Erin 💽✨1d ago
Everyone seemingly getting mad about systemd adding a completely optional date of birth field to user records that is, in reality, only ever going to be filled in on the machines of children administered by parents who want such restrictions enforced, perhaps on machines administered by schools, or by people who want their computer to wish them a happy birthday.
Show threadCassandrich1d ago

@erincandescent "only ever going to be filled in on the machines of children administered by parents who want such restrictions enforced"

You say this as if it's not a huge problem in itself. We should not be building or shipping tools for abusive parents to use to surveil or control their children.

Show threadErin 💽✨1d ago
@dalias abusive parents will surveil and control their children whatever you do. Honestly if some of these parents decide to leave things up to the government (which is on average midly conservative) instead of themselves (which is quite often incredibly conservative) it might even be a net win
Show threadCassandrich1d ago

@erincandescent That doesn't justify being part to it and essentially forcing distros to ship an abuse-mechanism unless they actively patch it out (thereby having to make a highly charged political statement).

Yes a determined parent with technological know-how can always find a way to put such malware onto their child's machine. We should not be making it an out-of-the-box feature of "Linux".

Show threadErin 💽✨1d ago
@dalias A date of birth field in a user information record is an abuse mechanism?
Show threadCassandrich1d ago

RE: https://social.treehouse.systems/@mgorny/116274748222570834

@erincandescent Combined with other things, yes. See for example:

Show threadCassandrich1d ago

@erincandescent Right now, there is no standard place for a DOB field to be stored or for applications to know how to access that information or use it to enforce rules blocking access to information.

By creating standard places to store it and standard APIs to access it, you setup the infrastructure needed for these abuses to be something available out-of-the-box rather than requiring a ton of custom hackery by the abuser to setup.

Show threadLEdoian1d ago

@dalias @erincandescent The thing I am worried about is when the first bit of software tries to use that API, even when I am located outside of the demanded age restrictions. And it does not really matter if that software is a web browser to provide fingerprinting, a media player to verify that I am not playing an R-rated movie or Steam to collect statistics.

I don't believe/trust this stays opt-in and if I don't provide anything, (1) nothing will complain and (2) nothing will use even the negative information against my will. I don't believe in adding an API that is supposed to not be used based on where I am geographically located.

(And I don't trust an API that emerged as a result of this geopolitical climate.)

I don't want such an API existing on my device, even if “the API itself is harmless” and the harm may come from “just” from the applications that utilise it.

Show threadErin 💽✨1d ago

@ledoian @dalias it’s Linux, you’re root, you can just change the code to simply lie or do whatever you want, you have that capability.

Unless someone legislates that you can no longer actually control your own computer (and yes, people are trying to do that), or systems are legislated to collect some kind of proof but that’s a completely different legislative problem

Show threadLEdoian
@erincandescent @dalias Yes. Yes, I have that capability. But I imagine my use of the computer differently than patching random software so it has no access to an API that does not benefit me in any way.
Mar 23 at 1:26amWeb