GrapheneOS attestation compatibility guide
grapheneos.org
external-link
Guide on using remote attestation in a way that's compatible with GrapheneOS.

cross-posted from: https://slrpnk.net/post/15995282

Real unfortunate news for GrapheneOS users as Revolut has decided to ban the use of ‘non-google’ approved OSes. This is currently being posted about and updated by GrahpeneOS over at Bluesky for those who want to follow it more closely.

Edit: had to change the title, originally it said Uber too but I cannot find back to the source of ether that’s true or not…

Brad Boimler
link
fedilink
17d

I use McDonalds App all the time on GOS this only affect you if you use Google Pay when checking out to my knowledge.

floreana
link
fedilink
39d

@Sunny
Gatekeeprs of wealth sticking together against the ambition for freedom of poorer people?
Oh, color me surprised. 🙄

(I want to de-Google step by step, thanks for the heads up).

Google has ruined Android by closing it up.

EU needs to step in and force Google to open it up.

While at it, go for Apple’s monopoly as well.

This is actually good, see it as an enrichment of your life. The only sad thing is Revolut though.

As an alternative to Authy I recommend Stratum (previously known as Authenticator Pro) https://apt.izzysoft.de/fdroid/index/apk/com.stratumauth.app

This due to its compatibility with Android wear (companion)

Can anyone who has used both Aegis and Stratum compare them?

I swear I am so close to jumping into the void of mainline linux on phones.

The only main issue is device drivers, but I would be fine happily extracting them from android or making new ones. Modern Android is a complete full stack POS.

Seems like my time to move away from Authy. Any drop in alternative for iOS? Ideally I could export services and load them back, not manually adding/removing 1 by 1. Even if I can’t though, suggestion still welcomed.

Sips'
creator
link
fedilink
210d

Highly highly recommend Ente Auth!

Also featured on Privacy Guides

Paid Bitwarden or self-hosted 2FAuth. Its very lean so you could probably do it on a free Oracle cloud VPS and never pay. Or put Vaultwarden on a PikaPod for very little money per month.

Small OT: In the article it’s mentioned also the app “IO” (italian for the english word “I”). There are also other important italian apps not working without play services. The serious thing is that that apps are almost mandatory to do the ordinary public administration bureaucracy. We can say that the italian state forces its citizens to use a smartphone with Google Play Services installed. This is no sense.

granolabar
link
fedilink
110d

modern fascism in action… state and corporate fusion. however, WHY DA FAQ would Italian state do this for the benefit of a foreign corporation…

I get US part of NATO but wtf

The italian government is full of fascists at the moment, but for me its more like tech ignorant laws. To make an example this is a comment of mine about piracy shield; I think that story can well explain the ignorance of italian government in tech related stuff.

qaz
link
fedilink
511d

Oh great, I guess I’ll have to change my payment info for everything now. Fantastic.

I don’t think it’s a coincidence that the shittiest companies are those, who enforce Google’s broken and monopolistic “Play Integrity” API. Revolut has connections to Russia, McDonalds supports the Israeli genocide in Palestine and Authy has always just been a massive piece of shit, not even allowing users to export their TOTP seeds. These are three companies I would NEVER even consider using anyway.

And “Play Integrity” API actually does NOTHING, absolutely NOTHING for your security as an end user.
You use an outdated, unpatched Android version with multiple severe, publicly known exploits on an insecure device?
Google doesn’t give a single fuck.
You use the newest version of Android with all the patches applied on Google’s own hardware, with a locked boot loader and a hardened operating system?
That’s not allowed by the “Play Integrity” API.
It’s only purpose is to serve Google’s monopolistic business interests.

Mer
link
fedilink
14d

What are Revolut’s connections to Russia except its founder/owner’s nationality? /nm

Sips'
creator
link
fedilink
511d

Hear hear!

Dr. Moose
link
fedilink
-111d

It always seems that with finance we take 2 steps forward and 1 step back. That’s why Bitcoin will never stop existing.

