The clauses are [with a well established track record for doing evil] [control over your citizens' ID], if that's not clear. I wonder from where your quote cut off if my sentence was misunderstood.
As to the well-established track record of doing evil... gestures broadly everything? Google in particular has built an empire on stripping away people's privacy, and they regularly ruin people's livelihood by eg. shutting down Youtube accounts incorrectly with automated systems and no way of ever reaching a human for support unless you're famous enough to make it a PR issue. Apple is the same, just recently with a thread on HN lamenting that Apple was destroying their business because they revoked their dev license, or in other words, a private company unilaterally revoked the ability of a business to create mobile software for billions of devices. And now we want to give them control over our IDs? ????????????????????????
To become dystopia people must be forced to use locked down smartphones. In reality you buy the one that suits your needs and do not enforce your design decisions on the smartphones other people use.
Where is that free choice that you see "in reality"? This post is about the opposite of that getting put in place. The actual reality is that almost every service provider is converging on supporting a few extremely restrictive options. From every private service you can think of, to key government services. They all are saying "to interact with us, you must use one of these two types of devices, with all the attestation and security measures intact". It's impossible for people to make their own design decisions or choose for themselves, because other options do not have the corporate/government blessing.
It's ridiculous that you look at all of us being forced into a government-protected duopoly, and then say "Don't you dare force your decisions on us!" to anyone suggesting that this should not be the default. Rules for us, but not them.
> They all are saying "to interact with us, you must use one of these two types of devices, with all the attestation and security measures intact"
Are you claiming that this is the only way of interacting with particular government services, with the other ways that existed before the app no longer being available? To make situation „dystopian“ this must be the case.
> An app should have absolutely no way of knowing what kind of device it’s running on or what changes the user has made to the system.
and therefore the app cannot give a reasonable guarantee that it is not running in an adversarial environment that actively tries to break the app's integrity. Thus, the app cannot be used as a verified ID with governmental level of trust.
There's a difference between needing to lock down the whole OS and just the secure element. The secure hardware component can sign a challenge and prove possession of a private key without you being able to extract it. Smartcards have done this for decades (most people here will know an implementation under the name Yubikey).
Conveying authentic information across untrusted channels (your phone screen, say) has been a solved problem since asymmetric cryptography was invented back before I was born
If your app needs to be protected from harm, it cannot protect the user from said harm. I hoped software engineering culture was lucky to not have the same precepts that make lockpicking a crime in the real world, that we successfully make it into common knowledge that you can't grant any trust to the client, but it seems "trusted computing" is making some of us unlearn that lesson.
You do not have to trust the device if you can verify the information it provides, either cryptographically or by checking with an authoritative trusted server.
> governmental level of trust
This made me laugh out loud. Not because it's a meaningless phrase (where does "governmental" rank on a scale of fully to least trusted?), but because it seems to imply that governments do not have a miserable track record when it comes to IT security.
Though I suppose considering a security model sound because it uses security through obscurity like a blackbox integrity check would be very... governmental.
Does that mean "govermental level of trust" ranks somewhere between "snake-oil" and "cope"?
> an adversarial environment that actively tries to break the app's integrity
Can you elaborate on what this means? Who is the adversary? What kind of 'integrity'? This sounds like the kind of vague language DRM uses to try to obscure the fact that it sees the users as the enemy. An XBox is 'compromised' when it obeys its owner, not Microsoft.
I use several non-fullscreen windows over desktop. Stage manager makes switching between them very convenient. But I do use full screen windows, they live in their separate spaces. I see no reason whatsoever to maximise any window without it going full screen mode
The way I understand it, it's a way of compressing vectors by switching from their per-component representation to polar coordinates representation, where the nearby vectors are clumped together to a single line, allowing to describe them by different lengths
F-Droid. And also by Google's definition, everything I install from F-Droid. So Antennapod (Podcasts), ConnectBot, DAVx (sync my Fastmail calendar to my phone), Etar (Calendar app), Jellyfin (media player), Jiten (JP dictionary), KOReader (ebook reader), OsmAnd~ (Maps), VLC.
Meanwhile from the Play Store I have Bitwarden, Firefox, 2 banking apps, a few airline apps, Wireguard and Whatsapp. So I actually have more from F-Droid than the Play Store from what I regularly use.
Why not grab Fennec from f-droid as well? It used to also have more features, I'm not sure if that's still the case but might as well go with the open source build
I sideload no apps. I install most apps from either F-Droid main, or an other repo.
> Why those apps are not in a store?
All of them are in a repository. Just only the state sponsored ID-app is only available via the ad-infected Google RAT delivery service, also known as Google Play.
Every non-stock app on my phone was installed from an APK directly downloaded from the manufacturer or open source developer's site / Github releases. I've never had a Google Play account and have never used any Android "app store".
I switched from iOS to Android about three years ago. I saved all the APKs for everything I installed (or updated). When I got a new phone last fall it was pleasantly like geting a new PC. I imported my SMS and contacts from my last backup, then installed all the apps I use and imported or manually set any settings I wanted to customize.
The biggest pain was having to manually logon the couple of sites I allow to keep persistent cookies since device owners aren't allowed to just import/export cookies from mobile Chrome.
I _install_ apps through F-Droid, because on average, they are much less user-hostile. Less tracking, less accounts, less shenanigans. Built for usefulness rather than profit extraction. Which apps it shows is also 0% influenced by ads and other commercial value, whereas on Google's store, it's the opposite as it's the biggest factor.
Would Obtainium continue to work? I like the freedom of entrusting developers I know and installing APKs from repositories instead of restricting myself to app stores whose publishers have to be identified and approved by an advertising company.
Even if all my apps were from Google Play, it's not up to Google to remotely decide what code I can and cannot run on my device.
Especially important when talking about whole population.
Apart from why "those apps are not in a store", there's very good reason to want to use an alternative source for your applications. F-droid is a far safer source than google play is, because they actually vet the source code and project and build it themselves. You are far more likely to download malware from google's official 'safe' sources than from F-droid, and hence it's my first option when searching for simple utility applications because the top results on google play will be utterly infested with ads and tracking at minimum.
In that system does the age verification result come with some sort of ID linked to my government issued ID card? Say, if I delete my account on a platform after verifying and then create a new one, will the platform get the same ID in the second verification, allowing it to connect the two and track me? Or is this ID global, potentially allowing to track me through all platforms I verified my age on?
What a verification process looks like from the user perspective? Do I have to, as it happens now, pull out my phone, use it as a card reader (because I don't have a dedicated NFC device on my computer), enter the pin, and then I'll be verified on my computer so I can start browsing social media feed? Or, perhaps, you guys have come up with a simpler mechanism?
The wallet ecosystem is still really varied at the moment. Our implementation is unlinkable. So an issuer cannot track where you use the attribute. And a verifier cannot see that you've used the same attribute multiple times with their system. This is great for privacy and tracking protection, but not so great for other things. For example, people sending their QR codes to other people with the correct attribute (like maybe an underage person sending an 18+ check to an adult), is hard to solve for because they are unlinkable.
Most systems right now have you load data in your phone. Then when a check happens, you scan a QR code. You then get a screen on your phone saying X wants to know Y and Z about you, do you want to share this information? Then you just choose yes or no.
For your social media example. You would just get a QR code on your pc, then pull out your phone, scan and verify, then start browsing social media on your pc.
In the Swiss system, it depends on what they verified. If they required your full ID, that has a document number like a passport and they could track that.
If they did the right thing and only asked for the over 18 bit, then they wouldn't have a trackable identifier.
You are describing a situation where a pairwise pseudonymous identifier is generated. I don't think any real system does this with government IDs, but it might be possible.
Can you please elaborate on that record?
reply