Honestly, that sounds pretty fantastic. I've been using 3rd party tools/extensions to do this sort of thing in corporate and government environments for years, but having the attestation go all the way down to the hardware level is a big value-add, especially with so much ransomware/spyware/extortion/espionage going on these days.
Can someone please explain to me how the author might see this level of security as a bad thing?
Wait a few years. Smaller companies won't even be allowed to order high end cpu's. You'll be at 100% mercy of these corporations.
If after 2 years they decide to brick your pc, they'll just do it. You think government will help you out here? Lol...
Remote Attestation establishes a root of trust that can be used to verify that all of the software down the line is "approved":
- You won't be able to browse sites or use apps with ads unless you run a 'trusted' device, OS and browser that does not block ads.
- You won't be able to browse sites with captchas unless you run a 'trusted' device, OS and browser that does not allow bots to interact with the browser.
- You won't be able to run Netflix unless you run a 'trusted' device, OS and browser so that you can't record the content.
- You won't be able to play online games unless, again, you run a 'trusted' device and OS so that you cannot cheat, or more importantly modify it in any way (why would you purchase skins if you can mod them in?).
- You won't be able to use online banking unless you use a trusted OS because banks.
Remote Attestation is pretty terrifying and it will be here soon unless it is regulated out of existence, which is unlikely.
As does every financial or government website for 'security'