惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Hacker News - Newest:
Hacker News - Newest: "LLM"
NISL@THU
NISL@THU
Know Your Adversary
Know Your Adversary
The Hacker News
The Hacker News
D
Docker
Scott Helme
Scott Helme
有赞技术团队
有赞技术团队
罗磊的独立博客
A
Arctic Wolf
P
Privacy International News Feed
Google DeepMind News
Google DeepMind News
Spread Privacy
Spread Privacy
B
Blog
A
About on SuperTechFans
L
LINUX DO - 最新话题
博客园 - 司徒正美
T
The Blog of Author Tim Ferriss
P
Proofpoint News Feed
W
WeLiveSecurity
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Google DeepMind News
Google DeepMind News
aimingoo的专栏
aimingoo的专栏
T
The Exploit Database - CXSecurity.com
美团技术团队
J
Java Code Geeks
Cloudbric
Cloudbric
雷峰网
雷峰网
Vercel News
Vercel News
P
Proofpoint News Feed
Webroot Blog
Webroot Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
人人都是产品经理
人人都是产品经理
Martin Fowler
Martin Fowler
G
Google Developers Blog
T
Tenable Blog
PCI Perspectives
PCI Perspectives
Engineering at Meta
Engineering at Meta
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
H
Hackread – Cybersecurity News, Data Breaches, AI and More
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
博客园_首页
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Apple Machine Learning Research
Apple Machine Learning Research
C
Cybersecurity and Infrastructure Security Agency CISA
S
Secure Thoughts
N
News and Events Feed by Topic
GbyAI
GbyAI
S
SegmentFault 最新的问题
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org

