alt Hacker NewsSo what can be used as an attestation API? WHAT will make sure that when a phone says "you're paying 10 euro to $coffee_place" that it isn't a bitmap being shown over "you're paying 10.000 euro to $scammer", above the pay button. Note: needs to be a real guarantee that isn't a permission question away from going away.
Either governments can develop (and pay for) THAT technology, or they can use Apple/Google ...
Replies
subscribed • today at 1:44 PM
In case of Android - AOSP attestation.
Not necessarily the company that locks out entire family because one of the family member jacked off on the chat with Gemini model.
xorcist • today at 12:46 PM
That seems like a weak argument to require attestation? What would attestation prevent that scenario, specifically?
➕ show 1 reply
I'm not sure I want my government to develop that technology.
Government software is usually low-quality, expensive procurement crap, often riddled with security holes, and an exercise in checkbox checking. UX and user friction can't be expressed as a verifiable clause in a procurement contract, so they're ignored.
Besides, every time EU governments tried to force smartphone manufacturers to pre-install government apps, the population freaked out over (unwarranted) surveillance concerns. This isn't something you can do without pre-installing apps (you don't want these APIs opened up because then attestation loses all meaning).