I was wondering when I would see this headline. I wonder if any other big names will make similar statements.
I also wonder whether or not grapheneos, or open source Linux OSs in general, will face any repercussions for failing to comply to these regulations due to the relatively low user count.
Hate to say it but systemd, the init system of most Linux distros, already has PRs with maintainer backing to implement DoB recording.
Some people can’t kneel fast enough.
Which already has a revert commit https://github.com/systemd/systemd/pull/41179
The self-important creator of Systemd has personally blocked that PR, if I’m hearing correctly, which would suggest he or his employer Microsoft is all in on it.
It’s an optional field in the userdb JSON object. It’s not a policy engine, not an API for apps. We just define the field, so that it’s standardized iff people want to store the date there, but it’s entirely optional.
“I’m not picking a side” and “this future proofs standardization” is of little comfort, that is seriously suspect. I ought to look to alternatives to SystemD(odge the issue failed).
So in other words, “Sure we built the people-crushing machines, but we didn’t wire them up or turn them on.”
IBM, is that you?
Maybe https://agelesslinux.org/ or systemd free distro https://without-systemd.org/wiki/index_php/Linux_distributions_without_systemd/
I was shocked it listed LMDE but it’s a very old version (Linux Mint Debian Edition 2).
SystemDOGE. It is just a matter of time before Big Balls exfiltrates our Linux data.
He left MS in January
Ugh of course. Thanks for pointing that out
That has already been closed
Maybe this’ll take the shine off that wunderkinder mess and people will finally be free to choose something more reliable. I love how RH pushed this beta software so hard and my reboots are now just shite – unreliable and occasionally ridiculously delayed.
I’ll be glad to see the back of that metastatic shitball.
DoB recording, and ID age verification, are two different things though.
No, they’re the same in this context.
That’s just systemd adding a birthdate field to their userdb. Doesn’t require that it be filled out or accurate, and especially doesn’t require it to be validated against a government database. I don’t see it as fundamentally any different from adding a userdb field for favorite color, phone number, or blood type.
Without 3rd party validation, I really don’t see the privacy issue with an age field. Without verification, it is, at worst, one more byte available to hash into a unique identifier, but you can feed that field from /dev/random at every query and poison even that hypothetical.
You are absolutely right, we are not in fact getting screwed, they are just applying the lube for later. (Shamelessly stolen from elsewhere)
That’s just systemd adding a birthdate field to their userdb. Doesn’t require that it be filled out or accurate
Whoosh.
Plesse don’t give them any ideas. Here’s a list of what’s currently included
Localized age checks ARE a good system and are something that should have been in the OS for decades. It is the basis for being able to make “child accounts” and is a genuine requirement for Linux to be a meaningful option for “normal people”. And having a protocol for software/websites to request that is a very good system to build on that.
We talk about how the problem of kids getting exposed to horrendous shit is a problem of “bad parenting”. This is the tool you provide to allow parents some control.
The issue is not the age check. The issue is verification. To my understanding, the California legislature explicitly does NOT require a third party. So it is literally just you saying “Sure, whatever. I was born in 1901. Now load the Maya Woulfe video faster”. And yes, this is a step towards that. But so is having network access or user accounts at all.
Even if we say I agree with this, why even ask for a specific year? Separate into child and adult, and let the super user make that change when asked.
In theory I’m not opposed to it existing as an option, but I do not like it being mandatory at all. Websites and applications should never be allowed to know any PII without explicit consent.
Even if we say I agree with this, why even ask for a specific year? Separate into child and adult, and let the super user make that change when asked.
Different countries (actually different regions within said countries) have different laws related to what “kids” can and can’t see and what age defines a “kid”. How much that matters is up to you. But it provides an automated check that ALSO avoids having to say “Hey mom? I just turned 18 and for no reason whatsoever it would be great if you could switch my account to an adult. Also make sure to knock and don’t look too closely at my laundry basket ever again”.
Websites and applications should never be allowed to know any PII without explicit consent.
And what do you think you are providing every time you tick “Yes, I am 18 years or older” or “Yes, I was born in 1920 or whatever the first option is now”?
That’s there point, with this websites will just know the users age, before it was the users choice: “are you 18 or over?” But now it will be: “I know you’re 37.567 years old” user has no idea. Maybe we should add religion and skin color too
"You have selected ‘Caucasian Christian’. Permanent light mode has been activated and you can no longer look up porn on Sunday.
