They may not be against content restriction, instead they may be against removal of user privacy or anonymity. If the proof of age thing was some kind of zero knowledge proof such that the age verifying group has no knowledge of what you're accessing, and the site you're accessing has no knowledge of you as an individual (beyond tells like IP address etc.) then perhaps they'd be more open to it?

There isn't any technology that can prevent sharing of age verification with third parties without tying your uses to your identity. To unmask someone in order to uncover sharing, you would require the ability to do it in general, which is incompatible with privacy/anonymity.

And yet homomorphic encryption is a thing. It's possible to process the encrypted request and be unable to see it.

Similarly we could easily devise many solutions that can prove the age in the privacy - respecting ways (like inserting the age-confirming token inside the pack of cigarettes which an adult could then purchase with cash, etc)

Many ways.

You're not understanding the dichotomy. It doesn't matter what kind of encryption you use, the system you're asking for can be made much simpler than this: Just use the same token for everyone and only give it to adults. It needs no cryptography at all, it just needs to be a random string that children don't have. You don't need anything to do with cigarettes, just print it on the back of every adult's ID or allow any adult to show their ID at any government office.

But then anyone can post the token on the internet where anyone can get it, the same as they could do with anything cryptographic that you put on the back of cigarettes or whatever. Unless you have a way of tracing it to the person who did it in order to impose penalties, which is precisely the thing that would make it not private/anonymous, which is why they're incompatible.

If you're going to do one then do the first one -- just make it actually untraceable -- but understand that it won't work. It would never work anyway because there are sites outside of your jurisdiction that won't comply with whatever you're proposing regardless, so the thing that fails to work while not impacting privacy is better than the thing that fails to work while causing widespread harm, but then people are going to complain about it and try to impose the thing that does cause widespread harm by removing privacy. Which is why the whole thing should be abandoned instead.

Oh, I do agree with your last sentence very much.

I was just commenting on the claimed inability to make the system work AND be anonymous.

Please though, for the love of dog, have your site serve a complete chain and don't have the browser or software stack do AIA chasing.

With half of the web using Let's Encrypt certificates, I think it's pretty safe to assume the intermediates are in most users' caches. If you get charged out the ass for network bandwidth (i.e. you use Amazon/GCP/Azure) then you may be able to get away with shortened chains as long as you use a common CA setup. It's a hell of a footgun and will be a massive pain to debug, but it's possible as a traffic shaving measure if you don't care about serving clients that have just installed a new copy of their OS.

There are other ways you can try to optimise the certificate chain, though. For instance, you can pick a CA that uses ECC rather than RSA to make use of the much shorter key sizes. Entrust has one, I believe. Even if the root CA has an RSA key, they may still have ECC intermediates you can use.

The issue with the lack of intermediates in the cert isn't browsers (they'll just deal with it). Sure, if they aren't already in the cache then there's a small hit first time. The problem is that if your SSL endpoint is accessed by any programming language (for example, you offer image URL to a B2B system to download so they can perform image resizing for you, or somesuch) then there's a chance the underlying platform doesn't automatically do AIA chasing. Python is one-such system I'm aware of, but there are others that will be forced to work around this for no net benefit.

That is a really good point. Googles certificate service can issue a certificate signed directly by Google, but not even Google themselves are using it. They use the one that's cross signed by GlobalSign (I think).

But yes, ensure that you're serving the entire chain, but keep the chain as short as possible.

Are we forgetting the pushback against nationalisation of their oil industry, operations involving both CIA and MI6, the propaganda campaign to get rid of their elected president, and other such fun? It's not like the west didn't have some rather significant involvement and incentive here. They have what they have because the west (as is common) messed with another nation.

Weka can be a lot of fun too, I saw a pack of them opening someone's backpack zipper to find out what's inside.

I was hiking and had a Kea flapping its wings on the ground to get our attention while his friend was going through our backpacks.

Ah, team work.

I saw a seagull sneak up to and scream at a guy to make him drop his fish and chips and all his seagull buddies swooped in and took it.

Seagulls, magpie and ibis (im not being fun or joking here) have evolved to exhibit cooperative traits and behaviours to get food, including tricking, diverting, cooperating and most annoying literally staunching people.

I was having a burrito on manly wharf a long while back, a seagull just lands on the table and death stares me...i felt uncomfortable and moved, because i know they will try and take my food off me!

I haven't ever seen Brisbane's beloved bin chickens (ibis) cooperating, but they're pretty good at getting into any bin to scavenge food.

Cockatoos are worse and will flip the lid of a wheelie bin if in the mood. Crows will as well if you overfill and the lid is not shut properly.

I saw an ibis and magpie work on opening a macdonalds bin, take out the black rubbish bag, tear it, splay its contents and fish for paper macdonalds bags!

I looked up the bird..

They are smart!

https://www.youtube.com/watch?v=7W7hEUGtv4U

Athens being its own special hell, looking across the city from Lykovounia and seeing everything in the city at the same ~5 storey level of dark concrete.

Except, a diabetic's immune system already wants to kill those too...

True, Sana above are attempting to extend their gene engineering ("HIP") to stem cells as well

>apply the HIP technology to develop therapeutic candidates at scale, including both pluripotent stem cells and donor-derived allogeneic CAR T cells.

I don't recall the last time I lost all my tabs. The only big annoyance I've had in recent years is when something caused my tab tree to flatten so all my arranged nesting was gone. I'm more curious how you end up with a system that destroys your session semi frequently?

Tree style tabs extension, nesting in a manner that makes sense to them, probably other extensions too. I only have about 600 tabs at the moment and am impressed by someone managing more than an order of magnitude more than I.

Historically a number of people started as single small developers with tools like FoxPro, Delphi, and (even earlier) Clipper/dBase. These allowed easy creation of some kind of UI. All of these have a database under the hood. The combination of the two allowed a lot of small groups to make quite complicated systems for a single platform.

Now there's an expectation for things to be web-based and the entry point feels less obvious than it used to be.

You could probably achieve the same outcome by combining two approaches though. Use traditional timing and phase management that existing noise cancelling headphones do. Then, using the data from that same set of microphones use AI to extract the conversation of interest (maybe using timing differences from left/right to determine who's "in front" of you) and inject that as the thing to overlay on top of the inversion. This way there's no risk of AI error on the noise cancellation and you can rely on existing solutions.