Matthew Garrett on Nostr: There's a universe where TPM-based remote attestation is used to validate the state ...
There's a universe where TPM-based remote attestation is used to validate the state of the kernel and userland to prove to a streaming media platform that the kernel implements appropriate levels of protection before any media is served to it, but it's not this one - higher levels of Widevine-protected streamed media *are* distributed in a way that can only be decrypted by hardware, but that hardware is the GPU, not the TPM, and the TPM isn't involved at all
Published at
2024-12-30 19:34:06Event JSON
{
"id": "40a49b0020174f428b41ddc41aed9f5e5af9a8db315956ceac9600ad8cea8fc5",
"pubkey": "ef5e80e6c74387ef14f5c6b89079f22b6847dc14365001c0ed662a20bd891677",
"created_at": 1735587246,
"kind": 1,
"tags": [
[
"e",
"6ebdcb10357be6896dad9fc1a83ba8b1b867932d3b544adcd46d24f4dd15bf40",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://nondeterministic.computer/users/mjg59/statuses/113743445807148772",
"activitypub"
]
],
"content": "There's a universe where TPM-based remote attestation is used to validate the state of the kernel and userland to prove to a streaming media platform that the kernel implements appropriate levels of protection before any media is served to it, but it's not this one - higher levels of Widevine-protected streamed media *are* distributed in a way that can only be decrypted by hardware, but that hardware is the GPU, not the TPM, and the TPM isn't involved at all",
"sig": "380c8947ef8499af4bb5e20748e76c3b3cdb37801658d743ffb04239e5ded4c305d9dc305f484528d2ffa1fadd1cb2097fc3899a152a8c085be34d69d51f535c"
}
