|
|
|
|
|
|
by snackbroken
88 days ago
|
|
|
Ah, so it does leak your identity through the timing side channel. In other words, your anonymity is only dependent on the govt not coordinating with service providers to de-anonymize users. I assumed the 2fa app just held cryptographic keys and did some 0kp magic to show that the cert belongs to a government-attested adult. Phoning home all the time makes it trivial for the government to abuse people's privacy; they can just compel service providers to provide logs of logins. |
|
|