- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Finally it seems the end of Reddit is near.
You must log in or # to comment.
Years later, you will find many then teen’s 80yo grandmas’ photos in the leaked database
Hm, I’m going to need some software engineers to critique an idea I have that could at least partially solve the fears people have about their personal details being tied to their porn habits.
The system will be called the Adult Content Verification System (or Wank Card if you want to be funny). It’s a physical card, printed by the government with a unique key printed on it. Those cards are then sold by any shop that has an alcohol license (premises or personal). You go in, show your ID to the clerk, buy the card. That card is proof that you’re over 18, but it is not directly tied to you, you just have to be over 18 to buy it. The punishment for selling a Wank Card to someone under the age of 18 is the same as if you sold alcohol to someone under 18.
When you go to the porn site, they check if you’re from the UK, they check if you have a key associated with your account. If not, they ask for one, you provide the key to the site, the site does an API call to
https://wankcard.gov.uk/api/verifywith the site’s API key (freely generated, but you could even make the api public if you want) and the key on the card, gets a response saying “Yep! This is a valid key!” and hey presto, free to wank and nobody knows it’s you! If you don’t have an account, the verification would have to be tied to a cookie or something that disappears after a while for all you anonymous people.As a result, you can both prove that you’re over 18 (because you have the card) and some company over in San Francisco doesn’t get your personal data, because you never actually record it anywhere. All you have is keys, and while yes, the government could record “Oh this key was used to verify on this site”, they’d have to know which shop the key was bought from, who sold it, and who bought it, which is a lot more difficult to do unless the shopkeeper keeps records of everyone he’s ever sold to.
So… Good idea? Bad idea? Better than the current approach anyway, I think.
This would be better than most of the crap being proposed or implemented.
But, since the keys are presumably reusable, they’ll presumably get borrowed shared by and among minors almost immediately.
There could be some “Netflix account sharing” style work to deter that, of course.
Yeah I did consider that people are going to share keys, but people are going to share accounts too so that’s always going to happen. The best thing you can do is stick some safeguards on the keys where if a key is found online, it can be deactivated and potentially investigated since you can tell which shop sold the key. If there’s a shop out there just giving cards away to minors, well they’re in for a world of trouble.
Under the Licensing Act of 2003, it’s illegal to sell alcohol to an adult if you reasonably suspect that they will be then giving that alcohol to a minor. You can assume the same will apply to people selling Wank Cards.
people are going to share keys,
get ahead of it and sell discounted bukkakeys
you could probably even have a bundle called the “family plan” for the real sickos
I should get into masturbation regulation marketing!
Hungry for Adams Apples? Try our limp biscuits!
I’m a security dev and this is a good idea!
How would you solve replay attacks? Like a million people, of age or not, sharing the same key?
Maybe you could limit the number of verifications a key can have in a day? Limit it to say 10 verifications per day. So if you’re on Pornhub and have an account, you can have the key associated with the account, verified, and so you don’t need to re-verify. But if you go on 10 completely different sites and verify for each one, you can’t verify after that 10th one within the same 24hr period?
You could maybe also include guidelines for integration where if a key is associated with an account, that key can’t be used for any other account. You can include that under some requirement that says you have to make ‘best efforts’ to ensure that a key is only ever used by one account at a time. That way, if a million people are sharing the same key, you’d have to trust that all one million of them will never associate that key with their account because if they do, it invalidates that key for every use other than through that account on that site.
Meh, just upload a dick pic.
I’ll never forget how he changed users’ text without them knowing it before the 2016 election. Reddit was going downhill before, but that was a turning point.
For those unaware, this isn’t something like replacing a slur with removed, he edited users’ comments, turning them into insults to other users.
I don’t care that those original commenters were (likely) pieces of shit, and the people who he made the comments insult were definitely pieces of shit, putting words into people’s mouths to make them fight each other is unforgivable. Even if you put out a shitty apology.
I’m a UK citizen, fuck everything about this law. I’m so sick of the current authoritarian trend amongst some western countries. The UK is one of the worst offenders.
It’s not even about protecting kids. It’s about control and appeasing puritanical elements in society. We’re the 6th richest economy in the world and we can’t even offer some of the poorest kids food security. But at least they can’t see a pair of tits on Reddit.
