- cross-posted to:
- privacy@programming.dev
- cross-posted to:
- privacy@programming.dev
Finally it seems the end of Reddit is near.
You must log in or # to comment.
Meh, just upload a dick pic.
Hm, I’m going to need some software engineers to critique an idea I have that could at least partially solve the fears people have about their personal details being tied to their porn habits.
The system will be called the Adult Content Verification System (or Wank Card if you want to be funny). It’s a physical card, printed by the government with a unique key printed on it. Those cards are then sold by any shop that has an alcohol license (premises or personal). You go in, show your ID to the clerk, buy the card. That card is proof that you’re over 18, but it is not directly tied to you, you just have to be over 18 to buy it. The punishment for selling a Wank Card to someone under the age of 18 is the same as if you sold alcohol to someone under 18.
When you go to the porn site, they check if you’re from the UK, they check if you have a key associated with your account. If not, they ask for one, you provide the key to the site, the site does an API call to
https://wankcard.gov.uk/api/verifywith the site’s API key (freely generated, but you could even make the api public if you want) and the key on the card, gets a response saying “Yep! This is a valid key!” and hey presto, free to wank and nobody knows it’s you! If you don’t have an account, the verification would have to be tied to a cookie or something that disappears after a while for all you anonymous people.As a result, you can both prove that you’re over 18 (because you have the card) and some company over in San Francisco doesn’t get your personal data, because you never actually record it anywhere. All you have is keys, and while yes, the government could record “Oh this key was used to verify on this site”, they’d have to know which shop the key was bought from, who sold it, and who bought it, which is a lot more difficult to do unless the shopkeeper keeps records of everyone he’s ever sold to.
So… Good idea? Bad idea? Better than the current approach anyway, I think.
I’m a security dev and this is a good idea!
How would you solve replay attacks? Like a million people, of age or not, sharing the same key?
Maybe you could limit the number of verifications a key can have in a day? Limit it to say 10 verifications per day. So if you’re on Pornhub and have an account, you can have the key associated with the account, verified, and so you don’t need to re-verify. But if you go on 10 completely different sites and verify for each one, you can’t verify after that 10th one within the same 24hr period?
You could maybe also include guidelines for integration where if a key is associated with an account, that key can’t be used for any other account. You can include that under some requirement that says you have to make ‘best efforts’ to ensure that a key is only ever used by one account at a time. That way, if a million people are sharing the same key, you’d have to trust that all one million of them will never associate that key with their account because if they do, it invalidates that key for every use other than through that account on that site.
We thought the same thing about Netflix with the sharing password bans. Yet they retained more profit than ever the next year.
Who’s to say if this is what will make Reddit end, or did they actually just got more successful after the end of 3rd party apps compared to the declaration of so many users back then?
Digital personal verification is just going to become a fact of life in the future for everyone born after about 2012. They will use online ID cards, biometrics, location metadata that is constantly uploaded by our devices, maybe even implanted RFID encrypted chips for account verification. Passwords are becoming outdated and outmoded for security as we speak here. 2FA is the minimum security for online today but that may soon become outmoded as well.
LOL. No “we” didn’t. A few idiots did.
These large tech companies have e focus groups and can do extensive research on how their markets will react to these changes.
Any analysis on social media just doesn’t have access to that data.
That’s because Netfilx is basically a media powerhouse & kind of a monopoly.
& your average person doesn’t know how to effectively pirate
Keeping the age verifier seperate from the content host is good. Destroying the files used for verification is good. On paper it’s not too a bad system for age verification, but it really hinges on if you can trust them. Given the track record of basically almost every company and government ever…
Problem is, how do we know that the company is reputable, audited, and so on?
I’ve seen more places requiring verification - and each one of them seems to use a different verification company. How are there so many of these places, and why aren’t they more commonly known? Like Experian for credit, etc.
Sure it might sound good to keep them separate - but all that is doing is absolving the content host from liabilities for providing the adult content (somewhere) on their platforms and sites. Reddit don’t want to get involved, and I’ll bet they found the cheapest and easiest provider, or the first one in the search list and thought “good enough”.
I think it’s good that Reddit is trying to continue to allow adult content within the legal framework in which it must operate.
I guess what I’m not clear on it is what the legal framework is for verification services. Absent rules that require robust privacy protections market forces will push a race to the bottom in terms of cost and data security will be the first to take a hit.
I know this might seem weird but I think this is one of those cases where a blockchain based smart contract might be the best solution. I’m not exactly sure, as any system that allows one to consume content generally also allows one to copy it, but having a system defined in code in a publicly auditable manner that cannot be changed without notice seems to me to have the capacity to grant the most reassurance.
I mean I assume that all the verification company is doing now is verifying a person’s age and then giving a kind of authorization token that’s cryptographically secure that basically says “the owner of this cryptographic key is of age”.
Just upload a picture of any politician who voted for this.
Parental controls exist. Use them instead. I fucking hate this.
tale as old as time even since I was a kid and I’m in my 40s. Reminds me of the original videogame rating system that Sega originally implemented in NA when the first Mortal Kombat came out. Parents, to this day, are still unable to manage what their kids consume.
