upvote

points

by baq12 hours ago |
comments
upvoteby BLKNSLVR11 hours ago|
next
[-]
I hope this isn't going to be the case universally. If my bank cuts off my access from my browser-on-linux setup, then I'm finding an alternative bank (hopefully some will always exist), which I don't say lightly since I've been with my current bank since I was old enough to have a bank account.
reply
upvoteby izacus6 hours ago|
parent|
[-]
You'll quickly find out - as people are finding out in EU nowadays - that *no* bank will go through the trouble of fighting checklist security auditors to keep your linuxes working.

Wait till you find out that your prefered Linux bank won't have the same mortgage terms as you'd like and you'll be running to buy a Google/Apple phone to get those % down.

reply
upvoteby monksy2 hours ago|
parent|
[-]
Keep complaining to the regulators that you're being locked out of your account. Sue them and keep escalating. Forcing you into a system where you have to pay, maintain, etc for access is often not legal.
reply
upvoteby Aachen7 hours ago|
prev|
next
[-]
My bank has always had hardware attestation, but it was their hardware that was being attested. Customers get it loaned when signing up

I have no problem with a device that they trust being used for transaction approval, but that device shouldn't also be the device I use for my daily life and do all sorts of private things on. We should want to be able to inspect that one

reply
upvoteby baq7 hours ago|
parent|
[-]
I agree completely, except looking at my 2fa app I'd need 20 physical tokens, so we actually need a super-duper-yubikey
reply
upvoteby Aachen4 hours ago|
parent|
[-]
Yeah, I should have pursued the idea ten years ago of making a usable 2fa hardware device (that confirms what you're authenticating and an attacker can't simply pull auth codes for whatever they want)

Still, I'm plenty okay with my phone as a second factor for my laptop and vice versa for nearly all services. The rest is about tying things to a government identity (bank cares only if it's me who's authorising the transaction; government cares only if it's me who's requesting a student loan) and can be done with the chip that's already in my identity document and a single 20€ nfc chip reader or by using a phone as nfc reader

reply
upvoteby 12 hours ago|
prev|
[-]
deleted
reply