Back To Schedule
Wednesday, August 21 • 11:25am - 11:55am
Making Remote Attestation Useful on Linux - Brandon Weeks & Matthew Garrett, Google*

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
TPM remote attestation allows a machine to provide proof about what happened during its boot process, in turn allowing appropriate policy and trust decisions to be made by remote services. But the flexibility of any such decision is determined by the richness of the available information that is logged and can be reported, and right now in Linux there's very little available information.

This presentation will give a brief overview of remote attestation and the state of available tooling under Linux, along with the various components that generate events that can be used for policy decisions. It will compare Linux to Windows, and identify the areas where Linux is currently deficient. Finally, it will propose some potential solutions for improving the state of the ecosystem and move on to a discussion around whether there are better alternatives.


Matthew Garrett

Security developer, Google
Matthew is a security developer at Google, specialising in Linux security. He thinks computers were probably a mistake.
avatar for Brandon Weeks

Brandon Weeks

Security Engineer, Google
Brandon Weeks is a Security Engineer at Google. His focus is on client device security, public key infrastructure and remote attestation.

Wednesday August 21, 2019 11:25am - 11:55am PDT
Sapphire D
  Short Topic
  • Session Slides Included Yes