Comment by miki123211
10 days ago
You can't have privacy-friendy age verification that is also compatible with tinkering.
The problem is relay services that supply positive age verification results to any interested user for a fee. With a non-privacy-preserving solution, those aren't a problem, law enforcement can just track whose credentials those services are using and shut them down.
I'm not a fan of the whole idea in general, but if we have to choose, I choose privacy over hackability.
But you can, and GrapheneOS shows exactly why. And there are developers who instead of choosing fake and flaved* Google "attestation", choose to conduct hardware attestation.
*Google claims phones not updated for the last 8 years are secure merely because they have privileged Google services. Tell you what: many of them are rooted, with Google play services blind to it, and still claiming phones are "verified".
GrapheneOS has a privileged position in the Android ecosystem due to their connections to Google, so they can pass the STRONG version of attestation.
If you're not passing STRONG attestation it's exceptionally difficult to protect against AI video injection attacks.