Lmao does the register really cite Reddit as a source, it was a cesspool off missinformation on the CA bill, I doubt it’s any better on the CO one.
Why not link to the actual bill like it does for other states?
It’s also wildly disingenuous to lump the bills that require verification and those that just require an OS store an unverified age and return it, but that’s what I’d expect from reddit.
There’s still valid concern about this being a foot in the door tactic. Once an OS complies with this request what will the next one be? Why should this even be allowed?
Either way though, the reddit citation is a bit unnerving.
Sure, but reddit (& Lemmy) hyperventilating about this as if the milktoast laws are the same as full retenal scanning verified by Palantir has completely destroyed any sort of sensible discussion around this.
Personally I think doing nothing isn’t an option and so the unverified age API approach is the least bad solution i’ve seen.
And much better than pushing the verification server side. The main argument I’ve seen against it is either:
slippery nipples means that at some point a different worse law could be passed, which is possible, but worse laws have already been passed elsewhere so if that was the intent they could have gone for it in CA.
Parents should watch their kids better, which is disingenuous as this is litterally adding a tool to help do that in a standard way, rather than some flakey survailance app.
To your second point, make it a tool that can be enabled by a parent then, don’t make it a legal requirement for everyone. This is exactly like the latest Ring camera pet tracking debacle. Everyone saw the slippery slope threat and then reports came out that it was indeed planned for expansion. This is the same but worse, because ring cameras are optional.
Parents should parent and the government should keep their greedy data compiling fingers out of our person tech. They’ve proven time and time again that they can’t be trusted to do the right thing.
The CA/CO approach doesn’t give the government any data, this is what I mean about reddit induced paranoia making sensible discussion impossible.
This is nowhere near as bad as Ring, I don’t get to control if Amazon are survailing me through my neighbors cameras, but I do get to decide what age input into my account setup screen, again trying to make storing my age sound worse than actual survailance tech linked to Palantir is insane!
Then I will refer to you first point. CA/CO now, full Id tomorrow. It’s completely unnecessary. If you can’t parent your child, don’t have a child. It’s not some paranoid delusion, it’s how the government operates.
What is your reason for why this should be required instead of an optional tool that users can enable?
Another example is how if you setup an MS live account when setting of a new computer, your bitlocker key is saved on MS’s servers. They recently turned some of those codes to the government to unlock user’s devices. It’s not exactly the same, but it just takes one update for an OS to send that stored information instead of just an API response.
Again you going of on tangents about MS, really doesn’t make your argument seem grounded in reality.
Sure it could be an optional tool all OSes must support, instead of a mandatory local API, but neither of them are the same as MS uploading encryption keys.
Why not? It’s exactly the same. You store creds on your computer, then they take them. The info has to be stored somewhere, and a windows update can take it. The point is that they have proved in the recent past to take user’s private information to give to the government. If they can do it with bitlocker, they can do it with stored info.
But regardless of all of that, it shouldn’t be mandatory anyway. It’s never been about children, it’s always about collecting data. If they are so hard on child safety, then give an optional tool to adults, and let them parent their children. Anything else is an overreach.
Even if this is all fear mongering, it’s still a dumb idea that has no place in personal electronics.
So anything that isn’t a stateless install is proof of mass surveillance?
Why stop there, do you file off the serial numbers of all your chips so that in the future an application couldn’t possibly upload them?
That’s a false equivalency. There’s no identity tied to those numbers on a computer.
Anything software that I don’t want on my install is a problem. Anything that ties my identity to my computer is potential for mass surveillance. They should just stay the fuck off our shit. Their proposed solutions won’t protect anyone. Quit simping for the government, they don’t have anyone’s best interest in mind. Parent your children or just deal with the fact they may see some tits online.
I’m done arguing with you because you argue in bad faith for a cause that’s bullshit. Either you don’t know wtf you’re talking about, or you support this bullshit. Either way, I’m done.
Do you use a username on your computer? Or login as anon every time.
It has a hostname, you can’t get around that.
I just don’t understand your irrationality around your computer storing an UNVERIFIED date of birth for your account.
Either way, I’m done.
TBF it must be exhausting make up stuff to be mad at all day.
It’s a gray area. If you have nothing to “protect the kids”, the feds might force it on a “non-compliant” state right now considering the fascism permeating our highest governments.
We’re starting to see desperate legislation more and more often. As a resident of CA, we had to vote FOR gerrymandering recently. It was disgusting, but it was direly needed to preserve democracy in the US.
A local API is slippery nipples to a survailance state who knew.
Why use a computer at all, it’s the first step towards mass surveillance, better go back to the abacus!
Can’t somebody just boot a thumb drive?
This has gotten me especially curious about Tails.
It’s a solution that seems so divorced from reality… I don’t quite understand how the expectation is reasonable, unless the goal is to force complaints to surface from the OS developers so that they can refine future versions of the law with more accuracy.
Because Linux distributions can be created free-willy. Just check out Linux From Scratch, Gentoo, etc. Same with live boot from USB, same with stripped down server distros like Alpine — you have the same issue.
Linux isn’t a product in the same way that other products can be regulated. It would make more sense if they defined clearly who this law actually targets, being something that is actually enforceable; something like this:
That at least makes some sense. In a way, it only targets PC distributors and porn distributors. The end user could still do whatever they want, but porn distributors may not serve content to them without the functionality described.
Because Linux distributions can be created free-willy. Just check out Linux From Scratch, Gentoo, etc. Same with live boot from USB, same with stripped down server distros like Alpine — you have the same issue.
I don’t want to be “that person”, but here’s how it could play out…
The “free-willy” distros would not fulfill the “trust” requirements needed to pass the “certification process”. You can still use them, but think of it like running custom firmware on your cellphone: you’re not going to be able to access your bank, but somethings will still work.
Larger distros (Red Hat, Ubuntu, etc) would pay to pass the “certification process”, but this would come by making certain concessions:
Then with theses concessions, your PC world be deemed “reliable” to perform the necessary age verification and have this confirmation passed through your browser to your favor porn site.
you’re not going to be able to access your bank
You would need to create yet another version of HTTP to handle that (a few years) and banks would have to handle it globally (at least 5 years from my own experience). It will never happen like that.
You would need to create yet another version of HTTP to handle that…
We’re going down the rabbit hole, but I’ll play along:
I don’t think we’d need a “new http” version to support this. It could all be done with http headers.
Disclaimer: I’m spit balling here, there are probably more efficient ways to do this.
Anyway, when you go to your bank, included in your banks response header would be a “challenge” (a blob of data in as X-Age-ThinkOfTheChildren-Request).
Your browser would pick this up and generate a “response” and send this as part of all future requests to your bank, like an http-cookie (X-Age-ThinkOfTheChildren-Response).
The “response” was created using the banks challenge plus using the unique age certificate stored on your pc (in your TPM module), which was generated (and “officially digitally signed”) during your initial “age registration process”.
The bank looks at the response, verifies that it was probably signed by the “official age verification organization” (simply using the same technology used to verify ssl certs are valid).
Of course, this entire process depends on a “chain of trust”. The bank needs to trust that you didn’t hack your browser to forward these challenges to another pc. However, this is realistic. As part of the initial age verification process, you can only use “trusted vendors” (ie: Red Hat, Ubuntu) - this means they are required to prevent you from installing “hacked” apps. This could be in the form of preventing certain browser plug-ins and only allowing distro provided versions of your web-browser.
Banks are the slowest companies to handle that kind of modification.
True, but this also depends on the bank. Fintech banks like Revolut were the first ones to start to blocking access to phones that are rooted or running custom firmware (… because they care about security /s)
Most of the effort to implement this will be at the OS and browse level, but this would be a univeral solution. Meaning, it would be trivial for your bank, email service, porn site to support it as it’s simply generating a challenge and verifying the response.
