logoalt Hacker News

zb3today at 12:47 AM2 repliesview on HN

It would be a nice addition if big tech didn't abuse this to shove user-hostile software into devices which the user has paid for (like smartphones).. thanks to this attitude, whenever I see "remote attestation" I associate this with "hostile"..

> Using a TPM, we can remotely, cryptographically prove a couple of things:

Unless there are exploits..


Replies

solenoid0937today at 4:52 AM

> whenever I see "remote attestation" I associate this with "hostile"

HN is bizarre. This is just standard infrastructure security practice at any tech company of meaningful size. You are misunderstanding the target use case and audience of this article.

show 2 replies
lcvwtoday at 12:53 AM

I mean, all tech can be used in different ways. My experience has been much more on the preventing root kits side, rather then vendor lock in.

Yes, there can be exploits, but hardware exploits over a restricted interface (TPM2) are significantly rarer then normal software vulns. Everything is about risk mitigation, there is no perfect security.

show 1 reply