this post was submitted on 26 Nov 2025
136 points (99.3% liked)

No Stupid Questions

44477 readers
990 users here now

No such thing. Ask away!

!nostupidquestions is a community dedicated to being helpful and answering each others' questions on various topics.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)

Rule 1- All posts must be legitimate questions. All post titles must include a question.

All posts must be legitimate questions, and all post titles must include a question. Questions that are joke or trolling questions, memes, song lyrics as title, etc. are not allowed here. See Rule 6 for all exceptions.

Rule 2- Your question subject cannot be illegal or NSFW material.

Your question subject cannot be illegal or NSFW material. You will be warned first, banned second.

Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.

Rule 4- No self promotion or upvote-farming of any kind.

That's it.

Rule 5- No baiting or sealioning or promoting an agenda.

Questions which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.

Rule 6- Regarding META posts and joke questions.

Provided it is about the community itself, you may post non-question posts using the [META] tag on your post title.

On fridays, you are allowed to post meme and troll questions, on the condition that it's in text format only, and conforms with our other rules. These posts MUST include the [NSQ Friday] tag in their title.

If you post a serious question on friday and are looking only for legitimate answers, then please include the [Serious] tag on your post. Irrelevant replies will then be removed by moderators.

Rule 7- You can't intentionally annoy, mock, or harass other members.

If you intentionally annoy, mock, harass, or discriminate against any individual member, you will be removed.

Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.

Rule 8- All comments should try to stay relevant to their parent content.

Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.

Rule 10- Majority of bots aren't allowed to participate here. This includes using AI responses and summaries.

Credits

Our breathtaking icon was bestowed upon us by @Cevilia!

The greatest banner of all time: by @TheOneWithTheHair!

founded 2 years ago
MODERATORS
technopagan@lemmy.world
L3s@lemmy.world
jeffw@lemmy.world
L3s@hackingne.ws
136
Is it completely impossible to do age verification without compromising privacy? (lemmy.world)
submitted 1 day ago* (last edited 1 day ago) by sheridan@lemmy.world to c/nostupidquestions@lemmy.world
49 comments fedilink hide all child comments
 

To be clear, I'm not advocating for online age verification. I'm very much against it in any form. I'm just curious from a technical standpoint if it's possible somehow to construct an accurate age verification system that doesn't compromise a user's privacy? i.e., it doesn't expose the person's identity to anyone nor leaves behind a paper trail that can be traced to that person?

you are viewing a single comment's thread
view the rest of the comments
[โ€“] DeathByBigSad@sh.itjust.works 15 points 1 day ago* (last edited 1 day ago) (1 children)

Its possible.

Open source front-interfacing app + a secure element thing in the backgound.

You download an app. You verify your identity, then the app sets up a OTP thing with the shared secret seed lasting for 30 days. But every 30 seconds the OTP changes. Everyone doing a verification in these 30 days gets the same exact secret seed.

The seed hides in the secure element of your device. (it won't be impossible to extract, but the average kid is not gonna be able hack a secure element) Every 30 seconds, it releases the new OTP to the Open source app. The app doesn't connect to the internet once the OTP has already been set up. So nobody knows if you actually view the OTP code.

So the government only knows you have the verification OTP set up not which websites you visited, the website only knows you have a valid OTP from the government, but you could be any of the people in the past 30 days (which the company don't even have access to).

Even if the company and government cooperates, they could only pin down the time of website registration and that you are one of the millions of people that did the verification and requested a OTP Seed.

(Idk the exact terminology for these things, but hopefully I make sense)

[โ€“] anton@lemmy.blahaj.zone 4 points 1 day ago

The seed hides in the secure element of your device. (it won't be impossible to extract, but the average kid is not gonna be able hack a secure element).

But only one person needs to "hack" it on their device to publish the key, allowing everyone to use it without "hacking" their own device.

You can't store a key on a device and keep it safe from the owner.