from Hacker News

Pluton is not currently a threat to software freedom

by foodstances on 1/9/22, 2:06 AM with 204 comments

• by dane-pgp on 1/9/22, 2:33 AM

  > Remote attestation has been possible since TPMs started shipping over two decades ago.

  The difference now is that Microsoft are saying they will only support machines which have these TPMs, and therefore they can credibly argue in a few years that the only secure PCs (and thus the only PCs that ISPs should allow online) are ones which can produce a remote attestation to prove they are running the latest OS updates (from an OS vendor that is approved by the government).

  > If Microsoft wanted to prevent users from being able to run arbitrary applications, they could just ship an update to Windows that enforced signing requirements.

  The trap hasn't been sprung yet, but those are the teeth, yes. Then say goodbye to Tor, E2E encrypted messengers, unapproved VPN apps, and bittorrent clients that don't check a Content ID database.

• by userbinator on 1/9/22, 4:11 AM

  The "not currently" in the title is very important foreshadowing.

  This is merely another battle in the war on general-purpose computing.

  They will build their kingdom piece-by-piece, and under innocuous-sounding adjectives such as "safety" and "security".

  Each of these pieces may look innocuous and perhaps even helpful, but don't lose sight of their ultimate goal.

  Once all the pieces are in place to achieve total lockdown, there will be no going back.

  Articles like this that say "it hasn't happened yet" and try to spin a positive narrative are not showing the big picture. Arguably, Big Tech does not want you to see the big picture.

• by no_time on 1/9/22, 11:28 AM

  The fact that there is no "user override"[0] feature in any of these security processors is blatantly obvious evidence that they are designed to control and restrict first and foremost. I have read mjg's other posts on the topic and have no reason to believe he is arguing in bad faith but I'm still not convinced one bit.

  [0]: https://www.eff.org/wp/trusted-computing-promise-and-risk

• by messe on 1/9/22, 3:37 AM

  The fearmongering about Pluton feels very similar to the criticism that was levied against UEFI Secure Boot when it was being debuted. In the end, x86 systems didn't become any more locked down.

  I predict that this will blow over, and won't be a big deal in a few years time once FOSS drivers for what is effectively just a new breed of TPM are released.

  If in five years, it turns out I was wrong, I'll eat my hat. Although defining "my hat" by then might be difficult, as it'll probably be subscription based.

• by transpute on 1/9/22, 3:14 AM

  Background material on Pluton:

  1. Xbox Security, https://www.platformsecuritysummit.com/2019/speaker/chen/

  2. Azure Sphere (derived from Xbox) with Microsoft Linux kernel, OE/Yocto runtime and QEMU emulation of Pluton for CI/CD, https://www.platformsecuritysummit.com/2019/speaker/seay/

  3. DMTF SPDM (PCI device firmware attestation to SoC/RoT), https://www.platformsecuritysummit.com/2019/speaker/plank/

  Nov 2020 Intel announcement about Pluton, https://itpeernetwork.intel.com/intel-and-microsoft-plan-to-...

  > Secure platforms anchor on a hardware Root of Trust as the foundation. Given Intel’s diverse ecosystem, our vision is to offer multiple Root of Trust options that ensure isolation of resources, keys and security assets. The partnership with Microsoft to offer Pluton will further broaden the choices available to our mutual customers.

  Hopefully a future Intel SoC will include an optional FPGA-based RoT where customer hardware owners can load the open-source firmware of their choice.

  Edit: Pluton will be included in upcoming Arm laptops with SoCs from the Qualcomm-Nuvia (former Apple M1) team.

• by marcodiego on 1/9/22, 3:31 AM

  Will this allow my computer, in the future, to be as locked as current smartphones? Will this allow software to refuse to run or services to refuse to work depending on third party software I have installed?

• by rackjack on 1/9/22, 3:27 AM

  - Microsoft isn't going to fuck us over that hard <--- We are here

  - Microsoft is fucking us over that hard

  - Libre software FTW

  - Libre software UX sucks

  - Repeat

  When will the cycle end?

• by saxonww on 1/9/22, 4:34 AM

  I've always thought this was just Microsoft's copy of Google Titan and Apple's T2. And as others have pointed out, there's a lot of overlap with what a TPM can already do.

  The main thing that comes to mind for me is that since this is integrated into the CPU itself, now 'things' can be strongly and directly tied to the CPU instead of a separate TPM or some collection of hardware identifiers. Was this already possible on x86? My mind immediately went to "this will be used for tighter DRM"; I feel like content owners would like this a whole lot.

• by grawprog on 1/9/22, 3:39 AM

  So basically "Why it's ok and you should be happy about Microsoft's hardware controlling the software on your PC".

  I'm so unbelievably sick of this 'security by corporation, it's what's best for you so accept it bullshit.' I really am.

