| |
| ▲ | Hackbraten 5 days ago | parent | next [-] | | I switched to a Linux smartphone because I've had enough of the duopoly. I also switched banks so I can use my bank card as the 2FA device, similar to CAP. [0] [0]: https://en.wikipedia.org/wiki/Chip_Authentication_Program | | |
| ▲ | jwrallie 5 days ago | parent | next [-] | | Probably in the long run the only way to go will be to own/carry two devices.
A long supported phone with stock firmware and apps you are "forced" to use to interface with the world around you, and a second Linux portable machine where you have your freedom. | | |
| ▲ | subscribed 5 days ago | parent | next [-] | | No, it's not "long supported" phone fallacy. Google and by extension banks, are claiming that the phone on, Android 9, without security updates AT ALL since 2009 is perfectly safe and secure to use. Meanwhile, really well locked OS, hardened so well some of the improvements were later picked up upstream (both by Google and Apple), running _the_ latest AOSP version and releasing new security updates within hours is not considered safe and secure, despite assuring full chain of trust (including locked bootloader, verified boot, etc). This is what Play Integrity does. Of course Android supports better scheme, hardware attestation, but od course Google enforces their iron grip on the ecosystem, and instead uses the outdated, flaved system that certifies only the devices with preinstalled Google services running in the privileged mode. Snooping on everything you do and have. Thats the reason. | | |
| ▲ | bakugo 4 days ago | parent | next [-] | | When companies like Google talk about a device being "secure", they don't mean secure from malicious third parties, they mean secure from the user. The device is considered "secure" if the user cannot do anything with it that Google does not approve of. | | |
| ▲ | ho_schi 4 days ago | parent | next [-] | | That's it. It is a device secure for Google to: * Enforce Hardware-DRM
* Enforce PlayServices
* Enforce apps which don't circumvent their business model e.g. YouTube-Downloaders ("Watch my ad again...")
* Payment fees from PlayStore Taking a look at the dangerous crap in the official Play Store confirms that. It is full of awful and dangerous apps. It was never about the security of the user. | |
| ▲ | FollowingTheDao 4 days ago | parent | prev | next [-] | | This is my exact feeling. Louis Rossman talks so much about this (YouTube). I think the only secure device now is a dumb phone. I am really learing to live life without the internet anymore. Between the lock in, the privacy risks, and just the hassle, it is easier to act like I am living back in the 1990's and just get used to the "inconvenience" of life without a smartphone. I can leave my smartphone in a faraday bag and just pull it out when I need it, or just wait to be in wifi. (I am homeless living in a minivan so this makes it much harder for me.) I just do not know how much this will effect GrapheneOS or I would get a Pixel 9a. It seems like it will not, at least for the older phones. At least we still have linux (for now). But more and more computer technology is looking like a trap. If anyone has any recommendations for a dumb phone that will work with AT&T please let me know. | | |
| ▲ | nemomarx 4 days ago | parent | next [-] | | It's been a minute but Nokia was selling dumb phones. I would also just check what at&t sells for very cheap prepaid phones in a physical store - they could tell you what kinda hardware still works? | | | |
| ▲ | spookie 4 days ago | parent | prev [-] | | Look at Sony phones and Sailfish OS |
| |
| ▲ | IOT_Apprentice 3 days ago | parent | prev [-] | | The irony is those are the same words Android users say about Apple & iOS. |
| |
| ▲ | IlikeKitties 4 days ago | parent | prev [-] | | > Google and by extension banks, are claiming that the phone on, Android 9, without security updates AT ALL since 2009 is perfectly safe and secure to use. Funnily enough that's actually a good thing in a twisted way. Long term, it will either force manufacturers to become much better with their update support, because apps will refuse to work on non-patched devices... or they won't and we'll all have one of those devices at home rooted through a long known CVE as a proxy for device attestation. |
| |
| ▲ | dTal 5 days ago | parent | prev | next [-] | | I've been doing this for years already, except I split it further to three devices: 1) an old iPhone with 0 personal data on it and in no way linked to my identity, which is used for completely untrustable commercial apps, and rarely even leaves the house. 2) a LineageOS Android which is my daily smartphone for things like camera and GPS, running almost exclusively open source apps, except for unavoidables like WhatsApp which are run in an separate profile 3) a GPD Micro PC running Void Linux, which is roughly the same size as the phone and a true swiss army knife. Its purpose is to reliably do what I want, when I want it. No systemd, for it does not spark joy. It is used for web browsing, note taking, light productivity, and playing movies on the TVs of friends who have overinvested in streaming and dongles only to find that $CHOSEN_MOVIE is not on any of their services. I am not entirely happy with this state of affairs - too many devices, and still not enough siloing of closed apps like WhatsApp. | | |
| ▲ | jbstack 4 days ago | parent | next [-] | | It seems to me that they way you have divided up the roles, you actually need 4 devices, because you need one to run commercial apps which are linked to identity (which rules out device 1) and which will only run on a "secure" device (which rules out 2 and 3). For example banking apps. | |
| ▲ | fainpul 4 days ago | parent | prev | next [-] | | Keeping all those devices charged is already too much of a hassle for me to do this. | |
| ▲ | jcul 4 days ago | parent | prev [-] | | Wow, that GPD Micro PC looks cool.
