Privacy

32173 readers

209 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

Microsoft Pluton - How bad is this on a new Intel/AMD laptop running Linux? (learn.microsoft.com)

submitted 16 hours ago by [email protected] to c/[email protected]

10 comments fedilink hide all child comments

Recently I came across Microsoft Pluton while searching for a new laptop. Initially I thought it was like TPM and wouldn't affect Linux. But the more I researched, the worse it got. According to them

Microsoft Pluton is a chip-to-cloud security technology that provides hardware-based root of trust, secure identity, secure attestation, and cryptographic services

Does it connect to Cloud irrespective of the OS I ran? If yes this could be a privacy nightmare.

Why aren't more people talking about this? It been here at-least since the last two generation of CPUs from AMD (from my research worst offender) and Intel.

Isn't this a privacy violation lawsuit waiting to happen? In what ways does this Microsoft Pluton chip affect people who use Linux and should I not buy a new Laptop?

Also what about manufactures like Framework? Are they also forced to work with this chips?

From where I am, used laptops are not worth it.

top 10 comments

sorted by: hot top controversial new old

[–] [email protected] 27 points 16 hours ago (2 children)

Why aren't more people talking about this? It been here at-least since the last two generation of CPUs from AMD (from my research worst offender) and Intel.

Likely because of this:

Microsoft Pluton is currently available on devices with AMD Ryzen® 6000, 7000, 8000, Ryzen AI and Qualcomm Snapdragon® 8cx Gen 3 and Snapdragon X series processors. Microsoft Pluton can be enabled on devices with Pluton capable processors running Windows 11, version 22H2 and later.

Emphasis mine. It's an optional function, and this sounds like it's targeted to businesses who either provide or have IT services. So like TPM, you can use it or not, and given the sharp rise in ransomware and other attacks, I can see why a business might want to use it.

How bad is it? I dunno. It seems to be so "noteworthy" that nobody is talking about it, and it sounds very optional.

[–] [email protected] 7 points 14 hours ago (2 children)

'optional' just like the functions Intel ME provides?

[–] vikingtons 4 points 13 hours ago (1 children)

Vendors are no longer actively implementing the pluton spec. It's not in itself equivalent to Intel ME, whereas something like platform security processor (aka PSP - based on ARM TrustZone) could be considered a closer equivalent.

[–] [email protected] 1 points 4 hours ago* (last edited 15 minutes ago)

can you please explain in a little more depth? are you saying pluton is basically dead in the water and is likely to disappear from implementations in silicon in the near future?

[–] [email protected] 2 points 14 hours ago

I can't personally say. Beyond my knowledge.

[–] InternetCitizen2 3 points 13 hours ago (1 children)

It seems to be so “noteworthy” that nobody is talking about it, and it sounds very optional.

I mean not to be a tin foil hat but they are not going to admit to negative side effects. Take issues with right to repair and how they fly under the radar. John Deere is a big offender that affects everyone and few will know. Your food supply should be noteworthy.

[–] [email protected] 2 points 12 hours ago

I appreciate your analogy, and I recognize that the numerous Linux kernel maintainers haven't so much as made a peep about this in the last two years—plenty of other drama, but not that.

It could be that it has flown under everyone's radar, or it could be that it's not anything to worry about (yet?).

[–] vikingtons 7 points 13 hours ago* (last edited 13 hours ago)

Pluton is a weird thing. It's not dedicated HW designed or produced by Microsoft, it's more of a specification which requires something like TPM2 hardware on a given SOC.

Most vendors do not implement the pluton spec in their offerings.

[–] Deckweiss 13 points 16 hours ago

Most Pluton devices on the market have it off my default and I am not aware of any device where you can't disable it (on x86).

[–] [email protected] 6 points 14 hours ago* (last edited 14 hours ago)

From their description it seems like just another tpm - like chip with extra functionality. That "cloud to chip" stuff seems to be marketing bs to me, possibly a tpm like chip that can only be used by Azure services? Doesn't seem to me that it overrides the os in any way, so Linux would probably just ignore it withou the right drivers.