Rendered at 01:45:03 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
quiet35 2 days ago [-]
I am just gonna leave it here.
Privacy Policy:
3.2. Identity verification through W Identity. To create a W Social account, you must first verify your identity through W Identity. W Identity operates an independent identity verification service that allows you to verify your identity once and then selectively share verified attributes with third-party applications under your control.
3.3. During the W Identity verification process, you will be asked to provide your phone number, email address, and date of birth, and to verify your identity using an official passport (via photo or NFC scan) and a selfie. This process is governed by W Identity’s own terms of service and privacy notice [...]
From the "W Identity" Play Store page:
Data that may be shared with other companies or organizations:
Personal info: Name, Email address, User IDs, and Other info
Photos and videos: Photos
Location: Approximate location
Messages: Other in-app messages
Device or other IDs
lbreakjai 2 days ago [-]
Those social platforms should really have a "import my information from a previous data leak" button.
lxgr 2 days ago [-]
Wow, they’re collecting a bunch of PII instead of using the zero-knowledge proof of humanity thing that the EU ID wallet is supposed to support?
How uneuropean.
pixel_popping 9 hours ago [-]
Weak developers, weak leaders, no talent. All of those including the location can be recorded anonymously and securely.
perching_aix 2 days ago [-]
This but unsarcastically, much to your dismay I'm sure, as usual.
InterlooperX 2 days ago [-]
Wow. Is that all? And here I though, iris scans, dna sample and the promise of my eventual first born would be in there. What a bargain.
Can't wait to do this and then get to use my "W account" to log into pornhub...
petre 1 days ago [-]
Logging into pornhub to require authentication similar to the nuclear briefcase. /s
lschueller 1 days ago [-]
The number of websites and services with really bad ai layout and a perverted thirst for emails are skyrocketing lately... This has just a closed, undocumentd inhouse verification service on top. I can't find any useful info about the verififcation app.
wolvoleo 2 days ago [-]
Yeah lol no. That's exactly what I don't want in social media.
pixel_popping 9 hours ago [-]
Trust me bro.
andrewstuart 2 days ago [-]
They should just hand all that stuff directly to criminals. Cut out the middle man of when their systems are hacked, saving everyone time and stress.
recursivecaveat 2 days ago [-]
I appreciate the sentiment I guess, but you can't really verify the human-ness of a poster. At best you can validate that at some point(s) they completed a human-is-present check. Doesn't necessarily mean anything about a given post. Moltbook (wow that feels like forever ago) has the inverse problem: you can just larp as a kooky bot. At best maybe you can do something like limit the number of bots to the number of people who are willing to set aside their personal credentials, which is probably way more bots than you can stand.
perching_aix 2 days ago [-]
They could tie the identities to governmental identities in a blind manner.
The pitfalls are as follows:
- the governments can just arbitrarily manufacture identities
- identities (govt and this) can be stolen
- identities can be misused (coercively or consensually, e.g. by passing on access to another person or automation)
Still would beat the current state of affairs, which is piss-all identity attestation, but then they're not actually doing this. They're scanning official documents and go LGTM + pinky promise. Hard skip.
pixel_popping 9 hours ago [-]
When sending identity to a remote server in cleartext, you must assume that you are giving away the data associated with it, it's just basic security principles, if the engineers behind this don't care enough to KYC using cryptographic ways which already exists, then you can be sure there is some sort of incompetency and/or malice :)
If I browse an http website, then I know that someone could be using the data, if I put my passport somewhere, then I know someone could as well, apparently having thousand of leaks every year isn't enough of a proof to people :/
sakjur 2 days ago [-]
There's a C-suite of five people and a board of advisors I couldn't be bothered to count before their public beta for an AtProto instance.
That just seems too heavy an operation for my taste. Seems prone to either infighting or raising too much early capital.
Signed up several accounts for the beta. Let's see how much of a photoshop they'll accept as verification.
pixel_popping 9 hours ago [-]
It's flawed as well, all KYC-accounts are available for sale in many places, example Wise accounts, FB KYC verified accounts and so on, can buy by the thousands.
You can also just pay people to KYC (very easy) or do a "KYC Proxy with some DOM mirroring" with a fake service, ton of ways if you are a bit creative and have talent.
It does absolutely NOT prove that you are seeing human-made posts but incompetent users might believe so, I give them that.
Paradigm2020 1 days ago [-]
Do share later as a post :)
zoobab 2 days ago [-]
Boycott.
My social network is IRC, never needed to reveal my ID behind my nickname.
wolvoleo 2 days ago [-]
Even here it's not necessary to give even an email address. Greatly appreciated.
lgcmo 1 days ago [-]
The website performance is not confidence inspiring
rie_t 2 days ago [-]
This website is so laggy I can barely even scroll.
ktallett 1 days ago [-]
On the day I have deleted all social network accounts bar Mastodon, as I have realised I just don't care anymore. Any one I want in my life, I have the phone number of, any one I can take or leave I don't. Mastodon is more than enough for exploring and finding interesting projects that I otherwise wouldn't have learned about.
metalman 2 days ago [-]
please take this, as part tounge in cheek and legitimate comment
what, exactly, has "european" got to do with bieng a "verified human"
maybe I should ask a dog
hoppyhoppy2 2 days ago [-]
Users can be from anywhere in the world, but they're making a selling point of it being built in Europe, hosted on European infrastructure, and governed by European law. The linked page shows this pretty clearly, I think.
dddaria 2 days ago [-]
Nobody should trust the EU
extraduder_ire 11 hours ago [-]
What does this have to do with the EU?
geek_at 1 days ago [-]
Unless you're not blind to all things we have because of them
Privacy Policy:
3.2. Identity verification through W Identity. To create a W Social account, you must first verify your identity through W Identity. W Identity operates an independent identity verification service that allows you to verify your identity once and then selectively share verified attributes with third-party applications under your control.
3.3. During the W Identity verification process, you will be asked to provide your phone number, email address, and date of birth, and to verify your identity using an official passport (via photo or NFC scan) and a selfie. This process is governed by W Identity’s own terms of service and privacy notice [...]
From the "W Identity" Play Store page:
Data that may be shared with other companies or organizations:
Personal info: Name, Email address, User IDs, and Other info
Photos and videos: Photos
Location: Approximate location
Messages: Other in-app messages
Device or other IDs
How uneuropean.
Can't wait to do this and then get to use my "W account" to log into pornhub...
The pitfalls are as follows:
- the governments can just arbitrarily manufacture identities
- identities (govt and this) can be stolen
- identities can be misused (coercively or consensually, e.g. by passing on access to another person or automation)
Still would beat the current state of affairs, which is piss-all identity attestation, but then they're not actually doing this. They're scanning official documents and go LGTM + pinky promise. Hard skip.
If I browse an http website, then I know that someone could be using the data, if I put my passport somewhere, then I know someone could as well, apparently having thousand of leaks every year isn't enough of a proof to people :/
That just seems too heavy an operation for my taste. Seems prone to either infighting or raising too much early capital.
You can also just pay people to KYC (very easy) or do a "KYC Proxy with some DOM mirroring" with a fake service, ton of ways if you are a bit creative and have talent.
It does absolutely NOT prove that you are seeing human-made posts but incompetent users might believe so, I give them that.
My social network is IRC, never needed to reveal my ID behind my nickname.
what, exactly, has "european" got to do with bieng a "verified human"
maybe I should ask a dog