How well does it perform? I find void linux super lightweight, can get great battery life out of it on an old thinkpad. |
| |
| ▲ | CalRobert 5 days ago | parent | prev | next [-] | | You won’t be able to do much with the second. Web sites will force login with google, etc. and only work for attested browsers. | | |
| ▲ | antonkochubey 5 days ago | parent | next [-] | | Both Apple and Google decided against implementing device attestation in browsers. https://news.ycombinator.com/item?id=42522490 | | |
| ▲ | pessimizer 4 days ago | parent | next [-] | | They'll both change their minds at the same politically-opportune time. They're not competitors. | |
| ▲ | jsnell 4 days ago | parent | prev | next [-] | | Apple has been shipping device attestation in their browser for years (Private Access Tokens), with no backlash. | |
| ▲ | CalRobert 5 days ago | parent | prev | next [-] | | And Google decided against evil too | |
| ▲ | hollow-moe 5 days ago | parent | prev [-] | | for now* |
| |
| ▲ | UnreachableCode 5 days ago | parent | prev [-] | | I don't use Google login any where and have a lot of accounts with many different websites? Youtube and other Goolag ecosystem being the exception, but, of course they are? | | |
| ▲ | CalRobert 5 days ago | parent [-] | | Give it a few years, the google login nag screens are getting pervasive. And old school user/pw login is dying | | |
| ▲ | Hackbraten 4 days ago | parent [-] | | > And old school user/pw login is dying Is it though? Almost every new service has it, and all existing services keep offering it. |
|
|
| |
| ▲ | at-fates-hands 4 days ago | parent | prev | next [-] | | >> Probably in the long run the only way to go will be to own/carry two devices. Been doing this for a while. I have a smaller Samsung S22 for the apps I absolutely need that won't run on my Graphene phone. The majority of my day-to-day stuff is handled on my older phone running Graphene. Been tinkering with Ubuntu Touch, but AFAIK they haven't figured out how to solve the issues with VoLTE yet here in the US but its on my radar to try and make the switch soon. | |
| ▲ | pbnjeh 4 days ago | parent | prev [-] | | This is what I expressed considering, in another recent thread. Phone does phone things and "necessary" apps. Otherwise, it's a hotspot for the "unhindered" device. I'd enjoy suggestions as to suitable unhindered devices. P.S. I just hope we can continue to access / create unhindered devices -- and programs/apps (cough Manifest v3 cough). |
| |
| ▲ | anonzzzies 5 days ago | parent | prev | next [-] | | I wish I had enough clout / money to get a chinese tablet maker to allow me to install Linux. Luckily I could root it which is great, but outside that i'm lost. Hope someone will make my dream device with linux some day. | | |
| ▲ | bityard 4 days ago | parent [-] | | Someone already does, check out the StarLite tablet. It even runs coreboot firmware. | | |
| ▲ | anonzzzies 4 days ago | parent [-] | | Well, I did not mention what my dream device is; I cannot stand the limited battery life on almost all devices. That's why I like companies like Oukitel; their devices go forever. My main driver (rooted and cleaned) is the rt7 titan 5g. It's the best think I ever had. Rain, shine, in the pool, week long battery, you can hammer nails with it. That with Linux would be my dream device. |
|
| |
| ▲ | russnes 5 days ago | parent | prev [-] | | Which one? | | |
| ▲ | Hackbraten 5 days ago | parent | next [-] | | It’s a Librem 5. I’m looking for a more powerful model that can also run mainline(-ish) Linux. | | |
| ▲ | russnes 5 days ago | parent | next [-] | | Seeing as GrapheneOS appear to be recommended on the newest Pixel models, I wonder if it shouldn't be too difficult to get Arch Linux running on them with the AUR plasma-mobile? | | |
| ▲ | nunobrito 5 days ago | parent [-] | | Run away from Graphene, it is suspicious at best scenario and dangerous at worst. Just observe that the key factor is to be independent from Google and then the only recommended devices from their side are exactly google devices where nobody here can have an idea of what is modified inside them. You'd be better off supporting other distributions like Calyx, which have no problems in supporting other devices like the fairphone and so on. | | |
| ▲ | duesabati 5 days ago | parent | next [-] | | I was very interested in Graphene, do you have other grounds for your suspicions? | | |
| ▲ | fsflover 5 days ago | parent [-] | | I agree with the parent. GrapheneOS puts security above freedom, which is wrong. It forces you to give your money to Google and rely on Google hardware, which is questionable in the long term. They refuse to support different hardware "for your security". Their developers are constantly attacking GNU/Linux phones, which are the actual long-term solution for both freedom and security. https://news.ycombinator.com/item?id=44680624 https://news.ycombinator.com/item?id=43675380 | | |
| ▲ | scheeseman486 5 days ago | parent [-] | | I don't think I've ever read any solid refutation of the technical choices of the project, mostly just character attacks, the basis of which are dodgy at best. They're completely up-front about the limitations and catches of their choices, too. Those links don't really help your case, to be frank. Nothing strcat says reads as incorrect or even particularly controversial, they have personal beef with CalyxOS but their criticisms of the choices of the project are largely on point. They're justifiably upset by the mental health accusations too, it's kind of a joke that one of those people in the thread tried to gaslight strcat about how these accusations are somehow not a recurring issue when I, as a third party observer, have seen it come up all the fucking time. Meanwhile, you're imagining "attacks" on GNU/Linux phones, when most of what I read from them regarding those was sober and reasonable, if not particularly positive, but they're allowed to do that. Their priorities are clearly security and none of those phones really have any. | | |
| ▲ | fsflover 4 days ago | parent | next [-] | | This is another project that knows what you need better than yourself. People are constantly asking them to add support to other hardware, but the answer is "it's insecure". This is completely wrong and forces everybody without a(n expensive!) Pixel to abandon reasonable security. Even Qubes OS allows installing itself on hardware without VT-d, with respective warnings, and plans to enable GPU acceleration in VMs on demand. Their priority clearly isn't to make as many people as possible more secure but to force Google on you. Are you calling the above a "character attack"? I would love to use GrapheneOS on my Librem 5 and Pinephone. No proprietary drivers are required. Yes, some security features are lacking. Yet it would be a win for everybody. I didn't say anything about CalyxOS: I don't care about this. | | |
| ▲ | scheeseman486 4 days ago | parent [-] | | > the answer is "it's insecure". Can you give me a quote where they outright say this? Because my hunch is that what they actually say is something along the lines of 'because it doesn't have the security requirements that we desire' which would be true. Whatever their reasons for those choices, it also makes sense to limit scope given the extreme constraints they're working under and that scope is best limited to phones with the widest security feature support for their security-focus Android OS. > Are you calling the above a "character attack"? Grow up. | | |
| ▲ | Ghoelian 4 days ago | parent [-] | | 'because it doesn't have the security requirements that we desire' aka, insecure. | | |
| ▲ | pessimizer 4 days ago | parent | next [-] | | I am continually puzzled that sometimes people can't put together a denial without including an affirmation as a crucial part of that denial. It's like they're doing the opposite of question-begging, they're saying that you're wrong because you're right. | |
| ▲ | scheeseman486 4 days ago | parent | prev [-] | | No, those don't mean the same thing. All phones are insecure to some extent, most phones compared to GrapheneOS/Pixels are less secure and this has largely proven out whenever there's been leaks of the capabilities of law enforcement phone cracking tools. | | |
| ▲ | fsflover 3 days ago | parent [-] | | I just don't see how it refutes any of my arguments. See the example of Qubes OS in my above reply. | | |
| ▲ | scheeseman486 3 days ago | parent [-] | | QubesOS is an OS for PCs which have a standardized hardware interface. Support for older systems is basically "free". Smartphones aren't standardized in the same way and the amount of effort it takes to properly support other phones has a considerably higher cost on developer bandwidth. Anyone can fork GrapheneOS and build it for other phones if they want, instead of doing this the developers instead focus their time and effort on the most suitable hardware for their needs. This isn't a part of some agenda or a swipe at Linux, open source or Stallman's cholesterol filled heart, it's just pragmatism. | | |
| ▲ | fsflover 2 days ago | parent [-] | | I agree that the lack of resources is a reasonable argument. However this not the argument provided: https://news.ycombinator.com/item?id=30765013 | | |
| ▲ | scheeseman486 2 days ago | parent [-] | | Instead there's a bunch of other arguments that are just as reasonable which underline why deploying their security focused OS on such a hardware platform would be a waste of their time. This is your refutation? It really seems like you're more concerned about hurt feelings than objective fact here. Every link you've provided thus far was framed by you as evidence of poor decisions or behaviour on the part of the GrapheneOS team but you've done nothing to elaborate, and after reading the content of those links for myself there is nothing there that support the things you've been implying. It doesn't make a whole lot of sense, at least not unless I put myself into the mindset of a child and read any negativity expressed towards FOSS projects as an attack, or taking their choice to not target phones I like personally. | | |
| ▲ | fsflover a day ago | parent [-] | | I have no idea where you managed to find any feelings in my replies, and I will ignore the personal attacks. The linked security-related arguments aren't reasonable at all. They talk about improving users' security but instead the actual result is less security for the majority of people, due to (1) the high price of the supported hardware, (2) reliance on Google hardware not trusted by many users (https://news.ycombinator.com/item?id=45101524). | | |
