cross-posted from: https://feddit.org/post/4262252

A combination of good high-speed internet coverage, high digital literacy rates, large rural populations and fast-growing fintech industries had put the Nordic neighbours on a fast track to a future without cash.

[…]

But Russia’s invasion of Ukraine in 2022 and a subsequent rise in cross-border hybrid warfare and cyber-attacks blamed on pro-Russia groups have prompted a rethink.

[…]

The Swedish government has since completely overhauled its defence and preparedness strategy, joining Nato, starting a new form of national service and reactivating its psychological defence agency to combat disinformation from Russia and other adversaries. Norway has tightened controls on its previously porous border with Russia.

[…]

[Norway’s] justice and public security ministry said it “recommends everyone keep some cash on hand due to the vulnerabilities of digital payment solutions to cyber-attacks”. It said the government took preparedness seriously “given the increasing global instability with war, digital threats, and climate change. As a result, they’ve ensured that the right to pay with cash is strengthened”.

[…]

  • GiddyGap@lemm.ee
    link
    fedilink
    English
    arrow-up
    23
    ·
    5 days ago

    I was once a proponent of cashless societies. Not anymore. Too many vulnerabilities, too many ways for governments to take control of your finances.

    • sunzu2@thebrainbin.org
      link
      fedilink
      arrow-up
      4
      arrow-down
      3
      ·
      6 days ago

      Exactly… I am amazed that we all allowed for things to get this bad.

      A lot of work to try to undo this idiocy.

      Deny money changers profit

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      9
      ·
      6 days ago

      Hmm, I don’t anticipate the government to have many issues with that part… But if they have access, then enemies of the state may also gain access, which is the real problem they care about here.

    • oldfart@lemm.ee
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      7
      ·
      6 days ago

      The moment you start using this argument you become a tinfoil hat money laundering thug. Being afraid of putin is more socially acceptable.

      • sunzu2@thebrainbin.org
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        6 days ago

        Can you clarifying. The sarcasm in first sentence doesnt make sense in context of the second.

        • oldfart@lemm.ee
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          5 days ago

          I refer to comment sections under news about going more cashless, for example. Commenters saying it’s bad for privacy get downvoted a lot because it’s not socially acceptable to say so.

          Same in face to face social setting. If you want to take a stand against cashless, it’s good to say something else than the privacy mantra, or people stop listening to you.

          • explodicle@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            2
            ·
            5 days ago

            It’s because you’re taking a stance against cashless, which sounds paranoid and weird to most people.

            Take a stand against VISA and PayPal. Then the bad guy isn’t “our” government, it’s corporations everyone already hates. And it references problems people already experience.

            It’s much easier to explain how the situation is already bad than it is to argue how it “could become” bad.

  • MTK@lemmy.world
    link
    fedilink
    English
    arrow-up
    15
    arrow-down
    4
    ·
    5 days ago

    Cashless can only work if you adopt a digital cash such as monero, other wise you are taking away privacy, control and possibly small transactions (depending on what fees are common in your country)

    In a cashless society banks and credit companies become your rulers as you have no real way to bypass them.

    I suspect that any country that tries to go cashless without a real cash alternative, will just find itself with a new form of cash (gold, silver, etc) since eventually there will be enough people trying to avoid fees and taxes

    • drake@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      10
      arrow-down
      2
      ·
      5 days ago

      Cryptocurrency has basically many of the same problems as traditional banks, it’s just a matter of who is controlling it. Monero is slightly different from most, because it is much more anonymous, but it’s really only a matter of time before even that advantage is lost.

      There is no substitute for physical currency if you want privacy and anonymity.

        • drake@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          4
          ·
          5 days ago

          From what I understand, which honestly, isn’t a lot - the method used to anonymize transactions and balances is more like obfuscation than anything else. The system uses various techniques to fuzz up the data in such a way that it becomes impossible to trace.

          It’s a bit like if you wanted to send a bank transfer for £200 but anonymize it somewhat, you could transfer that money around between a bunch of other bank accounts, before sending it on to the final source. And if multiple people are doing the same thing, it becomes essentially impossible to determine where the money entered and left.

          The problem is though that such systems aren’t true encryption in the same way that RSA is, for example - the data isn’t unreadable, and it’s not impossible to reverse, it’s just that there’s so much junk data and it’s such a mess that it makes the true transactions difficult to identify and the end user has extremely strong plausible deniability. However, it’s likely just a matter of time before some state actor finds a vulnerability in the technique that allows them to trace transactions - if they haven’t already done so.

          • arrakark@10291998.xyz
            link
            fedilink
            English
            arrow-up
            1
            ·
            5 days ago

            Hmm gotcha. Yeah this stuff goes over my head haha but it sounds similar to a Bitcoin mixer/tumbler. I wonder if the anonymity scales with the number of users using the network. I also wonder if you happened to send a transaction at a “bad” time (no-one else is using the network) then it’s easier to trace.

            • drake@lemmy.sdf.org
              link
              fedilink
              English
              arrow-up
              3
              ·
              edit-2
              5 days ago

              Yeah, totally - I think it’s designed to be hard to understand, both tech stuff and financial stuff is often made intentionally confusing, in my opinion. It’s not dissimilar to the bitcoin mixers, but it’s still much stronger - the system is automated, you can’t mess it up as a user, you’re less reliant on a single-point-of-trust, and so on.

              You might be on to something about quiet periods - I don’t really have the knowledge to say either way. There might be a bit of stuff that goes on in the background for wallets even if they’re not actively conducting “real” transactions. But, I don’t know, really.

          • explodicle@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            5 days ago

            What if it bounced through multiple peers between sender and recipient, encrypted on each hop like Tor? Then they’d need to actually break the encryption, or compromise every hop.

            • drake@lemmy.sdf.org
              link
              fedilink
              English
              arrow-up
              2
              ·
              5 days ago

              The transaction data itself does need to be publicly readable, because otherwise the whole consensus mechanism that the blockchain relies on wouldn’t work.

              • explodicle@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                1
                ·
                5 days ago

                Not every transaction, just the ones that open and close payment channels. This deletes data that would be needed to reconstruct an overwhelming majority of transactions.

                (This is how Bitcoin’s lightning network works.)

  • irotsoma@lemmy.world
    link
    fedilink
    English
    arrow-up
    19
    arrow-down
    1
    ·
    6 days ago

    Yeah, considering how bad banks and other financial institutions are at IT security and the fact that there’s no incentive for a capitalist financial institution to fix that problem, it’s not a good idea.

    • That’s not entirely true. In order to be allowed to keep processing transactions you have to adhere to strict rules which do get regularly audited. And then there’s the whole “customers will switch to another more reliable party in case of outages or security problems”. And trust me, I’ve seen first-hand that they do.

      • irotsoma@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        6 days ago

        You have to put on a show that you are sticking to those processes, on paper. But the fines for data breaches are generally way less than they save on not having a fully funded IT department and using security products that someone got a kickback for rather than the best product.

        “Hacking” isn’t some magical, intensely creative process for geniuses loke on TV. For the most part, it’s usually just finding the really common things that IT departments don’t do because they are underfunded and treat IT people like replaceable cogs. There is software out there to exploit those deficiencies. So they are forced to do things like use default or obvious admin passwords because who knows who is going to be there tomorrow to fix something and without the proper tools to store credentials, there’s no way to properly secure things.

        And when a security vulnerability is found, there’s a reason why many don’t bother informing the company before going to the media. Those companies pour tons of money into lawyers to avoid admitting the fault, often getting the innocent person who found the problem arrested, and never fix the actual issue. Just ask any pro whitehat security researcher not hired by the company all the things they have to do to protect themselves from being sued or arrested for “hacking” when they notice a problem.

        And government technical auditors are a rarity because the regulators are underfunded. So they might go through some small list of things during regular audits, but they don’t know to check if a DBMS system that contains backups and is stored “in the cloud” is using a default password or other common hacking targets. Hackers don’t go after the primary infrastructure most of the time. It’s not necessary because there are so many sloppy processes or left over insecure projects that “the last guy” was working on or that got defunded before it was completed, but only the primary infrastructure gets audited usually because that’s all there is time and money for.

        As for going somewhere else, there often aren’t other places to go and when there are they usually have the same problem because there’s very little reason for any of them to compete with each other. Most industries have consolidated so much that there are only a handful of parent companies left so it’s easy to collude just because their leaders are often all in the same room at conferences and such.

