this post was submitted on 08 Dec 2024

398 points (92.9% liked)

Privacy

32400 readers

161 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

398

I realized why governments are so fast in approving digital ID cards on smartphones (feddit.it)

submitted 1 week ago by Moonrise2473@feddit.it to c/privacy@lemmy.ml

149 comments fedilink hide all child comments

In my (European) country now we can have a digital copy of the driving license on the phone. It specifically says that it's valid to be presented to law enforcement officers during a check.

I saw amazed in the beginning. They went from limited beta testing to full scale nationwide launch in just two months. Unbelievable. And I even thought "wow this is so convenient I won't need to take the wallet with me anymore". I installed the government app and signed up with my government id and I got my digital driving license.

Then yesterday I got stopped by a random roadblock check and police asked me my id card. I was eager to immediately try the new app and show them the digital version, but then because music was playing via Bluetooth and I didn't want to pause it, i just gave the real one.

They took it and went back to their patrol for a full five minutes while they were doing background checks on me.

That means if I used the digital version, they would had unlimited access to all my digital life. Photos, emails, chats, from decades ago.

What are you are going to do, you expect that they just scan the qr code on the window, but they take the phone from your hand. Are you going to complain raising doubts? Or even say "wait I pin the app with a lock so you can't see the content?"

"I have nothing to hide" but surely when searching for some keywords something is going to pop-up. Maybe you did some ironic statement and now they want to know more about that.

And this is a godsend for the secret services. They no longer need to buy zero day exploits for infecting their targets, they can just cosplay as a patrol and have the victim hand the unlocked phone, for easy malware installation

Immediately uninstalled the government app, went back to traditional documents.

(page 3) 50 comments

sorted by: hot top controversial new old

[–] HiddenLayer555@lemmy.ml 1 points 1 week ago* (last edited 1 week ago)

[–] Niquarl@lemmy.ml 1 points 1 week ago (1 children)

I've always just shown a scan of my ID on my phone. It's just a picture?

[–] Moonrise2473@feddit.it 1 points 1 week ago

and they accept that as a valid id? I mean in a store ok, but a public official? It's incredibly easy to make a fake screenshot

the digital version of id cards are glorified qr codes: they scan it and their device downloads from the government servers the official version. Or, for offline usage: the qr code contains all the data, signed with their key, they check if the signature is valid

[–] rottingleaf@lemmy.world 1 points 1 week ago

I'm thinking of going stoic and dropping anything Android, but this would require setting up an emulator working good enough for WhatsApp, Google Authenticator, MS Authenticator and probably something else.

[–] QuazarOmega@lemy.lol 1 points 1 week ago

For the most surface level concerns like risking them accessing any app on your phone, you can enable app lock on those that support it. Usually the most sensitive do: WhatsApp, Signal, banking apps and others.
If they don't, take advantage of the private space which locks apps until you unlock, and you can relock whenever you want

[–] SpiceDealer@lemmy.world 1 points 1 week ago (1 children)

What's the possibility and legality of something like getting implemented in the US?

[–] CMonster@discuss.online 1 points 1 week ago (1 children)

drivers licensees are by state and my only federal id is my ss card which doesnt have my picture or any current information. i dont think it would work as well here since you would need 50 different apps

[–] SuperNinjaFury@lemm.ee 1 points 1 week ago

Google wallet has begun implementing state IDs depending on the state.

[–] jagged_circle@feddit.nl 1 points 1 week ago

Yeah, as a rule you should always turn off your phone before approaching any control point like that

[–] pkill@programming.dev 0 points 1 week ago (5 children)

But they have one advantage: They are way easier to counterfeit. Meaning that with a few months of programming at most, if you ever find yourself on a run, you'll be able to ID yourself on trains or buses or check in to hotels with fake personal info.

[–] Moonrise2473@feddit.it 1 points 1 week ago

i don't think that there's no check at all. There's either a server side check or a digital signature to verify, or both. You can trick the train ticket check (here they don't even scan the qr code, they see the screen on the phone and continue) or the lazy airbnb landlord, but that can be done also today

load more comments (4 replies)

load more comments