Genuine question, don’t we always say that we can change anything in the system on open source software like Linux and systemd etc? What’s stopping any of us from removing this age verification thing? Apps may break, true, but I’m sure there will be many one line scripts that replace that age verification with something that feeds it fake data?
Petition to name the inevitable fork of this “SystemFree”
2000s: war on general purpose computing because of copyright
2020s: war on general purpose computing because of child protection
In the 2000s the forces of freedom mostly won, e.g. https://en.wikipedia.org/wiki/Consumer_Broadband_and_Digital_Television_Promotion_Act didn’t become law. So far it seems that we are currently losing. :(
In Europe too, chatcontrol keeps being pushed no matter how often it’s being struck down.
Yes; recent news have made me somewhat optimistic that the resistance to it is winning though.
Age verification laws currently look like a much greater danger to freedom.
Personally I think that win (while really a win) is being overcelebrated.
It’s easily reverted. All they’ll have to do is find some csam or terrorism related scandal in the news and pump it as a big deal, and all the resistance will be gone at the next vote.
With chat control we actually have to distinguish two different things that people sometimes confuse:
- voluntary chat control (“chat control 1.0”), which is currently already the law in the EU
- mandatory chat control (“chat control 2.0”), proposed in 2022
Voluntary chat control is about letting operators of communication services voluntarily scan messages for certain illegal activity (without this constituting a violation of data protection laws). This doesn’t break encryption and isn’t a part of a war on general purpose computing. While there are many good arguments against it, it’s not especially catastrophic. It’s a detail of business regulation.
Mandatory chat control is about forcing them to do so, which must necessarily break encryption and impose limits on software freedom. This is what is most important to oppose.
The most recent win ended up rejecting even (most) voluntary chat control, which is a good sign that mandatory chat control won’t get a majority either.
“It’s just a harmless field; what’s the big deal?”
The big deal is that it’s on the heels of age verification bullshit that fascists are pushing through with the help of tech bros, so that they can eventually push all of us into a scenario where we have zero privacy.
It’s not the adding of the field itself or the fact that it can be filled with nonsense. It’s the reasoning backing it.
“But it’s the law!”
Yeah, fucking and…? It’s a stupid mass surveillance law disguised as a protection, and per usual, it’s written like vague dog shit. This is the smallest part of the wedge. More will come of this and if developers like this keep volunteering themselves to help the fascists, we will all be fucked. Here’s an alternative approach: just don’t add this. You can fight back by not fucking implementing this. Easy.
Also, they will use it as a means to lock content they don’t want. Like in some jurisdictions it’s already forbidden to share any kind of LGBTQ information even medical with minors… Even in EU, like Hungary. Clearly this age verification will be used for this too. And people not willing to age verify will be locked out too.
It’s part of their campaign of forcing conservative ‘values’ onto everyone.
Yep, then using linux will be illegal, great fucking idea boss
You’re welcome to be a spineless muppet trying to obey unethical laws, but I won’t be.
Only in California and Brazil. And I suspect neither has a shortage of people able to add this field.
Exactly, make your own fascist distro with a fork of systems and leave the original landscape alone
More will come of this and if developers like this keep volunteering themselves to help the fascists, we will all be fucked. Here’s an alternative approach: just don’t add this. You can fight back by not fucking implementing this. Easy.
Only thing you get out of this compared to the alternative of malicious compliance is opening yourself up to attack. You can still fight this without painting a big target on your back.
Is there any evidence that they would go after random FOSS projects that aren’t hosted or developed in the relevant jurisdictions? Don’t comply in advance.
What a pointless drama article this is. FLOSS software does stuff for legal compliance more often than you’d think. The whole point is people can contribute fly by patches and the maintainers make the decision to merge. It seems like being an optional field but potentially providing useful functionality is enough for systemd. If you don’t like it I’m sure there are forks you could join or even use a different init system. No one’s freedom is being oppressed here.
My OS should have no details on me besides the account name which didn’t necessarily correspond to my real name.
