108 comments

[ 2.7 ms ] story [ 199 ms ] thread
> Kenyans received 25 worldcoins — amounting to around 7,100 Kenyan shillings (about $50)

> Worldcoin says over 2 million people have already signed up

> Rest of World also notes that “relatively few people were familiar with the goals of the project” and were instead looking to get the $50 reward.

Some key notes.

Im actually fine with this as long as they're a startup with robust security processes/audits AND acknowledge the impact giving away free money has on the efficacy of their early user numbers.

I'm not ok with scamming people in 3rd world countries.
I was appalled to see that most of the orb locations were NOT in western nations. This is an obvious attempt to collect biometric/human data for training purposes, by taking advantage of populations of developing nations, by giving them fake money.
Exactly, you have to be a certain level of cynical to be able to even suggest such a thing. It's a new form of colonial abuse, not unlike the way low value goods were exchanged with native peoples the world over in return for very high value goods or even their lives.
You can even take it a step further because you can sign up to be a "Worldcoin Orb Operator" and help facilitate the entire process against your fellow countrymen.

Honestly I was impressed with how brazen this entire thing is - they might have well just paid for eyeball scans and cut the crypto crap.

What is exactly bad here? The eyeballs photos are not stored unless you agree with it. It’s just hashed and stored in the system. It’s just a hash of eyeballs to allow checking who is human and who is not. It doesn’t store any personal data.

Did you read the whitepaper?

Scans of eyeballs were stored for training / algorithm improvement purposes during the beta phase rollout.
> This is an obvious attempt to collect biometric/human data for training purposes

Dream bigger! This biometric information is valuable, it can be sold or licensed to (current or future) identity companies, or included as part of a Palantir/Anduril/$Tolkien_Noun border security or intelligence services sold to governments all over the world. I'm sure the CIA & secret-police-types would love getting access to this data once they have a larger dataset (6 to 7 digits)

OneCoin was also targeting people in 3rd world countries to a large extent.

The people with the lowest morals always seem to target the weakest, targeting older people is another common target for these scammers.

To me, SSN is enough to personally identify. Additional information would be redundant for that purpose. Of course, if any information is misused, that’s illegal. And it’s not a lot of money for them to steal back, unless it’s about labor control. But again, that’s illegal.

In the US, what incorporates the existence of federal government power is that there is somebody to mandate it, and this is represented by capital/property/enforcement/vote. Those that are enfranchised with property (like money) are legally recognized as invested in upholding the agreement of union: then the law, and hence their stake, survives. You’re trusted to do business, run for office, make new laws, etc. You can make systems that persist or harden the fairness of a law.

By enfranchising people worldwide, you’re giving them a stake. Enforcement, however, is the hard part. Is this coin rigorous enough? Is it stable? What’s the jurisdiction?

(comment deleted)
Good, because this is an awful and stupid and terrible and ridiculous and exploitative idea.

On its no-pun-intended face.

Let's be clear, it does not matter at ALL if Sam Altman or anyone presently involved has good intentions; the goal is biometric crypto, and biometrics -- which is to say, unalienable IDs, is by default an awful idea and should probably be dismissed outright.

Why are unalienable IDs an awful idea? Unalienable IDs seem to me to be the "default" of human societies. Before technology, everyone had "unalienable IDs" -- if you saw Bob, it was Bob.
(comment deleted)
Or Bob's twin brother. Or someone that really looked like Bob.
I'm always skeptical of "before technology" comparison because they rarely account for the radical differences of the world today, like scale.

But in this case the comparison doesn't really work. If Bob went to a new town he could introduce himself as Dave and no-one would be any the wiser.

By comparison eyeball scans are owned by a private company, infinitely replicable and reusable. They could follow you absolutely everywhere you go without your permission.

Also, biometrics aren't like people recognizing each other. They eventually have to be become data sent over a network so they're basically a password/id designed/assumed to not be alterable or spoofable - but that assumption is generally false. Hacking can happen from anything from someone getting private info to someone walking around with a mask. And here, as mentioned, there's no password resets available.
I wonder how we handle stolen biometric data? Do we invalidate it like a stolen certificate?

