top | item 46727615

(no title)

There are attestation mechanisms, but huge portions of a public user-base (especially android) don't pass that check because their device is too old, or their OEM sucked, or something something mediatek SOC, or <insert esoteric detail within the attested data that fails check in opaque way>

In my experience, all forms of attestation start to become impractical at scale unless you have a fairly homogeneous, well-patched fleet. This is particularly heinous for TPMs, where I've observed TPMs coming off one STM line having invalid EK certs, but other STM TPMs of the same model are fine. Or the platform firmware stamped out onto the motherboard has a bug in how it extends PCR0 and the event log is just borked forever, and so on... Totally unworkable.

discuss

cptskippy|1 month ago

That's a fair and valid point. Those are concessions that would need to be measured, impact analysis done, and decisions discussed on an ARB meeting.

I was simply pointing out that there are mechanisms that exist today one could use to better secure critical functions.

minimaltom|1 month ago

Fair note! Just highlighting that this niche is uniquely screwed and I wouldnt wish ironing it out under the knife on anyone lol