https://bmi.usercontent.opencode.de/eudi-wallet/wallet-development-documentation-public/latest/architecture-concept/06-mobile-devices/02-mdvm/
-
If a German citizen gets sanctioned by the US government, once this is implemented (later this year), that means they will no longer be able to be a participating member of German society, e.g. to show their (digital) driver's license to traffic police
@pojntfx Extraterritorial Surveillance:
There is a theoretical risk that, because it is integrated into the OS ecosystem, the manufacturer (under laws such as the U.S. Cloud Act) could be compelled to provide metadata on when and where the wallet is used, which conflicts with the GDPR’s prohibition on tracking. 2/2
-
If a German citizen gets sanctioned by the US government, once this is implemented (later this year), that means they will no longer be able to be a participating member of German society, e.g. to show their (digital) driver's license to traffic police
@pojntfx
You don't need to wait, nor for the US to be involved. -
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx so, totally understood the EU desire for digital sovereignty then?
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx this is unacceptable
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx
Germany is such a mess; they’re just useless, and there’s plenty of that -
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx Skimmed it and I’m not sure that they are embedding dependence on Google or Apple so much as recognizing that in a BYOD situation these are the tools they have to verify a device has not been tampered with or is not a credential stealing app?
I can imagine lots of other regimes like sending everybody a physical device like a TOTP generator, but for purely on-device is there another plausible way to do it? In a way where the average person won’t instantly lose their keys/credentials
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx, would be curious if this holds up in court. Also, why would a sovereign nation (and people) accept that. And, way to read the room (US as a security threat).
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx No Brasil, a Caixa Econômica Federal exige conta no WhatsApp para envio de código para atualização de cadastro de clientes. Quem não tem conta na empresa de Menlo Park não consegue movimentar o aplicativo e as agências não sabem como resolver isso.
-
@tdelmas The whole remote attestation thing should be dropped from the proposal. The rest of it is unfortunate (no ZKs at all, just signed credentials), but the remote attestation part is truly asinine. I have no idea how and why that decision was made. The people behind this are adding a path dependency on Google/Apple on something as simple as showing your ID to buy alcohol.
What I am always asking myself: The ppl behind this (theoretically) have access to pretty much every expert they want to, how do they still come up with stuff like this?
Same story for so many tech related policy proposals…
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
Oh no... They refer to the text of the ammendment to Eidas called EU Digital Identity Wallet.
It will be law in december in Sweden, sv, "En statlig e-legitimation", de, "Ein staatlicher elektronischer Ausweis", en, "A government-issued digital ID".So if it will be like in Germany it will be a lock-in in Google Play Integrity and Apple's DCDeviceCheck attestation. Just as I suspected. Hope I will be wrong, but looks really bleak for all EU countries if this will be the outcome of the EU digital wallet thingy... EU sponsorship of the Google/Apple duopoly.
-
@pojntfx
You don't need to wait, nor for the US to be involved. -
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx My understanding is it will require the Apple/Google background services to check that the phone isn't jailbroken etc., and communication with the corresponding servers. But a corresponding account is not necessary for the German ID wallet to work.
It's a device check, not an account check.
-
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx Wait, what?!
-
Tech companies writing their own rules is a "regulatory hijack"
What happens if their age verification app is hacked?
Or if these corporations are sold, bankrupt, amalgamated, or nationalized by the state?Privatization or financialization of the means for assuring identification is a very bad idea.
Remember who invests in both Google & Apple.
https://www.businessinsider.com/saudi-arabia-crown-prince-visits-apple-google-2018-4https://www.cnbc.com/2018/04/07/heres-a-look-at-who.html
This is just another effort by fossil fuel funded fascism.
-
I've said it before an I'll say it again: This entire project of identity verification with Apple/Google-account bound mobile devices is going to lead the continent down a dark, dark path into full technological submission to the US
It's completely crazy to order the world to submit to Apple/Google.
But by now, America has been doing all sorts of things that were unheard of before. They just push to get their way, if necessary start with absurd demands that they will 'tone down' so the others think they reached a compromise but that really gives America what it really wanted.
I think most politicians by now turned into profit and ego-driven maniacs, real Wannahaves who adore the Haves. -
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx Is that what they meant for European Digital Sovereignity? nice...
-
Oh no... They refer to the text of the ammendment to Eidas called EU Digital Identity Wallet.
It will be law in december in Sweden, sv, "En statlig e-legitimation", de, "Ein staatlicher elektronischer Ausweis", en, "A government-issued digital ID".So if it will be like in Germany it will be a lock-in in Google Play Integrity and Apple's DCDeviceCheck attestation. Just as I suspected. Hope I will be wrong, but looks really bleak for all EU countries if this will be the outcome of the EU digital wallet thingy... EU sponsorship of the Google/Apple duopoly.
