Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
Anonyneko 2 days ago

I've resigned to the fact that I'll need to use two phones, one with locked down Android/iOS for banking applications and government services (those require strong bank ID around these parts), another with some kind of a Linux or unlocked Android for literally everything else. Oh well, such is life, most people don't care enough about this to pressure Google/Apple/banks/governments into yielding.

A big reason why a non-locked-down OS is absolutely vital to me is that sometimes I (reluctantly) have to travel to places where I need to install obscure VPN/proxy services to be able to access international internet. Most services present in app stores have been banned for years now, and the government sometimes even succeeds in making Apple/Google remove the more effective ones from the stores.

ryandrake 2 days ago | parent | next [-]

What we need to push back on is making a phone a requirement to do routine banking and conducting other necessary business. There is no reason I should be required to have a phone in order to query my balance or transfer money to someone, when I have a perfectly good computer sitting here.

shafoshaf 2 days ago | parent [-]

The physical keys, like Yubico, help with that. However, I have not been convinced that a password manager with unique, strong passwords on all my accounts shouldn't suffice. I don't know why I have to be penalized because other users don't use best practices.

dpacmittal a day ago | parent | prev | next [-]

Bank apps in India don't run on rooted phones, need developer mode and adb disabled. At the same time, their website works fine on Firefox on Linux where I can literally go through all their front-end source, attach and run debuggers.

What even is going on? Why are banks doing this security theatre when all their apps are doing is calling some backend apis?

ulrikrasmussen a day ago | parent [-]

I think most bank apps in the western world also refuse to run on rooted phones. To my pleasant surprise my banking app worked on GrapheneOS though.

anonymousiam 2 days ago | parent | prev | next [-]

In my informed opinion, anybody who does banking on their phone is taking a big and unnecessary risk. I wish I could say more.

TFNA 2 days ago | parent | next [-]

> anybody who does banking on their phone is taking a big and unnecessary risk

It is not necessarily a matter of choice. Besides what the other commenter notes about 2FA, in some countries banks have been removing functionality from their online-banking website, and you can only do certain things in the phone app.

cesarb a day ago | parent | next [-]

> in some countries banks have been removing functionality from their online-banking website, and you can only do certain things in the phone app.

The most infuriating I've seen, is a bank which removed the anual tax report (which you need to do the anual income tax) from the online-banking website, requiring you to use the phone app... to download a PDF file, which you then have to transfer to the computer anyway so you can print it!

fragmede a day ago | parent | next [-]

Fwiw, iOS lets you print to network attached printers directly, no macOS needed.

literalAardvark a day ago | parent | prev [-]

You can print from your phone, and also you probably don't even need to print it.

eks391 a day ago | parent | prev [-]

This annoys me to no end. I have an old phone that I boot up occasionally because it holds all the apps that I only need once per year for a niche feature that is only accessible in their app. I don't need 200 apps on my main that I would otherwise never open.

Anonyneko 2 days ago | parent | prev | next [-]

See, the thing is, here you can't use banking on your computer without having a bespoke authentication app on your phone. There used to be a system of one-time codes sent via paper mail, but even that has been scrapped by now, so using bank ID apps is literally the only option across all of the local banks. In my bank the ID app and the bank app are even different apps, and it's the ID app that's the truly important one to have (and that, of course, hates rooted/modified phones with a passion).

The government services also go through these ID apps, although there is a poorly supported alternative that uses USB smart card readers. I have not seen a single person actually use it, probably for a reason, though I'm planning to get one just to have a backup...

nikonyrh a day ago | parent [-]

At least in Finland's Nordea bank you can order a physical code calculator, they used to be small enough to keep on your wallet but the new one is the size of an old small phone. It even has a QR scanner. So I just keep it at home.

Anonyneko 18 hours ago | parent [-]

I actually had no idea, I thought they retired these, but it seems that one of the models is still available. Thanks for the heads up!

unethical_ban 2 days ago | parent | prev | next [-]

I see you suggest you can't say more, but I'll still ask the questions:

Is it a privacy or financial risk to have banking on your phone?

How is banking on a phone app more dangerous than banking via mobile or desktop websites?

anonymousiam a day ago | parent [-]

It is a privacy risk, a financial risk, and a security risk.

The issue is the platform. Obviously there are issues with desktop platforms too, but those are easier to mitigate.

catcowcostume a day ago | parent | prev [-]

Not a choice if you live in a "developed" country

autoexec a day ago | parent [-]

I live in a "developed" country and don't have a banking app on my phone. It's a choice. Sometimes it's a choice of which bank you bank with. Sometimes it's a choice to stick with more traditional means of interacting with that bank and not even checking your account using a website, but it's absolutely a choice.

gonzalohm a day ago | parent | prev | next [-]

Is Linux for phones a thing? Or are you referring to GrapheneOS or LineageOS?

adornKey 19 hours ago | parent | next [-]

Real Linux on phones is a thing. They're usable, but most hardware is getting old. E.g. PinePhone still works fine, but they recently announced that it's unlikely that we see a new version. They mention that it's hard to be competitive with hardware when people can install PostmarketOS and SailfishOS on cheap old Android Devices for a similar experience.

https://pine64.org/2026/03/24/march_2026_fosdem/#where-is-th...

In the long run - without PinePhone - people will lose more and more control over hardware and drivers.

fsflover a day ago | parent | prev [-]

GNU/Linux phones exist: https://en.wikipedia.org/wiki/Librem_5 and https://en.wikipedia.org/wiki/Pinephone

Andromxda 16 hours ago | parent [-]

They're insecure [1] and far from usable.

[1] https://madaidans-insecurities.github.io/linux-phones.html

fsflover 15 hours ago | parent [-]

Only if your threat model is equal to the one from the GrapheneOS crowd, and only if you value freedom less than maximal security. It's fine if this is your choice, just don't say this is the only reasonable choice.

Concerning "usable", Librem 5 is my daily driver. I have no backup phone.

Also, after skimming your link and seeing "Hardware kill switches are nothing but marketing frills", I can state that this is nothing else than FUD. Kill switches can protect me, when GrapheneOS can't. You have to trust that your proprietary modem never spies on you. I don't have to. Also, here is a couple of nice discussions of this article: https://news.ycombinator.com/item?id=37507414 and https://news.ycombinator.com/item?id=28500824

jwrallie a day ago | parent | prev [-]

I think this is the only long term solution, even if cumbersome.

I’m curious what secondary devices people are using. I have a second hand Surface Go running Fedora 43 with Gnome, it’s a bit big but it’s doing its job well.