- cross-posted to:
- privacy@lemmy.world
- cross-posted to:
- privacy@lemmy.world
cross-posted from: https://slrpnk.net/post/15995282
Real unfortunate news for GrapheneOS users as Revolut has decided to ban the use of ‘non-google’ approved OSes. This is currently being posted about and updated by GrahpeneOS over at Bluesky for those who want to follow it more closely.
You must log in or register to comment.
womp womp.
man, and i was gonna switch to graphene this christmas. if every app can just ban my OS, i might have to rethink this. i would use the website but they restrict so many things to apps now…
TBF, this is the first time I’ve encountered an app not working - and it was before this. It’s just because of Google push towards monopoly via their Play Integrity API that’s ruining this.
play “integrity” should be considered malware, any program that deliberately does something the user doesn’t want it to should.
Well, switching to GrapheneOS shows that you don’t care what those companies do and that you’re willing to fight. It means those companies lose one more customer.
Honestly i didn’t even think of that. i’ll still switch then!
Nice choice. You not switching is exactly what these companies wanted.
I was about to switch bank because for a few days my current one (inadvertently) blocked it on grapheneOS. We sent them a few emails and they fixed in less than a week.
I use a small local credit union that doesn’t appear on their supported list. It’s literally the only thing holding me back, I’m tempted to say fuck it anyway. But I wonder if it might work anyway…
- Order a Pixel
- Flash GrapheneOS
- If it works, congratulations! If not, switch banks or revert to stock and return the phone.
If nothing else can you use the browser?
I’ve used Hermit for years to present websites like an app, and am using Native Alpha on my new phone.
Yeah you’re probably right. I’ve gotta get a new phone before I can really attempt it, but I’ll at least try!
What’s the app name? I could install it and see what happens
Use a browser like Native Alpha or Hermit, which present a website like an app.
And if you use Bitwarden/Vaultwarden for your passwords, it can be pretty seamless.
Why would anyone load an app from McDonalds? You want to give them elevated access to your most personal data for a few dollars of coupons?
What are they taking from you that’s worth more than the discounts they are giving you? Because they are definitely making a profit, or they wouldn’t be doing it.
I used to work hosting Focus Groups, we would pay cash, and top dollar for even small chunks of specific data sets on demographics that would age very quickly. Since people’s habits change, different trends, feedback, etc. Hence the need of constant campaigns. Today, people give a lot of this data away, for free, in a constant data stream, for months if not years on end for cents or even a couple of bucks a month. Via constant tracking and profiling. It’s crazy how privacy illiterate people are.
We are definitely in the era where people think discounts before user privacy. I bet most of people downloading the Mcdonald app do it exactly because of cheeper prices and easy of access.
just had medium fries and coke. many people i know, including myself, use the mcd app because of the discounts it offers when ordering through the app. however, i am under the impression that since i use an ios device and have the option to decline being tracked by the app—which i very eagerly press “no” to—i am on the safe side. am i?
No, Apple isn’t your guardian angel with the press of a button.
Apple does extensive audit of mobile apps, including limitations of tracking. So the app cannot spy on something you are not letting it to know. But you are giving it a bunch of info voluntarily.
I’d say using that app on iOS is similar to making a food delivery order using a loyalty member ID. Basically, you are letting the company (McDonald’s) know who you are, what is your phone number, where do you live, and what do you like to eat. And if they wish to, they could use all that to purchase your profile from a data brocker. Or they can sell that info for a few cents to make up on that discount.
just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.
just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.
just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.
How did you manage to post the same comment 4 times? 🙃
Webapps everything you can like I do with Firefox and ublock origin. Fuck these assholes.
Not for Revolut. App only.
They do have a web app, it’s just very feature limited https://www.revolut.com/blog/post/introducing-the-revolut-web-app/
Like you can’t even pay people money kind of feature limited
not really. services make the mobile site unusable. example:
- facebook: nags you to use the facebook app with popups and large banners
- facebook messenger: does not even let you to log in
Fuck Facebook. I left that shithole in 2015.
