Some annoying websites insist on authentication by requiring me to enter
the number they send by text message. For some reason my google voice
number is never identified as a real phone number and I have to use my
old phone with the $10/year SIM to receive their code.
WTF? Why is the google voice number not a REAL phone number?
Some annoying websites insist on authentication by requiring me to enter
the number they send by text message. For some reason my google voice
number is never identified as a real phone number and I have to use my
old phone with the $10/year SIM to receive their code.
WTF? Why is the google voice number not a REAL phone number?
Some annoying websites insist on authentication by requiring me to
enter the number they send by text message. For some reason my google
voice number is never identified as a real phone number and I have to
use my old phone with the $10/year SIM to receive their code.
WTF? Why is the google voice number not a REAL phone number?
Some annoying websites insist on authentication by requiring me to enter
the number they send by text message. For some reason my google voice
number is never identified as a real phone number and I have to use my
old phone with the $10/year SIM to receive their code.
WTF? Why is the google voice number not a REAL phone number?
"The Real Bev" <bashley101@gmail.com> wrote
| WTF? Why is the google voice number not a REAL phone number?
|
As V said, the simple answer is that they want to spy.
"The Real Bev" <bashley101@gmail.com> wrote
| We've been with Vanguard a long time;
Mutual fund? I was thinking of playing stocks. My idea was
to invest in a trash removal company. Cities are all subcontacting
to them now. Then there's construction demo. Rubbish is the
future! But even that seems risky. I can't afford to lose my modest
savings, not knowing how long I'll be able to keep working. Even
mutual funds were losing until recently. And the people who deal
in those take 1/2 to 1% commission, per year, whether you win
or lose.
| (before they set up that voice-recognition thing) they had to hear my
| husband giving his SS # etc. in addition to what I told them. It never
| seemed to occur to them that I could have killed my husband and was
| telling my toyboy what to say while we cleared out the account.
They probably figure that your boyfriend wouldn't be able to
remember 9 numbers.
The Treasury is actually a good bet for now. As long
as interest rates stay up it's virtually no risk at about
5% for t-bills. They're very efficient and there's no funny
business.
You log in, enter your password, and they send a
code via email. That seems like plenty of security to me.
Anyone trying to hack it would not only have to get past all
that. They'd also need to get access to the connected bank
account, or add a new one. That latter process requires a
special stamp, in person, from a bank officer.
"Carlos E.R." <robin_listas@es.invalid> wrote
| > As V said, the simple answer is that they want to spy.
|
| No, that's not it. Not for a bank.
|
Of course that's it.
| They want to know that you are an actual person with a phone and
| contract. They have to trust the company giving those numbers.
|
An actual person with a phone contract? So you're saying that
having a cellphone is more proof of ID than my drivers license? You've
been drinking the kool-aid.
At one point I played with crypto a bit. I had to upload a picture
ID (drivers license), as well as giving them my email address and
access to my bank account. As I recall I think they sent a voice
message code to my landline, which is a lot more security in terms of
proof of ID than a cellphone. The lamdline is registered to -- and
wired to -- a physical address.
Investing with the US Treasury does not require a cellphone.
They send a code via email.
My Tracfone was bought at BestBuy. At no point did I have to
enter an ID or open an account. Tracfone officially has no idea
who I am. I buy minutes at a drugstore every 3 months. There's
no inherent security or proof of ID with cellphones. If I were going
to do anything online requiring a cellphone, I'd be using that Tracfone.
The problem, as I noted, is that if I lost the cellphone I don't feel >confident that I'd be able to get into my account. There's no one
minding the store.
I ran into a similar issue with my brotyher who had a stroke. I
tried to get his email. Google wouldn't let me. They wanted 2FA.
He'd never set up 2FA! Apparently they saw that I was logging in
from a different location, on a different device. There was no way
around it. One doesn't just call a tech support person at Google.
So it's pure bullshit for them to talk about security and even more
BS to talk about confirming who you are. The only credible reason to
require 2FA via cellphone is to track you.
Newyana2 wrote:
"The Real Bev" <bashley101@gmail.com> wrote
WTF? Why is the google voice number not a REAL phone number?
As V said, the simple answer is that they want to spy.
No, that's not it. Not for a bank.
They want to know that you are an actual person with a phone and
contract. They have to trust the company giving those numbers.
On 3/9/24 7:30 PM, Newyana2 wrote:
"Carlos E.R." <robin_listas@es.invalid> wrote
| > As V said, the simple answer is that they want to spy.
|
| No, that's not it. Not for a bank.
|
Of course that's it.
| They want to know that you are an actual person with a phone and
| contract. They have to trust the company giving those numbers.
|
An actual person with a phone contract? So you're saying that
having a cellphone is more proof of ID than my drivers license? You've
been drinking the kool-aid.
At one point I played with crypto a bit. I had to upload a picture
ID (drivers license), as well as giving them my email address and
access to my bank account. As I recall I think they sent a voice
message code to my landline, which is a lot more security in terms of
proof of ID than a cellphone. The lamdline is registered to -- and
wired to -- a physical address.
Wow. That's a lot of info to give an online company for a paranoid guy like
you... 8-O
Investing with the US Treasury does not require a cellphone.
They send a code via email.
My Tracfone was bought at BestBuy. At no point did I have to
enter an ID or open an account. Tracfone officially has no idea
who I am. I buy minutes at a drugstore every 3 months. There's
no inherent security or proof of ID with cellphones. If I were going
to do anything online requiring a cellphone, I'd be using that Tracfone. >>The problem, as I noted, is that if I lost the cellphone I don't feel >>confident that I'd be able to get into my account. There's no one
minding the store.
I ran into a similar issue with my brotyher who had a stroke. I
tried to get his email. Google wouldn't let me. They wanted 2FA.
He'd never set up 2FA! Apparently they saw that I was logging in
from a different location, on a different device. There was no way
around it. One doesn't just call a tech support person at Google.
So it's pure bullshit for them to talk about security and even more
BS to talk about confirming who you are. The only credible reason to >>require 2FA via cellphone is to track you.
I prefer text 2FA because it's immediate. If I didn't request it and
somebody's using my password I want to know right away...
"Carlos E.R." <robin_listas@es.invalid> wrote
| > As V said, the simple answer is that they want to spy.
|
| No, that's not it. Not for a bank.
|
Of course that's it.
| They want to know that you are an actual person with a phone and
| contract. They have to trust the company giving those numbers.
|
An actual person with a phone contract? So you're saying that
having a cellphone is more proof of ID than my drivers license? You've
been drinking the kool-aid.
At one point I played with crypto a bit. I had to upload a picture
ID (drivers license), as well as giving them my email address and
access to my bank account. As I recall I think they sent a voice
message code to my landline, which is a lot more security in terms of
proof of ID than a cellphone. The lamdline is registered to -- and
wired to -- a physical address.
Investing with the US Treasury does not require a cellphone.
They send a code via email.
My Tracfone was bought at BestBuy. At no point did I have to
enter an ID or open an account. Tracfone officially has no idea
who I am. I buy minutes at a drugstore every 3 months. There's
no inherent security or proof of ID with cellphones. If I were going
to do anything online requiring a cellphone, I'd be using that Tracfone.
The problem, as I noted, is that if I lost the cellphone I don't feel confident that I'd be able to get into my account. There's no one
minding the store.
I ran into a similar issue with my brotyher who had a stroke. I
tried to get his email. Google wouldn't let me. They wanted 2FA.
He'd never set up 2FA! Apparently they saw that I was logging in
from a different location, on a different device. There was no way
around it. One doesn't just call a tech support person at Google.
So it's pure bullshit for them to talk about security and even more
BS to talk about confirming who you are. The only credible reason to
require 2FA via cellphone is to track you.
AJL <noemail@none.com> wrote:
I prefer text 2FA because it's immediate. If I didn't request it and
somebody's using my password I want to know right away...
Lots of sites track you by device. Some offer you a history to view of
what devices connected to your account. If a device not previously
recorded logs in, they sent you an e-mail alert saying "Was this you?"
If a hacker can easily guess your password to then have 2FA code sent to
your phone, that bodes ill for you using a weak password.
Make the
password longer, don't use words, and each password should be unique to
the domain where you login (i.e., never reuse passwords). Make 'em
strong. Make them unique.
On 2024-03-09 20:24, Newyana2 wrote:
"The Real Bev" <bashley101@gmail.com> wrote
| WTF? Why is the google voice number not a REAL phone number?
|
As V said, the simple answer is that they want to spy.
No, that's not it. Not for a bank.
They want to know that you are an actual person with a phone and
contract. They have to trust the company giving those numbers.
"Carlos E.R." <robin_listas@es.invalid> wrote
As V said, the simple answer is that they want to spy.|
| No, that's not it. Not for a bank.
|
Of course that's it.
| They want to know that you are an actual person with a phone and
| contract. They have to trust the company giving those numbers.
|
An actual person with a phone contract? So you're saying that
having a cellphone is more proof of ID than my drivers license? You've
been drinking the kool-aid.
At one point I played with crypto a bit. I had to upload a picture
ID (drivers license), as well as giving them my email address and
access to my bank account. As I recall I think they sent a voice
message code to my landline, which is a lot more security in terms of
proof of ID than a cellphone. The lamdline is registered to -- and
wired to -- a physical address.
"Carlos E.R." <robin_listas@es.invalid> wrote
| > An actual person with a phone contract? So you're saying that
| > having a cellphone is more proof of ID than my drivers license? You've
| > been drinking the kool-aid.
|
| You can not send the drivers license online.
|
You said the reason for a cellphone code is to confirm
that you're "an actual person with a phone contract". When
I signed up for crypto I had to scan and upload both sides
of my driver's license.
We seem to be talking about two different things here.
If your identity needs to be checked then a cellphone
number is meaningless. If you want secure login, a cellphone
number is not necessary.
| >
| > So it's pure bullshit for them to talk about security and even more
| > BS to talk about confirming who you are. The only credible reason to
| > require 2FA via cellphone is to track you.
|
| What on earth are they going to track?
|
Where have you been, Carlos? The Internet runs on spying and
ads. Google's whole business is giving away convenient services
in exchange for spying. Did you think they were a non-profit? Banks
are no different. Not all online businesses spy, but if the product
is free it would be naive to think they're not spying.
