zlacker

[parent] [thread] 8 comments
1. nicksl+(OP)[view] [source] 2025-09-24 13:20:49
Do you want desktop PC vendors locking down hardware to enforce integrity?
replies(3): >>pjmlp+P1 >>realus+1b >>lucb1e+hA1
2. pjmlp+P1[view] [source] 2025-09-24 13:29:28
>>nicksl+(OP)
Want do you think Windows 11, latest macOS, ChromeOS hardware requirements are all about?

CoPilot+ PCs even require the same security chip as XBox and Azure Sphere IoT board (Pluton), in addition to TPM 2.0.

https://learn.microsoft.com/en-us/windows/security/hardware-...

replies(1): >>hhh+E3
◧◩
3. hhh+E3[view] [source] [discussion] 2025-09-24 13:37:16
>>pjmlp+P1
Well, yeah. There’s no way to curb the modern cheating epidemic without increasing security measures. Riot Games via Valorant truly pushed the industry so far ahead by reducing their cheating percentages so low that the cost to cheat for more than a few weeks at a time is thousands of dollars a month.

It’s not the sole reason, but it’s a solid one.

replies(1): >>realus+ib
4. realus+1b[view] [source] 2025-09-24 14:07:27
>>nicksl+(OP)
I don't want integrity on my mobile so why would I want it on my desktop?
replies(1): >>zekica+lf
◧◩◪
5. realus+ib[view] [source] [discussion] 2025-09-24 14:08:47
>>hhh+E3
They have some other secret sauce for sure, there's tons of cheaters on console which is a vastly more locked down platform compared to pc.
◧◩
6. zekica+lf[view] [source] [discussion] 2025-09-24 14:25:44
>>realus+1b
Exactly, remote attestation is only acceptable on your own devices with remote attestation servers that you control.

For example, it would be completely fine to implement remote attestation where devices issued by companies to employees verify their TPM values with company's servers when connecting via VPN.

All other such activities directly infringe on ownership rights.

replies(1): >>realus+dg
◧◩◪
7. realus+dg[view] [source] [discussion] 2025-09-24 14:29:08
>>zekica+lf
I don't see the value of remote attestation period. Especially when we talk about the mobile world which is a jungle where even the manufacturer itself doesn't have the full picture of all the code running on the device.

Yeah sure it's guarantees that the device is more or less similar as from the factory... and then what? What am I supposed to do with that information?

replies(1): >>zekica+6j
◧◩◪◨
8. zekica+6j[view] [source] [discussion] 2025-09-24 14:41:22
>>realus+dg
It can be valuable on devices *you own* with servers *you own* when the devices are not physically present (or even if they are).

You can get PCR values and decide if the device you are talking to is tampered with. That way, you can set a higher bar for hackers.

This is completely different to what this topic is about, I'm just saying that there is a case where it can be useful.

9. lucb1e+hA1[view] [source] 2025-09-24 21:13:53
>>nicksl+(OP)
Better that it's a dummy device I can stick in a corner and turn on when needed, than the thing I need to carry around all day for various purposes like finding my way around and showing a legal public transport ticket
[go to top]