Places that support Apple's digital ID / Wallet state ID do so by utilizing a an identity reader that the user taps their phone against after selecting which info they want to convey. It is not meant for the owner to physically show the phone to the requesting party.
I'm sure this will happen in some cases especially in the interim where digital ID is technically not accepted but the person doesn't have their physical ID. An example would be a traffic stop in a state that currently supports digital state ID since usually the digital ID is basically only supported at TSA currently. But the cop looking at your phone doesn't add any more authenticity vs you just verbalizing the info and them writing it down which is what they usually do if someone has a photo of their missing ID.
Also, Apple cleverly designed it so if phone is in locked state and you activate wallet and select ID, the biometric scan it does doesn't unlock the entire phone and trying to get into the rest of phone requires another biometric scan or phone password.
From the article "Users do not need to unlock, show, or hand over their device to present their ID."
That assumes every LEO, bodega, grocery store, etc. goes out and buys the terminals to read these things though. Assuming LEOs you encounter will never just say "sorry, my reader is broken, go ahead and unlock your phone so I can bring it back to my car and type in your info to look up your license" feels naive, especially for folks with darker skin tones.
I agree it's possible to present your ID without unlocking your phone, but is it likely?
It is likely that the reader will be implemented into a phone / tablet app so will be pretty ubiquitous eventually.
FWIW it will never technically be legal to rely on visually looking at someones phone to verify age / id bc it would be incredibly easy to fake the display and physical interaction. The only reason it can work as an ID is if it is digitally verified by a reader.
But I do agree that especially in the interim there will be cases where LEO will coerce a phone handover but I don't think this will be a long term problem since physical interaction with the phone does nothing to verify authenticity. You may as well hand them a piece of paper you printed out with your info.
> It is likely that the reader will be implemented into a phone / tablet app so will be pretty ubiquitous eventually.
They may wind up ubiquitous, but reader usage will be determined by the officers in the field, on a case by case basis. Take a look at jurisdictions where body cameras are mandated but are turned off, or intentionally obstructed.
I think you're forgetting about flights. And country borders. And I'm not sure how much luck you're going to have opening a bank account... does your birth certificate work for that?
As for birth certificate, it is a document that shows you are a citizenship and does identify you and can be used. It’s common in other countries as a document to open back accounts so in many ways it can in the USA.
Unless you're trying to be unnecessarily pedantic, yes you do.
There are exceptions like if you're a minor, if you're a passenger on a general aviation flight instead of a commercial one, etc.
But if you're an adult and you want to hop on a commercial flight from JFK to LAX, you need government-issued photo ID, period. You're not getting through security otherwise.
"I forgot my identification; can I still proceed through security screening?
In the event you arrive at the airport without acceptable identification (whether lost, stolen, or otherwise), you may still be allowed to fly. By providing additional information, TSA has other ways to confirm your identity so you can reach your flight."
Every USA airline has this documentaiton, and TSA has this documentation on their website too.
>Unless you're trying to be unnecessarily pedantic, yes you do.
Edge cases should be accounted for IRL. People like you are the reason why the right to privacy is being eroded away constantly.
>But if you're an adult and you want to hop on a commercial flight from JFK to LAX, you need government-issued photo ID, period. You're not getting through security otherwise.
The evidence I presented above states you can. Whether or not it's seamless or comfortable isn't a discussion, nor should it be "pedantic" to know the rules presented by these organizations.
If you forget your ID, then the extra screening will attempt to find existence of the ID in databases. The ID still needs to have been issued in the first place. This is mainly if you lose your driver's license while traveling, it lets you get back home. It is in no way some kind of general-purpose mechanism for flying without ID. And it's a gigantic hassle that may take hours at the airport to sort out, leading you to miss your flight and wait to be rebooked.
You're absolutely being pedantic and argumentative, and I can't even begin to imagine why. I assume you know perfectly well that an ID is required to fly as the general rule. I can't imagine what you think you're trying to accomplish by arguing otherwise.
And if you really want to be pedantic, note that the word used is "may", not "shall":
> In the event you arrive at the airport without acceptable identification (whether lost, stolen, or otherwise), you may still be allowed to fly.
Odd use of Twilio for just a SIP Trunk provider. They also offer programmable voice SIP, a product that is a distinct offering from the Elastic SIP trunking used here. With PV SIP you can directly register the Grandstream HT801 ATA to a programmable SIP endpoint on Twilio and move all the programming logic, including text to speech, to a Twilio serverless "function" and completely cut out the need for a RasPi and Asterisk.
Also FYI for those who do want to use Asterisk behind CGNAT and cannot open ports - if you use PV SIP you can also register it as a Trunk in Asterisk and it can then receive inbound calls over the connection established by the outbound registration with simple a simple Twiml bin that routes whatever Twilio numbers you want to the SIP user you used to register the Asterisk's SIP Trunk. Asterisks can can then use inbound number plan to further route the inbound call as needed.
