cm0002An upcoming California law requires operating system providers to enforce basic mandatory age verification
Luminous5481 "Lawless Heathen" [they/them]Apparently this will include Linux…
lol no it won’t. what are they gonna do, go around the world knocking on doors asking open source devs to include age verification in their Linux distros? the law is completely unenforceable.
It isn’t enforceable on the personal level, but every commercial distro will need an implementation (and let’s be honest, they will each create their own) to sell pre-installed or to offer service for public and private device fleets.
Meh, adding an age question to adduser wouldn’t be that bad, we could even replace the current room number question
Can’t wait to create all my accounts using the Unix epoch.
And non-commercial distros?
Depends if their non-profit is Californian or how deeply the mechanism is embedded into their base distro (if applicable).
If [email protected] is right and it’s done through a simple addition to adduser (and the GUIs) every distro that doesn’t actively patch against it, would get it upstream.
If [email protected] is right and it’s done through a simple addition to adduser (and the GUIs) every distro that doesn’t actively patch against it, would get it upstream.
If you are a registered entity (even non-profit), you can be fined millions of dollars.
It is a very dumb law.
that’s great. hey, why don’t you ask the UK how fining foreign entities millions of dollars for not doing age verification is working out for them.
you see, laws only apply if the state has the ability to enforce them using violence. california does not have that ability outside of california. california can chew the bark off my big fat log for all I give a shit about the laws there.
In essence, while the bill doesn’t seem to require the most egregious forms of age verification (face scans or similar), it does require OS providers to collect age verification of some form at the account/user creation stage—and to be able to pass a segmented version of that information to outside developers upon request.
As much as I hate this, just filling in a drop down on OS install is fine with me. This is the ideal solution. Tell your kid’s device it’s for a kid, then use the default age restrictions correctly. That’s perfectly fine to me.
Anything to avoid evil age verification services that force deanonymization through every app and service.
GammaI disagree. This is a first step towards something far worse.
It sets up the infrastructure for getting user ages and allowing services and websites to get an attestation from the operating system. Once that system is widely used and becomes ingrained, they can create a follow-up bill that demands the attestation be cryptographically verifiable by a trusted party.
In that scenario, the only way the operating system’s promise that you’re not a minor would be trusted is if it was signed by whoever holds the private keys—and that’s definitely not going to be you, the device owner.
It would either be the government, or more likely, the operating system vendor. In the former case, now services can cryptographically prove that you’re a resident of $state in $country, which is amazing for fingerprinting and terrible for anonymity. In the latter case, you can guarantee that only the corporations will be holding the key (like with Microsoft and secure boot), and you can kiss goodbye to your ability to access services on FOSS operating systems like Linux or custom Android ROMs.
Doing banking only in laptop is the way I chose. It’s a pain in the ass.
If people don’t push back on this, you might not even be able to do it the way you choose even with a laptop. Unless you choose Windows… or Ubuntu maybe.
So this is basically just misinformation. There is no age or identity verification as part of this bill, the age is self-reported by the user and you could select any age you want. The bill requires the operating system to have users select their age when creating an account. The intention is that parents will select their child’s age when setting up their child’s accounts on phones and computers, to age-gate them from accessing certain software or websites.
Regardless, I don’t support this feature being mandatory, because it limits parents’ choices. It is the parents’ responsibility to monitor and regulate their childs’ computer activity. Parents should be able to choose to disable this feature entirely or allow their children to use an OS that does not include this feature, if that is what they feel is appropriate for their child.
Still fucking stupid and just a slow creep towards some bullshit like “kernel level age verification” where most Linux distros can’t possibly comply because the chip manufacturers won’t work with developers to certify unless they pay a $10,000 fee.
It’s like Secure Boot but actually, 100% useless.
Cris_CitrusThanks for the additional info!
I am asking once again, what is an OS account? I’ve never made an account for any OS I’ve ever used.
Yes you have.
AnUnusualRelicDo you run DOS?
dasra
RamenJunkieSo the OS would also have to have built in content filters or what?
