zlacker

[return to "Remote Attestation is coming back"]
â—§
1. robot+ig[view] [source] 2022-07-30 00:54:13
>>gjsman+(OP)
Remote attestation or not, "Software freedom" fighters should understand that things happen based on some user base need. Somebody needed this and they added it, whoever needs it doesn't care if they can't run linux on it. If the user cares about running anything else on the hardware, they will add a way to disable the feature. it is all about the user need.

if you are a secondary priority user on some hardware, the way to fix it is to focus on becoming important enough to be prioritized instead of fearing some technology will limit things.

◧◩
2. jauer+lm[view] [source] 2022-07-30 02:10:55
>>robot+ig
This. All these comments (and this article) worried that this is MS coming to take their Linux or whatever are missing that this is something their biggest customers want.

We need this in our corporate client device fleet to counter specific threats. We need this in our servers for the same reason — we do remote attestation today for Linux servers in semi-trusted locations. We’ve conveyed to our vendors that this is a desired capability in next-gen network equipment.

We’re not doing this to control data once it’s on an end-user’s computer. We’re doing it because we have a regulatory (and moral) obligation to protect the data that is entrusted to us.

We’re not Intel/AMD/NVIDIA/etc’s largest customer, but when we defer orders or shift vendor allocation it gets mentioned in their quarterly earnings reports. They tend to listen when we ask for features, and when our peer companies (not to mention governments) ask for the same thing because we have similar data security requirements?

Cloud and Business products is what, ~2/3rds of Microsoft’s revenue at this point? This isn’t being driven by the MPAA or whoever looking for better ways to screw over consumers.

◧◩◪
3. novok+qp[view] [source] 2022-07-30 02:48:38
>>jauer+lm
I think if owners of devices have ultimate control over the root key / credential that determines attestation, I don't think people care about that.

So in your case, for devices you buy, you set up your corporate TPM key as the root owner, and then you send the device to employees, vendors, etc. The ownership chain is clear and you can send attestation requests. The corp is the owner of the device, and that is fairly obvious.

The issue is when people and corps buy devices, they do not have effective root. Microsoft, apple, google, etc have the tpm root key, and you as a corporation actually do not have root yourself. They can force you to do things you want to do. It makes you more vulnerable, because if it is in MSFTs interest (or they are coerced by the state to do so clandestinely) a lot of threats can happen, and you don't even need an 0day to do so!

If it starts becoming status quo, the freedom to do the things you need to your devices starts going away.

◧◩◪◨
4. jauer+tq[view] [source] 2022-07-30 03:06:41
>>novok+qp
> The issue is when people and corps buy devices, they do not have effective root.

Totally!

The answer isn't to ban the tech, it's to ensure that everyone can set their own root if they so choose.

Want your system to only load firmware that's been signed by Debian to ensure that unfree blobs aren't sneaking in? Great! That's basically what we want too (s/Debian/our own supply chain integrity folks/g but same concept).

◧◩◪◨⬒
5. novok+Ir[view] [source] 2022-07-30 03:26:23
>>jauer+tq
The thing is, it's effectively impossible to politically guarantee that, so rather ban attestation than walk a fine line of 'your not allowed to do that'.
[go to top]