Thread

πŸ›‘οΈ
EU age verification app to ban any Android system not licensed by Google Reddit:
Reddit - The heart of the internet
 The EU is currently developing a whitelabel app to perform privacy-preserving (at least in theory) age verification to be adopted and personalized in the coming months by member states. The app is open source and available here:
GitHub
GitHub - eu-digital-identity-wallet/av-app-android-wallet-ui
Contribute to eu-digital-identity-wallet/av-app-android-wallet-ui development by creating an account on GitHub.
. Problem is, the app is planning to include remote attestation feature to verify the integrity of the app:
GitHub
GitHub - eu-digital-identity-wallet/av-app-android-wallet-ui
Contribute to eu-digital-identity-wallet/av-app-android-wallet-ui development by creating an account on GitHub.
. This is supposed to provide assurance to the age verification service that the app being used is authentic and running on a genuine operating system. Genuine in the case of Android means: β€’ The operating system was licensed by Google β€’ The app was downloaded from the Play Store (thus requiring a Google account) β€’ Device security checks have passed While there is value to verify device security, this strongly ties the app to many Google properties and services, because those checks won't pass on an aftermarket Android OS, even those which increase security significantly like GrapheneOS, because the app plans to use Google "Play Integrity", which only allows Google licensed systems instead of the standard Android attestation feature to verify systems. This also means that even though you can compile the app, you won't be able to use it, because it won't come from the Play Store and thus the age verification service will reject it. The issue has been raised here
GitHub
Do not add Google Play Integrity integration Β· Issue #18 Β· eu-digital-identity-wallet/av-doc-technical-specification
In the README, the following is listed: App and device verification based on Google Play Integrity API and Apple App Attestation I would like to st...
 but no response from team members as of now. In short: You can only be a full citizen of the EU if you accept the ToS from Google.

Replies (29)

πŸ›‘οΈ
This is not okay.
Kazani's avatar Kazani
EU age verification app to ban any Android system not licensed by Google Reddit:
Reddit - The heart of the internet
 The EU is currently developing a whitelabel app to perform privacy-preserving (at least in theory) age verification to be adopted and personalized in the coming months by member states. The app is open source and available here:
GitHub
GitHub - eu-digital-identity-wallet/av-app-android-wallet-ui
Contribute to eu-digital-identity-wallet/av-app-android-wallet-ui development by creating an account on GitHub.
. Problem is, the app is planning to include remote attestation feature to verify the integrity of the app:
GitHub
GitHub - eu-digital-identity-wallet/av-app-android-wallet-ui
Contribute to eu-digital-identity-wallet/av-app-android-wallet-ui development by creating an account on GitHub.
. This is supposed to provide assurance to the age verification service that the app being used is authentic and running on a genuine operating system. Genuine in the case of Android means: β€’ The operating system was licensed by Google β€’ The app was downloaded from the Play Store (thus requiring a Google account) β€’ Device security checks have passed While there is value to verify device security, this strongly ties the app to many Google properties and services, because those checks won't pass on an aftermarket Android OS, even those which increase security significantly like GrapheneOS, because the app plans to use Google "Play Integrity", which only allows Google licensed systems instead of the standard Android attestation feature to verify systems. This also means that even though you can compile the app, you won't be able to use it, because it won't come from the Play Store and thus the age verification service will reject it. The issue has been raised here
GitHub
Do not add Google Play Integrity integration Β· Issue #18 Β· eu-digital-identity-wallet/av-doc-technical-specification
In the README, the following is listed: App and device verification based on Google Play Integrity API and Apple App Attestation I would like to st...
 but no response from team members as of now. In short: You can only be a full citizen of the EU if you accept the ToS from Google.
View quoted note →
πŸ›‘οΈ
Die TotaleΓΌberwachung kommt in kleinen tippel Schritten, immer ein bisschen nΓ€her. Von der #EUdSSR ist nichts anderes zu erwarten.
Kazani's avatar Kazani
EU age verification app to ban any Android system not licensed by Google Reddit:
Reddit - The heart of the internet
 The EU is currently developing a whitelabel app to perform privacy-preserving (at least in theory) age verification to be adopted and personalized in the coming months by member states. The app is open source and available here:
GitHub
GitHub - eu-digital-identity-wallet/av-app-android-wallet-ui
Contribute to eu-digital-identity-wallet/av-app-android-wallet-ui development by creating an account on GitHub.
. Problem is, the app is planning to include remote attestation feature to verify the integrity of the app:
GitHub
GitHub - eu-digital-identity-wallet/av-app-android-wallet-ui
Contribute to eu-digital-identity-wallet/av-app-android-wallet-ui development by creating an account on GitHub.
. This is supposed to provide assurance to the age verification service that the app being used is authentic and running on a genuine operating system. Genuine in the case of Android means: β€’ The operating system was licensed by Google β€’ The app was downloaded from the Play Store (thus requiring a Google account) β€’ Device security checks have passed While there is value to verify device security, this strongly ties the app to many Google properties and services, because those checks won't pass on an aftermarket Android OS, even those which increase security significantly like GrapheneOS, because the app plans to use Google "Play Integrity", which only allows Google licensed systems instead of the standard Android attestation feature to verify systems. This also means that even though you can compile the app, you won't be able to use it, because it won't come from the Play Store and thus the age verification service will reject it. The issue has been raised here
GitHub
Do not add Google Play Integrity integration Β· Issue #18 Β· eu-digital-identity-wallet/av-doc-technical-specification
In the README, the following is listed: App and device verification based on Google Play Integrity API and Apple App Attestation I would like to st...
 but no response from team members as of now. In short: You can only be a full citizen of the EU if you accept the ToS from Google.
View quoted note →
The worst thing about the comments there is that they are not complaining about the creeping "internet passports" and the fact that they'll soon need to ask the state for permission to use the internet at all but that they need to accept TOSes from 3rd parties from the US instead of having a homegrown EU solution. These people deserve everything that's coming and more.
Kazani's avatar Kazani
EU age verification app to ban any Android system not licensed by Google Reddit:
Reddit - The heart of the internet
 The EU is currently developing a whitelabel app to perform privacy-preserving (at least in theory) age verification to be adopted and personalized in the coming months by member states. The app is open source and available here:
GitHub
GitHub - eu-digital-identity-wallet/av-app-android-wallet-ui
Contribute to eu-digital-identity-wallet/av-app-android-wallet-ui development by creating an account on GitHub.
. Problem is, the app is planning to include remote attestation feature to verify the integrity of the app:
GitHub
GitHub - eu-digital-identity-wallet/av-app-android-wallet-ui
Contribute to eu-digital-identity-wallet/av-app-android-wallet-ui development by creating an account on GitHub.
. This is supposed to provide assurance to the age verification service that the app being used is authentic and running on a genuine operating system. Genuine in the case of Android means: β€’ The operating system was licensed by Google β€’ The app was downloaded from the Play Store (thus requiring a Google account) β€’ Device security checks have passed While there is value to verify device security, this strongly ties the app to many Google properties and services, because those checks won't pass on an aftermarket Android OS, even those which increase security significantly like GrapheneOS, because the app plans to use Google "Play Integrity", which only allows Google licensed systems instead of the standard Android attestation feature to verify systems. This also means that even though you can compile the app, you won't be able to use it, because it won't come from the Play Store and thus the age verification service will reject it. The issue has been raised here
GitHub
Do not add Google Play Integrity integration Β· Issue #18 Β· eu-digital-identity-wallet/av-doc-technical-specification
In the README, the following is listed: App and device verification based on Google Play Integrity API and Apple App Attestation I would like to st...
 but no response from team members as of now. In short: You can only be a full citizen of the EU if you accept the ToS from Google.
View quoted note →
I don’t live in the EU but I know there are plenty of smart people with no sheep complexes who live there. I’ll be rooting (and I hope contributing to) their subversion and effective neutralization of of this power-mongering and the rapid reduction or destruction of the functional value of increasing complicity of Google in the evolution of tyranny.