AMD’s new CPUs may be safe to deploy

CES 2022: Good hardware, bad malware, and questionable numbers

AMD Ryzen LogoAMD could have had a great CES for CPUs but it was tainted by two self-inflicted wounds. SemiAccurate wants to like the new CPUs but instead we are struggling to consider them safe to deploy.

Lets start out with the good, the hardware itself, before we tell you why you should almost assuredly avoid it and buy Intel instead, they are still unquestionably safe. One thing to keep in mind is that only the new Ryzen 6000 line is infected with the Microsoft Pluton malware, the other stuff is still OK until the next revision.

AMD Ryzen 6000 mobile SKUs

AMD Ryzen 6000 mobile SKU table

There are two major lines of Ryzen 6000 CPUs, eight 35/45W H-Series and five 15-28W U-Series. Like the prior Ryzen 5000 line, a few of the lowest end U-Series are carry over parts from the last gen with some updates. All of the 6nm parts come from a single die and if you look at the core counts it looks like yields are as good as rumored. That said a lot of the info you probably want to know won’t be disclosed until the official release of the chips, this is just a noxious teaser. So basically not much to see here other than the malware.

One big problem SemiAccurate has is the unethical way AMD compared product lines and tried to bury it in the (actually quite good) footnote disclosures. The claims of high performance and better everything than the preceding Ryzen 5000 line compares 15W R5K CPUs to 28W R6K CPUs. Come on AMD, do you really need to stoop this low?

Minor Update: 15W above was originally 18W

AMD Ryzen 6000 APU GPU specs

AMD Ryzen 6000 GPU specs

In addition to the Zen 3+ cores, the GPU moves up from the Vega architecture to the current RDNA2 with 50% more CUs, 12 as opposed to 8 in R5K. On top of that the peak GPU clocks also rise to a claimed 2.4GHz plus lots of other goodies. Since AMD is comparing 18W CPUs to 28W CPUs in order to show a ‘win’, we won’t dignify their numbers by repeating them but the hardware updates are still worth noting.

AMD AM5 Platform features

AMD Ryzen 6000 platform specs

Far more important is the new uncore, basically the rest of the chip. In addition to the Microsoft malware, R6K adds USB4, PCIe4 (finally), DDR5/LPDDR5, WiFi 6E, Bluetooth LE 5.2, HDMI 2.1, DP2, and AV1. That is a lot to add but considering the cadence AMD updates their platforms at, this new one will be with us for a while. We are kind of surprised that AMD didn’t include PCIe5 this time around, it is a pretty glaring omission for a company that used to push those standards. It won’t hurt them now but by the time the platform updates again, PCIe4 is probably going to look a bit out of date. Intel’s Alder Lake CPUs have PCIe5 on die but it is currently disabled in mobile parts.

AMD Ryzen 5800X3D

It’s finally here or at least revealed

That brings us to the new desktop parts or new part to be more accurate. Welcome the new and wholly expected Ryzen 7 5800X3D with a name longer than the trickle out of parts you know are coming. Take the current R7 5800X and add 64MB of stacked cache, and off you go. Gaming benchmarks show an improvement as you would expect but again AMD has shown their numbers are not worth quoting, wait for independent data. That said you should see a range of improvements from zero to fairly large gains depending on how cache dependent a given piece of code is. Don’t assume any particular piece of code will benefit from the cache and similarly don’t assume something won’t. No pricing or details were released but this part is free of the Pluton Malware.

AMD went on to tease the upcoming 5nm Zen 4 based parts coming in 2H/22 but again few details were released. This one will likely be Pluton infected so the 3D parts are likely AMD’s last usable CPU, choose wisely. That said the biggest bang on these upcoming CPUs will probably be the platform not the initial line up of chips.

AMD Socket AM5 reveal

AMD Socket AM5 reveal

As with the R6K mobile CPUs, the desktop platform is getting a new socket and everything else driven by the move to DDR5. As you would expect this new socket called AM5/LGA 1718 is a PCIe5 based platform that is compatible with older AM4 coolers, an unusual but very welcome design choice. More intriguing is the change from pins to an LGA socket, a trail Intel blazed not last decade but the one before. Welcome to the 2000’s AMD. Other than that, not much to say yet, details presumably coming with the launch.

So that’s the good stuff, lets go on to the terrifying parts aka Microsoft’s Pluton ‘security’ block. We call Pluton malware for a reason, it is being sold as ‘security’ with nebulous claims of helping the user but to date every query SemiAccurate has made to multiple companies has not described a single one. They may exist but you should consider this a Pluton security claims a scare tactic because no one can explain any details, it is a big red flag.

You might recall that SemiAccurate said Qualcomm’s 8cx Gen 3 CPU was “too dangerous to deploy” because it uses the Microsoft Pluton block. We still feel that way so why are we saying AMD’s version _MIGHT_ be safe to deploy? Because you can turn it ‘off’. Sort of. But not really. And there are far to many questions that AMD could not answer to make us even remotely comfortable with the explanation. That said it is ‘better’ than Qualcomm’s unacceptable part but still not good or safe. There are also credible reports that some OEMs will ship devices with Pluton ‘off’ but more on that later.

So what is Pluton? It is basically a TPM with added functionality to allow updates and ‘secure’ your PC “from the chip to the cloud”. If you are paying attention these things should scare the hell out of you and are unacceptable for a whole host of reasons. That said the tortured bullet points used to sell it are masterfully crafted to both spread fear and drive people to give up their rights for ‘security’. Don’t buy it either metaphorically or literally.

The first problem with Pluton is the keys. Key management is a problem for every organization, keeping track of keys for all PCs is an untenable nightmare so AMD/Microsoft did something clever here. When you first fire up the chip, it generates it’s own key and burns that into hardware. This is smart because you can’t change it. It is also dumb because you can’t change it. SemiAccurate doesn’t know if there is a mechanism to fuse off a key and generate a new one but we suspect not. At least there isn’t a publicly known single key for all systems, Sony we are looking at you. Among others.

So the keys are generated correctly and made permanent, and assuming no hacks or ways to pull them, all good. But remember that bit about chip to cloud? Remember the furor that made Intel back down from unique serial numbers for the P4 chips? Now you have a unique serial number for your PC that you can’t see, you can’t change, and since it is the basis for security attestation on the web, at least if Microsoft gets it’s way, anything you do to hide it will lock you out of services. So now we have the return of the unique tracking number that is permanent, hidden, and unblockable. Will this even fly in light of EU cookie/tracking requirements? I have no idea but it is worth digging into.

That is bad and what’s worse is Microsoft has made no bones about requiring such things for your PC to be ‘secure’ and access services, presumably theirs and others that buy into this evil scheme. Don’t have a Pluton infected PC, the latest version of Windows, a paid subscription to something, and it all turned on with no external blocking? Your purchases may stop, we can see the music and video world loving the abuses this brings. Any shreds of privacy and anonymity you thought you had just went poof.

Could it get worse? Sure it could, the stuff above is the light an fluffy bits, the real scary stuff lies ahead. Pluton can act as a TPM or as a ‘security processor’, basically a TPM that can do things not exactly laid out which is another problem/red flag. In any case it is the repository for your keys and system keys that some claim nothing secret can come out of.

Without needing to point out that no such claims, especially publicly undocumented ones, have ever held up to the real world and/or bored 15 year olds, lets look at one big problem. Do you see any difference between a company claiming there is no way, officially, to read/copy/remove keys from Pluton and actual things that can be done?

You might recall the whole kerfuffle about Spectre/Meltdown and similar sidechannel attacks that ripped holes in everything a few years ago including and not limited to Intel’s ‘impenetrable’ SGX enclave. Those used legal APIs in unintended ways, they didn’t even need to break the rules. Given what is at stake here, the payout for cracking Pluton is incredibly high but luckily you can change compromised keys… Oh wait. But you can prevent a hacked system/technology from being accessed remo… Oh wait. Pluton is insane to deploy, period.

Then there is the really evil stuff. Remember when Microsoft first started talking about the current Xbox? Remember that little slice of evil where they said you could only install a game once and it was locked to a console, no resale, no lending it to a friend, etc? You may not have know it but that was your first look at Pluton and it was quite obviously meant to ‘enhance your security’. By enhance your security we mean allow Microsoft to screw you in an utterly transparent and abusive manner, circumventing decades of hard won consumer rights in hardware. Luckily that attempt failed but it is back with Pluton, and all PCs will have it in the near future. Any guesses as to what they will use it for, other than ‘security’? Be afraid.

Luckily for all of this there is the ability to turn it ‘off’ so no problem there right? Well turning it ‘off’ in the BIOS means that turning it on is just a Windows call away. No one SemiAccurate talked to could tell us what ‘off’ meant but there is not official way to turn it on from Windows. At least no publicly documented way. Yet. Anyone want to start a pool on how many minutes it will take for a small app to be written that points of the error of relying on official API calls for security?

Back to the point, ‘off’ in this case means pretty much absolutely nothing and to the best of SemiAccurate’s knowledge there is no way to physically disable Pluton, only hide it in software/firmware with a button giving you assurance that it is ‘off’. This whole warm feeling about OEMs shipping with Pluton disabled is nothing more than a BIOS setting away or at worst a BIOS update away. Don’t forget, no malware has ever been documented that can update/modify a BIOS, at least none this week that we know of.

One problem with the OEMs taking the high road here is that Microsoft _REALLY_ wants Pluton on your system and wants it up and running. How long do you think it will take them to start tying Windows certification, and the attendant large monetary discounts and MDF for OEMs, to Pluton being on, enabled, and remove the ability of a user to turn it off? If you think this won’t happen, you haven’t been paying attention to their behavior, automatic updates anyone? If they wanted to be ‘nice’ they could just pester you with popups and disable functionality without Pluton enabled like, oh there are too many to list. Either way it is ‘optional’ now but it won’t be for long.

