zlacker

[return to "Pluton is not currently a threat to software freedom"]
1. shmerl+ud[view] [source] 2022-01-09 04:02:54
>>foodst+(OP)
> if you're not running Windows Microsoft can't update the firmware on your TPM.

This seems to be the biggest issue - hardware locked into requiring Windows to be up to date.

MS can of course ship firmware that's independent of the OS, but knowing MS - they probably won't.

◧◩
2. mjg59+jg[view] [source] 2022-01-09 04:29:23
>>shmerl+ud
It sounds like they're using UEFI capsule updates for the firmware, so it'll actually be easy to perform the updates under other operating systems - Microsoft just won't have any mechanism to compel you to do so.
◧◩◪
3. userbi+MA[view] [source] 2022-01-09 08:18:42
>>mjg59+jg
The "mechanism to compel you to do so" will be in the form of remote attestation, as some of the other comments here have mentioned.
◧◩◪◨
4. mjg59+lG[view] [source] 2022-01-09 09:18:55
>>userbi+MA
I don't think I understand your threat model here. In the dystopian remote attestation future, presumably nobody's going to grant you access unless you're running Windows, at which point Microsoft can impose arbitrary policies without needing to involve Pluton at all (all it would do in this case is verify that you're running Windows, and you can already make that determination using a traditional TPM). So under what circumstances would you find yourself unable to gain access to a remote resource unless you're willing to accept a firmware update that changes Pluton's behaviour in a user-hostile way?
[go to top]