Brits can get around Discord's age verification thanks to Death Stranding's photo mode, bypassing the measure introduced with the UK's Online Safety Act. We tried it and it works—thanks, Kojima
Technology
33
Beiträge
21
Kommentatoren
0
Aufrufe
-
This post did not contain any content.
-
It's fun that one can use games for it, but it shouldn't be difficult to do the same through AI-generated imagery either, which isn't much more difficult.
Even though this method is flawed, one shouldn't really use ID-only verification either imho, as it's a security risk to upload any official document like that (ref. Tea app leaks).
The whole age verification that the UK wants to impose has been quite the impossible task from the beginning. Creating government-backed education for (future) parents about how to raise a kid and protect them in today's digital society would be more efficient than this, if we really are thinking of what is best for the kids. But alas, there are zero requirements to become a parent...
-
It's fun that one can use games for it, but it shouldn't be difficult to do the same through AI-generated imagery either, which isn't much more difficult.
Even though this method is flawed, one shouldn't really use ID-only verification either imho, as it's a security risk to upload any official document like that (ref. Tea app leaks).
The whole age verification that the UK wants to impose has been quite the impossible task from the beginning. Creating government-backed education for (future) parents about how to raise a kid and protect them in today's digital society would be more efficient than this, if we really are thinking of what is best for the kids. But alas, there are zero requirements to become a parent...
Tbh just take any stock photo from image search online
-
The techies implementing it probably knew this, but hoped that people would just quietly do it and not blast the news all over the internet. Nope!
I guess soon there will be only the more intrusive/trackable options like credit card or bank details.
-
It's fun that one can use games for it, but it shouldn't be difficult to do the same through AI-generated imagery either, which isn't much more difficult.
Even though this method is flawed, one shouldn't really use ID-only verification either imho, as it's a security risk to upload any official document like that (ref. Tea app leaks).
The whole age verification that the UK wants to impose has been quite the impossible task from the beginning. Creating government-backed education for (future) parents about how to raise a kid and protect them in today's digital society would be more efficient than this, if we really are thinking of what is best for the kids. But alas, there are zero requirements to become a parent...
The problem, as always, is that parents don't want to put the work into educating their children, they want the government to wave a magic wand and make the problem go away. And that's what gets you half assed solutions like this.
-
I've seen this suggested elsewhere and it seems like the least intrusive suggestion to me - why not simply use the device as the age verification. Almost every phone/tablet/computer already knows your age through it's own sign-up/activation method, so why not allow the device to offer an API that provides age verification to sites that require it.
It could simply be a permissions-based answer where an adult site requests a yes/no answer to the question "is this user an adult" from the device and the user is prompted to provide the permissions for the site to have that data.
This would solve the problem for the vast majority of iphone/android/windows/macos consumers.
-
Tbh just take any stock photo from image search online
I think the issue there is the k-ID software asks you to do things like open your mouth, then close your mouth - so you'd need to find stock photos of the same person doing stuff like that. Which, now that I think about it, I imagine there will be an influx of selfies of people with closed and open mouths available on google images very soon.
-
I've seen this suggested elsewhere and it seems like the least intrusive suggestion to me - why not simply use the device as the age verification. Almost every phone/tablet/computer already knows your age through it's own sign-up/activation method, so why not allow the device to offer an API that provides age verification to sites that require it.
It could simply be a permissions-based answer where an adult site requests a yes/no answer to the question "is this user an adult" from the device and the user is prompted to provide the permissions for the site to have that data.
This would solve the problem for the vast majority of iphone/android/windows/macos consumers.
Spoiler alert- the point isn't to keep kids from looking at porn, it's to keep adults from looking at it too.
-
The techies implementing it probably knew this, but hoped that people would just quietly do it and not blast the news all over the internet. Nope!
I guess soon there will be only the more intrusive/trackable options like credit card or bank details.
Then come the hacks and abuses (executives and politicians not excluded) and we are back to square one, except that everybody and the innocents lost something while the cybercrime syndicates had a field day.
-
Spoiler alert- the point isn't to keep kids from looking at porn, it's to keep adults from looking at it too.
Whether or not that's the case, I think the proposed technical implementation above is a better way of enforcing the actual law than what's been applied so far.
-
I think the issue there is the k-ID software asks you to do things like open your mouth, then close your mouth - so you'd need to find stock photos of the same person doing stuff like that. Which, now that I think about it, I imagine there will be an influx of selfies of people with closed and open mouths available on google images very soon.
