zlacker

[return to "Google Web Environment Integrity Is the New Microsoft Trusted Computing"]
1. blibbl+iQ[view] [source] 2023-07-27 10:14:00
>>neelc+(OP)
surely if they're successful they'll create a market for ripping the keys out of TPMs and selling them?

at which point you could attest any environment you wish, across as many machines as you want

a nice side hustle for bored university students with access to the equipment needed

(currently this doesn't happen as the TPM keys are essentially worthless)

◧◩
2. wizee+7Z[view] [source] 2023-07-27 11:28:29
>>blibbl+iQ
Such keys sold in large numbers could be detected and blacklisted though.
◧◩◪
3. blibbl+H11[view] [source] 2023-07-27 11:51:05
>>wizee+7Z
which will increases demand for keys, and will encourage increased economies of scale of extracting them

would I pay $500 for a TPM key I can use to "attest" my hacked version of Chromium that removes ads? hell yes

would cheaters pay $500 for a TPM key to bypass valorant anti-cheat? hell yes (they do already)

would spammers pay $500 to spam Google?

and so on

ultimately attestation to control the user (vs. protect them) sows the seeds of its own demise

[go to top]