It's an SDK for Certisfy (https://certisfy.com)...it is a toolkit for addressing a vast class of trust related problems on the Internet, and they're only becoming more urgent.
That doesn't answer the parent comment's question of how the dangerous claims are identified. Ok, so you say you Certisfy, but how does that do it? Saying we could open a GitHub discussion is not an answer either.
You can use the idea to spin-off background agent tasks that can then be seamlessly merged back into context when they complete.
The example above is a product specific approach but the idea should be applicable in other environments.... it's really an attempt to integrate long running background tasks while continuing with existing context in an interactive manner.
When you start working on the problem of working with automation programs (AKA agents) in an interactive human-in-the-loop fashion, you will naturally run into these kinds of problems.
We've all seen sci-fi movies with AI assistants that seamlessly work with humans in a back and forth manner, async spin-offs are essential for making that work in practice for long running background tasks.
If the hammer ever comes down on this issue, ie hardcore requirement for age verification, there are ways to do this while protecting privacy.
We are experimenting with bootstraping a PKI certificate trust chain for facilitating trust projection and information verification online. Think of it as the ability to do things like age verification at scale via a peer-2-peer ish mechanism instead of sending your government id to a service provider.
One experiment is with PGP key holders (for now Keybase key holders) as CAs:
It's all self-service and requires no sign-up or download of anything, the app (https://certisfy.com/app) is an in-browser app and all the cryptography happens in the browser.
I find claims of any technology being able to simultaneously validate your age while "respecting privacy" to be suspect at best. Even if the technology could work in theory, it would be built on top of an ecosystem designed around an ecosystem hell-bent on monetizing info about you.
Zero knowledge proofs can perform expressions that check values within a JSON tree without exposing any of those values to the requesting party, for instance "year of birth < 2005" can return true or false without returning the person's numeric birth year. Essentially the requesting party has the holder of the credential perform a computation, the result is guaranteed to be the result of each and every instruction over a target data structure (only knowing the hash and signature chain of the credential, so for instance your government issued id can be signed by your secretary of states public key)
Estonia has a really interesting government issued public key infrastructure where users can validate their identity with their physical ID card and a USB reader (maybe it's NFC by now?) but I don't think I've heard of the above scheme used in practice, just sat through a presentation at the internet identity workshop.
But the verifying party can still track you because they can (and absolutely will) log who the requester was and when it was requested. The site might not know who you are, but the government will now have a record of all your 'adult web activity'.
In the ZKP system Europe will be using and I believe in the one Google has developed when you verify your age to a site the communication is only between your device and the site.
The only information the site gets that they don't get when you login now without any kind of age verification (other than something like clicking "I am 18+") is that you have a government issued ID that says you are 18+.
If their logs without age verification are insufficient to reveal who you are if they get turned over to the government then the logs with age verification will also be insufficient.
But this information to the site would be still be a unique identifier wouldn't it? Is so, it will be logged and logs sold to data miners and at some point will be correlated with enough activity to be de-anonymized.
The only extra information the age check adds over the normal information the site gets when you use them is that your age is not under their age limit.
If that's the case what stops me from making a free public service that allows anyone to verify using my ID? Don't they have to log something to ensure that isn't happening?
The ID is cryptographically bound to a hardware security device you provide. In the EU system that will initially be an iOS or Android smart phone with a secure enclave, with support for other security devices like YubiKeys or smart cards coming later.
Briefly, your government gives you a digital ID that is signed with a key that is stored in the hardware security device. To demonstrate some fact to a site, such as "My ID says I'm 18+" your phone and the site use a ZKP to show to the site that (1) you have an ID that confirms that fact, (2) the you have the hardware security device that the ID was issued for, and (3) the hardware security device is unlocked.
You can use your ID to verify for someone else, but because the verification has to use your phone and it has to be unlocked this will be mostly limited to people helping a friend in person get around an age limit.
In this case the ZKPs are tied to a private key stored in a secure element in the phone, so effectively they are tied to control of the device where the original credential was enrolled.
That's nice and all for the cryptography but now think about what's needed to associate it with the physical attribute (such as the age) of the user of the device which may or may not change hands over time.
The Google system is tied to a mobile driver's license, and there is an identity check at enrollment that is intended to tie the credential to the device. It's true that if you give someone access to your phone without erasing it, then they can potentially use this mechanism to circumvent age assurance. This is true for a number of other age assurance mechanisms (e.g., credit card-based validation).
In any case, I'm not really interested in getting into an argument with you about the level of assurance provided by this system and whether it's "trivial to abuse" or not. I was merely describing the way the system worked in case people were interested.
