zlacker

[return to "Web Environment Integrity API Proposal"]
1. reacto+1[view] [source] 2023-07-21 18:09:43
>>reacto+(OP)
tl;dr: DRM for websites
◧◩
2. PaulHo+W2[view] [source] 2023-07-21 18:23:13
>>reacto+1
It looks very similar to the “secure boot” mechanisms in Windows and other commercial client OS.

Strikes me as very dangerous though on the web where there are so many paths for malware to get in and this could get in the way of plugging the holes.

◧◩◪
3. fabric+4a[view] [source] 2023-07-21 18:54:22
>>PaulHo+W2
No, it's similar to attestation APIs like android SafetyNet (now called Play Integrity API) that are used to check that "your ROM is valid according to Google".

Secure boot can protect you eg. against malware gaining write access and modifying your system. I see it as user protection, as long as you can sign the trust chain. This is what GrapheneOS is doing as far as I know.

◧◩◪◨
4. wzdd+Br[view] [source] 2023-07-21 20:11:51
>>fabric+4a
A trust chain beginning at the bootloader is what will ultimately enable this API, though, because that's what SafetyNet/Play Integrity API relies on. If you don't have a locked bootloader, or you're not running stock Android, you won't pass SafetyNet/Play Integrity (at least the higher tiers of it).

To take your GrapheneOS example, apps wishing to support it must add GrapheneOS keys: https://grapheneos.org/articles/attestation-compatibility-gu...

If this proposal goes ahead, it's unlikely that you'll be able to convince site owners and/or ad networks to add the keys of your open source OS.

◧◩◪◨⬒
5. fabric+s11[view] [source] 2023-07-21 23:10:16
>>wzdd+Br
I don't disagree with you, but let's not throw away secure boot because Google found a way to ruin it!
[go to top]