There’s no age verification in systemd. That field doesn’t verify anything
But my clickbait!
well, obviously. that happens on some external service.
Not yet, it doesn’t. We’ll see how far we go down this hole.
Reject the age verification.
- Fork a project that you have a problem with;
- Write a strong worded manifesto;
- Revel in those sweet sweet internet clicks;
- Try to gather a team of seasoned engineers to keep and evolve the project;
- Most likely fail, look for the next controversy, repeat.
Yes, but what’s wrong with this? If you gather engineers that are capable to maintain it - what is the downside? Systemd could always have used a bit of competition, I think most of us can agree. Most of the forks of systemd will fail, but most of all projects fail after some time. I don’t think this situation will harm systemd ultimately and it shouldn’t.
There’s nothing wrong with forking a project, IF you can and intend to maintain it – hell, that’s the whole basis of FOSS.
Forking it to make a point with no intention to maintaining it is just an easy way to gather clicks and stir drama.
IMHO the effort is better spent fighting the politicians that are shoving this down our throats, or should we fork all the tech that gets affected by bad political decisions?
Try to gather a team of seasoned engineers to keep and evolve the project;
What is there to evolve? Just keep it up to date with the mainstream project while applying this one patch. This is as useful as the signatures that prohibit use of comments to train LLMs.
Forking projects to put a different coat of paint on them is just silly. It’s still the same project, it’s just got your sticker on it now. You still dependent on upstream decisions. If things change too much for your liking, you have a growing patch management issue on your hands, and that’s not fun. But hey, you’re free to do it, that’s the beauty of FOSS.
Reminds me of the Linux distros that just fork Debian, stick a new theme and logo, create a website and voilá. Nah, mate, it’s still Debian.
What is there to evolve? Just keep it up to date with the mainstream project while applying this one patch. This is as useful as the signatures that prohibit use of comments to train LLMs.
That sounds super easy on paper. In practice nobody is going to do this long-term.
The kind of people who get massively upset about this are not the kind of people that are going to make a long term commitment to actually doing anything. Forking systemd is performative activism, that’s it.
I know, 100% agree. It’s not a lot of work but people will quickly find another thing to get angry about and move on. Trying to fork systemd over this feature is completely pointless.
This is bs …
Instead of fighting the laws and the people behind it, ‘we’ (as in ‘the community’) infight about some minor commit?
If the reason is data privacy, why not also remove ‘realName’, ‘emailAdress’ and ‘location’? 🙄
They should also remove the phone number prompt that UNIX has had since before systemd even existed. Your phobe number is an optional part of the GECOS field and has been there for a very long time without anyone freaking out like this.
It’s a slippery slope, I can’t imagine organizations won’t want more and more control over the public.
As far as I can tell the Name Email and location are all voluntarily provided by the user.
This is something that will be used whether you want it to or not (that makes it invasive) because of the laws around it (of course depending on where you are).
Having fields I can ignore as a user isn’t the same as this guided attempt by lawmakers to eventually get you to give ID and retina scans just to use a computer.
This is step 1. That is why people are freaking out about it.
And I know systemd isn’t doing this out of spite, but I do wish the scene would stand up for the user more… Just say no California or whatever other shit place decides to enact that and boom problem solved. Not their fault or problem anymore.
As far as I can tell the Name Email and location are all voluntarily provided by the user.
So is birthDate.
This is something that will be used whether you want it to or not (that makes it invasive) because of the laws around it (of course depending on where you are).
How? First and most importantly, systemd doesn’t do anything to enforce, require or verify the field.
Second, I control what is installed on my PC, that’s the ENTIRE POINT of using a FOSS OS. The FREEDOM to install whatever I want, or not. If there is an application that is using that field to enforce some bs law, then I simply won’t install it.
This isn’t Windows, there isn’t a Microsoft to force you to install software updates that you don’t want. You’re FREE to not install software that does things that you don’t like. This includes any hypothetical future software that would require this field or validate this field.
You control what you install on your pc and I’d be willing to bet that whatever open source OS it is, probably uses Systemd. Unless you’re a Unix person.
They have set this up in a way that yes, right now at 11:21pm UTC on March 24th it isn’t being enforced or required.
But because of the replies of some of the maintainers in their github about this very merge they are suggesting that as soon as it becomes hard law, it will be enforced by them.
Particularly the part where one was replying to a system76 developer who mentioned that they are in talks with state legislators right now, that these proposed laws are very possibly going to be overturned, and that open source software might not even be required to do this at all and that we should give it more tim before we do something like this and the reply was:
“It is possible that California law will be changed. But similar ideas are popping up in other contexts and it’s unlikely that they’ll all go away. This implementation is fairly generic and useful for other things besides age verification, so we shouldn’t decide whether to merge it or not based on a single law in any jurisdiction.”
