Twitter/X new ID Verification - First Look

DarkUFO@lemmy.world to Technology@lemmy.world – 1330 points –

Thanks to Popcrave https://twitter.com/popcrave/status/1691852136236327316?s=46&t=lcH0dp9biwkMEBKsRQeVeQ

Who here is going to put their ID and photo on X/Twitter

375

Nobody, absolutely nobody should trust that idiot with your ID.

If you always wanted to leak your ID to a bunch of hackers thanks to poor security practices, this is a great opportunity for you to do so

Nothing the credit agencies don't already leak every year or two...

or everyone could recognize that he is far more malevolent toward you than any hacker could possibly be, but yeah, they definitely have no security that worries about YOUR data

7 more...

It's not about trusting some idiot. It's about attaching your identity to your activities online. I remember when these websites used to advise against doxing yourself.

I mean this whole process is explicitly for the purpose of attaching your identity to your online activities. If you don't want to do it, just don't.

I shudder to think of what will happen when hackers inevitably get into Twitter servers and steal all those IDs though...

It’s not technically hacking when Elon leaves the door open after slamming his dick in it.

Yeah. I'd rather hand it over to the weird guy at the bus stop. At least he's not a billionaire douche bag.

1 more...

Guessing, millions of people will feel obligated to share their ID. Not everyone can be saved

Ironically, it's going to be a bunch of "libertarian" tech bros who use crypto for "privacy" who will be the first to give Musk (and by proxy every world government) their ID.

Probably most monero users dont use kyc exchanges so i dont think they will use kyc twitter let alone the first ones. This may kill twitter, but there is lots of stupid out there like those crypto and bitcoin users lol so you never know.

Shouldn’t trust Twitter users either, they’ll take an out of context joke you made back in 2011 and ruin your life over it.

Honestly, just fuck talking to people online. Literal no good will ever come of it. I’m just gonna stop communicating with people.

This shit is so dumb, no upside, only downsides

Many will just go along with this bollocks....🤦🏻‍♂️

Very interested to see how the “small government” crowd deals with this.

Didn't voat or truth social or something require IDs and the idiots all flocked to it?

I think that was Parler for the whole 3 mooches it was a thing.

Glad mooch remains a unit of measurement.

Dunno about the others, but I specifically remember Parler required users to attach their IDs to their profiles if they wanted to be verified.

1 more...
1 more...

He's gonna dox all the liberals/lefties. Wouldn't be surprised if this wasn't the original plan.

And journalists if they report on him negatively, or oppose his Russian “peace” talk suggestions, even if it puts their career in danger where they live. Peak freedom of speech absolutism!

10 more...

Twitter aside, if any website or app ever asks this of you, please nope the fuck out.

I guess it only occasionally makes sense for government web sites and banks. X might have ambitions to become a bank, so in that sense it might make sense.

So another piece of advice: if twitter ever asks you if you want to start using it for banking, nope the fuck out.

You Americans should get to this century and start performing digital strong authentications like the rest of us. Sending picture of your ID to anyone is insane :)

How we do it here in Finland is that there are digital identity providers which use bank/mobile carrier to identify you. They then use MFA when identifying you. Any service can use these services to do strong authentication for you. And they don't cost anything for the customer, and is really cheap for the company who wants to identify you. It is also build into the law that you must identify people using these, to avoid identity theft.

Half our country thinks that would be the mark of the Beast or some shit.

17 more...

Idk, I've got my hands in a lot of financial cookie jars, and I don't recall ever being asked for something like this. At the very least, not in this manner.

It's pretty standard for European banks thanks to Know Your Customer laws.

If you keep in mind that it’s only done with special certified subcontractors, then yes. I would never give that information directly to a company like X. And yes, also those special companies are more times shady than they should be, but still.

If you keep in mind that it’s only done with special certified subcontractors, then yes.

Dunno what you're talking about here but I've had to go through something similar every time I've opened a new account with a financial service.

But yeah, I would not trust Twitter/X either. Musk is too much of an emotional child following whatever whim takes his fancy that day.

I know there's a similar-ish process for accessing Spanish social security services online at least, and I believe it's the same for some other services as well.

Then again, Spanish public services are not exactly the gold standard for digitalization.

Wait are you Spanish too? Those websites look like they've been made by a secretary's cousin that only knew how to copy and paste in the 90s

I just have a few Spanish friends! And from what they're telling me that's probably exactly how these websites were made.

I have the opposite experience but maybe it’s just different in the EU

Yeah, PayPal sure as fuck ain't a bank. And the same douche started that.

Max Levchin, Peter Thiel, and Luke Nosek own Twitter?

The only government function that has ever wanted a "selfie" was for my drivers license and passport. Both of which feature that picture. But I've never done either through a site.

19 more...

It’s stupid as well, because it’s impossible to authenticate an id or passport from a photo. You can just photoshop something and send that in.

incorrect. it is actually fairly easy to authenticate an id or passport from a photo. Photoshopping something is easily spotted by a trained eye. Source i work as a document expert for an online ID verification company. the amount of fakes we spot each day are fairly large and its not all automatically processed. Also for those people that don't know where there data is proccesed. there are actually a lot of laws in place to protect your data for example for EU citizens

4 more...
4 more...

YouTube does this sadly.

Seriously???

Only if you want to watch adult-themed videos, which they have been more lenient towards after the introduction of YouTube Kids and this measure. NewPipe and yt-dlp can still stream them, though, and you could also interact with the video (like, comment, save to playlists) using the official frontend last time I checked.

More lenient?!

I like to watch people playing Hearts of Iron 4 (a WW2 strategy game) and most of the creators avoid saying "Hitler" to avoid getting demonetized and hit with an age check.

It's getting a lot worse.

What I meant is that fewer videos get removed when age-restricting them is an option. Demonetization of any keywords relating to objectionable topics is still ridiculous, though, especially when the company has major AI research labs that could figure out how to differentiate between use in historical context and propaganda. However, that does not pay the bills and they don’t need more users & creators to be happy about the platform.

Outside of services where you need to access it (ex. school / exams / government services), one beneficial one might be dating apps. There's an advantage to being verified.

Although none of them ask for ID from what I understand, just "hold up 3 fingers and take a touch your nose" or something...

29 more...

Don't do this. Delete your Xitter account and use Mastodon instead.

Man I never had a Twitter account to begin with, lol. Any Internet site that wants my ID can eat a dick instead because I will straight-up close that tab and 360 moonwalk right out the door.

9 more...

90s: stay anonymous, be careful with strangers, don't give up any more info than you have to. The internet can be a dangerous place. Also, supervise your kids and have them ask permission to go online.

2010s-2020s: livestream your life 24/7, use real names and emails everywhere when signing up for bullshit, hand your kid a phone and let them go buck wild as well.

How did we stray like this?

It's also ironic that the same generation of parents telling us to be careful online and "don't believe everything you see on TV" are the same ones that get their news from grifter pundits and divisive facebook memes generated by Russian bot farms.

It’s remarkable isn’t it? Now we’re the ones telling our parents to turn off the TV and get off the internet or it’ll rot their brains.

growing up these days includes realizing your parents are shameful hypocrites who are knowingly destroying the world

6 more...

Boomers love to give advice and they hate to follow it—even their own!

I still sign up for websites with the following credentials:

Joe Blow 6969 Penetration Ave Beverly Hills, California 90210

1 more...

governments and politicians got their hands on it

I miss the 90's, a better time for sure.

Feels quite dystopian at the moment.

7 more...

I, for one, want to thank Elon Musk for graciously backing up my highly sensitive government ID (that has my birthdate, eye color, height, weight), my biometric data, and likeness! It is such a nice thing to centralize all my most sensitive data into one giant honeypot waiting to meltdown. It is made even more appealing after he fired the entire staff responsible for maintaining this honeypot!

