themachinestopsSomeone Forked Systemd to Strip Out Its Age Verification Support
bruhduh
bdonvrI find that move extremely funny, since it’s purely made for sensationalism and nothing else. I mean, if you hate how systems implemented age verification, then why don’t you remove its identity verification too, i.e. also optional fields for stuff like your address an e-mail that most users don’t even fill out.
There is no mechanism verifying what birth date you type in - you can type whatever date you want and systems doesn’t care.
I’d say no matter where you stand with age verification, this is the best solution to handle the situation. After all, any and all age checks we have nowadays are a black box anyways. There is no real knowing how other systems are checking ages, and there is AFAIK no real government mandated rules on how it is verified. They could make you scan your ID’s front, back, nuclear composition and dietary preferences and give you a result that is almost, but not quite, entirely unlike a proper age verification procedure.
If the government wants to introduce age verification, they have to do it themselves - build an API that handles the age verification, similar to how the digital ID in Germany works, as an example. If they want proper age verification, they also have to take the blame themselves if things go wrong.
AdaMy line in the sand is when a distro/app starts enforcing entry of birth date data. Having a database field to store it, or even an optional prompt for it isn’t the point where I bin it.
That is a valid point. Of course it still would be rather anonymised, but it could always be a ‘frog in the pot’ type situation, where most drastic changes are introduced very slowly. My main concern at the end of the day is how much info will be required to be given to services and how much data will be actually stored. If it’s anonymised, then I don’t see much of a threat. If a service requires me to fully identify for an age check, that’s an entirely different thing, especially considering the last of Discord’s data leaks.
This is the most sane take I’ve read in this entire debacle. Between arguing the semantics of attestation vs verification and whether we need five hundred forks and PRs, I’m glad to read this.
The biggest mistake the original PR did was not make it more clear it’s not directly because of the laws themselves, it’s to support higher level systems that may want to or need to comply. Systemd is no more complying with any present or future laws than a keyboard manufacturer is violating the law if the user uses it to type racially motivated hate speech.
I would but I’ve always been opposed to systemd anyway.
But for me it’s a slippery slope I don’t think we should even get on.
But for me it’s a slippery slope I don’t think we should even get on.
I agree. But the start of the slope isn’t my exit point. My exit point is just before the slope gets too steep to get off.
That’s the thing about slippery slopes. You don’t really know where the point you slip is.
I do. We’re on it already. The whole system is slipping towards an age gated internet, and there is nothing we can do to stop it. That’s the slope. There’s nothing I can do to stop it, whether I’m I stay on or get off.
I don’t believe that dropping my whole OS over a database field will change anything. It won’t stop the devs who are concerned about their legal liability from being doing what they need to do to protect themselves. Some devs will comply, some will walk away from OSS, and some won’t comply. But the bigger the project, the more corporate sponorship it relies on, the more certain it is going to be in the “comply” category, and the truth of that won’t change because users push back.
Which is to say, I don’t believe standing up and rejecting a DB field as a matter of principle will change anything, except to make my life harder.
My line in in the sand isn’t about changing the course of the path we’re on, it’s about my own personal interactions with the system. And being forced to provide my age to interact with the internet is the bit I won’t do. So I will stay with the inevitable creep towards that state until the last possible moment, in the hopes that somehow, I’m wrong, and we avoid this privacy nightmare we’re heading towards. If and when it becomes impossible to interact without providing that data, then that’s where I step off, even if it costs me half the internet.
socsaDistros will push a dob of 1970-1-1, marks my fucking words.
When you make a new user using adduser
and you leave your full name, number, and room number?
Blank is blank, epoch is functionally the same as leaving it blank.
I agree with all that you’ve said. But why add it now? Why haven’t they added it a long time ago? Or if now they remembered, why not other extra optional fields that some people might want, like gender, sex, any other field? Oh, it would be too political? I see…
I’m thinking the same. I understand the people saying it’s no big deal, it’s just an optional field. But the existing optional fields (GECOS) have been there since the beginning of time. The original Unix user database (/etc/passwd) was created in a different time. Things have changed in the last 50 years and we now know that a simple field in an OS level database is not really an appropriate place to store PII. I don’t know what the solution is, as these laws are coming and there will be some people that need to comply, but I don’t think the current change to systemd is the right approach.
