cross-posted from: https://slrpnk.net/post/15995282
Real unfortunate news for GrapheneOS users as Revolut has decided to ban the use of ‘non-google’ approved OSes. This is currently being posted about and updated by GrahpeneOS over at Bluesky for those who want to follow it more closely.
Edit: had to change the title, originally it said Uber too but I cannot find back to the source of ether that’s true or not…
@Sunny
Gatekeeprs of wealth sticking together against the ambition for freedom of poorer people?
Oh, color me surprised. 🙄(I want to de-Google step by step, thanks for the heads up).
Google has ruined Android by closing it up.
EU needs to step in and force Google to open it up.
While at it, go for Apple’s monopoly as well.
I swear I am so close to jumping into the void of mainline linux on phones.
The only main issue is device drivers, but I would be fine happily extracting them from android or making new ones. Modern Android is a complete full stack POS.
Authy has been utter garbage for a long time and if you ever needed a reason to migrate away then now is as good as ever.
Do you have a replacement you would recommend?
I use TOTP in KeepassXC (or KeepassDX on mobile) because it’s fully local and available for desktop.
Oh, I was using Keepass2Android as a password vault, but was a little frustrated with it because occasionally it’ll forget to synchronize with the file before adding an entry and leave a “conflicted copy” I have to deal with manually. If KeepassDX will also do TOTPs that sounds perfect.
Well pick anyone listed in this AlternativeTo list but I recommend Aegis
Seems like my time to move away from Authy. Any drop in alternative for iOS? Ideally I could export services and load them back, not manually adding/removing 1 by 1. Even if I can’t though, suggestion still welcomed.
Paid Bitwarden or self-hosted 2FAuth. Its very lean so you could probably do it on a free Oracle cloud VPS and never pay. Or put Vaultwarden on a PikaPod for very little money per month.
Small OT: In the article it’s mentioned also the app “IO” (italian for the english word “I”). There are also other important italian apps not working without play services. The serious thing is that that apps are almost mandatory to do the ordinary public administration bureaucracy. We can say that the italian state forces its citizens to use a smartphone with Google Play Services installed. This is no sense.
modern fascism in action… state and corporate fusion. however, WHY DA FAQ would Italian state do this for the benefit of a foreign corporation…
I get US part of NATO but wtf
The italian government is full of fascists at the moment, but for me its more like tech ignorant laws. To make an example this is a comment of mine about piracy shield; I think that story can well explain the ignorance of italian government in tech related stuff.
Oh great, I guess I’ll have to change my payment info for everything now. Fantastic.
Why would anyone load an app from McDonalds? You want to give them elevated access to your most personal data for a few dollars of coupons?
What are they taking from you that’s worth more than the discounts they are giving you? Because they are definitely making a profit, or they wouldn’t be doing it.
We are definitely in the era where people think discounts before user privacy. I bet most of people downloading the Mcdonald app do it exactly because of cheeper prices and easy of access.
just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.
just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.
How did you manage to post the same comment 4 times? 🙃
i use my very own #snac instance which is sometimes slow. i pressed the post button 4 times.
just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.
just had medium fries and coke. many people i know, including myself, use the mcd app because of the discounts it offers when ordering through the app. however, i am under the impression that since i use an ios device and have the option to decline being tracked by the app—which i very eagerly press “no” to—i am on the safe side. am i?
No, Apple isn’t your guardian angel with the press of a button.
Apple does extensive audit of mobile apps, including limitations of tracking. So the app cannot spy on something you are not letting it to know. But you are giving it a bunch of info voluntarily.
I’d say using that app on iOS is similar to making a food delivery order using a loyalty member ID. Basically, you are letting the company (McDonald’s) know who you are, what is your phone number, where do you live, and what do you like to eat. And if they wish to, they could use all that to purchase your profile from a data brocker. Or they can sell that info for a few cents to make up on that discount.
just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.
Odd timing considering I’ve banned McDonalds, Revolut and Authy from my phone.
This sounds like an antitrust legal problem…
Just to be clear, they banned all custom roms, not only graphene.
It’s crazy how they can just do illegal things because they have so much money…
Do I own my phone or not??
This is actually good, see it as an enrichment of your life. The only sad thing is Revolut though.
As an alternative to Authy I recommend Stratum (previously known as Authenticator Pro) https://apt.izzysoft.de/fdroid/index/apk/com.stratumauth.app
This due to its compatibility with Android wear (companion)
Can anyone who has used both Aegis and Stratum compare them?
Time to switch away from Auth I guess. Not even using GrapheneOS cause I have a Samsung phone, but this is not acceptable
Authy is no good anyway. Keeps codes hostage with no way to back them up. So many great open source alternatives
Give Aegis a try, it is great.
