My reference to authoritarianism isn't just a general frustration or condemnation, but rather because this technology specifically facilitates authoritarianism. It increases the ability of the more powerful party in a relationship to dictate the behavior of the less powerful party in a relationship. Sure, more powerful parties can always attempt to dictate such things, but the degree to which they succeed depends on how enforceable those terms are. Remote attestation directly enables such enforcement.
Since central planning is unscalable, this inherently leads to mandates that are ignorant, arbitrary, and capricious. For example, perhaps a bank makes it against their terms to access your account through a virtual machine, due to a lack of understanding technology and a general worry - it's one more moving part and this user is doing something nonstandard that they don't understand, so to them risk goes way up. Yet I myself do all my banking access in a VM, for various security and practical reasons. But still I don't have to worry about any bank actually attempting to enforce such a clause, since unless they really start digging through my system stats with javascript and/or raw sockets, they won't even have any indicator of such. Whereas remote attestation would allow them to cut right through all of that and enforce such a thing (actually it would prevent it by default), thereby (increasingly) preventing me from operating my personal computing environment how I see fit.
You're decrying a technology not for its current benefits, but for its future potential unrealized risks. I doubt banking through a VM will ever be disallowed. There are too many benefits.
It's not a "risk". It is a situation implied by the capabilities of a technology, with straightforward market incentives that will make that situation highly relevant. Your position is akin to asserting that a large asteroid headed directly at earth is merely a "risk" without any specific argument for why the projections are wrong.
And unlike abstractly debating this stuff in the early 2000's, we have already seen what has occurred with platform signing keys! Increasingly locked down proprietary OS's, arbitrary top-down restrictions on what software can be run, and everpresent centralized control. All in the name of "security" which really means corporate predictability (aka "authoritarianism"). So really your comment is like another asteroid has already hit and obliterated the moon, as was predicted by the same projections, and yet you're still treating the straightforward implication as a hypothetical.
And was your response to my example supposed to be a counterargument? I don't see how general VMs would ever be allowed [0]. But sure assuming they are, go through and replace "VM" with "non signed OS" if you'd like. So I'm supposed to buy and setup MS Windows [1] to access an online bank - simply to appease some out of touch risk assessor?
[0] it would mean verifying arbitrary dom0 OS's (eg NixOS) and arbitrary hypervisors (eg libvirt+kvm)
[1] for which my current security policy is to disallow it from connecting to the Internet after it has touched any personal information
Since central planning is unscalable, this inherently leads to mandates that are ignorant, arbitrary, and capricious. For example, perhaps a bank makes it against their terms to access your account through a virtual machine, due to a lack of understanding technology and a general worry - it's one more moving part and this user is doing something nonstandard that they don't understand, so to them risk goes way up. Yet I myself do all my banking access in a VM, for various security and practical reasons. But still I don't have to worry about any bank actually attempting to enforce such a clause, since unless they really start digging through my system stats with javascript and/or raw sockets, they won't even have any indicator of such. Whereas remote attestation would allow them to cut right through all of that and enforce such a thing (actually it would prevent it by default), thereby (increasingly) preventing me from operating my personal computing environment how I see fit.