This is very scary from a security standpoint.
Google pays extremely high bug and security bounties. I’m sure these security concerns will dissapear in no time right? …right??
The professional thing to do here is to eliminate the risk. Instead of doing that, they’ve actually created additional risk.
A bug hunt finds the issue after the fact. In this case, it would be per app.
Google needs to mitigate the risk by closing the door on this. They need to find a better way. This method steps across a line that no company should ever do.
Think about it this way. Allowing Google to own the app signature is akin to you calling Google for support about your gmail account (assuming that one could actually call Google for support, which you can’t) and Google asked for your userID and password. That is another security taboo. Never, ever, ever, give your credentials to anyone, even the vendor of the application.
The application signature is there to prove that the code is from the developer and has not be altered. Taking that away from the developer removes the security that the code has not been altered. There is nothing good about that. It is a very bad idea.
Thanks for posting this, I hadn’t heard of it. What will that do for places like F-Droid, do you think? I only use that, but I do have a few APKs I’ve had installed, but I can live without those.
This is also why I want to know if anyone has used a PinePhone as a daily driver - it’s so close I think. I can buy one as a daily driver, I can’t buy one as a ‘toy’ though. But I am very excited about even more ditching the Google ecosystem if I can.
I’ve been experimented with the Pinephone as a daily driver on an off using several distros (Ubuntu Touch, Mobian, SXMO, ect) over the past year.
It is (in my opinion) remarkably unusable as a daily driver even for a tinkerer or someone willing to do a lot of information/bug report digging. There’s so many absolute deal breakers from random freeze ups, terrible battery life, unreliable charging, no incoming texts/calls or alarms if the screen is off for most distros, carrier problems, ect, ect, ect. It’s been war getting this thing to be a daily driver and the closest I got was SXMO which most people will struggle to use.
Until software improves considerably the Pinephone should be considered a good pocket sized Linux device with phone/data capabilities and a way to support growth of the genre.
What the developers do is the big question. I’m hoping that most will say “no way will I ever give access to my private key”. To do so would destroy any trust anyone has in the developer.
Just thinking out loud here, I’ve heard many, some of my friends in the legal side of things, that Google is ripe for a break-up by the Government. They go on to say that Google has too much control over the market and pose anti-trust issues to other companies. I think this is an interesting thought. We’ll see if it ever happens.
@Ulfnic Thanks for sharing that. I’m currently using an iPhone and I absolutely can’t wait to get out of Apples closed-source eco-system. I can’t pull myself into buying a new phone when I’m still paying for the iPhone. I love the iPhone itself, but the lack of freedom/limitations of the software…it’s got to go. I could use something Android-based but all of the Google crap would have to be removed. When my iPhone completes it’s lifecycle I will be looking at what’s available and I’ll review phone friendly Linux distro’s at that time to see where they are at. Something like SailfishOS, GrapheneOS, LIneageOS, and others. But, in the meantime, it is good to hear about others experiences.
I have a non-Google ROM and no Play Store, so I’m not Google dependent. There are a few apps I like to have, but thanks @Ulfnic for sharing that it’s not quite ready yet.
Unfortunately I still use several Google store apps, particularly my bank. Definitely not the app I want to use if I can’t trust it.
I don’t have Play, so I am really not asking this to be mean. But what does your bank app do for you that you can’t get by getting on the website from a browser? This is me being an old man of ‘get off my lawn with your apps’ knowing that I’m in the minority…I’m really not judging you!
+1 I personally can’t stand bank apps on my lawn.
The information is formatted a lot nicer for a smaller screen and the fonts are larger. I can also use my finger print to login and choose certain information to be visible in the app without logging in.
I try to use Firefox’s ability to turn any website into an app widget, such as this forum, and that keeps me off the Google store most of the time.
At least in a browser I can visibly see that the connection is encrypted. With phone-based apps, I have no idea of what security measures have been taken.
Hmm, I want to get an Android app in the Play Store, but it seems that I have be quick if I want it be somewhat provable that it can be trusted to be from me
I would never do banking on my phone anyway.
I guess I mean to say…why are you checking your bank on the go? I can see the app being better than the browser on the mobile.
Various reasons. I buy and sell used items locally and I use my phone to verify payments wherever I happen to be meeting a person. Or I have to split hotel costs with a co-worker for a work trip or something. Little things usually.
IMHO the only function that banking apps serve is mobile deposit, but I can do that on my phone, at home, over WiFi on my own network. Not 100% secure, but that eliminates a lot of other threat vectors.
What would be helpful would be for the banks allow us to have a read-only account that could be used to check things on the go. That makes too much sense, so it’ll probably never happen.