And of course "just avoid these services" is going to be difficult or near impossible. Convincing your friends, families, acquaintances to ditch zoom is hard enough. But what do you do when you get a zoom link for a job interview? Tell them you object to using zoom and basically cost yourself the job? Or do you only use it when you really have to? In which case, how many interactions do they need from you to collect all the data they need?
It seems like no one else is bothered by the fact that more and more we are being forced to interact with third party companies - companies with which the consumer has no direct relationship - as a precondition for doing things in daily life.
To eat at a restaurant you give a phone number and suddenly have an account with Resy. Renting an apartment means signing up for a service to access the move-in documents and then another to unlock the door.
These services rarely benefit the consumer. I’m not sure why it bothers me so much. Maybe it’s the erosion of agency. Maybe it’s the over-complicating of what should be a simple activity. But it’s becoming more frequent.
It's up there with being forced to install random extensions to view any website. You trust the endpoint, not arbitrary middlemen they decide to bring into the transaction.
You don't need to look far to find a reason to abhor this. If you have a need to verify your identity on Twitter, you're handing your personal information to an Israeli firm (AU10TIX) beyond all accountability and reach of western justice systems.
It's already happening with AI interview tools.
Some of them have god-awful privacy policies that, depending on the interpretation, allow them to retain and use your likeness and voice for training their models or even marketing purposes.
The move is to review those polices, and decline.
It's actively hostile.
It should be treated as such.
The pain of declining on the privacy or personal rights grounds is intentional on their part. They do not respond to inquiries. And in my experience, companies that just use those tools decline to answer inquiries about it.
I agree. The privacy problems that come with governmental IDs are inescapable (we have to have those IDs regardless), so we should just use them rather than bringing a new threat vector into the mix.
And, honestly, our industry has provided, and continues to provide, ample evidence for why companies can't be trusted with any personal data at all, and particularly identity data.
If you read the comments on Gizmodo, there's some saying that the user base for these apps will drop off. However, the article states:
"World has already been working with Tinder and ran a pilot of the verification process in Japan. It was apparently enough of a success that Tinder will roll out the authentication method globally."
Kind of depressing. As much as I'd like to think something like this would die, let's be honest: it won't.
> Kind of depressing. As much as I'd like to think something like this would die, let's be honest: it won't.
Yeah, it will be an uphill battle. How many of us have the wherewithal to resist a demand like this? Refuse and interview because they demand you submit to Altman's biometric scan, when you're unemployed and it's the only one you've gotten this month? A lot of people will take the path of least resistance, and there could be a lot or resistance to avoiding this on a lot of paths.
Probably the only way to get this to die is regulation or fearmongering. And the fearmongering would be tricky: portray is as the "mark of the beast" you might get a lot of conservative Christians to reject it, but then progressives might embrace it because rejection has an "icky" association with a group they reject (sort of like how antiglobalization used to be a liberal position, but now liberals reject tariffs like they're libertarians, because tariffs have the stench of Trump).
Curious if there are more privacy friendly methods to prove you are who you say you are. It's a real problem and hurts trust, not to mention enables billions in fraud.
This is appalling and I agree the technology is creepy. However, human verification is already a big problem that seems like it will only grow from here.
It does seem to me that this should be solvable at the device level by having a biometric scan produce a signed key on your device that can be used to issue a token of authenticity, similar to the way payment systems or certificate authorities work.
Then again, this only intensifies a different, growing problem where access to a smartphone or computer becomes a basic requirement for participation in society. No easy answers.
And not only that, it intensifies the problem where access to a smartphone or computer which can perform remote attestation becomes a basic requirement for participation in society. Slowly but surely, free and open source hardware and operating systems are going to become irrelevant as the daily drivers of people's lives because they are not produced or verified by the certificate authorities. Everyone is going to access digital society through the cloud terminals rented from Google and Apple.
Maybe you could have humans verify other accounts who want anonymity? Like I'd be willing to say jtr1 seems human and also don't mind verifying with a passport scan as I'm not personally that bothered by the anonymity thing. You could perhaps cap the number of vouches per scan to stop me vouching for 10^10 bots or some such.
Local post office posts a one time key every day on the door. You enter this key as proof you were a human who got this information from the meatspace.
I know it's an unrealistic pipe dream, but it feels like a privacy-friendly user identity/attestation mechanism is the kind of digital infrastructure that should be provided by the government.