3 shites dropped.
This sounds like an antitrust legal problem…
The GrapheneOS team is already talking to regulators: https://grapheneos.social/@GrapheneOS/112539378681400395
Well, Google is known for destroying its opposition.
This has very little to do with Google. Custom OS’s in general are being restricted by these apps, not Graphene in particular. All custom OS’s and root access devices are inherently less secure, even if they are privacy focused OS’s.
In IT this is called a zero trust. You don’t trust anything you cannot verify yourself. And a user installed OS is not something anyone can verify other than the installing user. Obviously for your own security you have your own zero trust policy if you are using something like Graphene, but these companies aren’t making it more secure for you as a user, they’re covering their asses in case there are holes in security they cannot account for.
I had Custom OSs installed before. My bank works fine, but there are apps that require Google Apps. I’d say that’s got pretty much to do with Google.
You’re implying that Google is causing these apps to not support custom OSs. But it’s literally not true. These apps are just not supporting custom OSs because their businesses don’t want to support non-standard platforms for security purposes. Tons of banks do not support custom OSs. It has nothing to do with Google and everything to do with not trusting the user which is 100% the correct approach for cyber security.
Got it. So it’s something similar to latest security proposals like not letting me download files on Windows because they are not normally downloaded. Or visiting a website with self signed certificates. So it’s more secure.
The apps complain: “You need Google Play services to use this app”.
So it’s about security. Right. What kind of security does McDonaldss need? Does it need security for their coupons?
Besides that, I thought payment gateway provided very good security by themselves.
But let’s steer from what happens on mainstream apps a little.
Isn’t Google Wallet or Online payments insecure too? Don’t they have tons security failures also? Human security failures, like if someone robs my phone and my info they would have access to my money?
Google and the smartphone industry employ accelerometers and other methods to make sure robbers can’t get to the system. They admit themselves that the systems aren’t safe and they’re working on AI and electronic methods to avoid access to sensitive information.
Is this the security you’re talking about? Maybe we should just steer the industry another way, like those Custom OSs do. Alternatives aren’t security potential threats. They’re the solution for the problem.
Making a monopoly based on making it “safe” isn’t secure at all.
It’s not for your security. It’s for the company’s security. You’re really dense you know that. This is not about you and it’s not about Google. What I’m saying is, people suck ass. So to protect themselves from people sucking ass, they restrict access to their system to their terms. Completely fair if you ask me.
You can go cry Google bad all you want. I might even agree Google is bad. But this is not a Google thing. It’s an IT security thing. The banks and MFA providers are security first businesses. They will make the decision that protect them first and it makes sense for them to do so. If you owned a bank, there is a high likelihood you would make similar decisions that end users don’t quite understand.
As far as McDonald’s is concerned, who the fuck knows what their developers are doing. That app is trash anyways.
perhaps dial back the attitude a bit there? if you think you know better than someone (even if you’re wrong), then you should have no trouble kindly educating instead of insulting them.
you may also wish to revisit your highly questionable claim that graphene properly configured on pixel is less secure than stock rom on some random android device.
It’s not questionable at all to assume that a user rooting and installing their own OS is a security risk. That’s the entire premise of zero trust. I’m sure Graphene OS is secure and better for user privacy when configured properly. But you can’t trust that an end user will configure it properly. That’s what I am saying and have been saying since the first message. You can’t trust the user to be security minded. Ultimately, the best thing you can do as a developer or a business is support a known quantity of software and hardware configurations and that likely means only supporting OEM installed ROMs.
I use Authy under a separate work profile on graphene with no issues 🤔
But when did you set Authy up? I don’t recall when Authy made the change, but it wouldn’t kick you out. It would, however, prevent you from signing in a new device. So if you lose your phone, you might lose access to those tokens…
I use Aegis.
Is this not a sign of the true intentions on both sides of the dilemma here!?!?
Let us go to the end. We cannot afford to carry on in fear of these bans. Let the lines be neatly placed and the sides chosen wisely. If sustained profits are desired, the walled-gardens must come down.Vote with your dollar and vote again with your data. Wary, but never afraid is the motto privacy comrades!
