Revolut insecurely checks the ro.boot.verifiedbootstate property and forbids it being yellow, which means a locked device with an aftermarket OS that's being cryptographically verified by the firmware. They permit it being orange, which means an unlocked device with any OS.
They're specifically banning having a device that's locked with an aftermarket OS rather than banning having an unlocked device or an aftermarket OS in general. Similarly, they're specifically banning the value `grapheneos` for ro.build.user/ro.build.host.
Having the verified boot state at orange is unsafe, it means verified boot is disabled. There is no verification of OS integrity after each boot and update. There is no protection against exploit persistence nor a threat choosing to push a malicious update that is not signed with the same key as the originally installed operating system.
Both of these things and other similar insecure, useless checks are being done by several different SDKs. Revolut's app is full of sketchy, insecure third party libraries. They certainly don't take security seriously as they claim in their message about banning GrapheneOS.
We've fixed both of the ways they're banning GrapheneOS for our next release. Since third party SDKs are what's being used to do it, our hope is that this fixes a few other poorly written banking/financial apps doing similar stuff to ban aftermarket operating systems.
These are the full set of changes fixing Revolut's ban on GrapheneOS:
https://github.com/GrapheneOS/platform_build/commit/bcd027b1273db32d6361092c635bf52a5d08c0e7
https://github.com/GrapheneOS/platform_system_core/commit/971110e37d73b5acb6e806b62146dcdcb29277b2
Other banking apps banning #GrapheneOS will need to be retested after the next release.
Thank you even if I don't use Revolut. This is important work.
One of the good things of being back home soon is, I'll be able to repair my node and test all the things I missed lately.
Yeah, I also do it. It's a special purpose account only for that.
My apologies. It seems the wires have crossed. See, in nostr. When someone says GFY, it's a good thing. Really. Ask nostr:npub18ams6ewn5aj2n3wt2qawzglx9mr4nzksxhvrdc4gzrecw7n5tvjqctp424
To early, you should have waited for the second date
Current state of affairs: people who looked down on me for even considering leaving Europe a few years ago are now considering or have already started the process to leave.
I can't catch-up on all the things that are currently happening. And it's only Tuesday. What a time. The energy is high and there is a lot of optimism regardless where I have traveled this year or where I have some good friends: USA, CostaRica, El Salvador, Argentina, Japan, just to name a few. Even more since yesterday, but sadly I'm from Europe and the reactions have been embarassing at best. I'm currently not there obviously, but the thing is, I don't want to go back. It was already difficult after nostrica last year, now even more. But whatever, for the moment, it means to keep fighting to change that.
Lol, I'm sending notes to myself on signal.
Skynet
I would love to, but some I can’t avoid. Banks, insurances and sometimes even governmental pages to name a few. Entertainment or news, whatever. For what I really have no understanding, is for the whole bunch of new media, entertainment, freedom, privacy, tec companies riding the wave and then blocking vpn. Even worse than that, are those blocking Tor.
I've lost my Garmin Watch while surfing. Seems like I can deactivate Garmin Pay remotely, but all activities that fit on storage are still on the device and are not deleted after syncing. That is a lot of location data. Same for synced messages and notifications. That's also a lot of personal data without necesity. I was aware of data like age, weight, height, fitness level, HR etc., as they are needed for on device calculations, but all the other should not be there. A lesson I would gladly have skipped.
Funnily enough I found a drive with some old mp3s from that time. Winamp or foobar2000 still a thing?
Those were the days
I learned that the expensive way
Even better, you can have as many identities as you want or need. Like real life, you wear many hats, and they don't need to fit under the same identity if you don't want to.
But as mentioned in another thread, a big problem is that the data volume for WhatsApp is free / included in Latin America, Europe,.. Why would anyone switch and start paying for traffic.
I'm just frustrated and don't know if a phone number dependency is necessary to be honest. Every business I need to contact has their phone number written all over the place, but it could be a qr code to scan. I mean, qr are appearing nearly all over the place be it menus, reservations, WiFi
Exactly, name me any messenger and I probably have an account. I mostly delete them after they fulfilled their job, but the list of them remaining longer on my devices keeps increasing.