We already trust the government to give proof of identity (through ID cards) and there is already a vast infrastructure network dedicated to that.
But who am I kidding, politicians would never let this happen (at least, not in a privacy preserving way). One can dream though.
Yes please, but do it in a way where the government doesn't know what services am I using and the service doesn't know who I am beyond being a unique non-registered human.
I'm not sure this is possible in EU and US. And I'm sure it is not possible worldwide.
The EU already has the scaffolding for this via eIDAS - the standard for secure IDs with biometrics and NFC.
Some governments already have government SSO services, and some (sometimes the same, e.g. France) already have or are working on apps that locally, on device, scan your ID, take a selfie, compare the two, and confirm you are who you say you are.
With regards to Tinder, I fail to see how this solves the "prove you're a human" problem, when those credentials will then inevitably leak, be stolen or resold.
Unless you're doing constant live verification which takes the privacy problem up several more notches, how do you know the user is still the ID'd person?
As always when this pops up, I'm asking what options are there to prove that a user is human that are more privacy friendly (and as the author puts it, less creepy).
Because the problem World claims to try to solve is real.
Imagine A system where there's a vending machine outside City Hall, you spend $X on a charity for choice, and you get a one-time, anonymous token. You can "spend" it with a forum to indicate "this is probably a person or close enough to it."
Misuse of the system could be curbed by making it so that the status of a token cannot be tested non-destructively.
I like the idea, but I'm not sure it solves the problem enough. I'm not convinced that there is an $X where the service is not too cost prohibitive for humans and at the same time cost prohibitive enough to discourage bots.
In the specific case of Tinder you might as well just make Tinder paid and skip all of this.
There's a rather rich spectrum of solutions, and too-often often the debate becomes a binary of comprehensively-identified versus uncontrolled-anonymity". By clarifying our requirements, we can get better mixes of cheapness and privacy.
For the average web-forum, you don't really need to know that an account is a human, let alone a unique human. It's enough to know that whatever is on the other end (A) likely cares about what happens to the account if it doesn't follow rules and (B) probably isn't running a hundred sockpuppets, or is at least taking a risk doing so.
I think a key part of the idea is that it's a vending machine you'd have to physically interact with and not an online service. That would filter out bots pretty effectively.
I’m glad you asked. I’m working in a competing product named Globe that will offer twice the service at half the cost with a greater emphasis on security and privacy than Sam Altman ever could.
All you need to do is send me your biometrics, and if you don’t feel like doing that willingly I’ll use the billions of dollars of capital that my friends and I have to coerce you into doing so because I’ll leave you with no other choice.
The problem we at Globe are trying to solve is real and necessary to solve.
People who oppose it are obviously the problem, not me and the existence of a problem is sufficient reason for me to coerce people into accepting my solution without government oversight because my friends have been diligently working hard to reduce the ability of governments around the world to do so.
Worldcoin was really a headscratcher. I will admit I did not fully follow how this would create universal basic income. The biometric verification seemed equivalent to trying to prevent unemployment fraud before unemployment pay exists.
That sort of chicken/egg situation is typical for bootstrapping a currency. Coinage in ancient Rome was a solution to a military logistics problem: How to feed distant soldiers... make the locals do it. How to do that? Intimidate them with your well-fed military. The innovation was to require that collected taxes weren't just valuable metal, but that they had Caesar's face on them. This proved that the payer had been supporting the soldiers that so recently attacked their community.
An effective solution to the how-to-distribute-UBI problem could itself be the thing that backs the new currency in a similar circular fashion. I mean, it's not like the bar is very high. Currently our money is backed by games of chicken over whether the Strait of Hormuz is open.
But biometrics are just the wrong way. They require too much trust to be placed in a sensor, and an authoritative source of truth about the data. Any time such a source of truth exceeds a certain importance threshold, it becomes corrupt.
I believe the solution is out there, but it's in a different part of the landscape dictated by the CAP theorem: CRDTs not blockchains.
I've used whereby in the past on a free account, I've found it easy enough for anyone to use. I stopped using them because they now limit free accounts to 30 minute meetings.
> According to a press release, users will be required to undergo World’s verification method, which requires having their eyeballs scanned at a physical location with a proprietary device to prove they are human.
