←back to thread

The Dangers of Microsoft Pluton

(gabrielsieben.tech)
733 points gjsman-1000 | 4 comments | 26 Jul 22 03:46 UTC | HN request time: 0.961s | source
Show context
userbinator ◴[26 Jul 22 05:05 UTC] No.32234457[source]
What is to prevent school WiFi from one day requiring a Pluton assertion that your Windows PC hasn’t been tampered with before you can join the network?

Remote attestation is the true enemy of your freedom. The power of the authoritarian corporatocracy to force you to use only the (entire) systems they control. It's worth reading https://www.gnu.org/philosophy/right-to-read.en.html again just to see how prescient Stallman was.

replies(12): >>32234704 #>>32235241 #>>32236203 #>>32236379 #>>32236408 #>>32237069 #>>32237245 #>>32238451 #>>32239672 #>>32239680 #>>32239999 #>>32240046 #
raxxorraxor ◴[26 Jul 22 09:44 UTC] No.32236203[source]
Same with TPM and why it had so many critics. Some people still seem adamant to say that boot viruses are the greatest threat in the 21st century, but the economic interest are far more dangerous for general computing in my opinion. And it isn't even close.
replies(4): >>32236517 #>>32236614 #>>32236934 #>>32238101 #
ChuckNorris89 ◴[26 Jul 22 10:53 UTC] No.32236614[source]
Can you explain what is the issue with TPM?

I get the issue with Pluton but TPM is only a dedicated and certified secure key and random number generator that does a better job than CPUs doing it in software, and it's also a secure enclave for storing your encryption keys. Would you rather store the keys in memory where they can be easily grabbed by malicious apps like Mimikatz? Macs had the same feature for years in the T2 chip.

It's the exact system that enables wireless payment and other strong security features on your phone.

So having TPM on PCs and using it for its interested purpose is a boon for everyone's security so I don't see the issue, just FUD.

replies(3): >>32236697 #>>32236700 #>>32237793 #
1. raxxorraxor ◴[26 Jul 22 13:12 UTC] No.32237793[source]
TPM has features like remote attestation and is in general a mechanism to bind data to hardware, which is interesting for DRM purposes.

Sure, there are theoretical attacks on memory, but they are far less relevant for security than the penalties I have to accept with TPM being widely established.

Not that there aren't different means, but TPM also creates unique hashes of your system which only reinforces the problems around fingerprinting.

> It's the exact system that enables wireless payment and other strong security features on your phone.

Phones suck as computing devices on every conceivable metric and are heavily locked down devices. And it is not true that you need a TPM chip to create secure transfers. I constantly do business transaction on my PC just fine.

replies(1): >>32238897 #
2. viraptor ◴[26 Jul 22 14:38 UTC] No.32238897[source]
> which is interesting for DRM purposes.

You're thinking of SGX enclaves not TPM.

> TPM also creates unique hashes of your system

It doesn't. Your system creates hashes and appends to lists signed by TPM. And the point of those hashes is to be not unique, but verifiability matching known values.

replies(1): >>32239129 #
3. raxxorraxor ◴[26 Jul 22 14:52 UTC] No.32239129[source]
No, I meant TPM. Media could be bound to have the TPM report certain hashes of the configuration registers that are either already set or TPM sets on system boot. Same mechanism that allows you to only open a document on specific hardware basically or allows an application to check if the system was perhaps compromised.
replies(1): >>32239636 #
4. viraptor ◴[26 Jul 22 15:24 UTC] No.32239636{3}[source]
I don't think it's going to be useful this way for DRM. TPM is useful for verifying your boot chain is secure and validating this to an external party. But locally you can lie to apps all you want. You can emulate the TPM device (https://qemu-project.gitlab.io/qemu/specs/tpm.html) - it can tell you whatever you want. Locally it's as useful as hiding the DRM in a driver. Rising the bar a bit, but you can still work around it.