You must log in or register to comment.
Nobody gives a fuck about your weaseling technicalities. The salient fact is that this change was made in order to “comply in advance” with totalitarian fuckery. It SIGNALS POLITICAL SUPPORT for it, and that’s not okay!
The salient fact is that this change was made in order to “comply in advance” with totalitarian fuckery. It SIGNALS POLITICAL SUPPORT for it, and that’s not okay!
On an individual level, absolutely do not comply in advance with fucked up laws.
But as a technical professional working in regulated industries, you have to try to predict future legislation to remain compliant and permit your place of work to continue operating. Anything computer or network related takes time to update, and if you do it wrong you can bring your entire organization down. It’s far better to be proactive and ensure that your organization is compliant with future legislation than it is to sit on your hands because you don’t like this new change and then have to scramble to implement it at the 11th hour before your organization becomes noncompliant and may be forced to pause operating business. That’s literally your job if you are, say, a SystemD developer working for RedHat/IBM
This ire needs to be directed towards your local politicians (whether or not such age verification laws are in the process of being passed!), not towards career developers who happen to work on projects you care about
Or we could direct the ire at both. There’s no shortage of ire here.
I’d agree with you, except that it’s clear that the political systems we live under are flawed/non-functional. Non-compliance may be our next best shot at stopping these laws from getting any more traction.
It’s clear to me with the stance that the dev that closed the revert pull request that they aren’t willing to form any resistance to these types of changes. Actually, the revert pull request stated that their request was due to a number of people discussing the matter and they ultimately decided that there could be harm inflicted, yet the dev ‘poettering’ decided to supercede this decision. Not only is this the first crack in a hold-the-line situation with other major FOSS projects refusing to make the change but also shows their hand at how they stance themselves politically.
…if you do it wrong you can bring your entire organization down.
In theory, but also we just don’t hear of this actually happening to organizations very much. Why? (I could be wrong, I don’t constantly dig through news to find instances of this happening.)
Everything from tax issues to personal data retention and protection policy gets overlooked all the time, with very real consequences, and we don’t hear of those organizations getting “taken down” for it. (Like when Equifax lost all our Pii and were just like ‘whoops.’ They’re still forcibly embedded in our lives anyway.)
Maybe this would get used to bring down a tiny small business if it caught legal attention, but anything larger could likely shrug it off.
Organizations don’t seem to bother with such inconveniences unless it’s actively enforced and audited. Is California really going to do that with this? Seems like it’d be prohibitively expensive.
So it’s just a little weird to me when legislation is proposed to infringe on end-users and suddenly there’s this huge rush to “get compliant” ahead of time. It seems like a lot less IT due diligence and more virtue-signaling agreeance with totalitarian politics.
fact is that this change was made
No, no change was made in fact. It was a pull request… that was rejected.
Guess if I propose to edit you comment to “I’m stupid” and you say “no” you have also made that change somehow…
The REVERT was rejected by the systemd maintainer. The PR was accepted.
This is actually incorrect. If you check the birthdate Pull Request changelog and compare with the actual files, all of those changes are still in place. The decision to revert was rejected by ‘poettering’ here.
Lennart is a fascist fuck.
Storing a users birthday is useful metadata anyway. I’m surprised it wasn’t stored before.
The age isn’t verified is any way. You can set it to the 1800s for all it cares
Yeah like the email address and the full name of the user.
… What do you mean it’s blank for 99% of users?
I have mine set ¯\_(ツ)_/¯
your argument is an oxymoron. if the data is useful meta data, but the user can just put what ever they want as the date then it’s not storeing useful data. and that means it should not exist.
unless the point is to use it in the future where the user can’t enter what ever they want and thus legitimizes all the commotion.
You can also store an email there, so it can be found by other programs, but you can also leave it blank, or enter a fake email if you don’t want your email to be stored.
Given the open nature of Linux, I find it hard to believe they can lock it down like that.
The point is to comply with the letter of a shitty law and avoid volunteer projects getting killed by lawsuits, while being useless for tracking purposes.
This law was written by Microsoft lobbyists so they can sue desktop Linux out of existence, and this PR prevents that.
Wrong. The earliest date you can set it to is 1900!!! 😠
Another datapoint for fingerprinting.
So don’t provide it or give it a fake value.
You could also just not set it instead of using a nonsensical date
source? i mean you went through the effort to post a meme about it at least include the relevant information
The source is the source: https://github.com/systemd/systemd/commit/acb6624fa19ddd68f9433fb0838db119fe18c3ed
Takes a birth date for the user in ISO 8601 calendar date format. The earliest representable year is 1900. If an empty string is passed the birth date is reset to unset.
That’s it. That’s all it does.
Whatever was discussed in the PR, the code does precisely nothing to implement any kind of verification. It’s just an optional birth date field, like tons of electronics have had forever.
I don’t think anyone who read even the first paragraph of the article (at least the one i read) would say they are doing verification. They are simply adding a field for data to be housed if anyone wants to opt in. Instead of putting it in 20 different spots/apps it’s in one place that any third party can reference.
earliest representable year is 1900
(Time to set it to) literally 1984!
You can if you want
You also could just ignoro it entirely as it is optional
I foresee an astronomical amount of people born at unix epoch to appear if it becomes a required field lol
Since it’s about birth dates, shouldn’t it be an astrological amount of people?
