Egregoros

age verification partners like Persona (the one Discord, roblox, reddit is using) directly send all information you submit to them to the US Gov (including various registries, and FinCEN) & tie your financial records to everything you do online.

they also do AI estimation of how anti-social (read: potentially badly politicized) you are based on your selfie and other unknown variables.

every person in the Persona (read: combined OpenAI/Palantir/USgov/US tax authorities) database has the following things attached and always-accessible. Some may not be available, but this is the average list:

personal identity:
- full name (including in native script)
- date of birth, place of birth
- nationality, sex, height

address:
- street, city, state, postal code, country

government document:
- document type and number
- issuing authority
- issue and expiration dates
- visa status
- vehicle class/endorsements/restrictions

media:
- FRONT PHOTO of ID document
- BACK PHOTO of ID document
- SELFIE PHOTO
- VIDEO of identity capture

metadata:
- entity confidence score
- all verification check results with pass/fail reasons
- capture method used
- timestamps (created, submitted, completed, redacted)

the US gov (probably western ones others too, but no proofs so i wont imply it) can tag you for tax evasion/(il)legal immigration and grab your live data through discord in one second, just needs one official worker to flag your name.

if you write crypto addresses, credit/other identity data (including fake identity), business names and registries and locations look ups, any financial related data; all this is checked in less than microseconds and combined together. your discord and other sites like roblox and reddit, and all others that have used these palantir and palantir-adjacent serviceimportant to note that supposedly discord NO LONGER uses palantir but one would have to be a complete retard to believe this statement i just made. There is an attempted list of every politician you know IRL, list of your family members, friends lists, and extended relations connections.

amongst other things, your Palantir selfie is (AI?) checked for the following:
Does the selfie match government ID photos?
is the image spoofed/photoshopped?
do you look like a known celebrity?
do you look suspicious?
is this selfie photo a duplicate?
is the background of the selfie a duplicate?
estimated age and does estimated age match documents?
is your face covered?
eye glasses?
is the pose the same again?

theres also about 240 other checks, from various western (canada) and not-so-western (brazil, india) country ID and financial/tax database and business registry comparisons to various photoshop detections

all this collected data is supposedly deleted after it becomes 3 + years old (haha yeah sure)

i cant believe the (grand)sons of nazi germany war criminals who escaped justice and (grand)sons of nazi party founders and extremely morbid slave mine operators would lead a total and all encompassing intelligence gathering and analyzing service

crazy innit

@meso for me the suprising thing is that it turns out that they already have the technology to analyze the entire database of people (and related) (several times a?) month. i actually had a long argument lasting for days last year with some family members trying to figure out if the EU data privacy thing (the big thing last summer) which implies the EU wants to do exactly this, could be possible (the consensus in the end was that even if they try really hard, there isnt the technological capability to make these complex webbed databases involving repeat analysis and scanning of every single person's profile

turns out it exists atleast now

to quote some fellow countrymen (head of constutional protection) at home: The state legalizes and attempts to legalize what its already doing after it starts doing it, it's way easier this way to make legislation because it needs way less corrections then.

@mangeurdenuage @meso @moth_ball @phnt

i'll tell you the goods, as im sure you are aware of all the bads. its half serious, and half shitposty but the thoughts here are important

while writing and thinking about it, this fedi reply window and also firefox's UI started gently flashing, eerie spooky!

anyway
such a intelligence gathering system police state is pretty much inevitable with current Technology.
imagine a society where the police state has the same opportunities as they had in the 1700s (in terms of intelligence available), which is the privacyschizos (like me) ideal to strive towards
and at the same time every bad boy has the entirety of today's slop available for use

half of our world is useable online and the other half is vulnerable online; at home the statistics for "intelligent" criminals is nightmarish. I dont know about the equivalent statistics anywhere else, but you can extrapolate it to what i assume to be a VERY good estimate to reality

(there's roughly 1 million estonians, so extrapolate unknowningly reality to your own worlds)
All of this is for Estonia: In 2025, 3685 (~3%) citizens fell victim to a scam, totalling over 29 million€ euros of damages. This only counts the reported-to-police scams. (In 2024 it was 16 million€, so nearly doubled!). "Intelligent" or digital crime is so lucrative and profitable, there's an infinite amount of new schemes to think of to scam people. The days of Nigerian Prince scam emails are so far, now we have local people involved in the digital mafia, generally orchestrated from countries like ukraine, russia, india, the balkans, etc (indians are actually the worst at doing this, [un]suprisingly). The schemes are believable and multilevel, the schemes are related to daily local news and environments, the schemes are extremely well trained, and always involved a speaker from the area. Due to the speed of setting up a new call/scam center, it is now actually a net negative, worthless action to shut down a full call scamcenter. Only the local-area scam workers who work as the money-mule (very profitable btw!) have a minor effect, as there will be a temporary lull in localized knowledge and the specific "sales" scam type scam, until a new moneymule is hired by scam centers.

