Age verification is an outgrowth of the christian nationalism, it is a core part of Republican identity politics.

It may be many things but it ain't that.

Slavery was once legal because there were not laws AGAINST it. Laws don't make things legal, they make them illegal.

What utter bullshit.

The state of slavery is of such a nature, that it is incapable of being introduced on any reasons, moral or political; but only positive law, -- Lord Chief Justice William Mansfield

And you know that general line of reasoning was why slavery had to be actually recognised in the constitution because if you have a nation of any laws at all you need to pass a law to not have them apply to some people.

Tencent?

They are on the steering committee.

no matter how "open source" they claim the process to be, and subject to American export laws.

What? A process isn't open source, code is. There are open source implementations of AV1 (or 2) and H.265 (and 6). Anything can be subject to American export laws, whether or not it makes sense, but America can't enforce that outside America (or even inside some of the time).

I think you're describing the models from a year ago. Most of the improvements in capability since then (and the improvements have been really large) are directly due to changes that have the AI model talk to itself to better reason out its response before providing it, and one of the results of that is that most of the time they absolutely can explain why they did what they did. There are exceptions, but they are the exception, not the rule.

It's interesting to compare this with humans. Humans generally can give you an explanation for why they did what they did, but research has demonstrated pretty conclusively that a large majority of the time those explanations are made up after the fact, they're actually post-hoc justifications for decisions that were made in some subconscious process. Researchers have demonstrated that people are just as good at coming up with explanations for decisions they didn't make as for decisions they did! The bottom line is that people can't really provide useful insights on why they did what they did, they're just really good at inventing post-hoc rationales.

If you're asserting that Greg Kroah-Hartman can't code worth a damn, you might want to find out who he is and think again.

And the law of large numbers. Statistically, there will but patch clusters, the same way there are clusters of every other random-ish event. The fact that one happens to occur right after Microsoft promises a commitment to predictable patch schedules means not just nothing the but opposite. Any commitment to doing better means that they recognize they haven't been doing well enough, and obviously it's not possible to do significantly better immediately; changing processes takes time, and observing the effects of those changes takes even longer.

So, no, this cluster of patches doesn't tell us anything in particular beyond what we already knew: That emergency patches are relatively common.

Yes, but... I think you're confusing some things. We're talking about AES, which is a symmetric encryption algorithm, not asymmetric.

Of course, no cryptographic construction has been "proven" secure, in the sense that mathematicians use the word "prove", not symmetric or asymmetric. Asymmetric schemes have an additional challenge, though, which is they have to have some sort of "trapdoor function" that mathematically relates a public key and a private key, and the public key has to be published to the attacker. Classical asymmetric cryptography is built by finding a hard math problem and building a scheme around it -- which means that a solution to the math problem breaks the algorithm.

Symmetric systems have it a bit easier, because the attacker doesn't get to see any part of the key or anything related to the key other than plaintext and corresponding ciphertext (though the standard bar is to assume the attacker has an oracle that allows them to get plaintext of arbitrary ciphertexts, i.e. the Adaptive Chosen Ciphertext attack, IND-CCA2). And the structure of symmetric ciphers isn't usually built around a specific math problem. Instead, they tend to just mangle the input in extremely complex ways. It's hard to model these mathematically, which makes attacking them with math hard.

In both cases, we are unable to prove that they're secure. When I started working on cryptography, the only basis for trust in algorithms was that they'd stood up to scrutiny for a long period of time. That was it. Over the last 20 years or so, we've gotten more rigorous, and "security proofs" are basically required for anyone to take your algorithm seriously today... but they aren't quite like "proofs" in the usual sense. They're more precisely called "reductions". They're mathematically-rigorous proofs that the security of the algorithm (or protocol) is reducible to a small set of assumptions -- but we have to assume those, because we can't prove them.

For most asymmetric schemes, the primary underlying assumption is that the mathematical problem at the heart of the scheme is "hard". Interestingly, there is one family of asymmetric signature schemes for which this is not true. SLH-DSA, one of the post-quantum algorithms recently standardized by NIST, provably reduces to one assumption: That the hash algorithm used is secure, meaning that it has both second pre-image resistance plus a more advanced form of second pre-image resistance. Collision resistance isn't even required! This is striking because we actually have quite a lot of confidence in our secure hash algorithms. Secure hash algorithms are among the easiest to create because all you need is a one-way function with some additional properties. And we've been studying hash functions very hard, for quite a long time, and understand them pretty well.

