[HN Gopher] Online ID / age verification: the death of online se... ___________________________________________________________________ Online ID / age verification: the death of online search Author : dredmorbius Score : 86 points Date : 2021-07-15 20:00 UTC (2 hours ago) (HTM) web link (decoded.legal) (TXT) w3m dump (decoded.legal) | djrogers wrote: | This sounds like it would create a some new challenges for search | engines, but the article itself offers a number of ways to | address those. | | Given that, and the massive amount of money in search, I think | the headline falls somewhere between clickbait and a flat-out | lie. | avhon1 wrote: | How much money is in DuckDuckGo, Mojeek, Gigablast, YaCy, or | other minority search engines? If indexing material requires | serious resources, the only viable search engines will be the | huge ones. | ivan_gammel wrote: | Government can offer rather simple infrastructure to enable | digitally signing crawler requests and any legal entity | should be able to acquire and renew signatures at very low | cost. Total implementation costs for search engines won't be | high in such case. | dane-pgp wrote: | No doubt Google will come up with a way for search engines to | authenticate to the sites they are spidering, which will be | just "Open" enough that all their competitors can implement | it for free (but not have any control over the evolution of | the technology). | | Sites would just have to decide which search engines they | want to allow to spider them, which will probably be a | hardcoded list in a webserver config file somewhere, with the | associated public keys. | | If we're lucky, webserver package maintainers will try to | keep these lists up to date, and Google may even contribute | some funds for the development effort, doing just enough to | stop this system from triggering an anti-trust investigation. | j56no wrote: | Age is going to be another credential, based on signatures that | browser will be allowed to present. Spiders will have their | signatures, which cannot be copied, eg think how SSL client certs | work. Now, are sites going to require age credentials? sounds | like a GDPR v2 cookies story. | zodPod wrote: | More of governments who have no idea how technology works trying | to solve technology problems. | DethNinja wrote: | Believe me they got a pretty good idea, they know knowledge is | power and they want to limit the access to it. | dmje wrote: | I'd argue that kids need the tools and techniques to understand | how to deal with dodgy online content, rather than locking it | away. Prohibition tends to drive things underground; I'd rather | have (and am having - I have 2 teenage kids!) realistic and | honest conversations about porn and other content. I don't lock | my router to stop adult site access, instead we're having a | conversation about it. | | I'm under no illusions, btw. I know they'll access it. I know I | did as a teen (albeit magazines rather than the web) but I think | a dialogue is sorely missing about damage, the impact on women, | body image, etc etc. The more this is pushed into a black/white | old enough / not old enough over-simplified scenario, the less we | can have nuanced conversations about it all. | | I suspect this whole move is purely an optics piece. That doesn't | make it any less dangerous, in fact it maybe makes it more | dangerous, but it explains the incompetence and lack of thought | behind it. | retrac wrote: | Even though the net has drastically amplified the issue, both | 20 and 40 years ago it was tricky for a boy to make it to | manhood, at least in the West, without seeing some nude | magazines and perhaps more than a few hardcore films. Your | advice was sometimes the advice given then, and I think it was | right then and now. But while telecommunications has enabled 4K | porn videos, it doesn't seem to have enabled us to talk with | each other about it seriously, in proportion. | wnevets wrote: | > I'd argue that kids need the tools and techniques to | understand how to deal with dodgy online content, rather than | locking it away. | | We can't even get grown Adults to do that. | tomjen3 wrote: | Thing is it is not that difficult to lock down most porn sites | if you are in control of the router and can force the use of a | specific DNS. | | If you have your childrens iPhones as part of a family setup | you can also block their access that way. | | However I salute you for your choice, which is the harder and | better way. If more parents did as you, we would not have the | issues we have today. | | Porn is nice enough but watch, but because there is essentially | no discussion about how to have sex (outside of school, which | at best is put tab a in slot b, here is how not to become | pregnant, this is what STDs are.) the only input too many teens | get is porn. | hexa22 wrote: | Won't block Firefox