Comment by hsbauauvhabzb
1 month ago
If a malicious update can be pushed because of some failure in the signature verification checks (which already exist), what makes you think the threat actor won’t have access to signing keys?
This is not what attestation is even seeking to solve.
Firmware upgrades don't need to use the same protocols. Without secure boot any applet can take a security hole escalate and persist until you take a trip to a zone of interest. With secure-boot+attestation, the vendors can choose not to let you download the latest map data, report you to the authorities, etc.
Why do people take DA as "Hail Satan" anyways.
“With secure-boot+attestation, the vendors can choose not to let you download the latest map data, report you to the authorities”
As far as I'm concerned, you just conceded the argument.
If this was about stopping malware, it wouldn’t be targeting Linux endpoints.