Microsoft: Pluton Chip Will Bring Xbox-Like Security to Windows PCs
Microsoft hopes to improve PC platform security, and it’s turning to CPU manufacturers to help it do that. The Windows maker has a new security chip design called Microsoft Pluton, and it’s probably coming to your next PC whether you want it or not. Intel, AMD, and Qualcomm are working to make Pluton part of their upcoming designs, which should make PCs more difficult to hack, but it also bakes Microsoft technology into your hardware.
Microsoft says it started working on Pluton to address the troubling trend of CPU-based attacks like Spectre and Meltdown. Currently, many Windows PCs have a Trusted Platform Module (TPM), which is a separate chip someplace on the motherboard that the CPU uses to secure hardware and cryptographic keys. However, you can purchase expensive circumvention kits that physically tap the signal between the CPU and TPM to extract privileged data. Hypothetically, Pluton should block such attack vectors because it’s part of the CPU.
Devices running on CPUs with the Pluton module should be much harder to hack in the same way the Xbox One was harder to hack than previous versions of the console. That’s actually where Microsoft took its inspiration. The Xbox has an integrated security module that makes it harder to play pirated games. There are plenty of arguments against that sort of heavy-handed DRM, but Microsoft’s engineers learned a great deal about security strategies from the Xbox. Bringing that know-how to the PC could solve a lot of problems… and maybe introduce a few new ones.
Currently, consumers who are worried about security have to hunt for systems that support TPM, but Pluton could solve that issue as well. If your system has Pluton embedded in the CPU, it benefits from the enhanced security without any setup or maintenance on the user’s end. These future processors from Intel, AMD, and Qualcomm with Pluton will be able to get OTA updates from Microsoft inside the regular Windows platform updates.
Not everyone is over the moon about Pluton, which uses the same API as the standard TPM. It would be possible to use Pluton to run a digital rights management (DRM) scheme that is much harder to crack. Microsoft says that’s not its goal, but there’s nothing stopping someone from doing that. The integration of Pluton with CPU hardware also gives Microsoft some level of access to your hardware, even if you don’t use Windows. Microsoft already uses Pluton in its Linux-based Azure Sphere devices, and Linux support for the embedded version is on the roadmap. Although, we still don’t know when the first Pluton-equipped CPUs will ship. It could be a few years before you have to worry about this.