Why should Google decide which devices are safe enough to pass remote attestation? Seems to me that if we want this at all, it should be an independent body that approves signing keys of vetted vendors (e.g. vendors roll out security updates timely, etc.).

As long as this is in Google's hands, they can abuse it to control the market.

That said, Play Integrity accepting GrapheneOS would be a step forward, but they will never do it, because then other vendors might also want to pass attestation without preloading Google apps.

> Seems to me that if we want this at all, it should be an independent body that approves signing keys of vetted vendors (e.g. vendors roll out security updates timely, etc.).

This is also a horrible idea. If an OS can be vetoed for untimely security updates, it can also be vetoed for not having something like clientside scanning.

Then you’re just replacing one DRM cartel with another.

What would even be the criteria for approval? Pinky promise to not let the end user have full control of their own device? That’s all “integrity” really means in practice. Don’t be fooled by appeals to security.