Are there enough of us to run our own country? It makes me feel dumb, but this is a serious question.

Wouldn't the argument be that you'd build separate copies of those services as well?

Granted, for banking or government-interactions that isn't feasible, but wouldn't it for many other things? It would likely be more expensive given that the work to build something still needs to be done and the cost is distributed among fewer shoulders and the lower complexity since you don't need to build ad-tech doesn't make up for that, but I suppose that's a bit like quality food.

Hardware will be more difficult.

Yes, it requires you to have an approved device for certain tasks.

But you can own multiple devices. You can use an approved device specifically for banking or Netflix and whatever device you like for all your other tasks. Maybe you could use an approved device (a Yubikey?) to authenticate your other devices?

Also, governments should be leaning on them to approve more devices.

IMO, it would be better if they removed the claim “It doesn't provide a useful security feature” because, even if it does, the collateral damage of making non-Google, non-Apple OSes second class citizens remains, and that is the main problem.

I disagree, I think you cast the net way too wide. Asymmetric cryptography enables secure communication in the first place. It's being used nefariously by Google and Apple, of course, but that's to be expected from big tech.

It's not asymmetric cryptography itself. It's the fact that it takes enormous resources to manufacture modern SoCs, such that the economy only makes sense if you're churning them out by millions at least. It's also the fact that they can't be modified after they've been manufactured.

It's basically those people who can manufacture chips having technological supremacy over the rest of the humanity.

FFS, cryptography is not the problem. How many times will we have to shut down that particular stupidity? Asymmetric cryptography is a corner stone of basically all online secure communications, and has been since before Google and apple were even founded as companies! (First invented in 1970)

When did Https ever hurt you? That's built on asymmetric cryptography. Wherever you see the word "secure" it's basically shorthand for asymmetric cryptography.

Https

Ssh

Sftp

E2ee

It's asymmetric cryptography all the way.

> They do not care about you

By "they" you mean FAANG and the FTC, right? Telling the EU to respect the Open Web does nothing to protect users if you continue to approve the export of attested hardware. America is deliberately abetting authoritarian schemes.

This won’t help; the SOC silicon can be revised to record each executed instruction from power-on until secure-boot handoff opcode, with various supporting opcodes to query status-of / overflow-of / signature-for so that the OS reports pre-boot tampering implicitly as part of developing its own attestations.

The places you actually need an ID are so rare, I don't think it's worth it to build such a system (and no, porn or social network definitely aren't valid use cases).

It's a problem in search of a solution.

We also need liability. Every time someone’s data is lost, the company losing it must be held accountable. They owe us huge amounts of money, and executives + board members should be jailed. No free pass.

Let’s see then if they really want to collect all our information all the time. Right now, they take it and handle it irresponsibly because they’re free from consequences.

You just need to deploy auditable (source-available, reproducible-build, firmware checksums LCD on-chip) biometrics booths that generate private keys from normalized biometric inputs, and then use those ephemeral private keys to generate and sign portable identity keys. Most people have fingerprints and retina patterns and that’s twelve signatures on an identity alone, allowing for continuity across severe biometrics events like regrown fingertips etc.

A nonprofit business could do this if backed by all existing dotcom and bitcoin billionaires. But they’d all want to profit from it, so either non-profit (NGO) or governmental it is.

Fun fact: this is already a core function of USPS. They serve as an identity verification hub for both US passports and their informed delivery and PO box services. They just have a human-dependent process rather than an identity-generator booth. So they’d be perfectly positioned to take your ID, hand you an attestation request QR code, and get your identity-signatures on it — without being able to reverse-engineer your biometrics from those signatures, but still being able to detect gross variances when someone else tries to lie about being you in a future verification.

Anyways, none of this will likely ever happen, but the rich tech folks could make it happen at any time if they cared to. Instead we get THE ORB which is doing retinas as a for-profit without auditable artifacts or hardware. Sigh.

It's a different thing if banking/government apps require a device certified for security, and a different thing if this certification certifies that the user's device has Google spyware preinstalled with elevated privileges..

Google doesn't certify devices basing on security, so that kind of attestation should have no place in banking/government apps, otherwise it just enforces the duopoly

> Am I understanding correctly that [...]

What I took away from the thread is that they're against services forcing attestation in general, and also pointing out that Play Integrity isn't about security, but rather about control, because Google could trivially make it work with GrapheneOS (which is more secure than any other Android OS on the market) but they won't.

There's a thread awhile back where there were VERY angry at someone trying to setup their own attestation project database (essentially a list of known Android builds and their signatures).

They want apps to add their signing hashes manually just for them and don't want to join projects that would aggregate and act as a database or certificate authority.

My impression is that they are against remote attestation in apps/websites in general and if apps really want to do it, they should do it using the attestation API that AOSP already provides. The attestation API in AOSP allows companies to trust signing key fingerprints (such as those of GrapheneOS), which means that the attestation system is not controlled by a single company (Google).

The most damning part about Google Play Integrity is that, as the thread states, that Google lets devices pass that are full of known security holes, whereas they do not allow what is very likely to be the most secure mobile OS. This shows that they only use it as a method to shut out competitors and to control Android device manufacturers to pre-install Google software like Chrome (otherwise their devices do not get certified and won't pass Play Integrity).

IANAL, but anti-competition lawyers/bodies should have a field day with this, but nobody seems to care. Worse, the EU, despite their talk of sovereignty adds Play Integrity-based to their own age verification reference app.

I recommend every EU citizen, also if you do not use GrapheneOS, to file a DMA complaint about this anti-competitive behavior:

https://digital-markets-act.ec.europa.eu/contact-us-eu-citiz...

Also, every time this comes up, @ the relevant EU bodies, commissioners and your government's representative on Mastodon, etc.

The OP is from an already-existing open mobile OS, which already has a deal with a manufacturer. The problem isn't, and has never been, making an OS. This is not a technical problem. This is a political problem.