Comment by elcritch

7 hours ago

Secure boot and attestation both generally require a form of DRM. It’s a boon for security, but also for control.

5 comments

elcritch

Reply
youarentrightjr  4 hours ago

> Secure boot and attestation both generally require a form of DRM.

They literally don't.

For a decade, I worked on secure boot & attestation for a device that was both:

- firmware updatable - had zero concept or hardware that connected it to anything that could remotely be called a network

  • warkdarrior  4 hours ago

    Interesting. So what did the attestation say once I (random Internet user) updated the firmware to something I wrote or compiled from another source?

    • youarentrightjr  4 hours ago

      > Interesting. So what did the attestation say once I (random Internet user) updated the firmware to something I wrote or compiled from another source?

      The update is predicated on a valid signature.

      2 replies →