Most online brokers are offering trades for free. So how do they
make money? They may just hope that you'll get rich and use their
paid services later. But it's likely that they're also collecting personal data as a source of income. Datamining. Did you somehow not
know that's an industry now? Ostrich logic never ceases to astonish
me. So many people get angry about even being exposed to the truth.
Instead they shoot the messenger, screaming about paranoia and
tinfoil hats. That's exactly what makes the datamining industry
feasible.
Newyana2 wrote:
At one point I played with crypto a bit. I had to upload a picture
ID (drivers license), as well as giving them my email address and
access to my bank account. As I recall I think they sent a voice
message code to my landline, which is a lot more security in terms of
proof of ID than a cellphone. The lamdline is registered to -- and
wired to -- a physical address.
They will struggle in the UK soon, then. All landlines disappear by the end of 2025 - there will only be VoIP.
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
At one point I played with crypto a bit. I had to upload a picture
ID (drivers license), as well as giving them my email address and
access to my bank account. As I recall I think they sent a voice
message code to my landline, which is a lot more security in terms of
proof of ID than a cellphone. The lamdline is registered to -- and
wired to -- a physical address.
They will struggle in the UK soon, then. All landlines disappear by the end >> of 2025 - there will only be VoIP.
Hardly ever read so much nonsense. We know Newyana does not have a cell
phone but he or she wants to have a big mouth in technical groups
discussing mobile technology.
For you: IP-telephone lines are landlines. Landlines are not what you
think they are. The backend is even in the UK ip-based for years.
Here in Switzerland VOIP/ip-endpoints are mandatory since 2017.
"Carlos E.R." <robin_listas@es.invalid> wrote
| > You said the reason for a cellphone code is to confirm
| > that you're "an actual person with a phone contract". When
| > I signed up for crypto I had to scan and upload both sides
| > of my driver's license.
|
| To get a bank account?
|
| We are in that context.
|
| You get a bank account and in the same act you register with them your
| real actual physical phone number.
|
This didn't start with bank accounts. YOU are talking about
bank accounts. Real Bev started by complaining about how many
websites require a cellphone number.
If I want a bank account I go to the bank. My bank does
not have a cellphone number for me.
Jörg Lorenz wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
At one point I played with crypto a bit. I had to upload a picture >>>> ID (drivers license), as well as giving them my email address and
access to my bank account. As I recall I think they sent a voice
message code to my landline, which is a lot more security in terms of
proof of ID than a cellphone. The lamdline is registered to -- and
wired to -- a physical address.
They will struggle in the UK soon, then. All landlines disappear by the end >>> of 2025 - there will only be VoIP.
Hardly ever read so much nonsense. We know Newyana does not have a cell
phone but he or she wants to have a big mouth in technical groups
discussing mobile technology.
For you: IP-telephone lines are landlines. Landlines are not what you
think they are. The backend is even in the UK ip-based for years.
Here in Switzerland VOIP/ip-endpoints are mandatory since 2017.
Here we designate wired analogue connections running under PSTN as
landlines - nothing else. What I say is correct. There will be options to continue the old lines for a few who cannot cope, but not for long.
https://tinyurl.com/2lgbqv49
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
At one point I played with crypto a bit. I had to upload a
picture ID (drivers license), as well as giving them my email
address and access to my bank account. As I recall I think they sent
a voice message code to my landline, which is a lot more security in
terms of proof of ID than a cellphone. The lamdline is registered to
-- and wired to -- a physical address. >> They will struggle in the
UK soon, then. All landlines disappear by >> the end >> of 2025 -
there will only be VoIP.
Hardly ever read so much nonsense. We know Newyana does not have a
cell phone but he or she wants to have a big mouth in technical groups discussing mobile technology.
For you: IP-telephone lines are landlines. Landlines are not what you
think they are. The backend is even in the UK ip-based for years.
Here in Switzerland VOIP/ip-endpoints are mandatory since 2017.
"Carlos E.R." <robin_listas@es.invalid> Wrote in message:
On 2024-03-09 20:24, Newyana2 wrote:
"The Real Bev" <bashley101@gmail.com> wrote
| WTF? Why is the google voice number not a REAL phone number?
|
As V said, the simple answer is that they want to spy.
No, that's not it. Not for a bank.
They want to know that you are an actual person with a phone and
contract. They have to trust the company giving those numbers.
Exactly. Banking regulations require them to use 2FA and SMS is a
simple and cheap way of doing it. Not very secure, though more
secure than email. Also it's easily understood by customers, and
that's very important. AMEX send me _both_ an SMS and an email,
which is convenient but more insecure - an OTP should go to
exactly one device.
I have a TOTP client on both my phone (FreeOTP) and tablet
(andOTP) but none of my UK banks or savings accounts uses them.
One bank provides me with an OTP gadget, but that was before 2FA
became a legal requirement. I can also use their banking app to
generate a code: I think that's what will replace SMS for most
people.
That banks or banking authorities are actually thinking about the
security of these SMSs and refusing to send them to some mobile
services is vaguely encouraging.
"Carlos E.R." <robin_listas@es.invalid> wrote:
Newyana2 wrote:
"The Real Bev" <bashley101@gmail.com> wrote
WTF? Why is the google voice number not a REAL phone number?
As V said, the simple answer is that they want to spy.
No, that's not it. Not for a bank.
They want to know that you are an actual person with a phone and
contract. They have to trust the company giving those numbers.
Well, that *is* tracking to a device. They hope the device belongs to
you, and you're the one in charge of the phone when the call arrives.
Rather a stupid concept: send the code to the same phone that is trying
to log into a web form. Geez, of course the thief or hacker just must
ignore the code sent to that phone for the login they're trying to hack.
Huh? Who is saying that the "log into a web form" is done on a *phone*?
It's more likely done on a computer and in that case, the scenario
involves *two* devices and the thief/hacker must be in possesion of the second device (phone), which he isn't.
....
There are other TOTP desktop clients, but I don't know which will work
with my bank. They list only a couple TOTP clients, one of which is the Symantec client that is geared to enterprise users. They don't list
other TOTP clients, like Google or Microsoft Authenticator.
However, in this case it's by design not nefarious. The 'F' in. 2FA is "factor" meaning that you need two different sources of truth. Your
password is one and a known device is the second. VOIP is neither
known nor a device so cannot be trusted as the endpoint could be
almost anything.
Frank Slootweg <this@ddress.is.invalid> wrote:
Huh? Who is saying that the "log into a web form" is done on a *phone*?
Web traffic volume generated by phones has surpassed web traffic
generated by desktop PCs. Most logins are on phones, not desktops.
https://gs.statcounter.com/platform-market-share/desktop-mobile/worldwide/
It's more likely done on a computer and in that case, the scenario involves *two* devices and the thief/hacker must be in possesion of the second device (phone), which he isn't.
2FA isn't about using 2 devices. It's about 2 pieces of evidence:
password and 2FA code.
If I want a bank account I go to the bank.
My bank does not have a cellphone number for me.
I haven't delved much into TOTP, because I've yet to log into any sites
that use it, but it might be more secure than 2FA.
https://en.wikipedia.org/wiki/Time-based_one-time_password
My bank did add TOTP by letting their customers using the Authy app.
Alas, Authy discontinued their desktop (Windows) client leaving only
their mobile apps. Yet I don't do banking on my phone, only on my
desktop PC. So, Authy yanked their desktop client, can't use it anymore
with my bank, so I'm stuck with them sending the 2FA code to my Google
Voice phone number which forwards to me via e-mail. Obviously I can't
get texts on my desktop PC (it has no cellular service), and I'm not
running around the house to find my smartphones to power them up and
wait to get a 2FA code via SMS that I have to manually copy into the 2FA
form in the web browser on my desktop PC. At the server, 2FA codes
expire, so it could take me longer to use a phone with SMS than it took
to use Authy on my desktop where I was trying to login.
There are other TOTP desktop clients, but I don't know which will work
with my bank. They list only a couple TOTP clients, one of which is the Symantec client that is geared to enterprise users. They don't list
other TOTP clients, like Google or Microsoft Authenticator.
FTR, the context is sending a code by SMS, that's 2SV (2 Step Verification), not 2FA (2 Factor Authentication).
2FA is about two *factors*, knowledge and possesion.
2SV is about two *steps*, in this case 1) (username and) password and
2) getting/entering the code.
2FA is a 2SV process, because it (normally) involves 2 steps.
But 2SV is not a 2FA process, because it doesn't involve possesion,
you don't own/posses the code, you get the code.
The old (self powered) analogue phone service has become known to
the public here as a 'landline' only since they had a choice (or
no choice) to replace it with what's generally called a 'digital'
phone.
On 3/11/2024 9:50 AM, Frank Slootweg wrote:
FTR, the context is sending a code by SMS, that's 2SV (2 Step Verification), not 2FA (2 Factor Authentication).
2FA is about two *factors*, knowledge and possesion.
2SV is about two *steps*, in this case 1) (username and) password and
2) getting/entering the code.
2FA is a 2SV process, because it (normally) involves 2 steps.
But 2SV is not a 2FA process, because it doesn't involve possesion,
you don't own/posses the code, you get the code.
FTR Professor Google says they are the same:
"With 2-Step Verification, also called two-factor authentication, you
can add an extra layer of security to your account in case your password
is stolen."
<https://support.google.com/accounts/answer/185839?hl=en&co=GENIE.Platform%3DDesktop>
Who to believe? Professor Google or Professor Slootweg? Hmmmmm... ;)
"Allodoxaphobia" <trepidation@example.net> wrote
| However, a worrisome trend is in play:
|
| https://lagradaonline.com/en/two-largest-banks-will-close-united-states/
|
That doesn't surprise me. The article is misleading, implying
that BofA and WF are leaving the US. They're just closing
branches. It doesn't surprise me because so many people now
avoid cash, bank by phone, have auto-deposit and use 3rd-party
services to exchange money. Bank tellers and managers are
just not needed as much as they used to be.
VanguardLH <V@nguard.lh> wrote:
[Yet another mixup of 2FA/2SV deleted.]
