danie10

danie10, 1 month ago

True, but the big number really is the USA followed maybe by Australia. Entire Middle East, Africa, South America, and Asia are Android. India is also massive (behind China), and India is 95% Android.

danie10, 1 month ago

South Africa

danie10, 1 month ago

Yes, but a percentage has to be seen in the context of the total to gauge its impact. India for example is 95% of 1.428 billion people vs Japan is 70% of only 124 million. There are just under 200 countries.

danie10, 1 month ago

It is not zero encryption, like SMS, though? All GSMA-compliant RCS implementations must use TLS to encrypt data transfer between your device and the carrier’s server. While recommended by GSMA, E2EE is an optional feature that carriers can choose to implement or not. So carriers can implement it. I’m pretty sure that as adoption goes mainstream, a “monopoly” on the server side is going to get broken up.

danie10, 1 month ago

The GSMA does need to work harder at ensuring true interoperability between carriers, esp for E2EE. I’m expecting that the Google “monopoly” will get broken up at some point. I would have hoped that Apple insisted on hosting their own RCS (standards compliant) server.

danie10, 1 month ago

Google’s own one may be, and that is their right, but it is an open standard so anyone can produce their own RCS app like Samsung has done, and the same way Apple is building support into their exiting app. Nothing should stop a 3rd party developer looking at the standard, and producing an open source RCS app?

danie10, 1 month ago

Certainly not now as a replacement but I understand that is the longer term intention. There is a lot of older infrastructure carriers need to unload and move on (lime dismantling 2G and 3G etc), and they often pay negotiated Inter-carrier fees. If it is to replace SMS I understand carriers can zero rate whatever data they want to, so it will be cheaper for them to not charge any data charges on RCS than to actually keep providing text SMS. RCS also uses exiting modern network technologies so there is nothing extra, or outdated, that has to be maintained.

danie10, 1 month ago

From what I understand with Apple’s fallback (or like Google’s Message app does), if RCS is sensed by the other non-iMessage user, then RCS will be used, if not right now it would still default back to text SMS but then lose some features like hi-res photos etc. Just don’t know how it will work for me where I am on iMessage on my iPad, but when out with my Android phone will the iMessage’s wait a week until I turn on my iPad again. Would be nice if there was a proper presence sensing, and it routes to there. That may be possible with RCS, but we won’t know how Apple plans to use it, and they are not going to want it to be as shiny and nice as sending an iMessage…

danie10, 1 month ago

Not really so, as MSMS is a major thing by us (outside the US) for most notifications from banks, gov, transactions, visit to pharmacy, etc. Incoming is fine apart from fact it is all open for anyone to read, but replies cost money. Also, where people are not using the same messenger, then it is sms text messages, each costing money. For pre-paid phone accounts, those SMSS messages cost even a bit more. SMS today is still the common denominator everything falls back on. It is very expensive when you consider what is paid, and it is only around 140 characters vs data.

danie10, 1 month ago

It is certainly not where it needs to be yet.

danie10, 1 month ago

Not as simple as that as many did ditch WahtsApp for Meta’s documented privacy violations, and their ongoing T&C which passes the WhatsApp metadata upstream to Meta and others. A lot of people also only use one messenger, and right now nothing connects them together yet. So I have masses of family and friends that only use WhatsApp, and I now only have SMS contact with them. About 8% to 10% do have multiple messengers so I see some on Signal and Telegram.

The last thing the world needs, is for WhatsApp to become the default dominant standard. That is a company that can be least trusted out of everyone worldwide, based on their history. With the app installed, the metadata includes constant location, usage, contacts, messages to who, etc.

danie10, 1 month ago

True, and the reverse is also true when a product is bad. I blog usually about what I’m interested in testing out, and when I see if may be worth me moving to a different service.

danie10, 1 month ago

I use passkeys for some sites, but have been reluctant to go all in until I’m sure all my devices can support them. I’m not always going to have my desktop with me, and likewise my phone’s battery can be flat, etc. I’ve always wanted passkeys to first sync across all my devices, and ideally to be exportable and brought into a different service. Right now you can export your 900+ passwords, and import them into a different service if you want to move. You can’t do that with Apple or Google passkeys.

danie10, 1 month ago

Yes, passkeys are public private keys, so a site only ever sees your public key. Your device does the match with the private key. So in that way, no-one can hack the service site and steal your password. But your private key on your device has to stay very private, and should be synced to another device, because if you lose your private key then essentially you can’t login in. If a site offers a backup “password reset via e-mail” then they have rubbish security anyway.

