Hacker News

W – The European social network for verified humans

43 points by layer8 ago | 29 comments

quiet35 |next [-]

I am just gonna leave it here.

Privacy Policy:

3.2. Identity verification through W Identity. To create a W Social account, you must first verify your identity through W Identity. W Identity operates an independent identity verification service that allows you to verify your identity once and then selectively share verified attributes with third-party applications under your control.

3.3. During the W Identity verification process, you will be asked to provide your phone number, email address, and date of birth, and to verify your identity using an official passport (via photo or NFC scan) and a selfie. This process is governed by W Identity’s own terms of service and privacy notice [...]

From the "W Identity" Play Store page:

Data that may be shared with other companies or organizations:

Personal info: Name, Email address, User IDs, and Other info

Photos and videos: Photos

Location: Approximate location

Messages: Other in-app messages

Device or other IDs

lbreakjai |root |parent |next [-]

Those social platforms should really have a "import my information from a previous data leak" button.

lxgr |root |parent |next |previous [-]

Wow, they’re collecting a bunch of PII instead of using the zero-knowledge proof of humanity thing that the EU ID wallet is supposed to support?

How uneuropean.

pixel_popping |root |parent |next [-]

Weak developers, weak leaders, no talent. All of those including the location can be recorded anonymously and securely.

perching_aix |root |parent |previous [-]

This but unsarcastically, much to your dismay I'm sure, as usual.

InterlooperX |root |parent |next |previous [-]

Wow. Is that all? And here I though, iris scans, dna sample and the promise of my eventual first born would be in there. What a bargain.

Can't wait to do this and then get to use my "W account" to log into pornhub...

petre |root |parent [-]

Logging into pornhub to require authentication similar to the nuclear briefcase. /s

lschueller |root |parent |next |previous [-]

The number of websites and services with really bad ai layout and a perverted thirst for emails are skyrocketing lately... This has just a closed, undocumentd inhouse verification service on top. I can't find any useful info about the verififcation app.

andrewstuart |root |parent |next |previous [-]

They should just hand all that stuff directly to criminals. Cut out the middle man of when their systems are hacked, saving everyone time and stress.

wolvoleo |root |parent |previous [-]

Yeah lol no. That's exactly what I don't want in social media.

pixel_popping |root |parent [-]

Trust me bro.

recursivecaveat |next |previous [-]

I appreciate the sentiment I guess, but you can't really verify the human-ness of a poster. At best you can validate that at some point(s) they completed a human-is-present check. Doesn't necessarily mean anything about a given post. Moltbook (wow that feels like forever ago) has the inverse problem: you can just larp as a kooky bot. At best maybe you can do something like limit the number of bots to the number of people who are willing to set aside their personal credentials, which is probably way more bots than you can stand.

perching_aix |root |parent [-]

They could tie the identities to governmental identities in a blind manner.

The pitfalls are as follows:

- the governments can just arbitrarily manufacture identities

- identities (govt and this) can be stolen

- identities can be misused (coercively or consensually, e.g. by passing on access to another person or automation)

Still would beat the current state of affairs, which is piss-all identity attestation, but then they're not actually doing this. They're scanning official documents and go LGTM + pinky promise. Hard skip.

pixel_popping |root |parent [-]

When sending identity to a remote server in cleartext, you must assume that you are giving away the data associated with it, it's just basic security principles, if the engineers behind this don't care enough to KYC using cryptographic ways which already exists, then you can be sure there is some sort of incompetency and/or malice :)

If I browse an http website, then I know that someone could be using the data, if I put my passport somewhere, then I know someone could as well, apparently having thousand of leaks every year isn't enough of a proof to people :/

sakjur |next |previous [-]

There's a C-suite of five people and a board of advisors I couldn't be bothered to count before their public beta for an AtProto instance.

That just seems too heavy an operation for my taste. Seems prone to either infighting or raising too much early capital.

severine |next |previous [-]

Some points raised here seem worth pointing out: https://blog.elenarossini.com/w-social-uncovered-the-reality...

tardedmeme |next |previous [-]

Signed up several accounts for the beta. Let's see how much of a photoshop they'll accept as verification.

pixel_popping |root |parent |next [-]

It's flawed as well, all KYC-accounts are available for sale in many places, example Wise accounts, FB KYC verified accounts and so on, can buy by the thousands.

You can also just pay people to KYC (very easy) or do a "KYC Proxy with some DOM mirroring" with a fake service, ton of ways if you are a bit creative and have talent.

It does absolutely NOT prove that you are seeing human-made posts but incompetent users might believe so, I give them that.

Paradigm2020 |root |parent |previous [-]

Do share later as a post :)

zoobab |next |previous [-]

Boycott.

My social network is IRC, never needed to reveal my ID behind my nickname.

wolvoleo |root |parent [-]

Even here it's not necessary to give even an email address. Greatly appreciated.

ktallett |next |previous [-]

On the day I have deleted all social network accounts bar Mastodon, as I have realised I just don't care anymore. Any one I want in my life, I have the phone number of, any one I can take or leave I don't. Mastodon is more than enough for exploring and finding interesting projects that I otherwise wouldn't have learned about.

lgcmo |next |previous [-]

The website performance is not confidence inspiring

rie_t |next |previous [-]

This website is so laggy I can barely even scroll.

metalman |next |previous [-]

please take this, as part tounge in cheek and legitimate comment

what, exactly, has "european" got to do with bieng a "verified human"

maybe I should ask a dog

hoppyhoppy2 |root |parent [-]

Users can be from anywhere in the world, but they're making a selling point of it being built in Europe, hosted on European infrastructure, and governed by European law. The linked page shows this pretty clearly, I think.

dddaria |previous [-]

Nobody should trust the EU

extraduder_ire |root |parent |next [-]

What does this have to do with the EU?

geek_at |root |parent |next |previous [-]

Unless you're not blind to all things we have because of them