logoalt Hacker News

monksytoday at 5:42 AM3 repliesview on HN

We're running into situations where the usage of smart phones and apps are becoming mandatory for using services.

For example: The UK has a digital ID requirement which is required for you to be employed in the UK. Additionally the EU digital identity services have a hardware/software attestitation that is required to run their apps. (Many of those which 3rd party software can't run).

Another example of this is the Australian eTA - (Everyone has to have a visa to visit Australia.. but the real only way to get a visa* is you have to get an electronic travel authorization which only works via an App)

https://grapheneos.org/articles/attestation-compatibility-gu...

Apps that ban graphene-os being used:

    myGov (Australian government app)
    gov.br (Brazilian government app)
    Ticketcorner
    Authy
    Chyrpe Dating
    TextNow
    mada Pay (Saudi NFC payment app)
    McDonald's (International app used for many but not all countries not including the US)
    Dott
    My SEAT (Connectivity for SEAT cars)
    SwissID
    Volkswagen
    BKK Faber-Castell & Partner
    TK-Doc
    TK-Ident
    TK-App (Blocks access to TK-Safe, TK-GesundheitsMessenger, fingerprint login)
    IO (Italian government app which uses it to gate access to the digital wallet feature)
    PosteID (Italian postal service’s app used to access the national digital identity system "SPID")
    Singpass

Replies

subscribedtoday at 7:01 AM

> The UK has a digital ID requirement which is required for you to be employed in the UK.

That's untrue.

There was a strong push towards the digital ID from the current administration, but it was abandoned 6 months ago.

What you likely mixed up with digital ID is the old digital visa scheme, mandatory for all non-UK citizens to prove right to work.

Re: your app list: looks a little bit eclectic, so it's worth mentioning most of the apps don't ban GoS specifically, but enforce Google play strong or device integrity pass, which GoS doesn't pass.

Some trip on some exploit protections, like secure app spawning, but these can be turned off per app in the latest releases based on Android 17.

anonzzziestoday at 6:00 AM

GrapheneOS and others should have lobbyists or rather lawyers and lawmakers to fight for using secure systems to mandatory be allowed for these. Sure, there must be some type of OS guarantee, but that should not be exclusive to Google and Apple. And indeed browsers with otp/authn devices (not one per service but yubi/thetis type of thing as those can be made sovereign for a large part); when an OS is not allowed, the browser and app should be mandatory allowed with such a device as that is, actually, more secure than the original device as it is an external encryption and encryption key source the hacker cannot reach.

show 1 reply
z3t4today at 8:00 AM

This sucks. The solution is to buy the cheepest iPhone and use it just for the goverment services.

show 1 reply