SoylentNews is people
SoylentNews
I have been using PayPal off and on since 2012 for 2 main reasons.
1 - Convenience, I didn't have to enter a credit card every time I purchased from a site other than usual trusted sites where I store my payment information, like Amazon, and sending payments to friends/family was simple.
2 - Peace of mind.
I recently found that the assumption of (2) was wrong, so I fired PayPal. I don't want to get into the details. Beyond being therapeutic, it won't really make life better moving forward.
That brings me to the question, since I have fired PayPal, I am sure that someone will want to send me, or more likely, have me send them money. Before I go out and research the providers on my own, I thought I would come here. What do Soylentils suggest for peer to peer payments?
(Score: 3, Informative) by edIII on Thursday December 01 2016, @07:48PM
A native app isn't all that bad, and probably preferred to be honest. The issue you have is the permissions, and that is rightly fucked on both Android and iOS. You have to jailbreak/root the crap out of it before you can start taking away permissions from apps, and sometimes, that breaks the apps. The browser itself is a native app, and you would be better served by having a one browser app for secured activities, and another for regular banal activities. XSS attacks haven't been mitigated completely, and I inherently distrust my browser to keep everything sandboxed.
Forget about running NoScript with online banking. I don't know of practically any corporation that has a site with security credentials, and is not running javascript. Soylent is one of the very few exceptions. You're hunting for unicorns, and the likelihood of finding a web interface well constructed without javascript will be a journey to impress a Hobbit.
I do believe you can force the bank to at least present you the website, and not force you to an app on a tablet or smartphone. Just change the headers through a 3rd party app or settings to represent yourself as a PC running Firefox or something. It's been quite some time since I cared enough to do anything by smartphone (I gave up after Snowden), but I did find the ability to force a full website experience when I needed to do so, and a few of those times was online banking under extreme duress (otherwise I wouldn't have done it). Also, on a smartphone or tablet device I can never tell if a process has actually been terminated and not just moved to background. I always terminated the process directly with a tool before and after hitting a secured site.
Although at this point in our downward spiral society, I don't think online banking is worth it. Too risky, and you just end up giving power to people that would abuse you with it. That's the corporations doing it legally, and you still need to worry about malware kits targeting smartphones. That's my personal opinion though, and I understand if your addicted to the convenience.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 1) by Arik on Thursday December 01 2016, @09:02PM
Exactly. In theory it's the best way to go. In practice you're stuck with a POS OS that is literally impossible to secure, and I expect their app is of even lower quality. Which means that installing that app on the phone is essentially begging someone to rip you off.
"I do believe you can force the bank to at least present you the website"
You're misunderstanding me. A website is a crosslinked collection of hypertext documents, not of scripts. If their 'website' does not degrade gracefully when deprived of script support, then it is no website at all in my opinion. The essential qualities for which a website is desired, are absent. It's just an app targeted at insecure browsers rather than an underlying OS.
"Although at this point in our downward spiral society, I don't think online banking is worth it. Too risky, and you just end up giving power to people that would abuse you with it."
Just need to receive my electronic checks and be able to send money occasionally, otherwise I wouldn't bother.
If laughter is the best medicine, who are the best doctors?
(Score: 2) by JNCF on Thursday December 01 2016, @09:22PM
I don't know of practically any corporation that has a site with security credentials, and is not running javascript. Soylent is one of the very few exceptions. You're hunting for unicorns, and the likelihood of finding a web interface well constructed without javascript will be a journey to impress a Hobbit.
A distinction must be made between sites that run JavaScript and sites that require JavaScript. If we make this distinction and include in our tally those sites which maintain most of their functionality with JavaScript disabled, your statement becomes retroactively hyperbolic -- though not as hyperbolic as I'd like it to be. Amazon is an excellent example of progressive enhancement, and there are plenty of others. I don't know about banking sites, but I don't use banking sites.
(Score: 2) by Whoever on Thursday December 01 2016, @09:52PM
Newer versions of Android allow reasonably fine-grained app permission configurations.
(Score: 2) by TheRaven on Friday December 02 2016, @11:25AM
The issue you have is the permissions, and that is rightly fucked on both Android and iOS. You have to jailbreak/root the crap out of it before you can start taking away permissions from apps, and sometimes, that breaks the apps
That's never been true on iOS (apps ask for permissions as they require them and you can turn them off again in settings if you've granted them previously) and it isn't true for recent versions of Android anyway. I was quite interested to note that the Android version of my bank's app asks for such an egregious number of permissions (full call and browsing history, for example, in a recent update) that I uninstalled it, whereas the iOS app asks for very few.
sudo mod me up
(Score: 2) by urza9814 on Tuesday December 06 2016, @12:01AM
You've got that completely backwards. The reason it doesn't ask for so many permissions on iOS is because iOS doesn't require it to ask for permission in the first place, where Android generally does. Apple assumes every app should already have access to the internet, should already have access to your complete call history, should already have access to all this stuff...so it doesn't have to ask your permission.
Absolutely any app on that iOS device can already read your entire call history. It appears that Apple doesn't even attempt to restrict it, nor do they make any attempt to inform you if it is being accessed, nor do they allow you to explicitly deny that permission -- all of which Android does:
https://iosstuff.wordpress.com/2011/08/19/accessing-iphone-call-history/ [wordpress.com]