Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Trusted boot is literally a form of DRM. A different one than remote attestation.

No, it's not. (And for that matter, neither is remote attestation)

You're conflating the technology with the use.

I believe that you have only thought about these technologies as they pertain to DRM, now I'm here to tell you there are other valid use cases.

Or maybe your definition of "DRM" is so broad that it includes me setting up my own trusted boot chain on my own hardware? I don't really think that's a productive definition.



It's possible to not implement remote attestation even when you implement secure boot.

This company is explicitly all about implementing remote attestation (which is a form of DRM):

https://amutable.com/events

> Remote Attestation of Imutable Operating Systems built on systemd

> Lennart Poettering


> This company is explicitly all about implementing remote attestation (which is a form of DRM):

Is there a HN full moon out?

Again, this is wrong.

DRM is a policy.

Remote attestation is a technology.

You can use remote attestation to implement DRM.

You can also use remote attestation to implement other things.


there are no other things. The entire point of remote attestation is to manage(i.e. take away) rights of user that runs it, unless you own entire chain, which you do not on any customer device




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: