For w/e reason, isn’t for me. I’ll put some clips from it here. Not the whole thing tho, it’s long.

Sam Altman’s iris-scanning, humanity-verifying World project announced at an event in San Francisco on Friday that Tinder users around the globe can now put a digital badge on their profiles signaling to potential suitors that they’re a real human, provided they’ve already stared into one of World’s glossy white Orbs and allowed their eyes to be scanned. The announcement follows a pilot project for Tinder verification that World previously conducted in Japan.

The global Tinder expansion is one of the biggest tests yet for World, and the company’s bet that everyday consumers will be willing to sign up for biometric verification services to use internet applications. Founded in 2019 by Altman and Alex Blania, the World project was designed for a future where the internet is overrun with highly capable AI agents that make it incredibly difficult, if not impossible, to tell who is really human. As companies like OpenAI—where Altman is CEO—and Anthropic push AI agents into the mainstream, the problem World was built to solve feels increasingly urgent.

The startup says Tinder users who verify with their World ID will receive five free “boosts,” typically a paid feature that increases the number of users who see a profile by up to 10 times for 30 minutes. The videoconferencing platform Zoom also says that users can now require other participants to verify their identity with World before joining a call.

“We’re just not used to this kind of technology. Many people used to tape their [iPhone’s sensor used to enable] Face ID when it came out, then we got used to it.”

For those who haven’t seen it, that’s one of the The Four Horsemen of the Infocalypse.

I would never use a VPN for sites that require me to log in with my real name,

I think your point is valid and good. If you log in with your real name, you have given out your ID and have no privacy.

But there can still be reasons to use VPNs for sites you will log into. I use a dedicated VPN for all such sites. My banking, utilities, insurance etc. I use that VPN for nothng else but sites tied to my real identity. Why? Because it bypasses the data harvesting my ISP does. My ISP collects everything I connect to, the domains I mean not the contents, and sells to data brokers. The fuckers. So here, I do not use a VPN for privacy from the sites, who must know me. I use it to stop my ISP from seeing certain things.

But, I am also very careful! I do not cross the streams! My ID-tied VPN is only used for sites that have to know who I am IRL. I never mix it up with sites that have no business knowing my IRL ID. Which is most sites! Those use a totally different VPN, who I also did not give my identity to.

Ayup. This quote is from a techdirt article linked a few posts down. I like how they put it.

As the researchers put it to The Rage: “The state wants to see everything. The corporations want to see everything. And they’ve learned to work together.”

I’m in the US. It varies widely.

I think what happens sometimes, is we get caught up in anti-abuse lists. Sites see legit abuse coming from VPN IPs. After that happens enough, those IPs end up on anti-abuse filters. Then those blocklists are used by some sites, and not othrs, so some sites won’t work.

There are also whole countries who block VPN now for social control. And others who talk about blocking them soon. That’s not the case where I live. But there are still many individual sites that use blocklists.

There are also more sites using identity resolution services now. If the identity service can’t pin you to a human real life person, it increases your block score. If your block score is high enough, you get , um, blocked.

He’s an international treasure just for coining enshittification.

He’d still be awsome if that was all he ever did.

They want to force the problem on the entire world, so they cant be held responsible.

Yah. On top of that, big tech cos often likes high regulatory burden. Ideally different between countries and jurisdictions. Big tech can afford compliance teams and w/e else they need. But! High regulatory burden is harder for upstart competitors. And very hard or impossible for tiny projects.

The same with technical burden. Like browser engines, used to be simple, now, extremely complex with wasm and webgl and stuff. There are only a few left standing. And some only barely.

The higher the burden, the more big tech is entrenched.

If you break them and report the bug you can be prosecuted under some hacking paragraph.

The old shoot the messenger approach!

We’ve had some high profile examples in the US too. Like this one, from 2021. A professor was investigated by governor Mike Parson of Missouri, for literally using View Page Source in a browser. And reporting a major vulnerability in good faith. I linked Parson’s wikipedia page, because he deserves his ridicule. Not for his ignorance! Many are ignorant of how the web works. That’s OK. He deserves ridicule for how he handled the episode. For dragging the professor’s name through the mud, who had only tried to help.

In the end, the governor received much ridicule. The investgation was dropped.

As far as I know, no social media company’s posts are E2EE

Oh, sorry, I shoulda been specific. I meant cases like the Whatsapp class action. It hasn’t been proven in court yet, tho. The prosecution says they have evidence Whatsapp and Meta get access to E2EE messages since they control the client. But it’s also important to say that Meta is denying they do this. It will play out in court.

The 52-page privacy lawsuit contends that although Meta has pervasively marketed WhatsApp as a private, secure, end-to-end-encrypted messaging service where “[o]nly you and the person you’re talking to can read or listen to” messages, Meta employees, Irish consulting and tech firm Accenture and possibly other third parties, unbeknownst to users, can access messages via a “backdoor” in the WhatsApp source code. According to the complaint, the backdoor allows Meta and WhatsApp employees and/or third-party contractors to “circumvent the encryption in order to view users’ private messages.”

Whether it’s proven, or not, it’s possible to do it. The mesages have to be decrypted for view.

and there are no deliberate backdoors and such

Agree, but that condition is doing some heavy lifting. As in the alleged Whatsapp case.

