One of the aspects that most concern users today is that of equipment security. Something that is not surprising given that the number of connected devices is increasing and therefore they are easier targets to be attacked by third parties.
And Microsoft, with a huge park of devices (almost one billion Windows computers), is a fairly juicy target for cyber attackers. Reason for more from Microsoft tries to put barriers to avoid these threats. And after the entry into play of Artificial Intelligence, they now have more systems in mind to protect users.
The teams have the software developed by both application developers and hardware manufacturers. And among them, there must be a teamwork relationship, side by side so as not to leave gaps free. That is why from Microsoft they have opted to reinforce these collaborations with an initiative called Secured-core PC.
With this system, the relationship between Windows with the firmware of the device and the operation of the device’s boot system is proposed. A system that would try to avoid that, as a result of development by different parties, there could be a security breach.
The Secured-core PC system acts on the operation of the equipment and its hardware in relation to the software. When you press the power button, the processor firmware will turn on the system but at the same time limit how much the processor relies on its own firmware to define the code path you need to start the system. So the processor will call the Microsoft bootloader to get those instructions.
This protocol seeks to establish a safe route that the processor can take each time the computer starts up in order to prevent attacks. In short, it is about getting ahead of the threat and avoiding that these attacks can occur instead of detecting them in advance and then patching them.
It is an improvement over the “Secure Boot” system that is present from Windows 8, a system that relies on boot manager authentication to ensure it is secure. A system that has been working correctly, but that has a must in your account and that depends on the confidence in the firmware to verify each part in the boot software. But what if the threat is found in said firmware? It is what tries to avoid Secured-core PC.
Microsoft’s proposal is already on the table and now it’s time to implement it in the equipment that leaves the market. The American company works with firms such as Intel, AMD and Qualcomm, the main manufacturers of processors, which are responsible for developing the firmware with their corresponding encryption keys on their chips.
The new equipment that arrives on the market could include this new improvement and the first example in which we will see the practical application of the Secured-core PC protocol will be the next Microsoft Surface Pro X, the first step to see the arrival of other models manufacturers like Dell, HP, Lenovo or Panasonic.
Source | Microsoft