I'm completely baffled why anyone still engages with the "official" framing around this. Obviously, it's not for protecting children. Obviously, it's a technocratic trojan horse for increasing surveillance capabilities on digital systems. This is so cynically anti-democratic that they obfuscate the real purpose, don't even bother to make it plausible, and everyone is left talking about how "awful it is" that it's already legislated.
I swear to God, if someone replies to this talking about how we need to protect the children I'm going to start requiring "age verification" from commenters, and I'll do a little background check to find out w̵h̵e̵r̵e̵ ̵t̵h̵e̵y̵ ̵l̵i̵v̵e̵ if they're over 18.
Controlling what children do online is a solved problem: Parenting and parental control applications.
Spoken as someone who probably hasn't used iOS/Mac parental controls. It is a hot buggy mess that randomly blocks whitelisted applications as well. We use it, but it is a constant pain. Also a lot of applications only work half, e.g., TV apps blocking off all content rather than only content that is not age-appropriate.
By the way, we were initially firm believers of not using parental controls at all, by limiting time and teaching kids about how to use devices in a healthy way. But a lot of apps (e.g. Roblox, YouTube Shorts) are made to be as addictive as crack, making it very hard for a still not fully developed brain to deal with it.
That said, I absolutely dislike the current lobby for age verification because the goal of Meta et al. seems to be to be to absolve themselves of any responsibility by moving verification to devices and to put up regulatory walls to make it more difficult for potential competitors to enter the market. It is regulatory capture.
The addiction economy is hard to deal with for anyone - regardless of age. So, I agree this is definitely not a solved problem, but from what I see the only viable way forward is actually to do pretty drastic things like not own a smartphone.
tbf, when most of those posting here were children, access to smartphones/tablets with unrestricted internet connection wasn't a problem
but i do remember my parents actually raising me pretty hands-on, taking care of me not watching stuff I shouldn't be watching which of course existed and was easily available
Btw, it doesn't need to be actively coordinated for this to happen.
Building architectural styles used to be per city and now buildings look roughly the same worldwide. Style is dependent on the year built not the location.
Because every architect is "reading the same magazine" worldwide now that the internet exists, rather than debating in their own city.
Similar monoculture of global thought is happening in all fields.
It's almost like a well-monied or well-connected lobbyist is pushing this heavily. Multiple contenders out there as to who it could be. But regardless of who the originator is, the push can be kneecapped. Imagine jurisdictions that have an opposite push - one that criminalizes use of age verification software such as mandating providing government ID or facial scans. It can be done!
Well obviously? It's literally being broadcast in the news when diplomats talk to each other. What do you think they are talking about if not policy discussions?
So it seems normal that a bunch of politicians, in the current climate, got together and decided that the weakest form of age verification imaginable absolutely had to get passed everywhere?
I'm not saying there's definitely no coordination, but nobody had to get together to decide that 2026 was the year for 90s fashion to make a comeback. Human society is very prone to fads in all areas.
The simpler explanation is that we live in a world that is more connected than ever so politicians, campaigners and the rest can get policy ideas almost instantly. There is no grand conspiracy, just a smaller world.
Yeah, it's not like there's a literal james bond supervillain who writes books about this stuff and brags about how half of parliament is in his pocket.
With every law we allowed in the name of child safety, we enabled the real goal, control. They barely have to even mention children in the new laws beyond "we have to legally cover ourselves against all the other child safety laws already in place."
I estimate we have two to three years in the English-speaking world to organize an effective lobby for the rights of the common man before changes to the speech environment and habitual methods of communication make it impossible. There's less than a year before the wave of lock-downs reaches normal internet users through announced policies like the Android software installation ban and through the growing effectiveness of algorithmic "Joy of TikTok"-style discussion selection, and one to two years after that before we run out of other avenues. The latter timeline could be too optimistic if the completion of the TPM-to-cloudflare chain of permission for desktop environments (steps had been made in the past but failed after public pushback) comes without a lot of advance notice. Don't forget - after each new constraint on the public, the next counter-reaction will be smaller, and the next change will be bigger or sooner.
