>Apple's Privacy Pass brought hardware attestation to the web to help with passing captchas on their own hardware. Many people saw that as harmless since few sites would be willing to lock out non-Apple-hardware users. Apple and Google are both likely to bring broader hardware attestation to the web.

>Google's reCAPTCHA is planning an approach where they use Privacy Pass on Apple hardware, their own approach on Google Mobile Services Android devices and a QR code scanning system to require an iOS or Google certified Android device for Windows and other systems:

https://support.google.com/recaptcha/answer/16609652

>Banking and government services increasingly require using a mobile app where they can use attestation to force using an Apple or Google approved device and OS. Apple's privacy pass, Google's 'cancelled' Web Environment Integrity and now reCAPTCHA Mobile Verification are bringing this to the web.

>Current media coverage for reCAPTCHA Mobile Verification misunderstands it and the impact of it. They're bringing a hardware attestation requirement to Windows, desktop Linux, OpenBSD, etc. by requiring a QR scan from a certified smartphone to pass reCAPTCHA in some cases. They could expand it more.

>Control over reCAPTCHA puts Google in a position where they can require having either iOS or a certified Android device to use an enormous amount of the web. Google defines certification requirements for Android which includes forcing bundling Google Chrome, etc. It's enormously anti-competitive.

>Google's Play Integrity API bans using GrapheneOS despite it being far more secure than anything they permit. It also bans using any other alternative. This isn't somehow specific to an AOSP-based OS. You can't avoid this by using a mobile OS based on FreeBSD instead. You'll just be more locked out.

>Google's Play Integrity API permits devices with no security patches for 10 years. The device integrity level can be bypassed via spoofing but they can detect it quite well and block it once it starts being done at scale. The strong integrity level requires leaked keys from TEEs/SEs to bypass it.

>It doesn't provide a useful security feature, but it does lock out competition very well. Services requiring Apple App Attest or Google Play Integrity are primarily helping to lock in Apple and Google having a duopoly for mobile devices. Play Integrity is more relevant due to AOSP being open source.

>Governments are increasingly mandating using Apple's App Attest and Google's Play Integrity for not only their own services but also commercial services. The EU is leading the charge of making these requirements for digital payments, ID, age verification, etc. Many EU government apps require them.

>Instead of governments stopping Apple and Google from engaging in egregiously anti-competitive behavior, they're directly participating in locking out competition via their own services. Requiring people to have an Apple device or Google-certified Android device is anti-competition, not security.

>reCAPTCHA Mobile Verification will currently work with sandboxed Google Play on GrapheneOS but it clearly exists to provide a way for them to start using hardware attestation on systems without it. People without an iOS or Android device will be locked out when this is required even without that.

>This isn't about security or any missing functionality. GrapheneOS can be verified via hardware attestation. Google bans using GrapheneOS for Play Integrity because we don't license Google Mobile Services and conform to anti-competitive rules already found to be illegal in South Korea and elsewhere.

>>108836085
Why does the grapmemeOS team have a problem with this they have always been in support of the tpm and trustedcompuing which was always about attestation.
How many times does this have to be repeated that the things they support undermine freedom.

>Services shouldn't ban people from using arbitrary hardware and operating systems in the first place. Google's security excuse is clearly bogus when they permit devices with no patches for 10 years but not a much more secure OS. It's for enforcing their monopolies via GMS licensing, that's all.

>>108836120
It is creating a duopoly for attestation based security.
This is 100x worse than requiring Microsoft keys for SecureBoot

>>108836143
>It is creating a duopoly for attestation based security.
Yes, but it's not a new debate these chips shouldn't have existed in the first place people back then knew what these were going to be used for. Meanwhile cybersecurity retards started pushing this technology and denied any trojaning claim with this tech and here we are today.
https://youtu.be/XgFbqSYdNK4 (video form 2006)

It's worse, anons. They began to use Google ReCaptcha which infest itself nearly anywhere.

https://cybersecuritynews.com/google-recaptcha-update/

> mandatory QR code challenge
> Android devices must run Google Play Services version 25.41.30 or higher to successfully complete the reCAPTCHA mobile verification flow
> Users who intentionally flash their devices with custom, de-Googled operating systems like GrapheneOS, CalyxOS, and /e/OS are explicitly excluded from this new verification flow.
> this update effectively blocks users operating privacy-focused, de-Googled Android operating systems from accessing large portions of the web

>>108836178
it's over

>>108836178
>It's worse, anons. They began to use Google ReCaptcha which infest itself nearly anywhere.
Not really.
It's not as bad as back in let's say 2013 or so. nowadays it's a 33% marketshare still bad but not the end of the world.

There is nothing wrong with it btw, except if you're a pedophile or a terrorist.

>>108836281
Won't they end up calling everyone a terrorist?

>>108836281
When people pushed back on systemd, they were accused of being (direct quote): "the men in the linux community who hate women the most". The nixos community called them "nazi"s.

>>108836306
what does systemd have to do with nazis or hating women?

>>108836085
You guys still use mainstream services?

>>108836326
Exactly. So see >>108836285

File: ca40d091b856b6efd34c5c8bc(...).jpg (575 KB, 1500x1700)

575 KB JPG

Truthfully I have a hard time feeling strongly about any of this when the biggest faggots on any given site are the ones adamant they have the right to ban evade and shit up every place they go.

>>108836143
>It is creating a duopoly for attestation based security.
It just means that Apple and Microslop will gradually be phased out from the world and be local American companies. This gives the incentive to move away from both to everyone else.

