[maxbond]

It being necessary to use shibboleths/code words to authenticate to each other over video chat (eg, to ensure that the person you're speaking to is who they appear to be, not someone else using deepfake puppetry).

Really this is an implicit biometric authentication mechanism, and biometrics are usernames, not passwords. (Though I'd love to be wrong about this one.)

[hemmert]

We'll have to prove ourselves to be human all the time. We're facing a life of many, many Turing tests – with us being the ones trying to prove we're human.

[nullsense]

"I am not a robot" already feels like doublespeak if you ask me.

[ben_w]

A "My 'I am not a robot' T-shirt has led to many questions answered by the T-shirt" vibe?

[andylynch]

Probably worth doing now - eg the ‘Mum I lost my phone, this is my new number’ scam which needs nothing more than SMS.

[PeterisP]

I've read about this scam and it seems interesting to me - is that a realistic thing that might happen if your relative lost a phone? Perhaps it's a market-specific issue, but I have had multiple phones lost/stolen/broken in my life, but I still have the same number I had since my first phone back in the previous millenium, and I somewhat expect that some kid's phone number will stay the same until they die unless they move overseas and get another phone number there (and probably still keep the old one as well). Don't you have number portability across phones and carriers?

[Macha]

We've had total number portability here for a few decades, but I do know a few people who have changed numbers due to lost/replaced phones also. I'm not sure if the reason for this is due to unawareness of the process, difficulties proving ownership of the previous number, impatience (new accounts are activated same day, number porting takes 2-3 days), or some other factor, but even when the option is there it seems not everyone avails of it.

[andylynch]

Yes portability etc is a thing but this is targeting trusted relationships and non tech-savvy folks. It’s also really easy to do and doesn’t need many to so a different phone number can be explained well enough as ‘a friend’s phone’ or even just ‘my old phone broke’

[BirAdam]

Hadn’t thought of this. Fascinating thought. How would we know for sure that the deepfake didn’t bypass auth somehow… I guess one would need a secondary auth system, like a message over signal or something.

[maxbond]

Not to sound like a crank but it wouldn't hurt to establish them with your friends and family before we may need them, while we still have faith in recognizing their voice on the telephone and can just call them up and chat about it.

[082349872349872]

this is the flip side of KYC — establishing a shared context pool with your banker.

[deniscepko2]

Very interestin. I wonder if you can already have a startup based on this - providing some sort of auth. Not even sure how this kind of tech could be implemented

[maxbond]

It's a social rather than technical problem. But there have been several similar startups/technologies, like web of trust and keybase.

[notwokeno]

Meh. If this were an issue people would have been doing it with IRC/Email 10-20 years ago.

[maxbond]

They have been, eg, it's a common scam to steal someone's phone and text their friends asking for money, or to hack into someone's work email and try to get a fraudulent invoice approved. I read an article about an incident of the latter once where they compromised the CEO's email, read through it enough to passably imitate his writing style, and then sent an invoice to the CFO which they described as urgent.