See, it feels like there's an extraneous step here. Seems like by arriving at this physical location, I've proven I'm human already, and you can just note down the name on my ID and mark me as verified.
Without the scammy crypto angle ("Worldcoin") it's less ghoulish than before. And a company collecting biometric data to run an identity service isn't necessarily evil. But this one is not to be trusted, because the individual behind it is not to be trusted. The moment it suits his world-bending needs to sell my eyeballs to the fascists, he will do so.
The era of social networks and online dating up until sometime 2020 was something no one before us had experienced and no one after us will. Lasted not even a decade. Take a moment and think about it.
And of course "just avoid these services" is going to be difficult or near impossible. Convincing your friends, families, acquaintances to ditch zoom is hard enough. But what do you do when you get a zoom link for a job interview? Tell them you object to using zoom and basically cost yourself the job? Or do you only use it when you really have to? In which case, how many interactions do they need from you to collect all the data they need?
It seems like no one else is bothered by the fact that more and more we are being forced to interact with third party companies - companies with which the consumer has no direct relationship - as a precondition for doing things in daily life.
To eat at a restaurant you give a phone number and suddenly have an account with Resy. Renting an apartment means signing up for a service to access the move-in documents and then another to unlock the door.
These services rarely benefit the consumer. I’m not sure why it bothers me so much. Maybe it’s the erosion of agency. Maybe it’s the over-complicating of what should be a simple activity. But it’s becoming more frequent.
It's up there with being forced to install random extensions to view any website. You trust the endpoint, not arbitrary middlemen they decide to bring into the transaction.
You don't need to look far to find a reason to abhor this. If you have a need to verify your identity on Twitter, you're handing your personal information to an Israeli firm (AU10TIX) beyond all accountability and reach of western justice systems.
It's already happening with AI interview tools. Some of them have god-awful privacy policies that, depending on the interpretation, allow them to retain and use your likeness and voice for training their models or even marketing purposes.
The move is to review those polices, and decline.
It's actively hostile.
It should be treated as such.
The pain of declining on the privacy or personal rights grounds is intentional on their part. They do not respond to inquiries. And in my experience, companies that just use those tools decline to answer inquiries about it.
Would make way more sense to just use verification claims backed by government issued IDs, rather than relying on a third party like World(coin).
For instance, something like https://self.xyz. It's strictly better than the alternatives:
- already works with existing government-issued ids
- doesn't require submitting scans of your ID to third parties that can then be stored and leak
- allows privacy-preserving verification like "is this person older than 18" without requiring sharing of the person's exact age
I agree. The privacy problems that come with governmental IDs are inescapable (we have to have those IDs regardless), so we should just use them rather than bringing a new threat vector into the mix.
And, honestly, our industry has provided, and continues to provide, ample evidence for why companies can't be trusted with any personal data at all, and particularly identity data.
Would make way more sense to just use verification claims backed by government issued IDs, rather than relying on a third party like World(coin).
And then the government outsources it when the latest wave of privatization hype comes through.
If you read the comments on Gizmodo, there's some saying that the user base for these apps will drop off. However, the article states:
"World has already been working with Tinder and ran a pilot of the verification process in Japan. It was apparently enough of a success that Tinder will roll out the authentication method globally."
Kind of depressing. As much as I'd like to think something like this would die, let's be honest: it won't.
> Kind of depressing. As much as I'd like to think something like this would die, let's be honest: it won't.
Yeah, it will be an uphill battle. How many of us have the wherewithal to resist a demand like this? Refuse and interview because they demand you submit to Altman's biometric scan, when you're unemployed and it's the only one you've gotten this month? A lot of people will take the path of least resistance, and there could be a lot or resistance to avoiding this on a lot of paths.
Probably the only way to get this to die is regulation or fearmongering. And the fearmongering would be tricky: portray is as the "mark of the beast" you might get a lot of conservative Christians to reject it, but then progressives might embrace it because rejection has an "icky" association with a group they reject (sort of like how antiglobalization used to be a liberal position, but now liberals reject tariffs like they're libertarians, because tariffs have the stench of Trump).
Curious if there are more privacy friendly methods to prove you are who you say you are. It's a real problem and hurts trust, not to mention enables billions in fraud.
This is appalling and I agree the technology is creepy. However, human verification is already a big problem that seems like it will only grow from here.
