>TPM takes measurements of kernel and hypervisor >Remote attestation sends measurements to remote party >If they were tampered with it refuses service
Why it's bad for piracy >You want to copy some content >There is some DRM app that protects it which gets decryption keys from a server >Kernel/HV protects access to files and inspection of DRM process memory >You tamper with the kernel/HV to remove this restriction >You tampered with the system integrity so you don't get the content decryption keys because attestation fails
Why it's hard to circumvent >You need an unpatched exploit to jailbreak your PC first and it gonna get patched
>This is where Remote Attestation comes in. Rather than keep any secrets on the local TPM, the TPM can assert to a remote site that the system is in a specific state. The remote site can then make a policy determination based on multiple factors and decide whether or not to hand over session decryption keys. The idea here is fairly straightforward. The remote site sends a nonce and a list of PCRs. The TPM generates a blob with the requested PCR values, sticks the nonce on, encrypts it and sends it back to the remote site. The remote site verifies that the reply was encrypted with an actual TPM key, makes sure that the nonce matches and then makes a policy determination based on the PCR state. Literally what I said
Colton Martinez
>go to order pizza online >they removed the non-free javascript >can finally eat pizza after 7 years >running libre, custom-built kernel >remote attestation of kernel hash failed >tfw the botnet wants me to starve
>>There is some DRM app that protects it which gets decryption keys from a server There have been worse schemes devised for DRMing content They always fail in the end. This whole wet dream seems like it's based on an assumption that piracy is just copy and pasting and that people haven't been actively cracking games since the 80s
Nicholas Torres
>This whole wet dream seems like it's based on an assumption that piracy is just copy and pasting and that people haven't been actively cracking games since the 80s the idea isnt to make piracy literally impossible, but to make it impossible for the normalfag. every security mechanism is shallow against sophisticated hardware attacks. even on xbox one, you could shim RAM with a $10,000 FPGA and own the system. i have no doubt that pluton will be vulnerable to some esoteric quantum-physics-corrupting-RAM attack that will allow ONE OR TWO boxes to circumvent DRM, but beyond that there will likely be no normalfag-friendly single-click exploit.
Wyatt Baker
kek
Christian Jackson
Telephone order.
Joseph Sanders
So what happens when their servers get hit by malicious parties and someone or a group manages to sabotage their servers and backup servers? Just make it so that potentially nothing functions anymore and gets flagged as pirated material? Am I supposed to just deal with my legal content getting flagged because Microsoft is terrible at QA and the DRM locks me out? This shit is an invitation for schizos to McVeigh MS offices.
Jack Reed
This remote attestation is for all TPM or just Pluton TPM?
Dylan Johnson
...
Jose Rodriguez
you forgot your image, spamfag
Dominic Adams
It's the end goal of the direction pluton is heading in. Pluton v1 probably won't have remote attestation, but I'd be surprised if we don't see something like it in the next decade.
Angel Roberts
>there are shills making a conscience effort to fill these threads with shit to try to get people to stop talking about how atrocious Pluton is
Anthony Bell
Who controls my TPM if i dont have pluton? I have AMD and its brand ASUS so does asus or amd have the keys? This tpm shit is confusing.
Elijah Green
Does not apply to you And if linux you can send your own kek file to motherboard So yes :)) its a huge meme kinda
If its only Pooton (Pluton) then just don't buy any new processors with this shit. We must take control or they'll keep it implemented.
Wyatt Morris
So only thieves and criminals are worried about Pluton? Kind of like how they are wortied about locks, security cameras and guard dogs? Seems like there is a place for it afterall.