| ▲ | lawn a day ago |
| GrapheneOS still works fine (support for Pixel 10 will most likely come). What the future holds is unknown however. |
|
| ▲ | randunel a day ago | parent | next [-] |
| My banking app, my city hall's app and my kids' school app for parents wouldn't work on non-google OS for "security" reasons. Many more national services require an original OS to function, even if I don't personally use them yet https://github.com/eu-digital-identity-wallet/av-app-android... |
| |
| ▲ | uallo a day ago | parent | next [-] | | Complain to them, give them a bad rating in the Play Store. This is likely caused by using the obsolete SafetyNet Attestation API as outlined here: https://grapheneos.org/articles/attestation-compatibility-gu... | |
| ▲ | codedokode a day ago | parent | prev | next [-] | | I never install banking apps (not secure - no second factor, spyware risks) so I don't think it is important to have them. What is important is a phone that no other party can remotely control. | | |
| ▲ | conradfr a day ago | parent | next [-] | | Because your bank doesn't force you to verify yourself on the mobile app to log in on desktop ... yet. | |
| ▲ | speckx a day ago | parent | prev [-] | | Curious. Do you use the bank's website via a browser from a computer? What about in-person banking? Do you go to the bank? | | |
| ▲ | codedokode a day ago | parent [-] | | Website from desktop + SMS code is used as a second factor for login and for confirmation of operations. So the attacker would need to hack a desktop to read information and both devices to actually steal money. Or they would need a phone and a card number to login without password. I am surprised why so many people use banking apps on phones. The apps often use SMS or even push notification (because it's cheaper) for confirmation and once you got access to the phone you can do whatever you want. Also banking apps tend to spam users with distracting notifications, and they often require extended rights, for example to scan other apps, to access contact list etc. For example, one of Russian banking apps includes an antivirus. > What about in-person banking? Rarely. Last time I went in-person, I found that the bank switched to a model (don't remember how it's called) where the office looks like a cafe with tables and employees come between them with laptops and there was really long waiting time so I got an impression that they don't want people to come in-person. Although I had some fun overhearing an angry customer complaining that his card was blocked for receiving transfers and immediately withdrawing large sums of money. He wasn't able to explain the source of the money or provide any documents but got a promise that his card would be unblocked. Luckily there are still banks with traditional offices. |
|
| |
| ▲ | ipaddr a day ago | parent | prev | next [-] | | Use your banks website. Installing a banking app is asking for trouble. City hall should have information on its website why do you need an app? Kids school app sounds like the worst idea. What information are you missing by not downloading it? | | |
| ▲ | randunel 15 hours ago | parent | next [-] | | > Use your banks website. Installing a banking app is asking for trouble. My bank enforces 2fa and the app must be used to log in their website. SMS is an alternative for logging in, but NOT for 3dsecure. > City hall should have information on its website why do you need an app? Certain functionality, such as reporting city hall relevant violations (parking on pavement being an example), absolutely requires using their app to submit the photos. > Kids school app sounds like the worst idea. What information are you missing by not downloading it? All announcements are exclusive to the app. Trips, injuries, etc. | |
| ▲ | jbstack a day ago | parent | prev [-] | | > Use your banks website. Installing a banking app is asking for trouble. If you can. In order to be able to login to my bank's website I need a OTP which is generated by... can you guess? Yes, their app. Which I can now only run if my Android settings meet their standards. The other day it took me half an hour to access my banking because the app kept complaining that my device wasn't "secure", until I figured out the magic combination of settings to undo to make it work (including for third party apps that should be none of the bank's business). | | |
| ▲ | const_cast a day ago | parent [-] | | There are numerous TOTP services that we know are perfectly secure. They should just use one of those. These banks are assholes. They're trying to get you to download the app for advertising, marketing, and data collection purposes. Not security. | | |
| ▲ | tomatocracy a day ago | parent [-] | | This is in part driven in turn by regulations like PSD2 in the EU requiring "Strong Customer Authentication". Most banks seem to have decided that a TOTP-style challenge does not meet the requirements of the regulation (this may even be an explicit ruling, I don't know). |
|
|
| |
| ▲ | lawn a day ago | parent | prev [-] | | That's very unfortunate. Most apps work fine though, including all Swedish banking and authentication apps I've tried. | | |
| ▲ | worldsayshi a day ago | parent [-] | | Oh, really, Swish and BankID works on Graphene OS? | | |
| ▲ | lawn a day ago | parent [-] | | Yes. I only had to enable some permissions when I copied BankID to the new phone but otherwise everything seems to work. |
|
|
|
|
| ▲ | fluidcruft a day ago | parent | prev | next [-] |
| If Apple made iOS more customizable (i.e. replacing launchers etc) I wouldn't see a reason to keep with Android. I certainly don't see any reason to replace my Pixel with another Pixel at this point (been fiercely loyal to the Nexus/Pixel line since Nexus S). Hostility is hostility, and when limited to choosing among devices that are a pain in my ass, Pixel no longer has any advantage. Google is converting Pixel into leverage for the rest of their products. Bye. |
| |
| ▲ | lawn a day ago | parent [-] | | Why would you move to Apple when you're upset that Google is copying what Apple has done for many years? And even after that, the Apple ecosystem is even more closed down than Android. | | |
| ▲ | const_cast a day ago | parent | next [-] | | Because the android ecosystem and android devices like the Pixel have a lot of disadvantages - we just look past them because of the customizability and openness-ish of android. Of android just becomes iOS but worse, then just use iOS. Currently android is iOS but different. But for many years now it seems Google has been shooting for iOS but worse. | |
| ▲ | fluidcruft a day ago | parent | prev [-] | | Because using Android is always extra friction in my life. I have tolerated it because of the ideals of Pixel and Android (which Google has slowly and deliberately evaporated). Also Apple does a better job at standing up to government bullshit (where Google tends to stay suspiciously silent). So when they are on equal ideological footing, Apple as a consumer product company wins against the Google surveillance apparatus. Basically: Apple is a better Apple if Google wants to turn itself into even more of a pathetic Apple wannabe. |
|
|
|
| ▲ | OutOfHere a day ago | parent | prev | next [-] |
| (deleted) |
| |
| ▲ | Klonoar a day ago | parent | next [-] | | GrapheneOS project people were literally in comments here in the past month or so indicating they’re in talks with another device maker to have an alternative to the Pixel. | |
| ▲ | a day ago | parent | prev | next [-] | | [deleted] | |
| ▲ | lawn a day ago | parent | prev [-] | | What's with this annoying and false narrative that it's all over for GrapheneOS? Everything suggests that they will be able to support the new Pixel models. > We've received the Pixel 10 we ordered and have confirmed it supports unlocking, flashing another verified boot key and locking again. https://grapheneos.social/@GrapheneOS/115102473921005918 |
|
|
| ▲ | ekianjo a day ago | parent | prev [-] |
| Only on specific models |
| |
| ▲ | subscribed a day ago | parent [-] | | Currently from 6 to 9a inclusive. 4 and 5 are no longer supported (not covered under normal release channels) but you can still download images under legacy extended support. | | |
| ▲ | ekianjo a day ago | parent [-] | | What I mean is, only Pixel phones. That's like a very small part of the whole range of Android devices. |
|
|
