Sure, let's just arbitrarily exclude ~1million people because they're not running the government's preferred American spyware.

▲

ryandrake an hour ago | parent | next [-]

This is a very, VERY stereotypical Tech Product Manager viewpoint: "N% of users are hard to support edge cases, so we should exclude them." You see this justification everywhere in business. "We'll drop support for [old OS] once it gets to 1% of our user base." "Only 1% of our users have non-Latin characters in their usernames so it's OK to not support that." "1% of our users are on 3G or slower Internet connections, so we don't have to consider them in our performance metrics."

It's a pragmatic, profit-oriented point of view, but not one that makes sense when your mission is to be inclusive of everyone.

▲

p2detar 3 hours ago | parent | prev [-]

This is an unfair and a straw man argument, is it not? Are you also unhappy that in a democracy the 51% choose how the other 49% are going to be governed?

Why device attestation is required is quite well explained by this github comment [0]. I am in the industry and I agree fully with it, because it is a fact a problem for most smart phone users in terms of security.

0 - https://github.com/eu-digital-identity-wallet/eudi-app-andro...

▲

Hackbraten 3 hours ago | parent | next [-]

I think your analogy is flawed. I can be part of the losing 49% and still be entitled to receive the same services as the 51%, whereas people who chose a privacy-oriented OS are essentially going to be excluded from essential governmental services. That's a whole different kind of thing.

I'm not going to replace my 1200 EUR smartphone with a device that forces me to have an account with Apple or Google. I've been issued a German identity card, which is its own computer that includes a digital identity already. I also own an expensive card reader, which together forms a system that is completely capable of supporting any attestation anyone would need. They should just stop excluding me already.

▲

p2detar an hour ago | parent [-]

> privacy-oriented OS

Well, in all seriousness what examples could you give me here in terms of device hardware attestation? Even GrapheneOS does use Google root certificates to attest your device. There is indeed an option for EUDI to keep a list of keys and I bet this is probably the way they are going to go for Android in the future. We shouldn't forget this is still in the planing phase.

> to have an account with Apple or Google.

True for Google, not true for Apple. Device attestation on iOS does not require you to have an iCloud account or sign into some Apple services. It works entirely using device hardware ids.

> I also own an expensive card reader, which together forms a system that is completely capable of supporting any attestation anyone would need.

Nope. This is eID and verifies your identity, it does not attest the security of your hardware. These are two different problems we talk about here.

	▲	fsflover 20 minutes ago \| parent [-]
		> in all seriousness what examples could you give me here in terms of device hardware attestation? My Librem 5 runs an FSF-endorsed OS and has a smartcard. > True for Google, not true for Apple. Device attestation on iOS does not require you to have an iCloud account or sign into some Apple services. This is extremely misleading. Even if true, you must have an account in order to install any app on an iPhone.

▲

shakna 29 minutes ago | parent | prev [-]

If it requires a Google or Apple account, then it also requires those companies never cease an account, either. Or vulnerable people will be harmed.