The problem is the lack of centralization - there should obviously only be one issuer of this ticket and thus just only one website / app to keep bug free.
Lack of centralization is one part of it (see also: communal digital services), yes, but the complete lack of standards and guidelines is also a massive issue. I tried buying a Deutschlandticket from the DB Navigator app a while back, and immediately ran into some issues:
- they only take credit card, probably because of the massive SEPA fraud they've had happen
- they require id verification with a third party(!), which then only supports the e-perso(!!) or video ident(!!!), which they could've just used the actual PostIdent service for, which would've provided an alternative for non-smartphone-havers / people who'd rather not have their ID and face recorded by some Eastern European company until the end of time
- their entire authentication system was down when it came to actually purchasing
buying from my local Verkehrsverbund was a single tap in their app instead, with no id verification whatsoever. If DB's offering were the only option it would be an absolute travesty.
The country that lived through pervasive mass state surveillance by secret police for 40 years is unsurprisingly quite cagey about digital centralization of records, even so many years later
Germany has a tendency to wish something into existence with a law, and stop there. No guidelines, no tools, no enforcement. Often not a thought about feasibility. Nothing past the press release.
Sometimes a law will be in effect for two or three years and virtually no one will even know about it. Recycling electronics in supermarkets? Nope. E-Rechnung mandated for all B2B invoices? In your dreams.
I work at the other end of the spectrum, reducing friction for new immigrants to Germany. I find it especially frustrating. I could explain how things should be, but it would be pointless when reality is far more disappointing.
It looks like another system made by politicians to check a box on a list. "Digitalize" is not a purpose, it's a solution to a problem, but for many politicians it's a checkbox on the list of political promises and empty words they sell.
Also in Europe excellence is not rewarded. Nobody become a millionaire by designing and building great IT systems, there is no SV salary to attract and motivate talents, so we are drowning in mediocrity and when the governments are making systems, barely delivering something is the norm. The quality of requirements is very low (who will do better?), the deliverables are either from the lowest bidder or from the party in power friends, depending on the country and project.
Is there a similar ticket, flat for 50 Dollar per month, that takes you through the US? I wonder who pays for the real cost of the ticket, who cleans and repairs the trains, who invests in infrastructure and all that. I always wonder how the germans can pull this off for 50 Euro. Magic.
> I wonder who pays for the real cost of the ticket
Everybody already has local regional tickets anyway. And most people can't be in more then one place at the time anyway. And most people stay in the same region most of the time anyway.
So really you are not losing much compared to having separate local region tickets in a system where the long distance trains are separated.
> who cleans and repairs the trains
The already existing organizations that have run the trains for a long time.
> who invests in infrastructure and all that
The government ...
> I always wonder how the germans can pull this off for 50 Euro. Magic.
Its not magic its just a transportation policy and taxes.
Everybody already has local regional tickets anyway. And most people can't be in more then one place at the time anyway. And most people stay in the same region most of the time anyway.
I live in Rostock. So if I want to go to Berlin or Hamburg (you know, where stuff like actual airports are) I am crossing "regional borders" even if it is a 200-250 km trip to each city
On the point of the upkeep, locals know German trains are now legendary for unpunctuality and cancellations, so maybe it's not working. But the answer is obviously (trigger warning for the libertarians...) taxes.
The ticket came about because energy prices went crazy after their energy dealer Putin went crazy and warry, I think it was an attempt to motivate people to take public transport rather than have them moan about fuel prices going way way up...
This does not matter much, since most people do not travel across states, countries, continents, etc on a daily basis. Most people probably travel within a 50 km (30 mile) radius (travelling to and from work, daycare, school, shopping, etc.).
iirc, the average is slightly higher in the US, but this is probably more due to how the US has approached urban planning over the last century or so than to the size of the country.
> But the answer is obviously (trigger warning for the libertarians...) taxes.
I think many people forget the huge societal cost of owning and running cars, including infrastructure maintenance, crash-related deaths and injuries, health conditions caused by crashes, air and noise pollution, climate change, resource extraction, and time lost in traffic. In other words, the savings from reducing these social, health, and environmental costs could easily finance the ticket. A study estimated that a modal shift of 10% to public transit could save Germany about 19 billion Euros a year (https://foes.de/publikationen/2024/2024-04_FOES_OEPNV.pdf).
fyi regional trains (which the deutschlandticket is valid for) are very punctual, it is the long distance/ICE trains that are always late/broken, and you cannot ride those with thw deutschlandticket anyways.
Uh, I received a call from my credit card company saying that train tickets were bought using my card in Germany. I told them I haven't been in Germany for the last decade, and was issued a new card.
So at least your credit card issuer (presumably) actually has a working fraud department.
In the private sector, fraud detection is often heuristic based. So this was probably flagged because you didn't buy German railway tickets in the recent past and maybe even you didn't buy anything else in or near Germany.
I remember years ago getting a decline on a credit card transaction to pay for one of my ISPs, and then hours later a phone call. My bank apparently didn't understand (yet, this is years ago) that ISPs are like, not necessarily physically nearby and so since the ISP is on another continent and I had no other nearby transactions it was flagged as likely fraud.
There's a summary directly below the video (though its not a very good summary). Basically, it's easily to generate valid tickets with fake bank credentials, which then get canceled later (but after already being resold).
Transit companies are pretty bad at PKI infrastructure and internet security combined with the inefficiencies inherent in German bureaucracy / anti-centralization as well as the inherent insecurity of the SEPA model sometimes make crime possible
ChatGPT managed the following given the submitted source URL and the prompt "summarize the key technical facts into two sentences suitable for a hacker news comment".
Deutschlandticket fraud stemmed from decentralization and weak controls: tickets were issued instantly on unverified SEPA debits, and a leaked or mismanaged signing key let attackers mint valid tickets at scale. Poor revocation and fragmented verification meant many fraudulent tickets still scanned as valid, enabling mass resale and huge losses.
Kind of proof that privatizing public infrastructure does not work without very tight regulations.
The profits and benefits in infrastructure go towards a state and are long term. A private company cannot increase their stock price on a 100 year goal and a countries GDP growth.
Yep. "Socialist lure" is a very US american perspective and far off the real past of most EU nations. The same budget hawks that drive tax cuts and are hollowing out public institutions were directing the privatization of the Deutschebahn. Thats why its not a single company but over 250 of them, for all the naturally competing segments of that gigantic infrastructure. You know, for maximum free-market efficiency, but somehow, blame is still not privatized.
Id like to know the US position on why socialism is failing their infrastructure, like power grinds.
Germany's public transport is really not privatized though. The Deutsche Bahn AG is structured as company, but is entirely owned by the federal government. There's very, very little public transportation (e.g. private buses between major cities) that is not owned and operated by the government.
Not sure what socialism has to do with getting multiple ticket systems to speak to each other. I sometimes worry HN is astroturfed but I tend to read comments like this more simply as trolling.
Yeh this has more to do with the failures of federation and has nothing to do with socialism.
Federation is a huge part of why Germany struggles to deliver on it's digitalization goals.
Having every podunk authority handling ticket issuance basically guarantees signing keys will eventually be stolen/misused. The lack of a robust revocation mechanism is the nail in the coffin though.
Nothing. Some people just wake up in the morning and have to interject their "socialism = bad" religion into at least one thread in order to feel they've done their evangelism for the day.
Huh? I mean if anything the problem here was privatisation of local transport (and too much faith in said privatised transport by the national authorities), which doesn’t seem _particularly_ socialist.
Germany has missed the digitalisation train, but how long will it continue to miss it for?
At least, transparent issues like this one can only help.
The problem is the lack of centralization - there should obviously only be one issuer of this ticket and thus just only one website / app to keep bug free.
Lack of centralization is one part of it (see also: communal digital services), yes, but the complete lack of standards and guidelines is also a massive issue. I tried buying a Deutschlandticket from the DB Navigator app a while back, and immediately ran into some issues:
- they only take credit card, probably because of the massive SEPA fraud they've had happen
- they require id verification with a third party(!), which then only supports the e-perso(!!) or video ident(!!!), which they could've just used the actual PostIdent service for, which would've provided an alternative for non-smartphone-havers / people who'd rather not have their ID and face recorded by some Eastern European company until the end of time
- their entire authentication system was down when it came to actually purchasing
buying from my local Verkehrsverbund was a single tap in their app instead, with no id verification whatsoever. If DB's offering were the only option it would be an absolute travesty.