Aegis is also nice
I don’t know if this is standard on all authenticator apps or not but I like the fact that Ageis makes you enter your password once in a while so you don’t forget it.
I wish aegis had a UI like that… I prefer it to Aegis “Normal” view. They’re almost the same but ente is a little better
Switched to Ente Auth when Authy stopped having a free desktop version. What if I lose my phone? I want both my devices to have access to my codes.
same. i wish i could run graphene or something similar on my moto G stylus. I wish my Pixel 6, 7 and 6a didnt all have defects. the 7 was my favourite.
But like, why?
Fuxk u
He makes a solid point
This makes me want to use GrapheneOS more. If the dataminers don’t want you to use it then it must be doing something right.
Too bad it only runs on Google’s phones…
It’s only officially supported on google phones because sadly those are the only ones that are not modified to fuck which makes installing and supporting other OS’es way too much work.
Giving google money once for a device is not a problem from a privacy or security standpoint.
That’s correct, but not the reason grapheneOS chooses only pixel phones. It’s the level of hardware security features.
Also unlockable and presumably has well working builds. It’s not just graphene, but just about every Android project it there that’s best supported on pixels. Other manufacturers have a crazy variety of locking schemes and required tools. Each one is a nightmare to support.
For GrapheneOS, it’s primarily that it’s re-lockable. That’s why other unlockable phones aren’t supported.
The GrapheneOS install process sets new OS signing keys so you can lock the phone again and get full verified boot. However, most manufacturers haven’t implemented this feature.
Yes, that cuts the list down even more.
What do you get, app/feature wise for verified boot vs. Play integrity app? Does it increase the amount of apps that work on it?
I would guess that it allows to detect tampering if you have to give your phone to the security officers and they do or don’t do something with it without you present. I heard of such occurrences on the border, but this happens in other places and countries, too. Not sure if locked bootloader would help, though
Wish they’d at least support Fairphone.
If Graphene reached out to them I bet Fairphone would even actively work with them to make it an official OS option.
Fairphone would need to substantially modify their hardware to make that work
In the EU almost every phone has an unlockable bootloader, there just isn’t any roms or custom recoveries for a lot of them.
Second hand, no money for them
Right? Have to pay google for the privilege
You can always buy a second hand one
Someone installing graphene os for security shouldn’t be trusting random second/third/etc hand hardware lol
There is absolutely no problem with that. The phone is wiped and encrypted when you flash graphene, and it does an integrity check every time it boots.
Hypothetically the hardware could have been modified, but that would take some insane level of a determined attacker to be fabricating modified pixels just to sell them on the used market.
Nothing too hypothetical nor an “insane” level of work. Didn’t Israel do just that with some beepers to blow up children?
Yes, this would only be a concern for targeted attacks by state actors, in which case not even buying new would be safe.
Thinking about it, in such a scenario buying used may even be safer
It also comes with a hardware auditor, although you need another trusted graphene phone to use it. I don’t know about the details, but sounds very hard to mess with it.
Shouldn’t trust anything then. They could intercept your new phone and modify it. They did it for switches. But your not worth it for “them”.
Your options are:
Apple phone
Bloated android phone like Samsung etc.
Chinese android phone (xiami etc)
Google phone with Android
Google phone with graphene. This still looks like the best of those options.
Or no phone? I guess people are hardcore enough that will be the option.
Edit: I stand corrected.
Fairphone? Swiftphone? eOS? Linuxphone? PostmarketOS etc?
Is swiftphone its own thing or did you mean shiftphone? I kinda want the shiftphone 8 myself even if they only ship to neighboring countries of mine.
There’s always package forwarding. I’m about to find out how bad an idea that is.
Ah sorry, you’re right. I meant shiftphone.
I use cheap motorola phone with lineage OS, add that to your options
I don’t think LOS has any privacy/security improvements over the stock android?
(IIRC) it’s even worse than stock because you can’t lock the bootloader after installation.
Though if your phone isn’t getting official updates, it’s probably safer with LOS.
(IIRC) it’s even worse than stock because you can’t lock the bootloader after installation.
That’s a problem with the phone manufacturer, not with Lineage.
There’s also the Lineage-based DivestOS that attempts to keep up with more security updates, and relocking the bootloader in phones that support it.
Yeah, I myself am using CalyxOS, because DivestOS doesn’t support the Fairphone 5 unfortunately. CalyxOS also has relocking.
Physical access is game over anyway?
Xiaomi has the biggest custom ROM scene out there btw despite them trying their hardest to stop bootloader unlocking. You really don’t need to have a company supporting unlocking to make ROMs for them. If they outright block it then that’s an issue.
I read somewhere that on some xiaomi phones in china you need to request it, https://github.com/melontini/bootloader-unlock-wall-of-shame/blob/main/brands/xiaomi/README.md