Over/under before data breach and this all gets leaked?

Considering all the past, current, and future disgruntled employees - I wouldn't be shocked at all by an insider leaking stuff like this. The company is unstable like its leadership - which isn't very trust-inspiring.

Well, that's a possibility too, but I was expecting that they just lose the data through over-work or negligence. Remember, this is the company that DDOS'd itself a month or two ago and had to be told about it on twitter...

Following the theory that the leadership at twitter actually hate the users and are decimating the platform on purpose for the lols, maybe the outcome you suggest is the plan.

Part of me believes this theory, because it's hard to imagine how someone even with the explicit stated purpose of destroying twitter could have topped the recent developments. It's almost as if what they're trying to do is embarrass and degrade the users.

It does say "for up to 30 days". Would've been better if it was 24 hours, but after the initial wave of verifications, there probably won't be much there.

That is assuming you can trust the company that does the verification for them.

Looking forward to the inevitable massive data breach.

Will be even more interesting when they inevitably hold the data for longer than the 30 days

it's not a matter of if, but a matter of when.

Man, Elon's got one hell of a boner for WeChat, huh? I honestly feel embarassed for him. WeChat is WeChat because it's Chinese -- there is no secret formula for Elon to steal. The circumstances which created WeChat simply do not exist in the west and IMO it should stay that way.

Tbf, I think he has wanted to have an everything app going back to his PayPal days. I still think it's a stupid idea for the American market.

There's an entire plotline in Startup where the main character is desperately trying to create an everything app after seeing someone in an Asian country with 1 app on their phone.

Spoiler alert - most of the development staff ends up quitting and it bombs on launch because nobody in the West is remotely interested in an "everything" app.

It exists. It's called android! Honestly though, that's why Google developed it. They wanted to maintain control and stay as the primary Internet portal for mobile users. Banking, messaging, gaming and productivity all passes through them.

We chat has similar in China but only because competitors were stifled. It won't work in the west as competition for any aspect will be better for some people and anticompetitive behavior will be clamped down on even if it started to work.

isn't weChat an app on android?

how does this comparison work?

It’s not the same. It’s Elon thinking it can be with an app, but it can’t. It’s google realising over 10 years ago that to have that level of control in the western markets, you need to have an entire platform, not an app. Elon can’t even get Twitter to do one thing well, let alone all the things.

1 more...
1 more...
2 more...

There is absolutely 0 chance I'm sending any documents to the clown in chief

There is absolutely 0 chance I'm sending any documents to the clown in chief

a clown has to make people laugh. it's a tough job.

imagine elonMusk trying to please people!

2 more...

Nobody noticed “Be prepared to take a sefie” !?

I can guarantee that this was pushed out the door without any actual forethought or planning. Because Elon probably decreed that it had to be done now, so the devs were forced to push to prod without any actual testing ahead of time.

i can’t think of a better way to handle the rollout of a new identity verification system

not my frist language, what's wrong with it?

Just a typo, should be "selfie". Indicates poor quality control.

it won't be mandatory, unfortunately. Would've loved to see another fediverse mass migration

The eternal september moment for the fediverse is very much coming

What makes you think we're not already there?

Once prominent celebrities and more news agencies start to come (and they will, the BBC is a sign of that) the culture will shift faster than you really realize. There is still an insular culture around the fediverse that tends to be a big barrier around entry for "normies" right now. Going on a mastodon instance as a new user with limited technical knowledge can be quite jarring especially if you step out of line of what it seen as culturally fitting for the fediverse

It's very much a nerd/geek environment at the moment. There isn't much for normies to look at..yet.

BBC R&D is a special case.. they're specifically there to try out new stuff. It isn't always reflected in the rest of the company. They implemented ipv6 years ago for example, but the main bbc website remains ipv4 only.

2 more...
2 more...
2 more...

Fuck. I was hoping Elon had a meltdown and made it mandatory.

