What mechanism prevents websites from blocking or behaving differently for unattested clients? The article doesn't make that clear.
Also: Apple's attestation implementation introduces an external real-time single-point-of-failure, but given that the failure mode is just "show a captcha", it doesn't seem too severe. Is it even possible to implement a broader attestation infrastructure without introducing a similar single point of failure? TLS PKI, for example, does not rely on an external "live" server; the private keys live on the origin.