| ▲ | scheeseman486 a day ago | parent [-] | | > I have no idea where you managed to find any feelings in my replies, and I will ignore the personal attacks. Your username is fsflover and your posts clearly have an ideological bias that favours purely open source solutions even if it goes against reason. > The linked security-related arguments aren't reasonable at all. They talk about improving users' security but instead the actual result is less security for the majority of people, due to (1) the high price of the supported hardware, (2) reliance on Google hardware not trusted by many users All SoCs are a black box and all of them are made by untrustable companies that are likely already working with the security services of whatever country they're R&D'd or manufactured in. There is no good solution to this, so they picked the best worst option. Nonetheless, most of the evidence that is available shows that GrapheneOS on Pixels are the most secure phones currently available. So, clearly not security theatre, whereas if they also supported phones that didn't even let you lock the bootloader it absolutely would be. GrapheneOS isn't to blame for every other phone manufacturer dropping the ball. | | |
| ▲ | fsflover 14 hours ago | parent [-] | | > fsflover Thanks for the clarification. Free software ideology is not like a religion, where people believe in a god. Every Stallman's essay explains a very practical reason for following his ideas. FLOSS protects you from the enshittification, walled gardens, backdoors (to a degree) and similar things. GrapheneOS have put themselves in Google's walled garden in terms of the supported devices and now Google can easily make them less secure or even kill them completely at will. This is like saying "you clearly have an ideological bias that favors democracy/ or freedom even if it goes against reason". Sometimes a tyranny is more efficient at forcing people to do a particular thing, e.g., produce weapons. It doesn't mean that choosing it can be reasonable sometimes. > All SoCs are a black box and all of them are made by untrustable companies You clearly can't understand that different people have different threat models. This is a huge problem of GrapheneOS developers: they never accept this possibility and force the single threat model upon everyone. This reminds me of Apple by the way: They do the same. In reality, some people can trust Chinese devices more than Google's ones (imagine that), or trust a particular company that didn't perform a ton of evil action like Google did (that's me and many others). > There is no good solution to this The good solution to this is security through compartmentalization, which is the best security approach ever invented. The more varied hardware people use, the harder it is to make a targeted attack or to mass compromise every single device sold. > most of the evidence that is available shows that GrapheneOS on Pixels are the most secure phones currently available I don't dispute that, and you won't find me saying that GrapheneOS is insecure in itself. I am saying that they did a wrong bet long-term, and their approach leaves a lot of people without Google's hardware insecure. > not security theatre, whereas if they also supported phones that didn't even let you lock the bootloader it absolutely would be. Once again, this is implying one single threat model upon everyone. I never leave my phone unattended, so nobody can secretly reflash it. And whenever I suspect a compromise, I reflash it myself using a disposable VM on Qubes OS. Does it look somewhat secure to you? |
|
|
|
|
|
|
|
|
|
| |
| ▲ | jamesnorden 4 days ago | parent | prev [-] | | >Their priorities are clearly security and none of those phones really have any. As opposed to a black box from Google, that nobody really knows exactly what it does... |
|
|
| |
| ▲ | pferde 5 days ago | parent | prev [-] | | No, the "key factor" of GrapheneOS is to provide a secure OS on a secure hardware. If the "key factor" was to be independent from Google, they wouldn't support Google devices at all. But since the Pixel phones are the only ones with secure enough hardware, GrapheneOS supports them. They even tell you in their usage guide that it's more secure to use Google's app store than e.g. F-Droid (which neglects several good security practices for an app store), and that it's not a good idea to blindly aim for "degoogling" at all costs. Go away with your baseless FUD. | | |
| ▲ | NoGravitas 4 days ago | parent | next [-] | | I use a Pixel with GrapheneOS because it's really the least bad option available today. But it's not wrong to say that they strongly prioritize security over privacy or freedom/independence. That's a fair decision for them to make, but people should know what they're getting into. | |
| ▲ | close04 5 days ago | parent | prev | next [-] | | > Pixel phones are the only ones with secure enough hardware The biggest thing that excludes most phones from supporting GrapheneOS is the lack of unlockable bootloader. Pixel phones also allow the developers to target a large but homogeneous hardware base. | | |
| ▲ | pferde 5 days ago | parent [-] | | There is no single biggest thing. GrapheneOS has a rather strict demands for a device they're willing to support, see https://grapheneos.org/faq#future-devices | | |
| ▲ | close04 5 days ago | parent [-] | | GrapheneOS doesn't support Pixels with locked bootloader. It's where the game stops for all locked phones, a common practice now. You can already see how this is the single biggest thing. The second big thing is that the "non-exhaustive list of requirements" is basically "whatever new Pixels do". Your conclusion that Pixel phones are "the only ones with secure enough hardware" is overstretching what's happening here. The developers took the Pixel as a template because it's a well selling line, with good security, and generally with unlocked bootloader, and modelled the requirements based on it. It's a reasonable approach to the development of a niche security oriented OS because: "In order to support a device, the appropriate resources also need to be available and dedicated towards it". It has the downside that it makes it sound like no other phone has comparable security features. Are the fully supported Pixel 6/6a more secure than any other non-Pixel phone sold on the market today? | | |
| ▲ | pferde 4 days ago | parent [-] | | What do you mean, "doesn't support Pixels with locked bootloader"? Yes, you need the bootloader unlocked to install GOS, but the last step during installation is locking the bootloader again. Having an unlocked bootloader is officially considered unfinished GOS installation. See https://grapheneos.org/install/cli#locking-the-bootloader As for Pixels being more secure than non-Pixel phones, I would say they are more secure, due to existing hardware security features that most non-Pixel phones do not have, and just as importantly, due to still getting regular security updates from the vendor. Pixel 6 in particular is supported until late 2026, if I recall correctly. This is the problem for most Android phones on the market - most of them stop getting security updates after a year or two, so your only option is hoping that one of the alternate Android OSes pick up the slack, e.g. Lineage or Calyx. EDIT: That they modeled their security requirements based on the best device available at the time is simply how this works if the priority is security. They picked best of what was available, built features around that, and refuse to compromise for new device models if at all possible. And yes, no other Android phone has comparable security features for what they are doing. That's not how "it makes it sound", that's just reality. | | |
| ▲ | close04 4 days ago | parent [-] | | > What do you mean, "doesn't support Pixels with locked bootloader"? You cannot install GrapheneOS on a Pixel that was locked by the carrier, it's literally the first prerequisite they mention [0]. From here came my initial comment saying that the biggest thing that excludes most phones from supporting GrapheneOS is the lack of unlockable bootloader. This is what should give you pause when you declare one phone to be "best HW for security" because it supports GrapheneOS. Some Pixels are unsupported even with the same HW/FW/SW. [0] https://grapheneos.org/faq#supported-devices | | |
| ▲ | akimbostrawman 4 days ago | parent [-] | | You acting purposefully obtuse. unlocked bootloader is the prerequisite for any android rom, that does not mean other hardware feature are less important than there other security requirements set by the project. Why other phones aren't comparable with details is literally explain two bullets point below your own link. https://grapheneos.org/faq#future-devices | | |
| ▲ | close04 4 days ago | parent [-] | | > purposefully Mighty all-knowing of you. Just read my first comment, see what I objected to, see what arguments I used, and then think 2-3 times if you really added to the conversation. There must be better way to pad your comment count. | | |
| ▲ | pessimizer 4 days ago | parent [-] | | I did, and it makes this comment unintelligible unless there are no other Android phones with unlocked bootloaders. You've moved the goalposts, then got snotty about it. edit: exactly who on this planet is motivated by "comment count" other than spammers? edit2: the only way I can make your comments comprehensible is if I assume that you thought somebody was angry that they couldn't install Graphene on a phone with a locked bootloader. Before you assume the person you're talking to is insane, you should consider the alternatives. |
|
|
|
|
|
|
| |
| ▲ | BlueTemplar 5 days ago | parent | prev [-] | | > it's not a good idea to blindly aim for "degoogling" at all costs Why not ? This seems to be exactly the push that was needed. |
|
|
| |
| ▲ | spookie 4 days ago | parent | prev [-] | | Fairphone and Sony Xperias - Fairphone 5 works with Ubuntu touch
- Xperias that are from previous gen can run Sailfish OS I've looked into others, don't recommend |
| |
| ▲ | seviu 5 days ago | parent | prev [-] | | Out of all the models I saw, SailfishOS is the only one that ticks all the boxes for me. Wish there were other alternatives. PinePhone Pro got discontinued. This is truly a duopoly. | | |
|
| |
| ▲ | yonatan8070 5 days ago | parent | prev | next [-] | | What if we collectively decide to use the web alternatives for banking?