Not that Elon having some of your more pedigree info could possibly ever go wrong!

Yeah I don't know who they ask to do this but I've been on Twitter since 2014 and they've never shown me this and if they mandated it I'd leave even though they already have my phone number and know who I'm.

2 more...

Ah yes, just take a photo of your id. Surely X can be trusted, right… right guys?

Sure it can. Just wait 'til it also becomes your banking app, keeping your money totally safe, then you'll be able to double trust it. Would space karen x ever lie to anyone? /s

Of course she wouldn't lie to anyone. Just wait 'til your totally safely kept money becomes programmable by central banks, regulating where you can spend it, when you can spend it, what you can spend it on, and builds a neat profile of yourself linking every single activity you do, online and offline. We wouldn't want any terrorists or bad citizens to be out there now, would we? /s

If they ever have a data breach I'm sure they'll totally do right by the consumer also 🙄

Wouldn't trust this clown with my digital words, let alone a copy of my actual ID

I'm sure they would offer 6 months of free credit screening as a consolation like all the other companies do. Just enter your social security number so they know what to look out for.

Online banks use this method. I am not happy with this either. It's government-regulated, so OK (sort of).

A social media site? No, thank you.

Banks are usually bound by KYC (know your customer) laws and are required to verify your identity. Imagine trusting some random third-party company with your photo ID though... Insane.

actually, two companies.
you give up your id forever to an id verification company + twitter stores it for 30 days

Well it's obvious that Musk wants X to be a bank, so this isn't unexpected.

Banks have significantly stronger security and PII measures than X ever will, as well.

yeah, that's obvious. you need a photo of your id in order to open a bank account...
they usually process the data on their own though without using third parties

1 more...

Exciting times for hackers !

Not only would you lose your SSN as an american citizen, you would also lose your credit score due to automated identity theft and possibly your mortgage (and more!)

I mean if you want your identity to be stolen, theres other equally fast ways

Hahahahaha no.

Besides, what makes them think I even have a government ID? I don't drive and I'd only need a passport if I had to leave the country.

Looooooooots of people don't have ID.

In america maybe. In lots of other countries every adult has an ID

In the US, you need an ID if you want an actual job or bank account. Apart from living on the streets or living in the woods, I'm not sure how you could function without one.

7 more...
7 more...

Looooooooots of people don’t have ID.

In the civilized world, this is pretty endemic to your country and is actually a problem there as I understand.

Personally, where I live, I couldn't even vote or reliably buy alcohol if I didn't have some form of ID to prove my identity or age (okay, I haven't been carded in years, but it COULD happen). This is OK because everyone is mandated to have ID anyway (and it's not in any way difficult to get one), so requiring ID for voting, for an example, doesn't discriminate against poor people like in the US.

That said, X still wouldn't get my ID. I haven't even given it to Google, despite them asking me for it so I could watch music videos with a lil bit of swearing or something (Funny thing being, my YouTube account is about old enough that in a year or 2 it can go buy beer here in the EU)

ID is expensive and many poor folk don’t have them, so the “problem” is politically powerful groups implementing ID laws to prevent poor folk from voting. If I didn’t have to have a license, I’d never carry an ID.

Why would an ID be expensive?

In Belgium it costs about 20€ to get one when you first turn 12. And 20€ if you ever lose it.

When people in the US talk about a classist system, it's more of the structure than the cost. There are state IDs that are inexpensive in most states, but the Motor Vehicles branch (or whatever the state calls their department) that issues the ID are frequently difficult to travel to in lower income areas. Occasionally, the branches are understaffed and information about what can be used as proof of ID isn't communicated clearly. Combine this with the US's poor labor laws, and it means that it's risky for someone to take off work, spend significant time getting to a DMV branch, waiting in line a long time because of understaffing, then be told they need more proof of ID and to do it all over again.

It's frustrating for me and I have a driver's license and a white-collar job so I can drive myself to the DMV easily and not worry about losing my job or losing a half-day's pay.

