Comment by loup-vaillant
2 days ago
On principle I agree with you. And for me I totally want that, in part because I know how to take care of myself and avoid phishing (I got pwned once, but thankfully it was my company’s honey pot, not actual phishing).
Many people aren’t like us. Give them freedom to chose their password without mandating 2FA, and some will lose money to a password database leak & offline guessing. The policy maker knows this, at which point they have a choice: stricter annoying rules with fewer victims, or looser rules with more victims?
Yes, we can mitigate much of this with education, as can we limit vendor lock-in by mandating that the bank does not require any particular device they do not themselves distribute, for free, to their users. (My bank for instance gave me a little device that has a camera, a small screen and a key pad. Upon payment I use the device to scan some QR-code, the device gives me a one-time code that I type, and done.) My point is, some kind of tradeoff remains.
Also banks kinda have to deal with fraud, which presumably costs them money. Stolen passwords mean more fraud, increased costs… that may be incentive enough to enforce stricter rules. And to be honest I’m okay with that, as long as it is accessible. Which in my case means no phone app of any kind.
Come to think of it, there is one law I would pass: for important stuff like banks, no amount of security justifies a lack of accessibility. If I don’t have a smartphone, I should still be able to do online payments. Same if I’m blind. Or both. When I hear all around me about people being utterly unable to do banking, or worse, accessing government online services, without a locked down Android or iOS phone, I’m horrified.
> they have a choice: stricter annoying rules with fewer victims, or looser rules with more victims?
Yep, there's a reason freedom vs safety (or libertarianism vs authoritarianism) is an axis on many political spectrum charts. This is a very common source of tension in politics. As you can probably guess, I usually find myself on the libertarian side of such debates. Freedom is worth the price.
> Give them freedom to chose their password without mandating 2FA, and some will lose money to a password database leak & offline guessing
To be clear, I have no issue with secure defaults. There's only an issue when you start trying to make it impossible for users to compromise their own security, because accomplishing that requires you to take away their freedom to make choices, which I don't think is an acceptable thing to do to mentally sound adults.
There's plenty of competition in the banking space, so normally I'd be fine letting banks and their customers sort this out on their own. But there's not a lot of competition in the OS space, and allowing banks to limit your choice of OS exacerbates that problem.
The fix I've been floating in my head for some time now for a lot of these types of problems in the digital space is some sort of software freedom law guaranteeing users the right to modify software running on devices they own. It would fix so many issues with the software industry, including probably this one, since many common uses of hardware attestation would probably fall afoul of such a law.
> Freedom is worth the price.
I generally lean towards that too, including for this issue. But we do need to own up to it. Explicitly ask ourselves, what kind of bad consequences, and how much of them, are we willing to put up with in the name of freedom?
Also, some framings make it difficult: the second someone speaks of protecting the children, all of a sudden freedom becomes secondary. Which leaves two counters, which are logically compatible, but tend to be rhetorically exclusive: denying that this new thing will actually protect the children; and asserting that the protection it allegedly provides is not worth the loss of freedom.
The second one is a hard sell, which is why we so often revert to the first one. Take age verification: sure it won’t stop determined underage teens from seeing images of bunny girls. But it will deter some of them. And assuming images of bunny girls are bad for teen health, it means age verification does "protect the children". A little. And voilà, we’ve destroyed the argument that age verification does absolutely nothing, mass surveillance for the win!
> […] which I don't think is an acceptable thing to do to mentally sound adults.
I haven’t thought of the psychological damage over-protectiveness may cause. That’s a bloody good point.
> There's plenty of competition in the banking space,
Given how people in some countries complain that it’s difficult to find a bank that doesn’t require a locked down phone for online payments, I would argue perhaps not plenty enough. I totally agree though that for any bank to require one of two OSes is not good, and for this reason would be tempted to outlaw such requirements (thus reducing corporate freedom, but I care more about individual freedom).
> some sort of software freedom law guaranteeing users the right to modify software running on devices they own.
That is very tempting indeed. Do understand though that such a law comes very close to mandating Free Software everywhere: for this right to be effective, users need access to the source code, and be allowed to let some professional modify that code for them. Any mass produce piece of hardware would effectively have to publish the full code source of their drivers for all to see. I would absolutely love that, but NVDIA would likely lose their marbles over this.
> what kind of bad consequences, and how much of them, are we willing to put up with in the name of freedom?
The way I look it is that when someone uses their freedom for evil, the consequences of that are that person's fault, not the fault of freedom itself. Responding to evil done by one group of people by curtailing the freedoms of everyone, including innocents who have done nothing wrong, is fundamentally unjust. Perhaps in some extreme cases it could be justified, but I'd use a standard similar to how the US supreme court defines "strict scrutiny" when evaluating such measures.
Patrick Henry once said "Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery? Forbid it, Almighty God! I know not what course others may take; but as for me, give me liberty or give me death!"
Unfortunately yes, for some this is a hard sell. I'm not sure how to convince others of the importance of freedom if they don't already consider it to be important, to me it's an almost fundamental belief that I hold.
>> […] which I don't think is an acceptable thing to do to mentally sound adults.
> I haven’t thought of the psychological damage over-protectiveness may cause
My point was more that taking away a person's freedom for their own protection is the kind of thing you do when they're either children or mentally unsound. Outside of those cases I don't think it's acceptable.
> it’s difficult to find a bank that doesn’t require a locked down phone for online payments
Some of this may be due to regulations making banks partially responsible for things they shouldn't be responsible for (like the customer's phone getting hacked). Responsibility and control go hand in hand. But mostly I think it's just due to lack of demand, which would be solved if running modded OSs were more common.
> Do understand though that such a law comes very close to mandating Free Software everywhere
Yes, exactly. I guess I've been radicalized by Stallman. ;) Though to be fair I do partially disagree with his definition of free software, in that I don't think software needs to be freely redistributable without payment (freedom 2) in order to be libre free.
I understand this a pretty radical proposal, and completely politically non-viable for the foreseeable future. It might even be a bad idea to do all at one even if that were possible. But I think probably there are some smaller steps that could be taken in that direction which would be beneficial even if I'm not entirely sure what those are yet.