I love the level of disdain the linux community has for this kinda bootlicking.
Then he said Arch Linux should implement it anyway because the law requires it. archinstall PR #4290
Well, it’s not “the law”, it’s your local law. To most people on the planet, it doesn’t apply any more than for example North Korea’s laws. As far as I can find, Arch Linux is not owned by a foundation or similar legal entity (i.e. which could have been located in California), but the lead developer appears to live in Germany.
I mean they kidnapped maduro and are trying him under new york law so…
So… if the law interferes with your goals, apparently it is now perfectly fine to just ignore it.
That seems to be the approach the US government is taking.
I mean yes, the dems have been breathlessly going on about how that thing that Trump’s doing is illegal but nothing seems to happen. There is no opposition at all
Germany has a similar law already active
§12 Jugendmedienschutzstaatsvertrag
(1) Anbieter von Betriebssystemen, die von Kindern und Jugendlichen üblicherweise genutzt werden im Sinne des § 16 Abs. 1 Satz 3 Nr. 6, stellen sicher, dass ihre Betriebssysteme über eine den nachfolgenden Absätzen entsprechende Jugendschutzvorrichtung verfügen. Passt ein Dritter die vom Anbieter des Betriebssystems bereitgestellte Jugendschutzvorrichtung an, besteht die Pflicht aus Satz 1 insoweit bei diesem Dritten.
(3) In der Jugendschutzvorrichtung muss eine Altersangabe eingestellt werden können
But yes, neither such laws nor the implementation into systemd is in any way positive and should be fought
Jugendmedienschutzstaatsvertrag
Is that a single word? O_O
Kinda. In Germany, we put many words together, to form a new word.
Jugend = youth Medien = media Schutz = protection Staat = State Vertrag = contract
Thanks for the clarification ! And how do you know which word can be put together? Sorry if this question is kinda hard to answer :/ don’t if it’s to long and needs some complicated grammar or something like that, i’m genuinely curious !
I can’t tell you exactly, because as a German I have no idea of our grammar, I speak and write how it feels right. But I found this, if you are interested: https://en.wikipedia.org/wiki/Compound_(linguistics)
Yes!, and german words can even get bigger!
Schwangerschaftskonfliktberatungsstelle is my favourite German word
Oh my god :/
Next they will mandate a “race” field, and the same kind of imbecile will implement it.
to all y’all with the “it’s just a text field”: what if the field is “race”? “sexual orientation”? “jerks_off_to”? what the fuck has a system managing daemon got to do with any of that? and why would you preemptively put it in there without even a pretense of a fight?
fuck you make us! make linux illegal, in Cali of all places. guess how long that will last?
Yeah, scary.
What about some other scary fields like:
- Real Name
- Office Address
- Office number
- Office telephone number
- Home telephone number
- external e-mail address
I mean if those fields were stored, could you imagine the danger that Linux users would be in?
You don’t have to imagine, because those fields have been stored in UNIX/Linux since 1962. https://en.wikipedia.org/wiki/Gecos_field
Those are also entirely optional and not having them filled in doesn’t cause other software to stop doing what the user wants.
(same for the birthDate field)
Not true. Because the stated purpose of the laws at play is to enable that to be queried so that sites can decide what is appropriate for you to see.
That is the purpose, but the field is implemented as optional and modifiable with admin privileges.
That is not the point and you know it.
Your point is true, but I’m saying its impact is also optional.
Depends how these new laws are written.
The same with the birthDate field.
… unless someone merges a PR making it required, which is the discussion of this thread.
And then you can input a random date from before 1940 and forget about it…
What if someone makes a PR making your real name and address being required? Damn…
You’re right.
“What if <insert dystopian scenario that hasn’t happened>?” is a silly argument.
So you’re arguing that systemd shouldn’t have reverted that pointless PR because it’s not actually enforced? Sorry, I’m probably not understanding your comment
I think back then it was generally assumed this simply assisted with office communication.
Imagine telling a UNIX engineer in the 70’s how almost everything you enter into a machine would eventually be used to manipulate or entrap you by the State and surveillance capitalism.
Imagine telling a UNIX engineer in the 70’s how almost everything you enter into a machine would eventually be used to manipulate or entrap you by the State and surveillance capitalism.
