We should have laws that ban mandatory (i.e. something gets disabled if not present) remote attestation and secure boot for consumer and most business devices and software, period.
The only place where RA should be allowed is purely business oriented embedded devices like bank ATMs that actually need the security guarantees.
In general it should just be smashed into smithereens by a thousand hammers, because it can't be trusted with anything important anyway. Can you imagine what would happen if a bank actually trusted a client device and then somebody broke the attestation? That's not how ATMs work. You make a deposit and the funds are not available the same day, and it's not because their computers are too slow.
The only thing it's good for is anti-competitive prohibitions on interoperability, which only works if the law makes it illegal for competitors to extract the keys and use them.
> Can you imagine what would happen if a bank actually trusted a client device and then somebody broke the attestation? That's not how ATMs work.
I was more thinking about insider attacks aka maintenance people (or thieves with a good drill) inserting a malware-loaded USB stick that instructs the ATM to dump out money [1]. RA could be used as an additional safeguard here.
So the thieves have physical access to the ATM, and power tools. Why do they need the computer to do anything? Drill into the thing and supply power to the actuators that spit out the money.
Not only that, what is remote attestation supposed to do against a purely local attack like that? The attacker doesn't have to prove anything to the server. The local machine they've compromised is the one that directly controls dispensing the cash.
> So the thieves have physical access to the ATM, and power tools. Why do they need the computer to do anything?
It's easier to hack into the computer using an exposed USB port than to drill up the safe - its control electronics are usually well defended which means you have to spend way more time which may raise suspicion.
> Not only that, what is remote attestation supposed to do against a purely local attack like that? The attacker doesn't have to prove anything to the server.
RA could be used to verify what exactly is running on the computer, if done correctly.
>Can you imagine what would happen if a bank actually trusted a client device and then somebody broke the attestation?
Security isn't binary. Attestation makes the attack more expensive to carry out and less likely to happen. Businesses want to minimize risk. They understand that risk always will exist.
Attestation has a minimal effect on risk because the probability of a device being compromised is high and scales with the value of compromising the device. It isn't necessary when the value is low and it isn't sufficient when the value is high. There is no place for it.
Then you might as well give up on all security then if you are going to assume any security will be bypassed. Breaking attestation is not easy to do and increases the cost of a successful attack.
Remote attestation has a track record of being bypassed, unlike e.g. AES. To the point that Intel abandoned SGX in Core processors because it just kept getting broken.
There are security models that actually work. Alice and Bob want to communicate over a non-private channel, Alice encrypts her data with a key she shares with Bob, Eve has to do an infeasible amount of computation to decipher it because she doesn't have the key. Alice wants to encrypt her hard drive so when she turns off her computer no one who steals it can read it because they don't have the key which exists only in her own head.
Attestation is when Eve has Alice locked in her basement under 24 hour surveillance and can go at her with battery leads and MRI scans forever until she gives up the key. It gets broken again and again, because you're trying to prevent Eve from getting a key out of something she has in her possession, and "Eve" is everyone in the world because phones are commercially available to the public. The chances of that being broken are so high that you can't rely on it not happening for anything important.
The chances of AES being broken in the next couple of years, or at all, aren't nearly as high. Conversely, if you need to trust a remote device, you do it by providing physical security. This is why banks have vaults and guards and ATMs are encased in hardened steel and bolted to the ground and contain surveillance cameras with remote recordings. This is why the bank's servers, which actually are trusted by all the ATMs to identify who should be able to withdraw cash, are kept under 24 hour guard.
The amount remote attestation adds to these things is negligible because of the high probability of it being bypassed. It's snake oil. The only thing it does is trigger bad laws that prohibit honest competitors from bypassing it for benevolent reasons. Because the technology doesn't work, and the law only works against people who aren't willing to break the law.
Which is why such laws are pure negative. In the case were someone is trying to commit fraud or some other crime, there is already a law against that and a redundant law against bypassing attestation adds nothing. So all a law against bypassing attestation can do is prohibit legitimate otherwise-lawful activity.
The only place where RA should be allowed is purely business oriented embedded devices like bank ATMs that actually need the security guarantees.