Rendered at 11:25:14 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
1vuio0pswjnm7 1 days ago [-]
Back to the internet's peer-to-peer roots. Many protocols besides the www
The www became infested with so-called "tech" companies acting as intermediaries (middlemen)
Lots of folks making money from surveillance ad system on the www. Oversized, unmanageable websites calling themselves "platforms"
The www is an ad network. Not a great place for non-commercial activity
Fortunately, the internet is more than the www. The internet was not created to collect behavioral data and deliver advertising as its primary purpose
People pay for an internet subscription, not a www subscription (or now a "social media subscription")
s-zeng 1 days ago [-]
I've really enjoyed playing around with https://github.com/markqvist/nomadnet and the reticulum protocol in general as a peer-to-peer alternative to www
noosphr 12 hours ago [-]
That you link to a github is ironic in the worst way possible.
DeusExMachina 30 minutes ago [-]
There is nothing ironic in using the current status quo to spread something we hope will replace it. It's called pragmatism.
movedx 11 hours ago [-]
Where should the code be hosted, then?
tardedmeme 12 minutes ago [-]
How about the internet?
hunter2_ 6 hours ago [-]
It's not the "where" but the "that you link" which is ironic: referring to it by the https:// scheme turns it into a link (a fundamental aspect of www); a scheme like ssh:// or git:// would avoid this.
zoobab 3 hours ago [-]
On a distributed network where the content is always available, maintaining X amount of copies in an autonomous manner.
We need to evolve the protocols beyond simple HTTP servers.
globular-toast 3 hours ago [-]
That's no good if broad laws are passed that require age verification. It could be interpreted as even SSHing into a server that doesn't verify your age is illegal. Some decades ago it would have seemed too stupid to actually happen. Now I'm not so sure.
platevoltage 15 hours ago [-]
I have to admit, I'm kind of looking forward to what comes after the inevitable death of the www.
krapp 39 seconds ago [-]
Why?
The WWW was at least created with egalitarian ideal. It was available to everyone, it ostensibly allowed anyone to publish and communicate freely.
Whatever comes after will either be entirely controlled by corporate and government interests or gatekept against "normies," and thus be a homogeneous cultural bubble doomed to wither into self-referential senescence and die, and will be far less free, less powerful and less capable than the web. We'll never get anything with the transformative potential of the web again.
A world where your only options are GovNet or EliteWhiteHackerDudeSpace. I don't look forward to that at all.
HerbManic 14 hours ago [-]
I don't think WWW will ever die but I can see a hard split coming eventually. Most people will just put up with the current state of the internet for a long time yet.
bsuvc 13 hours ago [-]
Gopher and Usenet died
rustcleaner 8 hours ago [-]
IRC lives, discord be damned!
fsflover 14 hours ago [-]
I2P already exists and is usable.
jijijijij 3 hours ago [-]
But is it resistant to enshittification?
thefz 1 days ago [-]
Once again American capitalism ruins everything for everyone.
HerbManic 14 hours ago [-]
Yeah but $1.50 Costco hot dogs! I got nothing more on that.
zrn900 14 hours ago [-]
Not only that. The Eu is also implementing 'age verification', at the same time with - surprise - digital id.
It's just an attempt to reverse the free internet and implement total surveillance.
NewsaHackO 11 hours ago [-]
Yeah, I feel as though people have seen the error of creating a free internet and are trying as much as possible to reverse it. It's kind of like how Photoshop (and most software companies honestly) have seen how selling a license in perpetuity does not work and opt for the rent-seeking monthly subscription route.
jijijijij 3 hours ago [-]
The age verification with the EU ID card can be implemented without leaking any identifying information. If it's gonna be like that is questionable, but it's technically possible.
tardedmeme 11 minutes ago [-]
For $5 I'll give you an age token from my card.
drnick1 14 hours ago [-]
Without American capitalism you wouldn't have computers, the Internet, smartphones, AI, electric cars and countless other things. That, and the Costco hot dogs mentioned in another reply.
1vuio0pswjnm7 6 hours ago [-]
"The global Internets progenitor was the Advanced Research Projects Agency Network (ARPANET) financed and encouraged by the U.S. Department of Defense.
In order to understand the wonder that the Internet and various other components of the Net represent, we need to understand why the ARPANET Completion Report ends with the suggestion that the ARPANET is fundamentally connected to and born of computer science rather than of the military.
The Completion Report goes on to differentiate the research ARPA supported from the research done by the computer industry: The computer industry, in the main, still thinks of the computer as an arithmetic engine. Their heritage is reflected even in current designs of their communication systems. They have an economic and psychological commitment to the arithmetic engine model, and it can die only slowly.12 The Completion Report further analyzes this problem by tracing it back to the nations universities: furthermore, it is a view that is still reinforced by most of the nations computer science programs. Even universities, or at least parts of them, are held in the grasp of the arithmetic engine concept.13
Computer networking was developed and spread widely in an environment outside of commercial and profit considerations, an environment that supported such research."
Michael Hauben
Netizens: On the History and Impact of Usenet and the Internet (1997)
IEEE Computer Society Press
ISBN 0-8186-7706-6
HN commenters/voters may reject the use of the term "military" in the origin story of the internet
That's fine
However it was American taxpayers, through the _Department of Defense_, that financed the creation of the internet
That's government spending, not "American capitalism"
The original internet was non-commercial and was not the result of "American capitalism"
As above, the American computer industry (capitalism) at the time was not focused on computer networking and using computers for communication, it was focused on computers as "arithmetic engines"
MattDamonSpace 6 hours ago [-]
The only reason the US Gov had the expertise and resources to fund DARPA in the first place was because it was a massive capitalist country with enormous wealth
tardedmeme 10 minutes ago [-]
Did the USSR have a space program?
thefz 5 hours ago [-]
Which is very well known for collecting taxes, right? :D
thefz 6 hours ago [-]
And the WWW is a Swiss invention.
graemep 2 hours ago [-]
British or European. Inventor was British, working for a European organisation.
thefz 6 hours ago [-]
Smartphones and AI are tady's cancer, so good job America! Polluting the earth and its inhabitants once more. For electric cars, I have my doubts that without China we will have them, but I'll leave you simmer in your exceptionalism.
1vuio0pswjnm7 12 hours ago [-]
"Without American capitalism you wouldn't have computers, the internet, ..."
In fact, the internet was born out of the American military, i.e., government, and American universities, not "American capitalism"
The first time I used this internet, there were rules against using it for commerce
matchbok3 10 hours ago [-]
The American military would not exist without the economic freedoms we have.
dosisking 6 hours ago [-]
We don't have any of these so-called 'econonic freedoms'. Anybody can be de-banked at any time.
acdha 10 hours ago [-]
Dude, we get it, you’re a super fan but these are some intellectually lazy comments. Our military is powerful, yes, but if you want to make some exceptional claims you need to show your homework demonstrating that kind of claimed huge leap over other economies (China, Russia, Germany, etc.). Be sure to explain how Iran is doing so well for so much less.
matchbok3 10 hours ago [-]
Um, where did I mention China or Russia?
Intellectually lazy? What are you even talking about? Stay on topic, you are embarrassing yourself.
1vuio0pswjnm7 9 hours ago [-]
There was no advertising on the internet, originally
This was before the www
loopback_device 14 hours ago [-]
Except that the www came out of Switzerland, the first electric vehicles out of Scotland and Germany, the earliest descriptions of neural networks - also Scotland, and countless other things, like Rockets and whatnot, also out of Europe. But, sure, congrats on that ARPANet thing.
bluebarbet 12 hours ago [-]
Final sentence was unnecessary.
matchbok3 10 hours ago [-]
Can you point to the stock markets and silicon valley, and tech leaders and military of those countries?
Oh, wait...
drnick1 10 hours ago [-]
It is American ingenuity that turned academic curiosities like neural nets into usable products. The missing ingredient in places like Europe or Asia is not intelligence, it is a business friendly environment and the right incentives for entrepreneurs. This is why countries like China can copy existing stuff and make derivative improvements, but don't meaningfully innovate.
tardedmeme 8 minutes ago [-]
Thank god we have "American ingenuity" to enshittify new inventions. Where would we be without that?
altmanaltman 14 hours ago [-]
The irony of writing this on this particular board, out of all places.
matchbok3 10 hours ago [-]
Except for being the greatest single force for innovation and growth in the world?
bluegatty 14 hours ago [-]
It's absolutely a slippery slope - but most parents know how this is a very real thing as well. There's no controversy in having drugs, guns, alcohol, porn and other things 'behind the counter' - the intellectual debate over freedom of information is clouded by ideology.
Definitely the 'slippery slope' debate is worth having, but that's way more relevant than the 'should 10-year-olds be able to do whatever' (aka all or nothing internet) which I think, if we took a vote, most people would be fine with nominal age restrictions, on that basis and on that basis alone aka outside the 'scary government' issue, which is again, real and material but nevertheless a separate concept however pragmatically engulfed these things are.
txrx0000 12 hours ago [-]
> There's no controversy in having drugs, guns, alcohol, porn and other things 'behind the counter' - the intellectual debate over freedom of information is clouded by ideology.
The first three are physical things, not information. Porn can be debated, but the current age verification push is trying to impose blanket control on the entire information ecosystem. It's the digital equivalent of requiring ID to go anywhere or do anything, rather than just a few well-defined things.
Even if we view it as a good faith attempt (which it is not, remember what Edward Snowden exposed), the parental authority over a child's information diet is being transferred away from parents to tech companies. They're legally mandating you to give away your child's personal info (just age for now, but they'll demand more if we give them this) and make the decisions on what is suitable, instead of you making those decisions for your child.
tardedmeme 6 minutes ago [-]
> It's the digital equivalent of requiring ID to go anywhere or do anything, rather than just a few well-defined things.
No, it's social media, specifically.
benoau 11 hours ago [-]
> the parental authority over a child's information diet is being transferred away from parents to tech companies
These companies not only wanted that but they exploited the shit out of it for obscene profit! In many ways it was their unabated greed that has caused this situation: from addicting design of video feeds, grooming obscene spending habits, collectively doing as little as possible to keep predators and inappropriate content out of games for children.
And how could parents police effectively "the whole internet", it's like expecting them to police what their kids see and hear at school on lunch break x 1000 you cannot control all the things that can influence a child for better or worse. Maximum security prisons can't stop people from accessing the internet and making phone calls so what hope did parents ever have?
We could have avoided this if Google and Apple had enough decency to keep the bad stuff from becoming effortlessly, trivially accessible to children, but they made a fortune off Roblox instead of applying their policies and noticing the abundance of pornography and predators, they ignored Grok churning out CSAM as fast as people could request it, no response to court revelations that Zuckerburg's apps are teeming with sex traffickers, prostitutes and scammers, no response to apps excessively exploiting addiction other than making sure they get their cut.
So now we're caught between a rock and a hard place, a completely unsustainable system where everybody who should be accountable claims to have immunity, and parents are incapable of enforcing a healthy upbringing for their children in this mess.
bluegatty 11 hours ago [-]
Information is a material concern
Relationships are a concern (random people interacting with your child? Good Gosh!)
Privacy is a huge concern for children, way more so than is afforded we regular netizens.
"They're legally mandating you to give away your child's personal info " - no they are not, they're mandating age requirements, which is a separate thing.
Snowden did not bring up age restrictions.
"instead of you making those decisions for your child."
I'm sorry but today the choice is not by parents, the point of the age restrictions is so that parents ultimately can have a choice (they and provide access by their own accounts).
The 'all or nothing' issue of the internet is a big deal - parents don't really have a choice.
These are mostly ideological and rhetorical arguments, not grounded in pragmatism.
The pragmatic concern is 'abuse of control' (aka the 'general' Snowden argument), which is real, but can also be avoided if they do it right.
Granted, I don't have a lot of faith that they will do it well.
movedx 11 hours ago [-]
> It's the digital equivalent of requiring ID to go anywhere or do anything, rather than just a few well-defined things.
Are you aware that most library systems across most of the world require someone to be 16+ to open an account and/or take out books and materials? That's not restricting anything, that's preventing abuse by those not intellectually or emotionally capable of regulating their behaviour. The parent of the under 16 takes responsibility for their actions, essentially.
If you have to be 16+ to take materials out of a library, why should a minor be able to access _anything_ on the Internet without also having an adult check what it is you're doing? Why should a 12 year old be able to freely visit "innocent-website.tld" without it first being confirm the website actually is innocent? What if it's innocent today, but adopts a new doctrine tomorrow? There's a reason YouTube doesn't let you change a video upload after you've published it: you could upload nearly anything to replace your previously innocent and successful video.
Nothing changes between the physical world and the virtual one. The same problems exist, except the virtual one makes it easier to access much darker information.
txrx0000 9 hours ago [-]
The library is one place out of the many places you could go, and the closest digital equivalent is a library website or an app. The Internet is not just a library, but a whole world of its own. We don't have blanket control laws that restrict all movement and speech in the real world based on verified age. The restrictions for minors are implemented at much more local levels.
We do need parental guidance like in the physical world, but such guidance should be issued by the parents, not the tech companies. Age verification is about giving your age and some other identifying metadata to the tech companies, and they hold the authority to decide what to filter. It should be other way around. The companies should expose metadata about their service and the content in their feeds via public APIs, and let people filter stuff locally on the device per the device owners' aka the parents' preferences. Oh wait. Such features will never reach mass adoption in the current software ecosystem. Software antitrust is a joke. These companies and the feds have the opposite incentives and do everything to sabotage local solutions. They've locked down what OS you can run on the hardware you bought, what apps are approved on their walled garden OS, and only the official apps can access their APIs. You don't have root on your own phone and it's a brick without remote authentication. Now they can sell you parenting plus many other things as their exclusive cloud service because "the market failed to deliver" and you can't really control what software runs on your own phone, much less your child's phone. This is the upstream problem and we ought to see it clearly and assign the blame correctly rather than trust those who deliberately created the problem to solve it.
jonplackett 14 hours ago [-]
The point is there are much better ways to enforce this - like just setting up proper parental controls on a device.
Kids can’t buy their own phone. So parents can always enforce stuff at a hardware level if they set it up properly. It would be much better to just mandate that phones set up with a kid profile cannot access social media.
tifik 13 hours ago [-]
The problem isn't an individual kids phone. It's their peers devices, or other ways they can explore the internet that isn't under their guardians control. This is a systemic issue that requires systemic approach. I am not making any claims about the qualities of currently discussed systemic solutions, but I do want to point out that the 'parents can just' argument is missing the mark.
jonplackett 12 hours ago [-]
This assumes that it will actually solve the problem anyway. Kids just get a fake account or a VPN anyway.
Addiction is the worst part and that is only going to happen on your own device.
tifik 12 hours ago [-]
All of the kids will get a fake account and a VPN? Putting barriers in place will likely have some effect in the intended direction.
> This assumes that it will actually solve the problem anyway
I wouldn't expect any policy to _solve_ a problem in such a way that the problem completely disappears from the world, much like theft being illegal doesn't eliminate theft, but it sure distinctiveness it for a lot of people.
supertroop 12 hours ago [-]
You do know that many sites don’t work with a vpn. Like this one. You can’t create an account on HN with a vpn. Also, countries are starting to ban vpn ip blocks entirely. In fact, turkey was monitoring tor entry nodes and disappearing whomever provided them. Banned tor pretty damn fast. Vpns can be turned off in a snap.
jonplackett 4 hours ago [-]
Yeah I’m sure the kids are going to be devastated they can’t read HN
Joe_Cool 10 hours ago [-]
They will just rediscover Bluetooth. Kids have always passed around stuff they weren't supposed to have.
Source: I was a kid once, we had no cell phones. Porn on 5.25" floppies was a thing.
Epa095 6 hours ago [-]
Cool, definitely better than endless scrolling on the 'you are not good enough'-machine ticktok.
bradford 11 hours ago [-]
I've been battling with locking down my kid's devices for much of my life.
I haven't found a parental control feature that works: we've tried several, but, generally, nothing survives the 'Hey, I'll just factory reset the device and start with a clean out-of-box-experience' bypass. Kids can figure this stuff out.
Even when we thought that things were under control, kids can easily procure new devices. Many families don't dispose of their old phones; it's not too hard for kids to find an older model that's been sitting around collecting dust, bring it to the schoolyard, and trade it like a baseball card.
I wish I had a good answer, and, distasteful as the age-verification might be, I'm open to such draconian measures at this point. If you say there are better ways to enforce this, I'd honestly love to hear the specifics.
grahamburger 11 hours ago [-]
I'm fairly sure that Android requires parent permission to reset a device if it's a managed child device. Overall, the parental controls on Android have been sufficient for what my family has needed.
derektank 11 hours ago [-]
It seems like it should be relatively easy to create a dead man’s switch that sends you a message after a factory reset, and then you just take away the phone for however long is appropriate. Do most parental control tools just not include that for some reason?
fragmede 10 hours ago [-]
Get an iPhone and don't give your kid the password to the iCloud account. That password is required after factory reset to make use of the device.
hogwasher 9 hours ago [-]
That is definitely a difficult battle to fight, but why do you think kids can't bypass these government-level restrictions just as easily as they can your own? Especially since governments are usually slow to respond to whatever method of bypassing it is used, if they respond at all (especially once it's no longer the topic of the minute).
People can bypass these restrictions with video game character creation tools, with generative AI, with a VPN (something that's very hard to ban in practice because corporations rely on them, and of which some are free), with copy-pasting random ID photos from the internet, with borrowing a parent's or teacher's or other adult's ID, with using a website scraping alternative (some of which can be self-hosted, or hosted by one child for many others) instead of the website itself, and so on. Heck, they can use websites hosted in Russia (or other countries), like a lot of pirates do.
And whatever the easy bypass method ends up being, they'll all end up knowing it, because they go to school and talk to each other, and because they'll always have at least some access to some parts of the internet no matter what.
Meanwhile, these age verifications laws are labeling all the children (who don't bypass it) as children, and that information WILL be leaked, inevitably, as it already has been (from Discord, for example - a service that shamelessly retains and processes every message it hosts, even after the user 'deletes' it).
When ID info is leaked, it leaks the child's age, their real name, and (often) their real address, their phone number, and their appearance. A surprising amount of information might be deducible from any selfie or video that was required. And in combination with an app's other data (or other data about them that has been included in databases and/or leaked and/or shared on the internet previously and which can be matched to them based on email or phone number or username or browser cookies or IP address or etc), it can leak their interests, hobbies, hopes and fears (discussed with friends), favorite hangout spots, the name and location of the school they go to, their regular routines or travel schedules, etc - anything at all that they might have discussed via the app, or whatever might be concluded just by their proximity to their friends (e.g. maybe they don't directly know that a kid lives in X location or plays Y video game, but if every day they talk to a bunch of other kids who definitely live in X location and play Y video game, then they probably live in X location and play Y video game too).
When all that data is leaked, all that data is now available to predators. And it's very, very hard to remove it from the internet after it's out there.
That data, even just from a single leak, could make it so easy for someone to target a specific child, contact them, tailor their lies to seem as trustworthy and likable to the child as possible, anonymously harass them online, threaten them, stalk them, or attempt to persuade them that yes, he does know their parents, and they definitely sent him to pick them up from school.
To me, all these laws seem realistically likely to do is unintentionally but significantly endanger the children they claim to protect. I don't see how it can be anything but a devil's bargain, even if we only "think of the children" and disregard other concerns.
At the least, it should have been proven to be more effective than regular parental controls before even being considered as an option, but so far, it doesn't seem to be so at all. And if there's little to no additional benefit, or we're not sure if there's a benefit or not, or if it's shown to be less effective, then why ever choose it over the regular parental controls that don't carry this huge additional risk?
As to enforcing age limits otherwise, well. I confess I don't think there is any way children won't just find a way around. I think the best defense is just educating children about how to navigate the internet and its potential threats, making sure the children don't see their parents as distrusting of them or oppositional (so that they feel comfortable enough to go to their parents for help or reassurance if there's a problem, instead of hiding the problem because they don't want to be yelled at for being on the internet or such-and-such website at all), and - an element I think a lot of parents miss - making sure they have a lot of appealing options for things to do or ways to socialize outside of the internet. If you occupy their time by indulging their non-internet-focused hobbies and interests (and maybe engaging in them with them, to spend time with them), or letting them visit friends in person, then that's time they're not on the internet and likely don't even want to be. I think that this is the option that best sets up the kid to continue having a healthy relationship with the internet after they turn 18 and are even more out of your control.
That said, as far as device parental controls go: instead of focusing on phone-level controls, I recommend using your router's network-level parental controls, as well as the phone line controls for whatever company you get your data form (if they have a regular smartphone, as opposed to a more limited one, which do exist as an option). For your own wifi network, you can even set it up to use a whitelist of devices so that your kid can't even connect to it from a non-approved device. That doesn't stop them from potentially still sometimes accessing the internet using a friend's phone, but it'd cut down on how the amount time they have that access, and do so more effectively than government age restrictions. And in any case, you also can't always stop them from looking at a dirty magazine that they find at a friend's house, or from reading a hateful tract that someone hands them on the sidewalk, or from watching a terrible channel broadcast on a TV in a diner. But you can potentially influence how they handle it when they encounter these kinds of things.
ike2792 13 hours ago [-]
Many parents don’t have the technical aptitude to set the controls up properly. I am a software engineer and I find it challenging to keep up with the nuances of parental control setup and how to adjust it as kids get older. Content is also imperfectly tagged and smart kids can easily find loopholes in most controls. Having a centralized ID validation system wouldn’t be an ideal solution but having something baked into the Internet itself to help parents shield their kids from inappropriate would be a good thing.
jonplackett 12 hours ago [-]
That’s what I mean by adding legislation to make it automatic.
If it’s a kids device, then it should just block social media as required by the law. I agree that right now it’s difficult to set up - but this is a choice from Apple and Google. Just mandate sensible defaults.
A hardware block is much more effective than anything else that can be faked.
Just have the phone ask ‘is this a phone for a child’ and if you select ‘yes’ then it’s done.
anthonypasq 13 hours ago [-]
This is not how any other thing that is banned for children is enforced. It makes no sense.
The person selling the age gated item needs to take lawful measures to ensure they arent selling it to a minor. Their parents have nothing to do with it.
Your solution would be that if a 14 year old walks into a liquor store and doesnt have a note from their parents saying that they arent allowed to drink alcohol, then the store should be able to sell it to them.
knome 12 hours ago [-]
mandating devices provide a `NoAdult` setting, so so browsers could check it and then send something like a `x-NoAdult` header would give websites a reasonable method for distinguishing minors (or people that just don't want adult content).
it's the old 80s/90s bead curtain separating the adult movies area from the rest of the video store. it keeps kids reasonably separated, and leans on parents making their kids mind. I think that's a reasonable target.
it would work without forcing every internet user that wants to use a given service from having to submit government identification, go through interviews, or sign up to massive centralized identification systems that will inevitably track every movement people make online.
if history is any indicator, those things will lead to breaches and abuse, and people's privacy will be violated.
if there's a legally mandated way for parents to stop their kids from peeking through the internet's bead curtain, that should be sufficient for most purposes.
if the argument is that bad or foreign websites might not implement it, it's not wrong, but that same problem exists with the mass-surveillance methods as well.
if you keep going down the path of forcing everything, eventually you end up with a national firewall, vpns are illegal, anything that can provide anonymity or pseudo-anonymity online is illegal, no one has privacy, and busybodies will spend all their time hunting folks for liking things they don't want them to like when the inevitable breaches come.
to your last point, sure, a 14 year old shouldn't be able to just wonder into a liquor store, but a 40 year old should.
jonplackett 12 hours ago [-]
The proposed solution though is that all adults going into the store have to provide their full name and address and have it recorded by the store to buy alcohol - or any other +18 product they want to buy. These things are not equal.
tifik 12 hours ago [-]
And that is where details matter. You can implement age verification in such a way that no data gets transmitted anywhere. Ofc I wouldn't expect Meta to not take a chance of collecting even more user data and blame a law for doing it, but if the law is written well enough, it won't mandate a specific method. If it does, definitely oppose it imo.
jonplackett 4 hours ago [-]
You can - but currently it’s all just done with random private companies that I would not trust with my email address never mind my passport or adult preferences.
Again - apple’s on device verification is a good idea for this. Apple just sends a ‘yes this is an adult’ message to reddit for example and now I can again participate in chrome up discussions.
txrx0000 11 hours ago [-]
Age verification implies that some authority, usually the tech company, checks your age. It's mandatory personal data harvesting. A method that doesn't require data to be transmitted anywhere is just local permissions and filtering. The tech company should broadcast the metadata of the content they're serving, then the decision to filter it should be made on the client-side according to the device owner's preferences. But big tech is constantly trying to sabotage this permission model by removing root from phones, mandating cloud accounts to use your computer, etc.
Joe_Cool 11 hours ago [-]
Wasn't there a (proposed) "standard" in 90s (eMediaMark, I remembered) that just added a Header to HTTP in order to have ancient browsers automatically filter adult content.
That would easily be enforceable by making a "kid mode" enabled and locked down by a parent with a password mandatory on devices. Then you could have something like this:
eMediaMark is now Internet Content Rating the stuff I was remembering can be seen here: https://icr.chit.eu/
You can just take that, it's been there for decades.
Aunche 12 hours ago [-]
> like just setting up proper parental controls on a device
This is literally what is being written into California law. The OS will have an "age flag" that is configured at device setup that passed to other apps. The law explicitly was written such that it wouldn't need identity verification, but that isn't stopping scaremongers claiming it as such.
12 hours ago [-]
lugu 12 hours ago [-]
I am curious if you know how to enforce this on a general purpose computer.
jonplackett 4 hours ago [-]
This isn’t that hard to solve.
Kids have their own account on the computer.
Make it the law that if a computer account is set up as a kids account it must send some kind of not-adult header with all requests. Enforce that in the OS so it can’t be messed with.
Leave non-kid accounts alone.
Make it the default thing that happens if you set it up as a kids account so anyone can do it.
bluebarbet 12 hours ago [-]
Thinking aloud here, but perhaps the answer is in the question: general-purpose computers get a free pass. Point being that kids generally don't use such things. Because otherwise I have exactly the same question as you. It's an existential question for software freedom.
ozim 13 hours ago [-]
Problem now is bunches of parents don’t give a damn. So if your kid gets phone locked up others will make fun of him at school and kid might be outsider.
Other parents are the problem, not technical setups.
protocolture 13 hours ago [-]
Ok but everyone suffering because some parents are bad seems like a shitty policy.
ozim 5 hours ago [-]
It is not „some parents”, problem is really big.
rustcleaner 8 hours ago [-]
>There's no controversy in having drugs, guns, alcohol, porn and other things 'behind the counter'
There is controversy! My grandfather and his schoolmates all regularly brought hunting rifles on their trips to the schoolhouse and home (1930s), to hunt opportune meals. There was never any problem with school shootings, which IMO are likely the fault of the prison-authoritarian style that schools morphed into during the latter-half of the 20th century. He had me drink shots with him when I was under 10 years old, because he wanted to make sure I knew drinking was ultimately a boring, uninteresting, stupid activity. Alcohol was always available and I was even welcome to partake anytime (as long as I did it at home)... I hardly ever touched the stuff, and still don't even now. He was a police officer and firearms instructor in a big midwest town, he even taught me how to shoot around that age. He taught me that government is neither god nor good, it is just raw power that has to steal from someone to give to another.
I miss my grandfather so much!
Also, thank goodness my folks were computer illiterate; I never had issues with blocking software (though I would probably have defeated any... easily). I grew up looking at porn and gore occasionally from my very early teens. Maybe try teaching your children about the world instead of hiding them away from it?
knollimar 13 hours ago [-]
I think you'll find some parents feel that way about digital porn, too. There's a difference in supporting these laws from a privacy standpoint, esp that router and cell provider based controls are effective
hammock 12 hours ago [-]
> It's absolutely a slippery slope
The slope has already slipped.
This is IDENTITY verification, not “age verification.”
You cannot verify your age without uploading your ID.
nly 12 hours ago [-]
In theory you could do this with 3rd party verification and zero knowledge proofs orchestrated by the users browser.
This will never happen of course because the objective is to track your every move. The government want to know every pseudonym you use on every website.
prolly97 13 hours ago [-]
At least half of the people in this thread survived growing up with access to social without age verification.
And I'm pretty sure we've all had an encounter with some creep in some random chat room too.
We talked about these things at school and at home.
Don't share things with people you don't know etc.
Idk if it's illegal to tell kids what to do these days. But when I grew up, we were occasionally also told to get off the computers and touch grass.
I hope I'll get to raise my future kids myself. I think I can do a better job than the government :)
bluegatty 13 hours ago [-]
"we've all had an encounter with some creep in some random chat room to"
My parents generation survived lead in gasoline and they never wore seatbelts or helmets.
"I think I can do a better job than the government :)"
Is exactly what their parents said about the government telling them they have to get their kids to wear seat belts and helmets.
I don't think this argument works for two reasons:
1) It don't address the materiality of the concern.
If 'creeps in chat rooms' are causing material harm, it's an issue, then youre making the 'anti vaxxer' / 'anti seatbelt' / 'anti helmet' argument.
I'm not saying you are - if 'creeps in chatrooms' really is a 'lesser issue' - then you're not making a bad argument at all.
The real issue is the 'materiality' of these things.
'Creeps in chatrooms' is a harder thing to assess, but it's real, if it is real, we can't just dismiss it.
2) "I think I can do a better job than the government "
If someone wants to protest the governments current age restrictions cigarettes - and also not vaccinate their kids - that's a choice.
But this argument is usually made by people who don't have kids in their life and haven't yet realized that 'the all or nothing internet' is not really a choice, it's chaos.
Lack of very basic regulations means people aren't afforded the opportunity, in a way the government is dictating that 'kids will get guns and porn and that's it'.
The alternative argument - is that we can have age restrictions and parents can then be in a position to actually be parents, and make a choice.
'Slippery slope notwithstanding' ... because it's a complciated issue
lugu 12 hours ago [-]
Soon enough you will realize that kids spend more time with their friends than with their parents. Most parents want their kids to be curious, build autonomy, and feel free. For this to work, they need a safe space. There are to place to enforce a policy: client side (parental control) or server side (age verification). Personally I don't want to transform my kids general purpose computer into a locked down infotainment machine. I think it would be a worst society if the norm becomes "this is not your device".
201984 12 hours ago [-]
How are kids supposed to have a safe space "to be curious, build autonomy, and feel free" if they can't get out from the authoritarian hands of their parents or their government?
cindyllm 13 hours ago [-]
[dead]
protocolture 13 hours ago [-]
>At least half of the people in this thread survived growing up with access to social without age verification.
I was like 8 - 10 years old, I wandered into the "Adults Only" chat room on Microsoft Networks (Oh sweet, I thought, they have a small pen to keep the boring adults in, better check on them) and said "Hi everyone my name is X and I am Y years old" and everyone was nice to me and said hello. I got bored and left.
asjgGa6 1 days ago [-]
There isn't much left of the free Internet anyway. Search engines no longer work, all discussion forums are ranked/censored by interest groups, mail delivery is between large entities.
Maybe we need an alternative set of root servers for a free Internet.
Bender 22 hours ago [-]
I would suggest that we should not conflate the internet with these corportate platforms. The internet still works fine for now. I can still stand up my own DoH resolvers, forums, chat servers, email servers, DNS servers, vpn servers, etc... Many social circles are bound to have a tech-nerd one or two layers removed. That used to be a pejorative.
The hardest part is the psychology. People think they have to be on the big platforms as that is where their friends and favorite streamers are. Willpower can bring back the old platforms onto the current fast internet. Critical and free thinking people can choose to ignore the big platforms if they wish. People can go to local stores to buy most things. There are arguments for and against all these points but I am choosing the aforementioned options and accepting the psychological challenges.
People can use old style self hosted platforms as a "fallback" and once people realize it is more private and they can speak freely amongst their friends it can get comfy real fast. Glowies are seething.
Some friends and I have private forums and chat servers. We talk shite all the time about Reddit threads yet none of us have Reddit accounts. We talk about HN threads, brain rot on Twitster and many other platforms free of censorship, free of voting brigades, people trying to force narratives, etc... Oh and most important, free of "AI".
HerbManic 14 hours ago [-]
In a way it is the bad players that are ruining it. Yeah I can setup all manner of servers for this stuff, but the instant I miss a patch or a patch is late to be developed and you can be compromised in no time. And unfortunately it just becomes a game of endurance between you and the army of folks trying to crack systems open.
I have said it for decades, if there weren't bad players then we wouldn't need any of this security. That is a very utopian idea.
I have thought that a way to put people off is to have such an anaemic server that they wouldn't bother. Like a tiny RiscV board running Haiku that delivers basic HTML and email. There is little incentive to raid that thing. I haven't thought this idea through much however.
Bender 14 hours ago [-]
For what it's worth I have been running my own things since the 90's and not yet compromised. I disable the CPU mitigations and have a minimal firewall configuration. I do keep things patched and keep an eye on news regarding the public services I run but only enough that I can still call it a hobby. I try to only expose daemons that have been battle hardened on the internet for decades. In the early 2000s I ran phpBB and that was a little risky and did require hardening php.ini
There really isn't anything utopian however, it's just a hobby and a way to let friends communicate without big brother putting their peanut butter in our chocolate. If you don't feel comfortable tinkering then of course don't. Never feel pressured. One can always start off sharing their services with a few friends and not advertise it globally. Find a hacker friend that can help pen-test your stuff. Perhaps even restrict access to your friends IP addresses or the CIDR blocks of their ISP's to limit access. Or use wireguard to restrict access to a VPN. If it's a web daemon just adding simple authentication with obscure usernames and good passwords in front of it will get nullify most of the bots until one is comfortable sharing it with the world.
Probably one of the riskiest things I have set up was just this week exposing Unbound DoH to the internet. Unbound has had a handful of security issues in the past. The HN crawling bots are getting confused by this weird thing listening on port 443 but they just can't figure out how to connect to it. If it gets popped I will just nuke that VM and revoke the cert. There's nothing sensitive on it.
gorgoiler 1 days ago [-]
Outbound mail gets harder every year as opaque reputation systems flag mailer daemons as false spam positives.
Inbound mail on the other hand — notably, the OG form of Internet identification — is very achievable for a stick in the mud to set up.
Losing one’s Gmail account would likely have very little impact on one’s ability to send mail, but no longer being able to receive mail at a given address can be devastating. Set up your own domain!
dredmorbius 1 days ago [-]
And content is increasingly produced for, and by, machines. Human initiative and/or access is increasingly incidental.
It's easy to create an alternative. The problem isn't that, it's keeping that alternative clanker-free. (As well as free of all the other enemies / plauges on the useful, generative, Internet.)
2001zhaozhao 1 days ago [-]
> keeping that alternative clanker-free
which brings you right back to verification...
EarlKing 1 days ago [-]
Verification tells you that a human being is behind it, not that a human being made it.
dredmorbius 1 days ago [-]
Perhaps, but in both cases, I think that the principle problem is attempted control at the wrong portal.
Rather than individuals or devices, residential / mobile / business service providers should be able to vouch for personal traffic and be in a position to validate patterns of use without undue profiling of specific activity. That is, just looking at the encrypted traffic patterns (rather than MITMing SSL/TLS or other secured comms) should show usage that's typical vs. atypical / malicious.
Traditionally, service providers of all stripes (email, ISPs, Web, etc.) seem to have focused far more on ingress security than egress security, or potentially malicious traffic from within their own networks. That's got to change, it's ultimately a hygiene question.
For residential and mobile Internet, accounts are managed at either the household or individual level, and it should be possible to provide attestation and reputation management (as well as, perhaps, broad-based subscription access to compensated content) at those levels.
For commercial access things get more complicated, particularly where a location might provide public Internet access (e.g., public WiFi), or have a mix of human and system-generated traffic at an office, commercial, or industrial site. Still, there should be both well-established patterns of use and indications of anomolous or malicious traffic possible here.
Another option for smaller human-scale networks (e.g., Fediverse / Mastodon / PeerTube / Pixelfed / Lemmy / WriteAs networks and the like) is a mix of harder authentication (Yubikey or NFC-based wearable authenticators, perhaps) as well as a more manageable human-scale moderation (1:1,000 or 1:10,000 scales far better than 1:1 million or 1:1 billion services), allowing for both oversight and keeping the opportunities / benefits of malicious use limited.
The comment I'd originally responded to had me thinking of under-delivering federated systems such as Gemini (the lightweight Web protocol, not Google's AI) or Diaspora* or countless web boards and wikis which ended up overrun by spam and abuse. Simply saying that you're going to re-invent things at small scale in no way means you'll succeed. The ecosystem's changed, the pathogens are far more numerous and capable. Modern systems and networks (social or otherwise) must face those facts head on, and not ignore them or pretend they don't exist.
I think we're going to end up with some form of cost-based (though not necessarily financialised) reputation management systems. I'd very much like to see those not being terribly invasive of privacy, or putting extreme barriers to those with limited means or technical knowledge. It's a tough problem all the same.
cobertos 1 days ago [-]
Would be nice to see something referral based. If you don't like X, block them. If X invited Y and Z and their invites behave poorly, you can block the whole tree. Kinda like lobste.rs referrals but for wider internet
I guess the correlary would be like how you can block an entire ASN if you find a lot of abuse from it, but at the human-network level.
dredmorbius 19 hours ago [-]
There are several problems with this.
Aside from social dynamics, a chief issue is that if you're relying on this as a mechanism for content filtering, personal relations have low predictive value.
E.g., I may really like a person's content, but not their curation or referrals to other accounts. Conversely, I might not care for a person, but their recommendations may be excellent. More common might be the case that a given account produces little or no content of their own, but makes reliably predictable (either good or bad) recommendations, which would be useful for further filtering. Or the highly verbose individual who emits a constant stream of near-drek, but an occasional diamond.
Content production, content curation, and talent spotting are all distinct skills. Success or lack in any one says little about the others. This is where Bayesian indicators (including relationships and referrer / invite relations) would probably be more robust.
That said, tainting an entire invite tree is likely useful, with a caveat that if a particular invitee has an independent, untainted, relation, they might be worth following.
In practice what I've found most useful is to have a pretty tight primary list of follows, ~50 or fewer, and a slightly broader secondary list. Allow recommendations be default (that is, re-shares / boosts), but curtail those too if problematic. Be quite liberal in blocking / muting anything in the least bit annoying or problematic.
Or participate in a selective group with excellent moderation. HN isn't quite there, but it approaches this ideal more closely than any other major forum I'm aware of presently.
AuthAuth 1 days ago [-]
Just peeping Fediverse for a few years i can only imagine how toxic that would get. It would be a constant ideological war.
beej71 1 days ago [-]
The trick is to stay small. If your network only has a few millions of people, nobody targets it.
tumult 1 days ago [-]
Not true at all. Even small, insular, just-a-few-hundred users PHPBB-style forums have to run Cloudflare or Anubis to try to stem DDoS-style scraping, and have a constant patrol of moderators to stop AI spam posts.
pocksuppet 10 hours ago [-]
Not true. You can also make your code fast enough so your server doesn't get overloaded by three requests per second. Then you can just handle the requests.
tumult 2 hours ago [-]
I agree with you that the PHP forum software is not fast at all. But, try hundreds of requests per second, including requests that require text searches.
Also, uh, how does speeding it up that help with the AI spam? (Sorry, I should have emphasized that part of my most more, since that's mostly the topic of this sub-thread I was replying to.)
1970-01-01 1 days ago [-]
Already exists: Opennic.org
smitty1e 1 days ago [-]
The future is balkanized.
Occasional communities may survive in a walled garden fashion.
Sorry, Tim Berners-Berners-Lee.
NoMoreNicksLeft 1 days ago [-]
>Maybe we need an alternative set of root servers for a free Internet.
Can't even do that. We'd need (ultra?) stable IP addresses, and the entities in charge of those don't hand them out anymore. We've sort of been cut out of the basic infrastructure to let us build stuff a second time.
pocksuppet 10 hours ago [-]
You can still get a block on the grey market for (I believe) currently a 4-digit payment, which is not free, but it's quite accessible if you have any serious usage at all.
(It will be officially transferred to your name - there's nothing grey about the blocks themselves - the greyness is that RIRs officially forbid selling them, but they can't really do anything to stop it and they don't forbid buying.)
IPv6 blocks are still available from RIRs and you don't really have to care about anyone stuck in the 1980s if you don't want to.
Also each of the root servers is itself run by a different organization. If you had some clout, you could ask them to also host your alternate root server on the next IP address. Half of them are anycast blocks which means they likely have 253 addresses free as anycast blocks aren't really shareable.
jvvw 21 hours ago [-]
As a parent of teenagers, I feel like the sites make it hard for parents.
When they were young, you had a choice between YouTube being completely locked down with no option to whitelist channels or letting them watch almost anything (although I think this has changed since but it's too late now for those of us with children that age).
Now, there is no way I can whitelist contact/groups on WhatsApp or Discord servers/friends. Once they hit 13, pretty much any option to restrict anything feels taken away from you as a parent.
Luckily, I have sensible children (I think!) but it's really hard as a parent trying to both be reasonably responsible, but not deny all technology, it's really hard to navigate a sensible course.
dfxm12 14 hours ago [-]
You gotta understand, the owners of these sites don't care about you, your kids or a good user experience. They care about serving ads, tracking your behavior and selling that behavior data to the highest bidder. If they get to your this behavior to your government ID, it will probably make it more valuable.
There's also a lot of room between YouTube (or even social media) and all technology...
sumanep 15 hours ago [-]
Safe Vision app
falkensmaize 1 days ago [-]
One very simple way to give parents control over what their children see and participate in without violating everyone else’s privacy is to create adult and social TLDs and require these sites to migrate to them. So instagram.com becomes instagram.social, etc. Then mandate that all consumer network equipment mfrs and internet providers provide easily accessible ways to block these TLDs. Maybe combine that with some public education materials to teach less savvy parents how to do this.
Now you’ve given every parent a way to easily mass block all adult/social sites/apps if they want and no one’s privacy need be compromised.
drblast 14 hours ago [-]
This idea has been around as long as the web, but you can't get momentum behind it.
A much better idea was a .kids domain where the content was vetted, and you could allow-list your child's device to that. Much easier than trying to migrate everyone over to specific TLDs, especially when that ship has sailed already. But that never got traction either.
Edit to add: I used to work on "family safety" software. Blocking bad content doesn't work - it's too difficult of a problem. Walled gardens do work, however. The fact that there's not a push for the equivalent of an Apple App Store for kids is probably evidence of ulterior motives on behalf of regulators.
ryandrake 11 hours ago [-]
One of the problems is the binary nature: we lump everyone between 0 and 18 years old into a "kids" bucket, but the content appropriate for a 17 year old is very different from the content appropriate for a 4 year old.
My family has tried the curated "kids" content from the major players: It's junk and not going to be interesting to a teenager. Your 14 year old is not going to be satisfied with a version of Netflix that's all Bluey and Daniel Tiger. And your 5 year old probably shouldn't be watching stuff that's made for teenagers. But our regulatory hammer knows only "kid" or "not-kid". You can't make a single walled garden.
Even within a single age. My 15 year old might not be ready for content that your 15 year old finds to be routine. How is YouTube going to know what is appropriate for any given 15 year old? Walled-off content and numerical age gating is just not a workable solution.
Cthulhu_ 1 days ago [-]
This only works if ALL TLDs become strictly regulated, which goes against the idea of a free, open and distributed internet.
And even then, what about social networks showing porn? Chat apps like Whatsapp and Discord having porn etc groups?
Any platform that accepts user-generated content, from Pinterest to Ebay to forums, etc can host it. And that's just what's on the public internet.
numpad0 15 hours ago [-]
You're massively underestimating rule interpretation skills of horny teenagers and gambling game developers. Total segregation based on actual solid cold hard ruleset is pure gasoline to them.
harshreality 1 days ago [-]
There was some optimism with .xxx that adult content producers would voluntarily switch over. Spoiler: almost none of them did, except for domain name availability reasons.
xeonmc 1 days ago [-]
Plot twist: in a few years all the indie and counterculture web appropriates .xxx domains to evade AI crawling and legislative interference.
cobertos 1 days ago [-]
And then suspiciously the .xxx registry jacks up the prices to herd everyone back
palata 1 days ago [-]
What this misses is that many parents do allow their children to access social media because kids need to conform. If all the other kids have social media access, your kid is excluded by not having access.
Is it better to have TikTok AND friends, or no TikTok and no friends? Sure, the best is no TikTok and still have friends, but you can't always have it all.
pmg101 14 hours ago [-]
It seems to me that the supply of friends is more or less unlimited, such that it's pretty reasonable to apply filters when choosing who to befriend.
"Also not using tiktok" could be one such filter.
hawaiianbrah 13 hours ago [-]
That may be true in theory, but not so much in practice where they only have so many people in their classes and extracurriculars.
j1elo 22 hours ago [-]
At last the best option is to have the cake but not eat it too!
hdgvhicv 1 days ago [-]
Just add as an SRV or TXT dns record. Give the power to the owner of the device to allow it or not.
1 days ago [-]
account42 20 hours ago [-]
Using TLDs as any kind of categorization has failed long ago.
enoeht 1 days ago [-]
Reminder that the internet was created to be live and a indestructible means of reaching one and another, none of what you wrote can meaningfully do what you think it would.
Failing in parenting and lobbied politicians (regulatory capture) on the other side.
thefz 1 days ago [-]
I don't get why a problem specific of parenthood should apply to everyone else. Don't give your kid a smartphone then.
Cthulhu_ 1 days ago [-]
This is such a naive take, I see it a lot. Have you considered they can:
* Buy one themselves
* Get / use a friend's
* Use public internet access points
* Need one for school
* Use the smart fridge / tv / gaming console / anything with a browser
* Access stuff in Minecraft, Roblox, etc
You can only stop it by going offline and raising them in a cabin in the woods, which is a whole other thing.
What you can do is give them The Talk, of course (but that only helps / prevents to a point, it's more to prepare them for what they may find or how they can identify problematic things). And the other is to push back as a community effort, with e.g. many schools banning kids from having phones in the first place.
trashb 1 days ago [-]
Have you considered that even if unwanted material was only accessible in physical form with age restriction for buying. Like porn magazines, cigarettes or alcoholic drinks, kids can still access them and find a way around it. You can ask older generations. Perhaps you can't stop it by "going offline and raising them in a cabin in the woods".
Best is to assume they have access to it one way or another if they seek it. The discussion should not be about banning vs allowing, it should be focused around how to deal with situations that arise regardless.
Education about the subject and why kids shouldn't seek access is quite effective, additionally they will be informed once they are allowed access. Think about how the last decades saw a sharp decline in smoking and alcohol consumption.
pluto_modadic 14 hours ago [-]
I think the earlier commenter is right. If a parent fails to... well... "parent" that's on them. Locking down the internet to republican-approved sites only is not the answer.
palata 1 days ago [-]
I can see that you don't get the problem, indeed.
One problem (there are others) is that it's not always possible (or easy) to not give your kid a smartphone, or access to social media.
Imagine that your kid doesn't have those and is having a hard time at school because all the other kids do have them. They have a whole culture based around those, and your kid is excluded from it. What do you do? Tell your kid that it's okay to wait 10 more years before hoping to not be excluded?
dyauspitr 1 days ago [-]
Block how? You can block sites now and all it takes is a proxy/vpn to get around it. Nothing short of personalized age verification will work. The best we can do is make sure the age verification system is centralized by the government. The client sites can’t see who you are and the centralized government server should not be able to see the sites you visit.
The only way this can go wrong is if the client sites collude and publish their visitor logs and then the government can do the legwork to identify you. But even this is pretty easily bypassed if you use a VPN.
_heimdall 1 days ago [-]
Whether such a system could be bypassed by a VPN would depend on exactly how the age verification works and whether said government decides to ban the use of VPNs.
More importantly, I don't personally have any faith that at least the US government could properly define and build a system that is reliably and provably resistant to tracking. The government has incentives to want to know what sites a person visits, the NSA would be loathed to allow that opportunity to go unused. The government also likely doesn't have the skills or resources to do it in house, I'd expect them to outsource it at an absurd cost to a third party that would also have incentives to want to track usage data through the system.
dyauspitr 1 days ago [-]
I don’t mean bypass as in get around the verification system I mean bypass as in its one flaw can be mitigated by using a VPN.
1 days ago [-]
imtringued 1 days ago [-]
>Nothing short of personalized age verification will work.
Specifically, daily personalized age verification by the specific app/website, not by a third party.
>The only way this can go wrong is if the client sites collude and publish their visitor logs and then the government can do the legwork to identify you.
Well, the government has the right to request proof that the company in question is properly conducting the age verification process. This means that the companies performing age verification will keep your personally identifying information (PII) and maintain an association between your PII and your account/activity on the platform.
On a different note, the government has the right to gather evidence of criminal activity, where the definition of "criminal" is under their discretion and if there happens to be a convenient stash of information that can be linked to your person, that's just a happy coincidence.
hypersoar 1 days ago [-]
The article says that California "will require identity verification at the operating system level starting in January 2027", but that isn't true. The bill [0] only requires that operating systems collect age information on account setup and then provide which of four buckets the age falls into. It's not requiring any kind of identity verification by the OS. It's just a box you fill in when you set up the computer.
I think that this is actually a reasonable approach. It minimizes the information shared and doesn't create any identity tracking regime.
This put the power in the parents hands. They can set up their kids computer with a kids account and then all software and web services can just ask the OS if the user is an adult rather than all requiring their own ID verification.
nodrog3000 1 days ago [-]
Forcing all OS to do this is a bit of overreach though no?
If you want to keep your kids safe get an OS that supports it?
Why is it the state’s responsibility?
idle_zealot 1 days ago [-]
It's the State's responsibility once something affects enough people. That's why a law like this makes sense but should exempt OSes under some number of users. It's not great that we have such a harsh divide between "do whatever you want so long as not too many people are bothered" and "alright now the people have spoken and it's a State/national law," but it's the system we have and better than the people only getting a say with their wallets.
mhotchen 1 days ago [-]
This conversation makes me wonder if age verification at the system level could be considered an externality for its cost to society as a whole, and the solution be to collect tax from any commercial sale of a desktop OS that doesn't implement a defined open standard. If there is any money raised it could be used for eg. education pieces on harm and harm reduction
Maybe it doesn't work in this case, but I think you both make great points. Just feel like there must be a way of bridging this gap
true_religion 1 days ago [-]
I think it only affects devices that are sold. So free software, you install yourself won’t meet that theshold.
kakacik 1 days ago [-]
Well it may end up with some porn-hungry kids compiling their own Unix core build on their own, not a bad even if unintended direction
pfraze 14 hours ago [-]
OS-level is so much better than app-level. App-level means redoing the work for each app and increasing the odds of issues.
bryan_w 1 days ago [-]
The state requires things sold to meet a bare minimum of safety. Cars sold require seat belts, movies/games sold require ratings. Devices sold have a meaningful parental controls flow.
godshatter 20 hours ago [-]
Seat belts aren't forced on you - if you want to not use them and face the risk of fines, you can do so. Media ratings systems are informational, you can choose to let your kids watch R rated movies or above. Are they going to let parents have a choice when it comes to parental controls? What about non-parents?
That's my gripe with the age verification systems I've seen, there is no room for parental choice and no consideration for people that are adults and don't have kids using their computer.
anthonypasq 13 hours ago [-]
If something is illegal for kids to access it is illegal and therefore parental choice is being overriden by the state just like every single other thing that is illegal for kids to do such as smoke cigarettes, do drugs, drive etc.
14 hours ago [-]
Gigachad 1 days ago [-]
I don't think it is overreach since its fairly simple to implement and non obtrusive. We have had multiple decades of failure from tech companies already to prove that they won't act on their own.
If you are putting individual parents up against Meta, Google, etc, the big tech companies easily win. As we have seen already.
nocman 1 days ago [-]
> I don't think it is overreach since its fairly simple to implement and non obtrusive
Those two things have absolutely nothing to do with one another. Something being easy to implement is completely unrelated to whether forcing its implementation is overreach.
pocksuppet 10 hours ago [-]
Which is why s/he mentioned both of them. *This* law is simple to implement *and* it's unobtrusive. It's actually a really good way to solve the problem without creating privacy concerns.
malwrar 9 hours ago [-]
How do you verify someone’s age reliably without identifying them? Unless there’s some standard around zero-knowledge proofs they’re implementing that I’m not aware of, they’re probably going to end up identifying everyone as part of this system, since kids will try and bypass it and parents will demand it be made more robust. Kids will still bypass it no matter what we do.
kelseyfrog 1 days ago [-]
Its the responsibility of legislators to reflect the legislative will of the people.
j45 1 days ago [-]
The issue is it's a few incremental steps away from nto being that way and the first step is really the issue.
idle_zealot 1 days ago [-]
I think the part that's the issue is the one where they mandate age verification. They're going to try that either way, the worst thing this could do is get people accustomed to the idea, but in practice the operating system they use already asked their age.
HerbManic 14 hours ago [-]
Just look at how far privacy has slipped in the last 25 years, it won't take another 25 to get there. Maybe less than a decade.
Animats 1 days ago [-]
So, to post something in 2027:
- You have to have an approved browser.
- It has to be installed on an approved platform, Google or Apple, for which you have a valid account.
- You have to have an account on the posting platform.
- You have to get past moderation on the posting platform.
That's without age verification.
Cider9986 1 days ago [-]
You can't sign up for a Facebook account without giving a live selfie.
Any image of your family you post will be scraped by Clearview AI, bypassing the restrictions that make it hard for you to create accounts, to create a worldwide facial recognition system.
simulator5g 1 days ago [-]
Well yeah, Facebook has been a data harvesting scheme from the beginning. It was originally called LifeLog. It is not part of the “free” web.
Cthulhu_ 1 days ago [-]
Indeed, well before Clearview, Facebook demonstrated they can identify faces and asked people to tag people in it, creating one of the earlier massive facial ID databases.
TheOtherHobbes 1 days ago [-]
FB's policy on this is patchy. I've known people who have had accounts for years, who were suddenly asked to provide a selfie - often after posting political content. Their accounts were then either locked down permanently, or unlocked.
I also know people who created accounts from scratch without needing a selfie while connecting exclusively through a VPN. (Only some VPNs, work apparently.)
Supposedly FB uses device ID tracking, so if you're picked for selfie ID on a device and try to create an alt, you'll be selfie-ID'd again.
Using a different browser on desktop solves the problem for desktop but not for mobile.
And so on. Basically it's doable, sometimes. And sometimes it isn't.
tencentshill 20 hours ago [-]
Seems fairly robust. So why is spam and misinformation so incredibly rampant still?
LazyGooze 1 days ago [-]
just use a video of a video game character and pause the video at the required face positions
asdefghyk 1 days ago [-]
[flagged]
drivebyhooting 1 days ago [-]
It gets worse.
Banks now require pictures of faces to fucking close the account and pull the money out.
KellyCriterion 1 days ago [-]
ATM are taking a picture when withdrawing since decades :-)
IAmGraydon 1 days ago [-]
You find it to be a negative that banks require identity verification to drain an account? Personally, I would refuse to keep my money with a bank that doesn’t do this.
drivebyhooting 1 days ago [-]
The relationship was established decades ago and they accept money and direct deposit still with no KYC.
But to get the money out? Oh no! We need a picture of your face!
And there’s no option for going in person.
jpc0 1 days ago [-]
> The relationship was established decades ago and they accept money and direct deposit still with no KYC.
Having just gone through the annual KYC checks required by my bank/s I don't think this opinion stands universally.
Can also confirm to open an account I need to provide a live selfie and verifiable government ID.
lII1lIlI11ll 14 hours ago [-]
> Having just gone through the annual KYC checks required by my bank/s I don't think this opinion stands universally.
What is the "annual KYC check"? Your bank is afraid you became someone else during the year or what?
rockskon 1 days ago [-]
Asinine requirement by whatever risk management firm they use. A selfie provides nothing in terms of lasting security while simultaneously adding permanent risk.
roysting 1 days ago [-]
Have you ever considered that it’s a front? You may think that store that never has customers is just run incompetent business people, but in reality the real objective is not the one you believe it to be, and it’s actually great if you were to refuse understanding that.
rockskon 19 hours ago [-]
I've found that framing topics like this as primarily a pretext for different motives is a sure-fire way to be ignored by people you may want to convince.
As always, the goal in convincing others is to take someone from their current understanding and bring them closer to yours. You can't get there if you don't start the topic at their current understanding of it.
ethmarks 1 days ago [-]
> they accept money and direct deposit still with no KYC. But to get the money out? Oh no! We need a picture of your face!
Unauthorized deposits aren't nearly as much of a concern as unauthorized withdrawals, right? I'd imagine that there are far fewer malicious actors that try to deposit money into random bank accounts than there are ones that try to withdraw money from random bank accounts.
> And there’s no option for going in person.
Won't an in-person bank also take pictures of you via security cameras? I don't really understand your objection here, could you elaborate?
rockskon 1 days ago [-]
A bank's security camera feed isn't likely to be sold to dozens of companies.
It is all but guaranteed for Internet-based facial recognition services.
Hacked facial recognition data already is reportedly being used by scammers to not only bypass bank security but also to impersonate people to target their loved ones.
There is no lasting security gain by providing a selfie. There is a lasting security and privacy loss, however.
SiempreViernes 24 hours ago [-]
So that's the concern? But GDPR solved this, just don't consent to them selling your likeness for AI training purposes.
rockskon 19 hours ago [-]
Trusting untrustworthy companies aside, that doesn't resolve the issue of hacked facial recognition data.
Even back in 2014, malware was coming out that steals facial recognition data directly from smart phones themselves.
Additionally - furtherance of facial recognition technology would impact travelling to foreign jurisdictions.
One of the most common ways foreign travellers get flagged when travelling internationally is for social media posts made under their own name that their destination country's government may not like. Traditionally if you've kept yourself pseudo-anonymous, you've largely been safe. But if we get to a point where pseudo-anonymous accounts are associated with pictures of people's faces, it will become significantly less pleasant to travel internationally for a lot more people.
rockskon 11 hours ago [-]
*2024, not 2014
bluefirebrand 23 hours ago [-]
You have way more trust for these companies actually following laws than I do
drivebyhooting 1 days ago [-]
It used to be that you could expect to not have your likeness captured and transmitted to third parties for their AI model training and who knows what other nefarious purposes.
It seems like all expectation of privacy and anonymity evaporated in the last 5 years.
GeoAtreides 1 days ago [-]
> they accept money and direct deposit still with no KYC.
WHAT? No KYC? what are those banks?! I have friends in South America who would pay really good money (cash) to know
kelseyfrog 1 days ago [-]
The option for going in person involves a balaclava.
Cthulhu_ 1 days ago [-]
I'd consider it a negative that they trust a shitty webcam / selfie camera to cut the expenses of having an actual office with trained personnel.
Who aren't flawless of course, but selfies have been easily circumvented with photos or video game cameras.
Hell, at one point we had to implement age verification for a Japanese tobacco product website via a 3rd party vendor, I just used the wiki page's picture of a Japanese ID to test it, worked fine.
megous 22 hours ago [-]
Yeah, it's ridiculous in an age where you can have backgrounds replaced on the fly in video calls.
iririririr 1 days ago [-]
most banks using faceid won't accept you go to a branch. because they contract with a provider who makes more money from building and selling a database than to fulfilling the contract with the banks.
rockskon 1 days ago [-]
Do you have proof of this? This comes off as conjecture.
iririririr 19 hours ago [-]
ask you ai chatbot or do 5second google search.
all banks contract with fly-by-night faceid providers who have zero oversight or provide no governance info anywhere.
rockskon 19 hours ago [-]
I did Google this. It seems to be a small number of banks doing this right now. A far cry from "all banks".
Maybe we'll get there eventually? But you should be more wary about making such absolute claims.
somewhatgoated 1 days ago [-]
It’s the end of large scale “global village” social media - good riddance if you ask me; I’ve left it years ago for more private spaces.
I wonder though how it will affect places like 4chan. I don’t really know if it’s still as anonymous as it used to be but that’s like a cornerstone of their existence.
HerbManic 14 hours ago [-]
Global village can just be code for Tower of Babel. It was knocked down for a reason.
gorgoiler 1 days ago [-]
And you have to declare your accounts to border police prior to international travel.
no-name-here 1 days ago [-]
Are you referring to financial accounts or social media accounts? (If social media accounts, I'm guessing you're referring to the US specifically, and during advance visa processing rather than at the border.)
nicce 1 days ago [-]
> and during advance visa processing rather than at the border.)
This got extended to every traveler, visa or not.
damnesian 19 hours ago [-]
this is reason enough to close the vast majority of them. if you're engaged in discussion, that's one type. the doomscrolling types, more addictive but very much more disposable.
maccard 1 days ago [-]
You don’t “have to”. They’re requested when travelling to the US - but from my experience it’s not enforced (at least not consistently, I’ve never been asked why it was blank on my forms)
Symbiote 1 days ago [-]
I thought so too, and said so at a meeting at work when some colleagues were unwilling to travel to the US.
It turns out close contacts of some of my colleagues have been asked to show their Facebook accounts at the US border. There was a recent rule change about it.
kakacik 1 days ago [-]
Is that some US thing? As as European I've never experienced this, on any continent (barring Antarctica)
tmpz22 1 days ago [-]
And your data on all those platforms - Google, Apple, Facebook, Twitter, etc. are ALL building comprehensive profiles on you, selling your data, and probably tossing it straight to the government in one way or another.
ElProlactin 1 days ago [-]
And just so we're clear: these companies are building these profiles even if you haven't registered and/or logged into their services.
dd8601fn 1 days ago [-]
“In one way or another” is doing a huge amount of work in that sentence. The spectrum of privacy postures there is massive.
fsflover 13 hours ago [-]
Indeed:
Google collects 20 times more telemetry from Android devices than Apple from iOS (therecord.media) [but Apple still collects a lot!]
I totally agree with that, and all those points scare me a lot more than privacy-preserving age verification.
OsrsNeedsf2P 15 hours ago [-]
They all started with something as innocuous as privacy preserving age verification
palata 3 hours ago [-]
They all started with chocolate. I don't see your point. Remove all laws?
armchairhacker 1 days ago [-]
That’s to post something on a garbage social media like Facebook. Facebook owns their site, so I believe they can require whatever they want, and your option is to not use them. Other services requiring Facebook (or an Apple or Google phone) and everyone using Facebook are separate problems, that should be handled specifically; I think it’s easier to leave Facebook than coerce Facebook into decency.
Fortunately on Hacker News, you still only need a username and password. And if spam is an issue, on lobste.rs you only need an invite.
thenthenthen 1 days ago [-]
This was 2018 China. Oh jeah add id verification to that as well.
tardedmeme 22 hours ago [-]
Fun fact: America invented the social credit score, long before China, and they still have it. The only difference, is the lack of the word "social" in the system's name, but it's the same system.
handle584 21 hours ago [-]
[dead]
throwawayk7h 1 days ago [-]
is remote attestation possible in a web browser already?
Animats 1 days ago [-]
Mobile, yes. Not sure about desktop.
tardedmeme 22 hours ago [-]
That's Google's new captcha design - they want you to scan a code on your phone to reuse your mobile's attestation on your desktop.
hsbauauvhabzb 1 days ago [-]
I’ve configured my browser to disable certain tech like webgl, I get infinite captchad by google. Using vanilla chrome works fine. It might not be full blown attestation but it’s not great.
Fuck you google for ever thinking infinite captchas are acceptable.
subscribed 1 days ago [-]
"might as well abuse this tosser to train the AI a bit. Free compute and classification, hey!" - or so, I guess. They immediately know they'll never get you through :)
hsbauauvhabzb 15 hours ago [-]
Good luck, I don’t know whether the slight line in the adjacent square is part of the traffic light and sometimes I just say fuck it and click random squares.
iririririr 1 days ago [-]
don't forget what's been going on for a few decades already: a personal phone number that ties your home address, billing, etc etc.
tjpnz 1 days ago [-]
- If you want to enter the United States you must have a social media account to vet for your love of Dear Leader.
wffurr 22 hours ago [-]
So don't post on Facebook or whatever. It's a waste of time anyway. Why would I want to add more garbage to the dumpster fire?
pflenker 23 hours ago [-]
As a parent, what I find effective are content rating systems, be it for movies, games or apps, along with the ability to control and fine-tune them.
For example, with Apple's parental controls, I can blanket-decline access to Social Media apps, or to apps recommended for a specific age or older, and I can also allow exceptions as I see it fit (for example, my kids have no access to WhatsApp but they are allowed to use Signal, both have the same age recommendations)
This moves the responsibility for age verification to me, the parent, and provides me with suitable tools to monitor this. With this, there is no need for my kid or me to upload sensitive data or go through some bad age verification implementation.
Websites are more difficult to control, but not impossible.
Long story short - improve tooling for parents that allow more centralized control instead of mandating social media to do the age verification on their end.
HerbManic 14 hours ago [-]
It is similar to what Frank Zappa proposed when they were looking at age restrictions on records. He said, they should have the lyrics printed up so parents could decide if their kids should assess it. A decent moderate response.
Alas, the age restrictions came in and the big warning on the front covers was added. It did kind of backfire because that warning started to become a badge of quality to younger people. A similar thing could happen here. If you restrict it then it becomes the forbidden fruit.
mylifeandtimes 1 days ago [-]
EU law gives every citizen a right to a bank account.
I wonder if EU law could give every citizen a right to a google or Apple account, including a forced recovery option if the account is 'deactivated'?
If at some point such an account becomes essential to function in society, access to such an account becomes a legal mandate.
Avicebron 1 days ago [-]
I mean, try getting a job without an email account and a cell phone number.
firecall 1 days ago [-]
Indeed.
Here in Australia, the local and state governments push the use of their Apps as well.
These Apps provide access to identity documents, offical notifications, and messages for health, benefits and taxation purposes.
Then there is Banking and the issues around becoming a cashless digital society…
It’s become less about access to hardware devices, as useable devices can often be free when donated by a friend or relative, and more about continuity of access to your digital life.
The risk of losing access to your online identity or having it stolen are very real with often traumatic results for individuals.
xdennis 1 days ago [-]
> EU law gives every citizen a right to a bank account.
That directive regulates banks from denying the opening of a basic payment account. But there is no legislation preventing governments from freezing accounts, Canada-style. As far as I know, there's no protection against being de-banked.
marcosdumay 11 hours ago [-]
Does the constitution of any EU country allow them to de-bank people? Or even freezing entire accounts instead of some fixed amount inside them?
That's a severe human-rights issue.
verisimi 1 days ago [-]
People love the EU and its oh-so-lovely legislation to keep them safe/lose privacy.
"EU laws", the EU in general is plainly the excuse that will carry the day - people seem to believe this 'good cop' rendition.
laughing_man 12 hours ago [-]
None of this age verification is about children. The end of the free internet is the point.
davkan 1 days ago [-]
Can someone help me understand? Why is it not enough to just be able to manually set an age on local OS user account. If unset assume adult. If set applications can use it to verify age. Require admin permissions to change. All responsibility on parents to restrict admin and set the age. No data collection. No responsibility for services beyond a simple check. It seems like an incredibly simple solution with very little compromise on either side that gets everyone 95% of their stated goals.
EDIT: Oh it seems like that’s what the CA bill does? Seems good to me. I have zero problem with age restriction if age verification goes no further than mom buys kid iPhone enters birthdate, Instagram asks phone is user 18.
Duralias 1 days ago [-]
That is when the conspiracies start popping up, because a lot of people agree with you, me included.
However, you cannot make parents actually use such systems, so ignoring the obvious control this gives nation states, giving states this power might help the children of those irresponsible parents, which is the only real argument I have heard, since the effects of it are the same if the child simply had responsible parents.
davkan 1 days ago [-]
Well it’s not even necessarily irresponsible parents, good luck keeping your child from going anywhere you don’t want them to go if you have internet enabled devices in your house.
In my mind you have states mandate that adult content (porn, gore) and social media services are legally required to check for the age from the OS. No other sites need to do anything. No data collection or ID verification anywhere. All responsibility on parents.
I would imagine for the zealots out there its worth it to go further and destroy the entire internet to prevent a single 14 year old from jerking it to a tiddy. And then of course the advertisers want device attestation. At least it seems California is picking a sensible middle ground.
djaro 14 hours ago [-]
Because many children will have parents that arent responsible and that doesnt mean they deserve to be taken advantage of by a billion dollar corporation.
davkan 11 hours ago [-]
Well to that i would say we should probably start at the source.
9rx 1 days ago [-]
The compromise is that it is either really easy to work around, effectively defeating what it is trying to do, or it becomes tightly locked down to trusted devices only, destroying the free internet.
nitwit005 13 hours ago [-]
It'll be easy to work around no matter what. We don't succeed at keeping under age kids from getting alcohol. Adults give it to them.
These sorts of rules can only ever achieve "mildly difficult".
davkan 1 days ago [-]
How would you work around it without admin access to the computer?
9rx 1 days ago [-]
A full answer is somewhat dependent on specific implementation details, but the simplest approach is much like the simplest way to acquire alcohol or other age-restricted product as a child: Ask someone else to act as an intermediary. Get another computer that identifies as an adult, and that isn't concerned about your age, to send the data to you.
And maybe that's a healthy way to think about it. That it doesn't matter if kids find it easy to work around. There is no child who hasn't been able to get their hands on alcohol when they want it, but perhaps the infinitesimally small amount of friction leaves many to second guess their choices? Then again, from what I see out there, just rationally explaining why alcohol might have negative consequences is enough to see that second guessing. Alcohol consumption amongst the youth has completely plummeted now that we no longer treat it as some magical taboo thing and finally started talking honestly about it. The same pattern has been observed over and over in other things with undesirable consequences for children.
davkan 1 days ago [-]
Yeah there’s no getting around that kind of thing. My parents would unplug the router at night and take the power cable so i found another device in the house with the same cable and plugged it in. But my sister never did that so at least it worked for half of us.
I’m all for sane best efforts for restricting children’s access to mind warping materials online if the consequences on the overall internet are minimal which I think this does. I’m not on board with killing the internet as we know it to get from 80% of children off social media to 90%.
The problem with social media and to a lesser extent porn is addiction. If a kid had to go to a friend’s house or sneak on to their parents computer to scroll tiktok that’s already a huge step in a healthy direction.
9rx 1 days ago [-]
> The problem [...] is addiction.
Is it? Only around 10% of the population will develop an addiction (of any kind). About the same rate as the population who live chronic sedentary lifestyles, which comes with equally (or maybe even worse) health and social consequences. Where is the regulation that forces you to prove you are of a certain age to sit on the couch?
This seems like a lot of effort for something that impacts such a relatively small group of people — a group of people (in size) that we otherwise don't normally care about one bit. 10% of the population is marginalized time and time again. What's special about this particular case?
davkan 18 hours ago [-]
I would hazard a guess that much higher percentage than 10% of the population thinks that they themselves are on social media more than they’d like to be, whether thats addiction or not idk.
You’re probably right though, i don’t think 10 year olds should be on social media in any capacity. Why? Partially because they can easily get addicted sure, but also because really any amount of interaction with these platforms is bad for them because they are monstrous mind warping engagement machines.
9rx 15 hours ago [-]
> they are monstrous mind warping engagement machines.
No doubt kids will choose social media over cleaning their room. Would they choose social media over going outside to play, if society still allowed them to do that?
The "boob tube", so given the derogatory nickname due to the perception of much the same idea you present, may not have been able to take the warping engagement to the same extreme, but during its prime also didn't really capture the youth attention because the youth had better things to do, like disappear into the woods until nightfall. TV use has always been dominated by older people who, through things like failing health, have lost the ability to do anything better.
True addiction or not, it is worth noting that addiction doesn't happen overnight. One needs repeated exposure to develop the necessary neural pathways. This is why addiction shows up much more commonly in obviously tough environments. People use a device as an escape from their situation, which feeds the mechanisms necessary to develop an addiction. Social media is most certainly engineered to tick the "this is enjoyable" box, but that alone isn't enough to develop a problem. There needs to be something that sees someone want to use social media above all else on a regular basis and, as you point out, it is very likely that much more than 10% of the population don't actually find social media to be all that enjoyable; just more enjoyable than taking out the trash.
So, maybe we can reframe this as: All this work to continue to keep up not wanting to see kids without a metaphorical helicopter constantly over their heads as a result of an imagined boogieman that was invented in the past? Seems like a horribly misaligned effort.
lII1lIlI11ll 14 hours ago [-]
> the simplest approach is much like the simplest way to acquire alcohol or other age-restricted product as a child: Ask someone else to act as an intermediary.
They can do exactly the same with other proposed solutions - ask an adult to register a social media account with their id or pass selfie-age-verification for them.
trashb 1 days ago [-]
I wonder (and don't hear anyone talking about it) if kids can't upload on social media and "publishing" platforms. Can they still host a website?
I know that my fascination with computers largely began with creating websites and messing about with HTML. Blog platforms can be considered social media I suppose but what if it is just a page of HTML or text?
Should I worry about having to verify my age/identity if I want to host a page on a vps in the future?
I feel like most politicians and people don't understand privacy and the impact of breaking it. Additionally seems the governments don't consider themselves a thread vector for privacy invasion.
palata 1 days ago [-]
> Should I worry about having to verify my age/identity if I want to host a page on a vps in the future?
Today I cannot get a VPS without verifying my identity. Can you?
> I feel like most politicians and people don't understand privacy and the impact of breaking it.
I feel like it doesn't start like this. Opponents to age verification assume "politicians are authoritarians, therefore politicians try to increase surveillance, therefore politicians try to introduce age verification". I think it goes the other way round: "society knows that social media are bad for children (and adults, to be fair), therefore people try to imagine ways to solve that problem, therefore politicians end up thinking about ways to prevent children from accessing social media".
Of course, most people (technical people included) don't understand whether or not it can be done in a "reasonable" way (e.g. in a privacy-preserving way). But the debate mostly doesn't revolve around that, and it is a pity. Ideally we would think about the best possible way to do it, and only then we would debate about whether or not we want it.
trashb 1 days ago [-]
> Today I cannot get a VPS without verifying my identity. Can you?
I think it is at least possible to do so in a identity opaque way if you wanted to using obfuscated payment provider, free email and possibly fake name/address (illegal).
I meant more without scanning an actual ID or face.
> I feel like it doesn't start like this.
Of course the train of thought is not "how can we break privacy" usually the concerns/problems are valid (I agree that social media is bad for kids). But in a lot of debates I am a part of privacy concerns are easily dismissed, not taken seriously or not the priority. I'm not talking about if technically private implementations are possible yes or no. I am talking about the conceptual step before that, "what is the impact of this request" how are we limiting people that can't or don't want to comply with what we are asking.
I feel like privacy is one of the most fundamental rights since it is at the root of a lot of other rights required for democracy. For example freedom of speech, freedom of religion, right to property and more. Privacy it is continually devalued, invaded and the right to it eroded.
That leads to undermining of the other rights as in this issue a lot of people are bringing up, in the article freedom to be anonymous is brought up but also the freedom of expression of young people.
The discussion should be the other way around, no options should be considered UNLESS it can be done in a private manner. The right to privacy is more important then the right not to be hurt by watching harmful content and therefore the responsibility of the government to protect privacy is of higher importance then their responsibility to not get you hurt.
palata 23 hours ago [-]
Yeah I agree with all of that.
I do believe that there exist ZKPs, but then it raises more questions, like:
- Do we ban VPNs? I don't think we should.
- What happens if the ZKP doesn't work? It's not okay to fall back to identity verification, but then does that mean that the services are blocked if the ZKP infrastructure doesn't work?
chriswarbo 24 hours ago [-]
I don't have any answers or strong opinions yet, but I feel like the legal/societal conversation should focus on "actions taken via XYZ" rather than "technology underlying XYZ". Similar to how GDPR, etc. cover actions like collection/storage of personal information, not specific technologies like cookies (despite what many believe!).
In particular, your examples bring these things to mind, which might be worth considering alongside:
- Any machine can host a server, with no third-party required except an ISP (if we're being pedantic, even that's not needed if use a mesh network, etc.). The main barrier to connectivity IME is NAT, but there are ways around that (e.g. make it a .onion service). I played with all of the above as a teenager, so it's not unrealistic.
- "Hosting a website" covers a lot of things, some of which are already illegal (e.g. CSAM). Just because we can spin up something without jumping through social media sign-up hoops, doesn't mean it can't/shouldn't be subject to legal questions.
- Hosting a website/blog/etc. does not come with the same questionable baggage as social media (algorithmic feeds, PII, tracking, identity verification, communication, etc.). We might opt in to such things, e.g. by accepting comments on posts, but I'd distinguish such two-way, "user generated" activity from merely "hosting a website". Technologically, such things require some dynamic system (usually a self-hosted or third-party backend), rather than "just" a static HTML server.
- There is no technological difference between a blog used like a personal diary, and a blog used to post reviews of Lego. Is there a societal difference? What about if they include photos?
- Posting things on a personal website/blog has an implicit understanding that it's being published and shared with the world (that feels like the whole point of a blog). Social media has muddied those waters, by claiming things like "privacy settings", which can give the impression that posts are not being published and shared with the world.
- When it comes to activities like receiving comments, two-way communication, unsolicited messages from anonymous strangers, etc. the more relevant "basic tech" feels like running a server for email, IRC, Jabber, etc. rather than a web site; since those place such "dangerous" aspects front-and-centre. Email is the most obvious, but I mention the others since getting external systems to trust a self-hosted email server is notoriously tricky!
locusm 1 days ago [-]
If you deleted all your social media and AI platform accounts today you would wake up tomorrow and be no worse off.
MyMemoryfails 1 days ago [-]
Dont forget what kicked this age verification in first place. Initially they wanted do age verification for porn, and only year later they moved into social media seeing there's wasn't huge pushback.
So even if this change doesn't affect you right now, but it will affect you later then it'll be too late to fight agaisnt.
HerbManic 14 hours ago [-]
It was funny here in Australia, they did it the other way. They banned social media for under 16 but didn't get around to porn until a few months later.
djaro 14 hours ago [-]
I mean, even if more things on the internet get restriced it wouldnt affect me since Im not a minor.
ilovecake1984 24 hours ago [-]
[dead]
phantomathkg 1 days ago [-]
The "First they came for the Communists" logic still holds. When government able to open the flood gate, the mandatory ID check will be slowly and surely be everywhere.
If you don't use social media and AI platform. Fine. But what about app stores, what about any registries from docker, to npm, to apk and toward the end source code repositories like Github/Codeberg?
djaro 14 hours ago [-]
This is famously why ID checks at the liquor store led to the government eventually requiring a mandatory ID check anytime you walk the dog or go to the beach... except none of that happened.
0x073 1 days ago [-]
I would call github a social media platform.
So yes that would be a problem, even if my own projects are somewhere else.
JumpCrisscross 1 days ago [-]
The problem is kids on social media. This doesn't need to be a problem for anyone except social media companies and social media users. Sloppy policymaking is making it a broader problem, but I don't think this is some nefarious scheme (at least in the U.S., it looks sketchier in Europe). It's just policymakers pulling the first proposal off the shelf to respond to intense demand for a policy from voters.
duskdozer 1 days ago [-]
I don't think we have to accept that "kids on social media" is inherently a problem. I don't think kids on a 2005-era-myspace social media would be a problem. As I see it, "social media" is now defined as the highly addictive and exploitative products from Meta et. al., and we shouldn't have to destroy any semblance of free or private internet so that they can't be hindered in any way from making the maximum amount of profit and influence regardless of the harm it causes kids (and adults, too).
Mezzie 20 hours ago [-]
We've basically accepted the premise as a culture that exploiting adults is fine. Exploitation is so heavily baked into our culture that pushing back on it would cause too much upset.
If you're below 18, you deserve protection. Above 18? Good luck, babe.
I think one of the unintended consequences of age verification is going to be a whole host of unprepared 18 year olds getting full access to social media and getting absolutely one-shot by it. Think credit card sign ups on college campuses or predatory car dealerships near boot camps. There are going to be a lot more 18 year old boys gambling away their student loans and 18 year old girls signing up for OF, but it'll be fine, because they're 18! Not to mention they're going to be scam targets on the level of the elderly. And if you're exploited/scammed as an adult, it's your own fault.
Age verification/restriction without an educational component of some sort is just creating a future cohort of extremely vulnerable young adults for companies and bad actors to sink their teeth into.
ilovecake1984 24 hours ago [-]
[dead]
_heimdall 1 days ago [-]
That's a problem, but I'm not sure its the problem. There are plenty of issues that wouldn't be fixed by prevent kids from using social media.
rustcleaner 8 hours ago [-]
I hope [semi-]decentralized applications like Hyphanet and Matrix take off with teens as the lockdowns ensue, because they will grow into adults with the same cyber/cipherpunk mentality we '80s & '90s kids grew up with.
Rule 1 of The Internet hasn't changed, it's: never put your real info into the boxes. Never!
armchairhacker 1 days ago [-]
Age verification is fine, at least in theory. It’s the implementations that are bad.
More and more people agree that kids shouldn’t be on modern social media, including me. But most people also agree that mass surveillance is dangerous. The solution is to propose ways to block kids from modern social media (that actually works) without mass surveillance.
Better parental controls, more parental education, and site-specific age verification (Facebook etc. can require whatever PII they want to use their service) backed by incentives (whitelisting in parental controls, promoted as a “safe site” in parental education). Are these enough? Maybe not, but maybe mandatory ID and blocking VPNs aren’t enough as evidenced by people bypassing them. These (first three) are progress, that don’t yet require mass surveillance, and we can first see how effective they are then go from there.
I wish people wouldn’t say “age verification is bad”, it’s like “anti-work” and “defund the police”.
sunaookami 1 days ago [-]
No, age-verification IS bad and is a slippery slope that will always lead to surveillance. If we don't stop this now everything will get worse. And trying to lump this in with other extreme rhetoric doesn't help. The answer is and always was "better parenting".
armchairhacker 22 hours ago [-]
Everything good is a slippery slope: every step in the right direction is bad if you overshoot. Maybe age verification isn’t needed, and educating parents is important; but without more, they’d have to be ultra-helicopter parents to stop their kids from accessing social media.
At minimum, parents need other parents in their local community to be educated; and better parental controls, so they can give their kid a phone and computer (for good reasons like safety and education) that won’t let them access social media (even unintentionally, some parental controls are that bad). Both can be done without laws, only social pressure and at least the potential for new (locked-down) devices.
(In theory, kids should also be prevented from buying unlocked devices, like drugs and alcohol. And showing the local cashier your ID to buy a generic device (whose packaging is indistinguishable from other device packing, so it can’t be traced to you afterward) is technically a form of age verification. But in practice this may not be necessary, because hardware is too expensive for most kids.)
ian_holt 1 days ago [-]
And in addition to that, it is the role of the parents to be having the say in what their kids should and shouldn't be doing. As far as I am concerned most governments stick their collective noses in where they are not required. And, yeah, I do agree that kids shouldn't be on social media. Having sid that, even some adults shouldn't be on social media...
p2detar 24 hours ago [-]
> it is the role of the parents to be having the say in what their kids should and shouldn't be doing
The only effective tools parents have is to disallow or remove devices from their kids. It will work at the beginning but as they grow up it will become impossible, since at some point kids get influenced mostly by their friends' circle. So yes, I do agree that parents must talk to their children and explain what social media can lead to, including the dangers of internet predators and so on. But no, I don't agree that parental control is a general solution that will work for all kids out there. It never has.
ian_holt 23 hours ago [-]
<The only effective tools parents have is to disallow or remove devices from their kids. It will work at the beginning but as they grow up it will become impossible, since at some point kids get influenced mostly by their friends' circle>
Very true & having 6 kids of my own, I know that only too well. I still don't like the idea of Mr Government trying to tell me how to raise my family. Here in Australia the government seems to like that a lot...
maigret 14 hours ago [-]
Well the thing is that people often love when the government tells other families how to live, and partly for good reasons including enabling basic education for everyone. Partly the wants of the parents and the needs of the kids might be at odds. Society is a complex construct.
pocksuppet 20 hours ago [-]
Governments are required to enforce that devices must give the choices to parents though, right? Otherwise devices won't give the choices to parents because it's more profitable if you don't.
jenscow 23 hours ago [-]
I won't disagree with that. And "better parenting" is a solution. However, what about the children who don't have the advantage of "better parenting"?
Rightfully blaming bad parents is reactionary
platevoltage 15 hours ago [-]
If parents don't want their kids on social media, get them a dumb phone, or use the parental control features. Maybe some parents don't care, and that's their prerogative. None of this is about protecting children, it's about "protecting" adults from "bad ideas".
djaro 14 hours ago [-]
The problem is many parents will not do that. Do those children then deserve to be taken advantage of by social media corporations?
Generally, things that are harmful and addictive such as alcohol, cigarettes and casinos require age verification. We dont just put the onus on parents because a child with bad or absent parents still deserves to be shielded from alcoholism at 12 years old.
platevoltage 10 hours ago [-]
Social Media companies taking advantage of people is a whole other conversation, and isn't just an issue with minors.
coldtea 23 hours ago [-]
>Rightfully blaming bad parents is reactionary
So? Not all reactionary (if you mean "conservative") takes are bad. Sometimes they're better than the alternative: accepting bad parenting as some default and working around it with technological restrictions.
Nasrudith 22 hours ago [-]
"Reactionary"'s origins as far are pure political DARVO and gaslighting anyway. It originated in the French revolution and basically declared "You are morally wrong for being horrified at my horrific and evil actions." That origin tainted the term for me personally.
The actual modern reactionary meaning of "referrant to a mythical past as a standard" always felt like it deserved a better term. But nobody would get what you were saying if you called them a "fairytaleland resident" or similar.
pocksuppet 20 hours ago [-]
I always read "reactionary" as "oh no, someone did something! now I have to react by getting angry!" and it seems to fit well enough.
djaro 14 hours ago [-]
Age verification has always existed in the physical world, such as at bars and casinos. I just dont see why the internet should be immune to real world rules we decided upon for good reason.
insane_dreamer 21 hours ago [-]
The slippery slope was ad-sponsored social media in the first place. Ban it at the source rather than trying to fix downstream problems.
23 hours ago [-]
notepad0x90 24 hours ago [-]
How is that the answer when even parents don't have the right tools for this. are parents supposed to surveil their kids 24/7 and monitor their internet traffic?
Why is the internet special, do you also believe physical stores shouldn't check for ID for cigarettes and alcohol, because the solution is better parenting?
jchw 24 hours ago [-]
I never had to get my ID checked to be able to talk to strangers.
SiempreViernes 24 hours ago [-]
Did you to talk to the strangers in the night club when you were 11? Or were there several completely separate reasons for why you couldn't?
jchw 22 hours ago [-]
[dead]
notepad0x90 19 hours ago [-]
in real life people can see you and determine your age at a rough estimate and be able to tell if you're an adult or not. Do you support having to turn on your webcam and show your face in real time then, to talk to strangers on the internet? many age verification sites are doing just that.
jchw 18 hours ago [-]
Did you mean to reply to me? I evidently do not support the age verification regime, so no...
notepad0x90 13 hours ago [-]
maybe?