It's still kind of messy also because proof of birth by birth certificate wasn't required until relatively recently. My grandad was never issued a birth certificate. As far as the government is concerned, he didn't exist until he joined the army. We all have to take his word on when he was born and his name. He told it to the army and had no legal proof before then. So my state establishes identification without using birth certificates, which takes more paperwork and complications.

Additionally, they're pretty much only open during working hours, and they're set up to often be an hour+ wait because why staff more than 2 people? It's a monopoly on a service.

So the ID may only cost $20 but the travel + missed work adds up fast

sometimes I suspect that the DMVs job is to tell people to fuck off until they give up and stop trying. It’s a pretty effective form of voter suppression. You hit the nail on the head, I dont think I could have explained it better. Everything you said is particularly true in southern states where it disproportionately affects black people, they have the poorest infrastructure, no viable public transport, laws forbidding mail in voting and very limited polling places with that are open for very truncated operating hours.

They want two things to happen: ID to be expensive and Voter ID to be mandatory. Nobody wants the poors to vote, especially because statistically people of colour are more likely to be poor.

This is a very American thing isn't it ? To not have at least a passport

Not having a passport for sure is an American thing, but I believe we carry and are required to use our IDs more frequently than other countries , which usually comes in the form of a state-issued drivers license/state ID card.

We drive more often and that requires having it on you at all times. Also every store is pretty strictly required to check it when buying alcohol, tobacco, and marijuana. And having to be 21 to buy those things kind of presents more of a need to check it since it's harder to judge based on looks.

Tbh in the Europe Union and some extra countries like Switzerland you can move with your national Id between countries so again not that uncommon to not have a passport either.

1 more...

like no one here has a passport. It’s not like your boss is gonna let you leave the country anyway.

2 more...
17 more...

I am going to continue not having an account and not having to deal with this.

As soon as this is mandatory it's bye bye for my Twitter account. I don't use it for the most part anyway.

I just remembered this might be illegal in the EU. A digital service company is not allowed to process identifying information unless in very specific circumstances (e.g. online banking or government processes).

That's straight up incompatible with GDPR in my opinion.

Obligatory IANAL.

Normalizing proving who you are to random online companies. I can't see how this could backfire.

Is sefie the new covfefe?

I thought it was fake because of the typo, then I remembered that it's Xitter and they probably don't have someone proofreading stuff anymore.

Too bad Twitter didn't already have a fully-functional identity verification system 6 months ago, which didn't require the exposure of any sensitive PII. Would be crazy if that had been a thing, eh?

Au10tix

I wonder if Elon demanded they use this company for identity verification because of their creative use of the letter X

I absolutely would not dismiss this. In fact if you spun up a company that complimented Elon’s, he would 100% return your call I feel lol

5 more...

I genuinely don’t care about pretty much every other piece of drama related to X but I won’t be giving any social media or my government issued ID that won’t be happening.

It was already failing, now it's just going overkill.

I for one am thoroughly impressed (and depressed) at how much it is taking for people to actually leave.

Not a chance in hell I would give them that info

Send Melon your drivers license so he can remotely disable the brakes on your Tesla if you’re mean to him on “X”

1 more...

LOL, literally speedrunning Twitter's bankruptcy.

I have a thought that I can’t let go, that it has been the plan all along to get rid of twitter, but just buying it and shutting it down would cause too much trouble compared to just take crazy decisions until it crashes by itself.

Not something I strongly belief but a small thought that keeps returning.

I have a thought that I can’t let go,

It's going to be some batshit crazy idea that Elon makes bad decisions on purpose isn't it?

that it has been the plan all along to get rid of twitter, but just buying it and shutting it down would cause too much trouble compared to just take crazy decisions until it crashes by itself.

sigh, there it is.

didn't he try not to buy it and was forced by a court decision?

thinking that he is evil is to overrate elonMusk.

