zlacker

>>screen+(OP)
AKA: The shadow war on bot traffic continues humming along.

>>Klonoa+Mc
Bot traffic? Anyone using Linux will get blocked because "they can't be trusted". Only people running an "approved" operating system from a billion dollar corporation will be allowed to access.

This is already what is happening with SafetyNet on Android. For now most applications don't require hardware attestation so you can pass by spoofing an old device that didn't support hardware attestation but I'm sure that will change within a decade.

>>kevinc+xf
You don't have to be a billion dollar corporation to become Play Protect certified.

Being able to trust the security of a client can protect against many attacks and it is up to web sites to evaluate what to do with into information that a client is proven to be secure.

>>charci+Ph
Play Protect is different from SafetyNet.

SafetyNet means the app checks to make sure you're not rooted or running a custom ROM because those are considered a security risk. If you are not running a locked-down OEM ROM, you can't run many apps including banking apps.

Microsoft's Pluton on-CPU attestation technology means this is coming to PCs.

>>bitwiz+ll
Having a dedicated, locked-down device to access banks or other high-stakes services could be a good, if more expensive, solution.

Keep it powered down when not needed for extra security.

Idealy, it could be smaller than a smartphone, and use smartphone's or laptop's hardware for UI and networking.

>>nine_k+jn
It could be good if it was my choice. But I actually want to be able to access my bank from my computer running open source software where I can modify configuration and apply patches.

I don't want to have to agree to Microsoft or Apple's ToS so that I can access my bank.

I do not look forward to trying to find a bank that doesn't require this of me because all of the major banks have jumped on board.