Can someone explain why there is a separate merge for systemd and Arch? If Arch just uses the systemd init which was already modified, then what was the separate request for?
I’m using vanilla Arch and will be pissed if I have to switch, but I will based on this. I’m not willing to give an inch.
The systemd change ‘just’ adds a birthday field to the user data, where you could store (or don’t) the users birthday, that then could be used by other applications to request an age bracket.
The Arch-change doesn’t effect real arch Linux. It modifies the archinstall script (so, irrelevant, if you install according to Wiki) to ask the user for their birthday during installation and stores it for systemd.
disclaimer: linux noob here.
the separate pull request appears to be for archinstall, “a helper library which automates the installation of Arch Linux.” it would collect user age during installation… somehow?
Nobody paid him to do this. He’s a cloud engineer who read the law and decided someone needed to implement it.
Well, how do you know that?
Can I just do an
apt remove —purge systemd-ageverificationdand call it a day, or do I need to edit/etc/systemd/ageverificationd/birthday.confand call it a day?I disagree with age verification as well, but attacking a person like this is gross.
This article is all but brigading people into harassing this guy.
Yeah, Its is sickening and goes against the spirit of open source. We work around restrictions in creative way to give people the freedom to control their software and have access to the source. We don’t deny people trapped in shitholes with bad laws access to open computing. Force them onto Windows and Apple. I don’t get what is wrong with people these days. They have lost all reason.
Yes, many people can work around the laws in various ways. And some of them can’t. Its not for us to judge. We offer possibilities. Everyone knows many distros will patch this field out. Many will just ignore it like we do the GECOS fields. And where it is unfortunately required it is still going to be better than running Windows. Its completely orthogonal to political participation and fighting these laws.
deleted by creator
A spade’s a spade. This is malicious compliance. The law might be the problem here but it’s on us to resist and try to make a change. Every last one of us. After all, the surveillance state workers in China and Russia are all just doing their jobs right?
Why the heck would we ever want a DoB field in systemd, optional or otherwise?
Removed by mod
Have you?
Ah the great betrayer. The snake in the garden. The enemy within the gates. That fucking cunt.
“It’s just a harmless field; what’s the big deal?”
The big deal is that it’s on the heels of age verification bullshit that fascists are pushing through with the help of tech bros, so that they can eventually push all of us into a scenario where we have zero privacy.
It’s not the adding of the field itself or the fact that it can be filled with nonsense. It’s the reasoning backing it.
“But it’s the law!”
Yeah, fucking and…? It’s a stupid mass surveillance law disguised as a protection, and per usual, it’s written like vague dog shit. This is the smallest part of the wedge. More will come of this and if developers like this keep volunteering themselves to help the fascists, we will all be fucked. Here’s an alternative approach: just don’t add this. You can fight back by not fucking implementing this. Easy.
wasting 32 or 64 bits for absolutely no reason is also pretty offensive in itself
Agreed. To elaborate:
Sure, the developer is a bit of a Judas for complying in advance, but our anger should be aimed at the people with power and reach promoting these laws in the political sphere (the metaphorical Pharisees).
To those saying “it’s just a field”, please consider that the timing is a more significant statement than the addition of the field itself. Why now? If you don’t support fascism, don’t build the frameworks that support it and don’t let fascists use YOUR platforms or software to make THEIR point, make them fork it and let them fail. I don’t think many members of the senate or house would be capable of adding this themselves. I’d be surprised if they could code hello world in TI-83 BASIC. If they ask you to do it, stub your toe and call in sick. Make it really shitty. Leave in a bunch of bugs that crash the program then blame the age attestation feature to turn users against it. Use copywrited code that they’ll have to remove later due to license incompatibilities. Report your boss to HR for every indiscretion that you might have normally overlooked. Or do nothing; that’s still better than complying in advance.
We have to break the narrative that this is inevitable. There’s enough of us, with concentrated enough knowledge and influence (aka, you folks are a bunch if nerds and I love it!), that if we collectively stop, the whole train stops or derails.
Twenty Lessons For Fighting Tyranny
- Do not obey in advance. Most of the power of authoritarianism is freely given. In times like these, individuals think ahead about what a more repressive government will want, and then offer themselves without being asked. A citizen who adapts in this way is teaching power what it can do.
https://www.carnegie.org/our-work/article/twenty-lessons-fighting-tyranny/
Also, they will use it as a means to lock content they don’t want. Like in some jurisdictions it’s already forbidden to share any kind of LGBTQ information even medical with minors… Even in EU, like Hungary. Clearly this age verification will be used for this too. And people not willing to age verify will be locked out too.