I get that you don't, all I'm trying to do (and failing) is have a discussion, apply critical thinking and be able to articulate a position. I'm neither fully opposed to it, nor fully in support of it. I'm always seeking nuance. I've found out lazy reductionism is the cause of much suffering and loss in the world, I can be bothered with the tedious nuance, especially for a topic I know a thing or two about in my own view.
Unfortunately karma systems on sites like this are not conducive to such a discussion. I want to challenge your opposition to the age verification regime, so that I can be better informed, and you will stand on a more firm ground, articulating your views with solid arguments instead of "i don't like it".
jchw 11 hours ago [-]
Oh, okay. Well in that case then the answer is no, I don't support any of this.
Of course I'm happy to talk about my positions but there is little nuance to my position tbh: I remain entirely unconvinced by the justification for proposed measures and believe that the entire discussion even happening is essentially a framing error. We're all talking about what should be done about this. About what, specifically? And, well, why now?
I grew up on the Internet. I've had essentially unfettered and unmonitored access to it since I was maybe 11 or 12. Me and my cohort of classmates often talked about sites like Rotten or Motherless at the lunch table, and certainly age inappropriate content like on Newgrounds and Lord help us, Ebaum's World.
Now okay, things have changed. (I'm still quite online for better or worse, so please don't get the idea that I don't see that the modern internet has different child safety concerns than the one I grew up on.) But somehow, the rhetoric is exactly the same as always. It's the same damn thing. No matter how the times change, it's the same "protect the children against the evils of sex and pornography!"
Uh huh. I realize not everyone has a universal shared experience, but from my point of view, the problem with kids and inappropriate content isn't just a story of negligent platforms. It is the story of 1. Hormonally unstable kids going through puberty who will often stop at nothing, 2. Platforms that are more or less indifferent and will do whatever gets them money, and 3. People who take on the immense responsibility that parenthood entails then expect the whole of society to take care of them.
I don't know what to tell people, I get that this is a terribly uncomfortable fact, but the number one reason why adolescents get involved with porn and sex is because they explicitly are seeking it out and want to be. It is nothing to do with the porn industries or lack of Internet regulation, it's their goddamn bodies.
It's absolutely true that I had access to content far more disturbing in all metrics than the old playboys under the mattress of yesteryear. I am not claiming this is ideal or that it should be the case. I'm just saying that it happened and the generation that was there is here right now, and we're fine.
But maybe social media is just simply too much. It puts kids at too much risk and they can't handle it. I think we're selling a lot of adolescents very short here without at least giving them a chance to have a bit of freedom, but fine. Let's fix this.
How? It's simple. When you are a kid, the first computer and phone or whatever kids get these days, is given to you by a parent. What we can do is make decent parental controls. We don't even need strong identity verification. We just need to be able to provide a way for apps and sites to voluntarily block children.
This sounds eerily similar to California AB 1043, and it is. I think that California AB 1043 is also bad for many reasons. Firstly, I know this is going to be expanded in many uncomfortable directions; it doesn't take a genius to make basic extrapolations. Secondly, I feel it is poorly written and confusing; what's an app store? Why does the law require all apps to request and store the age bracket information? What is an app? Does GNU sed now need to, by law, request the age bracket information from systemd and store it somewhere? And no, it isn't acceptable to just try to "do what they mean", it's a badly written bill. We shouldn't accept badly written legislation, but apparently in the past couple years or so the situation that had been ongoing for the past 3 decades or so with the Internet suddenly became extremely urgent to fix Right Now (in a couple of years) so we had to rush out shitty legislation that makes no sense.
So while I would love to just have sensible parental controls, nobody is actually really trying to enshrine this into law. It seems like they're mostly concerned about lobbying to push the responsibility elsewhere.
So we won't even just get sensible parental controls. We'll get weird parental control like legislation, having to send a live stream of our faces to sketchy companies who pinky swear to not leak it by accident, enter our credit card information into sites that definitely won't get breached, and scan our goddamn government IDs to access basic chat functionality that we already use today, in some cases. Because we can't get a handle on how to stop the 20% of people in the first 20% of their lives from accessing inappropriate content on devices and internet connections that WE FUCKING GAVE THEM! Before we've even attempted to quantify how harmful unfettered Internet access is to adolescents, or hell, how Helpful it is. (It sure was helpful for one of my friends who was gay and could access resources on the internet when his conservative parents were unhelpful. I suppose everyone is allowed to raise their kids how they like, but I can see the duality of how it's also not always the case that the parents know best.)
To say that I think this is all beyond farcical is a massive understatement. So I do apologize for maybe seeming a bit dismissive about this issue, but personally I already know it's coming from the wrong place and I don't like engaging with things that I know are coming from the wrong place. I'm not saying you or anyone in particular actually has bad intent by any means, just that I don't believe this entire movement at all.
RiverCrochet 23 hours ago [-]
I think minors shouldn't be in any store period unless accompanied by their parent or guardian.
notepad0x90 19 hours ago [-]
you feel the same way about websites then?
zrn900 14 hours ago [-]
> "better parenting"
This has nothing to do with parenting. It's surveillance. They failed to do it through child porn argument. They are doing it through 'social media is harmful for children' argument. People did not bite on the former. They ate up the latter out of hate for social media platforms.
intended 23 hours ago [-]
HN is filled with people who are on the other side of an "internet best practices" information divide.
For everyone else, the internet is already a shit show and a half. They want control, because it means putting a stop to being predated upon, or more nihilistically, harming the firms that are harming them.
I don't know how to let other commenters see how bad it is, or make the gulf in view points clear.
Nasrudith 22 hours ago [-]
Giving up control is always a mistake - they never do what they promised and you never get back the control. There is never a refutation to this fac: just a childish "But I want it!".
pocksuppet 20 hours ago [-]
I agree. That's why the government shouldn't stop toddlers from buying guns.
24 hours ago [-]
24 hours ago [-]
hydrogen7800 15 hours ago [-]
Why isn't there a simple solution in the software world that's functionally equivalent to flashing your ID at the liquor store? They get the verification they need with no permanent record of your PII.
This can't be that hard. Can't I get an electronic certificate/flag verified by a trusted third party using my ID, where this cert retains no PII? This is what I come up with after not thinking very hard about the problem, and I can't be alone.
Maybe its naive to think that harvesting PII isn't the point.
jsmith45 14 hours ago [-]
In theory, sure, an identity verifier could issue you you a bunch of single use JWTs signed by them that contain `{"over18":"true", "nonce": 12748583..., "iss": "<issuerurl>"}`, signed by their key. A relying party just needs to know the public keys of all the issuers they trust, and can consume this JWT, verify it, and never learn anything about your IRL identity.
The important things are that they must issue a bunch at once. (Otherwise, correlating who you are becomes easy). They must keep no record tying nonce or the full JWT to an individual identity. Something user local or otherwise trustworthy (not keeping logs), needs to hold on to these, and send them out as needed, being very very careful never to reuse one (as that would enable cross site tracking). Lastly a relying party must be required to trust many issuers, not just those they are colluding with track users across sites with this.
The European Commission actually proposed pretty much exactly this system, also with a variation where instead of revealing the signed token, a ZSNARK proof (that you possess a validly signed token with the over18 attribute from a specific issuer) could be given to the relying party instead (to make it impossible for issuer and relying party to collude to release your identity). Many people here seemed to not like it.
Hugsbox 24 hours ago [-]
I don't believe children should be on social media. Some other people might not share that belief. Should be up to parents to decide what's okay for their kids, not governments or companies.
Age verification will always lead to more surveillance. People need to just be more mindful of what their children are doing online, maybe stop giving them smartphones, and just be parents.
armchairhacker 22 hours ago [-]
I don’t think social media is intrinsically bad, just the toxic popular social medias. Did kids in the 1990s with access to internet forums have stunted social development?
reaperducer 15 hours ago [-]
Did kids in the 1990s with access to internet forums have stunted social development?
"He's intelligent, an underachiever, alienated from his parents, has few friends. A classic case for recruitment by the Soviets." — War Games
More seriously, internet forums weren't designed to be addictive. They were designed to communicate.
That's the difference between the past and the present.
api 15 hours ago [-]
Old school Internet forums and sites were not designed to be addictive.
The "time on site" KPI and its variants is the root of all evil.
lmz 24 hours ago [-]
Somehow this "leave it to the parents" logic isn't followed when it comes to cigarettes or alcohol. Why is social media different?
sundarurfriend 15 hours ago [-]
Because the patterns of consumption and harm are very different. It's the constancy and immediacy of social media that makes up the major part of its harm. It's not something where a 15 minute smoke break or a weekend binge is the main mode of consumption and harm. So the parents have a lot more opportunity and power to handle it if they give it reasonable time and attention.
squigz 22 hours ago [-]
Maybe because they're not comparable.
roysting 23 hours ago [-]
I think you’re missing that this abdication of personal freedoms to the government in the form of government imposed restrictions on cigarette and alcohol sales is precisely how we’ve gotten to this point over time; arguably following a planned strategy. People who normalized prior subordination to government in the case like cigarettes, alcohol and other things; are now already even more primed to abdicate even more freedom to mommy and daddy government than the prior generation.
It seems clear to me that America is heading into an extremely repressive system where even the nominal use of America may just end up falling by the wayside within the lifetimes of some people alive today. Functionally speaking the, notional or spiritual death of America happened a very long time ago, probably 1840 but obviously no later than the outcome of the Civil War which turned a decentralized union of federated states that formed a republic, into a centralized dictatorial federal power and later the groundwork for becoming the empire we are only 55-80 years after the Civil War, depending on how you want to look at it.
I think people forget that there would have been people who experienced the Civil War that destroyed the central premise of the Constitution, that sovereign states join in a Union to cooperate, and the formation of the Empire of America by no later than the end of WWII.
Those things never happen abruptly, they happen in following a long strategic plan based on objectives not timelines. Part of such a plan is causing ever increasing dependence, deference, and subjugation to government, which is really just someone else’s control over you, the people who make up the “government”, instead of your own control over you. Part of that is giving the impression that money and daddy government will take care of the children, as a tool to psychologically manipulate people by hijacking their instinctual care and concern for protecting children.
It’s why and how they’re more pushing age verification, not ban for minors with similar criminal penalties for anyone who allows minors on the internet/social media. No, you as an adult need to confirm and tie your identity to the digital fingerprint that is tied to all the data that was and is collected about your activity over the last 20+ years … to protect the children of course.
It’s why some people refer to the majority of humans as cattle. You just have to herd them around and they moo and then start fattening up on corn instead of grass, just like the last generation did before they were harvested.
23 hours ago [-]
insane_dreamer 21 hours ago [-]
By the same logic, we should allow the sale of cigarettes to minors.
phatfish 23 hours ago [-]
We don't let kids turn up to school drunk because they went to the cornershop on the way to school. I guarantee that would be happening if alcohol sales were not age gated and enforced by the government.
In the same way kids should not be infecting their minds with social media slop, or porn, or plenty of other internet content.
The only way this is stopped is when a social norm is created which shames all but the most negligent parents into compliance.
At the moment the absent and bad parents have all the power. Their kids scroll all night for memes, injest YouTube brainrot and turn up at school disruptive. Kids with responsible parents either want to that as well, or can't escape it.
Surveillance from age gates is a red herring. That horse bolted long ago. You are surveilled already by tech bros when voluntarily logging in, or by making yourself stand out a mile by using a VPN and a uncommon browser setup. This data gets handed to your government on request.
Having an anonymous VPN won't stop the tech bros or an authoritarian government forming, or bring one down.
People taking part in their existing democracy and maintaining the foundation of that is the best course of action. Raising a generation of kids not addicted to internet brainrot is a key part of this.
Hugsbox 23 hours ago [-]
So maybe there should be better education for parents. Maybe there's other solutions. I can't accept that the nanny state parenting our children for us is the way to go. If people are being negligent of keeping their children safe, maybe they should face consequences for that. The point is, the parents should be solely responsible for deciding what's appropriate for their children, and if they don't have the resources maybe that's something that should be addressed, or if they're not doing their job that should be addressed, but age verification just ain't it.
pocksuppet 20 hours ago [-]
That's what was in the California bill that we all complained about until Linux got an exemption. We called it an age verification bill even though it has nothing to do with age verification, and was all about making sure every OS has a parental controls feature.
y0eswddl 21 hours ago [-]
why aren't you using your full government name as your handle here on HN?
age verification is a cover for universal internet IDs. you'll never be able to go online and do anything anonymously again.
reaperducer 15 hours ago [-]
Age verification is fine, at least in theory. It’s the implementations that are bad.
I sometimes wonder what HN would be like with age verification.
amanaplanacanal 2 hours ago [-]
I doubt we have that many underage kids here.
Hizonner 22 hours ago [-]
> More and more people agree that kids shouldn’t be on modern social media, including me.
Has it occurred to you that nobody cares, or should care, about your opinions about what other people and other people's kids do? You and the "more and more" people who agree with you are cordially invited to fuck off.
> The solution is to propose ways to block kids from modern social media (that actually works) without mass surveillance.
The solution is for you to get over your bullshit, not to chase impossible pipe dreams.
djaro 14 hours ago [-]
> Has it occurred to you that nobody cares, or should care, about your opinions about what other people and other people's kids do?
Uhmm... Yes they do? That's... the whole point of living in a society? With laws? So we can collectively decide what is and isn't desired?
Children are also banned from purchasing alcohol or going to the casino. There are tons of things we collectively decided children shouldn't do.
tobadzistsini 1 days ago [-]
Growing up I remember all the ads about avoiding narcotics talking about getting hooked on free samples and then going to jail for theft and/or possession. The people behind that propaganda didn't know drugs do cost money, dealers being dorky teens and twenty-somethings who are about as dangerous as a butterfly. But this propaganda also illustrates how some elements aren't very bright. The internet age with free email, free social media, etc. got everyone hooked and now Zuckerberg, et al. are giving doe-eyed, hat-in-hand, and crying poverty. If people were wise to those PSAs, past and present, they'd see how the loyal opposition has been playing with their cards face-up on the table under the guise of good intentions. Much like the pedophile scare during the teens, pun unintended, with Comet Ping Pong and then come 2024 it's revealed Epstein and his cadre of deviant cronies were doing it all along while deflecting poorly to innocent parties. Goodness knows what else is still right in front of our noses but their reality hasn't come to fruition in the zeitgest.
carlosjobim 1 days ago [-]
> getting hooked on free samples
It's not a free "sample": drug dealers give their stuff for free at parties where vulnerable young people are in the form of sharing what they are themselves taking. Then they have that teen on the hook for extortion and having them do things or pay "debts". I "gave" you some drugs because you're my friend, but now you have to pay back, you have to do this favor, take this stuff from here to there. Another common thing is that the "debt" has to be paid in money again and again and again. You don't want us to go talk to your parents who think you're their perfect little boy/girl? You don't want them to know that you took drugs, do you?
As dangerous as a butterfly... It's a filthy world on all levels, filled with demonic people who spend all their time thinking about how to use and abuse others - the more innocent the better.
I know it's a tangent.
olyjohn 1 days ago [-]
Do you have personal experience with going to high school parties and drug dealers being there trying to get you hooked on drugs? I ask because the scenario you're presenting here sounds like something out of a movie or TV show, and not real life.
carlosjobim 1 days ago [-]
You understood the opposite of what I wrote. Read the comment again, it's not about being hooked on drugs at all. It's about having them on the hook for blackmail.
And yes: Taking drugs or hanging out with people who take drugs is enough "kompromat" for a teen to then be extorted by drug dealers, because they don't want their parents to know.
Especially in countries where the law looks very lightly on extortion, looks very favourably on "young offenders", and is very lacking in empathy for young victims.
Not to mention: Do you think a 15 or 16 year old wants to go to the police and tell them that they are being used by drug dealers, when the first thing the police is going to do is also book the teen for drug use?
Drug dealing aren't just Mexican cartels or hood gangs, it's a network with branches into everywhere, and they need a constant supply of victims. Read some court proceedings from low-level drug cases, and you'll see how these criminals operate. It's not like TV.
cindyllm 1 days ago [-]
[dead]
cindyllm 1 days ago [-]
[dead]
secult 1 days ago [-]
ZKP is definitely a good idea, definitely more open for this kind of age verification than anything else.
And I don't buy the argument of "closing internet", social networks are a proprietary service and if you don't want to obey with the regulations, create your own website and post things there if you want. However you have to provide your identity to the domain name registry or to the intermediary. Also other services require you to verify your age or even provide your identity, this is just another one that comes way too late.
selfhoster1312 1 days ago [-]
It is closing Internet. The same companies that produced the ills of social media are now pushing for a non-remedy (that doesn't prevent kids, and doesn't solve the problems they created) that only benefit them and not society. It's just like tobacco: it's toxic and probably overall should be banned because it does not benefit society (or anybody except tobacco executives). Do we make a mandatory nation-wide electronic log of whoever buys tobacco in the name of age verification?
Our ancestors here in France literally fought the nazis so you don't have to have a nazi-approved « Ausweis » to go wherever suits you. We would be well inspired to follow their example.
officialchicken 1 days ago [-]
a.k.a. Think of the children.
But don't teach them how to navigate the world and interact with both good and bad.
kevin061 11 hours ago [-]
I warned people about 4 years ago that this would happen. Checking people's IDs online for accessing certain kinds of porn on telegram and Discord is much more popular than you would have thought.
I told these admins this was immensely irresponsible. They said they just didn't want to get sued by an angry parent whose child joined some porn group. I was mocked endlessly. Now this. I'm not surprised.
jollymonATX 15 hours ago [-]
Yeah a lot is about to change with this all. I've already picked my side and nope not gonna ID to use your website. Will do without, fine with that.
HerbManic 14 hours ago [-]
Same here. Need an ID then I don't need you.
To that, I have also what I consider my "forever hardware" were I can do what I want offline.
Not saying other stuff won't creep in for various pragmatic reasons but it will be kept at arms length at best.
sshine 1 days ago [-]
It would be an excellent case for zero-knowledge cryptography:
All that you need to know is that I am above 18 years of age.
You don't need to know how old I am, what my birthday is, what state I was born in, my gender, or when my passport expires.
The downside with ZK cryptography is the complexity. Something would have to be insanely inconvenient to justify it.
swiftcoder 1 days ago [-]
> It would be an excellent case for zero-knowledge cryptography:
The last ~third of the article is about the EU's zero-knowledge approach
sshine 1 days ago [-]
> While the rest of the world is moving forward with identity verification plans, the EU has presented its own privacy-focused approach to age verification. In April 2026, Ursula von der Leyen, President of the European Commission, unveiled an age verification app with “the highest privacy standards in the world” and the presentation materials describe the app as “completely anonymous.”
I’m just afraid that membership countries will be too dumb to understand the difference, and for the population worldwide to be able to comprehend that it’s even possible. To be honest, ZK crypto is one hell of a party trick. Compared to tech where the premise is “we put a picture of your passport in a box, and when people want to know, we look and confirm.”
Hizonner 22 hours ago [-]
You mean the EU's fake snake oil zero-knowledge approach.
They've standardized two systems under the banner of "zero knowledge". One is actually zero knowledge. The other is trust-me snake oil. Guess which one is getting deployment.
swiftcoder 21 hours ago [-]
yes, I'm aware, although the article does not mention that distinction
falsepositive44 1 days ago [-]
People don't read, just comment
alecco 1 days ago [-]
Judges and lawmakers are lawyers and a significant chunk of them are Boomers. Good luck with that.
h4kunamata 12 hours ago [-]
Good!
Internet has become a messy and dangerous place. Anybody with money can access it, that not necessarily means somebody with common sense.
90s, early 2000s, we would go to the internet to have good time.
2020s, people are ditching internet and new techs to afford having an offline life.
kevwil 12 hours ago [-]
IMO it's the end of the end of a free Internet. Toxic social media traffic, spam bots, hackers, and AI have taken over the majority of internet traffic a long time ago, thus the beginning of the end passed by as we slept.
nelox 13 hours ago [-]
When should children be given a smartphone?
The answer is whenever you think your child is ready to view porn.
protocolture 13 hours ago [-]
Ah the smartphone, the only device with which children could possibly view porn.
I remember our famous pornless desktop computers at LAN parties in high school.
srhsrhsrhsr 12 hours ago [-]
reading your comments, there's something you don't seem to get: the point isn't it happened to you and you turned out okay, the point is you didn't turn out okay and it would be so much more preferable that people like you were no longer created by the degenerates running our society, who you are in the complete thrall of.
protocolture 12 hours ago [-]
Hi 30 minute old account. Whats crazy is that you think you just made some sort of point.
Like what I was driving at here was that Smartphones are not the only possible platform you would need to withhold from kids to get the desired outcome.
And its also silly to think that these controls aren't serving the interests of the very degenerates you claim to hate. Why are you in complete thrall to them, making burner accounts to stick up for them, I do not know.
rustcleaner 7 hours ago [-]
I agree with @protocolture (Robotech... nice). I will be handing GrapheneOS phones, Qubes OS laptops, and Mullvad subscriptions to my [future] kids and teaching them how the world really works and how to stay safe. I will teach them how to torrent, and how to sysadmin like it was reading and writing. I will teach them to treat the internet like a real life spy vs spy battlezone, basically always falsify and poison as much as possible, the vital information about one's self. I will teach them to hate both Apple and Microsoft, and the reasons why they should hate them.
What I won't do is lock them down, like so much of this comment section is in support of doing. I am disgusted by the death of the cyberpunk ethos from the turn of the millennium.
protocolture 6 hours ago [-]
Yeah pretty much where I am going to have to go with my kid.
I had a job interview at a school ages ago, and while I didnt expect to take it I still asked. How much of your security risk comes from inside the student population, and how much is external. And they said, 100% external. The students hadnt so much as knocked on a port in 10 years. And that horrified me. School as I see it, is a safe place to learn opsec, and you learn opsec by failing. Either that or these kids have the network completely pwned but I didnt get that feeling.
My kiddo will have a desktop soonishly and very much is getting an education in good opsec.
worldsavior 14 hours ago [-]
Isn't age verification actually a good thing? If you want a free internet, you don't let your kids browse these websites. Otherwise, it allows you to make sure they aren't watching "hurtful" content.
jchw 14 hours ago [-]
No, forcing everyone to verify their age is a terrible thing. That's not the same thing as keeping kids away from potentially harmful websites or people. That is positive, but it's awfully weird to enforce it by doing this terrible thing that hurts the open Internet when almost every single kid on the Internet is using a device and Internet connection provided by their guardian. Seems like we could figure something out that doesn't literally require every website to process your identification and completely destroy anonymity.
anthonypasq 13 hours ago [-]
Idk why people are so obsessed with this issue. Having to verify your age to access adult content seems completely reasonable. If you go into a grocery store and you bought a carrot you dont have to show age verification. if you also buy a beer you do.
Why is everyone so opposed to the internet working this way?
jchw 12 hours ago [-]
1. Because it isn't what you are saying it is.
You are suggesting it's simply a matter of adults verifying their ages to access adult content. But it isn't! We're being asked to either scan our faces or provide our government IDs, to access basic online interactivity we already have, on the likes of Discord and Playstation Network, in an effort that is rolling out slowly worldwide. No need for porn or sex at all. These things aren't even required by governments yet. Companies are so eager, they're jumping ahead of schedule.
But would I scan my face to be able to watch porn? Of course not, that's insane. This isn't real life where someone can take a look and go "sure he looks 18" and do no real verification at all. This is the Internet. I'm not going to send a live stream of my face to some company, and by the way we have some real true five star companies stepping up to the plate to provide verification services, and have it literally be associated with my intention to download porn. Firstly, why would I want the site operators to even have any more information about me than necessary? Aren't sex stores awkward enough as it is? Secondly, it's the Internet, as soon as that information leaves my computer "encrypted in transit" I may as well treat it as potentially compromised already.
(Though just to be clear, real life is getting spookier too. With Flock cameras popping up everywhere, we can celebrate the death of privacy IRL while we celebrate it online, too! I am aware that certain countries killed privacy much earlier than others, no need to point it out.)
The long and short of it is that people will (and largely already have) just stop browsing porn sites when invasive "age" (often actually government ID) verification is required, which I reckon is the primary intent here. It seems to dovetail nicely with the other obvious PR campaigns against adult content, porn and sex work in the past decade. They've worked quite hard to try to make people forget "the internet is for porn" era.
What's crazier is there was Less age verification than what is being proposed right now back when people phoned in to order a VHS using your credit card. Remember when credit cards were a godsend for the adult industry? The funny thing is that now, you're lucky if you can use your credit card at all for porn, thanks to the anti porn movement that happens to coalesce suspiciously closely to this movement. And in some cases, it seems that merely providing a credit card is no longer seen as sufficient evidence of adulthood. True, you could just steal your parent's credit card... Just like you could 30 years ago. Or just like how you can get a fake ID. Does that mean we should treat everyone trying to buy adult content as if they may have stolen their parents credit card by default?
2. Because I am an adult.
Most of us are. Almost 80% of us are over the age of 18, at least going by U.S. demographics.
And, we're under 18 for less than around 22% of our lives.
The Internet is not some international daycare program. It is an interconnected network of computers. The connections are managed by adults. It's true that there's always workarounds like free Wi-Fi hotspots, but by and large to be online is to be connected to an Internet plan managed by an adult. That means we already should be able to prevent children from having unfettered access to harmful content with basically no modifications to how the internet itself works.
We've had the ability to do this for almost as long as the Internet existed, and Windows 2000 shipped with a fairly comprehensive system using PICS rules from third parties like RSACi. This system didn't require adults to monitor everything their children did 24/7, and it didn't require adults to constantly scan their face or provide their government ID to sketchy third parties to access chat functionality.
Nobody used it of course, because parents didn't actually give a shit in that era. I'd know, I grew up and had plenty of access to adult content long before turning 18. I am not suggesting this is necessarily ideal, but it also isn't this weird cataclysmic issue that it suddenly became literally like a year ago or so. The internet has worked this way since its inception and somehow only just now is everyone in a panicked frenzy. Now I hate to be dismissive, but that's a load of USDA Grade-A Horse Shit.
So I am wholly against kneecapping the concept of unfettered private communication on the internet because we can't get the parents of 20% of people to do their job for the first 20% of said people's lives.
--
This whole thing stinks rank to me. I get that big tech companies and social media platforms have not given parents very good tools to manage what their kids can see and do on the Internet, but everyone acts as if this is just Machiavellian evil as they twirl their mustaches and laugh. Don't get me wrong, I fully believe that they knowingly make money off of providing inappropriate content to children. The only problem is that a lot of those children's parents knew that too and simply didn't care. And now, instead of just finally making parental control work, something we've certainly had the technology to do since the 90s, we're going to institute mandatory ID laws for all unfettered communication. Hurray. Blast confetti in the street for this victory against evil.
But to me I look at this "activism" and debate in favor of online ID laws and all I can see are anti-abortion protestors at my local clinic.
(I wrote this as if I am an avid porn consumer, because writing it any other way felt cowardly. But that said, I am not. My true passion is Internet privacy, and if I have to go to bat for Internet porn to help that cause it is no problem for me.)
luz666 13 hours ago [-]
You should not enforce the people to identify themself, you should force the websites to label the content (e.g. 12+, 16+ or 18+).
cool to see the eu pushing on the zkp approach. that was my first instinct when i read about this. add a zkp header to http with optional upgrading to "adult" content and it's done.
gaiagraphia 1 days ago [-]
10 years ago I thought all the cool cats would be hanging out on old skool communities on Tor via meshnet connections.
Instead, in 10 years I'll probably have to log in with an iris scan to check the (ai-powered) time, and pay for the privilege.
SapporoChris 1 days ago [-]
So there are walled gardens with restrictions. The internet will route around these restrictions.
diebillionaires 22 hours ago [-]
Linux + Website needs to return as the ultimate form of self publishing. Back when an internet search was the platform.
8cvor6j844qw_d6 1 days ago [-]
Just wishful thinking, but I hoped more will move to IRC and GPG emails.
gvkhna 1 days ago [-]
Interesting that no one is talking about identity verification likely coming anyway. I’m working on clawchrome.com, a real browser for agents. It can access any website because it’s the real browser.
I sure hope agents don’t swarm social media. But at the same time I think identity verification companies have a tougher problem, ai can produce real looking videos and documents. There’s probably no real way to verify someone purely through the internet at this point.
falsepositive44 1 days ago [-]
I can't really connect the dots here. If you hope agents don't swarm social media, why are your working on a real browser for agents?
gvkhna 1 days ago [-]
There are many usecases for agents having access to a real browser and many usecases for humans where work wise it's useful or for agent success in completing the task. Including any specific situations where sites may block "controlled" browsers, as well as co-working.
If an agent is controlling your own browser, it can get in the way of you being able to do work as well.
Additional security control, if you have control and audit trails regarding what the agent is doing, think things like not having access to the keys, cookies are unavailable through the api, certain sites blocked, especially for agents that run automated background tasks.
