AmoxtliCalifornia introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup
You guys are asking the wrong questions.
How is Linux going to do this? There’s no server for the os to send the information to report the age of its users, no way of forcing its user base to comply and no single person or entity to fine, arrest or otherwise force into compliance.
They made a law they cannot enforce.
How is Linux going to do this? There’s no server for the os to send the information to report the age of its users
The law doesn’t require sending the data anywhere, so that’s not a problem.
no way of forcing its user base to comply and no single person or entity to fine, arrest or otherwise force into compliance.
The law doesn’t require anything of users, it requires something of OS providers. OS providers have addresses and entities to fine.
RivalarrivalThe law doesn’t require anything of users, it requires something of OS providers.
For a FOSS OS, any user with root access would be considered an “OS Provider” under the definitions provided in this law. With FOSS, there is no real distinction between “user” and “developer”.
You are right, it just says whoever “controls the OS”, which is very vague. Even without going to open source, a user still controls the OS even on Windows or macOS. To a lesser degree of course, but in the same way a driver controls a car even if they can’t or won’t try to modify it.
The windows user uses the OS. The windows user does not control the OS. They only have access to the functions that Microsoft has provided. The Attorney General of California won’t be able to argue that the sysadmin is the OS Provider of a Windows installation. The OS Provider of Windows is Microsoft.
The Attorney General of California would easily be able to argue that the OS Provider of a particular Linux instance is the sysadmin of that instance.
They only have access to the functions that Microsoft has provided.
And a user of Ubuntu only has access to the functions that Canonical has provided.
Unless they have root access and modify the OS. Or they have administrator access on Windows and modify the OS. Which is the case for both by default. I don’t really see the distinction.
And a user of Ubuntu only has access to the functions that Canonical has provided.
That is not at all accurate.
Administrator access to Windows is not at all comparable to root access on Linux. Windows “root” access is held solely by Microsoft, and granted only to Microsoft employees and contractors. They are the only ones with the capability of changing Microsoft’s binary blobs.
Canonical doesn’t restrict root access. Everyone who installs Ubuntu has root access by default.
Suppose Canonical adds this capability to Ubuntu. Suppose I take an Ubuntu install, and remove this capability. Who is the provider of the resulting OS, Canonical, or me? Obviously, I am responsible for the changes; I am obviously the OS Provider in this scenario. What I am saying is that I was the OS provider before I made the changes. For FOSS software, the end user fits the OS Provider definition that California creates with this law.
What does the comparability of root/admin access change in this situation? Why is the ability to change Microsoft’s binaries important?
Suppose Microsoft adds this capability to Windows, and you edit the registry to disable it. How is that any different?
I can see the argument for something like iOS. But on Windows you would be able to add or remove such functionality.
Suppose Microsoft adds this capability to Windows, and you edit the registry to disable it. How is that any different?
By allowing the end user to change it instead of locking it down, they are not making a good faith effort to comply, and they lose their liability protection. To maintain their immunity, at the very least they will need to prohibit Californians from disabling the feature.
Canonical is prohibited from adding comparable terms.
DigitNo addresses or entities tied to the distro respins I’ve made.
That was not a requirement in the software license.
Great, but how does that help? 99.9% Linux users use a Linux distro that has, ay the very least, a website behind it, with a domain name, that has a registration info.
That the 0.01% of people that use an OS only hosted by anonymous devs on a Russian website does not make this law any better for the rest of us.
Yes it fucking does. Go read the bill, particularly section 1798.501.b, 1798.502.a and b. Every developer of every application that can be downloaded from every package system MUST request your age bracket every time it is downloaded. And possibly every time it is launched. Basic utilities like ‘ls’ and ‘cat’, that pong example I pushed as a test, everything.
Me: It doesn’t require anything of users You: Yes it does require something of developers
??
You are correct, but how does that disagree with my comment?
Sorry, I see that I was unclear.
Yes it fucking does require sending the data somewhere, specifically to every “application store”, which by their definition includes such things as Github, PyPI, Crates.io, Debian mirrors, apt/rpm repos, and personal websites that have hobby projects from more than one person.
Can you quote the relevant part of the bill? I don’t see it. From what I’m reading:
- The OS provider has to collect the age information from the user
- The OS provider has to make the age information available to any app that asks for it
- The developer of any app has to request the age information from either the OS or from an Application Store
There is nothing about how the Application Store obtains the age information (presumably they mean something like Google Play or the App Store that already have the information about users), and there is nothing about the OS sending the age anywhere other than an app running on it that asks for it.