undefined | Better HN

0 pointsizacus1mo ago0 comments

There's a thread awhile back where there were VERY angry at someone trying to setup their own attestation project database (essentially a list of known Android builds and their signatures).

They want apps to add their signing hashes manually just for them and don't want to join projects that would aggregate and act as a database or certificate authority.

0 comments

2 comments · 1 top-level

microtonal1mo ago· 1 in thread

You mean Universal Attestation, which is from a vendor cartel, of which most of the individual vendors are typically waaaaay behind security updates, etc.

izacusOP1mo ago

No, it wasn't those. It was another EU org.

j / k navigate · click thread line to collapse