[brador]

Google has banned many accounts of genuine users.

What is your fallback for such an important vital service?

[notpushkin]

To play the devil’s advocate here: MEETS_STRONG_INTEGRITY on Android doesn’t require a Google account AFAIK. But it might change, of course.

Edit: but as pointed out elsewhere in the thread, Play Integrity is not the only way to do hardware attestation on Android. GrapheneOS devs have a guide: https://grapheneos.org/articles/attestation-compatibility-gu...

So avoiding proprietary Google stuff altogether is possible and we should encourage it.

[subscribed]

How do you propose running Google play checks on the phone without working Google play? :)

I don't think it's possible. And indeed, avoiding is possible and better, but the companies choose lie of play store "integrity".

[notpushkin]

For Play Integrity, you do have to have the Play Services installed, but that doesn’t mean you need to sign into Google :-)

(By the way, microG, an open source Google Play Services reimplementation, can achieve BASIC_INTEGRITY now, too. Which unfortunately doesn’t help much as most applications that do use Play Integrity want DEVICE_INTEGRITY at least.)

> but the companies choose lie of play store "integrity"

Agreed, very unfortunate. Most apps don’t even need it, but the security theatre is easier to do than actual security.