You have selected “Arabic Muslim”, sensor access has automatically been granted to determine when you are facing Mecca. If you have too many friendly fire incidents in CoD, the US will deploy reaper drones to your IRL GPS location.
On a more serious note:
There’s been a lot of talk about protecting kids, but none about protecting grandma from scams and AI misinformation if her systemd age field indicates she’s 65 or older. Why is that? Is it because kids don’t have rights, so who cares if by protecting them we prevent them from developing a shred of digital literacy? Or is it because the over 65’s can vote and kids can’t?
The idea of storing age in the OS is that end programs don’t actually access it directly. They get age ranges, like child/adult, not the actual birthdate. In theory, it’s much more private than uploading your id and photo to every random website/app that you use.
Cookies already exist and there is countless leakage (both intentional and unintentional…). Like most things, you are not as private and protected as you seem to think you are. Just because a website is asking you to tell it (which is mostly for compliance, not knowledge) doesn’t mean they already know that you said you were 250 years old but your shopping habits suggest you are actually in your 20s and live in Detroit and really enjoy pegging.
Maybe we should add religion and skin color too
To my knowledge, very few nations tie laws or access to that slippery slope fallacy. And parents generally have those same traits (at least while the kid is living with them). So I am not seeing much benefit from this?
And if/when we reach the point where that is the case? Uhm… I don’t think companies and software will be given anywhere near as much freedom to say “Sure, we’ll comply so that we can be eligible for these contracts” or “No, we won’t comply so that we can market ourselves as protecting people”
Any age check is just a good way for predators to know WHO are the actual children, and with the epstein files revealing the whole billionaire and politician interest in trafficking and raping minors, this is essentially the perfect playground for them.
Yeah, to be completely honest, the one place where you actually could trust this kind of information is on your own local (and ideally libre-oriented) OS, never leaving your device and instead obfuscated through an API that’s exposed to whatever services need to do an age check, with the potential for additional security impositions or other concessions from data requesters due to the leverage of still having your data controlled by you. This is the bonus FOSS part where we get a say on how we want our data to be exposed on our libre systems. Other users aren’t so lucky and don’t get to have any voice on how this implementation happens, so we should probably participate in the discourse for those PRs rather than condemn them point blank.
^^^ If you needed proof that lemmy is overrun with bots just like everywhere else.
I imagine people behind this law are pretty interested in this small but powerful user base. I would just boldly assume that a lot of people responsible for independent software and privacy advocates are using Linux etc. So its a interesting user base for sure. But regulating open source software luckily is pretty much impossible and they wont give up their(our) privacy without a fight. Also, we will see how much the user base will grow when these regulations get tighter.
They can simply say on their download pages that residents of Brazil and California are not allowed to use their OS.
Motorola* bending the knee to the mass surveillance corps and international governments comes to mind. We’ll see how their deal with GrapheneOS goes now.
Sure. Let them be sued on profits made 😂
Linux Distros (so far) Refusing Age Verification
EDIT
I recommend going to Ageless Linux’s site and reading up on their take on the whole issue. They clearly illustrate how poorly thought out the California law is.- Ageless Linux - https://agelesslinux.org/index.html
- Omarchy Linux - https://omarchy.org
- Adenix GNU/Linux - https://www.adenixgnulinux.org
- Artix Linux - https://artixlinux.org
I think this might be the first and only time I’ll ever see Omarchy getting upvotes on this site.
Linux Distros (so far) Refusing Age Verification
The systemd dude, ever so flexible as long as the request does not come from actual users, is already working on adding this into core components, though.
Systemd is open source so it can be forked to have features removed.
There are also the BSDs
Good luck building a distro that play nice with your fork, then. Systemd is embedded deep in most distro, replacing it without breaking things is not an easy task.
The systemd mod is not a gateway. It’s just a date field.
Damn. It’s only being talked about and people have already folded.
It’s only a date field. Then it’ll only be an API for other service integration. Then it’ll only be an optional plug into a remote service. Then it’ll only be an optional, but strongly recommended, dependency in other software. Then it’ll only be a digitally signed third-party value that’s mandatory. Then it’ll only be something most installer won’t proceed without.
We’ve been jumping from slippery slopes to slippery slopes over the past few years. It’s tiring. And the coincidental timing of all this is not helping.
