The Dangers of Microsoft Pluton

(gabrielsieben.tech)

733 points gjsman-1000 | 2 comments | 26 Jul 22 03:46 UTC | HN request time: 0.512s | source

Show context

__void ◴[26 Jul 22 07:08 UTC] No.32235294[source]▶

nowadays 98% of things implying "security" are actually unwanted products, protections for "the other side" or trivial distortions of reality where, conveyed by "security" itself, the user himself becomes the product

- no, I don't need protections for the side channel, I never asked for them

- no, I don't need a unique identifier, who is the demented person who asked you for it

- no, I am not going to glitch the power supply, and even if I did it means I am interested in doing it and wish it worked instead I was prevented from doing it

- no, I don't care at all about having a hw store for certificates, which are ephemeral and dropped from above anyway so what am I supposed to trust?

- and so on

"not secure by design" nowadays comes close to being a coveted feature

replies(9): >>32235558 #>>32235757 #>>32235785 #>>32236328 #>>32238085 #>>32239187 #>>32239697 #>>32240056 #>>32241540 #

1. bambax ◴[26 Jul 22 15:30 UTC] No.32239697[source]▶

>>32235294 #

Could not agree more. Security only means control. I don't want security. I don't even want safety. I have never cared about either, and I'm now too old to die young, so I'm not afraid.

> "not secure by design" nowadays comes close to being a coveted feature

That's a huge market opportunity. I would buy "insecure" products over secure ones every time.

replies(1): >>32239822 #

2. bencollier49 ◴[26 Jul 22 15:41 UTC] No.32239822[source]▶

>>32239697 (TP) #

Ah, but it won't work on the internet once ISPs are forced to use remote attestation to prove you're using a government approved device.

↑