Back to the TPM or Security Processor bit, having a TPM in a system can have actual security benefits like secure boot and hardware roots of trust and as long as they are documented and optional, no problem. With Pluton the whole point is that you can, actually you can’t, only Microsoft can, update it with added, or removed, functionality. What can they do? Good question, that isn’t documented anywhere SemiAccurate can find, nor do we expect it to be without an NDA. If you are going to be evil, hide it under the guise of security. Sadly it works well.

So Microsoft can update your system security processor with any code it wants to on a whim. You have no ability to say no, no ability to know it is happening unless they chose to tell you something, and no ability to test whether or not something bad has been installed on your system by someone else. Since Pluton owns your keys, any encryption like Bitlocker you use is immediately compromised and any 3rd party system that you install will either store keys on the HDD unencrypted or require you to enter a key on every boot.

The latter is secure, right? Sure unless something is at the base of your hardware root of trust and can scan things like keyboard inputs for ‘security’. This is the long way of saying that Pluton just made disk encryption a moot point, a few lines of code and you are no longer able to keep anything on your machine safe at all, game over. Even remote key repositories or hardware USB keys can be snooped at the levels we are talking about so NOTHING on a PC can be secured with Pluton.

On a happy note all this scary stuff is only valid if you don’t trust Microsoft. In case you missed it, we don’t but some actually do. If you do, no worries, they have your back, assuming they don’t get hacked. Again. Want the list here or will Solar Winds be enough to start you down that rabbit hole? In any case, Microsoft, a company known for impregnable security has remote control of everything on your system and will keep you utterly safe, trust them, they have slick marketing around Pluton.

Better yet, they are an American company which is subject to the once ironclad rules preventing government intrusion into your data. We will ignore the point that nothing precludes Microsoft from selling access to your keys or access to your system to a third party like they do for so many other things right now, we will just focus on governmental threats for the time being.

So MS will protect you and the laws preclude the government from asking them to compromise you. Start here. In the past if the government wanted to access a properly secured system they would have to have a backdoor, zero day hack, or a court order coupled to a cooperating individual with the keys/passwords. If none of those things were available, the government could not get your data without your help. In most cases an individual has a right to say no to this request albeit with consequences. With Pluton, they can just ask Microsoft to compromise your system and you are lost, there is nothing you can do. Laws protect you, rarely, but there are easy ways around that, just ask Cisco. (No I won’t expand on that point here.)

So on paper you have some measure of safety from Pluton in the US, great right? Sure those paper barriers are in full force for US citizens but you might be aware there is something called ‘the rest of the world’. Those places have no such protection from, well, anyone, much less the US government. If you work for a company that competes with and has better technology than a US rival who’s CEO is major campaign donor to the guy who just won the presidency….

Luckily you can turn Pluton off and be safe from this, rig… oh we covered that. Well you can use disk encr… damn. But you will know if anyone pulls… nope. But the current firmware for Pluton doesn’t have that… aw shucks. Basically if you have Pluton on your system you are screwed, there is literally no way to protect your data from anyone with access or money. There is also no SKU from AMD that has Pluton physically and irrevocably disabled, only ‘off’ in the BIOS and/or some firmware not loaded, a major impediment to hackers, just ask Intel about vPro.

So looping this back to AMD and the Ryzen 6000 line of CPUs, it is better than Qualcomm but only on a technicality. There is currently no publicly known way to exploit the flaws we talked about above, and Microsoft will ‘secure’ your system for you, trust them. As long as you are a US citizen and no foreign government has the keys/access to Pluton, all good. Then again why would any sane non-US government allow this to be deployed in their country without the keys and access being handed over? They aren’t stupid. But you can turn it off on paper. For now. Maybe.

Going back to the point of this article, AMD at CES, we have some decent updates and hints at their future platforms which from a high level look pretty good. The mobile CPUs, scammy benchmarks and unequal comparisons aside look good. 3D stacking is finally here in a consumer CPU product and it looks impressive but pricing could change that. Future platforms will undoubtedly use this tech as well, plus add in DDR5, PCIe5, and more. The only problem is that the more will involve Pluton malware. If you are confident that off means off, Microsoft is a company who’s security promises you can trust, you are a US citizen/company, and that the government will always do the right thing, by all means buy a Pluton equipped CPU. We will be buying and recommending Intel until AMD comes to it’s senses or Intel loses theirs.S|A

The following two tabs change content below.

Charlie Demerjian

Roving engine of chaos and snide remarks at SemiAccurate
Charlie Demerjian is the founder of Stone Arch Networking Services and is a technology news site; addressing hardware design, software selection, customization, securing and maintenance, with over one million views per month. He is a technologist and analyst specializing in semiconductors, system and network architecture. As head writer of, he regularly advises writers, analysts, and industry executives on technical matters and long lead industry trends. Charlie is also available through Guidepoint and Mosaic. FullyAccurate