https://bmi.usercontent.opencode.de/eudi-wallet/wallet-development-documentation-public/latest/architecture-concept/06-mobile-devices/02-mdvm/
-
@pojntfx I knew.
Like when people argued that age verification is ok bc it can be implemented in a zero knowledge way, I knew that it would never be actually done like that.
-
-
If a German citizen gets sanctioned by the US government, once this is implemented (later this year), that means they will no longer be able to be a participating member of German society, e.g. to show their (digital) driver's license to traffic police
@pojntfx If you get sanctioned by the US, like the ICC judge Nicolas Guillou, you are already fucked.
There is also an even worse case, where the EU has decided to effectively unperson Hüseyin Doğru over his reporting on Gaza and not only can he not participate in a society, its illegal for any EU citizen to even give him money to not starve.
I think we are doing pretty well even without the digital ID.
-
@pojntfx that Google dependency is unacceptable. That said, there is no reason (other than "they want to") to require a Google account to use the Play store (to download free apps). From a GDPR perspective, that is already a breach of the law, and already should have been fixed.
-
@hannorein @unnon89 @EloPup @pojntfx @tdelmas never attribute malice to that which can be adequately explained by stupidity.
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx codifying the use of AmeriKKKan tech is a really stupid autonomy move... And that doesn't even scrape the surface of reasons this is going to be really, really bad for privacy. Dumb as hell.
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx I wonder, why isn't anybody writing about EU age attestation in the first place? https://leminal.space/post/31858818/21120139
-
@fallbackerik @pojntfx @arjen so yeah, good point, maybe you don't need an account, but it still wouldn't work an a degoogled phone
So maybe it's not as bad, but still badAnd I'm not sure if people who are banned from having a Google account are also forbidden from using those other Google services (without an account)
(Of course you could still just use them, how will they know it's you? But we shouldn't expect people to break end user agreements)@Larymir @fallbackerik @pojntfx @arjen
It's broken, if it depends on Android (or iOS). It should run on other OSes, too, such as #Linux on PCs or on my #smartphone which runs #Mobian.
-
If a German citizen gets sanctioned by the US government, once this is implemented (later this year), that means they will no longer be able to be a participating member of German society, e.g. to show their (digital) driver's license to traffic police
@pojntfx Can my government please start following the law or at least try to...
-
@LunaDragofelis @tdelmas @pojntfx this issue was addressed eight months ago via their GitLab repo, so hopefully they've thought about it, but still they didn't change anything: https://gitlab.opencode.de/bmi/eudi-wallet/wallet-development-documentation-public/-/issues/2
-
@tdelmas The whole remote attestation thing should be dropped from the proposal. The rest of it is unfortunate (no ZKs at all, just signed credentials), but the remote attestation part is truly asinine. I have no idea how and why that decision was made. The people behind this are adding a path dependency on Google/Apple on something as simple as showing your ID to buy alcohol.
@pojntfx @tdelmas as long as age checks are anonymous and allow a generous ratelimit, remote attestation is required to maintain the integrity of the system, that's probably why
like, if i can make a custom android rom and automate issuing age proofs, then transmit them anywhere i want, then i can also create a fake miniwallet that would allow anyone to pass the age verification flow using my proofs. for a low price of 5 euros!
i personally don't think that age verification is a good idea, and even if it has to happen, remote attestation creates more problems than it solves. people will find ways to bypass age checks regardless, so this only closes one of the gaps, while excluding a fair amount of people. but i imagine this was one of the concerns that led to the decision to make it a requirement. -
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx So Apple/Google can collect your data? And so Trump can shut you down? That is ... not good. That should not be legal. -
@hannorein @unnon89 @EloPup @pojntfx @tdelmas never attribute malice to that which can be adequately explained by stupidity.
@ahasty any reasonably advanced stupidity is indistinguishable from malice
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx i wonder if they'll do anything to support huawei phones. according to statcounter, that's 1.6% of the german market! -
@ahasty any reasonably advanced stupidity is indistinguishable from malice
@zombiecide the real malice is how society seems to give the most power to the stupidest people
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx@mastodon.social this is what I feared and anticipated.
I'm a nerd and early adoptor usually but I'm going more and more offline when it comes to state sanctioned digitalisation efforts as they try to cage me in.
I'm running GrapheneOS - I already can't use most of the mandated apps from my public health insurance as they insist on Google/Apple lock-in.
It's pathetic especially since it is entirely possible to get the same security guarantees using Android APIs alone. -
If a German citizen gets sanctioned by the US government, once this is implemented (later this year), that means they will no longer be able to be a participating member of German society, e.g. to show their (digital) driver's license to traffic police
@pojntfx That kind of is already the case. Try getting important apps without an apple or Google account... You can for android at the moment because of apks and third party mirrors. or using something like aurora store who have a bunch of Google accounts setup. But with app store age verification looming globally I think it is only a matter of time before that comes to and end. On top of that it seems like google is killing sideloading which won't help
-
@zombiecide the real malice is how society seems to give the most power to the stupidest people
@ahasty I gave you a light-hearted way out of that direction, would've been nice if you took it
Hanlon's razor, while considered philosophical, is basically an emotional coping skill used to counteract certain types of rumination (caused by seeing current negative interaction as threat because of past trauma or learned behaviour)
emotional coping on its own, however, is of little use when dealing with current threats
and Hanlon's razor is not actually a very good emotional coping skill either
-
@zombiecide the real malice is how society seems to give the most power to the stupidest people
@ahasty so while I empathize with the resignation and despair I would feel if I said what you said (and I might've said at one time), I also think society isn't in itself an entity that can think and give power to anybody, it's people who looked at the laws and the media and who decided to play as dirty as they could to gain power, and they're self-serving and some, actively malicious, and I need to do what I can to counteract this - in this case, help ensure access to services without eIDAS
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx thank you for sharing that important information. We’re working on a solution which may just improve this exact trust issue.
Imagine if you can bind your very own sovereign zero knowledge decentralised DNS certificate to your phone. Protecting you via the root of the OS.
Empowering every user from the very heart of the device. A global zero knowledge decentralised proof of personhood network. Owned exclusively by the people. Intended as a public good protocol
here... most of the bank apps on my phone stopped working after I removed the Google Play services.
