Store birth date in systemd for age verification(github.com)

35 pointsby sadeshmukh8 hours ago13 comments

JellyYelly4 hours ago
I don't mean to come across as a snob, or anything like that, but I find this PR really odd.
It's the authors first time contributing to this repo and it the feedback on the PR that was addressed is really odd, like some of it is super basic stuff, even if you're not familiar with the code base or the language.
Just an all round weird vibe.
- mock-possum11 minutes ago
  > “The clang-tidy test failures appear to be pre-existing and don't seem to be related to my code”
  I’ve seen Claude reproduce nearly identical comments, wonder if that’s a couidence
miohtama5 hours ago
This should be the time for open-source developers to use their common sense to decide whether we should push back.
If California wants to create its own Protect the children operating system, it should bear the cost and responsibility for this alone, and not export any of the sketchy political agenda to the wider open source community.
- bitwize29 minutes ago
  It's the law. If you live in the United States, and a minor in California uses your OS that didn't check age, you could be liable for up to $2500 per occurrence. That can add up quickly if California schoolkids discover your OS does an end run around the law. When ruin is the alternative, compliance becomes non-negotiable.
  - aleph_minus_one5 minutes ago
    > It's the law
    "There is no justice in following unjust laws." - Aaron Swartz (Guerilla Open Access Manifesto)
  - iamnothere20 minutes ago
    Many distros disagree and are not complying. It’s very likely that this (and all similar bills) will be overturned after legal challenges. Noncommercial projects especially have a strong 1A case and we have already beaten one of these bills. Keep fighting.
  - nvme0n1p117 minutes ago
    California laws apply to people living in California. Not the whole country.
  - josefritzishere17 minutes ago
    California can't govern outside California. Other states have discovered the legal limits of their soverignty quite recently. But it certainly argues against hosting in CA and furthermore, consulting an attorney.
bibimsz4 minutes ago
i dont like this
jmclnx5 minutes ago
Interesting solution and I really expected systemd would be were this age validation would be placed if distros what it.
But if this becomes a thing in Linux for the distro I use (doubtful), I will abandon Linux after 30+ years.
I am rather confident OpenBSD will ignore this law and I expect other BSDs will to. If not, back to DOS :)
Note, I have a BSD on a coupld of old laptops for testing reasons. I test what I write in the BSDs to help find issues, that works well.
mzajc2 hours ago
Tangentially related, but does anyone know what Poettering's "cryptographically verifiable integrity" endeavor[0] is about yet?
[0]: https://news.ycombinator.com/item?id=46784572
- rcxdude14 minutes ago
  Probably what it says on the tin, TBH. If you hold the keys, it can strengthen security a lot.
jprjr_an hour ago
I cannot express how disappointed I am to see open source projects giving in to complying with age attestation laws.
I feel like complying really undermines any first amendment arguments. Software is a first amendment protected form of expression, giving in before getting any actual threats from the state makes your participation seem voluntary.
Systemd's participation puts the entire world into compliance with a California law
- iamnothere17 minutes ago
  BSDs don’t use SystemD, neither do some distros. After they have been exposed here as collaborators I suspect we will see freedom-respecting distros move away from them. I myself have been neutral to weakly positive on SystemD until now, as they put forward some decent solutions to longstanding problems, but from now on I intend to stop using their software entirely.
  As it turns out, the people who warned against “professionalizing” and corporatizing Linux were correct.
- zeratax29 minutes ago
  this is not attestation though? it's just parental controls, no?
zoobaban hour ago
Instead of protesting, large corporations decided to ploy.
They cannot loose markets, like California or Brazil.
peteean hour ago
I had to check the date; is not April yet
bravetraveler3 hours ago
Where can I drop a file to always return 1969
- aleph_minus_one3 minutes ago
  > Where can I drop a file to always return 1969
  I am out of the loop: what is so special about 1969 concerning age verification?
- chainingsolidan hour ago
  I was thinking 1984, or if I can return a float, NaN.
  - bravetraveleran hour ago
    Sure, not picky. A symlink to /dev/null for "I'm a grown-up/own this device" would be acceptable. Assumed one would put whatever value they wanted in the INI file :)
- renewiltord33 minutes ago
  It’s admin settable. So just sudo homectl it. You are presumably admin.
  - bravetraveler31 minutes ago
    That's beside my 'point', but fine. I'm deliberately conflating things for humor, sorry it missed. I'll get serious/stop joking around. I have no interest in administrating this. Especially on a per-user basis (despite that being the only way this 'works', I'm generally opposed). I'd prefer a file to drop in /etc... like one would express preferences over, say, /usr.
    It's entirely optional, I get that. I could 'just' not set anything. Spare your fingers. I want to poison it [or loudly opt out] without a lot of effort. This includes running N commands when a file to could effectively disable the signal.
    Said differently: I don't want to configure the portal, I want to ~~break~~ mask it.
noobermin3 hours ago
The context is that this is in response to California in the US potentially passing a law that requires age verification on the operating system level.
- iAMkenough42 minutes ago
  Traced back to Meta lobbyists. https://tboteproject.com/
- zeratax28 minutes ago
  there is no verification happening though
  - treesknees10 minutes ago
    Because systemd isn’t an operating system. It’s just providing a mechanism for the OS to store/lookup the user’s birthday. It’s up to individual distros to do the verification (should the law stand and OS vendors choose to comply)
  - iamnothere15 minutes ago
    There is in New York, Brazil, and probably other places too. Attestation is a foot in the door and will become verification when it is shown to be ineffective. And unless the law is defeated, it will provide precedent for further legislative intrusion into personal computing.
anotherhadi3 hours ago
Pretty good implementation imo
- Spivak28 minutes ago
  Yeah, it's the most basic thing you could do that's not intrusive to the rest of the system. userdb is a local directory and most directories, like LDAP, have a DoB field. Even if these laws fizzle out the change would still be potentially useful for other things like parental controls apps.
icar3 hours ago
Having this in userdb is not bad per se. We already have a bunch of PII in there.
- stuaxo2 hours ago
  I like the analogy of data as oil: polluting when it gets out.
  I'd like to severely limit the amount of PII on the system.
bmlzootownan hour ago
This is absolutely ridiculous.