1
0
mirror of https://github.com/PrivSec-dev/privsec.dev synced 2024-11-18 20:41:33 -05:00

Move banking app list to PrivSec

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2022-09-28 13:55:37 -04:00
parent 50aca5722a
commit 421e3df20d
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2
3 changed files with 4 additions and 9 deletions

View File

@ -7,7 +7,7 @@ A practical approach to Privacy and Security
The website content (under `/content`) is under the [Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/) license. The website content (under `/content`) is under the [Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/) license.
The articles originally posted on [wonderfall.dev](https://wonderfall.dev), [seirdy.one](https://seirdy.one), and [akc3n.org](https://akc3n.org) are under the same license. Articles originally posted on [wanderingcomputerer.gitlab.io](https://WanderingComputerer.gitlab.io) are under the [Attribution 4.0 International](https://creativecommons.org/licenses/by/4.0/) license. The articles originally posted on [wonderfall.dev](https://wonderfall.dev) and [seirdy.one](https://seirdy.one) are under the same license. Articles originally posted on [wanderingcomputerer.gitlab.io](https://WanderingComputerer.gitlab.io) are under the [Attribution 4.0 International](https://creativecommons.org/licenses/by/4.0/) license.
The Hugo Framework used to create this website is under the [Apache License](https://github.com/gohugoio/hugo/blob/master/LICENSE). The Hugo Framework used to create this website is under the [Apache License](https://github.com/gohugoio/hugo/blob/master/LICENSE).

View File

@ -3,13 +3,11 @@ title: "Banking Applications Compatibility with GrapheneOS"
date: "2022-01-26" date: "2022-01-26"
tags: ['Applications', 'Android'] tags: ['Applications', 'Android']
author: akc3n author: akc3n
canonicalURL: https://akc3n.org/projects/banking/
ShowCanonicalLink: true
--- ---
This is a on-going *Work In Progress* project to collect crowd sourced usage information on banking apps and present it in a manner that is easily accessible for users to figure out if a banking app works on [GrapheneOS](https://grapheneos.org/). This is a list of banking applications known to work with [GrapheneOS](https://grapheneos.org).
Banking apps are a very problematic app for security and privacy focused OSes, or even alternative OSes, due to the app being incompatible with majority of hardening, having a hard dependency on Google Play services, or require passing SafetyNet `ctsProfileMatch` and `basicIntegrity`. Banking apps are a very problematic app for security and privacy focused operating systems, or even alternative OSes, due to the app being incompatible with majority of hardening, having a hard dependency on Google Play services, or require passing SafetyNet `ctsProfileMatch` and `basicIntegrity`.
GrapheneOS passes SafetyNet `basicIntegrity`, but it is not certified by Google so it does not pass `ctsProfileMatch`.[^1] GrapheneOS passes SafetyNet `basicIntegrity`, but it is not certified by Google so it does not pass `ctsProfileMatch`.[^1]
@ -265,7 +263,7 @@ My [Contact](https://akc3n.org/about/#contact) info for alternative method of su
## Notes ## Notes
If you have any issues with what is listed on this site or about this project page, you may open an issue on this websites [issue-tracker](https://github.com/akc3n/akc3ndotorg/issues) or [contact](https://akc3n.org/about/#contact) me directly. If you have any issues with what is listed on this site or about this project page, you may open an issue on this [issue-tracker](https://github.com/PrivSec-dev/banking-apps-compat-report/issues) or [contact](https://akc3n.org/about/#contact) me directly.
- GrapheneOS has a [detailed guide](https://grapheneos.org/articles/attestation-compatibility-guide) for app developers on how to support GrapheneOS with the hardware attestation API. Direct use of the hardware attestation API provides much higher assurance than using SafetyNet so these apps have nothing to lose by using a more meaningful API and supporting a more secure OS. - GrapheneOS has a [detailed guide](https://grapheneos.org/articles/attestation-compatibility-guide) for app developers on how to support GrapheneOS with the hardware attestation API. Direct use of the hardware attestation API provides much higher assurance than using SafetyNet so these apps have nothing to lose by using a more meaningful API and supporting a more secure OS.

View File

@ -37,8 +37,5 @@ sed -i '/^tags:.*/a author: Wonderfall' './content/os/Securing OpenSSH with FIDO
# Blogs by Rohan Kumar (a.k.a Seirdy) currently need to be manually ported, as he uses a lot of HTML inside of the source instead of just markdown. # Blogs by Rohan Kumar (a.k.a Seirdy) currently need to be manually ported, as he uses a lot of HTML inside of the source instead of just markdown.
# His GitHub repo: https://github.com/Seirdy/seirdy.one # His GitHub repo: https://github.com/Seirdy/seirdy.one
# Blogs by akc3n currently needs to be manually ported, though a script for it can be written later. He is planning to change his website soon, so it is better to wait till then.
# His GitHub repo: https://github.com/akc3n/akc3ndotorg
# Blogs by WfKe9vLwSvv7rN currently need to be manually ported, as he uses a lot of HTML inside of the source instead of just markdown. # Blogs by WfKe9vLwSvv7rN currently need to be manually ported, as he uses a lot of HTML inside of the source instead of just markdown.
# His GitLab repo: https://gitlab.com/WanderingComputerer/WanderingComputerer.gitlab.io/ # His GitLab repo: https://gitlab.com/WanderingComputerer/WanderingComputerer.gitlab.io/