The push is towards identity attestation with digital signatures issued by authorities. Of course that’s still quite the technological leap from having an dob field in a user database, but that’s just a part of what’s required by the Californian legislation. The NY legislation already tried to include identity providers. And EU countries already have the IDs, the EU is just not in a strong position to require OSes to implement uniform support.
EU has been trying to push for government identities on social media for like 15 years. And online IDs even longer.
Of course that’s still quite the technological leap
Yeah I highly doubt this specifically will be any meaningful change or particularly the coming avenue for change, but I don’t necessarily think that’s fully it, because it has always been just as technologically feasible DRM currently is (“Secure”/“Trusted(treacherous)” Computing, TrustZone, TEE(s), Secure Element(s), ME, TPM, SGX, TDX et al…) all designed trusting the manufacturer first then the user second if even at all, all widely used(or capable) almost without exception today. I just don’t think the appetite or need has gotten truly there yet. but with with how suffocatingly American core internet infrastructure and historicaly entrenched design elements are, when truly threatened i can see the dropping of the “open” internet facade becoming much much much worse that won’t be as solvable as just some configs or applying some patches. ignoring the liberal dogs with unimaginable cognitive dissonance and white hubris that somehow imagine building around the exact same panopticon but painted blue with stars, and “European”(whatever this is) will somehow be spectacularly different. i can’t tell if my thinking is just borderline conspiratorial, but there is wayyy to much undeserved trust in this stuff that just because it hasn’t been weaponized more overtly yet doesn’t mean in more desperate scenarios/stronger positions it wont or cant be.
(I agree with you I’m just talking into the aether getting carried away typing saying the same thing but worse and convoluted. I need some sleep :( )
(removed my doomer disjointed rambling about actually important and real security being wrapped into “trusted” computing. truly free computing died soon after it was born; it is possible, but only in a better world. the last time I smiled was on August 19th, 1991. etc…)-
They aren’t that far off with UEFI and secure boot. I remember that there was a legit scare in the Linux community that community distros might be left behind.
And you are also overlooking what’s already happening on Android, you might still be able to run a custom FW but some apps just refuse to work. I could see regulations demanding that all adult apps require a signed firmware as a start. Many of the EU identity attestation apps already don’t work on custom FW and might only have option or two in your country. Many government services will be a lot harder to access if at all without those ID apps, already the case for some services.
And no the EU doesn’t truly care to get digital sovereignty, or they wouldn’t require ID apps that require google attestation. We already know the US government digitally sanctions people and turns of their digital access to US services they need.
The push is towards identity attestation with digital signatures issued by authorities. Of course that’s still quite the technological leap from having an dob field in a user database, but that’s just a part of what’s required by the Californian legislation. The NY legislation already tried to include identity providers. And EU countries already have the IDs, the EU is just not in a strong position to require OSes to implement uniform support.
EU has been trying to push for government identities on social media for like 15 years. And online IDs even longer.
Yeah I highly doubt this specifically will be any meaningful change or particularly the coming avenue for change, but I don’t necessarily think that’s fully it, because it has always been just as technologically feasible DRM currently is (“Secure”/“Trusted(treacherous)” Computing, TrustZone, TEE(s), Secure Element(s), ME, TPM, SGX, TDX et al…) all designed trusting the manufacturer first then the user second if even at all, all widely used(or capable) almost without exception today. I just don’t think the appetite or need has gotten truly there yet. but with with how suffocatingly American core internet infrastructure and historicaly entrenched design elements are, when truly threatened i can see the dropping of the “open” internet facade becoming much much much worse that won’t be as solvable as just some configs or applying some patches. ignoring the liberal dogs with unimaginable cognitive dissonance and white hubris that somehow imagine building around the exact same panopticon but painted blue with stars, and “European”(whatever this is) will somehow be spectacularly different. i can’t tell if my thinking is just borderline conspiratorial, but there is wayyy to much undeserved trust in this stuff that just because it hasn’t been weaponized more overtly yet doesn’t mean in more desperate scenarios/stronger positions it wont or cant be.
(I agree with you I’m just talking into the aether getting carried away typing saying the same thing but worse and convoluted. I need some sleep :( )
(removed my doomer disjointed rambling about actually important and real security being wrapped into “trusted” computing. truly free computing died soon after it was born; it is possible, but only in a better world. the last time I smiled was on August 19th, 1991. etc…)-
They aren’t that far off with UEFI and secure boot. I remember that there was a legit scare in the Linux community that community distros might be left behind.
And you are also overlooking what’s already happening on Android, you might still be able to run a custom FW but some apps just refuse to work. I could see regulations demanding that all adult apps require a signed firmware as a start. Many of the EU identity attestation apps already don’t work on custom FW and might only have option or two in your country. Many government services will be a lot harder to access if at all without those ID apps, already the case for some services.
And no the EU doesn’t truly care to get digital sovereignty, or they wouldn’t require ID apps that require google attestation. We already know the US government digitally sanctions people and turns of their digital access to US services they need.