Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The vast majority of Android apps work on GrapheneOS. There are tap-to-pay apps including PayPal, Curve Pay and many European banking apps which work on GrapheneOS.

> that is after installing the optional play services, reducing the privacy benefits of graphene.

The only way to use Google Play services on GrapheneOS is via sandboxed Google Play. Sandboxed Google Play are regular apps with zero special access or privileges. They cannot do anything more than any other regular user installed apps. They do not have any access to user data, app data or more control over the device than other apps. They only have what other apps explicitly choose to implement through Google services, which apps can do without Google Play services too. Apps do not need Google Play to use Google services, and Google services are far from the most privacy invasive third party services used by lots of mainstream apps. Privacy from invasive apps is provided through features like our Contact Scopes, Storage Scopes, Sensors toggle, etc. Avoiding 1 particular set of services depended on by privacy invasive apps wouldn't solve that. Users need to carefully choose what to share with apps/services and take advantage of the provided privacy model improvements such as those features if they care about this but still want to use those apps.

> The solution must be social-legislative.

The solution to the anti-competitive Play Integrity API has to be regulatory/legislative but providing privacy and security almost entirely depends on technical improvements rather than laws/regulations which will be largely ignored and cannot solve an international issue without borders.

> niche enthusiast projects

GrapheneOS is a production quality OS made by a non-profit organization. It has a team of full time developers paid to work on it. It's very easy to install, can be purchased preinstalled on devices and has compatibility with the vast majority of Android apps. For most people, they don't have to make any major sacrifice to use it. Using a different app for tap-to-pay or using regular credit cards for it instead isn't really a big deal. There are only a few non-financial apps impacted. Several financial apps have recently explicitly permitted using GrapheneOS via hardware attestation and Block (Cash App, Square, etc.) is in the process of doing so.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: