• XTornado@lemmy.ml
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    I mean for some rare specific usages it could be usefull like ensuring bank webpages integrity or similar but mostly and the main usage would be for what you said.

    • theneverfox@pawb.social
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      1 year ago

      It doesn’t though - it basically ensures your device settings.

      Is that integrity? Maybe - if the attester code is flawless and handles all situations perfectly, it could theoretically add to integrity, but that’s not a realistic outcome

      It’s not designed for that. It can only block the site - it doesn’t add to security, it takes away from it.

      Say a bank designs their own attester - suddenly you have code that, if compromised, is always run in the most privileged execution context, in a way the user can’t control right before you enter your bank password