• Cethin@lemmy.zip
    link
    fedilink
    English
    arrow-up
    30
    arrow-down
    1
    ·
    2 months ago

    It depends on what your requirements are. Is physical security important, or is preventing data collection more important? Not all security is the same.

    • Turret3857@infosec.pub
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      1
      ·
      2 months ago

      I never implied it was, however if someone is using graphene as a way to achieve mobile security, it can generally be assumed they want said security if they switch to a different OS. Iodé and CalyxOS both support more than just pixels, and don’t do data collection, nor do they sacrifice physical security. Mobile Linux on the other hand, has very little physical security, and very poor application sandboxing compared to the aforementioned android forks. It wouldn’t make sense from a security perspective to skip over android forks directly to {postmarketos, Ubuntu touch, armbian/mobian, manjaro mobile…} unless your goal is to use a Linux phone without caring about physical security and app sandboxing (which would not make sense if you are using Graphene, and don’t want to change your threat model too much while not supporting Google.)

      • Cethin@lemmy.zip
        link
        fedilink
        English
        arrow-up
        6
        ·
        2 months ago

        That’s fair. Hopefully in time mobile Linux will be comperable. I’d prefer it over Android if all else were equal. Maybe as Google keeps fucking around with users people will want to get as far away from them as possible and mobile Linux will really get going.

        • Turret3857@infosec.pub
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          1
          ·
          2 months ago

          I agree with you, in fact the only reason I know about the security differences is because I wanted to jump ship when they started down this closing AOSP path. I found that at the current moment the security model won’t work for me, and that I’d also have to buy a new phone just to get support. I really want to try out plasma mobile though, it looks nice.

          • Cethin@lemmy.zip
            link
            fedilink
            English
            arrow-up
            2
            ·
            2 months ago

            Yeah, Plasma mobile looks like where we should be right now, but yeah, sadly too many tradeoffs to actually have users. I’m still hopeful that some day we’ll get the Linux mobile we all want. Maybe when some Android devs retire and want a hobby…

        • henfredemars@infosec.pub
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 months ago

          I love that banks have tight requirements on where I can use their app, but I can visit their website from anywhere such as a public kiosk (not that you ever should!) and they’re all come on in!

          • cole@lemdro.id
            link
            fedilink
            English
            arrow-up
            2
            ·
            2 months ago

            no different than your banking app. most websites have a remember me option

          • eleitl@lemmy.zip
            link
            fedilink
            English
            arrow-up
            1
            ·
            2 months ago

            I use a hardware TAN generator which I could use with any browser. I use my banking app (which works on LineageOS so will presumably work on GrapheneOS) just to generate TAN for authentication. My banking cards support NFC.

      • Lka1988@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        edit-2
        2 months ago

        Skill issue?

        The day my Pixel 9 Pro XL came to my door, I unlocked the bootloader and rooted it. Yet, somehow, all of my banking apps (Venmo, Fidelity NB, a national bank, and a local CU) still manage to work just fine.

          • Lka1988@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            1
            ·
            2 months ago

            Ugh, the fucking McD’s app is such a pile of trash. I just now installed it to see if it got any better, and…nope. Still dogshit. No warnings about being rooted or bootloader unlocked though ¯\_(ツ)_/¯