  No I don't want proprietary internet enabled hardware on my PC monitoring my software, no it does not make me feel safe and secure, actually, go fuck yourself and whatever marketing bullshit you spew to make this desirable for consumers. I'm honestly so fucking done with this kind of shit.

• by AshamedCaptain on 1/9/22, 11:37 AM

  So we already have to trust the Intel ME crap, and now the MS crap too. How is this similar to the status quo? _At best_ it increases the number of actors you have to trust, specially if you are not using Windows.

• by encryptluks2 on 1/9/22, 4:30 AM

  Don't forget that even recently Microsoft has pretended to be committed to open source, but consistently continues to make decisions that counter that. What may look friendly today like their switch to Edge, may end up being entirely hostile like Edge has become today.

• by deknos on 1/9/22, 9:10 AM

  in german we call stuff like pluton "politik der kleinen schritte" or "salamitaktik". which basically means that little step for little step, things change.

  it is not CURRENTLY a threat, but it builds up to be a threat in the future if we do not stop and/or constrain it.

• by IYasha on 1/9/22, 2:16 PM

  "Wire fence is not a threat! "

  ( fine print: we haven't switched the electricity on yet)

  edit: asterisks are somehow omitted

• by akagusu on 1/9/22, 4:12 PM

  We should put an emphasis on currently, but also I think we should discuss how Microsoft is positioning itself as a gatekeeper and forcing all market players to adopt their tech.

  If Microsoft says Windows will only support has with this tech enabled, and since almost every computer on the planet runs Windows, vendors must adopt this tech or go out of the market.

  In other words, Microsoft is positioning itself to say to all market players to play by its rules or go out of business.

  This is a perfect way to establish control over the market without establish itself as a monopoly, thus not attracting attention from regulators.

• by shmerl on 1/9/22, 4:02 AM

  > if you're not running Windows Microsoft can't update the firmware on your TPM.

  This seems to be the biggest issue - hardware locked into requiring Windows to be up to date.

  MS can of course ship firmware that's independent of the OS, but knowing MS - they probably won't.

• by ece on 1/10/22, 11:43 PM

  I think this is about securing data/keys (AES, TLS, TPM..) vs securing code (Secure Boot, TEEs..). Neither is really a threat to software freedom as I see it, as long as it's user controlled or can be rendered effectively inactive.

  The thorniest question I think is around TEEs. You either trust ME/PSP/mobile TEEs for their explicitly mentioned uses (fTPM, SVM, Remote attestation..) or you think they should be even more sandboxed or perhaps shouldn't exist at all. I'm all for the middle ground/option here where the user is in control, thought others may disagree. Remote attestation could be a case where the user is losing control, so preserving user control there is important.

• by toastal on 1/9/22, 2:03 PM

  Man, I was really enticed by the specs on these Z-series laptops by Lenovo and was looking at an upgrade. But I was reading about Pluton this afternoon, and now looking at this thread, I don't know how I feel about it. Why ruin a great new CPU with future spyware?

  I don't like the edit at the bottom where the author's like: oh yea, of course this could be a massive issue against FOSS but we should just assume that vendors will think it's impractical. I've seen how banks react to rooted phones, even when rooted to heighten device security--and I've switched banks before because of it. They don't care.

• by fartcannon on 1/9/22, 3:33 AM

  Thank god for Berkeley and RISC-V.

• by flubflub on 1/9/22, 1:17 PM

  There are a lot of security benefits to using a TPM. I wouldn't mind if I could use an open source one in Linux.

  They ameliorate a lot of low entropy problems for passwords and can improve security. I can't imagine a proprietary one being mandatory. My banking app uses the mentioned remote attestation so I can't use it on my less-Googled Calyx ROM. I just think that's stupid instead of very strong warnings.

• by paavoova on 1/9/22, 4:28 AM

  Meanwhile, hardware-level OS-ignostic rootkits like Computrace exist, and Intel ME has its own network stack, but Pluton being adopted as some kind of industry standard to lock down a platform in the name of "security" and what have you is a conspiracy.

• by hansjorg on 1/9/22, 10:12 AM

  It's funny how Microsoft seems unable to do "security" without veering into megalomanic authoritarian schemes. See also Palladium.

  What about trying to secure your software without building the infrastructure for an oppressive dystopian future? Too much to ask?

• by 0dayz on 1/9/22, 9:45 AM

  What worried me about pluton is essentially both the fact it might set a trend where drm locks out Linux devices and that remote exploits on pluton is a real nightmare scenario.

  Despite the fact I in a way do think tpm like components are a good thing.

• by richardfey on 1/9/22, 8:33 PM

  One great advantage of these separate silicons is that side channel attacks are greatly mitigated; it's everything else that worries me (closed platform, no transparency, unusable once vendor stops supporting it etc)

• by Shadonototra on 1/9/22, 3:31 AM

  windows? it's a dead OS anyways

  people are either on macOS/android/iOS or chromium OS