Hacker News

Introducing Claude Opus 4.7 Qwen Studio The Future of Everything is Lies, I Guess: Where Do We Go From Here? GitHub - SeanFDZ/macmind: Single-layer transformer in HyperTalk for the classic Macintosh Show HN: Agent-cache – Multi-tier LLM/tool/session caching for Valkey and Redis Moving a large-scale metrics pipeline from StatsD to OpenTelemetry / Prometheus GitHub - Nightmare-Eclipse/RedSun: The Red Sun vulnerability repository GitHub - SethPyle376/hiraeth: Local AWS emulator focused on fast integration testing, with SQS support, SQLite-backed state, and a debug-friendly web UI. GitHub - macOS26/Agent: Any AI, replaces Claude Code, Cursor, OpenClaw. Over 18 LLM providers (Claude, OpenAI, Gemini, Ollama, Zai, HF, Qwen) wired into a native Mac app that writes code, builds Xcode projects, bumps versions, manages git, automates Safari, use AppleScript, JS or Accessibility, extend Agent! w/ MCP Servers, run tasks from your iPhone via Messages. YouTube now lets you turn off Shorts I Made a Terminal Pager Burgers | マクドナルド公式 Commands — HackerNews CLI documentation ChatGPT for Excel PiCore - Raspberry Pi Port of Tiny Core Linux Live Nation illegally monopolized ticketing market, jury finds Google Broke Its Promise to Me. Now ICE Has My Data. Founding Engineer at Adaptional | Y Combinator CRISPR takes important step toward silencing Down syndrome’s extra chromosome GitHub - saffron-health/libretto: The AI toolkit for building reliable browser automations US v. Heppner (S.D.N.Y. 2026) no attorney-client privilege for AI chats [pdf] Unexpected €54k billing spike in 13 hours: Firebase browser key without API restrictions used for Gemini requests Retrofitting JIT Compilers into C Interpreters IPv6 – Google The Accursèd Alphabetical Clock Cybersecurity Looks Like Proof of Work Now Fragments: April 14 Cal.com Goes Closed Source: Why AI Security Is Forcing Our Decision | Cal.com - Scheduling Software for Online Bookings Laravel raised money and now injects ads directly into your agent When moving fast, talking is the first thing to break Too much Discussion of the XOR swap trick – Heather Cafe Introduction to Spherical Harmonics for Graphics Programmers The Grand Line Building a Z-Machine in the worst possible language High-Level Rust: Getting 80% of the Benefits with 20% of the Pain GitHub - duguyue100/midnight-captain: Inspired by Midnight Commander, tailored to my taste. How to build a `git diff` driver · Jamie Tanna | Software Engineer Center for Responsible, Decentralized Intelligence at Berkeley The Local Universe’s Expansion Rate Is Clearer Than Ever, but Still Doesn’t Add Up - A new synthesis of astronomical measurements confirms a persistent mismatch that could point to physics beyond current models The air throughout our homes is infused with microplastics. But there are things you can do to breathe less of them The disturbing white paper Red Hat is trying to erase from the internet – OSnews The Future of Everything is Lies, I Guess: Annoyances ‘Abhorrent’: the inside story of the Polymarket gamblers betting millions on war Productive procrastination — Max van IJsselmuiden maps, territory and LMs 447 Terabytes per Square Centimetre at Zero Retention Energy: Non-Volatile Memory at the Atomic Scale on Fluorographane Show HN: Pardonned.com – A searchable database of US Pardons 20 Years on AWS and Never Not My Job The Seasons are Wrong Artemis II crew splashes down near San Diego after historic moon mission We gave an AI a 3 year retail lease in SF and asked it to make a profit | Andon Labs How a dancer with ALS used brainwaves to perform live On filing the corners off my MacBooks Installing every* Firefox extension OpenClaw’s memory is unreliable, and you don’t know when it will break Steve Blank Nowhere Is Safe Chimpanzees in Uganda locked in vicious 'civil war', say researchers watgo - a WebAssembly Toolkit for Go linux/Documentation/process/coding-assistants.rst at master · torvalds/linux GitHub - callumlocke/json-formatter: Makes JSON easy to read. Founding Product Engineer at Bild AI | Y Combinator A compelling title that is cryptic enough to get you to take action on it GitHub - Keychron/Keychron-Keyboards-Hardware-Design: Industrial design files for Keychron keyboards and mice. 100+ models with CAD assets in STEP, DXF, DWG, and PDF. Source-available, with commercial use allowed for original compatible accessories within the license terms. [ANNOUNCE] WireGuardNT v0.11 and WireGuard for Windows v0.6 Released 1D-Chess Helium Is Hard to Replace Cooperative Vectors Introduction | Evolve Keeping a Postgres queue healthy — PlanetScale Our response to the Axios developer tool compromise Do Americans read print books, e-books or audiobooks more? The Zettelkasten Method in Obsidian: A Practical Setup Guide Artemis II Is Competency Porn and We Are Starving For It WeakC4 Flight Viz — Cockpit View A Mexican surveillance giant you’ve never heard of is now watching the U.S. border Surelock: Deadlock-Free Mutexes for Rust RISC-V 101 – what is it and what does it mean for Canonical? | Ubuntu The Problem That Built an Industry How Much Linear Memory Access Is Enough? | Solidean Investigating Split Locks on x86-64 Simplest hash functions Sybilproof reputation mechanisms (2005) [pdf] What is a property? How Complex is my Code? Static code analysis in Kotlin — tools overview Toffoli gates are all you need PGLite evangelism dcmake: a new CMake debugger UI Clojure on Fennel part one: Persistent Data Structures Fragments: April 2 Python Release Python install manager 26.1 The Life and Death of the Book Review - Liberties Introducing Database Traffic Control — PlanetScale Bitcoin miners are losing $19,000 on every BTC produced as difficulty drops 7.8% God sleeps in the minerals Building slogbox Apple Silicon and Virtual Machines: Beating the 2 VM Limit Who was “Not Even Wrong” first? Pokemon Evolution Vs Darwinian Evolution The APL Programming Language Source Code
Age verification for social media – the beginning of the end for a free internet?
StrLght · 2026-06-01 · via Hacker News

So-called age verification for social media is spreading across the world, framed as an effort to create a safer internet for children. In reality, age verification lays the foundation for a fully government controlled internet.

Countries around the world are moving to introduce online age verification. Part of this involves age verification for harmful content (most often pornography, sometimes video games), but above all it focuses on banning social media for children.

