zlacker

>once a copy of the content is server to AT LEAST one attested user agent – what prevents him from sharing his copy with unattested users?

This is already covered by the DRM in all major web browsers today. If your software will allow that, it can't get attested.

>>whatsh+(OP)
I don't understand – how exactly DRM knows that I have a video-capture card recording my screen right now? The browser has no idea.

Or what prevents me from copying NYT article and re-hosting it? What DRM has to do with it?

>>gloosx+M2
Google's DRM today already enforces HDCP. You only see an encrypted mess in all debug tools of the browser in that case.

>>gloosx+M2
I'm out of the loop of current DRM.

I assume it's something like the old Protected Media Path.

For example, if you try to screenshot a Netflix video all you screenshot is a dark-pinkish square, because the video is probably added by the graphics card at the last moment.

>>kuschk+6f
i dont need debug tools in the browser - if the bytes of encoded content are getting transmitted to the socket on my machine, there is no realistic way to prevent me from taking and replicating them, i don't see how some software inside the browser can have any effect on this, because the browser has zero idea where these bytes can go after they hit the socket. A good analogy would be filming your screen manually - computer has no idea of this filming and in no way can prevent it, because it cannot act on a real world around it, the same applies for browser, i can take a document, video or sound from any page without involing the browser

>>gloosx+DP3
> because the browser has zero idea where these bytes can go after they hit the socket

The attestation uses a secure enclave in your processor with a secret key you can't access to verify that secure boot is on, you booted a signed OS, the OS is in locked-down mode, etc.

>>kuschk+X04
>The attestation uses

>you can't access

Don't you see how contradictory this is?

No secure enclave of registers or hidden secret keys can help, because a person can utilize the lower-level physical world around the processor to manipulate it (e.g sending electrical currents from a programator device manually). But that is a last resort, there are simple software attacks available already to fake as many "attested" devices as needed (for the same DRM system of Android). It will only bring more jeopardy to the "integrity"

>>gloosx+EV7
See that's exactly the issue why I hate this. You can always circumvent it, worst case with an electron microscope and some acid. So all it really does is prevent the average user from gaining control over their own hardware.

And for tech-minded people it doesn't fundamentally change anything, it just means that it now takes more time to do the same than before

>>kuschk+5f8
True, a cat-and-mouse game going on forever. Anyways, I don't believe they can succeed in walling such a monstrosity of technologies as the web, just by controlling some parts of it, even significant parts like the browser or search. It is only something governments can do by requiring a passport scan each time you open a connection (which is closing when you eject the passport from the scanner)

>>gloosx+Gt8
This is why Risc-V being developed in China and other countries and exported elsewhere is ironically a good thing at the base-level of computing. The chinese computers will require China's bugs, whereas exported good will NOT have it, otherwise it won't be bought.