On 7/7/22 14:09, Sharpened Blade via devel wrote: > Also, whats stops the owner of the machine to run the vm in a normal > hypervisor, then modify it so any attempts to check if it is "trusted" will > always look real.
They cannot fake the attestation without somehow extracting the needed secret keys from the CPU. -- Sincerely, Demi Marie Obenour (she/her/hers) _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure