New Type of Security Chip From Microsoft

upstart writes:

Coming to a laptop near you: A new type of security chip from Microsoft:

In November 2020, Microsoft unveiled Pluton, a security processor that the company designed to thwart some of the most sophisticated types of hack attacks. On Tuesday, AMD said it would integrate the chip into its upcoming Ryzen CPUs for use in Lenovo's ThinkPad Z Series of laptops.

[...] Now, Pluton is evolving to secure PCs against malicious physical hacks designed to install malware or steal cryptographic keys or other sensitive secrets. While many systems already have trusted platform modules or protections such as Intel's Software Guard Extensions to secure such data, the secrets remain vulnerable to several types of attacks.

One such physical attack involves placing wires that tap the connection between a TPM and other device components and extract the secrets that pass between the machines. Last August, researchers disclosed an attack that took only 30 minutes to obtain the BitLocker key from a new Lenovo computer preconfigured to use full-disk encryption with a TPM, password-protected BIOS settings, and UEFI SecureBoot. The hack-which worked by sniffing the connection between the TPM and the CMOS chip-showed that locking down a laptop with the latest defenses isn't always enough.

A similar attack unveiled three months later showed it was possible to exploit a vulnerability (now fixed) in Intel CPUs to defeat a variety of security measures, including those provided by BitLocker, TPMs, and anti-copying restrictions. Attacks known as Spectre and Meltdown have also repeatedly underscored the threat of malicious code pulling secrets directly out of a CPU, even when the secrets are stored in Intel's SGX.

Read more of this story at SoylentNews.