zlacker

Proudly reading this on a Google Pixel 8 with GrapheneOS

>>mrblue+(OP)
Does Google Pay work? Paying with my phone is just too convenient.

>>stavro+25
No, but curve pay or paypal pay work (or any other app not relying on google pay)

>>stavro+25
No. It's the only feature that will never work sadly. But everything else is OK.

>>stavro+25
It looks like it doesn't. You might find alternative solutions like this user here*, but there is no guarantee any of it to work indefinitely on GrapheneOS. It's essentially a modified aftermarket firmware, and so, many security related features don't work out of the box, for example, the SafetyNet that many banking apps need.

*: https://www.reddit.com/r/GrapheneOS/comments/1jujvee/finally...

>>stavro+25
I'm unsure how paying with your phone is any more convenient. Sure the wallet requires you to open your wallet, but is that too much effort? I'd rather just pay in cash.

Pocket > Phone > Double Tap pay button -> Tap

Pocket > Open Wallet > Take card out -> Tap

I suppose it's may be more convenient carrying just your phone and not your wallet but I prefer both. Or does America not have tappable Chip&Pin yet?

>>double+w8
I don't carry a wallet and I'm not in the US, and I use NFC whenever I do carry a card.

>>double+w8
Cash = change/smaller denomination issues

>>stavro+Z8
Apologizes for the assumption. I have yet to find anywhere here in Scotland that uses NFC practically other than billboards.

>>double+ma
Really? Even in England everything is just tap. I have an Android phone, so my flow is "take phone out of pocket -> tap" (because it's already unlocked by fingerprint by the time it comes out). That's basically the same as with the wallet, I just don't carry the wallet.

>>sksrbW+x7
That and satellite communication.

>>nptelj+V7
"Many" safety features don't work? My understanding is that Google unsafetynet is the *only* thing that doesn't work because it's by-design trying to detect if the OS has been modified (or completely reinstalled in this case) by the user. It's like you would install a fresh Windows and now it says your device is no longer secure because you used your access to install something at the OS level and the warranty seal is broken. It's obviously bullshit but the impact on app support is how they keep the majority of people afraid of doing this. Any developer that adds "Google Safetynet" is imo complicit in this

Conversely, there are many safety features in GrapheneOS that don't exist on stock, and they're not the security-through-obscurity type that safetynet employs. As noted in the docs, they often find security issues just by people trying to use an app with these default-enabled extra checks: https://grapheneos.org/usage#bugs-uncovered-by-security-feat...

>>Aachen+Wf
From the user's perspective though, however safe is GrapheneOS, the banking app won't work, Google Pay won't work, Google Play asks a good bunch of questions and might work only some of the time, and the bootloader cannot verify the OS, it will say that there is something unknown on the device, on every restart and powerup.

I know what I'm doing so I don't mind these at all, but they need to be considered when planning with GrapheneOS.

>>double+ma
I can't think of a single retailer in the UK that takes card payments, but doesn't support contactless (including Google Pay and Apple Pay).

Ignoring very small shops that don't take cards at all.

>>daveoc+eH
Are the tap&pay NFC? -- I thought it was different tech under the hood.

What I meant is that I've not seen any other use for NFC apart from bus station adverts?

>>double+v61
>Are the tap&pay NFC? -- I thought it was different tech under the hood.

Yes, it's a form of NFC!

>>stavro+25
no, nfc payments don’t work on grapheneos. but honestly, the more interesting question is why you'd even want that.

there’s something deeply ironic about trying to claw back privacy while using hardware from the single most invasive company on the planet. yeah, graphene does a solid job locking down user space, but that’s just the stuff you’re allowed to see. underneath? you’ve got a modem running its own proprietary os, full access to memory, fully closed, fully unauditable, even by the graphene devs. no one outside google has eyes on it. not really.

and you gotta ask, why is that? why’s it closed when we all agree open source is the safest model? "security through obscurity" is bullshit, so what’s being hidden? the only answer that makes any sense is that it’s doing things that aren’t meant to be known.

so yeah, you can harden your userland all day long, strip out google play, sandbox everything to hell, but if the lower layers are compromised, it doesn’t mean much. if “they” want in, they’re in. the whole stack is built to serve someone else. and it probably isn’t you.

i know it sounds paranoid, borderline delusional, but the more you think about it, the more it starts looking like a honeypot. a beautiful little funnel. same phones, same os, same dev pipeline, easily watchlisted. a SIGINT wet dream dressed up as freedom.

truth is, privacy is dead. the smart move now might not be to keep chasing it, but to deal with the loss. process it. figure out how to live in a world where you're visible by default. pretending there's still a way to fully hide just keeps you trapped in a false sense of control

I know i sound defeatist here, i am not saying give up, i am saying pick your battles. Your phone is not your friend and nothing you do will change that.