That might just make it easier for them to put them all on a list. Use random dates instead, then they have to identify you and confirm you’re not using your real date to put you on that list.
October 15th, 1582 is another one you see often. (Edit: Some date systems use this as 0 because it was the start of the proleptic Gregorian calendar.)
Don’t forget December 31st, 1969 which you’ll see when computers adjust UTC midnight at the Unix epoch to local time in the western hemisphere.
Lawmakers don’t care whether you’re 18 or 56
Well I still don’t dang like it I’ll tell you hwat.
reads comments
Umm, I think they can read.
I found it extremely funny when people started asking for systemd replacements, of all things, after systemd added the ability to store a birth date.
The author of the PR explicitly says IT IS TO COMPLY WITH THE NEW TRACKING LAW (LOBBIED BY FACEBOOK/META).
It didn’t even add that. You can put custom fields into userdb. It just standardized that, right next to other standard optional fields like full name.
Out of all the steps that happened, this one should be the least controversial, but some people see systemd and start the heavy breathing.
There’s a bunch of idiots looking to crucify someone over this. This fucking witchhunt bullshit is really shaking my faith in the basic goodness of the Linux community. Trying to make some dev that put a line of code in systemd into a pariah isn’t a good look for opensource.
Edit: 4 fuckwits and counting that don’t have the courage to show their usernames by telling me why I’m wrong to despise pitchfork mobs.
Just because one idiot state in the US changes a law doesn’t mean the entire world needs to follow. Fuck em.
It’s a good reminder that a lot of Linux Enthusiasts are very quick to bandwagon.
SystemD already has (optional!) fields to store user data, proactively adding a birthdate field as multiple jurisdictions are working to pass age verification/restriction laws and the clear best (or more accurately, least worst) technical path to cleanly doing so is to store the user’s age in the OS to pass to the application, it’s a very sane move.
Developers and maintainers don’t exist in a vacuum. Corporate Linux maintainers need to ensure that their product is legally compliant. SystemD, is developed and maintained by RedHat, a subsidiary of IBM. They would be silly not to be proactive in the face of a clear legislative trend to ensure their product remains legally compliant.
It’s the same thing any professional has to do when they work in a regulated industry (which IBM operates in many regulated industries, from finance to banking to military contracting, they have a ton of industry regulations to try to meet), keep an ear to the ground for any likely upcoming new legal requirements and proactively meet those potential new requirements so instead of scrambling at the 11th hour you can focus on other things.
Folks blowing up on this should be focusing their efforts on their legislators, not on hardworking devs who are just trying to make a living
Folks blowing up on this should be focusing their efforts on their legislators, not on hardworking devs who are just trying to make a living
I’ve talked about why we all should be voting on Lemmy and its a bridge too far. Particularly the ml crew.
I don’t even know where this rumour came from.
systemd is introducing birthDate as a user json field, if that’s what you mean with rumor.
The PR to revert that change was not merged:
So apps can look at it and verify the users age? 🤔
“Verify” is a strong word, if the age in there isn’t actually verified. If I say my realName is Nunya Bissnis, my location is Atlantis and my birthDate is 1970-01-01, who’s going to check if that’s at all accurate?
If someone populates it and if apps do it. The “debate” is whether this is something systemd should or should not have done.
I only mean the verification is clearly in the app that uses it then.
It’s not a rumor, systemd merged a PR that explicitly said it was to allow handling the new age verification laws. Just because they aren’t actually verifying anything doesn’t mean that they didn’t merge code in direct support of the laws. And why in the world would this even be handled at systemd level anyway?
Ideally, we wouldn’t need to do age verification at all. But if it’s absolutely required, the most privacy-preserving way would be:
- System administrator verifies the birthdate of the user, stores it on the user account
- Applications can then ask, “is the current user over 18?” And just gets true/false.
But if it’s absolutely required
It’s not.
Applications can then ask, “is the current user over 18?” And just gets true/false.
the current implementation allows reading the precise age
Exactly, and some of the laws require just asking if the age is over a some pre-defined threshold, not sending the full date, for example “is the user over 18? Is the user over 15? 13?”
And just to be clear, I do think that “protecting the children” is just an excuse to push surveillance tech that was very convenient to use after the Epstein files. I am strongly against these laws and I am supporting ($$$) activist groups fighting against them. Do consider donating or getting involved too if you can.
But this specific change isn’t adding surveillance to Linux. It’s just a date of birth field that a parent can set. I can see why a parent would want it instead of using shady and intrusive “child control” software that takes over the computer.
You need to store the date of birth to update the user’s reported age automatically. It makes sense and puts the “protecting the children” responsibility back on parents instead of third parties that every website is now starting to use.
The systemd solution is not even reusable for actual verification because it can’t provide any cryptographic proof of the verification! It’s literally just a date.
How can this replace “child control” software? The system web browser may well report the age field (or age bracket) to websites without letting the user modify it, but what stops them downloading a browser that does let them modify it? Or modifying the source code and compiling a version to lie about their age?
All of this was discussed in the PR.
Systemd is present on the vast majority of Linix systems so it made the most sense to put it in systemd. It is an optional field so it is up to applications and distros on weither to use it for something. Age verification laws are legally binding so compliance is not optional.
If you have a problem with age verification call your local lawmaker. Don’t attack a bunch of devs who somehow got stuck in the middle.
Well, how do I put it… compliance is optional
And then they scream RTFM at linux noobs
