You don't need to be thinking of any specific vulnerability to realize that putting the decryption key next to the data you're trying to protect is a dumb idea.
If for example a laptop like that gets lost or stolen, the attacker has the data and the key, in a box they physically hold, with no attempt limit, and unless they actively mess with the boot process, it will happily load the key into memory for them. If it's a discrete TPM the attacker can likely sniff the key on the wire. If that doesn't work, they just need to find a vuln anywhere in the secure boot process, or in Windows, and again, they have the key. And if that doesn't work, they could sniff the memory bus, or do a cold boot attack (again, with unlimited attempts unless they irreparably damage the mainboard/TPM in the process).
Nothing works on Android. Not even for basic app data. The biggest problem is keystore keys and e.g. bank authenticator apps tied to them.
AFAIK iPhone backups, if restored on the exact same device (i.e. a CPU with the correct decryption key embedded in it) will restore almost everything, including authenticator apps.
The only realistic option for Android is a separate "burner" device.
Aside from "moral outrage" style concerns ("AI is bad for the environment", power consumption, water consumption, or "datacenters benefit rich people, rich people bad, so datacenters bad"), I've heard of specific bad examples how datacenters (allegedly) negatively impacted the surrounding population:
- Noise (from fans to generators to possible infrasound concerns)
- Air pollution (from data centers semi-permanently running on generators)
- Electricity prices (although I don't understand how this is supposed to work)
- Water consumption affecting the population (water restrictions, price increases, water table dropping)
Many of these are one-sided stories told from the perspective of the residents that I didn't try to verify, but I suspect some of these concerns are legit.
The company building the datacenter has a lot of incentives to cut corners and/or cause some of these impacts, externalizing its costs (e.g. by saving money at the expense of noise emissions, running the DC on unpermitted gas turbines to be able to build a DC where there isn't enough grid, negotiating clever deals that benefit the company but screw over the utility forcing it to raise prices for others, using groundwater for evaporative cooling to make cooling cheaper, etc.)
The company building the datacenter also likely has a lot more experience while the people of the town and the town itself are doing this once, so there is an inbalance in experience that makes it easy for the company to get away with some of these.
There is very little benefit that the people of the area can expect from a data center - as I understand it, there are very few jobs in one past the construction phase, even the construction jobs are often filled with experienced travelling workers, and given the negotiation imbalance, a town seems likely to get screwed on any contributions that the data center promises.
Maybe the solution would be some kind of framework/organization that guarantees (ideally with binding, well tested contracts) that the datacenter won't be a nuisance, builds a reputation for being reliable, and in exchange, companies that work under that framework can expect quick approvals and less pushback.
Until that exists, or companies start offering guarantees up front (e.g. guaranteeing a certain power price or noise level), I'm not surprised that people push back (especially if the company building the data center has screwed up in the past).
All of these concerns are valid. But none of them are unique to datacenters.
A golf course uses a lot of water. A factory can use a lot of power -- and generate pollution. A chemical factory could have all kinds of externalities (if not properly managed.) Heck, switching to electric heat (over gas) or electric cars over ICE for an area will also drive up power usage.
But we don't freak out when someone builds a golf course or a factory or switch to electric.
We have rules about all those things. Sound is one: you need to be within reasonable limits. Electricity usage is another: power operators always need to manage their load and expand generation (that's why we keep adding solar and wind everywhere.) Air pollution is similarly managed.
I can understand if people are concerned about "infrasound" -- why not pass a law that regulates it -- like other noise limits?
Datacenters may have specific potential issues. But none of them are unique to datacenters. And we've been managing these issues for hundreds of years.
The challenge isn't buying it, the challenge is being able to do phone things with it.
Nowadays, you can no longer exist in society without a phone. Most things will work but it takes one critical service that doesn't have a viable workaround, and you're forced to buy (and possibly carry) a "mainstream" phone just for that.
Banking, government, authentication, postal service and public transit apps are just some of the common categories that will, in the end, force you to use one of those systems, unless governments mandate viable alternatives. The QR-code based recaptcha that's being introduced will be another brick in the wall.
As an individual, it feels like my options are to either submit or try to live a hermit's life, bringing endless suffering and exclusion to myself.
> Nowadays, you can no longer exist in society without a phone.
Fight this, fight it hard. It is not acceptable to have to pay a monthly fee to a giant corporation to participate in unrelated things.
I do have a cell phone (grudgingly) but I go way out of my way to never use it. I tell every business I only have a landline phone (which I do have). I will not use anything that supposedly requires a phone, give me an alternative or you're not getting my business.
While I don't have the full ethical commitment of RMS, I can be very obstinate and will push this hard.
This is the way! I do not have a smartphone. I print maps, use email, print boarding cards, do my banking and shopping with a web browser, pay with cash or a debit card.
I think people have been brain washed to believe they can no longer live life without being enslaved by a surveillance device.
Lost? Ask for directions. Need a map? Go to a hotel or a tourist center, or print one in advance.
