alt Hacker NewsSpecial-casing support for GrapheneOS would be a band-aid, they should find a way to avoid requiring remote attestation in the first place, so anyone can use whatever OS they like on whatever hardware they like.
Replies
hmlwilliams • today at 1:41 PM
As outlined here: https://grapheneos.org/articles/attestation-compatibility-gu..., GrapheneOS isn't implementing something unique, it's implementing Android Hardware Attestation: https://developer.android.com/privacy-and-security/security-...
➕ show 1 reply
I think there are two fights that are both worth fighting:
1. Completely outlawing remote attestation.
2. In a world where remote attestation is given, let it be controlled in a fair way and not just by Google and Apple.
The risk is that only fighting for (1) leaves you in a world with remote attestation, where only Google and Apple can decide who gets to pass and who not. In fact, that is pretty much the world we are in already.
I agree that they are both worth fighting for, but I think (2) is much easier to accomplish, simply because Play Integrity is probably a DMA violation. (IANAL blah blah)