Two of the biggest laptop vendors have chosen to pass over Microsoft's blossoming vision for PC chip security, Pluton. But the reason why may be less complex than it appears: Both companies are apparently sticking with an established relationship with Intel's vPro technology, instead.

The Register reported this week that both Dell and Lenovo planned to skip Microsoft's Pluton technology in its commercial PCs, which Microsoft introduced two years ago as a better way of integrating security directly into the CPU. The technology originally received somewhat tepid endorsements from both Qualcomm and Intel, and a more enthusiastic response from AMD — which had helped develop the technology to secure the Xbox game console.

Now, Dell told El Reg that “Pluton does not align with Dell's approach to hardware security and our most secure commercial PC requirements” and that it won't include the Pluton technology in most of its commercial PCs. Lenovo, too, said that it would ship Intel ThinkPads without Pluton, and that laptops with AMD Ryzen (and Pluton-enabled) chips inside them would be turned off by default.

That sounds alarming, but the reality of the situation might be simpler: The majority of the world's commercial laptops ship with Intel's Core chips inside, specifically with its vPro security enabled.

According to Bob O'Donnell, the president of Technalysis Research, Intel's vPro technology can't currently work with the Microsoft Pluton security core. “You can't do both,” O'Donnell said. “My guess is at the end of the day, Lenovo and Dell have invested a fair amount of time, money and effort into supporting vPro. So, as a result [Pluton] becomes a bit of an unnecessary thing.”

What's Microsoft Pluton, again?

Pluton is, and was, Microsoft's ongoing effort to secure the PC. Microsoft announced Pluton in 2020, the year before the company began laying down the law on Windows 11's security requirement: Windows 11 PCs need a Trusted Platform Module, or TPM, whether discrete or integrated. Most processors for commercial and consumer PCs alike integrate a TPM function inside the processor, even if it doesn't always go so well. Pluton is Microsoft's approach — a secondary logic block that integrates security functions into the processor as well. Its selling point is that Microsoft used it to help secure the Xbox, which hasn't suffered from any notable high-profile hacks. More importantly, it's secure enough to allow firmware updates via Microsoft's standard Windows Update channels.

Lenovo

But to be fair, worrying about Pluton may be jumping the gun. AMD originally said that even if it implemented Pluton, which it has, it wouldn't replace AMD's own TPM implementation — just sit alongside it. And Intel said that it would partner with Microsoft to add the Pluton technology to future platforms, “in the next few years.” More significantly, Intel never acknowledged Pluton as a feature in its recent Alder Lake platforms, including those for its most recent vPro systems. Even with its sliver of PC sales, Qualcomm may turn out to be Pluton's biggest backer, as the company said in December that it plans to enable Pluton inside of its upcoming Snapdragon 8cx Gen 3 processor.

So with minimal chip support, what can PC makers do?

Lenovo's decision is the most interesting, since the Pluton technology was included within the Ryzen-powered Lenovo ThinkPad Z13 and Z16, which were announced at CES 2022. Leaving the technology turned off for the entirety of 2022, as The Register reported, would put the burden of securing those PCs on AMD. Lenovo representatives didn't immediately respond to a request for comment.

So what does this mean for Pluton? For Microsoft, its customers' lukewarm response to Pluton is a bit of an embarrassment. But it's not like commercial PCs powered by either AMD or Intel will be unsecured going forward, which is really what matters.

Apple added “a monster of a chip” to its Apple M1 family on Tuesday: the M1 Ultra, which reflects some familiar approaches to chip design and presents a high-end contender for the PC market to compete against.

Essentially, the M1 Ultra combines two of Apple's existing M1 Max chip dies together within a single package. They are connected by a silicon interposer that Apple calls UltraFusion. The result? A fully 20-core Arm CPU, with 16 performance cores and 4 efficiency cores. The M1 Ultra chip will debut within the Apple Mac Studio, a $3,999 workstation Apple announced on Tuesday as well.

Johnny Srouji, Apple senior vice president of hardware technologies, noted that there were “physical limitations” in designing future iterations of the M1 silicon. By combining the two M1 Max dies within a single package, Apple created a system-on-a-chip with “blazing performance,” Srouji said.

So what does the M1 Ultra offer?

As Srouji noted, the M1 Ultra has total 20 cores in all, doubling the Max CPU core count (and potentially performance) on paper alone. Apple didn't say what process technology the M1 Ultra uses, though it's used a 5nm process technology with all of its previous chips. That's potentially an enormous chip, as the M1 Max was already 57 billion transistors, and this would essentially double that. Apple shows this off, below:

Apple

The two CPUs are connected via the new UltraFusion architecture, which supplies 2.5TB/s of total bandwidth between the two chips, which Srouji claimed was “four times the bandwidth of the leading multi-chip interconnect technology.” Memory bandwidth is also increased, to 800GB/s, with a total supported unified memory of 128GB.

Apple

Apple

Of course, connecting various silicon dies together isn't especially novel; in fact, AMD announced its Ryzen Threadripper Pro 5000 chip on the same day. AMD built the Threadripper with the express purpose of enabling high processor core counts, and the design combines various multicore silicon dies. For example, the new 24-core Threadripper Pro 3945WX includes three 8-core CCDs (Core Chiplet Dies), which tie the individual cores together. (It's worth noting that earlier Threadrippers used CCDs with what was called a CCX, or Core Complex, which connected the CPU dies together with AMD's Infinity Fabric—at the basic level, that's the same approach that Apple is taking here.)