It’s part of their campaign of forcing conservative ‘values’ onto everyone.
More will come of this and if developers like this keep volunteering themselves to help the fascists, we will all be fucked. Here’s an alternative approach: just don’t add this. You can fight back by not fucking implementing this. Easy.
Only thing you get out of this compared to the alternative of malicious compliance is opening yourself up to attack. You can still fight this without painting a big target on your back.
Is there any evidence that they would go after random FOSS projects that aren’t hosted or developed in the relevant jurisdictions? Don’t comply in advance.
You don’t understand.
The alternative to device based private attestation which is what this is or could be part of is constant online verification by Palantir.
Is every time you want to view porn or adult content you have to verify your real identity so evil corporations and the government who pays them know exactly what your fetishes are and can blackmail you. So they know exactly what you’re posting online because you have to face-scan and ID-scan to set up an email account, a social media account, any account with anything that allows posting content online. Is training the population not to enter a date for their kids or themselves when setting up a computer or device account for the first time, once but upon demand scan their face, scan their ID, comply, sit meekly in fear because everything they do online is known.
What does this know? Your birthday. That’s nothing. As it stands it you can enter anything you want. Fight them when they come to add a verification system to this and point out parents would be in a position to set this up for their kids anyways and its just spying. Fight on stronger ground.
We’ve already lost the maximalist position. The internet scanning and ID verification has already been enacted in several states and countries and we risk a world where it becomes the norm and hosting companies drop anyone who doesn’t implement it because they’re made liable as well. This stuff won’t be repealed. People don’t live in democracies. They live in a dictatorship of the wealthy and the corporations. Your dissent doesn’t matter and it cannot reach most tech illiterate people who have far more pressing concerns than to riot over this.
This is a compromise solution and I wish more people would see it. If you can bend you don’t break. If you don’t bend and your enemy is the government they are stronger than you and they will snap you like a twig.
Linux desktop market share is too small to matter. And if you make this push fail then the only alternative, the only viable solution these politicians who are being cajoled and urged to implement this will see is online live-scan face and ID verification and it’ll sweep everything. You’ll have destroyed the internet and having saved Linux won’t matter. After that it’ll be a quick move to ban encryption that the government cannot break and ISPs will block traffic they can’t inspect. Game over. A simple maneuver from the place you force them to by refusing to cooperate and enact this compromise, privacy-preserving solution. We need strong defensible positions to protect privacy and the internet and free software and to understand that the old ways have been lost, they’ve died, they’ve been strangled and a compromise position must be taken up to endure and avoid a total loss.
They can already put it on the parents to verify if they want. Just buy age compliant devices. Stop shilling this nonsense and forcing fear and hopelessness down everyone’s throat. This is bullshit and you know it. We already have a defensible position.
It is defensible in this kind of community, but I doubt it’s defensible in a board voter base. For instance people see billionaires and are saying the government should step in and do something, because as individuals we are somewhat helpless. In this instance we’re like we can fork/we can revert so the government ideally just needs to back off. But if you ask a non-tech savvy voter (and a parent in your example) they will just see big tech and say the government should step in and do something. Has this method of governance been compromised? Sure, is this law an example of that? Sure. But what can we do? The government… Well until people can agree on that, I think we are just trying to find a compromise so that most people can easily dismiss the perspective that parenting tech is too hard. And if people can believe that typing in an age for their child and see big penalties for big tech if they ignore that age, that seems to me the placebo this situation needs.
Yep, then using linux will be illegal, great fucking idea boss
You’re welcome to be a spineless muppet trying to obey unethical laws, but I won’t be.
Nope, I am a muppet whose livelihood depends on them respecting the law. If you are from one of the godforsaken regions doing stupid laws you should vote against them, I need to comply with your laws because I need to work to feed my family.
You can call me a spineless muppet all you want but I am not the cause stupid laws exists, take it on the californianas for that crap, they elected the idiots doing this. I vote our own idiots and until now they made it clear this bullshit is not on their table, thank you wery much but I did my part.
“then you should vote against them”
Oh you think they asked if they could implement these? And btw, it’s coming to your country soon too. This is a global movement
Only in California and Brazil. And I suspect neither has a shortage of people able to add this field.
Exactly, make your own fascist distro with a fork of systemd and leave the original landscape alone
“But it’s the law!”
I was just following orders!
this same person would be chuckling to themself about how pointless this all is as he locks the door on the gas chambers.
