| ▲ | AlBugdy 17 hours ago |
| All these requirements for specific hardware and software are ridiculous. Let every citizen use whatever computer they want. It should be up to the user to secure themselves. Authentication should only require a password or a key pair. If the user wants more security, they can set up TOTP or buy a security dongle or something. It's also ridiculous how it seems we've forgotten computers other than smartphones exist and that not everyone even has a smartphone, let alone with an Apple or Google account. |
|
| ▲ | mrweasel 8 hours ago | parent | next [-] |
| Last week I was watching a YouTube video, talking about the EU creating payment services independent of VISA and MasterCard. What struck me is that they are all apps, which will require an app store. Great, I can pay with a digital Euro, Wero or something else, without routing my payments via VISA. I just can't do it without an account with Apple or Google. I'm absolutely baffled by politicians, regulators, banks, merchants and implementors lack of ability to think more than one or two steps out. Sure, the EU is forcing 3rd. party app store, but no one is using them, so no one is pushing apps to them, especially not governments, banks or payment services, they'll be the last to use them. |
| |
| ▲ | haagch 7 hours ago | parent [-] | | The digital Euro seems still in early planning stages. It seems people want to plan a physical card for it, but whether online payments will work without a platform dependent app is unclear for now. Wero however is currently only planned as an android/ios app period. There are rumors that a card will come but that's only rumors for now. In your list of groups to be baffled about I would add journalists. You see many articles about Wero mentioning digital sovereignty, but have you seen any that criticize the required banking apps only being available in google's and apple's app stores? |
|
|
| ▲ | atanasi 11 hours ago | parent | prev | next [-] |
| The current policy trend in the EU is definitely not based on the principle of each user evaluating their own risk. On the contrary, service providers like financial institutes and identity providers have the responsibility to keep users safe, and more and more regulation will be made. The natural consequence is restricting which platforms are supported. |
| |
| ▲ | rolandog 9 hours ago | parent | next [-] | | "Legislation will continue until morale improves." The regulations sometimes feel like additional burden of the user, but not for the manufacturers (aside for the attestation logic); consider: > (MEETS_STRONG_INTEGRITY requires a security patch in the last 12 months) Think about how this essentially codifies planned obsolescence due to not forcing the manufacturers to maintain the devices for life. | |
| ▲ | sunshine-o 9 hours ago | parent | prev [-] | | > The current policy trend in the EU is definitely not based on the principle of each user evaluating their own risk. Yes and if you look back this is not new. Just look at the extraordinary restrictions that apply to: - What houses you can build, - What vehicle you can drive, - What food you can grow and sell. The result is real estate has become unaffordable for younger people, our car industry is being annihilated, and the agriculture sector hold by a string. The digital realm enjoyed an unusual level freedom until now because the silent and boomer generations in charge in the EU understood nothing about it. Now that the EU is getting involved in "computers" we are starting to understand why peasants have been protesting in Brussels and calling those people insane for decades. | | |
| ▲ | rcbdev 8 hours ago | parent [-] | | I really have to wonder where in the EU you live. In Vienna, I got to buy an apartment in my mid-twenties by just saving up, which was easy, as many apartments are rent-capped and there's lots of cheap social housing. I got to enjoy free university, allowing me to get a high paying job. I get to use very cheap all electric state-subsidized rental car offerings if I need them, which is rare since we have federally good rail and bus coverage. And I enjoy affordable meat, dairy and vegetables all sourced from inside my country. Austria's courts also ruled ages ago that rooting your own device cannot be a legal reason for OEMs like Samsung to refuse warranty coverage, since you can run whatever software you want on hardware you bought. Maybe your country sucks? Don't blame it on the EU. | | |
| ▲ | Ray20 4 hours ago | parent | next [-] | | > apartments are rent-capped
> cheap social housing
> free university
> high paying job
> very cheap all electric state-subsidized rental car offerings
> affordable meat, dairy and vegetables And here we can simply examine the tax structure and conclude that the problem isn't whether the country sucks, but whether the side you're on sucks. After all, how can housing be affordable for ordinary workers if they have to subsidize from their own pocket free university, cheap housing, electric cars, high wages, and everything else for the privileged class? > Maybe your country sucks? And maybe your country sucks too. It is just North Korea is also the best country to live in (if you're Kim Jong Un). | |
| ▲ | krater23 8 hours ago | parent | prev | next [-] | | Yes, blame Germany. | |
| ▲ | sunshine-o 7 hours ago | parent | prev [-] | | Yes congratulation, you get to benefit from a lot of regulated and subsidized things: housing, education and transportation. While enjoying a high paying job in probably a still very unregulated domain (computers/internet related). This is not about one country vs another. The problem is you cannot have a society with everybody winning on both fronts unfortunately. You also need people making, cleaning stuff, growing food, cooking, etc. Not everybody can live in the capital with "very cheap all electric state-subsidized rental car" and Vienna is probably not food self sufficient... | | |
