|
|
|
|
|
|
by bakugo
1136 days ago
|
|
|
Except, in the future, your Linux partition will be unable to access most online services because they'll all rely on remote attestation to check if your device is running an unmodified Windows OS, similar to what many android apps already do. |
|
|
Remote attestation sounds secure in theory but its Achilles heel is that at the remote end sb will have to perform a judgement of what „an modified OS“ is. And any wrong decision will stress test that sb‘s support division and might be subject to litigation. Likely there will be some industry standard white list which itself might be subject to manipulation (similar to the compromised SSL root certificates we had years ago).
I can’t imagine this will be set in place for all available PC software.
Furthermore, attestation happens during run time of a software stack that might itself be vulnerable to exploits. An attacker might find a way to short-circuit remote attestation w/o the remote party knowing.
See also:
https://courses.cs.washington.edu/courses/csep590/06wi/final...
(TFA linked this, too.)