Twitter/X new ID Verification - First Look
cross-posted from: https://lemmy.world/post/3291604
Thanks to Popcrave https://twitter.com/popcrave/status/1691852136236327316?s=46&t=lcH0dp9biwkMEBKsRQeVeQ
Who here is going to put their ID and photo on X/Twitter
You are viewing a single comment
From the text on there, you can see it's probably not that insecure. Au10tix is the company actually doing the identity verification and they're an Israel-based company that seems to be pretty legit. I bet X only stores the data in-memory while they send it over to the appropriate APIs or something like that.
Not that I trust them anyway with who's in charge over there.
As a Cyber Security professional I am telling you now, it is not a matter of “if” Au10tix get hacked and leak data it is when.
Everyone should minimise the number of companies with important Personally Identifiable Information to prevent identity theft and other scams.
Companies are not trustworthy while they are motivated solely by profit.
I would hope that people who have embraced the Fediverse concept over corporate options would be more discerning with their personal information.
The text says that you give X permission to store the image of your id for 30 days. If you trust them to delete it after that, then I don’t know how to help you.
Even if they do delete them, there will be millions of id images stored at any time.
What's the worst thing that could happen? I mean, we're already spied on constantly anyways.
Would you mind proxying all your data through my server? I MITM all TLS traffic, but as you're already being spied on constantly anyways, there's really no harm in opening yet another possible hole, right?
Sure, DM me the details.