Recent searches
Search options
Revolut is specifically banning GrapheneOS by checking for the build machine hostname and username being set to grapheneos. We've changed these to build-host and build-user. Combined with another change, this allow our users to log in to it again until they roll out Play Integrity API enforcement.
There's no legitimate excuse for banning using a much more private and secure operating system while permitting devices with no security patches for a decade. Meanwhile, Revolut's shoddily made app tells users they're banning GrapheneOS because they're "serious about keeping your data secure".
Revolut's app will stop working against once they start enforcing having a Play Integrity API result showing it's a Google certified device. This is not a security feature but rather anti-competitive behavior from Google deployed by apps like Revolut wanting to pretend they care about security.
Revolut uses a bunch of shady closed source third party libraries in their app and it's one of these libraries banning GrapheneOS. These libraries are a major security risk and put user data at risk of being compromised. Revolut is not taking user security seriously at all and is cutting corners.
There's no legitimate reason for any app to ban GrapheneOS users. It has the full standard security model and massive security improvements. There's no logic in banning GrapheneOS. It makes no sense for them to ban anything when they permit a device with no patches for 10 years. It's performative.
GrapheneOS fully supports standard Android hardware attestation for verifying the hardware, firmware and operating system along with the app that's using it. See https://grapheneos.org/articles/attestation-compatibility-guide. If apps insist on checking device integrity, that's the only way they should do it.
Play Integrity API checks that Google's monopolies are supported through devices licensing Google Mobile Services and integrating their browser, search engine, advertising, etc. It's anti-competitive and clearly illegal. Multiple governments are taking regulatory action and are in contact with us.
Revolut insecurely checks the ro.boot.verifiedbootstate property and forbids it being yellow, which means a locked device with an aftermarket OS that's being cryptographically verified by the firmware. They permit it being orange, which means an unlocked device with any OS.
They're specifically banning having a device that's locked with an aftermarket OS rather than banning having an unlocked device or an aftermarket OS in general. Similarly, they're specifically banning the value `grapheneos` for http://ro.build/.user/ro.build.host.
Both of these things and other similar insecure, useless checks are being done by several different SDKs. Revolut's app is full of sketchy, insecure third party libraries. They certainly don't take security seriously as they claim in their message about banning GrapheneOS.
We've fixed both of the ways they're banning GrapheneOS for our next release. Since third party SDKs are what's being used to do it, our hope is that this fixes a few other poorly written banking/financial apps doing similar stuff to ban aftermarket operating systems.
@GrapheneOS Honestly, I'm not sure applying those "fixes" is a net-win. Short term it'll unblock those apps, and *maybe* the Play Integrity API will be regulated away in a timely manner, but they'll just switch to something else, e.g. like the GameBoy did: Check for the presence of a trademarked logo, string, or proprietary app being present that you are not allowed to distribute... Long term, the only winning move is not to play. Let those apps *not* work, if they so desire.
@lpwaterhouse We can document all their actions against us and take legal action against them. The clearer they make it that they're going out of the way to ban GrapheneOS, the easier it is to win a lawsuit. How would they justify the ban? It's a far more secure OS and they permit an OS with no security patches for 10 years. Europe has market competition laws they're violating. Apps doing it for Google with their Play Integrity API instead of Google doing it themselves doesn't make it legal.
@GrapheneOS You have *way* more trust in the legal systems of the world than I do. But it's your nerves and energy; Just make sure to keep in mind that those and future "fixes" MUST not negatively affect security, too many projects make unwelcome trade-offs for nebulous reasons like UX or interoperability with proprietary shit, ok? ;-)