youarentrightjr 5 days ago

> Trusted boot is literally a form of DRM. A different one than remote attestation.

No, it's not. (And for that matter, neither is remote attestation)

You're conflating the technology with the use.

I believe that you have only thought about these technologies as they pertain to DRM, now I'm here to tell you there are other valid use cases.

Or maybe your definition of "DRM" is so broad that it includes me setting up my own trusted boot chain on my own hardware? I don't really think that's a productive definition.

Reply View 4 replies
  • yencabulator 5 days ago

    It's possible to not implement remote attestation even when you implement secure boot.

    This company is explicitly all about implementing remote attestation (which is a form of DRM):

    https://amutable.com/events

    > Remote Attestation of Imutable Operating Systems built on systemd

    > Lennart Poettering

    Reply View 3 replies
    • youarentrightjr 5 days ago

      > This company is explicitly all about implementing remote attestation (which is a form of DRM):

      Is there a HN full moon out?

      Again, this is wrong.

      DRM is a policy.

      Remote attestation is a technology.

      You can use remote attestation to implement DRM.

      You can also use remote attestation to implement other things.

      Reply View 2 replies
      • PunchyHamster 5 days ago

        there are no other things. The entire point of remote attestation is to manage(i.e. take away) rights of user that runs it, unless you own entire chain, which you do not on any customer device

        Reply View 1 reply