The Unclear Impact


The repository contains a proposal for a piece of malware which, through remote attestation, directly threatens browser diversity (by only allowing officially certified builds of a handful of browsers to access webpages), operating system diversity (by only allowing certified builds of certain operating systems), device diversity (by only allowing devices with certified firmware) and computer architecture diversity (by only allowing architectures where such certified firmware, OS, and browsers exist). As such, it poses a critical threat to innovation and free and open source software.

By taking away users’ ability to customize their user agents, computing technology not only becomes solely a vehicle for corporate profit, but we also risk extinguishing the very human curiosity and experimentation that is needed to produce the next generation of developers. More broadly, by forcing people to watch advertisements in their browser without the possibility filtering in order to access any web service (likely including government services), we expose citizens to mandatory misinformation. Locked down platforms also promote government surveillance and control, destroying democracy itself by removing the possibility of protest and dissent.

While some people might be able to buy a non-locked down device (in addition to a locked-down device required to access websites with integrity requirements), the proposal discriminates against people with no economic means to do so. Disabled people are also discriminated against, especially if they need accessibility tools not certified and locked down for attestation.

Therefore, any attempt to lock down the web and adopt DRM ubiquitously should be stopped at all costs.