UMicrosoft usebenzisana ne-Intel, iQualcomm kunye ne-AMD iisistim eziphathwayo ezinokhuselo lwehardware ngokuchasene nokuhlaselwa nge-firmware. Inkampani yanyanzelwa ukuba yenze amaqonga eekhompyuter ngokunyuka kwenani lokuhlaselwa kwabasebenzisi ngabantu ababizwa ngokuba "ngabaduni abamhlophe" - amaqela eengcaphephe zokugqekeza ezingaphantsi kweearhente zikarhulumente. Ngokukodwa, iingcali zokhuseleko ze-ESET zibandakanya izenzo ezinjalo kwiqela le-Russian hackers APT28 (Fancy Bear). Iqela le-APT28 kutyholwa ukuba livavanye isoftwe eqhuba ikhowudi engalunganga ngelixa ilayisha i-firmware kwi-BIOS.
Ngokudibeneyo, iingcali ze-cybersecurity zeMicrosoft kunye nabaphuhlisi beprosesa babonise isisombululo se-silicon ngendlela yengcambu ye-hardware yokuthembela. Inkampani yabiza iiPC ezinjalo Secured-core PC (iPC enondoqo okhuselekileyo). Okwangoku, iiPC eziKhuselekileyo zibandakanya inani leelaptops ezivela kwaDell, Lenovo kunye nePanasonic kunye nethebhulethi yeMicrosoft Surface Pro X ezi kunye neePC ezizayo ezinondoqo okhuselekileyo kufuneka zinike abasebenzisi ukuzithemba okupheleleyo ukuba zonke izibalo ziya kuthenjwa kwaye aziyi kukhokelela ekubeni. data compromise .
Ukuza kuthi ga ngoku, ingxaki ngeePC ezinqabileyo yayikukuba i-microcode ye-firmware yenziwa yibhodi yomama kunye ne-OEMs yenkqubo. Ngapha koko, yayilelona khonkco libuthathaka kwikhonkco lonikezelo lweMicrosoft. I-Xbox yokudlala i-console, umzekelo, isebenze njenge-Secured-core platform iminyaka, ekubeni ukhuseleko lweqonga kuwo onke amanqanaba - ukusuka kwi-hardware ukuya kwi-software - ibekwe esweni yiMicrosoft ngokwayo. Oku kwakungenakwenzeka ngePC kude kube ngoku.
UMicrosoft wenze isigqibo esilula sokususa i-firmware kuluhlu lobalo ngexesha loqinisekiso lokuqala lwamandla egqwetha. Ngokuchanekileyo, bakhuphe inkqubo yokuqinisekisa kwiprosesa kunye ne-chip ekhethekileyo. Oku kubonakala kusebenzisa isitshixo se-hardware esibhaliweyo kwiprosesa ngexesha lokuvelisa. Xa i-firmware ilayishwe kwi-PC, iprosesa iyayijonga ukhuseleko kunye nokuba inokuthenjwa. Ukuba iprosesa ayizange ithintele i-firmware ekulayisheni (iyamkelwe njengento ethembekileyo), ulawulo kwi-PC ludluliselwa kwinkqubo yokusebenza. Inkqubo iqala ukuqwalasela iqonga elithembekileyo, kwaye kuphela emva koko, ngenkqubo ye-Windows Hello, ivumela umsebenzisi ukuba afikelele kuyo, kwakhona ukubonelela ngokungena ngokukhuselekileyo, kodwa kwinqanaba eliphezulu.
Ukongeza kwiprosesa, i-chip ye-System Guard Secure Launch kunye nomlayishi wenkqubo yokusebenza ibandakanyeka kwi-hardware yokukhusela ingcambu yokuthembeka (kunye nokunyaniseka kwe-firmware). Inkqubo iquka iteknoloji ye-virtualization, ehlukanisa imemori kwinkqubo yokusebenza ukukhusela ukuhlaselwa kwi-kernel ye-OS kunye nezicelo. Konke oku kuntsonkotha kujolise ukukhusela, okokuqala, umsebenzisi wenkampani, kodwa kungekudala okanye kamva into efanayo iya kubonakala kwiiPC zabathengi.
umthombo: 3dnews.ru