Solid info there, thank you.

Yeah, I don’t really have a reason to stay with HSBC. A responsible me would look for a bank with better credit card interest. Might as well shop around for a new one.

It’s possible. First example I can think of is NYT’s games app uses their own keyboard. It’s clunky, but if someone is concerned (or data hungry) enough for the users security they certainly could.

Yeah it is bad. Maybe it’s the case again that the default screen reader is allowed but third party ones aren’t?

Okay, I just tested turning on the built in screen reader and it launched just fine 😑

Of course there will always be some risk. But HeliBoard and some other keyboard apps are open source and can be audited. I’d trust (I know, you should do your own homework) the more popular ones have a lot of eyes in them.

I’m not sure I understand what you are saying. What part of the OS should managed the packages? The creators aka. Microsoft/Linux foundation/Apple/Google, the distributor, or a kernel module? What about cross platform package managers like Nuget, gradle, npm?