This isn’t a hypothetical. North Korea uses a version of Linux which does exactly that.
It still doesn’t make these fields inherently dangerous, and that same argument applies to birthDate. Even if systemd build a verification system that required photo identification and a DNA sample it wouldn’t be a problem.
The community would just fork the project before the totalitarianism update. The FOSS world already has a process to avoid massively unpopular changes. This change isn’t massively unpopular, this is a vocal minority who is stirred up by web articles leveraging clickbait and outrage to drive ad revenue.
The age verification laws are unpopular, I’m personally completely against them. However, they do exist and adding an optional field in order to allow project, who choose to do so, to store that data is not a red line or the start of a slippery slope.
In the future, if there was a red line that was crossed, we would fix it with a fork and not with a harassment campaign.
https://en.wikipedia.org/wiki/Boiling_frog
That’s you. You have no issues giving anyone an inch and then wondering why you’re being lined up on the street afterwards once they’ve taken the mile.
https://en.wikipedia.org/wiki/Slippery_slope
That’s you. You have no issue embarking on a creative writing exercise, painting the scariest possible scenario and pointing at that piece of fiction as if it were reality.
You think you can just make up lies about countries far away from you and no one will notice? Think again, whisu.
Sorry Chairman Kim
Your argument is an informal fallacy called Whataboutism.
I invite you to educate yourself by reading about it on Wikipedia
You should read the article and understand the difference between a comparison and Whataboutism.
You should re-read what you wrote and see why it applies.
Stored “because law”, right?
Who cares why it is stored, these fields exist for every user in every Linux system and they have existed for decades.
Either birthDate the field is dangerous or it isn’t. If it is, how?
It is no different than data fields that ask for way more identifiable and personal information such as Real Name and Office number which have, again, existed for decades without issue.
I care. One thing is “you know, fields with this name have been around since before you were born”, another thing is “some idiots passed the law half the globe away, now we are preparing your system to comply. Someone has to ©”. The field is not the danger, the thinking, attitude and act is
Edit: some local law, for fuck’s sake
Half a world away where do you live since this is happening everywhere. To be half a world away from any place doing this would be hard.
Being half a world away from Americas is pretty easy, don’t ya think?
That’s a fair argument.
Is it fair to say: The field is benign but there is contention about if it should be added or not and users of the software are concerned that their voices were not heard on the issue. That can be handled in the normal project framework, perhaps by suggesting a publicly stated policy about these issues around legal compliance so the community can determine if they want to support the project or not.
My argument is that I don’t think that the damage that was done justifies the hitpiece in the OP which is, almost literally, painting a target on the developer with the mugshot photograph and loaded language.
So, if you’re not one of the people then we’re having different conversations. In that conversation, I do agree with what you just said. I’d like to see the very large projects, which affect a lot of users, such as systemd, have a more formal way to accept public comment and respond on contentious changes and feature requests.
To be fair, I am bit split on this. On one hand, name and shame is an effective strategy and should be used. On the other hand, “put age verification into Linux” is a hilarious stretch. And yes, it feels strange that I have yet to see any kind of response from other systemd maintainers and managers - after all, the man authored a pull-request, not merged into into upstream. I have not been looking for that kind of response myself though, which also serves your point: putting all the blame and anger on this one man (I purposefully omit name) is too much
Is it fair to say: The field is benign
It is benign if it is optional, remains 100% local and under the user’s control and doesn’t prevent other software from functioning as expected.
It is optional, 100% local, under the user’s control and does not prevent other software from functioning as expected.
If it ever is not, then you can simply fork the project at or before that change.
It is not a hit piece. No call to action was stated.
It paints him as an active danger, puts his picture on a wanted poster, includes his full name, workplace and the city and state where he lives and then writes up an article like an after action report of a cyberattack.
It then implies that he’s going to do it again and that he can’t be persuaded and so will be ‘harder to stop’.
Taylor believes what he’s doing is right, which makes him harder to stop than someone acting for money. Taylor already has the resume line and knows the codebase well enough to try again. That’s the true believer pattern. The argument is ideological, so persuasion is off the table.
So if he’s done a bad thing, he’s going to do it again, and you can’t persuade him.