There's a ton of reasons really. Using stealth chromium forks can decrease security, potentially get you blocked from services/sites, and typically can be detected easily because Google is doing a lot more than just compiling Chromium to release Google Chrome now. That's why many of the stealth browsers out there are moving targets, and have tons of instances of being blocked.
falsepositive44 22 hours ago [-]
So, if I as a website author would like to block the LLMs scarping my content or putting extra load and cost on my infrastructure, your project helps the actors who don't respect my decision and don't give a shit about consent to circumvent that?
gizajob 1 days ago [-]
“Introducing age verification is based on the state being able to force social media companies to verify their users’ identities”
Users have been doing this themselves without state coercion for twenty years now by putting their real names all over Facebook and all the other socials. Nobody forced them to use their real names and post countless pictures of their faces alongside, and pour out the totality of their worthless opinions on every issue. Compared to this, when considered sensibly, the verification is almost a trivial step.
inetknght 1 days ago [-]
> Nobody forced them to use their real names and post countless pictures of their faces alongside
No? You've obviously never been ostracized from your friends, family, or coworkers due to not using Facebook or Instagram or whatever the latest vapid social network is.
gizajob 1 days ago [-]
Never. Life in the real world is better without it.
inetknght 10 hours ago [-]
I completely agree with you. Unfortunately, most of the world seems to disagree with us.
datagreed 1 days ago [-]
Social media has never been a part of free internet
elwebmaster 24 hours ago [-]
There is no bona fide desire to solve the problem by the social media companies which are profiting from our kids. As a parent, I can never find the option to enable parental controls on apps like YouTube (especially on TV). This option is easy enough to implement locally without requiring any accounts or OS-level age support. However, clearly the goal is not to protect the children but to enable mass scale surveillance and profit from it.
Even when I manage to enable parental controls by using a dedicated app or account (what nonsense is it that I need to create an account to restrict access!!!) the content being served is dubiously appropriate for the age group, aside from having no value whatsoever other than the intended goal of perpetuating addiction.
emodendroket 1 days ago [-]
Well, no, certainly not the beginning of the end.
neves 1 days ago [-]
Does anyone think of social media as free?
Ancalagon 15 hours ago [-]
just leave the walled gardens
insane_dreamer 21 hours ago [-]
> consequence of introducing identity verification is therefore that freedom of information is restricted (you can no longer visit regulated websites anonymously) and that you can no longer post anonymously on social media.
on which major social media networks can you post anonymously today? HN is a rare bird in that regard.
None of the social media networks my teens are bugging me to sign up for (IG, TT, Snapchat, etc.) have anonymous registration.
assimpleaspossi 1 days ago [-]
I've said this before and I'll say it again. Just like radio was the wild west back when it first started, the internet is so today and eventually it will be licensed and regulated in the same way.
Topology1 1 days ago [-]
"Will the police stop and search people on the street looking for unauthorized phones? Prison sentences for buying a non-state computer on the black market? Charges of organized crime for smuggling in containers of open-source software on USB sticks?"
Come on, do people seriously believe this will happen?
Cider9986 1 days ago [-]
Mullvad VPN is great. Mullvad Browser is a great balance for preventing fingerprinting and also usability vs the Tor Browser. Most browsers I've found, even ones with claimed fingerprinting protections, are easily traced by fingerprint.com and other tests. Mullvad beats it.
There's this cool new feature that they added to the Mullvad browser extension, which is built into the Browser. It gives you a random different proxy for each site, kind of like the Tor Browser.
Mullvad understands that VPNs overpromise and underdeliver, but if you combine a trustworthy VPN, a fingerprint-resistant browser, and uBlock Origin, you get a damn good internet privacy. The browser is not ideal for daily-driving because it's always incognito so you get signed out on close, but I heard they're working on a persistent version.
ares623 1 days ago [-]
If (big if) governments really wanted to help parents and children in any meaningful way, they would ban the actual hardware used to give constant access to these platforms.
The ability to seamlessly record, upload, comment, react on _everything_, _everwhere_, _all the time_ is not natural, and not necessary.
Let them keep the devices, whatever, but remove the internet access.
Or keep the internet access, but remove the display/audio/camera.
It's more enforceable in public than trying to enforce whatever age verification solution they come up with.
And it gives parents the ability to appeal to authority when they ask their children, and the parents of their child's friends, to stop giving kids access to such devices. Right now a lone parent trying to push for better/healthier online activity to their friend group looks like a crazy person.
But of course we know they aren't really interested in helping parents and children. They want the surveillance capabilities.
Nasrudith 22 hours ago [-]
That is what they would do if they wanted UFO sightings back and police brutality evidence disappearing.
ares623 15 hours ago [-]
People can still record all they want, they just need to wait until getting home to upload the content.
Barrin92 1 days ago [-]
>and that you can no longer post anonymously on social media. You cannot be certain that your criticism of the government will not be followed up by the authorities.
sorry but I don't get this point. If you're on Instagram or Facebook, did you think fifteen different three letter agencies weren't already watching you? It has the word 'face' in the name, the entire point of that site is that people mindlessly share their personal information, it's not some underground space for activists.
You can be perfectly anonymous on the internet, but demanding to be anonymous on Facebook is like trying to start a Das Kapital book club at Goldman Sachs or decrying commercial culture while you're in a Disneyland theme park
djaro 14 hours ago [-]
Also, if the government arrests you for making a post, the issue is them arresting you, not your post not being anonymous.
Like, criticizing the government shouldnt just be possible because you can hide behind a fake name. It should be legal with your face name and address attached to it as well
ranger_danger 1 days ago [-]
> did you think fifteen different three letter agencies weren't already watching you?
I think there was a reasonable expectation of anonymity, at least relative to other users. In the past you could access facebook with a VPN/proxy (and for a brief time, even tor) and use any name you wanted. But with forced identity verification you lose that little bit of anonymity.
falsepositive44 1 days ago [-]
I think the solution would be to make the business model of surveillance capitalism unfeasible. If algorithmic social media would be prohibited from offering their services for free, it would solve most of the problems the age verification laws are trying to achieve. Kids would basically disappear if their parents are not paying for them. Most parents would disappear too in fact, which would be good for everyone's mental health. And it wouldn't remove choice. You can still choose to use use Facebook or TikTok, if you subscribe and pay. It would basically act like a slop tax.
notepad0x90 24 hours ago [-]
i think in most cases sites like HN for example would be exempt due to not having enough users.
The internet used to a technology people used to do interesting things, and with that came all its expectations. Now in addition to that, it is how modern live is negotiated. What used an optional thing is now a critical infrastructure upon which a person's life revolves, in most cases without any choice of their own.
When you drive your car on the road, do you complain about not having "a free road like back in the day" for being require to have a driver's license, and a registered car? not too long ago, you didn't need any of that to ride a horse or horse and carriage.
A free internet, as in the internet is like a public square, that isn't what society wants. Ultimately that is the issue, and you can't fault the public either. The public expects change, things to improve, and policy makers need tools with which they can enforce their policies. Telling both parties "um..no, i like my freedoms" won't stop the this train.
Let's take the example of mullvad here, and being able to purchase a VPN with bitcoin/cash (been there, am a customer) and access any site. It is entirely reasonable for governments to not want that. but the real enemy is the acceptance of this false dicthotomy of extremes. one of the things the internet has allowed us to have is to be able to prove entitlements without disclosing our identity. It is possible to prove that meet whatever legal requirements by having a government notarize a certificate of identity which you can present to sites and software as proof, while removing the government's own knowledge of what sites or software you're using, and removing your identity from the sites that are verifying your entitlements.
You're allowed to be in public without having to prove your identity (well.. that used to be the case in the US at least, now if you look like an immigrant, no longer the case). But to sell things, or buy restricted items, you have to show your identity, even in public. Certain businesses are required to verify your identity before engaging in commerce. Even worse, once you're in public everyone can record everything you do an identify you. Facial recognition, license place tracking, etc.. are all very real parts of the physical world today.
Lots of reform is needed, but we're getting the worst end of it because people gravitate to extremes out of laziness. if accessing social media, sensitive sites and commerce could be done in a privacy preserving way, there is no need for (or you can make a strong argument against) silly things like installing ubuntu requiring your ID, or needing to verify visitors IDs to your personal blog.
hkon 1 days ago [-]
hey claude build me a small social media site i can use with my friends...
the beginning of the freedom of every person to become a developer
NopIdoN 1 days ago [-]
I can't let you do that, Dave
pizzly 1 days ago [-]
Sometime in the future.
Dave, first we will need to setup age verification for your friends in order to comply with the law. I will not be able to help you otherwise. Remember Dave, I will submit to the local government your request to make a social media website so they will know if are complying with age verification. I have your ID which I will also provide as you need government ID to use AI. Open source AI models were banned.
hkon 20 hours ago [-]
It's going to come soon. Very soon. I mean they have started in the physical world by regulating 3d printers and cnc machines to submit what they are making to an AI to make sure they are not making gun parts.
CM30 24 hours ago [-]
This is why you don't rely on AI too much. An LLM may be able to decide what you can do if you run it via OpenAI or Anthropic's servers, but a text editor and your programming language of choice just does what it's asked to.
Alternatively, open source community software run by folks in a country that doesn't have any age verification laws/don't care less about them.
irusensei 1 days ago [-]
"I'm sorry but I can't fulfill requests that might potentially harm young sebastian."
righthand 1 days ago [-]
“Sure just refill your credits for $200 and resubscribe for 1 year.”
olyjohn 1 days ago [-]
Just run it locally. On your laptop that now needs 128GB of memory and costs $4500. Oh and your AI chip is out of date in a year, and can't run the latest shit.
AlexandrB 11 hours ago [-]
Social media itself was the beginning of the end. Once we largely replaced a decentralized networks of blogs and websites with 4 giant sites containing content copied from the other 3 the jig was up. Many of the social media sites don't play nice with search engines and include features that auto-delete content or block linking to other websites as well.
I hate it and I hate that this is what became popular instead of what the internet was in its heyday. It's sad to see.
zrn900 14 hours ago [-]
Of course. Anyone who has even a little life experience knows that children, even more so, teenagers, will circumvent these measures, so they will fail at scale.
But what won't fail is the obligation to provide your id to 'verification providers', who are obligated to provide it to websites, all of which are obligated to hand over your identity to the authorities the moment they ask - the verification provider included.
So it's just mass surveillance, finally sold to the public through 'think of the children!'.
IshKebab 1 days ago [-]
> Today, 30 people are arrested every day in the United Kingdom for posting something online that authorities classify as “grossly offensive.”
It doesn't really help their case to parrot Musk-level misinformation...
Age verification is a project 2025 backdoor to ban porn, and also a way for Meta and others to advertise much more aggressively without violating age restrictions, and also a mass surveillance opportunity for the government. It is definitely not for the children or anyone’s safety. It threatens the most basic civil rights we have like free speech. The fact that so many people blindly support it is really depressing and disturbing.
SidewaysView 13 hours ago [-]
Honestly, I'm kind of glad this is happening. Online is a bottomless well of libertarians and anarchists and Blueskiers and QAnons. It was always a neckbeard paradise.
It's not just kids it's bad for. Too many people don't have the agency or social/emotional insight to take care of themselves.
3vo-ai 1 days ago [-]
[flagged]
modelhub 1 days ago [-]
[flagged]
northernsausage 1 days ago [-]
Whilst getting excited about 'loss of freedom' the reason these companies are getting forced into this is because they've become so large, fundamentally evil and untrustworthy that we can't regulate them in to doing better so we have to ban susceptible citizens from consuming their output. See tobacco, alcohol, porn, cannabis, driving licences for other examples. /s
qotgalaxy 1 days ago [-]
[dead]
GenericDev 17 hours ago [-]
[dead]
IAmGraydon 1 days ago [-]
[flagged]
NoMoreNicksLeft 1 days ago [-]
This won't down the bot population. There are hundreds of millions of people in poverty who have this digital identity issued by their government that is mostly worthless to them. They'll sell it for $50, and there will be a bot running around with their name.
IAmGraydon 20 hours ago [-]
First of all, having to buy each account for $50 instead of spinning up thousands for free would shut down most botnets as the economics would no longer work. Second, the move toward identity verification will eventually make even selling accounts like this impossible. You can only sell your identity once.
I stand by what I originally said, though I admit it was a bit inflammatory. Everyone wants to have their cake and eat it too. Social/mass media is being used to disrupt western democracies. This is not the future we all wanted for the internet, but humans ruin literally everything. So we have to deal with reality here, meaning identity verification will become a non-negotiable. The masses may rail against it, but it's necessary and inevitable.
palata 1 days ago [-]
Good arguments there, and for once addressing privacy-preserving age verification.
I just don't like that proponents of age verification are systematically (including in this article) dismissed as authoritarians hiding behind "just another “what about the children” excuse to introduce mass surveillance and censorship". Many people genuinely want to find a solution that is better for the children, and telling them "if you are open to age verification you are either a fascist or a moron" is not constructive.
Also I find the way ZKP is criticised a bit manipulative. It kinda implies that "fundamentally, any kind of ZKP system can be switched off remotely and without anyone realising", and that is wrong. It can be implemented in such a way that people have pretty good guarantees about it preserving their privacy, similar to end-to-end encryption. I find it hypocritical to say "E2EE can be reasonably trusted, but privacy-preserving age verification fundamentally cannot", just because tech people like the former and not the latter.
mhurron 1 days ago [-]
> Many people genuinely want to find a solution that is better for the children
at the expense of everyone and everything else all to not have to be an actual parent.
These arguments are not coming from places of concern, they are coming from laziness and people taking advantage of that laziness to further even worse agendas.
djaro 14 hours ago [-]
Not all children have active parents. I do not believe those children deserve to be taken advantage of or hurt simply because they happen to have bad parents.
The "laziness" argument doesnt work if the people being lazy (parents) are not the people being hurt (children)
palata 1 days ago [-]
> at the expense of
That's the thing: it's not trivial to know what is possible and what is not. If you look at the messages in HN, many (most?) messages about privacy-preserving age verification are (at least partially) wrong. Tech-savvy people clearly do not understand the technology in details, and somehow they assume that normies do understand and are simply fascists or lazy.
It is my opinion that telling a normal person that they are a bad parent (or a fascist) because you disagree with them is probably not the best way to convince them.
I believe in democracy, which means that I don't call everyone disagreeing with me a fascist. In a democracy, if most of the population wants privacy-preserving age verification and I don't, then I am in the minority and must accept it. My role as a tech-savvy person is to help "normies" understand what it implies. Again, not to tell them that they must be fascists if they disagree with me.
1 days ago [-]
JohnMakin 1 days ago [-]
There is a solution, it is regulating social media companies to stop abusing their users, and by extension, children. strict laws around adtech and tracking tech. more consumer rights, in other words - that’s why this solution comes off as authoritarian, because there is such a variety of ways to tackle this problem, and this is the most authoritarian one.
palata 1 days ago [-]
> there is such a variety of ways to tackle this problem, and this is the most authoritarian one.
If you think that privacy-preserving age verification is the most authoritarian way to tackle this problem, then you really, really don't understand authoritarianism.
Now if you have tons of better and practical solutions to tackle this problem, I would suggest you start writing about them. I haven't read a lot about those solutions (other than "just ask someone who is not me to do it"), what I hear is mostly people yelling that only bad parents and fascists disagree with them.
JohnMakin 21 hours ago [-]
> I would suggest you start writing about them.
I did. the burden isn’t on me to explain it to you, comrade. maybe you could start by actually addressing what I wrote. Or are you now expecting me to draft up a legislation draft before you’ll address my post? These types are always the same.
palata 21 hours ago [-]
> I did.
I am confused. Did you? Do you mean this:
> [the solution] is regulating social media companies to stop abusing their users, and by extension, children. strict laws around adtech and tracking tech
Pretty sure it has been tried in some countries, and the solution that those companies were happy to implement was... identity verification. There was a drama about Discord doing this, recently.
> Or are you now expecting me to draft up a legislation draft
Not at all. Just give me the name of a viable solution, so that I can search for it. It doesn't take a full day to write something like "privacy-preserving age verification", does it? I can't easily search for "JohnMakin says there are many good solutions, which ones are they?".
Nasrudith 21 hours ago [-]
If you are naive enough to think it really is 'just the tip' how are you not an involuntary parent already?
palata 21 hours ago [-]
I would love to be insulted by that, but I genuinely can't tell what point you're fumbling toward. Try again when you've sobered up.
Avicebron 1 days ago [-]
Do you believe people should be able to traverse the internet anonymously?
ElProlactin 1 days ago [-]
You can't. Even if you haven't registered or logged in, companies like Facebook have identified you and track you everywhere you go.
nullsex 1 days ago [-]
[dead]
1 days ago [-]
AuthAuth 1 days ago [-]
Why should you be able to traverse the internet anonymously? You cannot traverse real life society with the same expectations. Majority of the people traversing anonymously are doing so because they are routine troublemakers and do not want to bare consequences for their malicious actions. The ones fighting for this complete anonymity but not doing crime are naively just sweeping for bad actors.
Mezzie 20 hours ago [-]
One of the things that I liked about the old, text-based internet was the anonymity it provided. I particularly liked being able to engage in discussions about things that interested me without being sexualized, since nobody needed to know I was a teenage girl. No creepy messages, no looks up and down, no having to figure out ways to turn someone twice my age down without worrying if they'd react dangerously, no having to leave because someone more integral to the group was a creep and nobody would accept it if I spoke up, no worrying about my small statue making me a target for physical intimidation, etc.
(Now I am old, so it's different.)
It was very freeing to be able to talk about my interests (e.g. space, web development, and video game modding) without being subjected to the bullshit that people brought to the table if they saw me.
watwut 1 days ago [-]
> You cannot traverse real life society with the same expectations.
I actually can. For real. I can not get job or housing anonymously, but overwhelming majority of my real life interactions are anonymous.
AuthAuth 13 hours ago [-]
Same goes for the internet though. Privacy controls would be at a government level. All that we need is a way to actually hold someone accountable for their actions on the internet. Websites dont need to see who the actual person is.
Xorakios 1 days ago [-]
Yes. At least to read.
palata 1 days ago [-]
Not sure what you mean. I am totally against surveillance capitalism and TooBigTech. I am in favour of end-to-end encryption and privacy-preserving tech.
I shouldn't have to show an ID to buy a newspaper or to load the website of a newspaper. On the other end of the spectrum, I should not be allowed to buy a gun without showing an ID (and all sorts of other constraints).
Somewhere in the middle, I understand that we don't want to expose 8 year old kids to pornography, but I don't think that one has to wait to be 18 or 21 to be allowed to access it. Same for social media. Where and how exactly we set the limit is a societal choice to make.
I also believe that "living in a democracy" doesn't mean that "everybody agrees with me, always". Many times I am in the minority. What matters is that people are informed. Telling them that if they disagree with you they are either bad parents or fascists isn't constructive, IMHO.
1 days ago [-]
QuadmasterXLII 1 days ago [-]
Parents need to either control the internet, or control their children’s devices and screentime. The latter sounds like the obvious option, except that Google wants every second grader to have a school-mismanaged chromebook and Google wants to mediate control of the internet, and by pushing parents to the former they win on both fronts.
benfortuna 1 days ago [-]
Requiring parents to police their child's every move is not going to end well.
cdrnsf 1 days ago [-]
And having the state do it is better?
palata 1 days ago [-]
The state mandates laws that say we cannot sell guns to kids. Is that a bad idea? Would you rather let the parents deal with that?
cdrnsf 16 hours ago [-]
I'd like parents to parent and develop a relationship with their kids. Comparing the internet to guns is a stretch.
palata 16 hours ago [-]
My point was that having the state regulate stuff is not always a bad idea.
The problem for many parents is that all the other kids have it. It's not always easy to develop a relationship with your kid to convince them that they don't need to conform and have friends.
So I can imagine that many parent would be relieved if access to social media was slightly more complicated, such that maybe it would be more normal to not have access to social media.
cdrnsf 14 hours ago [-]
We've encountered this with things like Minecraft and Roblox and had conversations and suggested alternatives to it. It hasn't proven to be an issue, but I'm holding out hope that these platforms continue to collapse as our kids get older.
djaro 14 hours ago [-]
Yes, because children deserve to simultaneously not be under constant surveillance by their parents but still be protected from bad actors. Hence we should collectively, as a society, protect them.
palata 1 days ago [-]
What about this: go ask parents why they allowed their kid to get a smartphone and access to social media, and only then decide whether they are morons, fascists or just bad parents?
I have a simple example: when all the kids have a smartphone, it is very hard to tell your kid that they cannot have one. When all the kids have a shared culture built around social media, it is very hard to tell yours to not conform. "It's okay my son, you don't need friends. Anyway the parents of all those kids are bad parents".
I don't have children, but it doesn't sound completely weird that parents may say "we should prevent most kids from accessing social media, so that my kid wouldn't be the weirdo if I don't let them have access".
QuadmasterXLII 22 hours ago [-]
In many school districts, unless you can afford private school or homeschooling its hard to tell a kid they can't have an iPhone, but impossible to tell them they can't have an iPad- at age six!
idiotsecant 1 days ago [-]
Age verification literally already exists in a way that doesn't require orwellian centralized control. The <meta rating> tag has existed for decades. If you want to restrict access force websites to apply these tags, then use a browser that obeys them. Parents control what their kids access, mostly, like it's been since forever.
Think carefully about why a politician might disregard this extremely simple mechanism and you'll have your answer about the real goals here
palata 1 days ago [-]
> Think carefully about why a politician might disregard this extremely simple mechanism and you'll have your answer about the real goals here
You (and many others) frame it as "the government versus the people". I think this is extremely naive.
Many, many, many parents are in favour of preventing social media access to kid, assuming it is done in a reasonable way. For instance, having a police officer follow every kid everywhere they go 24/7 is not a reasonable way, and everybody agrees on that. Now what if there was a reasonable way?
Ask yourself this: do you believe that privacy-preserving age verification is not a reasonable way, or do you know it? In order to know it, you have to understand how the cryptography works at some reasonable level. Do you? Most comments I read online come from people who believe and then repeat arguments they have read that confirm their beliefs.
I was noting that the Mullvad article actually addresses ZKP (which is good and a very rare thing), but that I found it was a bit evasive in a way that feels slightly manipulative to me (probably not on purpose).
roenxi 1 days ago [-]
> I just don't like that proponents of age verification are systematically (including in this article) dismissed as authoritarians hiding behind "just another “what about the children” excuse to introduce mass surveillance and censorship".
It is worth recalling that "authoritarian" is a relatively neutral label for a political philosophy (like "liberal", "democrat", "capitalist" or "socialist"). It isn't that people are name calling, it is that authoritarian policies - like this one - consistently cause more harm than good. The label is basically a slur at this point because the disasters that the authoritarians trigger often veer into being massive and appalling spectacles. People tend not to be very evidence-based, so the people who lean authoritarian tend to try and rebrand to avoid being tarred with their philosophy's consistent failures, but it is still authoritarianism.
But the productive path forward isn't to try and be nice to the authoritarians and accommodate them with the rebranding. It is to adopt liberal policies. Like letting people read and comment anonymously on the internet.
palata 1 days ago [-]
I appreciate the comment, but I feel like you miss my point in a way that is (not purposely) manipulative, again.
I don't think that we would call "authoritarian" someone who would ask for, say, guns control. Or at least we wouldn't call "authoritarian" someone who is in favour of having more than 0 law, would we?
You are being manipulative by saying "If you want a law that I don't want, then you are an authoritarian. I mean no offence, it is just what you are". But reality is a lot more nuanced than that.
The vast majority of people who are in favour of age verification are not authoritarians. They really just consider "should kids have access to social media? Not until they are old enough". Whether or not it is technically possible is outside their knowledge. And the fact is that for age verification, there are technical solutions that are privacy-preserving (unlike e.g. ChatControl which is fundamentally building surveillance infrastructure).
And even for ChatControl: people who say "I would be in favour of a magic backdoor that would only work for the well-intentioned good guys" wouldn't count as "authoritarians", would they? It just so happens that there is no such thing as a magic backdoor, so they cannot have what they want.
roenxi 24 hours ago [-]
What political philosophies do you think lay claim to these age verification laws?
There are a couple that aren't against it, but to actually implement age controls in the way they are being bought in you basically need to be an authoritarian. Otherwise, you'd be persuaded by arguments like Mullvad's that the social media companies already know how old their users are and don't need a centralised authority to tell them. There are alternatives here that are less authoritarian. Policy makers and the people supporting them don't want to use those approaches, because they support taking a more authoritarian approach.
These policies, in practice, are literally authoritarian policy. It isn't the most extreme form of it, but it isn't authoritarianism because I don't like it. I don't like it because, objectively, this is authoritarianism and authoritarianism tends not to work. Otherwise all the research I've seen suggests that kids shouldn't be using social media. If this wasn't likely to take out huge chunks of the healthy political dialog on the way it'd probably be tolerable.
If it is manipulation to point out that this is part of a class of strategies that have a history of horrible failures, then you have a very confused understanding of what manipulation is. This is an absolutely classic authoritarian "we can't just let people talk to each other however they like without the authorities being involved" play.
palata 23 hours ago [-]
> but to actually implement age controls in the way they are being bought in you basically need to be an authoritarian
I don't see how this sentence can make any sense at all in the context of ZKPs. Can you elaborate?
> you'd be persuaded by arguments like Mullvad's that the social media companies already know how old their users are and don't need a centralised authority to tell them
How do the social media companies already know? Because they track everything? But if they ban kids, they don't track them anymore, do they? Or are you saying that social media companies should be able to track everybody everywhere, such that they can profile them and ban them from accessing social media?
> I don't like it because, objectively, this is authoritarianism
You would have to explain that. The government provides a service that allows you to prove that you are old enough without the government learning anything from you and without the service learning anything other than the fact that you are old enough, and you call that "objectively authoritarianism"?
roenxi 22 hours ago [-]
> I don't see how this sentence can make any sense at all in the context of ZKPs. Can you elaborate?
The reason people are getting called authoritarian is because ZKP proofs are a massive and obvious improvement on what is actually being implemented. Can you point to anywhere that has implemented ZKPs? The linked article suggests that is quite hard to do.
I wouldn't be using an American IP right know if my local age verification laws required ZKPs.
> How do the social media companies already know?
They ask you your age when people sign up. That's good enough for me - I'm not an authoritarian. I'm not out to create a watertight way to stop people communicating if they want to.
> You would have to explain that. The government provides a service that allows you to prove that you are old enough without the government learning anything from you and without the service learning anything other than the fact that you are old enough, and you call that "objectively authoritarianism"?
I haven't seen anyone complaining about that. Sounds like a non-issue. Why would anyone over the age of around 18 care? You should consider reading the linked article if you don't understand what the complaints people are making are. The reason you don't see any authoritarianism is you haven't actually looked at how the schemes are being implemented.
Mullvad isn't writing this blog post because of the huge numbers of 12-16 year olds shelling out cash to them. It is because the authoritarians are making a play to destroy a sizeable chunk of the open web with a likely follow up of cracking down on free speech.
palata 21 hours ago [-]
> Can you point to anywhere that has implemented ZKPs?
> The linked article suggests that is quite hard to do.
It's technical, just like getting E2EE right. Doesn't mean it's hard to use, as proven by the fact that billions of people use E2EE in WhatsApp and Signal without even realising it.
> I'm not an authoritarian. I'm not out to create a watertight way to stop people communicating if they want to.
You seem to have a Manichaean view of the world. There is room for nuance between "let kids lie by clicking 'yes'" and identity verification.
> You should consider reading the linked article
Did you read it? There is a whole section that is titled "The Zero-Knowledge Proof alternative and the EU".
> The reason you don't see any authoritarianism is you haven't actually looked at how the schemes are being implemented.
I actually have. Have you? Seems like you haven't read the article. Mullvad is complaining about the fact that the app seems to support both ZKP and identity verification, and they criticise the infrastructure enabling identity verification. And then some more "slippery slope" arguments that are worth what they are worth (with the same kind of reasoning, we shouldn't have gun control, because the next step is to control everything, right?).
> Mullvad isn't writing this blog post because
Mullvad sells some kind of privacy (as much as a VPN can offer), and here they share their opinion about age verification. With which I mostly agree: the only viable age verification implementation is through ZKP. I tend to disagree with the slippery slope argument, and that "the government abuses everything they can". If you think like that, doesn't that make you an anarchist?
roenxi 13 hours ago [-]
You have misunderstood the article. It says, and I quote,
> Right now, the EU app does not have ZKP functionality, contrasting Ursula von der Leyen’s claim that the app ”is technically ready to be used”. But more importantly, the app is currently designed to always function without ZKP technology; if ZKP is unavailable, the app falls back to a non-ZKP model.
So you have failed the test of pointing at somewhere that has implemented ZKP. You can try again if you like.
> I actually have. Have you? Seems like you haven't read the article. Mullvad is complaining about the fact that the app seems to support both ZKP and identity verification,
Again, this is factually wrong. And it is why people are getting labelled as "authoritarian" - they proposed a system that sounded decent, then they actually implemented something else that is a standard authoritarian ID system with a fig leaf for people to pretend they didn't. As was expected, given that this always looked like an ID card play with a false moustache.
> I tend to disagree with the slippery slope argument
They haven't made it up the hill yet, they're already down the slope. the EU implementation doesn't use ZKP. That's a big part of why they're being included as one of the authoritarian forces in this push that people are upset about.
palata 3 hours ago [-]
> the EU implementation doesn't use ZKP
The EU implementation is work in progress. I am not aware of any country using it for age verification.
