←back to thread

The Dangers of Microsoft Pluton

(gabrielsieben.tech)
733 points gjsman-1000 | 1 comments | 26 Jul 22 03:46 UTC | HN request time: 0.235s | source
Show context
Gh0stRAT ◴[26 Jul 22 06:26 UTC] No.32235028[source]
I'm completely missing how his example of a Word document that can only be opened by approved users on approved hardware within the corporation is supposed to be a bad thing.

Honestly, that sounds pretty fantastic. I've been using 3rd party tools/extensions to do this sort of thing in corporate and government environments for years, but having the attestation go all the way down to the hardware level is a big value-add, especially with so much ransomware/spyware/extortion/espionage going on these days.

Can someone please explain to me how the author might see this level of security as a bad thing?

replies(18): >>32235120 #>>32235149 #>>32235164 #>>32235474 #>>32235546 #>>32235795 #>>32235875 #>>32236359 #>>32236639 #>>32236668 #>>32236673 #>>32236797 #>>32236864 #>>32237450 #>>32237580 #>>32238544 #>>32238583 #>>32240740 #
1. tenebrisalietum ◴[26 Jul 22 14:15 UTC] No.32238544[source]
It's a big value add for you, as a corporate IT deployer.

Outside of corporate IT, what if Microsoft uses this remote attestation to enforce binding non-corporate PCs to a Microsoft account. Some don't have a problem exposing everything to Microsoft's cloud, but Pluto sounds like it could be used to enforce this on a hardware level.

If computing devices without bondage to a cloud service are impossible, Windows has no more value proposition for me for personal computing. I'm going to stick with Apple, because at least Apple allows me to turn it all off, off seems to mean off on at least Apple iPhones/iPads (I don't have to check hundreds of weirdly named services, policy settings, scheduled tasks that are all on for some reason), and settings don't seem to randomly sneak on between updates.