alt Hacker NewsWith all of the discourse around hardware attestation, digital ID, and age verification in recent weeks/months, is there actually any good solution to the problems these existing tools (Privacy Pass, WEI, Fraud Defense, uploading IDs) claim to solve? Are there open and privacy-preserving standards that can solve the problem of bots and minors? If not, what would be required to establish one, and is it realistic?
Businesses will do what businesses will do, but it seems to me having something to point to and saying "do this instead" is more effective than "this sucks and isn't even about security, don't do this at all" even though it's true.
Replies
What even is the problem? I keep my kids computers in the living room where it's easy to see what they are doing. Their lan shuts down at night when I'm asleep. They don't get full control of their own cell phone until they are around 16-years old. Bots on social media discourage me from using it which is a Good Thing if you ask me.
Thank you for offering this take -- it is the only forward looking one.
The anonymous internet is going away -- it is too supportive of crime and various kinds of gray area misconduct, and governments and large corporations were eventually going to do something about that.
Such a degree of anonymity is desirable, but it is not a requirement for a free society. What were things like before the internet? You couldn't anonymously browse billions of pages of information in 1960.
> Are there open and privacy-preserving standards that can solve the problem of bots and minors? If not, what would be required to establish one, and is it realistic?
Ideally there shouldn't be standards for this. What we have already is enough.
Companies claiming they are closing down their services/devices to protect the users is total BS. Facebook has admitted they get 10% of their ad revenue from scams, and that's the reason they won't go after scammers on their platforms.
Same can be said for Google. They could come up with numerous ways to block bots or make captchas harder for actual bots (while also not flagging every non-Chrome user as a potential bot, like they do nowadays), but they pretend this is an unsolvable problem that requires a nuclear solution, it used to be Web DRM but now it's called Fraud Defense.
There is a good solution to these problems. Exhaustive punishments and forcefully ceasing operations for repeat offenses.
China has all the tech giants jumping through whatever hoops they want by banning them by default and only allowing whichever ones they want to operate after they meet their strict policies and ad hoc decisions.
Now that the US has decided the EU is a rival, the EU should do the same.