Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>You simply are not in full control of the OS.

A great thing for 99% of the users.



Not having the possibility to control things and not having to control things are two very different things.


Users are extraordinarily stupid. Not having the possibility to control things is a Good Thing.


People are extraordinarily stupid. And selfish. And greedy. And all sorts of other bad things. Giving control to other people isn't any better.


Would you rather have your grandmother do her banking on a windows laptop or a device running iOS?


On a laptop, ofc. All the secure stuff happens on external hardware, and the laptop at least allows using it.

Most banks in Germany allow HBCI, so you get an external chip reader, any HBCI-compliant software – be it StarMoney, or GnuCash/KMyMoney with the HBCI plugin – configure your account, and authorize API accesses via the card and PIN on an external keypad (which shows what you’re authorizing on its own display).

This is the average way a consumer does online banking, and it’s much more secure than on iOS.


While it is possible, I don't think the average consumer has a dedicated card reader and HBCI software. I just checked a few random banks and none of them even advertise that on their homepage. Most people use browser-based banking plus a way to generate transaction tokens (e.g. via SMS, smartphone apps, or a small token generator that takes input).


The Commerzbank advertises it on the homepage of their online banking, and when you try to activate online banking, they suggest it, too.

And the chip reader is required for the new Personalausweis anyway.


Unless I am missing anything, Commerzbank has a small text on some of the sites "Using HBCI? This is how to activate". That's hardly advertising, nobody how doesn't already knows what this is about will click on that. All their interactions on the site seem to steer people to mobile or photo TAN.

To me it looks like nobody actually uses the Personalausweis online. Just recently, companies have switched off their support (e.g. HUK or DKB). And the majority of the readers around are just RFID readers without any dedicated keys or display (which obviously is not a secure way) which can't be used for HBCI.


>This is the average way a consumer does online banking, and it’s much more secure than on iOS.

lol. At least on iOS they can trust what they see.

On desktop they can't, https://securityintelligence.com/tatanga-attack-exposes-chip...

All of your security theater falls apart when the device is infected with malware that can make the bank site say anything.

On iOS your banks app/site will never ever lie to you, if it does it'll almost certainly be the banks fault and not the users.


The idea is to get a dedicated device[0] which uses your bank card to sign the transaction and shows transaction details on its own display. That's probably even harder to infect than iOS.

While German banks support that almost universally, hardly anybody uses it.

[0]: https://shop.reiner-sct.com/chipkartenleser-fuer-die-sicherh...


Yeah, and then the banks site will just tell the user to approve the "test transaction" on their devices screen. Or that they need to approve it or all of their funds will be frozen, or whatever.


Neither. I'd rather her do her banking on a machine that she has full control of: linux or any other foss os


No, they are uneducated about the complexity of what they are dealing with, big difference. Not stupid and unable to learn.


Do you think it’s a Good Thing when users lose all of their data to WannaCry or have their bank accounts emptied? I do not.

The vast majority of users simply do not benefit from being exposed to such complexity, it certainly shouldn’t be the default.


You can both lock down the UI to minimize user error, and allow informed users to have complete control of the system.

Think safety locks on pill bottles or cabinets.


There are plenty of people who can't be trusted not to make poor decisions about technology they don't understand. Safety locks aren't enough.


Live and learn?


Not a good approach when designing products for the masses.


I disagree. There's NO situation where this kind of update is good for users. Being unable to accidentally brick your machine is good, but no user benefits from having adware and spyware installed.


>but no user benefits from having adware and spyware installed.

Sure, but my point is mostly that generally restricting user freedom results in much less of such getting installed.


Sure, if you trust the OS. But what if the OS itself forces spyware and adware into your machine without your permission and it is not removable, like Windows 10 does...

The ability to control your machine is always good for users in the long run, though you're right it's important to make stupid changes very difficult for less sophisticated users.

Perhaps your bank should control your money so that you don't spend it unwisely? Users are stupid, after all.


I hate Win10 with passion, but I agree. Don't know why you get downvoted.

One of my father's laptops runs Xubuntu. It's totally fine too. He doesn't even know what root permissions are and he never needs them. But still, sometimes he has to install something and I have to help. The point is, I never get asked to help with W10 neither from friends or family, which is actually amazing.


They are technically being used rather than using the system.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: