kbal

It’s not as if I did an exhaustive search to sift through all the evidence, but what I found was this: https://lemm.ee/post/60365167

That is what their mod was accused of having done, albeit on reddit. If Kev believes those allegations to be unfounded, he’s done a poor job of expressing that.

Alas, not everyone on the fediverse is so friendly and welcoming towards people who “express certain political views” by using a position of power to suppress those they disagree with.

The main reason we can show our physical government-issued ID card to someone in a shop in relative safety is that it’s a human looking at it with their eyes, which do not have the ability to record and permanently store in machine-readable form all the information on it (such as a photo) that would identify their customer. (Of course when they hook up face recognition systems to their surveillance cameras we have other privacy problems, but that’s another story.)

The same thing cannot so easily be done across the Internet. Something like it may be possible in theory, with some caveats, although it’s hard to tell for sure until we see an actual design document for such a system that is complete to the point where we could examine the details and see if it might really work in practice. Nobody seems to have got that far as of yet. All the actual proposals that I’ve seen sacrifice privacy for convenience of implementation because doing otherwise would be very complicated and difficult.

If I search for zero-knowledge proofs relating to age verification the only thing I see is the hash chain method “based on a 2013 paper by Angel & Walfish” which is clever enough but does not in itself solve the problem of proving age while maintaining one’s privacy. It allows Alice to demonstrate to a verifier that she is over the age of 65 while revealing nothing else other than her name or some other identifying piece of information. Avoiding the reveal of any such information is what we would want to avoid.

Is there some better way to do it?

I’m still curious as to what it is that you have in mind. “Yes I have that card” will be communicated to random web services by the user presenting to them some kind of signed digital token I imagine, as is usual, and that token itself, or the user-held secret used in generating it, is what can then be sold, transferred, or used to track the user unless you have some way to prevent that. If you’ve given any hint of how you think it can be done, I didn’t get it.

One thing people sometimes think of is having the user be authenticated with a government (or other authority) server in real time whenever they want to prove their age to some stranger — but the system I saw which worked like that was obviously a pretty big violation of privacy so I assumed it wasn’t the sort of thing you meant. If that’s the idea, how would you prevent the central authority from keeping a record of when and where your “passport” was used?

Uh… if “it doesn’t have to be unique” then you may as well just have a password — everyone who knows that the password is “swordfish” is allowed into the adults-only club. There are things stopping people selling their actual paper-based passports en masse or just making photocopies. If you have an easily-replaceable digital token with no biometric info and it’s not tied to your identity in any way, there are no such constraints.

Yeah it’s really not that simple. If you give someone a unique signed token that just says “whoever has this is over the age of 35” then that token becomes your unique id number that every website you share it with can use to track you. If you create a whole bunch of temporarily valid tokens for old-enough citizens any time they want some, so far you have no way top stop those getting into the hands of teenagers who want to use them to sneak into feddit.

If you know a way to do it without invading people’s privacy you’d better go tell the government of Spain about it, because they didn’t manage to find it when they designed their eIDAS scheme which they hoped would become the Europe-wide standard. Not sure if that’s still seen as likely but I haven’t heard about any other concrete proposals yet.

There is no way to remotely verify someone’s age across the Internet without violating their privacy. If there was, there would be no way to use it that doesn’t violate their other rights.

More than 35% of the population still smoking

Okay yeah, not really the right time to start worrying about fucking vapes then.

Sure there are, here’s their website.

How do people even say that kind of thing with a straight face? It’s like claiming that coal is “net zero” if you use solar power to feed it into the furnace.

Look, we’re fighting crime blindfolded here. We have no choice but to stab ourself in the face.

It might. If some day they don’t control the browser, whoever does control it might be hesitant to build in features that are only there to spy on users for Google. Cookies do at least have some other uses.

Oh shit, Jerry legit blocked it: https://fedia.io/m/fedia/t/1468012/Fedia-reporting-issues-with-specific-servers-e-g-lemmy-ml-lemmy-one-startrek-website/comment/8379246#entry-comment-8379246

It’s unfortunate IMO. I thought it was just some kind of weird mbin problems causing lemmy.ml not to federate, then I mostly forgot about it. Although that server is not without problems I’m sure, it’s a huge piece of the lemmy world to be missing and it’s a pretty small world to begin with.

Why did it get defederated?

Rule 1: Crushing people with tanks is fine so long as it’s our side doing it.

Literal fucking tankies. I wonder if they will ever come to their senses. Oh well, it’s not as if there aren’t Nazi instances somewhere on fedi as well.