without these extreme police state privacy nightmares, the ability to capture these moneymules is taken away. scam centers arent stoppable anyway at the source, the counter to that is good population awareness. With this shitty apparatus, 3% of the population falls victim to high-profile scams (not talking 50-100€ sized scamdeals because those usually dont even get reported). Without, i strongly assume it would be about double that.

without the police state el terrible, people like Sam Bankman Frid would still be free, as the ability to capture him wouldnt exist. people part of the ruling party -garchy circle will still be free probably, irrelevant to the police state surveillence program's ability. Realistically, <80IQ retards and bums would be the only people commonly caught without a super-surveillance machine.

so, i propose the [Inevitable] Police State Theory
P = NT + AI
N is the N that the nesquick bunny throws into the pool
T is technology available to the N
AI at the end is from einstein's formula

so my (achievable) privacy ideal has become a police state that is ever so slightly behind the curve in comparison to the evil doers, yet not far enough that it would enable the bad boys to gain a upper hand over the (police) state so much that they could overthrow local or national forces with the value they have gathered via theft.

tldr: Me: "Um, Actually, here's why a 2.71% yearly population scamvictim rate is GOOD for you!"

@lebronjames75 @meso @moth_ball @phnt
>scam centers arent stoppable anyway at the source
The only reason they are able to do so is because they partly have information from the people they are trying to scam.
The source of that information are backdoor computers be it desktop, laptop or mobile phones and servers/SaaSS sub contractors the GOVs love so much.
The solution is simple af, it has been simple for the past 40+years, just follow the FSF guidelines.
Previous Friday, I solved most of someone's problems by just factory default their phone. Disabling google services and installing only free/libre software, even the launcher and default software, and most of her problems disappeared.
Ideally a custom rom without all that crap at all would be preferable.


>so my (achievable) privacy ideal has become a police state that is ever so slightly behind the curve in comparison to the evil doers,
Or ideally just ban proprietary computing. Most of the ""evil"" is able to exist because they can hide and force their functions inside any computer.

@mangeurdenuage @meso @moth_ball @phnt you can put the lid back on the box, but all that info is out there already. it doesnt matter if the same data has appeared in 13 or 21 different leaks. it is quite too late to do anything about the already out information to keep it hidden. also, that approach vector is helpful, but its an antiquated approach by now for scammers. Social Media is much more than enough, you can combine that with public business registries and phonebooks, and that's all you need and its the primary direction to use.

social media, and a phone number, is all that is needed. From there, all other data is social engineerable. Phone call voice recording of person A to make fake AI generated voices to person B. People posting on social media that they are actively on vacation is a gold mine for "help me mother, i have lost my wallet and phone to theft in italy, can you send me money? im calling from friends phone". Cold calling random telephonebook numbers until elderly answer, for the classic scams. Recent nationwide events and fabricating calls, emails, and having people visit you IRL pretending to be X Y or Z (officials), all the info for these actions is generally social engineered from the initial phone call. cold-sending fake invoices to thousands of companies pretending to be other real companies, from fake email addresses that are very similar to the real ones (this works, in values of 5 and 6 figure numbers! for example, fake a power company invoice for a largescale factory operation and send it 3 or 4 days before the usual date)

to think if every software would follow FSF guidelines, that it would have even a measurable impact on the scam problem, then your knowledge and beliefs on how scams work today is extremely dangerously outdated. Even if everything you did outside of social media was 500% giga ultra encrypted, it would not really do anything at all. The vector of approach for good scams is humans, not the technology.

every new type of defence is but another opportunity for scammers to approach from a new angle. 2FA for banks is social engineered tens-hundreds of times daily at home country. True, the situation is much better than in america with their social security number scams, but the situation at home is a trick on the mind; a feeling of safety from the 2FA to a human allows a new vector to hit harder and stronger, as the feeling of safety makes people slower to realize and react to a scammer scamming.

the best counter after the basics are in (2FA), is awareness of social engineering manipulation, not 3 4 5 factor authentification. to learn the methods, and tell them to yourself. to keep yourself up to date with evil. to keep your family and elderly up to date with the evil. give them the knowledge (and trial them with thoughts randomly) to realize: No! It's not the police sergeant calling my grandma right now, to "confirm" some personal details because I am in trouble with the law! It's not a bank teller attempting to stop a "fraudulent flagged transfer, quickly confirm your bank account Nr to me so i can make sure its locked up before the money is fraudulently stolen from you!"