If you can’t read the implied call to action then you’re being deliberately dense.
Ah, but this time the government wants it to be able to be queried so that applications and web sites can decide what to do with you. That’s the difference.
The government’s wants are not in the PR. The PR is an optional JSON field.
The field isn’t dangerous, you’re conflating two different things.
The age verification laws are the threat, not an optional text field or the developer who added it.
Compliance in advance is also a threat. Do not comply, do not begin to comply. It’s a fascist law. Any compliance is collaborating with fascists.
Collaborator
Someone would have had to do this eventually anyways. Be angry at the geriatric fascists, not developers. If it comes to it that the project cannot survive without these changes, then it would be made so that these changes are made.
You gotta think and read more about the actual issue here. The PR was pointless. The idea that Linux could ever comply is absurd. It’s open source. It’s international. Nobody cares about Colorado law.
We’re all going to die one day anyway, might as well jump off a cliff now.
Be careful now! His coworkers will act most silently.
You know what, at this point they can totally fuck systemd and I won’t care anymore.
Half of my machines were running sysvinit already, I’m freeing from systemd the other half, also exploring other Linux distros that took a stance against this and even BSD.
If everything fails, there’s always Linux from scratch.
“It’s just a harmless field; what’s the big deal?”
The big deal is that it’s on the heels of age verification bullshit that fascists are pushing through with the help of tech bros, so that they can eventually push all of us into a scenario where we have zero privacy.
It’s not the adding of the field itself or the fact that it can be filled with nonsense. It’s the reasoning backing it.
“But it’s the law!”
Yeah, fucking and…? It’s a stupid mass surveillance law disguised as a protection, and per usual, it’s written like vague dog shit. This is the smallest part of the wedge. More will come of this and if developers like this keep volunteering themselves to help the fascists, we will all be fucked. Here’s an alternative approach: just don’t add this. You can fight back by not fucking implementing this. Easy.
Twenty Lessons For Fighting Tyranny
- Do not obey in advance. Most of the power of authoritarianism is freely given. In times like these, individuals think ahead about what a more repressive government will want, and then offer themselves without being asked. A citizen who adapts in this way is teaching power what it can do.
https://www.carnegie.org/our-work/article/twenty-lessons-fighting-tyranny/
THIS! Those that do obey in advance, especially trying to help impose it on the rest of us, are collaborators!!! Treat them as such!
“But it’s the law!”
I was just following orders!
this same person would be chuckling to themself about how pointless this all is as he locks the door on the gas chambers.
He’s adding age verification for the internet, not sending people to gas chambers. You really need to touch grass, urgently, because clearly your dependence on the internet is not healthy.
manuallybreathing is making an analogy, not saying they’re the same thing.
You really need to read a book and stop projecting on the internet, it can’t be healthy.
As you sit by and let the pot get one degree hotter
Also, they will use it as a means to lock content they don’t want. Like in some jurisdictions it’s already forbidden to share any kind of LGBTQ information even medical with minors… Even in EU, like Hungary. Clearly this age verification will be used for this too. And people not willing to age verify will be locked out too.
It’s part of their campaign of forcing conservative ‘values’ onto everyone.
You don’t understand.
The alternative to device based private attestation which is what this is or could be part of is constant online verification by Palantir.
Is every time you want to view porn or adult content you have to verify your real identity so evil corporations and the government who pays them know exactly what your fetishes are and can blackmail you. So they know exactly what you’re posting online because you have to face-scan and ID-scan to set up an email account, a social media account, any account with anything that allows posting content online. Is training the population not to enter a date for their kids or themselves when setting up a computer or device account for the first time, once but upon demand scan their face, scan their ID, comply, sit meekly in fear because everything they do online is known.
What does this know? Your birthday. That’s nothing. As it stands it you can enter anything you want. Fight them when they come to add a verification system to this and point out parents would be in a position to set this up for their kids anyways and its just spying. Fight on stronger ground.
We’ve already lost the maximalist position. The internet scanning and ID verification has already been enacted in several states and countries and we risk a world where it becomes the norm and hosting companies drop anyone who doesn’t implement it because they’re made liable as well. This stuff won’t be repealed. People don’t live in democracies. They live in a dictatorship of the wealthy and the corporations. Your dissent doesn’t matter and it cannot reach most tech illiterate people who have far more pressing concerns than to riot over this.
