Google silently shipping signed chrome executables soon…

And then people wonder why non chromium browsers are important

Wouldn’t spoofing work? Like, if the browser just sends “yes, no extensions, adblock, blah blah” then how would the attestation server know if that’s true? Or does it require signed binaries, or some special hardware?