PinePhone Pro [GNU/Linux smartphone] has been discontinued

(social.treehouse.systems)

172 points fsflover | 2 comments | 28 Aug 25 16:05 UTC | HN request time: 0.404s | source

Show context

ethagnawl ◴[28 Aug 25 16:25 UTC] No.45054074[source]▶

This is a bummer. If there was ever a time this sort of device was needed, it's now / in the near future when Google (probably) starts requiring all Android apps to be signed by approved developers and further locks down the Android platform.

I kind of regret not buying one of these instead of a Pixel 7 but, unfortunately, I'm pretty tethered to the Android ecosystem at the moment.

replies(3): >>45055173 #>>45055533 #>>45055813 #

nrdgrrrl ◴[28 Aug 25 19:07 UTC] No.45055813[source]▶

>>45054074 #

You say that, but they're discontinuing it because they didn't sell enough of them. It may be the device we need, but it's not the device we're buying.

replies(4): >>45055922 #>>45055985 #>>45056123 #>>45056187 #

reorder9695 ◴[28 Aug 25 19:22 UTC] No.45055985[source]▶

>>45055813 #

I'll buy them once I can access all of my banks on it, that is literally the only thing holding me to IOS or Anroid at the minute

replies(2): >>45056683 #>>45056686 #

AnthonyMouse ◴[28 Aug 25 20:28 UTC] No.45056686[source]▶

>>45055985 #

NB: Attestation has no security value here because if the phone isn't compromised then the owner having root isn't a security problem and if the phone is compromised then the user is entering their bank login into a fake scam app that doesn't require attestation regardless of what the real one does.

But because the banks that require this are cargo culting some nonsense, they require iOS or Google Android but don't really care how old the phone is. Which means you can transfer your cellular plan to the phone you actually want to use and then just keep your existing phone indefinitely to run the bank app over WiFi or tethering.

replies(1): >>45056738 #

charcircuit ◴[28 Aug 25 20:34 UTC] No.45056738[source]▶

>>45056686 #

What is protecting against another app on a PinePhone from stealing your bank's authentication token?

replies(2): >>45056866 #>>45057030 #

AnthonyMouse ◴[28 Aug 25 20:48 UTC] No.45056866[source]▶

>>45056738 #

There are two possible scenarios here.

The first is that your phone is not compromised. In this case there is no other app trying to steal your bank's authentication token. This is true regardless of which OS you use or whether you have magisk installed or what other code you put on your phone that isn't trying to steal your bank's authentication token.

The second is that your phone is compromised. Then what prevents the device from capturing your bank credentials is the same as if you use a compromised phone running Google Android: Nothing. If you enter your bank credentials into a compromised phone, the attacker gets them. Attestation can't prevent this because the phone is compromised, so the login screen isn't from a bank app that requires attestation, it's from a scam app which is exfiltrating your credentials.

replies(1): >>45057018 #

charcircuit ◴[28 Aug 25 21:04 UTC] No.45057018[source]▶

>>45056866 #

>Nothing

This is far from the truth assuming by compromised you mean that the user has installed a malicous app. Android has proper sandboxing which means that other apps can't read the token owned by the bank app. This is part of the Android security model and attestation is evidence that the Android security model is being enforced. Phishing apps are different from an app that steals existing authentication tokens on the device.

replies(2): >>45057071 #>>45057259 #

AnthonyMouse ◴[28 Aug 25 21:29 UTC] No.45057259[source]▶

>>45057018 #

> Android has proper sandboxing which means that other apps can't read the token owned by the bank app.

Let's consider this alternative as well:

Scenario 1: Device has no malicious code at all; same as scenario 1 before.

Scenario 2: Device has a malicious app but the malicious app doesn't have root and the OS (regardless of whether it's Android or something else) enforces proper sandboxing. The malicious app can't extract the bank authentication token regardless of attestation.

Scenario 3: Device is fully compromised; malicious code has root. Same as before, if you enter your credentials into this device the attacker gets them.

The problem is that the only useful thing for attestation to do is to distinguish between 1 or 2 vs. 3, but that's the thing it can't do because if the malicious code is privileged it can replace the bank app with one that exfiltrates the credentials without requiring attestation, so the only cases where attestation is happening are the ones where it isn't needed.

replies(1): >>45058836 #

1. charcircuit ◴[29 Aug 25 01:05 UTC] No.45058836[source]▶

>>45057259 #

If the device is fully compromised then it can just take the authentication token. It's already game over.

replies(1): >>45060440 #

2. AnthonyMouse ◴[29 Aug 25 05:10 UTC] No.45060440[source]▶

>>45058836 (TP) #

That's the point. The device being compromised to the point that malicious code is actually meddling with the bank app is the only time that having it fail attestation would be useful. The other cases are useless/vexing false positives. But attestation doesn't happen in the one case it would be useful because then the attacker-controlled code won't even attempt to do it, it will just exfiltrate the user's credentials to the attacker.

↑