Mastodawn

Ret 21h ago

@gianmarcogg03 @BrodieOnLinux naive take. Politicians don’t care about votes anymore. It’s lobbyist money that buys their seats.

Speaking on systemd specifically, there is absolutely nothing compelling systemd to do what they did. They are not an Operating System provider. Poettering does not live in California (or even America). This preemptive compliance. The way in which systemd has acted as a project is disgusting (smacking down and censoring opposition, refusing to even discuss it with the wider user base).

Gianmarco Gargiulo 20h ago

@ret @BrodieOnLinux what would you do then? Publicly protest? Burn the politicians' houses?

systemd is only providing a generalized way to store the user's age (which can be used for other things as well) that integrates with the already existing userdb functionality.

Also, they are not censoring anything, the PR comments are not the proper place to discuss (or rather complain the same way without adding anything new to the table) age verification, Poettering said so at 14:33 in the video.

@gianmarcogg03 @ret @BrodieOnLinux it's optional... but accessible to all apps... What could go wrong.

@maat @ret @BrodieOnLinux it's accessible to anything that has full system access. Sandboxed applications don't have this problem. I agree with Poettering's take about that. Your whole file system is also accessible in that case.

@gianmarcogg03 @ret @BrodieOnLinux oh come on stop it with this sandboxing bullshit.

Are sandboxable SERVICES that are run from other contexts... nginx, redis, nextcloud server and things like that => on a laptop or desktop this is pure nonsense.
You don't sandbox firefox, thunderbird, google chrome... which are the real problem because these will be required to share the information with online services... the time to look right and left it will be on you.

@maat @ret @BrodieOnLinux containers for those services exist, sandboxed web browsers exist. You're also describing a problem that has nothing to do with the software itself, but the laws that would mandate age verification. Go complain to the politicians.

@gianmarcogg03 @ret @BrodieOnLinux Ah cool let's get all apps in those nightmarish flatpacks.
Let's put hype on those awful #fatware (built who knows where and how) instead of implementing clean designs \o/

@maat @ret @BrodieOnLinux that's a problem with the implementation, not the concept of sandboxing itself. You talk about clean designs, but your security model is broken, as Poettering would say.

@gianmarcogg03 @ret @BrodieOnLinux it's not broken... on the contrary storing age at user level AND providing a getBithDate API that all apps will be able to requets is deeply broken.

Gianmarco Gargiulo

@maat @ret @BrodieOnLinux by that logic, having a file system with all your files and /dev locations to peripherals like your webcam and microphone are deeply broken. Sandboxed apps don't always have access to all that.

@gianmarcogg03 @ret @BrodieOnLinux you put sensitive data on file system and run apps that you dont trust and that will steal them for sure ? Let me doubt.

But that's exactly what you are selling to each of us => a system to put birth date accessible to all local apps (unless of course you only use those flatpacks... very unpractical and that will only endure until changes are made to allow access to birth date from within the containers)

@maat @ret @BrodieOnLinux I don't run apps I don't trust outside of a sandbox. However software you trust with full system access could have a security flaw, so I run most of them in a sandbox anyway. Access to the birth date would probably be asked to the user anyway through a portal.

Flatpaks are not unpractical for most uses. They surely have their problems and there is some software I prefer as a traditional distro package, but most are either outdated or exaggerated by the typical /g/ mob.