With microslop forcing tpm 2.0 as a hardware requirement into windows 11, all the pieces are in place to pull this off - it just needs the software and the legal requirement.
All the other problems with it aside literally this… All operating system providers, including Linux somehow, are supposed to implement a system with a background API that can be pinged by websites through a method that hasn’t even been made yet… concept of a thing to your software that communicates with this other concept of a thing or else we fined into the ground effective in less than one year… Good luck.
Pssst Microsoft… pssst Apple… Don’t worry we’ll send you exactly what to put in your code. Just keep it to yourselves tho
From what I can tell, the ‘age’ part is misdirection. They want to restrict computer use to the “good” people, to make it “safer”.
Using age restrictions first allows legislation to be passed “for the children” using the idea of potential harm to theoretical children. However, in practice, legislators expect the implementation of the age check to be capable of checking anything else they want to about your identity, as a prerequisite for access. Probably using a combination of face scans and ID scans.
This is just the slippery slope argument.
The California law does not require verification. Only attestation.
California, as of today, does not require any kind of verification to install an OS (how it’s always been).
This law gets passed, now they require “attestation”.
A year or two from now, they’re gonna push for for actual age verification.
A year or two after that, the government will make a new law saying that your drivers license is no longer a valid form of identification, they’re gonna need a retina scan or some other form of “bio” identification.
Next thing you know, you’ll be pressing your dick imprint on your PC’s automated Cock-Scanner-v4 encryption tray that pops out of your laptop like a cd-rom drive every time you need to check your email.
Slippery slope, indeed.
Otherwise it is just the slippery slope fallacy.
What do you think their intentions are, and why?
The intentions for the law?
AB 1043 offers a scalable, privacy-first approach that helps keep kids safe while holding tech companies accountable. -Assemblymember Wicks
This ia a quote directly from the author of the bill link for reference.
Now of course the obvious question many people might ask is “are they being truthful?” But that is a question that people will have to answer for themselves.
Now of course the obvious question many people might ask is “are they being truthful?”
Yes that is a large part of what I meant by what are their intentions. If you can reasonably conclude that their that their intended goal will probably involve progressively restricting this area of legislation (whether through implications from their statements or the possibility of them not being truthful), then it is not a slippery slope fallacy.
no, i cant provide and sources because that’s just what i’m assuming will happen. don’t get me wrong, it is totally fair to ask for hard evidence of these claims, and the fact is, right now, that doesn’t exist.
but just based on my past experience with how the government likes to do things and hypothetically putting myself in their shoes, that’s my, we’ll call it “hypothesis”, on what’s gonna happen. my belief is that, at the end of the day, the government and big tech want’s to collect as much information about the public as they possibly can, and this is the order of operations that they are going to take to achieve that.
Palantir
We have unique digital fingerprints for everyone already pretty much, but they are not linked to official government IDs so there is still uncertainty I think over identification.
This makes everyone’s digital fingerprint linked on a government ID. Voila, now every person in America is known by Palantir and the government at all times (more or less). Great for genocide and targeting your political opponents and voters to set up sham elections.
It also tries to stop poors who don’t have drivers licenses in America from organizing as they can’t verify.
Just want to clarify something about your comment since it feels like you have not had a chance to read the law yet.
(this is in reference to the Cali law but I am told the Colorado one is basically identical). The Cali law does not, in any way, require ID verification, it only requires that a parent attest to the age of their child when setting up an account for them.
This is not my argument for this exact law or any of these laws. I just want to make sure we all understand what we are talking about before going for the pitchforks.
I’m so glad someone who can fight it is fighting it. They usually listen to companies more than people.
I’m saddened Democrats are pushing this before the midterms. They’re going to fumble this if they keep on this track.
negativenull
Rioting Pacifist
Static_Rocket
Walk_blesseD
Lucidlethargy
TeddE
Sanctus
RandallFlagg
sudoer777
JustEnoughDucks