This means that one of our "new" post-quantum asymmetric algorithms is probably the very strongest we have, not only less likely to be broken than our other asymmetric algorithms, but less likely to be broken than our symmetric algorithms. If it were broken, it would be because someone broke SHA-256 (which, BTW, would break enormous swaths of modern cryptography; it's extremely hard to find a cryptographic security protocol that doesn't use SHA-256 somewhere), and unless that same research result somehow broke all secure hash functions, we could trivially repair SLH-DSA simply by swapping out the broken hash function for a secure one.

This is an entirely different model from the way we looked at cryptography early in my career. SLH-DSA doesn't have decades of use and attack research behind it. Oh, the basic concept of hash-based signatures dates back to the late 70s, but the crucial innovations that make SPHINCS and its descendants workable are barely a decade old! BUT we have a rigorous and carefully peer-reviewed security proof that demonstrates with absolute mathematical rigor that SLH-DSA is secure iff the hash function used in it is secure.

So... a relative newcomer is more trustworthy than the algorithms we've used for decades, precisely because we no longer rely on "hasn't been broken so far" as our only evidence of security.

As for AES, the subject of the discussion above, there is no security proof for AES. There's nothing to reduce it to. There are proofs that it is secure against specific attack techniques (linear cryptanalysis and differential cryptanalysis) that were able to defeat other block ciphers, but those proofs only prove security against those specific attacks, not other attacks that are not yet known. So for AES we really do rely on the fact that it has withstood 20+ years of focused cryptanalysis, and that no one has managed to find an attack that significantly weakens it. That could change at any time, with or without quantum computers.

SLH-DSA, however, is one that very well may be secure forever, against both classical and quantum attacks. The security proof doesn't even care about classical vs quantum, it just proves that any successful attack, no matter how it's performed, provides a way to break the underlying hash function. Therefore, if the hash function is secure, SLH-DSA is secure. It's an incredibly powerful proof, like many proofs by contradiction.

If speed limits were enforced, they would be abolished tomorrow. They only continue to exist because most people can break the speed limit for years without getting a ticket.

If drivers received a fine every time they broke the speed limit, politicians houses would be burning down the next day and the law would be abolished the day after.

You know why encryption is legal despite Bush and Clinton's best attempts to prevent it?

Because Gen-X kids risked a decade in jail for breaking Federal law to ensure the code got out there and everyone had it. It simply became impossible to regulate because anyone anywhere in the world could download the code and run it.

Today programmers won't even say 'no' when governments demand they ID all their users.

Because it's not about age. It's about eliminating anonymity online.

There were laws requiring that escaped slaves were returned to their owners. I presume you would have obeyed those laws, even though they were immoral.

> You live in a country with laws.

A country with laws, yes. A country with law, no.

It's ludicrous to tell people they should obey the law when none of Epstein's clients have been arrested and probably at least half of the business owners in the country would be in jail if the laws on employing illegal aliens were enforced.

If an escaped slave had turned up at your house in the 1800s asking for help, would you have followed the law and sent him back to his owner? From your post, I'm guessing you would have.

I know a few Christian Nationalists. None of them are pushing for "Age Versification" and most are against it because it's clearly just another step toward The Mark of the Beast where people won't be allowed on the Internet unless they bend the knee to Satan.

This push is coming from the communists and WEF-bozos who want to eliminate anonymity on the Internet. Literally everyone who's been following this for long knows that.

Which is why you see support for it from both "left-wing" and "right-wing" governments. They both have the same hands shoved up their behinds.

Why use a date field, which introduces all manner of privacy and anonymity issues? Instead, you could use flags: unverified, verified-minor, verified-adult. (and for further protection you could opt to leave minors at the unverified state). It might need some refinement since age restrictions vary with jurisdiction. But recording whether someone is at least over a certain age beats recording their exact date of birth.

We would have to re-arrange society to ease many of the stressors in life. I predict we'll be needing those drugs for a while.