zlacker

[parent] [thread] 3 comments
1. Pannon+(OP)[view] [source] 2023-07-27 08:52:41
It doesn't prove that your device is secure at all. It just "secures" it from the user, not from malware. Even if it's signed and approved, malware can still hijack it....
replies(1): >>charci+n1
2. charci+n1[view] [source] 2023-07-27 09:01:59
>>Pannon+(OP)
Okay let me rephrase it. The point is to be able to prove what software is running for the purpose of being able to tell when software deemed as secure is running.

>Even if it's signed and approved, malware can still hijack it....

At which point the vulnerability in the software or hardware should be fixed and the old version should be blacklisted.

replies(1): >>yjftsj+LW1
◧◩
3. yjftsj+LW1[view] [source] [discussion] 2023-07-27 18:39:55
>>charci+n1
So every time anyone finds a new CVE in Windows, we're going to blacklist every single Windows machine until it's patched? I mean, that would be hilarious, but that's not how it will ever actually be implemented.
replies(1): >>charci+pl2
◧◩◪
4. charci+pl2[view] [source] [discussion] 2023-07-27 20:34:57
>>yjftsj+LW1
>So every time anyone finds a new CVE in Windows, we're going to blacklist every single Windows machine until it's patched?

Failing attestation does not mean you get blacklisted. It means that you are not as trustworthy. Not every CVE breaks an OS's security model.

[go to top]