this post was submitted on 24 Mar 2026
496 points (90.5% liked)
Technology
83027 readers
3527 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I find that move extremely funny, since it's purely made for sensationalism and nothing else. I mean, if you hate how systems implemented age verification, then why don't you remove its identity verification too, i.e. also optional fields for stuff like your address an e-mail that most users don't even fill out.
There is no mechanism verifying what birth date you type in - you can type whatever date you want and systems doesn't care.
I'd say no matter where you stand with age verification, this is the best solution to handle the situation. After all, any and all age checks we have nowadays are a black box anyways. There is no real knowing how other systems are checking ages, and there is AFAIK no real government mandated rules on how it is verified. They could make you scan your ID's front, back, nuclear composition and dietary preferences and give you a result that is almost, but not quite, entirely unlike a proper age verification procedure.
If the government wants to introduce age verification, they have to do it themselves - build an API that handles the age verification, similar to how the digital ID in Germany works, as an example. If they want proper age verification, they also have to take the blame themselves if things go wrong.
You know I remember when age verification was a thing on porn sites.
No big deal, I was like 12 and could easily say "yupp, I was born April 20th, 1969" and there was no problem.
Now, in several states that has escalated to you showing your ID.
Do you think this is the end game? Systemd made it clear with this move that any kind of US law passed will be able to be honored by their architecture. They didn't take a stand that you would expect from pretty much the entire Linux community as a whole.
And see the funny part is where you talk about "if the government wants age verification they have to do it themselves" they pretty much do in USA its called your social security number. Banks, auto dealerships, landlords etc use it all the time and its very effective.
By not taking a strong stance against what is happening here you are paving the road brick by brick to having to provide full on SSN and very plausibly retina scans or something similar in the not so distant future before you can even login to your computer or phone.
I don't understand, how people here are missing that. Fuck we are on Lemmy because we see how shit worked with things like reddit and others. Things always escalate when control and greed are the primary motivators.
This will escalate. And when it does I want you to remember that people were rightfully making a HUGE FUCKING DEAL about when systemd started doing this because by then you will be able to see clearly how it led to whatever surveillance wet dream they are absolutely going to force on us. It will be clear, and this will be step 1 .
I don't think that systemd is really bending the knee too hard on this one. Actually, I think this move is actually a great way to render any sort of age verification, when using systemd, inert. Because, let's think about it: it's an optional field, in a JSON file that NEEDS to be editable at all times. If a distro decides to implement any serious age verification, it will have to store the data, namely the date of birth, somewhere. The /home folder would be wrong, as the user could edit that at all times. The userdb on the other hand can be restricted, meaning that the user can only edit it with user privileges. So if a government questions the seriousness of this verification method, distros can just claim that it is the administrative duty of the parent to prevent their children accessing things they shouldn't, and that the Linux kernel itself provides the proper tool to do it without constant supervision. Yet systemd cannot enforce any stricter rules because service users, especially root, are not real people and thus cannot have any age verification. The only solution would be to tie these accounts to a person. This would cause an outrage at companies, considering that this role would most likely be the CEO or CIO, and if that device is stolen their identity could be linked to a crime, and I doubt any police station would bother trying to retrieve that laptop.
So this change will most likely be the maximum systemd can do without breaking distros for corporations, while at the same time allow classic Linux users, who most likely give themselves admin rights, a way to render any verification null and void by editing this optional field on their own.
EDIT: Also, being mad at an organisation trying to meet the laws in order to be usable will solve nothing. As you said yourself: a strong stance is needed. So complaining about systemd and trying to make them revert it will do nothing, because there will always be someone who bends the knee. If you want to do something, organize or join a protest and go to the streets, show that the law is for the people, not to be used as an oppression tool.
No no no, NOT "meeting the law" this has not been made law in USA yet which is the law they referenced when mentioning this merge.
You should read the thread in github.
A system76 developer said he's in talk with state representatives, that this might even be overturned, and that it might not even affect open source software at all and one of the systemd maintainers said and I quote:
"It is possible that California law will be changed. But similar ideas are popping up in other contexts and it's unlikely that they'll all go away. This implementation is fairly generic and useful for other things besides age verification, so we shouldn't decide whether to merge it or not based on a single law in any jurisdiction." -keszybz
That seems like bending the knee pretty fucking hard man.
What they have done is proven that they can bully and harass open source software into submission. They should have waited until FORCED to do something like this but it seems like they're beyond eager to lick anyone's boots USA or otherwise.
Linux distros are not US entities bound to US law the last I checked (of course you have your Redhats and etc. And I guess maybe their Fedora distro might fall under us jurdistiction since its developed by red hat but I'm not sure because of being open sourced licensed.
They've bent the knee before with banning Russian and I think Chinese Linux kernal maintainers before which was also fucking bullshit.
The USA shouldn't be able to swing its dick around and force the whole world into submission but boy it sure seems to get to every single year more and more and more.
And a lot of people here support it its so sad.
Anyway I'm getting off track with this but seriously no, they should have taken a stand not only for all of us but for Linux as a whole because systemd is a part of Linux as a whole.
If forced, I understand. This was not forced. This was suggested, merged welcomed and the thread locked as soon as any pushback happened.
Doesn't seem very open anymore to be honest.
