Intel’s Trusted Platform Module has been good at improving security by creating a Secure Enclave for things like encryption keys, but it has had a few flaws. And now it has a successor: Microsoft’s Pluton Security Processor.
Listen to the podcast version of this Top 5 episode on SoundCloud
Here are five things to know about Microsoft’s Pluton Security Processor.
- Pluton won’t Meltdown or Spectre. It has built-in defenses against both side-channel attacks because it’s isolated from the rest of the system. It even has defenses to thwart future spin-offs of those kinds of attacks. The keys never leave the Pluton security boundary.
- Pluton is hard to attack physically, too. It’s integrated into the CPU die, so there’s nowhere for an attacker to solder leads into. There is no bus to attack.
- It has its roots in the Xbox. Microsoft developed an integrated security chip in cooperation with AMD back in 2013. They brought that over to Azure Sphere devices and in November 2020 announced Pluton for PCs.
- It plays nice with other security platforms. Pluton can provide a secure identity for the CPU itself, that complements security platforms including the Open Compute Project’s Project Cerberus, to enable root-of-trust and firmware authentication.
- It may be off in your laptop. Lenovo shipped its first ThinkPads with Pluton turned off. So, just because Pluton is in your CPU doesn’t mean it’s active. You may need to enable it yourself. Lenovo says they did this because enterprise customers wanted to test it before it was turned on for their workforce.
AMD and Qualcomm are making chips with Pluton in them, and Intel says it’s working on it. So, it should be easy to find a machine with Pluton if you want it.
Subscribe to TechRepublic Top 5 on YouTube for all the latest tech advice for business pros from Tom Merritt.