I haven't delved much into TOTP, because I've yet to log into any sites
that use it, but it might be more secure than 2FA.
https://en.wikipedia.org/wiki/Time-based_one-time_password
My bank did add TOTP by letting their customers using the Authy app.
Alas, Authy discontinued their desktop (Windows) client leaving only
their mobile apps. Yet I don't do banking on my phone, only on my
desktop PC. So, Authy yanked their desktop client, can't use it anymore
with my bank, so I'm stuck with them sending the 2FA code to my Google
Voice phone number which forwards to me via e-mail. Obviously I can't
get texts on my desktop PC (it has no cellular service), and I'm not
running around the house to find my smartphones to power them up and
wait to get a 2FA code via SMS that I have to manually copy into the 2FA
form in the web browser on my desktop PC. At the server, 2FA codes
expire, so it could take me longer to use a phone with SMS than it took
to use Authy on my desktop where I was trying to login.
There are other TOTP desktop clients, but I don't know which will work
with my bank. They list only a couple TOTP clients, one of which is the
Symantec client that is geared to enterprise users. They don't list
other TOTP clients, like Google or Microsoft Authenticator.
As Dave Royal also mentioned, your bank probably mentions/'supports'
one or more TOTP 'apps'/programs, but - assuming they have not
re-invented the wheel - their systems should be standards-compliant and
hence worke with any standards-compliant 'app'/program.
See this list of OTP 'apps'/programs for possible Windows solutions (pointed to by the 'See also:' of your reference)
'Comparison of OTP applications' <https://en.wikipedia.org/wiki/Comparison_of_OTP_applications>
Frank Slootweg <this@ddress.is.invalid> wrote:
VanguardLH <V@nguard.lh> wrote:
[Yet another mixup of 2FA/2SV deleted.]
I haven't delved much into TOTP, because I've yet to log into any sites
that use it, but it might be more secure than 2FA.
https://en.wikipedia.org/wiki/Time-based_one-time_password
My bank did add TOTP by letting their customers using the Authy app.
Alas, Authy discontinued their desktop (Windows) client leaving only
their mobile apps. Yet I don't do banking on my phone, only on my
desktop PC. So, Authy yanked their desktop client, can't use it anymore >>> with my bank, so I'm stuck with them sending the 2FA code to my Google
Voice phone number which forwards to me via e-mail. Obviously I can't
get texts on my desktop PC (it has no cellular service), and I'm not
running around the house to find my smartphones to power them up and
wait to get a 2FA code via SMS that I have to manually copy into the 2FA >>> form in the web browser on my desktop PC. At the server, 2FA codes
expire, so it could take me longer to use a phone with SMS than it took
to use Authy on my desktop where I was trying to login.
There are other TOTP desktop clients, but I don't know which will work
with my bank. They list only a couple TOTP clients, one of which is the >>> Symantec client that is geared to enterprise users. They don't list
other TOTP clients, like Google or Microsoft Authenticator.
As Dave Royal also mentioned, your bank probably mentions/'supports'
one or more TOTP 'apps'/programs, but - assuming they have not
re-invented the wheel - their systems should be standards-compliant and
hence worke with any standards-compliant 'app'/program.
See this list of OTP 'apps'/programs for possible Windows solutions
(pointed to by the 'See also:' of your reference)
'Comparison of OTP applications'
<https://en.wikipedia.org/wiki/Comparison_of_OTP_applications>
Authy will drop their desktop (Windows client), but the desktop is where
I do the vast majority of my web surfing and logins. Google and
Microsoft have their authenticators, but those are apps for Android or
iOS, so they are no value to me on a desktop. Besides Authy, my bank
says they support Symantec VIP which has clients for Windows, Mac,
Android, and iOS. Authy originally said they were dropping their
desktop client in August 2024, but they moved to this mid-March.
I read about Bitwarden for 2FA/TOTP, but that's a premium feature
($10/yr subscriptionware). Symantec VIP (well, I think) is free. The
wiki article doesn't mention that one. Until the wiki article, I had
not heard of SAASPASS Authenticator. Alas, while the wiki article makes SASSPASS Authenticator look superior, the table is a bit misleading.
The personal-use client is only for mobile platforms. I'll probably
lookup comparisons between Symantec VPI and Bitwarden.
I was looking at the protocols, and it seems on the surface that just
about any authenticator app should work, but that could be me being
naive or overly hopeful. I didn't want to get into the incompatibility
with old chat clients that had their own protocols, so you had to use
the same chat app as with whomever you wanted to chat (unless you got
XMPP working on both ends, but typically on lesser featured chat
clients). From some forums, Symantec VIP provides the TOTP seed in some non-standard form, so it seems sites that support Symantec VIP means
that's what you have to use, and other sites using OTP have you using
yet another authenticator.
While OAUTH change from OAUTH1 as a protocol to OAUTH2 as a framework,
seems everyone adapted the Google/Microsoft (who were the major players
in the OAUTH2 spec). Doesn't seem to have been true for TOTP and authenticators. I'll probably try Bitwarden first, but I'm not finding
a trial of Bitwarden Premium.
Frank Slootweg <this@ddress.is.invalid> wrote:[...]
VanguardLH <V@nguard.lh> wrote:
As Dave Royal also mentioned, your bank probably mentions/'supports'
one or more TOTP 'apps'/programs, but - assuming they have not
re-invented the wheel - their systems should be standards-compliant and hence worke with any standards-compliant 'app'/program.
Sadly in the UK that's not the case. They either use SMS, an automated call or their own TOTP available in their app.
Chris <ithinkiam@gmail.com> wrote:
Frank Slootweg <this@ddress.is.invalid> wrote:[...]
VanguardLH <V@nguard.lh> wrote:
As Dave Royal also mentioned, your bank probably mentions/'supports'
one or more TOTP 'apps'/programs, but - assuming they have not
re-invented the wheel - their systems should be standards-compliant and
hence worke with any standards-compliant 'app'/program.
Sadly in the UK that's not the case. They either use SMS, an automated call >> or their own TOTP available in their app.
It's similar in The Netherlands, at least for my banks and other banks
I know of. But SMS and automated call are (AFAIK) not used. Just a bank-specific hardware TOTP device (uses your bank card as one of the factors) or TOTP in their apps. I use the TOTP devices, because it's not
much of a bother and more secure.
Frank Slootweg <this@ddress.is.invalid> Wrote in message:
Chris <ithinkiam@gmail.com> wrote:
Frank Slootweg <this@ddress.is.invalid> wrote:[...]
VanguardLH <V@nguard.lh> wrote:
As Dave Royal also mentioned, your bank probably mentions/'supports' >> > one or more TOTP 'apps'/programs, but - assuming they have not
re-invented the wheel - their systems should be standards-compliant and >> > hence worke with any standards-compliant 'app'/program.
Sadly in the UK that's not the case. They either use SMS, an automated call
or their own TOTP available in their app.
It's similar in The Netherlands, at least for my banks and other banks
I know of. But SMS and automated call are (AFAIK) not used. Just a bank-specific hardware TOTP device (uses your bank card as one of the factors) or TOTP in their apps. I use the TOTP devices, because it's not much of a bother and more secure.
Does this bank-specific TOTP device use your normal bank
credit/debit card (i.e. the one you you make payments or withdraw
cash with) or a specific TOTP card. I have one of the latter -
though the bank doesn't use it for payments requiring
2FA.
Amex has recently taken to asking for 2 digits of my credit card
PIN to authorise some transactions - after years of saying we
should never reveal it.
People in this thread are actually getting angry at
merely the suggestion of having options besides cellphones
for taking care of business.
"AJL" <noemail@none.org> wrote
As Carlos put it, people addicted to cellphones
would like to believe that everyone else "does not matter".
They not only want cellphone options, they want cellphone
interaction to be enforced as the only option. They
want to live in Cellphone World.
I notice on WikiP that andOTP is no longer supported. But it works
and should continue to work unless Android breaks it. I must back
up the APK.
I don't do banking on my phone, only on my
desktop PC. So, Authy yanked their desktop client, can't use it anymore
with my bank, so I'm stuck with them sending the 2FA code to my Google
Voice phone number which forwards to me via e-mail.
There are other TOTP desktop clients, but I don't know which will work
with my bank.
Newyana2 <Newyana2@invalid.nospam> wrote:
"The Real Bev" <bashley101@gmail.com> wrote
| WTF? Why is the google voice number not a REAL phone number?
|
As V said, the simple answer is that they want to spy.
Just because you're paranoid doesn't mean they're NOT after you.
However, in this case it's by design not nefarious. The 'F' in. 2FA is "factor" meaning that you need two different sources of truth. Your
password is one and a known device is the second. VOIP is neither known nor
a device so cannot be trusted as the endpoint could be almost anything.
"AJL" <noemail@none.org> wrote
| That would be me. I visit my branch maybe twice a year to get cash for
| emergencies (like if the checkout system is down) and tips. Everything
else
| is done with the credit card. Love that Cashback card. Also love that
folks
| who pay with cash help support it...
Yes, I remember that about you.
The man who would
buy an expired lottery ticket if he could get cash back.
The
man who wants to purchase a gravestone that says, "Here
lies a man who never failed to get cash back."
The trend seems to be much bigger than cash-back-mania,
though. People in this thread are actually getting angry at
merely the suggestion of having options besides cellphones
for taking care of business.
Cellphones have become a lifestyle.
Many of those people are not even using charge cards.
They're
using debit, Square, Venmo...
They've actually become
accustomed to paying someone else to handle their cash, so
that all transactions -- even lending $20 to a friend -- go
through a payment service.
Some people are just afraid of cash, fearing that they'll
be mugged if they have money.
Others feel Jetson-esque,
waving their iPhone at Starbucks.
Many young people
probably know payment services as where money comes from.
But I suspect the main motivator is just habit: Once people
are constantly using their cellphone, it becomes convenient
to do everything through it.
As Carlos put it, people addicted to cellphones
would like to believe that everyone else "does not matter".
They not only want cellphone options, they want cellphone
interaction to be enforced as the only option. They
want to live in Cellphone World.
I'm not so sure about automated checkouts, though. Some
stores in the US are deciding to remove or reduce them due
to theft.
https://www.cnn.com/2023/12/08/business/self-checkout-dollar-general-retail/index.html
At the same time, you run the risk of being accused of
theft when using self-checkout:
https://www.coreycohen.com/blog/2022/12/have-you-been-accused-of-self-checkout-theft/
There's also a controversy around restaurants with QR
code menus. Most people are happy to use their cellphone
to read the menu, but then they're questioning why they
should tip for barebones service...
So we run into an entirely
different issue: How does human society work without
personal interactions? Maybe you'll be able to use your
famous cash-back charge card to buy conversations...
Perhaps Monty Python's argument service wasn't so
farfetched. :)
I used a self checkout for the first time recently. There
were 8 women with full carts at the only Target register,
and the self checkout took cash. I don't really mind it
there. They have the best prices, by far, on household
items. And Target seems to be the only place left to buy
such a simple thing as a pack or sponges -- just a plain old
4-pack of kitchen sponges, without a "patented
scrubber surface" or any other overpriced gimmick. So
I accept that they need to cut corners. Though I have to
find another source for underwear and socks now. Target
has locked them in display cases! Apparently people were
stealing them and sneaking through the self-checkout.
Dave Royal <dave@dave123royal.com> wrote:
Frank Slootweg <this@ddress.is.invalid> Wrote in message:
Chris <ithinkiam@gmail.com> wrote:
Frank Slootweg <this@ddress.is.invalid> wrote:[...]
VanguardLH <V@nguard.lh> wrote:
As Dave Royal also mentioned, your bank probably mentions/'supports' >> >> > one or more TOTP 'apps'/programs, but - assuming they have not
re-invented the wheel - their systems should be standards-compliant and >> >> > hence worke with any standards-compliant 'app'/program.
Sadly in the UK that's not the case. They either use SMS, an automated call
or their own TOTP available in their app.
It's similar in The Netherlands, at least for my banks and other banks >> > I know of. But SMS and automated call are (AFAIK) not used. Just a
bank-specific hardware TOTP device (uses your bank card as one of the
factors) or TOTP in their apps. I use the TOTP devices, because it's not >> > much of a bother and more secure.
Does this bank-specific TOTP device use your normal bank
credit/debit card (i.e. the one you you make payments or withdraw
cash with) or a specific TOTP card. I have one of the latter -
though the bank doesn't use it for payments requiring
2FA.
It uses my normal bank card. Mostly a debit card, because most 'local'
(in NL (and EU?)) on-line transactions can be done by a debit card,
which - in our country - is a safer card than a credit card. But also
some credit card transactions work with the bank's TOTP device (our
credit cards are issued by our banks).
Amex has recently taken to asking for 2 digits of my credit card
PIN to authorise some transactions - after years of saying we
should never reveal it.
When I use my credit card in the bank's TOTP device, I need to give
the 4-digit PIN of that card, i.e. the PIN is one factor of 2FA, the
physical card is the other.
On 2024-03-12 13:53, Newyana2 wrote:
"AJL" <noemail@none.org> wrote
...
As Carlos put it, people addicted to cellphones
would like to believe that everyone else "does not matter".
They not only want cellphone options, they want cellphone
interaction to be enforced as the only option. They
want to live in Cellphone World.
Addicted? No, simply banks are using a device that everybody has,
instead of making their clients buy an extra hardware device, not cheap,
for needed extra security. You do have other options if you insist.
It's easier than you think. All the TOTP sites I use - admittedly
not many and none of them banks - use standards protocols. I
think all of them suggested Authy - not sure. GitHub and Mozilla
suggested FreeOTP IIRC.
The reason I chose andOTP on my Android tablet was (a) it's
opensource (b) it's offline (c) it can produce an encrypted
backup of its tokens (d) it requires a password to access.
FreeOTP on iOS could not do (c) and (d). All the tokens I have
originated on my Linux desktop. I point the Android tablet's
camera at the barcode on the screen to install it, then back it
up onto both. If I want to transfer the token to my iPhone - I
usually don't in case it's lost ot stolen, see (d) - I display
the barcode on the tablet and read that with the iPhone.
"Carlos E.R." <robin_listas@es.invalid> wrote:
On 2024-03-12 13:53, Newyana2 wrote:
"AJL" <noemail@none.org> wrote
...
As Carlos put it, people addicted to cellphones
would like to believe that everyone else "does not matter".
They not only want cellphone options, they want cellphone
interaction to be enforced as the only option. They
want to live in Cellphone World.
Addicted? No, simply banks are using a device that everybody has,
instead of making their clients buy an extra hardware device, not cheap,
for needed extra security. You do have other options if you insist.
Personally I would prefer if the trend were toward using USB security
sticks instead of SMS and e-mail. One problem there might be: having to
use a computer that has no USB ports, or they've been disabled. Another problem is no one is going to attach the USB stick to a cord attached to their body: when they leave the computer, the USB stick must go with
them. Instead the sticks are left plugged into a USB port, so anyone
with physical access to the computer can login using the stick just like
the owner can. The problem of physical access also applies to phones.
As for cost, if every computer could use a Yubi security key, the $25
would be worth the freedom of relying on a phone. Weren't some
Europeans charged and fined for pretending to be someone else's phone
through SIM card swap they foisted on the carrier?
What Is a SIM Swap Attack and How Can You Prevent It? https://www.avast.com/c-sim-swap-scam
When getting an SMS text, there is no verification that the receiving
phone's IMEI is the one to where the text was intended to drop. If the
IMEI were involved, you'd have to re-register with whomever is sending
2FA codes via texts to give them yet another piece of valuable info: the
IMEI of your phone. When you change or add phones, you have to update
all your accounts to give them another IMEI. But SMS doesn't link to
IMEI, so there SMS is not secured either during transmission nor
guarantee which phone the SMS targets.
Maybe if all computers had biometric input (camera for eyes and sensor
for fingers and mic for voice) then the verification really would be to
a person, not the expectation of a device or service to which that
person -- or someone else -- has access. Phones and laptops have those
bio devices (well, maybe not all have finger sensors), but only a
fraction of desktops have even 2 of them. I don't have a camera on my desktop. I don't do video chats. I have a mic only when I plug in my headset. I'd have to buy a fingerprint sensor. Bio verification isn't
going to happen on desktops until those devices are built in by default whether pre-builts or own builts, not appended on.
When sent a 2FA code, how long before you have to use it. Typically the expiration is 5 to 15 minutes. Pretty long time, but they have to
account for delay in SMS transport, and time for users to enter the 2FA
code. Some phone users are handicapped, so they don't quickly enter anything. Do the 2FA codes automatically and immediately expire upon
use, or are they still valid for the original time allowed for
expiration?
I hope that the site enforces automatic expiration on use,
but I haven't verified this is the case. Anyway, the long expiration
time to wait for use of the 2FA code means a larger window of
opportunity for interception. SMS and e-mail are not secure
communication venues. That's why I'm thinking TOTP would be a better
choice; however, doesn't seem that every site wanting to use 2FA
supports TOTP, and it seems you must have the particular TOTP
authenticator that they expect you to use which, to me, hints the communication protocol is not yet standardized to allow use of *any*
TOTP authenticator. One site uses Authy, another uses Symantec VIP, and another requires something else.
Does everyone that gets a new phone, or just a new SIM card, always get
a new phone number, and keep that one?
I use Google Voice which calls
all my phones, so it doesn't matter which phones I have at the time or
what are their phone numbers. All of them (that I've added to my GV
account) get called using simultaneous ring. I even have an Obitalk
added to my GV account, so I get calls on my home phones (VOIP converted
to POTS in my home wiring). However, if I had only 1 phone, I'd try to
port my old phone number to the new phone, if allowed (which costs money
to do the port). I wouldn't have to change my old phone number in every account where it is recorded, and to where SMS texts would get sent.
With e-mail alerts (GV sends a copy of a text to my e-mail), it doesn't matter which smartphone I use. If a site is going to use 2FA when you
try to update your account to reflect your new phone number, you're
screwed if you don't have the old phone to get the text. If you have to
talk to tech support, figure on wasting an hour and half on a call, and
the info you give them is the same info the hackers use in a SIM swap.
With the average ownership of smartphones only around 2 years, seems it
would be a repetitive nuisance to update phone numbers in all accounts
for all those consumers that just must update. With a security key,
wouldn't matter where you got the text, but who wants to keep plugging a stick into the phone's USB port, or leave the stick dangling out the
port? Even if IMEI were linked to SMS (to the sender, not to the
carrier who doesn't give a fart about the content and is not involved in securing a login), a change of phone means a different IMEI. You can go
to TOTP *if* the other party supports using it, but then you have to get
your tokens to the new phone. Authy does that with its cloud sync, but
not other authenticators. Transferring tokens with other authenticators
is a bitch, but then often the intent to make users think that more
effort means more security.
VanguardLH wrote:
Weren't some Europeans charged and fined for pretending to be someone
else's phone through SIM card swap they foisted on the carrier?
SIM swap attack is a thing, yes. They can thus receive verification
SMSs, but probably not banking app messages.
Maybe if all computers had biometric input (camera for eyes and
sensor for fingers and mic for voice) then the verification really
would be to a person, not the expectation of a device or service to
which that person -- or someone else -- has access. Phones and
laptops have those bio devices (well, maybe not all have finger
sensors), but only a fraction of desktops have even 2 of them.
Most recent laptops have finger print sensors and cameras. But I don't
have software that uses the former (nor the later, for purposes of
ID).
"Carlos E.R." <robin_listas@es.invalid> wrote:
VanguardLH wrote:
Weren't some Europeans charged and fined for pretending to be someone
else's phone through SIM card swap they foisted on the carrier?
SIM swap attack is a thing, yes. They can thus receive verification
SMSs, but probably not banking app messages.
My bank has apps for Android and iOS, but not for Windows where they
expect me to login via web browser. They have apps for Android and iOS,
but I'll have to ask them if those use TOTP. I doubt they will know nor
know who to pass my inquiry.
I resist putting a bank app on my smartphone. Anyone that has physical access could get into my account using the . My banks app says "Secure
your account with a 4-digit passcode or biometric on supported devices."
Sure wish the PIN were longer, like at least 8 digits, and more like a password where I can use alphanumeric characters, capitalization, and non-alphanumeric characters. Or to use both a PIN *and* biometrics (fingerprint sensor).
Maybe if all computers had biometric input (camera for eyes and
sensor for fingers and mic for voice) then the verification really
would be to a person, not the expectation of a device or service to
which that person -- or someone else -- has access. Phones and
laptops have those bio devices (well, maybe not all have finger
sensors), but only a fraction of desktops have even 2 of them.
Most recent laptops have finger print sensors and cameras. But I don't
have software that uses the former (nor the later, for purposes of
ID).
My desktop is not a laptop. No camera, no mic (until I plug in the USB headset), and no fingerprint sensor. I'd have to buy those, but then my
bank could care less as they want me using their phone app (not usable
on my desktop) or the Symantec VIP authenticator (since Authy is soon dropping their desktop app).
Dave Royal <dave@dave123royal.com> writes:
I notice on WikiP that andOTP is no longer supported. But it works
and should continue to work unless Android breaks it. I must back
up the APK.
Another FOSS HOTP and TOTP client for Android is Aegis and it can import
from andOTP.
Jörg Lorenz <hugybear@gmx.net> wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
At one point I played with crypto a bit. I had to upload a picture
ID (drivers license), as well as giving them my email address and
access to my bank account. As I recall I think they sent a voice
message code to my landline, which is a lot more security in terms of
proof of ID than a cellphone. The lamdline is registered to -- and
wired to -- a physical address.
They will struggle in the UK soon, then. All landlines disappear by the end >>> of 2025 - there will only be VoIP.
Hardly ever read so much nonsense. We know Newyana does not have a cell
phone but he or she wants to have a big mouth in technical groups
discussing mobile technology.
For you: IP-telephone lines are landlines. Landlines are not what you
think they are. The backend is even in the UK ip-based for years.
Do you have evidence for that? It's true that UK telephony has been digital for a long time within the BT network, but that doesn't mean it's internet/ip-based.
I see that Aegis can produce an encryted copy of it's 'vault'. Do
you know if the tokens therein be recovered without using Aegis
itself ?
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-12 13:53, Newyana2 wrote:
"AJL" <noemail@none.org> wrote
...
As Carlos put it, people addicted to cellphones would like to
believe that everyone else "does not matter". They not only want
cellphone options, they want cellphone interaction to be enforced as
the only option. They want to live in Cellphone World.
Addicted? No, simply banks are using a device that everybody has,
instead of making their clients buy an extra hardware device, not
cheap, for needed extra security.
Banks here used to provide a hardware device for free which you used
with your bank card at home.
The annoying thing was that you ended up with one for each bank -
despite using the same technology - and you were stuck if you didn't
have it with you.
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-12 13:53, Newyana2 wrote:
"AJL" <noemail@none.org> wrote
...
As Carlos put it, people addicted to cellphones
would like to believe that everyone else "does not matter".
They not only want cellphone options, they want cellphone
interaction to be enforced as the only option. They
want to live in Cellphone World.
Addicted? No, simply banks are using a device that everybody has,
instead of making their clients buy an extra hardware device, not cheap,
for needed extra security.
Banks here used to provide a hardware device for free which you used with your bank card at home.
The annoying thing was that you ended up with one for each bank - despite using the same technology - and you were stuck if you didn't have it with you.
Jörg Lorenz <hugybear@gmx.net> wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
At one point I played with crypto a bit. I had to upload a picture
ID (drivers license), as well as giving them my email address and
access to my bank account. As I recall I think they sent a voice
message code to my landline, which is a lot more security in terms of
proof of ID than a cellphone. The lamdline is registered to -- and
wired to -- a physical address.
They will struggle in the UK soon, then. All landlines disappear by the end >>> of 2025 - there will only be VoIP.
Hardly ever read so much nonsense. We know Newyana does not have a cell
phone but he or she wants to have a big mouth in technical groups
discussing mobile technology.
For you: IP-telephone lines are landlines. Landlines are not what you
think they are. The backend is even in the UK ip-based for years.
Do you have evidence for that? It's true that UK telephony has been digital for a long time within the BT network, but that doesn't mean it's internet/ip-based.
"Newyana2" <Newyana2@invalid.nospam> writes:
"Richmond" <dnomhcir@gmx.com> wrote
I avoid any online banking. I can still walk and drive. Social
security is auto-deposited. I just don't need online banking, so
there's no sense risking it. I've also locked my credit. In the US one
can contact 3 credit reporting agencies, establish a lock, and from
then on no credit cards can be issued. If you need a new credit card,
you unlock it temporarily. That method also provides a great excuse
for pushy store clerks who want me to sign up for their store
card. "Oh, I'd love to, but I have my credit locked. Haven't you done
that yourself?"
It isn't just the card unfortunately. If you install an app rather than
just receive an SMS, that app can do other things like make payments,
and tell you the PIN number of your card. What happens if someone else
finds the PIN number from your phone? well, the Bank would like to say
it is your fault.
https://www.ftadviser.com/your-industry/2022/09/06/santander-agrees-to-reimburse-customer-after-gym-theft/
HSBC offers both physical and digital secure keys, but the digital one involves installing an app.
https://www.hsbc.co.uk/help/security-centre/secure-key/
"Richmond" <dnomhcir@gmx.com> wrote
| I would rather use it than use an android phone. I don't trust the
| security of android phones, and I have a suspicion that banks don't
| either, but they are not taking responsibility. Who will pay if your
| phone gets malware on it and steals your credentials?
That's a good question. To read the media it seems that identity
theft is rampant, though I don't actually know anyone it's happened
to.
Credit card companies will usually reimburse losses, but they don't
have to. They're doing it so far because they profit by encouraging
people to use cards without worry.
Debit cards are less protected. Commercial debit cards have no
protection in the US. With personal debit cards there are
limitations. If I remember correctly, one is that any theft must be
reported within something like 2 1/2 days. How many people even read
their bank statements or balance their checkbook to know if something
goes wrong?
The level of abstraction makes me nervous. WW3 might be started and
won by one country simply hacking into multiple networks
simultaneously and tainting the records beyond salvaging. Then
everyone wakes up the next day a random pauper or
billionaire. Everything could collapse.
On the other hand, money under a mattress also has severe
limitations.
I avoid any online banking. I can still walk and drive. Social
security is auto-deposited. I just don't need online banking, so
there's no sense risking it. I've also locked my credit. In the US one
can contact 3 credit reporting agencies, establish a lock, and from
then on no credit cards can be issued. If you need a new credit card,
you unlock it temporarily. That method also provides a great excuse
for pushy store clerks who want me to sign up for their store
card. "Oh, I'd love to, but I have my credit locked. Haven't you done
that yourself?"
On 2024-03-13 15:25, Richmond wrote:
"Newyana2" <Newyana2@invalid.nospam> writes:
"Richmond" <dnomhcir@gmx.com> wrote
I avoid any online banking. I can still walk and drive. Social
security is auto-deposited. I just don't need online banking, so
there's no sense risking it. I've also locked my credit. In the US
one can contact 3 credit reporting agencies, establish a lock, and
from then on no credit cards can be issued. If you need a new credit
card, you unlock it temporarily. That method also provides a great
excuse for pushy store clerks who want me to sign up for their store
card. "Oh, I'd love to, but I have my credit locked. Haven't you
done that yourself?" >> It isn't just the card unfortunately. If
you install an app rather >> than >> just receive an SMS, that app
can do other things like make payments, >> and tell you the PIN
number of your card. What happens if someone else >> finds the PIN
number from your phone? well, the Bank would like to say >> it is
your fault.
He has to know the password to open the phone, and the password to
open the bank application. And possibly, a third password before the
app allows you to do an operation such as retrieve the pin of a credit
card.
https://www.ftadviser.com/your-industry/2022/09/06/santander-agrees-to-reimburse-customer-after-gym-theft/
I don't know what that pin in app feature is, and I am a santander
client, just not in the UK.
I avoid any online banking. I can still walk and drive. Social
security is auto-deposited.
I've also locked my credit. In
the US one can contact 3 credit reporting agencies, establish
a lock, and from then on no credit cards can be issued. If
you need a new credit card, you unlock it temporarily.
That
method also provides a great excuse for pushy store clerks
who want me to sign up for their store card. "Oh, I'd love to,
but I have my credit locked. Haven't you done that yourself?"
I don't know about UK, but here in Spain all clients on fibre have a
VoIP system, hidden. At the home, there is a device called ONT (Optical network terminal), which can be integrated on the router, that converts
the phone over IP signals to an RJ-11 where we connect our traditional
phone terminals.
I resist putting a bank app on my smartphone. Anyone that has physical access could get into my account using the . My banks app says "Secure
your account with a 4-digit passcode or biometric on supported devices."
Sure wish the PIN were longer, like at least 8 digits, and more like a password where I can use alphanumeric characters, capitalization, and non-alphanumeric characters. Or to use both a PIN *and* biometrics (fingerprint sensor).
More reading, there's a script decrypt.py in the docs directory of
Aegis' Github which apparently can be used to decrypt the vault as
well. I don't know what format that produces or if it can be imported by other tools. I should try that, obviously.
VanguardLH <V@nguard.lh> wrote:
[...]
I resist putting a bank app on my smartphone. Anyone that has physical
access could get into my account using the . My banks app says "Secure
your account with a 4-digit passcode or biometric on supported devices."
Sure wish the PIN were longer, like at least 8 digits, and more like a
password where I can use alphanumeric characters, capitalization, and
non-alphanumeric characters. Or to use both a PIN *and* biometrics
(fingerprint sensor).
I don't use a bank app on my smartphone either. No need, on-line
banking on my laptop works just fine (with the bank's hardware TOTP
device).
*If* you use a bank app, of course you don't only have to protect the
bank app with PIN/password/biometrics, but first of all have to protect
the whole phone with PIN/password/biometrics. So your scenario of
"Anyone that has physical access could get into my [bank] account" is a non-existing one, because physical access does not mean they can get
'in' your phone.
Of course there is the theoretical scenario of someone getting hold of
your phone while it is still unlocked - for example they grab it from
your hands and run away -, but even in that scenario, any sensitive apps
- such as your bank app - are still protected by their own PIN/password/ biometrics.
OTOH, if your name is 'Newyana2', *anything* goes! :-)
Frank Slootweg <this@ddress.is.invalid> wrote:
VanguardLH <V@nguard.lh> wrote:
[...]
I resist putting a bank app on my smartphone. Anyone that has physical
access could get into my account using the . My banks app says "Secure
your account with a 4-digit passcode or biometric on supported devices." >> Sure wish the PIN were longer, like at least 8 digits, and more like a
password where I can use alphanumeric characters, capitalization, and
non-alphanumeric characters. Or to use both a PIN *and* biometrics
(fingerprint sensor).
I don't use a bank app on my smartphone either. No need, on-line
banking on my laptop works just fine (with the bank's hardware TOTP device).
My bank does not offer a hardware-based TOTP device, like a Yubi key.
Mine is a community bank (no fees of any kind). They're a bit behind on technology.
*If* you use a bank app, of course you don't only have to protect the bank app with PIN/password/biometrics, but first of all have to protect
the whole phone with PIN/password/biometrics. So your scenario of
"Anyone that has physical access could get into my [bank] account" is a non-existing one, because physical access does not mean they can get
'in' your phone.
Of course there is the theoretical scenario of someone getting hold of your phone while it is still unlocked - for example they grab it from
your hands and run away -, but even in that scenario, any sensitive apps
- such as your bank app - are still protected by their own PIN/password/ biometrics.
Unfortunately my old LG V20 (c.2016) doesn't have an app lock feature.
Considering theft can incur violence, I could get knocked out, forced at gun/knife point or by multiple assailants, dead, or the phone swiped
while I'm using it, and someone can still press my finger to the
fingerprint sensor. A finger on a sensor is handy to unlock the phone,
but doesn't require the user is voluntarily using it. Although I have
the fingerprint sensor configured to unlock the phone, it sometimes
still asks for my PIN to regain access probably to account for possible
theft of the phone, but the revert from fingerprint unlock to PIN unlock
is infrequent.
Never had to hand your phone to someone else to use it?
I've not yet been in the situation where I'm assualted for my phone, but
then security isn't about what has happened but what might happen. It's
like anti-virus software: if you've been infected then too late, it's to prevent infection later.
OTOH, if your name is 'Newyana2', *anything* goes! :-)
Isn't Newyana2 a later nym that Mayayana started using about Sep 2023?
VanguardLH <V@nguard.lh> wrote:
Frank Slootweg <this@ddress.is.invalid> wrote:
VanguardLH <V@nguard.lh> wrote:
Never had to hand your phone to someone else to use it?
No, not without me supervising its use. And again, they might be able
to perform some actions, but they can't get into any sensitive apps.
[Irrelevant reverse scenario deleted.]
"Carlos E.R." <robin_listas@es.invalid> wrote
| For instance, yesterday I went to see Dune 2. I showed the ticket on my
| phone at the entrance for scanning (the dot code was equivalent to a 7
| character word), went to one of the nearly twenty "rooms", and then I
| realized I could not see what row and seat I was on. I had to double
| back to ask the lady at the entrance. She smiled. The email had a line
| she had to find in my phone that said:
|
| Entradas: 1 x -Miércoles al cine VIP (6,70 € - 710)
|
| Well, the seat is "710", ie, row 7, 10th chair. Someone goofed the email
| design, and the staff knows. The lady moved the email with her finger to
| find the line, then pointed it at me and decoded it for me. We both had
| a laugh.
|
So much trouble. I go to my local theater, hand them a $10 bill
(because I'm a senior) and sit where I like. :)
Though I'm waiting
on Dune2. I'm not sure I want to spend almost 3 hours to watch
a mediocre movie. I saw the first one. As a former Frank Herbert
fan I was disappointed that a book full of complicated psychological
details was reduced to a flashy shoot-'em-up. Sometimes it seems
like every movie now is just fight scenes.
Carlos E.R. <robin_listas@es.invalid> wrote:
[...]
[About 'landlines':]
I don't know about UK, but here in Spain all clients on fibre have a
VoIP system, hidden. At the home, there is a device called ONT (Optical
network terminal), which can be integrated on the router, that converts
the phone over IP signals to an RJ-11 where we connect our traditional
phone terminals.
I (in The Netherlands) have the same kind of setup on our (coax, HFC) cable connection and I indeed connect the (DECT) phone to the RJ-11 of
the modem/router.
Ours is indeed a 'landline' and has a city-based landline number
(non-06), not a mobile number (06).
OTOH, the phone is a 'mobile' phone, just not very mobile! :-)
On 2024-03-13 19:29, Frank Slootweg wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
[...]
[About 'landlines':]
I don't know about UK, but here in Spain all clients on fibre have a
VoIP system, hidden. At the home, there is a device called ONT (Optical
network terminal), which can be integrated on the router, that converts
the phone over IP signals to an RJ-11 where we connect our traditional
phone terminals.
I (in The Netherlands) have the same kind of setup on our (coax, HFC) cable connection and I indeed connect the (DECT) phone to the RJ-11 of
the modem/router.
Ours is indeed a 'landline' and has a city-based landline number (non-06), not a mobile number (06).
OTOH, the phone is a 'mobile' phone, just not very mobile! :-)
Yep, same thing here.
I forgot to mention that this "advancement" means that the phone dies if
the house power fails, unless you invest on an UPS for the router. So
you can not call the electrician.
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-13 09:11, Chris wrote:
Jörg Lorenz <hugybear@gmx.net> wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
At one point I played with crypto a bit. I had to upload a picture >>>>>> ID (drivers license), as well as giving them my email address and
access to my bank account. As I recall I think they sent a voice
message code to my landline, which is a lot more security in terms of >>>>>> proof of ID than a cellphone. The lamdline is registered to -- and >>>>>> wired to -- a physical address.
They will struggle in the UK soon, then. All landlines disappear by the end
of 2025 - there will only be VoIP.
Hardly ever read so much nonsense. We know Newyana does not have a cell >>>> phone but he or she wants to have a big mouth in technical groups
discussing mobile technology.
For you: IP-telephone lines are landlines. Landlines are not what you
think they are. The backend is even in the UK ip-based for years.
Do you have evidence for that? It's true that UK telephony has been digital >>> for a long time within the BT network, but that doesn't mean it's
internet/ip-based.
I don't know about UK, but here in Spain all clients on fibre have a
VoIP system, hidden. At the home, there is a device called ONT (Optical
network terminal), which can be integrated on the router, that converts
the phone over IP signals to an RJ-11 where we connect our traditional
phone terminals.
In fact, companies hide the VoIP credentials so that connecting a VoIP
phone instead is not trivial.
The stated goal is to remove all copper exchanges, migrating everybody
to fibre (or some form of radio). The buildings can then be sold, they
are in the city centres and are worth a packet.
My understanding is that the UK is doing more or less the same, and many
countries are on the same road. Which means that a lot of the current
phone network is no longer circuit switched.
I'm aware of that, but that's the recent (domestic) move away from copper lines and VOIP.
Jörg's comment was about the backhaul being ip-based for a much longer period.
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-13 19:29, Frank Slootweg wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
[...]
[About 'landlines':]
I don't know about UK, but here in Spain all clients on fibre have a
VoIP system, hidden. At the home, there is a device called ONT (Optical >>>> network terminal), which can be integrated on the router, that converts >>>> the phone over IP signals to an RJ-11 where we connect our traditional >>>> phone terminals.
I (in The Netherlands) have the same kind of setup on our (coax, HFC) >>> cable connection and I indeed connect the (DECT) phone to the RJ-11 of
the modem/router.
Ours is indeed a 'landline' and has a city-based landline number
(non-06), not a mobile number (06).
OTOH, the phone is a 'mobile' phone, just not very mobile! :-)
Yep, same thing here.
I forgot to mention that this "advancement" means that the phone dies if
the house power fails, unless you invest on an UPS for the router. So
you can not call the electrician.
Yes, in Australia, a subscriber can get (or gets by default?) a UPS as part of the set up of such 'landlines' on the fibre NBN (National
Broadband Network).
Next thing, users connect their DECT phones, which also need power,
but which are not connected to the UPS. Guess what happens in case of a
power failure? :-) (Yes, I've seen it with my very eyes.)
On 2024-03-13 21:00, Chris wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-13 09:11, Chris wrote:
Jörg Lorenz <hugybear@gmx.net> wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
At one point I played with crypto a bit. I had to upload a picture >>>>>>> ID (drivers license), as well as giving them my email address and >>>>>>> access to my bank account. As I recall I think they sent a voice >>>>>>> message code to my landline, which is a lot more security in terms of >>>>>>> proof of ID than a cellphone. The lamdline is registered to -- and >>>>>>> wired to -- a physical address.
They will struggle in the UK soon, then. All landlines disappear by the end
of 2025 - there will only be VoIP.
Hardly ever read so much nonsense. We know Newyana does not have a cell >>>>> phone but he or she wants to have a big mouth in technical groups
discussing mobile technology.
For you: IP-telephone lines are landlines. Landlines are not what you >>>>> think they are. The backend is even in the UK ip-based for years.
Do you have evidence for that? It's true that UK telephony has been digital
for a long time within the BT network, but that doesn't mean it's
internet/ip-based.
I don't know about UK, but here in Spain all clients on fibre have a
VoIP system, hidden. At the home, there is a device called ONT (Optical
network terminal), which can be integrated on the router, that converts
the phone over IP signals to an RJ-11 where we connect our traditional
phone terminals.
In fact, companies hide the VoIP credentials so that connecting a VoIP
phone instead is not trivial.
The stated goal is to remove all copper exchanges, migrating everybody
to fibre (or some form of radio). The buildings can then be sold, they
are in the city centres and are worth a packet.
My understanding is that the UK is doing more or less the same, and many >>> countries are on the same road. Which means that a lot of the current
phone network is no longer circuit switched.
I'm aware of that, but that's the recent (domestic) move away from copper
lines and VOIP.
Jörg's comment was about the backhaul being ip-based for a much longer
period.
It is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes applied in
their country have also been applied elsewhere :-D
Like no TV over the air.
But I hadn't actually tried decrypting an andOTP backup. So I did,
on Linux, using this:
https://github.com/asmw/andOTP-decrypt
It produces a set of QR code image files.
On 14.03.24 21:13, Carlos E.R. wrote:
On 2024-03-13 21:00, Chris wrote:
It is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes applied in
their country have also been applied elsewhere :-D
Like no TV over the air.
Very Old Style! We use satellite or fibre-based IP-TV. More reliable and
much better quality.
BTW: Classical TV is a thing of the past.
On 14.03.24 21:13, Carlos E.R. wrote:
On 2024-03-13 21:00, Chris wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-13 09:11, Chris wrote:
Jörg Lorenz <hugybear@gmx.net> wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
My understanding is that the UK is doing more or less the same, and
many
countries are on the same road. Which means that a lot of the current
phone network is no longer circuit switched.
I'm aware of that, but that's the recent (domestic) move away from
copper
lines and VOIP.
Jörg's comment was about the backhaul being ip-based for a much longer
period.
It is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes applied in
their country have also been applied elsewhere :-D
Like no TV over the air.
Very Old Style! We use satellite or fibre-based IP-TV. More reliable and
much better quality.
BTW: Classical TV is a thing of the past.
On 3/14/24 10:49 AM, Newyana2 wrote:
"Carlos E.R." <robin_listas@es.invalid> wrote
| For instance, yesterday I went to see Dune 2. I showed the ticket on my
| phone at the entrance for scanning (the dot code was equivalent to a 7
| character word), went to one of the nearly twenty "rooms", and then I
| realized I could not see what row and seat I was on. I had to double
| back to ask the lady at the entrance. She smiled. The email had a line
| she had to find in my phone that said:
|
| Entradas: 1 x -Miércoles al cine VIP (6,70 € - 710)
|
| Well, the seat is "710", ie, row 7, 10th chair. Someone goofed the
| design, and the staff knows. The lady moved the email with her
finger to
| find the line, then pointed it at me and decoded it for me. We both had
| a laugh.
|
  So much trouble. I go to my local theater, hand them a $10 bill
(because I'm a senior) and sit where I like. :)
I'm trying to remember the last movie I saw that was worth $10. Maybe Terminator 2, but we have a blu-ray which cost less than that. It's
been a long time since I actually wanted to see a movie in a theater.
On 2024-03-15 07:42, Jörg Lorenz wrote:
On 14.03.24 21:13, Carlos E.R. wrote:
On 2024-03-13 21:00, Chris wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-13 09:11, Chris wrote:
Jörg Lorenz <hugybear@gmx.net> wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
...
My understanding is that the UK is doing more or less the same, and
many
countries are on the same road. Which means that a lot of the current >>>>> phone network is no longer circuit switched.
I'm aware of that, but that's the recent (domestic) move away from
copper
lines and VOIP.
Jörg's comment was about the backhaul being ip-based for a much longer >>>> period.
It is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes applied in
their country have also been applied elsewhere :-D
Like no TV over the air.
Very Old Style! We use satellite or fibre-based IP-TV. More reliable and
much better quality.
Tsk, tsk. Actually, in Spain, some channels transmit in better quality
over the air than via fibre. Just a fact, they do.
BTW: Classical TV is a thing of the past.
I know you would say that. But it is not classical TV over here, it is digital, and it is going strong.
On 15.03.24 12:34, Carlos E.R. wrote:
On 2024-03-15 07:42, Jörg Lorenz wrote:
On 14.03.24 21:13, Carlos E.R. wrote:
On 2024-03-13 21:00, Chris wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-13 09:11, Chris wrote:
Jörg Lorenz <hugybear@gmx.net> wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
...
My understanding is that the UK is doing more or less the same, and >>>>>> many
countries are on the same road. Which means that a lot of the current >>>>>> phone network is no longer circuit switched.
I'm aware of that, but that's the recent (domestic) move away from
copper
lines and VOIP.
Jörg's comment was about the backhaul being ip-based for a much longer >>>>> period.
It is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes applied in
their country have also been applied elsewhere :-D
Like no TV over the air.
Very Old Style! We use satellite or fibre-based IP-TV. More reliable and >>> much better quality.
Tsk, tsk. Actually, in Spain, some channels transmit in better quality
over the air than via fibre. Just a fact, they do.
BTW: Classical TV is a thing of the past.
I know you would say that. But it is not classical TV over here, it is
digital, and it is going strong.
You do not know what classical TV is: Linear TV. Has nothing to do with digital or not.
On 15.03.24 12:34, Carlos E.R. wrote:
On 2024-03-15 07:42, Jörg Lorenz wrote:
On 14.03.24 21:13, Carlos E.R. wrote:...
On 2024-03-13 21:00, Chris wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-13 09:11, Chris wrote:
Jörg Lorenz <hugybear@gmx.net> wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
that. But it is not classical TV over here, it is digital, and it isMy understanding is that the UK is doing more or less the same,
and many countries are on the same road. Which means that a lot
of the current phone network is no longer circuit switched.
I'm aware of that, but that's the recent (domestic) move away from
copper lines and VOIP.
Jörg's comment was about the backhaul being ip-based for a much
longer period.
It is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes applied
in their country have also been applied elsewhere :-D
Like no TV over the air.
Very Old Style! We use satellite or fibre-based IP-TV. More reliable
and much better quality. >> Tsk, tsk. Actually, in Spain, some
channels transmit in better >> quality >> over the air than via
fibre. Just a fact, they do.
BTW: Classical TV is a thing of the past. I know you would say
going strong.
You do not know what classical TV is: Linear TV. Has nothing to do
with digital or not.
Jörg Lorenz <hugybear@gmx.net> writes:
On 15.03.24 12:34, Carlos E.R. wrote:
On 2024-03-15 07:42, Jörg Lorenz wrote:
On 14.03.24 21:13, Carlos E.R. wrote:...
On 2024-03-13 21:00, Chris wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-13 09:11, Chris wrote:
Jörg Lorenz <hugybear@gmx.net> wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
that. But it is not classical TV over here, it is digital, and it isMy understanding is that the UK is doing more or less the same,
and many countries are on the same road. Which means that a lot
of the current phone network is no longer circuit switched.
I'm aware of that, but that's the recent (domestic) move away from >>>>>> copper lines and VOIP.
Jörg's comment was about the backhaul being ip-based for a much
longer period.
It is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes applied
in their country have also been applied elsewhere :-D
Like no TV over the air.
Very Old Style! We use satellite or fibre-based IP-TV. More reliable
and much better quality. >> Tsk, tsk. Actually, in Spain, some
channels transmit in better >> quality >> over the air than via
fibre. Just a fact, they do.
BTW: Classical TV is a thing of the past. I know you would say
going strong.
You do not know what classical TV is: Linear TV. Has nothing to do
with digital or not.
I've never come across the term before. I think we would call it
scheduled TV, as opposed to On Demand TV.
https://target-video.com/what-is-linear-tv/
Classic TV is black and white with Spencer Tracy and Katharine Hepburn.
On 2024-03-15 13:49, Jörg Lorenz wrote:
On 15.03.24 12:34, Carlos E.R. wrote:
On 2024-03-15 07:42, Jörg Lorenz wrote:
On 14.03.24 21:13, Carlos E.R. wrote:
On 2024-03-13 21:00, Chris wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-13 09:11, Chris wrote:
Jörg Lorenz <hugybear@gmx.net> wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
...
My understanding is that the UK is doing more or less the same, and >>>>>>> many
countries are on the same road. Which means that a lot of the current >>>>>>> phone network is no longer circuit switched.
I'm aware of that, but that's the recent (domestic) move away from >>>>>> copper
lines and VOIP.
Jörg's comment was about the backhaul being ip-based for a much longer >>>>>> period.
It is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes applied in >>>>> their country have also been applied elsewhere :-D
Like no TV over the air.
Very Old Style! We use satellite or fibre-based IP-TV. More reliable and >>>> much better quality.
Tsk, tsk. Actually, in Spain, some channels transmit in better quality
over the air than via fibre. Just a fact, they do.
BTW: Classical TV is a thing of the past.
I know you would say that. But it is not classical TV over here, it is
digital, and it is going strong.
You do not know what classical TV is: Linear TV. Has nothing to do with
digital or not.
Analog TV over the air is dead here; it is probably what you call
"linear TV". Digital TV broadcasted over the air, which is something you Swiss do not have and probably did not even seriously tried, is
flourishing.
On 15.03.24 14:29, Richmond wrote:
Jörg Lorenz <hugybear@gmx.net> writes:
On 15.03.24 12:34, Carlos E.R. wrote:I've never come across the term before. I think we would call it
On 2024-03-15 07:42, Jörg Lorenz wrote:
On 14.03.24 21:13, Carlos E.R. wrote:...
On 2024-03-13 21:00, Chris wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-13 09:11, Chris wrote:
Jörg Lorenz <hugybear@gmx.net> wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
that. But it is not classical TV over here, it is digital, and it isMy understanding is that the UK is doing more or less the same, >>>>>>>> and many countries are on the same road. Which means that a lot >>>>>>>> of the current phone network is no longer circuit switched.
I'm aware of that, but that's the recent (domestic) move away from >>>>>>> copper lines and VOIP.
Jörg's comment was about the backhaul being ip-based for a much >>>>>>> longer period.
It is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes applied >>>>>> in their country have also been applied elsewhere :-D
Like no TV over the air.
Very Old Style! We use satellite or fibre-based IP-TV. More reliable >>>>> and much better quality. >> Tsk, tsk. Actually, in Spain, some
channels transmit in better >> quality >> over the air than via
fibre. Just a fact, they do.
BTW: Classical TV is a thing of the past. I know you would say
going strong.
You do not know what classical TV is: Linear TV. Has nothing to do
with digital or not.
scheduled TV, as opposed to On Demand TV.
Old style. My goodness!
https://www.vplayed.com/blog/what-is-linear-tv/
https://target-video.com/what-is-linear-tv/
Classic TV is black and white with Spencer Tracy and Katharine
Hepburn.
Nonsense.
Jörg Lorenz <hugybear@gmx.net> writes:
On 15.03.24 14:29, Richmond wrote:
Jörg Lorenz <hugybear@gmx.net> writes:
On 15.03.24 12:34, Carlos E.R. wrote:I've never come across the term before. I think we would call it
On 2024-03-15 07:42, Jörg Lorenz wrote:
On 14.03.24 21:13, Carlos E.R. wrote:...
