cross-posted from: https://slrpnk.net/post/15995282
Real unfortunate news for GrapheneOS users as Revolut has decided to ban the use of ‘non-google’ approved OSes. This is currently being posted about and updated by GrahpeneOS over at Bluesky for those who want to follow it more closely.
Edit: had to change the title, originally it said Uber too but I cannot find back to the source of ether that’s true or not…
This makes me want to use GrapheneOS more. If the dataminers don’t want you to use it then it must be doing something right.
Too bad it only runs on Google’s phones…
Right? Have to pay google for the privilege
Your options are:
Apple phone
Bloated android phone like Samsung etc.
Chinese android phone (xiami etc)
Google phone with Android
Google phone with graphene. This still looks like the best of those options.
Or no phone? I guess people are hardcore enough that will be the option.
Edit: I stand corrected.
I use cheap motorola phone with lineage OS, add that to your options
I don’t think LOS has any privacy/security improvements over the stock android?
(IIRC) it’s even worse than stock because you can’t lock the bootloader after installation.
Though if your phone isn’t getting official updates, it’s probably safer with LOS.
Physical access is game over anyway?
Not with GrapheneOS, since you can entirely disable the USB controller from the settings on a driver level, making it impossible to connect the phone to a forensic data extraction device. GrapheneOS also has a convenient auto-reboot feature, which (together with their patches to the Linux kernel and Fastboot recovery OS to include memory zeroing) erases the encryption keys from memory, putting the device in BFU state and requiring the PIN/password to unlock. This is additionally secured by the Titan M2 secure element, which makes use of the Weaver API and drastically throttles brute-force unlock attempts. https://grapheneos.org/faq#encryption
Fairphone? Swiftphone? eOS? Linuxphone? PostmarketOS etc?
All of these are insecure as hell. Linux phones especially https://madaidans-insecurities.github.io/linux-phones.html
Fairphone also really fucked up: They signed their own OS with the publicly available (!) AOSP test signing keys. These guys really don’t know that they’re doing, and I would trust their hardware or software whatsoever. And no, installing a custom ROM doesn’t solve this. Considering how bad their security practices are, we genuinely have to assume that there are security issues with the device firmware as well.
/e/OS is based on the already insecure LineageOS, and it weakens the security further, so it’s not a good option either.
None of the options you mentioned can be compared to GrapheneOS. It’s currently the best option if you value your privacy and security. You don’t have to give Google money either, since you can just buy a used device, which is also cheaper and more environmentally friendly. Google also makes repairing their devices pretty easy for consumers and even works with iFixit. Here’s a Mastodon post I recently saw about that: https://social.linux.pizza/@midtsveen/113630773097519792
It’s only officially supported on google phones because sadly those are the only ones that are not modified to fuck which makes installing and supporting other OS’es way too much work.
Giving google money once for a device is not a problem from a privacy or security standpoint.
Wish they’d at least support Fairphone.
If Graphene reached out to them I bet Fairphone would even actively work with them to make it an official OS option.
Fairphone would need to substantially modify their hardware to make that work
Just to be clear, they banned all custom roms, not only graphene.
Most ROMs like LineageOS and CalyxOS drastically weaken the security of Android, so that would actually make sense. GrapheneOS has far better security than AOSP, the Stock Pixel OS, or basically every other version of Android that you would find pre-loaded on a device. https://grapheneos.org/features#exploit-protection
Most ROMs like LineageOS and CalyxOS drastically weaken the security of Android
Source?
Graphene shills have been banging on this point for donkey’s ages. Reality is that many people use phones that are out of OEM support and many OEM ROMs are bundled with questionable software (Oppo, Samsung etc.) There are some decent criticisms to be made about LineageOS, but others to be made about Grapheme, like its Google-suggestive configurations, which is quite bad for security and privacy. Graphene says this is all optional and not part of the OS, but doesn’t include any equivalent F-Droid installer.
It’s crazy how they can just do illegal things because they have so much money…
Do I own my phone or not??
Why would anyone load an app from McDonalds? You want to give them elevated access to your most personal data for a few dollars of coupons?
What are they taking from you that’s worth more than the discounts they are giving you? Because they are definitely making a profit, or they wouldn’t be doing it.
We are definitely in the era where people think discounts before user privacy. I bet most of people downloading the Mcdonald app do it exactly because of cheeper prices and easy of access.
just had medium fries and coke. many people i know, including myself, use the mcd app because of the discounts it offers when ordering through the app. however, i am under the impression that since i use an ios device and have the option to decline being tracked by the app—which i very eagerly press “no” to—i am on the safe side. am i?
Apple does extensive audit of mobile apps, including limitations of tracking. So the app cannot spy on something you are not letting it to know. But you are giving it a bunch of info voluntarily.
I’d say using that app on iOS is similar to making a food delivery order using a loyalty member ID. Basically, you are letting the company (McDonald’s) know who you are, what is your phone number, where do you live, and what do you like to eat. And if they wish to, they could use all that to purchase your profile from a data brocker. Or they can sell that info for a few cents to make up on that discount.
No, Apple isn’t your guardian angel with the press of a button.
I used to work hosting Focus Groups, we would pay cash, and top dollar for even small chunks of specific data sets on demographics that would age very quickly. Since people’s habits change, different trends, feedback, etc. Hence the need of constant campaigns. Today, people give a lot of this data away, for free, in a constant data stream, for months if not years on end for cents or even a couple of bucks a month. Via constant tracking and profiling. It’s crazy how privacy illiterate people are.
Fuck both of these companies. Never used McDicks app in the first place. Spyware bullshit.
