alt Hacker News> hardware attestation in a lot of apps that the ecosystem forces us to use
Only a tiny amount of apps force you into hardware attestation, and these are mostly around banking, mobile payments and the like. So just use a separate, locked down device for those (where the anti-fraud protection of a locked-down system can be a benefit) and your more open day-to-day device for mostly everything else. A hidden advantage is that the dedicated device for secure uses is not something that you're forced to carry with you; you can leave it in a secure place instead.
Replies
xg15 • yesterday at 10:27 PM
And what gives you the confidence that the amount of apos will stay tiny?
>Only a tiny amount of apps force you into hardware attestation
Luckily this is still true, but I'm not confident that it will stay this way. For a few examples, I've been unable to use my phone as a metro card in my city because even though it goes through the metro's app, the app redirects back to google pay. Google's own Waymo app won't work without stock OS even though all it does is call robotaxis.
>these are mostly around banking, mobile payments and the like. So just use a separate, locked down device for those
I don't think this is a very reasonable suggestion, carrying around a second phone that I use at most a couple of times a day is inconvenient and expensive. Half of the point of these is convenience and this would defeat the purpose.
The broader point is that our standards for phones are so different from everything else. I also carry around a credit card which requires no authorization to use, not to mention cash. I can have just as much personal data on my laptop if not more, so why does it have to be this way just for phones?