Archr

@Archr@lemmy.world

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Intel Demos Chip To Compute With Encrypted Data⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
FIPS updates/approvals always take a long time.
⁨Comment⁩ on ⁨System76 tries to talk Colorado down over OS age checks⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Just to clarify the law does not allow your os to transmit your dob. Only your age bracket.
⁨Comment⁩ on ⁨System76 tries to talk Colorado down over OS age checks⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
But that is effectively what this bill does, just rather than a check box it is a date entry. There is no verification requirement. Only indication (attestation).
⁨Comment⁩ on ⁨MidnightBSD Bans Users in Brazil and California, Warns More Regions Could Follow⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
You are right. I have no additional response to this that would not make me sound like an asshole.
⁨Comment⁩ on ⁨MidnightBSD Bans Users in Brazil and California, Warns More Regions Could Follow⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I’m sorry I am really not seeing what you are referencing from your link. This appears to be a link to the state administration manual which deals with how departments in the state of California operate.

This does not appear to be a law especially when you look at the procedure for revising the SAM.

Responsibility for updating SAM content is assigned to authoring state departments

Ie. Not assembly members.
⁨Comment⁩ on ⁨MidnightBSD Bans Users in Brazil and California, Warns More Regions Could Follow⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
exasperated sigh I don’t want to get too deep in it with people again. Here is a link to the California law and some clarifications. (I cannot speak for the Brazilian law as I am not from Brazil)

…legislature.ca.gov/…/billTextClient.xhtml?bill_i…
- The law does not require ID verifications it only required that a parent indicate the age of their child when setting up their account.
- The law’s definition for operating system provider includes “general purpose computing device” so no, your toaster, microwave, and fridge are not included. (please remember that legal definitions do not always match how we would use the term in everyday conversation)
- An “accessible interface” is not well defined here. But it could be as simple as a system call rather than a REST API call. Similar to open file or malloc. (this means no centralized government server storing the data)
I have said this in other posts, but the linux community sticking their heads in the sand and pretending these states don’t exist just leave MS, Google, and Apple to decide how this is implemented. I am glad some distro maintainers are taking this seriously and looking at what is the minimum they would need to implement to comply with the law.

To be clear I do not support this law. The definitions are written so loosely that it leaves much of it up to interpretation. It is clear that they did not meet with anyone in the industry before voting.
⁨Comment⁩ on ⁨System76 tries to talk Colorado down over OS age checks⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
The intentions for the law?

AB 1043 offers a scalable, privacy-first approach that helps keep kids safe while holding tech companies accountable. -Assemblymember Wicks

This ia a quote directly from the author of the bill link for reference.

Now of course the obvious question many people might ask is “are they being truthful?” But that is a question that people will have to answer for themselves.
⁨Comment⁩ on ⁨System76 tries to talk Colorado down over OS age checks⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Just want to clarify something about your comment since it feels like you have not had a chance to read the law yet.

(this is in reference to the Cali law but I am told the Colorado one is basically identical). The Cali law does not, in any way, require ID verification, it only requires that a parent attest to the age of their child when setting up an account for them.

This is not my argument for this exact law or any of these laws. I just want to make sure we all understand what we are talking about before going for the pitchforks.
⁨Comment⁩ on ⁨System76 tries to talk Colorado down over OS age checks⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
While I can’t comment on any case law surrounding compelled speech. I don’t thing that this would qualify as compelled speech.

Just based off a quick web search it seems that compelled speech is more about the government telling news organizations to report what they tell them.
⁨Comment⁩ on ⁨System76 tries to talk Colorado down over OS age checks⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Can you provide any sources for these? Maybe a california legislator saying they plan to do this? Or a proposed law? Otherwise it is just the slippery slope fallacy. While that doesn’t disprove what you said it does not provide a valid argument for it either.
⁨Comment⁩ on ⁨System76 tries to talk Colorado down over OS age checks⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
How I understood it would be that the api could be implemented as an API contained within your os. So it would be more equivalent to comparing it to a system call like open file or allocate memory than a REST API.
⁨Comment⁩ on ⁨System76 tries to talk Colorado down over OS age checks⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
This is just the slippery slope argument.

The California law does not require verification. Only attestation.
⁨Comment⁩ on ⁨System76 tries to talk Colorado down over OS age checks⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
The California law does not require age verification. Only attestation. From what I have heard the Colorado one is basically identical.

The NY one I have heard is more stringent. But I have not read that or the Colorado one.
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I fully agree, the definition of application is too broad and should be revised. But how do we revise it without also introducing loopholes that companies can exploit.

All the law requires developers to do is receive the signal and treat that as the primary indicator of the user’s age and to comply with applicable laws (ie. things you should have been doing already anyways).

For applications like ls (which let me be clear that I do not believe this app should be covered by this law) it could be as easy as requesting the signal from the OS, deciding that the user’s age bracket does not matter for your execution, and just performing as usual.

They should really limit the definition of application to just social media apps. (which would likely include things like irc apps).
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Yea they have to ask for your age bracket. That’s not the same as an ID.

I agree, the definition of an application is much too broad. And should be revised. But the difficulty is how do you restrict it without also creating a multitude of loopholes for businesses to exploit. At the very least we should restrict it to applications whose primary purpose is to interact with the internet.

And before you say it, yes I am aware that that still leaves many apps like curl, wget, ssh being covered. But it could be a start.

