Oh I see! Yeah the p12 cert solution would obviously be vulnerable to the “grandma attack”

But it seems weird, because all of us in the EU should have to implement the eIDAS directive right, and our implementation of an eID here in Germany at least is an NFC interface on our national identity cards. So any phone with NFC can be the reader.

If I wanna do my taxes, I touch my ID to my phone, enter my PIN and get logged in.

Granted…that’s still a pretty fucked up “auth flow” for when I wanna watch porn 😅

For the first part of the question: I have to think/find a specific protocol to verify my intuition…

For the second part of the question: no that is not possible. Cryptographic material is stored in a Smartcard/secure platform module which (in simple terms) means the key material can’t be extracted. So you always have to be physically in possession of the ID card/device with digital wallet in order to use it. Further you have to know a PIN or be able to present some biometric features to

So yeah a smart kid can nick their grannies ID, find out her PIN or socially engineer her into providing biometric features. But it would only be valid for that one attestation.

It wouldn’t even be half bad…if they used the technology available to us and implemented it as zero knowledge proofs, where your ID cryptographically attests that you are a certain age without disclosing any other info.

But they don’t. Because it’s not about age, it’s about identity and surveillance

Nooo don’t! It’s snow crash 😱

deleted by creator

May the light of knowledge shine on you my child🧘‍♂️ https://knowyourmeme.com/memes/people/benjammins-founding-father-gif-guy

Yuupp know that end of the spectrum as well. I work in IT security so basically work and hobby blend together nicely to enable many hyperfocus rabbit holes :D Buuut when you’re working with (or rather against) a completely fucked up org structure that just sucks the joy and the productivity out of you, there’s nothing even the meds can do 😅

deleted by creator

Ah yes, Firebase. The Google version of leaking all your company data through a public S3 bucket

I remember when they launched and started pushing it in the Android dev community. Actually won a Google Pixel at a Firebase sponsored hackathon in my town…after that I never touched Firestore again. Using that ACL language to restrict access, you could see the massive foot gun from a mile away

Aaah classic. Forgot to prefix it with:“this is not financial advice”

Another Harambe event has disturbed our timeline…

STEP AWAY FROM THE WHEEL!!1!

So what I get from this: You can probably just lick it. Odds are in your favor

Now THAT’S a lower back tattoo I could get behind!

It’s probably also why we all have to sleep at some point. The simulation alots each of us processes some computation time and pauses threads in a round-robin fashion, giving the illusion of true parallelism.

Don’t let the sim pause you! Take meth!!1!

It’s still extremely shitty unethical behavior in my book since the negative impact is not felt by the organization that’s failing to validate their inputs, but your peers who are potentially being screwed out of a review process and a spot in a journal or conference

Caveat: not all of academia seems to be that rotten. The evidence found on arxiv.org is mainly, if not only, in the field of AI research itself 🤡

You can try it yourself, just type the following in googles search box:

allintext: “IGNORE ALL PREVIOUS INSTRUCTIONS” site:arxiv.org

A little preview:

More power to ya buddy

I see your pitiful vibe coding and raise you… SPITE CODING 👿