Sorry sir, your eye has been revoked, you can no longer authenticate to this, or any of our partner services.

It's difficult to have your eye stolen (let's not get into gore please). But they could simply hack the backend, and say your eye belong to someone else. The app now shows Bob the bank robber being Dave the bank manager, just long enough to empty the vaults. Oh it was on blockchain so you can see afterwards that it was actually Bob?
Or the inept might trade their IDs for instant cash, as is actually happening (reportedly). Since Worldcoin is bribing 3rd-world grannies to sign up.

I know that HN is crawling with individual-responsibility people. To those people I say: do you shrug coldly when your aged mothers get scammed? Are villages without electricity fair game?

Worse still,

Your eyeballs are scanned now everyone will think you are Bob, even if you actually are Dave, because that’s what the app says. Doesn’t matter what you say or argue because the app says you are Bob and the app is never wrong.

I was at Walmart buying some heavily discounted gel blasters. I ordered them for pickup originally but then thought “Walmart employee will misplace it “accidentally” and then buy it when the shift is over” (it happens, a lot). As such, I decide to go myself and pick them up. Turns out Walmart online vs in store clearance price is a big difference so I ask for a price adjustment at the register. I wait for the super user trainer expert person who then calls more super expert backup. They proceed to explain to me that they could do a price adjustment but the app says there are none in stock. Mind you I have the blasters right there at the register and explain to them that these products actually are in stock and say “can we all agree that we are all seeing the same thing right here?”

Answer: sorry, no because again the app says it’s not in stock and we no longer have that product.

The app says no and what the app says is final. Dammit. You are Bob and these gel blasters in front of us don’t exist. Goodluck Bob.

My mistake, I’ve just remembered these must already be mine. Proceeds to walk out with them.
There's two things going on - technology, like you mention, but also scale.

Scale brings trust problems. Got a million people in your city? Even without technology, you probably don't know Bob. Bob can rip you off without realistically expecting repercussions, unlike in a small village where everyone depends on each other, and Bob would get kicked out and have to try to find somewhere else. So scale also breaks a lot of the value of permenant IDs, and things like outsourced trust (credit reports, etc) will never be perfect. And in a big society, even a 99% success rate would be A LOT of people getting fucked over.

Can this eyeball-thing fix that? Largely, no - any errors in the system that aren't identity theft will still be there. And potentially worse: even fancy technological systems are almost always vulnerable to technological exploits. And then if too much trust is placed in the validation mechanism, a bad actor could potentially go nuts.

If eyeballs were unailienable then safety glasses wouldn’t exist.
Before technology, Bob could skip 3 towns over and change his name to Rick.
Which was useful. If Bob was the subject of a targeted attack by Larry that unjustly sullied his reputation or opportunities, moving from Aton to Ceeton and changing his name to Rick means that Larry's erasure of Bob's standing is effectively reversed.

Sure, it could be abused. But literally everything has the potential to be abused. Life is about weighing the risks of abuse against the reward of opportunity. And honestly I think we've gotten really bad at assessing that risk in the past half century, with powerful individuals muddying our perception even further to pursue their own goals.

Backalley eye replacement surgery
The "If you saw Bob" identity was limited to a few hundred people if you were a king, and a few dozen otherwise. Biometrics in digital systems will allow the most disagreeable out of a billion people to positively identify you.
Unalienable IDs might be the default of small-scale face-to-face societies, but not ones which operate at scale. Not even "Bob" can serve as a fixed identifier without intentional state action — (sur)names were very often intentionally assigned to make administration (e.g. taxation) easier:

> Campaigns to assign permanent patronyms have typically taken place, as one might expect, in the context of a state’s exertions to put its fiscal system on a sounder and more lucrative footing. Fearing, with good reason, that an effort to enumerate and register them could be a prelude to some new tax burden or conscription, local officials and the population at large often resisted such campaigns.

https://theanarchistlibrary.org/library/james-c-scott-seeing...