| ▲ | rcbdev 7 hours ago | parent [-] | | > Vienna is probably not food self sufficient No, but Austria is. And our farmers enjoy much support through subsidies - from the EU and our own budget - and social protections, often having better and cheaper health care than most other Austrians, since they are insured under their very own social insurance law (BSVG), contrary to other employees (ASVG) and self-employed (GSVG). Farmers also enjoy very high levels of respect and appreciation here, even in Vienna. > While enjoying a high paying job in probably a still very unregulated domain (computers/internet related). Calling Information Technology an 'unregulated domain' in the EU when we're all busy implementing NIS2 regulation and preparing for the Cyber Resilience Act entering into force soon seems disingenuous. | | |
| ▲ | sunshine-o 7 hours ago | parent [-] | | > And our farmers enjoy very high levels of subsidies Yes, thanks. This was my original point "the agriculture sector hold by a string". It is by design unsustainable and if you cut those "high levels of subsidies" it collapses. > Calling Information Technology an 'unregulated domain' in the EU when we're all busy implementing NIS2 regulation and preparing for the Cyber Resilience Act entering into force soon seems disingenuous. Yes this is why I said "still" | | |
| ▲ | rcbdev 6 hours ago | parent [-] | | I do not understand what you're trying to communicate with "hold by a string" - we subsidize our farmers because we do not want to completely wreck our local agricultural supply chains just because food from, say Brazil, would be theoretically cheaper today. Another factor is that we actually have the ability to properly enforce quality standards if the food is produced within our jurisdiction. This is no different to subsidizing public transport, because having this infrastructure local and autonomous is just strategically important enough for the tax payer to finance it. Would you say that public transport in EU capitals is "holding on by a string"? |
|
|
|
|
|
|
|
| ▲ | direwolf20 11 hours ago | parent | prev [-] |
| > let every citizen use whatever computer they want. That's just not possible, or should the system be legally required to run on an Apple II? |
| |
| ▲ | seba_dos1 11 hours ago | parent | next [-] | | It should be legally required to provide enough interoperation capabilities for a compatible frontend to be written for an Apple II by whoever would like to do that, as the government can't be expected to write and maintain clients for every platform that's now in existence or that will be created in future. If only currently popular platforms are to be supported, how could a new platform join them in the future if the use of existing ones is mandated by governments? | | |
| ▲ | Avamander 5 hours ago | parent [-] | | > If only currently popular platforms are to be supported, how could a new platform join them in the future if the use of existing ones is mandated by governments? The viable solution for that is to provide a trusted hardware implementation that can be used with any computing platform that has a documented interface. It can't be a software-only implementation, basically. | | |
| ▲ | vslira 5 hours ago | parent [-] | | Glad you mentioned this possibility Countries have centuries of experience providing attestation services through notaries. Germany is even infamous for requiring them for things that would sound ridiculous even in Brazil (both movie and country) I can’t see why governments couldn’t incorporate this existing infrastructure into the digital world. Make them sell hardware ID wallets, enforce the real identity owner to be present to invalidate a previous ID or whatever, and add legal restrictions for the government not be able to alter these registries |
|
| |
| ▲ | jmorenoamor 10 hours ago | parent | prev | next [-] | | No, but it should be open enough to be reasonably independent of specific services and devices. | |
| ▲ | cocoto 11 hours ago | parent | prev | next [-] | | Simple, provide a simple API, let the community build the clients for the machines they have. | | |
| ▲ | direwolf20 11 hours ago | parent [-] | | That's antithetical to the goal of a secure ID. It has to be really impossible to get stolen, or as difficult as a physical card. If the ID is just a password, you can tell other people your password, and it can be stolen, and it can be cloned. Germany is a strict liability country, and you will be fined or imprisoned for anything that is done with your identity card that was cloned because your PC was infected by malware if you don't report it stolen. | | |
| ▲ | AlBugdy 4 hours ago | parent | next [-] | | > If the ID is just a password, you can tell other people your password, and it can be stolen, and it can be cloned. You can give your physical cards to other people or give them access to your computers, too. > Germany is a strict liability country, and you will be fined or imprisoned for anything that is done with your identity card that was cloned because your PC was infected by malware if you don't report it stolen. I don't see an issue with this. | |
| ▲ | inexcf 4 hours ago | parent | prev [-] | | And as we know it is impossible to give someone your physical card. |
|
| |
| ▲ | realo 9 hours ago | parent | prev | next [-] | | The problem to solve is trust. The technical solution is a hardware root of trust. This is typically a specially hardened chip in the device. A Trusted Platform Module (TPM). Your Apple ][ does not have a TPM. It cannot run software that can assess it's identity in a trusted manner. | |
| ▲ | 7bit 9 hours ago | parent | prev [-] | | You can make an argument without pulling it into the ridiculous, you know? |
|
