I’ve written this blog post about moving from rooted Samsung to a Pixel running GrapheneOS. It’s a list of every root tool that I used, with a note on whether I’ll miss it. I wrote it as a checklist for myself initially, and decided to add links and more comments and publish it. Turns out I don’t really need root, which truly surprised me.
Do you have any apps or tools that hold you back from leaving root?
In my local bank you can choose between 2 ways of 2fa: in their app or sms. Sms is less secure and slower, as you have to wait a bit for the sms to arrive. And you have to use 2fa for each online purchase, and login to the website. But my bank’s app works perfectly fine on rooted phones.
However Revolut stopped working, and I gave up reading about workarounds. I have an old unrooted broken phone always at home, I use it for that only. Revolut’s website is limited, you can only see your balance and disable your cards if they were stolen, nothing else, you have to use the app for everything.
Wow, that’s an interesting one, thanks for that. That would be quite annoying to deal with.
In that case, since the 2FA is coming from the carrier, if you can disable 2G and 3G on your handset, the air link on LTE and above is AES-based encrypted at least, if the carrier configures it correctly, even though the channel itself often isn’t. Or if very paranoid you can use WiFi calling in airplane mode on a burner so the carrier sends the message over the wifi calling IMS-encapsulated-in-VPN-connection over the Internet.
The chance of someone being able to intercept that 2FA code in a way that could get into your bank account is pretty much absolutely scant.
Not trying to change how you do things either, though. Just knowing how terrible some banks can be at writing software, I’d be more apt to trust “weaker” methods versus apps. The future is quite exhausting.
With SS7 they can spoof your number, and the attacker gets the sms instead of you, it doesn’t matter how it’s encrypted.