my browser hasn’t got higher privileges than my admin user account
They’ll fix that. The endgame might very well be you can only run a trusted browser, safely checked by your OS, itself trusted, running on fully signed code from a trusted source, started on a trusted motherboard/CPU, with hardware lockdown that would only boot trusted kernel and embed private keys so deep that you’d need a full lab to recover them, only to have them remotely disabled if anything funky seems to be happening at any point in that chain.
For now, this is fiction. For now. We already started moving that way with secureboot, opaque UEFI in our systems and TPM modules. The only saving grace is that they currently all have flaws.
They’ll fix that. The endgame might very well be you can only run a trusted browser, safely checked by your OS, itself trusted, running on fully signed code from a trusted source, started on a trusted motherboard/CPU, with hardware lockdown that would only boot trusted kernel and embed private keys so deep that you’d need a full lab to recover them, only to have them remotely disabled if anything funky seems to be happening at any point in that chain.
For now, this is fiction. For now. We already started moving that way with secureboot, opaque UEFI in our systems and TPM modules. The only saving grace is that they currently all have flaws.
yeah the goal is that the browser verifies the OS and itself and reports back that it’s running in a “secure” (ie, not user controlled) environment
My computer my control fuckers. I’ll stop using 99% of the internet. I don’t give a fucking shit.