Personally, I think this first response nails it.
https://lists.ubuntu.com/archives/ubuntu-devel/2026-March/043515.html
Linux is not sold. So you either need to force users to install this on their systems, or go eat rocks.
Enterprise distros on the other hand… Need to do this.
I would also interpret it this way, though California’s government is profoundly technologically incompetent, despite being the home of “Silicon Valley.”
Knowing California, they would try to twist the word “vendor” to cover any entity that does any kind of business, similar to how they dismantled interstate commerce protections for the entire country. If that didn’t work, they would argue that donations make something a vendor.
The situation is stupid and I am long past tired of idiots pushing idiocy on others en masse.
I might have a lot of fun things that aren’t legal in California. Never thought my OS would be one, but here we are.
If people went out of their way to learn a damn thing about computers, and all-consuming jobs didn’t force entire generations raised without parents, and maybe they didn’t let their 6 year olds on social media / online gaming / whatever unsupervised, maybe there’d be more backlash to the state and corporations trying to step in as parental figures.
…Wish that wasn’t too friggin’ much to ask.
Servers and data centers have zero business knowing anything about who’s behind my machine by default.
Why not say “we won’t sell to any customers in California” and be done with it? If someone goes out of their way to install Ubuntu on their system, it’s up to them. Also, how is that going to work for OSes in the cloud? Will CI pipelines need to be age gated?
Because not selling your product to the 5th largest economy in the world is a dumb idea.
Except the whole point is that it’s free and you’re not selling anything anyways.
Ubuntu is in fact sold and supported and that generates most of the money to fund it’s development.
The rest of the US is still available?
California on its own is the 5th largest economy in the world.
It recently overtook Japan, so it’s 4th now…
And the rest of the US is unimportant?
Not unimportant, just irrelevant to this conversation, this is about California.
It is not. Leave California and serve the rest of the country.
What do you suppose is the US ranking among all other economies, without California? I don’t know any better, but something tells me California might be a pretty big loss. You can cut your leg off if you get an infection… but, you’ve still got to cut your leg off. That’s enough to make some antiscience people consider meds.
Canonical bending the knee already? That was quick.
But also not surprising at all TBH
A “good faith effort to comply” with a bad faith law is to pipe /dev/yes to the API.
I mean… there’s nothing stopping anyone from setting their age to 100 years old. It’s not like they are adding any sort of identification check, from what I gather. Just doing the minimum to comply.
For now
Also showing lawmakers how easy it is means even more laws down the pipeline to really make development disgusting because “it worked before, right?”
They are building the framework piece by piece. First the API is “Honour Based” then it goes to “Prove It”. For once it looks like baby steps instead of full blown head in a toilet of fresh shit like usual. Build your off line libraries, soon the only way to win will be not to play
Why is there a need to comply with foolish laws? I’m sure I type stuff on lemmy.ml or elsewhere on the internet that doesn’t comply with some idiot law somewhere in like Myanmar or the DPRK. Why would I concern myself with those laws.
As a European living in Canada, it’s quite annoying to think about having to do extra stuff (even if it is very minimal) because one state in America passes a stupid law.
Let’s not forget all the new cookie banners everyone deals with now.
People who live in California, if anyone bothers to enforce it, would have two options:
- Switch OSs to something that does comply, or
- Risk criminal actions for using their computer wrong
It should be implemented as “This is only required if you live in California” during setup. However, this does sound completely unenforceable. If I have a connecting flight through LA, will they send a swat team to pick me up at the airport for not setting it up and using the WiFi?
Would they actually go after the people?
I expect the law would place the responsibility on the companies managing / distributing the OS. That’s the reason companies are complying. People can always look for alternatives… I’m sure there will always be homemade distros without stuff like this made by ragtag groups / communities without much of a corporate structure behind.
You don’t need to take remote places like DPRK. Trust me, most Lemmy instances don’t follow the laws of 27 European Union countries.
Can you share an example which laws and in what way are broken?
I support Palestine Action. From the river to the sea, Palestine must be free.
There: I’ve broken British and Australian laws.
Non of these countries belong to the European Union.
You’re not an instance though
I’m not a lawyer, but I’m pretty sure they don’t follow the GDPR (and I don’t think it would even be possible given the federated nature).
Does FreeDOS need to comply with this law? After all these years, a new 21h interrupt!
Does it have accounts?
That is an interesting option. Is there such a thing as a Linux distro without accounts?
I really hope they call the kernel module suck_my_ass so I can sudo modprobe -r suck_my_ass
This is perhaps a controversial statement from someone who is fed up with all this age verification stuff, but having the user age be set on account creation (without providing ID or anything dumb like that) doesn’t seem that bad.
