Episode 370: Jedda Wignall on Managed Device Attestation

Trust is a subject we regularly discuss with our guests. How do we trust our users, how do we trust the software they want to run, how do we trust the devices they are on. In the modern world where you can’t believe everything a computer or mobile device is telling you about itself, how do we make sure that the devices we are managing and granting access to the privileged information we need to secure are in fact what they say they are? Jedda Wignall put together a very comprehensive deep dive into Managed Device attestation last year and we’ve been looking forward to having him on the podcast to talk through it. Welcome to the MacAdmins Podcast Jedda!

• Tom Bridge - @tbridge@theinternet.social
• Marcus Ransom - @marcusransom

Guests:

• Jedda Wignall - LinkedIn

Links:

• Managed Device Attestation for Apple devices - a technical exploration
• Managed Device Attestation for Apple devices – Apple Platform Deployment Guide
• Smallstep - ACME Device Attestation Explained
• Google Linux Attestation (GitHub) google/go-attestation
• Duo Security - MDM Me Maybe: Device Enrollment Program Security

Sponsors:

• Kandji
• 1Password
• Watchman Monitoring

If you're interested in sponsoring the Mac Admins Podcast, please email podcast@macadmins.org for more information.

Get the latest about the Mac Admins Podcast, follow us on Twitter! We're @MacAdmPodcast!

The Mac Admins Podcast has launched a Patreon Campaign! Our named patrons this month include Weldon Dodd, Damien Barrett, Justin Holt, Chad Swarthout, William Smith, Stephen Weinstein, Seb Nash, Dan McLaughlin, Joe Sfarra, Nate Cinal, Jon Brown, Dan Barker, Tim Perfitt, Ashley MacKinlay, Tobias Linder Philippe Daoust, AJ Potrebka, Adam Burg, & Hamlin Krewson