Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
colechristensen 4 hours ago

Social engineering as a problem goes away when anybody can get a model to do it for them for $5. It stops being possible, it's really the bank's problem when they can't have a minimum wage call center or a robot responsible for people's data.

p-e-w 3 hours ago | parent [-]

Yes. There will be a few high-profile incidents, and then institutions will be forced to stop performing administrative actions based on people’s word.

applfanboysbgon 3 hours ago | parent [-]

This outcome is massively detrimental to humanity at large. By eliminating the human factor from support, you make it impossible to get support in edge cases that fall outside of the pre-planned bureacratic process. Everyone already hates that Google can arbitrarily ban anybody they please with no way to get in contact with a human, and you want to extend that to banks in control of people's life savings?

hallway_monitor 3 hours ago | parent | next [-]

I don't think anyone is saying that. You will just need to be authenticated before giving any commands to the bank. Maybe some type of TOTP that you can use over the phone or in person.

applfanboysbgon 3 hours ago | parent [-]

That is the exact problem. You have identification tied to your device. Your device is lost or stolen. Now you can't access your bank account. Human support can help you out by finding flexible ways to ascertain your identity. This is the angle social engineers exploit, tricking employees trying to be helpful to abuse that area of flexibility. You can take away human judgment and all flexibility in the system, and that will make the system more secure, but it also results in a deeply uncaring system that makes life harder for people. Rigid bureacracy doesn't do a good job of accounting for a house fire destroying everything you own or your e-mail provider shutting down; these are fringe cases but they do happen and there are positive resolutions available as long as human discretion is involved.

DANmode 2 hours ago | parent [-]

No.

You don’t tie it to “your device”.

You tie it to your security key.

Which is treated like a credit card.

and your extended family, friends, or volunteers can act as social proof to allow you back into your accounts,

if your key burns up, it breaks and you were too cool to provision a backup, etc.

pesus 26 minutes ago | parent [-]

Credit cards are lost and stole all the time, and it isn't really a big deal when it happens, since charges can usually be easily reversed. This does not sound like the same scenario. It also doesn't account for people who lack friends/family nearby or at all.

> it breaks and you were too cool to provision a backup

If we're relying on the average person to back things up properly, this idea is doomed from the start.

DANmode 4 minutes ago | parent | next [-]

> If we're relying on the average person to back things up properly, this idea is doomed from the start.

The average person is relying on the average person, for everything, and I agree, they are doomed from the start.

Tech-related items inclusive.

DANmode 5 minutes ago | parent | prev [-]

Yes, you wouldn’t offer your private key to a random food truck.

Just new banks.

Same as people being unafraid of their car key being cloned - because they don’t hand it around the general public.

repeekad 3 hours ago | parent | prev [-]

> Everyone already hates that Google can arbitrarily ban people

Yet they’re still the predominate search engine, sadly the concerns of the few don’t interest monopolistic profit seekers without forced regulations, think how airlines are legally required to give refunds for delayed flights, there’s a reason it required legislation