Comment by bri3d

Comment by bri3d 6 days ago

23 replies

View on Hacker News

The typical HN rage-posting about DRM aside, there's no reason that remote attestation can't be used in the opposite direction: to assert that a server is running only the exact code stack it claims to be, avoiding backdoors. This can even be used with fully open-source software, creating an opportunity for OSS cloud-hosted services which can guarantee that the OSS and the build running on the server match. This is a really cool opportunity for privacy advocates if leveraged correctly - the idea could be used to build something like Apple's Private Cloud Compute but even more open.

cwillu 5 days ago

Like evil maid attacks, this is a vanishingly rare scenario brought out to try to justify technology that will overwhelmingly be used to restrict computing freedom.

Reply View 1 reply
  • AshamedCaptain 5 days ago

    In addition, the benefit is a bit ridiculous, like that of DRM itself. Even if it worked, literally your "trusted software" is going to be running in an office full of the most advanced crackers money can buy, and with all the incentive to exploit your schema but not publish the fact that they did. The attack surface of the entire thing is so large it boggles the mind that there are people who believe on the "secure computing cloud" scenario.

    Reply View 0 replies
deknos 5 days ago

WHAT is the usage and benefit for private users? This is always neglected.

avoiding backdoors as a private person you always can only solve with having the hardware at your place, because hardware ALWAYS can have backdoors, because hardware vendors do not fix their shit.

From my point of view it ONLY gives control and possibilities to large organizations like governments and companies. which in turn use it to control citizens

Reply View 0 replies
bayindirh 6 days ago

You're absolutely right, but considering Windows requirements drive the PC spec, this capability can be used to force Linux distributions in bad ways.

So, some of the people doing "typical HN rage-posting about DRM" are also absolutely right.

The capabilities locking down macOS and iOS and related hardware also can be used for good, but they are not used for that.

Reply View 9 replies
  • bri3d 6 days ago

    > but considering Windows requirements drive the PC spec, this capability can be used to force Linux distributions in bad ways

    What do you mean by this?

    Is the concern that systemd is suddenly going to require that users enable some kind of attestation functionality? That making attestation possible or easier is going to cause third parties to start requiring it for client machines running Linux? This doesn't even really seem to be a goal; there's not really money to be made there.

    As far as I can tell the sales pitch here is literally "we make it so you can assure the machines running in your datacenter are doing what they say they are," which seems pretty nice to me, and the perversions of this to erode user rights are either just as likely as they ever were or incredibly strange edge cases.

    Reply View 8 replies
    • bayindirh 5 days ago

      Microsoft has a "minimum set of requirements" document about "Designed for Windows" PCs. You can't sell a machine with Windows or tell it's Windows compatible without complying with that checklist.

      So, every PC sold to consumers is sanctioned by Microsoft. This list contains Secure Boot and TPM based requirements, too.

      If Microsoft decides to eliminate enrollment of user keys and Secure Boot toggle, they can revoke current signing keys for "shims" and force Linux distributions to go full immutable to "sign" their bootloaders so they can boot. As said above, it's not something Amutable can control, but enable by proxy and by accident.

      Look, I work in a datacenter, with a sizeable fleet. Being able to verify that fleet is desirable for some kinds of operations, I understand that. On the other hand, like every double edged sword, this can cut in both ways.

      I just want to highlight that, that's all.

      Reply View 3 replies
      • bri3d 5 days ago

        I don't see how this relates in any way to Amutable and it has been a "concern" for 20+ years (which has never come to pass). How do you think this relates at all?

        Reply View 2 replies
    • LooseMarmoset 5 days ago

      Have you run an Android device recently?

      Reply View 3 replies
      • bri3d 5 days ago

        Yes, I reference Android client attestation in my comments in this thread frequently. I actually see this company as likely to be the flip side of the “bad” client attestation coin; server attestation actually provides a lot of nice properties to end users and providers who wish to provide secure solutions with very limited user downside.

        Reply View 2 replies
egorfine 5 days ago

> there's no reason that remote attestation can't be used in the opposite direction

There is: corporate will fund this project and enforce its usage for their users not for the sake of the users and not for the sake of doing any good.

What it will be used for is to bring you a walled garden into Linux and then slowly incentivize all software vendors to only support that variety of Linux.

LP has a vast, vast experience in locking down users' freedom and locking down Linux.

