falktx @falktx@mastodon.falktx.com

KDE Neon is a find distro most of the time, but them updating Qt packages means a few things get broken as side effect..

Well, Telegram-Desktop stopped working a few days ago, time to rebuild a new version.

Maybe once KDE6 begins to take shape all the updates to KDE5 take a step back and focus goes on stability, that would be nice..
From week to week some small details change in KDE, often for the best, but having to relearn things gets annoying sometimes.

The little things sometimes make you happy, GMT (Game Maker's Toolkit) on YouTube has a nice video regarding accessibility in 2021 games.
https://www.youtube.com/watch?v=-IhQl1CBj9U

It is actually quite positive, and shows clear improvement from previous years.

The culture around the gaming industry is sadly still quite the shit-show, but hopefully that improves with time too.

@zelv@mstdn.io Also, there is the issue of phone numbers basically serving as unique user ids, it so easy to combine data from different places related to a specific user, just use their phone number!

Contrary to emails, you can't easily create many phone numbers at once, or aliases.

So to whoever group comes up with such plans as PSD2, I can see them truly thinking that smartphone usage is more secure than other methods.

reminds me of the "don't you guys have phones?" debacle

@zelv@mstdn.io I think it is mostly out of ignorance, trusting whoever speaks to them about smartphones being secure.

The use of the Google PlayStore and Services is normalized by now, so much that Signal (which most write/speak out as a beacon of privacy) still actively relies on it. They even use the new you-can-train-our-AI-for-free "captcha" from Google, and won't allow you to create an account without it.

@freebliss
And the answer from the bank I got was, quote:

> Esse pedido de autenticação está a ser solicitado, porque no âmbito da DSP2 (2ª Diretiva Europeia de Serviços de Pagamento), a cada 90 dias, o Login no serviço Montepio24 tem que ser realizado através de um método adicional de autenticação forte. Eventualmente terá ultrapassado esse período e daí a solicitação da autenticação adicional.

Dont want to auto-translate and induce errors.
Here they write "tem" which literally means "must"

@freebliss the link I posted has replies that mention such "ruling". quoting an english reply:

> Following the recommendations of PSD2 (2nd European Payment Services Directive), Banco Montepio decided to guarantee Strong Authentication through the APProva app

The same is mentioned in the emails they sent me

@obsoleszenz I have seen those tan generators in german banks, I am yet to see them in a portuguese one. Will have to look/ask around.
And 100% agree with you on that BS excuse of "strong" security, it is all theater.

@ilvipero Good question, would be quite nice if some portuguese bank could use OTP standards. Dont know the answer yet

@obsoleszenz those are banned by the EU now afaik, with banks transitioning to the new "strong security" mode of mobile apps at their own pace.

@wwwgem I am fine with workarounds when they are sensible ones. Some stuff is just too much though.
And if no one complains and fights back, it is only going to get worse..

@wwwgem I replied to someone else about this, really do not trust such services for crucial things as online banking. we should not have to go to such weird steps for basic living necessities.

@Nomys_Tempar oh that is nasty.

not sure how this makes any sense at all.

funny that my bank calls this "strong authentication" 😂

@minkiu I use it to install stuff like spotify (until a nice opensource version comes up, or I get fed up with them again).

But I really do not trust that to handle online banking.

Plus some new phones also do not have Play Store, like new Huawei stuff. I have seen some kind of Amazon app store too, but no idea how many phones ship with that.

Relying on Apple or Google in order to provide online banking is just so terribly bad...

@MrMagne yeah it is a whole shitty mess really.
I writing to them asking for a solution, though I already expect they have nothing.

Will mention the source code though, since they care about security so much, they should make it open-source so we can more easily inspect for bugs and issues. Security through obscurity is no security at all..

Likely I will just have to cancel online banking altogether soon...

Oh this is even worse than I thought.

- requires location access (won't work otherwise)
- transactions can use "push notifications", which basically means it goes through google servers, great security and privacy!

Since I do not have PlayStore on my phone, not sure what to do..
Using random apks from the internet seems like a terrible idea, even more for such crucial things as banking.

Obviously the application is not open-source, so won't make it to F-Droid or related services.

😦 😔 😞

Well this sucks, I am locked out of online banking..
Due to EU regulations online banking cannot use SMS or paper authentication methods anymore, requiring the use of "secure" mobile applications instead. 🤦‍♂️

So now you need an Android or iOS running mobile phone to do tasks that a simple web browser was capable of before.
The new "app" is quite the disaster, contains ads, introduces fees and sometimes doesn't even work at all.
What an improvement! https://play.google.com/store/apps/details?id=caixaeconomica.approva

@bigblen I am afraid that is too vintage for me. Besides the rotary phone, I have no idea what the rest of it is.. 🤷

@lienrag Same reason people still go on facebook even though it is so awful, it is where most relevant folks are.

And GitHub didn't personally harm me, yet.