What is really egregious is that apple still touts the T2 security benefits on their site and completely ignores the fact that it can be compromised. This in fact does make it harder to take Apple's hardware security claims at face value knowing what they know about T2 vs what they put out in their resources.
You are probably complaining about calls on a cell line but if happens to be landline, I ported one over to Twilio and actually used it to eliminate spam calls by requiring non whitelisted callers to press 2 digits to continue the call. And also saving about 7x compared to AT&T landline cost.
Connected a voip phone to it via programmable SIP.
Ahh sorry I forgot I'm using the Twilio ekata_reverse_phone addon that you can get in twilio marketplace so I have carrier info in the lookup response.
I guess then whether it is 100% on Twilio being the carrier is a little less likely but I tested a few more twilio numbers I know and they all returned with Twilio as carrier.
It is not really being sprung on them with how long it has existed. Not at all like continuing recording on a webcam where you might say things never intended for the party receiving it.
Are ppl who don't even know DKIM exists but know they have shady emails saved in the cloud or on their personal really just banking on repudiation and thats why they take no other action like deleting the email or putting more thought into emails they send? Seriously doubt it.
Exactly bc of statute of limitations, they would not have to look over their shoulders for the rest of their lives because of one poorly written email.
Consent needs to be given freely, with knowledge of what you’re consenting to. If it’s not free and knowledgeable, it’s not consent.
I certainly didn’t realise that DKIM can be used as a non-repudiation signature, I’m sure most people using email don’t.
Thus there’s no consent and I would say that non-repudiation has been sprung on me.
The duration has nothing to do with it. Just because you can keep a camera hidden in someones room for an extended period of time doesn’t mean it’s ethical or consensual to record them.
Finally statues of limitations don’t protect people from a trial in social media. Social media is just as capable as the justice system of destroying a persons life. Unfortunately Twitter doesn’t have a statue of limitations.
I think it is less about user behavior and understanding than it is about the incentives it creates for nefarious actors. Basically, if emails can't be cryptographically verified then stealing a bunch of emails and anonymously dumping them somewhere is pointless since most people would probably not consider them authentic.
Yes. I have seen first hand where it was used to help accelerate out of court agreement without needing a lawsuit. Basically a 3rd party had one of their outlook user accounts compromised by a bad actor who used it to tell another company new instructions for something.
The 3rd party tried to say other company fell for a phishing email and it was their fault but because of DKIM it was immediately provable that instead 3rd party was compromised and email legit sent from their o365 and they were pretending like they didn't know this. This all got disputed maybe a year after email sent.
Love Matthew Green but I personally am not a fan of this proposal. It doesn't fully achieve what he wants bc its only gmail and timing of compromise would be key. Most of the email hacks have actually been very much in the public interest despite being unethical. Breaches also lead to more productive work by companies in better securing accounts and better protecting sensitive information which google has been doing with account security and adding expiring messages.
Like do we really want companies to just continue sloppily sending customer info in email bc they can deny its legit or should they focus on not getting this info compromised to begin with?
Also, for ransomeware groups that now post data when not paid, it is not really seeming like too big of a disincentive that there is repudiation regarding the files they post.
Those "ads" are not nearly as intrusive as the ones being displayed in the article, second I have found them to be mostly useful in that I've found a couple new shows because of those "ads".
Disabling them is also fairly easy, and if you don't use the TV app, they go away entirely.
Smart TV manufacturers are relying on the ongoing revenue from their software side nowadays, so they’ll usually mandate setting up an internet connection as part of the device setup process, and then only give you the option to change networks instead of disabling it outright.
If you’re tech savvy, you can take measures against this, but it’s not going to be simple for most folks.
You also have to worry about ethernet-over-HDMI unintentionally exposing the TV to the wider internet.
How "usually" is this, actually? I bought an LG TV about a year ago, and it did not force me to connect to the Internet. I just turned it on, skipped the crap, and it works fine over HDMI.
During guided setup, it will scan for wireless networks, but one option is always "I do not want to connect" where the TV continues in unconnected mode.
If anyone else is dealing with this you can try temporarily setting up a new SSID (on your phone or existing network) and then getting rid of it after setup is finished.
I'm sure this will happen in some cases especially in the interim where digital ID is technically not accepted but the person doesn't have their physical ID. An example would be a traffic stop in a state that currently supports digital state ID since usually the digital ID is basically only supported at TSA currently. But the cop looking at your phone doesn't add any more authenticity vs you just verbalizing the info and them writing it down which is what they usually do if someone has a photo of their missing ID.
Also, Apple cleverly designed it so if phone is in locked state and you activate wallet and select ID, the biometric scan it does doesn't unlock the entire phone and trying to get into the rest of phone requires another biometric scan or phone password.
From the article "Users do not need to unlock, show, or hand over their device to present their ID."