This is the future those who push for age verification want for us.
-
RE: https://post.lurk.org/@shibacomputer/116827981116605348
This is the future those who push for age verification want for us.
@Gargron@mastodon.social
I consider this type of age verification to be very negligent and pointless.
It would be more important to teach children how to use social media responsibly and how to recognize fake news and the like from a very early age – YES, IN SCHOOL. -
RE: https://post.lurk.org/@shibacomputer/116827981116605348
This is the future those who push for age verification want for us.
@Gargron In denmark, Datastyrelsen (the state office caring for data) released an "altID" app, which can be used as an ID, IRL or online. After creation, data stays on your device, and what clients get is an age or identity verification, and you get to choose what to share. They failed to make it open source, but given it does what the say it does, it at least better than scanning passports etc, I believe. It is derived from an EU model afaik. And I was able to install it on my google-free /e/os fairphone. FWIW.
-
RE: https://post.lurk.org/@shibacomputer/116827981116605348
This is the future those who push for age verification want for us.
The future is not "leak". The future is access for everyone who pays enough. Legally.
-
@Gargron@mastodon.social
I consider this type of age verification to be very negligent and pointless.
It would be more important to teach children how to use social media responsibly and how to recognize fake news and the like from a very early age – YES, IN SCHOOL.@mischi2000 @Gargron Just leave parenting to parents, the world does not need 'nanny states'.
-
@Gargron In denmark, Datastyrelsen (the state office caring for data) released an "altID" app, which can be used as an ID, IRL or online. After creation, data stays on your device, and what clients get is an age or identity verification, and you get to choose what to share. They failed to make it open source, but given it does what the say it does, it at least better than scanning passports etc, I believe. It is derived from an EU model afaik. And I was able to install it on my google-free /e/os fairphone. FWIW.
@anderslund @Gargron It was built to integrate with the European eID, yes.
-
RE: https://post.lurk.org/@shibacomputer/116827981116605348
This is the future those who push for age verification want for us.
@Gargron The scary part is the structural pattern: a high-value credential gets press-ganged into a low-value auth system that has zero incentive to secure it. Passports prove citizenship — they shouldnt be a cookie for pot shops.
Age verification needs an architectural boundary: prove you are old enough without proving who you are. Its solvable. The political will is the bottleneck.
-
@anderslund @Gargron It was built to integrate with the European eID, yes.
-
@mischi2000 @Gargron Just leave parenting to parents, the world does not need 'nanny states'.
@harib_murshidi@mastodon.social
Yes, I agree with you there, but I also feel I must and want to hold politicians and governments accountable. Proper legal frameworks must be established for large social networks. It must be possible to hold these networks accountable much more easily and quickly.
@Gargron@mastodon.social -
@Gargron In denmark, Datastyrelsen (the state office caring for data) released an "altID" app, which can be used as an ID, IRL or online. After creation, data stays on your device, and what clients get is an age or identity verification, and you get to choose what to share. They failed to make it open source, but given it does what the say it does, it at least better than scanning passports etc, I believe. It is derived from an EU model afaik. And I was able to install it on my google-free /e/os fairphone. FWIW.
@anderslund Maybe I'm thinking way too far into this, but it seems to me that any data given that verifies you, is a form of ID that can be stolen. Your "altID" is still ID.
-
RE: https://post.lurk.org/@shibacomputer/116827981116605348
This is the future those who push for age verification want for us.
@Gargron I am so fed up with ID being passed to external companies with no understanding or validation of what they do with it. One of the main companies used in the UK, Persona, was co-founded by Thiel. How on earth can *any* trust be put in any of his companies.
Lots of arguments about the how, but actually I strongly question the why. I simply do not believe the "protect the children" mantra. The goal is worthy, the method is not.
-
@anderslund Maybe I'm thinking way too far into this, but it seems to me that any data given that verifies you, is a form of ID that can be stolen. Your "altID" is still ID.
-
@Gargron The scary part is the structural pattern: a high-value credential gets press-ganged into a low-value auth system that has zero incentive to secure it. Passports prove citizenship — they shouldnt be a cookie for pot shops.
Age verification needs an architectural boundary: prove you are old enough without proving who you are. Its solvable. The political will is the bottleneck.
-
There is a case to be made for a safe age verification for online communities for minors.
Back in the good times when the US government tried to be part of a solution, president Obama’s Cyber Czar put out a proposal for a brokered verfication service to keep adults (potential groomers and pdfs) out of online games and services designed for school kids.
The student registries would’ve served as a source for identity and age verification and the individual app or an endpoint device would then be minted an anonymous proof of age.
It never materialised but the idea was compelling.
-
RE: https://post.lurk.org/@shibacomputer/116827981116605348
This is the future those who push for age verification want for us.
@Gargron I wonder if there is a future ahead of us in which all forms of identification documentation are so devalued as to be useless.
-
There is a case to be made for a safe age verification for online communities for minors.
Back in the good times when the US government tried to be part of a solution, president Obama’s Cyber Czar put out a proposal for a brokered verfication service to keep adults (potential groomers and pdfs) out of online games and services designed for school kids.
The student registries would’ve served as a source for identity and age verification and the individual app or an endpoint device would then be minted an anonymous proof of age.
It never materialised but the idea was compelling.
The search word would be ”National Strategy for Tusted Identities in Cyberspace”.
I see the paper was released ten years ago, when the US presidents still adhered to record-keeping requirements and preserved official documents for posterity.
https://obamawhitehouse.archives.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf
-
@Gargron I wonder if there is a future ahead of us in which all forms of identification documentation are so devalued as to be useless.
@Gargron
Is there also in that future a requirement for a difficult to obtain high value form of identification required to participate in elections? -
@anderslund What I'm trying to say (probably not well, it's hard to put into words) is that having your altID leaked/stolen doesn't feel functionally different to me than, say, this passport leak.
It's an ID masking your ID, but still has the whole value of any set of credentials.
Of course, as you said, physical possession of the device... which is also true of any credentials.
-
@pantheonw All I can think of that would be left if documentation was devalued, would be biometrics.
And *that's* a whole 'nother can of worms.
-
@harib_murshidi@mastodon.social
Yes, I agree with you there, but I also feel I must and want to hold politicians and governments accountable. Proper legal frameworks must be established for large social networks. It must be possible to hold these networks accountable much more easily and quickly.
@Gargron@mastodon.social@mischi2000 @Gargron Depends on what kind of accountability we are asking, some of the 'parental concerns' remind me of the Satanic Panic, #heavymetal scare of the 80s when the PMRC (Parent Music Resource Centre) in the US started a witch-hunt against musicians because some parents decide to sue Ozzy Osbourne for 'Suicide Solution', Judas Priest for 'Better by You Better than Me' (which was a cover of another band, they did not even wrote the song)
No social network can filter out creeps !
-
@anderslund What I'm trying to say (probably not well, it's hard to put into words) is that having your altID leaked/stolen doesn't feel functionally different to me than, say, this passport leak.
It's an ID masking your ID, but still has the whole value of any set of credentials.
Of course, as you said, physical possession of the device... which is also true of any credentials.
@solitha @Gargron I'd say that the ID solution we use in Denmark to identify to banks, public authorities and also private companies in some cases - MitID ("MyID") has had few issues. It is a 2FA soultion, where the 2nd factor is either an app or a physical device. AltID is less secure, but also provides less information to clients.
The data sent to clients is a boolean in case of age verification, ID shouldn't only be given to trustworthy services.
