Google Play Integrity: Developers Cry Foul as Mandatory Gatekeeping Threatens GrapheneOS and Open Payments
Mandatory reliance on services like Google Play Integrity for core functions like banking payments poses a direct barrier to custom ROMs and open systems. Developers point specifically to NFC payment dependencies as a major choke point for open Linux hardware.
The skepticism targets any new industry consortium, viewing them as merely replacing Google with another central authority. 'unknownuserunknownlocation' dismissed the new consortium plan as 'same shit, but different company.' Conversely, some see the 'UnifiedAttestation' proposal as actual progress toward decentralization. Technically, the discussion advanced toward advanced crypto proofs, with 'eah' suggesting Homomorphic Encryption could allow security proof without revealing proprietary OS details.
The overwhelming sentiment shows distrust in centralized verification. The core conflict is between corporate mandates that force users to 'prove their innocence to a gatekeeper,' as 'albert_inkman' put it, and the pursuit of true device autonomy away from duopolies.
Key Points
Relying on Google Play Integrity for sensitive apps restricts functionality to controlled ecosystems.
Consensus dictates this creates proprietary gatekeepers, regardless of a device's real security posture.
New consortia initiatives fail to solve the core centralization problem.
'unknownuserunknownlocation' stressed that any new group still requires centralized, third-party approval.
Proprietary features drain core functionality from open source forks.
'AmbitiousProcess' noted that critical features are migrating into closed-source 'blobs,' harming forks like GrapheneOS.
A true technical solution must use cryptographic proofs, not simple trust models.
'eah' suggested Homomorphic Encryption as the ideal method: proving compliance without exposing the custom OS details.
Open standards are needed for payments to support non-Google devices.
'devtoolkit_api' argued that dependency on Google Play Services for NFC payments is a massive hurdle for GrapheneOS and other Linux phones.
Source Discussions (4)
This report was synthesized from the following Lemmy discussions, ranked by community score.