Pluton .. the new TPM?

As it was announced in AMD’s keynote that it will be starting in the 6000 series, I’m not real fond of this.

Microsoft has also stated that the Pluton hardware will be updateable through Windows Update and it "provides a platform for innovation that allows customers to benefit from new features in future releases of Windows that leverage the Pluton hardware.

Blockquote

through Windows Update? that seem like a perfect way to inject something we really don’t want.

6 Likes

More like plutarch

Nope.mkv

How many people are going to give MS the middle finger and push back against the 86ing happening again

2 Likes

Yeah, clearly aimed at making your hardware, that you’ve actually already paid for, into a subscription model. I gonna ROFLMAO when (not if) the EU is banning this outright, no matter what product they sell it in :roll_eyes:

5 Likes

Sure hope no one loses control of the Pluton update signing key. Persistent malware installed to your CPU would be the holy grail for APT groups. :scream:

8 Likes

My Lord in Heaven, I hope it will.

If there is no pushback against this bullshit I’m prepared to go into deep hibernation when it comes to PC hardware. RISC-V is our only hope now.

5 Likes

Or OpenPower in the enthusiast market…

5 Likes

What’s that?

https://openpowerfoundation.org/

2 Likes

PowerPC… where Apple came from before they went x86 (and now into their own M1)

1 Like

Can someone actually explain what the pluton really is and/or does… I can’t find anything about it online that would explain it any better than the honestly vague microsoft blog about it from 2020. The security stuff sounds ok but I’m not loving the “chip to cloud security” catch phrase, or the fact that there is now another black box chip on our cpu’s, in addition to Intel ME or the AMD equivalent. Or the fact that even tho they say it’s not for DRM, it can totally be trivially adapted to that if a customer wants to, and we all know they want to.
Even arm is not safe from this as Qualcomm is also doing it :<

Also, they didn’t mention this with the new Zen3D or Zen4 chips, so I’m hoping this is just going to be in the mobile space for now :crossed_fingers:

That’s Zen 4.

The zen 3+ plus with the 3d Vcache dosenot have this as it was already designed and released in the 3000 series and this is just a revision.

So yeah. Next new AMD socket should have this.

No it’s Zen3+. Pluton was only announced for the 6000 series mobile parts. Zen4 is Ryzen 7000 and there was no mention of pluton with that announcement, or any other desktop parts.

Curiously at the same time Pluton was announced in 2020, Open Titan was also announced as an open source alternative, I really wish AMD had gone with open titan instead, or will at a later date.

Also whatever happened to AMD open firmware? :<

1 Like

This reminds me of Intel’s Management Engine, more than TPM.

It’s a separate, self contained SoC with network access (it can talk directly to the cloud). So it’s a massive attack surface. Not clear if the consumer version will have network access or if it will just be used to protect local secrets like encryption keys.

3 Likes

My worry is Microsoft strong arming the boot process again, aka the UEFI secure boot issue, remember manufacturers forgot about linux support!

Since it’s built on previous work, this talk details their ability to secure from people doing physical attacks on hardware, plus do game data decryption via a secure core of the processor.

Microsoft noted that Pluton can be configured in three ways:

  1. Trusted Platform Module (TPM)
  2. Security processor for non-TPM scenarios like platform resiliency
  3. OEM device with it turned off

Rest of the article just mention IT providing better signals for zero trust (byond corp) setups and intergration via Intune to the Azure Attestation service, which will be there cloud managment product for endpoints.

Ref: First Microsoft Pluton-powered Windows 11 PCs to start rolling out this year | ZDNet

2 Likes

I seriously wonder how QEMU might work with this. If it’s impossible, and it’s mandatory moving forward, that’s REALLY bad.

BTW, new platform security is part of the reason why there still isn’t a proper PS4 or XBone emulator yet.

1 Like

They tried to get the approval from all involved in the PSP (Platform Security Processor) but some party or other did not want to open it up.

And on the naming… never change AMD, I look forward to next yeah 12000 which of course will follow after the 8000 mobile CPUs but before the 10000 mobile CPUs, easy to follow guys yeah? /s

Unfortunately for open titan, the second article and my reaction to it are probably why, google… nope, no thanks. Even if that is silly and misinformed they probably don’t want to get caught in that FUD.

1 Like

I think they started skipping generations to denote desktop vs mobile CPU’s after the debacle of naming conventions in the 2000 series. Just my 2 cents on that.

2 Likes

Thank you for your explanation. What the hell is this supposed to mean:

“provides a platform for innovation that allows customers to benefit from new features in future releases of Windows that leverage the Pluton hardware”

The evasiveness reeks of a guilty conscience, no?

If they want some kind of Microsoft-specific UEFI or something for their own Azure devices that’s one thing. Forcing it on consumers is another. And frankly I am skeptical of the unstated security benefits that will be invented to justify this.

Whatever they’re selling I don’t want it.

3 Likes

It means, We have some plans for this in the future but we do not want to duscolse what that is until enough of these are out there that you will have to join us or forego features or possibly windows as a whole.

5 Likes