Hacker News new | past | comments | ask | show | jobs | submit
pojntfx | on: Volkswagen blocks Home Assistant by requiring client assertion
There needs to be a law that makes remote attestation - no matter who provides the root certificates, Google/Apple/GrapheneOS - illegal. There is only one use for this technology right now, and it is to prevent people from doing what they want to do with the devices they own, while also making interoperability cryptographically impossible. This is anti-competitive and should simply be illegal.
pojntfx | parent | next
There is a real chance that in 5-10 years, there will be laptops and smartphones running open processors and operating systems with UX and and an OS comparable or better than the proprietary equivalent, but which are effectively useless to the average consumer because it is cryptographically impossible to use them for anything due to remote attestation proliferating more and more
rurban | parent | next
It already is illegal in the EU under the EU Data act. The VW executives are just criminals who don't care about the law, because they can bend it like before.
loading story #48321216
5701652400 | parent | next
what you really looking for is API-free services/products. so it works without cloud at all.

or products/companies that explicitly expose API access to their products.

jon-wood | parent | next
> There is only one use for this technology right now, and it is to prevent people from doing what they want to do with the devices they own.

Well, that and making it possible to deploy devices you own in environments where they might be physically accessible to people you don't want extracting credentials from them. Or for ensuring people can only access sensitive company information on company issued devices rather than being able to casually make a copy of any data they have access to somewhere else. Or using a phone as a credit card payment terminal without the possibility of displaying one payment amount on screen and authorising for a different amount.

I'm quite firmly in favour of anything I own giving access to the data it's generating in an open format but screaming about how there's no legitimate use for attestation is quite simply nonsense.

loading story #48321007
5701652400 | parent
[flagged]
loading story #48320407
loading story #48320380