> Unalienable IDs seem to me to be the "default" of human societies. Before technology, everyone had "unalienable IDs" -- if you saw Bob, it was Bob.

Interesting. That makes me wonder if cultures around the world feared twins precisely due to the fact that ''unalienable ids' were the default of human societies'. In 'Things Fall Apart', identical twins are automatically 'dispatched' in the evil forest as soon as they are born because they are deemed 'evil'. I never understood why. But since identical twins break the natural default id system of human societies, maybe some societies felt it better to sacrifice the few to preserve the system.

I do think this project sounds scary and dystopian, but aren’t SSN’s effectively unalienable IDs?
You could issue someone a new SSN. I know it rarely ever happens but it is certainly possible. Eyeball scans... less so.
As a thought experiment, could a witness protection program (i.e. an arm of the government) issue a new/fake SSN? Yes.

Could they change your retina? Maybe some surgery exists to do this, but it sounds risky/complicated!

This is somewhat weak with the argument here, though? The idea would be that you could get a new "world coin address," and I see no reason that couldn't be doable.

That is, the thought experiment here is not that people interact with your retina identity, but with an address that has been confirmed to be associated with a living person. There will have to be ways to build "collective" groups in this landscape, as such there will have to be other webs of trust on top of it. Right?

To be clear, I'm not convinced world coin is a good idea, but I'm not sure this is a clear take down of it?

I would argue that in our current identity theft riddled world SSN's are as much a liability as anything. At some point they became used as both the id and the password.
Absolutely not. There is nothing tying a number to your genetics.
ok, but your genetics are a number (turns out 64 bits will not be enough)
And also an unnecessary, bad idea. We don't need a special code to ration retirement.

They were also, by law, not an identifier, because people then were smarter than people now. You can still refuse to give your SSN under any circumstance other than employment, and people cannot deny service based on that refusal.

SSN is voluntary. USA passport application has a spot for SSN and it may be left blank or may accidentally contain rando numbers (I have done both). TSA full body scan is also voluntary, along with voluntary showing ID at their (Soviet era) checkpoints.
> SSN is voluntary. USA passport application has a spot for SSN and it may be left blank or may accidentally contain rando numbers (I have done both). TSA full body scan is also voluntary, along with voluntary showing ID at their (Soviet era) checkpoints.

I had to do a quick check on this TSA scan just to confirm that an opt out was possible, seems they changed the language back in 2015 https://www.dhs.gov/sites/default/files/publications/privacy... (page 3) to make it less optional. Basically it sounds like you can say NO, but they can override your NO for whatever reason..

"TSA is updating the AIT PIA to reflect a change to the operating protocol regarding the ability of individuals to opt out of AIT screening in favor of physical screening. While passengers may generally decline AIT screening in favor of physical screening, TSA may direct mandatory AIT screening for some passengers as warranted by security considerations in order to safeguard transportation security."

That is what Thousands Standing Around say, but it's not the law. And there are ADA considerations (hint).

I have never done more than metal detector or massage, and have been 1K flier.

A friend flies with no ID and a federal ankle bracelet. Also opts out of full body scan.

Unless you literally live in a wood shack in the forest like the Unabomber good luck existing in modern USA society without an SSN. I suppose you could probably do it if you inherited generational wealth and lived from birth to death only spending cash on things.
Usually doesn't even get that far because IRS bribes parents with a small deduction if they voluntarily get a beast number for their child.

A motivated person could set up an LLC and do everything through that EIN. But few are motivated to protect their privacy.

Most countries have a required ID, there is no way around it other than living illegally.
I'd say "effectively" is doing the heavy lifting here.

Which is to say, we could undo that database if we wanted to. If society decided it collectively hated SSNs, the work to obscure that system, or to poison that well, would be far easier than with irises.

[dead]
Agreed. Unfortunately the reality is Sam didn't "pay" the right officials off so this ban is less altruistic than we're lead to believe.

Edit: the down v00ter clearly doesn't understand how African countries work (China has made inroads as well as they have because of bribes). This is the reality on the ground whether you like it or not.

