this post was submitted on 10 Feb 2026
1633 points (99.5% liked)

Technology

81026 readers
5214 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
1633
'What a great way to kill your community': Discord users are furious about its new age verification checks — and are now hunting for alternatives (www.techradar.com)
submitted 2 days ago by return2ozma@lemmy.world to c/technology@lemmy.world
472 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] bekopharm@discuss.tchncs.de 1 points 1 day ago (1 children)

The eID can do this EU wide already but it's usage is regulated and that's not something a company wants to accept. The EU Digital Identity Wallet would hit the spot even more, since it's very privacy friendly: https://ec.europa.eu/digital-building-blocks/sites/spaces/EUDIGITALIDENTITYWALLET/pages/930450954/The+Age+Verification+Manual

That's still in testing though and even less in the interest of a company that wants to extract as much user data as possible.

[–] ell1e@leminal.space 5 points 1 day ago* (last edited 1 day ago) (1 children)

Sorry if I misread your post, but hopefully this comment of mine is relevant:

In my humble opinion, the digital wallet is horrible, because as far as I can tell 1. it requires Google device attestation so all custom ROMs are out and to be a citizen you can apparently no longer own your device, 2. unless you use iOS or Android you’re apparently not a citizen and you can't e.g. purely use Linux (this is as far as I know not the case with the German AusweisApp), 3. once everyone is used to using some citizen app like that, I feel like a fascist government could easily tie it to a social score or other authoritarian measures bewyond the age verification. 4. There is a privacy friendly alternative approach for age verification anyway, that most governments seem to conveniently be ignoring: https://www.politico.com/news/2025/10/13/california-law-online-age-checks-00606115

Also see here on the EU apparently trying to make this mandatory: https://leminal.space/post/31858818/21120139

[–] bekopharm@discuss.tchncs.de 1 points 1 day ago (1 children)

AusweisApp

Not exactly sure what you mean by this. I know for a fact that AusweisApp2 works fine on e.g. Linux and there is this: https://www.ausweisapp.bund.de/open-source-software

Of course a close eye must be kept on this but ffs this is miles better compared to the usual practise of copying ID documents in shops or using the PostIdent system and beats any 3rd fishy party provider - and that includes device manufacturers.

Same for the upcoming Wallet asking for open and established standards.

[–] ell1e@leminal.space 1 points 1 day ago (1 children)

I am referring to the EU Wallet age verification app: https://github.com/eu-digital-identity-wallet/av-app-android-wallet-ui/ Sorry that I forgot to link it.

And just because it might beat PostIdent, doesn't mean it's sane to give up online anonymity for age checks everywhere. The EU claims the wallet will allow anonymous age checks, but if they ever tracked you, pretty sure you wouldn't know.

[–] bekopharm@discuss.tchncs.de 1 points 23 hours ago (1 children)

This is not how remote attestation works. It's the whole point of the age verification of the wallet that such meta data doesn't have to be stored. The data submitted is transparent and can be viewed before accepting the verification. It's in the core concept that this process is unlinkable and the goal is to implement this with ZKP (Zero-Knowledge Proof) mechanisms.

That is in the technical spec for this proposal. It is designed for exactly this kind of requested online anonymity.

Does this have to be watched? Absolutely Yes. What you're doing here is spreading FUD though without any proof whatsoever just because "iTs fRoM tHe gOv". Now I don't know your frame of reference and it's probably a good idea to keep a healthy level of mistrust in place but(!) the EU does a lot of things correct and I take this over any system designed by a private company that is definitely always only interested in our best: money.

[–] ell1e@leminal.space 1 points 20 hours ago* (last edited 20 hours ago) (1 children)

Here are my sources:

  1. https://pluralistic.net/2025/08/14/bellovin/ (I don't agree with every bit of that article.)

    In practice, the security and privacy guarantees of the CL protocol require two different kinds of wholly independent institutions: identity providers (who verify your documents), and certificate authorities (who issue cryptographic certificates based on those documents). If these two functions take place under one roof, the privacy guarantees of the system immediately evaporate.

    ("CL" seems to refer to a common zero knowledge proof algorithm.)

  2. https://github.com/eu-digital-identity-wallet/av-doc-technical-specification/blob/main/docs/architecture-and-technical-specifications.md#332-enrolment-methods-without-existing-identification

    Technical Requirements: An Age Verification App shall support the following: [...] Request from the operating system a tamper-evident attestation of AVI properties

    (As far as I know, they mean device attestation with this where you no longer fully control your device.)

  3. https://github.com/eu-digital-identity-wallet/av-app-android-wallet-ui/issues/20

    The EUDI Wallet team is participating in a wider, EU-wide collective sleepwalk into a serious trap: You, along with the entire EU Digital-Identity movement, are hard-wiring the EU's civic governance to Apple and Google's hardware and software stack.

  4. https://github.com/eu-digital-identity-wallet/av-app-android-wallet-ui/issues/15

    Requires accepting "Terms of Service" to access basic functions of being a citizen. Your demo video shows you requiring accepting "Terms of Service" and "Data Protection Information" which I guess should really be "Privacy Policy".

Feel free to share your sources.

[–] bekopharm@discuss.tchncs.de 1 points 18 hours ago (1 children)

Feel free to share your sources.

The source is the technical spec. Read this yourself more closely!

Interoperability: The solution ensures seamless integration across diverse device operating systems, wallet applications, and online services.

And let's not ignore the demo part:

The white label solution will be implemented based on the open source EUDI Wallet Reference implementation libraries.

And yes it is good that people watch this carefully (and voice their concerns in a civil matter, which does not seem to be the case with most heated comments from your examples). But!

This is the very same with e.g. Let's Encrypt. Or a VPN 'service'. Or CloudFlare, that so many people love to hide behind.

What ifs. The spec does explicitly not allow exactly this and it's our job to investigate such providers closely and in doubt start and run trustworthy providers ourselves. And Let's Encrypt is again a prime example for something like this.

Oh and no nothing in the spec nails this down to Google or Apple alone. These are examples for smartphones for existing eco systems. I do not need a smartphone for e.g. AusweisApp and I will ask the same for E-Wallet because this is also in the specs (Interoperability) and explicitly not tied to some vendor specific eco system but to protocols and cyphers.

And this is where the next FUD may come in: TPM[1]. This does [also] exactly this: Device attestation and is a perfect candidate for regular PCs. That's probably just the next can of worms for you though and with this I'll end this discussion because even with plenty of What Ifs I do not see this solved from anyone in any better way - and again especially not from some company like Dis-fuckin-cord. This is exactly what a GOV exists for and they'd be sleeping on their job not providing digital ways for this very use-case.

[1] And just so that you may understand my POV on this: I demonstrated against TCPA back in the days. I can accept TPM tho. It's a rather useful compromise and something similar exists for most smartphone ALSO. That is a good thing because this is responsible for keeping e.g. password wallets private. Something the "oh noes, Windows requires TPM now" crowd never understood - and this is from a die hard Linux user for decades.

[–] ell1e@leminal.space 1 points 14 hours ago* (last edited 14 hours ago)

I disagree TPM is a good candidate.

And I think many of us reject the premise we should submit to any central id provider for half of the internet in the first place. There are less risky approaches: https://www.politico.com/news/2025/10/13/california-law-online-age-checks-00606115