You know the non-governmental organization "Save the Children"? Maybe it's time to create a new one called "Fuck the Children" to defend people from these laws designed to mine privacy under the pretense of protecting minors.
when you force someone to signal status as a minor, you are forcing them to wear a target, hostiles will not have so much work to find minors, now they only have to contact, groom, and offend.
In your system, can companies verify age offline, or do they need to send a token to the Government's authority to verify it (letting the Government identify and track users)?
Switzerland is working on a system that does the former, but if Government really wants to identify users, they can still ask the company to provide the age verification tokens they collected, since the Government hosts a centralized database that associates people with their issued tokens.
Aren't the companies also expected to do revocation checking, essentially creating a record of who identified where, with a fig leaf of "pseudonymity" (that is one database join away from being worthless)?
The revocation checking is implemented in a way where the government doesn't know who you checked and you can even cache the information (if that's good enough for you) so they won't notice at all.
That assumes the companies store the individual tokens, as does the government. Neither of which are part of the design, but could be done if both sides desired it.
The Swiss design actually doesn't store the issued tokens centrally. It only stores a trust root centrally and then a verifier only checks the signature comes from that trust root (slightly simplified).
> Decentralized Identifiers (DID) developed by the W3C represent an identifier standard that provides a subject-controlled method for identifying individuals, organizations, or objects online. In the swiyu Trust Infrastructure, DIDs are utilized as a standard identifier for issuers and verifiers. They are centrally hosted on the swiyu Base Registry.
> In this protocol, the trusted authority issues certifications (“trust statements”) concerning the identity (i.e., who is the real-world identity controlling a DID) and legitimacy (i.e., who is allowed to issue or verify credentials of a specific VC schema) about an entity as SD-JWT VC and publishes these trust statements in the trust registry.
> Token Status Lists are signed, maintained and published by the credential issuers but hosted on the Base Registry.
That's not how that works - they can prove they check by showing logs, rather than VPs. There's even legal limits on what identifiers they can store and for how long. But even ignoring that, they'd be storing only very limited disclosures.
The base registry stores identifiers of issuers and verifiers, not credential holders.
Even the status register does not contain the tokens themselves:
> Within these status lists, each index (i.e., status entry) documents the validity of one VC. The corresponding index is captured in the VC’s metadata to allow for a decentralized status information retrieval that does not require verifiers or the VC holder to contact the issuer.
Of course, each issuer needs to maintain a list of the credentials they have issued in order to be able to ever revoke them. That's unavoidable.
> But even ignoring that, they'd be storing only very limited disclosures.
Just to be clear, here I am not concerned about the verifiers, I am concerned about the authority (Government).
> The base registry stores identifiers of issuers and verifiers, not credential holders.
If the verifiers provide the verification tokens to the Government, can't the Government identify the original issuer even if they don't store them? Don't these tokens contain the DID of the issuer? Please correct me if I'm wrong, maybe I didn't get this part right.
> That's not how that works - they can prove they check by showing logs, rather than VPs
Logs can be manipulated, VPs can't. If I had a company and I was forced to verify users, I'd try to store those VPs for as long as possible, for my own protection.
> There's even legal limits on what identifiers they can store and for how long
I was not aware of this. Is that documented anywhere?
> a trivial code migration on the side of the callee
If your library is used by multiple consumers, forcing all them to migrate is not trivial, no matter how simple the change is.
If your income comes from these customers, it is not a good idea to put every one of them in the situation of having to choose between updating their code or stoping being your customer.
The problem is when government's solutions go through identifying everyone and collaterally tracking their actions.
In the same way parents can be blamed for not keeping their children safe around guns/alcohol/drugs, they should also be blamed for not keeping the children out of digital dangers, and keep mandatory age verifications out of here.
Problem is that social media doesn’t have negative connotations like guns/alcohol/drugs do. That makes it hard or impossible for individual parents to restrict it. They are perceived as crazy or paranoid or controlling. Plus if their child does opt out of social media, they become a social outcast from their peers who are still on it, which is a worse outcome for the child.
It almost sounds like multiple parents from a large number of households need to collectively act in unison to address the problem effectively. Hmm collective action, that sounds familiar. I wonder if there’s a way to enforce such a collective action?
To be clear, I do agree that putting the ban on the software/platform side is the wrong approach. The ban should be on the physical hardware, similar to how guns/alcohol/tobacco which are all physical objects. But I don’t have the luxury to let perfect be the enemy of close enough.