The thing is, most people do want to have a smartphone. Either because living without requires an amount of effort they are not interested in or because they actually like using a smartphone for certain things. Personally, I like having the web and maps accessible from the palm of my hand everywhere I go.
So, the solution is not to suggest that people should not use a smartphone. That ship has sailed. I agree that it should still be possible to do things without for people that do not want to use one. But you are not going to convince more than a small percentage of the population to abandon smartphones.
Instead we should focus on making alternative smartphone ecosystems (AOSP can be a starting point) and getting technology that is used to shut out competition (e.g. Google Play Strong Integrity) banned.
Yeah, this whole discussion thread is essentially irrelevant to the underlying topic because of exactly what you said.
It’s just the typical HN humble brag thread about being present and owning no technology.
Awesome that these folks don’t own a phone and give their landline to businesses. I love that for them.
But I like my smartphone, GPS directions, digital wallets, streaming music, etc. I just don’t want it to be controlled by two companies. I want there to be a healthy market of multiple options including open source alternatives.
This for me has been achieved on my desktop and laptop but not yet on my smartphone.
Walking into a hotel lobby to get a map printed seems like a much greater surveillance risk than looking up directions on my phone. The cameras, the printer, the hotel staff, the other hotel guests; they’re all third party to your private information. Is that really any better than Apple or Google telemetry?
Sorry Pale but I doubt you are either James Bond or Edward Snowden. Chill out. I once visit Japan, and you get papers with full of information and maps where stuff line out the direction for you ALL the time... You see there are alternatives and in this special use case you even gain privacy by blending in with all the other crowd.
When you go on holiday, do you have to find an Internet café to print off your boarding pass for the flight home? Or do you select destinations covered by airlines that allow you to get a boarding pass more than 48 hours in advance?
They said they don't use a phone. You can do online check-in on any device with a browser. I'm sure you can point to a single airline that only offers it through a native mobile app but that'd be an extreme exception.
> Internet café to print off your boarding pass for the flight home?
You can print the boarding pass at the airline kiosk at the airport, at least in any US airport I've been to. I always do this.
As noted in a peer post I try very hard to do everything without a phone. I do have a phone but don't want to depend on it.
Boarding passes in particular seem very unreliable on a phone. I always have the paper boarding pass printed at the airport but for curiosity I check the phone app boarding pass. More than 50% of the time the phone app boarding pass hangs from bad connectivity while standing at the gate and I can't retrieve it. Fortunately I always have the printed boarding pass so that always works. Paper does not rely on internet connectivity so it will always be infinitely more reliable.
Pardon me but you could have in many cases have cached the data.
I honor your strong commitment. I most often use digital because "it's easier" for them. But not for me. Sometimes I make fun and use printouts of their digital system just for the lulz.
But back to cached data. Most often the mobil application catches data upfront and still be valid later even offline. Just as a reminder. Peace.
Which airline requires you to print your own boarding pass and won't let you on the plane without a phone? Now I haven't flown in years but last time I did, the normal procedure was to show up at the airport either with your printed ticket or just your reference code and ID, and either use a kiosk or talk to a person to get your boarding pass, and also to check in your bags.
Ryanair don’t charge you 55 euros, at least not from what I’m reading [1]. It’s completely free, at the airport, provided you’ve checked in already, which from my experience can be done up to 24 hours prior to your flight. Plenty of time to use a hotel computer, someone else’s device or find an internet cafe if you aren’t completely disorganised.
I’m not sure about Wizz Air, I’ve never flown with them and their website isn’t quite as clear as Ryanairs.
Because these two examples are tiny in comparison with the decrease in surveillance you will get, and the example you set for your fellow men, and just spreading the norm in society that ubiquitous surveillance is wrong and that we can live ethical lives without being slaves and chained to the government and corporations.
Undoubtedly having a phone would increase convenience in my life. I’d also have to go to work more to pay for it which would seriously inconvenience my snowboarding time.
I’d also spend more of my life staring at a small device instead of talking to people or just enjoying the trees, mountains and rivers.
Here in France, my bank won't let me 2FA into my account (i have to physically go to the bank every single time i need something), and i can't get car ownership papers for a car i legally bought from the registered owner 2 years ago due to the administration closing down 100% of their offices in favor of online forms (tried the online forms many times, as well as registered letter to the headquarters).
This anecdata probably says more about french techno-fascism and politics of destroying public services than about how phones have somehow become mandatory because of society evolving in general. I'm still very happy not to have a phone.
Or pay for parking in many european cities. So I guess you are not forced into a hermit life as long as... you are already happy with your hermit life.
I live in a small town. There is no uber or Lyft, or QR code parking. I ride my bike a lot. Snowboard nearly everyday in the winter and there is cell service in the mountains.
I lived in mega cities for 10 years, I’ll never do it again.
Call in hermit life if you want, I call it the simple life where enjoyment and happiness are the priority
US cities as well, now that you mention it. Open lots often require scanning a QR code to pay. They watch cameras and tow your car very quickly if you don't.
Maybe the reason this guy gets away with not having a smartphone is that his friends use their smartphones for him whenever things like this pop up?