Personally I do not believe this is a solved problem. Technically maybe, in practice not at all.
It is quite a job juggling the controls of the different companies. Microsoft even has two, one for Xbox one for windows.
And then your child turns 13 and your only option is to take away the devices entirely.
Another thing already discussed is school provided hardware. I know the schools try, but it is usually one person against 300+ students trying to figure out how to game/hack the system. Eg there's no reasonable way where you can expect one person to maintain a YouTube channel whitelist.
I do agree that we might be solving this issue the wrong way, but there is a definitely a problem here.
> Controlling what children do online is a solved problem: Parenting and parental control applications.
This is absolutely not true.
Here in the UK schools are swarming with ipads and shit like that. They're given to primary school children because they're "more engaging". Children are supposed to practice their reading and even handwriting[1] on ipads. Naturally they're on youtube instead. It's really bad. As far as I can tell, private schools are even worse. Currently the only way that I know to escape this is homeschooling.
Saying "it's a solved problem" is incredibly dismissive to parents who do everything right in their homes, but then send their children to school and schools exposed their children in this way.
Saying that phrase in such a definitive manner caters to the interests of the companies who push these shit onto schools. Please stop saying it, it's harmful.
[1] leaving this reference here because I'm certain that people without school aged children won't believe this is actually true:
https://www.letterjoin.co.uk/
There's no (state) school giving out tablets that aren't pretty much single-use locked down devices.
That's the parents.
The expectation that "Parenting" is now outsourced to Teachers, to the Government, to anyone else. People seem to expect they just have a kid, and somehow magically they'll grow up to be a perfect person without any work from themselves. So there's over-reach, there's pressure on making "unworkable" soutions, because the people they're trying to force "solving" the problem aren't the people in the best position to do so.
Your comment seems working from that very same assumption.
Yes, all the "technical" part of content filtering etc. is very much a solved problem. The issue is that's not a "zero effort" solution - they still need to be enabled and managed. And I'm not sure that's a "technical" problem than can be solved.
There's huge pressure on teachers etc. to "solve" these sort of problems - just go to any PTA meeting and there's a lot of loud voices asking for stuff like the laws the original post is highlighting. And politicians listen to the loud voices, and feel they have to be "seen" doing something. Even if that "something" is impossible, unworkable, and fundamentally harmful.
> The expectation that "Parenting" is now outsourced to Teachers, to the Government, to anyone else. People seem to expect they just have a kid, and somehow magically they'll grow up to be a perfect person without any work from themselves. So there's over-reach, there's pressure on making "unworkable" soutions, because the people they're trying to force "solving" the problem aren't the people in the best position to do so.
Yeah, because the parents' time is now dedicated to their employers. When parenting wasn't outsourced, families typically had a parent at home doing it full time.
Don't blame the parents and ignore the story of reduced family capacity.
> Yeah, because the parent's time is now dedicated to their employers. When parenting wasn't outsourced, families typically had a parent at home doing it.
This seems to imply that the problem is that we started letting women work, but I suspect the actual problem is back to restrictive zoning again.
If you let people actually build housing, and then some people have two incomes, they use the extra money to build a big new house or drive newer cars etc. If you instead inhibit new construction, the people with two incomes outbid the families with one income for the artificially constrained housing stock, and then every family needs two incomes and like flipping a switch you go from "women are empowered by allowing them to work" to "women are oppressed by requiring them to work".
I don't think just building more housing is sufficient. That might decrease the cost of living somewhat, but probably not enough to remove the need for a second income.
I think ideally most families should be able to survive on the income of one parent, regardless of which parent that is. But I'm not sure how to get there, although I think the problem is closely tied to wealth inequality.
I also think in a better world, it would be practical for both parents to work, but work fewer hours, each working 20 hours a week. But in the US at least that generally isn't practical because most such jobs don't provide health insurance or retirement plans, and are typically very low paying jobs.
>I don't think just building more housing is sufficient. That might decrease the cost of living somewhat, but probably not enough to remove the need for a second income.