Software would ask the OS for the age range of the user (under 13, 13-15, 16-17, 18+). The software would implement content filters based on these age ranges.
The OS is only responsible for requiring the user to set an age and providing the age range to software.
forgetful_foxNo operating system needs to know the age of a user, it’s just not within the scope of how it operates normally. Software will always be bypassed no matter what the law is. Brb, “moving” my computers using a VPN.
I can actually imagine this being pretty useful on phones so you can give a kid a phone but prevent it from installing certain software (from normal sources)
You can already require a pin to download anything off the store.
gnuthing [they/them]My kid has a phone, their user doesn’t have app installation permissions at all and app store is hidden
Anything but holding parents responsible.
artyomFor real. Let’s repeal all the laws around age, and make parents responsible. Drinking, smoking, driving, body art, firearms, etc. Let parents decide!
No, let’s hold parents responsible if their child breaks any laws.
What laws? As far as I know it’s not illegal for children to view pornography. Are you suggesting it should be? And you would have their parents charged with a crime if they were to do it?
Children have been in their neighbor’s dad’s nude mags since the beginning of time. Maybe if they don’t get molested and perps go free we could make progress there. " We can’t arrest anyone for Epstein files, but we need to track you so we can ‘protect children’." It’s outrageous.
This literally IS putting the responsibility on parents.
The law requires that part of “account setup” includes asking the user’s age bracket, and then allowing apps installed via “stores” to retrieve that value from the OS. The entire burden of trust in this implementation is placed on the owner of the hardware, exactly where it should be.
tux0rOpenBSD, (unlike Linux) not being copyrighted by a foundation under U.S. law, begs to differ. Fuck the upcoming California law, I say.
Depending on the particular BSD, yes and yes or yes and no. (FreeBSD has a Linux emulator in its kernel, which allows you to run Steam.)
Windows is still unbeaten for gaming though.
Windows is still unbeaten for gaming though.
Windows is still unbeaten for gaming though.
Beg to differ on that one. Performance for me has been better on Linux for a few years now. Last year when I bought a completely new PC, I just didn’t even bother to move over my Windows drive. Literally no use for it. Any game that doesn’t run on Linux isn’t worth playing IMO, if I need to use Windows. The game might as well come with a Windows install at that point lol.
Hey, thanks for the info on BSD! ❤️
I don’t get how this can work practically. Say if I install Arch, right. At which point during the process of entering a bunch of commands when following the installation guide would I be entering my age? And what software would be mandatory to install to enforce blocking content based on my age? pacstrap would need to like, read some file with my age, then install whatever needed based on that?
This makes no sense to me, but maybe I’m missing something.
The law is not for the individual person, but for organisations that develop the OS. So they would go to Arch linux org and start threatening them with huge fines, unless they do something here. And all the headache of how exactly to implement this would fall on arch developers. At which point I suspect they would go the same route as Midnight BSD and just forbid the use in California, because as you rightly said it is impossible to implement age verification in DIY distro.
Blocking use in California is definitely the only way forward. This is not practical to implement.
They’ll just do it everywhere else. What is the privacy distro that runs on USB that you just carry around? TailsOS or some such? You can just use it anywhere but since it’s different than a live boot I guess you can have all the rest of your personal stuff in there too. Black market for tails OS USBs, or really, just use a VPS somewhere else or a VPN or just go out of state for a few minutes and buy a dumb phone for downloading whatever you want.
Digit
macewanThanks. I know.
Just amusing irony worth pointing out.
Pedantically, I should have used “wont be able” to future-tense it.
Anyway, I’m ready already, with a script to add to any of my distro-respins:
#!/usr/bin/env fish read -P "Are you old enough? (yes/no) " input if test "$input" = "yes" -o "$input" = "Yes" ; echo "Proceeding..." else ; echo "You are not old enough. Exiting." ; exit 1 ; end;)
Stop buying anything that comes from California.
wonderingwandererThat’s fucked up. Why don’t they just tell parents to turn on their damn parental control settings if they care that much about the content their kids consume?