An easy first step ahead of a full ban would be insisting that hardware attestation never be used as a gate to access government services. Most other things I can vote with my feet, but viewing my tax returns or renewing my passport are things that can only happen in one place.

One unfortunate aspect of the entire problem: Go back, let's say 10, 15 or 20 years, when forces were a bit more balanced than today. When all these issues were already quite obvious, but probably somewhat easier to solve. The same people that cry loudly today were completely ignoring all these issues. Actively. And when someone came up with them, that guy was just an idi*t, disturbing the good mood. Right? I can still remember all the conversations that I had, or that I read. Today, they'll deny that and still call me an idiot. Anyways...

PS: Sure, there always were a handful of exceptions. If you are one of them, you know what I'm talking about. I don't refer to you. But to the other 99.x%.

The sort of regulation we need for this must be as solid as a constitutional amendment, but that is going to be very, very difficult.

> Unfortunately I see the regulatory environment more likely to go the other way of requiring attestation. I sure hope I'm wrong.

Everyone in power wants it, across the entire globe.

> designed exclusively for Android and Apple mobile devices

That's very different from requiring hardware attestation, though.

No, you can also get it for Windows and Huawei devices. So three American and one Chinese companies. Great.

If it was developed by the government, shouldn't the source or an API be available? Surely third-party apps can be made in that case?