We lose some convinience since they are generally desktop oriented, but they don't check who signed my kernel | | |
| ▲ | thombles 5 days ago | parent | next [-] | | My bank recently made it that app-based MFA must be used for every single web login. Unless I and many others are willing to swap banks in the vain hope that the new bank won't do the same thing (I am not), then we're cooked. | | |
| ▲ | lrvick 5 days ago | parent | next [-] | | Just say you do not have a compatible device. Special undocumented alternatives appear every time in my experience. | | |
| ▲ | riedel 5 days ago | parent | next [-] | | Sure, one option means paying for each SMS (actually they had to abandon that one), another option is getting a paid banking card just to use a hardware device. From my experience they try to make sure that you will get a certified phone . I just got one because for some reason my Redmi Note 10 despite passing all play integrity checks after hacks like Tricky store+Key box triggered some checks in my banking apps. I needed to use an aftermarket ROM, because my device would not receive any updates from Xiaomi (also I don't know why a device packed with Chinese bloat ware is certified as secure in the first place). And guess what I bought: a Google Pixel. Smart Google, huh. | | |
| ▲ | homebrewer 5 days ago | parent | next [-] | | These "security checks" are a complete, total, absolute joke. Just a couple of weeks ago I had a friend ask me to downgrade firmware on a similar Xiaomi device from the latest LineageOS to stock to make two shitty banks work. Nothing I did on Lineage would make "security checks" pass, even though it was running the cleanest possible Android 15 with the latest security patches applied. Now the phone is running stock firmware from 2020, with Android security patches from 2020, and with numerous publicly known vulnerabilities. The banks work fine, Google Pay works fine, every Play Integrity check passes, even the strongest one (device integrity). The only reason I see for it being implemented this way is not to lock the bad guys out from your phone, but to prevent you from doing anything to the banking applications, even through it is still possible through said vulnerabilities. One of said banks also refuses to run if it detects remote assistance clients on your phone (like TeamViewer), or even Discord, because apparently these were used in scams over the past few years, and we need to protect even the stupidest at the expense of everyone else. How did we come to this "future"? The worst days of desktop Windows weren't even remotely close to this nonsense. | | |
| ▲ | riedel 5 days ago | parent | next [-] | | The most stupid is the interplay with regulators: on one hand grapheneOS is far too secure if it comes to CSAM or organized crime on the other hand it is not secure enough for banking (most of the 2FA comes from the interpretation of the PSD regulations afaik). | | |
| ▲ | spwa4 5 days ago | parent [-] | | It's not stupid. It's governments being extremely cheap. Banks (large banks are part of the government everywhere, at least when it comes to policy) and governments are totally dependent on certification (meaning someone to check security patches on devices), effectively a group of people that have some budget to check a lot of software version of a lot of devices. This doesn't have to be many people. Nobody's willing to pay for it, so only Google, who have to do this for a bunch of other reasons, actually does it. On the contrary, governments are imposing other restrictions on OS'es (like EU Chat directive), as well as making more and more critical government functions (like eID, and the various equivalents, and the banks) that can never work without OS certification, are utterly dependent on the App stores (it requires the ability to replace apps on user's devices without being detected), and thereby driving people deeper into Google and Apple's arms. Despite the fact that this makes the EU totally dependent on yet another US company, making this stupid. And, of course, it makes securing anyone in the EU against US spying an exercise in futility. But it saves a little bit of money now, and gives the US, ie. Trump, yet another loaded gun aimed at the head of the EU economy. What could possibly go wrong? Sell your airbus stock. |
| |
| ▲ | subscribed 5 days ago | parent | prev | next [-] | | Google still didn't block leaked Nexus 4 keys, meaning anything rooted with magisk can spoof the integrity check. Rooted. Usually with unlocked bootloader. Safe. Also phones on Android 9 unpatched since 2009. Etc. :) | |
| ▲ | BlueTemplar 5 days ago | parent | prev [-] | | Why would you care about this but still want to run Discord ?? | | |
| ▲ | matheusmoreira 4 days ago | parent | next [-] | | Because that's where people are. The choice is to run Discord or be ostracized. | | |
| ▲ | BlueTemplar 4 days ago | parent [-] | | No, you can (and should) instead ostracise people that use Discord. As publicly as possible. That's how you change things. | | |
| ▲ | matheusmoreira 3 days ago | parent [-] | | That's not how it works. People like us don't ostracize anyone. We are a minority. We have no leverage at all against massive communities with thousands of members. |
|
| |
| ▲ | jamesnorden 4 days ago | parent | prev [-] | | ???
What's the correlation? | | |
| ▲ | BlueTemplar 4 days ago | parent [-] | | It's a platform, meaning you cannot run your own servers (as compared to "servers"). It's also Deep Web, not Open Web. Furthermore, it's US-based, with an unknown amount of Tencent backing, going back to before even its creation. |
|
|
| |
| ▲ | kelnos 5 days ago | parent | prev | next [-] | | > Sure, one option means paying for each SMS (actually they had to abandon that one), another option is getting a paid banking card just to use a hardware device. That sounds... fine? Like... there are actually alternatives. Sure, if their plan is to phase out those alternatives, then that's bad, but... the current situation seems fine? | | |
| ▲ | rvnx 5 days ago | parent [-] | | Reality is very different. If you have the courage, you can experiment living one year without bank card or wire payments, then your life is going to get very very difficult. | | |
| ▲ | sorrythanks 5 days ago | parent | next [-] | | This comment isn't about living without a bank card or wire payments, though? It's about living with a hardware TOTP device | |
| ▲ | 1gn15 5 days ago | parent | prev [-] | | This problem is getting worse too, as more and more businesses become "cashless only". | | |
|
| |
| ▲ | ChocolateGod 5 days ago | parent | prev [-] | | If you're trying to imply Xiaomi is crap with updates so people buy pixel phones I don't think that makes much sense. |
| |
| ▲ | reitanuki 5 days ago | parent | prev | next [-] | | Agree with this. Either you'll get SMS OTP (which is free for the user, at least in the UK?) or they will send some 'calculator' or multi-colour-code-scanner device that generates OTPs.
