>there would be literally no point to this specification as it could always be faked.
I disagree. There is a point to making something more difficult but not impossible: you alter behavior at statistically significant scale in practice AND you get to point to the alternative as a reason why the change isn't "coercive". In practice, 99% of users won't know to download an altered Chrome - they have a shaky understanding of "browser" and "os" as it is. In fact, I can imagine Googlers rationalizing this as a kind of shibboleth that keeps hacker culture alive.
Sure, I see where you're coming from, and much corporate software has traditionally worked in this quasi-consensual hostile-default kind of way. But the specific terms used in that passage are highly indicative of this being intended as implementation of remote attestation for the web.
Furthermore, even if the "key facts" it reports don't initially include results of hardware remote attestation, it's entirely foreseeable that over time these will be added.
I disagree. There is a point to making something more difficult but not impossible: you alter behavior at statistically significant scale in practice AND you get to point to the alternative as a reason why the change isn't "coercive". In practice, 99% of users won't know to download an altered Chrome - they have a shaky understanding of "browser" and "os" as it is. In fact, I can imagine Googlers rationalizing this as a kind of shibboleth that keeps hacker culture alive.