this post was submitted on 27 Jul 2025
553 points (99.1% liked)

Technology

73379 readers
4683 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
553
EU age verification app to ban any Android system not licensed by Google (www.reddit.com)
submitted 2 days ago* (last edited 2 days ago) by Gsus4@mander.xyz to c/technology@lemmy.world
106 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] Redjard@lemmy.dbzer0.com 2 points 1 day ago (1 children)

If it is about hiding some data handled by the app, that will be instantly extracted.
There are plenty of people with full integrity on rooted phones. It's really annoying to set up and keep going, and requiring that would fuck over most rooted phone/custom os users, but someone to fully inspect and leak everything about the app will always be popping up.

[–] iii@mander.xyz 1 points 9 hours ago (1 children)

If it is about hiding some data handled by the app, that will be instantly extracted.

Look at the design of DRM chips. They bake the key into hardware. Some keys have been leaked, I think playstation 2 is an example, but typically by a source inside the company.

[–] Redjard@lemmy.dbzer0.com 1 points 8 hours ago (1 children)

That applies to play integrity, and a lot of getting that working is juggling various signatures and keys.
The suggestion above which I replied to was instead about software-managed keys, something handed to the app which it then stores, where the google drm is polled to get that sacred piece of data. Since this is present in the software, it can be plainly read by the user on rooted devices, which hardware-based keys cannot.

Play integrity is hardware based, but the eu app is software based, merely polling googles hardware based stuff somewhere in the process.

[–] iii@mander.xyz 1 points 6 hours ago

merely polling googles hardware based stuff

I understand. In the context of digital sovereignty, even if the linked shitty implementation is discarded (as it should be), every correct implementation will require magic DRM-like chip. This chip will be made by a US or Asian manufacturer, as the EU has no manufacturing.