Not everything perfect, yet: just used my #Librem5 to transfer money.
- connected keyboard and mouse through bluetooth (sparklan card)
- used
pass-mgr-compact
to get my login password for the banks page in firefox- found passff not working in my actual firefox configuration
- had to copy the username from
pass
in a terminal, because I didn't find a way to get it inpass-mgr-compact
- read the email containing information about the transfer in
geary
- confirmed the transfer using an external token that reads data from the screen of the L5
On the first try the L5 froze when I connected power after disconnecting the #LibremKey needed for my pass
tomb
from the L5.
Wrote this in #tangram.
@etam@im-in.space Sounds very convenient.
But:
- 2nd factor for authentication/authorization is stored on the same device (I do not know much about the banking apps for android, but as I understood I'd have one app as a second factor while on the same device another app is the banking interface)
- I started really liking ˋpassˋ as a password manager and I believe that gpg encryption is one of the best options. Especially if the private key is stored in an hsm separated from the device I use it on.
- chiptan - generating a token for any transaction using my banking card and an external terminal does apply the same security principle: the secret is stored seperated (and in this case air-gapped) from the device it is needed on
- I do not trust Android the slightest bit more only because it is running as waydroid. I strongly believe that there are genius people with nearly unlimited ressources working on it. Every try to make that biest harmless or put it into a cage to me is really questionable, because the people cutting the claws or forging the cage do not have the same ressources at hand - not nearly.
- I believe that using Android is a bad choice if it can be avoided in some way: every minute wasted on Android does invest into that ecosystem, any use case does it make more important. It might be open source, but I'm sure it is designed to fullfill the needs of Google in the first place and that these interests are contrary to what would be good for you or me.
@me In my case it's much simpler and less hacky: