• 0 Posts
  • 10 Comments
Joined 17 days ago
cake
Cake day: December 6th, 2024

help-circle
  • But people do stop believing money has value, or more specifically, their trust in the value of money can go down - you all over the History in plenty of places that people’s trust in the value of money can break down.

    As somebody pointed out, if one person has all the money and nobody else has money, money has no value, so it’s logical to expect that between were we are now and that imaginary extreme point there will be a balance in the distribution of wealth were most people do lose trust in the value of money and the “wealth” anchored on merelly that value stops being deemed wealth.

    (That said, the wealthy generally move their wealth into property - as the saying goes “Buy Land: they ain’t making any more of it” - but even that is backed by people’s belief and society’s enforcement of property laws and the mega-wealthy wouldn’t be so if they had to actually protect themselves their “rights” on all that they own: the limits to wealth, when anchored down to concrete physical things that the “owners” have to defend are far far lower that the current limits on wealth based on nation-backed tokens of value and ownership)


  • And further on point 2, the limit would determined by all that people can produce as well as, on the minus side, the costs of keeping those people alive and producing.

    As it so happens, people will produce more under better conditions, so spending the least amount possible keeping those people alive doesn’t yield maximum profit - there is a sweet spot somewhere in the curve were the people’s productivity minus the costs of keeping them productive is at a peak - i.e. profit is maximum - and that’s not at the point were the people producing things are merelly surviving.

    Capitalism really is just a way of the elites trying to get society to that sweet spot of that curve - under Capitalism people are more productive than in overtly autocratic systems (or even further, outright slavery) were less is spent on people, they get less education and they have less freedom to (from the point of view of the elites) waste their time doing what they want rather than produce, and because people in a Capitalist society live a bit better, are a bit less unhappy and have something to lose unlike in the outright autocratic systems, they produce more for the elites and there is less risk of rebelions so it all adds up to more profit for the elites.

    As you might have noticed by now, optimizing for the sweet spot of “productivity minus costs with the riff-raff” isn’t the same as optimizing for the greatest good for the greatest number (the basic principle of the Left) since most people by a huge margin are the “riff-raff”, not the elites.


  • Well, I haven’t really made any large wire transfers to accounts outside the EU from that bank in over a decade so can’t really confirm or deny.

    I do know that in past experience with banks in general, the people checking the validity of suspicious transations (and large transfers to accounts outside the EU tend to fall into that classification given the prevalence of online scams from countries were the Law is a bit of a joke) will actually call you, or at least they did in the UK some years ago (pre-Brexit) which was the last time I had experience with something like that.

    (At one point I also worked in a company that made Fraud Detection software).

    Maybe they switched to SMS to save money, I don’t know.


  • Ah, I see.

    Your point is that the use of a secondary channel for a One Time Pass is still an insecure method versus the use of a time-based one time password (for example as generated in a mobile phone app or, even more secure, a dedicated device). Well, I did point out all the way back in my first post that SMS over GSM is insecure and SMS over GSM seems to be the secondary channel that all banks out there chose for their 2FA implementation.

    So yeah, I agree with that.

    Still, as I pointed out, challenge-response with smartchip signature is even safer (way harder to derive the key and the process can actually require the user to input elements that get added to the input challenge, such as the amount being paid on a transfer, so that the smartchip signs the whole thing and it all gets validated on the other side, which you can’t do with TOTP). Also as I said, from my experience with my bank in The Netherlands, a bank using that system doesn’t require 2FA, so clearly there is a bit more to the Revised Payment Systems Directive than a blanked requirement for dynamic linking.


  • It think you’re confusing security (in terms of how easy it is to impersonate you to access your bank account) with privacy and the level of requirements on the user that go with it - the impact on banking security of the bank having your phone number is basically zero since generally lots individuals and companies who are far less security conscious than banks have that number.

    That said, I think you make a good point (people shouldn’t need a mobile phone to be able to use online banking and even if they do have one, they shouldn’t need to provide it to the bank) and I agree with that point, though it’s parallel to the point I’m making rather than going against it.

