TL;DR
- Efforts like Graphene OS face increasing pressure from apps that refuse to run on non-standard Android.
- The custom ROM project characterizes Google’s approach to device attestation as incomplete and flawed.
- Graphene OS is prepared to take legal action if Google won’t let it pass Play Integrity checks.
Even just being rooted on the stock Pixel rom is a fight. It’s a constant cat and mouse game to pass basic and device integrity, but as of recently a lot of us have been able to pass strong integrity as well which has been nice.
That, I can see being more of an issue than an unmodified, trusted 3rd party OS. If I remember right, rooting makes the device fail Verified Boot:
https://source.android.com/docs/security/features/verifiedboot
Fair point. At least with stock rooted as I said there’s ways around it and I can pass all play integrity checks and such.