Mastodawn

EU needs to make a stand on Play Integrity. If app devs enforce Play Integrity, this means only Google Certified devices can use banking, etc. This excludes all alternative mobile OS. No #postmarketOS, no #SailfishOS, no Android derivatives #GrapheneOS etc. You don't need Play Integrity. If someone is capable to install or use alternative OS, they sure know what to install or not install, it is on their responsibility. Using non-root but bootloader unlocked device (otherwise can't use alternative OS) does not make my device less secure. On the contrary, it is using an up to date OS with the latest security patches. Do we really want all mobile devices have to be Google Certified? No. #mobile #integrity #bootloader #unlocked #nonsense #Europe

Show thread

troitregrouloinu

@denzilferreira This 100%. The real name of this evil is "Device Hardware Remote Attestation". IOS have their own version, not only Google. Anything else we could deal with by reimplementing the API as other did (Steam's Proton for Windows app, Anbox/Waydroid for Android app, etc.). But this, this is the end game.

The real agenda of EU age verification is to inject remote attestation everywhere, effectively banning you from society if you change a single line of code on your device.

Show thread

troitregrouloinu 1d ago

@denzilferreira And let's be crystal clear, hardware remote attestation is for anti-competitivity and control, this has **nothing** to do with security. It is different from "local verified boot" which is great (avoids evil maid attack, GrapheneOS has it, SystemD soon to).

If EU wants to ensure only secure devices are sold in EU they should set standards (regular security updates, mandatory app sandboxing, etc.) like for any other product. But using Remote Attestation is completely dystopian.