You say that like it doesn't happen everywhere. See-also: the other crypto Sam.
In what way would we ever expect the ban to be altruistic? Kill the cancer before it grows. It's in every country's best interest to destroy this scam as early as possible.

So the cancer didn't pay the right officials to disable Kenya's immune response. Good news!

Again, whenever we do stuff, it's somehow China's fault. It would be nice if we could refer to the bad things we do without calling them Chinese.
In theory, I agree; it wigs me out. It feels almost racist when I describe their social credit score -- but, sorry -- facts are facts.
“Social credit score” is pure western propaganda. It’s called “trust score” and it’s by companies like Tencent (at the behest of the Chinese government) instead of directly from the CCP. Having a low score prevents usage of public facilities (transport, vending machines).

Mine was so low I can’t buy a drink via WeChat

Your comment adds nothing to the discussion, and is a digression.

I noticed you casually implied people familiar African countries wouldn't dare down vote your comment. Take this exotic downvote[1], it is straight out of Africa.

1. for lowering quality of discourse with a speculative, off topic shallow dismissal

Edit: if you want me to reverse the downvote, you know "how things work" :) Paypal deets are on my HN profile

Biometrics (as a way to identify people) are used by plenty of governments around the world.

There are plenty of people who don't care about privacy (as evidenced by the rise of social media). Why wouldn't such people be allowed to profit off their biometric data?

> Why wouldn't such people be allowed to profit off their biometric data?

And legalize selling kidneys. My body my choice.

Got my scan. I'm happy. Worldcoin's happy. Who's exploited?
Get your eyeballs scanned for some made-up money. Does it also come with an NFT of your eyescan?

This sounds like something that should have happened in 2020/21.

For strictly satirical purposes, I'd like to get a copy of the Worldcoin pitch deck and do a bulk search/replace for eyeball scanning with scrotum vein pattern scanning, and re-publish it.
That’s sexist. Why no boob vein scan?
I know somebody that successfully registered a nipple for an android phone unlock behind-the-screen fingerprint scanner, does that count?
What's stopping you?
Nobody has given me a copy of their pitch deck yet
You assume Sam Altman needs a pitch deck, out of all people?
It did actually, I'm a dev in the crypto space but remember vehemently disliking this project on its premise, feels very sketch to put it lightly. They claimed at one point IIRC they hold the data and will remove it "later" (trust us bro), but I definitely could be remembering that incorrectly. The fact that they started in low income regions and that they're harvesting iris data for a dystopian dream is crazy, I can't believe this crap is still going. Easily one of the most evil projects I've seen in my life.
Such great loss for the worldcoin I am sure.
I'm kinda morbidly curious about things in general, so here's my question: Can I cut someone's eye ball out and use it to collect their money, or does Worldcoin use some kind of 2FA like my phone?
The orb does a round of “liveness” checks before the retina imaging to ensure someone’s not trying to scan their dog / detached eyeball.
YC alums are looking a lot like Forbes 30 under 30
How is this better than just using SIM identities? If we want a way to digitally transact quickly, cheaply, for 'walking around money' levels, then a simple disposable wallet baked into the SIM is a trivial way to go. Remember a SIM is basically a HSM.

It of course, already exists, and is very successful in Africa. But SV innovators don't have a piece of it so better make up some BS and drown out any practical voice with media click-bait about eyeballs.

https://en.wikipedia.org/wiki/M-Pesa

And a SIM is just a smaller iso7816 smart card.

Never understood why Visa and Mastercard (or its members) never turned on the stored value (“offline credit”) portions of the spec.

Plenty of retailers that just “go dark” when the payment/telco network goes down. But maybe that’s an IT issue/decision.

(At least that’s how I think it works: the card keeps track of how many unsigned offline transactions have happened and eventually says “no more” until it gets a ping back from the payment network)

I just heard about this on Bloomberg last night. When asked about security issues, the worldcoin spokesman basically said "everything has some risk, and we'll help them get the tools they need" without actually addressing the elephant in the room.
Can someone explain how cheating is avoided is this setup? Can’t people just give fake biometric data to this system?
It's centralized.
It’s now but it will be open and decentralized
That's always the case with these projects. All the critical problems will be resolved sometime in the future.

