Apple already shipped attestation on the web, and we barely noticed

Maybe I'm wrong but Web Attestation will also be a death knell for Linux devices (not Android/Chrome OS) as far as being able to use them as equal clients to use the Web goes. They're simply too diverse and 'hackable' as a plotform for remote attestation to work reliably and thus they'll be excluded altogether (except a few 'blessed' distros that will then become industry controlled, and not Linux in spirit anymore).

I slightly suspect that the only platforms that will actually implement Web Attestation are the ones I'm trying to remove myself from, so I secretly[1] hope this is the catalyst I need to stop going on crappy social networks and video platforms.

I apparently don't have the will power to stop going on these sites so maybe stopping me loading content from the other side is exactly what I need.

[1] Not so secretly now I've mentioned it here I suppose.

Banks.

There's a lot of competition in the banking sector, so I don't think banks can afford to start telling customers that they need specific devices to access their online services.

The banking sector is EXACTLY where "cyber 'security'" and "compliance" will mandate for this to be implemented.

When I worked a bank at $oldjob, compliance mandated we had a full-blown anti virus engine (from Microsoft or McAfee, "at your option") deployed in quasi-ephemeral container images.

It does not have to be reasonable, it doesn't have to be a net positive - it just has to tick some box on some compliance sheet for this to be required, and I will never again be able to perform a banking transaction from my personal computer or degoogled phone again.

Most banks have barely implemented 2FA, and when they have, they implement SMS.

The only financial provider I have that supports anything other than backdoors is Vanguard with U2F support.

Shit, AMEX still lowercases your passwords before (hopefully) hashing them.

We got plenty of time for those mandates to occur ;)