←back to thread

The Dangers of Microsoft Pluton

(gabrielsieben.tech)
733 points gjsman-1000 | 2 comments | 26 Jul 22 03:46 UTC | HN request time: 0s | source
Show context
Gh0stRAT ◴[26 Jul 22 06:26 UTC] No.32235028[source]
I'm completely missing how his example of a Word document that can only be opened by approved users on approved hardware within the corporation is supposed to be a bad thing.

Honestly, that sounds pretty fantastic. I've been using 3rd party tools/extensions to do this sort of thing in corporate and government environments for years, but having the attestation go all the way down to the hardware level is a big value-add, especially with so much ransomware/spyware/extortion/espionage going on these days.

Can someone please explain to me how the author might see this level of security as a bad thing?

replies(18): >>32235120 #>>32235149 #>>32235164 #>>32235474 #>>32235546 #>>32235795 #>>32235875 #>>32236359 #>>32236639 #>>32236668 #>>32236673 #>>32236797 #>>32236864 #>>32237450 #>>32237580 #>>32238544 #>>32238583 #>>32240740 #
BiteCode_dev ◴[26 Jul 22 06:45 UTC] No.32235149[source]
The capacity for abuse is huge, way beyong the potential benefits.

From the USA, we get news of banned book in some states. When I read that, my head goes back to my european history, and I reach the Godwin point very quickly.

Those kind of people will abuse such system to prevent things to be shared.

It will be used for putting DRM on everything and create a more and more closed web.

It will be used by corporations and govs to prevent wisthleblowers and journalists to do their job. Or to prevent employees to get evidences of mistreatments in case they need to sue.

Because if you look at it, it's basically just a system for information control. And bad actors love that.

And of course it will be "for security reasons".

Trusting people with a terrible track record to not abuse a massive power in the future, espacially one that can be scaled up with the push of a button once the infrastructure is in place, is not a good bet.

replies(5): >>32235233 #>>32235313 #>>32235723 #>>32236892 #>>32238508 #
aaronbrethorst ◴[26 Jul 22 07:00 UTC] No.32235233[source]
Ron DeSantis doesn't need hardware-level DRM to ban math books.

https://www.baynews9.com/fl/tampa/news/2022/05/06/florida-ba...

If you're worried about book bannings in states like Florida, DeSantis is up for reelection in just over 3 months. Go volunteer or donate money to his opponent (probably Charlie Crist).

replies(8): >>32235258 #>>32235289 #>>32235549 #>>32235569 #>>32235954 #>>32236716 #>>32237832 #>>32238416 #
sascha_sl ◴[26 Jul 22 07:08 UTC] No.32235289[source]
Technologists often have such tunnel vision that limits their concerns to tyranny driven by technology when there's plenty of low tech attacks on open society all the time.

It reminds me of the good old "my password takes 2 billion years to crack, but my kneecaps only take a few seconds" metaphor about people in tech forgetting that physical coercion is, in fact, a possible attack vector for your IT security.

replies(4): >>32235302 #>>32235516 #>>32235865 #>>32236917 #
1. BiteCode_dev ◴[26 Jul 22 08:50 UTC] No.32235865[source]
This is not an Xor proposition.

It's like saying "don't worry about gun control because car accidents kill way more people right now".

replies(1): >>32236778 #
2. sascha_sl ◴[26 Jul 22 11:16 UTC] No.32236778[source]
But I never said it's not a problem. I said the priorities are wrong.

Establishing technical means to do something (limiting access to files via DRM) is not as urgent as actually doing it (Florida carting books out of school libraries). And technology is not a monolith. Pluton specifically is far from being a universal requirement on Windows, and the entire PC platform is open enough to support alternatives for a very long time. It's possibly worrying (though it looks like Microsoft's intention is confidentiality management in enterprises for now), but far from "turnkey tyranny".