First, I wanna say I appreciate your reply. It’s well made. I believe you, mathematically, about how ZKP’s work.

I just think that when rubber meet road, there will be potholes. Example, strong encryption cannot be broken, practically speaking. The social media companies make real E2EE. But they control the client. So they simply scrape post decryption from the user’s device. It’s true, the E2EE was secure. But that didn’t matter in the end. There was a way to circumvent.

We’ll see about ways like that with ZKP. I’m not smart enough to know how it may happen. Only that the incentives will be big. Encryption isn’t defeated by breaking the math. Neither ZKP. It’ll be some other way. Something sleazy.

the social media site will not discover anything about your identity beyond a binary “is above 18 years old” statement.

To discover anything else, they would BOTH have to collude in some significant way.

I would say, social media can already discover most ppl’s identity. Without having to collude at all. There’s a whole ass industry of identity resolution, even when ppl don’t mean to give their own identity. Would social medias stop doing that, just because now ZKPs? I’m afraid it may deliver a false feel of security.

My concern in the long run is that over time the newer generations arent going to ever learn/know how freeing personal computing used to be.

Oh absolutely! It becomes normalized for those who never knew any other way.

I lucked out, my pa was a techie and got me steered towards the importance of tech freedom. Not everyone is so fortunate. Tech is almost an extension of our minds now. How we remember. How we learn. How we communicate. When we give away control of our devices to big tech, it’s like giving away control of our thoughts and emotions. Even our culture.

and a pinky promise is not enough.

Yah that’s my sticking point too!

I believe that under good faith, Zero Knowledge Proof could work and guard privacy from both the gov and the sites.

But “good faith” is doing heavy lifting. The desire to corrupt the system in some way that turns ZKP into secretly non-ZKP is going to be huge. Even if it begins OK, we will all become locked into it. And if it gets corrupted years later, too bad so sad, because we’re locked into it!

We’ve already seen intelligence agencies trying to corrupt encryption standards, to look secure when they have a secret flaw. That’s the kind of corruption I worry about with ZKP age gates.

They allege it was to help protect accounts and personal data.

TBH it scares me that more and more things may go this way. You want online banking, or w/e? Well! You better use “trusted device”! What does “trusted device” mean? It means the device is locked down against its “owner”.

It’s like a relentless march where personal computing dies and corporate computing takes over. Ever more, our technology answers to big tech, not us.

its just getting vendors to actually do it.

Good ideas… and yeah… the browser vendors have a financial incentive to build mechanisms to collect anything and everything. Javascript itself exposes so much more fingerprinting possibilies.

That’s also why I think it’s so terrible for Google’s Chrome to have like practically all the market share. G can now drive the whole web in a way that’s good for them and bad for us.

Article talks about cookies still being set when user opts out of those.

That’s bad, sure. But TBH I worry so much more about fingerprinting. Cookies, easy to delete in your browser, easy to block. Fingerprinting is done behind the scenes on the server, you can’t block their attempt to. There are “resist fingerprinting” options in some browsers now like firefox, but limited in effect, and much of the fingerpinting is not even something the browser can stop. Things like TLS fingerprints, or exact timings between your system making a request, and the serving system. Or things you can spoof but which cause problems if you do. Even Tor Browser doesn’t spoof some of those things b/c it causes problems to do.

The identity broker companies have a massive financial incentive, and they employ very smart data scientists. Even “opting out” of cookies, I think it’s about 0% chance we have any way to opt out of these behind the scene techniques they use. They will use every shitty weasely trick in the book like the slimeweasels they are.

But those who I know who are into it, just do not care at all.

I have friends like that too. Which is why it’s so hard.

It’s not even a fair fight, b/c the big social medias employ psychologists to design their product to be as addictive as possible. So it pits Jane and Fred Doe of Main Street against a team of psychologist PhD who study every possible way to weaponize Jane and Fred’s normal human feelings and emotions. Jane & Fred doesn’t want to quit, so will find ways to rationalize a use of the products.

It’s a big damn problem. It impacts everyone. All of us. Not just the ones who use FB, IG, or X.

Sure… but the hard part is convincing 2 or 3 billion of my closest friends. Esp when faced with systems designed by teams of psychologits, to be highly addictive.

It’s also a lot more obvious when someone is using a phone to record in public.

Agree. Less obvious with glasses… AND easier to do it 24/7. People get tired holding up a phone. Or they have to put it down to use both hands for something. With glasses, some will record everyone around them, during every moment of their waking life.

True… paparazzi can get to people sometimes.

Totally with you on the idea, btw. I think the people destroying the privacy of everyone in society should feel that themselves, too. They shouldn’t get to hide behind infinite piles of money to guard their own privacy while they destroy ours.

It would be one thing if we could easily opt out. But we can’t. It’s not MY choice that puts me into this. It’s the choice of some other rando walking down the same sidewalk as me.

I kinda think kureta@lemmy.ml is right tho, it’d be hard. People like Zuck, they take private jets from here to there. They don’t fly commercial. They don’t go eat to normal restaurants with the plebs, he has high end privately catered. He don’t do his own shopping. Zuck bought 11 houses around his own mansion, for … privacy!

That goes into an observation. Zuck zealously guards his own privacy. He doesn’t want YOU to have privacy! But HE wants as much privacy as he can get.