Microsoft announces their Pluton Security Processor with AMD, Intel and Qualcomm

WYP · #1 18-11-20, 10:35 AM

Boosting Windows Security with dedicated silicon.

Read more about Microsoft's Pluton Security processor.

dazbobaby · #2 18-11-20, 11:17 AM

Coming from a company (Microsoft) who use closed source code, that has a multitude of bugs and security vulnerabilities, and a company (Intel) that not only rushed processors to the market that have system crippling vulnerabilities when patched, and an entire system opening back door.

All they're doing is creating another vector of attack for hackers. If they can't get access to your hardware, they'll attack the cloud instead.

System security isn't just about how secure your software and hardware is, it's also about users who have no clue, and that is always the weakest link.

looz · #3 18-11-20, 11:38 AM

Quote:

Originally Posted by dazbobaby

Coming from a company (Microsoft) who use closed source code, that has a multitude of bugs and security vulnerabilities, and a company (Intel) that not only rushed processors to the market that have system crippling vulnerabilities when patched, and an entire system opening back door.

All they're doing is creating another vector of attack for hackers. If they can't get access to your hardware, they'll attack the cloud instead.

System security isn't just about how secure your software and hardware is, it's also about users who have no clue, and that is always the weakest link.

There isn't a single bit of multi-million line software without bugs or vulnerabilities. But we hear a fair bit about Windows since it's the most popular desktop OS and also often operated by laymen. And people who disable Windows Update... What comes to branch prediction vulnerabilities, that attack vector wasn't known when those processors were designed - and as such, it couldn't reasonably have been avoided.

And yes, social engineering and plain old phishing are a major source of data breaches. But ignoring other attack vectors is silly.

And what on earth you mean by attacking cloud? Phishing O365 credentials? Poking holes to cloud hosted services?

Dicehunter · #4 18-11-20, 11:45 AM

Quote:

Originally Posted by dazbobaby

Coming from a company (Microsoft) who use closed source code, that has a multitude of bugs and security vulnerabilities, and a company (Intel) that not only rushed processors to the market that have system crippling vulnerabilities when patched, and an entire system opening back door.

All they're doing is creating another vector of attack for hackers. If they can't get access to your hardware, they'll attack the cloud instead.

System security isn't just about how secure your software and hardware is, it's also about users who have no clue, and that is always the weakest link.

I watched a deep dive video about a year ago on Intel's management engine, Some very shady stuff, Basically an embedded subsystem hardware back door originally put forward by various security agencies in the US and still in use today in Intels latest CPU's.

looz · #5 18-11-20, 11:50 AM

There's still no evidence of MCE being used in such manner - and it's impossible for that traffic to not be visible in firewall logs, for instance.
However, it can be used for remote managing a fleet of Intel PCs, and similar hardware exists on AMD.
But of course, having that level of access means that any vulnerabilities found in MCE are severe.

g0ggles1994 · #6 18-11-20, 02:10 PM

This new Pluton will have a backdoor, I guarantee it. NSA, and GCHQ are rubbing their hands together laughing