reCAPTCHA Mobile Verification Is Bringing the Play Integrity API to Desktops

This is begging for anti-competitive investigations, surely? It's explicit collusion between the largest mobile makers and key app-based services (e.g. gov services, communication tools, banking) to directly block any competing OS.

They're publicly agreeing that only users using their approved mobile devices are allowed to do banking, and competitors cannot. I'm not sure how much more clearly anti-competitive this could be.

In recent r/Android update post, this is put at the very last, I believe this completely verifies that Google is implementing hardware attestation.

And, r/android being mostly google worshipers won't say anything, but also it's difficult to parse through such a huge ai generated post.

  New data isolation and verification tools

  Expanded Binary Transparency: Anyone can now verify that the critical software layers on their device were actually authorized by Google and haven't been secretly modified by attackers. We are publishing a public, append-only ledger that provides cryptographic proof that production Google applications and Mainline Modules are the authentic versions released by Google. If a Google-signed app isn’t on this ledger, we didn’t intend to release it.

  Android OS verification: We have seen some bad actors begin to distribute malicious, unofficial versions of the Android OS that secretly compromise device integrity. To combat this, we are introducing Android OS verification in Android 17. Launching initially on Pixel devices, this feature helps you verify that your device is running an official, widely distributed build.

  Keeping your ambient data confidential and isolated: Android 17 introduces AISeal with pKVM which, along with Private AI Compute, creates an isolated, verifiable, hardware-backed environment where ambient data can be processed securely

> linux desktop

That's the only part I'm interested in. I've read this article - or something similar - before and it doesn't surprise me that these big tech companies want more control. What I don't understand is how this affects linux desktop?

Is it going to be that online services or websites or webapps can choose to require attestation? Whether you use this OS or that OS? Or are linux developers forced to change their open source software?

This is very bad. Google has truly become evil.

My only hope left is that the EU will step in and prevent this. At least in Europe.

I don't buy the anti bot argument. Cheap Android phones can be purchased for less than $40 and QR code scanning can be automated. Bot farms will evolve.

The only possible reason for this is to lock out the competition.

Aside from the horrendous privacy implications, is there a possible argument that this is anti-competitive?

I am going to assume that this also destroys millions of AI agents and bot scrapers this time which is why some “AI Engineers” were complaining about this recently.

Well, this is how Google will kill all the scrapers on its search data.

So fuck blind people I guess?

So, let me see if I understand it:

Apple+Google got punished by the EU for non-competitive practices and now they offered to ordinary websites their most desired features: bot blocking and unavoidable user tracking across all devices and operating systems.

And if EU wants to sue, they'll have to sue each and every website that requires this, and they would loose, because there are no alternatives and even if there were, they would be just as bad.

Great job Google+Apple! I'm proud of you. /s

If Windows wasn't so far behind Apple and the rest of the industry in regards to integrity APIs this wouldn't be necessary. It's embarrassing for Microsoft that someone needs to use a separate, more secure device since their security is so bad.