Comment by seba_dos1

4 hours ago

> The entire point is that developers don't want their apps patched

That's exactly what I'm trying to say. The entire point is not to secure the user, it's to secure the apps. It's working against the user's interest, as letting the user lie to apps is essential to user's agency. The technical means used to achieve this could also be used to work for the user and ensure their security without compromising their agency, but that's not what happens on mainstream platforms.

> No, you really couldn't.

Yes, you could. Exactly how you describe, so it was used only where it mattered, and in other cases they just had no choice. Today the friction is so low that even McDonald's app will refuse to work on a device it considers untrustworthy. The user does not benefit from that at all.

4 comments

seba_dos1

Reply
Avamander  2 hours ago

> as letting the user lie to apps is essential to user's agency.

You do understand that in this case the user's agency has a very clear line?

Tampering with an electronic identity software is not a fundamental right the same way as tampering with your ID-card or passport isn't.

> [...] and in other cases they just had no choice.

QED. Not that they wouldn't or didn't want to.

  • seba_dos1  2 hours ago

    App attestation does not stop at legally binding identity software, and legally binding identity software can be serviced without app attestation. I accept not being able to tamper with my ID card, I may say it's "mine" but it ultimately belongs to the government; I don't accept not being able to tamper with my computers, they wouldn't belong to me anymore if that was the case.

    > Not that they wouldn't or didn't want to.

    Of course, but my devices' purpose isn't to grant wishes to corporations. In the ideal world they would still have no other choice. Unfortunately the more people use platforms that let them attest the execution environment the less leverage we have against them.

    • Avamander  2 hours ago

      > I accept not being able to tamper with my ID card, I may say it's "mine" but it ultimately belongs to the government; I don't accept not being able to tamper with my computers, they wouldn't belong to me anymore if that was the case.

      So where does a digital ID card fit in your model? It's the government's but on your computer.

      1 reply →