alt Hacker NewsI am not sure what you are trying to say.
Convincing a user to give their password will always be an issue, that's fundamental. But because phishing exists does not mean that security does not matter.
Without security, there is no need to phish, because the system does not protect anything. Once you have a good security, then the best attack is phishing because it's easier to trick the human than the system. This means that the security is good, not bad.
Replies
ece • yesterday at 8:30 PM
This level of security exists on open as well as closed platforms, the problem is the closed platforms not allowing you to do things that aren't giving your password away (like installing fdroid or using beeper easily). I just have a hard time believing this is superior in any way.
➕ show 1 reply
I think one of the points is that all this attestation stuff does not protect against the majority of the ways users are compromised. Its just remote control with real security benefits, just those benefits largely accrue to companies and at the expense of the user.