The optional birthDate field gives other projects a standardized data source for age verification compliance.
Which values should I absolutely not manually write into the birthday field Json data, because they could break the DB on the other side when storing unsanitized input?
Asking for a friend?
It is mandatory that Distributions follow the laws, because without it they can’t be used in classrooms, libraries, youth centers, or in any other places where kids or other young people can have access to them. That means that, as long as such laws exist, only close source Systems (most likely windows) can be used there if linux is not compliant. Not SystemD is the issue or the problem here, hanging them is like shooting a messanger when he brings bad news.
being a law does not make it just.
I’d love for countries to declare linux illegal. and see how quick tech companies will put an end to this stupid age requirement bullshit
this is true, but as long as the law is active it has power to ruin lives or created huge costs when ignored or even acted against.
It is up to the courts or the legislative to declare laws unjust, until that happened even potential unjust laws are binding.
Sir, can I introduce you to the concept of forbidden knowledge?
I don’t understand what you mean in this context
I had problems with systemd before… but this capitulation to what is clearly an unconstitutional demand…
fuck systemd devs. fuck them all.
I disagree. While I totally understand that it is an optional feature that can enabled and enforced only by others, I am not happy that the developers of systemd rushed to include it into the JSON file with the user info. I would expect the developers to be a bit more resistant to requests by two US states and Brazil. Why are they making it so easy? I guess we will see a resurgence of systemd-free dirstros.
4 US states; California, New York, Colorado, and Illinois.
In at least Illinois, this is still in the proposal phase. The bad news is that there are also more draconian proposals that require government issue IDs.
Also germany too
Where are you getting this information from, that Germany is requiring age verification on an OS level?
From the law:
§12 Jugendmedienschutzstaatsvertrag: https://www.landesrecht-bw.de/bsbw/document/jlr-JMedienSchStVtrGBWV10StVtr-P12
(1) Anbieter von Betriebssystemen, die von Kindern und Jugendlichen üblicherweise genutzt werden im Sinne des § 16 Abs. 1 Satz 3 Nr. 6, stellen sicher, dass ihre Betriebssysteme über eine den nachfolgenden Absätzen entsprechende Jugendschutzvorrichtung verfügen. Passt ein Dritter die vom Anbieter des Betriebssystems bereitgestellte Jugendschutzvorrichtung an, besteht die Pflicht aus Satz 1 insoweit bei diesem Dritten.
(3) In der Jugendschutzvorrichtung muss eine Altersangabe eingestellt werden können.
Interesting, didnt knew about that one.
It might be debatable if this would even apply to Linux (its basically the same AS with the laws from california), since the law requires “distributors of operating systems” to implement this (who is the distributor) and it might be debatable if Linux falls under the definition of “operating systems usually used by child’s and teenagers”.
Not sure if this is helpfull:
https://www.landesrecht-bw.de/bsbw/document/jlr-JMedienSchStVtrGBWV10StVtr-P3
§ 3 Begriffsbestimmungen
Im Sinne dieses Staatsvertrages sind
- Anbieter eines Betriebssystems eine natürliche oder juristische Person, die Betriebssysteme bereitstellt,
A distributor of an operating system is a person or legal entity who provides operating systems.
It is extremely vague, it could be everyone from the creators of the distribution, to the person/company running the download mirror, down to the person who does the installation.
Without some court rulings to bring some guidelines and practical applications of the law there is the risk that everyone handling a non-compliant OS could be judged under the law if someone under 18 could get access to to OS or a System running it.
That is indeed very vague
With that I wish to share this with everyone https://agelesslinux.org/
ohh now theyve gone and done it.
normies are gonna start hating on systremd for this. which will upset the og systemd haters for hating systemd for the wrong reasons, thereby frustrating the og systemd haters and helping them achieve new yet unmet levels of hate for systemd.
just a guess
“normies” will not care at all
isn’t enough that we all hate the same thing? lets not overthink this. All I want is a socially-accepted smoldering crater
eh?
og systemd hater (ish) here, personally I’m hoping to team up with the new systemd haters. This is just yet Another reason to hate on it, haha. We can work together!
