There has to be some way that we could have created the architecture to do everything a phone does without letting a user be triangulated easily.
I know there is no incentive to do that, but it amazes me how far ahead the security of the web is compared to phone tech.
Like maybe if phones could authenticate without broadcasting a unique identifier. And maybe they could open a vpn style encrypted tunnel and perform their auth over that tunnel.
Idk, I know nothing about phones, but it has to be possible.
I’ve heard Costco has a better return policy