|
|
|
|
|
|
by marcosdumay
1798 days ago
|
|
|
> So control over all the computers in a country comes down to just a few keys Notice that I didn't mention "country" anywhere. There's no country restriction. > or rather a single key, held by the government, which signs the list of approved manufacturer keys Hum, no. The single key is held by Microsoft. And yeah, that's basically what the Trusted Computing Consortium was designing at the early 00. But people pushed back enough that they stopped publishing public documents and delayed the implementation. We are just getting there. |
|
|
The technology may not care about countries, but countries care about technology. If (or rather when) a government passes a law limiting internet access to approved operating systems and hardware, the ISPs in that country will logically have to listen for signed updates to the whitelist.
In practice the list might be very short, containing just intermediate keys representing Microsoft, Apple, Google, a few commercially-backed Linux distros, and the CPUs that support them (with the necessary TPMs). The intermediate keyholders would have the responsibility to revoke approval of versions / model numbers that have known vulnerabilities which allow arbitrary user-controlled code to run.