pluton
7 posts tagged pluton.
-
Below the OS: The Pre-Boot Trust Chain Where Secure Boot Inherits Its Trust From
Walk the eleven rungs from CPU reset to winload.efi -- Intel Boot Guard, AMD PSB, CSME, the PSP, KB5025885, and why the April 2023 MSI OEM-key leak is structurally permanent.
-
"The Vault is Solid. The Delivery Truck is Not." -- Microsoft Recall's Two-Year Re-Architecture from Plaintext SQLite to VBS Enclaves
How Microsoft Recall went from a plaintext SQLite database broken in four weeks to a VBS-Enclave + TPM-sealed + Hello-gated architecture, and what TotalRecall Reloaded still extracts. (Article title borrows Alexander Hagenah's framing, attributed in §8.1.)
-
Apple Secure Enclave vs Microsoft Pluton: Two Roads to Hardware Root of Trust
How Apple SEP and Microsoft Pluton solve the same problem -- keeping your secrets safe from a compromised OS -- using two very different silicon strategies.
-
Direct Anonymous Attestation: The Zero-Knowledge Proof Already in Every TPM
TPM 2.0 names a zero-knowledge group-signature primitive in its spec. A billion chips ship it. Almost nobody verifies it. The story of why DAA won every standardization fight and lost every deployment one.
-
Pluton: A TPM On Silicon Microsoft Can Patch
How Microsoft moved the TPM onto the SoC die, ran it on Rust firmware, and patched it through Windows Update -- and what that cost in trust centralisation.
-
Secure Boot in Windows: The Chain From Sector Zero to Userinit, and Every Place It Has Broken
How Windows verifies and measures itself from CPU reset to logon, every rung of the boot chain, every public break, and what Pluton is being built to fix.
-
The TPM in Windows: One Primitive, Twenty-Five Years, and the Chip Microsoft Bet On Twice
How a passive 1999 cryptoprocessor became the load-bearing pillar of Windows security, and what twenty-five years of attacks taught us about its limits.