(Honestly this last one was the most impressive bank security system I'd seen yet; for every individual transaction, you'd have to scan the code and the scanner device would tell you what you were authorising, then you put the PIN in and get a OTP to put back in the bank) | | |
| ▲ | tonyhart7 5 days ago | parent [-] | | that is just normal practice for business account transaction in my country???? business account can request such devices so if any malicious people cant withdraw funds without pressing a same combination in all devices (there are multiple devices)
so there is no rogue employee |
| |
| ▲ | monegator 5 days ago | parent | prev [-] | | I switched banks when they required authentication with biometric and when i said i didn't want to do that the answer was sorry, we can't do anything for you then |
| |
| ▲ | dingnuts 5 days ago | parent | prev | next [-] | | fuck it back to cash | | |
| ▲ | sterlind 5 days ago | parent [-] | | I stayed away from cryptocurrency when DeFi and Web3 and NFTs were everywhere, but I've started paying with BTC where I can, so I don't have to deal with banking apps, and to stick it to puritanical payment processors, after the Steam/Itch debacle. Know Your Customer is acceptable. Nanny Your Customer is not. | | |
| ▲ | uyzstvqs 4 days ago | parent | next [-] | | Monero is the cryptocurrency everyone uses for this. The userbase and community is completely separate from the Web3 NFT dog-coin crowd (unlike Bitcoin). There's also systems like PaySafeCard, which is accepted by Steam. | | |
| ▲ | sterlind 4 days ago | parent [-] | | I'm really interested in Monero. I feel kinda nervous about using it, though, since even though everything I'm buying is legal, it feels like I'd be calling a lot of attention, and I want to make sure I'm buying and exchanging it in legal (if private) ways. | | |
| ▲ | uyzstvqs 4 days ago | parent [-] | | Using Monero is not much different from using Bitcoin. It's actually safer than Bitcoin in this regard, as you can't accidentally receive coins that are "tainted" by what previous owners did with them. |
|
| |
| ▲ | matheusmoreira 4 days ago | parent | prev [-] | | Know Your Customer is not acceptable at all. It is the financial arm of warrantless global mass surveillance. The government got the private sector to do all the surveilance for them. |
|
| |
| ▲ | prmoustache 4 days ago | parent | prev [-] | | Most banks give you a physical device when you say you don't have a smartphone. |
| |
| ▲ | MathMonkeyMan 5 days ago | parent | prev | next [-] | | I uninstalled banking related apps from my phone years ago. I used it so infrequently that every time I did use it, it was as if it had been newly installed and didn't remember anything about me. Now I use a desktop web browser for anything finance (and it's Firefox on Linux, so thankfully that works for now). | | |
| ▲ | homebrewer 5 days ago | parent | next [-] | | It's getting repetitive to come with the same message over and over and over again, but in many countries you can no longer interact with your bank through the web browser. The banks' applications are either required for 2FA, or are the only way to use remote banking at all. The last one applies in my country. You can of course go to the bank branch for every little financial operation, which is bad enough by itself for us living in cities, but is practically impossible for my relatives in the rural area, who would have to drive 100 km to the nearest bank branch, and then back just to move some money between two accounts. Even if you don't care for anyone else but your country, it will come to you also, I promise. | | |
| ▲ | fsflover 5 days ago | parent [-] | | You should at least complain to your bank and government, support NGOs fighting for your freedom like https://edri.org, https:/eff.org, or equivalent in your country. Forcing you to use foreign megacorps for essential services should be illegal if not already. | | |
| ▲ | homebrewer 5 days ago | parent | next [-] | | Sure, I complain basically every week, but it's like moving a mountain. It was the government's idea, and they're very gung-ho on continuing with it. The official reason is fighting tax evasion, but the more probable one is that the ruling elite has major stakes in all major banks, so they're very interested in making everyone dependent on those banks. The only realistic thing left for me is moaning about it on the ole 'net and hoping (probably in vain) that this disease doesn't spread further to other countries. Western democracies are already in the process of copying several bad ideas we implemented 10+ years ago (and China more than 20 years ago), I don't see a reason why this also wouldn't be ported over. And the digital sovereignty argument doesn't really work, one of the banks uses its own payment system — mostly copied from Chinese AliPay — and it's the most popular one here. Zero dependence on "the West" other than the phones themselves, where they think they have an alternative in Huawei and friends, and you're gonna have to depend on someone in any case, even just for internet infrastructure, or even cash printing machines. | | |
| ▲ | fsflover 5 days ago | parent | next [-] | | > Zero dependence on "the West" other than the phones themselves A smartphone today is the most essential and private thing you have. This is as far from "zero dependence" as you can get. > they think they have an alternative in Huawei and friends Do Huawei phones work for banking in your country? If yes, does it mean, Google Play / integrity isn't necessary? | | |
| ▲ | homebrewer 5 days ago | parent [-] | | Huawei phones have their own alternatives to Play Services; none of the banks work on pure ungoogled and un-everything Android. You have to use a locked device which you have zero control over in any case. |
| |
| ▲ | BlueTemplar 5 days ago | parent | prev [-] | | The problematic companies are all Russian/Chinese/USian(/Israeli ?) last I checked, so what "the West" generally has to do with it ? | | |
| ▲ | homebrewer 5 days ago | parent [-] | | The reply was to GP's: > Forcing you to use foreign megacorps for essential services should be illegal if not already. The only two major mobile operating systems are developed by American companies. The two most popular global payment processors are maintained by American companies. The hardware is jointly developed by a bunch of countries, basically all of them in North America and Western Europe. If one brings up digital sovereignty, should I think not of "the West", but of Tokelau, South Africa, or Brazil? |
|
| |
| ▲ | immibis 4 days ago | parent | prev [-] | | It's not really that different from forcing you to use a national midicorp (a bank) to bank. CBDCs solve this in theory, but the government would add the requirement back just for funsies. |
|
| |
| ▲ | pastage 5 days ago | parent | prev [-] | | The phone will be used as MFA, and that will have requirements especially on Android versions. So it is going to be harder to escape it, it is darn comfortable using Android as a MFA. Many banks still use a custom device for MFA here but is is slowly going away. BankID in Sweden and similar in other European countries. | | |
| ▲ | PeterStuer 5 days ago | parent [-] | | For now the custom issued 2FA is still an inconvenient option, but nearly everyone uses the phone for 2FA as it is so much faster. |
|
| |
| ▲ | PeterStuer 5 days ago | parent | prev | next [-] | | Many banks are slowly phasing out their websites to go app only. | | |
| ▲ | Gigachad 5 days ago | parent | next [-] | | In Australia they aren't phasing out web, but anything high risk like a transaction to a new contact and you have to approve it on the app. The app is considered a significantly safer environment. | | | |
| ▲ | derwiki 5 days ago | parent | prev [-] | | Which ones? | | |
| ▲ | kikokikokiko 5 days ago | parent [-] | | every single Brazilian bank for instance | | |
| ▲ | BlueTemplar 5 days ago | parent [-] | | Brazil is screwed anyway from what I heard about WhatsApp being mandatory for daily life ? | | |
| ▲ | homebrewer 5 days ago | parent | next [-] | | Even though I very much dislike WhatsApp, it does not require having full control over "your" device, and does not make itself an arbiter of what you can or cannot install on "your" hardware. I can't see them changing this in the foreseeable future, major parts of their userbase run the cheapest phones one can buy, and they're much more interested in as much data as possible, so near 100% device coverage has to be important for them. | | |
