←back to thread

The Dangers of Microsoft Pluton

(gabrielsieben.tech)
733 points gjsman-1000 | 2 comments | 26 Jul 22 03:46 UTC | HN request time: 0.416s | source
Show context
Gh0stRAT ◴[26 Jul 22 06:26 UTC] No.32235028[source]
I'm completely missing how his example of a Word document that can only be opened by approved users on approved hardware within the corporation is supposed to be a bad thing.

Honestly, that sounds pretty fantastic. I've been using 3rd party tools/extensions to do this sort of thing in corporate and government environments for years, but having the attestation go all the way down to the hardware level is a big value-add, especially with so much ransomware/spyware/extortion/espionage going on these days.

Can someone please explain to me how the author might see this level of security as a bad thing?

replies(18): >>32235120 #>>32235149 #>>32235164 #>>32235474 #>>32235546 #>>32235795 #>>32235875 #>>32236359 #>>32236639 #>>32236668 #>>32236673 #>>32236797 #>>32236864 #>>32237450 #>>32237580 #>>32238544 #>>32238583 #>>32240740 #
qweqwerwerwerwr ◴[26 Jul 22 11:01 UTC] No.32236673[source]
what's stopping someone from taking photos of your precious document and posting them on 4chan?

nothing. there's nothing you can do to stop that.

replies(3): >>32236946 #>>32236951 #>>32237044 #
1. autoexec ◴[26 Jul 22 11:54 UTC] No.32237044[source]
I can discretely copy GBs of email messages and word docs in a reasonable amount of time, but I couldn't discretely take cell phone pictures of every page of every one of those messages and documents if I had years to do it. You don't always have to prevent something 100% of the time in every possible situation to have a devastating effect on people who want to do that thing.
replies(1): >>32237259 #
2. qweqwerwerwerwr ◴[26 Jul 22 12:17 UTC] No.32237259[source]
I've just provided the easiest example of bypassing any boomer security nonmeasures. give a dedicated and competent attacker 15 minutes alone with your highly secure machine and highly sensitive documents, and if your entire security model depends on DRM rather than actually effective methods, they will figure out how to exfiltrate it all.