What’s odd to me is the cultural zeitgeist has moved to folks being aware that Microsoft (& Google & Apple) is collecting data on them to being the butt of jokes, yet those folks aren’t adopting an alternatives. With over a decade on Linux I’m now pretty out of touch with the opposite feeling. I guess the closest analog I have is not being able to realistically leave Android behind, but that is more hardware than software (banking app already don’t let you root or otherwise flash your device so I have given up hope in trying with them).
A few days ago I tried to install Windows 11 on the PC of a friend. It didn't work because of missing SATA drivers. Anyway, I was shocked how many points there are where Microsoft or Apple (we used his mac to create the USB drive) tries to sell something (buy pro version of fan controll now) or wants your permissions to gather all your data.
I convinced him to let me install debian. When it came to creating the default user he was hesitant to use his full name, because telemetry :D
I mean I don’t really see the point of using your real name on your system unless you often forget who you are. I would praise my friend tho for having the correct skeptical reaction even if it should be relatively harmless.
I also think it's a healthy attitude but at the same time it's sad that people can't trust their own devices any longer.
Using your real name can have benefits, like metadata in office documents or things like that. If you are sure your devices are yours and secure, there shouldn't be a reason not to use your own name. Unfortunately this isn't the case anymore if you are using anything else but Linux
Many jurisdictions recognize pen names & other aliases which a username is & could also be put in the document. Many might prefer not inserting their real name into things by default & if that privacy is desired as default, all the more reason to skip the real name.
If a machine is going to have multiple users (all my computers have multiple profiles for family members) all those users have to be called something, and I've not got the energy or the creativity to come up with fun and funky usernames for every system when my actual name is more than good enough.
Username is required for the home folder & login; name isn’t required for anything
banking app already don’t let you root or otherwise flash your device so I have given up hope in trying with them
You can get around that pretty easily by fooling SafetyNet / Play Integrity and hiding root from those apps. My phones have all been rooted for years and I never had issues with banking apps. I don't even run any google services anymore and the apps I use are fine with that.
I would not say easily. And even if you pass SafetyNet, your banking app may still not work. I have one, and I haven't figured out what it checks for, maybe LineageOS name or something. Would probably have to tear the apk apart to find out.
Do you use Magisk? I assume you have done the following already?
Enable Zygisk & the DenyList
(If Google apps are installed, deny all Google apps root access)
That should do it for all apps that do not require strong integrity.
Thanks for the list. I didn't have PlayIntegrityFix. Unfortunately it does not seem to be helping with the app.
First one doesn't pass all checks, but the second one does.
Have you managed to get Google Wallet/Pay working?
Yes, on my old phone it worked fine with the SafetyNetFix. I use microG now so Google Wallet is not implemented (yet).
Right. It’s always going to be an arms race that isn’t going to get easier as Google announces the next version will require Play Services & Play Store. Maybe someone will find a workaround, but there will be constant downtime in between these gaps. You’d think they would allow someone technically savvy enough to pass as they are probably rooted/custom ROM for a reason… but no.
I’ve since switched to carrying a separate credit-card-sized apparatus for payments. It’s called a debit card + bank notes folded over. Transfers, I use their ancient website that detects Netscape Navigator 4 & disables paste & their encoding doesn’t allow English punctuation, but it works in a pinch. The hard part will be pushing against cashless as the banks & government want all the reporting/data collection—something customers & vendors aren’t the keenest towards but ultimately I think would acquiesce under enough pressure which I am fearful of.
Previous phone it worked up until it didn’t. New phone I left unrooted since that was the error they gave me. Now without the root/jailbreak error, I get a useless generic error & the app crashes. I’ve been too lazy to root it just choosing alternative payment methods.
just choosing alternative payment methods.
Probably the better method, no bank is worth going through all that hassle.
I'm using Kitsune Mask right now and it's working pretty well on hiding root from my banking app and Google pay.
(banking app already don’t let you root or otherwise flash your device so I have given up hope in trying with them)
Idk why this myth keeps getting peddled. You can use any banking app on any custom ROM, rooted or unrooted (though I see no point in rooting these days). And even if an banking app blocked you from using their app...the mobile website exists if you really need mobile access to your bank.
mobile website exists if you really need mobile access to your bank.
This isn't actually always true.
Yeah my girlfriend's online-only business account can only be used via their proprietary app.
Been a royal pain in the arse for her.
That's not true. Specially with older banks, they don't let you run their shitty apps on rooted phones. And some younger banks don't even let you do certain tasks on the website, they are mobile first.
No rooted phones for our App. No travel to specific locals and countries either. we hvae black lists of Regions of the world where you simply cannot login to your accounts due to overwhelming security concerns and lack of extrajudicial remediation should there be fraud.
I haven't rooted in a long time. What would make the hassle of going to my bank's website worthwhile these days?
