It’s not a topic issue. The discussions are largely around platforms and custodians. They bring lots of ethical problems. Anything on this page is relevant to personal finance:

https://git.disroot.org/cyberMonk/liberethos_paradigm/src/branch/master/usa_banks.md

If someone managing their personal finances wants to ask how to avoid the bad players and still achieve their goals, it’s relevant. But Bogleheads is not keen. I don’t recall the particulars (it was over a decade ago) but it wasn’t topic related. It was just a conservative moderator or crowd who don’t want ethics getting in their way or cluttering their view.

Tor. I wonder if that is a more fraud or trolling concern. Or maybe for financial houses more of a US law concern.

Certainly not a legal issue in the US. Tor works ATM on Bogleheads. Cloudflare is often chosen out of ignorance by admins who don’t even know what Tor is, or at least don’t know that most Tor traffic is legit. It’s usually a lazy move. I don’t recall the details about Boglehead’s tor hostility but they’re reachable over Tor right now.

I used the Bogleheads forum over 15 years ago. It eventually turned sour and I left.

One of my issues is that the banking and finance sector and consumers engaging in it are conservatives. So if you want to ask a question like “where can I find a relatively ethical bank/investment firm that does not invest in fossil fuels?” it’s alienating to right-wingers to consider ethics. They don’t see the ethical problems that plague the industry and at the same time they don’t recognize the concept of ethical consumption. They just expect everyone to look after number 1. Bogleheads had little tolerance for politics, which inherently forces a narrow discussion of what financial products bring what value to the selfish types of consumers who neglect ethics. They don’t want someone exposing JP Morgan’s investment in private prisons or fossil fuels, or even how JPM Chase has a sneaky anti-Tor policy to discover which of their customers use Tor. Bogleheads did not kill my account… it was just that ethical topics either had crickets or hostility, and censorship. IIRC what ultimately drove me off was Bogleheads started blocking Tor or using Cloudflare or something that demonstrated disrespect for digital rights. But apparently they re-liberated their forums since it seems Tor is permitted again.

For medical chatter I would look at mander.xyz, which is science focused.

For law it’s a bit of a ghost town, but at least there is a ghost town ready to host interested litigants→ links.esq.social

There is [email protected], which would be somewhat related to personal tax. There is also a Lemmy instance dedicated to finance. I don’t recall it off the top of my head but the instance joined Cloudflare so I immediately abandoned it.

For the record, lemmy.ml is a terrible place to discuss tax or personal finance. The admins of that instance treat personal finance questions as spam and even go over the heads of moderators to censor such discussion because of their political baggage. IMO sopuli.xyz might be a good place to create an account and create finance communities.

All the oil companies quite rotten slimeballs. But if you look closely enough there is still significant variation in the extent of the evil. Off the top of my head:

• Chevron - a right-wing ALEC member, thus contributes heavily to the politicians who are the most environmentally destructive, who neuters the EPA. ALEC also finances climate denial propaganda. Chevron was also caught financing the cloakroom project to arrange secret meetings between politicians and corps like Chevron.

• ExxonMobil - Notable for oil spills and also because Exxon discovered climate change in the 60s and kept it secret, thus enabling it to have a much more harmful impact.

Those are two worst. Chevron and Exxon are also both partnered with a quite evil tech giant: Microsoft, who uses AI to help those two shitty corps find places to drill for oil. Google partnered with Total, and Amazon partnered with BP and Shell for the same purposes. The greater evil to boycott is Microsoft, Chevron, and ExxonMobil. MS also has a quite long list of unethical conduct, such as helping Israel acquire facial recognition tech to weaponize against Palestinians. So if you boycott Israel you also boycott MS.

I installed Bisq a few years ago the 1st hurdle was buying cc required having some cc escrowed to start with. I’ve also heard that some banks are so hostile toward cryptocurrency they freeze accounts of people suspected of trading it. I got the impression Bisq transactions would be detectable by the bank but my memory is fuzzy on that. I suppose I need to use a burner bank account I don’t care about, and use a bitcoin ATM to get the escrow money. It’s a shame the Bisq escrow money can’t be in fiat money.

I would love to be using cryptocurrency in cashless situations instead of just nixing those options. I’ve reached a point where if it’s not sold locally for cash I don’t buy it. Cryptocurrency has failed me because most exchangers are in Cloudflare’s giant walled garden and I will not patronize a Cloudflare user. There are cryptocurrency ATMs but the fees are extortionate.

I never have to use PayPal. Goods and services my life depends on can all be bought without PayPal. If a hospital emergency room were to only accept PayPal/Zettle, they would treat me then I would simply refuse to pay the bill until they change their payment terms. It has been over a decade since I made a PayPal transaction. Exceptionally, PayPal may have processed some of my card transactions without my knowledge (before I knew what Zettle was), but if I knew I would have walked.

