Privacy

40932 readers

1128 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

307

Can't we do anything as google is killing AOSP and custom ROMS (programming.dev)

submitted 3 days ago* (last edited 3 days ago) by Timely_Jellyfish_2077@programming.dev to c/privacy@lemmy.ml

239 comments fedilink hide all child comments

It feel like we’re losing to Google, day by day. They aren’t killing AOSP directly, but they are making it useless step by step.

Now it’s Google Play Services, Play Integrity checks, installation source checks… more and more apps just refuse to run without GMS. Banking apps? Most of them don’t work. And it’s only getting worse. I run vanilla AOSP on my main profile, no Play Services. I keep GMS only in my work profile for the apps that absolutely need it. But now even some regular apps that don't need any play services won’t work on my main profile anymore. They simply block your from running , like le chat.

Maps is google's most important app there is no way to run without play services. Sure we can use webview or gmaps wv, but they don't provide turn-by-turn directions. Earlier maps used to work without play services, but two years ago, an update stopped it from working. Now that old version is out of date and no longer works.

Google is slowly making GMS very important to run. The problem with GMS is they require to run as system app and has to have all the permissions by default.

Hope EU puts pressure to make google allow apps to run independently without GMS or atleast install them as user apps(like graphene os sandboxed play services).

If we keep going on like this, AOSP can only run fdroid apps in the future.

you are viewing a single comment's thread
view the rest of the comments

[–] dropped_packet@lemmy.zip 15 points 3 days ago (2 children)

Why not just access your financial institutions in a web browser?

[–] Narauko@lemmy.world 3 points 3 days ago (3 children)

That was an inconvenience, but one I could make if it was the only issue. It was more the total accumulation of things. My 2FA app pulling support for "unsigned" operating systems coupled with missing work texts due to RCS failure were the main straws to break the camel's back. Having to find an alternative and then manually change all 2FA was almost a deal breaker in itself. That played into using a web browser for my financial institution access.

[–] eleitl@lemmy.zip 4 points 2 days ago (1 children)

Work texts go to the work phone. Work 2FA also on work phone. I use a hardware TAN generator for web banking.

[–] Narauko@lemmy.world 3 points 2 days ago

My work 2FA is physical token based, it is my personal 2FA that causing me problems. Email and text authentication is insecure enough that I try and use a software authenticator whenever possible.

Great point about the work phone. I don't want a work phone as I don't have any desire to be reachable 24/7 outside of the rotating week I'm on call, but if I was expected to have email and Teams and everything on my phone I would definitely require one. Thankfully my work texts are all for team updates, heads up about issues, scheduling matters, etc, but I still consider those to be important while not riding to a separate work phone

[–] dogs0n@sh.itjust.works 6 points 3 days ago* (last edited 3 days ago)

Missing texts is definitely a deal breaker. I hate how RCS was championed as the "open" protocol and yet only google and samsung are able to implement it.. we were lied to. Or i feel lied to idk i thought it was an open knowledge spec when we were hearing about forcing apple to support it.

[–] dropped_packet@lemmy.zip 5 points 3 days ago (1 children)

There is always a trade-off with privacy and security. It's totally okay to decide you prefer convenience over privacy.

If you wanted to give it another shot:

You could use a different 2FA app - I know Bitwarden works well
You can use a soft phone SMS, bonus that you can send and receive from a computer

[–] Narauko@lemmy.world 1 points 2 days ago

That was why I wanted to move to GrapheneOS, I could selectively use Google services or apps for convenience while still being more secure than stock Android. I'll have to plan my next attempt out instead of Yolo and adapt, lol.

I do plan to migrate to a new 2FA, but Authy made that hard by getting rid of their desktop app so you can't port and have to go to each service and manually sign up a new app one by one. I tend to boycott services when they get that anticonsumer/anticompetitive out of principle.

[–] dogs0n@sh.itjust.works -1 points 3 days ago

Convenience and security probably.

The website version of a lot of banks require you login (each time) with a customer numer and then random letters from your password and or pin, which takes forever so I never bother unless I need the website.

Im (more) paranoid whenever I use a sensitive website. Quadruple checking the domain name, am i on https (even tho i use no-http and have a password manager). It's a bit more relaxing using an app.

Theres probably some security downsides (other than user error), but a modern banking site shouldn't suffer much since they invest heavily in locking down their shtuff.