I keep thinking about some of RPs I’ve done in my life. Hot, vile, smutty text based RPs. I think about them and wonder if there will ever be a time when those words would be considered illegal and I would be arrested for posting them. This doesn’t just protect minors. It tags deviance. Some of you may know the darker corners of Reddit. Imagine if an AI flagged your subs. The delete-rebuild cycle doesn’t work anymore. Reddit will always know. If the law asks for suspects for newly illegal thought crime, Reddit will be able to point to all the users on those dark corners. We are moving into a future where privacy doesn’t matter and I fear what that means for the kinky among us.
That’s a subject many never talk about: it assumes we (1) have morality all figured out and (2) it’s the same for everyone, everywhere.
I’m nowhere near as worried about this for kink stuff as I am about us LGBTQ living in the US.
amongus
Something similar happened In China recently. A female author of homoerotic texts was charged for it.
Keeping the age verifier seperate from the content host is good. Destroying the files used for verification is good. On paper it’s not too a bad system for age verification, but it really hinges on if you can trust them. Given the track record of basically almost every company and government ever…
Problem is, how do we know that the company is reputable, audited, and so on?
I’ve seen more places requiring verification - and each one of them seems to use a different verification company. How are there so many of these places, and why aren’t they more commonly known? Like Experian for credit, etc.
Sure it might sound good to keep them separate - but all that is doing is absolving the content host from liabilities for providing the adult content (somewhere) on their platforms and sites. Reddit don’t want to get involved, and I’ll bet they found the cheapest and easiest provider, or the first one in the search list and thought “good enough”.
I think it’s good that Reddit is trying to continue to allow adult content within the legal framework in which it must operate.
I guess what I’m not clear on it is what the legal framework is for verification services. Absent rules that require robust privacy protections market forces will push a race to the bottom in terms of cost and data security will be the first to take a hit.
I know this might seem weird but I think this is one of those cases where a blockchain based smart contract might be the best solution. I’m not exactly sure, as any system that allows one to consume content generally also allows one to copy it, but having a system defined in code in a publicly auditable manner that cannot be changed without notice seems to me to have the capacity to grant the most reassurance.
I mean I assume that all the verification company is doing now is verifying a person’s age and then giving a kind of authorization token that’s cryptographically secure that basically says “the owner of this cryptographic key is of age”.
Good take. You are right. Still fuck this.
Parental controls exist. Use them instead. I fucking hate this.
tale as old as time even since I was a kid and I’m in my 40s. Reminds me of the original videogame rating system that Sega originally implemented in NA when the first Mortal Kombat came out. Parents, to this day, are still unable to manage what their kids consume.
I mean my parents never had an issue with this. Like when they’d rent movies, I wasn’t allowed to watch Terminator 2 until I was like 13 and it was my Dads favourite movie. He put it on “ok, you have to leave the room now we’re watching a movie” and I did.
Just upload a picture of any politician who voted for this.
“Reddit has stressed that this system is only to verify users’ age, and it has no interest in your identity. Lee further stated that Persona won’t know what subreddits you visit, and has promised it won’t keep users’ uploaded images more than seven days.”
Press X to doubt.
Time to go to LemmyNSFW
Under the new UK law, lemmynsfw would also need to have some kind of age verification for UK users.
This. Can’t believe we’re seeing “lol Reddit sucks” when this is a country-wide implementation and has nothing to do with Reddit in particular.
So, the UK sucks.
Something similar is coming to Australia as well.
Beware USA :(((
Supreme Court’s ruling practically wipes out free speech for sex writing online (July 4, 2025)
[commented the same a few days back]
This is why many adult sites are banning access if your IP is from TN or any of the other american states that love jesus more than freedom.
Explains the sudden advertisement in vpns, but I’m afraid they will have to shell out more proxies eventually
Happy birthday, USA
You are correct. But this doesn’t lessen the extent to which reddit sucks.
Real talk - or what? If LemmyNSFW isn’t based in the UK, what can they do?
Block it? I’d rather have that than deal with processing users face data.
Honestly I have no idea. I guess they could just block it if they don’t comply?
I believe if the UK finds a site that doesn’t comply with the law, they will block it from their side of things. I haven’t read anything about websites needing to be proactive to block the UK if they don’t plan to comply.
deleted by creator
Well as a Lemmy admin I’ll see if they seriously enforce this on international sites. If not, I won’t worry about it. If so, the UK gets blocked. 🤷🤷🤷
I doubt they’ll be going after niche sites anyway. Big dogs like reddit, sure. Sites dedicated to porn probably. Everyone else? Doubt it.