On 2024-03-13 21:00, Chris wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-13 09:11, Chris wrote:
Jörg Lorenz <hugybear@gmx.net> wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
that. But it is not classical TV over here, it is digital, and it is >>>>> going strong.My understanding is that the UK is doing more or less the same, >>>>>>>>> and many countries are on the same road. Which means that a lot >>>>>>>>> of the current phone network is no longer circuit switched.
I'm aware of that, but that's the recent (domestic) move away from >>>>>>>> copper lines and VOIP.
Jörg's comment was about the backhaul being ip-based for a much >>>>>>>> longer period.
It is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes applied >>>>>>> in their country have also been applied elsewhere :-D
Like no TV over the air.
Very Old Style! We use satellite or fibre-based IP-TV. More reliable >>>>>> and much better quality. >> Tsk, tsk. Actually, in Spain, some
channels transmit in better >> quality >> over the air than via
fibre. Just a fact, they do.
BTW: Classical TV is a thing of the past. I know you would say
You do not know what classical TV is: Linear TV. Has nothing to do
with digital or not.
scheduled TV, as opposed to On Demand TV.
Old style. My goodness!
https://www.vplayed.com/blog/what-is-linear-tv/
https://target-video.com/what-is-linear-tv/
Classic TV is black and white with Spencer Tracy and Katharine
Hepburn.
Nonsense.
That was a joke.
Jörg Lorenz wrote:
fibre-based IP-TV. More reliable and much better quality.
Unfortunately not true here, e.g. BBC channels which are 1920x1080 on
DVB-S or DVB-T2, but can be 1280x720 or 960x540 on iPlayer.
On 15.03.24 14:04, Carlos E.R. wrote:
On 2024-03-15 13:49, Jörg Lorenz wrote:
On 15.03.24 12:34, Carlos E.R. wrote:
On 2024-03-15 07:42, Jörg Lorenz wrote:
On 14.03.24 21:13, Carlos E.R. wrote:
On 2024-03-13 21:00, Chris wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-13 09:11, Chris wrote:
Jörg Lorenz <hugybear@gmx.net> wrote:
On 10.03.24 10:44, Bob Henson wrote:
Newyana2 wrote:
...
My understanding is that the UK is doing more or less the same, and >>>>>>>> many
countries are on the same road. Which means that a lot of the
current
phone network is no longer circuit switched.
I'm aware of that, but that's the recent (domestic) move away from >>>>>>> copper
lines and VOIP.
Jörg's comment was about the backhaul being ip-based for a much >>>>>>> longer
period.
It is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes applied in >>>>>> their country have also been applied elsewhere :-D
Like no TV over the air.
Very Old Style! We use satellite or fibre-based IP-TV. More
reliable and
much better quality.
Tsk, tsk. Actually, in Spain, some channels transmit in better quality >>>> over the air than via fibre. Just a fact, they do.
BTW: Classical TV is a thing of the past.
I know you would say that. But it is not classical TV over here, it is >>>> digital, and it is going strong.
You do not know what classical TV is: Linear TV. Has nothing to do with
digital or not.
Analog TV over the air is dead here; it is probably what you call
"linear TV". Digital TV broadcasted over the air, which is something you
Swiss do not have and probably did not even seriously tried, is
flourishing.
You really do not understand linear TV and modern TV concepts at all.
For your: https://www.vplayed.com/blog/what-is-linear-tv/
On 2024-03-14 21:23, Frank Slootweg wrote:[...]
Yes, in Australia, a subscriber can get (or gets by default?) a UPS as part of the set up of such 'landlines' on the fibre NBN (National
Broadband Network).
An UPS should not be needed. Instead, the hardware should have
batteries. Way more efficient.
On 2024-03-15 14:40, Jörg Lorenz wrote:[...]
On 15.03.24 14:04, Carlos E.R. wrote:
On 2024-03-15 13:49, Jörg Lorenz wrote:
On 15.03.24 12:34, Carlos E.R. wrote:
On 2024-03-15 07:42, Jörg Lorenz wrote:
On 14.03.24 21:13, Carlos E.R. wrote:
It is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes applied in >>>>>> their country have also been applied elsewhere :-D
Like no TV over the air.
Very Old Style! We use satellite or fibre-based IP-TV. More
reliable and
much better quality.
Tsk, tsk. Actually, in Spain, some channels transmit in better quality >>>> over the air than via fibre. Just a fact, they do.
BTW: Classical TV is a thing of the past.
I know you would say that. But it is not classical TV over here, it is >>>> digital, and it is going strong.
You do not know what classical TV is: Linear TV. Has nothing to do with >>> digital or not.
Analog TV over the air is dead here; it is probably what you call
"linear TV". Digital TV broadcasted over the air, which is something you >> Swiss do not have and probably did not even seriously tried, is
flourishing.
You really do not understand linear TV and modern TV concepts at all.
For your: https://www.vplayed.com/blog/what-is-linear-tv/
Maybe because it is a concept used only by you. Instead of insulting,
you could start the conversation by describing it.
Now that I know what you mean, I say "no, it is not a thing of the past, except in Switzerland", which is what I said initially.
On 2024-03-14 22:10, The Real Bev wrote:[...]
I'm trying to remember the last movie I saw that was worth $10. Maybe Terminator 2, but we have a blu-ray which cost less than that. It's
been a long time since I actually wanted to see a movie in a theater.
I find going to a cinema a more fulfilling experience than watching the
same movie at home.
It fills up way more time :-)
The display and the sound are way better than mine, too.
On 3/15/24 11:21 AM, Frank Slootweg wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-15 14:40, Jörg Lorenz wrote:[...]
On 15.03.24 14:04, Carlos E.R. wrote:
On 2024-03-15 13:49, Jörg Lorenz wrote:
On 15.03.24 12:34, Carlos E.R. wrote:
On 2024-03-15 07:42, Jörg Lorenz wrote:
On 14.03.24 21:13, Carlos E.R. wrote:
It is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes applied in
their country have also been applied elsewhere :-D
Like no TV over the air.
Very Old Style! We use satellite or fibre-based IP-TV. More
reliable and
much better quality.
Tsk, tsk. Actually, in Spain, some channels transmit in better quality
over the air than via fibre. Just a fact, they do.
BTW: Classical TV is a thing of the past.
I know you would say that. But it is not classical TV over here, it is
digital, and it is going strong.
You do not know what classical TV is: Linear TV. Has nothing to do with
digital or not.
Analog TV over the air is dead here; it is probably what you call
"linear TV". Digital TV broadcasted over the air, which is something you
Swiss do not have and probably did not even seriously tried, is
flourishing.
You really do not understand linear TV and modern TV concepts at all.
For your: https://www.vplayed.com/blog/what-is-linear-tv/
Maybe because it is a concept used only by you. Instead of insulting,
you could start the conversation by describing it.
Exactly! His term "classical TV" didn't mean a thing to me, way too ambiguous. OTOH, I knew what "linear TV" means.
Is it the opposite of logarithmic TV? I've been watching it since 1948
or so and I've never heard that term. OTA?
Now that I know what you mean, I say "no, it is not a thing of the past, >> except in Switzerland", which is what I said initially.
On 3/15/24 11:21 AM, Frank Slootweg wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-15 14:40, Jörg Lorenz wrote:[...]
On 15.03.24 14:04, Carlos E.R. wrote:
On 2024-03-15 13:49, Jörg Lorenz wrote:
On 15.03.24 12:34, Carlos E.R. wrote:
On 2024-03-15 07:42, Jörg Lorenz wrote:
On 14.03.24 21:13, Carlos E.R. wrote:
applied inIt is so in his country, to my understanding.
The Swiss I know have a tendency to think that the changes
qualitytheir country have also been applied elsewhere :-D
Like no TV over the air.
Very Old Style! We use satellite or fibre-based IP-TV. More
reliable and
much better quality.
Tsk, tsk. Actually, in Spain, some channels transmit in better
it isover the air than via fibre. Just a fact, they do.
BTW: Classical TV is a thing of the past.
I know you would say that. But it is not classical TV over here,
do withdigital, and it is going strong.
You do not know what classical TV is: Linear TV. Has nothing to
something youdigital or not.
Analog TV over the air is dead here; it is probably what you call
"linear TV". Digital TV broadcasted over the air, which is
all.Swiss do not have and probably did not even seriously tried, is
flourishing.
You really do not understand linear TV and modern TV concepts at
For your: https://www.vplayed.com/blog/what-is-linear-tv/
Maybe because it is a concept used only by you. Instead of insulting,
you could start the conversation by describing it.
  Exactly! His term "classical TV" didn't mean a thing to me, way too
ambiguous. OTOH, I knew what "linear TV" means.
Is it the opposite of logarithmic TV? I've been watching it since 1948
or so and I've never heard that term. OTA?
On 3/15/24 1:09 PM, Frank Slootweg wrote:
The Real Bev <bashley101@gmail.com> wrote:
On 3/15/24 11:21 AM, Frank Slootweg wrote:
Exactly! His term "classical TV" didn't mean a thing to me, way too >> > ambiguous. OTOH, I knew what "linear TV" means.
Is it the opposite of logarithmic TV? I've been watching it since 1948
or so and I've never heard that term. OTA?
It's somewhat reasonably explained in Jörg's reference, so I suggest
to read that.
It's 'normal'/'scheduled'/real-time/<whatever> TV as we've always
known it. The transmission technology is not really relevant, so it
covers both OTA and any other method, cable, satellite, etc..
I have cable TV, but most of what I watch has been recorded (by me),
so it's no longer "linear TV". If that hasn't confused you, I have to
try harder,
No need, you did a fine job! I was more interested in where the word
itself came from as a descriptor of 'original' TV.
"Where in hell did THAT usage come from?" frequently stops me in my tracks.
| Sysop: | Keyop |
|---|---|
| Location: | Huddersfield, West Yorkshire, UK |
| Users: | 297 |
| Nodes: | 16 (2 / 14) |
| Uptime: | 02:49:02 |
| Calls: | 6,666 |
| Calls today: | 4 |
| Files: | 12,212 |
| Messages: | 5,335,607 |