zlacker

[parent] [thread] 4 comments
1. walter+(OP)[view] [source] 2022-07-30 05:08:15
Many owner-defined OSes would be a bit better than a handful of vendor-defined OSes being imposed on the entire planet. Influencing device owners to provide sensible policies would be the next step, but at least there would be the possibility of competition, and the voices of multiple economic stakeholders.

Attestation can also be entirely local, e.g. between a device and a USB key with OSS software that is configured by the owner.

replies(1): >>salawa+fP
2. salawa+fP[view] [source] 2022-07-30 15:35:58
>>walter+(OP)
Once again. To meaningfully exist seperate from digital overlords, you must be able to grok nuances of cryptography. You are dead on arrival for 95% of the populace.
replies(1): >>walter+b91
◧◩
3. walter+b91[view] [source] [discussion] 2022-07-30 17:57:33
>>salawa+fP
Do you consider Let's Encrypt to be a digital overlord? Many are using this service successfully without being cryptography experts?

Why can't there be a "local attestation server" equivalent to Lets Encrypt, e.g. offering the Top 10 most-requested OS configurations which are not being addressed by digital overlords?

Cryptographer priests are scarce, but not numerically capped or fully monopolized by digital overlords.

replies(1): >>salawa+6B1
◧◩◪
4. salawa+6B1[view] [source] [discussion] 2022-07-30 21:34:41
>>walter+b91
Let's Encrypt is spawned by digital overlords, btw.

Might be overseen by a neutral group, but it was spawned out of them.

And I'm sorry, but no. Absolutely not. If I have to teach someone to do a damn Certificate signing request just to say, get a kernel tweak done, or (nightmare mode) just to run a self-written hello world because the powers that be have decided that nothing less than perfect non-repudiation of every binary ever built from now on is acceptable; (the logical terminis of "apply cryptography to programming until top down control is realized)... I'm not even completing the thought. This is a bad, bad, bad, bad, bad idea.

replies(1): >>walter+w74
◧◩◪◨
5. walter+w74[view] [source] [discussion] 2022-08-01 00:21:19
>>salawa+6B1
Very reasonable points but we are sadly entering a world with many legal+tech differences from the last three decades. The convergence of foo with bar is occurring in multiple societal stacks, in both top-down and bottom-up directions. Short of halting these flywheel transformations, OSS EEE is a safety valve.

If you are in the US, take a look at the recently approved UCC changes for CERs (controllable electronic records, e.g. blockchains and CBDCs), which will now proceed to US state legislatures, https://www.clearygottlieb.com//news-and-insights/publicatio...

[go to top]