Some of the world’s leading chip makers have fought a series of hardware flaws over the past two years, making it possible, but not easy, to pluck passwords and other confidential secrets directly from their processors.
Updates were rolled out by the chip makers, but the companies needed to reconsider how they approach chip security.
Now with its latest security chip that it calls Pluton, US-based tech company Microsoft thinks it has the solution. The chip is the brainchild of a Microsoft collaboration with chip makers Intel, AMD and Qualcomm.
Pluton protects the hardware of a computer from tampering, such as from hardware implants or by hackers exploiting loopholes in the low-level firmware of the device. It makes it much more difficult for hackers, with physical access to a computer, to conduct hardware attacks and steal confidential data once the chip is integrated within future Intel, AMD and Qualcomm central processor units, or CPUs, the companies assured.
“The Microsoft Pluton design will create a much tighter integration between the hardware and the Windows operating system at the CPU that will reduce the available attack surface,” said David Weston, director of enterprise and operating system security at Microsoft.
It was back in 2013 that Pluton made its first appearance through the Xbox One (Microsoft’s video gaming brand) in order to make it much more difficult to hack the console or allow gamers to run pirated games, Microsoft said. The chip later graduated to Azure Sphere, Microsoft’s cloud service, used to secure low-cost devices for the Internet of Things (IoT).
The plan now is to introduce the same technology to new Windows 10 devices, with some improvements.
The chip comes with immediate advantages, such as making it much more difficult to succeed in hardware attacks against Windows devices. It also solves a major security headache by keeping the device’s firmware up-to-date.
Whether the Pluton chip can stand the test of time or not is another matter. Third-party researchers have done most of the chip vulnerability research through detailed, and often tedious work. The Pluton chip has undergone a security stress test by its own internal red team and by external vendors, Mr. Weston said.
But if anything went wrong, it could come back to haunt the company. For instance, it was only last month that security researchers found a “unfixable” security vulnerability in Apple’s T2 security chip, a custom-built chip in most modern Macs that is similar to Microsoft’s Pluton, that could open up Macs to the very security threats that the chip is supposed to prevent.
Microsoft refused to say whether it intended to sell the Pluton chip designs to other chip manufacturers or whether it planned to keep it open-source for all to use, but said it plans to share more information in the future, leaving the door open to the possibility.
According to July data, Windows-based PCs remain the dominant platform in the global computing market, with a share of nearly 80 percent.
The tech giant claims that further action must be taken and that cyber criminals should be ahead of the cybercriminals because as computing systems and security advance, so do the methods used in trying to infiltrate it.