which uses encrypted DoH dns. | hellbannedguy wrote: | I've wondered what is the best strategy is over the years. | | 1. Heavily restrict the porn/bad sites. | | or | | 2. Let them see the bowels of the internet, and hope they | will go in the opposite direction. | mianos wrote: | If they have phones with a sim and data they can just turn | off the wifi and bypass the local network blocks. | bserge wrote: | Some argue linking real identities to online accounts will | reduce, well, all negative activity. | | Facebook, Weibo and other smaller platforms around the world | prove that's not going to happen. | | (Too) Many people are still going to be trash even with their | actual identity out in the open. | | So just leave the Internet be, for the love of everything. | criddell wrote: | > Some argue linking real identities to online accounts will | reduce, well, all negative activity. | | I don't think anybody is arguing that it will reduce _all_ | negative activity, just some. | BuildTheRobots wrote: | Is the plan to make real identities publically viewable? | | Seems like it's either a data breach waiting to happen or | makes it much easier for the worst to dox and target people. | closeparen wrote: | The whole premise of "doxing" being a problem is that | people have a right to say things on the internet that | would get them in trouble in real life. | | I think the pro-real-names position would argue that it is | net negative for society for people to have this ability, | we should only be saying aloud what we are willing to put | our reputations behind. | | I don't agree with this position, but afaik that's the | position. | ellenhp wrote: | I know you said you don't agree but you left that | position up without a rebuttal so here goes. What if | someone managed to dump of the personal information of | everyone in an online support group for LGBT folks and | published it. That's doxxing too and this would do | nothing to mitigate it. | hexa22 wrote: | Doxing is far greater than being canceled for a reddit | comment. An open source dev recently got doxed and had | 4channers banging on their house windows at night. | Swatting and similar activity is also an extreme problem. | Zababa wrote: | > An open source dev recently got doxed and had 4channers | banging on their house windows at night. | | As far as I know, this hasn't been confirmed by anyone | other than the dev themself yet. The personal information | is also not in the archive, so someone (4chan staff or | archive staff) did their job. We'll have to wait and see | for the truth of that case, if it ever comes to light. | irthomasthomas wrote: | There is a strong desire in some to avoid fame. Anonymity | solves that. Names risk fame. | handrous wrote: | I dislike the way the 'net has gone such that this kind | of measure is probably inevitable--I prefer one that's | anonymous-by-default where revealing your real identity | is strongly discouraged by norms and it's hard to gain | anything "real" by revealing it, anyway, so there's | little incentive to--but on the anti-anonymity side, I'd | agree it's pretty damn weird that we treat shouting crazy | or abusive shit (or anything, really) into a world-reach | megaphone with so little gravity, or expect anonymity | when doing so. | smoldesu wrote: | I'd argue it's addressing the wrong criticism then. People | should feel fine critiquing what a celebrity is wearing on | social media: that's not toxic behavior, but having your real | name inextricably linked to your account would definitely | make you think twice. | | The _real_ issue here is the dedicated toxic users: sites | like 4chan and Kiwifarm for example. Those groups are | typically responsible for the real damage we see on the | internet, and there 's likely no way for us to ever flush | them out. It's a cat-and-mouse game that cannot be won, only | indefinitely postponed (which is a victory in their books). | akomtu wrote: | What damage? They sit on 4chan and whatever they say stays | there. | jimkleiber wrote: | For me, the problem with anonymous identities online is that | laws (at least in the US) surrounding defamation and other ways | to regulate human interaction seem based on a real identity. | Without that, I'm not sure how those and similar laws can be | enforced on the internet. | | One could argue that they shouldn't be and that's maybe a | separate conversation, but for example, right now, if someone | defames me in person, I can sue them and if they defame me on | the internet under anonymity, and I don't think I can (yes they | can be anonymous in person but I think it's much more | difficult). | reedjosh wrote: | > One could argue that they shouldn't be and that's maybe a | separate conversation | | Yes, it's probably a separate conversation, but I don't think | we should give these bad laws more teeth. | dredmorbius wrote: | Strong agreement