>Discord's third party vendor Persona just got hacked and exposed. Anyone who did age verification with Discord, and by extension Persona, could be extensively tracked and watched.https://www.malwarebytes.com/blog/news/2026/02/age-verification-vendor-persona-left-frontend-exposed
>>108200542
Many such cases.
>>108200542how shocking, how could anyone have seen this coming?
>>108200542Almost as if all of this age verification and protecting the children is really about the globalist plan to create a digital ID and a global surveillance police state, headed by our friends in Israel.
>>108200542Saarlicious code
>>108200833the new tracking on 4chan is just intelligence gathering for mossad and israel. it doesn't nothing to stop ban evasion
>>108200542It’s even better, the system checks your face to see if it looks like people on a watch list, famous people, politicians and so on. It also has allowances to correlate your ID with crypto wallets, and other banking info. It also has one click buttons to report you to the appropriate financial auditing body for your country. There’s something like 269 checks against your biometrics when you use this thing, and there’s nothing in the leaked code base that makes it clear they delete your biometrics after the fact. And all this shit was just sitting on the open web lol. Even if they didn’t get your photo ID, there’s more than enough info in there to steal your identity. It’s obvious these ID verification companies do a lot more than just check your age, it’s a giant dragnet, and they’ll undoubtedly end up selling this shit to advertisers. Even worse, the platforms using them get access to a decent chunk of this data when all they actually need to know is “is ID valid, and are they over X age”. The only sensible way to do this is encryption based tokens. Go to your dairy or gas station, show your ID, attendant gives you a code that just verifies you’re real and above X age, that’s it. Even better would be Zero-Knowledge Proofs, which are a mathematically robust way to do offline, private identity verification without giving information to anyone involved.
>>108200847>The only sensible way to do this is encryption based tokens. Go to your dairy or gas station, show your ID, attendant gives you a code that just verifies you’re real and above X age, that’s it. Even better would be Zero-Knowledge Proofs, which are a mathematically robust way to do offline, private identity verification without giving information to anyone involved.Yeah, but age verification is the excuse, not the purpose of these things.
>>108200887Instead of passing half-assed laws the government should have worked out a technology solution that provided tokens as proof of identity/age. I don't trust them, but they already have the data. Instead we get rushed software made available before it's ready and secure just to meet the new demand. I expect 3-5 years of identity leaks before they secure the code for all of this.
>>108200887Obviously, but there is also a legitimate need for it (unfortunately). It’s just that shit like this makes it easier to explain to normies why this sort of solution is not an option, and will fundamentally never work. If I’m going to be forced to live in a world with age verification all over the place, it better fucking work properly, and not be set up to fail. This stupid ID shit doesn’t even work reliably, and just hoovers up people’s data. We have the tech do it properly, so let’s do it properly, or not do it at all. Robust identity verification is a solved problem.
>>108200906>>108200911Reminder that incompetence is a perfect mask for malice.>need for itThe internet has worked just fine without it thanks.
>>108200906Thing is, you can do this without it providing surveillance data to the government. Part of the EUs policy body is already working on it, but the EU has a very schizophrenic approach to privacy, and Denmark seems set on blowing up the guarantees they do have since they’re the ones running the parliament at the moment (as opposed the council, which actually passes laws, I think. The EU has a weird structure, with one part that’s like “EU” politicians, and another that’s made up of members from member parties, and they tend to have differing objectives), but they also have differing incentives to most other countries. They need a system that works between EU member states, but doesn’t allow one EU member state to spy on everything the citizens in another are doing. This basically removes the option of a centralised system, so there’s a far larger appetite amongst members for something simple on their end, even if the tech behind it is a lot more complex. I think their end goal currently is something akin to a digital ID card, except it can be used to verify info about the holder without relaying it to either the government that it’s been used, or to the one verifying. They just get back a signed response of yes or no, and can verify it against the governments public key. It would require use of hardware that can be verified (so phones and similar), but it’d also allow for the provisioning of standalone devices that are just used like this. You could probably even implement it into actual physical ID, and just have it as a smart card, which would permit use on anything that can read smart cards, which is basically everything with the right peripheral. In short, there’s a way to do this that actually works better for everyone, it just requires some effort to plan and implement.
>>108200847Source ?
>>108200906I expect 3-5 years of identity leaks before the competency crisis brings about another Holocaust
>>108200967https://vmfunc.re/blog/personaTroon, but the research is solid>>108200924The market is there, companies were going to adopt this shit even without regulation, if just to prevent actual regulations. Now there is regulation, and other countries are looking to do their own regulations. Burying your head in the sand is a great way to not only end up with age verification everywhere, but it be the worst kind, that doesn’t reliably verify identity, hoards your data, sells it to the government, leaks it and suffers no consequences. Essentially cutting your nose off to spite your face.
>>108200842what new tracking
>>108201084are you not using ublock?
>>108201084If your IP is one of these less trusted subnets(getting 3+ captcha tasks), 4chan also requires you to unblock some weird domains for some 3rd party anti bot/intelligence service.
>>108201092i'm using india's favorite chromium browser. what's happening?
>>108201096well i barely post anymore so maybe i just haven't encountered this yet
>>108200906>Instead we get rushed software made available before it's ready and secure just to meet the new demand. I expect 3-5 years of identity leaks before they secure the code for all of this.> In those files, the researchers found details about the extensive> surveillance Persona software performs on its users. Beyond checking> their age, the software performs 269 distinct verification checks, runs> facial recognition against watchlists and politically exposed persons,> screens “adverse media” across 14 categories (including terrorism and> espionage), and assigns risk and similarity scores.> Persona collects—and can retain for up to three years—IP addresses,> browser and device fingerprints, government ID numbers, phone numbers,> names, faces, plus a battery of “selfie” analytics like> suspicious-entity detection, pose repeat detection, and age> inconsistency checks.The software clearly isn't rushed, it's very featureful, they just didn't care to protect the biometrics they extracted
>>108200887One might say that the purpose of the system is what it does.
>>108201138They already had that part written. They rushed the part that makes it available for digital ID shit online.
>>108201096Hold it, isn't suppose to be in reverse?They ask you to turn off uBlock because they need to put your IP in those 3 sites to track you down.
>>108200542persona has been used for roblox and vrchat which is a way bigger deal than the whole 1000 or 2000 users that got the discord experiment using persona
