| ▲ | jofla_net 3 hours ago | |||||||
How dare you think for yourself in 2026! Remote Attestation of Immutable Operating Systems built on systemd Its the "remote" thing that has no place in personal computing, or rather, computing that is to extend one's own autonomy, or agency. Its no one's damn business whether my system is attested or not! I mean, sure theres certainly benefits for me knowing if its attested, but the other road is one of ruin, and will basically be the chains of the future. | ||||||||
| ▲ | hparadiz an hour ago | parent | next [-] | |||||||
Remote attestation is just generating a random blob on the remote side and then making the tpm 2.0 module on a computer sign the blob with a private key. You then provide the signature and the public key to the remote for verification. That enrolls that device. After that you can "verify" with a new binary blob and validate a new signature came back with the same key. That full loop is remote attestation. The idea is your disk didn't get moved to another computer. It's a security thing that Linux does need and is capable of being fully open source. It has nothing to do with drm. | ||||||||
| ||||||||
| ▲ | noumenon1111 29 minutes ago | parent | prev [-] | |||||||
If you're trying to remotely attest immutable OSs you are definitely not a home user, or if you are, you're definitely very keen at least and likely a raging self-masochist. If you're NOT trying to remotely attest anything, you're fine. Just use your chosen OS, dawg. | ||||||||