Remix.run Logo
sprinkly-dust 2 days ago

It is my experience that this is what Google does with their Pixel phones. It is really quite simple to unlock the bootloader and do whatever you want on a Google Pixel you own (i.e unlocked, no carrier). They even give you this really handy Android flash tool which uses WebUSB to fully restore your device when you mess up. Heck, custom ROMs like GrapheneOS and CalyxOS are even able to sign their own images and allow you to lock the bootloader with a non Google OS.

However, all this comes with the caveat that SafetyNet will flay you alive. The cat and mouse game with Magisk and other methods to maintain root undetected is moot when I've used apps these days that make a fuss when you have developer settings enabled. To be honest, that seems acceptable to me, I can do what I want with my device, software vendors like banks and the like have a say in how I choose to access their more convenient services. I can play nice with them if I want, even using a second phone perhaps, but I have a choice.

burnt-resistor a day ago | parent | next [-]

Nice. I wish Pixels (and recent iPhones Pros) were more repairable. Pixels are the least repairable phone around, so don't drop it at least not without a rugged case. ;)

encom a day ago | parent | prev [-]

>banks and the like have a say in how I choose to access their more convenient services

I disagree. I don't understand how it's fine that I can access my banking services with my Gentoo machine, with everything compiled from source by myself, but it's somehow a problem when I'm not using either Apple or Google certified OS on my phone.

I'm sure they want to prevent the first scenario, like various streaming cartels already do, but I hope something like EU throws a fit if they do.

keyringlight a day ago | parent [-]

What kind of actions can gentoo do with your financial accounts, and what levels of user authentication does it use to do it? My phone can effectively act as a bank card with contactless payment or I can transfer up to a daily allowance (that would be painful to me if it was misused) of thousands with biometric auth. Similar to the OS if you're doing that with any browser with a web login you could potentially compile it to behave how you like or lie about what it's doing

Because it's a bank there's going to be insurance behind the scenes to cover them if something goes wrong, and I assume part of that is ticking off enough points to be confident a transaction is secure or different payment limits on confidence levels.