> Plus if their child does opt out of social media, they become a social outcast from their peers who are still on it, which is a worse outcome for the child.
I don't think that is the case any more since social media isn't social like it used to be?
The salesman is at their friends place. And is a prerequisite for soccer team meetups. Etc. You need most parents to cooperate to bar him... but yeah I guess being prudent at home helps.
I totally understand that "the salesman" is everywhere and that a single person can't fight against that, but he is everywhere because most parents are not blocking him in the first place, and that's exactly my point. Those are the parents that need to be blamed.
In my first message I was not targeting those parents who try to block this but can't; I was targeting those parents that use Youtube to distract their kids since they are babies, those who give unrestricted access with no control at all, those who don't care. We all know people like that.
This is just an hypothesis, but if parents were fined every time their kid accessed social media, I'm sure most kids wouldn't be on it.
This is a surprising take. So you know that this gun salesman is targeting the youth, and that parents can only resolve it by massive collective action, but they are to blame, and the gun salesman should be allowed to continue on his merry way?
Do you think a crack dealer should be allowed to hang around on the playground and every kid has to talk to him too (and its up to parents to make sure the kids know not to buy his stuff)?
"I totally understand that "the salesman" is everywhere and that a single person can't fight against that, but he is everywhere because most parents are not blocking him in the first place, and that's exactly my point. Those are the parents that need to be blamed."
I see that sentence. Your paraphrase is not accurate to it. They're talking about how to fight back effectively, which is different from allowing him to continue on his merry way.
Your argument is conflating smart phones with social media apps and you seem to be assuming that kids wouldn't have access to their phone in other locations where they are unsupervised, subject to peer pressure, etc.
Devices and networks can be configured with parental controls, and the blockage doesn't need to be 100% effective. The kid accessing Facebook from a friend's phone 15 mins a day is tolerable, while giving them access to drugs or a gun 15 mins a day is not.
There is also the education part that for some reason we are ignoring. Kids are going to be able to access drugs in locations where they are unsupervised, they are going to be subject to peer pressure, etc. The job of the parents is to prepare them for that, as they should prepare them for the negative effects of social media.
Very shocking that you're being downvoted on HackerNews of all places, where I'd expect people to be tech-literate and aware of the harms of internet age verification law etc.
I downvoted it because he invoked the analogy of alcohol and tobacco while simultaneously arguing that it should be totally on the parents. That's not how it's done for alcohol and tobacco! If that were true then any shop could sell booze and cigs to kids, and if that were the case then how could parents possibly hope to stop it?
The premise that parenting is wholly on the parents and society at large doesn't need to play any role in raising kids is a manifestation of the kind of libertarianism that appeals to techies on the spectrum who want to find the simplest possible ruleset for everything, but it just doesn't work that way in reality.
Age verification for alcohol/tobacco doesn't require full identification nor keeps any records that can be later used for tracking people for other perverse purposes.
I didn't say that "parenting is wholly on the parents", that's a straw man argument. I said that parents who don't keep their children away from digital dangers should be blamed.
Parents have a huge radius of action, they can:
- Avoid using Youtube for entertaining their babies/toddlers.
- Avoid buying tablets to their children.
- If they buy them a phone, use parental control and restrict app usage.
- Monitor what their kids do on internet.
- And the most important: educate their children to identify dangers.
Do you think a parent who does none of this shouldn't be blamed?
I want parents to embrace responsibility and act as parents. Delegating this kind of education to government is dangerous and has many negative collateral effects we will pay sooner or later.
Yes, to uniq7 and others -- you keep saying "identity verification will be used for nefarious purposes". Lets take the alcohol and tobacco case, was it used for nefarious purposes? Did adults suddenly lose rights and/or have something bad happen to them?
The government can and does already track whatever they want about you. Businesses already track you unless you are extremely thorough about erasing your footprint. Adding a zero-knowledge proof through a trusted system that you are 18+ doesn't seem like the mountain people are claiming. You already have to provide ID and credit card to get ISP access, the byte patterns are traced back to your household. They already have a unique fingerprint on your browser and computer. The real harm is just the obvious encroachment that we can all see and have known about since early 2000s. They don't need a "backdoor", it feels like alarmism over a possible problem, when there is a very real harm to children and teens (suicide rates, depression, bullying, mental health, etc).
to go back to smoking / alcohol / guns, one could argue it is an infringement, but ultimately it does seem to have been the right choice for society at large, and the increased "invasion of privacy" has been pretty minor. If anything, the opt-in stuff like credit cards, cell phones, GPS, car apps, streaming services have all been far larger invasions of privacy that people willingly embrace.
