Marking this one as dupe as it doesn't add any new info.
userbinator 13 hours ago [-]
Good. Enough freedom has already been destroyed in the name of hostile "security".
I suspect many far-East "MCU break" services companies already knew of such things, but obviously would not want to publicise it.
johncolanduoni 10 hours ago [-]
Name one person who couldn’t do something on a retail Intel computer they owned, because it had a TPM
userbinator 9 hours ago [-]
TPMs being widespread and accepted is a problem. It means that everyone has been put into a noose, but one that just hasn't yet been tightened. As evidence of what we're up against, Stallman saw it coming 25+ years ago, kept warning about it, and look what they did to him.
But seriously, that's an ignorant criterion. It's not a matter of arbitrary people being singled out, it's a society-wide noose being tightened ever so slowly.
Locked down boot chains were never fully asserted on amd64 because its market is for general purpose computers, and doing so would have obviously just caused people to choose alternative options. But remote attestation has no such escape hatch, and we can already see that dynamic starting to play out over in mobile land with "safety net".
userbinator 9 hours ago [-]
it's a society-wide noose being tightened ever so slowly
This. Fortunately there was a huge resistance against WEI, but we must remain vigilant to them attempting to sneak in something similar in the future.
EUCLEAK Side-Channel Attack on the YubiKey 5 Series - https://news.ycombinator.com/item?id=41434500 - Sept 2024 (278 comments)
Marking this one as dupe as it doesn't add any new info.
I suspect many far-East "MCU break" services companies already knew of such things, but obviously would not want to publicise it.
Relevant comment of mine 3.5 years ago: https://news.ycombinator.com/item?id=29859999
But seriously, that's an ignorant criterion. It's not a matter of arbitrary people being singled out, it's a society-wide noose being tightened ever so slowly.
Locked down boot chains were never fully asserted on amd64 because its market is for general purpose computers, and doing so would have obviously just caused people to choose alternative options. But remote attestation has no such escape hatch, and we can already see that dynamic starting to play out over in mobile land with "safety net".
This. Fortunately there was a huge resistance against WEI, but we must remain vigilant to them attempting to sneak in something similar in the future.