I mean my parents never had an issue with this. Like when they’d rent movies, I wasn’t allowed to watch Terminator 2 until I was like 13 and it was my Dads favourite movie. He put it on “ok, you have to leave the room now we’re watching a movie” and I did.
I keep thinking about some of RPs I’ve done in my life. Hot, vile, smutty text based RPs. I think about them and wonder if there will ever be a time when those words would be considered illegal and I would be arrested for posting them. This doesn’t just protect minors. It tags deviance. Some of you may know the darker corners of Reddit. Imagine if an AI flagged your subs. The delete-rebuild cycle doesn’t work anymore. Reddit will always know. If the law asks for suspects for newly illegal thought crime, Reddit will be able to point to all the users on those dark corners. We are moving into a future where privacy doesn’t matter and I fear what that means for the kinky among us.
I’m nowhere near as worried about this for kink stuff as I am about us LGBTQ living in the US.
Something similar happened In China recently. A female author of homoerotic texts was charged for it.
That’s a subject many never talk about: it assumes we (1) have morality all figured out and (2) it’s the same for everyone, everywhere.
so those scam popups that scare people by saying their webcam was hacked and took pictures of them while looking at porn is getting state sanction!
Didn’t they ban NSFW a year ago?
They’re not banning NSFW, they’re trying to control it. It’s now login-gated (with a cheeky blurred background if you’re not).
Not globally at least. Let’s just say I have an inside source
closeted wizard porn enjoyer seeks alternatives
For some reason I immediately thought of this.
[https://m.youtube.com/watch?v=UeAWPSB2toQ&pp=ygUXamF6eiBlbXUgbG9ja2Rvd24gbG92ZXI%3D](Jazz Emu - Lockdown Lover)
no don’t do it
But he’s levioser than Hermione?!? How does one resist.
That said, as someone who has posted stuff like that and had it spread without my consent, screw (very much not literally) consuming that shit without taking the same risks as the people sharing what they get off to.
I do think its gross to require it for the other NSFW stuff. Drug forums are very important resources for harm reduction.
deleted by creator
“Reddit has stressed that this system is only to verify users’ age, and it has no interest in your identity. Lee further stated that Persona won’t know what subreddits you visit, and has promised it won’t keep users’ uploaded images more than seven days.”
Press X to doubt.
Time to go to LemmyNSFW
Under the new UK law, lemmynsfw would also need to have some kind of age verification for UK users.
This. Can’t believe we’re seeing “lol Reddit sucks” when this is a country-wide implementation and has nothing to do with Reddit in particular.
So, the UK sucks.
You are correct. But this doesn’t lessen the extent to which reddit sucks.
Or it can just defederate from UK based instances.
.zip has already been trying to figure out how to handle this law, its also UK based.
.zip blocks users from the UK iirc.
Lemmy.zip blocks uk users on its front end but I think its contents is still federated.
Very careful wording there to switch between Persona and Reddit to conveniently omit one from the justification given by the other.
It is not just that, I don’t trust Persona security, if a malicious actor installed a silent program that monitors users and sends it to a command and control center they probably won’t know for months or even years. Cyber security is very bad in most companies.
Google uses reddit for its AI training. Just saying.
Presses X furiously
Why doubt, I mean they promised?
The “won’t somebody please think of the children” rhetorical tactic is always just a pretext for authoritarianism, mass surveillance and data privacy intrusion. Always. It’s the perfect motte-and-bailey: when you attack the actual motives, the motte becomes, “So you don’t care about children?”
UK is full blown authoritarian now. They have been arresting journalists who are covering the genocide in Gaza and designated a direct action protest group as a terrorist organisation.
These assholes are all pedophiles and they use it to control the planet. To get to high levels of government, you must enter the shadow contract of pedophilia. It is easy to control people and trust people with that kind of shadow on them, so it is required.
Then they turn around and use pedophilia to control everyone else. Any tech that threatens their power, they can immediately shutdown by pedo-bombing it. The counter to pedobombing is authoritarian moderation. Once you have that, it is over. The government they control now can control the mods, and that means they control the narrative. THAT is one of the core enemies to fight. An alternative to Reddit or any other system is not enough.
Because pedophilia is such a taboo / social death sentence, it is among the most powerful shadow contracts.
This is a combination of terrible legislation in the UK meets awful social media site.
The Online Safety Act is an abomination, compromising the privacy and freedom of the vast majority of the UK in the name of “protecting children”.
I’m of the view parents are responsible for protecting their children. I know it’s hard but the Online Safety Act is not a solution.
All it will.do is compromise the privacy and security of law abiding adults while kids will still access porn and all the other really bad stuff on the Internet will actually be unaffected. The dark illegal shit on the Internet is not happening on Pornhub or Reddit.
The UK is gradually sliding further and further into censorship, and authoritarianism and all the in the name of do gooders. It’s scary to watch.
The online safety act isn’t actually about protecting children. That’s a smoke screen for a surveillance bill. They want to eliminate anonymity online.
If a politician says it’s to help the children, it’s almost safe to assume they themselves rape children, at least in America.