And how will cheating be stopped at that time? Shrug

Good, that solved cryptocurrency theft.
Part of their orb tech is a ton of sensors that make sure its a real eyeball on a human.
Wondering whether to let grifters milk your country? It's quite simple: ban straight away, and don't look back.
Most probably the Kenyan authorities saw the writing on the wall when it came to the West’s polices in Africa, see what’s happening now in Niger. Good for them.

I had personally no idea that any of Altman’s companies was involved in dystopian stuff like this, but it doesn’t surprise me in the slightest, as I’ve said before and I’ll say it again that from my point of view Altman (and guys like him) are merely frontmen for 3-letter US security agencies.

Military coups are good now?
If they get rid of some detrimental external forces they might be good, yes. Anything that keeps persons/organisations like Samantha Power and USAID out of a specific country has very big chances of being a good thing.

[1] https://www.usaid.gov/niger

Got it. So replace USAID with Wagner. Makes total sense.
>Despite this, Worldcoin maintains that “biometric data never leaves the orb” and is “permanently deleted” after you sign up. The company instead saves your IrisCode — a unique set of numbers that represents your identity.

"We don't store your biometric data, just a number in one-to-one correspondence with it that anyone with access to our algorithm could reproduce..."

It’s a one way hash function. So no, you can’t. Only if you have somebodies eyeball (alive) you could generate the hash and check if it’s stored in worldcoin
Daugman's IrisCode is not a one-way hash. It's basically a topologically flattened, cropped, fourier transform. The biometrics industry has been claiming that templates are one-way hashes for decades, and they still aren't.

Converting an image to a template requires similar images to result in similar templates. That's usually the opposite of what you want from a hash. There is a concept of "biometric hashing" that would accomplish the one-way claim, but it's theoretically hard and as far as I know none have hit the accuracy levels to make the biometric part feasible for a large scale systems.[1]

The real claim biometrics vendors tend to make if you push them is that you can't reconstruct a photo-realistic image of the face / finger / iris from the template. Which is generally not a true claim either, but at least would require some work with generative tech. And a photorealistic image that generates the same template is likely to look a lot like the actual person.

Source - 10 years of consulting in biometrics for government, academia, and industry, including spoofing and vulnerability assessments. Most people in the industry don't know what they are talking about and just repeat marketing claims.

[1]https://www.cse.unr.edu/~bebis/CS790Q/PaperPresentations/Bio...

Yikes. Is Altman speed-running the don't-be-evil plotline?
I think privacy concepts are very culture-specific, and a lot of them are first-world problems. On one end of the spectrum people care too much about who you are. On the other end, people don't care at all who you are and you're locked out of banking or being considered a consumer segment worth developing for.

Biometrics do freak people out more than tracking cookies do, largely because they represent your actual body (e.g. this article refers to an IR photograph of your iris as an "eyeball scan" because it gives the reader a more visceral reaction - "eyeball" makes you think of something wet and biological, and "scan" sounds invasive and like it involves lasers or something.).

But they can solve some serious technology difficulties in places where other identity infrastructure isn't in place, and often the concerns are a bit philosophical compared to the tangible benefits. As with all privacy-invasive tech, the issue is exposure to rare but nasty failure modes, and biometrics has the difficulty of being non-revokable.

Everybody is so negative about it. It don’t see why. It’s just storing a hash of an eyeball to have a better solution than soon-to-be-broken captchas to detect humanness.

The only thing that is stored is the hash. It’s just a “human or not” database

And wat better than SSN managed by a government you must trust. For one it’s not worldwide. Secondly you can’t trust them.
Are you suggesting that we should use this or technology like it to simply be able to login to a website?

That’s a whole hearted no thank you from me. I should not be required to scan my retina just to login to my email.

After Loopt, that's the second thing from Sam that makes no sense whatsoever.