| |
| ▲ | cogman10 3 hours ago | parent | next [-] | | Some probably will. 99% of them don't even know what "Chromium" is. This doesn't have to be perfect. | | |
| ▲ | Wowfunhappy 3 hours ago | parent [-] | | Right now, they don't know. They're going to learn very quickly when they want to use some website and they can't. We agree it doesn't need to be 100% perfect. But it needs to be at least, like, 60% perfect, right? And unless you make it at least a bit hard to bypass, it will stop virtually no one. | | |
| ▲ | cogman10 2 hours ago | parent [-] | | Some undoubtedly will. Installing a new browser is already a bit hard for most people. I think you are a little skewed in your thinking being online on HN. You also aren't thinking about age. Certainly 16 and 18 year old probably can get a new browser installed. But a 14 year old? 12 year old? 10 year old? That barrier is a lot higher the younger a kid is. | | |
| ▲ | Wowfunhappy 2 hours ago | parent | next [-] | | I just finished my second year as a fifth grade teacher, so I have a lot of experience with ten year olds. I am confident a majority of my students would be able to install an alternative web browser if they needed to, and a majority of the remainder would ask a friend to do it. To give you an example of the workarounds kids will find: Youtube was blocked on school laptops, so the kids all started embedding Youtube videos inside of Google Sheets in order to watch stuff. This isn't, like, something a few savvy kids did, it was a widespread and common practice. | |
| ▲ | drnick1 33 minutes ago | parent | prev [-] | | Lol. I started building computers, installing operating systems and tinkering with Linux between ages 10-12. I also started watching porn not long after that, and guess what, I still became a more or less normal adult. There is absolutely no need to "protect the children." |
|
|
| |
| ▲ | mindslight 2 hours ago | parent | prev [-] | | No, it only "requires" browser attestation if we taken it as a given that the onus is on tech companies for verifying who they are talking to - ie identity verification that most of these schemes boil down to regardless of how cute they're dressed up. To effectively keep adult content away from kids, it merely requires secure boot and closed app stores, which are already widespread. And they are only required on the devices actually given to kids, rather than every single computing device. But this proposal has another problem: it's easy for a website to run isUserOver(n) in a loop to derive the exact age. And on a persistent account, it can be queried every day to derive an exact birthday! Which comes back to my main point that the only technical schemes we should be considering are ones where information strictly flows one way - the website/app supplies information to the browser/OS, which then [may] implement parental control policy. anything else fundamentally boils down to a mandate for identity verification. | | |
| ▲ | drnick1 29 minutes ago | parent | next [-] | | > To effectively keep adult content away from kids, it merely requires secure boot and closed app stores This is unacceptable. If I own a computer, I expect to be able to build and run any program, either written by myself or others, without asking anyone for permission. | | |
| ▲ | mindslight 20 minutes ago | parent [-] | | Maybe I needed to say "it merely requires the existence ...". Because I then do go on to say: > And they are only required on the devices actually given to kids My whole point is that this limits the blast radius, compared to any solution involving "age" (read: identity) verification which has a blast radius of every computing device! Perhaps my other comment will show you where I'm coming from better: https://news.ycombinator.com/item?id=48645646 |
| |
| ▲ | Wowfunhappy 2 hours ago | parent | prev [-] | | > To effectively keep adult content away from kids, it merely requires secure boot and closed app stores, which are already widespread. And they are only required on the devices actually given to kids, rather than every single computing device. ...I guess I don't really see the difference. Closed app stores are widespread on some platforms but certainly not others, and I for one would really like them to not spread any further. | | |
| ▲ | mindslight 2 hours ago | parent [-] | | For starters here, the difference is that only devices that parents give to kids need to have secure boot and controlled software sources. The point is that every other device remains completely unaffected. But in general there is a huge difference between the freedom-destroying properties of secure boot with closed app stores, and the next step of remote attestation. Remote attestation lets the server insist that you only run software fully of their choosing rather than your choosing, as a condition of interacting with them. This completely destroys the idea of protocols that mediate between two parties with diverging interests, and computationally disenfranchises users. Imagine the next generation of the Cloudflare nagwall that doesn't let you past unless you buy a new computer, and that new computer must be running MSWin/OSX and MSIE/Chrome. (also note that my use of "secure boot" here includes systems like on Pixels where you can straightforwardly unlock the bootloader (erasing the data on the device), install whatever you want, and then relock. I still find these systems philosophically objectionable, as there is still a privileged key baked in and retained by the manufacturer - similar security properties could be provided without the backdoor. But pragmatically they've been working okay) |
|
|
|
