zlacker

[return to "Mozilla Standards Positions Opposes Web Integrity API"]
1. devit+fD[view] [source] 2023-07-25 08:19:28
>>danShu+(OP)
In case it's not obvious, here is how the attack works:

1. The attacker manufactures a device, such as a smartphone, generates a keypair for it, stores it on an HSM on the device (generally called a "trusted enclave"), and signs the public key of the keypair with a master key

2. The device runs the attacker's software and is designed so that whenever non-attacker software is run with elevated privileges, the HSM is informed of that fact in a way that can't be reset without rebooting (and starting again with the attacker's software). For instance, the device might use a verified boot scheme, send the key the OS is signed with to the HSM in a way that is unchangeable until reboot, and it might employ hardening like having the CPU encrypt RAM or apply an HMAC to RAM

3. The HSM produces signatures of messages that contain statements that the device is running the attacker's software, plus whatever the attacker's software wants to communicate and it won't produce them if it's running software of the user's choice as opposed to the attacker's software as established above. It also includes the signature of its public key with the master keypair, allowing accomplices to check that the device is indeed not under the user's control, but rather under the control of someone they trust to effectively limit the user's freedom

4. Optionally, that attestation is passed through the attacker's servers, which check it and return another attestation signed by themselves, allowing to anonymize the device and apply arbitrary other criteria

5. Conniving third parties can thus use this scheme to ensure that they are interacting with a device running the attacker's software, and thus that the device is restricting the user behavior as the attacker specifies. For instance, it can ensure that the device is running the accomplice's code unmodified, preventing the user from being able to run software of their choice, and it can ensure that the user is using device as desired by the attacker and their accomplices.

This attack is already running against Android smartphone users (orchestrated by Google, in the form of SafetyNet and the Play Integrity API) and iOS smartphone users (orchestrated by Apple) and this extends the attack to the web.

◧◩
2. CalRob+bY[view] [source] 2023-07-25 11:30:37
>>devit+fD
Is there an option to have a smartphone and avoid this attack? The moribund Ubuntu phone comes to mind.
◧◩◪
3. daniel+DZ[view] [source] 2023-07-25 11:39:42
>>CalRob+bY
Yes, but accomplices can, in this case, refuse to serve the phone in question - receiving sufficient traffic from infected devices to meet their needs.
◧◩◪◨
4. ragnes+fF1[view] [source] 2023-07-25 15:08:39
>>daniel+DZ
At some point we just have to be okay with that. Threats and protests and complaints don't matter unless we back it up with something. If that means upgrading/repairing older devices instead of new ones, or not using web services that require DRM nonsense, then so be it.

I remember in the long, long ago, when I actually visited a BUILDING to do some of my banking tasks. And when I bought physical media that took up actual 3D space in my house to watch movies. I suspect we aren't incapable of going back.

◧◩◪◨⬒
5. sp332+bG1[view] [source] 2023-07-25 15:11:37
>>ragnes+fF1
We don’t, and TFA is Mozilla rejecting this.
◧◩◪◨⬒⬓
6. ragnes+Aw2[view] [source] 2023-07-25 18:06:52
>>sp332+bG1
For now. I'm not a Mozilla hater like many people here seem to be, but they caved on EME, and I'm honestly very skeptical that they won't eventually cave here.
[go to top]