I spoke to a small cafe owner who only accepts Zettle, no cash. He was the owner and cashier. He said Zettle was the cheapest for him. But as an ethical consumer I have choices and price is low priority. I don’t have to buy my coffee from him. In some cases I have managed to compel a cashless shop to accept my cash. If I have exact change or their staff has change, the staff will use their own personal payment card and take cash from me. I normally boycott cashless brick and mortar shops, but sometimes I do an experiment of forcing cash on them. But in the case of Zettle that’s not an option because PayPal still profits from the transaction even if PayPal does not obtain or profit from my data.

I don’t know your situation with gas or how trapped you are, but if you must buy gas you can probably boycott Chevron and ExxonMobil and buy from one of the other lesser evils. Or if you have a diesel engine you can do what a friend does and collect waste oil and convert it to bio diesel.

#PayPal is one of the most evil:

https://git.disroot.org/cyberMonk/liberethos_paradigm/src/branch/master/rap_sheets/paypal.md

I got burnt personally by them but even if I hadn’t they are among the least ethical options. There are some vendors selling products I would like to buy but they accept paypal exclusively, so I walk… and go without. Recently I have encountered some small brick and mortar shops/cafes that use “Zettle”. #Zettle is paypal. So if I see Zettle and they don’t take cash, I walk out. They share data with over 600 corporations so I will not allow Paypal to serve as a payment processor of my credit or debit card. Paypal are rotten to the core scumbags. They have some sneaky tricks for keeping people’s money under the guise of AML/KYC/anti-fraud, even though they are not a bank and escape those regulations anyway. It’s no surprise Elon Musk and Peter Thiel were involved with the founding of that company.

The magstripe is useless in my area. The bank also automatically blocks the use of the card in non-EMV regions. A travel notice is needed to make the card function in non-EMV areas. The magstripe encodes a flag that declares that an EMV chip is present so EMV-capable readers will reject the magstripe. So a skimmer would have to find out my travel plans to a non-EMV region. They will be waiting a very long time because I have a different card for non-EMV regions. I could just as well scrape the magstripe off if I thought skimming were a significant risk.

The other exploit is trapping the card using a plastic sleeve then fetching it after you give up and leave. If my card gets stuck in a machine, I would operate under the assumption that that attack is in play. An attacker can drop off a compromised ATM… a whole machine. Those are always free-standing. I don’t think free-standing ATMs exist in my area.

Every region has a different norm. Smartphone banking may not have caught on in the US but the European normal is quite different in the banking sector.

Europe even has cashless banks (not joking). These are “banks” that actually have no vault, only computers, and do not handle cash. No cash deposits. Withdrawals only possible at ATMs. If your ATM card fails and you need cash, you go to the bank and a banker walks with you to the ATM so the banker can withdraw the cash using a special card. It’s normal in Scandinavia but I think it would be shocking if a US bank were to operate this way. A cashless US bank would be an embarrassment.

The #WarOnCash have made bigger strides in Europe than the US.

If you want to withdraw $15k in banknotes in the US, it’s normal. In Europe it’s not only abnormal but sends red flags. I know someone who tried to withdraw €15k from her bank account and the bank called the police and arrested her. She was not charged with anything but they fully documented the attempt and released her. That was in a country where cash transactions greater than €3k are illegal. Spain, France, and Belgium all have cash limits like this. Netherlands is next. (to be clear, I think a €15k withdrawal would not be illegal on the part of the consumer but it likely exceeded the ToS of the bank and also triggers suspicion… some of the details are murky)

In my region it’s illegal for a bank to offer 1FA logins. So the banks give you an RSA token of sorts… a hardware device. Some banks have opted to use mobile phones for 2FA instead of buying and maintaining special purpose devices for everyone. Then they leaped to the assumption that everyone has a smartphone. From there it’s natural for them to figure there’s no longer need to maintain a website.

You don’t trust the bank’s app because of who they might have outsourced the code to

You can safely scratch out the word “might”. It’s very unlikely that a bank would write their own app in-house.

I don’t trust the outsourced entity, nor do I trust the bank. Banks use the cover of “KYC” to collect abusive amounts of information. Closed-source projects need to profit too & banks would be happy to reduce their cost by allowing 3rd party data collection. Most banking apps are outright tagged that they call for perms to collect your GPS location. I also don’t trust Google not to profit from information about where Google pawns do their banking – that’s too valuable to debt collectors to let it go unexploited.

but you will trust that the ATMs haven’t been tampered with by criminals?

I trust consumer protections to be enforced. I’ve made use of those protections in an ID theft situation so I’ve seen 1st hand that they work. If you fear ATMs then you cannot easily fight the #warOnCash. Do you get your cash over the counter, or do you simply support the war on cash and all the data leeches banks feed? If you’re quite worried about it, I suggest using the indoor ATM at a bank that’s only accessible during business hours.