This is a compromise solution and I wish more people would see it. If you can bend you don’t break. If you don’t bend and your enemy is the government they are stronger than you and they will snap you like a twig.
Linux desktop market share is too small to matter. And if you make this push fail then the only alternative, the only viable solution these politicians who are being cajoled and urged to implement this will see is online live-scan face and ID verification and it’ll sweep everything. You’ll have destroyed the internet and having saved Linux won’t matter. After that it’ll be a quick move to ban encryption that the government cannot break and ISPs will block traffic they can’t inspect. Game over. A simple maneuver from the place you force them to by refusing to cooperate and enact this compromise, privacy-preserving solution. We need strong defensible positions to protect privacy and the internet and free software and to understand that the old ways have been lost, they’ve died, they’ve been strangled and a compromise position must be taken up to endure and avoid a total loss.
They can already put it on the parents to verify if they want. Just buy age compliant devices. Stop shilling this nonsense and forcing fear and hopelessness down everyone’s throat. This is bullshit and you know it. We already have a defensible position.
It is defensible in this kind of community, but I doubt it’s defensible in a board voter base. For instance people see billionaires and are saying the government should step in and do something, because as individuals we are somewhat helpless. In this instance we’re like we can fork/we can revert so the government ideally just needs to back off. But if you ask a non-tech savvy voter (and a parent in your example) they will just see big tech and say the government should step in and do something. Has this method of governance been compromised? Sure, is this law an example of that? Sure. But what can we do? The government… Well until people can agree on that, I think we are just trying to find a compromise so that most people can easily dismiss the perspective that parenting tech is too hard. And if people can believe that typing in an age for their child and see big penalties for big tech if they ignore that age, that seems to me the placebo this situation needs.
Am I the only one that is sick and tired of explaining to clueless people why this type of legislation should be shot down. This has been going on since SOPA and PIPA in the US around 2010 or whatever. I feel like I’m blue in the face.
Parents can get child compliant devices if they want. They need to leave our shit alone. How hard would it be to fork a child resistant Ubuntu or have Mac and Windows do it so these Karen’s can protect their own damn kids. But forget the guns and pedophiles running every country in the world. Let’s just fuck with the passions of the FOSS community and open the door for more surveillance.
Finally a sane take.
To take things further this whole outrage reads as a Karen screaming at a starbucks cashier and threatening to boycott the store because they asked for her name. It’s an overreaction to a minor issue, by someone who overestimate their power, directed at someone who has no real power, while the Palantir surveillance system runs on the cameras behind them.
why is it always the .ml users coming in to defend the most tyrannical shit ever while claiming we dont truly understand it
wasting 32 or 64 bits for absolutely no reason is also pretty offensive in itself
wasting 32 or 64 bits for absolutely no reason is also pretty offensive in itself
Storing 64 bits, in this hard drive economy? smh
Agreed. To elaborate:
Sure, the developer is a bit of a Judas for complying in advance, but our anger should be aimed at the people with power and reach promoting these laws in the political sphere (the metaphorical Pharisees).
To those saying “it’s just a field”, please consider that the timing is a more significant statement than the addition of the field itself. Why now? If you don’t support fascism, don’t build the frameworks that support it and don’t let fascists use YOUR platforms or software to make THEIR point, make them fork it and let them fail. I don’t think many members of the senate or house would be capable of adding this themselves. I’d be surprised if they could code hello world in TI-83 BASIC. If they ask you to do it, stub your toe and call in sick. Make it really shitty. Leave in a bunch of bugs that crash the program then blame the age attestation feature to turn users against it. Use copywrited code that they’ll have to remove later due to license incompatibilities. Report your boss to HR for every indiscretion that you might have normally overlooked. Or do nothing; that’s still better than complying in advance.
We have to break the narrative that this is inevitable. There’s enough of us, with concentrated enough knowledge and influence (aka, you folks are a bunch if nerds and I love it!), that if we collectively stop, the whole train stops or derails.