My line in the sand is when a distro/app starts enforcing entry of birth date data. Having a database field to store it, or even an optional prompt for it isn't the point where I bin it.
This is the most sane take I’ve read in this entire debacle. Between arguing the semantics of attestation vs verification and whether we need five hundred forks and PRs, I’m glad to read this.
The biggest mistake the original PR did was not make it more clear it’s not directly because of the laws themselves, it’s to support higher level systems that may want to or need to comply. Systemd is no more complying with any present or future laws than a keyboard manufacturer is violating the law if the user uses it to type racially motivated hate speech.
Good distros will push a dob of 1970-1-1, mark my fucking words.
That's still forcing a DOB, which is the line I won't cross.
When you make a new user using
adduserdo you leave your full name, number, and room number?Blank is blank, epoch is functionally the same as leaving it blank. Especially if it becomes industry standard.
They're not the same though. Your method will enable the system to interact meaningfully with an age gated internet. Blank will not. And I won't be interacting with an age gated internet...
I would but I've always been opposed to systemd anyway.
But for me it's a slippery slope I don't think we should even get on.
Yeah I hated systemd since before it was cool to hate systemd again.
I agree. But the start of the slope isn't my exit point. My exit point is just before the slope gets too steep to get off.
That’s the thing about slippery slopes. You don’t really know where the point you slip is.
I do. We're on it already. The whole system is slipping towards an age gated internet, and there is nothing we can do to stop it. That's the slope. There's nothing I can do to stop it, whether I'm I stay on or get off.
I don't believe that dropping my whole OS over a database field will change anything. It won't stop the devs who are concerned about their legal liability from being doing what they need to do to protect themselves. Some devs will comply, some will walk away from OSS, and some won't comply. But the bigger the project, the more corporate sponorship it relies on, the more certain it is going to be in the "comply" category, and the truth of that won't change because users push back.
Which is to say, I don't believe standing up and rejecting a DB field as a matter of principle will change anything, except to make my life harder.
My line in in the sand isn't about changing the course of the path we're on, it's about my own personal interactions with the system. And being forced to provide my age to interact with the internet is the bit I won't do. So I will stay with the inevitable creep towards that state until the last possible moment, in the hopes that somehow, I'm wrong, and we avoid this privacy nightmare we're heading towards. If and when it becomes impossible to interact without providing that data, then that's where I step off, even if it costs me half the internet.
I'm curious about GNU Shepard but still haven't gotten around to swapping. Does anyone have experiences to share?
That is a valid point. Of course it still would be rather anonymised, but it could always be a 'frog in the pot' type situation, where most drastic changes are introduced very slowly. My main concern at the end of the day is how much info will be required to be given to services and how much data will be actually stored. If it's anonymised, then I don't see much of a threat. If a service requires me to fully identify for an age check, that's an entirely different thing, especially considering the last of Discord's data leaks.
This. And forking is easy. Maintaining a big piece of software is not. This is why every popular repo has hundreds of forks, but non of them are active or in sync with upstream.
I agree with all that you've said. But why add it now? Why haven't they added it a long time ago? Or if now they remembered, why not other extra optional fields that some people might want, like gender, sex, any other field? Oh, it would be too political? I see...
I'm thinking the same. I understand the people saying it's no big deal, it's just an optional field. But the existing optional fields (GECOS) have been there since the beginning of time. The original Unix user database (/etc/passwd) was created in a different time. Things have changed in the last 50 years and we now know that a simple field in an OS level database is not really an appropriate place to store PII. I don't know what the solution is, as these laws are coming and there will be some people that need to comply, but I don't think the current change to systemd is the right approach.
On the plus side - this controversy has prompted me to look into other options for my home servers and I'm loving the minimalism and simplicity of Alpine. (This isn't a knee jerk reaction - I've been frustrated by the bloated feel of mainstream distributions for a while - more the straw that may break the camel's back)
Oh, definitely I'm not saying people should just jump the gun and replace their distro for one without systemd immediately. I certainly won't, at least not without thinking about it for a while. But I also think that denying the controversy exists is not good. This is definitely controversial, for some people even a deal breaker and there are valid, real reasons why. For the rest, it's good to look at what options there are, see that there really isn't an appropriate alternative for systemd in some cases and realizing that a successful fork would be a good thing. Also, a long time criticism of the community has been that systemd does too much and it being against basic Unix philosophy. I always thought of it not being a big deal, given its modularity. But I now realize that it centralizes control and design decisions to a single org and that is certainly a weak point IMO. So a fork makes a lot of sense, but it is at this point a mammoth of the project, so it will be really hard to maintain.
I mean, the introduction of the date of birth field is obviously done to make it easy for distros to comply with age verification by simply saving the birth date and nothing else.
As for the other fields: what use would it have to have such info at OS level? What application would use these fields and how? I mean, some fields, like the 'location' one, already are pretty useless, as, for example, the 'location' field doesn't seem to bhave any firm consensus on how it should be formatted. Even the documentation lists both "Berlin, Germany" as well as "Basement, Room 3a" as valid values.
So I doubt not introducing such fields has any sort of political agenda to it, but just raises the question on why such fields would be useful to begin with.
you mean like adding it to a bunch of optional details already?
Yup. All this crying about the field is a big nothing burger.