Erik van Straten<p><span class="h-card" translate="no"><a href="https://kolektiva.social/@LukefromDC" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>LukefromDC</span></a></span> : it won't be that bad (it will be bad, but in a different way).</p><p>ANY website may ask a user to confirm they are 18+ (or whatever age).</p><p>There will be a huge amount of AitM (Attacker in the Middle) websites where naive people will be lured to (using fake emails, SMS, chat app messages or falsified QR-codes) and asked to confirm their age.</p><p>That AitM website will subsequently obtain a "ticket" (session cookie) from a real "relying party" website (with a potentially very different type of content than the victim is told).</p><p>Those "tickets" will be sold (or traded for watching ads and/or paying with privacy).</p><p>Reliable authentication requires a trustworthy identity verifier (even if identification is restricted to age+).</p><p><span class="h-card" translate="no"><a href="https://sigmoid.social/@drgroftehauge" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>drgroftehauge</span></a></span> <span class="h-card" translate="no"><a href="https://manganiello.social/users/fabio" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>fabio</span></a></span> <span class="h-card" translate="no"><a href="https://chaos.social/@SylvieLorxu" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>SylvieLorxu</span></a></span> </p><p><a href="https://infosec.exchange/tags/AgeVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AgeVerification</span></a> <a href="https://infosec.exchange/tags/ByPass" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ByPass</span></a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Phishing</span></a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AitM</span></a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MitM</span></a> <a href="https://infosec.exchange/tags/Identification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Identification</span></a> <a href="https://infosec.exchange/tags/IdentityVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityVerification</span></a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentication</span></a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Impersonation</span></a> <a href="https://infosec.exchange/tags/ForSale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ForSale</span></a></p>
med-mastodon.com is one of the many independent Mastodon servers you can use to participate in the fediverse.
Medical community on Mastodon
Administered by:
Server stats:
337active users
med-mastodon.com: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.3
#IdentityVerification
0 posts · 0 participants · 0 posts today
Em :official_verified:<p>Don't scan your eyeball for the World App. </p><p>Don't use the World App. </p><p>DON'T 🙅♀️👁️🗨️</p><p><a href="https://www.privacyguides.org/articles/2025/05/10/sam-altman-wants-your-eyeball/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">privacyguides.org/articles/202</span><span class="invisible">5/05/10/sam-altman-wants-your-eyeball/</span></a></p><p><a href="https://infosec.exchange/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://infosec.exchange/tags/WorldApp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WorldApp</span></a> <a href="https://infosec.exchange/tags/Orb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Orb</span></a> <a href="https://infosec.exchange/tags/SamAltman" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SamAltman</span></a> <a href="https://infosec.exchange/tags/Biometrics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Biometrics</span></a> <a href="https://infosec.exchange/tags/IrisScan" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IrisScan</span></a> <a href="https://infosec.exchange/tags/MassSurveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MassSurveillance</span></a> <a href="https://infosec.exchange/tags/AgeVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AgeVerification</span></a> <a href="https://infosec.exchange/tags/IdentityVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityVerification</span></a></p>
Europe Says<p><a href="https://www.europesays.com/2132294/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/2132294/</span><span class="invisible"></span></a> Financial Fraud Detection and Prevention Market Report <a href="https://pubeurope.com/tags/business" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>business</span></a> <a href="https://pubeurope.com/tags/FraudDetection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FraudDetection</span></a> <a href="https://pubeurope.com/tags/FraudDetectionAndPrevention" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FraudDetectionAndPrevention</span></a> <a href="https://pubeurope.com/tags/FraudPrevention" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FraudPrevention</span></a> <a href="https://pubeurope.com/tags/IdentityVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityVerification</span></a> <a href="https://pubeurope.com/tags/markets" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>markets</span></a> <a href="https://pubeurope.com/tags/ResearchAndMarkets" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ResearchAndMarkets</span></a> <a href="https://pubeurope.com/tags/ThreatIntelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntelligence</span></a></p>
Miguel Afonso Caetano<p>"Sam Altman’s iris-scanning, identify-verification technology startup says it will begin expanding to the US starting May 1 and will launch a phone-like hardware device by next year. Those changes—and a promised World-branded debit card—signal the company’s ambitions to develop a “super app”—a goal shared by Elon Musk.</p><p>Altman and Alex Blania, a German physics researcher, announced at an event in San Francisco Wednesday evening that their venture-backed company, Tools for Humanity, is updating its “World” products to include a new, smaller, eye-scanning orb. The device-and-app combo scans people’s irises, creates a unique user ID, stores that information on the blockchain, and uses it as a form of identity verification. If enough people adopt the app globally, the thinking goes, it could ostensibly thwart scammers.</p><p>Altman has expressed concern about the amount of fakery that new AI tools will enable, including the generative AI tools pioneered by his other startup, OpenAI, which is valued at $300 billion. So the World app, and its hardware component, are Altman’s solution to the problem."</p><p><a href="https://www.wired.com/story/sam-altman-orb-eyeball-scan-launch-us/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wired.com/story/sam-altman-orb</span><span class="invisible">-eyeball-scan-launch-us/</span></a></p><p><a href="https://tldr.nettime.org/tags/IdentityVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityVerification</span></a> <a href="https://tldr.nettime.org/tags/Biometrics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Biometrics</span></a> <a href="https://tldr.nettime.org/tags/FacialRecognition" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FacialRecognition</span></a> <a href="https://tldr.nettime.org/tags/World" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>World</span></a> <a href="https://tldr.nettime.org/tags/ToolsForHumanity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ToolsForHumanity</span></a> <a href="https://tldr.nettime.org/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://tldr.nettime.org/tags/Surveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Surveillance</span></a> <a href="https://tldr.nettime.org/tags/DataProtection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataProtection</span></a></p>
UK<p><a href="https://www.europesays.com/uk/62689/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/uk/62689/</span><span class="invisible"></span></a> Startup Persona Is Fighting The Internet’s Worsening AI Bot Problem <a href="https://pubeurope.com/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://pubeurope.com/tags/AIAgents" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIAgents</span></a> <a href="https://pubeurope.com/tags/ArtificialIntelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ArtificialIntelligence</span></a> <a href="https://pubeurope.com/tags/bots" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bots</span></a> <a href="https://pubeurope.com/tags/deepfake" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deepfake</span></a> <a href="https://pubeurope.com/tags/IDVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IDVerification</span></a> <a href="https://pubeurope.com/tags/IdentityVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityVerification</span></a> <a href="https://pubeurope.com/tags/Internet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Internet</span></a> <a href="https://pubeurope.com/tags/Persona" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Persona</span></a> <a href="https://pubeurope.com/tags/RickSong" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RickSong</span></a> <a href="https://pubeurope.com/tags/startup" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>startup</span></a> <a href="https://pubeurope.com/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://pubeurope.com/tags/UK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UK</span></a> <a href="https://pubeurope.com/tags/UnitedKingdom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UnitedKingdom</span></a></p>
Europe Says<p><a href="https://www.europesays.com/2015993/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/2015993/</span><span class="invisible"></span></a> Pairs dating app enters South Korea with AI match feature <a href="https://pubeurope.com/tags/AppStore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppStore</span></a> <a href="https://pubeurope.com/tags/ArtificialIntelligenceAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ArtificialIntelligenceAI</span></a> <a href="https://pubeurope.com/tags/DigitalTechnology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalTechnology</span></a> <a href="https://pubeurope.com/tags/GooglePlayStore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GooglePlayStore</span></a> <a href="https://pubeurope.com/tags/IdentityVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityVerification</span></a> <a href="https://pubeurope.com/tags/OnlineDating" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OnlineDating</span></a> <a href="https://pubeurope.com/tags/SouthKorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SouthKorea</span></a></p>
Nawaf Allohaibi<p>Bluesky Social<br>Version: 1.101 • 62.1 MB</p><p>We’re introducing a new layer of verification on Bluesky. Users may now be verified by Bluesky or by “Trusted Verifiers,” adding a checkmark next to their username which confirms their identity.</p><p><a href="https://mastodon.social/tags/Bluesky" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bluesky</span></a>, <a href="https://mastodon.social/tags/BlueskySocial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BlueskySocial</span></a>, <a href="https://mastodon.social/tags/AppUpdate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppUpdate</span></a>, <a href="https://mastodon.social/tags/IdentityVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityVerification</span></a>, <a href="https://mastodon.social/tags/TrustedVerifiers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TrustedVerifiers</span></a>, <a href="https://mastodon.social/tags/Checkmark" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Checkmark</span></a>, <a href="https://mastodon.social/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SocialMedia</span></a>.</p>
Erik van Straten<p>🚨 Identity fraud on Mastodon</p><p>Just a reminder that there is a lot of identity fraud happening on the internet, increasingly on Mastodon as well.</p><p>Often impersonators are easy to detect (like the ones below) - but sometimes existing accounts are taken over by criminals. Always keep in mind that someone on the internet interacting with you may (currently) not be who they claim to be.</p><p>This includes my account. If it does not sound like me, it may not be me. Having doubts and double checking are good habits. Reputation (good or bad) is a useful property for knowing who you're dealing with, and to help detect anomalies.</p><p>Accounts with a few or 0 followers, and hardly any or just plain pointless toots, may be bots or criminals coming after your money.</p><p>If someone appears to only follow random Mastodonts with lots of followers, either they're noobs or they're here with less friendly intentions. If they then start following possibly lonely people, they *may* be trying to gain their attention and trust - maybe for nefarious purposes.</p><p>🤔 Recently the following people started following the automated channel <a href="https://mastodon.world/@auschwitzmuseum/followers" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.world/@auschwitzmuseu</span><span class="invisible">m/followers</span></a>:</p><p>Kendal Jenner [1]<br>Jennifer Aniston [2]<br>Stephen King [3]<br>Keanu Reeves [4]<br>Keanu Reeves [5]</p><p>They all abuse the pictures of the real persons they impersonate (they're not just following the Auschwitz Memorial BTW).</p><p>[1] <a href="https://mastodon.social/@kendall01/following" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.social/@kendall01/fol</span><span class="invisible">lowing</span></a><br>[2] <a href="https://mastodon.social/@Jenniferaniston123/following" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.social/@Jenniferanist</span><span class="invisible">on123/following</span></a><br>[3] <a href="https://mastodon.social/@Stevenkvng/following" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.social/@Stevenkvng/fo</span><span class="invisible">llowing</span></a><br>[4] <a href="https://mastodon.social/@keanureeves1928/following" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.social/@keanureeves19</span><span class="invisible">28/following</span></a><br>[5] <a href="https://mastodon.social/@reeves001/following" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.social/@reeves001/fol</span><span class="invisible">lowing</span></a> (screenshot below)</p><p><a href="https://infosec.exchange/tags/IdentityFraud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityFraud</span></a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Impersonation</span></a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentication</span></a> <a href="https://infosec.exchange/tags/Identity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Identity</span></a> <a href="https://infosec.exchange/tags/IdentityVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityVerification</span></a> <a href="https://infosec.exchange/tags/Auschwitz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Auschwitz</span></a></p>
Europe Says<p><a href="https://www.europesays.com/1944668/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/1944668/</span><span class="invisible"></span></a> Trustly to Pilot Biometric Solution in Finland Before Rollout <a href="https://pubeurope.com/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentication</span></a> <a href="https://pubeurope.com/tags/BiometricAuthentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BiometricAuthentication</span></a> <a href="https://pubeurope.com/tags/Biometrics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Biometrics</span></a> <a href="https://pubeurope.com/tags/DigitalTransformation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalTransformation</span></a> <a href="https://pubeurope.com/tags/EMEA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EMEA</span></a> <a href="https://pubeurope.com/tags/finland" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>finland</span></a> <a href="https://pubeurope.com/tags/Gaming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Gaming</span></a> <a href="https://pubeurope.com/tags/IdentityVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityVerification</span></a> <a href="https://pubeurope.com/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://pubeurope.com/tags/PayByBank" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PayByBank</span></a> <a href="https://pubeurope.com/tags/PYMNTSNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PYMNTSNews</span></a> <a href="https://pubeurope.com/tags/Suomi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Suomi</span></a> <a href="https://pubeurope.com/tags/technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>technology</span></a> <a href="https://pubeurope.com/tags/Trustly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Trustly</span></a> <a href="https://pubeurope.com/tags/TrustlyID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TrustlyID</span></a> <a href="https://pubeurope.com/tags/uutiset" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>uutiset</span></a> <a href="https://pubeurope.com/tags/What" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>What</span></a>'sHot</p>
ResearchBuzz: Firehose<p>Lifehacker: Telegram Has a New Verification Strategy to Cut Down on Scams. Telegram has a new addition to how it conducts verification: Once an organization is verified, it can then apply to become a ‘third-party verifier,’ which lets them verify other accounts and chats it deems official, too. These verification badges will differ from the blue checkmarks, and will instead look like blue […]</p><p><a href="https://rbfirehose.com/2025/01/03/lifehacker-telegram-has-a-new-verification-strategy-to-cut-down-on-scams/" class="" rel="nofollow noopener" target="_blank">https://rbfirehose.com/2025/01/03/lifehacker-telegram-has-a-new-verification-strategy-to-cut-down-on-scams/</a></p>
Miguel Afonso Caetano<p><a href="https://tldr.nettime.org/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SocialMedia</span></a> <a href="https://tldr.nettime.org/tags/DigitalIDs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalIDs</span></a> <a href="https://tldr.nettime.org/tags/IdentityManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityManagement</span></a> <a href="https://tldr.nettime.org/tags/IdentityVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityVerification</span></a>: "Social media platforms have always served as mediators between people’s online identities. This has been noted by countless scholars of early social media (including Zizi Papacharissi, Nicole Ellison, danah boyd, and Alice Marwick) who study identity and self-presentation online. Allison Hearn’s work on the verified badge has explored this symbol’s relationship to self-presentation and identity management, looking specifically at the role that platforms like Twitter have come to play within the “identity management and verification market.” Emily van der Nagel has explored this dimension of verification as identification, or rather the “confirmation that an account is linked to a particular person.” Work in this area often centers on the “real name policies” adopted by social media companies during the early-to-mid period of Web 2.0, and the issues these policies posed for privacy and freedom of expression. Perhaps the most famous of these conflicts — known as the “nymwars” — emerged from a battle between proponents of online pseudonymity and Google’s brief attempt at a social media network, Google+, which required that users provide their “real names.” (As danah boyd argued at the time, the ire was overly focused on Google, when Facebook also had a damaging real names policy.)</p><p>But to understand the verified badge — the blue check as it emerged as a symbol not only of how platforms mediate identity, but also of power and status, and where those concepts meet — we need to go back to a conflict just slightly earlier in the history of social media: the battle between Friendsters and Fakesters."</p><p><a href="https://datasociety.net/points/a-working-history-of-the-verified-internet-2/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">datasociety.net/points/a-worki</span><span class="invisible">ng-history-of-the-verified-internet-2/</span></a></p>
Nikoloz K.<p>A North Korean operative nearly infiltrated a US company by posing as a software engineer using an AI-generated identity. This incident exposes critical weaknesses in hiring processes that nation-state actors are exploiting with growing sophistication.</p><p>Openly sharing information about incidents, mistakes and failures is essential for building trust and strengthening our industry's collective defenses. Kudos to KnowBe4 for their transparency in reporting this attempted infiltration.</p><p><a href="https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.knowbe4.com/how-a-north-k</span><span class="invisible">orean-fake-it-worker-tried-to-infiltrate-us</span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/HiringRisks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HiringRisks</span></a> <a href="https://infosec.exchange/tags/IdentityVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityVerification</span></a></p>
Erik van Straten<p><span class="h-card" translate="no"><a href="https://westergaard.social/users/kasperd" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>kasperd</span></a></span> : using Windows for sensitive tasks poses *way* more security risks than doing that on smartphones.</p><p>Side note: I've been trying to secure Windows desktops and servers for more than 25 years, and I can tell you this: YOU CAN'T. It's a huge legacy mess exposing an enormous attack surface. Properly fixing things would break too much. No way that throwing ISO 27k* at it will help - those are not even different worlds, but rather distant solar systems.</p><p>For most people, even using a Linux distro for critical tasks means taking more security risks than if they'd use a smartphone to do that.</p><p>On smartphones, users can still do stupid things, but -because of app separation- it is usually not the OS that introduces most security risks. Those risks are concentrated around installing apps with too many privileges (aka permissions) "to break the basic rules", such as required by RAT's (Remote Access Tools) like TeamViewer and AnyDesk.</p><p>Even knowing that there will always be risks that we're not (yet) aware of: in particular for ordinary users, Android and iOS significantly reduce risks compared to "desktop" operating systems.</p><p>Having said all that, IMO the risks of letting a smartphone represent our full identity is insane (such as when using eID/EDIW/EUDIW). Not primarily smartphones are to blame for that, but the internet is.</p><p>Authenticating mandates fully trusting the party that verifies and confirms your identity (*). The first step for trust is exactly knowing *which party* is verifying your identity. On the current internet, for most users it is impossible to distinguish between fake and authentic parties.</p><p>(*) For three reasons:<br>1) They won't let anyone in who claims to be you;<br>2) They won't, as an AitM, abuse your identity and verification data to authenticate as you elsewhere;<br>3) They *really* protect, and remove ASAP, all verification data immediately the verification took place (<a href="https://www.404media.co/id-verification-service-for-tiktok-uber-x-exposed-driver-licenses-au10tix/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">404media.co/id-verification-se</span><span class="invisible">rvice-for-tiktok-uber-x-exposed-driver-licenses-au10tix/</span></a>).</p><p><a href="https://infosec.exchange/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://infosec.exchange/tags/Smartphones" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Smartphones</span></a> <a href="https://infosec.exchange/tags/Risks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Risks</span></a> <a href="https://infosec.exchange/tags/SecurityRisks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityRisks</span></a> <a href="https://infosec.exchange/tags/CyberSecurityRisks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityRisks</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a> <a href="https://infosec.exchange/tags/iOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iOS</span></a> <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://infosec.exchange/tags/Identity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Identity</span></a> <a href="https://infosec.exchange/tags/Identification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Identification</span></a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentication</span></a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Impersonation</span></a> <a href="https://infosec.exchange/tags/eID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eID</span></a> <a href="https://infosec.exchange/tags/EDIW" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EDIW</span></a> <a href="https://infosec.exchange/tags/EUDIW" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EUDIW</span></a> <a href="https://infosec.exchange/tags/Wallet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wallet</span></a> <a href="https://infosec.exchange/tags/UsabilitySecurityBalance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UsabilitySecurityBalance</span></a> <a href="https://infosec.exchange/tags/SecurityUsabilityBalance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityUsabilityBalance</span></a> <a href="https://infosec.exchange/tags/Fake" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fake</span></a> <a href="https://infosec.exchange/tags/Authentic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentic</span></a> <a href="https://infosec.exchange/tags/IdentityVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityVerification</span></a></p>
Pyrzout :vm:<p>Selfie spoofing becomes popular identity document fraud technique <a href="https://www.helpnetsecurity.com/2024/05/10/identity-document-selfie-spoofing/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">helpnetsecurity.com/2024/05/10</span><span class="invisible">/identity-document-selfie-spoofing/</span></a> <a href="https://social.skynetcloud.site/tags/identityverification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>identityverification</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/report" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>report</span></a> <a href="https://social.skynetcloud.site/tags/Socure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Socure</span></a> <a href="https://social.skynetcloud.site/tags/survey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>survey</span></a> <a href="https://social.skynetcloud.site/tags/fraud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fraud</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a></p>
securityskeptic :donor: :verified:<p>My Interisle colleagues and I submitted a response to the U.S. Department of Commerce’s Notice of Proposed Rulemaking "Taking Additional Steps To Address the National Emergency With Respect to Significant Malicious Cyber-Enabled Activities" [ <a href="https://www.federalregister.gov/documents/2024/01/29/2024-01580/taking-additional-steps-to-address-the-national-emergency-with-respect-to-significant-malicious" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">federalregister.gov/documents/</span><span class="invisible">2024/01/29/2024-01580/taking-additional-steps-to-address-the-national-emergency-with-respect-to-significant-malicious</span></a> ]</p><p>This proposed rulemaking solicited comments on proposed special measures to deter foreign malicious cyber actors' use of U.S. IaaS products. Our comments consider the proposal of regulations to “verify the identity of foreign customers of IaaS products”, in particular noting that the DNS should be treated as an IaaS. Find our comment at <a href="https://www.regulations.gov/comment/DOC-2021-0007-0478" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">regulations.gov/comment/DOC-20</span><span class="invisible">21-0007-0478</span></a></p><p>[I'll note here that we commented within the proposed regs for "foreign customers". We believe that identity verification should not be limited to foreign customers but should encompass all customers.]</p><p>Interisle also commented on the proposal of regulations that “require providers of certain IaaS products to submit a report to the Secretary when a foreign person transacts with that provider or reseller to train a large Artificial Intelligence (AI) model with potential capabilities that could be used in malicious cyber-enabled activity”. Interisle’s comments are based on what we have observed analyzing cybercrime data from the Cybercrime Information Center, visit <a href="https://cybercrimeinfocenter.org" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">cybercrimeinfocenter.org</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/IAAS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IAAS</span></a> <a href="https://infosec.exchange/tags/DNS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DNS</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybercrime</span></a> <a href="https://infosec.exchange/tags/NPRM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NPRM</span></a> <a href="https://infosec.exchange/tags/identityverification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>identityverification</span></a> <a href="https://infosec.exchange/tags/uscyberregs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>uscyberregs</span></a></p>
Kirsty's Old Account<p>“The Identity Check system is aimed at becoming the primary way New Zealanders verify who they are online, for access to thousands of public and private services, from benefits to banks.</p><p>But officials are having to embark on a second year of tests after facial recognition system failed 45 percent of the time in the first lot of tests.“<br>It’s even worse on Maori. And <a href="https://infosec.exchange/tags/MSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MSD</span></a> is already integrating it into their systems.</p><p><a href="https://www.rnz.co.nz/news/national/501760/govt-facial-recognition-system-to-have-more-tests-after-low-success-rate" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">rnz.co.nz/news/national/501760</span><span class="invisible">/govt-facial-recognition-system-to-have-more-tests-after-low-success-rate</span></a><br><a href="https://infosec.exchange/tags/IdentityCheck" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityCheck</span></a> <a href="https://infosec.exchange/tags/IdentityVerification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityVerification</span></a> <a href="https://infosec.exchange/tags/FacialRecognition" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FacialRecognition</span></a> <a href="https://infosec.exchange/tags/FacialRecognitionAccuracy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FacialRecognitionAccuracy</span></a> <a href="https://infosec.exchange/tags/NZ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NZ</span></a> <a href="https://infosec.exchange/tags/NZTwits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NZTwits</span></a></p>
Lucy Albright (she/her)internet policy, age verification
Tech News Worldwide<p>Report: ID.me Lied About Pretty Much Everything While Providing Identification Services To The Government <br> <br> <a href="https://www.techdirt.com/2022/12/02/report-id-me-lied-about-pretty-much-everything-while-providing-identification-services-to-the-government/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">techdirt.com/2022/12/02/report</span><span class="invisible">-id-me-lied-about-pretty-much-everything-while-providing-identification-services-to-the-government/</span></a> <br> <br> <a href="https://aspiechattr.me/tags/identityverification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>identityverification</span></a> <a href="https://aspiechattr.me/tags/facialrecognition" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>facialrecognition</span></a> <a href="https://aspiechattr.me/tags/id" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>id</span></a>.me <a href="https://aspiechattr.me/tags/fraud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fraud</span></a> <a href="https://aspiechattr.me/tags/irs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>irs</span></a> #1</p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload