Apologies if this isn’t the right place to ask this, but I thought actual developers with a deep understanding of how technology actually works would be the people to ask!
If you were tasked with setting up a safe and secure way to do this, how would you do it differently than what the UK government is proposing? How could it be done such that I wouldn’t have to worry about my privacy and the threat of government suppression? Is it even theoretically possible to accomplish such a task at such a scale?
Cheers!
EDIT: Just to be clear: I’m not in favour of age verification laws. But they’re on their way regardless. My question is purely about the implementation and technology of the thing, rather than the ethics or efficacy of it. Can this seemingly-inevitable privacy hellscape be done in a non-hellscapish way?
Correct me if I am wrong the base problem, but we’re not trying to lock down the OS. We’re trying to limit the adult internet to children right?
So the AuthZ event can occur at the remote web server (or server serving the API). Yes, those would have to change. The AuthN event would supported by the web browser (or other software) making the call to the remote server. So yes, those would have to support the check of the CPU flag.
Legal protections, not technical ones. This is the same method we use to prevent someone from setting up a distillery in their kitchen and making their own whiskey. There’s nothing technologically limiting people from doing this, only laws. Also, the only people breaking the law to circumvent the child protections would be children, or adults purposefully trying to assist children in bypassing this check. The children committing the crime would be handled in the existing juvenile justice system the same way an under-aged child that is caught with alcohol. An adult assisting children with circumvention would be prosecuted the same way as an adult that buys booze for under-aged children.
In this system, no adults would have to age verify. No adult identity would be sent anywhere. All devices are “adult” by default.
No. I’m asking how you’d make the child mode a truly one-way thing.
And you’ve essentially just admitted that you aren’t actually suggesting that at all.
Physically blowing a fuse in a CPU to achieve an equivalent result to a text file containing a date, is a little silly.
If you’re gonna fall back on legal assurances anyway, simply make it a software thing. Not being able to just unlock your devices when you’re old enough is a recipe for e-waste, anyway.
That makes no sense. A single bit isn’t significant unless read and enforced by software. And if you’re suggesting “burning” or “purging” some kind of token that is to be authenticated to show a device is in one mode or the other… Then you’ve just added a new kind of hardware id.
And are you saying adults escape any kind of tracking… But kids don’t?