I actually noticed this (and considered blogging to myself about it) but in practice the only reason why this was not seen as an issue (IMO) is because it being implemented only on Apple platforms meant that there was no possible way you could really limit your services using it. It was just an additional thing people could use as another signal.
However, the Google proposal is explicitly concerned with pushing this as an always-on feature.
> However, a holdback also has significant drawbacks. In our use cases and capabilities survey, we have identified a number of critical use cases for deterministic platform integrity attestation. These use cases currently rely on client fingerprinting. A deterministic but limited-entropy attestation would obviate the need for invasive fingerprinting here, and has the potential to usher in more privacy-positive practices in the long-term.
All Apple implementing it ahead of time is proof of is that anyone hoping Apple will save us is naive.
replies(1):