zlacker

>>danShu+(OP)
Expected, but meaningless if we can't drive people towards Firefox and away from Chromium products. That's something of a responsibility we all have, especially those of us invested in the safety and security (collectively, trust) of the web.

I haven't seen anything yet on whether Brave will support it, though if I'm understanding correctly, they won't have a choice since they're using Chromium. Hopefully I'm misinformed.

>>eganis+s8
The end result is that DRM and banking sites will just tell you to use chrome to continue. And users will keep migrating to chrome until Mozilla is forced to implement it.

>>Gigach+b9
I dunno about banking sites, currently they seem to be some of the worst out there in terms of caring about modern security techniques. eg SMS 2FA at best, terrible password handling etc. They don't move very fast at all.

It feels weird that I'm now grateful for how crap they are.

>>antod+5c
Banking apps seem to be the main users of root detection on android. One prominent bank in Australia doesn’t have a web UI at all and only allows access via app. And I suspect it’s partially for security reasons.

The average person is very likely to have malware on their computer, but not on their phone.

>>Gigach+Kc
Funny story: I had to root my phone to get the Fidelity app to work.

I installed lineageOS, which is passes the Google SafetyNet check out-of-the-box. So most things just work, including my local Credit Union's app.

But lineageOS fails the CTS profile check on my phone. Fidelity checks this after you log in and shows a "For security reasons your account has been blocked..." message.

So I had to root the phone to install a CTS profile fixer, and then more hacks to hide the fact it was rooted.

After that Fidelity worked, but requested root permission every time I launched it until I figured out how to permanently disable that.

Netflix was similar, but not quite as annoying.