←back to thread

405 points blindgeek | 1 comments | | HN request time: 0.211s | source
Show context
lupusreal ◴[] No.42172579[source]
I hope AI stuff makes captchas completely obsolete soon. I am sick of them. The cure is worse than the disease.
replies(5): >>42172634 #>>42172698 #>>42172704 #>>42172762 #>>42173240 #
xdennis ◴[] No.42172762[source]
But surely, it's only going to get worse: it will force the de-anonymization of the internet. You already have to provide a phone number for many services.

If websites can't trust that their users are authentic they will probably institute even more intrusive checks.

I haven't been optimistic about the future of technology for a while now. :'(

replies(1): >>42172888 #
rvnx ◴[] No.42172888[source]
In the future I think we will again go to "notarization"/"attestation" of the operating system / hardware.

Essentially, the manufacturer of the device + operating system will generate a unique signature per each device, and web browsers will be able to access it.

https://en.wikipedia.org/wiki/Web_Environment_Integrity

replies(2): >>42173093 #>>42173214 #
slooonz ◴[] No.42173093[source]
How does that works for, say, Chromium or Firefox on Linux ?
replies(1): >>42173498 #
1. rvnx ◴[] No.42173498[source]
I believe the plan was to ask the TPM of the computer.

From what I understood, each TPM has a unique private/public key pair (Endorsement Key (EK)), and then this key is certified by the manufacturer of the TPM.

From there, you can generate a Attestation Keys, and these keys are signed by the EK.

https://security.stackexchange.com/questions/235148/whats-th...

So essentially, at the end of the day, Chromium would ask the TPM for attestation, and it would act as a unique Device ID.

Then they can allow only a selected list of TPM manufacturers certificates, to prevent emulators for example.

TL;DR: Chromium on Linux would ask the TPM chip for a signature, and each TPM chip has a different signature from the moment it is out of the factory.