Aral Balkan

2 years ago • •

Aral Balkan
2 years ago • •

Handing control of our biometric identities to a handful of trillion-dollar American gatekeeper corporations isn’t the good news you might think it is.

(Don’t forget, the W3C is the standards body of surveillance capitalism.)

In a non-corporate world, your “password” could be so much more… It could be, for example, a mnemonic for the key to a facet of your self that you (and you alone) own and control.

inkl.com/a/aRxNlETAxrA

#w3c #fido #passwords #identity #access #surveillance #capitalism

Apple, Microsoft, and Google are teaming up to eliminate passwords

Good news for the people still using "Password123!"

^inkl

#identity #capitalism #surveillance #w3c #passwords #access #fido

in reply to Aral Balkan

Arya K :emacs:

in reply to Aral Balkan • 2 years ago • •

inkl.com doesnt load

in reply to Arya K :emacs:

Aral Balkan

in reply to Arya K :emacs: • 2 years ago • •

Can you try refreshing? I think their infrastructure is a bit pants. It’s loading for me now.

in reply to Aral Balkan

Aral Balkan

in reply to Aral Balkan • 2 years ago • •

PS. Just wrote to them to tell them. It’s infuriating how badly their share links “work.” Will start looking for an alternative if that doesn’t improve. (Not that there are many.)

in reply to Aral Balkan

Arya K :emacs:

in reply to Aral Balkan • 2 years ago • •

> An error occurred in the application and your page could not be served. If you are the application owner, check your logs for details. You can do this from the Heroku CLI with the command

in reply to Arya K :emacs:

Aral Balkan

in reply to Arya K :emacs: • 2 years ago • •

Ah, well, at least that sounds like incompetence, not foul play :)

in reply to Aral Balkan

Arya K :emacs:

in reply to Aral Balkan • 2 years ago • •

i thought the government blocked the website lol

in reply to Aral Balkan

Arya K :emacs:

in reply to Aral Balkan • 2 years ago • •

loaded now

in reply to Aral Balkan

tomasino

in reply to Aral Balkan • 2 years ago • •

gah! Biometrics aren't passwords, they are usernames!

labs.tomasino.org/identity-vs-…

Identity vs. Secrecy

good ideas short on time

^{labs.tomasino.org}

in reply to Aral Balkan

Filipe

in reply to Aral Balkan • 2 years ago • •

Aral what do you think about using biometrics but only locally? So, using it but having it never leaving your device? This is technically possible for some (if not all) use cases

in reply to Aral Balkan

Alex R

in reply to Aral Balkan • 2 years ago • •

I think FIDO allows that, right? Biometrics are just one possible way to gain local access to a key you then use to prove your identity to the server. I use my Yubikey, but I’d definitely struggle to convince most other people in my life to pay seventy-odd euro, so a phone-based solution is probably necessary

in reply to Aral Balkan

Kyle Rankin

in reply to Aral Balkan • 2 years ago • •

I talked about this issue in a post for Purism recently. As you allude, the prime motivator for this move to the passwordless future is to anchor trust in these vendors so people are dependent on them for security. Passwords are one of the last areas where a person has some level of control over their own security in these ecosystems.

puri.sm/posts/microsoft-ruined…

Microsoft Ruined Passwords, Now Aims for a Passwordless Future – Purism

Purism makes premium phones, laptops, mini PCs and servers running free software on PureOS. Purism products respect people's privacy and freedom while protecting their security.

^{Purism SPC}

⇧