zlacker

[parent] [thread] 1 comments
1. joseph+(OP)[view] [source] 2023-07-20 16:45:31
> We need to legally regulate remote attestation.

I'd go a step further. We need to ban it. It should be illegal to sell devices to consumers that already contain private keys, unless all of said keys are provided to the consumer at the time of purchase.

replies(1): >>gjvnq+zkp
2. gjvnq+zkp[view] [source] 2023-07-27 21:44:37
>>joseph+(OP)
I would do it differently: I would ban remote attestation on all general-purpose electronic devices and for all devices that are meant to be part of the home and run third party software.

So computers, phones, and game consoles cannot have remote attestation but home security systems, ATMs, e-Readers, medical devices, water/electricity usage meters can do remote attestation.

[go to top]