On the plus side - this controversy has prompted me to look into other options for my home servers and I’m loving the minimalism and simplicity of Alpine. (This isn’t a knee jerk reaction - I’ve been frustrated by the bloated feel of mainstream distributions for a while - more the straw that may break the camel’s back)
Oh, definitely I’m not saying people should just jump the gun and replace their distro for one without systemd immediately. I certainly won’t, at least not without thinking about it for a while. But I also think that denying the controversy exists is not good. This is definitely controversial, for some people even a deal breaker and there are valid, real reasons why. For the rest, it’s good to look at what options there are, see that there really isn’t an appropriate alternative for systemd in some cases and realizing that a successful fork would be a good thing. Also, a long time criticism of the community has been that systemd does too much and it being against basic Unix philosophy. I always thought of it not being a big deal, given its modularity. But I now realize that it centralizes control and design decisions to a single org and that is certainly a weak point IMO. So a fork makes a lot of sense, but it is at this point a mammoth of the project, so it will be really hard to maintain.
you mean like adding it to a bunch of optional details already?
I mean, the introduction of the date of birth field is obviously done to make it easy for distros to comply with age verification by simply saving the birth date and nothing else.
As for the other fields: what use would it have to have such info at OS level? What application would use these fields and how? I mean, some fields, like the ‘location’ one, already are pretty useless, as, for example, the ‘location’ field doesn’t seem to bhave any firm consensus on how it should be formatted. Even the documentation lists both “Berlin, Germany” as well as “Basement, Room 3a” as valid values.
So I doubt not introducing such fields has any sort of political agenda to it, but just raises the question on why such fields would be useful to begin with.
You know I remember when age verification was a thing on porn sites.
No big deal, I was like 12 and could easily say “yupp, I was born April 20th, 1969” and there was no problem.
Now, in several states that has escalated to you showing your ID.
Do you think this is the end game? Systemd made it clear with this move that any kind of US law passed will be able to be honored by their architecture. They didn’t take a stand that you would expect from pretty much the entire Linux community as a whole.
And see the funny part is where you talk about “if the government wants age verification they have to do it themselves” they pretty much do in USA its called your social security number. Banks, auto dealerships, landlords etc use it all the time and its very effective.
By not taking a strong stance against what is happening here you are paving the road brick by brick to having to provide full on SSN and very plausibly retina scans or something similar in the not so distant future before you can even login to your computer or phone.
I don’t understand, how people here are missing that. Fuck we are on Lemmy because we see how shit worked with things like reddit and others. Things always escalate when control and greed are the primary motivators.
This will escalate. And when it does I want you to remember that people were rightfully making a HUGE FUCKING DEAL about when systemd started doing this because by then you will be able to see clearly how it led to whatever surveillance wet dream they are absolutely going to force on us. It will be clear, and this will be step 1 .
I don’t think that systemd is really bending the knee too hard on this one. Actually, I think this move is actually a great way to render any sort of age verification, when using systemd, inert. Because, let’s think about it: it’s an optional field, in a JSON file that NEEDS to be editable at all times. If a distro decides to implement any serious age verification, it will have to store the data, namely the date of birth, somewhere. The /home folder would be wrong, as the user could edit that at all times. The userdb on the other hand can be restricted, meaning that the user can only edit it with user privileges. So if a government questions the seriousness of this verification method, distros can just claim that it is the administrative duty of the parent to prevent their children accessing things they shouldn’t, and that the Linux kernel itself provides the proper tool to do it without constant supervision. Yet systemd cannot enforce any stricter rules because service users, especially root, are not real people and thus cannot have any age verification. The only solution would be to tie these accounts to a person. This would cause an outrage at companies, considering that this role would most likely be the CEO or CIO, and if that device is stolen their identity could be linked to a crime, and I doubt any police station would bother trying to retrieve that laptop.
So this change will most likely be the maximum systemd can do without breaking distros for corporations, while at the same time allow classic Linux users, who most likely give themselves admin rights, a way to render any verification null and void by editing this optional field on their own.
You should read the thread in github.
A system76 developer said he’s in talk with state representatives, that this might even be overturned, and that it might not even affect open source software at all and one of the systemd maintainers said and I quote: “It is possible that California law will be changed. But similar ideas are popping up in other contexts and it’s unlikely that they’ll all go away. This implementation is fairly generic and useful for other things besides age verification, so we shouldn’t decide whether to merge it or not based on a single law in any jurisdiction.” -keszybz
That seems like bending the knee pretty fucking hard man.
What they have done is proven that they can bully and harass open source software into submission. They should have waited until FORCED to do something like this but it seems like they’re beyond eager to lick anyone’s boots USA or otherwise.
Linux distros are not US entities bound to US law the last I checked (of course you have your Redhats and etc. And I guess maybe their Fedora distro might fall under us jurdistiction since its developed by red hat but I’m not sure because of being open sourced licensed.
