75
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 30 Jan 2026
75 points (97.5% liked)
Linux
57274 readers
402 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 6 years ago
MODERATORS
The language used speaks for itself. We already know what "integrity" means in this context.
This does not seem vague to me. It explicitly states what they are creating.
But how it's implemented means everything. Google's play integrity is corrupting because it's designed to lock vendors in to Google's proprietary ecosystem. You're not getting that from this 'language' alone, it could be the case but it's a massive leap at this point.
I do not care if it is connected to proprietary ecosystem or not. The freedom to decide what software am I allowed to run on my PC is important for me though. Any system that limits that freedom is evil by definition.
I'm right with you there, and it's proprietary software that threatens that, nothing included in this announcement does though.
if unprivileged software can ask the integrity verifier component which private key is used as the integrity root, or what rules does the verifier keep, then it can be used by commercial software (and web browsers) to decide whether they allow running themselves on your computer (or whether you are allowed to watch netflix, or log in to the bank's or the government's website)
I do not understand where does your optimism come from? In what little that we do know they describe the exact same system using the exact same wording as google. If they mean some other thing then they should spend a couple of hours and describe how is it different. And before that the worst should be assumed. It is to dangerous to treat it in any other way.
I don't like to ever assume negative intent without good evidence. I think I'm taking the neutral rather than optimistic view here. If you want me to speculate whether this new company is good or evil, that would just be my speculation; it would depend how they intend to make money out of it, from my gut instinct I can't say they give me any specific Google vibes yet.
It's not about the google vibes, it's that this thing could be standardized and used by several programs and websites.
here's an example. with google's integrity system, most phones can not go through attestation. an exception is phones that can run GrapheneOS. but for apps that require attestation, the developers need to change their app so that it accepts valid attestations of systems that use the GrapheneOS key. such apps can decide to keep only accepting google approved systems.
so far it looks like this will work similarly enough that software you run will be able to be picky about what distribution you use.
The intention barely matters. It's opensource, someone else can do the evil thing.
No. Google's attestation code is FOSS too.