>Some remote servers won't give you service if you do that
This is exactly my problem. Before ideas like this surfaced, the demarcation line between who controls what was purely based on ownership. The machine that I own acts only on my behalf and in my best interests, the server that you own does so for you (or atleast for PCs this has always been the case)
TPMs, attested bootchains and whatnot trample on this whole concept. It's like your very own hardware now comes with a built in Stasi agent that reports on your conduct whether you like it or not. It bothers me on a visceral level and I'm constantly wondering if it's just me.
It's not just you but what people who hate remote attestation tend to forget is that it's a sword that cuts in both directions. Servers can remotely attest to you, not just the other way around. Signal is an example of an app that demands a remote attestation from the server before uploading your sensitive data.
Attestation is just a tool. It can be used for all kinds of things and doesn't privilege one side or another. The average app developer doesn't truly care what device you use, they just want to cut out abuse and fraud, which are real problems that do require effective solutions.
Ultimately, trade requires some certainty that both sides will act as they promise to act. Attestation is more important for individuals attesting to companies because individuals have so many more ways to hold companies to account if they break their agreements than technology, like the legal system, which is largely ineffective at enforcing rules against individuals due to cost.
> Attestation is just a tool. It can be used for all kinds of things and doesn't privilege one side or another.
It priveleges the side that designs and uses it. By and large that's going to be the corporations, not individuals or those acting to maximize their interest.
> The average app developer doesn't truly care what device you use, they just want to cut out abuse and fraud, which are real problems that do require effective solutions.
I don't doubt that. But the price of attestation, if it's not properly isolated from the hosting OS (like Microsoft's completely unrealistic attempts of bringing the whole OS into the trusted computing base, kernel and applications and all), would be a homogeneity of computing I don't think is necessarily worth the benefits.
The good news is that such proper isolation is not only possible but even desirable (it keeps the trusted computing base small), and if done well could actually replace annoying half-measures such as "root detection": Who cares if my phone is rooted, as long as my bank's secure transaction confirmation application is running in a trusted, isolated enclave, for example?
Fair points. I was aware of this anti fraud angle of WEI/attestations before.
From this point on this is more of an emotional argument rather than a technical one, but I feel like the negative effects way outweigh the positive ones. Giving MORE power (be it technical or poltical) to big tech companies is just tipping the scales in their favor so much we will even worse off than we already are.
But if you work in anti-fraud and are fixated on solving this problem as effectively as possible, I can imagine not caring about this too if I were you...
Fully agreed on attested bootchains. General-purpose level OS-wide attestation is indeed a blight on open computing: It's ineffective because it implies a gigantic trusted code base (what are the odds that the entire Windows kernel is completely free of vulnerabilities?), and conversely it does tie you to somebody else's more or less arbitrary kernel build.
Almost complete disagree on TPMs. A better comparison than a spy would probably be a consulate (ok, maybe an idealized one, located underground in a Faraday cage): Their staff doesn't get to spy on you, but if you ever do want to do business with companies in that country and need some letters notarized/certified, walking into their consulate in your capital sure beats sending trustworthy couriers around the world every single time.
To torture that analogy some more: Sure, the guest country could try to extend the consulate into a spy base if you're not careful, and some suspicion is very well warranted, but that possibility is not intrinsic to its function, only to its implementation.
By that same logic evil is not inherent to attested bootchains either. When used to verify that the computer loaded the OS that the end user expected it is a very powerful security tool. It is only bad when the keys aren't under the control of the device owner.
You're mixing up the authentication and attestation parts of secure boot here.
You can absolutely install Linux, run secure boot (e.g. to protect you against "evil maid attack"), use your TPM to store your SSH keys, and live a happy and attestation-free life.
You can also do other things, but if you don't want to, why would you?
Attested boot chains aren't normally being used to attest a whole general purpose OS. They attest up to a small hypervisor that allows partitioned worlds to be created and chain attested, and then sensitive computations are done inside that.
> It bothers me on a visceral level and I'm constantly wondering if it's just me.
It's not just you.
It disgusts me so deeply I wish computers had never been invented. A wonderful technology with infinite potential, capable of reshaping the world. Reduced to this sorry state just to protect vested interests. They used to empower us. Now they are the tools of our oppression.
This is exactly my problem. Before ideas like this surfaced, the demarcation line between who controls what was purely based on ownership. The machine that I own acts only on my behalf and in my best interests, the server that you own does so for you (or atleast for PCs this has always been the case)
TPMs, attested bootchains and whatnot trample on this whole concept. It's like your very own hardware now comes with a built in Stasi agent that reports on your conduct whether you like it or not. It bothers me on a visceral level and I'm constantly wondering if it's just me.