Age verification for alcohol/tobacco doesn't require full identification nor keeps any records that can be later used for tracking people for other perverse purposes.
Also, the fact that gov and companies are already tracking people doesn't mean we should consent to more ways of tracking.
That would be if we were talking about water (and at 4ºC if we want to be "exact"), but potatoes have a different density and cannot fill the space entirely due to their irregular shapes. Are you saying that those two things cancel themselves out and the result is that 1 cubic meter of potatoes is "exactly" 1 tone?
> Wie werden die Kartoffeln geliefert?
Die Kartoffeln werden per LKW direkt an Ihre angegebene Adresse geliefert. Die Lieferung erfolgt in einem Big Bag, in das ca. 1000 Kilogramm Kartoffeln passen.
The error doesn't need to be extremely specific or point to the actual root cause.
In your example,
- "Error while serving file" would be a bad error message,
- "Failed to read file 'foo/bar.html'" would be acceptable, and
- "Failed to read file 'foo/bar.html' due to EIO: Underlying device error (disk failure, I/O bus error). Please check the disk integrity." would be perfect (assuming the http server has access to the underlying error produced by the read operation).
Maybe this will be an unpopular opinion, but I really dislike the lane layout, because it is not possible to efficiently take a glance at all elements in the list, one by one.
If you try to go left-to-right, you will quickly realize that at the end of each "line" it is really difficult to know where the next line starts. It is easy to accidentally start again on the same line (and inspect the same elements), or skip one accidentally. Then navigating through the elements one by one requires a considerable amount of cognitive effort, your eyes bounce up and down constantly, and you end up inspecting the same elements multiple times.
If you try to go top-to-bottom, lane by lane, you will then realize that the page also has infinite scroll and you will never go past the first lane.
But if you don't need to systematically examine every element one-by-one, lane layouts are pretty good. Sites like Pintrest use lane layouts because their content isn't meant to by systematically examined, but rather absorbed at a glance. If your content is meant to be systematically examined, using a lane layout would be a bad UX choice. But just because lane layouts can be misused doesn't mean they're a bad layout.
IMO it's annoying to use at all. It just looks "good" (subjective).
Larger images dominate and flashy images become more important to get attention (if bringing focus to an image is the idea). An extremely poor way to present information.
It's not meant to be "efficient," it's meant to allow your eyes to look at the entire page at once to find what you're looking for. A newspaper or photo gallery comes to mind.
And then, if you don't make any questions, they may think that you don't care enough about them. Also, if you just often share information that is interesting to you, some may think you are tedious/boring.
Notice that both your sentences are trying to control the other person's reaction and feelings towards you. If that is your idea of socializing, I would come to the same conclusion.
As cliche as it is, find things in others that genuinely interest you. And don't expect it be a fruitful experience. There are so many reasons the socializing ritual can end up being unfulfilling.
Did you notice? People tends to interpret others in the worst possible way; even you inferred from my two short sentences that I am a controlling person. I'm not offended, it's just funny, and kind of reinforces my previous point.
Regarding your interpretation, I respectfully disagree. I think there is a huge difference between influencing someone to do what you want and simply being careful with what you say in order to avoid triggering negative responses/feelings in your peers.
I don't think the latter falls into being controlling/manipulative in any way, on the contrary, I think it is the base of good social etiquette, and I prefer to be surrounded by people who behave like that than the opposite.
There's some good irony in your reply and I think we're both laughing for different reasons. I have no intention in being combative, but it is you who interpreted my post in the worst possible way.
I was speaking from a neutral and stoic stance. Nowhere did I imply manipulation or attempting to control another person. I was only referring to your fixation on their reactions and feelings.
> I was speaking from a neutral and stoic stance. Nowhere did I imply manipulation or attempting to control another person
You literally said:
> your sentences are trying to control the other person's reaction and feelings towards you
Although the tone you hear in your head may sound stoic, I don't think that stance is neutral at all. You didn't say "I think your sentences..." or "Looks like your sentences..."; you made a subjective affirmation based on two sentences I said about people's feelings in conversations, on a thread about people's feelings in conversations, on a post about people's feelings in conversations.
If my two sentences in this context really mean that I am fixated, then everyone in HN is fixated on whatever they write, which is ridiculous.
I'm starting to think you are just trying to troll me.
reply