Petition to name the inevitable fork of this “SystemFree”
Test your understanding of the Dylan Taylor age verification story and what it reveals about open source infrastructure
I’m very suspicious of whether one would create 10 questions for nearly every blog post of zirs by hand.
It’s for sure AI generated, but also a weird ass thing to add to your blog.
Fucking bootlicker
I don’t see how engaging in malicious compliance is being a useful idiot. Implementing the entire surveillance mechanism free of charge, that I would call being a useful idiot.
Purposefully implementing a broken feature to satisfy the letter of the law, while preserving the user’s ability to avoid the surveillance mechanism is certainly not that.
How is it malicious compliance if it is a clearly eager effort to correctly implement some of the prerequisites to enforcing this law on Linux? Even if it were malicious compliance through intentionally not functional code, it’s open source and would probably be spotted as a bug soon enough.
This is a gross article and doxxing this person is also gross and useless.
systemd will live rent-free in chuds heads and they will do nothing but use outdated and unmaintained software in protest.
Removed by mod
Sounds like something I would do ngl
I have read the git thread related to the merge request.
I don’t see what’s the big deal. You have a user model that already contain fields like user’s full name, location, … among others and all this developer did was adding yet another optional field called date of birth.
This does nothing to verify user’s age and enforce nothing. They’ve stressed that repeatedly in the comments.
What that does is making it easy for a Linux distro to store user’s birthday - should they wish to do so - and making that bit of info accessible to running apps so that each app can do what it wants with it.
User’s fullname and location are already there which are also optional so what’s the big deal?
For me the bigger problem is that was done without any community oversight.
Yeah it can be verified for now, but it’s a foot in the door for a braindead law that no one in their right mind would follow.
What do you mean. It’s done in public
Yeah and against the massive outcry in the form of comments, the discussion was locked, and the general opinion was ignored in favor of 2 maintainers and a tool of a dev.
The person who has the most blame here is the lead dev of the project imo.
The problem is that Poettering is all in on attestation which is the underpinnings of age verification and remote attestation.
See amutable.com
Poettering has always been a piece of shit.
POS or not this is a reoccurring problem with open source. The benevolent dictator for life. Hopefully we can grow past it in the coming years.
Why do you think this was locked? This fucking thread is a mugshot of a dev contributing to an open source project.
So they knew it was against the community and went right ahead?
There wouldn’t be “this” thread if they had taken the community into consideration.
This isn’t the gotcha you think it is. That “engineer” is
contributingbullhorning this bullshit on multiple Linux based repositories.The thread was discussing age verification from what I read, but I read it when it was already locked.I do not think harassment of the dev is appropriate and the article and this post is also needles drama imo. But the issue of age verification itself I think should be discussed by the community and not just accepted by one dictator.Edit: I misread that you were talking about the GH thread. Yeah this thread is kinda shit, but discussion on how and if age verification should be done is important imo.
1000x this.
It doesn’t matter how much you disagree with the change, brigading harassment is gross and should be called out every time someone tries.
This post should be nuked.
Fields like name and location do not have any expectation for the information being valid or accurate (see eg.:
adduser).DOB is different. It comes from a legal expectation that correctness of the information will be enforced somehow. If going by the Colorado and NY law proposals, IIRC, by using biometrics at the time of system install.
not even said laws have an expectation that the date of birth provided would be accurate. the colorado bill just says “require[] an account holder to indicate” and never defines “indicate”, the ny bill says “request an age category signal” and never defines “signal”, so i assume they’re like the california law which has been verified to be just “enter your date of birth in this text field/dropdown and we’ll trust you girl”. i don’t think any of that involves biometrics
there’s no alien intelligence or protocol specification in systemd that ensures or says the dob field must be accurate either
DOB is different. It comes from a legal expectation that correctness of the information will be enforced somehow.
[citation needed]
Exactly. There’s a massive thread on Mastodon where everybody is panicking about this, but it’s a nothing burger if ever there was one.
Sure, the timing and comments suggest it’s meant for legal compliance, but if that’s what it does, it does it by keeping full control in the hands of the user, where it should be.
If anyone is panicking, ask them how they feel about the ‘RealName’ field that has been in systemd for years (since the beginning?)
This is fake controversy and now it’s at the point where people are spreading articles, like the OP, brigading people into harassing a systemd developer.
Ask yourself if “RealName” field was added in response of a requirement that’s supposed to assist with a bullshit law backed by a mega evil corp?
No?
Then how’s it comparable?
