@volla has initiated the industry consortium #UnifiedAttestation for an open-source alternative to Google Play Integrity.

@vollaficationist @Phobos1641 @GrapheneOS I will, can you point me towards something as a starting point? I'm thinking they are the ones behind SailfishOS which is actually a pretty good Linux alternative. It's the others I'm not so sure about.

@Phobos1641 @vollaficationist @GrapheneOS yeah man, hard to stay positive in all of this at all. And most of it are forces beyond our control, which makes it all the more worse.

@vollaficationist @Phobos1641 @GrapheneOS oh yeah, I get what you are talking about. And idk how they are managing to do it, and I do suspect if they ultimately want Google to be the only player in the field cuz they push for the usage of Play Store over Aurora for the sake of security.

I understand why they are doing what they are doing and it does right by their mission too but I feel like it misses the point of why people degoogle. Either way, like I said it's better for there to be a European alternative than just Google but ideally, there shouldn't be any and using Android's built in hardware attestation is better. But there's no ideal world anyways.

@Phobos1641 @vollaficationist @GrapheneOS just to make it clear, it wasn't meant to be offensive to the other person too. As someone who wants more GDPR compliant stuff, the idea seemed golden to me (at the start).

I only said it cuz I felt the irony funny in a weird way. And your win some, lose some doesn't particularly offend either party here (or offends both lol), cuz they both were backing their own point up and ultimately, it was an impasse. Graphene despite their best efforts couldn't convince the other party, the other party despite them trying didn't get what Graphene is trying to say and if they just want something not Google and something that belongs to EU to be in control, they are getting their wish too.

Graphene is saying, ultimately anyone having control is bad. It won't change cuz it's not Google and it's some other for-profit company. When EU's laws move towards surveillance, Unified Attestation will have to comply and their lobbyists will make sure they do.

@Phobos1641 @vollaficationist @GrapheneOS nah man, it wasn't directed at you. I just sent it like cuz it felt ironic cuz Graphene was trying to explain what is wrong with Unified Attestation and the other person just didn't understand anything.

At the start, even I was similar to them and was thinking why does Graphene not join something that's open source and tied to some companies that promote privacy and stuff. Then heard of the squabbles between them both and then looked into, I wasted an entire day over it and I know not everyone can afford that kind of time for this. I was lucky to have an off day close to when I last had a similar argument with someone from the cult. After I read some of independent articles regarding /e/, I kinda understood what they are like but they are just anti big tech in a way but they are moving towards the same thing as big tech and Unified Attestation is lobbying in EU for it and there is always a price for it and when it comes due, the people lose.

@vollaficationist I did. I read quite a few articles about how /e/ operates, it's linked to one of posts I quoted GrapheneOS in. The articles were made by a German blogger, not Graphene. I'd encourage you to read it too but yeah, I think you will simply choose to say you don't understand it. Maybe I'm wrong too, cuz I was wrong last time when I was the one supporting /e/ and Iode. I don't understand why you are telling me to think when you are the one who's saying you can't relate to what Graphene is saying.

@Phobos1641 @vollaficationist @GrapheneOS you understand some, you don't understand some.

@vollaficationist oh, I definitely will actually. My support for Murena and Volla and others of those kind has already reduced significantly but I do think their users are part of the anti big tech community and these companies enable it easily our of the box in their own way (even though part of it is false marketing) and I also think some people who use /e/ and others will move to Graphene as they get more comfortable with using non Google platforms. And moving more people to non big tech platforms is helpful in the current scenario. Which is the only reason I still keep following Murena and boosting their posts.

But yeah, they are doing the same thing as what Google did but in a European flavour and it being open-source, I'm not sure how much it matters in this. Others can confirm it's security but the people who ultimately approve the apps & services won't change. I don't know how you aren't seeing it or why you can't relate to it, but yeah. Everyone's free to do what they want.

@GrapheneOS Thank you GrapheneOS for really doing this. I just wish people took the time to actually read more about /e/ and the others. Kinda reminds me about my ignorance.

@vollaficationist if you bothered reading what GrapheneOS replied to you, you would know it already cuz they said it on one of their replies and yeah, good luck on your new path.

@vollaficationist @GrapheneOS the better idea is Android's built in hardware attestation lol.

Edit : the crux of the matter is both taking control out of Google and them taking that control into their hands. Even if it's open source, they are the ones deciding what apps will be approved for everyone else like how Google is trying to lock Android now, the same might happen in the future.

@vollaficationist @GrapheneOS as the brand that focuses the most towards user privacy and security, it makes sense for GrapheneOS to not support something like this which is basically Google but European with its own user surveillance stuff (even if they say, they don't we will just have to trust them blindly like we do with Apple products and consistently there have been proofs that /e/ does communicate with Google and OpenAI servers for stuff that Graphene and Calyx could already without connecting to them, so it's false marketing in a way).

While I do think having an alternative to Play Integrity API is good and it's better than nothing but hardware attestation is the best way to do it. And Volla & Murena doing something that gives them total control instead of pushing something focused towards privacy like hardware attestation shows that there have some ulterior motives. And with EU also pushing for surveillance like Chat Control and backdoors, I'm not sure this is a good idea.

@GrapheneOS is the device still expected to roll out in 2027 or will it be towards the tail end of 2026?

@smithkm @thenewoil why am I not surprised that it's made by the Israelis and the code that exploited is made by someone with ties to the IDF. Oh god, the more I read about this, the worse it gets. It's just like Samsung's AppCloud app.

@smithkm @thenewoil Aahh, thanks. But I think Motorola is now owned by the Chinese (Lenovo), at least the mobile division. I don't know if that makes it any better though.

@smithkm @thenewoil out of curiosity, what do yanks mean? (my 1st language isn't English).