Okay. But right now, it’s only a date field.
Genuine question:
is Graphene a “big name”? They talk a big game and are probably one of the biggest alternative phone OSes but all results I can find are putting them at 250k users and less than 2% of the Android market share.
But, more importantly: Do they at all care about US government contracts? Red Had have RHEL. ubuntu have whatever they call their premium OS for enterprise users. Google and Apple are obvious.
GrapheneOS has a deal with a hardware manufacturer, Motorola. I’d consider this refusal to be a big deal on those grounds alone
Frankly I think they are the largest os vendor that is going to take a principled stance on this.
Big enough for a headline, not big enough to make a difference.
I would go so far as to say they are only big enough to make an updoot-bait headline at that.
How can age verification be misused?
“If GrapheneOS devices can’t be sold in a region due to their regulations, so be it.”
Wonder if Motorola feels the same way.
They can just sell their normal phone. As long as the user is able to run the installer it doesn’t really matter.
During prohibition era, there was a brick of dried grapes being sold as a nutrition supplement or something like that, but it had a “warning” sticker attached saying specifically not to dissolve it in a specific quantity of water, and if that were to happen, do not let a specific quantity of yeast to fall in it, and especially not to let it sit for 6 weeks, or else you might end up with wine, which is forbidden!
I can see a cheeky sort of company selling a phone with a little warning label attached to it…
That’s probably not a viable economic decision though
mandatory age verifications on the OS isn’t a viable economic decision either, but that’s not stopping Media Matters and Meta from forcing their shitty anti-privacy policies on citizens.
Why?
That’s probably not a viable economic decision though
Should still be a good deal for Motorola. There’s a bunch of folks now who buy whatever phone runs GrapheneOS best. Whichever company courts us gets our business.
I’m sure we’re not a landslide, but sometimes niche communities can still make a huge difference for a company.
Hi, yes, it’s me, I’m one of those bunch of folks who would willingly switch off Google’s Tensor crap modem to ideally a Motorola phone with a Qualcomm modem that can run Graphene.
If they ship with Android but confirm that GrapheneOS works, those who even know of GrapheneOS’s existence will put in the effort to install it themselves. It’s totally viable and a simple plan.
Wonder if Motorola feels the same way.
Motorola phones will have both Graphene and Android.
Imagine if California then declared a ban on the sale of GrapheneOS compatible phones.
would be fun to see.
what the fuck is a graphene OS device
Google Pixels can be flashed with Graphene OS which is just a debloated, private, secure, opensource OS.
I don’t think a Google pixel is considered a grapheneOS device
When you put grapheneOS on it it is, and until Motorola releases their phones designed for it it’s the primary option.
Ig they are called grapheneOS devices?
A Motorola
Good. Put that energy into a moderate parental control education fund or something. The ID gating the net is only for control.
Now if only GrapheneOS was easy to install on cheap Android devices.
They have reached a deal with Motorola, so hopefully there will be more options soon. You can get we used pixels pretty cheap though, and the installation process is very easy.
I was wondering how this stance will impact that deal. A large company like Motorola would typically seek to comply with laws such as these
I’m hoping they already had the discussion with Motorola about it. I’m assuming Motorola wouldn’t be on the hook legally since Graphene is the OS provider. I could be wrong though.
In the worst case it will just be Motorola shipping their base android version with verification and then just flashing grapheme over it. Just the way it currently works with pixels.
Remember Motorola phones are made by Lenovo which is now an Indian company.
You mean Chinese? With an ever bigger presence in India I’m sure
I thought it was Indian, but very possible I’m wrong.
Irrelevant. They need to comply with the laws of the market they are selling at.
Check what pornhub decided to do in Texas
Pixel is the brand name from DoubleClick. I’ve got no interest. Plus, it’s a pain to put them on Tracfone, so I’ve got net-negative interest.
Grapheneos is surprisingly the most easy OS to install… The issue is most phone manufacturer’s dont meet Grapheneos its standards.
I agree, but isn’t that just the same way said differently?
it’s not hard to install if you have a phone that follows stringent standards, that only 30% of manufacturers follow…
And if all banking apps were compatible with it…
don’t use a banking app if you enjoy your privacy.
there isn’t a single banking app that isn’t tracking you.
…it is?
It’s about time I flash that onto my pixel 6 pro.
The 5a is the newest unsupported device, so i’d guess the 6 is next.
