Comment by UltraSane

Comment by UltraSane 4 days ago

0 replies

View on Hacker News

"Why does my bank need to know whether the machine in my hands that is accessing their internet APIs was attested by some uninvolved third party or not?"

Because there are an infinite ways for a computer to be insecure and very few ways for it to be secure.

Checks were a form of attestation because they contained security features that banks would verify.

Would YOU be willing to use a bank that refused to use TLS? I didn't think so. How is you refusing to accept remote attestation and the bank refusing to connect to you any different?