Comment by UltraSane

Comment by UltraSane 5 days ago

20 replies

View on Hacker News

Trusted computing and remote attestation is like two people who want to have sex requiring clean STD tests first. Either party can refuse and thus no sex will happen. A bank trusting a random rooted smartphone is like having sex with a prostitute with no condom. The anti-attestation position is essentially "I have a right to connect to your service with an unverified system, and refusing me is oppression." Translate that to the STD context and it sounds absurd - "I have a right to have sex with you without testing, and requiring tests violates my bodily autonomy."

You're free to root your phone. You're free to run whatever you want. You're just not entitled to have third parties trust that device with their systems and money. Same as you're free to decline STD testing - you just don't get to then demand unprotected sex from partners who require it.

alextingle 5 days ago

But I'm not having sex with my bank.

Reply View 5 replies
  • UltraSane 5 days ago

    You do know what analogies are, right?

    Reply View 4 replies
    • mrguyorama 5 days ago

      A fundamentally flawed way to make an argument?

      Yeah I know what analogies are.

      Why does my bank need to know whether the machine in my hands that is accessing their internet APIs was attested by some uninvolved third party or not?

      You know we used to hand people pieces of paper with letters and numbers on them to do payments right? For some reason, calling up my bank on the phone never required complicated security arrangements.

      TD Bank never needed to come inspect my phone lines to ensure nobody was listening in.

      Instead of securing their systems and working on making it harder to have your accounts taken over (which by the way is a fruitful avenue of computer security with plenty of low hanging fruit) and punishing me for their failures, they want to be able to coerce me to only run certain software on my equipment to receive banking services.

      This wasn't necessary for banking for literally thousands of years.

      Why now? What justification is there?

      A third party attesting my device can only be used to compel me to only use certain devices from certain third parties. The bank is not at all going to care whether I attest to it or not, they are going to care that Google or Microsoft will attest my device.

      And for what? To what end? To prevent what alleged harm?

      In what specific way does an attested device state make interacting with a publicly facing interface more secure?

      It WILL be used to prevent you from being able to run certain code that benefits you at corporation's expense, like ad blockers.

      Linux is supposed to be an open community. Who even asked for this?

      Reply View 1 reply
      • UltraSane 4 days ago

        "Why does my bank need to know whether the machine in my hands that is accessing their internet APIs was attested by some uninvolved third party or not?"

        Because there are an infinite ways for a computer to be insecure and very few ways for it to be secure.

        Checks were a form of attestation because they contained security features that banks would verify.

        Would YOU be willing to use a bank that refused to use TLS? I didn't think so. How is you refusing to accept remote attestation and the bank refusing to connect to you any different?

        Reply View 0 replies
    • kmbfjr 5 days ago

      So both consent to sex and now one thinks they're entitled to marriage. That's where this inevitably leads, user/customer lock-in and control.

      While the bank use case makes a compelling argument, device attestation won't be used for just banks. It's going to be every god damned thing on the internet. Why? Because why the hell not, it further pushes the costs of doing business of banks/MSPs/email providers/cloud services onto the customer and assigns more of the liabilities.

      It will also further the digital divide as there will be zero support for devices that fail attestation at any service requiring it. I used to think that the friction against this technology was overblown, but over the last eighteen months I've come to the conclusion that it is going to be a horrible privacy sucking nightmare wrapped in the gold foil of security.

      I've been involved in tech a long, long time. The first thing I'm going to do when I retire is start chucking devices. I'm checking-out, none of this is proving to be worth the financial and privacy costs.

      Reply View 1 reply
      • UltraSane 5 days ago

        "It's going to be every god damned thing on the internet. Why? Because why the hell not"

        This is not a persuasive argument.

        You are also ignoring the fact that YOU can use remote attestation to verify remote computers are running what they say they are.

        "I've been involved in tech a long, long time. The first thing I'm going to do when I retire is start chucking devices. I'm checking-out, none of this is proving to be worth the financial and privacy costs."

        You actually sound like you are having a nervous breakdown. Perhaps you should take a vacation.

        Reply View 0 replies
tliltocatl 5 days ago

You are trying to portrait it as an exchange between equal parties which it isn't. I am totally entitled not to have to use a thrid-party-controlled device to access government services. Or my bank account.

Reply View 7 replies
  • UltraSane 5 days ago

    remote attestation is just fancy digital signatures with hardware protected secret keys. Are you freaking out about digital signatures used anywhere else?

    Reply View 6 replies
    • tliltocatl 5 days ago

      Trusted computing boil down to restricting what software I'm allowed to run on hardware I own and use. The technical means to do so are irrelevant.

      Reply View 5 replies
      • UltraSane 5 days ago

        "Trusted computing boil down to restricting what software I'm allowed to run on hardware I own and use." Remote attestation doesn't do this.

        Reply View 4 replies
blueflow 5 days ago

> You're just not entitled to have third parties trust that device with their systems and money.

But its a bank, right? Its my money.

Reply View 5 replies
  • UltraSane 5 days ago

    If malware on your phone steals it the bank could be on the hook. The bank can set terms on how you access their computers.

    Reply View 4 replies
    • blacklion 5 days ago

      Can it sets terms on my religious and political views? I'm not speaking about race and sex, you cannot choose them (ok, sex you could in some jurisdictions, and there is difference between sex and gender, please, don't be nitpicky here), but about things I can choose same as I can choose my hardware and software to run.

      If there is real effective market (which is not in any country on Earth, especially for banks), you could say: vote with you money, choose bank which suits you. But it is impossible even with bakery, less with banks on market which is strictly regulated (in part as result of lobbying by established institutions, to protect themselves!).

      So, on one hand, I must use banks (I cannot pay for many things in cash, here, where I live most of bars and many shops doesn't accept cash, for example, and it is result of government politics and regulations), and on other hand banks is not seen as essential as access to air and water, they could dictate any terms they want.

      I see this situation completely screwed.

      Reply View 3 replies
      • UltraSane 5 days ago

        You DO understand you can own more than one phone, right? Just use one that isn't rooted as a dedicated banking device and the rooted phone for whatever else you need. You are making life far too hard.

        Reply View 2 replies