It's mind blowing that we've allowed the development of a de-factor personal ID device absolutely controlled by an oligopoly of two private corporations.
Do people realize that this means either of these companies, since they can remotely turn off your account or device, can deplatform you from society including from many government services?
It's an astounding amount of power we have simply ceded to these two companies.
> It's an astounding amount of power we have simply ceded to these two companies.
We didn't do it, our representatives did it for us, mostly unaware of what they were doing and still without a clue about what to do with whatever they've created. No they can't, and they won't, academia BS isn't helping anyone either.
I know you are not going to like it, but it started when they took our guns. Now they took our jobs. Next is unified minimal global personal tax (seems to be decided at 30%). On unrealised capital gains. And phones? That's a smoke screen for you to look other way. (And to watch you all the time too)
> Nowadays, you can no longer exist in society without a phone.
Is it the phone or just the mobile operating system? I do most of my phone stuff on a tablet that I keep at home - where it's safer. I am currently using an Android phone (without an account) for GPS, phone calls (contacts), internet, games, email (alternatives to google), etc...
But for those critical and sensitive apps (banking, etc)... I consider those to be too dangerous to be walking around with.
So any phone will serve (I can wait to get home to check email for example).
That doesn't solve for services that by definition need to be accessed on the go, e.g. public transit, parcel pickup, luggage lockers, rental bikes, restaurant menus, paying for parking, etc. (some of these may not mandate phones in your area yet or may allow mobile web alternatives, these are just examples where I've seen strong pushes towards apps or at leas in many places).
This is the way. Don't go, or if you don't know, ask for a menu, if that does not exist, ask for a phone from the staff. Have used all of these methods with excellent results. The restaurants wants to sell, they will find you a menu or a phone.
On the occasions where I've been to a restaurant that tries to pull off the QR nonsense, I just ask for a menu, I tell them I don't have a phone.
I've yet to see one where they can't find me an actual menu. If it ever happens, I'll walk out and be very annoyingly loud at letting them know why they lost my business.
Pushing for your rights isn't always pleasant, but it's important.
I hate when people respond like this, I recently did three months with a dumb phone to attempt to get away from iOS/Android in a major US city and it was impossible. All of the things that made it impossible used to be possible without a smart phone, but they aren’t anymore and they’re not magically back when you try and navigate life without one.
Things like paid surface parking lots. Used to you could pay at a machine or a lot attendant, well there aren’t attendants anymore and few people use the machines so there isn’t enough incentive to fix them when they’re vandalized.
Some restaurants have printed backup menus but some straight up don’t. Printing menus costs money, why spend it if they don’t have to?
Digital signage that tells you how far away transit is, whether there are currently adjusted times, etc. is a lower priority now that everyone has maps in their pocket that track the transit in real time.
Showing up to a concert early to convince the ticket window to give you a physical ticket for a digital only event, and then they want email proof or to visibly see an app on the smartphone that is glitching is ridiculous.
The list of tiny cuts goes on and on. All of them worked without smartphones but the incentives flipped and now you can’t escape and you don’t realize the backups are gone until you try it for a while. It sucks.
We'd need regulation for that. Either a mandate that the digital option is optional, and services must have an alternative means, or a mandate that any app based service also has an equally viable mobile web option, making the app optional.
Tbh I see no reason why all of that couldn't just be a website instead of a native app. Menus should just be a website, transit should still be offering physical metro cards, the lockers & bikes could just as easily be a website.
Folks on HN won't like this ida but quite frankly I'd go a step further and have a mandate that services like these must offer an API for the public to use in order to bring their own app/solution. It'd be nice to not be limited to exclusively first party options. How ridiculous is it that there are so many different pay for parking apps, when if all of them just offered an API I could roll my one all in one parking web app, etc.
I'd even pay a subscription, like many of these services offer already, for API access instead.
I refuse to believe that's true. That they were denying Dorothy (92) from going through customs because she couldn't use an app. That's an extraordinary claim.
If they weren't denying Dorothy, that means you did not need an app.
From what I'm reading, non-users weren't and couldn't have actually been denied entry. It wouldn't have held up in court either. They could be made to quarantine.
No, but you will likely be inconvenienced to a similar level as losing your house keys, and lose access to important services. You won't immediately die, because most people can survive for quite some time on nothing but questionable river water and a piece of cardboard under a bridge, but there is a difference between survival and existing in society.
You can exist, but life will be as inconvenient as it was in the 1990s (though importantly, it didn't seem inconvenient at the time, it was just the way things were).
That's not true, because in the 1990s there was no presumption that everyone has a major-vendor smartphone. Now, the ways to do things without a smartphone are often disappearing, so things are more inconvenient. For example, ticket machines and printed schedules for public transit are going away in many places.
I don't have any usable public transit where I live but the place where I'm familiar with it is Chicago and all the train stations have ticket machines. Bus stops no, but you can pay on the bus with a payment card, transit card, or an app. Cash fares are no longer accepted for some time.
I miss the old tokens they used to use. So simple, anonymous, easy to share with traveling companions, though could be annoying when you ran out.
