zlacker

[return to "Linux phones are more important now than ever"]
1. jeffpa+D5[view] [source] 2025-09-16 01:32:45
>>wicket+(OP)
My Android phone prevents me from taking screenshots if an app author doesn't want me to.

My Android phone prevents me from recording phone calls at the request of my carrier, even though it's totally legal for me to do so in my jurisdiction.

I'm not loving where this is all going.

◧◩
2. hypeat+d8[view] [source] 2025-09-16 01:56:33
>>jeffpa+D5
> prevents me from taking screenshots if an app author doesn't want me to

The most frustrating part about this "feature" is that you don't know it's enabled until the screenshot is taken and you're left with a picture of nothing.

That and some app authors thinking they're protecting you with this (referring to banking apps in particular)

◧◩◪
3. godels+Uu[view] [source] 2025-09-16 06:04:44
>>hypeat+d8
In some sense they are. But being protected either from a consequence of my own stupidity or a consequence of their lack of security. I think the worst part of all is that these "bandaids" are being used in place of actual security. I don't need to be protected from my own stupidity nor do I need security theater.
◧◩◪◨
4. mr_mit+4I[view] [source] 2025-09-16 08:02:47
>>godels+Uu
I think the threat model here is that a different, malicious app (compromised, installed accidentally or by the means of social engineering) might take screenshots of your screen and forward them to take advantage of you. You can file this under one's "own stupidity" as well, sure, but in the end they're not protecting you, they're protecting themselves, because banks might be liable for these kind of things, and by imposing these restrictions, they're reducing the amount of fraud and thus improve their bottom line.
◧◩◪◨⬒
5. Anthon+AY[view] [source] 2025-09-16 10:30:39
>>mr_mit+4I
> they're protecting themselves

[citation needed]

The theory here is that it provides a marginal security improvement if there is malware on the phone, but if there is malware on the phone then there are a hundred other things it can do to the same effect and you're likely screwed anyway. And by doing this, you also block the user from taking screenshots, which is bad, because screenshots are harder for computers to parse, and that's a marginal security advantage. If the user is going to send e.g. their account number to someone else (for a legitimate reason), it's better that they do it as a screenshot than that you force them to type it as text, because text is machine searchable. Which is worse when that messaging system gets compromised and then the attacker can do a text search for a pattern matching a bank routing number and be more likely to discover that message than if it was only there in a JPG.

Meanwhile the primary consequence of preventing screenshots is to inconvenience customers, which is an actual cost to the bank, because there is only a threshold amount of BS customers will put up with before switching banks and banks are constantly pushing up against that line already with all of their other BS.

But then the lower-quality banks do it anyway because there is a box they can check which sounds like it's locking something down, so they check it without thinking. Which is a great canary for customers who want to know if their bank is dumb -- if they require this then they probably do all kinds of other dumb stuff and it's a strong indication you should switch banks before you get screwed by them doing some other foolish nonsense.

◧◩◪◨⬒⬓
6. high_n+fh1[view] [source] 2025-09-16 12:53:15
>>Anthon+AY
>because screenshots are harder for computers to parse, and that's a marginal security advantage. If the user is going to send e.g. their account number to someone else (for a legitimate reason), it's better that they do it as a screenshot than that you force them to type it as text, because text is machine searchable. Which is worse when that messaging system gets compromised and then the attacker can do a text search for a pattern matching a bank routing number and be more likely to discover that message than if it was only there in a JPG.

Tbf it is 2025, not 2010, it isnt that hard

◧◩◪◨⬒⬓⬔
7. godels+qI2[view] [source] 2025-09-16 19:51:13
>>high_n+fh1
Tbf, one could make the argument that there would have been far fewer resources dedicated to computer vision had companies made the data more accessible and had we modified PDFs to make it easier to copy test.

People will go to great lengths to bypass annoyances. Excessive false alarms is even called "alarm fatigue"

[go to top]