What you're saying already existed. Linux on a smartphone was called Android. It ended up where it is today. If you were to somehow make another Linux on a smartphone competitor, it too would end up where Android is today, for the same reasons.
What you're saying already existed. Linux on a smartphone was called Android. It ended up where it is today. If you were to somehow make another Linux on a smartphone competitor, it too would end up where Android is today, for the same reasons.
This is just not true. Google has been directing the development of Android to maximize their profits. without such incentive, it won't be repeated.
Also, please stop with security nihilism, https://news.ycombinator.com/item?id=27897975
The current cyber security zeitgeist is to only allow "trusted" devices in your SSO flow and to also shove your VPN authentication on that SSO flow which includes even third party browsers not working. Only Chrome with a managed profile is even allowed to login. That pretty much means if you're not using a most recent version of iOS or Android you're SOL for using it for work.
And good luck spoofing it these days cause they are usually backed by hardware backed tpm encryption. Which is why windows 11 only installs if there's a tpm 2.0 device detected.
It's become super dystopian in the past 10 years and I don't see it changing.
Always thankful that I got to live through the wild West days because that's going away.
I don't argue that the problem isn't serious. I just want to tell that giving up is not the solution. I use a GNU/Linux phone and refuse any banks or services that don't work there. Yes, it's challenging and I have to make compromises because of it. Such is life.
Having a rooted android 11 phone for years was never a problem. My bank apps worked just fine. Even for work stuff (usually). It's on the personal side where I actually started to value having a virtual credit card on my phone with Google pay or apple pay. The stack to enable that securely is only on android and iOS and there's nothing else out there that has that. Open source community needs a full stack for attesting biometric sensors, storing secrets, and pushing them out through NFC and doing it properly is a lot.
Seconded. The NFC payment feature is useful on mobile in a way that generic "online banking" just isn't IMO. In the same category are transit apps, ride-hailing apps, social messaging, and a (very) few other others. The problem is that payment really does require a secure stack, as you describe.
I prefer to use an actual credit card, in order to keep the control over my computing in my hands.
Indeed, I do too. But since you always need at least one backup means of payment, I keep a second virtual card on mobile for that. Which alas is a very convenient solution.
Why can't you have two plastic cards from two different banks?
I find that cards are a PITA, mainly because they're always expiring and I tend to change physical address a lot.