8 replies →
The country that lived through pervasive mass state surveillance by secret police for 40 years is unsurprisingly quite cagey about digital centralization of records, even so many years later
Germany has a tendency to wish something into existence with a law, and stop there. No guidelines, no tools, no enforcement. Often not a thought about feasibility. Nothing past the press release.
Sometimes a law will be in effect for two or three years and virtually no one will even know about it. Recycling electronics in supermarkets? Nope. E-Rechnung mandated for all B2B invoices? In your dreams.
I work at the other end of the spectrum, reducing friction for new immigrants to Germany. I find it especially frustrating. I could explain how things should be, but it would be pointless when reality is far more disappointing.
1 reply →
As German speaking person, we can be glad it’s not a fax ticket.
It looks like another system made by politicians to check a box on a list. "Digitalize" is not a purpose, it's a solution to a problem, but for many politicians it's a checkbox on the list of political promises and empty words they sell.
Also in Europe excellence is not rewarded. Nobody become a millionaire by designing and building great IT systems, there is no SV salary to attract and motivate talents, so we are drowning in mediocrity and when the governments are making systems, barely delivering something is the norm. The quality of requirements is very low (who will do better?), the deliverables are either from the lowest bidder or from the party in power friends, depending on the country and project.
Is there a similar ticket, flat for 50 Dollar per month, that takes you through the US? I wonder who pays for the real cost of the ticket, who cleans and repairs the trains, who invests in infrastructure and all that. I always wonder how the germans can pull this off for 50 Euro. Magic.
> I wonder who pays for the real cost of the ticket
Everybody already has local regional tickets anyway. And most people can't be in more then one place at the time anyway. And most people stay in the same region most of the time anyway.
So really you are not losing much compared to having separate local region tickets in a system where the long distance trains are separated.
> who cleans and repairs the trains
The already existing organizations that have run the trains for a long time.
> who invests in infrastructure and all that
The government ...
> I always wonder how the germans can pull this off for 50 Euro. Magic.
Its not magic its just a transportation policy and taxes.
Not sure I understand your point about
Everybody already has local regional tickets anyway. And most people can't be in more then one place at the time anyway. And most people stay in the same region most of the time anyway.
I live in Rostock. So if I want to go to Berlin or Hamburg (you know, where stuff like actual airports are) I am crossing "regional borders" even if it is a 200-250 km trip to each city
1 reply →
Continental USA: 8 million square kilometer.
Germany: 0.35 million square kilometer.
On the point of the upkeep, locals know German trains are now legendary for unpunctuality and cancellations, so maybe it's not working. But the answer is obviously (trigger warning for the libertarians...) taxes.
The ticket came about because energy prices went crazy after their energy dealer Putin went crazy and warry, I think it was an attempt to motivate people to take public transport rather than have them moan about fuel prices going way way up...
> Continental USA: 8 million square kilometer.
> Germany: 0.35 million square kilometer.
This does not matter much, since most people do not travel across states, countries, continents, etc on a daily basis. Most people probably travel within a 50 km (30 mile) radius (travelling to and from work, daycare, school, shopping, etc.).
iirc, the average is slightly higher in the US, but this is probably more due to how the US has approached urban planning over the last century or so than to the size of the country.
> But the answer is obviously (trigger warning for the libertarians...) taxes.
I think many people forget the huge societal cost of owning and running cars, including infrastructure maintenance, crash-related deaths and injuries, health conditions caused by crashes, air and noise pollution, climate change, resource extraction, and time lost in traffic. In other words, the savings from reducing these social, health, and environmental costs could easily finance the ticket. A study estimated that a modal shift of 10% to public transit could save Germany about 19 billion Euros a year (https://foes.de/publikationen/2024/2024-04_FOES_OEPNV.pdf).
fyi regional trains (which the deutschlandticket is valid for) are very punctual, it is the long distance/ICE trains that are always late/broken, and you cannot ride those with thw deutschlandticket anyways.
