At CES this week, Lenovo announced that their new Z-series laptops would ship with AMD processors that incorporate Microsoft’s Pluton security chip. There’s a fair degree of cynicism around whether Microsoft have the interests of the industry as a whole at heart or not, so unsurprisingly people have voiced concerns about Pluton allowing for platform lock-in and future devices no longer booting non-Windows operating systems. Based on what we currently know, I think those concerns are understandable but misplaced.
As usual, Matthew Garrett does an excellent job explaining complex topics like this.
To summarize; if you’re not running Windows (and want to run FreeBSD or Linux or Haiku or…) it’s time to buy lube in bulk; because your ability to update firmware will be gone, and if (e.g.) a government seizes your computer for any reason then Microsoft will happily assist by extracting encryption keys in a way that no disk encryption scheme can prevent.
Installing alternative OS on Chromebooks aren`t so trivial also. And making dual-boot, IIRC, made it possible to destroy alternative OS to be destroyed by pressing space.
I’ve hard all this kind of nonsense from corporations and media puffery before. I’m sorry but I have a very high degree of circumspection about this. The whole impetus has been a cross between boiling frogs and being sucked into quicksand. I’d rather come straight out with it and call them liars and go from there.
I have a real problem with men in the tech world and it is a man problem. Cognitively men take far too many shortcuts and have a different sense of risk to women. When men especially start saying “trust me” yet arein an appalling hurry to direct and distract examination as well as gishgallop past slow and careful rounded scrutiny which takes in context and history I get jittery. In fact this whole Pluton scheme and Lenovo jumping on it so fast smack of fait accompli. No. I think regulators need to take a very hard look at this – the patterns, and trends, and reasons and if it means banning this product from sale or import so be it.
Myself I don’t think Matthew Garret is remotely qualified to discuss the security aspects of this topic and I don’t just mean technical but the whole kaboodle including human rights and governance and redress. His enthusiasms may play well in the US economy which is an entirely different thing all of its own and with the novelty hungry tech industry but I suspect EU lawyers would make mincemeat of this.
As for his handwaving in the last paragraph about an alleged edge case and he “doesn’t think”. Exactly. Rigorous philosopher he is not.
3/10. Must try harder.