undefined

upvote

points

by bigstrat20035 hours ago |

upvote

by andrewla5 hours ago|

[-]

Can we make things so that you don't need a smartphone? I don't think this is as trivial as you're making it out to be.

Having a non-exfiltratable bearer token is really really hard. In order to present a zero-knowledge proof of the possession of a token you need to have some sort of challenge-response protocol. The simplest one, and the one in most common use (such as this) is a time-based method, where the shared knowledge of the current time represents the challenge.

The other method is to use civil identity as the challenge, and use government-issued IDs as the bearer token that the ticket is tied to. This doesn't scale well to larger events, and presents real challenges involved centralization of ticket exchange.

You can argue whether or not forgery is a significant enough problem to be worth this trouble, but that's a business decision, and as live events like this get more expensive forgery and resale become more and more of a problem, which end up locking out people like this who have legally and legitimately bought tickets but can't gain access to events because someone has stolen and resold their ticket.

reply

upvote

by raincole5 hours ago|

[-]

Yet, somehow Major League had been selling tickets just fine for more than a century without smartphones.

reply

upvote

by andrewla5 hours ago|

[-]

It's a moving target. Forging tickets has gotten easier and easier, and as tickets get more expensive it becomes more and more lucrative. Law enforcement is generally not helpful for this sort of petty larceny so they are looking for structural ways to prevent it.

In past eras they used holograms and watermarks and special papers in an attempt to prevent forgery but these methods keep getting challenged by an ever more sophisticated criminal element. Moving into cryptographically secure methods is the last barrier here.

They could also rely on the state to match identities to tickets, but this approach does not scale and is frankly undesirable for the majority of people anyway.

reply

upvote

by hapless3 hours ago|

[-]

Forgery is a non-issue -- this guy is a season ticket holder. Literally all they need is his government ID checked against a list.

The "problem" they were trying to "solve" is letting people sell some of their tickets to third parties, but not all of them. That is understandably how they arrived at a mobile application as a solution

But the problem of admitting the original ticket holder is simple as shit. Just .... check his ID?

reply

upvote

by bigstrat20035 hours ago|

[-]

What? We sold tickets for literally decades upon decades before smartphones came out. Of course you can do it, it's already been done!

reply

upvote

by andrewla5 hours ago|

[-]

Decades upon decades of holograms and watermarks on tickets to make them unforgeable. But it keeps getting easier to forge them. Meanwhile ticket prices keep increasing (venue space is one of the last things that's truly scarce) and the incentives for forgery keep increasing.

Even if we could make them truly unforgeable, people generally want electronically transferrable tickets. How do you propose to do this?

reply

upvote

by hapless3 hours ago|

[-]

Go ahead and require a special gadget to get an "electronically transferrable ticket," no skin off my back. That is a feature I will never use.

Don't bother your season ticket holders about getting their own person admitted! I am standing in front of you, bearing identification, and you are whining about a mobile app?

reply

upvote

by trollbridge4 hours ago|

[-]

If ticket prices keep increasing, it would seem the capability to print harder-to-forge tickets could be done with the extra revenue.

They could even do something like give him a little RFID token that can be used once. Tap it, gates open, go in, done.

reply

upvote

by 5 hours ago|

[-]

deleted

reply

upvote

by xvector5 hours ago|

[-]

We can, but why should we?

reply

upvote

by pavel_lishin5 hours ago|

[-]

If you scroll up, there's a link to an example of why at the very top of this page.

reply

upvote

by HotGarbage5 hours ago|

[-]

Why should we be beholden to the two mega-corporations who control the smartphone market?

reply

upvote

by xvector3 hours ago|

[-]

You can certainly get a smartphone from another company and run AOSP.

But the problem isn't that this guy didn't want to use a smartphone, it's that he literally has never bothered to learn.

Why should society cater to those that literally don't care to learn the essentials?

reply

upvote

by cindyllm5 hours ago|

[-]

[dead]

reply

upvote

by Ucalegon5 hours ago|

[-]

If you work in an industry that is solely based off of customer delight, stories like these are what you are looking avoid due to brand damage. It is going to cost more time/energy to deal with the backlash than just coming up with a simple solution in the first place.

reply

upvote

by justonceokay5 hours ago|

[-]

If your imagination is that anemic then the process is compete.

reply

upvote

by whoamii5 hours ago|

[-]

Right? This is no country for old men.

reply

upvote

by sateesh5 hours ago|

[-]

privacy for one.

reply

upvote

by bigstrat20035 hours ago|

[-]

Because the future will be very dystopian if we place two tech companies as gatekeepers of everything in life. If Google locks your account and won't help you (which happens!), you don't want that to also take away your ability to bank, go to baseball games, etc.

reply

upvote

by xvector3 hours ago|

[-]

If that is your threat model (it isn't for 99.999% of people), you can set up your own email domain for few bucks a year and it takes 20 minutes. Now no one can debank you and take away your ability to go to baseball games simply by killing your email.

But that's not the reason the guy in the video isn't using a smartphone. It's because he literally never bothered to learn or keep up.

reply