I disagree. You cannot even book appointments in a lot of banks today, a thing you could do in the 90s. Like that, a lot of services are unavailable without a smartphone and its non-smartphone equivalent is not available anymore.
1. I don't know any bank that does, but in any case voting with your wallet is always an option.
2., 3., 4. Voting with your wallet once again.
5. That would be illegal in many jurisdictions, some countries even have a centralized systems for doctors to upload documentation (that you access using your ID as an authentication token).
6., 7. Unless the employer provides said smartphone, that would be illegal to require in most countries.
8. Vote with your wallet, also all such airlines can print a boarding pass for free if you do the checkin on the website.
Half of the voting with your wallet are blind to the fact that you can't vote anything else.
My village has one football team, not N. There's one burger place, not two.
For the rest, appealing to legality is pointless, I ain't bringing my family doctor to a tribunal over this, this is real life and me being petty for not wanting to use a phone. Being right years from now is beyond pointless.
epolanski@ is, unfortunately, right. You may try to "walk away" if you are not interested in the end result. If the fact of walking away for you is more important / feels better than actually doing what you came for. (And don't get me started on how girls look at you when you start fishing for petty change in your pockets - that seriously limits your dating pool LOL)
As someone with a long term partner who shares my use of cash, at least for some things, you don’t want to date people who look down on you for your choice of payment. Red flag. Waste of time.
Have some self respect. Don’t date people who aren’t mostly aligned with your values.
I know this was a joke, but if you’re having trouble meeting someone who shares your values, maybe try looking in different places than you would expect (they don’t have to share your interests, that’s less important than you would think as long as you can bend to each other) or reevaluating what you think your “type” is. Many people chase a certain type of person, and only after they end up with someone totally different do they realize that their attraction to that type was some kind of pathology, perhaps replaying trauma from childhood.
I recently skipped a concert at the YouTube theater in LA because my phone is too old for Ticketmaster or Hollywood Park apps. Even though you can go and buy a ticket at the box office they have to send you the ticket to the app. No option to print it or any non-app way.
"You can check in on the Ryanair.com website or on the mobile App"
"If you checked in but cannot present your boarding pass on the app when you arrive at the airport, you will receive a free of charge boarding pass."
(This it is more difficult as their appears to be even fewer staff around than before)
Also:
"You can check in for your flight at the airport, but you will have to pay an airport check-in fee per passenger to cover the extra cost of the airport check-in service. Please see our Table of Fees."
I flew with RyanAir several times after they introduced a "mandatory" app boarding pass, never had problems with check-in agents just printing the boarding pass for free (after doing the web check-in). Had to pretend my phone died once, in all other cases they just printed the pass no questions asked.
(Depending on whether you mean "can't exist without a phone" or "can't exist without an Apple/Google monopoly ecosystem")
3. you don't need an Apple or Google account to scan a QR code and open a web page.
4. Why is it "scam" pricing? You're getting a discount from giving them your information with an app. Like Kindle charging more to remove adverts. Dislikable, scummy not scammy. (i.e. they aren't taking your money and providing nothing and then disappearing).
6. I think in the UK / Europe the employer would have to provide your fiancee with a company phone so she could access her workplace, and could not legally require her to have a personal phone with an employer managed/controlled app on it.
7. Does Google/Apple authentication require a Google/Apple app? I see "sign in with Google" on web pages on my Windows desktop. Google Authenticator app is a fairly standard OTP passcode app which can be done in many other programs, password vaults and browser plugins.
Last year I could check in on their website, but needed the app for the boarding card. They might have changed that, but that article doesn't make it clear.
First and foremost: I'm sorry for you. Living in a participation-dictated-by-app hellscape sucks. But most people only realize this when the magical one or two steps happen that force them to "touch grass".
With regards to specific points that match with my reality:
> "My fiance's office badges are smartphone-based. You cannot enter otherwise."
I worked for a company where that was a thing. Easy fix: They issued me (and others) a smartphone for that. And that slab never left the workplace either; I fetched/returned it before/after my day by notifying the security desk.
Everything else on your list is either irrelevant or unnacceptable to me, or simply illegal where I live.
You would be PIP'd next week today. Nobody is dealing with that anymore. Is it suppressing our rights? Yes. Absolutely. And it will get worse. And no, people will not revolt. And you will be left behind, on the other side of the gates, after all your team has gone through. Happy to do it? Rich enough to do it? I'm not ...
> 3. Half of restaurants in my area do not have non-QR code menus, they just don't.
Not knocking this list, the shit is real. But I just had a lovely imaginary conversation with a server asking them what they would recommend and then trying something brand new.
When I go to a restaurant that has QR-only menus, I won't make a scene about it, but it lowers the mental rating I give the place and I'm less likely to return.
Joke's on the server. The robot that will replace their job soon will be more than happy to regale you with any hallucinated information you would like about the subtleties of the menu.
This might be country specific? Specifically dependent on laws in the fields of consumer-protection and keeping things universally accessible.
I don't own a smartphone. I have never owned a smartphone. There are inconveniences, and big organizations definitely try to push you toward the way of doing things which has the lowest costs for them - but there are no actual blockers. There is always a path involving actual humans, and regular phone calls (or emails or paper forms).
Reactions tend to be wistful variations of "I wish I could" or "but how do you?" - and it's really always about the most trivial inconveniences.
To be honest, I never tried, but I see for example the removal of more and more procedures in person. In Spain where I'm from or Switzerland where I live it can be still manageable, but in the Nordic countries for example everything is digital and even cash is barely existent. A lot of payments are made by phone apps only.
I am from Nordic country. I did not use any cash, had no wallet for several years. It's not needed. After the US government acting like it does I mostly stopped using cards. Like with phone OSes a US-controlled duopoly.
Cash does not to need to be used anywere, but cards can be avoided for weeks until I need to use it again. Most can be handled by cash or bank transfer without problems.
For phones I have not any Google Android or iOS until a year ago. Nowdays I have a Google work phone, but it's always in flight mode except when a pay my lunch subsidized by employer. I type this comment on my Sailfish device and I use a degoogled Android. Can cause minor inconvenienance occasionally, but rarely enough to turn on my work phone.
Sorry, I should proof-read my comments... Can't edit it anymore
It is not necessary to use cash anywhere because cards can be used really everywhere.
But if you don't want to use cards, it's still possible to avoid it for weeks in row. You can pay cash at most brick and mortar places and by bank transfer at most online sites.
Not my experience. I'm in the USA, and there are still bank branches everywhere, I'd say as many as ever and new ones are being built. In fact within a mile of my house the finishing touches on the latest new one (full remodel of a former restaurant building) are just about done.
> I'd say as many as ever and new ones are being built.
That's an amazing difference compared to the UK. My local town had 5 bank branches ten years ago, now there are none. Until 2 weeks ago we didn't even have a cash machine; fortunately there is one now. It is something that has rapidly changed in the last 15 years.
You should be able to do all that from a computer at home right?
The times I needed to do serious banking on the go are limited. Yes convenient, but replaceable with a 10 minute session at home using my Firefox or similar on Linux.
Why does this permeate the HN all
the time. You can 100% function without a fucking smartphone. My Dad doesn’t have one, he has zero-to-no trouble going to the bank and paying his bills and just about every other imaginable thing. If there was something he could not do and there were repercussions for it he’d be calling an attorney to rectify the situation. It is crazy to keep reading this over and over on HN, so weird
It's a bias, an in-bubble illiteracy effect, concerning the perception and analysis of realities (e. g. experiences) outside that bubble, mirroring an in-group's projections about an out-group. It is, in my decades of experience, a very common phenomenon in the IT sector.
> "My Dad doesn’t have one, he has zero-to-no trouble going to the bank and paying his bills and just about every other imaginable thing."
So far, that holds true for me as well (Germany).
> "If there was something he could not do and there were repercussions for it he’d be calling an attorney to rectify the situation."
The crux: the increasing friction brought on by rising technological entry barriers. In Germany you have at least the non-exclusion principle of Teilhabe (lit.: participation) which gives certain guarantees. But such achievements of democracy are continually under fire.
> It's a bias, an in-bubble illiteracy effect, concerning the perception and analysis of realities (e. g. experiences) outside that bubble, mirroring an in-group's projections about an out-group. It is, in my decades of experience, a very common phenomenon in the IT sector.
I (also German) have the impression that people who work in the IT sector are often much more critical of surveillance methods (including smartphones) than the average citizen.
And hopefully it stays that way in Germany. A state and its essential-to-life institutions and businesses (which includes cultural participation) need to be accessible to everyone. That includes people who don't own a smartphone, for whatever reason.
Nordic, works just fine, i only have an HMD 'Nokia' non-smartphone (i detest capacitive touchscreens, and my previous ungoogled qwerty android phone broke,
waiting for my next one to arrive in 2026-12 or thereabouts).
No QR-code-only restaurants that i have seen, and i would walk out without a word if that happened (even if i had a device that can do that). Bank does 2FAs second part with an SMS, first part is username, password and an otp code from a paper. Bank login is also a very common way of logging into governmental systems, but those only use the username, password and otp code, skipping the SMS, alternatively i could use an id card with a reader, state provides even Linux software for that.
The housing companys winter car engine heating sockets operate with an app, or alternatively just opening the lid and setting the timer yourself.
Additional data point: my dad, when he was still alive (-2025), had a smartphone but wouldn't use apps beyond facebook, did his banking by mailing in signed bills or at the bank in person, without an appointment.
Technically, sure you probably can spend a large amount of time, energy, and money to find alternative non-smartphone ways of navigating through modern life.
Practically, you need a smartphone.
Engaging an attorney != practical
That's the thing. The larger amount of time, energy, and money we spent on doing banking in the 1990s was real. The web, and then mobile apps, made a lot of that more convenient. But it's not impossible to live the old way. You can still write paper checks, go to the bank to make a deposit and get cash, etc. It used to be normal, everyone did it, now it seems extremely inconvenient for most people.
