• theneverfox@pawb.social
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    1 year ago

    It doesn’t though - it basically ensures your device settings.

    Is that integrity? Maybe - if the attester code is flawless and handles all situations perfectly, it could theoretically add to integrity, but that’s not a realistic outcome

    It’s not designed for that. It can only block the site - it doesn’t add to security, it takes away from it.

    Say a bank designs their own attester - suddenly you have code that, if compromised, is always run in the most privileged execution context, in a way the user can’t control right before you enter your bank password