cross-posted from: https://slrpnk.net/post/15995282
Real unfortunate news for GrapheneOS users as Revolut has decided to ban the use of ‘non-google’ approved OSes. This is currently being posted about and updated by GrahpeneOS over at Bluesky for those who want to follow it more closely.
Edit: had to change the title, originally it said Uber too but I cannot find back to the source of ether that’s true or not…
This has very little to do with Google. Custom OS’s in general are being restricted by these apps, not Graphene in particular. All custom OS’s and root access devices are inherently less secure, even if they are privacy focused OS’s.
In IT this is called a zero trust. You don’t trust anything you cannot verify yourself. And a user installed OS is not something anyone can verify other than the installing user. Obviously for your own security you have your own zero trust policy if you are using something like Graphene, but these companies aren’t making it more secure for you as a user, they’re covering their asses in case there are holes in security they cannot account for.
I had Custom OSs installed before. My bank works fine, but there are apps that require Google Apps. I’d say that’s got pretty much to do with Google.
You’re implying that Google is causing these apps to not support custom OSs. But it’s literally not true. These apps are just not supporting custom OSs because their businesses don’t want to support non-standard platforms for security purposes. Tons of banks do not support custom OSs. It has nothing to do with Google and everything to do with not trusting the user which is 100% the correct approach for cyber security.
Got it. So it’s something similar to latest security proposals like not letting me download files on Windows because they are not normally downloaded. Or visiting a website with self signed certificates. So it’s more secure.
The apps complain: “You need Google Play services to use this app”.
So it’s about security. Right. What kind of security does McDonaldss need? Does it need security for their coupons?
Besides that, I thought payment gateway provided very good security by themselves.
But let’s steer from what happens on mainstream apps a little.
Isn’t Google Wallet or Online payments insecure too? Don’t they have tons security failures also? Human security failures, like if someone robs my phone and my info they would have access to my money?
Google and the smartphone industry employ accelerometers and other methods to make sure robbers can’t get to the system. They admit themselves that the systems aren’t safe and they’re working on AI and electronic methods to avoid access to sensitive information.
Is this the security you’re talking about? Maybe we should just steer the industry another way, like those Custom OSs do. Alternatives aren’t security potential threats. They’re the solution for the problem.
Making a monopoly based on making it “safe” isn’t secure at all.
It’s not for your security. It’s for the company’s security. You’re really dense you know that. This is not about you and it’s not about Google. What I’m saying is, people suck ass. So to protect themselves from people sucking ass, they restrict access to their system to their terms. Completely fair if you ask me.
You can go cry Google bad all you want. I might even agree Google is bad. But this is not a Google thing. It’s an IT security thing. The banks and MFA providers are security first businesses. They will make the decision that protect them first and it makes sense for them to do so. If you owned a bank, there is a high likelihood you would make similar decisions that end users don’t quite understand.
As far as McDonald’s is concerned, who the fuck knows what their developers are doing. That app is trash anyways.
perhaps dial back the attitude a bit there? if you think you know better than someone (even if you’re wrong), then you should have no trouble kindly educating instead of insulting them.
you may also wish to revisit your highly questionable claim that graphene properly configured on pixel is less secure than stock rom on some random android device.
It’s not questionable at all to assume that a user rooting and installing their own OS is a security risk. That’s the entire premise of zero trust. I’m sure Graphene OS is secure and better for user privacy when configured properly. But you can’t trust that an end user will configure it properly. That’s what I am saying and have been saying since the first message. You can’t trust the user to be security minded. Ultimately, the best thing you can do as a developer or a business is support a known quantity of software and hardware configurations and that likely means only supporting OEM installed ROMs.