• GrapheneOS@grapheneos.socialOP
    link
    fedilink
    arrow-up
    1
    ·
    19 days ago

    @[email protected]

    GrapheneOS fully supports hardware-based attestation. Google is entirely capable of verifying a device runs the genuine GrapheneOS releases:

    https://grapheneos.org/articles/attestation-compatibility-guide

    Play Integrity API has nothing to do with security regardless of how it’s marketed. It allows a device to pass if it hasn’t received security patches for 8 years. All it does is check if it’s a Google certified device and tries to stop spoofing within constraints of allowing highly insecure, ancient devices to pass.