[Suggestion]: explain Microsoft Surface security more precisely

HotCakeX / Harden-Windows-Security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md

https://hotcakex.github.io

MIT License

1.84k stars 143 forks source link

[Suggestion]: explain Microsoft Surface security more precisely #253

Closed oppressor1761 closed 6 months ago

oppressor1761 commented 6 months ago

Are you sure the Security measure is not already implemented?

[X] Yes, I have checked and the Security measure I'm suggesting to be implemented is not duplicate. 🫡

Please explain your new Security measure suggestion

Microsoft Surface for consumers is not secured-core. Microsoft Surface with Intel does not have Pluton.

HotCakeX commented 6 months ago

Hi, Are you referring to this page and you want me to add the info to it? https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md#-which-device-to-use-

oppressor1761 commented 6 months ago

Yes. for example Surface laptop 5 does not have Microsoft Pluton and are not secured-core. These features are only on business models.

HotCakeX commented 6 months ago

@oppressor1761 Having the Pluton security chip is not a requirement for Secured-Core certification. Pluton is great to have but Secured-Core PC specifications don't require it.

All of the business edition Surface devices are Secured-Core, they can have Intel, AMD or ARM CPUs.

Non-business surface devices are also very secure, they just don't have one item from the Secure-Core specifications, which is System Guard Secure Launch.

Please have a look at this article for Secure-Core specification details.

I've updated the Rationale article based on this issue.