On-device models are excellent for privacy, but they are fundamentally broken from a security perspective. Preventing people from spoofing the results would involve locking them out of their own devices, via DRM.
You're treating this as a computer security problem when it's actually a political problem. It doesn't have to work to be mandated. It doesn't even have to work, for everyone to get a pat on the back and a raise for implementing it. Keeping minors away from porn isn't the point, the point is more like to scare people about being surveilled so they voluntarily won't watch it.
Hardware attestation would be enough to clamp down on almost anything, ensuring the hardware and the os guarantee the outcome is not manipulated.
Not the broken anti-competitive Google play store integrity (which is passing for any handset not patched for the last 8 years but with Google buttplug in it, effectively nullifying assurances from the attestation), but a proper hw attestation.
DRM mostly explicitly does /not/ function that way.
If you jailbreak an iPhone you can still use store apps and watch movies. You don't think that's just because Apple forgot about it, right? Or because the movie studios are merciful? They definitely aren't. It's because they think it'd be illegal to lock you out over it.
You are mistaken. DRM can work in a variety of ways but that is absolutely one of them.
Apple doesn't attestation as part of their DRM (afaik) because it wouldn't be very useful. An iOS jailbreak requires the kind of exploits that would break attestation anyway, so it adds little value.
Movie studios could require strong hardware attestation for playback, but in doing so they would limit the set of compatible devices. They are in fact a little merciful (if only because they care about their bottom line).
> It's because they think it'd be illegal to lock you out over it.
One thing I've noticed is that when I post something here I know for a fact but that isn't common wisdom, nobody believes me.
> You are mistaken. DRM can work in a variety of ways but that is absolutely one of them.
Of course it can work that way. It's software, you can write whatever you want.
It doesn't though. If you prefer, they have chosen to believe this is what the law says because it's a good argument if some partner asks them to do it.
Similarly you can get banned from the eShop if you jailbreak your Nintendo Switch, but they don't stop you from using physical games. They could do that if they wanted to. Or rather, they could make you have to work around it.
> One thing I've noticed is that when I post something here I know for a fact but that isn't common wisdom, nobody believes me.
No, you're just wrong.
> It doesn't though
It does on Android. hardware-backed safetynet attestation can be required, as a mater of policy. Many things do not require it though, for aforementioned reasons.
"MEETS_DEVICE_INTEGRITY: The app is running on a genuine Play Protect certified Android-powered device. On Android 13 and higher, there is hardware-backed proof that the device bootloader is locked and the loaded Android OS is a certified device manufacturer image."
> you can get banned from the eShop if you jailbreak your Nintendo Switch
Nintendo bans for a bunch of things, but the act of jailbreaking alone is not one of them. They are known to ban you from online services if they detect you cheating in online multiplayer, or if their telemetry detects game piracy.
If they locked you out of playing legitimate physical games for the act of jailbreaking, that would probably be illegal in a lot of jurisdictions. It would also be strategically silly, because a jailbroken console could just pirate the games anyway.