logoalt Hacker News

AnthonyMouselast Monday at 7:33 PM0 repliesview on HN

> Agreed, but I think this will force the average user to upgrade* their phones after losing access to sensitive apps (bank, gov) before getting compromised.

The problem being that there are many millions of people who can't afford to replace a phone they only recently bought just because the vendor never updates it, which means those banks and things can't in practice demand that people do that. Indeed, it creates the opposite problem, because installing a custom ROM on that device would give it a patched kernel but cause it to fail attestation, so what the attestation is actually doing is requiring those people to continue to use the vulnerable OS.