This isn’t a “myth” they detect both root & custom ROMs so even if you wanted to use an unrooted custom ROM you can’t. Rooting your phone just to skirt around them should be the opposite of what they want as there is some security implications to rooting your phone. And the current solutions are all temporary workarounds til the banking apps find a new way to partner with Google to prevent modifications of any kind.
In my country, at least one bank has shutdown & discontinued their website which is often just the first domino before others start doing it too. My bank is slow to adopt tech, but their site was created to detect IE and Netscape Navigator. I would assume they would kill that website before upgrading it to actually work on the modern web where a fixed CRT isn’t the only screen size.
European banks require strong security. Even a web-based login requires 2FA using the bank's mobile app - so if that app won't run, well, no banking for you today!
banking app already don’t let you root or otherwise flash your device
It's unfortunately only developed for the Pixel series of phones, but I've been using my banking apps on GrapheneOS with no issues.
Yep. If it doesn’t have a headphone jack, I don’t want the phone so no to Pixels.
Is that with a locked bootloader and sandbox google play?
yup
Majority of people just dont care about being spied upon unless it directly affects them somehow, at which point its too late for that person. But others having data on you wont likely directly affect you at the moment so not enough people get burned by it for general attitude to change. Smart people understand that all this can very easily change and prepare by not allowing all of their information be available for questionable people to use. Others make fun of them for this and call them crazy until one day they suddenly aren't so crazy any more.
They actually do care tho about the tracking—if they weren’t privacy wouldn’t be included in marketing like it is now. They are just more willing to accept it as a fact of life rather than dealing with it (or don’t know that they can do something or how to start).
We should make this easier for folks ’cause every email I send from a non-data-collection host usually ends up on a Google or Microsoft server, etc. Every silly Discord chatroom you join, or Facebook page you like has the same ramifications.
I think we need to do some really difficult investigations that essentially can show concrete proof of how this affects people:
"See you were looking up vacations and insurance right? Well you signed up to your car's connected service, you have an Alexa in your house, and a smart TV and a fridge all talking to each other....and they all worked together to put together a profile of how much you make and how old you are and everything else...
...so your neighbor looked up the same insurance and vacations and is paying about $200 less for the exact same of each, because they use AdBlock and don't allow spy devices in their house."
And then finish with the real kicker:
"I know you didn't ask to participate, but we just scraped all this information about you off the Internet and didn't even need to ask you. We had to ask your neighbor to participate though."
Majority of people just dont care about being spied upon unless it directly affects them somehow,
Remind them that strangers know their porn fetishes, and see if that changes their minds.
Then there's always Linux Mint for those looking to transition away from M$ or even all the other innumerable flavours of Linux.
What’s odd to me is the cultural zeitgeist has moved to folks being aware that Microsoft (& Google & Apple) is collecting data on them to being the butt of jokes, yet those folks aren’t adopting an alternatives. With over a decade on Linux I’m now pretty out of touch with the opposite feeling. I guess the closest analog I have is not being able to realistically leave Android behind, but that is more hardware than software (banking app already don’t let you root or otherwise flash your device so I have given up hope in trying with them).
A few days ago I tried to install Windows 11 on the PC of a friend. It didn't work because of missing SATA drivers. Anyway, I was shocked how many points there are where Microsoft or Apple (we used his mac to create the USB drive) tries to sell something (buy pro version of fan controll now) or wants your permissions to gather all your data.
I convinced him to let me install debian. When it came to creating the default user he was hesitant to use his full name, because telemetry :D
I mean I don’t really see the point of using your real name on your system unless you often forget who you are. I would praise my friend tho for having the correct skeptical reaction even if it should be relatively harmless.
I also think it's a healthy attitude but at the same time it's sad that people can't trust their own devices any longer.
Using your real name can have benefits, like metadata in office documents or things like that. If you are sure your devices are yours and secure, there shouldn't be a reason not to use your own name. Unfortunately this isn't the case anymore if you are using anything else but Linux
Many jurisdictions recognize pen names & other aliases which a username is & could also be put in the document. Many might prefer not inserting their real name into things by default & if that privacy is desired as default, all the more reason to skip the real name.
If a machine is going to have multiple users (all my computers have multiple profiles for family members) all those users have to be called something, and I've not got the energy or the creativity to come up with fun and funky usernames for every system when my actual name is more than good enough.
Username is required for the home folder & login; name isn’t required for anything
You can get around that pretty easily by fooling SafetyNet / Play Integrity and hiding root from those apps. My phones have all been rooted for years and I never had issues with banking apps. I don't even run any google services anymore and the apps I use are fine with that.
I would not say easily. And even if you pass SafetyNet, your banking app may still not work. I have one, and I haven't figured out what it checks for, maybe LineageOS name or something. Would probably have to tear the apk apart to find out.
Do you use Magisk? I assume you have done the following already?
