thomas_shone
Denzil FerreiraEU needs to make a stand on Play Integrity. If app devs enforce Play Integrity, this means only Google Certified devices can use banking, etc. This excludes all alternative mobile OS. No #postmarketOS, no #SailfishOS, no Android derivatives #GrapheneOS etc. You don't need Play Integrity. If someone is capable to install or use alternative OS, they sure know what to install or not install, it is on their responsibility. Using non-root but bootloader unlocked device (otherwise can't use alternative OS) does not make my device less secure. On the contrary, it is using an up to date OS with the latest security patches. Do we really want all mobile devices have to be Google Certified? No. #mobile #integrity #bootloader #unlocked #nonsense #Europe
@EUCommission is there any plan in motion to stop this monopoly from Google on Android? reCAPTCHA now also requires a Google Certified device status. Soon won't be able to use apps without being locked to Google.
DidekThankfully from what I see, the QR code verification in reCaptcha is a default option and user can change for visual or audio verification in one click. While the QR only is now used infernally in enterprises. At least for now.
MadMike77
Paolo Redaelli@denzilferreira
I bet that Eu bureaucrats are instead really really happy about #PlayIntegrity since they gives them **apparent** total #censorship powers. Sadly I also bet they are too stupid to understand they are handling the keys of power to an evil entity overseas
I bet that Eu bureaucrats are instead really really happy about #PlayIntegrity since they gives them **apparent** total #censorship powers. Sadly I also bet they are too stupid to understand they are handling the keys of power to an evil entity overseas
@paoloredaelli I'm not sure I follow the reasoning behind EU wanting Play Integrity being a mandatory requirement for non Apple devices. Same way EU forced Apple to open their walled garden.
The only nuance thing here is, a Google Certified device means that they are running Google's proprietary blobs. So really, the course of action is, install alternative OS/use alternative OS and instead tell the devs of apps with Play Integrity checks that there are alternatives to check a device is not compromised - because that is what it should be about. Force Google to provide a different verification path that allows alternative ROMs/OS to be seen as safe.
@denzilferreira
I agree the whole line. But I'm also pessimistic and I won't be surprised discovering that EU politicians have been "financially facilitated" to endorse #Google way of controlling society. And those not oiled may be just fool enough to think that they can "control the dragon" and use Google infrastructures themselves to control the population
I agree the whole line. But I'm also pessimistic and I won't be surprised discovering that EU politicians have been "financially facilitated" to endorse #Google way of controlling society. And those not oiled may be just fool enough to think that they can "control the dragon" and use Google infrastructures themselves to control the population
@paoloredaelli we don't know what we don't know 😉 I trust we can elect EU representatives which share the same concerns. It is our responsibility to make sure of that if we want change. There are so many items that require attention, some more pressing than others. And we have the option of not using a smartphone at all 🙈 Banks are making their apps only work on such devices with Play Integrity, and closing bank offices. Soon, you can't check your balance, transfer, etc unless you have a smartphone that is certified (iPhone or Google Certified device).
Meanwhile, we can have an open dialog like we are having here, so that people around the world also think about what this actually means for them: no alternatives, no options, a monopoly.
ohir@denzilferreira
> And we have the option of not using a smartphone at all
Not for long. At first you will not be able to pay for groceries. Finally not wearing a spying tag on you will immobilize you as a threat to the social order.
Technazis like sci-fi, just they don't like the endings.
@denzilferreira
Luckily not all the banks are evil™, for example I plainly refuse to work with banks that are not fully usable with a plain browser and no Android/iOS "certified" device
Luckily not all the banks are evil™, for example I plainly refuse to work with banks that are not fully usable with a plain browser and no Android/iOS "certified" device
Susanne@paoloredaelli @denzilferreira I agree, but they are all phasing out these options here (Austria) and only after strongly worded emails they let you use different options "for now".
@karhima
That is a huge problema that must be solved on the political level.
In Italy there are banks "forcing the apps" (I.e. Intesa) other not. Mediolanum and Monte dei Paschi are perfectly usable without a smartphone. Mediolanum is also usable using only a landline!
@denzilferreira
That is a huge problema that must be solved on the political level.
In Italy there are banks "forcing the apps" (I.e. Intesa) other not. Mediolanum and Monte dei Paschi are perfectly usable without a smartphone. Mediolanum is also usable using only a landline!
@denzilferreira
@paoloredaelli @karhima for example, my bank uses a an app that receives OTP codes, biometric authentication. However, without Play Services, you can't use it at all. Meaning I need to use a device with them if I want to use my bank, including website. For now, they are not blocking non Google Certified devices, but if they do, it's impossible to do any bank activities.
@denzilferreira @paoloredaelli I even go a step further and say: offer something that works without any smartphone. Even our tax office does that. Why no bank?
@denzilferreira @paoloredaelli This concerns me as well. I refuse to be told what device I have to use for accessing my own bank account. But there's also people who simply cannot operate a smartphone for several reasons. There always needs to be an alternative that is not more expensive. The banks even charge you for using their cash machines for transfers in the few remaining places here. That's unacceptable.
Gytis Repečka@denzilferreira How is Apple wallen garden opened?
They had (and still has) developer verification - same thing that Google is trying to introduce just now 
@gytisrepecka
I prefer to call iOS a golden prison rather than a walled garden. 😀
I think it describes better the situation
@denzilferreira
I prefer to call iOS a golden prison rather than a walled garden. 😀
I think it describes better the situation
@denzilferreira
Sakura the princess kitten@denzilferreira eudi / wallet and everything eu related (w social) is full google service depending (all for security reasons...)
