zlacker

Do you know how rooting Android is basically useless nowadays? Most banking and government apps, at least in my country, don't work if Google didn't give the seal of approval for your system. I take it you see as good thing to bring this to the browser as well, because this somehow has to do "personal computer advocacy"? It literally cripples the users' devices.

>>dolive+(OP)
I don't see the connection between Chrome attestation and Android attestation. A computer has only one operating system (in general) but many browsers. I see some value in attesting to a "pristine" browser environment to any application developer, as it removes a wide array of error modes (particularly useful if you have a weak or underfunded team).

Now, if the application provider chooses not to support the alternatives, I'd argue that's on the app provider (the bank and gov apps). And again, perhaps the best thing is to NOT USE THOSE KINDS OF APPS ON A PHONE. I am very concerned that people are essentially locked out of essential services if they don't have a smartphone and a working SIM card. After all "the best way to repeal an imperfect law is to enforce it perfectly."

I'm not Nostradamus; but I'm hopeful that if Google goes down this path that it will hasten the end of a wide variety of error modes in the world. Of course that may be putting a little too much faith in neoliberal capitalism, to come up with alternatives that aren't smothered in the cradle.

>>javajo+e6
Browser attestation only works if the OS is attestated, though. It has to be an unbroken chain of signed blobs from the TPM / boot loader to the browser - otherwise, you could just use e.g. a kernel driver to modify the behavior of a signed browser.

If WEI is implemented, we will get the combo package.