talldavekMar 19
þēodrīċ, norþes ecghlāford

LineageOS: what breaks? Banking. I have a fairly robust risk appetite, but rooting a device to install a closed-source fork of Magisk that hides itself well enough that I can spoof Play Integrity so my bank's app will run is a few steps too far in the wrong direction. So choose what you prefer: access to your money, or some amount of control over your digital leash.

I see no way forward after September that doesn't involve having two phones: one that mostly lives at home for the applications that absolutely won't run without maximum verification, and one for daily use. At that point, I might as well get a used iOS device for the banking stuff.

This fucking sucks.

Mar 18 at 8:21pmWeb
Show threadlfzzMar 18
@theodric "this fucking sucks" has been the official mito of everything for a while now....
Show threadandersMar 19
@lfzz @theodric I have also chosen to have one phone for proprietary stuff and a Sailfish device for the other stuff.
Show threadlfzzMar 19
@anders @theodric the jolla c2? How is you experience hw/sw wise?
Show threadandersMar 20
@lfzz @theodric Nah, I am running the Xperia III. But I am waiting for the Jolla phone 2 it says september now. You have to be careful not to run too many apps as the xperia slows down fast, especially the Androidapps.
Show threadKinene⭐🐻Mar 18
@theodric I will likely remove/disable all but the Android phone and SMS apps, and use it for basic communication only. My cell plan is much less expensive than a landline. Then I will hack my various Lenovo tablets to run a version of Linux, and do most things in a browser, over the wifi. My other computers already run on Linux.
Show threadAkseli ​ Mar 19
@theodric i use iodeOS and at least my banks app works with microG
Show threadþēodrīċ, norþes ecghlāfordMar 19

@aks on my end, 1/3 works on LineageOS, 2.5/3 on GrapheneOS (tells me that the "next version" of their app won't work on my "custom OS"). Signing the release and locking the bootloader would probably get me to 2/3 on LineageOS, but that's an extra bespoke step I'd have to take for each upgrade.

With the same technical dependency: I'm also concerned that the coming EU digital ID is hooked into the Google and Apple ecosystems, both of which depend/will depend on an unmodified device to pass audit. So EU citizens will have to have an unmodified American product to participate in society. It's...frustrating is one word for it. Confusing is another. I'll stop before I start cussing.

Show threadMarjorieRMar 19
@theodric is it not possible to do most of your online banking through the banks website rather than through their app?
Show threadþēodrīċ, norþes ecghlāfordMar 19
@marjolica I wish. As smartphone penetration nears 100%, banks have increasingly moved to using a proprietary app on the phone to authenticate your access to the website, rather than issuing a discrete hardware 2FA token, to save (them) costs. Revolut doesn't even offer a hardware token at any price, and their website is barely even skeletal. App-first. All those apps have to pass audit. The banks who just take the easy path and use Play Integrity Verification will automatically fail you with anything modified.
Show threadMarjorieRMar 19
@theodric my banks (Bank of Scotland, part of Lloyds Banking Group and Santander) still use username/passwords and SMS 2FA for their websites.