cross-posted from: https://slrpnk.net/post/15995282
Real unfortunate news for GrapheneOS users as Revolut has decided to ban the use of ‘non-google’ approved OSes. This is currently being posted about and updated by GrahpeneOS over at Bluesky for those who want to follow it more closely.
Edit: had to change the title, originally it said Uber too but I cannot find back to the source of ether that’s true or not…
Just to be clear, they banned all custom roms, not only graphene.
Most ROMs like LineageOS and CalyxOS drastically weaken the security of Android, so that would actually make sense. GrapheneOS has far better security than AOSP, the Stock Pixel OS, or basically every other version of Android that you would find pre-loaded on a device. https://grapheneos.org/features#exploit-protection
Most ROMs like LineageOS and CalyxOS drastically weaken the security of Android
Source?
Graphene shills have been banging on this point for donkey’s ages. Reality is that many people use phones that are out of OEM support and many OEM ROMs are bundled with questionable software (Oppo, Samsung etc.) There are some decent criticisms to be made about LineageOS, but others to be made about Grapheme, like its Google-suggestive configurations, which is quite bad for security and privacy. Graphene says this is all optional and not part of the OS, but doesn’t include any equivalent F-Droid installer.
It’s crazy how they can just do illegal things because they have so much money…
Do I own my phone or not??
This makes me want to use GrapheneOS more. If the dataminers don’t want you to use it then it must be doing something right.
Fuck both of these companies. Never used McDicks app in the first place. Spyware bullshit.
The mcdonalds app is a scam to get you to agree to their arbitration clause
Care to elaborate? I’m curious.
Never mind. I found an article pretty quick. Thanks for the heads up anyway. :)
Funny that news nowadays is citing tik tok and reddit comments
https://www.thedailymeal.com/1431937/mcdonalds-app-terms-waive-rights-trial/
Why would anyone load an app from McDonalds? You want to give them elevated access to your most personal data for a few dollars of coupons?
What are they taking from you that’s worth more than the discounts they are giving you? Because they are definitely making a profit, or they wouldn’t be doing it.
We are definitely in the era where people think discounts before user privacy. I bet most of people downloading the Mcdonald app do it exactly because of cheeper prices and easy of access.
just had medium fries and coke. many people i know, including myself, use the mcd app because of the discounts it offers when ordering through the app. however, i am under the impression that since i use an ios device and have the option to decline being tracked by the app—which i very eagerly press “no” to—i am on the safe side. am i?
Apple does extensive audit of mobile apps, including limitations of tracking. So the app cannot spy on something you are not letting it to know. But you are giving it a bunch of info voluntarily.
I’d say using that app on iOS is similar to making a food delivery order using a loyalty member ID. Basically, you are letting the company (McDonald’s) know who you are, what is your phone number, where do you live, and what do you like to eat. And if they wish to, they could use all that to purchase your profile from a data brocker. Or they can sell that info for a few cents to make up on that discount.
No, Apple isn’t your guardian angel with the press of a button.
Can Graphene add a feature to run in emulation mode to allow apps to believe it’s on an unrestricted OS?
OK McDonald’s, I will not use your most cost effective ordering method. I guess I will just have to order my 10 individually custom cheeseburgers at the counter instead. I might have to have e the order read back, and change my mind about a few burgers.
As a former employee… That does nothing. Crazies that spend 15 min to order some fries were common.
If you go at rush hour it can be annoying to the employee and other customers, but at the end of the day nobody will remember and you would have spent 20 min and 10 dollars (which is 9 dollars material profit for MacDonald).
Just. Don’t. Go. To. Macdonald’s.
that’s just screwing with the workers though, and the workers sure as hell is not going to get paid extra for your custom order
This viewpoint is so stupid.
The cashier is paid to take orders, whether they take 1 long obnoxious order or 3 small orders, it’s the same shit.
People are so swept up in ‘kindness and support’ (internet circlejerking), they think that the fact you inconvenienced some 17 year old, representing a massive corporation, as a fuck you to the company that employs them, you’ve committed some moral sin against your fellow man.
That worker doesn’t want to be there, that’s likely one of 3 jobs they need to barely scrape by.
You holding them up from doing other tasks they need to do to keep a job that barely feeds them is doing nothing but making their day a little harder. It affects the company 0%. The company is faceless and doesn’t care how much you abuse the worker bees as long as they get your money.
I don’t know what the answer is aside from not patronizing the company at all, but I know that’s not it.
If the company is always too busy, they will need to hire more workers or the existing ones will leave.
the cashier
Who is also the manager, making drinks, doing the fries because that bitch called in sick…
Calling someone who called out sick a bitch is a little bit insensitive, no?
Odd timing considering I’ve banned McDonalds, Revolut and Authy from my phone.