They’ve bent the knee before with banning Russian and I think Chinese Linux kernal maintainers before which was also fucking bullshit.
The USA shouldn’t be able to swing its dick around and force the whole world into submission but boy it sure seems to get to every single year more and more and more.
And a lot of people here support it its so sad.
Anyway I’m getting off track with this but seriously no, they should have taken a stand not only for all of us but for Linux as a whole because systemd is a part of Linux as a whole.
If forced, I understand. This was not forced. This was suggested, merged welcomed and the thread locked as soon as any pushback happened.
Doesn’t seem very open anymore to be honest.
yardratianSomaNone of the id fields in the systemd db are required to be filled. This is useless. Simply don’t put any personal info in, and bam, you’re already liberated, from laws that aren’t even in effect yet!
Will you still say that when they implement ID checking functionality?
Will you still say that when aliens from the 19th Dimension verify your age rectally?
I don’t know what this derailment is ultimately trying to say honestly.
Zos_KiaIt’s saying that you can invent an infinite number of hypothetical futures but they are not useful for making decisions in the here and now
Being prompted to submit an ID is not useful for making decisions in the here and now? As far as I understand it, this is the concrete danger. California lawmakers and lawmakers from elsewhere have indicated that this is only the beginning.
But this is just speculation. The fact is, systemd introduced a new optional field in the local database. They don’t publish an OS so they have no obligation to do anything more, actual implementation would have to happen in other projects.
What this is, is a spite-fork by some random AI researcher and anybody installing that on their system has way larger problems here and now than hypothetical ID verification in the maybe future.
They don’t publish an OS so they have no obligation to do anything more, actual implementation would have to happen in other projects
Why are the people who decide on changes to systemd implementing stuff that the vast majority of Linux users vehemently reject?
What this is, is a spite-fork
No one deeply cares about the spite fork. It’s weird that commentators have suddenly become very acclimatised to the systemd changes. A few days ago people were asking themselves why a rando got through with an intensely disliked pull request and now we are here.
the vast majority of Linux users vehemently reject?
I think you vastly over estimate the importance of the reddit/lemmy-sphere freaking out over this.
And the more insane the slippery slopes you imagine skiing down, the less seriously you’re taken. The fact that there isn’t a serious programmer making a fork and instead y’all promoted a slopfork from someone who didn’t read the docs, should be a wakeup call for how unserious y’all are.
If it’s the vast majority of Linux users, how come there was not one that’s read the systemd docs?
I honestly don’t care that much about the law eitherway but the hyperventilating over a milktoast law is something else, it makes me think maybe we should age gate higher.
I think you vastly over estimate the importance of the reddit/lemmy-sphere freaking out over this.
I don’t. The people I know in real life don’t take likely to the changes.
And the more insane the slippery slopes you imagine skiing down […]
This is the fallacy fallacy. There is a precedent for freaking out. Foreign routers being banned, countries and regions stating that this is only the beginning for age verification, you name it. Anyone who submits to that in any way unambiguously invites the new order that is enforced upon them, I say that in regard to systemd specifically.
The fact that there isn’t a serious programmer making a fork[…]
No serious programmer is forking systemd because systemd is more or less doing kernel tasks besides the Linux kernel. This violates GNU best practices. Not to mention openrc and plenty of other init systems existing as a yet uncompromised alternative. Also you are twisting what I am saying, I specifically am not promoting the fork in the article.
If it’s the vast majority of Linux users, how come there was not one that’s read the systemd docs?
You didn’t see the barrage of critism under the pull request, did you? Makes me wonder if you read anything at all.
milktoast law
The law is not at all non-trivial or milquetoast. With ID verification and other methods of age verification you absolutely can unmask users online if states demand APIs be implemented.
You sound like a narc btw!
With ID verification and other methods of age verification you absolutely can unmask users online if states demand APIs be implemented.
Good thing there is no ID verification in the PR.
You sound like a narc btw!
You sound like Alex Jones!
I guess such a response can only come from the head of a “rioting pacifist”. You turn up at the protest but always keep a distance of 50 yards from the crowd so you can say you were part of something while having done nothing. It’s exactly people like you who would have told critics of Franco that they’re delusional and would report people for going outside to catch a breath of fresh air during martial law. All the while broadcasting your liberal virtues of pacifism and political action in all directions.
You are someone who couldn’t get into the NSA and all the other cool agencies, or your country’s equivalent should you not be US American. No badge, no ID number, no nuthin’ - just your computer and you. Should you actually work for the govt. then that reflects rather poorly on the government; You are an awfully unconvincing propagandist. Incapable of reading comments and engaging clearly in serious discussions. I would fire you if you astroturfed for me.
