cross-posted from: https://slrpnk.net/post/15995282
Real unfortunate news for GrapheneOS users as Revolut has decided to ban the use of ‘non-google’ approved OSes. This is currently being posted about and updated by GrahpeneOS over at Bluesky for those who want to follow it more closely.
I use Authy under a separate work profile on graphene with no issues 🤔
I use Aegis.
But when did you set Authy up? I don’t recall when Authy made the change, but it wouldn’t kick you out. It would, however, prevent you from signing in a new device. So if you lose your phone, you might lose access to those tokens…
I don’t think it’s a coincidence that the shittiest companies are those, who enforce Google’s broken and monopolistic “Play Integrity” API. Revolut has connections to Russia, McDonalds supports the Israeli genocide in Palestine and Authy has always just been a massive piece of shit, not even allowing users to export their TOTP seeds. These are three companies I would NEVER even consider using anyway.
And “Play Integrity” API actually does NOTHING, absolutely NOTHING for your security as an end user.
You use an outdated, unpatched Android version with multiple severe, publicly known exploits on an insecure device?
Google doesn’t give a single fuck.
You use the newest version of Android with all the patches applied on Google’s own hardware, with a locked boot loader and a hardened operating system?
That’s not allowed by the “Play Integrity” API.
It’s only purpose is to serve Google’s monopolistic business interests.Hear hear!
Just run PWA instead no?
For Revolut? Unlikely, their website forces you into using the app.
The others sure, i guess, but i don’t see the user overlap.It’s a mobile app only. The web interface is strictly for managing your account, last I checked.
Webapps everything you can like I do with Firefox and ublock origin. Fuck these assholes.
Not for Revolut. App only.
They do have a web app, it’s just very feature limited https://www.revolut.com/blog/post/introducing-the-revolut-web-app/
Like you can’t even pay people money kind of feature limited
not really. services make the mobile site unusable. example:
- facebook: nags you to use the facebook app with popups and large banners
- facebook messenger: does not even let you to log in
Fuck Facebook. I left that shithole in 2015.
Can I simulate another OS environment for these kind of apps?
Authy has been utter garbage for a long time and if you ever needed a reason to migrate away then now is as good as ever.
Do you have a replacement you would recommend?
Well pick anyone listed here but I recommend Aegis
I use TOTP in KeepassXC (or KeepassDX on mobile) because it’s fully local and available for desktop.
Would not updating Revolut keep the app compatible as long as you don’t sign out?
If so, don’t update the app and write down the build number of the last app version which worked on GrapheneOS. That way you would have a bit more time to sort things out.
They constantly force you to update or the app won’t work. I was already having issues with Revolut on GrapheneOS so I just closed my account and switched to Wise. The Revolut app was a bloated mess anyway.
Yupp thinking about doing the same, but want to wait a little to see if wise decides to do the same…
Guess I’ll have to follow suit, because I’d love to switch to graphene OS
It always seems that with finance we take 2 steps forward and 1 step back. That’s why Bitcoin will never stop existing.
Why would anyone load an app from McDonalds? You want to give them elevated access to your most personal data for a few dollars of coupons?
What are they taking from you that’s worth more than the discounts they are giving you? Because they are definitely making a profit, or they wouldn’t be doing it.
We are definitely in the era where people think discounts before user privacy. I bet most of people downloading the Mcdonald app do it exactly because of cheeper prices and easy of access.
just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.
How did you manage to post the same comment 4 times? 🙃
just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.
just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.
just had medium fries and coke. many people i know, including myself, use the mcd app because of the discounts it offers when ordering through the app. however, i am under the impression that since i use an ios device and have the option to decline being tracked by the app—which i very eagerly press “no” to—i am on the safe side. am i?
No, Apple isn’t your guardian angel with the press of a button.
Apple does extensive audit of mobile apps, including limitations of tracking. So the app cannot spy on something you are not letting it to know. But you are giving it a bunch of info voluntarily.
I’d say using that app on iOS is similar to making a food delivery order using a loyalty member ID. Basically, you are letting the company (McDonald’s) know who you are, what is your phone number, where do you live, and what do you like to eat. And if they wish to, they could use all that to purchase your profile from a data brocker. Or they can sell that info for a few cents to make up on that discount.