The mcdonalds app is a scam to get you to agree to their arbitration clause
Care to elaborate? I’m curious.
Never mind. I found an article pretty quick. Thanks for the heads up anyway. :)
Funny that news nowadays is citing tik tok and reddit comments
https://www.thedailymeal.com/1431937/mcdonalds-app-terms-waive-rights-trial/
OK McDonald’s, I will not use your most cost effective ordering method. I guess I will just have to order my 10 individually custom cheeseburgers at the counter instead. I might have to have e the order read back, and change my mind about a few burgers.
As a former employee… That does nothing. Crazies that spend 15 min to order some fries were common.
If you go at rush hour it can be annoying to the employee and other customers, but at the end of the day nobody will remember and you would have spent 20 min and 10 dollars (which is 9 dollars material profit for MacDonald).
Just. Don’t. Go. To. Macdonald’s.
that’s just screwing with the workers though, and the workers sure as hell is not going to get paid extra for your custom order
This viewpoint is so stupid.
The cashier is paid to take orders, whether they take 1 long obnoxious order or 3 small orders, it’s the same shit.
People are so swept up in ‘kindness and support’ (internet circlejerking), they think that the fact you inconvenienced some 17 year old, representing a massive corporation, as a fuck you to the company that employs them, you’ve committed some moral sin against your fellow man.
the cashier
Who is also the manager, making drinks, doing the fries because that bitch called in sick…
Calling someone who called out sick a bitch is a little bit insensitive, no?
That worker doesn’t want to be there, that’s likely one of 3 jobs they need to barely scrape by.
You holding them up from doing other tasks they need to do to keep a job that barely feeds them is doing nothing but making their day a little harder. It affects the company 0%. The company is faceless and doesn’t care how much you abuse the worker bees as long as they get your money.
I don’t know what the answer is aside from not patronizing the company at all, but I know that’s not it.
If the company is always too busy, they will need to hire more workers or the existing ones will leave.
Can Graphene add a feature to run in emulation mode to allow apps to believe it’s on an unrestricted OS?
Odd timing considering I’ve banned McDonalds, Revolut and Authy from my phone.
Maybe it’s worth keeping a budget mobile phone at home with Rustdesk host running on it? When you have a need for an app that must run on a genuine Android, you just remote into that phone. Since the phone never leaves home, there’s less to track.
This is very bad news, because this means any app that wants your data could do the same.
On the other hand, it makes it easy to find which apps aren’t to be trusted with your data.
Also very obvious when an app or website have an US and an EU version. You just know they buttfuck the Americans because no rules.
Even Apple had to make two versions of iOS.
Can I simulate another OS environment for these kind of apps?
Lol I spent a week going back and forth with Revolut support in august. I could sign into the app but it would always ask me for a “selfie” verification and every time support would say its a super dark selfie.
Eventually I decided to try a stock ROM and it just worked and I realised what was happening so I transferred all of my money out and deleted my account.
Most local banks here are terrible at making apps, some even require a separate device that looks like a calculator to use online banking, so hopefully they wont follow suit anytime soon
Small OT: In the article it’s mentioned also the app “IO” (italian for the english word “I”). There are also other important italian apps not working without play services. The serious thing is that that apps are almost mandatory to do the ordinary public administration bureaucracy. We can say that the italian state forces its citizens to use a smartphone with Google Play Services installed. This is no sense.
Revolut works fine for me still on Graphene?
Try logging in and out. (Though dont blame me if u can’t log in again).
copy that - thanks for the hint. honestly, if it doesn’t work in the future, I’ll probs just cancel my account with them
Yeah that’s what I did.
McDonalds? Uber?
They both have fully functioning webapps btw.
Right people who install various apps like McDonalds apps etc, are these even typical to GrapheneOS users? I’d think most would avoid superfluous data stealing apps.
I’ve been thinking of switching the GrapheneOS. I certainly enjoy my privacy, and are taking steps to move to sources that don’t harvest my data. Outside of YouTube and android I’ve completely degoogled myself, even replaced Maps with magic earth and OsmAnd. I even swapped full time to linux a handful of months ago as a gamer with a VR interest. But I’m not so hardcore to not use any service that might sell my data. I still use vanilla firefox, food ordering apps, and discord for example. So while I’m not someone who goes to extreme lengths to protect my data, moving over to GrapheneOS doesn’t seem like a huge inconvenience compared to the gains you get.
I switched to grapheneos on pixel 9 straight from iPhone. The only reason I have any google stuff on the phone is because of RCS messaging. There is literally nothing I have any issues with on this phone, software or hardware. It has been a very smooth and comfortable transition. I very much recommend giving it a try. I think you’d be surprised how little google (exclusively) gives, compared to how much they take.
If you already don’t use Google apps, and your bank app doesn’t ban graphene, there shouldn’t be any issues at all tbh
You can use this website to check if your banking app is supported: https://privsec.dev/posts/android/banking-applications-compatibility-with-grapheneos/
Sorry but it seems I might have been mistaken by calling out Uber on this one. Thought i read about Uber during this but I cant find back to it. Have changed the title.
It happens! And that list surely isn’t comprehensive.
I’ve been nagging my bank’s support to add the Graphene’s signatures, for example, no luck so far 😞
Time to switch away from Auth I guess. Not even using GrapheneOS cause I have a Samsung phone, but this is not acceptable
Aegis is also nice
I don’t know if this is standard on all authenticator apps or not but I like the fact that Ageis makes you enter your password once in a while so you don’t forget it.
Authy is no good anyway. Keeps codes hostage with no way to back them up. So many great open source alternatives
Give Aegis a try, it is great.