I dont think that they will change their mind
I dont think that they will change their mind
@sakura84 it's worth raising awareness that there are alternatives to Google Play Integrity, for example Promon Shield from Norway https://promon.io/products/shield-mobile, and many others. It definitely does not need to be a device that installs apps from the Play Store, and is GMS certified. F-Droid, Aurora Store work well on a deGoogled device but if the apps themselves don't work unless they detect that Play Store is installed, it means only Android with Google services can be used. No alternatives.
Cory Sanin 
@denzilferreira I seem to recall “don’t trust the client device” being drilled into my head over and over. Do bank app devs not know this? Are they lazy? Or both?
gudenau@WORM @denzilferreira From what I know it's a bit of both. They often use a skin over an existing software stack so they don't have to deal with as much regulatory details, even though that's kinda part of their job.
Cley Faye@WORM @denzilferreira they're on team "an intern found this function that ensures everything's super duper secure, so we're a-ok"
@denzilferreira I really want a way to export my private keys on the hardware that I own so I can fix the buggy software.
@denzilferreira
> EU needs ...
Do you realize that #technazi bros daily income is bigger than estimated life-earnings of the EU politicians of the past century, all of them?
Do we really expect EU politicians to resist this?
Tokyo Outsider (337ppm)@ohir @denzilferreira Resistance is a tool of the well-paid?
@tokyo_0
Actually I was saying about how cheap politicians have become comparing to the oligarchy class. Just one second of income of a top tier technazi is enough to "lobby" any member of the administrative and politician class. Yes there are people who can resist an argument to the sum of their yearly legal income but not many of them are in position to decide.
Johan Barelds 🇪🇺
DFX4509B (Joshua Mason)No #postmarketOS, no #SailfishOS, no Android derivatives #GrapheneOS etc.
- No desktops either if Google's QR captcha is any indication of where we're headed. Assuming this goes through, even desktops will be locked out of the web unless they're linked to a Google device by scanning the QR captcha with said device.
Or, Google could mandate AluminumOS to be able to pass their captcha on the desktop as well, and only through the Chrome browser.
Worst case, the end game will be thin clients tied to rented servers, which would ultimately be tied to your government ID.
Tom Stoneham@denzilferreira This will fall on deaf ears. The neoliberal hegemony loves tech monopolies because it allows them to outsource the policing of digital space.
(The fact that Big Tech is even less democratically accountable than the real police is easily ignored because the policing is now off balance sheet. Same as privately owned 'public space' in cities which are policed by private security.)
Bloodaxe@denzilferreira
They really are doing anything they can to lock down the digital world, so you in-practice do not own jack shit... "But it's to protect you", lol it's so THEY remain in control, so that THEY choose what software reaches who. I'm tired boss
They really are doing anything they can to lock down the digital world, so you in-practice do not own jack shit... "But it's to protect you", lol it's so THEY remain in control, so that THEY choose what software reaches who. I'm tired boss
Lenni 
🖖@denzilferreira You can use custom ROMs with a locked bootloader and that is an important security feature. Otherwise someone could for example temper with your boot partition and inject malware without you knowing.
Play Integrity in its current form shouldn't exist, but you're downplaying serious issues.
Play Integrity in its current form shouldn't exist, but you're downplaying serious issues.
Meneer de Bruin 🚂🍉🔻@denzilferreira If push comes to shove I will have two phones. One of which will be used for identification, and only for identification.
Also the EU is essentially blocking an open market. No other phone/os/identification maker can start a business in this way. So all the talk about european digital independence was all blabla. We're doomed.
So we can just as well handover Greenland now, before the us switches off identification.
szakib@denzilferreira what we should really do is pour millions into mobile Linux and end this era of basically every phone being controlled by two companies.
We should be able to buy a phone like we buy a computer, and then install whatever OS and programs we want, like on a computer.
keithzg@denzilferreira Yeah the irony of using a Google phone and being locked out of a lot of apps these days because now my phone is untrusted *because I've updated it to keep up with security updates* is very rich.
And any regulators sleeping on the incredible lock-in that results from this are basically just allowing oligopolies to solidify.
And any regulators sleeping on the incredible lock-in that results from this are basically just allowing oligopolies to solidify.
[Nima@NimaOS ~]#@nima yes, but adoption is key. Unless it is mandated. For example, this could be a fallback to Play Integrity on non Google Certified devices. But current status is that not certified, no fallback.
troitregrouloinu@denzilferreira This 100%. The real name of this evil is "Device Hardware Remote Attestation". IOS have their own version, not only Google. Anything else we could deal with by reimplementing the API as other did (Steam's Proton for Windows app, Anbox/Waydroid for Android app, etc.). But this, this is the end game.
The real agenda of EU age verification is to inject remote attestation everywhere, effectively banning you from society if you change a single line of code on your device.
@denzilferreira And let's be crystal clear, hardware remote attestation is for anti-competitivity and control, this has **nothing** to do with security. It is different from "local verified boot" which is great (avoids evil maid attack, GrapheneOS has it, SystemD soon to).
If EU wants to ensure only secure devices are sold in EU they should set standards (regular security updates, mandatory app sandboxing, etc.) like for any other product. But using Remote Attestation is completely dystopian.
Owl Eyes@denzilferreira yup, passkeys exist. They provide attestation which is cryptographically unforgeable, and make a sufficient 2FA
AvocaIts like your good neighbour selling their house to a real scumbag family.
Who do you get angry at?
The real scumbag family, or your neighbour for seling you out.