Secure way to virtualize/emulate android apps on desktop?

DirtyDan

Is there a way to securely install, say, a mobile banking app, without having to use a physical phone? My desktop is Linux but I'd be open to installing another OS if it were necessary for this purpose.

I don't think Waydroid would work since it probably doesn't work with play integrity? I've heard Waydroid is not secure - how accurate is that? Is Waydroid something to avoid for all purposes or can I trust it for some things?

What about creating an Android Virtual Device (AVD) using Android Studio? Would that work? Is it secure enough? What about other android virtualization software - are those trusted?

Are there any other emulation/virtualization methods you recommend?

yeehawk

DirtyDan I don't think Waydroid would work since it probably doesn't work with play integrity? I've heard Waydroid is not secure - how accurate is that? Is Waydroid something to avoid for all purposes or can I trust it for some things?

Dont dive into Waydroid. I've wasted multiple hours in that garbage and I still couldn't get it working. It starts with missing internet connection, you can google "waydroid internet connection" and can see that there is no official, helpful solution to this long existing problem. Thousands of posts and the maintainers couldn't give less a shit.

Android emulation on Linux in general is ass:

Anbox is outdated
Waydroid is bugware
havent tried Android x86 (VM and therefore also has Google apps, but you can also manually install Lineage)
Genymotion is proprietary and requires an account

Those are the four most popular when it comes to linux desktop emulation for android. I dont know any other, if there is anything than those four, i'd be happy to know more about it.

pixninEH

I was thinking the same thing, sideofburritos says to install brave and make them PWA's. However i have come to terms that it isnt smart having banking or anytype of wallet on your phone due to it being lost stolen or read with all the crooks carrying dolphins or whatever those little hack devices they sell on amazon. Just my .02 cents. I noticed your posts yesterday and wow you seem to have the secret formula for grapheneOS functionality and practicality.
With the economy still being in limbo, i decided to keep my banking strictly in my personal wallet, debit card, id and cash. That way i cant overspend or worry about someone opening credit cards in my name. Yes it happened to me 3 times now, once they open on, you cant do anything about it. So i had to call each credit reporting equifax etc, and have them put special codes and holds on my SS and name for opening new loans/cc's/ etc. I would love to pick your brain. I got grapheneOS because i was sick of apple IOS not giving any way to change rules when it comes to apps, or advertisments, data harvesting etc. When i first installed grapheneOS i almost went the side of burritos route with multiple profiles, but it was exhausting. Now youre making me want to re set mine up for at minimum the google apps that utilize gps and navigation. If you want and feel like spreading knowledge/love. What is your exact setup?
@DirtyDan

DirtyDan

pixninEH

I noticed your posts yesterday and wow you seem to have the secret formula for grapheneOS functionality and practicality.

When i first installed grapheneOS i almost went the side of burritos route with multiple profiles, but it was exhausting. Now youre making me want to re set mine up for at minimum the google apps that utilize gps and navigation. If you want and feel like spreading knowledge/love. What is your exact setup?

Can you respond directly to the post you're talking about? This is a bit off topic for this thread. I've also made a good number of posts on here so i don't really know which post you're talking about. 😃

The major reason I asked this question was because I was curious if it was possible to not use a smartphone at all and to virtualize Android apps on desktop when necessary instead - such as for financial apps that only have apps, but have no functional websites. Specifically, what would be the material privacy/security drawbacks someone should know? Is it bad enough that you shouldn't even try it?

I like to have backup plans in case GrapheneOS is no longer available to me. My mind also sometimes drifts to the pre-smartphone era and I'm curious to know what's still possible to accomplish without owning a smartphone today.

pixninEH

DirtyDan ahhhh i get what your saying. Sorry about my rambling, i read a bunch of your posts late last night and downloaded ente auth and im blown away, it makes me want to redo my pixel9a Gos to not using google framework or carrier services anymore.
Ahh i see what your saying regarding the apps that do not have a website for their service and only have applications.
Sadly, it is by design, these newer companies now the ratio of people who use smart phones vs pcs/macs/desktops, etc.
They switched their business models to getting people into subscriptions instead of one time fees. How do i know this, because i used to run a bunch of websites selling wall decals/ car decals, stencils, printing etc. The problem was, it was booming until amazon came around and humans are impatient so they cant handle waiting 4 days for a product. So slowly but surely all websites and companies unless they have tons of local business will be obsolete in the near future.
I am by no means a tech genius, but i do understand the trends of economics and business sales online and brick and mortar. Security concerns well it depends on your threat model. If you want to never worry about financial security issues ever again and have the convenience of not worrying about losing a credit card, losing your phone, or any digital device that has all of your personal info in it.
Whatever bank or credit union you use, call them and tell them you want to make a special phrase password. This will make it so that no one can call and impersonate you. Turn on all alerts to your email and text if any money is moved in your bank accounts, whether it be you buying something with your debit card, pulling cash out, or using your credit card.
The last thing would be to contact the 3 big credit rating bueraus and having them freeze your accounts and name with special passwords. So that way, nothing can be opened in your name, unless its you. Then when you want to say buy a house, apply for a personal loan, etc. You call undo the hold, apply. Then re put them back on.
Hindsight is 20/20, years back i was ignorant and grew up in the flip phone high school era. Long story short, if your card is taken and you dont report it back then, you are responsible for the charges. Sorry for the novel.
Oh and the pre smartphone era if you really wanna know how i figured this rabbit hole out, look at this website it will teach you all of it.

https://www.anarsec.guide/posts/grapheneos/

pixninEH

Oh, yes there is a way, in the guide i linked above to install secure banking apps without a smartphone. Qubes IIRC is essentially a grapheneOS computer OS. Compartmentilization, it has almost every different OS from linus to windows 7 to ios mac etc. . Or its in another guide on that site.
BTW, disregard the name of the website, anarchists type bullshit. I am not down with that. But it is by far the most informative info ive found on all tech with no bs sponsers or lies.

https://www.anarsec.guide/posts/qubes/

CalmBird

yeehawk Take a look at the Emulation General Wiki for all available options. To answer OP's question though, desktop is awful for security and I highly recommend you to just use your phone for tasks like these. You won't find a secure Android VM solution, because it simply doesn't exist.