We need this in our corporate client device fleet to counter specific threats. We need this in our servers for the same reason — we do remote attestation today for Linux servers in semi-trusted locations. We’ve conveyed to our vendors that this is a desired capability in next-gen network equipment.
We’re not doing this to control data once it’s on an end-user’s computer. We’re doing it because we have a regulatory (and moral) obligation to protect the data that is entrusted to us.
We’re not Intel/AMD/NVIDIA/etc’s largest customer, but when we defer orders or shift vendor allocation it gets mentioned in their quarterly earnings reports. They tend to listen when we ask for features, and when our peer companies (not to mention governments) ask for the same thing because we have similar data security requirements?
Cloud and Business products is what, ~2/3rds of Microsoft’s revenue at this point? This isn’t being driven by the MPAA or whoever looking for better ways to screw over consumers.
The same insane regulations that were probably the result of corporate lobbying are now the excuse for these hostile features? WTF?
So in your case, for devices you buy, you set up your corporate TPM key as the root owner, and then you send the device to employees, vendors, etc. The ownership chain is clear and you can send attestation requests. The corp is the owner of the device, and that is fairly obvious.
The issue is when people and corps buy devices, they do not have effective root. Microsoft, apple, google, etc have the tpm root key, and you as a corporation actually do not have root yourself. They can force you to do things you want to do. It makes you more vulnerable, because if it is in MSFTs interest (or they are coerced by the state to do so clandestinely) a lot of threats can happen, and you don't even need an 0day to do so!
If it starts becoming status quo, the freedom to do the things you need to your devices starts going away.
Then they should prove it. I'm sure they have lots of expensive lobbyists under their employ, have them go to the government and tell the politicians the computer industry needs regulation to make it illegal to screw over users by depriving them of their computer freedom. If effective rules make it into law, I will trust their intentions.
> are now the excuse for these hostile features
These features may be hostile if you don't control your own root of trust or if your vendor burns fuses prior to selling a device to you. If you were expecting otherwise, in that context they sold you a defective product.
Those same features are beneficial if you run your own root of trust. They help maintain control over your devices and increase confidence that they have not been coopted by your adversaries.
Totally!
The answer isn't to ban the tech, it's to ensure that everyone can set their own root if they so choose.
Want your system to only load firmware that's been signed by Debian to ensure that unfree blobs aren't sneaking in? Great! That's basically what we want too (s/Debian/our own supply chain integrity folks/g but same concept).
Can you please expand on what you verify via remote attestation and against which attack vectors this protects you?
Does this protect you against the usual attack vectors of your employees logging in on phishing sites, downloading malware, running office macros etc? Stealing your data usually does not need any root/kernel access.
>Cloud and Business products is what, ~2/3rds of Microsoft’s revenue at this point? This isn’t being driven by the MPAA or whoever looking for better ways to screw over consumers.
Except... Yes it is. When your Ur business case was "do computation on someone else's computer, but ensure the operator cannot have full transparent access to their own computer's operational details", you are in the end casting the first stone. Just because I don't have an LLC, or Inc. or other legal fiction tied to my name, doesn't mean I'm not bound by the same moral imperatives you claim to be, but more importantly (I am not willing to sell everyone else's computational freedom up the river for a pole of quick bucks).
Get your collective heads out of your arses. Get back out in the sun. This nonsense is ripping every last bit of potential computing ever had and ripping it out of the hands of the lay consumer unless they dance the blessed dance of upstream.
You do not know best. You think you do. You've gotten where you are without that which you seek to create, and once created, that which you make can and will never be taken back. It creates and magnifies too much power asymmetry.
My god, have you never really stopped to think through the ethical implications? To really walk down the garden path?
Do you not understand how insane that prospect is?