WTF are you on about?
Incapable of reading comments and engaging clearly in serious discussions.
I’d be happy to engage in serious discussion but you’re working on Alex Jones level, veins throbbing over an optional field in systemd
What systemd has done is the following: They went “we speak for the distros utilizing our program now”
What they’ve done, is in the user info field (which already has a ton of information that almost nobody ever fills out) they added a date of birth field. They do not control what it’s used for, who’s going to use it, or if the user will ever bother filling it out. Perhaps nobody will ever implement a use for it, it’s really nothing.
No, what they have done is kowtowing.
What? It’s like saying systemd is handing the government your info because they have a field for your real name and address.
YOU control what info goes there, if any. It mandates NOTHING.
You may as well be mad at vim because your text editor is capable of storing your birthdate if you go in and type it and save it to /public/myInfo.txt
Context matters. Systemd did this as a reaction to frankly insane laws. They didn’t have to do anything like this, yet they did and comparing this to changing and creating files manually in vim misses the point entirely. Intentionally doing something is very different from a feature being natively present.
YOU control what info goes there, if any. It mandates NOTHING.
Until closed source or even open source programs demand an ID verified age from the OS. When that happens you are forced to unmask yourself and the systemd shit is the first step to making such an API possible. It normalizes genuinely insane demands that add nothing for the users except compliance.
This is pretty key. If they had added this field 8 years ago, absent any context of swarms of lawmakers salivating for personal info so they can find more children to fuck, or data to sell to their donors, then I wouldn’t have thought much of it. The timing is absolutely a critical element of the discussion. Heck, wait until CA has repealed its law, and admitted in embarrassment it was a terrible implementation of child protection, and maybe I’d even be okay with adding the field.
Putting it in now is very much like the nazi standing at your door, holding a hand close to your knob, insisting “I’m not actually searching your house and breaking your 4th amendment rights! I’m just standing here, for no particular reason!”
You said it better than I could
they’ve said “we speak for the widest used extended user service in linux”… because… that’s what they are
to say they “speak for the distros” is ridiculous: in that case, every time they merge a feature they “speak for the distros”… they speak for their own software, which is implemented by distros precisely because they implement things like this
Then the whole premise of systemd is absurd if it does talk for distros (OSes). When I get NixOS, I don’t install it because it has systemd. I install it because it is built around Nix. SystemD is a freaking fire-and-forget-style convenience and that’s it. When I look at specific features I want or don’t want, the first thing I’m considering is not necessarily the init system, I first look at what sort of computer I want, then I think about the OS, and specific programs like Konsole last.
I do not want a stupid init system, in this case an init system bundled in a suite(!), taking the steering wheel like this. I definitely don’t want this happening in highly politicised contexts like this one. A layer of perversion is added when you take into account that there are hardly any places to evade these big changes as systemd is omnipresent.
SystemD making these big political statements and practical decisions is just as absurd as GNOME or Xorg doing them. Fuck that shit.
you install a distro because of all the software it includes and how they interact out of the box
you’re completely right that systemd is a background service that most people don’t care about, but it does make the whole system more reliable, and much easier to administer for servers or workstations (enterprise management; not personal)
you certainly do want an init system… even sysv-init is an init system: you need something that runs as pid 1 that triggers other services. systemd starts services, and also ensures they’re in the correct security contexts, running as the correct users, makes sure they’re healthy, tracks dependencies (not just order; this speeds things up because it can be parallel, ensures failures don’t cascade, and means there’s far less jank in random bash scripts)
this isn’t a big political statement: this is an acknowledgment that linux users - not all, but some - will want/require something like this… and systemd user database is the place where that information is stored on modern linux systems
at that point, I’d stop using the internet, or switch to only using tor/i2p.
when that happens, I’ll build my own ISO with that part stripped out, or just move away from systemd
This is perfectly logical and I agree. Except that this controversy has prompted me to go learn about Lennart Poettering. I’ve been using systemd forever and I like it - I like journald and remote journald, I like networkd, I even deleted cron off my systems and use systemd timers exclusively. I knew there was some controversy about Lennart, but I didn’t really care. Now that I’ve read a bit about his background and, maybe more importantly, his new company - I don’t have a good feeling for the future of systemd.
Finally someone who’s read into the issue
Yupp 100% optional.
for now
QuazatronYes, but what’s wrong with this? If you gather engineers that are capable to maintain it - what is the downside? Systemd could always have used a bit of competition, I think most of us can agree. Most of the forks of systemd will fail, but most of all projects fail after some time. I don’t think this situation will harm systemd ultimately and it shouldn’t.