Or maybe just restrict it to social media applications. I am not a lawyer, I definitely don’t have a great grasp of how to create the type of language that is appropriate for laws.
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
It prevents apps from asking for additional ID verification. I’d rather my os ask me for a number I am able to lie about that to have to send my ID to 30 different apps and data aggregators.

Many people say that we should put more responsibility on the parents for what their kids are allowed to do online. This law does that.
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Sorry it is really hard to understand what you are arguing here.

If you don’t want your info (whether you are an adult a teen or a child) to be shared with “owners of apps that are on the Epstein list”, then don’t install those apps. There is nothing in this law requiring you to download any particular app.

If an app were sending this data to a third party, like palantir, then they would be in direct violation of this law.

If you were expecting to be able to leave decisions about your personal privacy and security to any governing body then you are in for a sore awakening. You should be well aware of how privacy and security are things that we have to take personal responsibility for.
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I agree until this law there was no reason for my os to know my age. This law creates that reason.

Any law can be bad if we take into account the imagined future possibilities. Should we outlaw electricity because it might be used in some way to make nukes?

If lawmakers try to issue further requirements for ID or facial scans then we can fight that. But until then there is nothing in this law that affects me outside of needing to enter a number less than 2005 when I setup my OS.

If you don’t have any kids then you literally can’t be fined under this law.
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
No… The law literally says that if you make a good faith effort then you are not liable.

An operating system provider or a covered application store that makes a good faith effort to comply with this title, taking into consideration available technology and any reasonable technical limitations or outages, shall not be liable for an erroneous signal indicating a user’s age range or any conduct by a developer that receives a signal indicating a user’s age range.

Also the 2500$ is only for negligent violations.

Look, I don’t want linux to leave Cali. I have primarily used linux for the past 8 years and have no desire to use windows anymore than I have to. But, as you said, the linux community throwing their hands up and deciding to exit Cali and Colorado is just playing right into Microsoft’s desires.
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
The law actually has a specific provision preventing both os providers and developers from sending your information to whoever they want.

And the OS is only allowed to send the minimum information that is required. Ie. your age bracket.

Send only the minimum amount of information necessary to comply with this title and shall not share the digital signal information with a third party for a purpose not required by this title.
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I mean yea. If you don’t make a good faith effort to implement this age attestation page and api to allow apps to pull from it. Then yes. You would be liable.

You could of course decide to not provide to residents of California and Colorado. No one is forcing you to provide for either of these states.
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
There is not requirement in the bill to prevent users in specific age brackets from accessing certain content or applications.

It simply defines that a method for age attestation (not verification) must exist and that the age bracket data be made available to apps and appstores.

The people who decide what age brackets can access would be the appstores and the developers.

I will concede that using the word “controls” for the OS provider could be misunderstood. What I would assume is that they are meaning control as in the person/entity that provides updates for the system. Ie, MS, Apple, Linux Foundation, Canonical, etc.
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
… That is literally what this law does.

When a parent creates the account for their child they specify the age. If the parent decides to lie or circumvent the system and it affects their child then they would be fined.

Just to be clear the law itself says absolutely nothing about actually verifying the age.
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I haven’t seen any devs in the linux space actually write about a real solution but my guess is likely not. Since the law specifies that users are “children”.
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Are they? The law effectively only applies penalties to the parents. If you have not ready the law I highly recommend it. It is very short and says nothing about actually verifying the age of the user. It is equivalent of entering your age on steam or the “are you 18+” questions.
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I think people are down voting you since they actually have not read the law themselves and don’t realize that the law itself says nothing about actually verifying that the age is correct. It is no more than what you said, like steam asking your birthdate before you look at certain games in the store.
⁨Comment⁩ on ⁨California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
The point of it is actually the exact opposite. With this law the parent would set the age of their child. And if they decide to lie and their child is affected then they could be fined.

The other thing it does is if a platform decides to ignore the age range of a user and it affects a child then they could be fined. But as long as they do best effort then it really only affects the parents.

It also prevent platforms from requesting additional ID verification unless they have confidence that the age bracket of that user is incorrect.
⁨Comment⁩ on ⁨An upcoming California law requires operating system providers to enforce basic mandatory age verification⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
This was passed and signed last October. Why is this just hitting the news cycle?
⁨Comment⁩ on ⁨An upcoming California law requires operating system providers to enforce basic mandatory age verification⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
It saddens me that someone who is willing to stand so strongly against a oppressive law would work to discourage discussion about those laws on free social platforms.

I hope you can consider your words next time and we can enter into a good faith discussion over the merits and demerits of any law.
⁨Comment⁩ on ⁨An upcoming California law requires operating system providers to enforce basic mandatory age verification⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I appreciate the insight. And you are right, that was my lack of understanding about how it could be struck down in court.

I do want to talk briefly on your point about these other devices where the law might actually apply since I have seen a few people bring up this point.

I the definition of an OS provider the law asserts that an OS is “computer, mobile device, or any other general purpose computing device.” (emphasis mine)

To me this clearly excludes those other types of devices because routers, tvs, etc are not general purpose.

As far as public computers I think that is a really good point and speaks to the vagueness of the law. There is no clear direction on how that works in such a common use case.

Coming from the engineering side as well and I’ve put more time, thought, and effort into project proposals than it feels like they put into this law.