It doesn’t though - it basically ensures your device settings.
Is that integrity? Maybe - if the attester code is flawless and handles all situations perfectly, it could theoretically add to integrity, but that’s not a realistic outcome
It’s not designed for that. It can only block the site - it doesn’t add to security, it takes away from it.
Say a bank designs their own attester - suddenly you have code that, if compromised, is always run in the most privileged execution context, in a way the user can’t control right before you enter your bank password
It doesn’t though - it basically ensures your device settings.
Is that integrity? Maybe - if the attester code is flawless and handles all situations perfectly, it could theoretically add to integrity, but that’s not a realistic outcome
It’s not designed for that. It can only block the site - it doesn’t add to security, it takes away from it.
Say a bank designs their own attester - suddenly you have code that, if compromised, is always run in the most privileged execution context, in a way the user can’t control right before you enter your bank password