Exactly. And that’s the part that worries me most: I’m seeing people investigating the guy, shaming him (he wrote a blog about using Claude to write a game in 90 minutes, so clearly he must be evil /s), and the article above is written in such a way to insinuate all sorts of nefarious goings on, but everything I see suggests this is just normal procedure.
I really feat this is going to hurt the community and chase good developers away.
Then why did they lock the fucking thread as controversial if it was such an innocent change?
It’s paving the wave to implement a Californian law that can very easily end up meaning ID verification for everything.
They could just not have done this at zero cost but decide to go to multiple projects, at this specific time which obviously isn’t coincidental, and actively work to start implementing this on Linux. I guess “Contributed to systemd” on their CV was more valuable than resisting the USA taking control of the whole internet and ending all sense of privacy.
It’s definitely wrong to degrade or harass this guy for doing it.
Buuut this is being made to support a bad law that should be opposed. The law is a bellwether for compulsory age and identity verification, which should strike fear into the hearts of everyone. And especially everyone who cares about their privacy (which really should be everyone, but …).
Furthermore, it’s questionable whether a law like this can apply to open source software. IMO it really can’t - who exactly is liable? Is the world really better with ageless Linux outlawed?
This is one of the most sensible comments in the thread. The law is the problem. This is something which should have been self regulated by websites themselves, but Meta lobbied for laws like this so they wouldn’t have to police it. The law making this mandatory for everyone when this should be a parental control is the issue.
2000s: war on general purpose computing because of copyright
2020s: war on general purpose computing because of child protection
In the 2000s the forces of freedom mostly won, e.g. https://en.wikipedia.org/wiki/Consumer_Broadband_and_Digital_Television_Promotion_Act didn’t become law. So far it seems that we are currently losing. :(
Fucking fascists arent ever going to stop. They want to control everything, they want the people to be their slaves.
It gets worse every day.
In Europe too, chatcontrol keeps being pushed no matter how often it’s being struck down.
Yes; recent news have made me somewhat optimistic that the resistance to it is winning though.
Age verification laws currently look like a much greater danger to freedom.
Personally I think that win (while really a win) is being overcelebrated.
It’s easily reverted. All they’ll have to do is find some csam or terrorism related scandal in the news and pump it as a big deal, and all the resistance will be gone at the next vote.
With chat control we actually have to distinguish two different things that people sometimes confuse:
- voluntary chat control (“chat control 1.0”), which is currently already the law in the EU
- mandatory chat control (“chat control 2.0”), proposed in 2022
Voluntary chat control is about letting operators of communication services voluntarily scan messages for certain illegal activity (without this constituting a violation of data protection laws). This doesn’t break encryption and isn’t a part of a war on general purpose computing. While there are many good arguments against it, it’s not especially catastrophic. It’s a detail of business regulation.
Mandatory chat control is about forcing them to do so, which must necessarily break encryption and impose limits on software freedom. This is what is most important to oppose.
The most recent win ended up rejecting even (most) voluntary chat control, which is a good sign that mandatory chat control won’t get a majority either.
It has very nearly got a majority several times. I’m sure that with some media manipulation (eg milking an incident) it will be easily pushed through.
Imagine if the Dutroux scandal would happen now. They’d jump on that to push all kinds of monitoring on everyone. Even though this would not be prevented by it in any way (and in fact that all happened long before WhatsApp even existed)
It has very nearly got a majority several times. I’m sure that with some media manipulation (eg milking an incident) it will be easily pushed through.
“Several times”? There were two votes to date.
The only “majority” we’ve been hearing about were the “these governments support this idea” maps, which have minimal bearing on how the EU Parliament actually votes.
Correct me if I’m wrong.
I hear you 100%. This sort of shit comes back with a different name each year. I am SOOOO sick of voting down abortion bans every election cycle.
26 US states, including mine, have initiative or referendum processes allowing citizens to place an issue on the ballot. In some states, that’s how the anti-abortion laws are ending up on the ballot, but we an use their own tools against them. In many states, these initiatives failed so we know we have a minimum of 51% support if it’s a law, and at least 33% support if it’s an amendment (depending on that state and their rules). Polling shows, an even larger percentage, most Americans, do not support these laws. The numbers are on our side.
https://ballotpedia.org/States_with_initiative_or_referendum
If we can collect enough signatures, the voters can put an end to this. If we add it to the state constitution, where the process allows this, we can completely prevent laws doing this from being considered because the only thing that can overrule a constitutional amendment is another constitutional amendment.
I’m gauging interest to do this in Colorado to foil age attestation laws, but we could potentially end the back and forth bullshit in multiple states.