Agreed. Leave immediately to other services, and tell them why you’re leaving. It might not make a dent, but you’ll be doing the right thing at least.
Their loss.
FYI, grapheneOS devs added a list of apps to their wiki:
https://grapheneos.org/articles/attestation-compatibility-guide#apps-banning-grapheneos
This is very bad news, because this means any app that wants your data could do the same.
Maybe graphene will find a way into duping those apps to think you have a regular android phone?
On the other hand, it makes it easy to find which apps aren’t to be trusted with your data.
Also very obvious when an app or website have an US and an EU version. You just know they buttfuck the Americans because no rules.
Even Apple had to make two versions of iOS.
I haven’t switched my phone yet, but will do so soon. Does anyone have experience with compatibility layers on phone, akin to wine? I unfortunately cannot go without my public transport apps, and they’re android or IOS only. I’ve looking into postmarket OS, but open for suggestions.
GrapheneOS is Android.
Huh TIL, thanks! So would apps usually work, just like on regular android? Except the aforementioned, of course.
You can take a look at calyxOS, it’s what I use. Android but with all Google telemetry ripped out. It’s not as resistant as graphene against a govt adversary, but for privacy, better battery (bc google stuff isn’t constantly running) and still being able to use everything, it works great.
Most EVERYTHING works unless your app dev is PoS like these guys.
Another alternative is MicroG which might work better in light of recent development.
How zealous are you on dumping google?
Well yes and no. The point is to stop using Google. And that entails quite a few things you might expect a phone to do
You can use Waydroid on PostmarketOS to install Android apps. It basically runs a full VM for you.
What public transport apps if I may ask? Most of Western Europe and especially Germany present no issues and even have OSS options, same with Finland.
Thanks for the input, i realise it’s been a while since I checked this! ÖBB Scotty, ÖBB Tickets (could forgo this one) and SBB mobile. I also need Digitales Amt (official government app for things like signing contracts without printing them, ordering your election materials to a different address than usual, checking your medical info etc). Do you happen to know whether that would work?
Don’t know and sadly my Pixel got stolen recently, but you can see if Offi or Transportr meet your needs, they’re available on fdroid.
I guess I have bad news for you regarding the government app: https://discuss.grapheneos.org/d/253-compatibility-for-austria-e-government-app
Anyway depending on your threat model keeping a normiephone as a decoy and mainlining something like graphene os can be a good opsec decision.
Nice, thanks for the tip! Also thanks for going through the trouble of finding out for me, I appreciate it! I’m unfortunately in one of the regions where it’s specifically not available. But the second phone thing might be an option. That, or just a compatibility layer with regular old android after all.
Just to be clear, they banned all custom roms, not only graphene.
It’s crazy how they can just do illegal things because they have so much money…
Do I own my phone or not??
Most ROMs like LineageOS and CalyxOS drastically weaken the security of Android, so that would actually make sense. GrapheneOS has far better security than AOSP, the Stock Pixel OS, or basically every other version of Android that you would find pre-loaded on a device. https://grapheneos.org/features#exploit-protection
Most ROMs like LineageOS and CalyxOS drastically weaken the security of Android
Source?
Graphene shills have been banging on this point for donkey’s ages. Reality is that many people use phones that are out of OEM support and many OEM ROMs are bundled with questionable software (Oppo, Samsung etc.) There are some decent criticisms to be made about LineageOS, but others to be made about Grapheme, like its Google-suggestive configurations, which is quite bad for security and privacy. Graphene says this is all optional and not part of the OS, but doesn’t include any equivalent F-Droid installer.
Yeah. As much as I love GrapheneOS and all the security work, sometimes I feel like their “ideal” setup is to just install GrapheneOS on the latest Pixel phone and use only the 5 or so built in apps, as everything else is insecure, brings additional code baggage and can introduce flaws. I don’t think anyone can live like that.
Odd timing considering I’ve banned McDonalds, Revolut and Authy from my phone.
