Hacker News new | ask | show | jobs
by foltik 27 days ago
Not sure if you’re being deliberately obtuse, but a signing key means nothing by itself. What exactly do you think is being attested TO?

Thats right: that the user can’t do what they want with their own device. Obviously your key wouldn’t be trusted if they could.

There is no other conceivable purpose that attestation could serve.
2 comments
dns_snek 27 days ago
> Not sure if you’re being deliberately obtuse

Yes, they are. If there's a thread on HN about user-hostile features, you can be pretty confident that they've written a comment defending it.

link
charcircuit 27 days ago
There are many changes that are possible which do not harm the integrity of applications.

>the user can’t do what they want with their own device

In the same way the user can't make their device have the Microsoft Word app send them $1 million from Microsoft's bank account. Once other people are in the picture you can't always have your way.

link
foltik 27 days ago
> Attestation isn't against being able to do whatever you want with your own device.

“Prison isn’t against being able to go wherever you want.”

> There are many changes that are possible which do not harm the integrity of applications.

“Well there’s a lot of places you can go in prison, you just can’t leave.”

Uh-huh.

> In the same way the user can't make their device have the Microsoft Word app send them $1 million from Microsoft's bank account.

This is completely incoherent. You and I both know that a bank refusing to give away someone else’s money has nothing to do with being able to run whatever code and operating systems we want to on our own devices.

Obviously the decision happens on some remote server which would require a username and password to authorize. It doesn’t matter one bit what piece of code sent it over.

link
charcircuit 27 days ago
>“Prison isn’t against being able to go wherever you want.”

This isn't a good analogy since the user really able to do whatever they want with their computer. A better analogy is that. "You can go wherever you want, but if you are trespassing on other people's property they can report you to the police." Just because you have the freedom to go anywhere does not mean you are not accountable for your actions or that people should not be able to tell that you are trespassing.

>has nothing to do with being able to run whatever code and operating systems we want to on our own devices.

My point is that one's freedom of how they want one's computer to work does not mean they can force other people's server to run code they want. Microsoft is in control of what there servers do.

link
chadgpt3 27 days ago
Distinguish between trespassing-style "you can go there but there might be consequences" and prison-style "you are physically unable to go there"

Currently it's trespassing-style. If you modify your Google client, Google reserves the right to ban you.

With attestation it's prison-style: you can't modify your Google client. If you try, the modified client just won't work. Trying to walk out of the prison wall does not actually put you outside - you just bang into the wall and then you are still inside.

link