While shadowy special interest groups and large corporations are able to write text directly into the laws of anglophone countries, The People can't even talk about one instance without fragmenting into a trillion pieces covering topics such as the affordability of housing.
The left wing constantly says “we started letting women work”. Women have worked for thousands of years. The phenomenon of manipulating women into believing working for a corporation is some kind of “higher calling” is relatively new, and it’s been a disaster for the family unit.
One is that people tell women it's good to work for a corporation, some of them believe that to be true and choose to do it, the others retain and exercise the option to do something else.
The other is that we set up an artificial scarcity treadmill so that if some families have two incomes, they outbid the ones that don't on life necessities and then women have to take a job at a corporation in order to be able to afford to live indoors even if that's not what they would otherwise choose to do.
> The expectation that "Parenting" is now outsourced to Teachers, to the Government, to anyone else. People seem to expect they just have a kid, and somehow magically they'll grow up to be a perfect person without any work from themselves. So there's over-reach, there's pressure on making "unworkable" soutions, because the people they're trying to force "solving" the problem aren't the people in the best position to do so.
NOT giving children addictive devices isn't not outsourcing parenting, it's basic social responsibility. Like not giving them cigarettes. I find it encourating that most other commenters understand this.
> There's no (state) school giving out tablets that aren't pretty much single-use locked down devices.
False, and this betrays that you have no experience with what you're talking out.
In theory „There's no (state) school giving out tablets that aren't pretty much single-use locked down devices.“
In practice, most schools lack anyone with enough technical literacy to lock down the device. So they just hand out unlocked cheap android tablets with all the stock spyware and advertisement pre-installed.
They don't "hand out" anything really - probably the closest thing is government programmes to fund laptops/tablets for low income families, but not a single school locally "gives out" tablets to kids. But they're all just "normal retail" devices.
They have some things used in lessons, but they're all given out at the beginning of the lesson, then gathered at the end.
You could argue that it's a problem they they assume home access to such things anyway - especially in later years - as things like online 'homework' is the norm.
Again, this is not true. Some public schools do buy ipads and licenses and do hand them out and some times they're unlocked. You COULD do a basic google search and learn about the topic on the news, you're you don't actually care to learn, you're just spreading noise.
You're talking about a solved problem and a few comments down there's a bunch of people in this very comment thread losing their minds about Linux devs working on implementing parental controls.
“There's no (state) school giving out tablets that aren't pretty much single-use locked down devices.”
They try, but kids are smart and there are holes in the tools to lock things down. You would not believe the inventive workarounds that kids find to circumvent content filters. It’s a losing battle to lock everything.
Parents don't have the right tools to minimize harm to their kids online. The parental controls offered by Apple and Google were intentionally designed to be full of holes.
>>> Controlling what children do online is a solved problem: Parenting and parental control applications.
>This is absolutely not true.Here in the UK schools are swarming with ipads and shit like that. They're given to primary school children because they're "more engaging". Children are supposed to practice their reading and even handwriting on ipads. Naturally they're on youtube instead. It's really bad.
And how does that refute what the parent said? Those school ipads could also have YouTube locked or restricted to a whitelist of channels.
The schools could also simply not distribute tablets or laptops to students. The technology has not produced noticeably better readers, thinkers, or writers compared to the days when students read actual books and wrote on paper.
> Those school ipads could also have YouTube locked or restricted to a whitelist of channels.
There's so much wrong here.
A) there's ways around that stuff that any child can figure out.
B) schools aren't in fact obligated to enable those, and some don't.
C) who decides on what channels are allowed? The school does. But teachers are basically people off the street that did some basic training and (from my experience) have zero critical thinking. This are not the best and brightest.
D) big tech will tell you "this is age appropriate" and the only thing that means is that you probably won't see porn. Anything else, including gambling ads on youtube, you do see.
You see, you're trying to discuss the specifics which in this case is a losing approach if your goal is to protect your chidlren from being victimized by the attention economy. The reason is that those benefiting from the attention economy have more lawyers and more engineers to deploy than any individual parent.
