• absquatulate@lemmy.world
    link
    fedilink
    English
    arrow-up
    68
    arrow-down
    1
    ·
    4 months ago

    The Play Integrity API was never meant to detect fraudulent apps, but to make it easy for google to become the arbiter of what’s trustworthy and what’s not. They knew this of course, but this lawsuit indicates they might have something solid to stand on. Good luck GrapheneOS!

  • Kushan@lemmy.world
    link
    fedilink
    English
    arrow-up
    20
    arrow-down
    1
    ·
    edit-2
    4 months ago

    I feel like a huge aspect that this article and the GrapheneOS developers are overlooking is DRM content.

    They’re focusing on user security for a user’s own data, but there’s a whole other side to it with companies wanting to protect their own data - think Netflix and the like who use the same systems to ensure that nobody’s been tampering with the device as a way of bypassing the copy protection of their media.

    Now I’m not saying I support DRM at all, I’m very firmly in the camp of being able to own the media you purchase without restriction, but my point is that it’s not as simple as Google being dismissive, lazy or ignorant but rather there’s a lot of commercial sensitivity at play and if Google fucks it up, they could potentially lose certification of the entire android ecosystem.

    • polyduekes@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      4 months ago

      i don’t think what grapheneOS wants is to be able to spoof or bypass play integrity, they just wanna be able to implement it as well just like oems do so if someone will tamper the system in graphene as well, play integrity should blow off and drm content will be safe

    • Zak@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      4 months ago

      could potentially lose certification of the entire android ecosystem

      Certification by whom?

      The Netflix app is older (2011) than Safetynet (2014?). Google probably didn’t need to provide remote attestation, but making non-Google Android unusable for most people is good for their bottom line.

      • Kushan@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        1
        ·
        4 months ago

        Netflix being older is hardly relevant to this discussion.

        Maybe you’re unaware, but the higher quality streams are only available on devices netflix has certified. You can still use netflix on GrapheneOS but you won’t get that quality, it’ll be downgraded.

        This is a common problem for cheaper Chinese devices as well.

        • Zak@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          4 months ago

          What would have happened if Google never created an attestation system for Android? Would Netflix give up such a large market?

          Netflix can downgrade Chinese phones that aren’t common in the west and third-party ROMs because those represent a tiny fraction of their potential customer base. I doubt they’d be inclined to do so for all of Android.

          • Kushan@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            4 months ago

            Who said anything about Netflix giving up a market, they just offer a worse service. But hey, iPhones offer a premium service, right?

    • user@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      4 months ago

      Graphene already supports Winevine L1 without Play Integrity. It has nothing to do with DRM, its a seperate system.

  • onlinepersona@programming.dev
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    3
    ·
    4 months ago

    Google is just trying to be Malus but on multiple vendors’ hardware and across all variations of iOS (if iOS allowed forks). Obviously that’s a problem and it wouldn’t surprise me if Epic joined the lawsuit. Their third-party app store would have a problem installing authentic apps from the Google Play Store if no google services ran on the phone.

    The EU is doing stuff against monopolies and talking about digital sovereignty, but EU countries are still releasing the opensource software only on the google playstore and ios app store - that’s not sovereign.

    Very curious to see where this goes.

    Anti Commercial-AI license