its foolish to think banning proprietary computing will have a significant positive effect towards lowering scams. Most common and uncommon scams are not "hacks", they are simple remote desktop functions, calls, and personal visits. "proprietary computing" as a real and used threatvector is but a brainworm and nothing more, no more or less than non-proprietary computing in large scale use. if someone professional targets you specifically, as a target to destroy, they'll get you with (proprietary) hacks, people, etc. if someone targets you from a random list as a target to scam (actual real threat to you and your family and friends on the average day), youll be probed by cold calls, cold emails, and if they fail, a flag is added "failed 1 day" to your name and the next name is attempted in the list and you are forgotten.

@lebronjames75 @meso @moth_ball @phnt
>it is quite too late to do anything about the already out information to keep it hidden
That's only if you consider information never changes. Which it does.
That's only if you consider if laws never changes. Which they do.
But it does on information that does not change.

>then your knowledge and beliefs on how scams work today is extremely dangerously outdated.
No. It's just different from people to people.
Like for example an ongoing scam in my country is that people can pay via adding to the ISP invoice.
You can pay almost anything with this, parking, donations, streaming services, apps etc...
People install X malware on their computer phone or Y malware on somebodie's computer phone takes control of it and just add fees to ISP invoice system.
It's entirely possible to avoid this bullshit, people just have to deactivate that option on the ISP's website who activates it by default

But again the entry point was again proprietary bullshit and not the immoral paiement system that nobody knows about and that is activated by default.

> it would not really do anything at all
I disagree. It heavily mitigates. And it allows me to actually do do advertisement as people who have malware on their phone and contact me/get my number, I get scam calls from that.
From that point doo several things. I first warn the user. Then I warn France's authority on the subject the 33700.

>every new type of defence is but another opportunity for scammers to approach from a new angle
For direct social interraction yes. For computer security also yes but highly dimishes as it requires high entry barrier.

> 2FA for banks is social engineered tens-hundreds of times daily at home country.
I know, that's why I keep telling people to not install the malware app, and keep it simple with otp.

>a feeling of safety from the 2FA to a human allows a new vector to hit harder and stronge
I know. Technically a single secrete/unknown/non public long string of data like this
}®ë½útrMîR\,ÇØ.~ÜP¬å^ýto9:õð[{üÁ*-'/$ö¨^\è~#¥!êàºÂ¶<,UÝÙtÔìÍÎUÑó
Is enought for any security system to ID you. But since things were simplified for people with email, which is public, a second string of data is necessary to authenticate.
Big brains in the EU still think that biometric data is impossible to copy/falsify, meanwhile as I already said, all the fingerprint, voice, face etc... all biometric data that you can use with the current devices are already leaked.
On proper digital hygiene combined with proper software, aka free/libre software (and also non backdoored protocols) will heavily mitigate the issues.

>to keep your family and elderly up to date with the evil.
They don't live in reality, that's the main problem as when you're trying to explain, without even going in the details, it's extremely hard as their pre conceived notions of computing and computing security is entirely false.
Just for example I've already spent 17 hours with someone doing pedagogical work, and only via proof via solver their problem they are starting to believe me.
It is feeling incredibly like what Yuri Bezmenov describes as "demoralization", no matter the amount of information you give they do not believe, they have to have their heads stomped in the mud to understand.


>its foolish to think banning proprietary computing will have a significant positive effect towards lowering scams.
I say the same to you thinking that it's irrelevant.
Proprietary computing is what enabled this in the first place.

>Most common and uncommon scams are not "hacks"
>they are simple remote desktop functions, calls, and personal visits
What's the definition of a hack again ? (rhetorical).
Do I need to use the OG definition of hacking from the 60s MIT ? or the CSI definition of hacking ?
Anyway I agree, they are simply remote call to home, which enables various security issues, unwanted functions that nobody asked for aka malware as it is intended for malicious purpose.

>but a brainworm
bruh
It's the source that enabled mass social engineering.

>or less than non-proprietary computing in large scale use
Again it could have happened with fully AGPLv3 software, but it is doubtful because of legalities as it would be obvious to point out in a case in court that a software behaved against the law and citizens.

>a flag is added "failed 1 day" to your name and the next name is attempted in the list and you are forgotten
I know. That's how I'm able to solve those issues over time.