what do governments get out of this? Like I get it from ad/commercial perspective, but I don't see how this is highly unpopular from governments and still being implemented
There have been pushes to implement similar instances of this for a while now. If this turns out to not be successful, expect futher efforts in a similar guise
the internet is not the same as it was 20 years ago. the average person is now online, but they werent before. they dont understand where they are and need protection. there is still space on the internet, or whatever the next place will be, for the enthusiasts and other minorities. if we lose internet, something new will pop up. also, 20 years ago i didnt care so much about privacy on the internet, i just needed a cultural filter for the community im engaging with. privacy has always been a game of cat and mouse. 0 chance things stay the same for long
I wonder if not private age verification could not be solved with the right cryptographic protocol.
You would have to register using a digital ID with a government agency, to get a age certificate. Most European countries already have digital IDs, used for all sorts of things: such as taxes, online banking etc.
Then that certificate could be used in some sort of challenge-response protocol with web sites to verify your age, creating a new user ID in each session but without divulging anything that identifies that particular certificate.
I'm afraid that the alternative would be that social media would instead require login with the digital ID directly.
Yes, it can be. Google has a zero-knowledge proof based system in Google Wallet that lets you store store signed credentials such as government ID and then prove to third parties that you have such a signed ID and to disclose to them facts of your choosing from that ID, with the third party gaining no information other than that you have such an ID and that it confirms those facts. This has been running in production for a few months.
They have opened source this [1][2].
This was designed to comply with eIDAS in Europe so that it could be incorporated into the EU Digital Identity wallet.
Current implementations depends on smartphones but it should be possible to make it runs on other devices that have similar cryptographic hardware.
I wish people would stop sharing this website, their research is massively written by LLMs and looks good at a glance, but it goes in every direction at the same time and lacks logical connections. And the claims don't really match their sources.
Their initial publication was backed by a Git repository with hundreds of pages of documents written in just three days (https://web.archive.org/web/20260314224623/https://tboteproj...). It also contained nonsense like an "anomaly report" with recommendations from the LLM agent to itself, which covers an analysis of contributors to Linux's BPF, Android's Gerrit, and parser errors in using legislative databases. https://web.archive.org/web/20260314103202/https://tboteproj... . The repository was rewritten since, though.
This post follows their usual pattern. The second source they link to has been a dead link for 11 months (https://web.archive.org/web/20250501000000*/https://www.pala...). There's a lot about Persona's design, MCPs, vulnerabilities, data leaks, but nothing proving they use it for mass surveillance. The entire case for it being mass surveillance rests on two points: that they interact with AI companies and they offer MCP endpoints (section titled "Persona's Surveillance Architecture")
It’s good that for non SFW stuff you do the need the internet anymore, just 72GB VRAM for all modalities. Public internet only for news/payments. Everything else can be offline, no more npm or React garbage needed either for frontend.
LLM feedback loops are scary because they self-reinforce by training over their own data drift and vulnerable people interface with the noise and follow the downward spiral.
It's easy-ish to verify someone is human and of-age without needing any intrusive agent. One big problem is that the folk pushing for surveillance via verification hate that model and have capital to crush the idea. Another is adoption of some system that works; where the perfect blocks what's good which results in no progress.
This makes a lot more sense than merely assuming
that Meta pushes for it. There are several actors
here and none of them have the good of the people
in mind. This is why Age Sniffing, labeled "Age
Verification", must be abolished. It's an entry
door of evil actors here. It has nothing to do
with age "verification" yet alone "protecting the
chilren" - that's just a lie. I am noticing this
more and more, e. g. if you claim to want to protect
children, but then you have underage people on youtube
create content? So how does that make sense if you want
to restrict them on the one hand (or, everyone else,
in addition to that) but then let the de-facto censorship
here be "loose"? In fact - why are any children viewable
on youtube to begin with? That contradicts those age
sniffing entities.
Really seems to be a government issue. I have an app on my phone where I can generate a QR code which proves my age. Nothing else is transmitted - no birthdate or name. And it's based on an open standard. You can read any verify everything yourself. You just can't fake it as you can't sign it without the private key.
23 comments
[ 2.8 ms ] story [ 52.4 ms ] threadSeems like a pretty big fuck up, if so. I wonder why did they not use asymmetric encryption.
You would have to register using a digital ID with a government agency, to get a age certificate. Most European countries already have digital IDs, used for all sorts of things: such as taxes, online banking etc.
Then that certificate could be used in some sort of challenge-response protocol with web sites to verify your age, creating a new user ID in each session but without divulging anything that identifies that particular certificate.
I'm afraid that the alternative would be that social media would instead require login with the digital ID directly.
They have opened source this [1][2].
This was designed to comply with eIDAS in Europe so that it could be incorporated into the EU Digital Identity wallet.
Current implementations depends on smartphones but it should be possible to make it runs on other devices that have similar cryptographic hardware.
[1] https://blog.google/innovation-and-ai/technology/safety-secu...
[2] https://github.com/google/longfellow-zk
Also, you probably just don't want any gatekeepers here and I think the net will just move to other services.
I would also not want to use my "digital ID" for anything other than perhaps state services.
I prefer to not give an inch as it is not in my interest, so trying to sell any solution is probably futile in my case.
Their initial publication was backed by a Git repository with hundreds of pages of documents written in just three days (https://web.archive.org/web/20260314224623/https://tboteproj...). It also contained nonsense like an "anomaly report" with recommendations from the LLM agent to itself, which covers an analysis of contributors to Linux's BPF, Android's Gerrit, and parser errors in using legislative databases. https://web.archive.org/web/20260314103202/https://tboteproj... . The repository was rewritten since, though.
This post follows their usual pattern. The second source they link to has been a dead link for 11 months (https://web.archive.org/web/20250501000000*/https://www.pala...). There's a lot about Persona's design, MCPs, vulnerabilities, data leaks, but nothing proving they use it for mass surveillance. The entire case for it being mass surveillance rests on two points: that they interact with AI companies and they offer MCP endpoints (section titled "Persona's Surveillance Architecture")
WHO IS PROVIDING INTERNET TO A CHILD
they are liable
there's no such thing as free open access internet without someone paying the bill
unless it can be demonstrated the child stole internet somehow, hacking, etc.
then the person providing the internet is liable for the child's activity
Same if you aren't going to supervise your child and they come home for hours after school and watch porn on the TV
They don't age verify to get cable TV
If you have a credit card, you are an adult
Someone is paying the bill, they are the adult, they are responsible
The social media also cant just do it themselves with a box, "are you over 16, yes no" they will require to identify against the government.
Essentially this makes it so that every user's actual ID is being tracked. Fully intended to control speech online.