The problem with bootloader unlocking on modern Android devices is that they have a hypervisor that you don't get to ever unlock but that will snitch on you and make some apps, like some banking ones, refuse to work because the "integrity" of your device could not be verified. In other words, because these apps can no longer be certain they are able to hide data from you the device owner.
Magisk exists, yes, but it's a flimsy temporary solution. It only works because it's able to lie to Google that your device doesn't support hardware attestation. As soon as Google starts requiring that all devices support hardware attestation, it will stop working.
If software doesn't want to run on your hardware because it can't make sure you're not tampering with it, why is it wrong for doing so? You're not necessarily entitled to the ability to run the software right? I understand the implications this has on ones ability to create custom operating systems is troubling (eg this could destroy desktop Linux), but at the end of the day I guess it is just a choice the developer is allowed to make. It's not like they distribute the binary with no strings attached.
And there are some real strong reasons why you benefit from this sort of ability, such as preventing folks from cheating in competitive games. I can't say that all uses seem to have good reasons to use it, but that seems like more of a vote with your wallet sort of situation. Perhaps the play store should also have stricter requirements on acceptable use of attestation and ensure they are upheld.
> If software doesn't want to run on your hardware because it can't make sure you're not tampering with it, why is it wrong for doing so?
It's not the software, it's that the hardware itself, that I bought to own, still serves someone else in a way that's detrimental to my interests, and that can't be overridden because those stupid encryption keys used to sign attestation reports are burned into the silicon and only accessible to that TrustZone hypervisor that can't be unlocked.
> And there are some real strong reasons why you benefit from this sort of ability, such as preventing folks from cheating in competitive games.
Maybe playing such games on general-purpose devices is a bad idea to begin with. You know, consoles are already locked down pretty tight. But then there are PCs that have no hardware roots of trust at all yet you can play anything on them and sometimes even compete with console players. So go figure.
Because in some countries you must run some government sanctioned apps that require a "blessed" device, or you are a de facto non-citizen?
If Americans had anything like BankID or MitID which would refuse to run on their devices and they would be prevented from paying a bill, transferring money, buying tickets, or reading their mail they would go apeshit in 5 seconds.
Some apps are no longer optional in the world we are living in.
They require hardware certification for the Pixel Screenshots app... and for anything that uses Gemini Nano (Call recorder summary, weather, pixel screenshots, etc).
Lol, I've had my Pixel 9 Pro for a month but I forgot about that pixel screenshots app. The other features are unavailable in my country anyway, especially anything that has to do with calls.
Magisk exists, yes, but it's a flimsy temporary solution. It only works because it's able to lie to Google that your device doesn't support hardware attestation. As soon as Google starts requiring that all devices support hardware attestation, it will stop working.