> Please insert a valid phone number to make your account more secure (no you can't opt out)> TOTP? We require your number for account """recovery"""> Using E-Mail instead? Lmao kys> Bought access to an SMS inbox online? Okay please insert the code that we 100% totally send you. You didn't receive it? "Too Many Attempts, Try Again Later"> Rented a VOIP number? No you can't use this one because ... you just can't, okay?> Prepaid SIM card? Here is your account! Don't forget to top up your balance every 2-3 weeks :)
>>108358154> remove google rootkit spyware from device> banking apps stop working> push authenticator apps stop working> no more paypal> government apps stop working> your phone is basically a toy now
>>108358218Sandboxed GPS
>>108358240About two to three years left until worthless.There is pretty much nothing that's stopping app developers from requiring STRONG_INTEGRITY right now.Sandboxed GPS (or anything custom in general) can only pass BASIC_INTEGRITY, while the other two tiers (STRONG being the highest) perform some magical cryptographic fuckery in the glowing part of your CPU to check if your device has been tampered with that cannot be spoofed in any way without finding some HW boot chain exploit.
tfw consumercattle having direct control over hardware is so problematic that you literally get your own cpu inside theirs
There isn't a stronger identity factor out there other than your phone number.I dare you to propose a better one.
>>108358430rectal scan
>>108358430Iris scans, but that would be even more invasive. It's not about being good at verifying your identity; we hate it because it's invasive and unnecessary.
>>108358430>>108358436Unironically via ID.Germany this thing called eID, which you can use to verify something against any online service while still being fully anonymous (if necessary).I don't remember the details perfectly, but roughly it works like this:1. You insert your id into any compatible reader, service sends public cert to your ID chip, chip verifies that youre allowed to read2. chip hashes + encrypts something like (your personal info + servicename) and sends it back3. service receives this hash and can use it as an unique identifier that cannot be spoofed4. service doesn't know shit about you, other than that you used a valid german ID card5. gov doesn't know that you created an account or generally anything at all, because everything happens locally
>>108358538It is pretty much the perfect solution for (almost) everyone:> Online Service- Sees you as user ABC123 (hash from ID card)- Knows that you can't create another account, since your hash always stays the same for that service> (You)- Can't be tracked across services, since each service has a different hash for your personal info- Service knows exactly nothing about your identity- Never submit any picture of any document ever again- Not even the gov can tie your account back to you because you can't go from hash ABC123 back to (personal info)I suppose only for glowies this is a total nightmare, which is why it has never been meaningfully adopted, even if the technology exists since like 2010
>>108358430I'll deal with phone numbers if it's the bank or something that is strongly tied to my real identity to begin with. Accounts for email, chat, video calls, watching videos etc shouldn't require a phone number.
>>108358154Just task your bot to mail them weekly on how to create an account without a phone number because you are electrosensitive
>>108358218All computers are toys for me
>>108358632>>108358538Let me guess, it only works on iOS and unmodified stock Android, because otherwise you could send a made-up hash?Let me guess, the card reader is only compatible with Windows and MacOS and Chrome/Edge/Safari because other OS/browser combos can't be trusted not to send a made-up hash instead?
>>108361150Nope, actually it's the complete opposite.The whole point of all of this is that the chip inside your ID card has the private key and does the actual verification.The actual "processing" never leaves the chip, therefore you can use whatever you can find, literally nothing is required outside of:1. Having a device that can communicate with your ID, basically any usb smart card reader.2. Something to run the implementation for the actual programThat's it.The official app is available on F-Droid and iOS, but since the implementation just has to do a few steps correctly, there are a gazillion different community versions that are officially endorsed by the gov (pic related).German gov software is unironically the pinnacle of open source implementations, even all government agencies are pushed to use open source instead of anything MS. Sad that the EU is going in a slightly different direction.
>>108358430With how easy it is to get a phone number with minimal identity requirements, it isn't. This just exist to harvest your number and send spam SMS.
>>108358154> Prepaid SIM card? Here is your account! Don't forget to top up your balance every 2-3 weeks :)Here is just the equivalent of 2 burger bucks every 6 months. But I can't get new Anonymous sims since they started using facial recognition to activate them. Truly grim
>>108362409>>108358538if thats true and it worksthis is genuinely based and more places should implement this.krauts may be lacking in many areas, but foss isnt one of them
>>108362409While the technology exists, the adoption and implementation of eID are often slowed by practical and political factors. For one, many governments and organizations may prefer more centralized or simpler systems, which could give them more control. There are also concerns over standardization and the friction involved in implementing something like eID across different online platforms.The "glowies" part (referring to surveillance agencies) is likely because such a system could make it harder for centralized bodies to track and identify users, especially across different services. A system like eID could be a nightmare for mass surveillance because of its decentralized and privacy-preserving nature.Conclusion:In theory, the eID system as described in your question could offer robust privacy and security benefits, such as protecting your identity while verifying your existence for online services. The cryptographic nature of the system ensures that even if someone intercepts the hash, they wouldn't be able to trace it back to your personal info. Spoofing a non-existing ID is practically impossible due to the physical, cryptographic security of the ID card.
