Aaron Toponce ⚛️4d ago

Systemd merged age verification to comply with California state law.

If you want to enter a birth date, I recommend "Friday, 13 December 1901 20:45:52".

I like this for a few reasons:

1. This is the earliest date possible for a 32 bit datetime integer in C.
2. It's malicious compliance.
3. It's obviously faked.

https://github.com/systemd/systemd/pull/40954

#linux

userdb: add birthDate field to JSON user records by dylanmtaylor · Pull Request #40954 · systemd/systemd

Stores the user's birth date for age verification, as required by recent laws in California (AB-1043), Colorado (SB26-051), Brazil (Lei 15.211/2025), etc. The xdg-desktop-portal project is addi...

GitHub
Show threadJordan Petridis4d ago

@atoponce Being able to store the birthday of the user is useful metadata for the system to have in general. This is something that is needed to have regardless of any regulations. There are already other PII stored. Additionally there isn't any "Verification" mechanism in the PR you linked or proposed at all.

Jesus Christ read before spreading further misinformation. You also clearly haven't read the California legislation you are so worried about.

Show threadTravis E. Jones4d ago

@alatiera @atoponce

Honest question from a non-programmer (although I did learn BASIC in high school and Pascal in college), how would the age of the user be useful metadata for the operating system? The reason I ask is that I view the OS as serving my interests as a user, and I can't think of a way I would benefit from having my birthdate stored by systemd. Thanks!

Show threadsteelman2d ago

@travisejones parental control.

BTW you can leave the field unset and the system (i.e. systemd, userdbd etc.) would just work fine.

@alatiera @atoponce

Show threadTravis E. Jones

@steelman

I figured that would be the case, but I'd find it more useful if it were just a binary variable that didn't share any information about the user's age. A system administrator may have reasons other than age for setting such a flag, such as blocking NSFW content in a workplace. I don't blame the systemd developers for trying to comply with laws that have been passed, though.

I read that this is being driven by Zuckerberg, who wants a way to distinguish between humans and AI bots while gathering even more personal-identity info. Since there's nothing stopping a bot from making up a birthday, the next iteration of these laws will probably be even more onerous.

Mar 21 at 4:15pmWeb
Show threadsteelman2d ago

@travisejones

> I'd find it more useful if it were just a binary variable

quite the opposite. in such scenario you may have many thresholds. a highschooler playing doom is fine, but an 8yo is not. date of birth together with content labeling allows for much more usable policies.

> that didn't share any information about the user's age.

the patch being discussed doesn't share anything with remote processes. as hesitant as I am to share this information outside of a trusted domain 👉

Show threadsteelman2d ago

@travisejones

(machine, lab, organization) I can't see a problem with using this information locally by trusted code.

> [NSFW] in a workplace.

that's just a different flag/policy.

> this is being driven by Zuckerberg,

Least surprise ever.

> distinguish between humans and AI bots

Without a DRM-like infra the quality of these data is debatable at best. More likely IMHO is to externalize the cost of age-verification and force it to be somebody else's headache.