馃攳
A New Chip From...Microsoft?! (Pluton Explained) - YouTube
Channel: Techquickie
[0]
when it launched windows 11 confused a
[2]
lot of people over its requirement that
[4]
your pc have a security chip called a
[6]
tpm or a trusted platform module but now
[9]
microsoft wants to transition away from
[11]
the tpm and instead implement its own
[13]
security chip inside of upcoming cpus
[16]
microsoft calls this new chip
[19]
pluton
[20]
but why is this a big deal it helps to
[22]
first understand the limitations of the
[25]
current tpm system tpms contain the keys
[28]
needed to encrypt and decrypt data on
[31]
your devices and they can either come in
[33]
the form of a separate chip that sits on
[35]
your motherboard you can actually buy
[36]
them for for your desktop or as a
[39]
firmware tpm which consists of code that
[41]
hangs out either on your system's
[43]
chipset or on the cpu itself most cpu
[47]
platforms manufactured these days have
[49]
some form of firmware tpm built in hence
[51]
the reason microsoft says you're
[53]
probably okay to upgrade to windows 11
[55]
if you have a recently built pc but tpm
[59]
is far from perfect it's certainly
[61]
better than nothing but it turns out
[62]
it's not particularly hard to defeat if
[64]
an attacker knows what they're doing a
[66]
key weakness can be found in the
[68]
connection between the tpm and the bios
[71]
you can actually connect a sniffing
[73]
device to the pins on the tpm chip and
[75]
obtain the key you're looking for in a
[77]
matter of minutes of course you need
[78]
physical access to the target pc in
[80]
order to pull off an attack like this
[82]
but seeing as how the tpm was meant to
[84]
help protect computers even if a
[86]
miscreant had physical access
[88]
it's a pretty big liability
[90]
but say you're running a firmware tpm
[92]
implementation well
[94]
these can still have their own
[95]
vulnerabilities the well-publicized
[97]
spectre and meltdown exploits have shown
[99]
that attackers can grab data directly
[101]
off a cpu even if that data is subject
[104]
to enhanced security it can still be
[106]
obtained such as in the platypus attack
[109]
that bypasses intel software guard
[111]
extensions or sgx this feature is
[114]
supposed to create a secured area of the
[116]
processor but not only does platypus
[119]
defeat it physical access isn't even
[121]
required to attack the secured area
[124]
pluton is in theory i just love that
[126]
name supposed to go a long way toward
[129]
solving these problems pluton doesn't
[131]
use a separate chip at all instead it's
[134]
baked directly onto the cpu die so there
[137]
isn't a risk of snatching data off a
[139]
communication bus like you can with a
[141]
discrete tpm module but how is pluton
[144]
different from firmware tpm since those
[146]
also run directly on the cpu
[149]
we'll tell you right after we thank
[150]
brilliant for sponsoring this video
[152]
brilliant is a website and app built
[154]
around active learning trade boring long
[156]
lectures for problem solving and
[158]
interactive visuals there's over 60
[160]
courses on everything from astronomy to
[162]
programming and one of our favorites is
[164]
the calculus in a nutshell course it
[166]
gives you a clear sense of the major
[168]
pillars of calculus with new increased
[170]
interactive sections join the community
[172]
of over 10 million learners and
[173]
educators today and the first 200 people
[175]
who head to brilliant.org techwiki will
[178]
get 20 off an annual premium
[180]
subscription
[182]
so a firmware tpm runs its code on the
[184]
same main cpu cores that run your other
[187]
programs so a successful attack on
[189]
something else the cpu is running could
[192]
compromise the firmware tpm pluton on
[195]
the other hand works by adding
[196]
additional hardware that's on the cpu
[199]
die but is separate from the main
[200]
processing cores making it more
[202]
difficult to attack even if the bad guy
[204]
has physical access to the computer
[206]
additionally microsoft is going to be
[208]
responsible for issuing firmware updates
[210]
for pluton rather than motherboard
[211]
manufacturers who typically release new
[213]
firmware versions
[215]
much less frequently this should help
[217]
keep computers safer from new and
[219]
evolving threats the first pcs with
[221]
pluton built in should start hitting
[222]
store shelves in mid 2022 but pluton
[225]
actually isn't even brand new the chips
[227]
have actually been used since 2013 in
[230]
xbox consoles to make it harder to play
[233]
pirated titles which actually brings us
[235]
to a concern some users have about
[237]
pluton some fear that microsoft could
[239]
use pluton to lock down pcs and exert
[242]
too much control over what consumers can
[245]
and cannot run on their own machines we
[247]
do know that cpus with pluton will work
[250]
and run on linux but if you want
[252]
pluton's extra features the specific
[254]
linux distro you're using would need to
[256]
be enable support for those so the only
[259]
time we'll tell if these concerns about
[261]
fluton are warranted but i'm sure we can
[263]
all agree that we trust microsoft right
[266]
they made vista thanks for watching guys
[268]
if you liked this video hit like hit
[270]
subscribe and hit us up in the comment
[271]
section with your ideas for topics that
[274]
we should cover in the future
Most Recent Videos:
You can go back to the homepage right here: Homepage