He thought he could do whatever he wants and whenever. Laws were there to remind him that his statements had consequences for him.

he is just making one decision after another.

1 more...
2 more...

✅ Biometrics and ID stored forever who-knows-where

✅ Continued data mining and exploitation

✅ Total surveillance state

💩 The enshittification continues. Gotta love it.

Seriously though... I'm not bullish on this platform. I don't know what it's turning into, but if it truly is a "WeChat of the West," it's not something I'm interested in participating in. And I don't wanna have a hand in building it.

In this route, it means that X would really become an identity platform.

And us being on this platform gives it value. Gives it validity.

I wonder every single day if it makes sense to leave the platforms in protest, or stay in the belly of the beast and raise awareness from within.

I see value in both, but I don't think there's a way to know which is the "correct" or "best" approach until you have hindsight.

Either way, it's clear that we don't matter for anything other than exploitation. The business model doesn't allow for anything else, really.

Side note: Here's a clean version of the URL: https://twitter.com/popcrave/status/1691852136236327316

(Remember to delete everything after the ampersand. Everything after it is an identifier.)

2 more...

I already hated twitter before, but this is a whole new league of bullshit.

If I'm actually verified, I probably won't be able to get away with saying half of the dumb things I say here.

So, that's a no from me.

Yeah, I don't want Musk knowing where my Mojo Dojo Casa House is. He'd just show up there and be weird.

2 more...

Are they requiring that?

I deleted my main, still have an AD. Guess that will probably be going too.

Imagine if this wasn't just for the blue check

I'm sure corpos would get absolutely horny to do this for every user, including Elon. If they don't now it's probably because they'd get too much backlash. Resist.

I've made a mistake by trying to restore a old Facebook account that I wanted to "delete", I even attempted it on two occasions, of course they demand an ID picture but their website is horrible with the phone camera so the pics always came out blurry so they always refused them.

Never again.

We’re going to find out in a few years that some congressman’s son or a defense contractor or whatever founded all these “ID verify” systems that are worse than nothing. State IDs will be useless in a few years after the 500th data breach and kids will be j/o to porn their ancestors couldn’t even imagine.

1 more...

What's stopping someone from printing a fake ID on paper? Also would a printed photo pass the "selfie" test?

This kind of verification usually works by the user being visible on camera and holding their ID up to the camera, turning it in multiple directions to show its safety features.

It's just the first step before TwitterX turns into an "everything" app.

They're really struggling with this whole "verification" thing. Maybe getting rid of verification on the first place just to sell an emoji next to people's name was a bad idea in the first place!

I figured major websites would start doing something like this sooner or later.

And no one is going to oppose it either, just roll over and take it, and bully their relatives and friend into blindly going along with it, too.

I always figured we'd end up with a forum like the one from ender's game. sucks tho.

never elon

I mean, I never used Twitter in the first place so I'm not the target audience; but this would be a hard pass for me.

where did this image come from?

2 more...

Might as well just publicly post your id photo on xitter, same amount of security

Well, if I hadn't dropped twitter when they called the CBC state run media, I would have over this.

I swear the God. It feels like Musk gets in a room to concoct how they can make their company shittier.

"Elon, how about if we make the app more appealing to a wider audience by moderating hate content?"

"No, but what about if we get rid of the reason why it's valuable, we rename it to a shitty name, we allow more hate and then we demand people to provide IDs?"

"Umm, sure.."

Coinbase? Is that you?

There's no way of knowing, they never shared their ID with me after I sent mine to them. Talk about a one way relationship...

1 more...

Instagram wanted similar for me to "reactivate your account after not logging in for an extended period of time"

Nope, Instagram is not that important to me. Fuck you Zuckerberg.

I just hope it doesn't become mandatory and if it does I'm getting the fuck out of "X"

It's definitely a good thing I ain't got an account on that dumpster fire nor am I ever gonna have one, especially with Musky Husky making the fire worse.

Anything you say can and will be used against you.