zlacker

[parent] [thread] 3 comments
1. jasonj+(OP)[view] [source] 2023-07-26 12:20:08
Linux computers with an approved boot chain and software environment. Gentoo users are out, as is anyone making a custom kernel.
replies(2): >>macNch+53 >>jeroen+s4
2. macNch+53[view] [source] 2023-07-26 12:36:22
>>jasonj+(OP)
I imagine also anyone who, despite being on an approved distro, has had to enroll their own key to build and sign drivers as well.
3. jeroen+s4[view] [source] 2023-07-26 12:43:11
>>jasonj+(OP)
Gentoo users and people running Nvidia drivers and the like will be out, that's true. That's very different from "only certain architectures allowed", though.

Even still, there are ways to implement this using an open source, signed, reproducibly built daemon that gets loaded early in the boot process. Altering the daemon would've out of the question but it would solve the more immediate problem of "Netflix doesn't work" that most people would actually care about.

replies(1): >>raxxor+M8
◧◩
4. raxxor+M8[view] [source] [discussion] 2023-07-26 13:03:32
>>jeroen+s4
Netflix can only discriminate because we have attestation in the first place. This is not a security mechanism anymore.
[go to top]