You get no consumer protection from bank snooping that you agreed to in the ToS. You should read your bank’s ToS and privacy policy sometime. It’s interesting to see what they needlessly collect.

Because the latter is by far more common than the exploitation of a security hole in a banking app.

An outsider exploit is not the biggest threat. It’s the bank itself snooping lawfully (and monetizing that data to keep your fees down) that’s the most certain compromise. Though exploits cannot be ruled out either since closed-source blocks users from auditing the security.

The long-term plan is of course to ditch the account. At the moment I’m in a pinch and just need an ATM that works. It’s a bit alarming how little knowledge and information is available on ATMs. The non-transparency is in itself a privacy issue.

I don’t think credit unions exist in my country. But it’s worth noting that credit unions in the US have a whole different set of pitfalls. They are typically too small to offer their own services. Credit unions outsource everything: bill pay, statement printing, the website, email… They do nothing in-house. All that outsourcing means copious information sharing with giant centralized corporations that monetize your data.

You may consider giving Ally bank a try.

My dumpster fire bank is not the US. But I would avoid Ally anyway since that bank’s website is tor-hostile and their privacy policy also scores below average on privacy. I suppose the low fees and high interest must be offset by data monetization.

I question the merit of avoiding downloading their mobile app and instead sticking your card into lots of random unverified ATMs to try to get balance reports.

Third party ATMs do not appear to exist in my region. All ATMs are bank-owned AFAICT.

The app may not be great, but SSL is cryptographically sound and the bank has your social and your identity anyway.

The app requires trusting whoever the bank outsourced the coding to. Does the bank even get to see the source code? I wouldn’t trust the bank or the profit-driven closed-source developers to not include spyware or to look after the consumer’s interests. Especially in the case of US banks. Apart from that I object to Google keeping track of where I bank (data which can ultimately be sold to debt collectors) – which is inherent in being forced to use the Play Store. I also object to buying a new phone (hardware) in order to chase the version requirements. These abuses are certain, thus a non-starter compared to the mere bad luck chance of fraud by a dodgy ATM which at least have the remedy of consumer legal protections.

None of that is normal.

I think it’s the new normal. Aren’t banks like n26 & Revolut purely by smartphone? This was a proper bank that became like the smartphone banks. I see how people all around me blindly trust smartphones & Google or Apple with reckless disregard. And they upgrade with reckless disregard. The Fedi crowd is more likely to see the absurdity in a bank-by-smartphone situation but the young generations would probably just as well have Snapchat handle their banking. It’s a terrible direction things are going in. I can’t even reserve public parking in my region offline anymore.

One of the traditional banks in my area is gradually removing features from the web service & making them exclusively app services. They probably hope to eventually pull the plug on the website. I’m close to pulling the plug on banking.

The bank in this case has closed down their website. Paper statements are gone. They also closed their office & made it by appointment only. Calling & asking a human possibly incurs a fee. All access is exclusively via a proprietary closed-source app that’s exclusively available from surveillance capitalists (Google & Apple). The app is chronically upgraded and fussy about platform OS version & refuses to run inside a virtual machine, thus requires buying a new phone periodically.

For me it’s moot… I suggest boycotting #Paypal:

https://git.disroot.org/cyberMonk/liberethos_paradigm/src/branch/master/rap_sheets/paypal.md

Sharing customer info with 600+ companies is well beyond reasonable. And the way they freeze accounts arbitrarily… just bizarre that people still use them.

The article uses “banks” in the generic sense. Some of those issues apply to credit unions as well, particularly points 4, 6, 12, & 13.

I will never endorse nor recommend cryptocurrency as a sound investment.

Cryptocurrency was not supposed to be an “investment” in the first place. Like they say in Europe “if you treat houses like stocks, they will behave like stocks”.

Anyway, I could almost agree with you on the /investment/ comment, but then you said “never”. Consider fiat money. GBP may be a sound investment to diversify and hedge against USD or EUR. But things change. Maybe one day the GBP becomes very unstable (as btc is today). Would you then at that moment say “I will never endorse nor recommend GBP as a sound investment”? It’s a sound investment when it’s stable, and a dicey investment when not stable.

The article of the thread does not propose cryptocurrency /as an investment/. This is about cryptocurrency as an alternative to (unethical) banks. When you oppose the only alternative to unethical banks (considering the future of cash is endangered & bartering is impractical & unscalable), you effectively endorse unethical banks.

cryptocurrency is one of the largest scams of our modern time

That’s like saying “cheques are a scam” or “wire transfers are a scam”. They are certainly not a scam. But scams can be designed that exploit weaknesses in any of the three instruments (cheques, wire transfers, cryptocurrency transactions).