This suggests that they are doing this because of laws and ideas like this that are coming into play. And that they didn’t want to wait on the confirmation of whether it was law or not, they did it anyway. Why? That’s not very open. That isn’t really taking a stand to support Linux or its users that is voluntarily getting ahead of the control mechanism that “similar ideas” are going to use.
They shouldn’t have done this. In mine, and many, many other peoples opinions as well.
You control what you install on your pc and I’d be willing to bet that whatever open source OS it is, probably uses Systemd.
They have set this up in a way that yes, right now at 11:21pm UTC on March 24th it isn’t being enforced or required.
It is using systemd, yes. It could be using openRC, sysvinit, runit, etc just as easily.
Systemd isn’t a requirement for Linux. It is simply the most useful init system currently. If that ever stops being the case then changing init systems or entire even distros is a fairly trivial task. If systemd were ever to require me to submit to a 3rd party verification of my age I’d just use a different init system.
There is nothing that any open source project can do that would force me to keep using their software if I don’t want to.
They shouldn’t have done this. In mine, and many, many other peoples opinions as well.
If your opinion represents a large group of people then you should have no trouble maintaining a fork.
You are right on that.
I hope that in the end this does end up all working out and I was just one of the crazy guys worried for no reason.
But either way I still think it is disappointing they did this so quickly and that they’re using a US push in law be such a deciding factor in originally pushing for it. It felt like that was the same way when they banned Russian maintainers. The USA and especially specific states shouldn’t have this much pull especially over open source community driven projects in my opinion.
The USA and especially specific states shouldn’t have this much pull especially over open source community driven projects in my opinion.
I completely agree.
I hope we see a bigger push for FOSS software in the EU as they try to reduce their dependency on US tech companies. If more countries treat software like we treat science where everyone contributes and everyone benefits then we’ll all be better off.
I think these laws will be similar to prohibition. They will try for a while, but then realize they can’t succeed. Governments can’t even handle cyber security, how will they handle this?
These laws are made by corporation like FB who wish to shift the blame away from itself for their transgressions. Australian and EU laws are banning social media for pre teens and kids. So instead of them developing ways to follow that law they are shifting that onus on to the operating system.
I think you underestimate the technology they have now especially in relation to an event that happened in the 1940’s.
Its like the Stasi but ten thousand times more sophisticated and every bit as motivated.
Maybe even more motivated, because it generates money for them when they have businesses do it (Palantir) and provides “value” to the markets. Because money and control is absolutely all they care about (in the USA)
Technologically, yes, they could easily identify non-compliance with how much data is being collected these days
Logistically though? How are they going to enforce this? Sue every open source project that circumvents this? Block downloads of it with a great firewall? Fine end users? It’s just not feasible
Realistically, they’re going to go after the OSes with the biggest market share. Google, Microsoft, and Apple will be forced to comply on new devices, and maybe they’ll try to make an example or two to get compliance in advance
It will be used to target certain individuals and “nail” their proverbial “balls to the wall” when they want to ruin your life for not complying.
A us court just convicted people as terrorists and one of the main reasons they cited is that they were using signal.
“This individual circumvented security measures enacted by the united States to keep people and the children™ safe from online threats both foreign and domestic. The individual conspired with multiple other people some of them from other countries, oops we meant foreign adversaries, to destroy or circumvent this framework we had in place”
Only thing I can mainly compare it to is how weed isn’t legal in a lot of places but they usually don’t care, until they suddenly do and your life is fucked.
Think of people like Ken Klippenstein and your Edward Snowdens (who used tails to leak a lot of their illegal spying shit btw which is us made btw where these laws are starting to gain traction the most [yes I see Brazil too])
It will be used to target individuals and destroy their lives through the process.
“Oh also since you’re not using the OS level biometric whatever we enacted this is an illegal machine and we are seizing it. Oh, you had whistleblower reports about government corruption? What government corruption Ken we didn’t find those files but we did find evidence if you being antifa”
And if you think I’m just some paranoid schizophrenic and this could never happen then you haven’t been paying attention.
And if everyone used E2E encryption for their private messaging like everyone who understands the topic has been pushing for decades, signal users wouldn’t stand out
The state cannot enforce this, it still relies on compliance in advance
I agree on everyone should be using E2E Encryption. Its an absolute disgrace that that was even mentioned in the court case at all as a possible link to terrorism.
I disagree that the state cant enforce this at least in a targeted way but, I really hope you are right in the end though.
I guess we will see.
Instead of fighting the laws and the people behind it
We can’t use the system to change the system.
Liberated systemd is a fork of mainline systemd started by Jeffrey Seathrún Sardina, a machine learning/AI researcher
I already have qualms about that.
Call me dreamy-eyed, but the reference to “machine learning” might mean this person has respect for what the technology is and has been for decades before the chatbot flood
yea but as to how this tech seems to me rn, leaves a really bad taste in my mouth.
Far many more than someone.
Feels like something systemd can solve with a compile time flag. Either have it on or off depending on if you want to legally sell it in those areas or not and away you go.