here. | | The principle driver of antisocial behaviour online seems to be | _impunity_ , _immunity_ , and/or _disinhibition_. Anonymity and | /or pseudonymity are related, but nowhere near identical. | | As Yonatan Zunger, chief architect of Google+ (and now an ex- | Googler) pointed out, _compulsory identification amplifies | rather than removes power relationships_. This is his principle | (and IMO devastating) response to David Brin 's _Transparent | Society_ argument. Minorities and the disempowered obliged to | identify themselves _lose even more power in the bargain_. | | What empowers abuse is the ability to inflict harm without | _perception_ of risk, whether that perception is accurate or | not. Disinhibition reduces perception whilst overall risk | remains high. (The concept is captured in the word "assassin", | deriving from the Arabic, _hashishin_ , referencing hashhish | --- assassins had reduced inhibitions through pharmaceutical | influence.) Legal immunity, the cover of a crowd, operating | extrajurisdictionally, cover of a state or other significant | actor, or simple mass delusions can all provide the reality or | appearance of impunity. | | Mandating identity itself creates new avenues for abuse, | including the revoking of official credentials, bureaucratic | incompetence, bribery, and the potential of a "permanent | archive" of all accesses (already substantially present through | numerous mechanisms) which can be mined at arbitrary future | dates, but as-yet unknown entities with as-yet unknown motives. | | I'll note that I'm one of numerous reasonably-well-know | pseudonymous HN members. | meowkit wrote: | This is well stated. In case you read this reply, have you | looked into decentralized identifiers (DIDs)? Any thoughts? | dredmorbius wrote: | I'm (maybe) composing my own set of suggestions to Neil. A | substantial bit of that is TL;DR: credible assertions of | characteristics (or rights or responsibilities) might offer | some solution-shaped objects. | | But in many cases, there's no reasonable way to accomodate | identity / credential / characteristic assertion into data | flows (e.g., commandline tools, proxies). | Edmond wrote: | The argument about crawling is not a good one, a simple | authentication mechanism, for instance with asymmetric key | cryptography can address that problem. | | Along those same lines, the internet can in fact have scalable | information verification (age,height,income,sex...etc) with | robust privacy: https://certisfy.com | | In other words, cryptographic certificates can solve this | problem. | rabuse wrote: | I've had this problem recently with parsing a webpage using some | webscraping library, and returning nothing since everyone seems | to be running a SPA now. It's infuriating that you pretty much | need to run some headless browser to just scrape a damn website | now. | beiller wrote: | Don't spas make scrapers easier cause you can just call the | APIs directly? | Geee wrote: | Better solution is to provide OS-level parental controls, so that | parents can whitelist websites / apps / social contacts for their | children. No age verifications or breaches of privacy needed for | safer Internet. | ve55 wrote: | The consequences of requiring government IDs for basic Internet | usage are much worse than just making crawling and indexing more | difficult. I worry that due to government/'activist' pressure and | the difficulty of dealing with spam/bots/identity (think of the | captcha/ML rat race we are in), we may end up with an Internet | that is not only completely centralized (as ours is becoming), | but that also completely disallows anonymous and pseudonymous | usage in most cases. I'm definitely not a fan of the direction | many government bodies are taking us with respect to this. | Scoundreller wrote: | > think of the captcha/ML rat race we are in | | Google and my employer deal with massive amounts of spam emails | and gets it right 99.9999999% of the time. | | There's a reason why Google captcha me on their own properties. | | (It's inexplicable why EBay captchas me AFTER I submit 2FA...) | | We know who the bots are, but if you want your visitors to do | some free work for my training models, so be it. | | The captchas need some work though. If you want me to select | all photos with carS, I'm not going to choose the photos with | one car only. | mandelbrotwurst wrote: | > The captchas need some work though. If you want me to | select all photos with carS, I'm not going to choose the | photos with one car only | | If you're trying to get through these while spending the | least amount of time on them, you want to answer "How would | most people presented with this answer the following: _______ | ?" as opposed to "What do you think is the most correct | answer to the following ________ ?" | Scoundreller wrote: | I know, it was an academic