Conversation

Notices

1. Embed this notice
   Matthew Garrett (mjg59@nondeterministic.computer)'s status on Thursday, 02-Jan-2025 14:57:36 JST Matthew Garrett

   I've helped deploy TPM-backed remote attestation at 4 different companies and it's the kind of day where people try to tell me I don't understand TPMs or remote attestation

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Thursday, 02-Jan-2025 14:57:30 JST Rich Felker

     in reply to

     • Sergey Bugaev

     @bugaevc @mjg59 The whole TPM approach to this problem is just stupid and an excuse for putting cops in devices. The problem of physical access to backdoor or extract secret is fully solved by putting the secret in volatile storage that's destroyed on any physical tampering, and this handles cases TPM approaches fail to protect.

     Haelwenn /элвэн/ :triskell: likes this.
   • Embed this notice
     Sergey Bugaev (bugaevc@floss.social)'s status on Thursday, 02-Jan-2025 14:57:31 JST Sergey Bugaev

     in reply to

     @mjg59
     2. Assuming the threat model is: someone with complete physical access to a laptop trying to fool remote attestation into falsely passing — is it true that it's possible to intercept on-board communications between the TPM and the other components (CPU? RAM?), and feed false data into the TPM (pretending to be running stock software) to get it to release the secret material?

   • Embed this notice
     Sergey Bugaev (bugaevc@floss.social)'s status on Thursday, 02-Jan-2025 14:57:32 JST Sergey Bugaev

     in reply to

     @mjg59 thanks

     1. Is it just a matter of time before media streaming starts to require remote attestation via TPM? Or are there fundamental reasons for why the companies don't actually want that? It seems attractive to verify & require that the device runs a stock non-jailbroken version of iOS for example.

   • Embed this notice
     Matthew Garrett (mjg59@nondeterministic.computer)'s status on Thursday, 02-Jan-2025 14:57:33 JST Matthew Garrett

     in reply to

     • Sergey Bugaev

     @bugaevc It's not tied in with remote attestation at all, no media streaming companies do that on PCs (and I'm unaware of *any* cases of remote attestation on PCs outside enterprise scenarios where they're having their own hardware attest to them)

   • Embed this notice
     Sergey Bugaev (bugaevc@floss.social)'s status on Thursday, 02-Jan-2025 14:57:34 JST Sergey Bugaev

     in reply to

     @mjg59 I'm sure you do understand remote attestation 🙂 (a huge lot better than I do anyway)

     But your recent post doesn't mention it, and instead takes apart a weird argument that it's the TPM itself which does the decoding (rather than releasing the secret material that is then used for key negotiation / decoding). Whereas I was indeed expecting you to explain how this is tied in with remote attestation, and how evil (or not?) that is, and why FSF is wrong about that, if they are.

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Thursday, 02-Jan-2025 15:03:16 JST Rich Felker

     in reply to

     @mjg59 This does not come across as evidence that you're qualified to speak in defense of the tech folks are rightly critical of.

     Rather, it comes across as an instance of:

     "It is difficult to get a man to understand something, when his salary depends on his not understanding it"

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Thursday, 02-Jan-2025 15:04:44 JST Rich Felker

     in reply to

     @mjg59 Change the example and it becomes obvious:

     "I've helped deploy LLMs at 4 different companies and it's the kind of day where people try to tell me I don't understand LLMs."