this post was submitted on 14 Aug 2023
2038 points (97.5% liked)

Memes

45778 readers
2625 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 4 points 1 year ago (1 children)

I mean for some rare specific usages it could be usefull like ensuring bank webpages integrity or similar but mostly and the main usage would be for what you said.

[โ€“] [email protected] 1 points 1 year ago

It doesn't though - it basically ensures your device settings.

Is that integrity? Maybe - if the attester code is flawless and handles all situations perfectly, it could theoretically add to integrity, but that's not a realistic outcome

It's not designed for that. It can only block the site - it doesn't add to security, it takes away from it.

Say a bank designs their own attester - suddenly you have code that, if compromised, is always run in the most privileged execution context, in a way the user can't control right before you enter your bank password