Sure, Google was betting that bureaucratic companies would enroll voluntarily and it worked.
> Like with reCAPTCHA, there are other services and libraries out there to detect root access and other things companies want to detect in their apps.
My opinion on this is that any method to check integrity, root access or if developer mode is enabled is a security vulnerability by itself, no such app should be able to know that.
> My opinion on this is that any method to check integrity, root access or if developer mode is enabled is a security vulnerability by itself, no such app should be able to know that.
I think knowledge of such information should be available to all apps, but I think apps should not be so annoyingly restrictive. There's absolutely no reason why games or generic apps need to act on any of this information.
I advised my mother to do her banking on her phone instead of laptop.
Hardware attestation kills privacy- yes. But it also works.
Mobile phones are ridiculously locked down compared to legacy platforms such as Windows.
Realistically, in which scenario this information can be useful? I can't think of anything, it should be removed.
It's been misused by banking app and games, I've never seen a legitimate use case.
To verify that the user or someone who had physical access to the device (border checks, etc.) hasn't messed with the firmware.
If I were a bank I wouldn't want to be on the hook for someone getting their bank account drained by the custom ROM someone downloaded from XDA.
Then there's the DRM thing, where copyright owners make companies like Netflix sign a document like "if you don't enforce strong DRM, you cannot serve our media". Their choice is either use DRM (which in turn uses integrity checking) or not serve you at all. As a user, you once again have the choice of "buy the box set" or "use a smartphone with a trusted OS".
There's also the corporate use case, companies have remote wipe capabilities for data integrity purposes and don't want their employees rooting phones.
Pokemon Go used it to check whether people were spoofing their location and ruining the game for others. They were especially assholish about it, but that should hardly be a surprise when Nintendo is involved at any part of the chain.
Any game with in-app purchases wants to verify that nobody messed with the APK to get paid content for free. It's almost a basic business requirement. Combining limited-lifetime remote attestation tokens with data fetch URLs means superweatherapp-patched-luckypatcher.apk on LineageOS will not be able to pretend to be the real app (GPlay on stock Android already offers app verification APIs).
In Google's case, "this is a physical device and not an emulator" is a strong signal that the user is not a bot pretending to be a human. In an age where CAPTCHAs are easier to solve for AI than they are for humans, that kind of verification is worth a lot.
I'm sure I'm missing a lot of use cases here, but the technology is useful. It's often used in apps and games I would never want to run on my phone anyway, except for banking apps perhaps.
Then it's a matter of personal opinion, I would not count any of the ones you listed as valid.
Integrity doesn't prevent customers to download a fake banking app, DRMs should be legally banned to be honest (sorry/not sorry media companies) and passports are best in physical form.
For company usage, locking the bootloader accomplishes the same thing.
As for bots, it doesn't prevent bots as you have unmodified device farms on racks. It's actually how ad fraud is done at the moment, they don't bother modifying the devices.
Pushing integrity even more will just funnel even more money to this ad fraud mafia as they will have a new source of revenue.
I, for one, like streaming apps enough that I don't want to go back to locked-down, expensive DVD players. The alternative to DRM isn't "no DRM", it's "no content".
Integrity detection means criminals cannot just inject some code into an existing banking app APK and call it a day. The hacked app won't generate valid HTTPS calls when properly validated. You can still phish users, but instead of automated online phishing panels, you need someone with a physical phone copying everything the user enters. It significantly raises the bar for these criminals.
If this stuff wasn't available, we just wouldn't have a lot of useful apps that we do today. The technology itself isn't bad per se, but the combination of a lack of hardware manufacturer support (for doing things like locking down bootloaders), custom ROM support (because bootloaders aren't locked down anyway), and app developer interest (see the whole GrapheneOS story) are what causes problems. Restricting the technology because the companies you deal with are shit is a bad solution in my opinion, because if they are motivated to be shit, they will find other ways to be shit.
For instance, someone set up an alternative attestation company that's even worse than Apple and Google, and if it weren't for Play Integrity, they'd be making the APIs and whitelists instead of Google.
>I, for one, like streaming apps enough that I don't want to go back to locked-down, expensive DVD players. The alternative to DRM isn't "no DRM", it's "no content".
that's a false dichotomy since piracy exists. Stop giving them money until their behavior changes. If it doesn't... oh well, you still get a better service.
> Stop giving them money until their behavior changes I did, for the longest time, because none of the streaming platforms worked on Linux. Their behaviour did not change. The tiniest sliver of a percentage of people who actually care about this aren't enough to move the needle for the multi billion dollar entertainment industry. The population at large is fine with DRM.
Piracy isn't even a better service at all. Almost nothing in my native language is available on pirate sites unless you pay more than the subscription service charges. Subtitles take three or four internet searches and sometimes aren't available at all. Audio tracks default to Russian or Italian or Spanish for English-language shows. I have set up a whole Rube Goldberg machine of radarr/sonarr/lidarr + bazarr + prowlarr + Deluge + Jellyfin to watch stuff and only after all that did piracy became slightly less of a bother.
> I, for one, like streaming apps enough that I don't want to go back to locked-down, expensive DVD players. The alternative to DRM isn't "no DRM", it's "no content".
That statement is simply not true. The demand for streaming services would still be there. There would simply be even more illegal alternatives than there already are, so companies would still be forced to offer movies and TV shows via streaming. They only have the choice between offering DRM-free content and making money, or making no money while people watch it anyway.