| ▲ | digiown 4 hours ago |
| This is really a human right issue. No one should be required to carry an attacker-controlled tracking device, especially not for interacting with the government. It's funny that the EU uses all this mobile attestation BS more than the US does. So much for sovereignty and consumer protection. No monopoly Google can build is as good as the government forcing you to accept their terms. |
|
| ▲ | joe_mamba 3 hours ago | parent | next [-] |
| >No one should be required to carry an attacker-controlled tracking device What about being required to carry a your-own-government-controlled tracking device? Because the US or Chine government can't harm me in Europe via the data they collect from me, But the EU authorities can if they want to, so naturally I fear them more if they were the ones hoovering my data. What are the odds they're using this on-shore tech grab to implement their own domestic version of China's social credit score system, to easily get data on their own citizens who commit "wrong-think", without having to through the effort to twist the arm of US entities every time they want to do that? Food for thought, but I do think we're living the last years of online anonymity, it's inevitable. |
| |
| ▲ | Archelaos 2 hours ago | parent | next [-] | | The odds are very low. It all depents on the people. So far, the European citizens are very privacy senstive. The European institutions are characterized by a huge devision of power. There is no chance that European instutitions can impose their will against a considerable majority of people. If people turn away from liberal democracy, that's another matter. But then everything is lost anyway. | | |
| ▲ | miohtama 2 hours ago | parent | next [-] | | > There is no chance that European instutitions can impose their will against a considerable majority of people The EU commission just passed chat control to have government mandated software in every phone | | | |
| ▲ | joe_mamba 2 hours ago | parent | prev | next [-] | | > So far, the European citizens are very privacy senstive. Only from corporations, but not from their own governments. A lot of Europeans put a lot of blind faith into their governments and the EU, and criticism of these institutions is usually met with accusations of being a bot, MAGA or russian troll. >The European institutions are characterized by a huge devision of power. Didn't really stop them passing whatever rules they wanted during Covid, did it? Or today with Russia and Ukraine situation. Sure is convenient that we keep having more and more crisis and boogiemen that governments can leverage to deflect accountability and bypass the wishes of the population, for our own good of course. >There is no chance that European instutitions can impose their will against a considerable majority of people. Famous last words. People always can be, and routinely are, manipulated to vote against their own best interests, even if everyone claims manipulation doesn't work on them. The propaganda industry is HUGE. Why do you think Germans supported to tie themselves to Russia's gas and destroy their nuclear power. Was it all their original thoughts or was it a massive campaign of dis-/mis-information designed to get everyone on board the same train? And mass manipulation like this is every other Tuesday these days. See Cambridge Analytica. A individual person can be smart, but people together as a collective voting block, are stupid, and the elites treat us like cattle, as seen in the recent files. | | |
| ▲ | roenxi 18 minutes ago | parent [-] | | > Sure is convenient that we keep having more and more crisis and boogiemen that governments can leverage... The problem with this phrasing is it makes it sound hyperbolic, but it is important to remember the world is large and there are always, in a literal and normal sense, multiple major crises going on at any moment. People who don't pay much attention to politics sometimes get confused about why crises elevated by the corporate media get ignored. A big answer is becuase they are elevated for political reasons, usually the crisis is fairly routine in absolute terms. | | |
| ▲ | joe_mamba 14 minutes ago | parent [-] | | >there are always, in a literal and normal sense, multiple major crises going on at any moment True, but my point I wanted to draw attention to, is HOW these crisis are handled now, not that there's many of them. Every crisis now seems to be exclusively used as a vehicle to justify taking away just a little bit more of your freedom and anonymity, or implement more fiscal policies that will leave you footing the bill but just so happens it will be enriching the wealthy as a side effect. |
|
| |
| ▲ | Cyph0n an hour ago | parent | prev [-] | | > So far, the European citizens are very privacy senstive. In some areas, sure - like GDPR. In other areas, absolutely not - like chat control. As another commenter pointed out, it seems as if government mandated privacy intrusion is OK, while violations by corporations are quickly shutdown. It’s like the opposite of how it works here in the US. | | |
| ▲ | joe_mamba an hour ago | parent [-] | | >it seems as if government mandated privacy intrusion is OK Once you give people an outside boogieman(Putin, Trump, Covids, etc) or a self inflicted false flag crisis(surge in violent crime rates for example) to shake them up to their core and put the fear in them, you can then easily sell your intrusion of privacy in their lives as the necessary solution that protects them. When you start lose control of your people because their standard of living has been going downhill for 2 decades and they realize the future prospects aren't any better so they hate you even more, you can regain control of them by rallying them up on your side in a us-versus-them type of game against external or internal aggressors that you paint as "the enemy". The media is your friend here. /s This isn't an EU or US exclusive issue, it's everywhere with a government issue. The difference is that EU always has external aggressors the government can use as justification for invasiveness and control, while the US is the unchallenged global superpower so it has no real external threats ATM, meaning division must be manufactured internally (left vs right, red vs blue, woke vs maga, skin color vs skin color, gender vs gender, etc) so that the ruling class can assert control in peace. Either way, we all seem to be heading towards the same destination. | | |
|
| |
| ▲ | scythe 2 hours ago | parent | prev [-] | | Tracking device might be the wrong thing to focus on. The US has other ways of messing with foreigners who depend on services provided by US companies, like suddenly cutting off those services in the case of ICC judges. | | |
| ▲ | joe_mamba 2 hours ago | parent [-] | | IIRC, ICC judges lost access to their O365 work email accounts. Worst the US can do to me is turn off my Steam, and Gmail but I can easily live without those. Now imagine being debanked by your own government because they don't like what you're saying and becoming unemployed, homeless and dead. I don't think they're remotely comparable. For example, a few years ago, a power tripping gov bureaucrat turned off my unemployment payments over a technicality. Luckily, I had enough money to pay a lawyer to sue them and won, but it was tight. What if I hadn't had the money to hire a lawyer? Since I was in a foreign country, with no family or close friends to fall back on. I was exclusively relying on the welfare state I paid into for years, that then turn its back on me for shits and giggles. So I don't think you understand just how bad it can be for you if your government decides to turn on you and fuck with you, if you're comparing this to losing access to your work email account. See the famous case of UK postal workers that got fucked by their government trying to hide their mistakes. | | |
| ▲ | buzer 37 minutes ago | parent | next [-] | | According to AP News (https://apnews.com/article/international-court-sanctions-tru...) at least one judge had his bank accounts closed. So it's not just your own government who can debank you in Europe. Of course in this judge's case there might still be some banks who are willing to work with him even at the risk of getting sanctioned as there weren't language in the news that he was completely debanked which I assume they would highlight if it was the case. | |
| ▲ | digiown 2 hours ago | parent | prev [-] | | It's all the same. How is suing Google any different, if you instead get debanked by Google for violating their "terms"? The only solution is untraceable, permissionless money, like Monero. Why do you think governments try so hard to ban it? | | |
| ▲ | linkregister an hour ago | parent | next [-] | | Being de-Googled is a hardship, though there are replacements for virtually all its services. I acknowledge you are well informed on this topic. It is not unreasonable for governments to pursue avenues for laundering money. I recognize that you likely don't believe governments should prosecute money laundering, but that view is not aligned with the majority of citizens in your country. | | | |
| ▲ | joe_mamba 2 hours ago | parent | prev [-] | | > if you instead get debanked by Google for violating their "terms" Since when is google a bank? >The only solution is untraceable, permissionless money, like Monero. Why do you think governments try so hard to ban it? Because untraceable currency is mostly used by criminals for crime. | | |
| ▲ | digiown 2 hours ago | parent [-] | | Your bank (like most European ones) requires you to pass attestation to use their services. If you don't accept Google/Apple's terms, you can't access it without extreme difficulty. | | |