I am not sure I get the argument of "it's not finished, but I will pretend that it is because it's convenient for me".
> You can try again if you like.
Switzerland is another one that seems to be going towards a privacy-preserving solution. Is Switzerland known for being an authoritarian country?
roenxi 1 hours ago [-]
> I am not sure I get the argument of "it's not finished, but I will pretend that it is because it's convenient for me".
> The European Commission has announced that a new age verification app designed to protect children online is ready for deployment. In a recent statement, President of the Commission Ursula von der Leyen, confirmed that the technology is ready and will soon be available for citizens to use.
Am I to pretend and believe the EU Commission or am I to shun their lies and believe you on the subject of whether this age verification app is ready? But maybe Mullvad are wrong here, I dunno. Maybe they have implemented a ZKP scheme. Have they? I'm interested in the details, love me a good ZKP. How does this armed and fully operational app, here and now, today, in this moment, implement a ZKP?
> Switzerland is another one that seems to be going towards a privacy-preserving solution. Is Switzerland known for being an authoritarian country?
I've heard literally 0 complaints about whatever Switzerland might be doing. You'll notice the Mullvad statement doesn't mention them either.
1 days ago [-]
userbinator 1 days ago [-]
Many people genuinely want to find a solution that is better for the children, and telling them "if you are open to age verification you are either a fascist or a moron" is not constructive.
We know they'll take a mile if you give them an inch. Ditto with "trusted" computing and the rest of that wormcan. That's why the opposition has to be absolute.
benfortuna 1 days ago [-]
Who is this "they" you speak of?
We have age verification for all kinds of things that can harm minors. Most of them have adequate penalties for breach such that operators of said harms ensure they comply (checks for ID when selling alcohol, entry to over-18s pubs/clubs, etc.)
There's nothing sinister going on here, just attempts to prevent social/mental harm to minors.
esseph 1 days ago [-]
> There's nothing sinister going on here
There absolutely is you're just not aware of it.
This whole thing is meta financially backing right wing conservative groups that want age verification because meta wants to avoid liability for the harms their platforms cause.
In addition, this is the beginning of the end of any sort of anonymity on the internet, which has disastrous consequences for politically minded individuals, minority populations, or targets of stalking. This is a privacy nightmare bring pushed through in the guise of "muh children".
palata 1 days ago [-]
> There absolutely is you're just not aware of it.
Can you show here that you understand how privacy-preserving age verification works?
I mean the rest of your message really, really sounds like you don't. Don't get me wrong: I do agree that identity verification is bad. But it is not okay to say "I know of a system that is bad, and I don't know the nuances of how it could be implemented in a better way, so I will just assume that there is no better way".
19 hours ago [-]
palata 1 days ago [-]
I strongly disagree.
Democracy is not "they" vs "us". Democracy is not "opposition has to be absolute". What you describe here is extremism. If you believe that anyone disagreeing with you is an extremist and that the only viable way to react is to be an extremist yourself, well... you are the extremist. Whether you are fighting extremists or not (this "they" you conveniently do not define) is unclear, though.
Hizonner 21 hours ago [-]
Don't be an extremist. Let's compromise. We'll only eat one of your children. We'll even let you pick!
homeonthemtn 1 days ago [-]
Sure but that absolute opposition hasn't, as far I can tell at least, achieved an iota of success. So it's largely a self indulgent merit badge than an actual strategy.
apt-apt-apt-apt 1 days ago [-]
This is so lame, it seems like a small number of pedophiles have forced us to deal with all this age verification stuff.
Porn has always been around (national geographic, anyone), and parents can use screen time to limit access for their children if they want.
nomilk 1 days ago [-]
Current policy is victim-blaming: it excludes from social media potential victims (children) but allows perpetrators (convicted csam users).
But this was always about governments wanting to know who's posting what (and controlling them, through chilling effect); not about saving 'the children'.
lkramer 1 days ago [-]
I don't necessarily agree with all these measures, but there is a lot more harm in social media than just pedophiles hunting children.
thin_carapace 1 days ago [-]
i never read a nat geo where a young girls innocence gets destroyed in 4k ultra hd , either way based on the behaviour of our ruling class it seems likely that the pedophiles are the ones instituting these laws
The www became infested with so-called "tech" companies acting as intermediaries (middlemen)
Lots of folks making money from surveillance ad system on the www. Oversized, unmanageable websites calling themselves "platforms"
The www is an ad network. Not a great place for non-commercial activity
Fortunately, the internet is more than the www. The internet was not created to collect behavioral data and deliver advertising as its primary purpose
People pay for an internet subscription, not a www subscription (or now a "social media subscription")
We need to evolve the protocols beyond simple HTTP servers.
The WWW was at least created with egalitarian ideal. It was available to everyone, it ostensibly allowed anyone to publish and communicate freely.
Whatever comes after will either be entirely controlled by corporate and government interests or gatekept against "normies," and thus be a homogeneous cultural bubble doomed to wither into self-referential senescence and die, and will be far less free, less powerful and less capable than the web. We'll never get anything with the transformative potential of the web again.
A world where your only options are GovNet or EliteWhiteHackerDudeSpace. I don't look forward to that at all.
It's just an attempt to reverse the free internet and implement total surveillance.
In order to understand the wonder that the Internet and various other components of the Net represent, we need to understand why the ARPANET Completion Report ends with the suggestion that the ARPANET is fundamentally connected to and born of computer science rather than of the military.
The Completion Report goes on to differentiate the research ARPA supported from the research done by the computer industry: The computer industry, in the main, still thinks of the computer as an arithmetic engine. Their heritage is reflected even in current designs of their communication systems. They have an economic and psychological commitment to the arithmetic engine model, and it can die only slowly.12 The Completion Report further analyzes this problem by tracing it back to the nations universities: furthermore, it is a view that is still reinforced by most of the nations computer science programs. Even universities, or at least parts of them, are held in the grasp of the arithmetic engine concept.13
Computer networking was developed and spread widely in an environment outside of commercial and profit considerations, an environment that supported such research."
https://www.columbia.edu/~hauben/book-pdf/CHAPTER 7.pdfHN commenters/voters may reject the use of the term "military" in the origin story of the internet
That's fine
However it was American taxpayers, through the _Department of Defense_, that financed the creation of the internet
That's government spending, not "American capitalism"
The original internet was non-commercial and was not the result of "American capitalism"
As above, the American computer industry (capitalism) at the time was not focused on computer networking and using computers for communication, it was focused on computers as "arithmetic engines"
In fact, the internet was born out of the American military, i.e., government, and American universities, not "American capitalism"
The first time I used this internet, there were rules against using it for commerce
Intellectually lazy? What are you even talking about? Stay on topic, you are embarrassing yourself.
This was before the www
Oh, wait...
Definitely the 'slippery slope' debate is worth having, but that's way more relevant than the 'should 10-year-olds be able to do whatever' (aka all or nothing internet) which I think, if we took a vote, most people would be fine with nominal age restrictions, on that basis and on that basis alone aka outside the 'scary government' issue, which is again, real and material but nevertheless a separate concept however pragmatically engulfed these things are.
The first three are physical things, not information. Porn can be debated, but the current age verification push is trying to impose blanket control on the entire information ecosystem. It's the digital equivalent of requiring ID to go anywhere or do anything, rather than just a few well-defined things.
Even if we view it as a good faith attempt (which it is not, remember what Edward Snowden exposed), the parental authority over a child's information diet is being transferred away from parents to tech companies. They're legally mandating you to give away your child's personal info (just age for now, but they'll demand more if we give them this) and make the decisions on what is suitable, instead of you making those decisions for your child.
No, it's social media, specifically.
These companies not only wanted that but they exploited the shit out of it for obscene profit! In many ways it was their unabated greed that has caused this situation: from addicting design of video feeds, grooming obscene spending habits, collectively doing as little as possible to keep predators and inappropriate content out of games for children.
And how could parents police effectively "the whole internet", it's like expecting them to police what their kids see and hear at school on lunch break x 1000 you cannot control all the things that can influence a child for better or worse. Maximum security prisons can't stop people from accessing the internet and making phone calls so what hope did parents ever have?
We could have avoided this if Google and Apple had enough decency to keep the bad stuff from becoming effortlessly, trivially accessible to children, but they made a fortune off Roblox instead of applying their policies and noticing the abundance of pornography and predators, they ignored Grok churning out CSAM as fast as people could request it, no response to court revelations that Zuckerburg's apps are teeming with sex traffickers, prostitutes and scammers, no response to apps excessively exploiting addiction other than making sure they get their cut.
So now we're caught between a rock and a hard place, a completely unsustainable system where everybody who should be accountable claims to have immunity, and parents are incapable of enforcing a healthy upbringing for their children in this mess.
Relationships are a concern (random people interacting with your child? Good Gosh!)
Privacy is a huge concern for children, way more so than is afforded we regular netizens.
"They're legally mandating you to give away your child's personal info " - no they are not, they're mandating age requirements, which is a separate thing.
Snowden did not bring up age restrictions.
"instead of you making those decisions for your child."
I'm sorry but today the choice is not by parents, the point of the age restrictions is so that parents ultimately can have a choice (they and provide access by their own accounts).
The 'all or nothing' issue of the internet is a big deal - parents don't really have a choice.
These are mostly ideological and rhetorical arguments, not grounded in pragmatism.
The pragmatic concern is 'abuse of control' (aka the 'general' Snowden argument), which is real, but can also be avoided if they do it right.
Granted, I don't have a lot of faith that they will do it well.
Are you aware that most library systems across most of the world require someone to be 16+ to open an account and/or take out books and materials? That's not restricting anything, that's preventing abuse by those not intellectually or emotionally capable of regulating their behaviour. The parent of the under 16 takes responsibility for their actions, essentially.
If you have to be 16+ to take materials out of a library, why should a minor be able to access _anything_ on the Internet without also having an adult check what it is you're doing? Why should a 12 year old be able to freely visit "innocent-website.tld" without it first being confirm the website actually is innocent? What if it's innocent today, but adopts a new doctrine tomorrow? There's a reason YouTube doesn't let you change a video upload after you've published it: you could upload nearly anything to replace your previously innocent and successful video.
Nothing changes between the physical world and the virtual one. The same problems exist, except the virtual one makes it easier to access much darker information.
We do need parental guidance like in the physical world, but such guidance should be issued by the parents, not the tech companies. Age verification is about giving your age and some other identifying metadata to the tech companies, and they hold the authority to decide what to filter. It should be other way around. The companies should expose metadata about their service and the content in their feeds via public APIs, and let people filter stuff locally on the device per the device owners' aka the parents' preferences. Oh wait. Such features will never reach mass adoption in the current software ecosystem. Software antitrust is a joke. These companies and the feds have the opposite incentives and do everything to sabotage local solutions. They've locked down what OS you can run on the hardware you bought, what apps are approved on their walled garden OS, and only the official apps can access their APIs. You don't have root on your own phone and it's a brick without remote authentication. Now they can sell you parenting plus many other things as their exclusive cloud service because "the market failed to deliver" and you can't really control what software runs on your own phone, much less your child's phone. This is the upstream problem and we ought to see it clearly and assign the blame correctly rather than trust those who deliberately created the problem to solve it.
Kids can’t buy their own phone. So parents can always enforce stuff at a hardware level if they set it up properly. It would be much better to just mandate that phones set up with a kid profile cannot access social media.
Addiction is the worst part and that is only going to happen on your own device.
> This assumes that it will actually solve the problem anyway
I wouldn't expect any policy to _solve_ a problem in such a way that the problem completely disappears from the world, much like theft being illegal doesn't eliminate theft, but it sure distinctiveness it for a lot of people.
Source: I was a kid once, we had no cell phones. Porn on 5.25" floppies was a thing.
I haven't found a parental control feature that works: we've tried several, but, generally, nothing survives the 'Hey, I'll just factory reset the device and start with a clean out-of-box-experience' bypass. Kids can figure this stuff out.
Even when we thought that things were under control, kids can easily procure new devices. Many families don't dispose of their old phones; it's not too hard for kids to find an older model that's been sitting around collecting dust, bring it to the schoolyard, and trade it like a baseball card.
I wish I had a good answer, and, distasteful as the age-verification might be, I'm open to such draconian measures at this point. If you say there are better ways to enforce this, I'd honestly love to hear the specifics.
People can bypass these restrictions with video game character creation tools, with generative AI, with a VPN (something that's very hard to ban in practice because corporations rely on them, and of which some are free), with copy-pasting random ID photos from the internet, with borrowing a parent's or teacher's or other adult's ID, with using a website scraping alternative (some of which can be self-hosted, or hosted by one child for many others) instead of the website itself, and so on. Heck, they can use websites hosted in Russia (or other countries), like a lot of pirates do.
And whatever the easy bypass method ends up being, they'll all end up knowing it, because they go to school and talk to each other, and because they'll always have at least some access to some parts of the internet no matter what.
Meanwhile, these age verifications laws are labeling all the children (who don't bypass it) as children, and that information WILL be leaked, inevitably, as it already has been (from Discord, for example - a service that shamelessly retains and processes every message it hosts, even after the user 'deletes' it).
When ID info is leaked, it leaks the child's age, their real name, and (often) their real address, their phone number, and their appearance. A surprising amount of information might be deducible from any selfie or video that was required. And in combination with an app's other data (or other data about them that has been included in databases and/or leaked and/or shared on the internet previously and which can be matched to them based on email or phone number or username or browser cookies or IP address or etc), it can leak their interests, hobbies, hopes and fears (discussed with friends), favorite hangout spots, the name and location of the school they go to, their regular routines or travel schedules, etc - anything at all that they might have discussed via the app, or whatever might be concluded just by their proximity to their friends (e.g. maybe they don't directly know that a kid lives in X location or plays Y video game, but if every day they talk to a bunch of other kids who definitely live in X location and play Y video game, then they probably live in X location and play Y video game too).
When all that data is leaked, all that data is now available to predators. And it's very, very hard to remove it from the internet after it's out there.
That data, even just from a single leak, could make it so easy for someone to target a specific child, contact them, tailor their lies to seem as trustworthy and likable to the child as possible, anonymously harass them online, threaten them, stalk them, or attempt to persuade them that yes, he does know their parents, and they definitely sent him to pick them up from school.
To me, all these laws seem realistically likely to do is unintentionally but significantly endanger the children they claim to protect. I don't see how it can be anything but a devil's bargain, even if we only "think of the children" and disregard other concerns.
At the least, it should have been proven to be more effective than regular parental controls before even being considered as an option, but so far, it doesn't seem to be so at all. And if there's little to no additional benefit, or we're not sure if there's a benefit or not, or if it's shown to be less effective, then why ever choose it over the regular parental controls that don't carry this huge additional risk?
As to enforcing age limits otherwise, well. I confess I don't think there is any way children won't just find a way around. I think the best defense is just educating children about how to navigate the internet and its potential threats, making sure the children don't see their parents as distrusting of them or oppositional (so that they feel comfortable enough to go to their parents for help or reassurance if there's a problem, instead of hiding the problem because they don't want to be yelled at for being on the internet or such-and-such website at all), and - an element I think a lot of parents miss - making sure they have a lot of appealing options for things to do or ways to socialize outside of the internet. If you occupy their time by indulging their non-internet-focused hobbies and interests (and maybe engaging in them with them, to spend time with them), or letting them visit friends in person, then that's time they're not on the internet and likely don't even want to be. I think that this is the option that best sets up the kid to continue having a healthy relationship with the internet after they turn 18 and are even more out of your control.
That said, as far as device parental controls go: instead of focusing on phone-level controls, I recommend using your router's network-level parental controls, as well as the phone line controls for whatever company you get your data form (if they have a regular smartphone, as opposed to a more limited one, which do exist as an option). For your own wifi network, you can even set it up to use a whitelist of devices so that your kid can't even connect to it from a non-approved device. That doesn't stop them from potentially still sometimes accessing the internet using a friend's phone, but it'd cut down on how the amount time they have that access, and do so more effectively than government age restrictions. And in any case, you also can't always stop them from looking at a dirty magazine that they find at a friend's house, or from reading a hateful tract that someone hands them on the sidewalk, or from watching a terrible channel broadcast on a TV in a diner. But you can potentially influence how they handle it when they encounter these kinds of things.
If it’s a kids device, then it should just block social media as required by the law. I agree that right now it’s difficult to set up - but this is a choice from Apple and Google. Just mandate sensible defaults.
A hardware block is much more effective than anything else that can be faked.
Just have the phone ask ‘is this a phone for a child’ and if you select ‘yes’ then it’s done.
The person selling the age gated item needs to take lawful measures to ensure they arent selling it to a minor. Their parents have nothing to do with it.
Your solution would be that if a 14 year old walks into a liquor store and doesnt have a note from their parents saying that they arent allowed to drink alcohol, then the store should be able to sell it to them.
it's the old 80s/90s bead curtain separating the adult movies area from the rest of the video store. it keeps kids reasonably separated, and leans on parents making their kids mind. I think that's a reasonable target.
it would work without forcing every internet user that wants to use a given service from having to submit government identification, go through interviews, or sign up to massive centralized identification systems that will inevitably track every movement people make online.
if history is any indicator, those things will lead to breaches and abuse, and people's privacy will be violated.
if there's a legally mandated way for parents to stop their kids from peeking through the internet's bead curtain, that should be sufficient for most purposes.
if the argument is that bad or foreign websites might not implement it, it's not wrong, but that same problem exists with the mass-surveillance methods as well.
if you keep going down the path of forcing everything, eventually you end up with a national firewall, vpns are illegal, anything that can provide anonymity or pseudo-anonymity online is illegal, no one has privacy, and busybodies will spend all their time hunting folks for liking things they don't want them to like when the inevitable breaches come.
to your last point, sure, a 14 year old shouldn't be able to just wonder into a liquor store, but a 40 year old should.
Again - apple’s on device verification is a good idea for this. Apple just sends a ‘yes this is an adult’ message to reddit for example and now I can again participate in chrome up discussions.
That would easily be enforceable by making a "kid mode" enabled and locked down by a parent with a password mandatory on devices. Then you could have something like this:
suggested here: https://digitalbiztalk.com/article/a-better-way-the-adult-co...eMediaMark is now Internet Content Rating the stuff I was remembering can be seen here: https://icr.chit.eu/
You can just take that, it's been there for decades.
This is literally what is being written into California law. The OS will have an "age flag" that is configured at device setup that passed to other apps. The law explicitly was written such that it wouldn't need identity verification, but that isn't stopping scaremongers claiming it as such.
Kids have their own account on the computer.
Make it the law that if a computer account is set up as a kids account it must send some kind of not-adult header with all requests. Enforce that in the OS so it can’t be messed with.
Leave non-kid accounts alone.
Make it the default thing that happens if you set it up as a kids account so anyone can do it.
Other parents are the problem, not technical setups.
There is controversy! My grandfather and his schoolmates all regularly brought hunting rifles on their trips to the schoolhouse and home (1930s), to hunt opportune meals. There was never any problem with school shootings, which IMO are likely the fault of the prison-authoritarian style that schools morphed into during the latter-half of the 20th century. He had me drink shots with him when I was under 10 years old, because he wanted to make sure I knew drinking was ultimately a boring, uninteresting, stupid activity. Alcohol was always available and I was even welcome to partake anytime (as long as I did it at home)... I hardly ever touched the stuff, and still don't even now. He was a police officer and firearms instructor in a big midwest town, he even taught me how to shoot around that age. He taught me that government is neither god nor good, it is just raw power that has to steal from someone to give to another.
I miss my grandfather so much!
Also, thank goodness my folks were computer illiterate; I never had issues with blocking software (though I would probably have defeated any... easily). I grew up looking at porn and gore occasionally from my very early teens. Maybe try teaching your children about the world instead of hiding them away from it?
The slope has already slipped.
This is IDENTITY verification, not “age verification.”
You cannot verify your age without uploading your ID.
Mozilla Persona comes to mind.
https://en.wikipedia.org/wiki/Mozilla_Persona
This will never happen of course because the objective is to track your every move. The government want to know every pseudonym you use on every website.
And I'm pretty sure we've all had an encounter with some creep in some random chat room too.
We talked about these things at school and at home. Don't share things with people you don't know etc. Idk if it's illegal to tell kids what to do these days. But when I grew up, we were occasionally also told to get off the computers and touch grass.
I hope I'll get to raise my future kids myself. I think I can do a better job than the government :)
My parents generation survived lead in gasoline and they never wore seatbelts or helmets.
"I think I can do a better job than the government :)"
Is exactly what their parents said about the government telling them they have to get their kids to wear seat belts and helmets.
I don't think this argument works for two reasons:
1) It don't address the materiality of the concern.
If 'creeps in chat rooms' are causing material harm, it's an issue, then youre making the 'anti vaxxer' / 'anti seatbelt' / 'anti helmet' argument.
I'm not saying you are - if 'creeps in chatrooms' really is a 'lesser issue' - then you're not making a bad argument at all.
The real issue is the 'materiality' of these things.
'Creeps in chatrooms' is a harder thing to assess, but it's real, if it is real, we can't just dismiss it.
2) "I think I can do a better job than the government "
If someone wants to protest the governments current age restrictions cigarettes - and also not vaccinate their kids - that's a choice.
But this argument is usually made by people who don't have kids in their life and haven't yet realized that 'the all or nothing internet' is not really a choice, it's chaos.
Lack of very basic regulations means people aren't afforded the opportunity, in a way the government is dictating that 'kids will get guns and porn and that's it'.
The alternative argument - is that we can have age restrictions and parents can then be in a position to actually be parents, and make a choice.
'Slippery slope notwithstanding' ... because it's a complciated issue
I was like 8 - 10 years old, I wandered into the "Adults Only" chat room on Microsoft Networks (Oh sweet, I thought, they have a small pen to keep the boring adults in, better check on them) and said "Hi everyone my name is X and I am Y years old" and everyone was nice to me and said hello. I got bored and left.
Maybe we need an alternative set of root servers for a free Internet.
The hardest part is the psychology. People think they have to be on the big platforms as that is where their friends and favorite streamers are. Willpower can bring back the old platforms onto the current fast internet. Critical and free thinking people can choose to ignore the big platforms if they wish. People can go to local stores to buy most things. There are arguments for and against all these points but I am choosing the aforementioned options and accepting the psychological challenges.
People can use old style self hosted platforms as a "fallback" and once people realize it is more private and they can speak freely amongst their friends it can get comfy real fast. Glowies are seething.
Some friends and I have private forums and chat servers. We talk shite all the time about Reddit threads yet none of us have Reddit accounts. We talk about HN threads, brain rot on Twitster and many other platforms free of censorship, free of voting brigades, people trying to force narratives, etc... Oh and most important, free of "AI".
I have said it for decades, if there weren't bad players then we wouldn't need any of this security. That is a very utopian idea.
I have thought that a way to put people off is to have such an anaemic server that they wouldn't bother. Like a tiny RiscV board running Haiku that delivers basic HTML and email. There is little incentive to raid that thing. I haven't thought this idea through much however.
There really isn't anything utopian however, it's just a hobby and a way to let friends communicate without big brother putting their peanut butter in our chocolate. If you don't feel comfortable tinkering then of course don't. Never feel pressured. One can always start off sharing their services with a few friends and not advertise it globally. Find a hacker friend that can help pen-test your stuff. Perhaps even restrict access to your friends IP addresses or the CIDR blocks of their ISP's to limit access. Or use wireguard to restrict access to a VPN. If it's a web daemon just adding simple authentication with obscure usernames and good passwords in front of it will get nullify most of the bots until one is comfortable sharing it with the world.
Probably one of the riskiest things I have set up was just this week exposing Unbound DoH to the internet. Unbound has had a handful of security issues in the past. The HN crawling bots are getting confused by this weird thing listening on port 443 but they just can't figure out how to connect to it. If it gets popped I will just nuke that VM and revoke the cert. There's nothing sensitive on it.
Inbound mail on the other hand — notably, the OG form of Internet identification — is very achievable for a stick in the mud to set up.
Losing one’s Gmail account would likely have very little impact on one’s ability to send mail, but no longer being able to receive mail at a given address can be devastating. Set up your own domain!
It's easy to create an alternative. The problem isn't that, it's keeping that alternative clanker-free. (As well as free of all the other enemies / plauges on the useful, generative, Internet.)
which brings you right back to verification...
Rather than individuals or devices, residential / mobile / business service providers should be able to vouch for personal traffic and be in a position to validate patterns of use without undue profiling of specific activity. That is, just looking at the encrypted traffic patterns (rather than MITMing SSL/TLS or other secured comms) should show usage that's typical vs. atypical / malicious.
Traditionally, service providers of all stripes (email, ISPs, Web, etc.) seem to have focused far more on ingress security than egress security, or potentially malicious traffic from within their own networks. That's got to change, it's ultimately a hygiene question.
For residential and mobile Internet, accounts are managed at either the household or individual level, and it should be possible to provide attestation and reputation management (as well as, perhaps, broad-based subscription access to compensated content) at those levels.
For commercial access things get more complicated, particularly where a location might provide public Internet access (e.g., public WiFi), or have a mix of human and system-generated traffic at an office, commercial, or industrial site. Still, there should be both well-established patterns of use and indications of anomolous or malicious traffic possible here.
Another option for smaller human-scale networks (e.g., Fediverse / Mastodon / PeerTube / Pixelfed / Lemmy / WriteAs networks and the like) is a mix of harder authentication (Yubikey or NFC-based wearable authenticators, perhaps) as well as a more manageable human-scale moderation (1:1,000 or 1:10,000 scales far better than 1:1 million or 1:1 billion services), allowing for both oversight and keeping the opportunities / benefits of malicious use limited.
The comment I'd originally responded to had me thinking of under-delivering federated systems such as Gemini (the lightweight Web protocol, not Google's AI) or Diaspora* or countless web boards and wikis which ended up overrun by spam and abuse. Simply saying that you're going to re-invent things at small scale in no way means you'll succeed. The ecosystem's changed, the pathogens are far more numerous and capable. Modern systems and networks (social or otherwise) must face those facts head on, and not ignore them or pretend they don't exist.
I think we're going to end up with some form of cost-based (though not necessarily financialised) reputation management systems. I'd very much like to see those not being terribly invasive of privacy, or putting extreme barriers to those with limited means or technical knowledge. It's a tough problem all the same.
I guess the correlary would be like how you can block an entire ASN if you find a lot of abuse from it, but at the human-network level.
Aside from social dynamics, a chief issue is that if you're relying on this as a mechanism for content filtering, personal relations have low predictive value.
E.g., I may really like a person's content, but not their curation or referrals to other accounts. Conversely, I might not care for a person, but their recommendations may be excellent. More common might be the case that a given account produces little or no content of their own, but makes reliably predictable (either good or bad) recommendations, which would be useful for further filtering. Or the highly verbose individual who emits a constant stream of near-drek, but an occasional diamond.
Content production, content curation, and talent spotting are all distinct skills. Success or lack in any one says little about the others. This is where Bayesian indicators (including relationships and referrer / invite relations) would probably be more robust.
That said, tainting an entire invite tree is likely useful, with a caveat that if a particular invitee has an independent, untainted, relation, they might be worth following.
In practice what I've found most useful is to have a pretty tight primary list of follows, ~50 or fewer, and a slightly broader secondary list. Allow recommendations be default (that is, re-shares / boosts), but curtail those too if problematic. Be quite liberal in blocking / muting anything in the least bit annoying or problematic.
Or participate in a selective group with excellent moderation. HN isn't quite there, but it approaches this ideal more closely than any other major forum I'm aware of presently.
Also, uh, how does speeding it up that help with the AI spam? (Sorry, I should have emphasized that part of my most more, since that's mostly the topic of this sub-thread I was replying to.)
Occasional communities may survive in a walled garden fashion.
Sorry, Tim Berners-Berners-Lee.
Can't even do that. We'd need (ultra?) stable IP addresses, and the entities in charge of those don't hand them out anymore. We've sort of been cut out of the basic infrastructure to let us build stuff a second time.
(It will be officially transferred to your name - there's nothing grey about the blocks themselves - the greyness is that RIRs officially forbid selling them, but they can't really do anything to stop it and they don't forbid buying.)
IPv6 blocks are still available from RIRs and you don't really have to care about anyone stuck in the 1980s if you don't want to.
Also each of the root servers is itself run by a different organization. If you had some clout, you could ask them to also host your alternate root server on the next IP address. Half of them are anycast blocks which means they likely have 253 addresses free as anycast blocks aren't really shareable.
When they were young, you had a choice between YouTube being completely locked down with no option to whitelist channels or letting them watch almost anything (although I think this has changed since but it's too late now for those of us with children that age).
Now, there is no way I can whitelist contact/groups on WhatsApp or Discord servers/friends. Once they hit 13, pretty much any option to restrict anything feels taken away from you as a parent.
Luckily, I have sensible children (I think!) but it's really hard as a parent trying to both be reasonably responsible, but not deny all technology, it's really hard to navigate a sensible course.
There's also a lot of room between YouTube (or even social media) and all technology...
Now you’ve given every parent a way to easily mass block all adult/social sites/apps if they want and no one’s privacy need be compromised.