>A) there's ways around that stuff that any child can figure out.
No, there are not for hardware locked devices with the proper controls (what apps, websites, etc to allow).
>B) schools aren't in fact obligated to enable those, and some don't.
The technical problem is solved, if they don't want to implement the solution that's on them.
>C) who decides on what channels are allowed? The school does. But teachers are basically people off the street that did some basic training and (from my experience) have zero critical thinking. This are not the best and brightest.
Again, irrelevant. A common policy can be created (e.g. by ministry of education experts) and shared with schools.
> > B) schools aren't in fact obligated to enable those, and some don't.
> The technical problem is solved, if they don't want to implement the solution that's on them.
Just to be clear - do you not understand that a parent might be parenting, but some times their children is in care of a school? Your focus on "a technical solution exists" is missing the real issue here, and it's not a technical one.
>but some times their children is in care of a school?
And not only that but some of those times are dinner break, on a school campus with a thousand other kids and barely any supervision. Even if phones are banned, it's easy to hide one and for a child to be showing their friends unhinged stuff they found on 4chan.
And some of those times are on a bus carrying at least 50 kids when they're 'supervised' only by a driver ... and so on.
But you know, I find it frustrating that the people we're talking to clearly have no experience with the subject but they come in here and state with confidence they're opinion on something which is for them a hypothetical. They don't know what's going on.
I mean, we all saw the occasional heinous stuff, goatse, lemon party, etc, that doesn't ruin you. I don't think preventing them from ever seeing anything disturbing is a realistic goal. It's more an issue when kids are allowed to be fully addicted on an ongoing basis instead of spending their time doing things that help them grow. I think keeping them from spending all their free time on youtube or in Roblox is more the goal.
This, it's the stupid addictive games like Roblox and social media like YouTube. Circling back to schools (not-UK), here even teachers let them play Roblox sometimes in primary school on school hardware. The problem as a parent is that you cannot get upset and fight about everything, you need to pick your battles. This is made worse that you are most likely a minority, most parents will say/think a little Roblox or Tik Tok at school is harmless fun.
IMO the problem is twofold: first, younger kid's brains are not developed enough to deal with games and social media that are intentionally made to be addictive. Heck, even a lot of adults have issues limiting their time. Addictive games and social media should just be forbidden under 16 years. Currently our government has only issued a recommendation, which does nada. Second, teachers and parents need to be educated better. Many have no idea that these addictive apps are an issue or just don't fully realize the damage they do.
I'm talking about both parents and schools: the technical solution exists. If parents/schools don't want to implement it, that's on them.
This answers your objection A and B. C is also a non-probem with a trivial fix, as I showed.
What we're discussing is whether age verification is needed. Based on the existence of other, perfectly fine solutions, it's not. "But schools don't bother implementing those other solutions" is not a counter-argument to this discussion.
But this thread is discussing the technical solution and how many jurisdictions are pretending there’s no technical solutions just so they can pass surveillance legislation?
Exactly. We've completely lost (actually never had it) any social responsibility on the part of the social media/tech companies. Before we had the internet and all these apps and devices, parents looked after what their kids did but could also pretty much rely on other businesses to not do things like sell their kids cigarettes or pornography, let them in to R-rated movies, or expose them to other age-inappropriate stuff. Did it happen? Yes here and there but it wasn't easy for most kids.
Parents just want to be able to designate a device as belonging to a child---one setting---and have that respected. Not to have to dig into the settings of every account, service, app, and website and figure out how to set it in age-restricted mode (if that's even possible).
The tech companies have made this way too difficult and now they are facing the consequences of their shameful neglect by having to deal with all these new laws (which they will probably ignore, with no consequences, but we'll see).
It's understandable that parents are upset, but tech companies are not the ones harmed by these laws. When we've outlawed privacy, it will be the public who suffers.
> Parents just want to be able to designate a device as belonging to a child---one setting---and have that respected.
The problem here is, what does that actually do?