| ▲ | joe_mamba 2 hours ago | parent [-] | | I can always access my bank via a web browser or even in person at the teller at a branch somewhere, or as a last resort via snail mail from attorney, but most importantly even if I get locked out somehow by google, the account still runs and I won't be homeless as my salary and rent auto-payments keep going regardless if you can access it or not. How is this comparable to your government debanking you meaning that no bank, landlord, layer or job will touch you? | | |
| ▲ | digiown an hour ago | parent [-] | | It's less severe for sure, but I'd rather live without undue interference based on someone else's whims, unless I broke a law. |
|
|
|
|
|
|
|
|
| ▲ | skeptic_ai 2 hours ago | parent | prev | next [-] |
| Carrying this device is the key here. Eventually we all need to carry it around, track us everywhere. |
|
| ▲ | moffkalast 3 hours ago | parent | prev | next [-] |
| Yeah it seems that some politicians have noticed that they can enact a lot of self serving authoritarian legislation that wouldn't fly otherwise if they push it as populist independence-from-US thing. Can't let a good crisis go to waste, of course. One only needs a few looks at what the EU Commission has been doing lately to see that if left unchecked their plan is a UK-like total surveillance state. |
| |
| ▲ | digiown 2 hours ago | parent [-] | | I don't disagree but that wasn't the point here. The point is they are handing even more control to a different US entity. Putting my tinfoil hat on, I assume the authoritarians are intending to simply buy the data from the American companies to circumvent legal restrictions, as in the Five Eyes arrangement. |
|
|
| ▲ | ignoramous 3 hours ago | parent | prev [-] |
| > It's funny that the EU uses all this mobile attestation BS more than the US does Attestation in on itself isn't unwarranted which (to me) is an important security measure. Attestation as commonly implemented on Android via Play Integrity (the way banking apps are known to do) is restrictive, sure: https://grapheneos.org/articles/attestation-compatibility-gu... / https://archive.is/snGEu |
| |
| ▲ | digiown 2 hours ago | parent | next [-] | | > important security measure It's a security measure against the owner of the device, in other words, an attack. Would you be okay with me using a remote control to forcibly slow down your car so I can merge? Using attestation this way is fundamentally incompatible with ownership. If the bank wants some assurance about a device, they need to sell or issue one to me, like credit cards or point of sale machines, which are explicitly not your property. The fact that the assurance is provided by a third party you have little recourse against just adds insult to injury. | |
| ▲ | xyzzy123 3 hours ago | parent | prev [-] | | An important security measure for who, though? The servers at the bank should "never trust the client" in case the attestation is bypassed or compromised, which is always a risk at scale. If it's an important safety measure _for me_, shouldn't I get to decide whether I need it based on context? I think it's fair for banks to apply different risk scores based on the signals they have available (including attestation state), but I also don't want the financial system, government & big tech platforms to have a hard veto on what devices I compute with. | | |
| ▲ | miki123211 an hour ago | parent [-] | | It's an anti-brute-force mechanism. It's not for you, it's for all the other accounts that an unattested phone (or a bot posing as an unattested phone that just stole somebody's credentials via some 0-day data exfiltration exploit) may be trying to access. Sure, banks could probably build a mechanism that lets some users opt out of this, just as they could add a Klingon localization to their apps. There just isn't enough demand. | | |
| ▲ | xyzzy123 23 minutes ago | parent [-] | | If you work on mobile apps you will notice that full attestation is too slow to put in the login path. [This might be better than it used to be, now in 2026]. I don't think a good security engineer would rely on atty as "front line" anti brute force control since bypasses are not that rare. But yeah you might incorporate it into the flow. Just like captchas, rate limiting, fingerprints etc and all the other controls you need for web, anyway. I know I'm quibbling. My concern is that future where banks can "trust the client" is a future of total big tech capture of computing platforms, and I know banks and government don't really care, but I do. | | |
| ▲ | digiown 2 minutes ago | parent [-] | | > total big tech capture of computing platforms Correct. And the end of ownership, privacy, and truth too. If something can betray you on someone else's orders, it's not yours in the first place. You'll own nothing and if you aren't happy, good luck living in the woods. |
|
|
|
|
