And the fun thing: this thing only works when you force users to download your app from GP. Is it another way to entice app vendors into Google-less user exclusion? Again, only then this feature can work.

Now I see, the meanings of new integrity checks are the following:

Basic – device from OEM that paid (for GMS license, which isn't free) and obeys Google (by restricting any undesired features on stock), the state of device isn't crazy compromised but can be anything
Device – device from OEM that paid and obeys Google, the state of device is locked stock with old SPL
Strong – device from OEM that paid and obeys Google, the state of device is locked stock with fresh SPL

In other words, unless your device successfully spoofs being older than Android 13, it's forced to have an attestation keybox to pass basic (and you'll never get one from Google as an OEM if your device is more flexible than they want), just as Google describes the changes themselves. I'm yet to know if it has to be an unrevoked Google keybox, but it's most likely. A friend speculated that the goal of going so hard on it is to eliminate emulators and make sure that physical device farms can get banned through device recall.

But regardless of it, the acknowledged outcome is that a device running uncertified build with Google keybox is superior in Google eyes to a device running uncertified build without Google keybox. They can be exactly as secure or insecure, and yet only one of them will get basic. Even with largest benefit of doubt you could give to Google, they're completely reckless with the tools they're giving to app vendors. They know how exorbitant are the sums you need to start your own OS (based on AOSP or not) and convince the careless app vendors to allow you.

The interesting omission is that app vendors will now have to downgrade their requirements from strong integrity to device integrity, as what applies to A13+ devices is: "security updates in the last year for all partitions of the device, including an Android OS partition patch and a vendor partition patch. This condition might change in the future (👀)." – and that already excludes lots of devices – "Decrease in strong responses (~14.5%)".
Requiring just device integrity will mean in turn that spoofing a system older than A13 will still let you pass without a keybox. Adding a "stronger" verdict tier than meets-strong-integrity (and keep the meaning of original) would allow the few extreme app vendors to avoid allowing too many devices, and let the super extreme ones to lose money if they wish to.

FYI: I believe that forcing strong integrity (compared to device integrity) in 2024 was less impactful than it'd be to keep the strong requirement with current changes.
The first was just exclusion of ~6 year old devices, while now, by doing nothing (and keeping requirement of strong), you'll be excluding ~2 year old devices. Pretty crazy.

And yes, super tldr: device without a keybox won't pass anything, a device with keybox on unlocked bootloader will pass basic. So devices that lose it during unlock or aren't attesting an unlocked state won't pass basic. Staying with hostile app vendors as a custom ROM user will now mean (as requirement of just basic is uncommon, most of the time it's device integrity) either having a leaked keybox, using a theoretical attestation proxy service, spoofing pre-A13 device or having a broken boot chain.

Fairphone 3 has a keybox and passes all green, sad, no bonus traction for legislation

FYI, all-competent HMD forgot to restrict bootloader unlock on HMD Fusion running build 00WW_2_430_SP01 (April 2025) or older, user security is at a great risk 😭 Remember to install the latest patch quickly to prevent yourself from abusing this dangerous vulnerability!

Credit: https://www.tiktok.com/@bondaluv/video/7507221787130891528

What if, what if OEMs figure out that reverse local tone mapping exists too? Will it become an inescapable trend at some point too when everyone gets bored of dehazing and clarity?

Citing a Chinese friend:
More nonsense added to Xiaomi BL shenanigans. You may be banned and subject to legal actions if you use the unlocking permission on someone else, or transfer the device to another user/account without relocking it first.

We don't even know if such a claim has legal power in China. Either way, congrats to Xiaomi for going straight to a state where competitors will find the means to analyse their devices, while conscious powerusers will stay repelled.

This clause obviously won't come to global (skipping the illegality), as Xiaomi seemingly thinks that their limited permission system works well enough to keep people consooooming their products in belief that they're "normally unlockable", so it'll take time before they make it worse, if they do.

As I've been saying, crazy apps will have to switch from strong to device integrity, only ultimately crazy apps will dare to still require strong thanks to security patch check involvement and the OEMs who don't recognize that obsolescence is possible despite a long and timely support

For more context, look up the specs of Galaxy A16 and its promised support length. This thing won't run well 5 years from now, despite still being supported. The path to obsolescence is simple: poor specs, component aging, poor component availability, high component pricing, high teardown difficulty. OEMs can offer long support without worrying about the lost future sales.

What's great:
- local (offline) AI models
- self-controlled TrustZone (and equivalents)

What's dystopian:
- online AI models
- devices with factory provisioned keys you can't access that can't be replaced with your own while preserving all of the capabilities

Just wanted to say the obvious.

Vivo just released a phone with cameras needed by OP13T, minus the SoC and unlockable bootloader.

I'm guilty of not linking this article before. The future of high dynamic range on small sensors is bright.
https://www.mdpi.com/2674-0729/4/1/8