Revolut works fine for me still on Graphene?
Try logging in and out. (Though dont blame me if u can’t log in again).
copy that - thanks for the hint. honestly, if it doesn’t work in the future, I’ll probs just cancel my account with them
Yeah that’s what I did.
Maybe it’s worth keeping a budget mobile phone at home with Rustdesk host running on it? When you have a need for an app that must run on a genuine Android, you just remote into that phone. Since the phone never leaves home, there’s less to track.
Small OT: In the article it’s mentioned also the app “IO” (italian for the english word “I”). There are also other important italian apps not working without play services. The serious thing is that that apps are almost mandatory to do the ordinary public administration bureaucracy. We can say that the italian state forces its citizens to use a smartphone with Google Play Services installed. This is no sense.
Can I simulate another OS environment for these kind of apps?
This is very bad news, because this means any app that wants your data could do the same.
On the other hand, it makes it easy to find which apps aren’t to be trusted with your data.
Also very obvious when an app or website have an US and an EU version. You just know they buttfuck the Americans because no rules.
Even Apple had to make two versions of iOS.
the problem here is not the banks or apps, the problem is Google Play Integrity API, which is supposed to enforce to run apps in secured phones and it is used to ban secured ROMs such as GrapheneOS and it allows to run apps on outdated phones without security patches.
which is supposed to enforce to run apps in secured phones
The point of the Google Play Integrity API is to ensure that the user is not in control of their phone, but that one of a small number of megacorps are in control.
Can the user pull their data out of apps? Not acceptable. Can the user access the app file itself? Not acceptable. Can the user modify apps? Not acceptable.
Basically it ensures that the user has no control over their own computing.
It’s simply the “secure” isn’t meant for users but the cooperations. Make it “secure” to their business.
Oh, the banks and regulators are to blame. Especially in Europe.
Find me a PSD2 bank bank that doesn’t require a phone number
In this case, thanks to regulation, it seems GrapheneOS team is talking with European Commission about this problem with Play Integrity API https://fosstodon.org/@GrapheneOS@grapheneos.social/113623767380032309 and the only hope is a movement of the regulator against this policy of Google.
So that’s why it works on lineage? They seem to get around this somehow
It runs in Lineage? Lineage is certified by Google Play Integrity API (I doubt it)? or Lineage tricks Google Play Integrity API?
Yes. These apps work and bank apps work fine. Netflix works too.
There are only problems with a bunch of applications that recently decided to use Play Integrity API not with every banking app nor Netflix.
This is the list: https://grapheneos.org/articles/attestation-compatibility-guide#apps-banning-grapheneos
In fact those applications should not work with Lineage unless Play Integrity API is patched/cracked someway in Lineage.
Well that’s bad. I’ve been using revolut for years now.
Does anyone have a suggestion for a new bank that’s operating under european law?
Most banks restrict custom ROM and root access devices for security purposes. Same with MFA apps. I get it. From an IT security perspective, restrictions on software compatibility limit the number of failure points. Even if you find a custom OS that is more secure as an OS, it is installed through opening up your device to security risk and there is no real requirement for you to close up that security risk afterward. My company has made the same choice to restrict supported platforms for our services.
McDonald’s app restricting the OS is probably some security decision they made because it’s more secure even when they probably don’t need it though.
It’s not your job to secure my device. It’s your job to provide the service I’m paying you for.
Perhaps WISE? You can use the web page unlike Revolut.
Wise isn’t a bank, but it does appear to be the best option in EUR
Wise has a banking license in Belgium much like Revolut has one in Lithuania.
Wise is missing some cool things Revolut has like metal cards that require you to use an expensive plan, or the ability to buy stocks and crypto.
What Wise has instead, is the ability to have both a REAL American AND European bank account in the same app, which you can instantly transfer money between. Revolut doesn’t give you an American bank account if you’re in Europe, idk if they give you an European bank account if you’re in the US. But Wise has both.
Why is this so important? Well let’s say you’re in Europe, you land a side gig doing a bit of work for a big US corporation you’re connected to through your old job. You’ve got your rate negotiated, everything’s sweet. And then they hit you with the question: “Are you able to take ACH payments?”
Now you have to google what an ACH payment is. Then you have to find out how to be able to receive them. Turns out these are internal to the US. Banks outside of the US just don’t accept them, because they’re not part of the system. But wait! Wise actually gives you an actual US bank account complete with routing numbers and everything. In your name, not in some proxy’s name either.
Yes I sound like an advertisement at this point, but it’s ridiculous how useful this gets if you need to move money internationally. I didn’t get all the hype before I needed it, but when I did, it fit my use case like a glove.
This sounds like an antitrust legal problem…
The GrapheneOS team is already talking to regulators: https://grapheneos.social/@GrapheneOS/112539378681400395
