Finally it seems the end of Reddit is near.
Years later, you will find many then teen’s 80yo grandmas’ photos in the leaked database
Hm, I’m going to need some software engineers to critique an idea I have that could at least partially solve the fears people have about their personal details being tied to their porn habits.
The system will be called the Adult Content Verification System (or Wank Card if you want to be funny). It’s a physical card, printed by the government with a unique key printed on it. Those cards are then sold by any shop that has an alcohol license (premises or personal). You go in, show your ID to the clerk, buy the card. That card is proof that you’re over 18, but it is not directly tied to you, you just have to be over 18 to buy it. The punishment for selling a Wank Card to someone under the age of 18 is the same as if you sold alcohol to someone under 18.
When you go to the porn site, they check if you’re from the UK, they check if you have a key associated with your account. If not, they ask for one, you provide the key to the site, the site does an API call to
https://wankcard.gov.uk/api/verifywith the site’s API key (freely generated, but you could even make the api public if you want) and the key on the card, gets a response saying “Yep! This is a valid key!” and hey presto, free to wank and nobody knows it’s you! If you don’t have an account, the verification would have to be tied to a cookie or something that disappears after a while for all you anonymous people.As a result, you can both prove that you’re over 18 (because you have the card) and some company over in San Francisco doesn’t get your personal data, because you never actually record it anywhere. All you have is keys, and while yes, the government could record “Oh this key was used to verify on this site”, they’d have to know which shop the key was bought from, who sold it, and who bought it, which is a lot more difficult to do unless the shopkeeper keeps records of everyone he’s ever sold to.
So… Good idea? Bad idea? Better than the current approach anyway, I think.
How would you solve replay attacks? Like a million people, of age or not, sharing the same key?
Maybe you could limit the number of verifications a key can have in a day? Limit it to say 10 verifications per day. So if you’re on Pornhub and have an account, you can have the key associated with the account, verified, and so you don’t need to re-verify. But if you go on 10 completely different sites and verify for each one, you can’t verify after that 10th one within the same 24hr period?
You could maybe also include guidelines for integration where if a key is associated with an account, that key can’t be used for any other account. You can include that under some requirement that says you have to make ‘best efforts’ to ensure that a key is only ever used by one account at a time. That way, if a million people are sharing the same key, you’d have to trust that all one million of them will never associate that key with their account because if they do, it invalidates that key for every use other than through that account on that site.
I’m a security dev and this is a good idea!
This would be better than most of the crap being proposed or implemented.
But, since the keys are presumably reusable, they’ll presumably get borrowed shared by and among minors almost immediately.
There could be some “Netflix account sharing” style work to deter that, of course.
Yeah I did consider that people are going to share keys, but people are going to share accounts too so that’s always going to happen. The best thing you can do is stick some safeguards on the keys where if a key is found online, it can be deactivated and potentially investigated since you can tell which shop sold the key. If there’s a shop out there just giving cards away to minors, well they’re in for a world of trouble.
Under the Licensing Act of 2003, it’s illegal to sell alcohol to an adult if you reasonably suspect that they will be then giving that alcohol to a minor. You can assume the same will apply to people selling Wank Cards.
people are going to share keys,
get ahead of it and sell discounted bukkakeys
you could probably even have a bundle called the “family plan” for the real sickos
I should get into masturbation regulation marketing!
Hungry for Adams Apples? Try our limp biscuits!
I keep thinking about some of RPs I’ve done in my life. Hot, vile, smutty text based RPs. I think about them and wonder if there will ever be a time when those words would be considered illegal and I would be arrested for posting them. This doesn’t just protect minors. It tags deviance. Some of you may know the darker corners of Reddit. Imagine if an AI flagged your subs. The delete-rebuild cycle doesn’t work anymore. Reddit will always know. If the law asks for suspects for newly illegal thought crime, Reddit will be able to point to all the users on those dark corners. We are moving into a future where privacy doesn’t matter and I fear what that means for the kinky among us.
That’s a subject many never talk about: it assumes we (1) have morality all figured out and (2) it’s the same for everyone, everywhere.
I’m nowhere near as worried about this for kink stuff as I am about us LGBTQ living in the US.
amongus
Something similar happened In China recently. A female author of homoerotic texts was charged for it.
Meh, just upload a dick pic.
I’ll never forget how he changed users’ text without them knowing it before the 2016 election. Reddit was going downhill before, but that was a turning point.
For those unaware, this isn’t something like replacing a slur with removed, he edited users’ comments, turning them into insults to other users.
I don’t care that those original commenters were (likely) pieces of shit, and the people who he made the comments insult were definitely pieces of shit, putting words into people’s mouths to make them fight each other is unforgivable. Even if you put out a shitty apology.
I’m a UK citizen, fuck everything about this law. I’m so sick of the current authoritarian trend amongst some western countries. The UK is one of the worst offenders.
It’s not even about protecting kids. It’s about control and appeasing puritanical elements in society. We’re the 6th richest economy in the world and we can’t even offer some of the poorest kids food security. But at least they can’t see a pair of tits on Reddit.
Parental controls exist. Use them instead. I fucking hate this.
tale as old as time even since I was a kid and I’m in my 40s. Reminds me of the original videogame rating system that Sega originally implemented in NA when the first Mortal Kombat came out. Parents, to this day, are still unable to manage what their kids consume.
I mean my parents never had an issue with this. Like when they’d rent movies, I wasn’t allowed to watch Terminator 2 until I was like 13 and it was my Dads favourite movie. He put it on “ok, you have to leave the room now we’re watching a movie” and I did.
Keeping the age verifier seperate from the content host is good. Destroying the files used for verification is good. On paper it’s not too a bad system for age verification, but it really hinges on if you can trust them. Given the track record of basically almost every company and government ever…
Problem is, how do we know that the company is reputable, audited, and so on?
I’ve seen more places requiring verification - and each one of them seems to use a different verification company. How are there so many of these places, and why aren’t they more commonly known? Like Experian for credit, etc.
Sure it might sound good to keep them separate - but all that is doing is absolving the content host from liabilities for providing the adult content (somewhere) on their platforms and sites. Reddit don’t want to get involved, and I’ll bet they found the cheapest and easiest provider, or the first one in the search list and thought “good enough”.
I think it’s good that Reddit is trying to continue to allow adult content within the legal framework in which it must operate.
I guess what I’m not clear on it is what the legal framework is for verification services. Absent rules that require robust privacy protections market forces will push a race to the bottom in terms of cost and data security will be the first to take a hit.
I know this might seem weird but I think this is one of those cases where a blockchain based smart contract might be the best solution. I’m not exactly sure, as any system that allows one to consume content generally also allows one to copy it, but having a system defined in code in a publicly auditable manner that cannot be changed without notice seems to me to have the capacity to grant the most reassurance.
I mean I assume that all the verification company is doing now is verifying a person’s age and then giving a kind of authorization token that’s cryptographically secure that basically says “the owner of this cryptographic key is of age”.
Good take. You are right. Still fuck this.
Just upload a picture of any politician who voted for this.
Yeah, fuck all that.
Guess we’re transitioning into a VPN only future.
We have the opportunity to head into a utopic or dystopic future and we’re absolutely choosing the dystopic one.
They’ll criminalize personal VPN users for non-work purposes, next.
Work VPN doesn’t look any different to any other VPN to the people tapping the lines.
Once businesses fully implement zero-trust, VPNs are redundant.
I agree, and whilst I don’t personally bother with vpns myself because I prefer other solutions, it’s one of the things that helps prevent insane UK politicians’ bad hottakes on tech becoming law
Edit: an apostrophe
I’ll just use a VPN to hide my VPN use and then they’ll never know.
Good luck, I’m behind 7 proxies.
for non-work purposes
Sounds like a loophole to me!
A VPN future? Haha. Not if they don’t want to. There are many ways to prevent VPN from operating when you’re a government.
You can just plain ban encryption, which sounds really crazy, but yeah, they’re trying to.
You can just say “it’s illegal to use a VPN”. It’ll technically still work, but if there’s a trace of trafic from your house to a known VPN endpoint, you’re it! Great!
They can force custom proprietary spying software on your devices. Sounds equally crazy as the thing above, right? But rest assured they’re ALSO trying to do that. Multiple times, even. And in some places… they did. Of course, nothing forces you to have such software on your device. Especially if your devices are not supported; it also turns into a “you have to buy this or that big name device, everything else’s de-facto illegal! Fuck you, we’re the government!”. And if you get caught for whatever, and your phone, PC, or anything isn’t “compliant”? Bam. Guilty.
Plenty of option. All of them completely stupid and would weaken both privacy, individuals, and governments at large. It never stopped legislation from being pushed forward.
I don’t think we ever really had a choice
Indeed. With our current system it was only a matter of time. As soon as the internet became a default thing which everyone needed to access just to function in their daily lives, it would of course be subjected to the exact same exploitative mechanisms that the non-internet part of our lives have suffered from since the dawn of history.
We thought the same thing about Netflix with the sharing password bans. Yet they retained more profit than ever the next year.
Who’s to say if this is what will make Reddit end, or did they actually just got more successful after the end of 3rd party apps compared to the declaration of so many users back then?
Digital personal verification is just going to become a fact of life in the future for everyone born after about 2012. They will use online ID cards, biometrics, location metadata that is constantly uploaded by our devices, maybe even implanted RFID encrypted chips for account verification. Passwords are becoming outdated and outmoded for security as we speak here. 2FA is the minimum security for online today but that may soon become outmoded as well.
I literally haven’t had a Netflix sub since that year and I sometimes miss the convenience of it even. Haven’t been very frequent on reddit in 2 years. Neither company is going to miss me though.
Soon it’ll just be piracy and the fediverse for me, and maybe I’ll be able to show my daughter how to download movies and shows, but I’m sure within within her lifetime, piracy will just become so unpopular that all the good sources of content die out. I do hope the fediverse will stay around though. It has a similar problem to piracy: It’s not that it’s hard, it’s more that the people making everything work get tired and it’s hard to convert people.
LOL. No “we” didn’t. A few idiots did.
These large tech companies have e focus groups and can do extensive research on how their markets will react to these changes.
Any analysis on social media just doesn’t have access to that data.
That’s because Netfilx is basically a media powerhouse & kind of a monopoly.
& your average person doesn’t know how to effectively pirate
This is what Facebook does to verify accounts, they also autoban if you try to register with a temp email
deleted by creator
What’s considered a temporary email? How do they know?
Proton mail has a feature where you can create a new address that ties to your main one, but nobody except proton knows it is you. They end in passmail.net. I’m sure there are other providers that do similar things
It’s actually passinbox.com. The format is ${aliasName}.${randomWord}${random3DigitNumber}@passinbox.com Ex: [email protected]
Cool. Thanks :)
Ohhhhhh, now I get why my account gets auto-deleted. Does Discord do that too ?
Because it makes sense
I believe so? I don’t know it’s been awhile since I’ve used Discord (I just went back to IRC). I know awhile ago when I had to use Discord I had issues signing back up with a temp email I created so perhaps.
They started recently yeah. I’m in some nsfw discords and they I’d you now
so those scam popups that scare people by saying their webcam was hacked and took pictures of them while looking at porn is getting state sanction!
“Reddit has stressed that this system is only to verify users’ age, and it has no interest in your identity. Lee further stated that Persona won’t know what subreddits you visit, and has promised it won’t keep users’ uploaded images more than seven days.”
Press X to doubt.
Time to go to LemmyNSFW
Under the new UK law, lemmynsfw would also need to have some kind of age verification for UK users.
This. Can’t believe we’re seeing “lol Reddit sucks” when this is a country-wide implementation and has nothing to do with Reddit in particular.
So, the UK sucks.
Something similar is coming to Australia as well.
Beware USA :(((
Supreme Court’s ruling practically wipes out free speech for sex writing online (July 4, 2025)
[commented the same a few days back]
This is why many adult sites are banning access if your IP is from TN or any of the other american states that love jesus more than freedom.
Explains the sudden advertisement in vpns, but I’m afraid they will have to shell out more proxies eventually
Happy birthday, USA
You are correct. But this doesn’t lessen the extent to which reddit sucks.
Real talk - or what? If LemmyNSFW isn’t based in the UK, what can they do?
Block it? I’d rather have that than deal with processing users face data.
I believe if the UK finds a site that doesn’t comply with the law, they will block it from their side of things. I haven’t read anything about websites needing to be proactive to block the UK if they don’t plan to comply.
Honestly I have no idea. I guess they could just block it if they don’t comply?
While I don’t know this situation, in general it tends to be up to the site to block access, rather than the other way around. If they don’t, some government branch may issue a fine to the server owners, and if it doesn’t get paid it’s seen as a crime committed in the UK. Might mean the fineé gets banned, the country they live in might get an extradition order, or whatever.
Again, no idea about this case in particular. This is just based on what I’ve seen under similar rulings.
Well as a Lemmy admin I’ll see if they seriously enforce this on international sites. If not, I won’t worry about it. If so, the UK gets blocked. 🤷🤷🤷
I doubt they’ll be going after niche sites anyway. Big dogs like reddit, sure. Sites dedicated to porn probably. Everyone else? Doubt it.
Even though LemmyNSFW is outside of the UK the admins of any instance will be responsible for verification of UK users because of this law. This is why .zip (Lemmy and PieFed) have geoblocked the UK. It’s a lot of work and responsibility to take on.
Here’s the post from Demigodrick explaining this situation better than I can.
Yeah only if the UK can actually manage to enforce any consequences to site admins outside the UK. I’ll wait and watch.
Just curious, how would this happen in practice? As I understand lemmy instances are defederated across the globe. Who would they send their demands to? Also there is already some nsfw content in lemmy, are those expected to respond now in some way?
Maybe they’ll just make the Fediverse illegal in the UK. Or all non-corporate sites that can’t afford to pay a company like Persona.
Or it can just defederate from UK based instances.
.zip has already been trying to figure out how to handle this law, its also UK based.
.zip blocks users from the UK iirc.
Lemmy.zip blocks uk users on its front end but I think its contents is still federated.
That’s always down when I want to use it :(
It’s always up when I use it … Oh you meant the site, sorry
It’s always down for it :)
Oh the cute little corpo is promising to delete your data, how can we not trust him🥺🥺
It is not just that, I don’t trust Persona security, if a malicious actor installed a silent program that monitors users and sends it to a command and control center they probably won’t know for months or even years. Cyber security is very bad in most companies.
Very careful wording there to switch between Persona and Reddit to conveniently omit one from the justification given by the other.
Presses X furiously
Google uses reddit for its AI training. Just saying.
God help us all.
Why doubt, I mean they promised?
Next in the news: “500k Usernames, Passwords and biometric data leaked in the latest hack”
So…coming soon: an app that can match up images of friends or colleagues with a summary of their pornography preferences.
This could at least liven up some boring meetings or dull parties…
Remember those are just the ones you hear about. Plenty happen and are never talked about by either side for obvious reasons.
Who is not “Rick Rolling” this with a selfie of a stock photo (or a frame from “Never Gonna Give you Up”?)
u/spez was the lead moderator of r/jailbait, and when he was caught, he got rid of mod transparency. Ghilisaine Maxwell was likely a l lead moderator of news Reddits as well (u/MaxwellHill). Reddit has always been compromised.
I’m not defending Spez, I think he’s a piece of shit and he did edit other users’ comments that were critical of him, which is fucked up, but I don’t think he was actually involved with that sub. It was possible to appoint mods without their knowledge or consent, and he’s a huge target, someone must have done it as a joke.
what’s the topic of r/jailbait?
The speed they banned r/pizzagate was illuminating.
