• i_am_not_a_robot@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    1 year ago

    Actually, they are controlling your graphics driver. If you’re using a custom driver you’ll fail attestation because you have untrusted code in your kernel and/or browser process. I expect this will also fail if you’re using an old driver with known vulnerabilities that allow you to use your own device in unexpected ways.

      • Amju Wolf@pawb.social
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It’s still very much a thing and works fairly well to protect high quality DRM content. People forgot it’s a thing because a regular person is rarely in a situation where it would prevent them from doing something.

    • WasPentalive@lemmy.one
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Ads need to be blocked at a higher level. Get as many as possible to vow to never buy a thing advertised on a webpage. You see an ad, that thing advertised gets a no-buy stamp.

      • Amju Wolf@pawb.social
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        That’s not how people’s minds work, even if you managed to convince everyone to do it.

      • maynarkh@feddit.nl
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Your TPM unit in the motherboard has more privileges than you do. It attests to the integrity of the kernel, graphics driver included, and the kernel attests to the integrity of the browser and any peripherals.

              • i_am_not_a_robot@discuss.tchncs.de
                link
                fedilink
                English
                arrow-up
                2
                ·
                1 year ago

                The technology is useless if you can pass an integrity check just by running as admin. The point is that Google has control over what the process is doing and knows if you’re tampering with it. I guess nothing would stop you from making a device’s that uses the hdcp osd support to draw black boxes over ads you find using accessibility information, but if you’re able to modify the page through extensions or developer tools or memory manipulation, then you’re able to make automated API calls, and preventing that is supposedly the whole point of this system.

                The reason for using an external device to overlay data on the video signal is that there is a browser API for tracking occlusion. It’s supposed to be used for things like disabling animations of elements that are not visible, but could be unethically used for things like making you pay extra to listen to videos if you don’t have an extra display to put them on.

                I don’t know why you think secure computing doesn’t relate to driver control. Drivers run with special privileges and can modify protected memory. This is why people write root kits, and detecting those root kits is one of the primary motivations behind secure computing.