@paco @BenAveling it is just a stupid electronic device
-
@paco Fucking hell
-
No they didn’t. They did their own age verification and stored images of passports in Zendesk (iirc, or some other support desk software). Discord acted completely irresponsibly and discord NEEDS age verification due to their young target audience and child enthusiast problem. I agree with your point, but your representation of what happened at Discord is entirely wrong.
-
No they didn’t. They did their own age verification and stored images of passports in Zendesk (iirc, or some other support desk software). Discord acted completely irresponsibly and discord NEEDS age verification due to their young target audience and child enthusiast problem. I agree with your point, but your representation of what happened at Discord is entirely wrong.Yes, I remembered correctly: it was zendesk. youtube.com/watch?v=GbXATeFfkRA
-
@paco Damn, this is both hilarious and terrifying. 70,000 people handed over their documents so Discord could “verify their age,” and now all those files are just floating around the internet. Does anyone really think this is safe?
-
@paco “At Discord, protecting the privacy and security of our users is a top priority.” says the service without e2ee for direct messages.
-
@paco Well, you know, at least that company knows how to NOT safely store sensitive personal data...
-
@paco Yet another reason in the litany of reasons I refuse to join Discord. People need to like... stop... using it.
I had to ask something on a discord forum about this app I use.
The tone of voice is of teens on the loose.
While it's ok & just fine to be a teen on the loose (I've been one myself, and looking back I firmly believe it's a fundamental human right to do really dumb things), COMMA, it's, well, a state of mind I left behind. Mostly. I think. I hope.
-
@paco
Bluesky asked me to give my ID information and documents to a third party provider when Australia introduced its under-16 ban a month or two ago.I deleted Bluesky.
-
@kerfuffle Is it worth highlighting? I mean, admitting that it happened is surely the lowest possible expectation. Do we pat them on the back and give them a participation trophy? In some jurisdictions, this disclosure is mandated by law (which is why these laws are good). Is it worth mentioning that they chose to do what the law said they must?
-
No they didn’t. They did their own age verification and stored images of passports in Zendesk (iirc, or some other support desk software). Discord acted completely irresponsibly and discord NEEDS age verification due to their young target audience and child enthusiast problem. I agree with your point, but your representation of what happened at Discord is entirely wrong.
@michael Was it Zendesk? Someone else replied that it was 5CA and sent this link
Holding statement regarding Security Incident
We are aware of a recent security incident. Learn how 5CA is responding and protecting client and community data.
5CA (5ca.com)
The phrase “our vendor used to review age-related appeals” in the discord disclosure made it sound like the vendor did the appeals. So maybe discord did the initial verification, but this vendor was doing more than just storing images.
-
@paco inevitable.
Too good a target of course this happened and will keep happening. Waiting for the big one that makes photo ID worthless. -
@michael Was it Zendesk? Someone else replied that it was 5CA and sent this link
Holding statement regarding Security Incident
We are aware of a recent security incident. Learn how 5CA is responding and protecting client and community data.
5CA (5ca.com)
The phrase “our vendor used to review age-related appeals” in the discord disclosure made it sound like the vendor did the appeals. So maybe discord did the initial verification, but this vendor was doing more than just storing images.
Then I might have been wrong and there were more leaks. They definitely had one last year, where they hosted pictures of peoples' passports in Zendesk (which is all kinds of insane).
If they used a "proper" age verification service and they leaked, that's an entire new can of worms. (Though I still think Discord in particular having age verification is not a bad thing.) -
@paco
When I logged back into LinkedIn a few a months ago (after years of blissful absence) it asked me to "verify" my identity. So I click "ugh, fine" and got redirected to a 3rd party asking for all of my personal info. lol. that was a quick "Cancel". -
@paco
Sadly: "called it!" -
@paco why does every company say "at [insert company] your privacy is our priority"? are they just taught this?
-
@paco If any Discord server I use starts asking for age-verification, that's the day I leave that server.
It's one thing to be asked to trust Discord (or whatever other company) who you know you're dealing with because that's their name on the website. I can decide if I trust them or not. It's another thing for them to be using some third party who I never heard of and have no idea if I should trust.
-
@paco Yet another reason to not use Discord. It was bad from the start and it hasn't gotten better. I wish companies would stop leaning on it more and more for things like tech support too. We shouldn't have to risk identity theft for tech support.
-
@elaine @paco I don't think everyone sending their id to one of 3 American mega corps is a "win" for anyone.
1. They're all actively supporting the regime
2. Even without the current president, they're under the cloud act so that data is still accessible by US
3. Even if the mega corps were not owned by the US, they don't care about our data, privacy, human rights, they are involved in wars and oppression of various peoples.
4. Centralised services are not safer per se. -
@elaine @paco I don't think everyone sending their id to one of 3 American mega corps is a "win" for anyone.
1. They're all actively supporting the regime
2. Even without the current president, they're under the cloud act so that data is still accessible by US
3. Even if the mega corps were not owned by the US, they don't care about our data, privacy, human rights, they are involved in wars and oppression of various peoples.
4. Centralised services are not safer per se....and I should not have to submit ID to my operating system, or to access my own computer!
