Hacker News new | past | comments | ask | show | jobs | submit login

Banking apps et al have decided that without remote attestation, they do not want to expose the functionality their customers expect from them. Mostly because of confused threat models, and banks being banks are often erring on the side of safety. And chat/socials just want to evade the bots. An open source platform would have to provide similar attestation capabilities, as stupid as they are, people in suits will manage risks.



Not just attestation, also location services are usually via play services and also notifications (because noone wants to implement their own). I agree about the banks... if you root the phone after the banking app works, you can still extract all the keys, and usually with a magisk plugin or two, you can use the app too on a rooted phone... but not without google play services.

Maybe we need some more economic conflicts, for huawei and xiaomi to switch to their own "play services", and the developers will have to code apps that work on all android variants, not just google-based ones.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: