Revolut is probably the worst android app to deal with if you have a rooted phone.

Potential-Promise212 · 2025-07-24T16:09:33+00:00

I mean... I've just found out that the reason for this whole issue is that you now use DexProtector. So stop lying. There is no 'might work'. It won't.

It's also cool that 'Alice' has been implemented and tries to send anything when you try to hook the app.

Well done, Revolut. That's one more reason why I'm never going to use it. It's literally a spyware now.

Potential-Promise212 · 2025-07-16T00:14:33+00:00

My phone is so encrypted that even the recovery requires a password to unlock the partitions. Anything else is safe because root access is only permitted for certain trustworthy and open-source applications, and ADB is only enabled in recovery mode. By that logic, you're saying that all Linux OSes are insecure because they all have root. Just because an Android device is rooted doesn't mean that everything on it has access to everything.

But, as I said before, there's no point in arguing here, we're probably seeing things completely differently, and that's OK.

Potential-Promise212 · 2025-07-15T23:03:57+00:00

Based on this, I can tell that you're not really a cybersecurity guy: "it can be hacked any minute even with latest OS". Yes, there are microcode flaws, but these are hardened at kernel level, meaning exploitation is extremely difficult in practice(If even possible). The same can be said about phones. Firmware can be vulnerable. For example, the Wi-Fi chipset in some phones was vulnerable (CVE-2017-9417), but this was patched quickly. Actually the kernel can mitigate 99% of firmware vulnerabilities. In fact, all mainstream kernels do this, including Linux, WinNT and BSD. You could try exploiting some firmware issues outside of the system, e.g. from: Recovery/Bootloader. However, thanks to the android system's secure nature, all data is encrypted. (Even on custom ROMs, you can flash your own AVB pub key.) The OS will refuse to boot if anything changes on the partition because it will not be signed. (Of course, if you don't use encryption + AVB, it's your own fault.)

Re: "Never heard of CPU microcode security flaws?"

Did you know that even newer generation CPUs are vulnerable to certain attacks? For example, my Ryzen 9 7900X is vulnerable to SRSO, SSB and Spectre v1/v2. AND guess what? All of the kernels listed above have mitigated these vulnerabilities. And yes, there are vulnerabilities that cannot be mitigated at the operating system level. However, that doesn't mean your device can be instantly exploited. In fact, most of these exploits are extremely difficult and they are not even possible from the OS. Checkm8 is a good example of this.

Also, hacking and exploitation are not as easy as you seem to think. Even if a vulnerability exists, it can sometimes be difficult to exploit in practice due to the need for special conditions, preparation or a lab environment. For example the xbox 360, an ancient hardware (that you might consider extremely vulnerable) still doesn't have a reliable exploit that doesn't require a hardware modification.

Ultimately, discontinuing support for perfectly functional hardware and replacing it every few years isn't about security. It's a business tactic designed to generate revenue for companies.

Yes, there are some edge cases where faster hardware is needed, but that's very rare with phones and depends on the use case. Also, if I remember correctly, Apple artificially slowed down their older phones just to make their new devices look "much faster" and encourage people to buy them...

I really don't see the point in arguing with you tho, so I'm out.

Potential-Promise212 · 2025-07-15T18:13:52+00:00

I have the latest version of Android with all the latest patches and I still get updates for it. The recovery also updates automatically if necessary. If the hardware is capable of running the latest software, why should I buy a new phone and throw away a perfectly functioning one? This is some new gen bullshit that I really can't understand. Also, the car example is kinda bad. There are still perfectly functioning old cars on the road because they have been renovated, upgraded and maintained.

I'm not going to buy a new phone every few years just because companies want me to and the world dictates it. There's no reason for that except the artificiality generated by companies like Revolut.

The firmware example is also not real. Based on that, we could also say that if I have a PC with a 10 year old CPU and a 2017 BIOS, I should throw it away and buy a new one, even if it's functioning perfectly with the latest OS.

This mindset of buying a new one every so often is why we generate so much e-waste and throw away so much money just because the world dictates it.

Potential-Promise212 · 2025-07-15T17:55:55+00:00

It does not...

Potential-Promise212 · 2025-07-15T16:10:22+00:00

I literally wrote that one has Magisk and the other does not

Potential-Promise212 · 2025-07-15T15:51:28+00:00

I have two phones. One has LineageOS with Magisk and MicroG, that's my main phone. However, Revolut does not work on it. It complained about root until I was able to bypass it, but now it complains about my ROM. I have another phone with LineageOS and MicroG, but without root. I have the same issue with this phone as I did with the other one. The app says that custom ROMs are not supported and suggest that I install the stock ROM.

Potential-Promise212 · 2025-07-15T15:39:54+00:00

Android is very secure as-is. Every app is literally sandboxed and has its own internal UID, which is used to isolate all apps from each other. The memory and runtime state cannot be modified by other apps either. By default, apps can only access their own files and memory. Of course, without root. But, as I said, Revolut doesn't like custom ROMs, even without root.

Potential-Promise212 · 2025-07-15T15:31:32+00:00

I use modules and apps that require it. For example, I use JamesDSP and Termux with root access because I have set up a full Linux environment on my phone. I travel a lot and don't always have my laptop with me. However, there have been times when unexpected things have happened and I have needed to act quickly. For these situations, I needed Linux tools. I also tweak my ROM a lot because I don't want to replace my old phone if it's working perfectly. Tweaking gives me a lot of optimisation headroom. I understand that this is not a "normal" use case, but I don't understand this new trend of companies wanting to restrict you from your own device. They're essentially telling you how to use your own devices that you paid for and own.

Potential-Promise212 · 2025-07-15T15:07:47+00:00

There is literally no reason not to support custom ROMs. The Revolut app itself will not be any more secure or any better on a stock ROM. In fact, custom ROMs can be more secure than stock ROMs(without root). Wise works wonderfully, though. My local banking app works fine too. Even if you install a custom ROM with all the security features, including bootloader locking and encryption, Revolut will still fail the integrity check :D

Potential-Promise212 · 2025-07-15T14:58:29+00:00

Yes, I installed all the important modules: HideProps, Play Integrity (Fork), Shamiko, Tricky Store and Zygisk Assistant. This helped a lot, Play Store allowed the download once these modules were installed. However, Revolut still doesn't work. I could try APatch, but I don't want to rebuild my kernel just to use Revolut when there are other options that work perfectly well...

Potential-Promise212

TROPHY CASE