[Shellban]

Sometimes I wonder if we should consider using some sort of a hardware key going forward, like a Yubikey or similar product. Physical devices are fairly easy to understand, and a simple on-device PIN or fingerprint-reader adds a 2FA that prevents a lot of fraud. While an ID number is fairly easy to steal, a GPG private key is nearly impossible if handled right.

Of course, the flip-side, this would open up more opportunities for tracking (requiring the hardware keys to log into Facebook). However, in most societies, we do need some way of authenticating who is who, and at least this approach makes fraud much more difficult.

[jazzyjackson]

Yes I think government issued credentials like Estonia does is very neat, and preferable to what we have in USA when you need to verify your identify to interact with online gov services, the id.me, which is taking a video and uploading it to some third party to say 'yep that's the person definitely using their laptop right now', as if gen-AI hasn't already made that obsolete.

Besides that we have the technology for services to ask 'yes/no' questions of a secure enclave without revealing the personal data, like 'is this person's birthdate after May 29 2005', instead of letting every liquor store and gas station scan the barcode of your government ID including your home address

Sometimes it makes me feel crazy what we collectively have settled on.

[zajio1am]

U2F token is used by one eIDAS identity provider in Czechia.