More will come of this and if developers like this keep volunteering themselves to help the fascists, we will all be fucked. Here’s an alternative approach: just don’t add this. You can fight back by not fucking implementing this. Easy.
Only thing you get out of this compared to the alternative of malicious compliance is opening yourself up to attack. You can still fight this without painting a big target on your back.
Is there any evidence that they would go after random FOSS projects that aren’t hosted or developed in the relevant jurisdictions? Don’t comply in advance.
Defenders and writers of the evil code are the ones being targeted. You have this backwards and need a mirror.
Yep, then using linux will be illegal, great fucking idea boss
You’re welcome to be a spineless muppet trying to obey unethical laws, but I won’t be.
Nope, I am a muppet whose livelihood depends on them respecting the law. If you are from one of the godforsaken regions doing stupid laws you should vote against them, I need to comply with your laws because I need to work to feed my family.
You can call me a spineless muppet all you want but I am not the cause stupid laws exists, take it on the californianas for that crap, they elected the idiots doing this. I vote our own idiots and until now they made it clear this bullshit is not on their table, thank you wery much but I did my part.
“then you should vote against them”
Oh you think they asked if they could implement these? And btw, it’s coming to your country soon too. This is a global movement
Then i sure hope linux will not be illegal in my country too
Another collaborator, “just following orders.”
Only in California and Brazil. And I suspect neither has a shortage of people able to add this field.
Exactly, make your own fascist distro with a fork of systemd and leave the original landscape alone
I’m so confused he adds a JSON field and corporate linux (who fund 95% of Linux development) need some sort of age auth mechanism for enterprise deployments. What do you guys want instead?
Like its not even enforceable, when the hardware attestation comes sure but before that why does anyone care (thats not going to stop you from changing a json field in systemd lmao)
Like its not even enforceable
Why bother then?
Because its required by law, and many customers of systemd need to support this?
I think if you reframe the action, it’ll make more sense why people are upset about this.
The way you see it: Some idiots created a new law, this guy was just compying with an unenforceable law, and its unenforceable, so why are people even bothering to get upset. They’re not even using hardware assetation to force this yet. He was just doing his job to follow the law to get this software deployed.
If you reframe it to this, I think it’ll make more sense:
Some idiots created a new unenforceable law. Did anyone from the government specifically reach out to this software team and demand they add this field? Did the software in any way get blocked from being deployed? Its unenforceable, why even bother voluntarily adding features no one wants, for an unenforceable law? They’re not even using hardware assetation yet to force this. Why make the lives easier for people who want to ruin things, by voluntarily adding these features without even being demanded to?
You want the user to put their age somewhere?
Have a simple script that asks for a number and echos it into a file called “age”. Done.
And they can only run the script if they want to.
$ cat /home/$USER/isUserUnderage.txt no $ ll /home/$USER/isUserUnderage.txt -rw-r--r-- 1 root rootDone. Now please let me through, mr. Caflifornia Immigration Officer
That would still be complying. Not okay.
I still don’t understand why it needs to be implemented as part of systemd, and not - say - as a service. Or, if we want to “go with” the law - make it a kernel module, which sounds more impressive (“we are complying at the kernel level!”) but in practice so much easier to opt out of.
I don’t see what’s wrong with implementing it as an add-on to the https://en.wikipedia.org/wiki/Gecos_field as the PR in question does. It’s the most logical place as the location to store user information and is even easier to opt out of—you just edit a file—than choosing whether to compile Linux with/add to DKMS a kernel module.
Edit: One can see https://github.com/systemd/systemd/blob/8878df45c1a58afdfb500fdc53ec50e057a240ce/docs/USER_RECORD_BLOB_DIRS.md?plain=1#L103 for an example of a user record file and its path. Further documentation you can read at https://github.com/systemd/systemd/blob/8878df45c1a58afdfb500fdc53ec50e057a240ce/man/systemd-userdbd.service.xml#L36 and https://github.com/systemd/systemd/blob/8878df45c1a58afdfb500fdc53ec50e057a240ce/docs/USER_RECORD.md .
What a pointless drama article this is. FLOSS software does stuff for legal compliance more often than you’d think. The whole point is people can contribute fly by patches and the maintainers make the decision to merge. It seems like being an optional field but potentially providing useful functionality is enough for systemd. If you don’t like it I’m sure there are forks you could join or even use a different init system. No one’s freedom is being oppressed here.
