EU age verification app hacked, 2 minute How to posted

[−] jeroenhd 28d ago

That's not the real age verification app (there is no "EU app", every member state releases their own), it's the proof of concept that was made to demonstrate the system.

This stuff is also why the EU doesn't want the app to run on rooted devices. I don't believe there's a way to pass Strong Integrity yet, as the app doesn't support the hackable Android 8 software attestation.

[−] azalemeth 28d ago

I just want this whole idea to kindly please bog off. We shouldn't be further creating the apparatus of the surveillance state.

[−] izacus 28d ago

So this "hack" is basically reading app storage on a rooted phone?

Wow.

[−] raverbashing 28d ago

"hacked"

And then this person says the pin shouldn't be encrypted (but I bet if this was otherwise they would be complaining as well)

I think scrutiny over the apps are fine, but treating every issue with the same brush is not

> this product will be the catalyst for an enormous breach at some point

Breach of what exactly is not clear since most information never leaves the phone

[−] karussell 27d ago

Link to the code (I think?): https://github.com/eu-digital-identity-wallet/av-app-android...

[−] redeeman 27d ago

isnt it just a little bit funny that all this age verification is coming everywhere all at once

[−] spwa4 28d ago

Shows yet again: apps are secure because people check them. And politicians will avoid it at all costs for the same reason: it exposes them to being blamed for mistakes.

[−] walletdrainer 27d ago

This is a very dishonest title OP came up with.

[−] onethingright 27d ago

[dead]

[−] linzhangrun 26d ago

[flagged]

[−] fvv 28d ago

There's one thing "the hackers" haven't considered, though! It's illegal to hack an app in the EU,

so the problem of bypassing age verification by hacking saved files doesn't arise at all!

/s

EU age verification app hacked, 2 minute How to posted (xcancel.com)

29 comments