Remix.run Logo
charcircuit 4 hours ago

>What good is free software if using it marks our devices as untrusted

That is not what remote attestation is for. The operating system maintains isolation between apps, so a free software app being installed doesn't mean an app that needs high security is compromised.

marmarama 3 hours ago | parent | next [-]

I think you've misunderstood. It's not an app problem. The problem is that it makes Free Software OSes unviable. The copy of Android you compile and install yourself - or your copy of desktop Linux where you upgraded the kernel yourself - will never pass remote attestation, and it gives both the attestation provider and software that checks attestation the ability to unilaterally shut out any OS they like with no workaround, even those that do pass attestation.

In a world of deeply untrustworthy Big Tech, and trend of governments, banks and other basic services needed to exist in society relying on apps and in the future, websites that use remote attestation, that is very troubling.

There are better ways of dealing with the bad actors problem, but Big Tech has chosen violence.

charcircuit 30 minutes ago | parent | next [-]

You can apply my same comment 1 layer up.

The hypervisor maintains isolation between operating systems, so a free operating system being installed doesn't mean an app that needs a high security operating system is compromised.

floam 3 hours ago | parent | prev [-]

I don’t see how it’s incompatible with open source, just because my development builds aren’t being blessed.

dpark 3 hours ago | parent | next [-]

It’s not incompatible with open source. It’s incompatible with free software. If Apple or Google or Microsoft or the government needs to “bless” your build, then you have no freedom to actually use your build.

marmarama 2 hours ago | parent | prev [-]

Your "development build" is another person's daily driver.

Case in point: GrapheneOS (or any other custom Android distro) is unlikely to be able to ever pass remote attestation, even a signed, secure boot build with the bootloader relocked, because it's not the original OS for the hardware.

Same goes for any desktop Linux.

inigyou 27 minutes ago | parent [-]

GrapheneOS implements its own attestation so you can attest that it's real GrapheneOS. The valid approach they've chosen is to try and get on a level playing field with the big guys rather than destroy the playing field. They have a good argument their OS is very secure, so you should accept its attestation. This is how a user-friendly OS backdoors into the attestation system.

I still think destroying the playing field is better, but less likely to succeed.

matheusmoreira 31 minutes ago | parent | prev [-]

Then why can't we install whatever we want on "our" devices?

charcircuit 27 minutes ago | parent [-]

Because you are buying a device without the feature of installing a custom OS. If you want a feature, buy a device offering it.