| ▲ | BlueTemplar 4 days ago | parent [-] | | Last time I tried to use WhatsApp (in 2024), it was also basically unusable, because after I gave it the barest amount of information during installation (using its own dialog screens !), (in particular not willing to share my contacts), it regularly locked me out (IIRC as not a 'real' user). |
| |
| ▲ | matheusmoreira 4 days ago | parent | prev [-] | | Brazil is screwed beyond belief but WhatsApp being popular is the least of our problems. It's got enough end-to-end encryption to defeat judges. It's much better than some parallel universe where people are using SMS or Facebook Messenger or whatever. I'll count my blessings. |
|
|
|
| |
| ▲ | matheusmoreira 4 days ago | parent | prev | next [-] | | In my country banks have required users to install "security modules" to log into their accounts for decades now. Once upon a time I tried to crack one of these things open. I discovered they were literal device drivers running in kernel mode and I caught them intercepting every single network connection. Told me all I needed to know. They even have Linux versions: https://aur.archlinux.org/packages/warsaw https://aur.archlinux.org/packages/warsaw-bin Who even knows what this malware does? I sure as hell don't want to find out. For the bank, things like "fraud prevention" override literally everything. There is no limit they wouldn't cross and there is no freedom they wouldn't trample in the pursuit of their goals. | | |
| ▲ | yonatan8070 4 days ago | parent [-] | | Just... wow. People get so mad about kernel-level anti cheat in video games, but when your bank does it, I've never heard of it before. I sure am glad my bank doesn't do this for now. | | |
| ▲ | matheusmoreira 3 days ago | parent [-] | | The video games industry and the copyright monopolists were just the first bosses. Now we're dealing with banks. One day we'll have to deal with governments. They think everything they do is justified and necessary. They've got a "legitimate" reason to do it so it's alright. Because total nonsense like fraud prevention is totally worth giving up our freedom for. |
|
| |
| ▲ | sfdlkj3jk342a 5 days ago | parent | prev | next [-] | | It's too late for that. In many Asian countries, most of the banks have completely removed access via a browser. | |
| ▲ | 1gn15 5 days ago | parent | prev | next [-] | | Also, use ATMs if you can instead. Don't use propietary code on your own machine; run it on theirs instead. | | |
| ▲ | PeterStuer 5 days ago | parent | next [-] | | ATM's are disapearing. There used to be one at every corner. Now, I have to travel to the next village that has just one left at the train station. Cash is positioned as suspicious. In 10 years, it might very well be illegal. | | |
| ▲ | scrubs 5 days ago | parent [-] | | Not in the US... have you seen the first or second Shrek movie where a monster busts in on a Starbucks and all the scared customers run across the street to another Starbucks? Like a virus they're everywhere. Same thing for atm machines. Cash is doing just fine. |
| |
| ▲ | falcor84 5 days ago | parent | prev [-] | | I don't understand the sentiment - how does relinquishing control of the hardware help us? I see a possible future where the banks/governments give the people devices to use for these things, and I don't like this future, as these would surely become spy instruments. | | |
| ▲ | defanor 5 days ago | parent | next [-] | | Not OP, but sharing the sentiment (never had banking or similar software on a phone, yet using ATMs, banks' web interfaces, offices). Avoiding interaction with a bank completely is rarely viable these days, and they will run their software on their hardware to operate either way (whether it is an ATM, a bank office, or a website). I do not see it as relinquishing control of the hardware, since you are not expected to control a bank's hardware in the first place. While setting it on your phone comes with the usual risks of running proprietary software on your machines, such as sneaky data collection. If banks/governments will give mobile devices to people for that, those may act even a little more like electronic ankle bracelets, but they would also be isolated from your other data and software; in places with near-mandatory government software, some choose to create such an isolation by having multiple devices for different purposes. | |
| ▲ | zigzag312 5 days ago | parent | prev | next [-] | | > how does relinquishing control of the hardware help us It's not relinquishing control, but separation of concerns for hardware. Bank should manage their hardware, not your hardware. | | |
| ▲ | 1gn15 5 days ago | parent [-] | | Yep! Thanks for helping me put my points across better. It's like having a separate work computer, for example. Okay, I guess more to the point, I don't want the banking app forcing the OS that I use. They can provide their own damn hardware! |
| |
| ▲ | dotancohen 5 days ago | parent | prev | next [-] | | > the banks/governments give the people devices to use for these things,
Give?The devices will cost "a reasonable amount" and have GPS tracking "for your safety". | | |
| ▲ | sigio 4 days ago | parent [-] | | Most banks here (nl) give you a dumb coincell battery powered code-calculator, either with or without smartcard access to your banking-card. Basically some form of TOTP or challenge-response system. Those devices have no network, no connectity, no gps, and no interface besides a tiny 7-segment lcd display and some 0-9 buttons for pincode entry. | | |
| |
| ▲ | p0w3n3d 5 days ago | parent | prev | next [-] | | It sounds like an implementation of the Orwell's 1984 telescreen | |
| ▲ | card_zero 5 days ago | parent | prev [-] | | In what way, if supplied by the bank and used only for contacting the bank to do banking, could a device become a spy instrument? Kicking banks off the internet/apps would make Android and Apple less cushy. | | |
| ▲ | falcor84 5 days ago | parent [-] | | > In what way, if supplied by the bank and used only for contacting the bank to do banking, could a device become a spy instrument? Here's my attempt at future history: Firstly they'll require you to prove your current location, to ensure that the request isn't made by a remote hacker; they'll do this by integrating their own cellular modem, as well as scanning local wi-fi networks. Then, at a second phase, they'll integrate a camera and microphone to perform a face identification, asking you to speak out a particular phrase while performing a particular motion. At the start they'll only require you to turn the mic and camera on during active usage, but eventually they'll say that these have to stay on continuously so that they can ensure that the device wasn't tempered with. And if we aren't careful, we'll accept every single small added requirement, until we're boiled alive. | | |
| ▲ | card_zero 5 days ago | parent [-] | | If it was normal and expected that you carry the device around, to make purchases with, then all that would be very bad, and it becomes like a phone but worse in some ways (less ownership over it) and better in others (does not contain other personal data). However, if it sits at home in a drawer, it can keep its camera on all it likes, transmitting images of darkness, and tell the bank repeatedly where your home address is, and sometimes (when in use) confirm what your face looks like. Not a privacy issue I think? Probably it would become expected that you carry the thing around and it replaces cash and cards, but that seems to me to be the crucial step if it's going to have meaningful potential for spying. |
|
|
|
| |
| ▲ | sushhtr 5 days ago | parent | prev | next [-] | | Can anyone confirm that the situation regarding authentication in EU will change with the PSD3 directive ? As far as I read the directive will require authentication methods to individuals without smartphones. Anyone alrady working on this ? | | | |
| ▲ | lifthrasiir 5 days ago | parent | prev | next [-] | | Except they did in several countries, typically using activeX. | |
| ▲ | tim1994 5 days ago | parent | prev | next [-] | | Ain't gonna happen (unfortunately). Somehow people (outside of HN) seem to like to use apps for everything. EVERYTHING. | |
| ▲ | vkou 5 days ago | parent | prev [-] | | > What if we collectively decide to use the web alternatives for banking? So, like, legislate it? Prior art exists on this point. |
| |