This surprises me because McDonald’s app is hands down the worst app I’ve ever encountered in the history of all Android apps.
It’s is sluggish, ignores touches/taps half the time, doesn’t adhere to Android best practices for flow, crashes a lot, errors a lot, etc.
But OK McDonald’s. Fuck off.
I can add that it requires location permission (even when you attempt to search manually with zip or city). What a shitty, dystopian timeline we are experiencing when we’re mandated to run privacy invasive spyware, just to get a fucking discount on nugs.
It’s almost as if a clown programmed it
fuk em keep using it
If you log out of your account it’s said you can’t log back in.
take your money over to their competitors
3 shites dropped.
This sounds like an antitrust legal problem…
The GrapheneOS team is already talking to regulators: https://grapheneos.social/@GrapheneOS/112539378681400395
womp womp.
Well, Google is known for destroying its opposition.
This has very little to do with Google. Custom OS’s in general are being restricted by these apps, not Graphene in particular. All custom OS’s and root access devices are inherently less secure, even if they are privacy focused OS’s.
In IT this is called a zero trust. You don’t trust anything you cannot verify yourself. And a user installed OS is not something anyone can verify other than the installing user. Obviously for your own security you have your own zero trust policy if you are using something like Graphene, but these companies aren’t making it more secure for you as a user, they’re covering their asses in case there are holes in security they cannot account for.
I had Custom OSs installed before. My bank works fine, but there are apps that require Google Apps. I’d say that’s got pretty much to do with Google.
You’re implying that Google is causing these apps to not support custom OSs. But it’s literally not true. These apps are just not supporting custom OSs because their businesses don’t want to support non-standard platforms for security purposes. Tons of banks do not support custom OSs. It has nothing to do with Google and everything to do with not trusting the user which is 100% the correct approach for cyber security.
Got it. So it’s something similar to latest security proposals like not letting me download files on Windows because they are not normally downloaded. Or visiting a website with self signed certificates. So it’s more secure.
The apps complain: “You need Google Play services to use this app”.
So it’s about security. Right. What kind of security does McDonaldss need? Does it need security for their coupons?
Besides that, I thought payment gateway provided very good security by themselves.
But let’s steer from what happens on mainstream apps a little.
Isn’t Google Wallet or Online payments insecure too? Don’t they have tons security failures also? Human security failures, like if someone robs my phone and my info they would have access to my money?
Google and the smartphone industry employ accelerometers and other methods to make sure robbers can’t get to the system. They admit themselves that the systems aren’t safe and they’re working on AI and electronic methods to avoid access to sensitive information.
Is this the security you’re talking about? Maybe we should just steer the industry another way, like those Custom OSs do. Alternatives aren’t security potential threats. They’re the solution for the problem.
Making a monopoly based on making it “safe” isn’t secure at all.
It’s not for your security. It’s for the company’s security. You’re really dense you know that. This is not about you and it’s not about Google. What I’m saying is, people suck ass. So to protect themselves from people sucking ass, they restrict access to their system to their terms. Completely fair if you ask me.
You can go cry Google bad all you want. I might even agree Google is bad. But this is not a Google thing. It’s an IT security thing. The banks and MFA providers are security first businesses. They will make the decision that protect them first and it makes sense for them to do so. If you owned a bank, there is a high likelihood you would make similar decisions that end users don’t quite understand.
As far as McDonald’s is concerned, who the fuck knows what their developers are doing. That app is trash anyways.
perhaps dial back the attitude a bit there? if you think you know better than someone (even if you’re wrong), then you should have no trouble kindly educating instead of insulting them.
you may also wish to revisit your highly questionable claim that graphene properly configured on pixel is less secure than stock rom on some random android device.
It’s not questionable at all to assume that a user rooting and installing their own OS is a security risk. That’s the entire premise of zero trust. I’m sure Graphene OS is secure and better for user privacy when configured properly. But you can’t trust that an end user will configure it properly. That’s what I am saying and have been saying since the first message. You can’t trust the user to be security minded. Ultimately, the best thing you can do as a developer or a business is support a known quantity of software and hardware configurations and that likely means only supporting OEM installed ROMs.
