This is a really hard problem with "solutions" that usually run counter to privacy and, you know, controlling the machine consuming your electricity. Remote Attestation has come a long way, but (at least on Linux) still in its infancy.
First time I hear about "Remote Attestation", got any trusted sources/resources for someone to read up on it more? (besides Wikipedia and it's sources)
Here's some words Red Hat folks wrote[0] about Keylime[1][2], "open source scalable trust system harnessing TPM Technology,"[3] written in python and rust, originally created within MIT Lincoln Labs.[4] It leverages TMP 1.2 and 2.0[5] and also involves/includes/references code from Intel[6] and Cloudflare[7].
True true, wasn't meant to be hostile but I see that I wrote my comment unkindly.
I do think the point stands though. They are names for the same technology. How it is used, and who uses it will determine what type of spin I'd put on it.
Monitoring the integrity of a trusted audio decoder in my system's kernel: DRM
Monitoring the integrity of an open source tool that I bought and paid for: remote attestation.
Both will come down to various arrangements of trusted computing enclaves, asymmetric cryptography and groups trying to bypass said arrangements.
I couldn’t agree more. DRM is just hardware and software. It’s a tool and implementations matter. HDCP is one of those implementations that seem like a good idea but which have all kinds of side effects that make the product the DRM is part of (HDMI in this case) much less useful for certain fair use law abiding use cases. As long as we have the interoperability exception for breaking DRM there’s a way around but it would be better if interoperability was a requirement of accessibility standards in the first place.
This is a really hard problem with "solutions" that usually run counter to privacy and, you know, controlling the machine consuming your electricity. Remote Attestation has come a long way, but (at least on Linux) still in its infancy.