• Amju Wolf
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 year ago

    They won’t even have to force them this time, they’ll do it voluntarily because it would mean they can serve unblockable ads, track users much better, and for banks it would actually increase security for the user (but also force you to consume their content how they want, preventing stuff like accessibility extensions).

      • Amju Wolf
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        If the bank has reasonable confirmation that the environment is not being tampered with (i.e. your session token is safe, you don’t have some malware extension or whatever) then it’s more secure. Definitely better for the average user.

        Attestation like this is already a thing on phones and it’s definitely more secure.

        The problem is that it can also be used for nefarious uses like locking down user choice, forcing them into stuff they don’t want, etc.

        • argv_minus_one@beehaw.org
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          edit-2
          1 year ago

          Proprietary operating systems are malware. If your environment passes WEI, then that is proof that you are not secure.

          • Amju Wolf
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            So your OS doesn’t use any proprietary blobs? Your (phone) OS doesn’t pass integrity checks? You don’t ever run any DRM blobs? Don’t use hardware with proprietary firmware? Is it all actual malware? (Hint: it’s not)

            Doesn’t matter. Your definition of insecure is irrelevant in this context, I’m talking about security from regular attackers and protection for regular users. As long as your platform is secure and you trust the other end, you will be more secure.

            Which, again, doesn’t mean it’s a good idea overall.

            • argv_minus_one@beehaw.org
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              So your OS doesn’t use any proprietary blobs?

              Proprietary firmware. It’s bad, but proprietary OSes are much worse.

              Your (phone) OS doesn’t pass integrity checks?

              It won’t if I replace the stock OS. Which I probably should…

              Don’t use hardware with proprietary firmware?

              If only that were possible…

              Is it all actual malware?

              False equivalence. Proprietary OSes send telemetry. Firmware doesn’t.

              Your definition of insecure is irrelevant in this context, I’m talking about security from regular attackers and protection for regular users.

              Regular users, whose identities get stolen every other week? I’m trying to avoid the same fate.

              As long as your platform is secure and you trust the other end, you will be more secure.

              Exactly. Proprietary OSes aren’t secure.

              • Amju Wolf
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                I’m not even sure why I’m trying to argue with you, but let me address a few points one last time even if I doubt you’re doing so in good faith.

                False equivalence. Proprietary OSes send telemetry. Firmware doesn’t.

                How can you know that? Do you know that literally every (even) consumer PC has a firmware chip that has complete access to the system, including networking, and runs even when the PC is off?

                You think an OS is an issue compared to this?

                Regular users, whose identities get stolen every other week? I’m trying to avoid the same fate.

                You won’t get your identity stolen by your bank. If it’s by malware, that’s the exact thing attestation can help prevent. Anything else is irrelevant to this discussion.

                Proprietary OSes aren’t secure.

                Neither are non-proprietary OSes. But again, irrelevant to the discussion. We’re talking about additional security layers provided by (in this case) a browser, not necessarily the OS (though proper attestation needs to be fully verifiable from the bottom up, from firmware level up to application level).

                • argv_minus_one@beehaw.org
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  edit-2
                  1 year ago

                  I’m not even sure why I’m trying to argue with you, but let me address a few points one last time even if I doubt you’re doing so in good faith.

                  I don’t do bad faith. I detest lies and those who tell them.

                  I also don’t appreciate being accused of wrongs I haven’t committed. I suffered more than enough of that as a child; I don’t need it in adulthood too.

                  Do you know that literally every (even) consumer PC has a firmware chip that has complete access to the system, including networking, and runs even when the PC is off?

                  I know about wake-on-LAN, which is why I keep it turned off. I know about the Intel Management Engine, which is why I buy AMD and look forward to fully-open RISC-V machines.

                  I also know about telemetry and the possibility of back doors in proprietary OSes, which is why the only computing device I completely trust is my Linux desktop, and I do my best to secure it. That involves keeping proprietary code off it as much as possible.

                  You think an OS is an issue compared to this?

                  The OS also has complete access to the system, so yes.

                  You won’t get your identity stolen by your bank.

                  No, but I will get it stolen by criminals who exploit a data leak, and the telemetry in proprietary OSes is a data leak by design.

                  It’s the same problem as with the government being able to decrypt all private communications: there’s a golden key that, sooner or later, criminals will obtain, and a giant central repository of sensitive data that, sooner or later, criminals will break into.

                  If it’s by malware, that’s the exact thing attestation can help prevent. Anything else is irrelevant to this discussion.

                  False. MITM attacks on telemetry and breaches of telemetry servers are also relevant.

                  So is the possibility of a hidden back door in proprietary OSes. If the code isn’t public, you don’t know that there isn’t one, and it certainly wouldn’t be the first time.

                  We’re talking about additional security layers provided by (in this case) a browser, not necessarily the OS (though proper attestation needs to be fully verifiable from the bottom up, from firmware level up to application level).

                  Since there’s now a proprietary OS in the middle of the stack, that removes security rather than adding it.

                  • Amju Wolf
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    1 year ago

                    I know about the Intel Management Engine, which is why I buy AMD

                    You should read about AMD PSP. It’s effectively the same crap as IME.

                    I also know about telemetry and the possibility of back doors in proprietary OSes, which is why the only computing device I completely trust is my Linux desktop, and I do my best to secure it. That involves keeping proprietary code off it as much as possible.

                    That’s admirable, but not a solution for the vast majority of people.

                    No, but I will get it stolen by criminals who exploit a data leak, and the telemetry in proprietary OSes is a data leak by design.

                    Telemetry in software generally does not touch user data at all. They care about how you use the product, which features, etc. Even open source projects need this so they know what to focus on in development.

                    And yeah, it’s not great if you can’t see what is sent or if you can’t fully disable it like in Windows, but that doesn’t make it inherently bad. In theory it potentially widens the attack surface on the OS, but there probably much easier ways to exfiltrate data.

                    Regardless though, once again, I’m talking about protection against third party attackers, not your OS vendor or whatever. You keep talking about insecure OSes being an issue, but that’s not the subject of the discussion. The actual question is whether does attestation help security assuming all other parts of the stack are the same? Because that’s a definitive yes. Whether it’s done on Windows or Linux doesn’t matter.