danie10, 1 month ago

Yes, but as I said, as of yesterday still not implemented on mobile.

danie10, 1 month ago

True, it is good, but they need to speed up on passkeys for mobile as many do use mobile devices and what’s the point of having passkeys on desktop.

danie10, 1 month ago

Vulnerabilities on the client end are the only way right now for most state actors to gain access to messaging. So yes, various actors are already exploiting that as they have a lot at stake to gain access. But with others already able to exploit that, why would Proton want to do that? Their model is not about advertising or selling data, and they have 100 million paying customers as I understand it. The one’s that have been spying and exploiting have been the likes of Meta’s Facebook with their app present on the client device, and then trying to break Snapchat’s encryption this was (this came out in March 2024). Anyone “can” but we need to also consider “why” and what business model they have.

danie10, 1 month ago

Firstly, the point was made that the passkey functionality in Proton Pass is free (no account needed or “selling”) and that is for unlimited logins. Anyone can just use it. I pay for, and am still using Bitwarden. I posted about this because it is interesting that Pass has implemented passkeys for mobile, while I still wait for Bitwarden, so I’m interested in testing this out with Proton Pass. I post about all sorts of things that I find interesting, and sometimes I do switch my services across if I find it can match or better what I already use. That’s the bottom line.

I was just as interested when I was considering moving from LastPass to Bitwarden, but then I was accused of “selling” free Bitwarden to people. Everyone must make up their own minds as their circumstances are different. But if no-one posted about what they found interesting, we’d have no Lemmy, and we’d all forever just stay stuck on whatever we personally know. Certainly Bitwarden and Proton Pass are not the only good password managers out there, but this week I was interested to see an article about Proton Pass, and I had not even known they’d rolled out passkeys yet. It seems like quite a few others did not either.

I’m sure others also post about what new stuff 1Password has just rolled out, and I’d be interested to hear about that too. That is how I decide whether I want to try something better.

If I wanted to try to sell something, I’m sure Proton Pass probably has some loyalty link for paid accounts, but no, you did not see me sharing anything like that. I mentioned the access was free.

danie10, 1 month ago

There is a difference but right now as long as one uses a good password with a 2FA it is probably good enough. Too many services with passkeys are still quickly offering password resets via e-mail or text, so they, as sites, are not secure. And unless you can move your passkeys with you, like you can with passwords, you don’t want to get locked into a single device or OS.

danie10, 1 month ago

Ah thanks for explaining that. It just makes it then difficult to fully move to passkeys with Bitwarden, which is why I’ve been waiting so long, and why I never stayed using Google or Apple’s passkeys.

danie10, 1 month ago

It’s not a race and I would not even start to use passkeys until I know they can move with me across devices and OSs. Also, most sites that do offer passkeys, still offer highly insecure password resets which really undermines the security that passkeys should offer. I waited a long time for Bitwarden to start with passkeys, and they were going to be the answer to fully portable passkeys (I’ve been waiting so that I know my passkeys will work across all my devices and OSs). Now I’m waiting for mobile implementation before I can get going. I do hope they will also be offering exporting of passkeys, like you can currently export your passwords to other services.

danie10, 1 month ago

Not really, right now as the password resets all undermine passkeys for many sites. One day if/when passwords get replaced then there will be a need, but that is a long way off probably. A good random password along with any 2FA is really good enough for most cases, and Bitwarden already does that very well along with even random e-mail addresses.

danie10, 1 month ago

It is the same for Bitwarden. What I noticed is if I go to a site with passkeys, then Bitwarden prompts me with a pop-up to want to add a passkey. It’s not something you manually add, apparently.

danie10, 1 month ago

No just have “Proton for Business newsletter” disabled but I see many of their mails say only once a quarter etc. So seems they don’t send out every month.

danie10, 1 month ago

It does seem to have innovated quite quickly. I’m still using Bitwarden as I have the paid access to biometrics etc, and it has a nice tweak also to add unique e-mails for every login, etc. But I’m interested to see where Proton Pass will be in another few months, seeing I’m already paying for their service, and maybe I can consolidate my expenses a bit. I actually got drawn into paid Proton by leaving ExpressVPN, which I needed for Netflix, and then found Proton (with one or two others) were the only one’s handling Netflix’s geofencing quite well. Looking at options is always good.