It does have some old fields for location etc but those stem from the times of massive multi user systems.
Linux has similar fields for realName, emailAddress, location, timezone and more. But like birthdate, I think they’re all optional.
Was Linux ever used for massive multiuser systems? I thought it had always been primarily home use and internet servers. I think big multiuser systems went out of fashion with Solaris. Well, I suppose corporate workstations need user accounts where some of these are set.
What a pointless drama article this is.
Yep. The crypto ticker at the bottom of the page is the cherry on top!
That isn’t really the point. All this nonsense happened without community discussion beforehand.
Discussions happen after the PRs in most projects, because there is no point discussing code that ain’t there.
And they usually don’t get pushed through when discussion is just starting.
Who are the community employing? Why do they need consulting before code changes are made?
Your comment is nonsense.
I have read the git thread related to the merge request.
I don’t see what’s the big deal. You have a user model that already contain fields like user’s full name, location, … among others and all this developer did was adding yet another optional field called date of birth.
This does nothing to verify user’s age and enforce nothing. They’ve stressed that repeatedly in the comments.
What that does is making it easy for a Linux distro to store user’s birthday - should they wish to do so - and making that bit of info accessible to running apps so that each app can do what it wants with it.
User’s fullname and location are already there which are also optional so what’s the big deal?
Exactly. There’s a massive thread on Mastodon where everybody is panicking about this, but it’s a nothing burger if ever there was one.
Sure, the timing and comments suggest it’s meant for legal compliance, but if that’s what it does, it does it by keeping full control in the hands of the user, where it should be.
For me the bigger problem is that was done without any community oversight.
Yeah it can be verified for now, but it’s a foot in the door for a braindead law that no one in their right mind would follow.
What do you mean. It’s done in public
Yeah and against the massive outcry in the form of comments, the discussion was locked, and the general opinion was ignored in favor of 2 maintainers and a tool of a dev.
The person who has the most blame here is the lead dev of the project imo.
The problem is that Poettering is all in on attestation which is the underpinnings of age verification and remote attestation.
See amutable.com
Poettering has always been a piece of shit.
Why do you think this was locked? This fucking thread is a mugshot of a dev contributing to an open source project.
Fields like name and location do not have any expectation for the information being valid or accurate (see eg.:
adduser).DOB is different. It comes from a legal expectation that correctness of the information will be enforced somehow. If going by the Colorado and NY law proposals, IIRC, by using biometrics at the time of system install.
Fucking bootlicker
I don’t see how engaging in malicious compliance is being a useful idiot. Implementing the entire surveillance mechanism free of charge, that I would call being a useful idiot.
Purposefully implementing a broken feature to satisfy the letter of the law, while preserving the user’s ability to avoid the surveillance mechanism is certainly not that.
Sounds like something I would do ngl
what do you want him to do? to break the law?
I want him to do nothing.
He doesn’t work for a distribution or a system integrator. He isn’t the maintainer for systemd either. He’s a random contributor, and he works for a cloud company that doesn’t make or sell the sort of devices these laws apply to.
These age verification laws did not require Dylan Taylor to take any actions. He did that all on his own.
Who is going to arrest/fine FOSS developers for not doing anything about that? Would Brazil and US states go after uuuh, the systemd developers? What about distros not using systemd, like Slackware. Who is ultimately responsible for a collaborative project? Are they gonna send the police after Torvalds?
Plus, other countries don’t have this obligation.
All that dev had to do is nothing. Instead he chose to comply with something that was never asked.
There’s no need to follow an unjust law, nor a law that makes you an unethical person.
“Software not for distribution or use in California” (aka: “offer void in Nebraska”) is a perfectly valid compliance, btw.
There’s also going the Ageless route and making protestware.
And how exactly would that be breaking the law?
Systemd isn’t an operating system provider and has no legal obligation to make any change.
The beauty of FOSS is that if people want, they can just fork it and keep what they don’t like out
