The cookie dialog was a mistake -- this is something that should've been handled as a browser API. A standard dialog of "do you consent to cookies yes/no/functional-only" should be part of the HTTP headers.
Same thing with age verification. My kids all have devices that are managed through parental systems like Google Family Link and Microsoft Family Safety. It would be straightforward to have a header for "user is an adult" or not, and to have a standard API for "this site is requesting metadata that you haven't said to automatically make available without permission. Do you want to send it? Y/N [ ]checkbox use this for all sites.
The only time we should even be talking about full identity verification is on user-submitted content, and even then that should be up to the site (with the commensurate legal liability of hosting anonymous slop).
I actually think things have changed slightly. With the sudden shift to political extremism of the US government there's growing mistrust of US-owned software products... and anybody who thinks hard about that will have similar concerns about a Chinese company like Motorola/Lenovo.
Now I don't know how big the public market is. And you'd have to do a lot of conspiracy-based marketing to pull it off, which is kind of gross.
But commitment to auditable, hackable OSS would target a different market of people looking for devices -- think of the EU agencies trying to get off of MS products.
"Hey, do you know if the NSA is spying on your devices? PLA intelligence? Would you like to be able to build all your phone's code from source to be sure?"
Smartly, I got firstnamemiddleinitiallastname@gmail.com. I never get anybody else' details.
On the other hand... Occasionally someone gets my info because some careless person entered my email address into their system incorrectly. You'd think this problem would be solved by moving to a custom domain, but I still once in a while find someone completely ignore what I put into the form and sign me up as firstnamelastname@gmail.com.
All of my kids devices are identified, at device level, as children's devices. They could've trivially exposed this as metadata to allow sites to enforce "no under 18" use. However, I'd disagree that my bigger concern for my kids isn't that they'd see a boob or a penis, but that they'd see an influencer who'd try to radicalize them to some extremist cause, and that's usually not considered 18+ content.
And either way, none of that requires de-anonymizing literally everyone on the internet. I'd be more than happy to see governments provide cryptographically secure digital ID and so that sites can self-select to start requiring this digital ID to make moderation easier.
The problem with that is that sites/apps will retain the identifier, either to use the Digital ID for login (not just one-time age verification), because they want to retain as much information as possible for later usage or sale, or because a government told them they have to retain it so all their social media activity can be easily linked to them.
That's what we have now, but mandatorily, and without the anti-sockpuppet protection a true ID would provide.
I have conspiracy theories about the conspiracy theories about digital ID. The people who benefit the most from fake people posting are spambots, sockpuppets, disinfo peddlers, and astroturfers.
And either way, I firmly believe that a site should be free allow you to log in without a digital ID... I just would like to be able to know who doesn't have one so I can know who's a real human being and who is an appendage.
The president doing horribly fascist things with ICE like obliterating habeas corpus? Using the military to murder people in the ocean without trial? That's fine.
Screwing with the money? Not okay.
See also how the prez is allowed to screw with any congressional appointees except the federal reserve.
If a lawsuit tackles this problem in the EU, will we finally also see somebody go after MS for their obnoxious code signing certificates?
While MS code signing certs are more circumventable for power-users than Android's new approved developer program, their pricing is far more prohibitive for independent OSS developers and hobbyists, costing hundreds of USD per year.
I have a galaxy watch 4 which I'd hoped was old-enough to be supported but I can see that it is not. I get it, hardware is hard.
I'm curious, is the challenge with newer hardware lack of chipset drivers for modern watches, or is there a fundamental difference between the new devices and the old ones that make them completely incompatible with asteroidOS?
With the latest devices its usually a problem that manufacturers choose to omit the usb pin outs in favor of water resistance and wireless charging. Making them a challenge to flash and still wear afterwards.
Another issue is that we currently need to rely on libhybris for quick porting process that employs the android drivers. And the new devices run android versions that libhybris can not handle yet. Its just a slow process on all fronts but we are actually releasing this 2.0 publicly to possibly interest more developers.
Same thing with age verification. My kids all have devices that are managed through parental systems like Google Family Link and Microsoft Family Safety. It would be straightforward to have a header for "user is an adult" or not, and to have a standard API for "this site is requesting metadata that you haven't said to automatically make available without permission. Do you want to send it? Y/N [ ]checkbox use this for all sites.
The only time we should even be talking about full identity verification is on user-submitted content, and even then that should be up to the site (with the commensurate legal liability of hosting anonymous slop).
reply