undefined | Better HN

0 pointssubscribed1mo ago0 comments

Yeah, but they aren't.

Google certifies devices unpatched for the last 10 years, rooted, riddled with the malware, because the keys have leaked.

Google knows and still sells the lie.

But you should know better. Google is not selling the actual security, it's just protecting its business.

0 comments

3 comments · 1 top-level

matthewdgreen1mo ago· 2 in thread

Google's business is advertising. Right now they don't care whether your phone is "authentic" or secure, because it doesn't cost them money. As AI-enabled bot fraud rises, they will care. Fighting this requires identifying human beings, and that requires trusted devices to be associated with human beings. We're in the foothills still, but look forward and up at where adtech is going.

bronson1mo ago

How is a trusted device associated with a human being? I'm pretty sure the walls of hundreds of bot phones are running trusted Android.

matthewdgreen1mo ago

By attaching your government ID to a (single) phone and verifying the human owns it by checking biometrics. You can try this today if you live in one of several US states and have a recent iOS/Android phone. This doesn't stop one real person from attaching their ID to one real phone and then abusing it for botting, but (if implemented well) it limits you to one-real-ID-one-bot-phone.

j / k navigate · click thread line to collapse