(granted we came to Linux (from Mac) lonnggg after systemd already got entrenched, but the reasons we hated systemd (before now) were the same sorts of “it’s trying to take over everything” reasons that the og haters hate it for)
– Frost
Yes. I also hate feeling confused about where my hatred for SystemD firsts into the bigger picture
Of all terrible proposals coming up in this period, I’m still more-or-less ok with this system because the administrator is still in full control to set whatever date they want, and the field is entirely optional.
They call it “age verification” in the aricle, but there’s no 3rd party “verification” whatsoever. It’s just a field for the user birth date saved in the user metadata. This is IMHO acceptable because it doesn’t force anybody to provide IDs or personal information to some random shady company.
I think calling it “age verification” is a bit confusing and will make people unhappy by default, but might be a smart move to make it compliant with the new laws coming out in this period (the user age was “verified” by the system administrator, after all).
the lemmy doomers must scratch their suicidal itch
whereas I , out of pettiness, will switch an entire server to openRC to fuck over these assholes who only care about “line goes up”
A man of culture, I see. Every system I admin runs SysVInit or OpenRC. I do not need a ‘dictator’ like systemd.
For me at least, it’s less about the age field itself and more about the swift act of compliance with an absurd and overbearing demand
What is the alternative here?
Not implementing it and going “well okay don’t use it in California then”, for one thing!
I’m not an expert in law. But wouldn’t the maintainers be fined if an underage used it in California? Given that they can obtain it without any sort of location spoofing
Not an expert in law either, but I Am pretty sure, that they would not be fined.
Yep. Its honestly mild as hell.
Essentially legislation that says:
- app stores have to have age categories to silo children, teens, and adults.
- OSes have to have a field to collect this data from users when they set up their login, so it can be sent to app stores via API.
Its just a standardized system that should have been done ages ago, but was not a priority for standards orgs, so none stepped up - so legislation appeared.
I strongly argue that it should only apply to commercial OSes and app stores though - as they’re the ones that primarily cause issues these laws intent to address.
Linux and FOSS have been caught in the crossfire in a privacy and personal data battle they were not involved in.
The boiling pot goes up 1C, then another 1C
nope. slippery slope is basically “bad thing can happen, so it will happen” without evidence to support that outcome. here, we have a trajectory. there’s a pattern. it has momentum at this point. it hasn’t changed corse. it’s followed a predictable and proven pattern. It’s done so because the the pressures exerted on this particular system guide the outcome in predictable ways.
that is entirely different than the slippery slope dismissal
More “thin end of the wedge”.
The legislation is entirely to allow Facebook to get away with harming minors, so I wouldn’t call it mild in any sense of the word.
Good points. It’s like websites with an age-gate: technically they’re trying to keep out users under a certain age (usually minors), but there’s no verification.
But we all need to remember that “protecting the children” and clutching our pearls is still not a good reason to let world governments and giant corporations create laws, demand our papers, keep massive databases of our data, and tie our real-world identities to our online ones. It would be the end of anonymity online, it will get hacked, and they will use it for evil…
They don’t call the systemd change “age verification” in the article.
In fact, they specifically make the point that it isn’t.
They do use it in the title though (the title on this post was auto-generated from the article, I didn’t pick it out.)
I agree with OP, it’s not really age verification in the sense we’ve been seeing in the news, but it IS a step in the direction of following the letter of the law without intrusiveness.
The title says it is bringing the option for age verification, not that it is age verification.
Good point, I stand corrected.
deleted by creator
If, and I do stress if applications require it filled out, there are simply going to be an awful lot of epoch birthdates in their data. And frankly a lot of people, myself included, who will step up and write replacements to these applications in order to give a giant middle finger to authoritarian governments/companies as a result.
It’s very mild this, and as it has no ‘verification’, it’s just a meaningless string of numbers.
Whatever the old farts will come with their stupid laws, SURPRISE MOTHERFUCKERS, it’s Linux. It’s always a sudo away from doing (or not) exactly what you (don’t) want. I know. This is beyond their comprehension. Adding a field here is ok to me. Because if it ends up being used:
- I can not set it
- I can set it wrong
- I can be 1000y old
- I can have a different age for every request
- I can prevent the shit accessing it from accessing it
- I can uninstall the shit that is trying to access it
The only thing that will hurt from this are companies in CA, CO and wherever.
The average Linux user will not give a single fuck. I know I don’t.
So why not just remove the field then?
A lot of people born January the first, 1970.
Ahh, another Epoch traveler
Go team Crono
I like the idea of a system add-on that randomizes all user age responses with a different date that equals like 25-99years old (assuming 25 years meets the highest age for the applicable standards).
Not too dissimilar from a random MAC address generating feature.
SURPRISE MOTHERFUCKERS, it’s Linux was my band in high school.
I need to ear it now
And really, when was the last time some megacorp tried to access userdb on any machine?
And in a twisted way, this may be good. For instance, Microslop will probably spent millions to please their pedos overlords. They will require PC vendors to add cryptographic chips to ensure you cannot change your age, that has been verified after a background check required to buy Windows… We all know how product managers think (if you don’t you’re lucky, stay the fuck away)
The probable result: more and more people will switch to Linux, where they can be a 3000y old tree.
All of that is true, at least for now. But if you look at the work the systemd developers have been doing with remote attestation and end to end verification of computers, it starts to paint a grim picture. Web based integrity might not be that far off. But I really hope it doesn’t get that bad
Relevant article: https://www.gnu.org/philosophy/you-the-problem-tpm2-solves.en.html
And if anybody thought TPM provides security: https://www.elevenforum.com/t/tpm-2-0-is-a-must-they-said-it-will-improve-windows-security-they-said.13222/ https://gist.github.com/osy/45e612345376a65c56d0678834535166 https://www.sophos.com/en-us/blog/serious-security-tpm-2-0-vulns-is-your-super-secure-data-at-risk https://www.covertswarm.com/post/how-secure-are-tpm-chips
Reader, you know what’s likely most secure? FOSS code, peer-reviewed and regularly patched.
I don’t get why one would trust security theater, aka TPM and secureboot.
its the opposite in the best possible way. FOSS = “we know it’s too complicated to make perfect. that’s why it’s all out in the open where we call eachother out on our shit. We dont sell, we improve.” proprietary = “there is no war in ba sing seigh and to say or demonstrate otherwise is terrorism against shareholders.”
The owner of the machine is the one who decide. You can already make the life of other non root users absolutely miserable. The major difference is that it is YOU who control that. Not the company you bought your laptop from.
Also attestation is a super cool feature when you understand it. Because again, it’s free.
In general, systemd hate is a mark of ignorance. Which is fine. Ignorance can be fixed.
I quite like the init and journal parts of systemd. I’m not a hater. But I’ve been around long enough to see where this attestation road might lead to. Google tried it recently with their WEI initiative.
But now the time is ripe again with child safety being mentioned left and right. This is all speculative but combine secure boot ,and kernel level attestation and suddenly one must use verified applications which among other things can’t block ads and whatnot
How to get age verification into linux? Easy, just tell Poettering that if he doesn’t hurry up and do it first, some non-systemd approach might become the standard.
the operating systems job is to negotiate between software and hardware. its there to make sure “my red triangle program draws the same red triangle on anything running this environment regardless of the parts used to build the machine”. its not there to rat you out to a surveillance state or advertisers or meta.