The big tech social media companies are bad. Their business model is bad; it is based on mass surveillance and manipulation, and they cooperate with governments in mapping entire populations. But age verification is fundamentally the wrong approach to preventing children from using big tech social media platforms. Introducing age verification is based on the state being able to force social media companies to verify their users’ identities. But the big tech social media platforms already know which of their users are children. Their business model depends on knowing this. They know how old users are, who their friends are and what ice cream they like. As age verification is based on coercion of the social media platforms, politicians could instead force them to stop doing the things politicians consider harmful to children, or force them to block children (again, they know who they are) from using their services. But instead, politicians seek to massively invade everyone’s privacy and undermine democratic rights on a global scale. In other words, the latter is the real objective – they do not want to protect children; they want to impose control.

And impose it they do. Australia has already introduced a social media age restriction for users under 16. The same applies to Indonesia and Brazil. Age restrictions have been approved but not yet implemented in Denmark, Portugal, and Malaysia. In France, an agreement has been reached, though details are still being discussed. Proposals are on the table in Spain and Turkey. In Germany, the major parties agree on introducing age restrictions, and in Sweden the issue is under investigation. The topic is also being discussed in countries such as the Czech Republic, Greece, Austria, Poland, Canada, Slovenia, and the Netherlands. In April 2026, the European Commission launched an EU age verification app, and one month later Ursula von der Leyen presented plans for EU-wide age restrictions. In the United States, half of all states either have pending legislation or have already introduced laws imposing age restrictions for inappropriate content and/or social media. The number of countries preparing age verification measures is growing rapidly. Updates can be followed on Techpolicy.press.

Most age verification is identity verification

As age verification is currently being rolled out, it is up to individual websites and services to implement it as they see fit. As a result, the quality of age verification measures varies greatly. This became clear in the autumn of 2025, when Discord was hacked, exposing the ID documents of 70,000 users. However, there is one common factor in most age verification systems (Zero-Knowledge Proof being an exception, more on that below): if age verification is introduced, everyone will have to identify themselves either to the service/website they want to use or to a third party capable of linking them to their activity on that service/website. The correct term for age verification as it is implemented today is therefore identity verification. Given today’s internet infrastructure, it is unreasonable to assume that this information will not be shared through commercial agreements or with governments.

The consequence of introducing identity verification is therefore that freedom of information is restricted (you can no longer visit regulated websites anonymously) and that you can no longer post anonymously on social media. You cannot be certain that your criticism of the government will not be followed up by the authorities. You can no longer start a digital initiative on a social media platform aimed at gathering people to criticize an authority without facing a significant risk of consequences. Depending on the country you live in, this could even endanger your life. In its current form, social media identity verification removes important tools for activists in countries where criticizing those in power is dangerous.

Freedom of expression is threatened not only in a direct sense (you post something and then the police knock on your door), identity verification also creates a chilling effect. It becomes a cornerstone of censorship machinery in the sense that people begin to self-censor if they know that expressing opinions may have personal consequences. This is also something that changes over time. What is considered acceptable to post online is determined by whoever currently holds power. Different sides of politics often have different views on what constitutes harmful content. Just because what you post today is not considered inappropriate does not mean it will remain acceptable in the future.

Broad and arbitrary legislation, along with mandatory ID tagging for every post, hardly provides a strong foundation for freedom of expression. Today, 30 people are arrested every day in the United Kingdom for posting something online that authorities classify as “grossly offensive.” In Germany, police conduct raids on people’s homes for insulting politicians online. One infamous example is the so-called “Pimmelgate,” where a person was subject to a police search after calling a German politician a term for male genitalia. In the United States, authorities are trying to pressure tech companies into revealing the identities behind accounts protesting ICE. Another example is when Canada introduced emergency acts during the 2022 trucker protests and then used social media to identify demonstrators and freeze the bank accounts of people who financially supported the protest.

The slippery slope of age verification. VPN next?

Restrictions introduced at the national level can be bypassed by changing one’s geographic location digitally, using tools such as VPNs, virtual phone numbers, eSIM cards, Tor and dedicated services. This has already led politicians in several countries to consider introducing identity verification for VPN services (presumably because VPNs are the most common and accessible method of changing digital location).

In the United Kingdom, the House of Lords sent an amendment in early 2026 (regarding the the Children’s Wellbeing and Schools Bill) to the House of Commons, proposing an 18-year age limit for using VPN services. The House of Commons rejected the House of Lords amendment four separate times. However, the House of Commons instead introduced its own proposal, which was passed and has now become law. This agreement grants the government the power to introduce restrictions through secondary legislation, with only limited parliamentary scrutiny. The government has confirmed that it intends to act on this and introduce some form of social media restriction for children under 16. The government has also hinted that it may consider introducing identity verification for VPN usage, effectively joining countries such as China and Russia in opposing VPN services.