A much better idea was a .kids domain where the content was vetted, and you could allow-list your child's device to that. Much easier than trying to migrate everyone over to specific TLDs, especially when that ship has sailed already. But that never got traction either.
Edit to add: I used to work on "family safety" software. Blocking bad content doesn't work - it's too difficult of a problem. Walled gardens do work, however. The fact that there's not a push for the equivalent of an Apple App Store for kids is probably evidence of ulterior motives on behalf of regulators.
My family has tried the curated "kids" content from the major players: It's junk and not going to be interesting to a teenager. Your 14 year old is not going to be satisfied with a version of Netflix that's all Bluey and Daniel Tiger. And your 5 year old probably shouldn't be watching stuff that's made for teenagers. But our regulatory hammer knows only "kid" or "not-kid". You can't make a single walled garden.
Even within a single age. My 15 year old might not be ready for content that your 15 year old finds to be routine. How is YouTube going to know what is appropriate for any given 15 year old? Walled-off content and numerical age gating is just not a workable solution.
And even then, what about social networks showing porn? Chat apps like Whatsapp and Discord having porn etc groups?
Any platform that accepts user-generated content, from Pinterest to Ebay to forums, etc can host it. And that's just what's on the public internet.
Is it better to have TikTok AND friends, or no TikTok and no friends? Sure, the best is no TikTok and still have friends, but you can't always have it all.
"Also not using tiktok" could be one such filter.
Failing in parenting and lobbied politicians (regulatory capture) on the other side.
* Buy one themselves
* Get / use a friend's
* Use public internet access points
* Need one for school
* Use the smart fridge / tv / gaming console / anything with a browser
* Access stuff in Minecraft, Roblox, etc
You can only stop it by going offline and raising them in a cabin in the woods, which is a whole other thing.
What you can do is give them The Talk, of course (but that only helps / prevents to a point, it's more to prepare them for what they may find or how they can identify problematic things). And the other is to push back as a community effort, with e.g. many schools banning kids from having phones in the first place.
Best is to assume they have access to it one way or another if they seek it. The discussion should not be about banning vs allowing, it should be focused around how to deal with situations that arise regardless.
Education about the subject and why kids shouldn't seek access is quite effective, additionally they will be informed once they are allowed access. Think about how the last decades saw a sharp decline in smoking and alcohol consumption.
One problem (there are others) is that it's not always possible (or easy) to not give your kid a smartphone, or access to social media.
Imagine that your kid doesn't have those and is having a hard time at school because all the other kids do have them. They have a whole culture based around those, and your kid is excluded from it. What do you do? Tell your kid that it's okay to wait 10 more years before hoping to not be excluded?
The only way this can go wrong is if the client sites collude and publish their visitor logs and then the government can do the legwork to identify you. But even this is pretty easily bypassed if you use a VPN.
More importantly, I don't personally have any faith that at least the US government could properly define and build a system that is reliably and provably resistant to tracking. The government has incentives to want to know what sites a person visits, the NSA would be loathed to allow that opportunity to go unused. The government also likely doesn't have the skills or resources to do it in house, I'd expect them to outsource it at an absurd cost to a third party that would also have incentives to want to track usage data through the system.
Specifically, daily personalized age verification by the specific app/website, not by a third party.
>The only way this can go wrong is if the client sites collude and publish their visitor logs and then the government can do the legwork to identify you.
Well, the government has the right to request proof that the company in question is properly conducting the age verification process. This means that the companies performing age verification will keep your personally identifying information (PII) and maintain an association between your PII and your account/activity on the platform.
On a different note, the government has the right to gather evidence of criminal activity, where the definition of "criminal" is under their discretion and if there happens to be a convenient stash of information that can be linked to your person, that's just a happy coincidence.
I think that this is actually a reasonable approach. It minimizes the information shared and doesn't create any identity tracking regime.
[0] https://media.reclaimthenet.org/docs/california-ab-1043-digi...
If you want to keep your kids safe get an OS that supports it?
Why is it the state’s responsibility?
Maybe it doesn't work in this case, but I think you both make great points. Just feel like there must be a way of bridging this gap
That's my gripe with the age verification systems I've seen, there is no room for parental choice and no consideration for people that are adults and don't have kids using their computer.
If you are putting individual parents up against Meta, Google, etc, the big tech companies easily win. As we have seen already.
Those two things have absolutely nothing to do with one another. Something being easy to implement is completely unrelated to whether forcing its implementation is overreach.
- You have to have an approved browser.
- It has to be installed on an approved platform, Google or Apple, for which you have a valid account.
- You have to have an account on the posting platform.
- You have to get past moderation on the posting platform.
That's without age verification.
Any image of your family you post will be scraped by Clearview AI, bypassing the restrictions that make it hard for you to create accounts, to create a worldwide facial recognition system.
I also know people who created accounts from scratch without needing a selfie while connecting exclusively through a VPN. (Only some VPNs, work apparently.)
Supposedly FB uses device ID tracking, so if you're picked for selfie ID on a device and try to create an alt, you'll be selfie-ID'd again.
Using a different browser on desktop solves the problem for desktop but not for mobile.
And so on. Basically it's doable, sometimes. And sometimes it isn't.
But to get the money out? Oh no! We need a picture of your face! And there’s no option for going in person.
Having just gone through the annual KYC checks required by my bank/s I don't think this opinion stands universally.
Can also confirm to open an account I need to provide a live selfie and verifiable government ID.
What is the "annual KYC check"? Your bank is afraid you became someone else during the year or what?
As always, the goal in convincing others is to take someone from their current understanding and bring them closer to yours. You can't get there if you don't start the topic at their current understanding of it.
Unauthorized deposits aren't nearly as much of a concern as unauthorized withdrawals, right? I'd imagine that there are far fewer malicious actors that try to deposit money into random bank accounts than there are ones that try to withdraw money from random bank accounts.
> And there’s no option for going in person.
Won't an in-person bank also take pictures of you via security cameras? I don't really understand your objection here, could you elaborate?
It is all but guaranteed for Internet-based facial recognition services.
Hacked facial recognition data already is reportedly being used by scammers to not only bypass bank security but also to impersonate people to target their loved ones.
There is no lasting security gain by providing a selfie. There is a lasting security and privacy loss, however.
Even back in 2014, malware was coming out that steals facial recognition data directly from smart phones themselves.
https://www.theregister.com/security/2024/02/15/stolen-ios-u...
The GDPR isn't a silver bullet.
Additionally - furtherance of facial recognition technology would impact travelling to foreign jurisdictions.
One of the most common ways foreign travellers get flagged when travelling internationally is for social media posts made under their own name that their destination country's government may not like. Traditionally if you've kept yourself pseudo-anonymous, you've largely been safe. But if we get to a point where pseudo-anonymous accounts are associated with pictures of people's faces, it will become significantly less pleasant to travel internationally for a lot more people.
It seems like all expectation of privacy and anonymity evaporated in the last 5 years.
WHAT? No KYC? what are those banks?! I have friends in South America who would pay really good money (cash) to know
Who aren't flawless of course, but selfies have been easily circumvented with photos or video game cameras.
Hell, at one point we had to implement age verification for a Japanese tobacco product website via a 3rd party vendor, I just used the wiki page's picture of a Japanese ID to test it, worked fine.
all banks contract with fly-by-night faceid providers who have zero oversight or provide no governance info anywhere.
Maybe we'll get there eventually? But you should be more wary about making such absolute claims.
I wonder though how it will affect places like 4chan. I don’t really know if it’s still as anonymous as it used to be but that’s like a cornerstone of their existence.
This got extended to every traveler, visa or not.
It turns out close contacts of some of my colleagues have been asked to show their Facebook accounts at the US border. There was a recent rule change about it.
Google collects 20 times more telemetry from Android devices than Apple from iOS (therecord.media) [but Apple still collects a lot!]
https://news.ycombinator.com/item?id=26639261
Fortunately on Hacker News, you still only need a username and password. And if spam is an issue, on lobste.rs you only need an invite.
Fuck you google for ever thinking infinite captchas are acceptable.
For example, with Apple's parental controls, I can blanket-decline access to Social Media apps, or to apps recommended for a specific age or older, and I can also allow exceptions as I see it fit (for example, my kids have no access to WhatsApp but they are allowed to use Signal, both have the same age recommendations)
This moves the responsibility for age verification to me, the parent, and provides me with suitable tools to monitor this. With this, there is no need for my kid or me to upload sensitive data or go through some bad age verification implementation.
Websites are more difficult to control, but not impossible.
Long story short - improve tooling for parents that allow more centralized control instead of mandating social media to do the age verification on their end.
Alas, the age restrictions came in and the big warning on the front covers was added. It did kind of backfire because that warning started to become a badge of quality to younger people. A similar thing could happen here. If you restrict it then it becomes the forbidden fruit.
I wonder if EU law could give every citizen a right to a google or Apple account, including a forced recovery option if the account is 'deactivated'?
If at some point such an account becomes essential to function in society, access to such an account becomes a legal mandate.
Here in Australia, the local and state governments push the use of their Apps as well.
These Apps provide access to identity documents, offical notifications, and messages for health, benefits and taxation purposes.
Then there is Banking and the issues around becoming a cashless digital society…
It’s become less about access to hardware devices, as useable devices can often be free when donated by a friend or relative, and more about continuity of access to your digital life.
The risk of losing access to your online identity or having it stolen are very real with often traumatic results for individuals.
That directive regulates banks from denying the opening of a basic payment account. But there is no legislation preventing governments from freezing accounts, Canada-style. As far as I know, there's no protection against being de-banked.
That's a severe human-rights issue.
"EU laws", the EU in general is plainly the excuse that will carry the day - people seem to believe this 'good cop' rendition.
EDIT: Oh it seems like that’s what the CA bill does? Seems good to me. I have zero problem with age restriction if age verification goes no further than mom buys kid iPhone enters birthdate, Instagram asks phone is user 18.
However, you cannot make parents actually use such systems, so ignoring the obvious control this gives nation states, giving states this power might help the children of those irresponsible parents, which is the only real argument I have heard, since the effects of it are the same if the child simply had responsible parents.
In my mind you have states mandate that adult content (porn, gore) and social media services are legally required to check for the age from the OS. No other sites need to do anything. No data collection or ID verification anywhere. All responsibility on parents.
I would imagine for the zealots out there its worth it to go further and destroy the entire internet to prevent a single 14 year old from jerking it to a tiddy. And then of course the advertisers want device attestation. At least it seems California is picking a sensible middle ground.
These sorts of rules can only ever achieve "mildly difficult".
And maybe that's a healthy way to think about it. That it doesn't matter if kids find it easy to work around. There is no child who hasn't been able to get their hands on alcohol when they want it, but perhaps the infinitesimally small amount of friction leaves many to second guess their choices? Then again, from what I see out there, just rationally explaining why alcohol might have negative consequences is enough to see that second guessing. Alcohol consumption amongst the youth has completely plummeted now that we no longer treat it as some magical taboo thing and finally started talking honestly about it. The same pattern has been observed over and over in other things with undesirable consequences for children.
I’m all for sane best efforts for restricting children’s access to mind warping materials online if the consequences on the overall internet are minimal which I think this does. I’m not on board with killing the internet as we know it to get from 80% of children off social media to 90%.
The problem with social media and to a lesser extent porn is addiction. If a kid had to go to a friend’s house or sneak on to their parents computer to scroll tiktok that’s already a huge step in a healthy direction.
Is it? Only around 10% of the population will develop an addiction (of any kind). About the same rate as the population who live chronic sedentary lifestyles, which comes with equally (or maybe even worse) health and social consequences. Where is the regulation that forces you to prove you are of a certain age to sit on the couch?
This seems like a lot of effort for something that impacts such a relatively small group of people — a group of people (in size) that we otherwise don't normally care about one bit. 10% of the population is marginalized time and time again. What's special about this particular case?
You’re probably right though, i don’t think 10 year olds should be on social media in any capacity. Why? Partially because they can easily get addicted sure, but also because really any amount of interaction with these platforms is bad for them because they are monstrous mind warping engagement machines.
No doubt kids will choose social media over cleaning their room. Would they choose social media over going outside to play, if society still allowed them to do that?
The "boob tube", so given the derogatory nickname due to the perception of much the same idea you present, may not have been able to take the warping engagement to the same extreme, but during its prime also didn't really capture the youth attention because the youth had better things to do, like disappear into the woods until nightfall. TV use has always been dominated by older people who, through things like failing health, have lost the ability to do anything better.
True addiction or not, it is worth noting that addiction doesn't happen overnight. One needs repeated exposure to develop the necessary neural pathways. This is why addiction shows up much more commonly in obviously tough environments. People use a device as an escape from their situation, which feeds the mechanisms necessary to develop an addiction. Social media is most certainly engineered to tick the "this is enjoyable" box, but that alone isn't enough to develop a problem. There needs to be something that sees someone want to use social media above all else on a regular basis and, as you point out, it is very likely that much more than 10% of the population don't actually find social media to be all that enjoyable; just more enjoyable than taking out the trash.
So, maybe we can reframe this as: All this work to continue to keep up not wanting to see kids without a metaphorical helicopter constantly over their heads as a result of an imagined boogieman that was invented in the past? Seems like a horribly misaligned effort.
They can do exactly the same with other proposed solutions - ask an adult to register a social media account with their id or pass selfie-age-verification for them.
I know that my fascination with computers largely began with creating websites and messing about with HTML. Blog platforms can be considered social media I suppose but what if it is just a page of HTML or text?
Should I worry about having to verify my age/identity if I want to host a page on a vps in the future?
I feel like most politicians and people don't understand privacy and the impact of breaking it. Additionally seems the governments don't consider themselves a thread vector for privacy invasion.
Today I cannot get a VPS without verifying my identity. Can you?
> I feel like most politicians and people don't understand privacy and the impact of breaking it.
I feel like it doesn't start like this. Opponents to age verification assume "politicians are authoritarians, therefore politicians try to increase surveillance, therefore politicians try to introduce age verification". I think it goes the other way round: "society knows that social media are bad for children (and adults, to be fair), therefore people try to imagine ways to solve that problem, therefore politicians end up thinking about ways to prevent children from accessing social media".
Of course, most people (technical people included) don't understand whether or not it can be done in a "reasonable" way (e.g. in a privacy-preserving way). But the debate mostly doesn't revolve around that, and it is a pity. Ideally we would think about the best possible way to do it, and only then we would debate about whether or not we want it.
I think it is at least possible to do so in a identity opaque way if you wanted to using obfuscated payment provider, free email and possibly fake name/address (illegal).
I meant more without scanning an actual ID or face.
> I feel like it doesn't start like this.
Of course the train of thought is not "how can we break privacy" usually the concerns/problems are valid (I agree that social media is bad for kids). But in a lot of debates I am a part of privacy concerns are easily dismissed, not taken seriously or not the priority. I'm not talking about if technically private implementations are possible yes or no. I am talking about the conceptual step before that, "what is the impact of this request" how are we limiting people that can't or don't want to comply with what we are asking.
I feel like privacy is one of the most fundamental rights since it is at the root of a lot of other rights required for democracy. For example freedom of speech, freedom of religion, right to property and more. Privacy it is continually devalued, invaded and the right to it eroded.
That leads to undermining of the other rights as in this issue a lot of people are bringing up, in the article freedom to be anonymous is brought up but also the freedom of expression of young people.
The discussion should be the other way around, no options should be considered UNLESS it can be done in a private manner. The right to privacy is more important then the right not to be hurt by watching harmful content and therefore the responsibility of the government to protect privacy is of higher importance then their responsibility to not get you hurt.
I do believe that there exist ZKPs, but then it raises more questions, like:
- Do we ban VPNs? I don't think we should.
- What happens if the ZKP doesn't work? It's not okay to fall back to identity verification, but then does that mean that the services are blocked if the ZKP infrastructure doesn't work?
In particular, your examples bring these things to mind, which might be worth considering alongside:
- Any machine can host a server, with no third-party required except an ISP (if we're being pedantic, even that's not needed if use a mesh network, etc.). The main barrier to connectivity IME is NAT, but there are ways around that (e.g. make it a .onion service). I played with all of the above as a teenager, so it's not unrealistic.
- "Hosting a website" covers a lot of things, some of which are already illegal (e.g. CSAM). Just because we can spin up something without jumping through social media sign-up hoops, doesn't mean it can't/shouldn't be subject to legal questions.
- Hosting a website/blog/etc. does not come with the same questionable baggage as social media (algorithmic feeds, PII, tracking, identity verification, communication, etc.). We might opt in to such things, e.g. by accepting comments on posts, but I'd distinguish such two-way, "user generated" activity from merely "hosting a website". Technologically, such things require some dynamic system (usually a self-hosted or third-party backend), rather than "just" a static HTML server.
- There is no technological difference between a blog used like a personal diary, and a blog used to post reviews of Lego. Is there a societal difference? What about if they include photos?
- Posting things on a personal website/blog has an implicit understanding that it's being published and shared with the world (that feels like the whole point of a blog). Social media has muddied those waters, by claiming things like "privacy settings", which can give the impression that posts are not being published and shared with the world.
- When it comes to activities like receiving comments, two-way communication, unsolicited messages from anonymous strangers, etc. the more relevant "basic tech" feels like running a server for email, IRC, Jabber, etc. rather than a web site; since those place such "dangerous" aspects front-and-centre. Email is the most obvious, but I mention the others since getting external systems to trust a self-hosted email server is notoriously tricky!
So even if this change doesn't affect you right now, but it will affect you later then it'll be too late to fight agaisnt.
If you don't use social media and AI platform. Fine. But what about app stores, what about any registries from docker, to npm, to apk and toward the end source code repositories like Github/Codeberg?
If you're below 18, you deserve protection. Above 18? Good luck, babe.
I think one of the unintended consequences of age verification is going to be a whole host of unprepared 18 year olds getting full access to social media and getting absolutely one-shot by it. Think credit card sign ups on college campuses or predatory car dealerships near boot camps. There are going to be a lot more 18 year old boys gambling away their student loans and 18 year old girls signing up for OF, but it'll be fine, because they're 18! Not to mention they're going to be scam targets on the level of the elderly. And if you're exploited/scammed as an adult, it's your own fault.
Age verification/restriction without an educational component of some sort is just creating a future cohort of extremely vulnerable young adults for companies and bad actors to sink their teeth into.
Rule 1 of The Internet hasn't changed, it's: never put your real info into the boxes. Never!
More and more people agree that kids shouldn’t be on modern social media, including me. But most people also agree that mass surveillance is dangerous. The solution is to propose ways to block kids from modern social media (that actually works) without mass surveillance.
Better parental controls, more parental education, and site-specific age verification (Facebook etc. can require whatever PII they want to use their service) backed by incentives (whitelisting in parental controls, promoted as a “safe site” in parental education). Are these enough? Maybe not, but maybe mandatory ID and blocking VPNs aren’t enough as evidenced by people bypassing them. These (first three) are progress, that don’t yet require mass surveillance, and we can first see how effective they are then go from there.
I wish people wouldn’t say “age verification is bad”, it’s like “anti-work” and “defund the police”.
At minimum, parents need other parents in their local community to be educated; and better parental controls, so they can give their kid a phone and computer (for good reasons like safety and education) that won’t let them access social media (even unintentionally, some parental controls are that bad). Both can be done without laws, only social pressure and at least the potential for new (locked-down) devices.
(In theory, kids should also be prevented from buying unlocked devices, like drugs and alcohol. And showing the local cashier your ID to buy a generic device (whose packaging is indistinguishable from other device packing, so it can’t be traced to you afterward) is technically a form of age verification. But in practice this may not be necessary, because hardware is too expensive for most kids.)
The only effective tools parents have is to disallow or remove devices from their kids. It will work at the beginning but as they grow up it will become impossible, since at some point kids get influenced mostly by their friends' circle. So yes, I do agree that parents must talk to their children and explain what social media can lead to, including the dangers of internet predators and so on. But no, I don't agree that parental control is a general solution that will work for all kids out there. It never has.
Very true & having 6 kids of my own, I know that only too well. I still don't like the idea of Mr Government trying to tell me how to raise my family. Here in Australia the government seems to like that a lot...
Rightfully blaming bad parents is reactionary
Generally, things that are harmful and addictive such as alcohol, cigarettes and casinos require age verification. We dont just put the onus on parents because a child with bad or absent parents still deserves to be shielded from alcoholism at 12 years old.
So? Not all reactionary (if you mean "conservative") takes are bad. Sometimes they're better than the alternative: accepting bad parenting as some default and working around it with technological restrictions.
The actual modern reactionary meaning of "referrant to a mythical past as a standard" always felt like it deserved a better term. But nobody would get what you were saying if you called them a "fairytaleland resident" or similar.
Why is the internet special, do you also believe physical stores shouldn't check for ID for cigarettes and alcohol, because the solution is better parenting?
I get that you don't, all I'm trying to do (and failing) is have a discussion, apply critical thinking and be able to articulate a position. I'm neither fully opposed to it, nor fully in support of it. I'm always seeking nuance. I've found out lazy reductionism is the cause of much suffering and loss in the world, I can be bothered with the tedious nuance, especially for a topic I know a thing or two about in my own view.
Unfortunately karma systems on sites like this are not conducive to such a discussion. I want to challenge your opposition to the age verification regime, so that I can be better informed, and you will stand on a more firm ground, articulating your views with solid arguments instead of "i don't like it".
Of course I'm happy to talk about my positions but there is little nuance to my position tbh: I remain entirely unconvinced by the justification for proposed measures and believe that the entire discussion even happening is essentially a framing error. We're all talking about what should be done about this. About what, specifically? And, well, why now?
I grew up on the Internet. I've had essentially unfettered and unmonitored access to it since I was maybe 11 or 12. Me and my cohort of classmates often talked about sites like Rotten or Motherless at the lunch table, and certainly age inappropriate content like on Newgrounds and Lord help us, Ebaum's World.
Now okay, things have changed. (I'm still quite online for better or worse, so please don't get the idea that I don't see that the modern internet has different child safety concerns than the one I grew up on.) But somehow, the rhetoric is exactly the same as always. It's the same damn thing. No matter how the times change, it's the same "protect the children against the evils of sex and pornography!"
Uh huh. I realize not everyone has a universal shared experience, but from my point of view, the problem with kids and inappropriate content isn't just a story of negligent platforms. It is the story of 1. Hormonally unstable kids going through puberty who will often stop at nothing, 2. Platforms that are more or less indifferent and will do whatever gets them money, and 3. People who take on the immense responsibility that parenthood entails then expect the whole of society to take care of them.
I don't know what to tell people, I get that this is a terribly uncomfortable fact, but the number one reason why adolescents get involved with porn and sex is because they explicitly are seeking it out and want to be. It is nothing to do with the porn industries or lack of Internet regulation, it's their goddamn bodies.
It's absolutely true that I had access to content far more disturbing in all metrics than the old playboys under the mattress of yesteryear. I am not claiming this is ideal or that it should be the case. I'm just saying that it happened and the generation that was there is here right now, and we're fine.
But maybe social media is just simply too much. It puts kids at too much risk and they can't handle it. I think we're selling a lot of adolescents very short here without at least giving them a chance to have a bit of freedom, but fine. Let's fix this.
How? It's simple. When you are a kid, the first computer and phone or whatever kids get these days, is given to you by a parent. What we can do is make decent parental controls. We don't even need strong identity verification. We just need to be able to provide a way for apps and sites to voluntarily block children.
This sounds eerily similar to California AB 1043, and it is. I think that California AB 1043 is also bad for many reasons. Firstly, I know this is going to be expanded in many uncomfortable directions; it doesn't take a genius to make basic extrapolations. Secondly, I feel it is poorly written and confusing; what's an app store? Why does the law require all apps to request and store the age bracket information? What is an app? Does GNU sed now need to, by law, request the age bracket information from systemd and store it somewhere? And no, it isn't acceptable to just try to "do what they mean", it's a badly written bill. We shouldn't accept badly written legislation, but apparently in the past couple years or so the situation that had been ongoing for the past 3 decades or so with the Internet suddenly became extremely urgent to fix Right Now (in a couple of years) so we had to rush out shitty legislation that makes no sense.
So while I would love to just have sensible parental controls, nobody is actually really trying to enshrine this into law. It seems like they're mostly concerned about lobbying to push the responsibility elsewhere.
So we won't even just get sensible parental controls. We'll get weird parental control like legislation, having to send a live stream of our faces to sketchy companies who pinky swear to not leak it by accident, enter our credit card information into sites that definitely won't get breached, and scan our goddamn government IDs to access basic chat functionality that we already use today, in some cases. Because we can't get a handle on how to stop the 20% of people in the first 20% of their lives from accessing inappropriate content on devices and internet connections that WE FUCKING GAVE THEM! Before we've even attempted to quantify how harmful unfettered Internet access is to adolescents, or hell, how Helpful it is. (It sure was helpful for one of my friends who was gay and could access resources on the internet when his conservative parents were unhelpful. I suppose everyone is allowed to raise their kids how they like, but I can see the duality of how it's also not always the case that the parents know best.)
To say that I think this is all beyond farcical is a massive understatement. So I do apologize for maybe seeming a bit dismissive about this issue, but personally I already know it's coming from the wrong place and I don't like engaging with things that I know are coming from the wrong place. I'm not saying you or anyone in particular actually has bad intent by any means, just that I don't believe this entire movement at all.
This has nothing to do with parenting. It's surveillance. They failed to do it through child porn argument. They are doing it through 'social media is harmful for children' argument. People did not bite on the former. They ate up the latter out of hate for social media platforms.
For everyone else, the internet is already a shit show and a half. They want control, because it means putting a stop to being predated upon, or more nihilistically, harming the firms that are harming them.
I don't know how to let other commenters see how bad it is, or make the gulf in view points clear.
This can't be that hard. Can't I get an electronic certificate/flag verified by a trusted third party using my ID, where this cert retains no PII? This is what I come up with after not thinking very hard about the problem, and I can't be alone.
Maybe its naive to think that harvesting PII isn't the point.
The important things are that they must issue a bunch at once. (Otherwise, correlating who you are becomes easy). They must keep no record tying nonce or the full JWT to an individual identity. Something user local or otherwise trustworthy (not keeping logs), needs to hold on to these, and send them out as needed, being very very careful never to reuse one (as that would enable cross site tracking). Lastly a relying party must be required to trust many issuers, not just those they are colluding with track users across sites with this.
The European Commission actually proposed pretty much exactly this system, also with a variation where instead of revealing the signed token, a ZSNARK proof (that you possess a validly signed token with the over18 attribute from a specific issuer) could be given to the relying party instead (to make it impossible for issuer and relying party to collude to release your identity). Many people here seemed to not like it.
Age verification will always lead to more surveillance. People need to just be more mindful of what their children are doing online, maybe stop giving them smartphones, and just be parents.
"He's intelligent, an underachiever, alienated from his parents, has few friends. A classic case for recruitment by the Soviets." — War Games
More seriously, internet forums weren't designed to be addictive. They were designed to communicate.
That's the difference between the past and the present.
The "time on site" KPI and its variants is the root of all evil.
It seems clear to me that America is heading into an extremely repressive system where even the nominal use of America may just end up falling by the wayside within the lifetimes of some people alive today. Functionally speaking the, notional or spiritual death of America happened a very long time ago, probably 1840 but obviously no later than the outcome of the Civil War which turned a decentralized union of federated states that formed a republic, into a centralized dictatorial federal power and later the groundwork for becoming the empire we are only 55-80 years after the Civil War, depending on how you want to look at it.
I think people forget that there would have been people who experienced the Civil War that destroyed the central premise of the Constitution, that sovereign states join in a Union to cooperate, and the formation of the Empire of America by no later than the end of WWII.
Those things never happen abruptly, they happen in following a long strategic plan based on objectives not timelines. Part of such a plan is causing ever increasing dependence, deference, and subjugation to government, which is really just someone else’s control over you, the people who make up the “government”, instead of your own control over you. Part of that is giving the impression that money and daddy government will take care of the children, as a tool to psychologically manipulate people by hijacking their instinctual care and concern for protecting children.
It’s why and how they’re more pushing age verification, not ban for minors with similar criminal penalties for anyone who allows minors on the internet/social media. No, you as an adult need to confirm and tie your identity to the digital fingerprint that is tied to all the data that was and is collected about your activity over the last 20+ years … to protect the children of course.
It’s why some people refer to the majority of humans as cattle. You just have to herd them around and they moo and then start fattening up on corn instead of grass, just like the last generation did before they were harvested.
In the same way kids should not be infecting their minds with social media slop, or porn, or plenty of other internet content.
The only way this is stopped is when a social norm is created which shames all but the most negligent parents into compliance.
At the moment the absent and bad parents have all the power. Their kids scroll all night for memes, injest YouTube brainrot and turn up at school disruptive. Kids with responsible parents either want to that as well, or can't escape it.
Surveillance from age gates is a red herring. That horse bolted long ago. You are surveilled already by tech bros when voluntarily logging in, or by making yourself stand out a mile by using a VPN and a uncommon browser setup. This data gets handed to your government on request.
Having an anonymous VPN won't stop the tech bros or an authoritarian government forming, or bring one down.