Dr. Moose
link
fedilink
1811d

Authy has been utter garbage for a long time and if you ever needed a reason to migrate away then now is as good as ever.

Do you have a replacement you would recommend?

I use TOTP in KeepassXC (or KeepassDX on mobile) because it’s fully local and available for desktop.

Oh, I was using Keepass2Android as a password vault, but was a little frustrated with it because occasionally it’ll forget to synchronize with the file before adding an entry and leave a “conflicted copy” I have to deal with manually. If KeepassDX will also do TOTPs that sounds perfect.

If you only use Android, go with Aegis. For a end-to-end encrypted, cloud-synced (also self-hostable) solution, check out Ente Auth. It also works on desktop.

ZeroOne
link
fedilink
7
edit-2
10d

Well pick anyone listed in this AlternativeTo list but I recommend Aegis

Why would anyone load an app from McDonalds? You want to give them elevated access to your most personal data for a few dollars of coupons?

What are they taking from you that’s worth more than the discounts they are giving you? Because they are definitely making a profit, or they wouldn’t be doing it.

I used to work hosting Focus Groups, we would pay cash, and top dollar for even small chunks of specific data sets on demographics that would age very quickly. Since people’s habits change, different trends, feedback, etc. Hence the need of constant campaigns. Today, people give a lot of this data away, for free, in a constant data stream, for months if not years on end for cents or even a couple of bucks a month. Via constant tracking and profiling. It’s crazy how privacy illiterate people are.

Sips'
creator
link
fedilink
1411d

We are definitely in the era where people think discounts before user privacy. I bet most of people downloading the Mcdonald app do it exactly because of cheeper prices and easy of access.

dharmik
link
fedilink
011d

just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.

Sips'
creator
link
fedilink
211d

How did you manage to post the same comment 4 times? 🙃

dharmik
link
fedilink
111d

i use my very own #snac instance which is sometimes slow. i pressed the post button 4 times.

dharmik
link
fedilink
-1
edit-2
11d

just had medium fries and coke. many people i know, including myself, use the mcd app because of the discounts it offers when ordering through the app. however, i am under the impression that since i use an ios device and have the option to decline being tracked by the app—which i very eagerly press “no” to—i am on the safe side. am i?

@pound_heap@lemm.ee
link
fedilink
7
edit-2
11d

Apple does extensive audit of mobile apps, including limitations of tracking. So the app cannot spy on something you are not letting it to know. But you are giving it a bunch of info voluntarily.

I’d say using that app on iOS is similar to making a food delivery order using a loyalty member ID. Basically, you are letting the company (McDonald’s) know who you are, what is your phone number, where do you live, and what do you like to eat. And if they wish to, they could use all that to purchase your profile from a data brocker. Or they can sell that info for a few cents to make up on that discount.

Sips'
creator
link
fedilink
811d

No, Apple isn’t your guardian angel with the press of a button.

dharmik
link
fedilink
011d

just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.

dharmik
link
fedilink
111d

just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.

dharmik
link
fedilink
011d

just had medium fries and coke. i and many i know use the mc D app because of the discounts it gives when i order through my app.

This sounds like an antitrust legal problem…

The GrapheneOS team is already talking to regulators: https://grapheneos.social/@GrapheneOS/112539378681400395

3 shites dropped.

I use Authy under a separate work profile on graphene with no issues 🤔

Sips'
creator
link
fedilink
111d

Guess you won’t be for much longer 🤷 I’d bare careful with logging out.

But when did you set Authy up? I don’t recall when Authy made the change, but it wouldn’t kick you out. It would, however, prevent you from signing in a new device. So if you lose your phone, you might lose access to those tokens…

Oh ok. Yeah it was a while ago. Will have to switch to something else soon then.

Luca
link
fedilink
1511d

I use Aegis.

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 3.12K Posts
  • 78K Comments
  • Modlog