Six years ago the entire Linux enthusiast space was super excited for the PinePhone, then everything fell apart. What went wrong? Was PINE64’s favoritism towards Manjaro the sole issue or were there other problems?
Six years ago the entire Linux enthusiast space was super excited for the PinePhone, then everything fell apart. What went wrong? Was PINE64’s favoritism towards Manjaro the sole issue or were there other problems?
It’s not rude but it’s incorrect. I have a deGoogled phone and do mobile banking with it. I don’t know for how long though but just to say it’s possible today.
Yes though I do recommend relying on a bank that does not force its customers to use Apple or Google only. I hope they’d be a way to disclose that beside just name & shame.
Glad that works for you! With my bank (comdirect.de) I can use a mobile website, and if I were to use something AOSP- or Halium-based, I could also use their PhotoTAN app, which, as the name implies, needs a working camera in Waydroid (on my OP6 with pmOS, the cameras work via libcamera, but not in Waydroid), so I have a small gadget for all these TANs.
My main worry with the “let’s just use Play Store/Aurora store and the run that apk”-approach is that it does not really send a visible signal to banks that they need to keep considering customers that don’t use Android proper.
It also always means that the next update (e.g., after some consultancy or some audit happened) may not work any more, meaning, access may be revoked at any time. Complaining to customer service or in Play Store reviews may have an effect, but it will still hurt. I think I would feel a tad safer if a banking app lived on FDroid… but sill.
I hope this gets my point across.
100% get your point and indeed agree. I think verification overall is pretty much tied to iOS/(Googled)Android so my (probably naive) hope is that physical token or passkeys that are NOT platform or service dependent gain traction. That’s why I got excited when https://github.com/keycloak/keycloak/issues/23656 was recently merged. I still have to test it but anyway more and more of the services I use online (self-hosted or not) are now behind “Log in with a device” and/or WebAuthN where I feel I can properly login, using e.g. YubiKey Bio or NitroKey, without anybody in the middle “owning” my identity or at least the verification step. I believe this is pretty much the “last battle” to have secure interactions without a central (commercial or not) actor in the middle that can use this to reshape our behaviors and interactions.