Reply View 6 replies
  • bri3d 4 days ago

    > There is: corporate will fund this project and enforce its usage for their users not for the sake of the users and not for the sake of doing any good.

    I'd really love to see this scenario actually explained. The only place I could really see client-side desktop Linux remote attestation gaining any foothold is to satisfy anti-cheat for gaming, which might actually be a win in many ways.

    > What it will be used for is to bring you a walled garden into Linux and then slowly incentivize all software vendors to only support that variety of Linux.

    What walled garden? Where is the wall? Who owns the garden? What is the actual concrete scenario here?

    > LP has a vast, vast experience in locking down users' freedom and locking down Linux.

    What? You can still use all of the Linuxes you used to use? systemd is open source, open-application, and generally useful?

    Like, I guess I could twist my brain into a vision where each Ubuntu release becomes an immutable rootfs.img and everyone installs overlays over the top of that, and maybe there's a way to attest that you left the integrity protection on, but I don't really see where this goes past that. There's no incentive to keep you from turning the integrity protection off (and no means to do so on PC hardware), and the issues in Android-land with "typical" vendors wanting attestation to interact with you are going to have to come to MacOS and Windows years before they'll look at Linux.

    Reply View 5 replies
    • egorfine 4 days ago

      > client-side desktop Linux remote attestation gaining any foothold is to satisfy anti-cheat for gaming, which might actually be a win in many ways.

      It will be, no doubt. As soon as it is successfully tested and deployed for games, it will be used for movies, government services, banks, etc. And before you know you do not have control of your own computer.

      > Who owns the garden?

      Not you.

      > everyone installs overlays over the top of that

      Except this breaks cryptography and your computer is denied multiple services. Because you are obviously a hacker, why else would anyone want to compile and run programs.

      > turning the integrity protection off (and no means to do so on PC hardware)

      It's a flip of a switch, really. Once Microsoft decides you have had enough, the switch is flipped and in a couple of years no new Intel computer will boot your kernel.

      Reply View 4 replies
      • bri3d 4 days ago

        > it will be used for movies, government services, banks

        I really, really don't think these entities care enough about desktop Linux. I'd be way more worried about some kind of Windows web-based attestation appearing. If that happens I really do think there's a bit of an alarm to sound, because this will make using desktop Linux inconvenient in the way attestation has made using alternate Android ROMs inconvenient.

        > Because you are obviously a hacker, why else would anyone want to compile and run programs.

        People buy computers to run programs, it doesn't behoove anyone to prevent this. These things are driven by economics, not some weird arbitrary drive towards evil. Android strict attestation is popular because fraudulent cloned banking apps are a rampant problem for banks, not because they're trying to "stick it" to 200 GrapheneOS users.

        > Once Microsoft decides you have had enough, the switch is flipped and in a couple of years no new Intel computer will boot your kernel.

        Why does everyone land on this complete non sequitur? It's not the flip of a switch, that's not how UEFI Secure Boot works to start with and even then, UEFI Secure Boot is not the root of trust on x86.

        This was indeed the big "Free Software" vs UEFI "Secure" Boot conspiracy theory 20+ years ago, but it didn't make sense then, doesn't make sense now, and sure enough, hasn't come to pass. First off, Microsoft aren't Intel, who own the root of trust on Intel CPUs. Second off, again, there's no incentive to do this. CPUs are a competitive market and people buy CPUs to run code. There is no reason for Intel to suddenly decide to exclusively enforce firmware verification in a way that only chained down to one vendor's keys; they're in the business of selling CPUs to people who want to run things. Also, the notion that some CPU vendor will suddenly lock down firmware keys has nothing to do with the article in question or the notion of an immutable or attestable Linux.

        Reply View 3 replies
blibble 5 days ago

intel have had a couple of goes at this

and each time the doors have been blasted wide off by huge security vulnerabilities

the attack surface is simply too large when people can execute their own code nearby

Reply View 0 replies
PunchyHamster 5 days ago

it doesn't stop remote code injection. Protecting boot path is frankly hardly relevant on server compared to actual threats.

You will get 10000 zero days before you get a single direct attack at hardware

Reply View 1 reply
  • bri3d 5 days ago

    The idea is that by protecting boot path you build a platform from which you can attest the content of the application. The goal here is usually that a cloud provider can say “this cryptographic material confirms that we are running the application you sent us and nothing else” or “the cloud application you logged in to matched the one that was audited 1:1 on disk.”

    Reply View 0 replies