Hi!

My previous/alt account is yetAnotherUser@feddit.de which will be abandoned soon.

  • 6 Posts
  • 348 Comments
Joined 2 years ago
Cake day: June 1st, 2024
  • yetAnotherUser@discuss.tchncs.detoPrivacy@lemmy.mlEU ID App for Minors: EU Commission Gets Serious About Youth Protection
    1·
    1 day ago

    Yeah, that’s again a little different. You have to fully trust WhatsApp that they are doing what they promise. You can’t really verify this yourself.

    Besides, if the app is open source, backdoors are generally more difficult to implement. Especially for something like E2EE, where people look very closely at what the application does with keys. Same with age verification in my opinion. You’d need to pull off a lot of gymnastics to put in a backdoor, see the xz utils one which was only achieved through several obfuscated stages in a codebase rarely ever looked at by another human.

  • yetAnotherUser@discuss.tchncs.deOPtoich_iel@feddit.orgich🎓iel
    2·
    2 days ago

    Wieselworte wurden allerdings nicht verwendet, ich bin nicht mal zur Einsicht gegangen.

    Es war eher:

    “Oh die Punkte wurden veröffentlicht. Hm, 52/120, das reicht eher nicht.”

    Zwei verdammte Wochen später:

    “Oh, die Notentabelle wurde (endlich!) veröffentlicht. 52 Punkte -> 4,0 ??? Waren wohl einige schlecht.”

  • yetAnotherUser@discuss.tchncs.detoPrivacy@lemmy.mlEU ID App for Minors: EU Commission Gets Serious About Youth Protection
    1·
    2 days ago

    Can you explain a little what you mean with:

    So they simply scrape post decryption from the user’s device.

    As far as I know, no social media company’s posts are E2EE. After all: It’s not possible to have both public posts and E2EE. “Direct messages” to other users can be E2EE but you’d have to trust the company with the encryption keys.

    The only condition that requires Zero-Knowledge Protocols to function is that your device is not hijacked by hackers (and there are no deliberate backdoors and such). This can be achieved by having the app be open source with regular security audits. The social media company can do nothing to identify you, nor could the government (unless again, they collude and share secrets).

    But yeah, social media can already identify most users because of surveillance capitalism. The goal however is to ensure identification is not in any way made easier via age verification.

  • yetAnotherUser@discuss.tchncs.detoPrivacy@lemmy.mlEU ID App for Minors: EU Commission Gets Serious About Youth Protection
    21·
    2 days ago

    You cannot turn a ZKP into being secretely not ZKP without significant effort though.

    Take the following example protocol:

    1. Social media app sends you a token to verify.
    2. You append a private secrete string to the token and hash it with a known, collision resistant hash function.
    3. You send the hash to the government’s server and request an “18+” signature. The signature should correspond to a public key.
    4. You send the signature back to the social media app, including the secret you used.
    5. The social media calculates the hash of its token + your secret and then checks whether the governmen’t signature is valid with that value.

    The government will not know which social media site was used, the social media site will not discover anything about your identity beyond a binary “is above 18 years old” statement. This is because you control all communication.

    To discover anything else, they would BOTH have to collude in some significant way. They can only do so in step 5, by having the social media app send the value you gave it to the government. Maybe there exists a protocol that you control that works against this threat as well, I’m not sure.

    But if they collude in step 5 - what prevents the social media company from sending all information it has about you to the government already all the time, even without age verification? Like IP addresses, phone number, access time etc. If the government further controls all the ISP servers and log which traffic from where goes where, it could certainly identify you already.

  • yetAnotherUser@discuss.tchncs.detoStar Wars Memes@lemmy.worldGenocide me once, shame on you..English
    3·
    1 month ago

    I don’t think that’s a genocide though.

    Mostly because in the Star Wars universe you can’t really wipe out either the Jedi or the Sith. Both try to wipe the other out but haven’t succeedes whatsoever because they are extremely basic religious/philosophical positions: “The force exists to do ‘good’ (whatever ‘good’ is)” vs. “The force exists to make me strong”. Jedi are Jedi and Sith are Sith only because of those values plus some beaurocracy.

    Compare that to human religions where they first construct an extremely elaborate setting with a shitton of incorporated fanfiction to argue why they and only they are right and all others are wrong. That’s so much more complex, you’d have to stop believing in a billion different things if you were to switch religions.

    Tl;dr: It’s not genocide if I were to kill all philosophy students at my university because in my point of view their views are evil.