| ▲ | mzajc 4 days ago |
| Tangentially related, but does anyone know what Poettering's "cryptographically verifiable integrity" endeavor[0] is about yet? [0]: https://news.ycombinator.com/item?id=46784572 |
|
| ▲ | nullc 4 days ago | parent | next [-] |
| It's about making sure you can't bypass systems like this-- or rather, that when you use your rights under the GPL to remove this privacy invading crud or just otherwise modify your software you'll be broadly banned from interacting with third party services. |
|
| ▲ | lyu07282 4 days ago | parent | prev | next [-] |
| I assume all along that trusted computing is where this age verification stuff is planned to lead to eventually: https://en.wikipedia.org/wiki/Trusted_Computing#Criticism |
| |
| ▲ | wolvoleo 3 days ago | parent [-] | | Trusted is such a misnomer. I would trust my computer a lot less if it would answer to them. |
|
|
| ▲ | egorfine 3 days ago | parent | prev | next [-] |
| Given that: * LP had zero objections to merging this commit into systemd [1]; * Amutable CEO is confident they have a very robust path to revenue [2]; * It is Facebook that pushes age verification laws all around the world; I sense that his new startup is exactly what we are afraid of: a way to prevent reverting of these patch and then actually enforce the upcoming mandatory KYC to use the computer. [1] https://github.com/systemd/systemd/pull/40954#issuecomment-4... [2] https://news.ycombinator.com/item?id=46785048 |
| |
| ▲ | wolvoleo 3 days ago | parent [-] | | What other benefit is there to remote attestation? Because their "verification" stamp is just that. It's certainly not got any benefit for the user. | | |
| ▲ | egorfine 3 days ago | parent [-] | | > What other benefit is there to remote attestation? There certainly are benefits and they are huge. Like, I can make sure my servers are untampered, I would love that. Problem is, that technology, once unveiled, will be inevitably used for surveillance. Like, online KYC required to use a computer and you cannot patch this shit out because your Linux build is attested and no banking or government website will let you log in unless remote attestation passes. Sort of like what they do on Android devices. | | |
| ▲ | wolvoleo 3 days ago | parent [-] | | > There certainly are benefits and they are huge. Like, I can make sure my servers are untampered, I would love that. But who decides what is untampered and can you still modify stuff yourself. I don't want my servers to be immutable for example. And only be 'allowed' to do what the vendor wants me to. But anyway, that is not really remote attestation. That is local attestation because you can see it on your own server. It's only remote if it attests to someone else. And yes exactly, the second point is exactly why I hate remote attestation so much. Hope we can hack around it for a while but eventually they will stick that stuff in hardware, I'm sure. That will make it a lot harder. | | |
| ▲ | egorfine 3 days ago | parent [-] | | > eventually they will stick that stuff in hardware, I'm sure That's the endgame, totally. |
|
|
|
|
|
| ▲ | rcxdude 4 days ago | parent | prev [-] |
| Probably what it says on the tin, TBH. If you hold the keys, it can strengthen security a lot. |
