undefined | Better HN

0 pointsdgemm1y ago0 comments

Interesting perspective because my #1 requirement is that no 3rd party gets financial login credentials at all. I'm willing to do CSVs in order to not compromise on security, although the experience most certainly is bad.

0 comments

10 comments · 3 top-level

mp051y ago· 4 in thread

Interesting that you're this paranoid, but yet you trust banks.

jmb991y ago

There’s a massive difference between trusting banks (insured, backed by the state, etc) and trusting some random SaaS/web app you saw 10 minutes ago with access to said banks.

mp051y ago

Oh it's "random" app, and here this time I figured we were talking about a reputable one that has PCI-DSS compliance like Quicken. My bad.

Sure, if you just trust some random Chrome extension from a random individual developer, you're absolutely setting yourself up for trouble when they hack your shit. But to wholesale dismiss all apps when there are actual legal protections in place that permit these businesses?

zymhan1y ago

At least in the US, you don't have to trust a bank. You just trust the FDIC.

Also, what a glaring false dichotomy.

mp051y ago

My point wasn’t necessarily creating a false dichotomy, since I was highlighting the inconsistency in the argument about trusting banks but dismissing reputable third-party apps on the whole. Does this person distrust consumer protections set up to allow for such tools to exist in the first place?

So to make "false dichotomy" stick, you going to need to assert that if Quicken were breached and this lead to my Schwab account being accessed by a bad actor, I actually am shit out of luck. Will you do that?

shaklee31y ago· 3 in thread

This is a huge waste of time and not worth it. The amount of hours you spend fixing errors manually vs the small risk your info gets out I don't think is worth it.

JonChesterfield1y ago

Is it a small risk? The track record of information security with corporations is dreadful and brokerage login details are about the most expensive things one could have stolen.

AndyMcConachie1y ago

Completely disagree. Weighing risk vs reward the risk is that my identity gets stolen while the reward is that I don't have to login to my accounts and enter information manually.

At some point I suspect every person on the planet will have experienced a data exposure event and the question will switch from: have you ever had your info leaked?, when was the last time your info was leaked? It's not a small risk.

shaklee31y ago

The amount of work you'd have to do to correct a stolen identity is far less than the amount of work to log in to 10 accounts periodically,dump the data, format it, import it, and fix any issues

flessner1y ago

A lot of brokers offer read-only logins/API keys for these cases. I still heavily agree with your general sentiment - purchasing power is among the most valuable information to businesses and advertisers.

j / k navigate · click thread line to collapse

0 comments

10 comments · 3 top-level

mp051y ago· 4 in thread

Interesting that you're this paranoid, but yet you trust banks.

jmb991y ago

There’s a massive difference between trusting banks (insured, backed by the state, etc) and trusting some random SaaS/web app you saw 10 minutes ago with access to said banks.

mp051y ago

Oh it's "random" app, and here this time I figured we were talking about a reputable one that has PCI-DSS compliance like Quicken. My bad.

zymhan1y ago

At least in the US, you don't have to trust a bank. You just trust the FDIC.

Also, what a glaring false dichotomy.

mp051y ago

shaklee31y ago· 3 in thread

This is a huge waste of time and not worth it. The amount of hours you spend fixing errors manually vs the small risk your info gets out I don't think is worth it.

JonChesterfield1y ago

Is it a small risk? The track record of information security with corporations is dreadful and brokerage login details are about the most expensive things one could have stolen.

AndyMcConachie1y ago

Completely disagree. Weighing risk vs reward the risk is that my identity gets stolen while the reward is that I don't have to login to my accounts and enter information manually.

shaklee31y ago

The amount of work you'd have to do to correct a stolen identity is far less than the amount of work to log in to 10 accounts periodically,dump the data, format it, import it, and fix any issues

flessner1y ago

j / k navigate · click thread line to collapse