I'm failing to see why they didn't just adopt Private Access Tokens (not that they're great either), where they could have at least:
- pretended that it wasn't all about invading peoples' privacy.
- done a good ol' fashioned "but Apple does it"
- pretended to be standards-oriented
- advertised it as something completely transparent to the end-user
Seems like that would've caused a lot less backlash while still achieving the goal of having some form of device attestation -- but I'm guessing that's not the real goal.
It doesn't fundamentally solve anything. You want to be able to identify a specific person or at least a relatively expensive device so that if you ban them they stay banned.
Private access tokens are also a repackaged WEI as far as I'm concerned.
The article mentions that they use Private Access Tokens on iOS, so I'm not sure where you're getting the idea that they're "not adopting" them from
"pretended" ... do they even care any more?
Not Invented Here Syndrome?