Privacy

45924 readers

1489 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS

330

Discord will require a face scan or ID for full access next month (www.theverge.com)

submitted 2 days ago by mr_MADAFAKA@lemmy.ml to c/privacy@lemmy.ml

101 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] M1k3y@discuss.tchncs.de 4 points 1 day ago (1 children)

And if you don't want the government to know what sites you visit, have sites route the request through a proxy.

Actually, no on the fly communication with the issuer is required for selective disclose. You just need a signed document with individually salted hashes of different properties and you can create a zero knowledge proof non-interactively. Zero knowledge meaning that truely nothing but the disclosed property (age > 18, County == DE, or whatever) is communicated to anyone.

Theres a lot of other cool stuff that can be done with zero knowledge digital identity wallets. You could for example hash your pubkey together with the service providers pk and disclose that as a per service ID, but not reveal your pk. This allows linkability within one service (as a login method for example) while preventing cross service linkability.

[–] Ferk@lemmy.ml 1 points 5 hours ago* (last edited 5 hours ago)

That prevents the site from knowing your identity, but I'm not convinced it prevents the government from knowing you visit the site. The government could keep track of which document corresponds to which individual whenever they issue / sign it.

So if the government mandated that each signed proof of "age>18" was stored by the service and mapped to each account (to validate their proof), then the government could request the service to provide them copy of the proof and then cross-check from their end which particular individual is linked to it.