From doark at mail.com Sat Dec 12 16:11:28 2020 From: doark at mail.com (David Niklas) Date: Sat, 12 Dec 2020 11:11:28 -0500 Subject: [Arm-netbook] Pluton: M$ firmware and TPM to be built into your processor... Message-ID: <20201212111128.6b6d2272@Phenom-II-x6.niklas.com> Hi, It has been a while since I posted. Today I have bad news. Apparently, M$ has been working with AMD, Intel, and Qualcomm to place a new type of TPM into their CPUs, APUs, and SoCs. It's already inside of the new XBox processors. It runs firmware which is, according to M$, produced by them. Here's an official link, and a tech site link for those of you who don't want to visit M$'s site. https://www.microsoft.com/security/blog/2020/11/17/meet-the-microsoft-pluton-processor-the-security-chip-designed-for-the-future-of-windows-pcs/ https://www.anandtech.com/show/16269/microsoft-pluton-hardware-security-coming-to-our-cpus-amd-intel-qualcomm I've done some research googling, but at this stage the data on what sort of access this new processor has and what it can do is anyones best guess. It sounds like the firmware might have unrestricted Internet access: "One of the other major security problems solved by Pluton is keeping the system firmware up to date across the entire PC ecosystem." I hope I'm panicking unnecessarily... David From paul at boddie.org.uk Sat Dec 12 16:31:49 2020 From: paul at boddie.org.uk (Paul Boddie) Date: Sat, 12 Dec 2020 17:31:49 +0100 Subject: [Arm-netbook] Pluton: M$ firmware and TPM to be built into your processor... In-Reply-To: <20201212111128.6b6d2272@Phenom-II-x6.niklas.com> References: <20201212111128.6b6d2272@Phenom-II-x6.niklas.com> Message-ID: <4266656.iNvHRfMalz@jason> On Saturday, 12 December 2020 17:11:28 CET David Niklas wrote: > Hi, > It has been a while since I posted. Today I have bad news. Apparently, M$ > has been working with AMD, Intel, and Qualcomm to place a new type of > TPM into their CPUs, APUs, and SoCs. It's already inside of the new XBox > processors. > It runs firmware which is, according to M$, produced by them. > > Here's an official link, and a tech site link for those of you who don't > want to visit M$'s site. > > https://www.microsoft.com/security/blog/2020/11/17/meet-the-microsoft-pluton > -processor-the-security-chip-designed-for-the-future-of-windows-pcs/ > > https://www.anandtech.com/show/16269/microsoft-pluton-hardware-security-comi > ng-to-our-cpus-amd-intel-qualcomm > > I've done some research googling, but at this stage the data on what sort > of access this new processor has and what it can do is anyones best guess. > > It sounds like the firmware might have unrestricted Internet access: "One > of the other major security problems solved by Pluton is keeping the > system firmware up to date across the entire PC ecosystem." > > I hope I'm panicking unnecessarily... It's just Microsoft being Microsoft, I imagine. Ignore all the people who claim "Microsoft has changed" because "Microsoft likes open source" plus all the people who even go as far as to deny that Microsoft ever did bad stuff in the past [*]. I also imagine that Microsoft doesn't like the look of things like this: https://opentitan.org/ Which, having looked at it only yesterday, was the first thing I was reminded of. Paul [*] Bad stuff as in demanding licensing fees for each Intel processor shipped regardless of what the processor or system was running, coercing computer manufacturers into exclusive agreements that forbade them from supplying other operating systems, incorporating other people's software into their operating system without permission, and so on. From lkcl at lkcl.net Sat Dec 12 16:33:31 2020 From: lkcl at lkcl.net (Luke Kenneth Casson Leighton) Date: Sat, 12 Dec 2020 16:33:31 +0000 Subject: [Arm-netbook] Pluton: M$ firmware and TPM to be built into your processor... In-Reply-To: <20201212111128.6b6d2272@Phenom-II-x6.niklas.com> References: <20201212111128.6b6d2272@Phenom-II-x6.niklas.com> Message-ID: On Sat, Dec 12, 2020 at 4:12 PM David Niklas wrote: > It sounds like the firmware might have unrestricted Internet access: "One > of the other major security problems solved by Pluton is keeping the > system firmware up to date across the entire PC ecosystem." > > I hope I'm panicking unnecessarily... well, the decision to "panic" has nothing to do with the external stimuli, if that's what you mean. so one good answer would be, unequivocably, "yes" :) oh you mean, "is this something that should be of concern and warrant attention" - yes, that would seem to be the case. signed treacherous operating systems... yeah. i'll forward it to people i know. l. From doark at mail.com Sat Dec 12 18:59:04 2020 From: doark at mail.com (David Niklas) Date: Sat, 12 Dec 2020 13:59:04 -0500 Subject: [Arm-netbook] Pluton: M$ firmware and TPM to be built into your processor... In-Reply-To: References: <20201212111128.6b6d2272@Phenom-II-x6.niklas.com> Message-ID: <20201212135904.5ab6c863@Phenom-II-x6.niklas.com> On Sat, 12 Dec 2020 16:33:31 +0000 Luke Kenneth Casson Leighton wrote: > i'll forward it to people i know. > > l. Thanks luke. Please keep me/us up-to-date with anything more you learn. David From richard.wilbur at gmail.com Sun Dec 13 16:02:15 2020 From: richard.wilbur at gmail.com (Richard Wilbur) Date: Sun, 13 Dec 2020 09:02:15 -0700 Subject: [Arm-netbook] Pluton: M$ firmware and TPM to be built into your processor... In-Reply-To: <4266656.iNvHRfMalz@jason> References: <4266656.iNvHRfMalz@jason> Message-ID: <55F044AD-6873-445C-95A6-F69CF764E155@gmail.com> M$‘s move certainly seems monopolistic in nature. I’m a little surprised they were able to twist so many arms (AMD and Intel?) so hard! And I’m surprised that anyone in the SoC market would seriously dedicate their processor to running a M$ OS. Thanks for the link to the Open Titan site. It looks like a step in the right direction. I wonder if libre-soc could liberate the 4 remaining blocks still marked “proprietary” (Foundry IP, Analog IP, Physical Design Kit, Chip Fabrication) and create a “libre-titan”? I guess an underlying question is, “Do we have a need to lock everything down that tight in a libre-soc system, since we are designing it from the ground up to avoid many of the exploits inherent in the AMD and Intel architectures?” Richard From david at boddie.org.uk Thu Dec 31 17:53:12 2020 From: david at boddie.org.uk (David Boddie) Date: Thu, 31 Dec 2020 18:53:12 +0100 Subject: [Arm-netbook] Crowd Supply update Message-ID: <6912517.FlXxmUHXzV@aurora> For those not subscribed to updates: 100 A20 Computer Cards Ready for Testing https://www.crowdsupply.com/eoma68/micro-desktop/updates/100-a20-computer-cards-ready-for-testing