https://www.reuters.com/sustainability/society-equity/apple-...

I don't want to hear about how this isn't Apple's fault. This isn't the big bad orange man forcing Apple to act against its will; it's a business arrangement between Apple and the president. He gets censorship, they get a weaker EU.

https://www.whitehouse.gov/presidential-actions/2025/02/defe...

When Apple says "Apple Pay is supported on iOS >= $VERSION" they don't explicitly mention that it won't work on jailbroken iPhones, because they don't expect you to make modifications to your device and then try and use their services as normal. This is unsupported and discouraged, just like trying to manually install Google Play services on an OS that didn't ship with it.

The only way to get Google Mobile Services officially is to buy an Android device with it pre-installed while leaving the stock OS untouched. And the only way for an OEM to ship GMS with their device is to certify it with Google. And one of the requirements for certification is to use device attestation keys signed by the Google Hardware Attestation Root certificate [1], thus Play Integrity will pass on all such devices.

[1] https://developer.android.com/privacy-and-security/security-...

If Google Play services is listed as a requirement, that implies that a "certified Android" device capable of Play Integrity attestation is required, since that's the only officially supported way to obtain Google Play services. On consumer-facing support articles like this, they don't tend to get into the nitty gritty details like what APIs are being used. If MEETS_DEVICE_INTEGRITY is required, that would probably not be explicitly listed here.

E.g. the consumer documentation for Google Pay just says you need a "certified" Android device and a screen lock set up: https://support.google.com/wallet/answer/12200245

(Yes, if you go deep into the FAQ at the end it eventually states that if you rooted your phone, you can't use tap to pay, but that requirement is implied by the certification requirement [1].)

In Google's eyes, and in the eyes of the law due to trademarks filed by Google, Android == Google Android.

This feature would make little sense if it's not using device attestation because otherwise it would be easy to spoof. I expect that it will initially not use it, and they will start A/B testing device attestation in the coming years.

[1] Expand "What to do if you see device is not certified" -> "Reset device to fix issue" https://support.google.com/android/answer/7165974

Almost no coverage on HN or mainstream media though. Surprising, considering the popularity of this game.

> IMO you need to actually work around a technical measure intended to stop you for it to qualify as an exploit.

Even well-known vulnerabilities like SQL injection don't qualify under this definition?

Apps should be self-contained in their bundles, and may not read or write data outside the designated container area, nor may they download, install, or execute code which introduces or changes features or functionality of the app, including other apps. Educational apps designed to teach, develop, or allow students to test executable code may, in limited circumstances, download code provided that such code is not used for other purposes. Such apps must make the source code provided by the app completely viewable and editable by the user.

There are not "exceptions"; there is one exception, and that's educational apps. But it's unclear why Pythonista is educational while the apps mentioned in the article are not. In fact, Pythonista is even listed in the "Productivity" section in the App Store.

Recent regulation doesn't help here, by the way. iOS apps submitted for "notarization" to be distributed in alternative app stores in the EU, Japan, etc. still must comply with a subset of the guidelines, including 2.5.2. EU is probably not interested in strengthening the DMA so that Apple doesn't have to approve everything because then it makes other EU regulations easier to bypass (e.g. Chat Control).

Looks like YC wasted their money on this one, unless it's exempt because one of the founders used to work at Apple or something: https://news.ycombinator.com/item?id=45041185

[1] https://developer.apple.com/swift-playground/

I noticed the ChatGPT app also checks Play Integrity on Android (because GrapheneOS snitches on apps when they do this), probably for the same reason. Claude's app doesn't, by the way, but it also requires a login.

Proceeds to explain why your opinion is not "fine" but rather invalid, because Apple boiled you like a frog...

Every time someone mentions here that they're concerned macOS is becoming more like iOS, Apple apologists show up to explain how that's not actually happening. I guess now you guys have just accepted it.

> While sadly, it doesn’t look like there will be any ADB command you can send to your phone to make it immediately jump to the end of that 24-hour delay

There's also no evidence that adb-sideloaded app stores will be able to skip PackageInstaller's developer verification enforcement, so no, you will have to wait 24 hours to install F-Droid and actually use it.

That argument no longer holds water with the release of the Macbook Neo and the associated Tiktok advertising campaign [1].

[1] https://www.tiktok.com/@apple

[1] https://github.com/LiveContainer/LiveContainer

If you get most/all of your apps from F-Droid, they're essentially establishing a policy of "any time you get a new phone, you can't use it for 24 hours", which is... insane?

This matters if you're sideloading an app store like F-Droid, because sideloaded app stores still have to go through PackageInstaller [1], which probably still enforces verification checks for adb-sideloaded apps?

[1] https://developer.android.com/reference/android/content/pm/P...