| ▲ | wafflemaker 5 days ago | parent | prev | next [-] | | Most banks worth their salt accept GrapheneOS. DNB in Norway does for sure. Same for BankID , national electronic identity authorization provider. There are good programmers out there that know their stuff. Find a bank that has a hacker culture like DnB. I remember that I chose them just by comparing uMatrix output between them and SpareBank - the other big player. DNB had no 3rd party trackers showing, while SpareBank had a lot. | | |
| ▲ | Sayrus 5 days ago | parent [-] | | Same in France, I would have switched to another bank that supports GrapheneOS if mine didn't. In my case, I doubt it's hacker culture but more of a sovereignty and accessibility issue which made them choose to not rely on Play Integrity. | | |
| ▲ | uyzstvqs 4 days ago | parent [-] | | I use several European banks, GrapheneOS works just fine. FYI, I know that Revolut is a Europe-wide bank which does not use Play integrity. In case anyone needs it. I've only had one non-banking app trigger the "used Play integrity" warning, though that app apparently does not care and still works fine. | | |
| ▲ | wafflemaker 4 days ago | parent [-] | | ChatGPT app is annoyingly triggering it with every prompt reply. But there is this escooter app in Norway called Ryde, that blocks itself from even being seen on Play Store. They are otherwise very good, excellent support, responded positively to some UI feature requests. They also have a living wage policy for their battery maintenance mechanics. How would I approach them about changing how they verify phones? I'm no dev really and feel like it's a little above me. | | |
|
|
| |
| ▲ | safety1st 5 days ago | parent | prev | next [-] | | I live in Thailand which is very mobile first and the main way to pay for things here is through your banking app, you scan a QR code, it fires up the app and you make a transfer. The convenience is great but increasingly businesses now begin to offer this as the ONLY way to pay. I keep telling people because I'm seeing it begin. This is how it happens, this is the endgame for freedom, democracy and life as you know it. Give the West 20-30 years, it will happen in some developing countries sooner. They will require the approved app to buy and sell. Without it you will be outside the financial system, and maybe will starve. They will require the approved app to only run on the approved operating system. You will have 2-3 options for the approved operating system but total surveillance will be a mandatory feature on all of them. Finally, they will punish you for wrongthink when your surveilled device detects you writing or saying it. As the world gets worse political leaders will become more authoritarian until one finally checks the last box on that list, and that's the end. There will be no escape except for death. All the pieces are coming into place. Every time you hear them talking about better security for XYZ you can see how it's one of the pieces on the board, being moved one square. I don't think there is one guy who has this master plan I think it's the inevitable end state for surveillance capitalism that's as pervasive as ours. I am an atheist, I think the Bible is all fairy tales, and yet the "Mark of the Beast" vibes I get from where the world is going are out of control. The mark on your hand or your forehead that will be required to buy or sell, that was what you'd be forced to accept once the Antichrist took over, or whatever. The 2,000 year old fairy tales were not wrong they are starting to set it up now, you carry the device in your hand, they will do it through payments and banking. | | |
| ▲ | stavros 5 days ago | parent | next [-] | | This has been happening for a while. I've seen plenty of card-only shops in the UK and US. | |
| ▲ | hans_castorp 5 days ago | parent | prev [-] | | I am curious: how do tourists pay? Will they be forced to install those apps as well without having a bank account in Thailand? | | |
| ▲ | homebrewer 5 days ago | parent | next [-] | | When traveling to China, which is also a very mobile-first country, you're expected to install AliPay and WeChat. A couple of years ago AliPay started accepting foreign bank cards, which you add to your account (in addition to lots of other information including photos of yourself and scans of your government id), and then pay through the AliPay application everywhere. Cash has been made extremely inconvenient or even impossible to use, foreign cards are also often not accepted. | |
| ▲ | safety1st 4 days ago | parent | prev | next [-] | | The government and one of the largest banks collaborated to release an app which lets tourists make payments through the QR based system this year: https://www.tatnews.org/2025/03/tourist-e-wallet-tagthai-eas... | |
| ▲ | darkwater 5 days ago | parent | prev [-] | | > I am curious: how do tourists pay? Cash or normal credit/debit card, but I guess that for native having a credit/debit card costs more money and cash well, it's cash like everywhere else with its pros and cons. |
|
| |
| ▲ | seviu 5 days ago | parent | prev | next [-] | | I don’t need a bank for my daily driver and I can have a backup phone. You can get fairly recent Android devices at a fraction of the cost of a new one. And if you still can, use the website. I also had enough. Switching to Linux pretty soon. | |
| ▲ | userbinator 5 days ago | parent | prev | next [-] | | The alternative is older versions of Android, from before these hostile changes. The propaganda that it's "unsafe" is just that, propaganda. Perhaps Google will realise once enough of the population refuses to put on the noose. | | |
| ▲ | russnes 5 days ago | parent | next [-] | | the majority of the population will happily put on the noose and they will join in on pressuring you to do it too. Don't kid yourself. However, a successful resistance movement only requires like 3% of the population or something | |
| ▲ | saidinesh5 5 days ago | parent | prev | next [-] | | The problem is not the propaganda, it is the businesses restricting the freedom and choices of users because of this propaganda. So many apps even refuse to be installed on older versions of iOS/Android. | | |
| ▲ | userbinator 5 days ago | parent [-] | | So many apps even refuse to be installed on older versions of iOS/Android. That's because they see older versions of Android decrease in usage so they think it's fine to lock them out and potentially lose customers[1], but they're not going to do that to the majority of them. If the majority stops falling for the propaganda and "upgrading" to a worse experience, other businesses will follow. [1] I have told businesses that changes to their site have made me no longer want to do business with them, and seen responses ranging from complete dismissal to quick reversion. | | |
| ▲ | BlueTemplar 4 days ago | parent [-] | | Yet another reason to dump iOS/Android : planned obsolescence of this form. |
|
| |
| ▲ | zx8080 5 days ago | parent | prev | next [-] | | It's totally unfeasable for those using stock deviced. Refusing to upgrade takes lots of attention even from experienced users like developers. Regular user just doesn't have any chance to avoid accidentally clicking or intentionally accepting the annoying permanent notification to upgrade OS. | | |
| ▲ | userbinator 5 days ago | parent [-] | | It's the norm for the huge number of users with devices where there is no newer upgrade available from the original manufacturer. Back when Android was great(tm) there were far more of those than today. |
| |
| ▲ | PeterStuer 5 days ago | parent | prev [-] | | The bank app, mandatory updated to the latest version, does not run on old android. |
| |
| ▲ | fluidcruft 4 days ago | parent | prev | next [-] | | Here's what I think Google should do: I really like the Work Profile feature. It essentially sandboxes Work from personal and it adds nice little briefcase badges to mark apps that are in the Work Profile. Another solution might be to to add an optional Uncertified Profile that if turned on allows unregistered apps but sandboxes them and marks them with a "dangerous" badge. That might ensnare these trojans and malicious apps that pose as legit. That might be enough to scare grandma and let people who know what they are doing do what they want. Although, frankly I'd just prefer google just made a "Secure Profile" to keep bank apps and other high-security apps away from everything else. | | |
| ▲ | throwaway290 4 days ago | parent [-] | | > allows unregistered apps but sandboxes them and marks them with a "dangerous" badge Surely apps are sandboxed on android by default? | | |
