HackerTrans
TopNewTrendsCommentsPastAskShowJobs

prognu

no profile record

Submissions

Digital Euro – What the FAQ, ECB? [video]

media.ccc.de
4 points·by prognu·vor 10 Monaten·1 comments

How to Detect Text Truncation in SwiftUI?

fatbobman.com
2 points·by prognu·letztes Jahr·0 comments

ApplePay vs. Alternative Payment Services

taler.net
58 points·by prognu·letztes Jahr·30 comments

NGI TALER: Privacy-preserving digital payments

nlnet.nl
2 points·by prognu·vor 3 Jahren·0 comments

comments

prognu
·letztes Jahr·discuss
https://taler-ops.ch/ is live in Switzerland and allows exactly this: anonymous microtransactions. What law exactly would prevent someone from doing the same in the US?
prognu
·vor 2 Jahren·discuss
He's trying to rewrite history by having FLOSS start with Linux instead of with GNU.
prognu
·vor 3 Jahren·discuss
Hot water has less oxygen, the fish suffocated. This was on the Japanese news over a week ago, but without the "nobody knows why" part: it was blamed on unusually warm ocean temperatures.
prognu
·vor 3 Jahren·discuss
The article is focusing on the technical side, but the economics are also silly. The ECB says that the Digital Euro will be free of charge for consumers as a "public service". And that it will ensure low fees for merchants because of mandatory acceptance laws. But they also claim that the Digital Euro will be operated by commercial payment service providers. So who will be in the business of operating a public service where they only can charge low, capped fees from merchants? Obviously the existing high-fee payment service providers will not line up here to ruin their working business models. However, the model will work for one group: criminals, that basically run completely insecure low-quality payment services and that fail to provide good customer service or even steal customer's money at a large scale. That business model will work, because the Digital Euro is designed to be a liability of the central bank, even though the operation will be done by commercial operators. So they didn't just mess up the technology (as you would expect from big government), they also messed up the economics (which may surprise some, given that this is largely a central bank proposal).
prognu
·vor 3 Jahren·discuss
Teaching users is of course the tricky part, and I'm not trying to excuse the insane draft regulation here. That said, eIDAS doesn't force browser vendors to visually distinguish Article 45-forced CA certificates from traditional CAB CA certificates, and I doubt they considered the possibility. So re-adding the distinction is a valid band-aid. Your second point can be addressed relatively easily by businesses getting multiple certificates. Then, the browser can show 'trusted' only if one of the certificates is not from a Article 45-forced CA.
prognu
·vor 3 Jahren·discuss
The logical solution for browser vendors is to also roll back the URL bar by 10 years, where we had different indicators for extended validation, normal certificates and plaintext. I guess a blue EU-logo whenever Article-45 compliant CAs are used would make sense. Then we just have to teach people: blue is for "government snoop mode".
prognu
·vor 3 Jahren·discuss
May I suggest: With Free Software (https://taler.net/)?
prognu
·vor 3 Jahren·discuss
Sorry, but some people will run routers (and other IoT devices) for > 10 years, and long past some random 2 year EOL a manufacturer may set. We need less e-waste, and if manufacturers have to warrant security for 30 years, they may also invest enough to make the hardware itself last longer. More expensive is totally fine if the product is useful for longer! Oh, and please double-check if you really have no 1st generation Raspberry PI anywhere, or maybe some ancient Arduino? What about your washer? Modern washers are IoT devices. My (admittedly not yet IoT washer) is > 10 years old. Or take your car. Sure, you may buy a new one every 10 years, but there are plenty of cars > 10 years on the road. Do you want all of them to be vulnerable and out of warranty in the future?
prognu
·vor 3 Jahren·discuss
Simple. Give the manufacturers the choice: either they must provide full (FLOSS) source code and documentation (full schematics) to the user to enable them to maintain, patch and thus secure their devices (see also: right to repair), OR they are liable for all damages (direct, indirect) for a 30 year expected lifetime that arise from security issues with the device AND must have insurance to cover those damages (so that they cannot get out of that liability by bankruptcy). Most will opt for FLOSS, and none will have the excuse that it would be more secure to make it proprietary. And then users will at least be able to fix issues -- and the security community will be way more effective at finding issues as it wouldn't have to do the slow reverse engineering.
prognu
·vor 3 Jahren·discuss
[flagged]
prognu
·vor 4 Jahren·discuss
https://arbor.bfh.ch/17195/ describes how to accept BTC or ETH using GNU Taler.
prognu
·vor 4 Jahren·discuss
Do you have a wallet v0.9.0? Which wallet are you using? Last I checked it worked fine with the Firefox wallet and the Android wallet.
prognu
·vor 4 Jahren·discuss
To answer the last question in your blog post: gnunet-config --diagnostics tells you where the configuration file(s) are.
prognu
·vor 4 Jahren·discuss
RFC-style spec is at https://lsd.gnunet.org/lsd0001/