11 replies →
[dead]
Uh, I received a call from my credit card company saying that train tickets were bought using my card in Germany. I told them I haven't been in Germany for the last decade, and was issued a new card.
So at least your credit card issuer (presumably) actually has a working fraud department.
In the private sector, fraud detection is often heuristic based. So this was probably flagged because you didn't buy German railway tickets in the recent past and maybe even you didn't buy anything else in or near Germany.
I remember years ago getting a decline on a credit card transaction to pay for one of my ISPs, and then hours later a phone call. My bank apparently didn't understand (yet, this is years ago) that ISPs are like, not necessarily physically nearby and so since the ISP is on another continent and I had no other nearby transactions it was flagged as likely fraud.
[dead]
tl;dw please?
There's a summary directly below the video (though its not a very good summary). Basically, it's easily to generate valid tickets with fake bank credentials, which then get canceled later (but after already being resold).
Transit companies are pretty bad at PKI infrastructure and internet security combined with the inefficiencies inherent in German bureaucracy / anti-centralization as well as the inherent insecurity of the SEPA model sometimes make crime possible
"Transcript" it's called :)
That's... a totally different thing. There is actually a summary though below the video.
ChatGPT managed the following given the submitted source URL and the prompt "summarize the key technical facts into two sentences suitable for a hacker news comment".
Deutschlandticket fraud stemmed from decentralization and weak controls: tickets were issued instantly on unverified SEPA debits, and a leaked or mismanaged signing key let attackers mint valid tickets at scale. Poor revocation and fragmented verification meant many fraudulent tickets still scanned as valid, enabling mass resale and huge losses.
11 replies →
[flagged]
"Eschew flamebait. Avoid generic tangents."
https://news.ycombinator.com/newsguidelines.html
Funnily enough it generated the most interesting subthread of this submission.
1 reply →
Kind of proof that privatizing public infrastructure does not work without very tight regulations.
The profits and benefits in infrastructure go towards a state and are long term. A private company cannot increase their stock price on a 100 year goal and a countries GDP growth.
Yep. "Socialist lure" is a very US american perspective and far off the real past of most EU nations. The same budget hawks that drive tax cuts and are hollowing out public institutions were directing the privatization of the Deutschebahn. Thats why its not a single company but over 250 of them, for all the naturally competing segments of that gigantic infrastructure. You know, for maximum free-market efficiency, but somehow, blame is still not privatized.
Id like to know the US position on why socialism is failing their infrastructure, like power grinds.
2 replies →
Germany's public transport is really not privatized though. The Deutsche Bahn AG is structured as company, but is entirely owned by the federal government. There's very, very little public transportation (e.g. private buses between major cities) that is not owned and operated by the government.
What privatization are you talking about?
7 replies →
Not sure what socialism has to do with getting multiple ticket systems to speak to each other. I sometimes worry HN is astroturfed but I tend to read comments like this more simply as trolling.
Yeh this has more to do with the failures of federation and has nothing to do with socialism.
Federation is a huge part of why Germany struggles to deliver on it's digitalization goals.
Having every podunk authority handling ticket issuance basically guarantees signing keys will eventually be stolen/misused. The lack of a robust revocation mechanism is the nail in the coffin though.
> Not sure what socialism has to do with
Nothing. Some people just wake up in the morning and have to interject their "socialism = bad" religion into at least one thread in order to feel they've done their evangelism for the day.
1 reply →
The US provides plenty of anti-socialist fervor even without astroturfing.
We also get a bit of paid-for goading, just to keep it lively. But we do just fine without it.
All those socialist... Companies? With their socialist coding?
Maybe they also use Marx# (M#) with a socialist software architecture.
Isn’t the Deutschlandticket for public transportation?
1 reply →
[flagged]
Huh? I mean if anything the problem here was privatisation of local transport (and too much faith in said privatised transport by the national authorities), which doesn’t seem _particularly_ socialist.