Comment by snackbroken
3 months ago
> He would need to be next to you every time you log in.
Or you can just text him a screenshot of the QR code. You could probably even automate this.
3 months ago
> He would need to be next to you every time you log in.
Or you can just text him a screenshot of the QR code. You could probably even automate this.
No, the QR code is changing every couple of seconds.
~Maybe~ you can video call, but again it's adding so much friction. Nothing is 100% secure.
The automated attack setup I'm envisioning is something like: 18 year old buys a cheapo laptop + phone and connects the two over ADB or some purpose built automation app (think appium). 18 year old puts the phone on a tripod pointed at the laptop screen. 14 year olds at school pay $10 a year for use of the service and install a browser extension that forwards the QR codes from whichever service they wanna use to the 18 year old's computer. Changing every couple of seconds is not an issue here, they all live in the same city and have <10ms ping.
The only high friction part of this is that someone needs to write the software for it, but that doesn't seem like all that difficult of a project and open source solutions are likely to appear within weeks of social media requiring it. If there really is no information shared with the other party beyond "yup, user is over the age of maturity" you could even run this as a free public TOR service without fear of ever getting caught.
Mhh, but then the Danish Agency for Digitisation will see that the 18 year old does a lot of age request on all day and night long. And block his account. And then he can't use his own banking, health, postal apps.
High risk, low reward.
If he throttles request to stay under a threshold, if the agency knows about it service they could use it and see which account does age requests at the same time.
3 replies →