I didn't say it wasn't useful. As technologists we can easily see how any given feature is useful for good, honest purposes. My point is that these purposes pale in comparison to the abuse that remote attestation directly enables - "big tech" demanding that you only run approved software to interact with them - aka computational disenfranchisement and destruction of the idea of the "user agent".
The societal situation is analogous to "Web 2.0". Everybody thought "this is neat, it lets me make interactive applications that I can share easily with my friends". Few dwelled much on how the intrinsic centralized control was a terrible dynamic. Over time, economic optimization increasingly focused on and exploited that centralized control. Now we've ended up with most people's idea of "the Internet" being choosing between least-bad corporate bundles, and just suffering all the ways they're being controlled. Remote attestation further increases that control, making it infeasible to employ software to represents your own interests.
> The societal downsides from abuse of remote attestation - eg computational disenfranchisement of end users - far outweigh any claimed benefits.
Your new comment is basically re-iterating this sentence I quoted from the old one.
I'm not sure, if I outright agree; but I do see the point and was not arguing against it.
It is indeed worrying!
> Or you can just run security-critical code on your own hardware on your own premises, as has been and will always be the answer for strong security.
My comment was arguing against this part of your original comment. On-premises doesn't have to be more secure; and it misses out on some gains from division of labour and specialisation.
The societal situation is analogous to "Web 2.0". Everybody thought "this is neat, it lets me make interactive applications that I can share easily with my friends". Few dwelled much on how the intrinsic centralized control was a terrible dynamic. Over time, economic optimization increasingly focused on and exploited that centralized control. Now we've ended up with most people's idea of "the Internet" being choosing between least-bad corporate bundles, and just suffering all the ways they're being controlled. Remote attestation further increases that control, making it infeasible to employ software to represents your own interests.