Can you build it yourself like you can for Lineage?
There is a guide for this here, but I don’t think it’s really possible or a good idea to build it for unsupported devices.
At that point it would be better to install Linuage (or a fork of it), because they support devices for way longer or look into PostmarketOS
CA’s law is “per child”. I guarantee lawyers are foaming at the mouth to claim every child in CA was hurt so they can line their pockets. CA’s public protection laws seem to be for the purposes of enriching lawyers. I’d love to see how many class action suits would get filed if lawyer fees were put under a hard cap.
“lawyers” can’t bring charges for this law. Only the AG. If people don’t like what the AG is doing then they can just start a recall election.
Good boys !
This is the only correct response. Middle finger.
They have partnered with motorola too right? Basedbasedbasedbased
If the US government bans Graphene, Motorola will drop them in 1/1000th of a heartbeat.
The rest of the planet may have something to say on that front. There IS more to the world than naziland.
Yes, but the US is a huge, profitable market. And companies will bend over backwards to appease Nazis so long as it’s more profitable to do so than not.
Within the US we have issues with all the US History books being written to comply with Texas’s “slavery was actually good for black people” bullshit because Texas is such a big market and everybody wants in on it.
Not for long.
And why? They cant compete in usa anyway if they use android
Yes, other markets on the planet are marginal. Never mind that the EU is actually larger. In many metrics than the US. It’s not even in the “funny” pages of us websites, so apart to a minority of educated readers, it doesn’t even exist. And let’s not even start about the rest of the planet.
But meeting the US’s requirements doesn’t prevent products from being sold in Europe.
It’s the same reason film studios started pandering to China and why frying pans sold in Florida have a cancerous materials warning label that’s only required in California.
Companies cater to restrictive regulations in major markets because those products are still legal in less-restrictive territories.
You’ve got this all wrong. If anything, meeting us requirements would make eu people more suspicious of whatever product it is.
Yes, but the US is a huge, profitable market.
“Thank God the Titanic was built so tough, or that iceberg we just hit might be a problem…”
Fuck the usa
How does the government ban an os? Can’t is a strong word, but I don’t see that happening. It’s a Canadian based foundation, not a Chinese or Russian company where they could argue national security in the same way they did with Huawei or TikTok.
It’s more likely a federal os-level age verification law gets passed and grapheneOS compromises or backs out out of the US market.
GrapheneOS is not a company doing business. If they’re banned, that just means Motorola can’t sell pre-installed phones, but that doesn’t change anything about the phone compatibility with GOS. You’ll have to install it yourself, just like today.
They’re trying to argue national security for Anthropic, a US based company.
That only bans the use of anthropic for government use. So no government entities or contractors could use it. We already do this for some other companies. BOD 17-01
Edit. Granted what they are doing for anthropic is slightly different since it is an executive order not a BOD.
The idea is that you can sell a phone without a system, but you can always enter one in binary through the power switch. See? Win Win!
Do you think Motorola would lock their bootloader or only stop selling the a phone pre-installed with graphene?
While that may be true, i do not respect corporations or governments and i will do my thing anyways
do you really think someone gonna actually care if an operating system has age verification beyond the mainstream ones…and so what, they gonna set up another mirror. big deal.
I’m gonna have to replace my phone soon since it doesn’t receive security updates any more and I was thinking of going for GrapheneOS. What do you guys think about getting a Pixel 10 for that purpose? My second choice would be an iPhone but it’s both a lot more expensive and also less privacy respecting.
I was also considering a Fairphone but despite rating the repariability highly, there were too many other cons to the device.
You can get a pixel in the “a” series for a lot cheaper than the main series or pro.
I always run them and they last forever.
For example a pixel 8a is just under $400 full price.
Graphene also runs better than android due to lack of bloat, so you won’t notice the lower specs quite as much.
Graphene is probably overkill for a simple (commercial) privacy use case but it seems to be the best for confounding google and also stability. So that’s why so many people use it.
And there’s not much in terms of downsides.
Thanks for the response!
Currently, the Pixel 10 goes for 600€ including taxes, while the Pixel 9a goes for 370€. Both are on sale right now. The iPhone 17 and the Samsung S26 meanwhile both go for 1015€ and 1106€, respectively, just for price comparison. Would you still go with the 9a over the 10 in this case?