It does seem to me that this should be solvable at the device level by having a biometric scan produce a signed key on your device that can be used to issue a token of authenticity, similar to the way payment systems or certificate authorities work.
Then again, this only intensifies a different, growing problem where access to a smartphone or computer becomes a basic requirement for participation in society. No easy answers.
And not only that, it intensifies the problem where access to a smartphone or computer which can perform remote attestation becomes a basic requirement for participation in society. Slowly but surely, free and open source hardware and operating systems are going to become irrelevant as the daily drivers of people's lives because they are not produced or verified by the certificate authorities. Everyone is going to access digital society through the cloud terminals rented from Google and Apple.
Maybe you could have humans verify other accounts who want anonymity? Like I'd be willing to say jtr1 seems human and also don't mind verifying with a passport scan as I'm not personally that bothered by the anonymity thing. You could perhaps cap the number of vouches per scan to stop me vouching for 10^10 bots or some such.
> where access to a smartphone or computer becomes a basic requirement for participation in society
Seems like a smaller evil than a lot of the other stuff being floated TBH
Local post office posts a one time key every day on the door. You enter this key as proof you were a human who got this information from the meatspace.
I pay a guy $20 a day to walk to the local post office and text me a picture of the key, which I then use to spin up my thousand new bots for the day.
Each user has to have a unique key.
Or the keys are short lived, generated by an app reading your real physical ID.
I know it's an unrealistic pipe dream, but it feels like a privacy-friendly user identity/attestation mechanism is the kind of digital infrastructure that should be provided by the government.
We already trust the government to give proof of identity (through ID cards) and there is already a vast infrastructure network dedicated to that.
But who am I kidding, politicians would never let this happen (at least, not in a privacy preserving way). One can dream though.
Yes please, but do it in a way where the government doesn't know what services am I using and the service doesn't know who I am beyond being a unique non-registered human.
I'm not sure this is possible in EU and US. And I'm sure it is not possible worldwide.
Some countries have digital ID. Estonia comes to mind. Not sure how widely used it is though
Estonia has strong E-government services, not digital ID.
Not so fast, Im working on something like this with a g_vt.
The EU already has the scaffolding for this via eIDAS - the standard for secure IDs with biometrics and NFC.
Some governments already have government SSO services, and some (sometimes the same, e.g. France) already have or are working on apps that locally, on device, scan your ID, take a selfie, compare the two, and confirm you are who you say you are.
With regards to Tinder, I fail to see how this solves the "prove you're a human" problem, when those credentials will then inevitably leak, be stolen or resold.
Unless you're doing constant live verification which takes the privacy problem up several more notches, how do you know the user is still the ID'd person?
That's when they encourage you to adopt their new implantable identification. Always on, always connected, always verified.
This and the coordinated push for online ID in the US seem too coincidental.
As always when this pops up, I'm asking what options are there to prove that a user is human that are more privacy friendly (and as the author puts it, less creepy).
Because the problem World claims to try to solve is real.
Recycling a comment _____
Imagine A system where there's a vending machine outside City Hall, you spend $X on a charity for choice, and you get a one-time, anonymous token. You can "spend" it with a forum to indicate "this is probably a person or close enough to it."
Misuse of the system could be curbed by making it so that the status of a token cannot be tested non-destructively.
I like the idea, but I'm not sure it solves the problem enough. I'm not convinced that there is an $X where the service is not too cost prohibitive for humans and at the same time cost prohibitive enough to discourage bots.
In the specific case of Tinder you might as well just make Tinder paid and skip all of this.
There's a rather rich spectrum of solutions, and too-often often the debate becomes a binary of comprehensively-identified versus uncontrolled-anonymity". By clarifying our requirements, we can get better mixes of cheapness and privacy.
For the average web-forum, you don't really need to know that an account is a human, let alone a unique human. It's enough to know that whatever is on the other end (A) likely cares about what happens to the account if it doesn't follow rules and (B) probably isn't running a hundred sockpuppets, or is at least taking a risk doing so.
I think a key part of the idea is that it's a vending machine you'd have to physically interact with and not an online service. That would filter out bots pretty effectively.
I’m glad you asked. I’m working in a competing product named Globe that will offer twice the service at half the cost with a greater emphasis on security and privacy than Sam Altman ever could.
