GadgeteerZA @ danie10 @lemmy.ml

I blog about #technology #gadgets #opensource #FOSS #greentech #traditional

---

Read more

Posts

31

Comments

148

Joined

4 yr. ago

Yes, but a percentage has to be seen in the context of the total to gauge its impact. India for example is 95% of 1.428 billion people vs Japan is 70% of only 124 million. There are just under 200 countries.

True, it is good, but they need to speed up on passkeys for mobile as many do use mobile devices and what's the point of having passkeys on desktop.

South Africa

True, but the big number really is the USA followed maybe by Australia. Entire Middle East, Africa, South America, and Asia are Android. India is also massive (behind China), and India is 95% Android.

Yes, but as I said, as of yesterday still not implemented on mobile.

Yes, passkeys are public private keys, so a site only ever sees your public key. Your device does the match with the private key. So in that way, no-one can hack the service site and steal your password. But your private key on your device has to stay very private, and should be synced to another device, because if you lose your private key then essentially you can't login in. If a site offers a backup "password reset via e-mail" then they have rubbish security anyway.

I use passkeys for some sites, but have been reluctant to go all in until I'm sure all my devices can support them. I'm not always going to have my desktop with me, and likewise my phone's battery can be flat, etc. I've always wanted passkeys to first sync across all my devices, and ideally to be exportable and brought into a different service. Right now you can export your 900+ passwords, and import them into a different service if you want to move. You can't do that with Apple or Google passkeys.

True, and the reverse is also true when a product is bad. I blog usually about what I'm interested in testing out, and when I see if may be worth me moving to a different service.

RCS should not really be a proprietary app in the sense of a 3rd part installable app. It is normally carrier provided just like SMS works. On Apple the default SMS/Messenger is Apple's Messages app. On Pixel that is Google Messages and on Samsung phones they have their own one. It has a carrier hook and is apparently tied to the number.

Thanks I did not know that. I see they say share via the vault, but don't specifically mention exporting, as in to a file for importing elsewhere outside 1Password. But certainly LastPass, Bitwarden and others I'd looked at were not exporting the passkeys.

RCS is carrier based though, which is why the carriers had to buy into it, and they turn it on, not Google. Many in 3rd World countries don't have e-mail. Many legal notices are today still sent out by text SMS. I get them all the time for bank transactions, government notices, etc. Actually, Samsung's Message app also supports RCS, and this is what Apple is building into their Apple Messages app too.

They do accept Tor connections though... But I think you have the facts wrong about that access to data unless you have a credible source you can share: They are legally obligated to comply with lawful requests from Swiss authorities if they meet specific criteria (just like every other country except the USA where law enforcement [used?] could just request access. In a US case involving threats against immunologist Anthony Fauci, ProtonMail confirmed they received a legal request from Swiss authorities. However, due to end-to-end encryption, they could only provide the date the account was created, not the content of emails.

Well German is EU, whilst Swiss is Swiss. But either ways, their requirements are way higher than US law for access to any records or metadata. The other thing is, if you live outside of Switzerland, your own government has to arrange legal access via two countries' jurisdictions. And of course too for the USA, neither the Swiss or the Germans are allowed to just sell off data to data brokers.

Just like the Bitwarden app on Android, the Proton Pass one sits in the background to help with auto-fill on any browser form, irrespective of which browser it is.

Remember, RCS is replacing text SMS and Text SMS has not only absolutely zero encryption of any sort, it also has copies retained by every mobile service provider in terms of their license T&C's. You need to see RCS as an upgrade of text SMS, and not really a replacement for WhatsApp (yet).

That would be the same data then as WhatsApp, Signal, etc. We pay 100's of percent more on SMS than data, so although there is a data charge, it is really little compared to SMS.

It will be when SMS s phased out. That was why it has been a long, uphill battle to get the mobile phone providers to buy in. That has to happen before SMS can disappear. That is why no other "messenger/chat apps" need mobile provider buy-in. RCS happens at carrier level, and not as an installable 3rd party app. It's exactly why it will be adopted by everyone as it is designed to replace SMS.

But you seem to have missed the heading of the post? Bitwarden still (after many months) has not rolled out passkeys to mobile devices. That was actually the point of the post, and Bitwarden needs to start innovating a bit faster as others are overtaking in regard to passkeys. So, you can't be using Bitwarden for your passkey logins on mobile?

They're mostly using WhatsApp and I deleted all Meta-owned apps. So, yes if they want to reach me they need to send a text message as most apart from 5 or 10 have never bothered to install Signal, Telegram, SimpleX, Threema, Briar, Jami, etc that I am on.

The whole point of RCS was to replace text SMS. The last year or two has seen one mobile provider after the next adopting it. That was the point of RCS, to get beyond a zero encryption text message and text messages that are very expensive in 3rd world countries. So a lot of it was focussed on mobile operators. It has to be enabled actually by mobile operators to work.