The extent to which core linux projects are laying the groundwork for age verification is very concerning.
I understand why some believe they are compelled to do so, and why others feel that it may be better to implement the most minimal conforming implementation in the hopes of fending off something worse.
But the line must be drawn such that no threat can obligate an OS to collect/store personal information - without that freedom, we face an uphill fight to protect general purpose computing.
IMO the most concerning part of these laws is still the obligations imposed on developers rather than the OS side.
But I didn't anticipate the speed to which system developers would move to implement and accept these awful proposals.
"Do not obey in advance" has fallen on deaf ears, apparently.
I wonder why I'm not surprised that people like Pottering are complacent about this situation.
And it's no surprise that the core distros are complacent either, given how they've been infected by certain schools of thought...
Then there are those who still have the nerve to say that systemd isn't trying to take over all the functions of an OS...
It's a fairly binary option, comply with the law as written (as best as it can be interpreted anyway) or simply ignore it and see what happens.
If those who are considered to be in violation are prepared to accept the consequences then they should do so.
They would have my support for resisting a stupid and illogical law.
systemd for all of its many faults is making a beginning for those who wish to build a framework. It's not mandatory. I don't see how any version of Linux could force this issue.
For one, I am looking with interest at the Ageless Linux strategy which any version of Linux could adopt as a way to achieve malicious non-compliance.
It's a fairly binary option, comply with the law as written (as best as it can be interpreted anyway) or simply ignore it and see what happens.
It's not even complying with the law though... Someone rightfully pointed out, laws are likely to be amended, so rushing to comply in advance will probably not meet later requirements. Other implementations are likely to be contradictory.
systemd for all of its many faults is making a beginning for those who wish to build a framework. It's not mandatory. I don't see how any version of Linux could force this issue.
Putting aside that age-gating is outside of the scope of something that should only be handling init, it's mandatory in that most major distros are built around systemd and use it as a dependency...
@simonzerafa @sarahjamielewis If you want to see something interesting, try removing systemd from your distro. (Don't actually do it. Use dry-run or whatever equivalent you might have.) Just watch how much else gets removed with it...
Some people are actually doing it and it even removes stuff like Pipewire-Pulse. They're back down to Alsa and all the problems it presents...
@nazokiyoubinbou @sarahjamielewis
My bet would be that the Ageless Linux strategy will be the way to go.
Distros will ultimately have to comply with the law (however stupid and illogical) and let users break or sidestep compliance post installation.
The legal folks can point to whomever asks and say that Linux / our distro is compliant and users can break it as they see fit.
I doubt that even the commercial distros will want to pay fines or suffer the other legal consequences even if they can theoretically afford it.
Hopefully the various laws will be eventually be written to be sensible but while we wait for that ...
@simonzerafa @sarahjamielewis As I said in my previous post, rushing to comply in advance will result in them not being able to comply or even breaking other laws (like privacy) in the process. (I would, in fact, argue that they can't comply with these laws due to this and the laws themselves are illegal, so by rushing to comply in advance, they're actually breaking other, more established laws.)
I will agree that the decision should be the user's, but opt-out is NOT letting the user decide. Opt-out is making the decision and then requiring the user to jump through hoops. Ultimately this will also mean your data will be submitted first. That also means opt-out often doesn't really opt-out, it just provides the illusion. Once the data is collected it's frequently already too late.
@simonzerafa @sarahjamielewis As a side note, "just being illegal" isn't the only other option. Fighting back is also an option. Telling them that this can't be legally implemented is an option. Hiring lawyers (fund-raising first if need be, but likely EFF/etc will take it) is an option.
Rushing to comply in advance is intentionally and willfully making a decision to circumnavigate what is best for users because it's what they want (and I might add here that "they" is actually a very small handful of people who are just pushing it through and ignoring/deflecting arguments. Oh, and Claude apparently.)
One thing I'd really like to be clear on is that in complying in advance with that law in one specific area, they're probably breaking a lot of other laws everywhere else.
@f4grx @simonzerafa @sarahjamielewis You'll have to pardon me if I have to just desperately hope you're wrong. You have a point, but it's not quite too late yet for that to turn around. I hope...
It is a given that if they do capitulate on this it will get worse though, as you say. For one thing, verification through third parties is the only thing that the people who push this stuff through will accept. Eventually the OS will have to demand private details far more complex than birthdates and verify in some sort of way. The OS itself will put a unique identifier on people and even stuff like TOR browser couldn't protect them from being uniquely identified all over the Internet if that sort of thing keeps up.
I will cross my fingers that this will not pan out.
Talking to the legislators who are currently debating the bills and trying to get things changed before they become law, is an option.
https://fosstodon.org/@carlrichell/116261853481052659
The California legislative record reveals that one of the basic problems was that no-one thought beyond smart 'phones and Microsoft Windows, to realize that an "App Store Accountability" law actually encompassed a lot more because of how it defined its terms.
@simonzerafa @nazokiyoubinbou @sarahjamielewis rush to comply or what...put a disclaimer on Linux that says not valid in California.
If someone installs software not made for CA in CA whose fault is that.
Do they have to actively stop download or installs based on some geo restriction.
@ahasty @simonzerafa @sarahjamielewis Don't forget that by complying with that one law in that one area (which will likely be amended and thus making any compliance in advance rushed out now non-compliant anyway) they're violating laws in California and in other places...
Or they could just not rush to comply in advance and speak to a lawyer. I bet the EFF would be really glad to step in.
BTW, contrary to popular believe among those hitting accept on PRs, Claude is not actually an expert on legal matters (or anything else for that matter...)