The idea that this protects children is insane and nobody believes this for a second. Hormones happened and little timmy has discovered the wonders of nudity and friction. age attestation doesn’t stop that. it doesn’t stop horrible people from preying on that. it doesn’t teach timmy the difference between fantasy and what a healthy relationship really looks like. it doesn’t address any of those things.
it tracks people. that is all it does. that is all it is for. and considering literal nazis are in power, nobody wants this. it does not solve a problem.
This isn’t age verification. It’s just adding the field into the user record so it can be used if your distro decides to collect that information.
its building a surveillance infrasttucture.
this feature does not solve a problem. but it is abusable by creating dependancies. it has no reason to exist. it is not there to solve a technical problem, but instead a political one.
This isn’t about age verification, this is about him sabotaging linux instead of sabotaging encroachment by authoritarians in every single aspect of life. He didn’t have to go and shove the entire boot down his throat, but here we are.
https://theanarchistlibrary.org/library/revoluciana-facing-fascism-sabotage
Sabotage sounds spicy. It sounds dangerous.
And yet, the underlying concept is simply this: inefficiency.
I told you last time, make every inch have its cost.
Resistance does not have to be violent, and that’s not something I’m advocating here. Resistance is the word no. Resistance is standing in place. Resistance is pushing.
Resistance is the albatross around the neck of your opposition. Resistance is the anchor that drags along the sea floor.
Here are some incredibly mundane but effective examples from the manual:
Make mistakes with purchasing travel tickets
Make engineering mistakes
Make long speeches and waste time
Act ignorant, or ask a lot of questions: if you’re not familiar with the concept of sea-lioning, you should really learn it
Take longer to do your work
Even if you’re terrified of doing more, this is simply a place to start.
You are someone and you have a responsibility to do something.
You cannot make it easier for the fascists to achieve their goals. You can’t do it today, and you can’t do it later if they claim authority. You must stand in the way of oppression.
I ain’t reading all that fam
This isn’t about age verification, this is about him sabotaging linux
he isn’t the one who submitted the PR to add the age verification field. he also isn’t the one who merged the PR.
fucking who cares if it’s not him, I’m talking about the assholes that did those things
I ain’t reading all that fam
good, keep not reading things on this site and go somewhere else without text
I hope you get better soon, and don’t stroke out from all the stress you are clearly under from seeing the word “systemd”.
KTHNXBAI~
Should this strategy become an RFC?
its age attestation, not age verification (saying it vs proving it). also, dont give systemd shit about this bc they are just covering their asses in case more restrictive laws go through.
no, they are bending to the knee. you dont say “let’s compromise with the nazis.” you say “let’s barbecue nazis in their own ovens. dave has a fucking great nazi sauce…”
I think the fact that they acted so quickly to comply is the problem
I am kinda giving them shit for when someone pointed out that they’re essentially storing PII completely unsecured and their response was “you should use app isolation anyway”. That is not a good security model.
thats fair, but a lot of people are giving them shit for complying in the first place with a law that is going to be in the state they’re based in.
They’re not even really covering their asses. They don’t make an OS, they make a small but important art of many distros. They’re providing a clean, standardized way for Linux distros from RedHat to Ageless to comply with the law if they choose to. Some distros will comply with the law to the letter, others will not comply out of spite. At least the ones that comply will do it in a standard way.
I see a lot of people freaking out about this, but adding this as an optional field was the right call.
This way, distros can choose for themselves whether or not they want to use it during account creation.
optional sounds reasonable now. its gets its foot in the door. it sounds like compromise. but then, other things start depending on it. and if you dont comply, they just dont work. its a dependancy. break that dependency become incompatible.
this is not solving any problem. Sites already have the “are you 18” thing that says you aren’t allowed to know about naked people doing naked people things that we all ignored as teenagers and grew up just fine.
At least someone gets it.
It’s kinda crazy how many people here claim to use linux or even actually use linux, but apparently don’t know what the operating system does and what the system manager does.
There’s the first article!
It’s not a feature, it’s a bug.
