| |
| ▲ | necovek 5 days ago | parent | next [-] | | Yes, it's equivalent to running a computer with admin access, and most banking web sites have no issue with that. Still, my point was not about running a rooted phone with unlocked bootloader (secure boot disabled on a pc equivalent), but whether if this is possible accounts in your purchasing decision. | | |
| ▲ | tsimionescu 4 days ago | parent [-] | | Before we had secure phones, we used to get hardware gadgets from banks in order to secure access. Now that phones are secure enough, the phones act as the root of trust (and, unfortunately, SMS does as well...). | | |
| ▲ | necovek 4 days ago | parent [-] | | Yes, and phones are full of vulnerabilities because vendors provide security updates only for 2-5 years (high end being rare), thus making this a moot point. | | |
| ▲ | charcircuit 4 days ago | parent [-] | | The security measures do not need to be perfect. As long as fraud remains at a reasonable level it should be fine. | | |
| ▲ | necovek 4 days ago | parent [-] | | Agreed. Full disk encryption on a device you have full control of is sufficient. Containerization helps if you install untrusted apps. Not having root helps if you install untrusted apps (either vulnerabilities/exploitable or malicious) as root. | | |
| ▲ | esseph 4 days ago | parent [-] | | Containers are not security. Don't trust containers to have the same level of isolation as a VM. | | |
| ▲ | charcircuit 3 days ago | parent [-] | | Containers are for security, but they rely on the kernel+ being secure. VMs rely on the hypervisor+ being secure. | | |
|
|
|
|
|
| |
| ▲ | fsflover 4 days ago | parent | prev [-] | | How about switching your bank if it forces you to give away your freedom for no security benefits? | | |
| ▲ | esseph 4 days ago | parent [-] | | Switch to the other bank with the same system? They're all like that. | | |
| ▲ | fsflover a day ago | parent [-] | | If all banks are like that in your country, you should complain to the legislators. |
|
|
|
