Microsoft, in partnership with CPU manufacturers, is planning to introduce a new security protocol called Pluton which is similar to TPM but built into the processor and, if history is anything to go by, there’s every likelihood it could end up being a mandatory requirement.
Reading Microsoft’s dissertation it seems that Pluton provides the same, or very similar, functionality as TPM. The problem with TPM, according to Microsoft, is that the data flow between the TPM chip and the CPU creates a channel of communication that’s open to exploitation. Building the same functionality directly into the CPU eliminates that channel and therefore also eliminates the potential for exploitation.
In short, Microsoft has gone from… TPM is the ultimate in security that every user needs –to– TPM is vulnerable so the new best thing is now Pluton.
Attackers have begun to innovate ways to attack TPM, particularly in situations where an attacker can steal or temporarily gain physical access to a PC. These sophisticated attack techniques target the communication channel between the CPU and TPM, which is typically a bus interface. This bus interface provides the ability to share information between the main CPU and security processor, but it also provides an opportunity for attackers to steal or modify information in-transit using a physical attack. The Pluton design removes the potential for that communication channel to be attacked by building security directly into the CPU ~ source
- Read Microsoft’s publication in full: Meet the Microsoft Pluton Processor
Some experts are suggesting that a future Windows iteration will introduce Pluton as a mandatory requirement. Somehow, I doubt that considering such a move would eliminate ALL machines running CPUs without Pluton from meeting requirements and upgrading. Then again, it is Microsoft after all.
Recent decisions by Microsoft tend to suggest that the company is no longer interested in home users. Everything they do, especially introducing mandatory so-called security protocols such as TPM and Pluton, is geared toward appealing to the corporate sector and appeasing digital rights agitators.
As fellow author, Marc Thomas points out in his recent article — 5 Reasons Why Windows 11 Sucks — home users managed to survive quite well for many years without Secure Boot and many more years without TPM.
Let’s face it, Microsoft has not made any significant dollars from home users for years, giving away free upgrades, while the cost of the support infrastructure must still be quite substantial. On the other hand, the corporate sector remains a steady and viable source of revenue.
In other words, MS does not give a crap about home users. And that, my friends, is just another consequence of a monopoly.