Comment by Aachen
10 days ago
Can you clarify what fraud you're thinking the "secure boot" (which I take to mean: being denied the access to control your own device) would prevent? Since the identity documents you already have, have this chip that works the same as your bank card, you really don't need a relaying party (your phone, your ISP, etc.) to be trusted for the receiving website to be able to verify the cryptographic signature on the data
Fraud would be someone who is not you using your identity.
So the scenario this is needed for, is where someone does a physical and technical attack on your phone just to extract the key from this app that says you're 18+. That would be why nobody can have access to their own data anymore
I'm sorry but that cure is definitely worse than the disease. This is not an attack you see outside of spy movies
Yubikeys go on your keychain. You're as likely to not notice losing it as you are your housekeys. Anyway the point is that if you're not willing to run a trusted phone, there are other very viable options... particularly for technical folks who tamper with phone software... and those who cares about the Google panopticon... that are extremely viable and should be acceptable to satisfy the stated intent of the regulation.