| ▲ | tsimionescu 4 days ago |
| Before we had secure phones, we used to get hardware gadgets from banks in order to secure access. Now that phones are secure enough, the phones act as the root of trust (and, unfortunately, SMS does as well...). |
|
| ▲ | necovek 4 days ago | parent [-] |
| Yes, and phones are full of vulnerabilities because vendors provide security updates only for 2-5 years (high end being rare), thus making this a moot point. |
| |
| ▲ | charcircuit 4 days ago | parent [-] | | The security measures do not need to be perfect. As long as fraud remains at a reasonable level it should be fine. | | |
| ▲ | necovek 4 days ago | parent [-] | | Agreed. Full disk encryption on a device you have full control of is sufficient. Containerization helps if you install untrusted apps. Not having root helps if you install untrusted apps (either vulnerabilities/exploitable or malicious) as root. | | |
| ▲ | esseph 4 days ago | parent [-] | | Containers are not security. Don't trust containers to have the same level of isolation as a VM. | | |
| ▲ | charcircuit 3 days ago | parent [-] | | Containers are for security, but they rely on the kernel+ being secure. VMs rely on the hypervisor+ being secure. | | |
|
|
|
|
