|
|
|
|
|
|
by kmeisthax
920 days ago
|
|
|
I know of no messaging platform using remote attestation for antispam - and, as far as those platforms continue to support web registration, they can't use remote attestation[0]. Even if they could, it wouldn't help. Remote attestation verifies that your client code is running without modification. What you care about with spam is keeping the spammers from registering large numbers of unrelated accounts, which doesn't require modifying the client at all. I will give you that remote attestation does help anticheat. However, the current state of anticheat in games is so invasive now that you have to install special kernel drivers, and that kernel has to be on bare metal (no hypervisors allowed). This only happened because a specific genre of fast-twitch first person shooter has a lot of closet cheating going on. But it also gets blindly applied to things like rhythm games that absolutely do not need kernel-level anticheat[1]. So every game gets more invasive because of one hyper-competitive game genre triggering an anticheat arms race. [0] Or at least, for as long as Web Environment Integrity stays dead [1] Altering the client isn't even the most common way of cheating rhythm game records. For example, a good chunk of the rules for, say, Pump It Up's online leaderboards is "don't have other players play on your A.M.Pass" and "don't hook up a hand controller onto an online cab". Neither of which would be stopped by an anticheat system (and yes, PIU being an arcade rhythm game, there's shitton of encryption on it). |
|
|
They can; Apple (and others) have implemented Private Access Tokens (PATs) for this.
https://blog.cloudflare.com/eliminating-captchas-on-iphones-...