The issue has also been raised in France. As Minister for AI and Digital Affairs Anne Le Hénanff put it: “If [this legislation] allows us to protect a very large majority of children, we will continue. And VPNs are the next topic on my list.” Discussions about VPN restrictions have also occurred in the United States. Utah has gone the furthest by introducing a law making it illegal to circumvent restrictions using a VPN. Within the EU, VPN restrictions have been discussed both under the Going Dark initiative and in discussions related to age verification. In response to a direct question about VPNs as a tool for bypassing age verification, EU Commissioner Henna Virkkunen said in April: “Of course, it's an important part of the next steps also to look at that it [age verification] shouldn't be circumvented.”

If VPN services were to implement identity verification, this would mean collecting data that could be abused through either malice or incompetence. It would, for example, make such services risky for whistleblowers and activists, make it harder for journalists to work with sensitive information, and create a chilling effect on online debate (VPNs can help people post anonymously on social media).

If VPN providers were to impose an age limit on their service, this would also mean that underage users would effectively lose their right to online privacy. Ironically, one consequence would be that social media companies mapping people’s lives through third-party trackers on websites could continue monitoring young people’s online behavior via their IP addresses without any interference. In other words, politicians would remove one of the protections children have against the very companies they claim to want to protect children from.

Identity verification in app stores and at the operating system level

As identity verification is now being introduced globally, different parts of the world are implementing it in different ways. Some countries believe the best solution is to impose controls through major app stores such as Apple’s App Store and Google Play. In Australia, Brazil, South Korea, Singapore, and several US states, Apple has already begun introducing identity verification at the App Store level to restrict access to apps containing adult content.

Identity verification in app stores only regulates access to apps. Therefore, several countries have also begun demanding identity verification at the operating system level itself in order to block access to certain websites directly through the OS. In the United Kingdom, Apple has already introduced this – despite there being no law requiring it (Apple is, however, under general pressure from British authorities). Without warning, Apple implemented identity verification on British iPhones through its system update on March 24, 2026. Suddenly, 35 million British users had to identify themselves using either a credit card or a government-issued ID card in order to avoid restrictions on their phones. Users who did not verify their identity saw their devices enter a mode where Apple’s web content filter and communication safety features were automatically activated, limiting which websites could be visited in Safari or any third-party browser, while messaging services and FaceTime were being monitored for inappropriate content.

When Apple introduced OS-level identity verification in the UK, reports quickly emerged of people bypassing it by creating US-based Apple IDs instead. App store-level identity verification can be circumvented in the same way. And this is how things will continue. The situation will not fundamentally change unless Apple and Google (assuming Google also locks down its system and introduces identity verification) implement these controls in their operating systems globally. But even then, there would still be ways to circumvent restrictions.

Users could, for example, turn to open-source operating systems, which by definition cannot be fully controlled because they are open and modifiable. In such systems, no one else can decide which apps you download or which websites you visit, and no identity verification can be imposed unless you choose it yourself. This points to the final stage for countries seeking total control over their citizens’ use of the internet. National identity verification can be bypassed again and again until authoritarian governments are ultimately forced to ban people from owning devices they control themselves. The only question is how this would be implemented. Well, we will soon find out … In Brazil, a law implemented in March 2026 states that identity verification must be carried out both at the app store level and within the operating system itself (including open-source systems), or companies distributing these services will face fines of up to $10 million. A similar law has passed in California which will require identity verification at the operating system level starting in January 2027. Open-source systems were initially included, but later removed, while web browsers and websites were added to the scope. Similar proposals exist in states such as Colorado and New York. In April 2026, a federal proposal was introduced that would require OS-level identity verification across the United States.

The final destination: state-provided phones and computers for all?