These took 5 minutes to make
Honestly we should just move on to device based attestation and if parents want to protect their kids they set up child mode.
I’m not responsible for lazy parenting.
-
Whether or not that's the case, I think the proposed technical implementation above is a better way of enforcing the actual law than what's been applied so far.
Yeah I do too, but so would anyone who was seriously thinking about this in terms of keeping kids from looking at porn rather than restricting access to "adult content" (whatever that means) more broadly. Any programmer worth their salt would have immediately suggested "hey this is a bad idea we should do it this other way" when asked about the viability of the current solution and yet this was ignored.
-
I've seen this suggested elsewhere and it seems like the least intrusive suggestion to me - why not simply use the device as the age verification. Almost every phone/tablet/computer already knows your age through it's own sign-up/activation method, so why not allow the device to offer an API that provides age verification to sites that require it.
It could simply be a permissions-based answer where an adult site requests a yes/no answer to the question "is this user an adult" from the device and the user is prompted to provide the permissions for the site to have that data.
This would solve the problem for the vast majority of iphone/android/windows/macos consumers.
The goal is to introduce general surveillance and censorship mechanisms. Whether they be technical, legal precedence, tested boundaries, or changes in laws and government positions.
Porn age stuff is just a convenient entry point. Solving just that without the survellance mechamisms is pointless to these people.
-
This is a clever way to bypass. If they get wise and somehow filter out Sam Porter Bridges' face, you could always fire up any of the games of comparable visual realism which let you design your own character's appearance.
-
I've seen this suggested elsewhere and it seems like the least intrusive suggestion to me - why not simply use the device as the age verification. Almost every phone/tablet/computer already knows your age through it's own sign-up/activation method, so why not allow the device to offer an API that provides age verification to sites that require it.
It could simply be a permissions-based answer where an adult site requests a yes/no answer to the question "is this user an adult" from the device and the user is prompted to provide the permissions for the site to have that data.
This would solve the problem for the vast majority of iphone/android/windows/macos consumers.
The problem is that would be incredibly easy to bypass at multiple levels. You could set your age as >18 when configuring your device's account (they don't check ID) or modify the OS/browser/client-side webpage itself (the latter of which a simple browser extension could accomplish).
-
The goal is to introduce general surveillance and censorship mechanisms. Whether they be technical, legal precedence, tested boundaries, or changes in laws and government positions.
Porn age stuff is just a convenient entry point. Solving just that without the survellance mechamisms is pointless to these people.
Yeah, I'm not getting involved in the politics or reasoning of the assumed end goal, I'm just talking from a technical standpoint.
-
The problem, as always, is that parents don't want to put the work into educating their children, they want the government to wave a magic wand and make the problem go away. And that's what gets you half assed solutions like this.
The OSA is nothing to do with kids or parenting and everything to do with further developing surveillance of the UK and controlling what we can access.
I guarantee you, at some point after this will come prohibiting content deemed terrorism such as mentions of the word 'palestine' and 'action' in the same paragraph for example.
Sooner or later we'll have our own pseudo or real great firewall. I expect them to come after VPN use at some point too.
-
The problem is that would be incredibly easy to bypass at multiple levels. You could set your age as >18 when configuring your device's account (they don't check ID) or modify the OS/browser/client-side webpage itself (the latter of which a simple browser extension could accomplish).
As we've seen, the current system is incredibly easy to bypass. There are plenty of ways to game or avoid the age checks.
The current implementation also uses multiple different age verification services, on a per-site basis. This proposed one reduces data exposure vulnerabilities to a fraction.
-
Yeah, I'm not getting involved in the politics or reasoning of the assumed end goal, I'm just talking from a technical standpoint.
That is important. Pointing out sane alternatives helps make it clear this isn't an acceptable solution.
-
I've seen this suggested elsewhere and it seems like the least intrusive suggestion to me - why not simply use the device as the age verification. Almost every phone/tablet/computer already knows your age through it's own sign-up/activation method, so why not allow the device to offer an API that provides age verification to sites that require it.
It could simply be a permissions-based answer where an adult site requests a yes/no answer to the question "is this user an adult" from the device and the user is prompted to provide the permissions for the site to have that data.
This would solve the problem for the vast majority of iphone/android/windows/macos consumers.
None of my devices required any kind of sign-up/activation.
