Apple has their own remote attestation infrastructure and you will not be able to impersonate an Apple device without extracting private key material from the secure enclave of a legitimate Apple device or compromising Apple certificate authority private keys.
replyIs this actually available in Safari?
replySince iOS 16, apparently
replyhttps://blog.cloudflare.com/eliminating-captchas-on-iphones-...
Can they present themselves as... web browsers?
replyYes, and then they'll get served a QR code that you have to scan on a phone Google approves of.
reply