Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
hooverlabs 4 hours ago

Servers can then infer user’s ages by whether or not the client renders pages given those headers or not no? See if secondary page requests (e.g images, scripts) are made or not from a client? A bad actor could use this to glean age information from the client and see whether the person viewing the page is a small child. That should be scary

Bender 3 hours ago | parent | next [-]

I disagree. The ability to render a page could simply mean that parental controls were not enabled on the device. Some parents have assessed the situation and trust their children to be psychologically ready for adult situations. The client could be literally any age.

Today devices do not default to accounts being child accounts. Some day this may change and may require an initial administrator password or something to that affect but this can evolve over time.

NoMoreNicksLeft 3 hours ago | parent [-]

>I disagree. The ability to render a page could simply mean that parental controls were not enabled on the device.

Not being able to detect all children doesn't mean that being able to detect 80% of them is somehow less disturbing.

Bender 3 hours ago | parent [-]

The point and overall goal should be to not signal anything to the server operator unless a credit card is being used. Everyone is whomever they claim to be as far as anyone is concerned, until payments are required which today means sharing identity and age (via the credit card information on file with the financial institution and is shared today).

In the case of RTA the only signalling taking place is a server header being transmitted to the client. The client could be anyone at any age. Nothing to explicitly leak or disclose. Server operators can guess all they desire as some do using AI based on user behavior of which they sometimes get wrong.

nirava 3 hours ago | parent | prev | next [-]

That's true. But leaking an age threshold is not the same as private companies being able to link all your online activities to a single legal person.

e44858 3 hours ago | parent | prev [-]

Adults could also use this to filter out unwanted content without needing to rely on outdated filter lists.