        • I think you’re being too pessimistic about IT security, particularly in the Financial sector. A lot of the security rules and audits aren’t even government-run, it’s the sector regulating itself. And trust me, they are pretty thorough and quite nitpicky about stuff.

          The cost of failing an audit also often isn’t even a fine, it’s direct exclusion from a payment scheme. Basically, do it right or don’t do it at all. Given that that is a strict requirement for staying in business, most of these companies will have sufficiently invested in IT security.

          Of course it’s not airtight, no system really is. But particularly in the financial sector most companies really do have their IT security in order.

      • uis@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        5 days ago

        And then there’s the whole “customers will switch to another more reliable party in case of outages or security problems”.

        Outages? Yes. Security problems? LMAO!

  • kn0wmad1c@programming.dev
    link
    fedilink
    English
    arrow-up
    51
    arrow-down
    5
    ·
    7 days ago

    In America, you can’t open a bank account without an address. That means that the homeless population can’t open a bank account (not easily, anyway), and therefore can’t get a debit card.

    Cashless is a nice idea, but it is extremely prohibitive against the most vulnerable people (which, sadly, might be part of the point).

    • isthingoneventhis@lemmy.world
      link
      fedilink
      English
      arrow-up
      26
      ·
      edit-2
      7 days ago

      It’s largely a non-issue in the Nordic countries as you basically have to voluntarily opt out of any government aid programs to be homeless, which understandably most don’t. This goes for most, if not all, vulnerable groups; most of the help is decently robust, at least enough to keep you fed and in housing. So I don’t think it’s a very large portion of the consideration, almost everything is paid via mobile pay, checks (any, not just from working) are all done digitally as well.

    • barsoap@lemm.ee
      link
      fedilink
      English
      arrow-up
      14
      ·
      edit-2
      7 days ago

      In Germany any EU resident has a right to a basic account, in case you’re homeless you should have an address because you’re in a shelter, if you insist on sleeping rough (or the municipality is just too fucked up, happens in places) you can give the address of a social work organisation (those are all over also doing debtor counselling and a lot of other stuff).

      Only valid reason for a bank to refuse basic business is if you tried to defraud them. They don’t have to give you a credit line, but they do have to accept your money, store it, and let you wire it (incl. POS payments etc).

      Identity fraud is not an issue because they’ll want to see a proper ID which, if you’re legally in the country, you have.

      It’s less about paying, though, you can always pay with cash in Germany, it’s about the welfare authorities not wanting to handle cash and cheques only if actually necessary.

      • 0x0@programming.dev
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 days ago

        in case you’re homeless you should have an address because you’re in a shelter

        No homeless person left behind? Shelters for 100% of homeless people at all times?

        • barsoap@lemm.ee
          link
          fedilink
          English
          arrow-up
          5
          ·
          6 days ago

          You have a legal right to shelter, yes. How is that controversial it’s a human right.

          • 0x0@programming.dev
            link
            fedilink
            English
            arrow-up
            2
            ·
            6 days ago

            The controversial part is that while it’s great and desirable on paper, it’s almost never the case for 100% of the times. Great if it is though.

            • sugar_in_your_tea@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              3
              ·
              6 days ago

              And it’s also not wanted. A lot of people choose to avoid shelters for a number of reasons.

              Honestly, the requirement for an address to get a bank account is stupid, you should merely have to prove your identity, which can be accomplished with a government ID or perhaps a notorized note from a government agency (i.e. you go to the local health center or a social work office and verify your identity or something).

              If I wanted to, I could easily fake my address being somewhere it’s not. I get a bunch of junk from the previous residents, and there’s really nothing stopping me from putting someone else’s address as my own (my local family does it when they’re between residences). So I honestly don’t see much point to it.

