I'm glad to see someone else on the Web who's concerned about this. Remote attestation is a triumph of 21st-century cryptography with all kinds of security benefits, but never before in my lifetime have I seen a technology be misappropriated so quickly for dubious purposes.
My country (the UK) is one of the worst right now, with the current government on a crusade to make the internet 'safer' by adding checkpoints[1] at various stage to tie your internet usage to your real-world identity. Unlike some other technically advanced countries, though, the UK doesn't have the constitutional robustness to ensure civil liberties under such a regime, nor does the population have what I like to think of as the 'continental temperament' to complain about it.
I'd like to make a shout-out to a project in which I participate: the Verifiable Credentials Working Group[2] at the World Wide Web Consortium is the steward of a standard for 'Self-Sovereign Identity' (SSI). This won't be able to fix all the issues with authenticity online, but it will at least provide a way of vouching for others without disclosing personal information. It's a bit like the GPG/PGP 'Web of Trust' idea, but with more sophisticated cryptography such as Zero-Knowledge Proofs.
My country (the UK) is one of the worst right now, with the current government on a crusade to make the internet 'safer' by adding checkpoints[1] at various stage to tie your internet usage to your real-world identity. Unlike some other technically advanced countries, though, the UK doesn't have the constitutional robustness to ensure civil liberties under such a regime, nor does the population have what I like to think of as the 'continental temperament' to complain about it.
I'd like to make a shout-out to a project in which I participate: the Verifiable Credentials Working Group[2] at the World Wide Web Consortium is the steward of a standard for 'Self-Sovereign Identity' (SSI). This won't be able to fix all the issues with authenticity online, but it will at least provide a way of vouching for others without disclosing personal information. It's a bit like the GPG/PGP 'Web of Trust' idea, but with more sophisticated cryptography such as Zero-Knowledge Proofs.
[1]: https://www.eff.org/deeplinks/2023/09/uk-online-safety-bill-...
[2]: https://www.w3.org/2017/vc/WG/