Even though LemmyNSFW is outside of the UK the admins of any instance will be responsible for verification of UK users because of this law. This is why .zip (Lemmy and PieFed) have geoblocked the UK. It’s a lot of work and responsibility to take on.
Here’s the post from Demigodrick explaining this situation better than I can.
Yeah only if the UK can actually manage to enforce any consequences to site admins outside the UK. I’ll wait and watch.
Just curious, how would this happen in practice? As I understand lemmy instances are defederated across the globe. Who would they send their demands to? Also there is already some nsfw content in lemmy, are those expected to respond now in some way?
Maybe they’ll just make the Fediverse illegal in the UK. Or all non-corporate sites that can’t afford to pay a company like Persona.
Or it can just defederate from UK based instances.
.zip has already been trying to figure out how to handle this law, its also UK based.
.zip blocks users from the UK iirc.
Lemmy.zip blocks uk users on its front end but I think its contents is still federated.
That’s always down when I want to use it :(
It’s always up when I use it … Oh you meant the site, sorry
It’s always down for it :)
It is not just that, I don’t trust Persona security, if a malicious actor installed a silent program that monitors users and sends it to a command and control center they probably won’t know for months or even years. Cyber security is very bad in most companies.
Oh the cute little corpo is promising to delete your data, how can we not trust him🥺🥺
Very careful wording there to switch between Persona and Reddit to conveniently omit one from the justification given by the other.
Presses X furiously
Google uses reddit for its AI training. Just saying.
God help us all.
Why doubt, I mean they promised?
Yeah, fuck all that.
Guess we’re transitioning into a VPN only future.
We have the opportunity to head into a utopic or dystopic future and we’re absolutely choosing the dystopic one.
They’ll criminalize personal VPN users for non-work purposes, next.
Work VPN doesn’t look any different to any other VPN to the people tapping the lines.
Once businesses fully implement zero-trust, VPNs are redundant.
I agree, and whilst I don’t personally bother with vpns myself because I prefer other solutions, it’s one of the things that helps prevent insane UK politicians’ bad hottakes on tech becoming law
Edit: an apostrophe
I’ll just use a VPN to hide my VPN use and then they’ll never know.
Good luck, I’m behind 7 proxies.
for non-work purposes
Sounds like a loophole to me!
A VPN future? Haha. Not if they don’t want to. There are many ways to prevent VPN from operating when you’re a government.
You can just plain ban encryption, which sounds really crazy, but yeah, they’re trying to.
You can just say “it’s illegal to use a VPN”. It’ll technically still work, but if there’s a trace of trafic from your house to a known VPN endpoint, you’re it! Great!
They can force custom proprietary spying software on your devices. Sounds equally crazy as the thing above, right? But rest assured they’re ALSO trying to do that. Multiple times, even. And in some places… they did. Of course, nothing forces you to have such software on your device. Especially if your devices are not supported; it also turns into a “you have to buy this or that big name device, everything else’s de-facto illegal! Fuck you, we’re the government!”. And if you get caught for whatever, and your phone, PC, or anything isn’t “compliant”? Bam. Guilty.
Plenty of option. All of them completely stupid and would weaken both privacy, individuals, and governments at large. It never stopped legislation from being pushed forward.
I don’t think we ever really had a choice
Indeed. With our current system it was only a matter of time. As soon as the internet became a default thing which everyone needed to access just to function in their daily lives, it would of course be subjected to the exact same exploitative mechanisms that the non-internet part of our lives have suffered from since the dawn of history.
Next in the news: “500k Usernames, Passwords and biometric data leaked in the latest hack”
So…coming soon: an app that can match up images of friends or colleagues with a summary of their pornography preferences.
This could at least liven up some boring meetings or dull parties…
Remember those are just the ones you hear about. Plenty happen and are never talked about by either side for obvious reasons.
Who is not “Rick Rolling” this with a selfie of a stock photo (or a frame from “Never Gonna Give you Up”?)
We thought the same thing about Netflix with the sharing password bans. Yet they retained more profit than ever the next year.
Who’s to say if this is what will make Reddit end, or did they actually just got more successful after the end of 3rd party apps compared to the declaration of so many users back then?
Digital personal verification is just going to become a fact of life in the future for everyone born after about 2012. They will use online ID cards, biometrics, location metadata that is constantly uploaded by our devices, maybe even implanted RFID encrypted chips for account verification. Passwords are becoming outdated and outmoded for security as we speak here. 2FA is the minimum security for online today but that may soon become outmoded as well.
