I think we need to accept that age verification makes the internet safer. What we cannot accept is age verification's use as a mechanism to pry too far into peoples lives. When we can separate age verification from who am I, most people will be happier. What's tricky is who validates age? Your ISP? Your government? Your OS? A thirty party? Who accredits third-parties, and can you trust them? I'm convinced there's a way to solve this do we can keep the internet safe and not intrude massively on peoples privacy.
I think the creeping invasion of privacy argument is backwards here. What we have today isn’t privacy, it’s abdication. Platforms are externalising risk onto parents and pretending the internet is exempt from the safeguards we accept everywhere else.
Either the tech industry solves this, or governments will. That’s not ideology, it’s capitalism. If we don’t build workable, privacy-preserving primitives, regulation will arrive in the most blunt form possible.
There’s a reasonable middle ground. Identity can be a first-class citizen without being leaked to every website. I don’t need to hand over my name, address, or documents to prove I’m over 18. I need a yes/no assertion.
Imagine the browser exposing a capability like:
> “This site requires age verification. Are you over 18?”
The browser checks via a trusted third party credential and returns a boolean. No DOB. No tracking. No persistent identifier. Just a capability check, much closer to how physical ID works than today’s data-harvesting mess.
As a parent, I already police my kids as best I can, and it’s imperfect. But the offline world has friction and gates: bars check ID, cinemas enforce ratings, shops refuse sales. Those mitigations don’t make parents redundant; they support them.
Online, we’ve chosen to pretend none of that is possible. That’s not a principled privacy stance.
If we don’t design these primitives ourselves, we will get crude, insecure age databases, mandatory uploads of passports, or blanket bans instead. This is the least bad option, not a slippery slope. Collectively we have solved far harder problems.
I don't think it's possible? You could imagine some sort of certificate scheme where the govt issues a thing that says to a 3rd party "we certify this person is 18 but in a way that doesn't reveal who they are". You could also implement that in a way where, even if the 3rd party reports the details of an authorisation to the govt, the govt can't say who was involved in that auth.
But in the latter case, the system is wildly open to abuse coz nobody can detect if every teenager in the country is using Auth Georg's cert. The only way for that to be possible is if the tokens let you psuedonymise Georg at which point it's no longer private.
The answer is to leave this shit to parents. It's not the government's job. It's not the government's business.
That's what got us in to the current public health emergency. It is a luxury we cannot afford if we are to stand a chance to get out. https://www.bmj.com/content/392/bmj.s125
If the parents don’t see it as an issue then the state should not be forcing its way in, especially considering the harm to privacy and free speech. This is an area where reasonable people can disagree as to what the correct parenting approach is, so the state should not enforce a particular approach. If anything they should focus on making it easier for parents to set their own limits at the device level.
...except when the harm spreads far beyond the family.
"We have reached an inflection point. We are facing nothing short of a societal catastrophe caused by the fact that so many of our children are addicted to social media." says the Lord proposing the UK ban.
When it was a luxury we couldn't afford because of "terrorism" I was doubtful. Now that it's a luxury we cannot afford because of the "public health" effects of teenagers using TikTok, I am starting to struggle to identify a good-faith argument.
That's an epic polemic. If the cost of operating in Italy isn't profitable, exit Italy. If it is, then adhere to the laws of Italy. If Italy makes the cost of business too high they'll dial it back.
But in all seriousness, LLMs have their strengths but we’re all wasting tokens and burning the planet unnecessarily getting LLMs to work so inefficiently. Use the best tool for the job; make the tools easier to use by LLMs. This mantra is applicable generally. Not just for coding.
I hope in a couple of years the industry would have outgrown this adolescene and we'll all collectively look back at this horribly inefficient and poorly engineered tooling with disdain. We need to as these things are literally causing harm to the planet (energy, water, raw materials, geopolitics)
Microsoft are really sweating GitHub now aren't they? It wouldn't be so bad if it improving but there is certainly a perception that it is costing more for a poorer product, irrespective of the new features they're layering on.
A UK organisation with treasonous, multi-generational experience, that's cited in the article, that people refuse to read or believe? Thanks for re-sharing <3
After 2008, others pressed Keynesian stimulus. The UK chose Hayek. Austerity. Councils took the hit. Services vanished. Early-years centres. Youth work. Local welfare. The safety net thinned, then tore. Families slipped through.
Then Covid. Then Ukraine. Prices surged. Wages didn’t. A decade of inflation stacked up while pay stood still. For many, that was a silent pay cut.
Truss turned strain into crisis. Unfunded tax cuts. Markets panicked. Gilt yields spiked. Mortgage costs jumped overnight. Another blow to households already on the edge.
So we end up where CNN reports: record child poverty, even among full-time workers; parents unable to cover the basics as the social architecture collapses.
Into that anger steps Reform UK. They offer a protest vote. But their plan is the same old mix: deep cuts, a smaller state, and migration as the scapegoat. The very recipe that helped bring us here.
Huh? There were stimulus packages under Gordon Brown, up until 2010. http://news.bbc.co.uk/1/hi/uk_politics/7745340.stm
Then until 2012 the Bank of England did a lot of "quantitative easing", hundreds of billions of pounds of it, supposedly a kind of stimulus.
I'm using sqlglot to parse hundreds of old mysql back up files to find diffs of schemas. The joys of legacy code. I've found hypothesis to be super helpful for tightening up my parser. I've identified properties (invariants) and built some strategies. I can now generate many more permutations of DDL than I'd thought of before. And I have absolutely confidence in what I'm running.
I started off TDD covered the basics. Learned what I needed to learn about the files I'm dealing with, edge cases, sqlglot and then I moved onto Hypothesis for extra confidence.
I'm curious to see if it'll help with commands for APIs. I nothing else it'll help me appreciate how liberal my API is when perhaps I don't want it to be?
You might find schemathesis useful for API testing (which IIRC is built on Hypothesis). Certainly helped me find a stack of unhandled edge cases.
YMMV, but once I first set up Schemathesis on one of my MVPs, it took several hours to iron out the kinks. But thereafter, if built into CI, I've found it guards against regression quite effectively.
pretty nice tool, helped us poke into our app in ways we didn't foresee
also pretty happy to see the reports of thousands or api calls that matched the expected responses, that increases the confidence you have in your system
Hi! Author of Schemathesis here, really glad to hear it helped you uncover those edge cases.
If any of those bugs were in public or open-source APIs, I’d love to feature them in our new “trophy case”: https://github.com/schemathesis/schemathesis/issues/new?temp...
I agree with this. cat is great for "cating" bat is great for throwing shit on the terminal in a fashion that makes it semantically easier to reason with, two different use cases.
reply