Both because a dwindling minority of people do old things the old way; and because new things (eg Netflix and Uber) are designed for the new way, even if they don't absolutely require it.
"You can still write paper checks" – greetings to our US brethren! :-) In EU you will meet a girl at the counter who can operate only bank "tap on" terminal and have no idea how to print anything or where the website is. Why? She doesn't care. She is paid same money if she does or doesn't. Wnant to complain? Here is the feedback form (QR code) ... Manager? She is ...
> The larger amount of time, energy, and money we spent on doing banking in the 1990s was real. The web, and then mobile apps, made a lot of that more convenient.
I wouldn't say so: when I go to the bank, I often combine it with grocery shopping, which I have to do anyway. So doing banking the old way is hardly an inconvenience.
In Portugal you have to do that at the bank terminals, otherwise going to the counter implies paying a services tax, depending on the kind of customer one happens to be.
Yeah, and lot of people assume that something doesn't exist because they aren't personally aware of it. Quite often there are people who are willing to serve those who don't make mainstream choices. Other times, it means that you simply have a different lifestyle from the mainstream. There's nothing wrong with that.
It's crazy that you're so insulated inside your own bubble and close-minded not to realize that the degree to which smartphones are required in daily life differ massively across countries, and HN is a global place. The places where your dad would have trouble going to the bank and doing "every other imaginable thing" are real and exist. You're just not in one.
> the degree to which smartphones are required in daily life differ massively across countries, and HN is a global place.
In some countries people are willing to fight much harder against being coerced to have to use a smartphone. The message should thus rather be: follow their example.
Yep, many older people right now don’t have a smart phone and never will.
As long as some younger people stay that course we should be fine. Hopefully we’ll see an increase of dumb phone adoption in a growing cohort younger adults. But the FUD spread in threads like this actually spreads misinformation and makes that less likely to happen
And those older people frequently have to ask someone in their life who has a smartphone to assist them. They still need a smartphone to manage modern life they just don’t happen to own the phone they need.
Because the real complaint isn’t “it's impossible to live without a smartphone”, it is “I want all of the conveniences of a smartphone without having one, and I want every business to cater to the small minority who don’t want to use a smartphone”.
It’s like complaining that it’s difficult to travel to another continent if you don’t want to fly. I want to go from LA to Paris in 12 hours without getting on a plane!
I dont have a personal smartphone (I do have a pile of them in my office for testing software I make) but I dont use one myself. Its fine, I can do my banking and whatever. I live in Ireland.
Inconvenient? My life is super convenient. No stress, deep thinking and deep work, super focus and concentration.
What I would find inconvenient is to be like the smartphone zombies around me, adicted to their phones, restlessly doomscrolling with dead eyes, feeling empty inside.
Print some stuff from time to time or arguing my way through tickets offices is a small price to pay for not being enslaved to the IT-machine.
>you can no longer exist in society without a phone.
I do just fine without.
But certainly there are additional challenges. In my city, for example, there has been a massive shift towards phone-pay parking... which excludes my paying for it — still waiting for my citation (to challenge in court).
Carrying my pager with me is the only reason people will pretend-believe I'm actually phoneless. Many have never seen beeper technology, its one-way advancedness.
> Nowadays, you can no longer exist in society without a phone.
millions of people would like a word…
> Most things will work but it takes one critical service that doesn't have a viable workaround, and you're forced to buy (and possibly carry) a "mainstream" phone just for that.
Absolutely not, if there is “critical service” that requires an iPhone or Android you call an attorney.
> Banking, government, authentication, postal service and public transit apps are just some of the common categories that will, in the end, force you to use one of those systems, unless governments mandate viable alternatives.
There are now and there always will be alternatives
> As an individual, it feels like my options are to either submit or try to live a hermit's life, bringing endless suffering and exclusion to myself.
As an individual you can and should fight any system that forces you into buying a smartphone. Alternatives must exist even if they might be “incovenient” (e.g. have to do it browser vs. via some “App”)
I disagree, because the impact on my quality of life from fighting the fight is just not a level of sacrifice that is sensible.
> There are now and there always will be alternatives
The problem is that those "alternatives" often come with serious downsides, from higher cost, to massive inconvenience, to having to work around simply not having a service. And while most of the time it's possible to work around it, most people quickly hit the limit where the cost isn't bearable.
> I disagree, because the impact on my quality of life from fighting the fight is just not a level of sacrifice that is sensible
Interesting. I feel then that if this is the case we cannot complain then, no? If the fight is not worth fighting (I think that it is) than complaints about it are pointless (for the lack of a softer word…)
you have an example where you are forced to use a mobile device? genuinely interested cause while I have a smartphone I don’t have hardly any “apps” on it (on my iphone all the “apps” are on the first “page” (without grouping). I do not like the idea of losing a phone and potentially someone getting access to my entire digital life (my phone password is 6 zeros) and I genuinely do not use phone for anything important
HMRC in the UK / multiple Government Portals. Have you been to India (Air tickets)? Or China (Wechat/Alipay QR codes or you go hungry)? And see my example above regarding US woman at Hilton in Rome.
