• @[email protected]
    link
    fedilink
    English
    81 year ago

    What I don’t understand is how does the attester check the device is not modified? Anything client side is just a matter of time until its get bypassed.

    • Natanael
      link
      fedilink
      English
      91 year ago

      It needs integration with the TPM/secure element chip in the CPU and a device key issued by the manufacturer to sign an attestation that nothing in the software chain from kernel to browser has been modified .

      These schemes tends to get regularly broken, just look at SGX