If you work on mobile apps you will notice that full attestation is too slow to put in the login path. [This might be better than it used to be, now in 2026].
I don't think a good security engineer would rely on atty as "front line" anti brute force control since bypasses are not that rare. But yeah you might incorporate it into the flow. Just like captchas, rate limiting, fingerprints etc and all the other controls you need for web, anyway.
I know I'm quibbling. My concern is that future where banks can "trust the client" is a future of total big tech capture of computing platforms, and I know banks and government don't really care, but I do.
> you work on mobile apps you will notice that full attestation is too slow to put in the login path
Hm, Play Integrity isn't that slow on Android, from my experience.
> don't think a good security engineer would rely on atty as "front line" anti brute force control since bypasses are not that rare
I'm not privy to device-wide bypasses of Play Integrity that ship with Trusted Execution Environment (which is pretty much all ARM based Androids), Secure Element, and/or Hardware Root of Trust, but I'd appreciate if you have some significant exploit writeups (on Pixels, preferably) for me to look at?
> My concern is that future where banks can "trust the client" is a future of total big tech capture of computing platforms
A valid concern. In the case of smart & personal devices like Androids though, the security is warranted due to the nature of the workloads it tends to support (think Pacemaker / Insulin monitoring apps; government-issued IDs; financial instruments like credit cards; etc) and the ubiquity & proliferation of the OS (more than half of all humanity) itself.
A monitoring app doesn't even interact with systems you don't own. Just put a liability disclaimer for running modified versions.
> warranted
Decided by whom? And why is Google trusted, not me? At minimum, I shouldn't face undue hardship with the government due to refusing to deal with a third party, unless we first remove most of Google's rights to set the terms.
Funny that you say that, but the so far best artificial pancreas that is completely free and open source will soon be much harder to install to any Android phone without every user getting a valid key from Google.
In Germany, doctors even recommend these tools if they work. Because they make patients who know what they are doing healthier and more safe.
Naturally me and hundreds of other diabetics have already contacted our EU representative due to the changes Google is planning to make in their platform.
> I'm not privy to device-wide bypasses of Play Integrity that ship with Trusted Execution Environment (which is pretty much all ARM based Androids), Secure Element, and/or Hardware Root of Trust, but I'd appreciate if you have some significant exploit writeups (on Pixels, preferably) for me to look at?
Hi, you don't have the break the control on the strongest device. You only have to break it on the weakest device that's not blacklisted.
The situation is getting better as you note, but in the past the problem was that a lot of customers have potatos and you get a lot of support calls when you lock them out.
Correct. And the end of ownership, privacy, and truth too. If something can betray you on someone else's orders, it's not yours in the first place. You'll own nothing and if you aren't happy, good luck living in the woods.
I don't think a good security engineer would rely on atty as "front line" anti brute force control since bypasses are not that rare. But yeah you might incorporate it into the flow. Just like captchas, rate limiting, fingerprints etc and all the other controls you need for web, anyway.
I know I'm quibbling. My concern is that future where banks can "trust the client" is a future of total big tech capture of computing platforms, and I know banks and government don't really care, but I do.