Mastodawn

thomkennon 8h ago

RE: https://toot.cafe/@soapdog/116290204253136215

“So it failed age verification and locked me out of many features. Bear in mind, I am 45 years old. I have an Apple account for 25 years, the age of my personal account alone should already verify my age.

Credit cards are not documents. Many people don’t have them. Apple don’t provide any other way to verify your age because they are a stupid American company with American values in which you’re just as human as your credit score.

Age verification is a scam, but checking it with a credit card is even worse.”

@aral this is worse than Discord banning my friend in her late 30s for saying “I’m 12 and what is this” and deleting her account with zero recourse.

Alex@rtnVFRmedia Suffolk UK 11h ago

@aral there is *already* a working age-verification scheme for UK, I use it to get vape juice delivered and the company has never asked for any other info than my address (OK you have to hand this over but if you're having physical products delivered you would have to do that anyway)

SoapDog 11h ago

@aral am fumming here

Aral Balkan 11h ago

@soapdog Rightly so.

Aral Balkan 11h ago

@soapdog PS. Have you heard of this phone? (Sadly they’re US-based)

https://furilabs.com/

FuriPhone FLX1s Linux Phone

FuriPhone FLX1s Linux Phone

@aral I agree that it shouldn't be the only option, but I like when companies offer it as an option if they have to do this at all. I don't want to hand out my passport information, but a credit card I can just generate virtually anyway is fine.

LukefromDC 10h ago

@aral Ageless Linux is now out wirh scripts to strip out incoming age verificarion support from many Linux distros. For now they set the new age field in systemd's userdb to the epoch which is 1/1/1970 or to null when used in flagrant mode.

They are also setting up a full Debian based Linux distro, which will be Debian with any age verification that gets added stripped out.

Then for phones there's Graphene, which is publicly refusing to comply.

Presumably age-verification demanding sites will break in the future but I'd just as soon block them at the firewall anyway.

https://agelesslinux.org/

Ageless Linux — Software for Humans of Indeterminate Age

@aral
If you're looking for a de-Googled #Android phone, I highly recommend GrapheneOS. I switched from using Google Android a few months ago as my daily driver and couldn't be happier.
I don't know about specifically banking applications, but I have to have several apps for work that rely on Google Services, and have had no issues with any of them.
On the note of switching to #linux beware that many distributions are implementing age verification as well through the reliance on systemd.
I have switched to Void Linux from Debian and Fedora, and am so far quite pleased with it. It is certainly a learning process, but I'm very satisfied with the OS.
@GrapheneOS
@VoidLinux

Jeffrey D. Stark 9h ago

@BuuBuu @aral @GrapheneOS @VoidLinux what device did you do this on?

@jstark @aral @GrapheneOS @VoidLinux
I have been running GrapheneOS on a Pixel 9a.
I setup Void Linux on my ThinkPad T440p first (I use this as more of a computer just for tinkering), and then on my E14 gen 6, which is my daily driver.

Jordan Maris 🇪🇺 🇺🇦 #NAFO 9h ago

@BuuBuu @aral @GrapheneOS @VoidLinux your understanding of what systemd is doing is totally flawed.

@jmaris @aral @GrapheneOS @VoidLinux
Can you elaborate on how? I'm by no means an expert and would appreciate any information you can share.
From my understanding, systemd is implementing the system for applications to request age ranges. While I understand this is not as intrusive as age verification in other systems being implemented, it seems to be laying the groundwork for it.
I have also come across other issues people have with systemd, would you mind sharing your stance on this? I have thus far been pleased in learning to use runit on Void Linux.

Jordan Maris 🇪🇺 🇺🇦 #NAFO 9h ago

@BuuBuu @aral @GrapheneOS @VoidLinux the patch literally adds a date of birth field to user data, that is all. It's not an API for age verification. In addition the information is set by the user.

@jmaris @aral @GrapheneOS @VoidLinux
That's good to know, thank you for sharing. Do you feel that there is cause for concern regarding this along with recent legislation mandating age verification?
Again, not an expert, I'm still trying to learn to navigate this field in my attempts to regain control of my devices.

@jmaris @BuuBuu @aral @GrapheneOS @VoidLinux There is no legitimate reason an OS needs to have a DOB field for user data.

It's a fundamental concept for Data Minimization

"Don't store any more information than you actually need"

If an application or other user-space extension has a need for a dob, it should be implemented there, not as part of the init daemon.

Jordan Maris 🇪🇺 🇺🇦 #NAFO 6h ago

@h3mmy @BuuBuu @aral @GrapheneOS @VoidLinux systemd is not just an init daemon at this point. And again, if you don't want to fill in the field, simply don't fill it in. Problem solved.

@jmaris @BuuBuu @aral @GrapheneOS @VoidLinux I feel like you're not hearing me. This is a design and process issue. I shouldn't have to opt-out of including PII. The OS should not require it unless there is a justifiable need. It's a change that impacts a wide population, and there wasn't even a proper design discussion.

I also understand the context, with the new California law that is mandating age gates. This change can be seen as theater to comply without implementing tighter controls. However, it's not set in stone yet, which is why other projects did not implement equivalent changes.

