danie10

joined 3 years ago
[–] danie10@lemmy.ml 0 points 7 months ago

Ah thanks for explaining that. It just makes it then difficult to fully move to passkeys with Bitwarden, which is why I've been waiting so long, and why I never stayed using Google or Apple's passkeys.

[–] danie10@lemmy.ml 2 points 7 months ago

There is a difference but right now as long as one uses a good password with a 2FA it is probably good enough. Too many services with passkeys are still quickly offering password resets via e-mail or text, so they, as sites, are not secure. And unless you can move your passkeys with you, like you can with passwords, you don't want to get locked into a single device or OS.

[–] danie10@lemmy.ml -1 points 7 months ago

Firstly, the point was made that the passkey functionality in Proton Pass is free (no account needed or "selling") and that is for unlimited logins. Anyone can just use it. I pay for, and am still using Bitwarden. I posted about this because it is interesting that Pass has implemented passkeys for mobile, while I still wait for Bitwarden, so I'm interested in testing this out with Proton Pass. I post about all sorts of things that I find interesting, and sometimes I do switch my services across if I find it can match or better what I already use. That's the bottom line.

I was just as interested when I was considering moving from LastPass to Bitwarden, but then I was accused of "selling" free Bitwarden to people. Everyone must make up their own minds as their circumstances are different. But if no-one posted about what they found interesting, we'd have no Lemmy, and we'd all forever just stay stuck on whatever we personally know. Certainly Bitwarden and Proton Pass are not the only good password managers out there, but this week I was interested to see an article about Proton Pass, and I had not even known they'd rolled out passkeys yet. It seems like quite a few others did not either.

I'm sure others also post about what new stuff 1Password has just rolled out, and I'd be interested to hear about that too. That is how I decide whether I want to try something better.

If I wanted to try to sell something, I'm sure Proton Pass probably has some loyalty link for paid accounts, but no, you did not see me sharing anything like that. I mentioned the access was free.

[–] danie10@lemmy.ml 0 points 7 months ago (4 children)

Google's own one may be, and that is their right, but it is an open standard so anyone can produce their own RCS app like Samsung has done, and the same way Apple is building support into their exiting app. Nothing should stop a 3rd party developer looking at the standard, and producing an open source RCS app?

[–] danie10@lemmy.ml 1 points 7 months ago

The GSMA does need to work harder at ensuring true interoperability between carriers, esp for E2EE. I'm expecting that the Google "monopoly" will get broken up at some point. I would have hoped that Apple insisted on hosting their own RCS (standards compliant) server.

[–] danie10@lemmy.ml 0 points 7 months ago (1 children)

Vulnerabilities on the client end are the only way right now for most state actors to gain access to messaging. So yes, various actors are already exploiting that as they have a lot at stake to gain access. But with others already able to exploit that, why would Proton want to do that? Their model is not about advertising or selling data, and they have 100 million paying customers as I understand it. The one's that have been spying and exploiting have been the likes of Meta's Facebook with their app present on the client device, and then trying to break Snapchat's encryption this was (this came out in March 2024). Anyone "can" but we need to also consider "why" and what business model they have.

[–] danie10@lemmy.ml 1 points 7 months ago (4 children)

Not the only one, Samsung also their Messages app with RCS built in, and Apple is adding soon. The one-to-one messages are E2EE, and I understand groups are/were to be E2EE. We should be seeing more apps building it in as I've been asking Truecaller to do, as I have to pay for every SMS in Truecaller.

[–] danie10@lemmy.ml 1 points 7 months ago

It is not zero encryption, like SMS, though? All GSMA-compliant RCS implementations must use TLS to encrypt data transfer between your device and the carrier's server. While recommended by GSMA, E2EE is an optional feature that carriers can choose to implement or not. So carriers can implement it. I'm pretty sure that as adoption goes mainstream, a "monopoly" on the server side is going to get broken up.

[–] danie10@lemmy.ml 2 points 7 months ago (1 children)

Yes, but a percentage has to be seen in the context of the total to gauge its impact. India for example is 95% of 1.428 billion people vs Japan is 70% of only 124 million. There are just under 200 countries.

[–] danie10@lemmy.ml -3 points 7 months ago

True, it is good, but they need to speed up on passkeys for mobile as many do use mobile devices and what's the point of having passkeys on desktop.

[–] danie10@lemmy.ml 2 points 7 months ago
[–] danie10@lemmy.ml 2 points 7 months ago (3 children)

True, but the big number really is the USA followed maybe by Australia. Entire Middle East, Africa, South America, and Asia are Android. India is also massive (behind China), and India is 95% Android.

view more: ‹ prev next ›