Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
Hawxy 5 hours ago

> "By immediately I mean we send it to k-ID who said that's what they do."

People have already validated this fyi. When k-ID was first added you could send a bogus age result to discord from your local device, which probably still works. There's no evidence your facial scans leave the device.

> "By that I mean they partnered with Persona to do the actual verification."

Which isn't true, it was a UK-only experiment being run for a small subset of users, which has now been discontinued.

I get people are outraged, but this is sensationalism at best.

shakna 4 hours ago | parent | next [-]

After the last screwup, by the same company, why would you trust the data to stay on your device?

> Of the accounts impacted globally, we have identified approximately 70,000 users that may have had government-ID photos exposed, which our vendor used to review age-related appeals.

And by same company, I don't mean discord. I mean Persona.

https://discord.com/press-releases/update-on-security-incide...

jacquesm 5 hours ago | parent | prev | next [-]

Trust is fragile.

toofy 4 hours ago | parent | prev | next [-]

was it “uk only” or was it the only place that required them to notify users theyre being experimented on?

we know US law allows tech companies to experiment on us without notifying at all. facebook was caught experimenting on users to see if a timeline full of sad posts would cause the users to become depressed.

im guessing his companies will get ahold of discord users data in most other countries. i’d be shocked if he only wants data from a tiny number of UK people.

rolymath 3 hours ago | parent | prev | next [-]

What good does this do for people who have already had their faces enrolled in Thiel's venture now?

"oh sorry, we said it's local but forgot to tell you about the experiment that sends you data to Thiel"

cookiengineer 3 hours ago | parent | prev [-]

Enter into Google: Discord breach october 2025

Discord probably still claims they weren't hacked. How they handle incidents like this matters to a lot of folks, and that's what this is about.

3 months after a major breach, how could anybody possibly believe that they fixed all their wrong organizational policies and security measurements within that time, while still not even acknowledging the incident?