If you say the device is for kids, can the kids then see content related to firearms? What if the parents are Republicans and don't want that censored for their kids? Also, what does it even mean? Does a YouTube video on firearm safety get blocked because it contains firearms? Should "kids" be able to view sex education content?
If nobody agrees what should be blocked then the reason they don't have a setting is that nobody knows how to implement it.
Checking what the school is exposing the children to is part of parenting, if enough parents demand parental controls on the iPad you'd get that. Also it sounds insane that any school is given children iPads, if anything the studies show worse outcomes with iPads
> Checking what the school is exposing the children to is part of parenting, if enough parents demand parental controls on the iPad you'd get that.
Yes, but often times enough parents DONT demand that.
Most parents think "ipads are a good thing children need to learn tech in order to have good jobs". Other parents think "ipads aren't good but if I complain I'll be that annoying parent that no one likes". Only a minority is vocal.
Since schooling closer to home obviously solves this problem, and a host of many other problems, and doesn't introduce any real problems (bad schools don't save kids from bad parents, which seems to be a rebuttal to home-based education, it would seem to me the answer is obvious:
Return to a single income household economy and bring education closer to the home, if not outright in the home.
That the schools are unable to implement the technical solutions for parental control tells you about the schools, not about the technology.
And that parents rather have everyone's actions on the internet surveilled because they can't coordinate with their schools tells you about the parents.
But this is ridiculous. The problem was created by the state (which ultimately runs the schools), and now the state wants to impose additional rules on a bunch of totally unrelated adults to (probably fail to) solve their self-imposed problem.
100% agree with you. I'm not arguing for regulating websites. In my scenario the schools are the actual problem. (EDIT: Actually, Meta and such companies are the actual problem, but in our world nobody expects that they have anybody's best interests in mind. But schools should.)
I was strictly only responding to the phrase "this is a solved problem you just have to parent".
LoL scapegoat found. Actually not a bad idea. "Your child must not bring any digital end device, that is, in fact or in principle capable to connect to the internet, and display graphical content in any form other than text. Needs for telecommunication do not constitute a claim for exemption. Parents who want their child to be able to make calls from a mobile phone, may supply their child with what's colloquially called a "dumbphone" ,i.e. a phone that is not capable of the aforementioned technical features. Breaches justify the exclusion of your chid from participation in class for the day, or in cases of repeated violations of this policy, of up to one week. The parent agrees to have the full responsibility for the care and supervision of their child upon short notice. Resulting financial losses that might follow in the aftermath of such a transferral of guardianship back to the parents on short notice from thus necessitated time commitments for them are their responsibility alone and cannot constitute claims against the school. The responsibility to catch up on thus missed lessons lies with the pupil alone and does not constitute the privilege to be excused from examinations.
In my country, state schools strictly forbid students from bringing devices to school. This rule was actually introduced because of the haves/have-nots issue here, because many kids are too poor to afford devices. The schools themselves don't provide devices because it would be prohibitively expensive due to the large student population. Most private schools don't allow devices either.
When people say "parental controls" they obviously don't literally mean "parental controls controlled by PARENTS", they mean "parental controls controlled by parents AND OTHER guardians such as teachers and schools".
If the school can't be bothered to lock down their ipads, why not make a law that schools must lock down the ipads, rather than push this out to everyone universally?
It seems like another shoddy excuse of a panicked panopticon to me. Feel free to try to convince us otherwise.
I volunteer at a makerspace, twice already adults came to seek help "bricking" their smartphone, so it can only be used when a certain RFID token is present, the problem is there exist commercial solutions aimed at companies and institutions, where the employee can't disengage the lock, and then theres commercial (and open source) solutions aimed at individuals, but these can always be easily disengaged and bypassed.
I agree that children's elders (parents, teachers, ...) should be able to control the available apps and platforms, but only for a reasonably short period (so that kids don't grow up in censorship right until they are adult, it should be continuously relaxed until the kids are in control of their own impulses, so whatever mechanism is used, it should gradually relax willy nilly the opinions of the elders or the state).
