Rendered at 12:52:06 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
jeroenhd 3 hours ago [-]
That's not the real age verification app (there is no "EU app", every member state releases their own), it's the proof of concept that was made to demonstrate the system.
This stuff is also why the EU doesn't want the app to run on rooted devices. I don't believe there's a way to pass Strong Integrity yet, as the app doesn't support the hackable Android 8 software attestation.
azalemeth 3 hours ago [-]
I just want this whole idea to kindly please bog off. We shouldn't be further creating the apparatus of the surveillance state.
ChocolateGod 2 hours ago [-]
> This stuff is also why the EU doesn't want the app to run on rooted devices.
I would argue the EU doesn't want to run it on rooted devices because malware could violate the security sandbox and intercept information. This is largely the same reason why Google Pay requires SafetyNet.
izacus 55 minutes ago [-]
So this "hack" is basically reading app storage on a rooted phone?
Wow.
raverbashing 3 hours ago [-]
"hacked"
And then this person says the pin shouldn't be encrypted (but I bet if this was otherwise they would be complaining as well)
I think scrutiny over the apps are fine, but treating every issue with the same brush is not
> this product will be the catalyst for an enormous breach at some point
Breach of what exactly is not clear since most information never leaves the phone
archerx 3 hours ago [-]
Maybe the biometric and photos of id and possibly selfies not being deleted properly?
raverbashing 3 hours ago [-]
Yes (later in the thread it seems to be the case, though xcancel makes threads even more confusing)
But more importantly, it's not being deleted from your phone. You know, your phone with all of your other photos
Yes it should be fixed, but this "all of nothing" approach to security is just counter-productive
spwa4 2 hours ago [-]
Shows yet again: apps are secure because people check them. And politicians will avoid it at all costs for the same reason: it exposes them to being blamed for mistakes.
fvv 2 hours ago [-]
There's one thing "the hackers" haven't considered, though! It's illegal to hack an app in the EU,
so the problem of bypassing age verification by hacking saved files doesn't arise at all!
/s
indigomm 14 minutes ago [-]
I assume it's also illegal as someone underage to access all the things protected by the age verification app. So we don't need the app then :-)
This stuff is also why the EU doesn't want the app to run on rooted devices. I don't believe there's a way to pass Strong Integrity yet, as the app doesn't support the hackable Android 8 software attestation.
I would argue the EU doesn't want to run it on rooted devices because malware could violate the security sandbox and intercept information. This is largely the same reason why Google Pay requires SafetyNet.
Wow.
And then this person says the pin shouldn't be encrypted (but I bet if this was otherwise they would be complaining as well)
I think scrutiny over the apps are fine, but treating every issue with the same brush is not
> this product will be the catalyst for an enormous breach at some point
Breach of what exactly is not clear since most information never leaves the phone
But more importantly, it's not being deleted from your phone. You know, your phone with all of your other photos
Yes it should be fixed, but this "all of nothing" approach to security is just counter-productive
so the problem of bypassing age verification by hacking saved files doesn't arise at all!
/s