Mastodawn

EU needs to make a stand on Play Integrity. If app devs enforce Play Integrity, this means only Google Certified devices can use banking, etc. This excludes all alternative mobile OS. No #postmarketOS, no #SailfishOS, no Android derivatives #GrapheneOS etc. You don't need Play Integrity. If someone is capable to install or use alternative OS, they sure know what to install or not install, it is on their responsibility. Using non-root but bootloader unlocked device (otherwise can't use alternative OS) does not make my device less secure. On the contrary, it is using an up to date OS with the latest security patches. Do we really want all mobile devices have to be Google Certified? No. #mobile #integrity #bootloader #unlocked #nonsense #Europe

Show thread

[Nima@NimaOS ~]#1d ago

@denzilferreira There is this project that Volla is working on:
https://uattest.net/

Unified Attestation

Unified Attestation is a free, open-source alternative to Google Play Integrity with offline verification and simple app + server integration.

Show thread

Denzil Ferreira

@nima yes, but adoption is key. Unless it is mandated. For example, this could be a fallback to Play Integrity on non Google Certified devices. But current status is that not certified, no fallback.