this post was submitted on 06 Nov 2023
44 points (94.0% liked)
Furry Technologists
1314 readers
6 users here now
Science, Technology, and pawbs
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The solution is the same, though. Chances are non-Google Android forks aren't going to implement this, just like how Chromium-based browsers that aren't Chrome (or Edge) ended up implementing solutions for the depreciation of webRequest in Chromium's implementation of MV3. So if Google does do this, just unlock your device's bootloader and flash Omnirom or another Android fork onto it.
Won't work sadly, if you install a custom OS your device will not be able to attest to it being original, and play integrity won't pass (which would by extension include WEI). Not providing the results will be seen as just as bad as not passing. So as long as the vast majority of mobile users have it deployed you're screwed.
You can think of it as requiring everyone to wear a cryptographic ID badge to do something as simple as going to the store to buy groceries. You can always not wear it, but you will be denied service just as someone who has a "made up" ID.
The evil exists at the silicon level where they cryptographic keys are hidden from the user.
There are ways around Play Integrity and Safety Net and the like. To quote this blog post, "The problem with checking if the user is a god, is that the user is a god."
https://liberda.nl/weblog/trust-no-client/
Well not quite, you still cannot pass strong integrity, because it's based on a hardware chain of trust.
I'm sure there will be vulnerable hardware out there, and groups which are able to extract the keys, so nothing changes from a security perspective, you still can't fully trust the client to not scam you out of money or something.
But for forcing people to see ads, or discouraging the use of free software, adding vendor lock-in? You don't even need special hardware to be annoying about it, SafetyNet in its bypassable form has already made mobile payments unreliable on non-Google Android so much that it doesn't make sense to use them, because you could be denied service at random whenever the binary updates.
Strong attestation in play integrity is pretty much impossible to get around from an individual user's perspective, and in the best case scenario would be bypassable with significant effort, likely involving you having to buy leaked keys on the black market.