just love that name supposed to go a long way toward solving these problems. Pluton doesn’t use a separate chip at all. Instead, it’s baked directly onto the cpu die, so there isn’t a risk of snatching data off a communication.
Bus like you can with a discrete tpm module, but how is pluton different from firmware tpm, since those also run directly on the cpu. We’Ll tell you right after we thank brilliant for sponsoring this video brilliant is a website and app built around active learning trade, boring long lectures for problem solving and interactive visuals. There’S over 60 courses on everything from astronomy to programming and one of our favorites is the calculus in a nutshell course, it gives you a clear sense of the major pillars of calculus, with new increased interactive sections join the community of over 10 million learners and educators. Today and the first 200 people who head to brilliant.org techwiki, will get 20 off an annual premium subscription, so a firmware tpm runs its code on the same main, cpu cores that run your other programs.
So a successful attack on something else the cpu is running. Could compromise the firmware tpm pluton, on the other hand, works by adding additional hardware. That’S on the cpu die, but is separate from the main processing cores, making it more difficult to attack, even if the bad guy has physical access to the computer.
Additionally, microsoft is going to be responsible for issuing firmware updates for pluton, rather than motherboard manufacturers, who typically release new firmware versions much less frequently. This should help keep computers safer from new and evolving threats. The first pcs, with pluton built in, should start hitting store shelves in mid 2022, but pluton actually isn’t even brand new.
The chips have actually been used since 2013 in xbox consoles to make it harder to play pirated titles which actually brings us to a concern. Some users have about pluton some fear that microsoft could use pluton to lock down pcs and exert too much control over what consumers can and cannot run on their own machines. We do know that cpus with pluton will work and run on linux, but if you want pluton’s extra features, the specific linux distro you’re using would need to be enable support for those. So the only time we’ll tell if these concerns about fluton are warranted, but i’m sure we can all agree that we trust microsoft right. They made vista thanks for watching guys if you liked this video hit like hit subscribe and hit us up in the comment section with your ideas for topics that we should cover in the future. .