The suitability of the remedy (ZKP) for the purpose of age assurance is the entire problem. The non-cryptographic aspects cannot be handwaved away as something not worth discussing when they're the primary area of concern here.
You're arguing with something I'm not saying. I didn't handwave anything away or say it wasn't worth discussing. I simply described how the system was designed.
But they must allow some kind of proxy signing so that you can sign in from other devices besides the phone. So how do you protect against misuse of that feature without logging any identifiers?
> the entire point of age laws is to stifle free speech and ruin privacy
Does it? I mean sure, it's a side-effect that some (most?) politicians might find desirable, but there's also people who just want to restrict access to adult material (not taking a position on whether it's a good or bad thing here). Most parents would probably agree with the latter even if they don't with the former.
> The U.K. Online Safety Act was (avowedly, as revealed in a recent High Court case) “not primarily aimed at protecting children” but at regulating “services that have a significant influence over public discourse.”
I don't have any children myself, but as I understand it in the modern age:
Your kid's smartphone can connect to home wifi, mobile data, public wifi, and friends' home wifi - so network filtering alone won't cut it. And 'Encrypted SNI', 'DNS over HTTPS' and Cloudflare makes network filtering much harder than it was 15 years ago.
On top of that, there's loads of porn posted on Reddit, Twitter, Twitch and suchlike. So any effective block is going to have a lot of collateral damage.
Use a DNS that has porn filtering along with any custom sites you don't want them accessing via the browser. You can even create your own MDM profile to prevent a kid from disabling the private DNS. There are sites that will set this up for you too. Furthermore, use parental controls to prevent installing apps without your permission, use the built-in features to limit screen time, and use tools offered by social media apps to limit usage. A super smart IT wizz kid may eventually figure it out but this will keep most kids from accessing inappropriate stuff.
> On top of that, there's loads of porn posted on Reddit, Twitter, Twitch and suchlike. So any effective block is going to have a lot of collateral damage.
The Texas HB 1181 law only applies to websites which have content that is at least 1/3 porn. If Reddit doesn’t qualify for that requirement, then the Texas law doesn’t require ID verification.
There will always people who will arbitrage the gaps between the legal definition of something and the practical application. The blast radius of those kinds of issues always has been huge.
> If your kid is going to get around that by clever vpn use, age gates don't help.
I think politicians and their supporters believe they do help. Of course from their perspective the only way to know for sure is to implement the restrictions (regardless of whether they succeed, at least they fulfill their campaign promises to their electors of "doing something").
Not social media sites. Sites like Reddit are everything. Some also go out of their way to hide certain information from parents.
Reddit (not to be too picky) does some weird things when a logger is in place, essentially making it impossible to know which subreddit is being accessed.
And that's really where the bad stuff lurks - it's peer to peer interactions.
Yes. Look at the UK - in the best case the laws here (OSA) are absolutely trivially bypassable by apps that are openly advertised on the App Store (VPN apps). In the worst case it pushes people onto sites that refuse to comply which are likely holding _actually_ harmful material.
> there’s also people who want to restrict access to adult material
First of all - we’ve been down this path so many times. Won’t someone think of the children is a plea to emotion not to reason. Secondly, there are many ways that people can opt in to those controls already, and for the most part _they work_. Anyone who can bypass those will be able to bypass what’s being rolled out around the world. Lastly; they’re trivially bypassable because a grown up can validate and then just hand the device back to a child.
The UK is pretty good at digital services and had a solid opportunity to make an anonymous, privacy first based age verification system. I designed one (not without flaws) in about 15 minutes, so we definitely could have had something decent. Instead our first move was to make something that basically required a liability shift, and we ended up sending face scans and passport photos to US tech giants - meanwhile the kids were just pointing their cameras at YouTube videos of adults and bypassing the filters.
While some people may want that, everyone who has the technical know-how to restrict access can name probably a dozen different ways to do it without violating privacy via ID Upload. The only reason to push for ID Upload instead of the other methods is because policy makers are lazy and information resellers want as much information about us all as they can get. Its lazy because it just recreates the liquor store "Can I see your ID please?" experience everyone is so familiar with and takes no explanation, so lazy policy makers find it easy to push for, without accounting for how that data is handled after use. Meanwhile information clearing houses and anti-privacy wanks are salivating at how this can be leveraged so they too push the "ID Upload is the only way!" messaging.
>and information resellers want as much information about us all as they can get.
That seems implausible given that most sites requiring age verification outsource it to some third party, which means they're not getting all the juicy biometrics.
