890
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 16 Mar 2026
890 points (99.0% liked)
Open Source
45509 readers
1120 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
- !libre_culture@lemmy.ml
- !libre_software@lemmy.ml
- !libre_hardware@lemmy.ml
- !linux@lemmy.ml
- !technology@lemmy.ml
Community icon from opensource.org, but we are not affiliated with them.
founded 6 years ago
MODERATORS
#1 without #2 is unsafe.
#2 doesn't exist in android because of apps and vulnerabilities
Apple at least makes a good run at it.
Part of androids locking shit down is to try to make their own run at it.
I honestly think we're all just going about it wrong. Make a new physical sim that is unclonable, undumpable, ultimately secure. Have it key sign financial transactions require a pin and have a physical button. If you don't touch the button and have the pin, it won't process a transaction.
I often wonder why physical authentication devices can't just be a usb storage device with a physical read only switch. The user keeps it read only except when interacting to add an authetication with a provider. Of course ideal it would be in person and all services would have physical locations.
Read only doesn't cover what's needed. You need something that holds a keys that cannot be extracted. Ideally, the institution sends it a challenge, it signs the challenge and returns it. You need the keys not to be retrievable.