23 comments

[ 2.6 ms ] story [ 31.6 ms ] thread
God I’m so glad I don’t have social media or dating apps… they are becoming a creepy surveillance companies
This is apalling. I'd have to go back to meeting people in person. This is invasive and repulsive.
If you read the comments on Gizmodo, there's some saying that the user base for these apps will drop off. However, the article states:

"World has already been working with Tinder and ran a pilot of the verification process in Japan. It was apparently enough of a success that Tinder will roll out the authentication method globally."

Kind of depressing. As much as I'd like to think something like this would die, let's be honest: it won't.

that line in the article also made me wonder what the privacy-conscious movement is like in japan. and how it compares to the west. have they not had as many cases yet, of database leaks, doxxing, etc?
Shit in the pool then sell nets
As always when this pops up, I'm asking what options are there to prove that a user is human that are more privacy friendly (and as the author puts it, less creepy).

Because the problem World claims to try to solve is real.

Yubikey type device issued by an authority trusted by the website owner. Same as we have it now with browsers and SSL certificates.

We can even have a key issued by the government as a digital ID card. They can be used to check: is over 18, is real person, for digital signature, etc.

If your city council meetings are running on Zoom (which many are since the pandemic) you should email them your concerns immediately about this...

Any alternative seems better at this point... For most tech savvy https://news.ycombinator.com/item?id=46875837 is probably the best alternative

Of all the dumb cryptocurrencies, worldcoin is the dumbest. Like, at least the ones that intend to be a joke know they're a joke.

> Hey decentralization nerds! I have an idea for a cryptocurrency which creates a centralized repository of biometric data for all of humanity.

- Sam Altman, probably.

And of course "just avoid these services" is going to be difficult or near impossible. Convincing your friends, families, acquaintances to ditch zoom is hard enough. But what do you do when you get a zoom link for a job interview? Tell them you object to using zoom and basically cost yourself the job? Or do you only use it when you really have to? In which case, how many interactions do they need from you to collect all the data they need?
I know it's an unrealistic pipe dream, but it feels like a privacy-friendly user identity/attestation mechanism is the kind of digital infrastructure that should be provided by the government.

We already trust the government to give proof of identity (through ID cards) and there is already a vast infrastructure network dedicated to that.

But who am I kidding, politicians would never let this happen (at least, not in a privacy preserving way). One can dream though.

Would make way more sense to just use verification claims backed by government issued IDs, rather than relying on a third party like World(coin).

For instance, something like https://self.xyz. It's strictly better than the alternatives:

- already works with existing government-issued ids

- doesn't require submitting scans of your ID to third parties that can then be stored and leak

- allows privacy-preserving verification like "is this person older than 18" without requiring sharing of the person's exact age

This is appalling and I agree the technology is creepy. However, human verification is already a big problem that seems like it will only grow from here.

It does seem to me that this should be solvable at the device level by having a biometric scan produce a signed key on your device that can be used to issue a token of authenticity, similar to the way payment systems or certificate authorities work.

Then again, this only intensifies a different, growing problem where access to a smartphone or computer becomes a basic requirement for participation in society. No easy answers.

Without the scammy crypto angle ("Worldcoin") it's less ghoulish than before. And a company collecting biometric data to run an identity service isn't necessarily evil. But this one is not to be trusted, because the individual behind it is not to be trusted. The moment it suits his world-bending needs to sell my eyeballs to the fascists, he will do so.
The wording is that you get a "verified human" badge. The wording does not indicate you'll be denied access without that badge.

There may be other clauses that aren't described, so I may be missing a real restriction.

With regards to Tinder, I fail to see how this solves the "prove you're a human" problem, when those credentials will then inevitably leak, be stolen or resold.

Unless you're doing constant live verification which takes the privacy problem up several more notches, how do you know the user is still the ID'd person?

This and the coordinated push for online ID in the US seem too coincidental.
The era of social networks and online dating up until sometime 2020 was something no one before us had experienced and no one after us will. Lasted not even a decade. Take a moment and think about it.
I have been looking for an excuse to cancel Zoom, and now I have one.

Looks like jitsi, whereby, and signal are all viable alternatives – anyone have something better, or feedback on the above?

> According to a press release, users will be required to undergo World’s verification method, which requires having their eyeballs scanned at a physical location with a proprietary device to prove they are human.

See, it feels like there's an extraneous step here. Seems like by arriving at this physical location, I've proven I'm human already, and you can just note down the name on my ID and mark me as verified.

Why the article needs an adjective to describe the tech?