I appreciate the principled stand, but on the other hand the CA law only requires users to self-identify when setting up accounts (and then the OS will expose age to apps), that seems fairly toothless (though wrongheaded) compared to TX and UT wanting to scan photo IDs[1]
I have to wonder how this will impact their partnership with Motorola. Presumably, Motorola will have more difficulty if they're found not to be complying with relevant law...
I hope GrapheneOS isn't completely banking on their partnership succeeding. If Motorola devices ever became the only devices that GrapheneOS works on, and it's being done with Motorola's blessing, then it could be more easily legislated out of existence.
I wholeheartedly support GrapheneOS but, because of that, I very much hope they don't box themselves into a corner that's then easy to 'wall off'.
Having said that, the hardware being restricted to Pixel devices was always a tenuous proposition based on Google's design choices. If Pixels remain supported whilst adding Motorola, that's only a good thing.
Of course :^) I'm close to jumping ship to GrapheneOS, but as a Swedish resident I really need our digital id services, digital mailbox, and banking apps. I have seen their page on app support, but I am slightly afraid its not up to date / will break any time. I guess the solution is to use one banking android phone and one GrapheneOS for everyday use.
I believe GrapheneOS would only be an issue if the Swedish gov decides on using the Google Play Integrity API instead of Android's hardware attestation API (and requiring their apps to whitelist GrapheneOS's keys). So their stance doesn't really change much in terms of how banking apps currently work with GrapheneOS.
He's referring mostly to BankID which is a very secure MFA solution designed for banking purposes(all banks in Sweden accept the same mfa app) the inbox app is probably kivra, which is a email inbox which uses BankID for authentication, and is used for invoices and other "official business" mails.
There's also swish, which is instant payments to both friends and businesses. Swish also uses BankID.
BankID is also used to sign documents, file taxes, etc.etc.
Swedish society is largely built around this one official MFA solution, and having a phone where you cannot run it is a real hassle
I can only speak for my bank (Nordea), but they do offer a separate 2FA device you can order if you "can't use" your smartphone for whatever reason. As a solution it sucks, but technically you're not forced to use a mobile phone to login. I'd be surprised if other banks didn't offer similar fallbacks.
It's not an issue, we're just spoiled. It's such an amazing convenience that anything else seems like a huge and unnecessary hassle.
There is actually more a second MFA provider that is accepted almost everywhere, including the tax authority. I forget it's name and I've never tried it, so I can't say too much, but presumably it provides similar functionality as BankID
so what is going to happen? Will California issue slave catcher warrants for those who violate laws? will Free Stater sheriffs dispatch citizens on long haul flights to meet their fate in the Golden State?
1: https://www.tomshardware.com/software/operating-systems/cali...
I hope GrapheneOS isn't completely banking on their partnership succeeding. If Motorola devices ever became the only devices that GrapheneOS works on, and it's being done with Motorola's blessing, then it could be more easily legislated out of existence.
Having said that, the hardware being restricted to Pixel devices was always a tenuous proposition based on Google's design choices. If Pixels remain supported whilst adding Motorola, that's only a good thing.
There's also swish, which is instant payments to both friends and businesses. Swish also uses BankID.
BankID is also used to sign documents, file taxes, etc.etc.
Swedish society is largely built around this one official MFA solution, and having a phone where you cannot run it is a real hassle
There is actually more a second MFA provider that is accepted almost everywhere, including the tax authority. I forget it's name and I've never tried it, so I can't say too much, but presumably it provides similar functionality as BankID