Comment by gaiagraphia

Comment by gaiagraphia 19 hours ago

7 replies

View on Hacker News

Big shout out to Google Play Integrity/Safety Net (or whatever it's currently called).

Was the one thing which ended my couple of years without Google, as my banking apps started banning my phones fingerprint for being insecure.

Seems like in a major part of '''Pax Americana''' is needing to use a Google or Apple fingerprint to participate in society. Makes you laugh when people whinge about China.

conradev 13 hours ago

Attesting that a closed source device meets arbitrary closed source standards is a necessary evil.

One real world problem is that some existing systems are built relying on the integrity of the components within, i.e. BART in the bay area relies on the BART cards being honest and secure. If iPhones are to be allowed into the system, they also have to be honest and secure.

The capability is being over-used and abused, and we should design systems to never need it, but some do.

Reply View 2 replies
  • ImPostingOnHN 11 hours ago

    > If iPhones are to be allowed into the system, they also have to be honest and secure.

    This describes a 1:1, total-trust relationship. There are other types of systems fulfilling the requirements without needing a 1:1, total-trust relationship.

    For example, the main requirements here are: The account succeeds at making requests it is allowed to make, and the account fails at making requests it is not allowed to make. Both those requirements can be fulfilled entirely server-side, and should be. Why require the client to be locked down?

    Reply View 1 reply
    • conradev 10 hours ago

      > Why require the client to be locked down?

      It is hard and likely expensive to require every single reader in every single city to be networked:

      > Because Clipper operates in multiple geographical areas with sporadic or non-existent internet access, the fare collection and verification technology needs to operate without any networking. To accomplish this, the Clipper card memory keeps track of balance on the card, fares paid, and trip history.

      https://en.wikipedia.org/wiki/Clipper_card#Technology

      Reply View 0 replies
zb3 15 hours ago

In Europe, banking apps block root but still work on a custom OS (like LineageOS) without contactless payments. I guess this is because many people here buy Chinese phones and they just can't ignore them.

Reply View 0 replies
lenerdenator 12 hours ago

Don't worry, Pax China will have you giving the fingerprint to Xiaomi and Huawei instead.

Reply View 0 replies
ThePowerOfFuet 8 hours ago

Have you tried on GrapheneOS?

Also, what's stopping you from using your bank's website instead... or switching to a bank which sucks less?

Reply View 1 reply
  • gaiagraphia 7 hours ago

    It just gets all so tiresome. And I don't really have enough money and free time to swap devices/banks when things get banned at random intervals.

    Just wanted to be left alone tbh ;/

    Reply View 0 replies