In terms of CPU performance, Srouji said that the M1 Ultra delivers 90 percent higher performance in the same power envelope than the “fastest 16-core PC desktop chip available” (the Intel Core i9-12900K) without stating which benchmark Apple selected to make the claim. Put another way, Apple said that its M1 Ultra chip could deliver the same basic performance while using 100 watts less power than the 12900K, too.

Apple

We can assume that Apple's GPU performance has been doubled as well. Apple said that the M1 Ultra now features a 64-core GPU, double the core count of the M1 Max. It too delivers faster performance than the highest-end GPU available (the Nvidia GeForce RTX 3090) while using 200 watts less power, Srouji claimed, again without specifying the benchmark used.

What's interesting, though, is that the UltraFusion interposer apparently connects the two GPUs together, too — that's not something many people expected.

Apple

Finally, the M1 Ultra has 32 neural engine cores that can learn up to 22 trillion operations per second to accelerate machine learning, Apple said. The media engine is twice as fast, as well.

How will the Apple M1 Ultra compare to the PC?

Remember, the Apple M1 Pro offers 8 performance CPU cores, 2 efficiency CPU cores, and a 16-core GPU. The M1 Max offered 8 performance CPU cores, 2 efficiency CPU cores, and a 32-core GPU. The M1 Ultra now offers twice what the Max itself offers — which, in terms of performance, was already quite competitive.

Looking back at our Apple M1 Max performance evaluation, we can see how the 10-core Apple M1 Max trailed the 14-core Intel 12th-gen Core i9 laptop by a bit — but only a bit. Can we assume that the M1 Ultra performance will double as well? Maybe not literally, but it will surely be close. No matter how you slice it, that would be a big lead for the Apple M1 Ultra.

IDG

Again, in the popular Geekbench benchmark, doubling the M1 Max performance shown here would certainly propel the M1 Ultra to the top of the heap, easily.

IDG

Apple does have some cause for concern, however. When you start factoring in GPU performance, our earlier tests show that the current M1 GPU performance already suffers, and it suffers too much to probably catch up to the PC ecosystem. The Geekbench Compute performance test uses the GPU to run 11 compute loads such as depth of field, face detection, and particle physics. The test uses two cross-platform APIs—the agreed upon instructions and protocols to perform functions on different hardware—in OpenCL, Vulkan, and Nvidia's proprietary CUDA and Apple's proprietary Metal API. The test basically reveals that Apple's integrated GPU will lose to a discrete GPU any day.

IDG

In all, there's no denying that the Apple M1 Ultra is an absolute monster of a chip, as Apple itself claimed. Now we'll see how the PC industry responds.

Intel launched its 12th-gen mobile and desktop Core processors for businesses today—Alder Lake processors with included vPro technology. And, in the way it continues to segment its processor lineup, Intel has added two new categories of its vPro technologies: vPro Essentials for small businesses, and vPro Enterprise for Chrome devices.

Intel expects its customers to ship 150 commercial designs or more using the new vPro chips, from Acer, Asus, Dell, Fujitsu, HP, Lenovo, Samsung, and Panasonic.

Intel's new Alder Lake vPro chip follows the 11th-gen Tiger Lake mobile vPro chips Intel announced a year ago, which introduced Intel's premium brand to the vPro product lineup. In Tiger Lake, Intel added what is called Intel Control Flow Enforcement Technology (CET) and Intel Threat Detection (TDT) to Hardware Shield, which protects against attacks to the PC's firmware. In Alder Lake, Intel has added additional protections to Hardware Shield, defending against ransomware, cryptomining and supply-chain attacks. Those also include extending CET to desktop processors, Intel said.

Intel

Specifically, the new technology involves anomalous-behavior detection, according to Stephanie Hallford, vice president and general manager of Intel's Client Computing Group's business client platforms, which scans for both “good” and “bad” app behavior. The technology is designed to block “living off the land” attacks, a file-less malware attack that simply injects bad code into existing, legitimate software, which then executes attacks against the system.

The new 12th-gen Alder Lake chips also include what Intel calls Total Memory Encryption Multi-Key (TME-MK) and Intel Virtualization Technology with Redirect Protection (VT-rp), which provides hardware support for new virtualization capabilities that Microsoft plans to add in a future OS release, Intel said.

Intel didn't provide a comprehensive list of the differences between vPro Enterprise and VPro Essentials, but a white paper identified both VT-rp as well as Intel Active Management remote maintenance and control as two features that vPro Essentials doesn't support. Intel Key Locker, “used in select Chrome devices to help protect keys used by AES-NI encryption,” is also specific to the vPro Enterprise for Chrome technologies.

Intel

Intel 12th-gen vPro platforms will include ECC versions of DDR5 and LPDDR5 memory, support for Wi-Fi 6E, wired 2.5Gbps Ethernet, and Thunderbolt 4, Intel said.

Naturally, Intel touted the performance improvements that the new chips offered both on mobile as well as desktop, claiming that its mobile Core i7-1280P processor is 27 percent faster on the CrossMark benchmark than its 11th-gen Core chip and 41 percent faster than the Ryzen 7 Pro 5850U.