EU Age Verification Hacked in 2 Minutes: What Happened

bigbugbag

How Paul Moore broke the EU age verification app in 2 minutes, the 8 confirmed vulnerabilities and the emergency patch 24 hours later. Full analysis.

GuB-42

It is a good exercise, but in practice, what's the big deal? Even if the app is bulletproof, age verification will get bypassed. Account sharing, file sharing, darknets, etc... It mostly prevents kids from stumbling upon content that isn't meant for them, but it won't resist deliberate attacks for long, especially if the parents are complacent. And for that, the EU Age Verification app looks fine, especially now what the easy bugs are fixed.

kelseyfrog

For the same reason, I don't use sudo. Despite being patched, the presence of prior vulnerabilities [1] and hacks makes it fundamentally not trustworthy. 1. https://app.opencve.io/cve/?vendor=sudo_project

Woodi

Excuse me but why there are no parents in the loop ? They are first line of kids defence and best suited for that: truly biological need. Not to mention such secondary thing like law obligations. No technical system can bit that. Only make things half baked and stupid or abusive on privacy, logic and actual reality. Kids are parents kids not some context-less socialist/bureaucracy/german invasive ideology creatures. If you want to do inventory checking for all that future migrants generations do it like you do with actual humans and not via some outdated and hackable inferior piece of hardware.