zlacker

[parent] [thread] 2 comments
1. grajma+(OP)[view] [source] 2023-07-25 04:37:27
The attestation need not be done by Google or web browser owner themselves. This can be done by operating systems or any third party attestation just like a simple version of certification attestation. I think even though the intention behind the idea is good, the integrity of the company that suggested this is so doomed that we are all afraid. I think such proposals will come and need to come so that gradually these proposals will mutate into something useful
replies(1): >>rezona+S
2. rezona+S[view] [source] 2023-07-25 04:47:12
>>grajma+(OP)
Practically speaking yes, the OS (and further down the TPM/enclave) will be the root of attestation. Google here is starting with Google Play Integrity (previously known as SafetyNet), which is an OS-level attestation authority. On Windows, this attestation would probably be done via TPM/Secureboot and Windows integrity APIs.

That's what's scary about it, because it has the potential to make large parts of the web inaccessible unless you have a signed and sealed OS layer and browser to browse it with.

replies(1): >>grajma+LC
◧◩
3. grajma+LC[view] [source] [discussion] 2023-07-25 10:33:27
>>rezona+S
I agree and I understand the damning nature of change.
[go to top]