Comment by wolvoleo

5 hours ago

Trusted computing means trusted by the vendor and content providers, not trusted by the user. In that sense I consider it very evil.

19 comments

wolvoleo

Reply
charcircuit  5 hours ago

If the user doesn't trust an operating system, why would they use it. The operating system can steal sensitive information. Trusted computing is trusted by the user to the extent that they use the device. For example if they don't trust it, they may avoid logging in to their bank on it.

  • mzajc  4 hours ago

    > If the user doesn't trust an operating system, why would they use it.

    Because in the case of smartphones, there is realistically no other option.

    > For example if they don't trust it, they may avoid logging in to their bank on it.

    Except when the bank trusts the system that I don't (smartphone with Google Services or equivalent Apple junk installed), and doesn't trust the system that I do (desktop computer or degoogled smartphone), which is a very common scenario.

  • LoganDark  2 hours ago

    To trust an Android device, I need to have ultimate authority over it. That means freedom to remove functionality I don't like and make changes apps don't like. Otherwise, there are parts of practically every Android that I don't approve of, like the carrier app installer, any tracking/telemetry, most preinstalled apps, etc.

    I recently moved to Apple devices because they use trusted computing differently; namely, to protect against platform abuse, but mostly not to protect corporate interests. They also publish detailed first-party documentation on how their platforms work and how certain features are implemented.

    Apple jailbreaking has historically also had a better UX than Android rooting, because Apple platforms are more trusted than Android platforms, meaning that DRM protection, banking apps and such will often still work with a jailbroken iOS device, unlike most rooted Android devices. With that said though, I don't particularly expect to ever have a jailbroken iOS device again, unfortunately.

    Apple implements many more protections than Android at the OS level to prevent abuse of trusted computing by third-party apps, and give the user control. (Though some Androids like, say, GrapheneOS, implement lots that Apple does not.)

    But of course all this only matters if you trust Apple. I trust them less than I did, but to me they are still the most trustworthy.

    • charcircuit  2 hours ago

      >to protect against platform abuse, but mostly not to protect corporate interests

      What do you mean by this? On both Android and iOS app developers can have a backend that checks the status of app attestation.

  • bigyabai  3 hours ago

    Do you actually, bottom-of-your-heart believe that ordinary consumers think like this? They use TikTok and WhatsApp and Facebook and the Wal-Mart coupon app as a product of deep consideration on the web of trust they're building?

    Users don't have a choice, and they don't care. Bitlocker is cracked by the feds, iOS and Android devices can get unlocked or hacked with commercially-available grey-market exploits. Push Notifications are bugged, apparently. Your logic hinges on an idyllic philosophy that doesn't even exist in security focused communities.

    • charcircuit  2 hours ago

      Yes, I do believe from the bottom of my heart the users trust the operating systems they use. Apple and Google have done a great job at security and privacy which is why it seems like users don't care. It's like complaining why you have a system administrator if the servers are never down. When things are run well the average person seems ignorant of the problems.

      9 replies →

UltraSane  2 hours ago

Pre-TC mobile/embedded security was catastrophic:

  Persistent bootkits trivial to install
  No verified boot chain
  Firmware implants survived OS reinstalls
  No hardware-backed key storage
  Encryption keys extractable via JTAG/flash dump

Modern Secure Boot + hardware-backed keystore + eFuse anti-rollback eliminated entire attack classes. The median user's security posture improved by orders of magnitude.

  • michaelmrose  1 hour ago

    Did this ever effect real users?

    • fc417fc802  20 minutes ago

      Arguably yes. By preventing entire classes of attack real users are never exposed to certain risks in the first place. If it were possible it would be abused at some rate (even if that rate were low).

      It's not that trusted computing is inherently bad. I actually think it's a very good thing. The problem is that the manufacturer maintains control of the keys when they sell you a device.

      Imagine selling someone a house that had smart locks but not turning over control of the locks to the new "owner". And every time the "owner" wants to add a new guest to the lock you insist on "reviewing" the guest before agreeing to add him. You insist that this is important for "security" because otherwise the "owner" might throw a party or invite a drug dealer over or something else you don't approve of. But don't worry, you are protecting the "owner" from malicious third parties hiding in plain sight. You run thorough background checks on all applicants after all!