Security chips from IT giants to lock you out of your own hardware

Non release banter
User avatar
Rava
Contributor
Contributor
Posts: 5401
Joined: 11 Jan 2011, 02:46
Distribution: XFCE 5.01 x86_64 + 4.0 i586
Location: Forests of Germany

Security chips from IT giants to lock you out of your own hardware

Post#1 by Rava » 01 Jan 2021, 09:45

Security chips from IT giants to lock you out of your own hardware - it is a German article by the renowned IT two-weekly journal ct ("computer & tech") by heise.de publisher.

using translate.google.com: (with minor fixes)

https://www.heise.de/select/ct/2021/2/2 ... 5637131748
Security chips from the IT giants

[...]
There is no trust without security, and this not only applies in the IT world. However, if you hold the cryptographic security key in your hand, you also determine what is allowed to run - and above all, what is not. In the term “key violence” there is the word “violence”: This shows the conflict, even when it comes to the best of intentions, such as defending against malware and hackers. Anyone looking through these glasses sees Microsoft's concept for the “Pluton” security controller with mixed feelings. Because Pluton should be in every PC and notebook with Windows in the future, and not as an optional additional chip on the mainboard, but inextricably integrated in x86 processors from AMD and Intel as well as in Qualcomm's ARM chips for Windows notebooks.

To understand what Pluton is supposed to do, take a look at its role models: Apple's T2 in younger Macs, Google's Titan in Chromebooks and Pixel smartphones as well as the Trusted Platform Module (TPM), which has been established in business PCs and servers for more than ten years. Similar to the security chips on cash cards and pay TV cards, such controllers protect a cryptographic secret that acts as a digital root of trust (RoT). The secret value never leaves its protected storage area, but its public part has been digitally signed by a certain manufacturer or institution. Software or firmware can attach a cryptographically secured chain of trust to this anchor.
[...]
Here the original quote in German
Sicherheitschips der IT-Riesen

[…]
Ohne Sicherheit kein Vertrauen, das gilt nicht nur in der IT-Welt. Wer jedoch den kryptografischen Sicherheitsschlüssel in der Hand hält, bestimmt auch, was laufen darf – und vor allem, was nicht. In der Bezeichnung Schlüsselgewalt steckt das Wort „Gewalt“: Das zeigt den Konflikt, selbst wenn es um die besten Absichten geht, wie die Abwehr von Malware und Hackern. Wer durch diese Brille schaut, sieht Microsofts Konzept für den Sicherheitscontroller „Pluton“ mit gemischten Gefühlen. Denn Pluton soll künftig in jedem PC und Notebook mit Windows stecken, und zwar nicht als optionaler Zusatzchip auf dem Mainboard, sondern unlösbar integriert in x86-Prozessoren von AMD und Intel sowie in Qualcomms ARM-Chips für Windows-Notebooks.

Um zu verstehen, was Pluton leisten soll, hilft ein Blick auf seine Vorbilder: Apples T2 in jüngeren Macs, Googles Titan in Chromebooks und Pixel-Smartphones sowie das seit mehr als zehn Jahren in Business-PCs und Servern etablierte Trusted Platform Module (TPM). Ähnlich wie die Sicherheitschips auf Geldkarten und Pay-TV-Karten schützen solche Controller ein kryptografisches Geheimnis, das als digitale Vertrauenswurzel (Root of Trust, RoT) fungiert. Der Geheimwert verlässt nie ­seinen geschützten Speicherbereich, doch seinen öffentlichen Teil hat ein bestimmter Hersteller oder eine Institution digital ­signiert. An diesen Anker kann Software oder auch Firmware eine kryptografisch gesicherte Vertrauenskette festmachen.
[…]
Cheers!
Yours Rava

User avatar
ncmprhnsbl
DEV Team
DEV Team
Posts: 3925
Joined: 20 Mar 2012, 03:42
Distribution: v5.0-64bit
Location: australia
Contact:

Security chips from IT giants to lock you out of your own hardware

Post#2 by ncmprhnsbl » 01 Jan 2021, 12:29

pluton: a fitting name : "In geology, .... a body of intrusive igneous rock"
from a comment on a another article about it:
"I am reminded of this: https://xkcd.com/538/ "
Forum Rules : https://forum.porteus.org/viewtopic.php?f=35&t=44

donald
Full of knowledge
Full of knowledge
Posts: 2065
Joined: 17 Jun 2013, 13:17
Distribution: Porteus 3.2.2 XFCE 32bit
Location: Germany

Security chips from IT giants to lock you out of your own hardware

Post#3 by donald » 01 Jan 2021, 18:17

The golden age is long gone.
We're on the way of losing control of the systems we buy.
[UEFI, intel ME]

EDIT
www.youtube.com/watch?v=iffTJ1vPCSo

User avatar
Rava
Contributor
Contributor
Posts: 5401
Joined: 11 Jan 2011, 02:46
Distribution: XFCE 5.01 x86_64 + 4.0 i586
Location: Forests of Germany

Security chips from IT giants to lock you out of your own hardware

Post#4 by Rava » 02 Jan 2021, 10:06

ncmprhnsbl wrote:
01 Jan 2021, 12:29
pluton: a fitting name : "In geology, .... a body of intrusive igneous rock"
I did not know about that, fitting name indeed. Image
donald wrote:
01 Jan 2021, 18:17
the golden age is long gone.
We're on the way of losing control of the systems we buy.
Sadly, the FSF Free Software Foundation and CCC Chaos Computer Club are the only global players willing to defend our rights…
Ironic, a Gøøgle guy, Ronald Minnich, to lecture about Replace Your Exploit-Ridden Firmware with Linux since Gøøgle exploits humanity via Gøøgle, yøutube, Andrøid, Gøøgle Play Store, Chrøme, instant messaging and video chats like Duø, Hangøuts, Chat, and Meet, the list is a løøØøng one.

Still, thanks for the find donald.
Cheers!
Yours Rava

Post Reply