Reddit -> kbin.social -> kbin.run -> kbin.earth -> piefed.social
5th times the charm, right?
Had a quick look, and ye looks like the same kind of system with the scary and notable caveat that the belgium system isn’t govt. owned! It’s owned by: “Belgian Mobile ID, a consortium of local telecom companies and banks.”
That makes me deeply uncomfortable.
So I 100% agree with everything you’ve said, and to be clear, I’m not Estonian, have never been to Estonia, and have never seen the system in question, but:
gives the government a centralized means of tracking individual behavior
gives private sector actors a central immutable identifiers to associate behavior with that can’t be erased
I don’t believe that either scenario is possible in the Estonian system. At least, they’ve gone to great lengths to make those scenarios very hard to achieve at either end.
This is my (probably simplistic, and definitely not guaranteed accurate) understanding of the process using the example of age verification.
Porn Site A wants to verify User D’s age. D has previously registered their DOB in Govt. System B
A shows the request to D, which says: I would like to verify JUST that you are over 18. Not your exact DOB, and no ID’s, just enough to prove that you are authorized to view dem titties.
D then goes to intermediary system C and says: Please generate a 1 time use certificate that proves I’m older than 18.
C checks with B, and generates a “YES” token that it presents back to A.
A and B haven’t communicated with each other and B (the govt.) have no knowledge of the transaction, but A still has a valid method of authorizing D without identifying them.
The problem is C could be tracking the user. I believe in Estonia, this intermediary system is outside govt. control, but is regulated by them. They’re audited like banks. I believe this is supposed to be all local, and would just be a cryptographic wallet for your govt. issued certs, and requests should be between A and your device, not a 3rd party server.
Another problem is “This site uses cookies” style abuse, and users just agreeing without understanding what they’re agreeing to. They have authorities and laws in place to prevent that theoretically. No idea how effective they are
Anyway, I kind of went off a bit here. Point is, the Estonian system is pretty robust, and really cool
I too ignored the warning, to my detriment. Turns out, a possible answer to the question “how bad could it be” is “kill it with fire, then kill me to cleanse the memory”
The problem isn’t digital id, it’s the implementation.
The Estonian system is a great example of digital ID done well. It blocks unauthorized access to your data at a policy and technical level. So even if they change the laws, the technology means it’s literally impossible to make the system disclose information without your consent.
That being said, anything the current US govt. tries to implement around this should probably be treated with heavy distrust.
Lol, I’d still take it. All I can say is the people flying with me better keep close. Ditto the ones breathing under water
Manifest any superpower at will
Sounds like what he’s speaking
because the original was a parade of normality?
That’s why I posted it. So people can decide for themselves. Doesn’t seem that bad to me, but then I’m a dev, so it’s really hard to judge what a non dev would be comfortable with
Depends on your comfort with CLI tools. Here’s the process (assumes Windows):
set PATH=%PATH%;C:\your\path\here\ <- Temporary, just for the current sessionsetx /M path "%path%;C:\your\path\here\" <- PermanentOn your device, go to Settings -> About and look for Build Number it can sometimes be buried in Software Information
Tap Build Number repeatedly until a message appears You are now a developer
You should now have a new Developer options menu item somewhere in your settings. Sometimes it’s top level, sometimes it’s buried under Additional Settings or Advanced Settings or the like
Make sure USB Debugging is turned on
Connect the device over USB
Back on WIndows type:
adb devicesadb devices again. You should see your device listedadb install C:/path/to/app.apk <- if adb devices only returns one deviceadb -s <device_id> install C:/path/to/app.apk <- specific deviceYou can install updates the same way, just download the updated APK and add the -r flag
adb install -r C:/path/to/app.apk
Absolutely, C is the weak link. There are ways to mitigate that, though. Like I said, there’s no need for a server. The intermediary can and should be all local.
As for cloud backups, there’s no reason to keep a log of requests, so there shouldn’t be anything to back up, other than the certs themselves. Even if there is though, that’s in the user’s sphere of influence. De-googling is becoming more and more popular, and there’s nothing preventing you from disabling cloud backups.
All this is just to take it back to my original point: The idea has some great benefits, but the implementation matters immensely