That's an unhelpful way of analyzing stuff because you can cynically retort "You've identified the group that would be incentivized to lobby for this" regardless of what happens. No age verification whatsoever? I bet social media companies would like that! Age verification by the government? I bet it's because the government wants to know what porn sites you visit! Maybe verification by the OS instead? Must be the Google/Android OS duopoly! So complicated PKI or zero knowledge proofs solution? There's probably some consultancy that would benefit, not to mention there's still going to be companies that would handle the outsourcing. There's a whole industry for handling user account management/SSO, for instance, and that's entirely open source.
I didn't look at it that way, but there is unfortunately a bit of truth in that analysis. Such is life in a captured state.
Honestly, I wasn't being quite that cynical. Just pointing out that there are actors who have business interests in applying a worse architecture.
But IIRC this was made manifest in Alabama, where a tech company lobbied for their age law and then captured the sole source contract for doing the verification.
> But the entire point of age laws is to stifle free speech and ruin privacy. Thus why every age law requires uploading an ID.
The age verification system currently undergoing large scale field trials in the EU does not require uploading ID. Every member of the EU is required to support that system, and any online age verification laws any member passes are required to allow its use.
I read, from a semi-reliable source, Lousiana has pretty good system for verifying age and protecting ID. But's focused on in-person ID for gambling.
The system was that they hired a company to make the cards, and assume civil liability for any privacy violations. They also required to the company to hold insurance in case of a claim.
So it fell to the insurance company to sign off on the standards, and allowed investors to make money by avoiding claims.
I might be half-remembering it but that seemed like a very good system.
Why so complex. ID cards could solve that issue, every European ID card has a powerful and programmable crypto processor / secure element inside and so do all ICAO compliant passports.
Have the website emit a random nonce (to guide against replay attacks / reuse) plus an information what is requested (name, DOB, address, some like the Croatian ID card even store photographs), the card prepares a response with that data, signs that using its private key (with a 2FA being possible as well by using a PIN/password) and returns it to the website.
The Croatian ID card doesn't even need a middleware because it doesn't do 2FA, you can ask it all of that by pure NFC communication. The German ID card requires a middleware ("AusweisApp", open source) for added protection though.
Age verification could indeed be implemented in other ways. The approach outlined above is for information verification and trust projection in general, meaning you can put just about any verified information on a certificate and it can be used online.
Here is a concrete example of how trustworthy certificates can be used online, this is my personal profile on bluesky with verification that is independent of the Blue sky service:
https://bsky.app/profile/bitlooter.bsky.social
If you click on the profile image you can enter that code into https://certisfy.com/app to verify the identity of the profile. That sticker could be on any online profile to prove high quality authenticity, it could for instance be on an e-commerce site to prove that the site isn't a scam.
The problem with this specific design is that it reveals your identity to the site, which is obviously undesirable from a privacy perspective.
For those who are interested one of my recent newsletter posts goes into a fair amount of detail about the various technical options here for using digital IDs in this context: https://educatedguesswork.org/posts/age-verification-id/
First they said you wouldn't be able to travel unless you had a Real ID by 2008. Then they delayed it. Many times. Based on which airport/facility and what state your ID was from, some enforcement started in 2014. Not all states were even issuing Real IDs yet in 2019. Finally, in 2024, all states and territories are issuing Real IDs, but full enforcement won't be until 2027.
My concern with this is how far it goes and whether it has unintended side-effects.
There are a lot of situations in history where in retrospect being able to evade government oversight and restrictions turned out to be a good thing. During the Holocaust a number of Jews and other targeted populations were able to escape hostile territory because they were able to get forged passports and other documents, something that strong cryptography would make impossible (even in a perfectly privacy-preserving way).
I'm not sure how old you are or when you started in tech, but in my case I started as a kid and was able to build the skills that now gave me my career thanks to unrestricted Internet access (and sure, I saw pornography a few years earlier than I should have - didn't seem to have any measurable detrimental effect on me, especially not compared to the cigarettes and alcohol).
This wouldn't have been possible if age verification was properly implemented, since a lot of the resources that might be useful for someone to learn programming/sysadmin could also be used to circumvent age verification and thus would've been blocked, and I would probably be working a minimum wage job and/or engaging in crime to sustain myself as a result. If I had to choose whatever harmful effects from pornography versus having a min-wage job, I'll take the porn side-effects any day, at least I have a roof over my head.
Trying to bootstrap a PKI certificate trust chain for facilitating trust projection and information verification online. Think of it as the ability to do something such as age verification at scale via a peer-2-peer ish mechanism instead of sending your government id to a porno service.
We are experimenting with Keybase key holders as CAs:
It's all self-service and requires no sign-up or download of anything, the app (https://certisfy.com/app) is an in-browser app and all the cryptography happens in the browser.
In general Just-In-Time app generation is a bad idea. The right approach is to create human-in-loop tools that a bot would recognize and invoke as needed, of course the human-in-loop tool would itself be AI generated.
Not to make excuses for plagiarism, I am looking at the code itself and somewhat scratching my head since it seems quite...trivial?
I don't mean to belittle the effort but at least in terms of volume of code and level of effort, I wouldn't recognize it as mine if someone had copied it from my work and passed it off as theirs.
Regarding the charge of plagiarism, is it possible that the PR attribution reflects someone eager to contribute something to a larger effort as opposed to simply trying to "steal" someone else's work?
One could reasonably interpret the PR and attribution as "I integrated this code into this project thus I am taking credit for it". In other words there is probably a stronger charge for misguided clout-chasing than plagiarisms.
>As someone who appreciates machine learning, the main dissonance I have with interacting with Microsoft's implementation of AI feels like "don't worry, we will do the thinking for you".
This the nightmare scenario with AI, ie people settling for Microsoft/OpenAI et al to do the "thinking" for you.
It is alluring but of course it is not going to work. It is similar to what happened to the internet via social media, ie "kickback and relax, we'll give you what you really want, you don't have to take any initiative".
My pitch against this is to vehemently resist the chatbot-style solutions/interfaces and demand intelligent workspaces:
A world full of humans being guided by computers would be... dystopian.
Although I imagine a version where AI drives humans who mindlessly trust them to be more vegetarian or take public transport, helping save the environment (an ironic wish since AI is burning the planet). Of course "AI" is being guided by their owners, so there'd be a camp who uses Grok who'll still drive SUVs, eat meat, and be racist idiots...
It is also highly compatible with the internet both in terms of technical/performance scalability and utility scalability (you can use it for just about any information verification need in any kind of application).
Age verification doesn't have to be perfect or even cryptographically secure. We don't demand it for alcohol or tobacco: carcinogenic, addictive substances that cause (in the case of alcohol) impaired judgment leading to deadly accidents. There's no justification for online age verification to be more invasive or stringent than what's done today for buying alcohol or tobacco IRL.
My motivation is less about self-promotion at this point and perhaps just frustration with the face-palm quality of the failure to properly implement information verification on the internet.
Every time I hear about some dumb approach to age verification (conversation analysis...really?) or a romance scam story because of a fraudster somewhere in Malaysia..I have the need to scream...THERE IS A CORRECT SOLUTION.
There are a couple big problems with this type of digital and decentralized type of authentication (I say this as a long time cryptocurrency professional who wants this to succeed):
1. backups and account recovery: We’re working with humans here. They will lose their keys in great numbers, sometimes into the hands of malicious actors. How do users then recover their credentials in a quick and reliable manner?
2. Fragmentation: let’s be optimistic and say digital credentials for drivers licenses are given out by _only_ 50 entities (one per State). Assuming we don’t have a single federal format for them (read: politically infeasible national id) how does facebook, let alone some rando startup, handle parsing and authenticating all these different credential formats? Oh and they can change at any time, due to some rando political issue in the given state.
OP, you clearly know all this, so I’m just reminding you as someone down in the identity trenches.
1.Backup and recovery with this solution is no different from backup and recovery of your phone. It is a potential issue but not unique. Cryptographic certificates and associated keys reside on your device.
2.The data format issue is (or was) indeed a concern though it was never insurmountable. A data dictionary would have been the most straight forward approach to address it: https://cipheredtrust.com/doc/#data-processing
I say data format discernment was a concern because as faith would have it, we now have the perfect tech to address that, LLMs. You can shove any data format into an LLM and it will spit out a transformation into what you are looking for without the need to know the source format.
Browsers are integrating LLM features as APIs so this type of use would be feasible both for front and back end tasks.
In Solvent, the main utility is allowing forked-off use of the same session without context pollution.
For instance a coding assistant session can be used to generate a checklist as a fork and then followed by the core task of writing code. This allows the human user to see the related flows (checklist gen,requirements gen,coding...etc) in chronological order without context pollution.
Yes it has proven quite a useful feature. Primarily for the reason stated above, allowing users to get a full log of what's going on in the same session that the core task is taking place.
We also use it extensively to facilitate back-and-forth conversation with the agents, for instance a lot of our human-in-loop capabilities rely on the forking functionality...the scope of its utility has been frankly surprising :)
https://github.com/CipherTrustee/certisfy-js
It's an SDK for Certisfy (https://certisfy.com)...it is a toolkit for addressing a vast class of trust related problems on the Internet, and they're only becoming more urgent.
Feel free to open discussions here: https://github.com/orgs/Cipheredtrust-Inc/discussions