• cley_faye@lemmy.world
    link
    fedilink
    arrow-up
    64
    ·
    1 year ago

    my browser hasn’t got higher privileges than my admin user account

    They’ll fix that. The endgame might very well be you can only run a trusted browser, safely checked by your OS, itself trusted, running on fully signed code from a trusted source, started on a trusted motherboard/CPU, with hardware lockdown that would only boot trusted kernel and embed private keys so deep that you’d need a full lab to recover them, only to have them remotely disabled if anything funky seems to be happening at any point in that chain.

    For now, this is fiction. For now. We already started moving that way with secureboot, opaque UEFI in our systems and TPM modules. The only saving grace is that they currently all have flaws.

    • Caoldence222@lemmy.world
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      yeah the goal is that the browser verifies the OS and itself and reports back that it’s running in a “secure” (ie, not user controlled) environment