zlacker

[return to "Apple already shipped attestation on the web, and we barely noticed"]
1. lifeis+z4[view] [source] 2023-07-25 14:29:40
>>pimter+(OP)
I kind of get both sides here. If we take the "see the best of others intentions" then a web that is populated by identified humans (and their authorised proxies!) is likely to be the "cleanest", most ideal web space we can see (a web full of sock puppets and link farms is not ideal).

The clearest end point for this is some government issued digital ID that just asserts who you are, acts as a login etc.

You can see this as a stepping stone to there. if you squint.

Is it the idealism of the 70s coke to life? No. Is it some sane compromise - I think so.

What if we cannot trust our government ? Sorry it is pretty sure that no internet is going to solve that. That's on the real world.

◧◩
2. codedo+cc[view] [source] 2023-07-25 14:58:12
>>lifeis+z4
> web that is populated by identified humans

This is not going to work. The governments will create millions of fake identities to spread their propaganda, same way as they are making fake passports for spies.

◧◩◪
3. mike_h+Ie[view] [source] 2023-07-25 15:07:31
>>codedo+cc
But websites don't care about government-issued IDs. They have their own IDs, and to create those you have to fill out a form. If the form is successfully rate limited then the cost and speed at which fake IDs can be created gets prohibitive even for governments, unless you think they only need a small number of accounts.
◧◩◪◨
4. freedo+7m[view] [source] 2023-07-25 15:36:03
>>mike_h+Ie
You don't think the governments will force Apple, Google, etc to attest their things? I mean, they made them provide access to their firehose of data so they could mine it for metadata...
◧◩◪◨⬒
5. mike_h+gp[view] [source] 2023-07-25 15:46:17
>>freedo+7m
We're talking about the same Apple that's currently threatening to yank some of its most popular products from the UK rather than disable e2e encryption? The same Google that reacted to the Snowden memos by putting the entire engineering division in an encryption Code Red, such that inter-dc links were almost fully encrypted just a few weeks later?

And that's for morally ambiguous cases where the justification is popular and well established things like crime fighting, child porn and so on.

We don't know what will happen in future, but given the story so far, the chances of these companies saying to governments, sure, have 500,000 free accounts so you can spam our users with incompetent political propaganda, is virtually zero.

[go to top]