Executive TL;DR:

• Hardware attestation is becoming a problem for open systems
• Google and Apple control attestation APIs, limiting participation
• A truly open mobile OS is needed to break the monopoly

The Buzz Score

The Internet’s Verdict: 70% Hyped, 30% Skeptical

Forum Voices

Experts are speaking out about the dangers of hardware attestation.

This is a really good thread on why this technology is becoming a problem for ‘open’ anything. The argument ‘we can create our own separate web’ is fine until all of your services are behind the web that locks you into owning a Google approved or Apple approved mobile device.

Some argue that the issue is not with attestation itself, but with the control of attestation APIs.

The thread is a bit vague. Am I understanding correctly that GrapheneOS Foundation’s objection isn’t to attestation per se, but that they can’t participate in Google-controlled attestation APIs? In other words, although GrapheneOS can be cryptographically attested, apps using Google Play Integrity won’t accept it because it isn’t Google-certified/GMS-licensed?

Others propose radical solutions, such as modifying microelectronics after manufacturing or making it illegal to ship devices with locked bootloaders.

A Call to Action

It’s not too late to create a truly open mobile OS and break the monopoly. With enough support and leadership, a new system can be built from the ground up.

Focus Keyword: Hardware Attestation