this post was submitted on 21 Jul 2023
925 points (100.0% liked)

Technology

37800 readers
280 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

The much maligned "Trusted Computing" idea requires that the party you are supposed to trust deserves to be trusted, and Google is DEFINITELY NOT worthy of being trusted, this is a naked power grab to destroy the open web for Google's ad profits no matter the consequences, this would put heavy surveillance in Google's hands, this would eliminate ad-blocking, this would break any and all accessibility features, this would obliterate any competing platform, this is very much opposed to what the web is.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 114 points 1 year ago (54 children)

THIS IS NOT (just) ABOUT GOOGLE

Currently, attestation and "trusted computing" are already a thing, the main "sources of trust" are:

  • Microsoft
  • Apple
  • Smartphone manufacturers
  • Google
  • Third party attestators

This is already going on, you need a Microsoft signed stub to boot anything other than Windows on a PC, you need Apple's blessing to boot anything on a Mac, your smartphone manufacturer decides whether you can unlock it and lose attestation, all of Microsoft, Apple and Google run app attestation through their app stores, several governments and companies run attestation software on their company hardware, and so on.

This is the next logical step, to add "web app" attestation, since the previous ones had barely any pushback, and even fanboys of walled gardens cheering them up.

PS: Somewhat ironically, Google's Play Store attestation is one of the weaker ones, just look at Apple's and the list of stuff they collect from the user's device to "attest" it for any app.

[–] [email protected] 18 points 1 year ago (6 children)

you need a Microsoft signed stub to boot anything other than Windows on a PC

False. Every PC I've had has allowed Secure Boot to be turned off, and some of them allow me to add another trusted certificate as well.

you need Apple’s blessing to boot anything on a Mac

False. The Mac boot process is completely unlocked, at least on Intel Macs.

your smartphone manufacturer decides whether you can unlock it and lose attestation

My Pixel 6 allows me to unlock the boot loader at any time.

Attestation exists, unfortunately, but it's not nearly as pervasive as you seem to think.

This is the next logical step, to add “web app” attestation, since the previous ones had barely any pushback

Uh, there was huge pushback. That's why even a Microsoft Surface won't stop you from installing Linux.

[–] [email protected] 1 points 1 year ago

My Pixel 6 allows me to unlock the boot loader at any time.

By doing that, you no longer pass SafetyNet, and some apps refuse to work without it. If unlocking your device removes features, then you aren't really allowed to do so.

load more comments (5 replies)
load more comments (52 replies)