For Those Worried About Microsoft's Pluton TPM Chip: Lenovo Won't Even Switch It on by Default
An Anonymous Coward writes:
For those worried about Microsoft's Pluton TPM chip: Lenovo won't even switch it on by default in latest ThinkPads.
PCs coming out this year with Microsoft's integrated Pluton security chip won't be locked down to Windows 11, and users will have the option to turn off the feature completely as well as install, say, Linux as normal, we understand.
The first Windows 11 PCs with Pluton built-in were shown at CES earlier this month. Major PC chip houses - think Intel, AMD, and Qualcomm - are said to be embedding Pluton inside their just-launched or upcoming microprocessors.
Pluton can act as a Trusted Platform Module (TPM) or as a non-TPM security coprocessor. It's a way for Microsoft to specify exactly how it wants a TPM component to be present in microprocessors so that Windows 11 can use the hardware as a root-of-trust and secure its stuff.
Microsoft's invasion at the hardware level has some users - especially those in the open-source community - on high alert. The concern relates to the chip being a means to lock equipment exclusively to Windows 11, shutting out other operating systems, such as Linux distros and the BSDs. Manufacturers tell us that's not the case: Pluton won't get in the way.
AMD integrated Microsoft's Pluton design into its Ryzen 6000 chips, which were just introduced at CES. AMD said its goal is to bring better security to Windows PCs, and users can disable Pluton on machines that follow AMD's reference firmware.
[...] PC makers can choose to ship computers with Pluton turned off, and the technology does not verify the signature of bootloaders, Microsoft PR said. The security processor can be configured to act as a TPM, or used in a non-TPM scenario, or disabled.
Read more of this story at SoylentNews.