zlacker

[return to "Web Environment Integrity API Proposal"]
1. freeon+Ia[view] [source] 2023-07-21 18:57:32
>>reacto+(OP)
Fork chromium and have it return true. Problem, websites?
◧◩
2. jabban+3c[view] [source] 2023-07-21 19:04:41
>>freeon+Ia
It's signed?

Sure you can fake the results of an attestation in your fork, but your fork would be using your own key to sign the response, a key that the site can reject.

◧◩◪
3. freeon+MC[view] [source] 2023-07-21 21:04:25
>>jabban+3c
Ah, we’ll also have to extract the key from chrome. It’s no worse than WideVine.
◧◩◪◨
4. jabban+5G[view] [source] 2023-07-21 21:18:41
>>freeon+MC
Has that been extracted already? I have to admit I'm behind on the current state of browser DRM...

Also I wonder if in the future this would require attestation of the entire chain: secure UEFI validated by key burned in CPU, validates secure boot os that prevents "hacking tools", which validates secure Chrome, which attests secure websites...

Truly royally screwed at that point...

◧◩◪◨⬒
5. charci+TV[view] [source] 2023-07-21 22:35:49
>>jabban+5G
The current state of DRM is that you have to find a hardware vulnerability in order to extract a certificate. With this you can now decrypt DRM content, but you have to be careful not to get that key blacklisted.
[go to top]