The Dangers of Microsoft Pluton

(gabrielsieben.tech)

733 points gjsman-1000 | 1 comments | 26 Jul 22 03:46 UTC | HN request time: 0.309s | source

Show context

userbinator ◴[26 Jul 22 05:05 UTC] No.32234457[source]▶

What is to prevent school WiFi from one day requiring a Pluton assertion that your Windows PC hasn’t been tampered with before you can join the network?

Remote attestation is the true enemy of your freedom. The power of the authoritarian corporatocracy to force you to use only the (entire) systems they control. It's worth reading https://www.gnu.org/philosophy/right-to-read.en.html again just to see how prescient Stallman was.

replies(12): >>32234704 #>>32235241 #>>32236203 #>>32236379 #>>32236408 #>>32237069 #>>32237245 #>>32238451 #>>32239672 #>>32239680 #>>32239999 #>>32240046 #

raxxorraxor ◴[26 Jul 22 09:44 UTC] No.32236203[source]▶

>>32234457 #

Same with TPM and why it had so many critics. Some people still seem adamant to say that boot viruses are the greatest threat in the 21st century, but the economic interest are far more dangerous for general computing in my opinion. And it isn't even close.

replies(4): >>32236517 #>>32236614 #>>32236934 #>>32238101 #

ChuckNorris89 ◴[26 Jul 22 10:53 UTC] No.32236614[source]▶

>>32236203 #

Can you explain what is the issue with TPM?

I get the issue with Pluton but TPM is only a dedicated and certified secure key and random number generator that does a better job than CPUs doing it in software, and it's also a secure enclave for storing your encryption keys. Would you rather store the keys in memory where they can be easily grabbed by malicious apps like Mimikatz? Macs had the same feature for years in the T2 chip.

It's the exact system that enables wireless payment and other strong security features on your phone.

So having TPM on PCs and using it for its interested purpose is a boon for everyone's security so I don't see the issue, just FUD.

replies(3): >>32236697 #>>32236700 #>>32237793 #

furtiman ◴[26 Jul 22 11:03 UTC] No.32236697[source]▶

>>32236614 #

Among that, the TPM enables verification of a particular state of your system, i.e., a particular set of binaries and OS configuration. Simplifying the description of the process a bit - at every bootup it checks the checksum of all programs loaded at every boot stage (UEFI, kernel, userspace) with respect to one that is known to be approved - process called "attestation".

So in worst case, if your attestation server is very strict, any new binary installed on your machine will prevent it from booting or satisfying the attestation. This is the main concern that TPM enables.

replies(1): >>32237309 #

aplanas ◴[26 Jul 22 12:22 UTC] No.32237309[source]▶

>>32236697 #

> the TPM enables verification of a particular state of your system, i.e., a particular set of binaries and OS configuration

That is a bit misleading. The TPM is a passive device, it cannot verify any state. It is the OS who measure the system (in Linux via the IMA system). And is the Linux kernel the one that, if you have a TPM, can produce a process where a 3rd party can be sure that the measurements are "true" and "legit" (via PCR#10 extension).

As you state later, it is this 3rd party the one that assert (verify) if you are state considered OK or not.

Maybe I am too simplistic, but I do not see the evil in the TPM here, but only in the 3rd party policy.

TPM can be abused but, as a developer, I am happy that we can use the TPM for good and fair goals in open source projects.

It is the user who can decide to use the TPM or not, and should be noted that in the TCG specification it is stated that the TPM can be disabled and cleared by the user at any moment.

replies(1): >>32237628 #

q-big ◴[26 Jul 22 12:57 UTC] No.32237628[source]▶

>>32237309 #

> Maybe I am too simplistic, but I do not see the evil in the TPM here, but only in the 3rd party policy.

The evil is that the "Trusted" in "Trusted Computing" and "Trusted Platform Module (TPM)" means that one deeply distrusts the user (who might tamper with the system), but instead the trust lies in the computing (trusted computing) or TPM. In other words: Trusted Computing and TPM means a disempowerment of the user.

replies(2): >>32237731 #>>32237732 #

mavhc ◴[26 Jul 22 13:07 UTC] No.32237732[source]▶

>>32237628 #

Indeed, so the user should not buy a computer where they're not in control of the TPM, if you can't disable it/add your own keys, then don't buy that computer

replies(1): >>32238313 #

ori_b ◴[26 Jul 22 13:56 UTC] No.32238313[source]▶

>>32237732 #

That rapidly converges on "you can't buy a computer and use it", because economic interests favor trusted computing devices.

replies(2): >>32238616 #>>32248561 #

q-big ◴[26 Jul 22 14:20 UTC] No.32238616[source]▶

>>32238313 #

> That rapidly converges on "you can't buy a computer and use it", because economic interests favor trusted computing devices.

I would rather argue that it converges to "you become more and more morally obliged to learn about hacking (and perhaps become a less and less law-abiding citizen) if you buy a computer and use it".

replies(1): >>32239970 #

1. pixl97 ◴[26 Jul 22 15:53 UTC] No.32239970[source]▶

>>32238616 #

Your way rapidly turns into "I was shot by a SWAT team for running a program I legally own"

Yea, maybe we shouldn't live in the US, or other authoritarian nations, but few of us have options like that.

↑