Discord has quietly begun testing Incode as a new age verification provider, replacing its previous vendor for some users. The company says face scans are processed on-device where possible, IDs and selfies are deleted after age confirmation, and Discord only receives an age result, not your identity. But the move still raises important privacy questions around biometric verification, third-party trust, and the growing trend of mandatory age checks online, especially after the massive Persona breach linked to Discord user data back in 2025

  • manuallybreathing@lemmy.ml
    link
    fedilink
    arrow-up
    2
    ·
    22 hours ago

    I know there are groups local to me who organise almost entirely on discord, I cannot understand why they choose to do this, even before everything discord has proven to be a very insecure platform

  • aurelar@lemmy.ml
    link
    fedilink
    arrow-up
    42
    ·
    2 days ago

    They said that the pictures were deleted last time, and we found out later that they weren’t. Why would we trust them a second time when they violated our trust the first time?

  • sudoer777@lemmy.ml
    link
    fedilink
    English
    arrow-up
    42
    ·
    3 days ago

    I wish more FOSS communities would use Matrix, Discord sucks so I barely use it anymore

    • warm@kbin.earth
      link
      fedilink
      arrow-up
      14
      ·
      2 days ago

      When Fluxer gets federation, I really think it will be a great drop-in for Discord. It’s very familiar.

      Matrix really isn’t a good replacement for Discord. I wish forums were still the thing though, I hate threads in my chat apps.

    • comrade_twisty@feddit.org
      link
      fedilink
      English
      arrow-up
      25
      ·
      edit-2
      3 days ago

      I stopped and will immediately stop using all services that require face scans, ids, phone number or qr-captchas.

      If they want to kill their product they can be my guest.

      • FineCoatMummy@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        10
        ·
        2 days ago

        I stopped and will immediately stop using all services that require face scans, ids, phone number or qr-captchas.

        Same.

        The question tho is, how many will? If it’s 50%, they killed their product. If it’s 0.1%, then their product is fine, while you, me, and all us 0.1% are excluded from more and more of the online world. This won’t stop with Discord.

        I guess the % will be somewhere between those levels. Where exactly? IDK.

    • Encrypt-Keeper@lemmy.world
      link
      fedilink
      English
      arrow-up
      11
      ·
      2 days ago

      Fluxer just finally finished their big refactor that brought their code to GitHub for public contribution and they released their revamped selfhosting experience

      • Coyote@piefed.ca
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 days ago

        Yeah, for Discord on my PC I use it through Equibop. It works quite well.

        • sudoer777@lemmy.ml
          link
          fedilink
          English
          arrow-up
          2
          ·
          2 days ago

          On my computer I have to use Equibop because their shitass client doesn’t support ARM Linux

    • Manalith@midwest.social
      link
      fedilink
      arrow-up
      3
      ·
      2 days ago

      Been working on deciding where to move to, not sure if I can get my people to come with but as it stands

      Fluxer - E2EE is iffy at the moment from what I’ve seen, federation not yet a thing

      Matrix - I don’t know of a client that allows audio screenshares which is important when sites keep removing the watchparty features

      MOVIM is entirely text based as far as I can tell

      • spiderhamster@midwest.social
        link
        fedilink
        arrow-up
        1
        ·
        2 days ago

        Matrix - I don’t know of a client that allows audio screenshares which is important when sites keep removing the watchparty features

        If you use Element web with a chrome-based browser you can share a tab playing a video from the same browser. I use Helium to connect to matrix and my Jellyfin server to stream movies regularly. Within the last few months they’ve added the ability to adjust stream volume as well.

      • NewNewAugustEast@lemmy.zip
        link
        fedilink
        arrow-up
        1
        ·
        2 days ago

        I assume E2EE is end to end encryption?

        Curious why you care that much. On discord it’s all on their servers anyways, so it already doesn’t matter.

        If you had to you could self host and set up e2ee for the connection if you wanted to.

      • mnemonicmonkeys@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 days ago

        MOVIM is entirely text based as far as I can tell

        What are you talking about? One of its main features is multi-stream video calls, which most other XMPP clients don’t handle

    • GMac@feddit.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      2 days ago

      I like the marketing and on the surface, Matrix looks like something I would be on baord with, BUT… staff and leadership track back to amdocs and thats a red flag for me. Independent code review, analysis, security audit and activity verification might change my mind but at this point I have no incentive to invest effort into verifying matrix is safe after my concern radar has pinged.

      • dropdrip@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        1 day ago

        Matrix’s origin is Israel’s intelligence community. One could argue the authors are rebels, being insiders themselves, who’ve begun to fight back against the surveillance state that they intimately know. That’s a naive and foolish thing to think. The project’s design is awful from a ‘privacy’ perspective, with the design specifically allowing third-parties to silently ‘intercept’ users’ data–all whilst still being ‘E2EE’. It’s a feature. That’s the amusing thing about its absolutely shit design, but regardless of design choices, encryption has always been a lagging component of the program.

        The cynic might observe that the whole thing was proposed with foresight as to create a compromised leader ready to be adopted by organizations that felt they needed a higher degree of security. Matrix is a good solution, or so government bureaucrats are told.

        Let Tel Aviv inside.

      • tekato@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        2 days ago

        Matrix is just the protocol so if you think that synapse (the server implementation developed by Element which does have ties to Amdocs) is somehow logging all your data and sending it back or whatever, just use a different implementation. For example, tuwunel is sponsored and used by Switzerland’s government.

          • procapra@lemmy.ml
            link
            fedilink
            arrow-up
            1
            ·
            1 day ago

            Its literally always this one guys complaint, you know, the guy that shills signal, the app that literally requires a phone number to use.

            • sudoer777@lemmy.ml
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              1 day ago

              The person in the article I linked to analyzed Signal’s protocol implementation and claims that it’s much safer. Although it would be interesting to see an analysis on SimpleX.

          • tekato@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            2 days ago

            Was just addressing the amdocs complaint. Didn’t know about the security concerns but it’s most likely still better than Discord and I’m not sure if Signal is even in consideration when looking for a Discord alternative.

        • GMac@feddit.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          2 days ago

          Sure i read that the protocol developments go back to amdocs Governments use palantir so not a benchmark reference for avoiding spyware. Like i said, red flag and lack of motivation to act enough to verify either way. Ymmv

    • PerfectDark@lemmy.world
      link
      fedilink
      arrow-up
      5
      ·
      2 days ago

      We replaced our site’s (not-very-used) Discord server with Matrix, and even if a few thousand don’t know/didn’t follow, we’re happier to be on a nicer space than Discord :)

      • Ryo Succubus@thelemmy.club
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 day ago

        Congratulations, that’s great! Since the more people we leave platforms that play with our data, the more people will migrate to platforms that take care of our privacy. Union is strength <3

  • NGC2346@sh.itjust.works
    link
    fedilink
    arrow-up
    5
    ·
    2 days ago

    As much as i hate this, CSAM sharing accounts are a real problem, and they keep making more and more.

    I wonder what else could be used to counter this ? Device IMEI auth? Im sure we can come up with better than ID verification, which will ultimately make me leave the platform, not because i have something to hide, but because the precedent it sets is dangerous and WILL lead to leaks and breaches.

    • Meatwagon@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      25
      ·
      2 days ago

      Offer a paid option to purchase a card at a store that to be activated needs you to show your ID to a clerk just like purchasing alcohol. Nothing is stored. You take the card home and input the activated code into you account.