zlacker

[return to "Remote Attestation is coming back"]
1. fleven+Lb[view] [source] 2022-07-29 23:59:09
>>gjsman+(OP)
Unpopular opinion:

Hardware-based attestation of the running software is an important security feature, especially in a world where data leaks and identity theft are rampant. Let's say I'm a healthcare provider, and I'm about to send sensitive medical data to a third party vendor. Wouldn't you prefer that this data only be able to be decrypted by a computer that can prove to the world it booted a clean OS image with all the latest security patches installed?

If the vendor wants to install some self-built OS that they trust on their computer and not update it for 5 years, that's their business, but I may not want to trust their computer to have access to my personal data.

Remote attestation gives more control to the owners of data to dictate how that data is processed on third-party machines (or even their own machines that may have been compromised). This is useful for more than just DRM.

◧◩
2. gjsman+kc[view] [source] 2022-07-30 00:06:39
>>fleven+Lb
I actually don't disagree with you. As I mention in the article:

> I cannot say how much freedom it will take. Arguably, some of the new features will be “good.” Massively reduced cheating in online multiplayer games is something many gamers could appreciate (unless they cheat). Being able to potentially play 4K Blu-ray Discs on your PC again would be convenient.

However, I'm more worried about the questions the increased deployment of technology will bring, such as will Linux users be doomed to a CAPTCHA onslaught being the untrusted devices, or worse. Important questions that, unless raised, risk us just "going with the flow" until it is way too late.

◧◩◪
3. fleven+bd[view] [source] 2022-07-30 00:14:52
>>gjsman+kc
Unfortunately, it does seem likely that many services will require that your machine run a kernel/web browser signed by an entity they trust before they give you access to what they consider sensitive data. That will suck for those of us who want to build our own kernels/web browsers and use that software to interact with sensitive data from large corporations, but that's their choice to make (IMHO). And it's my choice not to use their service.
◧◩◪◨
4. est31+Qe[view] [source] 2022-07-30 00:34:42
>>fleven+bd
Often it's not your choice, when e.g. all banking apps have this requirement, and banks require an app to allow you access to your account at all. Or when it's a health service because the data is so "sensitive". Today, platforms like Discord and Twitter very often want your phone number despite not having any technological need for it. Will they in the future require this thing as well so that they are sure that you are not using ad blockers? Will you be unable to communicate with most of society through these "optional" services if you don't have one of these "trusted computing" devices?

This is way more than just about not watching movies in 4k that you could also pirate. This is about turning people who don't have "trusted computing" devices that track every behaviour of theirs into societal outcasts.

◧◩◪◨⬒
5. fleven+8f[view] [source] 2022-07-30 00:39:57
>>est31+Qe
So how do you solve this? Get the government to ban CPU vendors from implementing hardware-rooted remote attestation? I can assure you that this technology is used inside corporations for their own internal security, and such a ban would weaken our ability to survive a cyberwar.
◧◩◪◨⬒⬓
6. est31+Ak[view] [source] 2022-07-30 01:40:03
>>fleven+8f
Using this technology to secure non-private infrastructure, including corporate networks, makes total sense. And yes, it has some helpful properties to secure that infrastructure. But don't be mistaken, configuration mistakes still exist, as do zero days. Attestation helps against persistence, and this is valuable, but it's only one link in the chain.

That being said, extending it to everyone in a way that curtails individual control of computing devices creates an environment that is dangerous in many ways. I don't want to be in a world where only "approved" software is allowed on my computer or something. This can get wrong really quickly, and a lot of the application of attestation technology for consumers is really just about removing their freedoms.

The place where the government should step in IMO is not to ban CPU vendors from implementing this, but to pass anti-discrimination laws, so ban companies from requiring remote attestation to unlock some specific feature. They should maybe endorse it, or be allowed to warn you, but they should still allow full access regardless.

For the B2B setting there are obvious dangers of monopoly abuse, here the government just needs to enforce existing laws. Microsoft dropping the requirement that the signing key for third parties has to be trusted is IMO a major antitrust violation.

[go to top]