Comment on For security reasons
kashifshah@lemmy.sdf.org 7 months agoI spent about a decade in the enterprise software development space, so I totally get it. I couldn’t put it into words as well as you did, however.
After watching the FCC bigwigs debate robocalls several years ago, I’ve become a believer in a future where your internet access is always authenticated to your real life ID, dark web excepted of course.
In their case, it was posited as a best-in-class solution to the problem of spam in the telephony space. Same logic applies to email. I mean, look at what Twixxer did with the verified checkmark requiring a credit card. The trend is already there.
I get the fear of being de-anonymized on the internet, but it may be the case of something we hate being something we need, when you start to throw deepfakes into the mix.
neatchee@lemmy.world 7 months ago
Funny you mention the robocall thing… I’m literally leaving a company that works on that problem (though not as their primary business) Wednesday. It was a short stint - mostly because they are resistant to solving massive technical debt problems and I’m not trying to doom my future self - but what I witnessed was…depressing. Getting anything done was like pulling teeth, and that’s with the recent FTC pivot to taking this stuff more seriously. STIR/SHAKEN is a reasonable start but it still has almost no teeth behind it.
I’m with you on the identity issue. I mean, if we’re being really honest, the only people losing out by not implementing strong personal identification verification are the legitimate end users because the threat actors have gotten so unbelievably good at fingerprinting user behavior. And it’s only going to continue getting worse. With ML growth as unfettered as it is, there is nothing we can do. So I’d much rather take the reigns and make identity verification a robust feature instead of a bug we can’t squash.
kashifshah@lemmy.sdf.org 7 months ago
Kudos for looking out first your future self - I had to leave the field entirely after it got to the point where I couldn’t stand to look at a computer anymore. Still can’t for more than an hour, two years later.
I intend to reply more later, because this does deserve a longer reply, but I am short on steam.
In the meantime, have you heard of login.gov? Check that out. The day that .com gets a hook into that is the day that identity problems are (mostly) solved.
neatchee@lemmy.world 7 months ago
Yes! I LITERALLY just set up my stuff there a few days ago for TSA Precheck and CBP because I’m heading to Japan next month. I love what they’re doing.
kashifshah@lemmy.sdf.org 7 months ago
Heh, I saw it on news.ycombinator.com back when it was announced- they have made strides if you can access TSA now!
In the beginning it was just a form for every manner of authentication and then a big CTA, essentially telling other .gov entities to start making project requests.