They can make it so much harder to do that, to the point where almost everyone just gives up.

If you’re upset that your hacked-to-bits, rooted, unlocked and/or unencrypted device is failing checks: I’d say, tough luck. Until we can create provably untampered app-containers, that level of access genuinely breaks TOS on apps and regulations on handling personal data.

Hard disagree. If you own the device, you should be in full control of what’s going on. Sure, attestation can give some extra security, but that decision should be up to the user. Everything else is just excuses for user hostile DRM: platforms levaraging technology to secure their own profit margin against the interests of user.

The person who created git clearly cannot be trusted to write good kernel code. I’m CC’ing Konstantin to disable his account, whoever he is.

Websites do not have access to your IMEI. That’s only a concern when you use the app.