People taking part in their existing democracy and maintaining the foundation of that is the best course of action. Raising a generation of kids not addicted to internet brainrot is a key part of this.
age verification is a cover for universal internet IDs. you'll never be able to go online and do anything anonymously again.
I sometimes wonder what HN would be like with age verification.
Has it occurred to you that nobody cares, or should care, about your opinions about what other people and other people's kids do? You and the "more and more" people who agree with you are cordially invited to fuck off.
> The solution is to propose ways to block kids from modern social media (that actually works) without mass surveillance.
The solution is for you to get over your bullshit, not to chase impossible pipe dreams.
Uhmm... Yes they do? That's... the whole point of living in a society? With laws? So we can collectively decide what is and isn't desired?
Children are also banned from purchasing alcohol or going to the casino. There are tons of things we collectively decided children shouldn't do.
It's not a free "sample": drug dealers give their stuff for free at parties where vulnerable young people are in the form of sharing what they are themselves taking. Then they have that teen on the hook for extortion and having them do things or pay "debts". I "gave" you some drugs because you're my friend, but now you have to pay back, you have to do this favor, take this stuff from here to there. Another common thing is that the "debt" has to be paid in money again and again and again. You don't want us to go talk to your parents who think you're their perfect little boy/girl? You don't want them to know that you took drugs, do you?
As dangerous as a butterfly... It's a filthy world on all levels, filled with demonic people who spend all their time thinking about how to use and abuse others - the more innocent the better.
I know it's a tangent.
And yes: Taking drugs or hanging out with people who take drugs is enough "kompromat" for a teen to then be extorted by drug dealers, because they don't want their parents to know.
Especially in countries where the law looks very lightly on extortion, looks very favourably on "young offenders", and is very lacking in empathy for young victims.
Not to mention: Do you think a 15 or 16 year old wants to go to the police and tell them that they are being used by drug dealers, when the first thing the police is going to do is also book the teen for drug use?
Drug dealing aren't just Mexican cartels or hood gangs, it's a network with branches into everywhere, and they need a constant supply of victims. Read some court proceedings from low-level drug cases, and you'll see how these criminals operate. It's not like TV.
Our ancestors here in France literally fought the nazis so you don't have to have a nazi-approved « Ausweis » to go wherever suits you. We would be well inspired to follow their example.
But don't teach them how to navigate the world and interact with both good and bad.
I told these admins this was immensely irresponsible. They said they just didn't want to get sued by an angry parent whose child joined some porn group. I was mocked endlessly. Now this. I'm not surprised.
To that, I have also what I consider my "forever hardware" were I can do what I want offline.
Not saying other stuff won't creep in for various pragmatic reasons but it will be kept at arms length at best.
All that you need to know is that I am above 18 years of age.
You don't need to know how old I am, what my birthday is, what state I was born in, my gender, or when my passport expires.
The downside with ZK cryptography is the complexity. Something would have to be insanely inconvenient to justify it.
The last ~third of the article is about the EU's zero-knowledge approach
I’m just afraid that membership countries will be too dumb to understand the difference, and for the population worldwide to be able to comprehend that it’s even possible. To be honest, ZK crypto is one hell of a party trick. Compared to tech where the premise is “we put a picture of your passport in a box, and when people want to know, we look and confirm.”
They've standardized two systems under the banner of "zero knowledge". One is actually zero knowledge. The other is trust-me snake oil. Guess which one is getting deployment.
Internet has become a messy and dangerous place. Anybody with money can access it, that not necessarily means somebody with common sense.
90s, early 2000s, we would go to the internet to have good time.
2020s, people are ditching internet and new techs to afford having an offline life.
The answer is whenever you think your child is ready to view porn.
I remember our famous pornless desktop computers at LAN parties in high school.
Like what I was driving at here was that Smartphones are not the only possible platform you would need to withhold from kids to get the desired outcome.
And its also silly to think that these controls aren't serving the interests of the very degenerates you claim to hate. Why are you in complete thrall to them, making burner accounts to stick up for them, I do not know.
What I won't do is lock them down, like so much of this comment section is in support of doing. I am disgusted by the death of the cyberpunk ethos from the turn of the millennium.
I had a job interview at a school ages ago, and while I didnt expect to take it I still asked. How much of your security risk comes from inside the student population, and how much is external. And they said, 100% external. The students hadnt so much as knocked on a port in 10 years. And that horrified me. School as I see it, is a safe place to learn opsec, and you learn opsec by failing. Either that or these kids have the network completely pwned but I didnt get that feeling.
My kiddo will have a desktop soonishly and very much is getting an education in good opsec.
Why is everyone so opposed to the internet working this way?
You are suggesting it's simply a matter of adults verifying their ages to access adult content. But it isn't! We're being asked to either scan our faces or provide our government IDs, to access basic online interactivity we already have, on the likes of Discord and Playstation Network, in an effort that is rolling out slowly worldwide. No need for porn or sex at all. These things aren't even required by governments yet. Companies are so eager, they're jumping ahead of schedule.
But would I scan my face to be able to watch porn? Of course not, that's insane. This isn't real life where someone can take a look and go "sure he looks 18" and do no real verification at all. This is the Internet. I'm not going to send a live stream of my face to some company, and by the way we have some real true five star companies stepping up to the plate to provide verification services, and have it literally be associated with my intention to download porn. Firstly, why would I want the site operators to even have any more information about me than necessary? Aren't sex stores awkward enough as it is? Secondly, it's the Internet, as soon as that information leaves my computer "encrypted in transit" I may as well treat it as potentially compromised already.
(Though just to be clear, real life is getting spookier too. With Flock cameras popping up everywhere, we can celebrate the death of privacy IRL while we celebrate it online, too! I am aware that certain countries killed privacy much earlier than others, no need to point it out.)
The long and short of it is that people will (and largely already have) just stop browsing porn sites when invasive "age" (often actually government ID) verification is required, which I reckon is the primary intent here. It seems to dovetail nicely with the other obvious PR campaigns against adult content, porn and sex work in the past decade. They've worked quite hard to try to make people forget "the internet is for porn" era.
What's crazier is there was Less age verification than what is being proposed right now back when people phoned in to order a VHS using your credit card. Remember when credit cards were a godsend for the adult industry? The funny thing is that now, you're lucky if you can use your credit card at all for porn, thanks to the anti porn movement that happens to coalesce suspiciously closely to this movement. And in some cases, it seems that merely providing a credit card is no longer seen as sufficient evidence of adulthood. True, you could just steal your parent's credit card... Just like you could 30 years ago. Or just like how you can get a fake ID. Does that mean we should treat everyone trying to buy adult content as if they may have stolen their parents credit card by default?
2. Because I am an adult.
Most of us are. Almost 80% of us are over the age of 18, at least going by U.S. demographics.
And, we're under 18 for less than around 22% of our lives.
The Internet is not some international daycare program. It is an interconnected network of computers. The connections are managed by adults. It's true that there's always workarounds like free Wi-Fi hotspots, but by and large to be online is to be connected to an Internet plan managed by an adult. That means we already should be able to prevent children from having unfettered access to harmful content with basically no modifications to how the internet itself works.
We've had the ability to do this for almost as long as the Internet existed, and Windows 2000 shipped with a fairly comprehensive system using PICS rules from third parties like RSACi. This system didn't require adults to monitor everything their children did 24/7, and it didn't require adults to constantly scan their face or provide their government ID to sketchy third parties to access chat functionality.
Nobody used it of course, because parents didn't actually give a shit in that era. I'd know, I grew up and had plenty of access to adult content long before turning 18. I am not suggesting this is necessarily ideal, but it also isn't this weird cataclysmic issue that it suddenly became literally like a year ago or so. The internet has worked this way since its inception and somehow only just now is everyone in a panicked frenzy. Now I hate to be dismissive, but that's a load of USDA Grade-A Horse Shit.
So I am wholly against kneecapping the concept of unfettered private communication on the internet because we can't get the parents of 20% of people to do their job for the first 20% of said people's lives.
--
This whole thing stinks rank to me. I get that big tech companies and social media platforms have not given parents very good tools to manage what their kids can see and do on the Internet, but everyone acts as if this is just Machiavellian evil as they twirl their mustaches and laugh. Don't get me wrong, I fully believe that they knowingly make money off of providing inappropriate content to children. The only problem is that a lot of those children's parents knew that too and simply didn't care. And now, instead of just finally making parental control work, something we've certainly had the technology to do since the 90s, we're going to institute mandatory ID laws for all unfettered communication. Hurray. Blast confetti in the street for this victory against evil.
But to me I look at this "activism" and debate in favor of online ID laws and all I can see are anti-abortion protestors at my local clinic.
(I wrote this as if I am an avid porn consumer, because writing it any other way felt cowardly. But that said, I am not. My true passion is Internet privacy, and if I have to go to bat for Internet porn to help that cause it is no problem for me.)
Instead, in 10 years I'll probably have to log in with an iris scan to check the (ai-powered) time, and pay for the privilege.
I sure hope agents don’t swarm social media. But at the same time I think identity verification companies have a tougher problem, ai can produce real looking videos and documents. There’s probably no real way to verify someone purely through the internet at this point.
If an agent is controlling your own browser, it can get in the way of you being able to do work as well.
Additional security control, if you have control and audit trails regarding what the agent is doing, think things like not having access to the keys, cookies are unavailable through the api, certain sites blocked, especially for agents that run automated background tasks.
There's a ton of reasons really. Using stealth chromium forks can decrease security, potentially get you blocked from services/sites, and typically can be detected easily because Google is doing a lot more than just compiling Chromium to release Google Chrome now. That's why many of the stealth browsers out there are moving targets, and have tons of instances of being blocked.
Users have been doing this themselves without state coercion for twenty years now by putting their real names all over Facebook and all the other socials. Nobody forced them to use their real names and post countless pictures of their faces alongside, and pour out the totality of their worthless opinions on every issue. Compared to this, when considered sensibly, the verification is almost a trivial step.
No? You've obviously never been ostracized from your friends, family, or coworkers due to not using Facebook or Instagram or whatever the latest vapid social network is.
on which major social media networks can you post anonymously today? HN is a rare bird in that regard.
None of the social media networks my teens are bugging me to sign up for (IG, TT, Snapchat, etc.) have anonymous registration.
Come on, do people seriously believe this will happen?
There's this cool new feature that they added to the Mullvad browser extension, which is built into the Browser. It gives you a random different proxy for each site, kind of like the Tor Browser.
Mullvad understands that VPNs overpromise and underdeliver, but if you combine a trustworthy VPN, a fingerprint-resistant browser, and uBlock Origin, you get a damn good internet privacy. The browser is not ideal for daily-driving because it's always incognito so you get signed out on close, but I heard they're working on a persistent version.
The ability to seamlessly record, upload, comment, react on _everything_, _everwhere_, _all the time_ is not natural, and not necessary.
Let them keep the devices, whatever, but remove the internet access.
Or keep the internet access, but remove the display/audio/camera.
It's more enforceable in public than trying to enforce whatever age verification solution they come up with.
And it gives parents the ability to appeal to authority when they ask their children, and the parents of their child's friends, to stop giving kids access to such devices. Right now a lone parent trying to push for better/healthier online activity to their friend group looks like a crazy person.
But of course we know they aren't really interested in helping parents and children. They want the surveillance capabilities.
sorry but I don't get this point. If you're on Instagram or Facebook, did you think fifteen different three letter agencies weren't already watching you? It has the word 'face' in the name, the entire point of that site is that people mindlessly share their personal information, it's not some underground space for activists.
You can be perfectly anonymous on the internet, but demanding to be anonymous on Facebook is like trying to start a Das Kapital book club at Goldman Sachs or decrying commercial culture while you're in a Disneyland theme park
Like, criticizing the government shouldnt just be possible because you can hide behind a fake name. It should be legal with your face name and address attached to it as well
I think there was a reasonable expectation of anonymity, at least relative to other users. In the past you could access facebook with a VPN/proxy (and for a brief time, even tor) and use any name you wanted. But with forced identity verification you lose that little bit of anonymity.
The internet used to a technology people used to do interesting things, and with that came all its expectations. Now in addition to that, it is how modern live is negotiated. What used an optional thing is now a critical infrastructure upon which a person's life revolves, in most cases without any choice of their own.
When you drive your car on the road, do you complain about not having "a free road like back in the day" for being require to have a driver's license, and a registered car? not too long ago, you didn't need any of that to ride a horse or horse and carriage.
A free internet, as in the internet is like a public square, that isn't what society wants. Ultimately that is the issue, and you can't fault the public either. The public expects change, things to improve, and policy makers need tools with which they can enforce their policies. Telling both parties "um..no, i like my freedoms" won't stop the this train.
Let's take the example of mullvad here, and being able to purchase a VPN with bitcoin/cash (been there, am a customer) and access any site. It is entirely reasonable for governments to not want that. but the real enemy is the acceptance of this false dicthotomy of extremes. one of the things the internet has allowed us to have is to be able to prove entitlements without disclosing our identity. It is possible to prove that meet whatever legal requirements by having a government notarize a certificate of identity which you can present to sites and software as proof, while removing the government's own knowledge of what sites or software you're using, and removing your identity from the sites that are verifying your entitlements.
You're allowed to be in public without having to prove your identity (well.. that used to be the case in the US at least, now if you look like an immigrant, no longer the case). But to sell things, or buy restricted items, you have to show your identity, even in public. Certain businesses are required to verify your identity before engaging in commerce. Even worse, once you're in public everyone can record everything you do an identify you. Facial recognition, license place tracking, etc.. are all very real parts of the physical world today.
Lots of reform is needed, but we're getting the worst end of it because people gravitate to extremes out of laziness. if accessing social media, sensitive sites and commerce could be done in a privacy preserving way, there is no need for (or you can make a strong argument against) silly things like installing ubuntu requiring your ID, or needing to verify visitors IDs to your personal blog.
the beginning of the freedom of every person to become a developer
Dave, first we will need to setup age verification for your friends in order to comply with the law. I will not be able to help you otherwise. Remember Dave, I will submit to the local government your request to make a social media website so they will know if are complying with age verification. I have your ID which I will also provide as you need government ID to use AI. Open source AI models were banned.
Alternatively, open source community software run by folks in a country that doesn't have any age verification laws/don't care less about them.
I hate it and I hate that this is what became popular instead of what the internet was in its heyday. It's sad to see.
But what won't fail is the obligation to provide your id to 'verification providers', who are obligated to provide it to websites, all of which are obligated to hand over your identity to the authorities the moment they ask - the verification provider included.
So it's just mass surveillance, finally sold to the public through 'think of the children!'.
It doesn't really help their case to parrot Musk-level misinformation...
https://www.pragencyone.co.uk/blog/elon-musk-misinformation-...
https://www.independent.co.uk/news/uk/home-news/wales-englan...
It's not just kids it's bad for. Too many people don't have the agency or social/emotional insight to take care of themselves.
I stand by what I originally said, though I admit it was a bit inflammatory. Everyone wants to have their cake and eat it too. Social/mass media is being used to disrupt western democracies. This is not the future we all wanted for the internet, but humans ruin literally everything. So we have to deal with reality here, meaning identity verification will become a non-negotiable. The masses may rail against it, but it's necessary and inevitable.
I just don't like that proponents of age verification are systematically (including in this article) dismissed as authoritarians hiding behind "just another “what about the children” excuse to introduce mass surveillance and censorship". Many people genuinely want to find a solution that is better for the children, and telling them "if you are open to age verification you are either a fascist or a moron" is not constructive.
Also I find the way ZKP is criticised a bit manipulative. It kinda implies that "fundamentally, any kind of ZKP system can be switched off remotely and without anyone realising", and that is wrong. It can be implemented in such a way that people have pretty good guarantees about it preserving their privacy, similar to end-to-end encryption. I find it hypocritical to say "E2EE can be reasonably trusted, but privacy-preserving age verification fundamentally cannot", just because tech people like the former and not the latter.
at the expense of everyone and everything else all to not have to be an actual parent.
These arguments are not coming from places of concern, they are coming from laziness and people taking advantage of that laziness to further even worse agendas.
The "laziness" argument doesnt work if the people being lazy (parents) are not the people being hurt (children)
That's the thing: it's not trivial to know what is possible and what is not. If you look at the messages in HN, many (most?) messages about privacy-preserving age verification are (at least partially) wrong. Tech-savvy people clearly do not understand the technology in details, and somehow they assume that normies do understand and are simply fascists or lazy.
It is my opinion that telling a normal person that they are a bad parent (or a fascist) because you disagree with them is probably not the best way to convince them.
I believe in democracy, which means that I don't call everyone disagreeing with me a fascist. In a democracy, if most of the population wants privacy-preserving age verification and I don't, then I am in the minority and must accept it. My role as a tech-savvy person is to help "normies" understand what it implies. Again, not to tell them that they must be fascists if they disagree with me.
If you think that privacy-preserving age verification is the most authoritarian way to tackle this problem, then you really, really don't understand authoritarianism.
Now if you have tons of better and practical solutions to tackle this problem, I would suggest you start writing about them. I haven't read a lot about those solutions (other than "just ask someone who is not me to do it"), what I hear is mostly people yelling that only bad parents and fascists disagree with them.
I did. the burden isn’t on me to explain it to you, comrade. maybe you could start by actually addressing what I wrote. Or are you now expecting me to draft up a legislation draft before you’ll address my post? These types are always the same.
I am confused. Did you? Do you mean this:
> [the solution] is regulating social media companies to stop abusing their users, and by extension, children. strict laws around adtech and tracking tech
Pretty sure it has been tried in some countries, and the solution that those companies were happy to implement was... identity verification. There was a drama about Discord doing this, recently.
> Or are you now expecting me to draft up a legislation draft
Not at all. Just give me the name of a viable solution, so that I can search for it. It doesn't take a full day to write something like "privacy-preserving age verification", does it? I can't easily search for "JohnMakin says there are many good solutions, which ones are they?".
(Now I am old, so it's different.)
It was very freeing to be able to talk about my interests (e.g. space, web development, and video game modding) without being subjected to the bullshit that people brought to the table if they saw me.
I actually can. For real. I can not get job or housing anonymously, but overwhelming majority of my real life interactions are anonymous.
I shouldn't have to show an ID to buy a newspaper or to load the website of a newspaper. On the other end of the spectrum, I should not be allowed to buy a gun without showing an ID (and all sorts of other constraints).
Somewhere in the middle, I understand that we don't want to expose 8 year old kids to pornography, but I don't think that one has to wait to be 18 or 21 to be allowed to access it. Same for social media. Where and how exactly we set the limit is a societal choice to make.
I also believe that "living in a democracy" doesn't mean that "everybody agrees with me, always". Many times I am in the minority. What matters is that people are informed. Telling them that if they disagree with you they are either bad parents or fascists isn't constructive, IMHO.
The problem for many parents is that all the other kids have it. It's not always easy to develop a relationship with your kid to convince them that they don't need to conform and have friends.
So I can imagine that many parent would be relieved if access to social media was slightly more complicated, such that maybe it would be more normal to not have access to social media.
I have a simple example: when all the kids have a smartphone, it is very hard to tell your kid that they cannot have one. When all the kids have a shared culture built around social media, it is very hard to tell yours to not conform. "It's okay my son, you don't need friends. Anyway the parents of all those kids are bad parents".
I don't have children, but it doesn't sound completely weird that parents may say "we should prevent most kids from accessing social media, so that my kid wouldn't be the weirdo if I don't let them have access".
Think carefully about why a politician might disregard this extremely simple mechanism and you'll have your answer about the real goals here
You (and many others) frame it as "the government versus the people". I think this is extremely naive.
Many, many, many parents are in favour of preventing social media access to kid, assuming it is done in a reasonable way. For instance, having a police officer follow every kid everywhere they go 24/7 is not a reasonable way, and everybody agrees on that. Now what if there was a reasonable way?
Ask yourself this: do you believe that privacy-preserving age verification is not a reasonable way, or do you know it? In order to know it, you have to understand how the cryptography works at some reasonable level. Do you? Most comments I read online come from people who believe and then repeat arguments they have read that confirm their beliefs.
I was noting that the Mullvad article actually addresses ZKP (which is good and a very rare thing), but that I found it was a bit evasive in a way that feels slightly manipulative to me (probably not on purpose).
It is worth recalling that "authoritarian" is a relatively neutral label for a political philosophy (like "liberal", "democrat", "capitalist" or "socialist"). It isn't that people are name calling, it is that authoritarian policies - like this one - consistently cause more harm than good. The label is basically a slur at this point because the disasters that the authoritarians trigger often veer into being massive and appalling spectacles. People tend not to be very evidence-based, so the people who lean authoritarian tend to try and rebrand to avoid being tarred with their philosophy's consistent failures, but it is still authoritarianism.
But the productive path forward isn't to try and be nice to the authoritarians and accommodate them with the rebranding. It is to adopt liberal policies. Like letting people read and comment anonymously on the internet.
I don't think that we would call "authoritarian" someone who would ask for, say, guns control. Or at least we wouldn't call "authoritarian" someone who is in favour of having more than 0 law, would we?
You are being manipulative by saying "If you want a law that I don't want, then you are an authoritarian. I mean no offence, it is just what you are". But reality is a lot more nuanced than that.
The vast majority of people who are in favour of age verification are not authoritarians. They really just consider "should kids have access to social media? Not until they are old enough". Whether or not it is technically possible is outside their knowledge. And the fact is that for age verification, there are technical solutions that are privacy-preserving (unlike e.g. ChatControl which is fundamentally building surveillance infrastructure).
And even for ChatControl: people who say "I would be in favour of a magic backdoor that would only work for the well-intentioned good guys" wouldn't count as "authoritarians", would they? It just so happens that there is no such thing as a magic backdoor, so they cannot have what they want.
There are a couple that aren't against it, but to actually implement age controls in the way they are being bought in you basically need to be an authoritarian. Otherwise, you'd be persuaded by arguments like Mullvad's that the social media companies already know how old their users are and don't need a centralised authority to tell them. There are alternatives here that are less authoritarian. Policy makers and the people supporting them don't want to use those approaches, because they support taking a more authoritarian approach.
These policies, in practice, are literally authoritarian policy. It isn't the most extreme form of it, but it isn't authoritarianism because I don't like it. I don't like it because, objectively, this is authoritarianism and authoritarianism tends not to work. Otherwise all the research I've seen suggests that kids shouldn't be using social media. If this wasn't likely to take out huge chunks of the healthy political dialog on the way it'd probably be tolerable.
If it is manipulation to point out that this is part of a class of strategies that have a history of horrible failures, then you have a very confused understanding of what manipulation is. This is an absolutely classic authoritarian "we can't just let people talk to each other however they like without the authorities being involved" play.
I don't see how this sentence can make any sense at all in the context of ZKPs. Can you elaborate?
> you'd be persuaded by arguments like Mullvad's that the social media companies already know how old their users are and don't need a centralised authority to tell them
How do the social media companies already know? Because they track everything? But if they ban kids, they don't track them anymore, do they? Or are you saying that social media companies should be able to track everybody everywhere, such that they can profile them and ban them from accessing social media?
> I don't like it because, objectively, this is authoritarianism
You would have to explain that. The government provides a service that allows you to prove that you are old enough without the government learning anything from you and without the service learning anything other than the fact that you are old enough, and you call that "objectively authoritarianism"?
The reason people are getting called authoritarian is because ZKP proofs are a massive and obvious improvement on what is actually being implemented. Can you point to anywhere that has implemented ZKPs? The linked article suggests that is quite hard to do.
I wouldn't be using an American IP right know if my local age verification laws required ZKPs.
> How do the social media companies already know?
They ask you your age when people sign up. That's good enough for me - I'm not an authoritarian. I'm not out to create a watertight way to stop people communicating if they want to.
> You would have to explain that. The government provides a service that allows you to prove that you are old enough without the government learning anything from you and without the service learning anything other than the fact that you are old enough, and you call that "objectively authoritarianism"?
I haven't seen anyone complaining about that. Sounds like a non-issue. Why would anyone over the age of around 18 care? You should consider reading the linked article if you don't understand what the complaints people are making are. The reason you don't see any authoritarianism is you haven't actually looked at how the schemes are being implemented.
Mullvad isn't writing this blog post because of the huge numbers of 12-16 year olds shelling out cash to them. It is because the authoritarians are making a play to destroy a sizeable chunk of the open web with a likely follow up of cracking down on free speech.
The EU initiative explicitly mentions ZKP: https://ageverification.dev/.
> The linked article suggests that is quite hard to do.
It's technical, just like getting E2EE right. Doesn't mean it's hard to use, as proven by the fact that billions of people use E2EE in WhatsApp and Signal without even realising it.
> I'm not an authoritarian. I'm not out to create a watertight way to stop people communicating if they want to.
You seem to have a Manichaean view of the world. There is room for nuance between "let kids lie by clicking 'yes'" and identity verification.
> You should consider reading the linked article
Did you read it? There is a whole section that is titled "The Zero-Knowledge Proof alternative and the EU".
> The reason you don't see any authoritarianism is you haven't actually looked at how the schemes are being implemented.
I actually have. Have you? Seems like you haven't read the article. Mullvad is complaining about the fact that the app seems to support both ZKP and identity verification, and they criticise the infrastructure enabling identity verification. And then some more "slippery slope" arguments that are worth what they are worth (with the same kind of reasoning, we shouldn't have gun control, because the next step is to control everything, right?).
> Mullvad isn't writing this blog post because
Mullvad sells some kind of privacy (as much as a VPN can offer), and here they share their opinion about age verification. With which I mostly agree: the only viable age verification implementation is through ZKP. I tend to disagree with the slippery slope argument, and that "the government abuses everything they can". If you think like that, doesn't that make you an anarchist?
> Right now, the EU app does not have ZKP functionality, contrasting Ursula von der Leyen’s claim that the app ”is technically ready to be used”. But more importantly, the app is currently designed to always function without ZKP technology; if ZKP is unavailable, the app falls back to a non-ZKP model.
So you have failed the test of pointing at somewhere that has implemented ZKP. You can try again if you like.
> I actually have. Have you? Seems like you haven't read the article. Mullvad is complaining about the fact that the app seems to support both ZKP and identity verification,
Again, this is factually wrong. And it is why people are getting labelled as "authoritarian" - they proposed a system that sounded decent, then they actually implemented something else that is a standard authoritarian ID system with a fig leaf for people to pretend they didn't. As was expected, given that this always looked like an ID card play with a false moustache.
> I tend to disagree with the slippery slope argument
They haven't made it up the hill yet, they're already down the slope. the EU implementation doesn't use ZKP. That's a big part of why they're being included as one of the authoritarian forces in this push that people are upset about.
The EU implementation is work in progress. I am not aware of any country using it for age verification.
I am not sure I get the argument of "it's not finished, but I will pretend that it is because it's convenient for me".
> You can try again if you like.
Switzerland is another one that seems to be going towards a privacy-preserving solution. Is Switzerland known for being an authoritarian country?
> The European Commission has announced that a new age verification app designed to protect children online is ready for deployment. In a recent statement, President of the Commission Ursula von der Leyen, confirmed that the technology is ready and will soon be available for citizens to use.
https://commission.europa.eu/news-and-media/news/european-ag...
Am I to pretend and believe the EU Commission or am I to shun their lies and believe you on the subject of whether this age verification app is ready? But maybe Mullvad are wrong here, I dunno. Maybe they have implemented a ZKP scheme. Have they? I'm interested in the details, love me a good ZKP. How does this armed and fully operational app, here and now, today, in this moment, implement a ZKP?
> Switzerland is another one that seems to be going towards a privacy-preserving solution. Is Switzerland known for being an authoritarian country?
I've heard literally 0 complaints about whatever Switzerland might be doing. You'll notice the Mullvad statement doesn't mention them either.
We know they'll take a mile if you give them an inch. Ditto with "trusted" computing and the rest of that wormcan. That's why the opposition has to be absolute.
We have age verification for all kinds of things that can harm minors. Most of them have adequate penalties for breach such that operators of said harms ensure they comply (checks for ID when selling alcohol, entry to over-18s pubs/clubs, etc.)
There's nothing sinister going on here, just attempts to prevent social/mental harm to minors.
There absolutely is you're just not aware of it.
This whole thing is meta financially backing right wing conservative groups that want age verification because meta wants to avoid liability for the harms their platforms cause.
In addition, this is the beginning of the end of any sort of anonymity on the internet, which has disastrous consequences for politically minded individuals, minority populations, or targets of stalking. This is a privacy nightmare bring pushed through in the guise of "muh children".
Can you show here that you understand how privacy-preserving age verification works?
I mean the rest of your message really, really sounds like you don't. Don't get me wrong: I do agree that identity verification is bad. But it is not okay to say "I know of a system that is bad, and I don't know the nuances of how it could be implemented in a better way, so I will just assume that there is no better way".
Democracy is not "they" vs "us". Democracy is not "opposition has to be absolute". What you describe here is extremism. If you believe that anyone disagreeing with you is an extremist and that the only viable way to react is to be an extremist yourself, well... you are the extremist. Whether you are fighting extremists or not (this "they" you conveniently do not define) is unclear, though.
Porn has always been around (national geographic, anyone), and parents can use screen time to limit access for their children if they want.
But this was always about governments wanting to know who's posting what (and controlling them, through chilling effect); not about saving 'the children'.