Den ons 24 juli 2024 kl 08:32 skrev Björn Persson <Bjorn@rombobjörn.se>:
> Kevin Kofler via devel wrote: > > And at least the German stuff (and the Italian, Portuguese, and Estonian > > ones) is Free Software. The Austrian ID Austria app is entirely > proprietary. > > Though, as far as I know, you can buy physical FIDO2 hardware, then go > > register that with the ID Austria office, and then log in on the ID > Austria > > website with any FIDO2 enabled browser and the hardware you bought. But > the > > default workflow goes through a proprietary smartphone app. > > I wish I were allowed to use FIDO2. The dominant ID protocol in Sweden > is called BankID. It's a proprietary and secretive protocol that > requires a proprietary app that requires an operating system from > either Apple or Google – or sometimes Microsoft, but in many cases not > even Windows is allowed. No FIDO2 or other open standard is allowed. > > It's becoming ever more difficult to be a Fedora user in Sweden. > Several banks require BankID. Members of various associations must have > BankID to log in to membership pages. Many webshops accept payment only > through Klarna, and Klarna now requires everybody to use BankID. Thus > the BankID cartel effectively controls which operating systems have > access to the Swedish market. Users of other operating systems are > severely restricted in which banks they can have accounts in, which > shops they can buy from, et cetera. > > It is not that bad if you use a specific proprietary device for Mobilt BankId. Swish payments might be problematic, but you can use debit/credit cards for most things. /Andreas > By the way, the BankID protocol has fundamental design flaws that enable > an ongoing fraud campaign, and the more BankID becomes a routine in > people's daily lives, the easier it becomes for scammers to convince > victims to click through the BankID dialog that authorizes the scammer > to empty the victim's bank account. > > There are also at least two other proprietary ID protocols, which only > government agencies accept. One of those offers a Firefox extension that > can actually be used on a GNU/Linux system. It's unfree, buggy and > unmaintained, but usually works just about well enough to be usable on > the one website I need to access that accepts it. > > Government agencies seem to have some requirement to be vendor-neutral, > and they believe that means they must buy incompatible proprietary > services from all the vendors, instead of defining a standard that any > vendor can implement. Everyone who isn't required to be vendor-neutral > accepts only BankID and contributes to strengthening the Apple/Google > duopoly. > > Björn Persson > -- > _______________________________________________ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue >
-- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