All you need to do is send me your biometrics, and if you don’t feel like doing that willingly I’ll use the billions of dollars of capital that my friends and I have to coerce you into doing so because I’ll leave you with no other choice.
The problem we at Globe are trying to solve is real and necessary to solve.
People who oppose it are obviously the problem, not me and the existence of a problem is sufficient reason for me to coerce people into accepting my solution without government oversight because my friends have been diligently working hard to reduce the ability of governments around the world to do so.
driver license number, notaries can offer the service
How does the notary confirm to Tinder that you are a real user? There needs to be some glue. I don't think anything like that exists.
And can't you just visit 100 notaries and create 100 accounts?
notary verifies but does not disclose your ID. they are licensed and have regulations and enforcement. glue can be created.
God I’m so glad I don’t have social media or dating apps… they are becoming a creepy surveillance companies
If your city council meetings are running on Zoom (which many are since the pandemic) you should email them your concerns immediately about this...
Any alternative seems better at this point... For most tech savvy https://news.ycombinator.com/item?id=46875837 is probably the best alternative
The wording is that you get a "verified human" badge. The wording does not indicate you'll be denied access without that badge.
There may be other clauses that aren't described, so I may be missing a real restriction.
Of all the dumb cryptocurrencies, worldcoin is the dumbest. Like, at least the ones that intend to be a joke know they're a joke.
> Hey decentralization nerds! I have an idea for a cryptocurrency which creates a centralized repository of biometric data for all of humanity.
- Sam Altman, probably.
Worldcoin was really a headscratcher. I will admit I did not fully follow how this would create universal basic income. The biometric verification seemed equivalent to trying to prevent unemployment fraud before unemployment pay exists.
That sort of chicken/egg situation is typical for bootstrapping a currency. Coinage in ancient Rome was a solution to a military logistics problem: How to feed distant soldiers... make the locals do it. How to do that? Intimidate them with your well-fed military. The innovation was to require that collected taxes weren't just valuable metal, but that they had Caesar's face on them. This proved that the payer had been supporting the soldiers that so recently attacked their community.
An effective solution to the how-to-distribute-UBI problem could itself be the thing that backs the new currency in a similar circular fashion. I mean, it's not like the bar is very high. Currently our money is backed by games of chicken over whether the Strait of Hormuz is open.
But biometrics are just the wrong way. They require too much trust to be placed in a sensor, and an authoritative source of truth about the data. Any time such a source of truth exceeds a certain importance threshold, it becomes corrupt.
I believe the solution is out there, but it's in a different part of the landscape dictated by the CAP theorem: CRDTs not blockchains.
"I have over 4,000 emails, pictures, addresses, SNS. People just submitted it. I don't know why. They 'trust me'. Dumb fucks"
- M. Zuckerberg, ~2000.
Also: Blade Runner, anyone?
Why are you not helping the turtle?
I have been looking for an excuse to cancel Zoom, and now I have one.
Looks like jitsi, whereby, and signal are all viable alternatives – anyone have something better, or feedback on the above?
I've used whereby in the past on a free account, I've found it easy enough for anyone to use. I stopped using them because they now limit free accounts to 30 minute meetings.
> According to a press release, users will be required to undergo World’s verification method, which requires having their eyeballs scanned at a physical location with a proprietary device to prove they are human.
See, it feels like there's an extraneous step here. Seems like by arriving at this physical location, I've proven I'm human already, and you can just note down the name on my ID and mark me as verified.
I'm so deeply exhausted of the current oligarchy continually finding new ways to invent the torment nexus [1].
1. https://web.archive.org/web/20220305174531/https://twitter.c...
Without the scammy crypto angle ("Worldcoin") it's less ghoulish than before. And a company collecting biometric data to run an identity service isn't necessarily evil. But this one is not to be trusted, because the individual behind it is not to be trusted. The moment it suits his world-bending needs to sell my eyeballs to the fascists, he will do so.
It’s also without the at least superficially well meaning goal of universal basic income. I guess it makes sense this was where it was headed.
Why the article needs an adjective to describe the tech?
The era of social networks and online dating up until sometime 2020 was something no one before us had experienced and no one after us will. Lasted not even a decade. Take a moment and think about it.
Shit in the pool then sell nets
This is apalling. I'd have to go back to meeting people in person. This is invasive and repulsive.
[dead]