It just feels like a way to standardise parental controls. Instead of having to roll their own age verification stuff, software like Discord can rely on the UserAccountStorage value.
If it were possible to plug into a browser in a standard, privacy conscious way, it also reduces the need for third party parental control browser extensions, which I imagine can be a bit sketchy.
OSes collect and expose language and locale information anyway. What harm is age bands in addition to that?
Currently it’s self reported, but if it’s complied with and then they inevitably say now it needs id they can just block all the self reports until id is provided. This is the same tactic of marginally moving the line that has been happening for years
Sure. But at that point distros can just say “no use in California lol” and enjoy the free market share from disgruntled totally-not-californian Windows users.
In theory yes.
What’s bad though is that it’s meaningless. Sure the OS can say you are 10 years old or 100 years old and you can’t change it… but then you open a page in your browser which runs a virtual machine and that VM now says you are, arbitrarily 50 years old. The VM is just another piece of software but put it in fullscreen (if you want) and voila, you are back to declaring whatever age you want to any application or Web page within that VM. If that’s feasible (and I fail to see how it wouldn’t, see countless examples in https://archive.org/details/software or https://docs.linuxserver.io/images/docker-webtop/ even though that’s running on another machine, so imagine that was a SaaS) then only people who aren’t aware of this might provide a meaningful information on the actual age but that’s temporary, the same way more and more people now learn to use a VPN.
I mean, ultimately it can always be worked around… even if you were to add stronger forms of identification, a kid can take the parents card / ID / DNA sample / whatever when they are distracted and verify themselves. If a kid is smart enough to set up a VM like that they are smart enough to deceive adults. Teenagers have been finding easy ways to get to forbidden stuff for centuries.
I’d much prefer if the source of trust is in the local device, in the OS, that is responsibility of the family to control, and not on some remote third party service offered by some organization in who knows where with connections with who knows who. If parents don’t properly limit the local user account of their kids, or restrict access to the places they don’t want, it’s their responsibility. Set up proxies, blockers and lock the OS locally, but don’t mess up the internet for the rest of us.
If a kid is smart enough to set up a VM like that they are smart enough to deceive adults.
That’s my point of Internet Archive software and emulation section : no need to be smart, open a Web page that provides a VM and voila. You don’t have to do anything hard, only understand the concept and know where to find a VM.
Also if it’s properly all in the browser (no backend setup, no tailscale, which I’m not sure it can be done due to networking, but maybe) then any static host can have it, heck even download a .html and open it would do. In such a situation I can’t imagine it can be blocked/limited at all.
Yes I also would much prefer everything to be done locally and have no 3rd party that ultimately I won’t trust (one just has to look at leaks from large companies to understand why) still “it’s their responsibility” when I tried to demonstrate it’s fundamentally impossible when emulation exists is a fundamental problem.
PS: FWIW https://ktock.github.io/qemu-demo/
Standardized parental controls would be great, actually. But it should be proper parental controls, not whatever this is. Because at the end of the day, the parent* should be involved in what their child is up to, and allow (or not) based on what the child needs and/or wants, instead of whatever we are doing now.
Or, to put it another way, if your teen has read Games of Thrones (the physical books), I don’t see much of a point in forbidding them from going to the wiki of it, and I’d be hard pressed to justify stopping them from talking about it online with other people who have read the books. The tools should allow for this kind of nuance, because actual people are going to use it and these kind of situations happen all the time.
* some parents are awful and would abuse this, see LGBT+ related things, but that’s a social issue, not a technological issue.
Agreed, but at this point I think it’s worth taking what we can get.
I thought similarly that a minimally privacy invasive set up like sending a “I’m over/under 18” signal that didn’t require verifying government ID/live face scans/AI “age approximation” would be a good idea, but I now think that this system would fall over very quickly due to the client and server not being able to trust each other in this environment.
The client app, be it browser, chat, game etc, can’t trust that the server it is communicating with isn’t acting nefariously, or is just collecting more data to be used for profiling.
An example would be a phishing advert that required a user to “Verify their Discord account”, gets the username and age bracket signal and dumps it into a list that is made available to groomers [1].
Conversely, the server can’t trust that the client is sending accurate information. [2]
Even in the proposal linked, it’s a DBUS service that “can be implemented by arbitrary applications as a distro sees fit” - there would be nothing to stop such a DBUS service returning differing age brackets based on the user’s preference or intention.
This lack of trust would land us effectively back to “I’m over 18, honest” click throughs that “aren’t enough” for lawmakers currently, and I think there would be a requirement in short order to have “effective age verification at account creation for the age bracket signal” with all the privacy invasive steps we all hate, and securing these client apps to prevent tampering.
At best, services wouldn’t trust the age bracket signal and still use those privacy invasive steps, joining the “Do Not Track” header and chocolate teapot for usefulness, and at worst “non verified clients/servers” (ie not Microsoft/Apple/Goolge/Meta/Amazon created) would be prevented from connecting.
The allure of the simplicity and minimal impact of the laws is what’s giving this traction, and I think the proposals are just propelling us toward a massive patch of black ice, sloped or otherwise.
Having said that, I can’t blame the devs for making an effort here, as it is a law, regardless of how lacking it is.
[1] I realise “Won’t someone think of the children!” is massively overused by authoritarians, give me some slack with my example :) [2] Whilst the California/Colorado laws seem to make allowance for “people lie”, this is going to get re-implemented elsewhere without these exemptions.
I can see the slippery slope argument, however it overlooks the fact that countries/states are already willing to implement the non-privacy systems.
If these systems take off, it will give privacy advocates the ability to point at California’s system and say “look, they have a system that is as effective as the strong assurance stuff but without the people sending you angry emails.”
I see it as almost a “reverse slippry slope”. A way for people to push for less strict verification.
Yeah countries and states are relatively happy with the non-privacy systems as they “work”.
My principle problem is I cannot see this system “working” to the satisfaction of the seemingly incessant voices who don’t want a child to see something that they shouldn’t, where “something” is nebulous and seems to change with who you ask and at regular intervals.
I’m probably very jaded - I’d love to be proven wrong and this system works as a least worst option, but I’m in the UK and we recently seem hell bent on choosing the worst option offered.
My condolences - I’m in the UK as well and wouldn’t wish that on anyone.
If I may offer an alternate perspective: Politicians don’t actually care about any of this, they just want votes. California’s system allows them to say “Look, we solved child safety!” without having to deal with people complaining about privacy. If there’s an existing system in place, it’s easier for politicians to say “we already solved this!” and ignore those voices.
It also puts the guilt on parents. If this system in place, and you complain about your child seeing tiddy online, the question is going to be “why didn’t you set the age correctly then?”.
… Of course this might be me just being optimistic. I really hope we, as a species, grow out of this new age puritanism and government overreach.
It just feels like a way to standardise parental controls.
Then focus on that instead of pushing age laws.
And we all know this “Think of the children” is never about the children.
Next will be compliance through secureboot and TPM.Isn’t this an example of pushing for standardisation of parental controls?
Parental controls means the control is done by the parents… not by the companies. I don’t need to tell any company what age bracket my kid might be, all I need is for them to tell me how can I block / restrict access to their services in my parent-controlled network (or how to allow them, if using allowlist).
Standardization of parental controls would be if routers and/or the OS of the devices came with standardized proxy settings that allowed privoxy-style blocking of sites in a customizable way so we can decide which services to allow… with perhaps blocklists / allowlists circulating in a similar way as adblockers do.
Standardization of optional parental controls (and accessibility while we’re at it) would benefit most linux distros imho.
Someone else had brought up in the past few days that parents either don’t know that parental controls like this exist. Or they don’t care.
This law puts that age setting front and center and allows apps, like Discord, so say “no <13 year olds”. I think where this maybe gets tricky is if an app says “only <13 year olds”. As like people have said there is nothing stopping people from lying, and that is a two-way street.
This law puts that age setting front and center
No. All this law does it promote more data collection and impose more restrictions.
They don’t care about the children and, even if they did, it’s the parents’ job to parent them.Leaving it to parents is the reason why we are in this mess.
What reason is that? What mess? I don’t give a shit what other people’s kids do on the Internet.
If somehow age verification is mandated everywhere, this I could get behind. It would be like saying you’re 18+ on a porn website.
It’d be stronger than that, since kids shouldn’t have admin rights on their pcs and couldn’t claim to be over 18.
I know everyone here is obsessed with freaking out over the legislation.
But I think the author is wrong, they should just add this to accountservice and Debian will pick it up in 5-10 years and that’s fine.
I actually thing the tendency to over engineer this solution to make back porting easier is worse than the milktoast Californian law.
I think they should add the word “Fuck” to all age verification prompts until they, too, get censored.
“We have to comply with the law”. This has become Russia or China where the sheep people do whatever an oligarchy dictate. Wasn’t it a democracy? Do the majority of people really want this?
In the end we get what we deserve for being just sheep that obey.
“We have to comply with the law”. This has become Russia or China where the sheep people do whatever an oligarchy dictate.
“What are we a bunch of Asians?”
Also China isn’t run by an “oligarchy” but by a dictatorship of the communist party via a mandate of the masses (they execute CEOs and rich people there, we let them rape kids and commit horrific crimes of greed and fine them less than they made off that crime). Russia is but so is the west and I prefer the term capitalists or if you prefer the original French “bourgeoisie”.
