> You just have to use a secure device.

No, you have to use government backdoored device. I.e. the most secure android rom (at least the only rom we know is not penetrable by state-sponsored celebrite based malware) is not covered by google's play protect, while bunch of outdated CVEd phones are.

Same will go with many hardened Linux machines, QubesOS, Whonix stations, you name it. I'd argue they are far more secure than any average windows/macos installation.

Hardware attestation has nothing to do with security, it's censorship.