| ▲ | lijok 9 days ago |
| Your style of thinking is exactly why linux never became a leader in desktop os's. Why we're still dealing with the most ridiculous tech debt and complexity in OSS tooling to date. You're obsessed with fake problems that have no bearing on real people. When grandma does indeed loose all her money because some prick phished her password away, I would love to watch you explain how that's actually better than BigTech taking away user freedoms. |
|
| ▲ | dare944 9 days ago | parent | next [-] |
| This argument is ridiculous and purposefully inflammatory. The issue at hand is the requirement for client attestation while using passkeys. So in that light, can you describe for us the scenario in which grandma, who is undoubtedly using passkeys on an iPhone or an Android, looses all her money simply because someone, somewhere else is using a passkey without attestation? You can't, because the vendor lock-in created by attestation doesn't meaningfully increase grandma's security. Rather, it exists (outside the enterprise scenario) primarily as an anti-competitive tool to be wielded by the major players. Passkeys could have been an overall boon to society. But with attestation restricted to a set of corporate-blessed providers it is a Faustian bargain at best. |
| |
| ▲ | timmyc123 9 days ago | parent | next [-] | | > The issue at hand is the requirement for client attestation while using passkeys. There is no attestation in the consumer synced passkey ecosystem. Period. | | |
| ▲ | vdqtp3 8 days ago | parent [-] | | Can you say "There will be no attestation in the consumer synced passkey ecosystem. Period."? That seems to be the concern, not what exists today. | | |
| ▲ | timmyc123 8 days ago | parent [-] | | Ecosystems are made up of hundreds of thousands of organizations, billions of devices,and billions of users. How do you expect a single person to be able to make an authoritative statement like that? | | |
| ▲ | anonymars 7 days ago | parent [-] | | Well, you said definitively it's not in the...ecosystem, well of course it's not in that ecosystem now, but that's an extremely narrow reading of the question: the concern is it being in the spec that the consumer-facing ecosystem is pushing hard. A consumer-facing ecosystem that has amply demonstrated how much it loves lock-in. "Fool me once...can't get fooled again" |
|
|
| |
| ▲ | 9 days ago | parent | prev [-] | | [deleted] |
|
|
| ▲ | achierius 9 days ago | parent | prev [-] |
| You're the one dismissing real problems like "lose all passkeys when you lose your phone". |
| |
| ▲ | lijok 9 days ago | parent | next [-] | | That is not a problem that GP brought up. In fact GP claims it's not a big problem. > The problems of Passkeys are more nuanced than just losing access when a device is lost (which actually doesn't need to happen depending on your setup). | |
| ▲ | otterley 9 days ago | parent | prev [-] | | That doesn’t happen when you use Apple’s passwords ecosystem or 1Password. The backing databases are synchronized between devices. | | |
| ▲ | bccdee 9 days ago | parent [-] | | And everyone knows that abuelitas in the global south, as a rule, own iPhone 16s and subscribe to 1Password. | | |
|
|