That should do it for all apps that do not require strong integrity.
Thanks for the list. I didn't have PlayIntegrityFix. Unfortunately it does not seem to be helping with the app.
First one doesn't pass all checks, but the second one does.
Have you managed to get Google Wallet/Pay working?
Yes, on my old phone it worked fine with the SafetyNetFix. I use microG now so Google Wallet is not implemented (yet).
Right. It’s always going to be an arms race that isn’t going to get easier as Google announces the next version will require Play Services & Play Store. Maybe someone will find a workaround, but there will be constant downtime in between these gaps. You’d think they would allow someone technically savvy enough to pass as they are probably rooted/custom ROM for a reason… but no.
I’ve since switched to carrying a separate credit-card-sized apparatus for payments. It’s called a debit card + bank notes folded over. Transfers, I use their ancient website that detects Netscape Navigator 4 & disables paste & their encoding doesn’t allow English punctuation, but it works in a pinch. The hard part will be pushing against cashless as the banks & government want all the reporting/data collection—something customers & vendors aren’t the keenest towards but ultimately I think would acquiesce under enough pressure which I am fearful of.
Previous phone it worked up until it didn’t. New phone I left unrooted since that was the error they gave me. Now without the root/jailbreak error, I get a useless generic error & the app crashes. I’ve been too lazy to root it just choosing alternative payment methods.
Probably the better method, no bank is worth going through all that hassle.
I'm using Kitsune Mask right now and it's working pretty well on hiding root from my banking app and Google pay.
Idk why this myth keeps getting peddled. You can use any banking app on any custom ROM, rooted or unrooted (though I see no point in rooting these days). And even if an banking app blocked you from using their app...the mobile website exists if you really need mobile access to your bank.
This isn't actually always true.
Yeah my girlfriend's online-only business account can only be used via their proprietary app.
Been a royal pain in the arse for her.
That's not true. Specially with older banks, they don't let you run their shitty apps on rooted phones. And some younger banks don't even let you do certain tasks on the website, they are mobile first.
No rooted phones for our App. No travel to specific locals and countries either. we hvae black lists of Regions of the world where you simply cannot login to your accounts due to overwhelming security concerns and lack of extrajudicial remediation should there be fraud.
I haven't rooted in a long time. What would make the hassle of going to my bank's website worthwhile these days?
This isn’t a “myth” they detect both root & custom ROMs so even if you wanted to use an unrooted custom ROM you can’t. Rooting your phone just to skirt around them should be the opposite of what they want as there is some security implications to rooting your phone. And the current solutions are all temporary workarounds til the banking apps find a new way to partner with Google to prevent modifications of any kind.
In my country, at least one bank has shutdown & discontinued their website which is often just the first domino before others start doing it too. My bank is slow to adopt tech, but their site was created to detect IE and Netscape Navigator. I would assume they would kill that website before upgrading it to actually work on the modern web where a fixed CRT isn’t the only screen size.
European banks require strong security. Even a web-based login requires 2FA using the bank's mobile app - so if that app won't run, well, no banking for you today!
It's unfortunately only developed for the Pixel series of phones, but I've been using my banking apps on GrapheneOS with no issues.
Yep. If it doesn’t have a headphone jack, I don’t want the phone so no to Pixels.
Is that with a locked bootloader and sandbox google play?
yup
Majority of people just dont care about being spied upon unless it directly affects them somehow, at which point its too late for that person. But others having data on you wont likely directly affect you at the moment so not enough people get burned by it for general attitude to change. Smart people understand that all this can very easily change and prepare by not allowing all of their information be available for questionable people to use. Others make fun of them for this and call them crazy until one day they suddenly aren't so crazy any more.
They actually do care tho about the tracking—if they weren’t privacy wouldn’t be included in marketing like it is now. They are just more willing to accept it as a fact of life rather than dealing with it (or don’t know that they can do something or how to start).
We should make this easier for folks ’cause every email I send from a non-data-collection host usually ends up on a Google or Microsoft server, etc. Every silly Discord chatroom you join, or Facebook page you like has the same ramifications.
I think we need to do some really difficult investigations that essentially can show concrete proof of how this affects people:
"See you were looking up vacations and insurance right? Well you signed up to your car's connected service, you have an Alexa in your house, and a smart TV and a fridge all talking to each other....and they all worked together to put together a profile of how much you make and how old you are and everything else...
...so your neighbor looked up the same insurance and vacations and is paying about $200 less for the exact same of each, because they use AdBlock and don't allow spy devices in their house."
And then finish with the real kicker:
"I know you didn't ask to participate, but we just scraped all this information about you off the Internet and didn't even need to ask you. We had to ask your neighbor to participate though."
Remind them that strangers know their porn fetishes, and see if that changes their minds.
Then there's always Linux Mint for those looking to transition away from M$ or even all the other innumerable flavours of Linux.