Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The problem with custom ROMs is that many government, banking, and similar apps don't run on them without workarounds. Some of those apps also consider this as a TOS violation as well.


When Microsoft first proposed a remote attestation scheme for PCs under the name Palladium, it was widely seen as a nightmare scenario. Even the mainstream press was critical[0]. There was barely a whimper when Google introduced Safetynet a decade later.

It wasn't OK in 2003. It wasn't OK in 2014. It isn't OK now. I'm just not sure what anybody can do about it.

[0] https://www.nytimes.com/2003/06/30/business/technology-a-saf...


There are many third-party money apps that login to your online banking that are a violation of ToS. That doesn't stop people using them. In fact, when they get really big, they can be legitimised by banks. For example, to get my mortgage, I had to use a third party service that logs in to my online banking account and ingests all my transactions to show that I saved for my deposit legitimately.


Then I won't run those apps. Seriously. I know not everyone has this option, but it's been my experience that a lot of processes do in fact have workarounds when you show them the cryptic error their poorly behaved app throws.


GrapheneOS has offical support for hardware attestation[0].

It does require the developer to make minor adjustments, and most banks are simply too risk averse to agree to doing that (I would know, used to be a senior android app dev at a bank).

[0]: https://grapheneos.social/@GrapheneOS/115062761036828110


I have been a GrapheneOS user since the Pixel 3 and have yet to encounter an app that doesn't work on GOS.


I don’t use any utility apps (identity, banking, services etc) on my phone and stick to the desktop web. And don’t use services that do require me to have a Google or apple account and phone. (Spoiler: I do)

I hope my tiny datapoint shows up in some aggregated stats somewhere.

It’s use-it-or-lose-it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: