GrapheneOS user reported to authorities for using GrapheneOS
GrapheneOS user reported to authorities for using GrapheneOS
GrapheneOS 用户因使用该系统被举报至有关部门
glideB: I saw this on that site earlier today, thought it’d be worth a post.
[...] Yoti automatically flags [...] any devices running GrapheneOS. These instances are automatically reported both to the authorities and our security team.
glideB: 我今天早些时候在那个网站上看到了这个消息,觉得值得发个帖。
[...] Yoti 会自动标记 [...] 任何运行 GrapheneOS 的设备。这些情况会被自动上报给有关部门以及我们的安全团队。
If GOS identifies/differentiates itself to services such as Yoti, and services such as Yoti considers that worthy of being reported to law enforcement, then is GOS is just a huge “heatscore” moving forward into this Orwellian new era of age/id verification and every state/country having conflicting laws over who can say/do/3Dprint what, with what, to whom, and when?
如果 GOS 向 Yoti 等服务标识或区分自己,而 Yoti 等服务认为这值得向执法部门举报,那么在进入这个奥威尔式的年龄/身份验证新时代,且各国对于谁能说什么/做什么/打印什么、用什么工具、对谁、在何时都有着相互冲突的法律时,GOS 是否反而成了一个巨大的“招惹麻烦的信号”?
FlyingStars_: GrapheneOS devices can be fingerprinted due to its extensive exploit mitigation (for example, secure exec spawning) that are non-existent on other systems (side channel). An app can also detect GrapheneOS using the Hardware Attestation API, in which the app requests an attestation and matches the verifiedBootKey against the GrapheneOS boot keys.
FlyingStars_: GrapheneOS 设备可能会因为其广泛的漏洞缓解措施(例如安全执行生成)而被指纹识别,这些措施在其他系统上是不存在的(侧信道)。应用程序还可以使用硬件认证 API (Hardware Attestation API) 来检测 GrapheneOS,即应用程序请求认证并将 verifiedBootKey 与 GrapheneOS 的引导密钥进行匹配。
Since Yoti is an age verification company, it wouldn’t be surprising to see them have hostile attitudes towards projects that actually improve security and privacy. However, from the response, it shows that this company is ignorant and probably thinks that security & privacy is only for criminals. What a stupid take.
由于 Yoti 是一家年龄验证公司,看到他们对真正提升安全和隐私的项目持有敌对态度并不令人惊讶。然而,从他们的回复来看,这家公司显得非常无知,可能认为安全和隐私只是罪犯才需要的。真是愚蠢的观点。
xxx: This is sad. What’s about civic rights nowadays?
xxx: 这太可悲了。如今的公民权利到底怎么了?
GrapheneOS: This is fearmongering based on customer support making ridiculous claims to someone. There’s nothing illegal about using GrapheneOS and the customer support is nearly certainly making it all up to get the person to go away so the ticket can be considered closed. It’s unlikely the company has done anything to specifically detect GrapheneOS or ban using it. It’s far more likely they detect not using a Google Mobile Services operating system without modifications. This customer support person went on a power trip to scare someone and get the ticket closed.
GrapheneOS: 这是基于客服人员向用户做出荒谬声明而引发的恐慌。使用 GrapheneOS 没有任何违法之处,该客服几乎可以肯定是编造了这些话,目的是为了打发用户,从而关闭工单。该公司不太可能专门采取措施来检测或封禁 GrapheneOS。更有可能的是,他们检测到用户没有使用未经修改的 Google 移动服务 (GMS) 操作系统。这名客服人员只是在滥用职权,试图通过恐吓用户来结案。
legreteco: Wow, what a ridiculous situation. I hope Sony will switch their partner for age verification (it’s very unlikely though).
legreteco: 哇,真是荒谬的情况。我希望索尼能更换他们的年龄验证合作伙伴(尽管这不太可能)。
router99: The UK is absolutely done for, for so many reasons including this one. Orwellian shithole reinforced by two-tier justice.
router99: 英国彻底完了,原因有很多,包括这一点。这是一个由双重标准司法体系加固的奥威尔式烂摊子。
Johnnyloans: Wow, how dystopian
Johnnyloans: 哇,真是反乌托邦。
glideB: The grossest part is how they presumably went ahead and allowed him to use GOS long enough to upload his sensitive papers so that they would know WHO to report to the authorities for using GOS. He just blew that Proton mailbox’s anonymity.
glideB: 最恶心的地方在于,他们大概是先允许他使用 GOS,直到他上传了敏感文件,这样他们就知道该向有关部门举报“谁”在使用 GOS 了。他那个 Proton 邮箱的匿名性就这样被毁了。
GrapheneOS: Apps can easily detect the operating system they’re running on using many standard APIs or simply inspecting their own memory. It isn’t feasible to hide this from apps. It isn’t caused by GrapheneOS adding privacy and security protections.
GrapheneOS: 应用程序可以通过许多标准 API 或简单地检查自身内存,轻松检测到它们所运行的操作系统。想要对应用程序隐藏这一点是不可行的。这并不是因为 GrapheneOS 增加了隐私和安全保护所导致的。