undefined | Better HN

0 pointspaulmd2y ago0 comments

> This, in turn, will spawn user scripts which work around the detection. Any client-side solution will be an arms race between Google and user script/adblock devs

No, you can't adblock remote attestation. Trust me, the whole idea is cryptographically sound (with a proper implementation of course), people have been building out the remote attestation/TPM space for 20 years now. It is unambiguously possible to use a TPM to detect modification of BIOS, OS, drivers, or anything else in the system, and you effectively cannot modify the TPM at all, and it has minimal attack surface (it just is a key-signing machine, essentially).

random practical explanation from someone's college papers: https://seclab.stanford.edu/pcl/cs259/projects/cs259_final_l...

Every time it's brought up (like I previously suggested that it could be used by NVIDIA/etc to disrupt mining operations from a VBIOS level) there's people who think there is some easy runaround and if there was the whole idea would be broken from the start. The TPM provides a secure root to start the cryptographic validation from, and while you can mod the software, it will be immediately evident from the attestation, and they will simply not serve the video. Or in the case of a GPU, you can have the PC attest to the drivers being official and unmodified, and if that doesn't happen the GPU refuses to clock up the memory bus, if the workload displays the characteristics of mining (100% memory load, flat and constant and low shader load).

At best it will be an arms race between TPM developers and adblock devs.

There is also the "analog gap", but that's been notionally plugged for years using HDCP. Early implementations were quickly broken, HDCP 2.3 is still doing pretty well, and it provides a massive speedbump to people who think they're just going to plug a capture card in and loop the video through.

Netflix and others have been doing this for years and the tricks are well-known at this point. Netflix doesn't push too hard, but they won't serve you the highest-quality video if you don't have a secure signal path either.

AFAIK at this point most of the "ripping" of decryption keys/etc for streaming content happens not by attacking the TPM, but by using android devices that are allowed to skate with reduced security modes, and just having a giant stack of them so when one device gets banned they throw it away and move onto the next.

0 comments

gruez2y ago

>AFAIK at this point most of the "ripping" of decryption keys/etc for streaming content happens not by attacking the TPM, but by using android devices that are allowed to skate with reduced security modes, and just having a giant stack of them so when one device gets banned they throw it away and move onto the next.

Without a TEE (eg. trustzone), you're not going to get anything above 540p, at least with widevine. Note TEE is baked into the SoC itself, so while it's not impossible to find a bug, it's much harder than finding a exploit in android or system apps.

mmebane2y ago

I unfortunately can't find references at the moment, but I've heard that some/most of this is done with nVidia Shield TV boxes which have the same Tegra X1 security flaws used to exploit the early Nintendo Switches.

j / k navigate · click thread line to collapse