If I had that kind of money I'd have stepped down long ago to live on a private South Pacific island with rum, hot tubs, and supermodels.

You really can't. Not with conventional weapons. Not even with nukes, really, though with nukes you could kill pretty much everyone in the population centers. Is that what you're proposing?

Those are minimums, not maximums. Devices should request new certs when they get low. Also, the three-month period is driven by expiration times. It sounds like the EU has decided they want to enforce a maximum expiration time of three months, though I think most countries I've talked to were planning monthly expirations.

And, BTW, this structure is inherited from the ISO 18013-5 security design, which I created (others contributed refinements, and the data minimization scheme was inherited from other systems, but the core design was mine). So... I know a little something about it :-)

If the issuer will collude with the verifier, they can easily and fully unmask the user's identity, because the issuer knows all of the public keys they issued, and to whom. This is a known issue, something we considered for 18013-5 and decided had to be accepted for now. There is cryptography that can solve this problem, but at least back in ~2020 when the design was finalized (a) a lot of it was still too novel and (b) wasn't supported in common hardware. I don't think either of those things have changed, and there's a further complication that there aren't any PQC algorithms with the necessary capabilities, though the existing design can be trivially updated with PQC key agreement and signature algorithms.

It's really not, because they also have the same value as thousands of others that were issued with the same timestamp. Granted that if the request (as identified by IP) is from a region with low population it will sometimes, maybe, be possible to weakly conclude that two proofs by users with same timestamp might be the same person. But this would be a very weak signal and it still doesn't tell you anything about who that person is. The IP address is a far stronger signal.

At least for 18013-5 there is a detailed threat model, but it's not in the standard because we were told that standards are supposed to say "what", not get bogged down in "why". I'm not sure if the model is published anywhere.

Or not. You can still have a stateful firewall with IPv6, and it will provide exactly as much security as a NAT device. There's no reason to require that all of your devices be able to exist on the public Internet, which is actually a pretty tall order -- especially for IoT devices that tend not go get updated as much as they should.

Doesn't work that way. There are limits to what can be achieved with air power, and we've reached them, and they're not enough to deter Iran. Said a different way: Iran has won Trump's war... unless and until he's willing to put lots of boots on the ground. And doing that would mean thousands of American soldiers will die.

Everyone with a clue knew this was the outcome of an attack on Iran. That's why previous presidents didn't do it, and why Obama negotiated the "terrible" JCPOA (which, actually, was quite good considering Iran's position). But the dumbass we have in the White House now was too stupid to listen to the advisors who told him that. Much like Putin thought with Ukraine, Trump thought it'd last a few days and he'd win.

At this point, Donnie has two choices: Invade Iran with a few hundred thousand troops, or cave and give Iran the concessions they're asking for. Well, three, I guess. He could continue blockading Iran until the world gets desperate and joins the war -- on Iran's side. Because Iran's not going to blink. They have no reason to.

I sure don't believe the "completely anonymous" part.

I expect a lot of comments on this article to be varieties of "this is terrible"... but it's really not, and I happen to have significant knowledge here. There is a big caveat, though, which I'll explain below.

First, the basic thing that makes strong, reliable age verification possible in the EU is national ID cards. In every EU country, as far as I know, you can get a national ID card basically from birth. A few issue at birth by default, but even those that don't allow parents to apply for cards for their kids at basically any age, and it's not uncommon.

I get the widespread American resistance to a national ID card, but I really think it's misplaced. There are risks, yes, but on balance the benefits are far larger.

Second, when the EU says you can verify your age without revealing your identity, they seriously mean it. I worked on the ISO 18013-5 mobile driving license standard, and its protocol is the basis for the age verification scheme (18013-5 also supports privacy-preserving age verification). The protocol enables cryptographically-secure privacy-preserving age verification, providing, essentially, a single cryptographically-verifiable bit answering the question "Is this person over age X", for specific legally-important ages. A great deal of effort goes into ensuring that the keys used to sign the bit cannot be linked to the identity of the person. One important element of that is the signing keys are single-use, so if your prove your age to two different web sites, they can't compare notes and notice that your proof of age used the same signing key, thereby proving that whoever you are, you visited both.

Note that under the 18013-5 design, if the verifier (e.g. the web site receiving proof of age) could collaborate with the issuer (the government), they could deanonoymize the holder (the person proving their age). Work is ongoing to devise protocols using group signatures or other cryptographic constructs that make verifier/issuer collusion fruitless. It's been a couple of years since I worked in this space, so I don't know if those new approaches have gone into production, but if they haven't, they will.

The big caveat I mentioned at the top is that there is no way for these systems to verify that the person who is providing age verification is the legitimate holder of the national ID upon which it's based. That is, a kid can steal their dad's ID and use it. Because the age verification is truly, strongly anonymous, there is no way for anyone to detect or prevent this... yet.

The "yet" is because people are working on incorporating privacy-preserving biometric authentication into the scheme. This is a little tricky because to provide privacy it's critical that the biometric acquisition and matching happen entirely in the user's device (or in the chip in the national ID card). But it can be done. Making it sufficiently secure, sufficiently reliable and sufficiently cheap is a significant engineering challenge, but it's being worked on. In another decade or so, the caveat may be removed.

If all of this seems silly to you... well, the age verification for porn may be, but the privacy-preserving selective proof technologies are general-purpose, and able to answer any age verification question any many other useful questions in a strongly privacy-preserving way. In any case where you need to prove something about yourself (age, city of residence, driving privileges, etc.) right now you need to provide the complete contents of your ID, which reveals far more about you than is necessary. The combination of cryptography, secure hardware and clever protocols used in this age verification can fix that, generally, enabling us to identify, authenticate or prove things about ourselves with only the minimal information absolutely necessary. It's a good thing.

And, honestly, it's a good idea to keep very young children away from porn.

Absolutely not. The charge/discharge round trip losses will be a few percent, maybe 10% if the batteries are in bad shape. The price difference between peak and off-peak is often 5-10X. Commercial users also get hit with demand surcharges based on the peak draw during the month and those can really make a huge difference. Using batteries to smooth out those peaks can be a bigger savings even than avoiding draw during peak times.

Even for residential use, the savings can be significant. I have batteries and I'm on a time-of-use plan that charges me 5X as much during peak hours (6-10PM) as the rest of the day. I make sure the system is set up so that I never draw any power during peak.

The thing is, I like slave labor, when the slaves are machines. I want to work Bender 24 hours a day, and if he complains about it, I'll deny him his alcohol ration! Fuckin' clankers and skinjobs don't have any rights to infringe.

The catch to that, is that over here on my side of the ocean, I don't see and can't inspect Bender working way over in China, so I can't be sure the drudgery is experienced by the 6502 in Bender's head. How do I know he isn't just relaying commands to his servos and motors, which were sent by the teleworking Apu in India, doing the Waymo thing?

Incredibly unlikely. If the claimed violations are legitimate, and webXray reported them to the state plus the attempt to lean on them, Google would get slammed, hard, both legally and in the press. No way in hell Google would risk that.

I'm trying to remember when we gained sovereignty over Sweeden, but can't come up with a date.

Donald says he only has to think about it, and ownership becomes law, just like "declassification".

Dot-Com Bubble: "We'll move X to the Internet and do X on the web! Invest!"

AI Bubble: "We'll move X to a data warehouse and do X via AI! Invest!"

ShoeGPT

...AI

No one has experimentally demonstrated what happens if you try to eat an anti-pizza, but theory suggests that it is probably not good.

One would need to take an antiacid.

What? You're not going to advocate for it??? I thought you were invoking some kind of principle or something.

You're down with Russia killing far more Ukrainians, whom they claim are their own people?

You're down with what China's doing to the Uyghurs, whom they claim are their own people?

And while we're on the topic, how many Iranians should we be willing to kill to save them from their leaders? Nuclear extermination would surely do it... do you advocate that?

But maybe it won't take that much. Regime change in Afghanistan only cost 2000 American lives, 175,000 Afghan lives, and 2,000,000,000,000 dollars, but we sure got rid of those sorry... What? They're back in power?

Only the simplest minds think intervention automagically yields the intended result. In fact the current sorry situation in Iran is a direct result of us trying to "fix" things more to our liking in the middle of last century.