There is a background issue with how large systems incrementally constrain populations. Minority groups tend to be sensitive to that because it's happened to us a lot. That is an explanation for some of the response you see generally. People see how "innocent" and "optional" fields today become "mandatory" and oppressive fields tomorrow. So, I understand the reaction, and dislike when valid concerns are dismissed.

Jordan Maris 🇪🇺 🇺🇦 #NAFO 6h ago

@h3mmy @BuuBuu @aral @GrapheneOS @VoidLinux again, you are under no obligation to provide it. It isn't 'opt out". At worst there will be a field at install time to input it, just like there is a field for full name, and if you don't fill it in, sobeit. Also we are talking about open source here. It is specifically resilient to this kind of bullshit.

Aral Balkan 6h ago

@jmaris @h3mmy @BuuBuu @GrapheneOS @VoidLinux Right, if people don’t like it, they can just fork their operating system. I’ve forked three this week and it’s not even Thursday.

@jmaris @BuuBuu @aral @GrapheneOS @VoidLinux You're focusing on a hypothetical use of just me. It won't affect me (yet). I'm highlighting the reason that people are having a reaction.

Open source is theoretically resilient but it's only as resilient as the gatekeepers, the project owners.

It's like the discussion around the ethics of doing chemical testing in wastewater monitoring. We can test for illicit drug levels in wastewater in order to direct harm reduction resources to areas that most need it. However, how do we implement something like that in a way that prevents it from being used for harmful reasons like "police operations", demonizing victims, and backtracking usage to specific households? It's not an easy question to answer.

If the process in the systemd project allowed for this change without considering the community impact, then future changes with high community impact may be treated the same way (without user/stakeholder buy-in). That is a process issue at a community level.

@jmaris
I'm curious as to your opinion on the value of systemd being more than an init daemon.
I can see the benefits of standardization and unification of systems, however I know a lot of people also have very negative opinions in this area.
I'm liking Void Linux a lot, and I've been enjoying learning to use runit rather than systemd, however I can definitely see it being a lot less user friendly for those not familiar with working in a command line or newer users with Linux.

GrapheneOS 8h ago

@aral The laws being proposed and passed requiring providing age brackets to apps and websites are a horrific invasion of privacy for minors putting their safety at risk. It not only enables targeting minors in harmful ways particularly for the lowest age brackets but also leaks their birth date to apps and websites on the day they move into the next age bracket. One of the biggest lobbyists for these OS level age verification laws is Meta which just lost a court case for exploiting minors.

GrapheneOS 8h ago

@aral These laws dictating the information can only be used for gating access based on age is beyond ridiculous. There's no doubt they're aware it's going to be heavily used beyond the permitted use. It cannot be excused as naivety. These same governments often treat birth dates as highly sensitive information usable as a core part of authenticating people's identity. Meanwhile, they're passing laws forcing operating systems and browsers to leak the birth dates of minors to apps and websites.

𐁂𐀑𐀐𐁐 8h ago

@GrapheneOS @aral Meta is the primary driver of this among private sector companies. Their entire business model is showing ads to people, knowing exactly who they are. This is 1000% a blatant attempt to pierce pseudonymity online.

@Emerson61 @GrapheneOS @aral

Agreed that this is entirely about stripping online pseudonymity and age verification is just step one to acclimatizing people to having even more of their privacy stripped from them.

@aral a famous story here
https://hey.paris/posts/appleid/

And Google is also great even if the police has no evidence
https://www.dailymail.co.uk/sciencetech/article-11133805/Google-AI-flags-dad-photos-childs-groin-infection-phone-share-doctors.html

20 Years of Digital Life, Gone in an Instant, thanks to Apple

Summary: A major brick-and-mortar store sold an Apple Gift Card that Apple seemingly took offence to, and locked out my entire Apple ID, effectively bricking my devices and my iCloud Account, Apple …

Dr Paris Buttfield-Addison

@aral
I had no trouble with my banking app when I switched to Murena recently, but YMMV. There is a thread in the Murena forums about which apps work fully or partly.

https://community.e.foundation/t/list-banking-apps-on-e-os/33091

[LIST] Banking Apps on /e/OS

This is an editable list of banking apps that work on /e/OS. Please enter details only after you have tested all features of the application. If some functionality is not working mention that in the comments. Looking for contactless payment? See this article. TLDR: Curve app for customers, Zettle app for merchants. Country Bank App Name Status Comment WorldWide Revolut Revolut Works only with pre-installed /e/OS and locked bootloader Confirmed working on Murena Fairphone 6 with prein...

/e/OS community

DebC (She/Her)♿️☮️6h ago

@aral More food for thought as I look to buy my next laptop....sigh🤦🏻‍♀️

RealGene ☣️4h ago

@aral
Apple can use a credit card to perform a credit pull; that can tell them, or let them infer, the age of the account and/or its owner.

It's not a government-issued ID, but it's effective.

@aral Apple's only doing this as an excuse to force everyone to add a credit card to their account so they can run up more revenue through "accidental" purchases...

Shameless