Comment by Sweepi

1 day ago

These are the sources cited by the article:

[1] https://xcancel.com/Paul_Reviews/status/2044502938563825820

[2] https://xcancel.com/paul_reviews/status/2044723123287666921

[3] https://csa-scientist-open-letter.org/ageverif-Feb2026

| "The saga is turning into a PR disaster for Brussels. "

imo: mostly because the Author wants it be a disaster.

The App has not launched, they published the source code in order to invite external review. I dont have time to every claim, but e.g. this [see quote below] seems to be blown out of proportions to me - the app fails to delete a temp. image, which results in a selfie being stored indefinitely(?) on the internal disk of your device - if an adversary has access to the internal disk of my phone, they can also just access the photo roll.

"For selfie pictures:

Different scenario. These images are written to external storage in lossless PNG format, but they're never deleted. Not a cache... long-term storage. These are protected with DE keys at the Android level, but again, the app makes no attempt to encrypt/protect them.

This is akin to taking a picture of your passport/government ID using the camera app and keeping it just in case. You can encrypt data taken from it until you're blue in the face... leaving the original image on disk is crazy & unnecessary."

5 comments

Sweepi

Reply
deminature  8 hours ago

Not immediately deleting the selfie is a pretty fundamental and egregious mistake to make. People are particularly sensitive to selfies not being handled correctly after Discord lost thousands of them, despite promising to delete them after age verification occurred (and then not doing so) https://www.bbc.com/news/articles/c8jmzd972leo

The damage is limited because the selfie is only retained on device, but it still does not signal competency from the EU to fail at the most basic hurdle of disposing of the selfie once verification is complete.

  • jimmydorry  3 hours ago

    >Discord lost thousands of them, despite promising to delete them after age verification occurred (and then not doing so)

    This is misleading, yet everyone seems to repeat it. Discord's implementation of ID verification did not retain IDs. Reporting on this was so poor, but what appears to have happened was that people that failed age estimation / ID checks had to raise a support ticket and get manually reviewed. That support platform was pwned and the active support tickets were leaked. Who knows how long these support tickets were set to live for, but up to 70,000 active tickets getting leaked feels like a drop in the bucket. It's also not immediately clear to me what the alternative is (other than not getting hacked), when you require human intervention to review problematic IDs. Even if the ID only lived on their server for 24 hours during manual review, across a userbase of >200 million users, that's a lot of IDs at risk at any given moment, especially during these initial roll outs of age verification.

    • deminature  6 minutes ago

      This is a distinction without a difference. Users were assured their selfies would not be retained and they were. Discord then proceeded to lose those selfies to bad actors, after promising not to retain them. The incident has caused enormous distrust of all age verification systems, which were already starting in the mind of the community from a base level of skepticism. It's already highly invasive to take a photo of yourself, but then the user must trust that the organization on the other end will handle it appropriately. To have that trust so conspicuously broken poisons the well for all other age verification systems and websites that are legally compelled to use it, or face penalties from aggressive organizations like OFCOM. Website operators are placed in an impossible position, where they must use these deeply unpopular technologies or face severe fines.

  • GoblinSlayer  3 hours ago

    Welp, this ship has sailed, corporations and governments have data hoarding addiction. They might not yet ask where your grandpa lived 57 years ago, but they seriously ponder this idea how to extort it from you of where else to get this data.

michelb  6 hours ago

>The App has not launched, they published the source code in order to invite external review.

I read that from many reactions in discussions, but not from their own channels? (Maybe I missed that)

It is ready for deployment: https://commission.europa.eu/news-and-media/news/european-ag...

The message is that it is ready, 'ticks all the boxes' (the published code does not) and that is now ready for integration by other countries. https://xcancel.com/vonderleyen/status/2044340323120193595#m

Then in the article I read that what we see now is a 'demo' version. So the code on Github is not the current code?