We strongly oppose the Unified Attestation initiative and call for app developers supporting privacy, security and freedom on mobile to avoid it.

@GrapheneOS
It's very unfortunate that I'm obviously only reaching an arrogant chat bot here. I had hoped to get in touch with the creators of GrapheneOS.

@GrapheneOS
No, you haven't. You obviously haven't even read my question.
Once again: yes, they should. But what is to be done if the don't? That was my question.
As someone who has been using GrapheneOS for many years and supports the project with a monthly donation, I would have expected a factual question to be answered factually. Instead, you repeat political demands that I share, but which do not answer my question. This is unfortunate and makes you appear untrustworthy.

@GrapheneOS
Okay, you obviously don't want to answer my question objectively. That's unfortunate, because it makes you seem untrustworthy.
Or are you just a chatbot anyway?

@GrapheneOS @adfichter
Once again: I am aware that you have good reasons for not liking /e/OS etc.
And I am NOT defending /e/OS etc. here.
My question was what technical (not political) arguments there are against Unified Attestation, so that it could be used if necessary, if at some point there are perhaps no better alternatives. And whether I could then also use it on GrapheneOS, so that I don't have to switch to stock Android.

@GrapheneOS @adfichter
> "No, your understanding is not correct."
Did you even read my post?
> "Apps shouldn't be enforcing using only specific operating systems. They're welcome to warn people about having an insecure OS but shouldn't be ban users from using what they want to use."
Yes, they shouldn't. But what if they do nevertheless? That was my question. What is your suggestion if this scenario occurs?

@GrapheneOS @adfichter
Thats why i was asking and I'm specifically interested in what, from your point of view, speaks against the Unified Attestation approach from a technical (not political) perspective. And whether Unified Attestation could also be used with GrapheneOS.
I also think it would be desirable for the EU to intervene with regulations. But it won't do that; the EU won't do anything against Google's will, and it won't mess with the MAGA regime. We shouldn't wait for that to happen. 3

@GrapheneOS @adfichter
Wouldn't it then make sense or be helpful to have something like Unified Attestation as an alternative, even if there are many things to criticize about it? If the only option for me at some point were to have to use stock Android, then I (and many others too) would have a real problem. And it could be that Unified Attestation is then the only usable alternative, even if it's not perfect. 2/3

@GrapheneOS @adfichter
I know what you think of Murena and /e/OS. I know that you prefer hardware attestation for good reasons and reject Google's policy regarding the Play Integrity API. And I know that most banking apps work on GrapheneOS - I myself have been using GrapheneOS with a banking app for many years. But I wonder what to do if more and more app manufacturers get serious and make their apps installable exclusively via Play Integrity API. 1/3