I would immediately change my mobile service provider, this is an easy one and choices are plenty. financially as well, you can save yourself a lot of money if you have a cadence for switching providers
It’s always been the case. In previous eras people were “forced” to use mastercard / visa, Windows, AT&T, Western Union, East India Company, Templar bnking, etc.
I am not remotely defending the situation, past or present, just saying it’s a recurring theme.
> Nowadays, you can no longer exist in society without a phone
Hyperbole much.
I’m a 44 year old software engin, I don’t have a phone. Have never had a smart phone, haven’t had a dumb phone since 2015.
Some things are annoying, for example, I have to keep pushing my bank to let me use email not SMS. Going somewhere new I’ll look online on my laptop and jot down a few directions on paper.
That’s about it.
I snowboard and hike and hunt and camp and fish, no coverage doing all those anyway, so much of my life when not in a house with a laptop I simply don’t need or want one.
I'd wager the majority of people on this site could afford $100-$200 for a separate phone that's solely used for apps that mandate Google/Apple services. As a bonus, using the "mainstream" phone with only those apps increases security, compared to having your banking apps on the same phone as other random apps.
"As an individual, it feels like my options are to either submit or try to live a hermit's life, bringing endless suffering and exclusion to myself."
Classic "all-or-nothing", "black and white" HN comment
No middle ground. Two extremes and nothing in between
In the real world, few people think this way
Not only that, but it's common today to have more than one computer
There is no shortage of HN comments that keep claiming "banking apps" as an argument against any alternatives to using a single phone running a corporate mobile OS _for everything they do with a computer_, not just banking. Feels like a meme
These people must do a lot of banking on the go in places where laptops, for instance, cannot travel. If so, one wonders why not just have a phone dedicated to mobile banking
This probably depends on location, but generally, you cannot log in to your bank account on your laptop/computer without using your phone's banking app for 2FA. That's the status quo among banks.
Whether it may be possible to convince a bank to give you a hardware token instead if they even still make them is not an assured thing.
> you cannot log in to your bank account on your laptop/computer without using your phone's banking app
Where is this?
I have lots of bank accounts, probably more than most people. Three local credit unions, Fidelity, Schwab, Chase, BofA, Citibank, Barclays, two local area banks, and two international banks. Plus a few lesser known ones for 401k/IRA accounts.
I have never installed any bank phone app. I do all my bank interactions from my desktop via Firefox.
MFA is a requirement of the revised Payment Services Directive (PSD2) in the EU and many banks use their apps for authorising online card payments. Its also common to use apps as 2FA for logging in to online banking or making bank transfers.
There can be alternatives in some cases (some banks offer code generating card readers, for example) but for personal accounts in particular, it would probably be difficult to operate without banking apps.
galvin@ is right. I +1'd that.
Regarding banks ... try HSBC. (I know, "I can always use another bank". Thanks. I happen to be Premier only at HSBC ...)
In Singapore, the largest local bank, and three large overseas banks (Citibank, HSBC and Standard Chartered) all require my to be near my phone to login. However, I haven't tried just saying I don't have a phone from the beginning. I know they used to have physical security tokens, perhaps they still would have provided one if I had insisted.
In New Zealand, I've only come across one bank that requires you to provide authentication from your phone (Rabobank), and in Australia I have less experience, but it's not universal either.
I have several accounts in different banks (across two different countries) and never had problems with using SMS as a second factor for internet banking. Definitely not status quo, at least in Europe.
I'm in Europe and my bank (and most other banks in the country) only still allow existing TAN authenticators until they break or run out of battery, but only support 2FA with their app going forward.
Interesting that you mention Europe, because if I remember correctly, at least in Germany, all banks that I'm aware of dropped SMS support when PSD2 was introduced.
The are people who dislike using Apple and Google smartphones
HN replies often try to reframe this problem from
(a) "How do I avoid using an Apple or Google smartphone" for whatever reason^[FN1]
to
(b) "Banking apps do not work on non-Apple, non-Google" smartphones
or
(c) Apple and Google smartphones need to become likeable, e.g., by pleading with the companies, petitioning the government for regulation, etc.
FN1. I have not seen any HN comments that suggest anyone is concerned about _using a banking app_ on an Apple or Google smartphone. What I have seen are comments that suggest Apple and Google smartphones are unsatisfactory for _other reasons_, such as being "locked down", "not an open platform", "privacy" risks, "security" flaws, etc. The non-banking uses of these smartphones are what cause concern
The problem (a) can be solved by choosing a non-Apple, non-Google smartphone, `i.e., a smartphone running a non-Apple, non-Google OS, or, better yet, by choosing a different form factor running a non-Apple, non-Google OS, _for non-banking uses_
There are some commenters who obviously have no intention of avoiding Apple and Google smarthones _where possible_. They will keep using these smartphones for _everything_, not just online banking
On that "lot of banking on the go" ... here is the story. I witnessed nice and very well mannered US woman at Hilton in Rome. She was red and her hands were trembling. She tried all her 5 US-issued CCs – none worked. I felt bad for her, so we sat on the sofa. We installed one of the online FinApps (W...e) on her phone. She used her bank's app to transfer money to W...e account. Generated online Mastercard. Added to apple wallet. Beeep. Room paid.
