Khrys3d ago

The Engineer Who Tried to Put Age Verification Into Linux

https://www.sambent.com/the-engineer-who-tried-to-put-age-verification-into-linux-5/

The lasting damage was knowing it could happen at all: that a single contributor with no stated organizational backing could submit compliance infrastructure for surveillance law directly into the software that boots your computer, get it merged by two Microsoft employees, and have the creator of systemd personally block the removal.

The Engineer Who Tried to Put Age Verification Into Linux

Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert. Unpaid compliance simp.

Sam Bent
Show threadMartijn Vos3d ago

@Khrys

I don't understand what the fuss is about. This is exactly the right way to comply with that law: an optional birth date field. You don't want to have to submit an idea to your OS or implement facial recognition, and you certainly don't want to tie account creation to external services for those things, but now parents can fill in the birth date for their kids, and everybody else can ignore it. This kind of thing needs to be in the hands of parents, not external companies.

So I don't really see the problem here.

Show threadJules 🍺3d ago
@mcv @Khrys
I do, it was done unilaterally without discussion.
Even if it was technically correct and maybe we need to look at this, a single person making the decision and forcing it into the code is not the way this should be done.
Show threadMartijn Vos3d ago

@julesbl @Khrys

But no single person can force this into the code, right? Someone submitted a PR, and two committers approved it, one of them the creator of the project, as far as I understand. If that's not good enough, then what is?

Of course discussion about this important, but can we do that without panic and fear mongering?

Show threadJules 🍺3d ago
@mcv @Khrys
If you think that is a way that things are discussed and implemented then I guess that is all fine and dandy, yes three people implementing a change which affects millions, perfectly fine
Show threadMartijn Vos

@julesbl @Khrys

We've long depended on software maintained by fewer people than that.

The point is: anyone can contribute, committers review and approve. If that has always been a reasonable process, why not now? There are lots of open source projects where the creator of the project has more power than that, and we've always accepted it because we trust the maintainers, and when they break that trust, the community forks, which has also happened plenty of times.

But at the end of the day, it seems to me most people here are irrationally panicking about this. Isn't the field optional? Isn't what goes in the field entirely under the user's control?

By all means discuss this honestly, but I don't see anything here that justifies the hype and panic.

Mar 21 at 10:54amWeb
Show threadJules 🍺3d ago
@mcv @Khrys
If you think this is just like a bug, you are mistaken
Show threadMartijn Vos3d ago

@julesbl @Khrys

Nowhere do I call this a bug. It's an additional field in the user db. Just like userName, realName, emailAddress, location, timezone, preferredLanguage, and many others, some of which are at least as sensitive as age.

People are panicking about a complete non-issue. Read the actual discussion on the commit; there is actual discussion there, but nobody is panicking about it the way people here are.

The discussion on the Arch commit has a bit more pushback; there the contributor puts more emphasis on legal compliance, receives some pushback that it offers no reliable age verification, so how can it comply with the law? and the decision is made to put in on hold until they get some legal advice.

And with or without that law, I don't see any problem with storing yet another piece of personal information. It fits right in with everything else that's already stored. If you don't trust the privacy of your own PC, don't fill it in. It's optional.

But I can imagine that parents would want to set this for their kids, and may also want software to restrict their kids' access to certain kind of content based on that. But that's not what this does.

Show thread0x02d ago
@mcv
Weeeell... it's optional... for now. Heck, systemd is just another init, right?
@Khrys @julesbl