>>108836390
>Microslop
Has nothing to do with it. it's a google and apple duopoly forcing you to have a """smart"""phone

Only criminals are against this.

File: 1774400901049703.jpg (38 KB, 512x411)

38 KB JPG

I don't care, I use an iPhone and a macbook

>>108837996
....Then you didn't read the post.

terrorists and pedos absolutely seething lmao

>>108836178
>this update effectively blocks users operating privacy-focused, de-Googled Android operating systems from accessing large portions of the web
wow that sucks *continues using the white man’s OS which skips the captchas automatically*

this board predicted this like 5 years ago

>>108836085
>phones
Nigger tech gonna nigger tech

File: 1756464744153723.png (733 KB, 1206x1064)

733 KB PNG

>>108838133
I didn't read because I don't care about your schizo stuff

>>108836120
The TPM undermines freedom the same way RAM sticks and the electricity going to your computer does.

>>108836085
>use jeetdroid
>be bullied with captchas n shit
>use apple
>it just works on both iphone and macos
works on my machine

>>108838536
>use apfail
>get bullied with iShit account to even be able to see the homescreen, let alone use it
ftfy

why don't you have like
a thing that your government gives you and like
you put the code or something into your device and it like
confirms that you're human
i mean
governments already rape our asses
you can't live off grid etc
might as well lol

maybe there's a way to make it somewhat anonymous
so like the services can confirm you're a real human bean but neither them or the government can put the pieces together to figure out who you are
but maybe that's impossible mathematically

>>108838958
it’s called a zero knowledge proof and it’s definitely possible.

At least they were kind enough to kill the internet before they started locking it down.

>>108839037
zk proofs are not magic, you need to establish a bespoke protocol for it to apply. For example, if you claim to be able to solve graph coloring, a zk proof for it is to accept graphs and to return a coloring. It is zk because you don't have to provide the algorithm to perform the proof, and it is a statistical proof (the tester will send N queries to verify at X% confidence that you really do have the claim). But that doesn't apply for humanity claims.

Good. Fuck Graphene's schizo devs.

>>108836143
It's only a duopoly until a Judge rules it anticompetitive, and Apple and Google are ordered to include chinkhacker1337 as an attested hardware manufacturer.

>>108836085
yeah i'm pretty angry my s25u is a year old and yet all the ai models for it have to be run is very specific, constrained ways for me to eve nuse the npu instead of the cpu for token crunching

black and trump admin is clearly making moves to bring total user identification. web integrity api failed but they found a new way.
i dont know what to do about this

File: tech oligarchs laugh.mp4 (2.18 MB, 688x464)

2.18 MB MP4

>>108839879
Probably bait, but you gotta be fucking naive if you think any of this will benefit you.

>>108836281
Anyone who opposes this is a:
>Pedo
>Terrorist
>Incel
>CHUD
>Fascist
>NAZI
>MAGAt
>Qtard
>Vaxx denier
>Holocaust denier
>Transphobe
>On the wrong side of history
>Toxic
>Manosphere enjoyer
>Misogynistic
>Colonialist
>Shitty person

File: Satania smug 2.webm (118 KB, 720x404)

118 KB WEBM

>>108839979
>MS is the last thing keeping x86/UEFI and by extension FOSS alive

>99% of x86 computers run some form of UNIX or BSD
Ok anon.

>>108836281
I happen to be a big fan of loli and every day I get more and more convinced that Ted Kaczynski had some good ideas.

Line goes up and commies seethe, seems like a win-win to me.

>>108840147
most projects work fine on arm
stop the cope

>Apple
I mean, what unapproved hardware is their shit going to work on?
Hackintosh is practically dead at this point

>>108840147
>says as he gets replaced by a younger gay

>>108842116
Hackintosh still works fine

>>108842127
On now dated hardware on its last ever version
Most people moved on

>>108840147
yeah, i'm thinking based

File: 1764503023736106.gif (179 KB, 300x465)

179 KB GIF

>>108837996
based macfrog

File: anon_cuck.jpg (376 KB, 1080x979)

376 KB JPG

>>108836281

File: 1764335167995257.png (130 KB, 862x274)

130 KB PNG

now that the dust has settled, was he right?

File: glow skincare.jpg (64 KB, 680x678)

64 KB JPG

>>108836281

>>108836085
When will chinks or yuros come with an alternative? Fuck jewgle and jewpple

>>108836085
how is this legal

>>108839228
>mmm yes, corporate cock down my throat, yes, more big fat cock

>>108836120
Because if Google or Apple flips a switch, it locks all third parties out of mobile for good. That includes them.
And no bitching from any EU regulator will stop it, worse- they like this arrangement

>>108836178
To be fair ReCaptcha has seen a SHARP decline in usage in recent years. Its major popularity was before the funny cloudflare box you had to click.
This will likely impact normalfags on old iphones and old androids so they will just not use it.

>>108836285
They already do

File: makerphone2.webm (2.34 MB, 512x512)

2.34 MB WEBM

>>108836085
how about fuck off and ill build my own makerphone

>>108836085
death to shartphone users

>>108836085
Reminder, the final loophole for approved hardware is burning down the infrastructure. Can't be locked out of the internet if there is no internet.

>>108836085
Okay, and?
I don't do that gay shit. I send texts and make calls. Anything else I use a different device.

Should I just give up on GrapheneOS? I have a Pixel 6 so I have to get a new phone soon and I don't want to waste money on another Pixel if Google is going to fuck over GOS.