top | item 42575235

(no title)

alex7734 | 1 year ago

The whole point of TPM is that the OS is not under the user control anymore.

If you modify it thanks to remote attestation you can no longer prove that it is unmodified using the TPM.

discuss

Do they mean that no OS modification is necessary to read the decrypted media from memory?

Currently, no. But once (undetectable) OS modification is no longer possible, making the undecrypted media unreadable is just a few API restrictions away.

In Android phones for example you cannot screenshot banking apps. And if you root (modify the OS of) your phone, banking apps refuse to work.