@nazokiyoubinbou @simonzerafa @sarahjamielewis
It would be really fun to see a bunch of distros just say no to California. I do hate that these Devs feel like this should be a component of systemd of all things
@ahasty @simonzerafa @sarahjamielewis Agreed.
Systemd has stepped way outside of its scope. Really it has done so in a lot of things, but it's starting to get really extreme as it begins to collect private data about users that they're not even supposed to have direct control over...
IMO it's time to just dump systemd anyway. I suppose it's more of a fallen support beam that broke the camel's back than a straw, but the camel's back is broken and it's time to move on. Systems shouldn't have been built to be so interdependent on systemd which should not be doing all the stuff it's doing...
Really, if they want to comply, since doing so kind of violates laws elsewhere and often enough even the licenses in the distro, they have to make a California-specific distro...
@nazokiyoubinbou @landelare @sarahjamielewis
Well I'm older that Unix 5, so I've not really got much to say with regard to all things retro 😂
@simonzerafa @sarahjamielewis I’m really annoyed how this is framed as „law compliance”.
Law doesn’t require an init system to do this shit. Law could be satisfied by a separate service left to rot by everyone else on the planet.
@sarahjamielewis i think what many of "us" (free software likers who are not involved in OS dev its self) have realized in this is how exposed to these demands it actually is.
for a long time i had a fantasy version about how these things are produced, maybe influenced from how open source worked in web development; a lot of light touches building something without much funding. but for linux so much of it is really done through paid development by people working at big companies, and they are quite unempowered to do anything about these decisions other than quit outright.
or maybe better said it's that there is no preexisting whisper network or informal understanding of solidarity on these issues among the people most deeply involved in implementation, so there's not really any muscle to be flexed and push back as a group?
Shifts liability to the user - and away from the OS
there's also a line to be drawn - appliances often have a small rtos in them, I saw a firmware gig for a gaming mouse that used zephyr - so will we need age verification to make popcorn in a microwave? (my microwave already has a mandated child safety door lock which is super annoying)
never mind that all these age verification mechanisms will be circumvented by any determined 12 yr old (or younger)
From Kagan's dissent in Paxton 2025, she argued that "age verification is never just about age; it is about the end of the anonymous digital life."
@sarahjamielewis for whatever it might be worth, this particular effort looks to have been rolled back.
So far.
https://github.com/systemd/systemd/pull/41179
Edit: as noted later, this doesn't seem to be the case after all -- the request was closed, not merged. 🤬
This reverts commit acb6624, reversing changes made to ba1caf0. Revert "userdb: add birthDate field to JSON user records (#40954)" After extensive community discussion, legal review and c...
@dragonfi @sarahjamielewis well, crap. I missed that.
Good catch.
I can. That means that all apps need to be able to read from my home directory
Most, yes. Typically interacting with sub directories that are easily tightened with selinux.
To be compliant with the CA law, by my understanding *every* application would need to access the birthday data.
Which then raises the next stupid question raised by this stupid legislation:
What is an application?
Does it include vi, less, and curl? All of these can be used to browse the Internet. What about image rendering software?
What if I 'sudo /usr/bin/google/chrome'?
When was root born?
The whole thing is completely dum-dum idiocy, pushed on lawmakers under the "think of the children" banner by techbros who dream of a day when all compute is rented by the minute.
@sarahjamielewis Expecting corporations or commercial entities (which includes the Linux Foundation) to resist government regulations is bound to disappoint.
The people to blame are those that passed the laws.
is this because our vision of core linux being maintained by altruistic independent developers located all around the world is false?
is the reality that many of the core developers and those with power are corporate secondees?
@sarahjamielewis the only valid action is to #RefuseToComply and ban the #Cyberfascists who push that shite publicly!
@[email protected] thus the only valid reaction is to *proactively refuse to comply* and *actively sabotage such cyberfascidt efforts! - I mean, what's next? - #Russia's #Roskomnadnozr demanding *"#KYC"* of #Users for using #WiFi? - *"P.R."* #China's *"Cybersecurity Administration"* demanding system-wide blocking of #VPN & @[email protected] / #Tor? Just like noone should comply with that #cyberfascism, so should noone comply with #US-based cyberfascism either! - Use #Monero and give #ITAR the finger… - Refuse to finance #terrorism by refusing to create taxable revenue for U.S. corporations! I certainly won't comply with cyberfascism in @OS1337 and any *"#AgeVerification"* is #fascist bullshit under false pretense that needs to be outlawed!
It is worrying how powerful one useful idiot can be.
https://www.sambent.com/the-engineer-who-tried-to-put-age-verification-into-linux-5/
Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert. Unpaid compliance simp.
Inosky
Sarah Jamie Lewis
Joan of Contention 😷
Kirtai 🏳️⚧️
★ Amy Star ★
George Liquor, American
Karl Heinz Häsliprinz
qwertz
Simon Zerafa (Status: 
😊)
Nazo
F4GRX Sébastien
JdeBP
theHastyOne
Laura
slotos
Jack 
johan
Cassandrich
Alex Lohr (RIP Natenom)
tuban_muzuru
Arnan
craignicol
abhatem
maya_b 🇨🇦
Brian Allbee
Rosa Aeterna
Drew 🇵🇭 ♾️
Evelyn Estelle
Q. Edwards
Larry
John Timaeus
Zazzoo 🇨🇦
fhenshib
Orca 🌻 | 🎀 | 🪁 | 🏴🏳️⚧️
Lars Marowsky-Brée 😷
Sneezy
Kevin Karhan 
vam103