←back to thread

The Dangers of Microsoft Pluton

(gabrielsieben.tech)
733 points gjsman-1000 | 1 comments | 26 Jul 22 03:46 UTC | HN request time: 0.285s | source
Show context
userbinator ◴[26 Jul 22 05:05 UTC] No.32234457[source]
What is to prevent school WiFi from one day requiring a Pluton assertion that your Windows PC hasn’t been tampered with before you can join the network?

Remote attestation is the true enemy of your freedom. The power of the authoritarian corporatocracy to force you to use only the (entire) systems they control. It's worth reading https://www.gnu.org/philosophy/right-to-read.en.html again just to see how prescient Stallman was.

replies(12): >>32234704 #>>32235241 #>>32236203 #>>32236379 #>>32236408 #>>32237069 #>>32237245 #>>32238451 #>>32239672 #>>32239680 #>>32239999 #>>32240046 #
1. gfo ◴[26 Jul 22 15:56 UTC] No.32239999[source]
This is almost the entire thesis of Zero Trust Networking principles. Somehow, the user AND the device need to attest to validity during the authorization process.

"Validity" for a device can mean many things (latest patches, is running anti-virus software, among other things).

A general user probably doesn't need to attest to these things. I would argue that anyone trying to access a corporate or some other organization's network SHOULD be required to attest to these things given the cyber threat landscape. The caveat: those same entities should provide or heavily subsidize the platforms they require (work computers). It's their IP at risk. I'm not so naive to think they would actually do this with BYOD initiatives, unfortunately.

For personal users on personal devices, I agree this might go too far (but some principles like MFA are best practices).