    • endofline@lemmy.ca
      link
      fedilink
      English
      arrow-up
      7
      ·
      7 days ago

      It’s funny because actually you can receive mails pretty much everywhere without giving an actual address. P.O boxes and post restante. Only banks keep enforcing residential addresses as it was a guarantee of having lack of identity frauds.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        6 days ago

        t was a guarantee of having lack of identity frauds

        I don’t think that’s true, it’s just indicative of someone who’s more stable. That said, I can put down anyone’s addresses and have mail sent to it, my family does it all the time (e.g. my SIL just got married, and they sent their combined bank statements to our house while they were finding a new apartment). All it means is that you can receive mail at a certain address, and that can be as simple as knowing the mail schedule and getting to the mailbox before the residents do (or going through their trash the next day if you miss it).

        It’s technically illegal, but I’ve never heard of anyone getting charged w/ accessing someone else’s mailbox… So it’s a pretty low barrier for someone actually committing identity fraud to clear, and a pretty steep barrier for someone who is homeless.

    • 0x815@feddit.orgOP
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      2
      ·
      7 days ago

      Affordable housing and the threat by malicious actors to attack digital payment systems are two different things. Homelessness has to be addressed, of course, but we are dealing here with something else.

      • 0x0@programming.dev
        link
        fedilink
        English
        arrow-up
        6
        ·
        6 days ago

        You seem to have missed the point: in many countries, access to a bank account (therefore digital money) is not universal.

        • 0x815@feddit.orgOP
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          6 days ago

          I didn’t miss the point, but this is a different topic. We need to provide housing, end homelessness and possibly the right to a bank account for everyone. These are different things.

  • simon@slrpnk.net
    link
    fedilink
    English
    arrow-up
    28
    ·
    7 days ago

    The risk of the payment system getting shut down and people being unable to make payments for a while is real. And it is one good reason to be less reliant on digital payments.

    But there is also the risk of bad actors, which could also be e.g. Russia, getting access to decades of payment history through a hack, if everything is digital. Having that data for every citizen of a country could enable efficient profiling of people in the country using big data analysis technologies.

    The kind of thing you could find out with the transaction data is who are working in the military or security police, who is sympathetic to Russia and at the same time vulnerable to work with foreign governments, and potential blackmailing material relating to people in these or other groups. I’m sure the analysts working for the bad actor can come up with even more useful things to look for in the data.

    There are of course a lot of other data sources that bad actors are interested in and that are easier to hack, but the financial history seems more comprehensive source of information than most other ones.

    • T156@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      edit-2
      6 days ago

      The risk of the payment system getting shut down and people being unable to make payments for a while is real. And it is one good reason to be less reliant on digital payments.

      Or entities. The USA had a brief oil crisis recently because one of the major pipeline companies had their billing system hacked. Since the company couldn’t verify whether someone had paid, they just didn’t supply any oil.

      Couple that with some misleading news stories and social media panic, and it blew up into a proper shortage from people hoarding all the petrol, and leaving none left.

    • kent_eh@lemmy.ca
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      6 days ago

      The risk of the payment system getting shut down and people being unable to make payments for a while is real. And it is one good reason to be less reliant on digital payments.

      Exactly.

      Part of the card processing system goes down often enough due to various technical failures that it should just be good business sense to always be capable of accepting cash.

    • 0x0@programming.dev
      link
      fedilink
      English
      arrow-up
      4
      ·
      6 days ago

      Having that data for every citizen of a country could enable efficient profiling of people in the country using big data analysis technologies.

      You don’t need an external actor for that, a government can very well do that to their citizens…

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      6 days ago

      Yup, I keep a fair amount of cash on hand at home in case there’s some kind of mass outage so I can at least get essentials to last until power is restored. Oh, and I also use it for my kids’ allowance and for baby sitters, but I have larger denominations as well in case of emergencies.

      That said, I have been considering using cash more often because I really don’t like all the tracking that already goes on, and I certainly don’t want the government having that data as well. But cash is super inconvenient because of small change, so I haven’t made the switch yet. If we could get rid of the small change and just round prices a bit, I would seriously consider going back to cash.

      • oldfart@lemm.ee
        link
        fedilink
        English
        arrow-up
        3
        ·
        6 days ago

        Just a note, high denominations are not great during emergencies, unless you mean big purchase emergencies. Buying food and gas with high denomination bills may end up in seller not accepting the bill because they have no change. Or happily accepting that bill despite having no change.

        For small change, you could take the jar to your bank and make a cash deposit (and see the cashier die inside). In some branches they have machines for counting change.