I literally haven’t had a Netflix sub since that year and I sometimes miss the convenience of it even. Haven’t been very frequent on reddit in 2 years. Neither company is going to miss me though.
Soon it’ll just be piracy and the fediverse for me, and maybe I’ll be able to show my daughter how to download movies and shows, but I’m sure within within her lifetime, piracy will just become so unpopular that all the good sources of content die out. I do hope the fediverse will stay around though. It has a similar problem to piracy: It’s not that it’s hard, it’s more that the people making everything work get tired and it’s hard to convert people.
LOL. No “we” didn’t. A few idiots did.
These large tech companies have e focus groups and can do extensive research on how their markets will react to these changes.
Any analysis on social media just doesn’t have access to that data.
That’s because Netfilx is basically a media powerhouse & kind of a monopoly.
& your average person doesn’t know how to effectively pirate
u/spez was the lead moderator of r/jailbait, and when he was caught, he got rid of mod transparency. Ghilisaine Maxwell was likely a l lead moderator of news Reddits as well (u/MaxwellHill). Reddit has always been compromised.
I’m not defending Spez, I think he’s a piece of shit and he did edit other users’ comments that were critical of him, which is fucked up, but I don’t think he was actually involved with that sub. It was possible to appoint mods without their knowledge or consent, and he’s a huge target, someone must have done it as a joke.
what’s the topic of r/jailbait?
The speed they banned r/pizzagate was illuminating.
POV: You’re the intern tasked with reviewing the selfies.
It’ll almost certainly be an AI model doing it.
It’ll almost certainly be an AI model backed by 1000s of “trainers” in 3rd world countries doing it, but only until the model is fully trained.
That brings up an interesting thought. What if people uploaded AI generated selfies?
So long as its generated by the same (or a better model) it shouldn’t be able to tell.
Yeah, this is showing up at roughly the same time we can get (almost) free 5 second video generation from some services, and fast still picture generation on consumer grade hardware. It’s the perfect combination of useless, stupid, and obsolete, all in one very pricey and very dangerous precedent-filled package.
thats not what pov means, upload a selfie as punishment
That could very well be the POV of the intern having to approve career gooners
POV = point of view. The intern’s point of view. They’re looking at the selfies submitted by gooners. The picture is a gooner. Idk what you’re talking about.
This is a combination of terrible legislation in the UK meets awful social media site.
The Online Safety Act is an abomination, compromising the privacy and freedom of the vast majority of the UK in the name of “protecting children”.
I’m of the view parents are responsible for protecting their children. I know it’s hard but the Online Safety Act is not a solution.
All it will.do is compromise the privacy and security of law abiding adults while kids will still access porn and all the other really bad stuff on the Internet will actually be unaffected. The dark illegal shit on the Internet is not happening on Pornhub or Reddit.
The UK is gradually sliding further and further into censorship, and authoritarianism and all the in the name of do gooders. It’s scary to watch.
The online safety act isn’t actually about protecting children. That’s a smoke screen for a surveillance bill. They want to eliminate anonymity online.
The solution to all of this “think of the children” stuff is that devices owned/used by children should have to be registered as a child’s device, which would enable certain content blockers.
Forcing adults to verify their identity, rather than simply activating some broad based restrictions on devices being purchased for child use, is a waste of time. Kids will still find workarounds. Adult privacy will be compromised.
Its also an easily enforceable policy to require registration of children’s devices. You can hold the parents to compliance. You can hold the carriers to compliance. Its truly the simplest way to keep kids from accessing porn without having to mess with adult use of the internet whatsoever
Your solution is worse.
As is, it is the responsibility of the content provider to make sure that they are distributing only to people who are legally allowed to have it.
With age-verification the user has to prove that they are allowed to access the content, then the site can distribute it to them.
Your approach is to distribute the content by default and only deny it to ChildDevices. In order for this to work at all, you have to mandate that children can only use ChildDevices. This is soooo much worse than simply requiring that adults who want to see certain content have to prove that they can legally access it. If adults have reservations about providing ID for pornography, the loss of such content seems to be much less than denying children Internet access. (Although, I’m sure that Lemmings would disagree for obvious reasons).
The solution to all of this “think of the children” stuff is that devices owned/used by children should have to be registered as a child’s device, which would enable certain content blockers.