exercise. I wanted to see if the | system would adapt or eventually accept me anyway. It did | not. | | So I bought the thing from another vendor. | tomxor wrote: | > It's inexplicable why EBay captchas me AFTER I submit | 2FA... | | Google does this too and it drives me nuts. What's makes it | even more of a "fuck you" is they will do it to paying users, | (business accounts)... if you refresh the page three times | the captcha goes away, they are just trying their luck at | using people for free ML training labour. | dredmorbius wrote: | The article is a draft concerning UK Internet policies for which | suggestions are solicited. | | I'd seen it posted to Mastodon earlier. | | Critiques are very much on point. | pjc50 wrote: | This is probably going to go nowhere. It fell over last time: | https://www.bbc.co.uk/news/technology-50073102 | | It's not even an important front in the culture war. | pessimizer wrote: | All of these things fail half a dozen times before they | succeed. | Nasrudith wrote: | Which is why there has to be a punishment for anybody stupid | enough to propose or vote for the bill. Throw them out on | their ass and they'll get the message. | woliveirajr wrote: | > In other words, forcing users to prove who they are, or at | least how old they are, before they can access the restricted | content | | First we protect children. Then we protect specific groups. Then | they redefine who should be protected of what. | | In the end a few protect all the others from knowing things they | shouldn't know. And knowledge is power, as always. | gopher_space wrote: | We absolutely need a media walled garden for children. There's | no good reason to give them unfettered access to the internet | right out of the chute. They can grow out of it at their own | pace. | | The moralizing coming from all angles is weird, since everyone | involved would probably consider themselves a problem-solver. | jimbob45 wrote: | That should be done by the parent, not the child. There are | more than enough tools for a parent to police what their | child sees online. | | The problem is that parents aren't trusted to do their job by | some and some want the government to step in and do as much | parenting as possible. That's not how parenting works though. | The government doesn't own your children and shouldn't get to | decide how they're raised. | cissou wrote: | I hear your argument but would you apply the same to | alcohol and cigarettes? Let parents make sure their kids | get none of it until they're of age? I think it cannot work | that way and it's OK for society as a whole to help with | the parenting. | alerighi wrote: | Just don't give your children internet access till they are | old enough that they can be responsible enough to use it | correctly? Why this is not an option? | | I got a PC that was all mine and an ADSL internet connection | at 16 years old, before of that I used the family computer, | but not really used the internet a lot since back in the day | it was quite expensive, and when I did I was monitored by my | parents. I got a smartphone that was capable of accessing the | internet everywhere at 18, before of that only a phone that | did phone calls and SMS. And still grow up fine and managed | to get a good career in IT. | | There is no reason whatsoever for a child younger than 14 to | use the internet on its own, without the surveillance of his | parents. And there is even no reason for him to have a | smartphone. If as a parents you are concerned about giving | him a phone for emergencies, just give him a 10$ feature | phone that can only do phone calls and SMS. It's as simple as | that. | | Nowadays kids are always in front of a computer or a phone, | they no longer go out to play, instead they spend their time | on Tiktok or other stupid social media. We must change that, | not the internet. | Nasrudith wrote: | Really if you want to protect children don't make a goddamned | dystopia for them to grow up in. | | We all know about the evil manipulators who favor that lie but | frankly those stupid enough to believe bear moral agency as | well. | vkou wrote: | I would like to point out that a child not having access to | the internet is not necessarily a 'goddamned dystopia', it's | just how the world has been from the time of the first ape | that stood up, to the Eternal September of ~1993. | cocoafleck wrote: | I agree, but keep in mind that children grow up in a | society, and make friends in school. You are influencing | their relationships by restricting their internet access. | panta wrote: | Think of the children! ...They could grow some critical | thinking abilities otherwise... | tyingq wrote: | This article could really use some context. It's not clear what | proposal, from who, where, etc. ___________________________________________________________________ (page generated 2021-07-15 23:00 UTC)