GrapheneOS threatening to sue Google is strange; it is Authy that decided to restrict their app to "genuine" Android devices based on remote attestation Also for perspective: Authy's days are numbered anyway, given that future is passwordless arstechnica.com/gadgets/2024/0…
@randomoracle That's not true. Google pushes the Play Integrity API as a security feature in the Google Play Store Console, Android Studio and elsewhere. They mislead app developers about what it provides and present it as a security feature despite offering absolutely no security. @rmhrisk
@randomoracle Google is very clearly exercising their control over Android with Play Integrity, which they heavily promote to devs. Google's approach to this is monopolistic: they're essentially making it so you need to bundle their apps to compete.
@randomoracle Google not allowing users to use Authy is criminal. It is not their job to police user choices. Also, your perspective is wrong. Passwordless is not secure and doesn't even work well for most use cases.