Revolut is specifically banning GrapheneOS by checking for the build machine hostname and username being set to grapheneos. We've changed these to build-host and build-user. Combined with another change, this allow our users to log in to it again until they roll out Play Integrity API enforcement.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
There's no legitimate excuse for banning using a much more private and secure operating system while permitting devices with no security patches for a decade. Meanwhile, Revolut's shoddily made app tells users they're banning GrapheneOS because they're "serious about keeping your data secure".
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
Revolut's app will stop working against once they start enforcing having a Play Integrity API result showing it's a Google certified device. This is not a security feature but rather anti-competitive behavior from Google deployed by apps like Revolut wanting to pretend they care about security.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
Revolut uses a bunch of shady closed source third party libraries in their app and it's one of these libraries banning GrapheneOS. These libraries are a major security risk and put user data at risk of being compromised. Revolut is not taking user security seriously at all and is cutting corners.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
There's no legitimate reason for any app to ban GrapheneOS users. It has the full standard security model and massive security improvements. There's no logic in banning GrapheneOS. It makes no sense for them to ban anything when they permit a device with no patches for 10 years. It's performative.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
GrapheneOS fully supports standard Android hardware attestation for verifying the hardware, firmware and operating system along with the app that's using it. See https://grapheneos.org/articles/attestation-compatibility-guide. If apps insist on checking device integrity, that's the only way they should do it.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
Play Integrity API checks that Google's monopolies are supported through devices licensing Google Mobile Services and integrating their browser, search engine, advertising, etc. It's anti-competitive and clearly illegal. Multiple governments are taking regulatory action and are in contact with us.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@GrapheneOS do these include @BMWK / @Bundesregierung and/or @EUCommission ?
=> More informations about this toot | More toots from kkarhan@infosec.space
@kkarhan @BMWK @Bundesregierung @EUCommission We can't talk much about it.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@GrapheneOS understandable as of now tho I'm shure you'd be able and.willing to testify under oath how #Google flexes their dominance as a weapon re: #IntegrityAPI...
@BMWK @Bundesregierung @EUCommission
=> More informations about this toot | More toots from kkarhan@infosec.space
@GrapheneOS
I wish you the utmost success in getting this anti-competitive and customer-harming practice banned.
@kkarhan @BMWK @Bundesregierung @EUCommission
=> More informations about this toot | More toots from quincy@chaos.social
@GrapheneOS
I wish Canada would regulate... well, any of this stuff.
=> More informations about this toot | More toots from TheZorse@hear-me.social
@GrapheneOS I think you were in talks with the European Commission about the monopoly tactics of the Play Integrity API. Any piece of news?
=> More informations about this toot | More toots from zako@fosstodon.org This content has been proxied by September (ba2dc).Proxy Information
text/gemini