I created a google takeout and in that zip file I found some files containing a ton of data about me. It has logged every single page I visited while using the google search engine and chrome browser. It even logged every single time I opened an app on my old android phone. It even has VOICE RECORDINGS of me and a log of every time I used google assistant. This is just some of the data and I’m very sure there is even more data they have.
Why would you want to use a banking app on something as insecure as a phone??!?
When your bank tells you that the code booklet will be phased out and mobile app will be the only way in the future.
As long as you don’t use some shady, unofficial ROM on a phone, most phones are actually vastly more secure than your typical Linux/Windows OS.
How long is your passphrase on your phone compared to your Linux/windows OS?
A phone is designed for quick usability, which is the enemy of security.
Sure, if you have a 20 char password on your phone and never install any sketchy apps, then it might be ok. But the whole phone ecosystem is just less secure because its designed for convince, not security.
A phone is more secure than most desktop computers. https://youtu.be/Wd4Pa03LvLk
GrapheneOS even significantly improves Android’s already pretty good security model.
Here is an alternative Piped link(s):
https://piped.video/Wd4Pa03LvLk
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
Riiight, someone’s phone with a 4 digit pin that they tap out 100x per day in public in plain view of others (that I can easily pick out of your pocket) is more secure than a laptop with a 20 character passphrase that never leaves my house.
Do you even think about what you’re saying?
I’m talking about the security model of the platform, not the way you use your devices. If you do your online banking in a browser on your computer and your system gets infected with malware, that malware can access all the files on your computer. Including application data of your browser. It can access your cookies, which your bank’s website uses to store your login information. Such an attack is impossible on a mobile device, since apps can only access their own data, and inter-process communication is heavily restricted. Additionally, mobile operating systems like Android have complex permission systems, as well as kernel-based mandatory access control like SELinux/SE for Android. Your typical desktop OS has none of that. Android also has a strong implementation of Verified Boot, which makes sure that malware can’t persist on your system partition, even after your device gets infected. I recommend this video if you want to learn more about mobile device security: https://youtu.be/yTeAFoQnQPo
