this post was submitted on 29 Sep 2025
1055 points (99.6% liked)

Technology

75625 readers
1824 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
1055
Google's shocking developer decree struggles to justify the urgent threat to F-Droid (www.neowin.net)
submitted 1 day ago by ardi60@reddthat.com to c/technology@lemmy.world
185 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] pycorax@sh.itjust.works 8 points 20 hours ago* (last edited 20 hours ago) (3 children)

I'm not sure how it works the way where you live but where I live, the way the banking apps are implemented completely violate MFA. They rely on SMS verification which is absurd since if you're phone is already compromised, no doubt your SMSes are too. There's no true multi-device authentication in place and this has led to a huge number of victims being scammed after their devices get compromised by a phishing attack.

The desktop and phone are both insecure, proper security should not have all your eggs in one basket.

[–] DreamlandLividity@lemmy.world 3 points 15 hours ago* (last edited 15 hours ago) (1 children)

Well, yes. But then again, I would trust my GrapheneOS phone not getting compromised over 3 linux devices. MFA is not some ultimate solutions and it is a pain to use.

[–] pycorax@sh.itjust.works 1 points 6 hours ago (1 children)

I mean sure, but that's not the case for the majority of the user base of these banking apps. Is it the most secure? No but it's way better than it is right now.

[–] DreamlandLividity@lemmy.world 1 points 6 hours ago* (last edited 6 hours ago)

So what is the case for most users? Are normal android phones getting compromised (in a way true 2FA would help) often enough it is an issue? I honestly haven't seen any statistic regarding this and anecdotally I don't know anyone whose internet banking was compromised. Whether on phone or desktop.

[–] Regrettable_incident@lemmy.world 2 points 17 hours ago

Yeah, SIM swaps are a concern too.

[–] Auli@lemmy.ca 1 points 19 hours ago

The phone is not insecure because of all eggs on basket.