Security/privacy conscious friends, how do you handle apps (especially banking apps) that tie essential functionality to services like

From, it seems loads an invasive script that attempts to port-scan/fingerprint the environment in which it's running (my banking app requested local network access).

The domain is blocked by common DNS blocklists, but with the block in place the (banking) apps fail to function.

I could whitelist the domain of course, but allowing it just feels... icky?

Sign in to participate in the conversation

Hackerdrinks community mastodon. Maintained by the guys from