Honestly, that sounds pretty fantastic. I've been using 3rd party tools/extensions to do this sort of thing in corporate and government environments for years, but having the attestation go all the way down to the hardware level is a big value-add, especially with so much ransomware/spyware/extortion/espionage going on these days.
Can someone please explain to me how the author might see this level of security as a bad thing?
Wait a few years. Smaller companies won't even be allowed to order high end cpu's. You'll be at 100% mercy of these corporations.
If after 2 years they decide to brick your pc, they'll just do it. You think government will help you out here? Lol...
Remote Attestation establishes a root of trust that can be used to verify that all of the software down the line is "approved":
- You won't be able to browse sites or use apps with ads unless you run a 'trusted' device, OS and browser that does not block ads.
- You won't be able to browse sites with captchas unless you run a 'trusted' device, OS and browser that does not allow bots to interact with the browser.
- You won't be able to run Netflix unless you run a 'trusted' device, OS and browser so that you can't record the content.
- You won't be able to play online games unless, again, you run a 'trusted' device and OS so that you cannot cheat, or more importantly modify it in any way (why would you purchase skins if you can mod them in?).
- You won't be able to use online banking unless you use a trusted OS because banks.
Remote Attestation is pretty terrifying and it will be here soon unless it is regulated out of existence, which is unlikely.