    I certainly don’t see how that collides with the last paragraph of my original post which is about how the original thread poster has problems working with banks which “require a separate device that looks like a calculator to use online banking” which is an element of the most secure method of all (which I described in my original post) and is not at all 2FA but something altogether different and hence does not require providing a person’s phone to the bank. I mean, some banks might put 2FA on top of that challenge-response card authentication methods, but they’re not required to do so in Europe (I know, because one of the banks in Europe with which I have an account uses that method and has no 2FA, whilst a different one has 2FA instead of that method) - as far as I know (not sure, though) banks in Europe are only forced to use 2FA if all they had before that for “security” was something even worse such as username + password authentication, because without those regulations plenty of banks would still be using said even worse method (certainly that was the case with my second bank, who back in the late 2010s still used ridiculously insecure online authentication and only started using 2FA because they were forced to)




  • Whilst I would be wary of saying AirBnB is the main cause (more likely it’s a big one but not the only one), keep in mind that when realestate prices go up in major cities, that pushes out people who go to cheaper places, pushing prices up in those places which in turn might push some out from those places and into even cheaper places.

    So housing bubbles centered in main cities do naturally spread out from there to places were the original causes of the bubble are not present.


  • Those little boxes are just a bit of hardware to let the smartchip on the smartcard do what’s called challenge-response authentication (in simple terms: get big long number, encode it with the key inside the smartchip, send encoded number out).

    (Note that there are variants of the process were things like the amount of a transfer is added by the user to the input “big long number”).

    That mechanism is the safest authentication method of all because the authentication key inside the smartchip in the bank card never leaves it and even the user PIN never gets provided to anything but that smartchip.

    That means it can’t be eavesdropped over the network, nor can it be captured in the user’s PC (for example by a keylogger), so even people who execute files received on their e-mails or install any random software from the Internet on their PCs are safe from having their bank account authentication data captured by an attacker.

    The far more common two-way-authentication edit: two-channel-authentication, aka two-factor-autentication (log in with a password, then get a number via SMS and enter it on the website to finalize authentication), whilst more secure that just username+password isn’t anywhere as safe as the method described above since GSM has security weaknesses and there are ways to redirected SMS messages to other devices.

    (Source: amongst other things I worked in Smart Card Issuance software some years ago).

    It’s funny that the original poster of this thread actually refuses to work with some banks because of them having the best and most secure bank access authentication in the industry, as it’s slightly inconvenient. Just another example of how, as it’s said in that domain, “users are the weakest link in IT Security”.


  • In my own Portugal, which is a very turistic country and also towards the bottom of the GDP-per-capita scale in the EU, things that would likely work very well would also be:

    • Crack down on AirBnB
    • Forbid ownership for non-residents.

    Portugal currently has a massive house inflation problem (extra massive, because of how low average incomes are here) and a lot of it has to do with residential housing being removed from the housing market and turned into short term turist lets (for example, over 10% of housing in Lisbon has been turned into AirBnB lets) and foreign investors (not just big companies but also individuals, such as well off pensioneers from places like France) pulling prices up by being far less price sensitive than the locals as they’re buying residential housing as investments having far more money available than the average Portuguese.

    Having lived in both Britain and Portugal during housing bubbles, what I’ve observed was that the politicians themselves purposefully inflate those bubbles, partly because they themselves are part of the upper middle class or even above (especially in the UK) who can afford to and have Realestate “investments” and hence stand to gain personally (as do their mates) from Realestate prices going up and partly because the way Official GDP (which is supposedly the Real GDP, which has Inflation effects removed) is calculated nowadays means that house price inflation appears as GDP “growth” since the effects of house price increases come in via the “inputted rent” mechanism but the Inflation Indexes used to create that GDP do not include house price inflation, so by sacrificing the lives of many if not most people in the country (especially the young, for example the average age for them to leave their parent’s home in Portugal is now above 34 years old and at this point half of all University graduates leave the country as soon as they graduate) they both enrich themselves and can harp in the news all about how they made the GDP go up.

    All this has knock on effects on the rest of the Economy, from the braindrain as highly educated young adults leave and the even faster population aging as people can’t afford to have kids, to shops closing because most people have less money left over after paying rent or mortgage so spend less, plus the commercial realestate market is also in a bubble so shops too suffer from higher rents. However all this is slow to fully manifest itself plus those who bought their houses before when they were cheaper don’t feel directly like the rest, and they generally don’t really mentally link the more visible effects (such as more and more empty storefronts) to realestate inflation, much less do more complex analysis of predictable effects, such as how the braindrain and fall in birthrates will impact their pensions in a decade or two.