That’s kinda the case right now already, but the problem is that adult-only sites don’t work with that currently.
So the right solution would be to mandate that e.g. all sites are required to return a header with an age recommendation or something similar, so that a device set to child-mode then can block all these sites. And if a site doesn’t set the header, it will also get blocked on child-mode devices
Wouldn’t be too hard to do, and accidental overblocking would only occur on child-mode devices, so there’s not much of a loss there.
Legislation could then be focussed on mandating that these headers aren’t falsely set (e.g. a porn site setting the header to child-friendly).
Allow listing sounds like the better solution. Ie the device had a list of remotes approved by the parents.
That way there’s no need to police every website in the world in perpetuity.
Listing already exists, but in practice it’s quite impractical, mainly because it’s either not granular enough or too granular.
If the listing feature allows me to allow/deny on a domain basis, then allowing Wikipedia for example would mean that I’d also allow all the non-child-friendly content on there too. Like the literal full-length porn videos or the photographies of genital torture that are on there. And if I block all of Wikipedia, I also block all of the hundreds of thousands of informative and totally child-acceptable pages on there.
If, on the other hand, I allow/deny on a per-page basis, then using the internet becomes nigh unmanageable, because each click of my kid requires me to allow/deny the next page. It’s not that often when using the internet that you access the same exact url every day without clicking to sub-pages.
A header would solve that issue. That way I could e.g. allow all Wikipedia articles that are rated for ages 6 and that’s ok. The rating should of course be like for movies, so that it doesn’t mean that a child would understand the articles, but that there’s nothing child-endangering in there like the videos and images (and accompanying texts) mentioned above.
Removed by mod
<html> <head> <meta agerating="totallysafeforkidstrustmebro"> </head> <body> <iframe src="https://www.pornhub.com/"></iframe> </body> </html>How does sending a header with extra information make the world a worse place for everyone else?
It still requires arbitration of every digitally communicated thought, whether it’s age appropriate and to what degree. It’s mass thought policing, as well as trying to enforce a cookiecutter morality on every person.
I get the desire to enforce thoughts on someone else. But fight it, please. At least let people be free in their own mind.
Especially since the tools to achieve your stated goal, protection of your child(ren), are already available. So you can perform your censorship desire in the confinement of your family bubble. No need for collateral damage.
Adult privacy will be compromised.
Goal achieved. “Think of the children” is subterfuge.
I don’t think this is a good idea…
This is even more invasive - it would mean all the traffic and activity in every device would be traceable to a registration. Whereas now they might have a pretty good lock on individual device ids, they’d then have an actual registry of devices and owners to verify it against
A simple toggle, secured with a password would do it. Child’s device Y/N. If no, proceed. Your browser or whatever app you’re using would only need to see that one setting, and it’s not much different than your browser looking at any number of settings on your device.
Shit with TWO toggles, the other being “is this child under the age of 13?” You could even force sites like YouTube actually to comply with federal law about targeting minors with advertising.
But. These laws aren’t actually about protecting children, they’re about establishing a real identity for every person online.
A simple toggle, secured with a password would do it.
Yea, that’s the thing - I don’t think it would ‘do’ it for legislators. Like you mentioned - it’s not really about protecting children, but also the only way to enforce a law like this would be to log or register devices to specific people or children. This would essentially just shift the point of verification from the individual website to the point of sale of the phone or tablet. Verifying the age is the part that necessitates identification - the only thing a hardware-locked strategy does is centralizes that verification to a governing body instead of individual websites, but it still associates individuals with specific devices.
I get why this might seem preferable, but the problem of online privacy still persists.
The arguments that I’ve seen against that is that the problem is the hardware. The child can figure out/find a hack to circumvent the restrictions. A determined 11/12 year old could do it. They’re the ones who still need restriction.
So what you’re telling me is you don’t think an 11/13/14 yo could use an LLM to age up a selfie to gain access to subreddits they shouldn’t be accessing (legally or morally). But you do think that same age group of children is going to gain root access to a device in order to flash some software to circumvent a device specific toggle limiting their device by hard coding it as a child’s device.
Tbh I’m surprised they’re not asking for government issued id along with the selfie.
I’m gonna be honest here. I don’t think it would be that difficult for a kid to get both from their parent.
If a politician says it’s to help the children, it’s almost safe to assume they themselves rape children, at least in America.
that’s what happens when the uk has had 40+ years of constant tory rule (and yes blue labour are tories)
