I imagine people behind this law are pretty interested in this small but powerful user base. I would just boldly assume that a lot of people responsible for independent software and privacy advocates are using Linux etc. So its a interesting user base for sure. But regulating open source software luckily is pretty much impossible and they wont give up their(our) privacy without a fight. Also, we will see how much the user base will grow when these regulations get tighter.
I also wonder whether or not grapheneos, or open source Linux OSs in general, will face any repercussions for failing to comply to these regulations due to the relatively low user count.
sphericalcube@lemmy.dbzer0.com 3 weeks ago
woelkchen@lemmy.world 3 weeks ago
They can simply say on their download pages that residents of Brazil and California are not allowed to use their OS.
BurgerBaron@piefed.social 3 weeks ago
Motorolla bending the knee to the mass surveillance corps and international governments comes to mind. We’ll see how their deal with GrapheneOS goes now.
MadameBisaster@lemmy.blahaj.zone 3 weeks ago
I mean they can simply sell that phone with stock androud in californua and if users flash Graphene on it afterwards thats hardly motorolas fault
Lumisal@lemmy.world 3 weeks ago
Sure. Let them be sued on profits made 😂
wewbull@feddit.uk 3 weeks ago
Hate to say it but systemd, the init system of most Linux distros, already has PRs with maintainer backing to implement DoB recording.
Some people can’t kneel fast enough.
portnull@lemmy.dbzer0.com 3 weeks ago
Which already has a revert commit github.com/systemd/systemd/pull/41179
corsicanguppy@lemmy.ca 3 weeks ago
The self-important creator of Systemd has personally blocked that PR, if I’m hearing correctly, which would suggest he or his employer Microsoft is all in on it.
tabular@lemmy.world 3 weeks ago
“I’m not picking a side” and “this future proofs standardization” is of little comfort. This is seriously suspect and now I have to look for alternatives to SystemD(odgetheissue).
4am@lemmy.zip 3 weeks ago
He left MS in January
portnull@lemmy.dbzer0.com 3 weeks ago
Ugh of course. Thanks for pointing that out
AbidanYre@lemmy.world 3 weeks ago
That has already been closed
corsicanguppy@lemmy.ca 3 weeks ago
Maybe this’ll take the shine off that wunderkinder mess and people will finally be free to choose something more reliable. I love how RH pushed this beta software so hard and my reboots are now just shite – unreliable and occasionally ridiculously delayed.
I’ll be glad to see the back of that metastatic shitball.
NuXCOM_90Percent@lemmy.zip 3 weeks ago
Localized age checks ARE a good system and are something that should have been in the OS for decades. It is the basis for being able to make “child accounts” and is a genuine requirement for Linux to be a meaningful option for “normal people”. And having a protocol for software/websites to request that is a very good system to build on that.
We talk about how the problem of kids getting exposed to horrendous shit is a problem of “bad parenting”. This is the tool you provide to allow parents some control.
The issue is not the age check. The issue is verification. To my understanding, the California legislature explicitly does NOT require a third party. So it is literally just you saying “Sure, whatever. I was born in 1901. Now load the Maya Woulfe video faster”. And yes, this is a step towards that. But so is having network access or user accounts at all.
corvi@lemmy.zip 3 weeks ago
Even if we say I agree with this, why even ask for a specific year? Separate into child and adult, and let the super user make that change when asked.
In theory I’m not opposed to it existing as an option, but I do not like it being mandatory at all. Websites and applications should never be allowed to know any PII without explicit consent.
NuXCOM_90Percent@lemmy.zip 3 weeks ago
Different countries (actually different regions within said countries) have different laws related to what “kids” can and can’t see. How much that matters is up to you. But it provides an automated check that ALSO avoids having to say “Hey mom? I just turned 18 and for no reason whatsoever it would be great if you could switch my account to an adult. Also make sure to knock and don’t look too closely at my laundry basket ever again”.
endlesseden@pyfedi.deep-rose.org 3 weeks ago
I completely agree with this. treat it like a privilege level. it’s that simple. it doesn’t need to define “age”, it can just define what a account cannot access.
this is all a slippery slope, and a terrible one at that. gates protect no one and just tech people to learn to get around them…
SalamenceFury@piefed.social 3 weeks ago
Any age check is just a good way for predators to know WHO are the actual children, and with the epstein files revealing the whole billionaire and politician interest in trafficking and raping minors, this is essentially the perfect playground for them.
JGrffn@lemmy.world 3 weeks ago
Yeah, to be completely honest, the one place where you actually could trust this kind of information is on your own local (and ideally libre-oriented) OS, never leaving your device and instead obfuscated through an API that’s exposed to whatever services need to do an age check, with the potential for additional security impositions or other concessions from data requesters due to the leverage of still having your data controlled by you. This is the bonus FOSS part where we get a say on how we want our data to be exposed on our libre systems. Other users aren’t so lucky and don’t get to have any voice on how this implementation happens, so we should probably participate in the discourse for those PRs rather than condemn them point blank.
endlesseden@pyfedi.deep-rose.org 3 weeks ago
However this is not entirely true either, for two reasons.
Any open port is a attack vector and no matter how secure it is today, tomorrow is not a promise. More so with how this overlaps with laws like Australia’s, which requires all encryption to provide a backdoor for government access. (This means the 5 eyes nations get access by definition to this API while it’s in transit, as soon as it leaves the host system…)
But that’s not just the only issue. The whole issue with libxz being targeted by nation state sabotage proved that, it’s possible to put backdoors into applications despite “many eyes” on the code. (That case was only caught because one obsessive person over the /testing/ speed… 90% of such attempts in most projects would go unnoticed simply as there is not enough maintainers)
Firefox is just a example, so many applications use permissable licenses that don’t require all of the sourcecode to be human readable or even accessible.
Big thing is nothing stops driver vendors from stealing this data too, no different than Microsoft does, whether or not you are signed Into a Microsoft account on windows. Telemetry is already a growing issue and the scope of telemetry data in closed source blobs doesn’t have to be defined…
So by definition it’s not any more secure…
Even if it was, the bigger question is why. Why does the application or web service need to know.
If a child walks into a liquor store and steals alcohol, they get arrested. The burden of proof was never on the liquor store. Why is the burden of proof on the OS and not the parent or child.
We don’t need nanny software, that teaches kids to be better liars. We need stronger punishments for criminal actions, regardless of age and more importantly punishments for the parents for allowing it to occur. Babygating the entire OS for some one elses children that would never touch it, legally. Is a example of creating solutions for a problem YOU(parents/government) created.
All of these age laws came from the social media bans. These of which only came into existence as a means of datacollection… Non-compliance, is actually compliance with how they are written, as they all place the burden of proof on you. No evidence == no crime. It’s still a crime to lie about your age to age restricted content.
chunes@lemmy.world 3 weeks ago
^^^ If you needed proof that lemmy is overrun with bots just like everywhere else.
tburkhol@lemmy.world 3 weeks ago
That’s just systemd adding a birthdate field to their userdb. Doesn’t require that it be filled out or accurate, and especially doesn’t require it to be validated against a government database. I don’t see it as fundamentally any different from adding a userdb field for favorite color, phone number, or blood type.
Without 3rd party validation, I really don’t see the privacy issue with an age field. Without verification, it is, at worst, one more byte available to hash into a unique identifier, but you can feed that field from /dev/random at every query and poison even that hypothetical.
timwa@lemmy.snowgoons.ro 3 weeks ago
Why the ever loving fuck does an init system even need a user database?
Honest to God, if FIFA were giving out a World “Understanding UNIX” Prize, Poettering would be the inaugural, and only, winner. Never in the field of operating systems has one man driven so much enshittification through sheer force of cluelessness coupled with supreme arrogance. And in a world that Steve Ballmer still occupies, that’s one hell of an accolade.
Kissaki@feddit.org 3 weeks ago
Systemd is more than an init system. Systemd was designed to be different from previous Unix-style single-/narrow-purpose services. Many distros making the switch seems to indicate that such a switch had significant enough upsides or necessities. No?
I read an article about why Systemd became what it is, and why it makes sense, and that made sense to me. Integration and a fully designed system has advantages over disconnected utilities and systems you have to connect and negotiate, especially on system- and boot-up level concerns.
Noam_Calhoun@lemmy.today 3 weeks ago
You are absolutely right, we are not in fact getting screwed, they are just applying the lube for later. (Shamelessly stolen from elsewhere)
corsicanguppy@lemmy.ca 3 weeks ago
You. Don’t. Get. It.
ptu@sopuli.xyz 3 weeks ago
Plesse don’t give them any ideas. Here’s a list of what’s currently included
systemd.io/USER_RECORD/
yardratianSoma@lemmy.ca 3 weeks ago
DoB recording, and ID age verification, are two different things though.
Dojan@pawb.social 3 weeks ago
My OS has never needed to know my DoB before. What’s it gonna do, make me a cake?
tabular@lemmy.world 3 weeks ago
No they’re the same in this context.
0x0@lemmy.zip 3 weeks ago
I’ll just plug Devuan, Slackware, Gentoo and many others.
tristan@tarte.nuage-libre.fr 3 weeks ago
Runit supremacy. Welcome to the void.