It will be interesting to follow the countries that pursue system-level control as they move further down the slippery slope toward open-source systems. Since open-source systems cannot be controlled, politicians would ultimately need to ban devices that are not controlled by the state. The end point: telescreens like those in Orwell’s 1984, devices that both monitor you and broadcast only the information approved by the state. One can only imagine the methods. Will the police stop and search people on the street looking for unauthorized phones? Prison sentences for buying a non-state computer on the black market? Charges of organized crime for smuggling in containers of open-source software on USB sticks? Welcome to a brave new world.

The Zero-Knowledge Proof alternative and the EU

While the rest of the world is moving forward with identity verification plans, the EU has presented its own privacy-focused approach to age verification. In April 2026, Ursula von der Leyen, President of the European Commission, unveiled an age verification app with “the highest privacy standards in the world” and the presentation materials describe the app as “completely anonymous.”

The EU app is open source, and the EU countries are supposed to use it to create their own versions, and become the issuers of the age credentials that their citizens can then use. This means we may see many different versions of age verification from member states (if they even choose the EU app at all; several countries have already said they prefer to develop their own independent solutions).

At its core, the EU app works like this: you, as the user, provide your identity to an issuer using something like an ID card. The EU envisions member states acting as issuers. The issuer then provides you with a number of credentials that you can use on websites and social media platforms to prove that you are old enough. These credentials only confirm that you meet the age requirement; they do not reveal your identity to the website or platform. Each credential is also used only once. For example, Facebook and X would receive different credentials that they cannot link together, meaning they cannot be used to build a pattern or profile of your internet behavior (and thereby identify who you are). This setup is why – we assume – the EU calls their app completely anonymous. There’s only one little problem. The issuer knows which credentials belong to which person. If you were to post something the state considers inappropriate on some platform, the state could ask the platform for the age credential and easily identify who it belongs to. The consequence is that you cannot post anonymously.

The solution to this problem is so called Zero-Knowledge Proof (ZKP) cryptography. With fully developed ZKP technology, you still need to provide your identity to the issuer, but the issuer would not be able to connect the credentials used on websites and services back to you. Right now, the EU app does not have ZKP functionality, contrasting Ursula von der Leyen’s claim that the app ”is technically ready to be used”. But more importantly, the app is currently designed to always function without ZKP technology; if ZKP is unavailable, the app falls back to a non-ZKP model. Even if fully developed ZKP technology could be implemented in the future, it would remain an optional extra feature that countries may choose to disable and that the EU could remove at any time.

This means that the EU could decide at any time that ZKP may no longer be used, and in one stroke the app would fall back to its default mode, meaning that every post on social media carries an ID tag. By that point, an infrastructure will already have been rolled out; people will have gotten used to it, and it will be harder to roll it back.

Age verification based on Zero-Knowledge Proof technology would be better than full on identity verification. However, even with fully functioning ZKP technology, age verification would still have significant problems. One issue is that people without ID documents would be excluded (determining age through facial recognition, for example, is not sufficiently precise). It would also enable states to revoke “problematic” individuals’ ability to express themselves online by refusing to issue age credentials. Another concerns a more fundamental question: is it really reasonable that young people should be entirely prevented from using social media? Is it desirable that 15-year-olds are completely blocked from expressing themselves on platforms that reach the public? Not all social media platforms are based on collecting data about everyone, manipulating users, and algorithmically steering them in various directions. An illustrative example is that the UK’s Online Safety Act may limit access to Wikipedia. The assumption that age verification would gradually expand and exclude young people from meaningful digital meeting spaces is not far-fetched.

Identity verification for social media – just another “what about the children” excuse to introduce mass surveillance and censorship.

Children’s “safety” has long been used by intelligence agencies and other authorities as a battering ram for introducing mass surveillance, especially in recent years. In the United States, attempts were made under the Kids Online Safety Act (KOSA) to introduce identity verification using children as the justification. The same applies to the UK’s Online Safety Act, where politicians repeatedly test whether they can get scanning of end-to-end encrypted communication approved. In the EU, authorities have tried (hand in hand with American tech companies and intelligence agencies) to introduce total mass surveillance through the scanning of all communication. During 2026, the EU will make another attempt through its Going Dark/ProtectEU project, where the goal is client-side scanning – in other words, government spyware on all devices.

The age verification rush must be slowed down, and politicians who do not want a society in which citizens live under total surveillance need to recognize the consequences of different types of legislation.