I’m not a security guy, what is the problem that this is supposed to be fixing? Like I guess you wouldn’t be able to use a virtuallised os to visit your banking website? Like I understand if you work for a bank you should only be able to access some things from specific computers, but normal people?
Realistically, it’s keeping people in their walled garden.
I felt for a long time, “trusted computing” is such a doublespeak term. It gets avg ppl to think “Oh ofc i want to trust my device! Who wouldn’t want that?”
Ofc what it really does, is gives BigTech the final control over everybody’s dev.
It started out promising. Keep malicious things from changing your firmware or disk without permission. But the tools were never open enough to let you do it. So it only became trusted for those who paid into it.
It’s intended to be a successor to the current reCAPTCHA, sold as harder to spoof than current picture-based versions. Now, almost from its start, CAPTCHA existed to train AI vision models. So Google basically painted themselves into a corner using free labor to train models good enough to recognize images, now they are switching to device signals.
That said, they’re going to have to provide a compatibility layer for iOS which AFAIK doesn’t come with Google Play Services right now. So I have some faith in the smart folks who make these de-shittified OSes working something out via microG or the like.
iOS has their own attestation/anti-tamper api similar to google’s integrity api so that’s going to be used instead. the only difference is that on iOS you’ll need to download extra software specifically for this.
graphene devs said you can do it with their sandboxed version of gms but as far as i know that still involves having an account and handing over all your personal info to google.
I’m not a security guy, what is the problem that this is supposed to be fixing? Like I guess you wouldn’t be able to use a virtuallised os to visit your banking website? Like I understand if you work for a bank you should only be able to access some things from specific computers, but normal people?
They’re claiming it security authentication.
Realistically, it’s keeping people in their walled garden.
You can use a web browser on a Linux computer and get right through, this change is to force people to only run latest generation google products.
This would also block people from using real google phones over a certain age where they cannot upgrade the OS anymore.
I felt for a long time, “trusted computing” is such a doublespeak term. It gets avg ppl to think “Oh ofc i want to trust my device! Who wouldn’t want that?”
Ofc what it really does, is gives BigTech the final control over everybody’s dev.
It started out promising. Keep malicious things from changing your firmware or disk without permission. But the tools were never open enough to let you do it. So it only became trusted for those who paid into it.
It’s intended to be a successor to the current reCAPTCHA, sold as harder to spoof than current picture-based versions. Now, almost from its start, CAPTCHA existed to train AI vision models. So Google basically painted themselves into a corner using free labor to train models good enough to recognize images, now they are switching to device signals.
That said, they’re going to have to provide a compatibility layer for iOS which AFAIK doesn’t come with Google Play Services right now. So I have some faith in the smart folks who make these de-shittified OSes working something out via microG or the like.
iOS has their own attestation/anti-tamper api similar to google’s integrity api so that’s going to be used instead. the only difference is that on iOS you’ll need to download extra software specifically for this.
graphene devs said you can do it with their sandboxed version of gms but as far as i know that still involves having an account and handing over all your personal info to google.
The benefit is for Google to make more profits if people are locked into their “ecosystem” without competition driving the prices down.