Good luck without those apps and mobile phone.
What is the unique selling point that it has over Matrix?
Matrix addresses have a similar format, anyone can run a host, open protocol, domain ownership, interop... Threaded messages are supported AFAIK, the details of the crypto will be different but overall it feels like it is close enough that a new protocol will have a hard time having enough advantages to overcome the huge network effect (Matrix being one of the few open messengers that actually have some following already).
You're absolutely right to pick up on that, I did study the landscape and Matrix is closest.. biggest difference is fmsg is just messages - group like chats evolve naturally in the threads - but to get a message someone has to send you one. Group messaging platforms like Matrix, Rocket.Chat etc have concept of rooms/forums/channels i.e. groups, then have HTTP APIs to manage membership and sync messages.. fmsg just messages someone has to send you
Also fmsg being its own protocol can do novel things like to auto challenge during sending back to sender - can't do that with HTTP
I hate this trite and the managers that say "don't bring me problems, bring me solutions" nonsense. I'm not the person to be able to fix it so the solution is make the problem known so others responsible can fix it. If I could fix it, I wouldn't be telling you about the problem. If anything, I would tell you how I fixed an issue in some stand up or other of the many meetings scheduled keeping me from working.
There are many issues with those, like the wildly different standards of living across the globe. OTOH anyone can acquire Monero if they want to. But someone from a rich country will likely be able to pay for more fake accounts/visits than someone from a poor country. With the ad market the difference between where the visitor is from is very important. Some ad clicks may cost a dollar if they're coming from a rich country and 0.01 cents if they're coming from a poor country.
I'm not suggesting cryptocurrency micropayments for accessing the web but it's on par with PoW in that it only requires money, not privacy.
Perhaps the way forward is for people to wake up and stop visiting sites that infringe on their privacy.
>Proof of identity in theory can solve the problem but at the cost of privacy.
All current implementations: yes. I do think there are some privacy preserving solutions, but they're obviously imperfect. But assuming you have a central authority that can validate and sign valid government identification, it seems like some sort of ZK scheme could allow one to verify that they have a valid government issued ID, but without disclosing which one it is.
I still don't love the idea, but it sure seems better than everything else I've seen proposed.
From what I've seen no such solution guarantees privacy to the user if the signing body (or the government) and the website collude to deanonymize the user.
Can you elaborate on how that would work exactly? What would the flow be - which party would request what from whom? Would there be technical assurances that no list is stored by the government?
His solution is don't. Why would you? In fact, if you don't block the script that's running on one computer, the script operator won't need to run it on a botnet.
I don't know RMS's solution to spam or DDoS which are the real problems.
Because controlling a large number of accounts can allow you to manipulate the algorithms on Web2.0 websites. For example, this one. If you don’t combat spammers the front page quickly gets filled up with garbage.
"Heat pump" can mean many things, from essentially "split A/C" (air-air heat pumps) to ground-source heat pumps, using floor heating for the output, warm water production from the heat pump, etc.
Another big problem is NIMBYism and ideological opposition to air conditioners.
Installing a heat pump can require (city) permits, permission from your landlord (if renting) or HOA/condo association (if you own a flat in a shared building) which can either be or feel impossible to get.
Some cities have either actually or de facto (through requirements/regulations that are impossible or unaffordable to meet) banned air conditioners, resulting in people buying inefficient monoblock units that can't be used for heating.
Edit: Other regulatory hurdles come from rules about refrigerant handling. Refrigerant must only be handled by experts who are certified in proper handling and recovery (and who, of course, are now in high demand and charging princely prices for their work). This made a lot of sense in the times where 1 kg of refrigerant had 10 tons CO2e in global warming potential, ozone depletion potential or other dangers.
Nowadays, a skilled layperson can probably set up an air conditioner with quick-connect couplings by themselves, but they aren't legally allowed to. These cost something like 500 EUR, contain less than 1 kg of R32 with a GWP of 675, so let's say 500 kg CO2e of harm if it leaks. If you passed a law that landlords cannot prohibit installation, and any electrician that passes a quick online training can install them, you could have them all over the place very quickly.
These could then be used for covering some or all of the heating load in winter, but they'd also alleviate suffering in summer, and that's luxury, and we can't have that (especially as it uses energy to provide the "needless" luxury!)
If for example a laptop like that gets lost or stolen, the attacker has the data and the key, in a box they physically hold, with no attempt limit, and unless they actively mess with the boot process, it will happily load the key into memory for them. If it's a discrete TPM the attacker can likely sniff the key on the wire. If that doesn't work, they just need to find a vuln anywhere in the secure boot process, or in Windows, and again, they have the key. And if that doesn't work, they could sniff the memory bus, or do a cold boot attack (again, with unlimited attempts unless they irreparably damage the mainboard/TPM in the process).
reply