I received this article, had not seen this from other sources.
15 Likes
This is about unified attestation instead of google play integrity.
Good idea if it wonāt have the same BS of needing to root your phone to be āsecure" enough for banking apps
1 Like
Thanks for sharing, Iāll be keeping an eye on this and hoping something comes out of it.
Iām sure this is the case for many people, but for me literally the only reason I gave up and returned to Googled Android is NFC payments. If it werenāt for that, Iād be happily running /e/OS by nowā¦
6 Likes
Finally! 
The Damocles sword falls in September!
1 Like
But make no mistakes, since is not security, this is still taking the phone hostage and keeping users in check.
@bjoern23 Can you elaborate on that for those of us with less tech knowledge?
For NFC technology to works with institutions (ex. E-wallet or digital certifications) we need a token system recognised by the client and the provider. So lets say the bank may not recognise for example some devices without intermediate credentials and some services, and Murena would need to introduce into the local envo of e/OS thrid part services to being able to introduce a e-wallet service.
There are some risk in this initiative of course, but i really rhink we can improve e/OS and Murena itself has there own ābare minimumā i guess
1 Like
Device attestation is a system that lets an app check whether the phone/OS is deemed secure. This is in general not a bad idea, if say the attestation reports the OSs patch status and you would get a warning within the app.
But apps usually do not show a warning, they refuse to operate.
Furthermore the checks include unlocked bootloaders and rooted devices. While both have a security impact, locked bootloaders are a way to keep you on your pre-installed OS and disabling root is keeping customers from owning their devices and mitigating the security issues that come with app stores and all the bad apps you find there.
5 Likes
Sure, but what do we think will be a better performance for the de-Google marketplace, have the service or keep in touch with the real āopen sourceā alternatives ( LineageOs,UbuntuTouch, TailsOS,etc) and continue with half-function smartphone?
I really think we should support this initiatives of software despite the fact some inconveniences in the system.
What we have now are half functioning rentphones. The devices are not ours, we canāt do real backups, we canāt use the command line or read and write logs. This is much worse than not beeing able to pay with the phone and having to have real cards in real wallets.
2 Likes
@bjoern23 well, that is not a real problem for millions of users whom the understanding of technology is based on nicely and smooth interfaces. I totally understand what you are pointing, but common e/OS users are expecting to have a real āde-Googleā rent-phone with similar services ( e-wallet, cloud storage, email, etc).
2 Likes
While this is an understandable point of view, I still go for the cumbersome way of trying to teach about tech and ethics and why one step forwards can become two steps back.
1 Like
Can this be achieved in collaboration with a privacy respecting ecosystem, like Proton, if they add an e-wallet service?