There was a study from one of the big ivy league universities that showed that in the US the people don’t get what they want, popular policy is consistently not passed nor popular will acted on. Princeton I think.
So it’s not what people per se want, it’s what the ruling class (capitalists in the west) wants. And they’ve decided that because the rate of profit falls and their demand for profit grows that they need to put the population under lock and key because they’ve made economic conditions worse and they’re going to get worse yet. They need a police state to control the workers who might want better conditions or gasp to take some or all of their wealth. This is part of that.
This is also because China is rising and they are terrified of people seeing a more equal, just society that can be created through socialism. They are terrified of dissenting voices so they want to remove anonymity so they can terrorize dissidents and opponents into silence. They saw what happened with their attempts at narrative shaping in Gaza, they are deeply alarmed that tik tok won’t be the last thing, a new one could pop up anywhere, right now they play whack a mole, they want to control the whole thing top to bottom.
As to people being sheep. It’s more like they’re beaten down. You defeat this today they come back in a year and then again and again. They have all the money, all the time and are willing to wear people down, use their capitalist owned media to propagandize and sensationalize for this until the people are exhausted and stop fighting it so hard. People work long hours, they take home less money than ever, the government openly abuses people, the police don’t act fairly and persecute black people, there’s a sense of there being no fairness and not enough time. The people are also mis-educated. They’re led to believe there’s this big problem, they don’t understand technology and passively accept their leadership has some amount of good will in how they pass laws and govern to address real problems the bourgeois press has done its job of propagandizing them for. They can’t see the whole picture because of these facts.
China isn’t run by an “oligarchy” but by a dictatorship of the communist party via a mandate of the masses
Almost all one-party systems meet the definition of a oligarchy. Also not via a mandate of the masses, not anymore, read about how Xi Jinping came to be the general secretary.
they execute CEOs and rich people there
You could have worded this a bit better, it reads as “being rich is enough to get you executed” and not as “being rich doesn’t make you exempt from capital punishment”. There’s plenty of those over there ofc, over a thousand billionaires.
They need a police state to control the workers
Bit irrelevant because all states seek to control the workers, that’s how states work. And why all communistic political ideologies aim to abolish the state at some point.
Edit: To be clear, I agree with you in general. I just got bugged a bit by those three things 😅
Edit: To be clear, I agree with you in general. I just got bugged a bit by those three things 😅
You do not. You are misinformed and propagandized. Your choice of examples revealed that clearly and nothing you say can refute that fact. Read Marx, read Lenin, your understanding of the state is lacking.
For one, anyone educated would understand that Americans are the best example of sheep in the world and that many Europeans are good second examples. The British for example with their high tolerance for a surveillance, laws that criminalize all manners of small trivialities, etc, etc. Educate yourself.
I appreciate that you feel strongly, but being this agressive and calling the other person “propagandized” and telling them to “educate yourself”, and not adresing any point made, just makes you seem irrational. You are acting like a redditor, be better.
Read Marx and Lenin
I’ve read Marx and Lenin, their work while fundamental to quite a lot of socialist movements, is now mostly outdated. Read something modern, there are more relevant analysis of workers material conditions. Do you want some recommendations?
For one, anyone educated would understand that Americans are the best example of sheep in the world and that many Europeans are good second examples. The British for example with their high tolerance for a surveillance, laws that criminalize all manners of small trivialities, etc, etc.
This doesn’t connect to anything I wrote btw.
You willing to go to jail then? Or just asking others to do so?
Yes. If US law mandates that I have to run around naked and screaming when in a supermarket I simply won’t do it because it says so. Mostly because US laws have absolute no effect in Denmark. Except those bastards in our government who decided US soldiers on Danish soil would be above Danish law, but that’s another discussion…
But if I were in the US, well, it’s my device and its open source, so who’s stopping me? And if my US-backed Fedora distro is getting affected, who is stopping me from going SUSE, Mint, Manjaro, or some other European distro?
I love how you came up with a completely different scenario to answer “yes” to .
I’m absolutely willing to go to jail. Many human rights have been won thanks to people who went to jail to defend them. And in any case we’re already in jail. It may be a spacious jail now, but they’ll shrink it more and more.
Asking others to do so? By no means no. If they don’t want a democracy, then good for them. They only need to bow their head down and obey. And later on, maybe, they must even watch out not to protest, because that won’t be allowed by the law either.
I’m absolutely willing to go to jail.
It would be interesting if most US citizens were actually trying to get into jail… free room and board and probably the collapse of the US penal system.
Doubt