| ▲ | fluidcruft 4 days ago | parent [-] | | To some extent, but permissions are very loose on Android (i.e. broad and difficult to fully think through implications in terms of how apps might interact) and in many cases they are not fine-grained enough. For example, without Work Profile it's difficult to compartmentalize to avoid mixing personal and business files and its difficult to say what apps do behind the scenes (say, PDF or word document viewers try to be "helpful" in ways you don't really want) and other intents. |
|
| |
| ▲ | Perenti 5 days ago | parent | prev | next [-] | | I don't do banking on my phone. I really don't understand why anyone would. If I can't get to my PC or laptop, I'm probably near an ATM. I've already given so much autonomy to Google/Alphabet/Apple, I won't give them access to my bank account. | | |
| ▲ | em-bee 5 days ago | parent [-] | | even if you use a computer to do banking, like i do, some banks still require an app for 2FA, or windows... ATMs won't let me send money or do any other kind of maintenance | | |
| ▲ | 1gn15 5 days ago | parent | next [-] | | I think this depends on the ATM. OCBC ones do allow sending money digitally. Oh, and you can always send money by withdrawing cash and giving it to the other person physically. Or go to the bank branch, or write a cheque. | | |
| ▲ | rollcat 5 days ago | parent [-] | | I won't leave my home to type a 20-digit IBAN into an ATM. I won't travel to another city or country just to hand money in cash. I won't travel to a branch to... I have never ever written or received a cheque, what the heck even is a cheque? A piece of paper someone can photo-copy? I used to be able to do all of my banking from a web browser, from any browser/OS I liked. I've had a fob that displayed a 6-digit code rotating every 30s. This used to be simple and secure. What you propose is ludditism. | | |
| ▲ | BlueTemplar 4 days ago | parent [-] | | Luddism -- in this case going without a smartphone altogether -- is quickly becoming the most reasonable option. You are also quite quick to dismiss cheques as someone that never even tried them... | | |
| ▲ | rollcat 4 days ago | parent [-] | | You don't solve "abusive technology" by getting rid of the technology, you solve it by addressing the abuse. | | |
| ▲ | BlueTemplar 4 days ago | parent [-] | | Why not ? Worked out fine for asbestos. Technics aren't neutral. | | |
| ▲ | rollcat 4 days ago | parent [-] | | Asbestos wasn't understood well at first, and its continued use was due to its utility. Practically all countries around the world have successfully regulated/banned it. Removing asbestos is when it becomes most dangerous. Online banking is dead simple to secure: require a TOTP token. It's something you have (like a debit card) + something you know (PIN/password). The poison being introduced is through a third party, and entirely unrelated to the original function. |
|
|
|
|
| |
| ▲ | hellojesus 4 days ago | parent | prev [-] | | > some banks still require an app for 2FA, or windows... Are these limited to only "approved" apps? Usually you can add an auth to an app via a qr code or string. Why can't people use whatever auth app they want, or even just roll their own? | | |
| ▲ | em-bee 4 days ago | parent [-] | | it's something nonstandard, so there are no approved apps, but it is only the app provided by the bank and nothing else. there used to be two, one for auth only and one for onlinebanking itself, which was optional because you could use auth to log into the web. as i understand it they merged the two apps and now only support the all-in-one app. apparently the banking features of the app can be turned off, but i could not see if that can be locked too. |
|
|
| |
| ▲ | scotty79 5 days ago | parent | prev [-] | | What about GrapheneOS? | | |
| ▲ | zx8080 5 days ago | parent | next [-] | | I'm not going to buy Pixel feeding Google further with my pennies just to use GrafeneOS. | | |
| ▲ | fzorb 5 days ago | parent | next [-] | | Well you can always buy second hand/refurbished. | | |
| ▲ | rollcat 5 days ago | parent [-] | | Viability of second-hand still drives market demand, as people have an incentive to buy devices that have resale value. The counter-argument is that otherwise this device will become e-waste. This is still a conundrum, but "don't give your money to Google" remains the active topic here, so... | | |
| ▲ | hellojesus 4 days ago | parent [-] | | True, but grapheneos only supports Pixels because of the unlocked bootloader and hardware security. If more and more people adopt Pixels solely to install Grapheneos, it may drive other hardware manufacturers to offer a device that meets Grapheneos' requirements, and then they can bank on grabbing almost all of the PixelGrapheneos market share, or at least the fraction which actively wants to avoid google (which I suspect is at least 75%). |
|
| |
| ▲ | immibis 5 days ago | parent | prev | next [-] | | Maybe you should buy good devices from any vendor, and the market will do what economists say it should do, and keep making those devices. (As if!) | |
| ▲ | preisschild 5 days ago | parent | prev [-] | | But Google is one of the rare Android smartphones vendors that allows you to install a custom operating system, while still allowing the same security as with the default one (ie allowing bootloader re-locking with a custom key) |
| |
| ▲ | zx8080 5 days ago | parent | prev [-] | | Is it a joke? Have you seen the list of supported devices? https://grapheneos.org/releases (Pixels only) | | |
| ▲ | falcor84 5 days ago | parent [-] | | Is there anything about GrapheneOS that limits it to only Pixel devices, or was it just a prioritization decision? | | |
| ▲ | codethief 5 days ago | parent | next [-] | | https://grapheneos.org/faq#future-devices | |
| ▲ | preisschild 5 days ago | parent | prev | next [-] | | Yes. There aren't many Android smartphones that allow you to re-lock the bootloader after installing a custom operating system. Pixels are the only ones officially supporting `avb_custom_key`. https://github.com/chenxiaolong/avbroot/issues/299 | |
| ▲ | nunobrito 5 days ago | parent | prev [-] | | It is sus as heck and just about everyone in cybersec was complaining about that weird decision. Go for Calyx or any other android distro, they have zero difficulties in supporting more devices. | | |
| ▲ | rollcat 5 days ago | parent | next [-] | | GrapheneOS developers are free to set their bar wherever they like it. It's an independent, non-profit foundation, driven by community contributions. They provide a web-based, hands-free installer. They offer their work for free, and owe nothing to anyone. Personally, I wish there was an open/libre device on the market that GrapheneOS could target. | | |
| ▲ | fsflover 4 days ago | parent [-] | | > Personally, I wish there was an open/libre device on the market that GrapheneOS could target. You mean, Pinephone and Librem 5? | | |
| ▲ | rollcat 4 days ago | parent [-] | | Let's start with HW secure element and boot chain verification (IMHO the minimum bar that's met by e.g. a 2013 Thinkpad), then work thru the rest of GrapheneOS' checklist. Also: Android. If I didn't need Android/iOS apps, I'd be using a Nokia 3210. | | |
|
| |
| ▲ | hellojesus 4 days ago | parent | prev | next [-] | | Suspicion constantly comes up in this regard, but their site (as linked by another commenter) provides their rationale. The last cellbrite leaks show it as more secure against attacks from le than the current iphones, and that's more important to me than abandoning google hardware. | |
| ▲ | ghgr 5 days ago | parent | prev | next [-] | | Serious question: can you point out some serious complaints? They seem to have an exhaustive justification for their reasons to only support Pixels, see https://grapheneos.org/faq#future-devices | | |
| ▲ | ruszki 5 days ago | parent [-] | | This list always bugged me. If Pixel - for example - starts to introduce security patches slower, they will change this list... or even ignore it. If something more secure comes into the picture, they will change this list, and they will ditch supporting Pixel. If they don't, then it will be quite obvious, that they formed this list only to meet only Pixel's feature list. Also Google can obviously satisfy this list more easily, than any other company, so basically they created a moot for them. |
| |
| ▲ | hans_castorp 5 days ago | parent | prev [-] | | Calyx development has stopped. |
|
|
|
|
|
