Yes, I agree. It's a bit weird because finally, after decades SEPA ICT is here and could be used to back this thing. It just needs to be more user-friendly.
Polish people have such a fear of Germans, thinking Germans are constantly scheming to screw Poland over. Whereas most Germans barely know Poland even exists.
As someone who has lived in both countries its such a hilarious anxiety.
Isn't this pretty much what Nothing are doing? At least one of their phones has a different battery rating in India than elsewhere, despite containing the same hardware.
Having lived in Germany it's quite different, but I'd argue the centralized handling of the CPR is actually quite convenient and doesn't meaningfully impact privacy. In Germany every authority has its own ID for you anyway (my password manager has a category "Government Primary Keys" for this), however that means that you have to provide all your information from scratch to every authority. This would theoretically lead to more privacy if we lived in 1926, but now computers are ubiquitous and a rogue government (like Germany is close to electing) can just correlate these keys together. Relational databases have existed for decades and JOINS are cheap. Thanks to surveillance capitalism by now we have very sophisticated ways to deanonymize people, the government can just hire someone to do it.
So the privacy in Germany is most often inconvenience for the citizen paired with hardly any privacy gain from a potentially hostile government. At this point I think the better solution is to avoid electing hostile governments. To Denmarks credit, they're currently doing that better than many other European countries.
> The big drawback of one time passwords is that it doesn't protect against man-in-the-middle attacks such as phishing, which is in practice one of the most common attacks on systems of this scale.
This is true and was definitely a criticism of the old system, where websites would open the NemID iframe and ask you for your username, password and a specific indexed OTP code, without providing any authentication to you. You only notice something weird if it asks you for an the index of a code that is not on your card but maybe the scammer is lucky and guesses an index that you have and then they can use that phished username/password/OTP triple to perform an unauthorized action.
The new system is slightly different, because if you use the mobile phone authentication it will send you a notification to your phone, but if you use the (bespoke, non-standard) OTP dongle it still does not authenticate itself towards the user. However the codes are now time-based so if they collect an OTP code they can only use it in a ~30s window, so the phished credentials have to be used immediately.
The way it worked before was that you had basically a piece of paper with OTP codes and the website would prompt you for a very specific one.
How that would've prevented this issue: not at all. If the login service is down, having the piece of paper with OTP codes is worthless as the problem is not getting the codes (I can still get MitID codes with the OTP dongle) but the authentication website. The previous system was just as centralized.
No. As I understand it the previous system, NemID was actually (co?)designed by the banks so this is what they all use. Likewise MitID is another unholy alliance of Nets (a Danish payment provider) and Danish banks.
Given the Swedish version of it is called BankID I assume the situation is nearly the same in Sweden.
A bit of a shame that it mentions the wretched type K plugs in Denmark but leaves out the "EDB" type DK 2-5a plugs/sockets, which add a new dimension of problems to the mix!
Porkbun has .party for $21.09 (bar the first year promotion, not sure about VAT) and INWX (DE, VAT included) has it 32.80€ . It is definitely more but not as scary as you made it sound.
Let's not forget that GNU Emacs also had his competitor, XEmacs which spurred GNU Emacs to improve. Similar with GCC and EGCS where the EGCS later became the new GCC.
That's not so much a Fedora thing but a GNOME move, as the RPM containing "Files" is still called Nautilus.
Also, I am a bit surprised since it goes contrary to your argument, because when a user looks for a file explorer he's much more likely to find that looking for "Files" rather than the (rather strange, really) name of "Nautilus".
I would see myself as a technical user and yet I have no idea how the apps on my Android device are called. One is called generically "Gallery" and another one even worse, "E-Mail".