For my use case, the Pixel 10 doesn’t offer enough over the 9a to make the extra cost worth it for me.
I actually don’t know a lot about those models.
They last so long I tend to skip a few models at a time, and only bought my pixel 8a about 6 mths ago. So there’s been no need to research.
I’m sure there’s some good reviews or spec comparisons online. They tend to be excellent phones though.
I’m a tech snob but also a cheap bastard and they always fall into that middle part of the Venn diagram.
Using a 2nd hand Pixel 8 I got for 180 EUR running GrapheneOS, daily driving it since I received it.
Depends on your angle. The Pixel is a good phone and the OS works well, but it is a Google device. A growing minority wants to avoid investing in US big corp, or in anything US related in general given the current political situation.
A growing minority wants to avoid investing in US big corp, or in anything US related in general given the current political situation.
I’m definitely one of those people but there just aren’t that many alternatives. Like I said, I did consider Fairphone, but there were so many cons to their devices that it’s just not a reasonable choice for me personally. Which is unfortunate.
Thanks.
Got a Pixel 8a, i love it. Its fast, clean and customizable the phones have good technical specs and price/value for the a series is great.
In one year i only had two complications. One App i use hates the sandboxing and is lagging/freezing. I once had a broken update that bricked the phone until i sideloaded a newer update from pc. But its much less compromises / work then using a linux phone.
Can recommend the Pixel, after my 7 pro XL went to shit I’ve picked up a 10 pro w/ GrapheneOS - way better experience.
Thank you!
You’re welcome! Like others have said, look for a second-hand one or as in my case, if you can find a new one through a private seller. Rather not directly support Google either.
Adding to the noise: don’t forget that Graphene discontinues support for older devices as well, although the 10 is not one of them
It discontinues support on my phone the same month google does, so that support ends either way.
I did this. Pixel 10 pro. Works great. Did it for my previous 2 pixels as well. Feel free to ask about it.
As a Fairphone 4 user, I’ve been quite happy with it for a few years. Could you elaborate what you deem the cons to be? (I’m not gonna argue, just curious)
Fairphone is a good project but i have three reasons to prefer Pixel/Graphen.
Fairphones are big/chunky i like smaller one handed phones that fit well in pockets the pixel a series is alreddy on the big end for me, the form of the samsung s10e was peak.
The price value in pure hardware specs of pixels a series is just better.
Graphen > Lineage if you want to sandbox / emulate play services for certein games, banking apps, etc.
The $700 you give Google for a pixel is only going to erode your privacy further and personally I wouldn’t trust any device made by them, regardless of the OS.
Edit to say you are basically just rewarding their behaviour.
I wouldn’t trust any device made by them, regardless of the OS.
What device would you trust?
Edit to say you are basically just rewarding their behaviour.
That’s a good point and it’s one I’ve been considering. I would’ve bought a second-hand phone if it weren’t for the fact that the second-hand market in my country is so bad to the point it’s not even worth considering.
I think Fair phone with eos is the “least evil” option but you won’t be able to use most banking apps or contactless payment.
you can use contactless payment with Curve Pay
Banking app probably depends on the app
The surviving members of the Epstein community want to know for sure they are chatting with children when they pick their next targets.
as it should be
I just ordered a (refurbished) pixel 9 pro because of the possibility of graphene.
Otoh everything here requires a phone app to confirm every action…
Any suggestions where to purchase one where I wont be giving my money to either Google nor Amazon? (I’m in the US btw)
What about https://swappa.com/? I haven’t used it myself but have been tempted.
I have! Can recommend. Got my last two phones/pixels from them (or similar.)
Sure. https://www.backmarket.fr/ is a great place to start.
Found a good deal on a 9 Pro XL and ordered!! Thanks.
Awesome. I’m glad I could help someone online.
From now on, you’re welcome at my table! (although the drinks are on you) x
I buy mine third party refurbished off of Newegg.
That good enough?
I’m in the US btw
Ah well why didn’t you say so.
In that case, you’re just fucked.
You can buy used on ebay
I worry this will squander their new deal with Motorola.
Then again, what’s the point in a world class privacy OS if it complies with compromising mass surveillance laws?
I mean, they must comply or face fines, whereas users can modify things however they please. I am ready to leave google, discord and twitter, so for users like me who won’t be on platforms that require age verification, I’d have no qualms about modding my OS to remove/disable age verification.
As it should be.