What a pointless drama article this is.
Yep. The crypto ticker at the bottom of the page is the cherry on top!
It’s brigading harassment on a volunteer dev, the post should be nuked this is just doxxing for ad revenue… disgusting
It was posted by Yσɠƚԋσʂ themselves, who moderates several lemmy.ml communities. I agree it should be nuked, but it’s not going to be nuked.
That’s good to know, I don’t want to be supporting communities which allow this kind of toxic garbage
It’s literally an optional birthDate field in a place where there’s already realName, emailAddress, and location. If you’re concerned about privacy, maybe don’t expose your real name, email, and location.
And it’s not even fucking installed everywhere:
$ userdbctl Command 'userdbctl' not found, but can be installed with: sudo apt install systemd-userdbdAnybody who is calling this age verification is actively lying to you!
This Sam Bent guy should fucking get bent.
My OS should have no details on me besides the account name which didn’t necessarily correspond to my real name.
It does have some old fields for location etc but those stem from the times of massive multi user systems.
Linux has similar fields for realName, emailAddress, location, timezone and more. But like birthdate, I think they’re all optional.
Was Linux ever used for massive multiuser systems? I thought it had always been primarily home use and internet servers. I think big multiuser systems went out of fashion with Solaris. Well, I suppose corporate workstations need user accounts where some of these are set.
That isn’t really the point. All this nonsense happened without community discussion beforehand.
Discussions happen after the PRs in most projects, because there is no point discussing code that ain’t there.
And they usually don’t get pushed through when discussion is just starting.
Who are the community employing? Why do they need consulting before code changes are made?
Your comment is nonsense.
I think what ze’s saying is https://mikemcquaid.com/open-source-maintainers-owe-you-nothing/ . the nature of open source—atl in accord with the hacker ethic—is that everything is just a passion project, there is no responsibility to not make bad decisions, and bad decisions result in decreased adoption and lost trust. after all, open source has always been about making a new alternative because existing solutions are bad.
So we aren’t supposed to talk about or react to said bad decisions? Come on.
So we aren’t supposed to talk about or react to said bad decisions? Come on.
Do you want to post your real name and place of work online for everyone to see or do you understand why that kind of action is dangerous and wrong?
What in the fascist fuck are you talking about
Is there an Arch fork that is not implementing this shit or do I have to go non systemd now? Because this BS is not going on any of my machines.
+1 I spent years wondering if my decision to invest in learning systemd was worth it. The sunk cost fallacy blinded me for too long but I am now willing to ditch systemd if a fork is not made.
I believe this pissed of enough users and it’s likely we will see a fork
Artix is one, but I have no experience with it.
https://aur.archlinux.org/packages/systemd-liberated-libs-git
systemd has already been forked
Don’t go around installing random AUR packages, this really shouldn’t need to be said.
2000s: war on general purpose computing because of copyright
2020s: war on general purpose computing because of child protection
In the 2000s the forces of freedom mostly won, e.g. https://en.wikipedia.org/wiki/Consumer_Broadband_and_Digital_Television_Promotion_Act didn’t become law. So far it seems that we are currently losing. :(
In Europe too, chatcontrol keeps being pushed no matter how often it’s being struck down.
Yes; recent news have made me somewhat optimistic that the resistance to it is winning though.
Age verification laws currently look like a much greater danger to freedom.
This is a gross article and doxxing this person is also gross and useless.
systemd will live rent-free in chuds heads and they will do nothing but use outdated and unmaintained software in protest.
“doxxing” oh shut up
Personally, I do think it’s a useful exercise to decide what your red-lines are when it comes to OS level age verification.
For me: Having a field in a database that could contain my DoB is acceptable. Having a prompt to populate it during first time set up is very concerning. Requiring that data to be validated by a third party is the red line.
If you don’t want to be boiled like a frog, bring a thermometer.
I have two red lines.
- Retaining my personal information.
- Giving it to Peter Thiel.
If I had to give my photo ID to Mullvad to access a VPN, I would do it. I trust they wouldn’t retain it nor give it to Peter Thiel.
NO!
