Yup. I gave up on trying to get Google wallet / Android pay to work on my lineage device. I got it working sometimes but it broke after update and just wasn't reliable enough to keep trying when paying for stuff. I'm not really sure whom they're protecting with this stuff -- the credit card processing companies, maybe?
I have found Play Integrity Fix [1] with playcurl [2] is reliable enough for passing Play Integrity in Wallet and other apps. My current issue is that Google Messages has its own integrity checks that are stricter than Play Integrity, and will silently stop handling RCS messages if it fails those checks. I currently have RCS disabled because it is too unreliable.
I also have OP7Pro (what an amazing phone btw), and yes, we're pretty much sufficiently out of date that they still work - a wild but true reality we find ourselves in.
I mean my Messages app. I installed it years ago and never updated, because why would I ever updated an SMS app, the only thing that can ever happen is for things to break that used to be working, lol. I don't even know if I run A12.
I do know, though, that the OP7Pro is one of the last Android devices that are whitelisted by Google to pass SafetyNet without hardware-backed attestation. Shame that TWRP wiped my working setup. I've been trying to get them to add any basic protection against that for over three years: https://github.com/TeamWin/Team-Win-Recovery-Project/issues/...
It is an amazing phone. Notchless, relockable bootloader (not just unlockable, but custom AVB key support!!), in-screen fingerprint sensor, 90Hz AMOLED, and great build quality.
> because why would I ever updated an SMS app, the only thing that can ever happen is for things to break that used to be working, lol.
Text parsing/rendering is a security Achilles' heel, and SMS app vulnerabilities are commonly exploited entry points for persistent malware from the likes of NSO. All things being equal, should update SMS apps for the security updates.
Text parsing and rendering is supposed to be done by the OS. And if there's an OS-level vulnerability like that, then the OS is what you update, not necessarily just the app.
How do you know it's carrier RCS? To the best of my knowledge they are only gatekeeping access to Google Messages private network, not carrier RCS? (Considering the very little number of carrier RCS that's not very relevant though)
> I'm not really sure whom they're protecting with this stuff -- the credit card processing companies, maybe?
(small nit: does "whom" even go there?)
They're protecting the TEE because they do not want third parties to be able to automate Google Pay through modified software. This isn't necessarily just about normal end users but more like smartphone farms.
[1] Moral: Don't assume everyone knows what a particular acronym means. Just because it's in your head doesn't mean everyone else knows what you mean.[2] E.g., if I say 'JRE' I mean 'Java Runtime Environment' and not 'Joe Rogan Experience'.
[2] According to Piaget[3], people are able to identify that others don't know what's in their heads sometime between ages two and seven.
>is a little far to be a simple misjudged tone, even if it was intended as a joke. I did find it a bit funny but it still felt a bit insulting too.
No. Not a joke. Just pointing out something you already knew: That I (or anyone else) don't know what's going on inside your mind unless you tell me.
That you ignored such a simple truth and didn't think to define your terms was a waste of my time. As such, I felt insulted at your (apparent) complete lack of respect for the time and attention of others.
Take that as insulting if you wish, and if you find it insulting enough, please ignore me completely going forward. I promise you I won't mind.
> That you ignored such a simple truth and didn't think to define your terms was a waste of my time. As such, I felt insulted at your (apparent) complete lack of respect for the time and attention of others.
My neglecting to define it was not because I was ignoring that not everyone knows everything I do.
There are quite a few acronyms that are widespread enough on HN (or in programming in general) to be used without defining them anew every single time (such as, say, "API"). I hadn't considered that of those, "TEE" is not one. That doesn't mean I don't understand the concept of individual knowledge, only that I don't always put a complete effort into my drive-by comments, and evidently had not into that one.
Even at that point, it would have taken less time for you to ask for a definition without additional remarks that imply I should have known better. Who are you to imply I didn't know better? I'd say that was the real waste of your time, considering it makes up over 50% of the comment.
Additionally, I don't have a "complete lack of respect" for others' time and attention. I would've edited the comment to fix it if it had still been within the edit window. I apologized for having left the definition out because that was an honest mistake, and it was never meant to waste anyone's time or attention. Even before the apology, I don't think it was very reasonable for you to have assumed that the waste of time was intentional, and replied in the way you did.
> Take that as insulting if you wish, and if you find it insulting enough, please ignore me completely going forward. I promise you I won't mind.
I generally don't ignore people until I have nothing left to say to them. But yes, people (myself included) typically find it insulting when you assume bad faith of them. If this was truly your intention, then it is not just my fault for "wishing" to take it as insulting. Your tone has an impact on how others perceive you.
To be blunt, if you are rude on purpose and proceed not to care about how it makes others feel, that behavior isn't welcome here. I can understand if you felt frustrated that I didn't define my acronyms, but that's no reason to lash out about it, even when it's in the form of mere patronizing remarks.
Yeah, I'm sorry that they spoke to you like that. It was unwarranted, as was the subsequent benefit of the doubt I gave them. It's apparently just the attitude they communicate with others with. Unfortunate.
That said, thank you for your thoughts on this. I'm glad you shared them. Good on you.
That said, I don't need you (or anyone else, for that matter) to tell me how I should or shouldn't interact with others -- as that's incredibly condescending (and incredibly rude as well) and makes a number of unwarranted (as I mentioned) assumptions.
Again, thanks for your thoughts. I'll give them the attention they deserve.
I'm pretty sure you told the GP how they should or should not interact with others by telling them not to use acronyms. I'm don't understand how that's any different.
>'m pretty sure you told the GP how they should or should not interact with others by telling them not to use acronyms. I'm don't understand how that's any different.
Except I did nothing of the sort. I took the information given and attempted to interpolate (unsuccessfully, I might add) what OP was talking about.
While I did make the point that OP should have realized that others don't know what they're talking about if they don't tell us, I most certainly didn't say they shouldn't use acronyms.
Rather, I chastised them for not defining ambiguous terms, which wasted my time and energy trying to figure out what they were going on about.
>I took the information given and attempted to interpolate (unsuccessfully, I might add) what OP was talking about.
You could have used your brain and just Googled "TEE Android". But by all means, despite not having either the domain-specific knowledge nor the common sense to manage to Google it competently, feel entitled to be an arse about it. I trust you can read my tone here?
Sorry, TEE stands for Trusted Execution Environment. It's where stuff like DRM executes with access to secrets that the HLOS (Android) can't tamper with. On ARM SoCs the TEE is usually provided as part of TrustZone. No need to patronize.