We really need to move away from the idea that a user having control over his/her device is insecure.
I can use online banking and paypal with windows logged in as administrator or GNU/Linux logged in as root[0], why shouldn’t I be able to use google walletpay wallet with root?
[0] yes I know you shouldn’t log in as root, but that doesn’t change that you can do it.
“why shouldn’t I be able to use google wallet pay wallet with root?” Because little innocent Google won’t be able to build their advertising profile of you. Can’t have that!
I must be missing something. How would Google be at all liable for restoring funds stolen by software that they themselves didn’t furnish, on a device that’s out of their control?
A judge may not see it that way. They may perceive it as Google failing to provide adequate protections to their users.
If user installed the app created by Google and did not share any login credentials. It’s easy to claim Google is liable.
The equivalent would be a bank leaving the back door to their vault open. An intruder going in and removing your funds. Despite following all the banks instructions, the bank has not replaced the funds.
The banks is responsible for people gaining unauthorised access to your account. Especially when you don’t share your login credentials with anyone (even unknowingly). If they can’t protect against root access attacks then, they shouldn’t permit use of their app on those devices.
Apps have convenience features, especially related to easy sign in. Their website logins don’t have these features. They require the user to enter passwords, challenge codes, card reader etc. If someone gets access to a password manager, the user is at fault. The bank likely stated you shouldn’t write down or record your password.
I’m not even rooted and gpay keeps breaking on crdroid for me, despite passing safetynet. I’ve given up and just got another credit card that I can use with my garmin watch that works every time without the hassle.
Yeah, I’m going to get downvoted into oblivion for this…
I’m sick and tired of reading this same uneducated argument. Your desktop browser and an app on your phone are entirely different paradigms security/development wise.
Your desktop browser is expected to be insecure. Nobody stores data there besides cookies. Most processing happens somewhere else on a server.
Apple and Google have changed this stance entirely because they knew apps could be a lot more powerful if they did. The API’s that exist to build apps on your phone are designed around the concept of having a secure, sandboxed environment per app. Apps can run offline and manipulate data quickly because data can be synced down and stored locally. I know it sucks for rooted users, but I don’t blame developers for refusing to support those devices one bit.
We really need to move away from the idea that a user having control over his/her device is insecure.
I can use online banking and paypal with windows logged in as administrator or GNU/Linux logged in as root[0], why shouldn’t I be able to use google
walletpaywallet with root?[0] yes I know you shouldn’t log in as root, but that doesn’t change that you can do it.
“why shouldn’t I be able to use google wallet pay wallet with root?” Because little innocent Google won’t be able to build their advertising profile of you. Can’t have that!
No my friend, our overloads have decided that you shouldn’t have control over your desktop either.
deleted by creator
Tried installing the most recent WhatsApp update but it’s failing. I think a virus is blocking the update, better try again with secure browsing off…
I must be missing something. How would Google be at all liable for restoring funds stolen by software that they themselves didn’t furnish, on a device that’s out of their control?
A judge may not see it that way. They may perceive it as Google failing to provide adequate protections to their users.
If user installed the app created by Google and did not share any login credentials. It’s easy to claim Google is liable.
The equivalent would be a bank leaving the back door to their vault open. An intruder going in and removing your funds. Despite following all the banks instructions, the bank has not replaced the funds.
The banks is responsible for people gaining unauthorised access to your account. Especially when you don’t share your login credentials with anyone (even unknowingly). If they can’t protect against root access attacks then, they shouldn’t permit use of their app on those devices.
Apps have convenience features, especially related to easy sign in. Their website logins don’t have these features. They require the user to enter passwords, challenge codes, card reader etc. If someone gets access to a password manager, the user is at fault. The bank likely stated you shouldn’t write down or record your password.
deleted by creator
As if that’s not already the case
I’m not even rooted and gpay keeps breaking on crdroid for me, despite passing safetynet. I’ve given up and just got another credit card that I can use with my garmin watch that works every time without the hassle.
how would an unrooted but old, deprecated version of android be any better than an updated custom rom?
those things baffle me, they just want to take away control dont they?
Yeah, I’m going to get downvoted into oblivion for this…
I’m sick and tired of reading this same uneducated argument. Your desktop browser and an app on your phone are entirely different paradigms security/development wise.
Your desktop browser is expected to be insecure. Nobody stores data there besides cookies. Most processing happens somewhere else on a server.
Apple and Google have changed this stance entirely because they knew apps could be a lot more powerful if they did. The API’s that exist to build apps on your phone are designed around the concept of having a secure, sandboxed environment per app. Apps can run offline and manipulate data quickly because data can be synced down and stored locally. I know it sucks for rooted users, but I don’t blame developers for refusing to support those devices one bit.
We all get that the design paradigm is “a secure, sandboxed environment per app”. We just know its a retarded design.