Microsoft has been ramping up the security of its ecosystem one step at a time. Windows 11 set the tone by making the TPM 2.0 chip mandatory for upgrade and installation. Taking it to the next level, the PC giant has introduced the Pluton Security Processor. So what is PSP or Pluton Security Processor, do you need it, and how or where can you get it? Let’s find out.
Also read:How to Safely Bypass the TPM 2.0 Requirement in Windows 11
What Is a Pluton Security Processor?
Microsoft has partnered with popular chip makers like Intel, AMD, and Qualcomm to develop a new security chip named Pluton Security Processor. It has been designed as a hardware unit that will be directly planted in the CPUs of upcoming computers. Why?
The chip provides tighter integration between the hardware (motherboard) and software (Windows OS and apps). Pluton aims to make it harder for hackers to break into computers and steal data or seize system access, even with physical access to the computer.
But don’t we have TPM chips for that?
Also read:The Ultimate Guide to Check Windows 11 Compatibility with Your PC
Differences Between TPM and PSP
TPM or Trusted Processor Modules are hardware components that resides in your computer but are separate from the motherboard. While they do encrypt data and protect the user from several kinds of attacks, they fail to offer protection from an entire spectrum or vector of advanced attacks. For example, when the hacker has physical access to the computer, TPM chips can do little to protect the data’s integrity.
Another issue is that because TPM is not part of the motherboard, it needs a channel of communication to transfer data back and forth. This leaves the channel open for hackers to intercept and manipulate.
TPM chips, though supported by Windows and powering security solutions like Windows BitLocker and Hello, are not default on most computers. With Pluton Security Processors, Microsoft wants to address these issues by partnering with big-name manufacturers and making Pluton the default standard.
Because the security chip is part of the motherboard and tightly integrated, there is no need to depend on an outside channel to communicate instructions or transfer data. This reduces outside dependencies.
PSP also employs cloud-to-chip technology where Microsoft will have the ability to update the chip. That will help them mitigate new and emerging risks before they pose a threat to the user.
Also read:How to Install Windows 11 on Unsupported PCs (And Why You Shouldn’t)
Pluton Protection Features
Pluton can emulate TPM using APIs, making the integration seamless, thus basically removing the need for TPM. So, for example, encryption keys, user profiles, users’ identities, credentials, etc., can all be secured by Pluton now.
Other security services that Windows users directly implement to access and secure their computers, like Windows Hello, BitLocker, and System Guard, will also use Pluton now.
While being part of the core hardware, the motherboard, Pluton uses Secure Hardware Cryptography Key or SHACK to isolate the data contained within. Because it can act independently, a Pluton Security Processor requires its own firmware, albeit a lighter version, to run and perform various tasks.
An added major benefit of the firmware is that it can be upgraded (via cloud updates using Windows Update feature) from time to time to mitigate new and emerging threats. Hackers are evolving too, after all.
Also read:Do I Need Antivirus Software If I Have Windows Defender?
When Will PSP Be Available
Technically, it has already arrived. Lenovo has already announced two new ThinkPads powered by the AMD Ryzen Pro 6000 processors with the Pluton Security Processor built-in. That being said, HP, ROG, Lenovo, Dell, Acer, and Razor are scheduled to launch premium laptops with Pluton sometime this year.
It is worth noting that the manufacturers can choose to enable or disable Pluton by default. However, users will have the option to enable/disable it too. The function, like TPM, will be available in BIOS or UEFI.
Frequently Asked Questions
1. When was Pluton first introduced?
Pluton was first introduced back in 2013 with the launch of Xbox and later Azure Sphere and was primarily designed to prevent gamers from hacking and gaining unfair advantages or unlocking in-app items that are otherwise paid. It was designed to secure sensitive data by integrating the security chip into the computer’s hardware. Microsoft announced Pluton for PCs in 2020.
2. What happens to TPM now?
While there is no word from Microsoft or other PC manufacturers, we think it will be slowly phased out in favor of Pluto because it offers better hardware-level security and can be updated via the cloud. You may want to think of Pluton Security Processor as TPM 3.0.
3. Will Pluton bring DRM (Digital Rights Management) restrictions as it did on Xbox?
It is true that Pluton pretty much ended piracy on the Xbox platform. However, according to a Microsoft official, the objective in integrating Pluton with Windows was for security purposes and not DRM. But it is still too early to comment on anything, and things may always change in the future.
Image credits: Microsoft Document, Microsoft Blog, AMD
Our latest tutorials delivered straight to your inbox