Give an inch they’ll take a mile.I see your instance is UK, so I assume you don’t understand how utterly insane US lawmakers are right now.
if there is no malicious intent in adding this, they really should learn to read the room.
The biggest defense for this I see is:
- it’s not bad now
- it’s not mandatory
- it will remain unused like the other fields that were previously there
- you can put anything in it
Then, tell me, why bother adding this in the first place, exactly at the time governments are looking toward full control of everybody’s computers? If it’s that innocent and useless, either someone really likes throwing shit up, or it won’t stop there.
And given the slate of other things that “didn’t stop there” in the past few years, you know, it cost nothing to be cautious. Especially if it’s “so useless you won’t even notice it’s there” after all.
exactly at the time governments are looking toward full control
Isn’t it all the time?
Then, tell me, why bother adding this in the first place, exactly at the time governments are looking toward full control of everybody’s computers? If it’s that innocent and useless, either someone really likes throwing shit up, or it won’t stop there.
It’s there because systemd is the place that makes the most sense to store that kind of data.
Systemd stores user details.
This is a user detail.
So, storing it in systemd makes the most sense.
The alternative is having every individual program try to store data about the user in their own, non-interoperatble formats. That’s a needless complication when systemd already stores user details
This field will not affect you unless you choose to let it. You get to pick what software is installed on your system. Unless you choose to use an application that validates your birthdate, the field does absolutely nothing.
For people who want to use birth date (say, maybe people with multiple kids) it makes way more sense to store that detail about the user along with every other detail about the user that’s stored on the system.
The alternative is having every individual program try to store data about the user in their own, non-interoperatble formats
The alternative is NOT to store that data system wide, NOT have it made easily available to anything in the first place, and NOT normalizing having all your personal data available at will to everything.
Are you really arguing about the convenience of having personal data available system wide when it’s is absolutely irrelevant to 99.9% of running applications?
You can choose to not install applications that use birthDate. It’s your system.
But, you cannot choose what other people want to install. It’s their system.
There are applications which exist, that other people can choose to install, that require this field and systemd is the logical place to store that information.
If you don’t like the applications that would use this field, and you don’t want your system to store information in birthDate then there is absolutely nothing stopping you from doing that. You don’t get to make that choice for other people, however.
I can see it’s just an optional text field but the ick isn’t optional. It’s leaning towards submission in comparison to resistance. I’m hoping such laws get repealed, rather than spread.
Lots did. There are about a dotzend forks for this explicit purpose.
And in a month none will be active at all.
I am aware of the Orwellian privacy implication, but how do we deal with bots, now that AI is rampant?
Something like hashcash, or what?
Some type CAPTCHA type puzzle. Maybe ask users how many Rs are in ‘strawberry’ before they can proceed
to play a game of paper scissor rock. Most chatbot try to play (without any understanding of how pointless it is). Anything that tries to play straight away is automatically a bot.
Play a game of rock paper scissors with me
I’m not into this, but is it the nerd version of releasing forks and torches?
More like forks and patches
Okay I’ve said this so many times but (open source) code is speech and thus protected by free speech laws. Also idk if anyone’s noticed but it’s pretty obvious ID verification is for mass surveillance and obbo purposes. Now why would this apply to software that we already know doesn’t spy on you? Until now, proprietary software and big tech platforms already spied on you, but it could - to an extent be pseudonymised. This isn’t about spying on people, they already do that, it’s about removing pseudonymisation - instead of your data being stored under: User #2044820 it’ll be your full govt name and address leaving no room for doubt or plausible deniability.
It is by every metric, useless to provide ID verification for software that collects no data, at best it would just give them a better idea of the demographic. Also it’s literally open source, the GPL prohibits disallowing people from forking/editing it and it prohibits restrictions on the way in which it can be edited, which is legally binding.
After all, any and all age checks we have nowadays are a black box anyways
This is the only part I disagree with. Age verification is typically done via services like ID.me, Lexis Nexus, etc which do it via identity verification with documentation. The alternative method that most social sites have gone with is age prediction from a face scan, of which providers are more than happy to tout how they do it as differentiators. For the latter, there are even FOSS options.
I think what they mean is, with a black box we know the input, documents, and output, yes you can buy beer, but we don’t know the internals. How and for how long is the data stored, who is it shared with, who has access to it, how much meta data can they pull together to build a profile on you and so on.
Not sure what is worse:
- The political fight re: should the OS store your age at all. (Linux will be illegal because they didn’t bend).
- The political fight re: should OSes be required to verify your age / identity?
To me, fighting at step 1 has the advantage of keeping the infrastructure from getting built, and the disadvantage of people saying “well, actually, there’s nothing concerning or new here.”
Fighting at step 2 has the advantage of being a clearer threat, but a disadvantage since the prior infrastructure has been built, society has adapted it, and politicians say “think of the children.”
I feel like it is more strategic to fight at every step.