This brings up the next problem: what if parents mutually disagree? and what if teachers mutually disagree? and what if parents and teachers disagree? So there should be some kind of jurisdiction awareness in the parental control system: when at mothers place, mothers rules, when at fathers place, fathers rules, when in this or that teachers class their rules, as that would be the technological agnostic position (regardless if the old ways were good or bad, thats what technological non-interference would suggest).
But even if all parents, all teachers agreed on the parental control settings for a child, they can't really do it effectively since they are placed at the whims of big tech, with clear visible conflicts of interest like advertising, engagement, etc.
To solve that government should mandate a simple secure way for the smartphone to accept a user generated cryptographic public key, upon proving ownership so that they can sign their own root, first non-ROM (actual silicon ROM, not firmware images) op-codes chosen by the user. Then they can install any open source parental control software they want.
Its the surveillance state refusing to give the populace the keys to their own smartphone, and then deciding to "solve" the resultant inability for effective and community controlled parental control mechanisms by degrading privacy for all.
"we have to reign in your privacy, because we refuse to give you the ability to sign your own bootloaders, for freedom and safety of course"
every time we have people complain about how expensive "bricking" software and effective parental control software are (the commercial solutions aimed at companies and institutions, which have special arrangements with smartphone industry), we should direct them to a petition to force an actual right to compute by mandating computers INCLUDING smartphones allow the end-user to sign their bootloaders with a self-generated key of their choice.
Then the problems will disappear overnight, and solutions for this problem will come in a form like all the big beautiful free and open source software, and it will work, and it will be sane.
Because the effects on our children is popping up simultaneously. Because globalization. Because every teenager is influenced by the likes of Andrew Tate and series like Adolescence. Either directly or indirectly.
This is what we wanted. We wanted a connected world. Be careful what you wish for.
They don't like what happened to their PR for what they did in gaza and they want to get ahead of the curve and stop us from seeing what they are going to do in IRAN without their SPIN.
Its a poison pull to lay down the infrastructure for controlling narrative on the internet
Might want to explore “Agenda 2030”. I don’t know for certain if it applies to this specific issue. But it does hint at a coordinated effort to build a completely new framework for managing the human species through technology.
“Yeah, so basically the current prevailing sch[*]zo internet theory is that Al nerds have destroyed the internet and created infinite spam.
The advertisement goons are now incapable of determining who is a bot and who is an actual human. The advertisement goons no longer want to pay as much to social media networks.
Social media networks, in full blown panic of losing potential revenue, decided to lobby governments saying
"we gotta protect the kids! ID everyone to protect the kids from pedophiles!".
The social media networks know this doesn't really protect kids. But, it does two things (and a third accidentally).
1. They now can identify who is human and who is Al slop machine, or enough to appease the advertisement goons
2. Advertising to children is a general no-no from politicians, or something, so with ID verification they can say with confidence they're not advertising to children because it's been ID verification. Basically, they can weed out the children and focus on advertising to adults
3. The feds can now tell who is human and who is Al slop. This inadvertently helps them with tracking people and serving fresh daily dumps of propaganda, or whatever they want to do.
It's a win-win-win for advertisers, social media networks, the government, and any business which does data collections.
It fucks over everyone else.
Chat, I'm not going to lie to you. This is an extremely good conspiracy sch[*]zo theory and 1 unironically believe it.”
That _sounds_ somewhat plausible but it means those social media management is completely anemic to everything if true. We just all know that getting verified is how AI spammers get to do spamming. Or post unwanted yet kosher contents. Everything unwanted can be made legal though not everything desired can be made legal.
Zuck wanting to build a centerpiece for his lair made out of resin fused copies of driver's licenses would sound more plausible.
In this case I think the schizos may be right. It makes complete sense. And $2b is peanuts to Meta, on par with the amount they’d authorize their lobbying department to spend over the course of a few years. I’m not surprised at all.
It reaches far out, not just the West. China remains relatively immune. S. Korea and Japan immune to some degree. Russia, unfortunately, is not immune at all.
Everything appear to be illegal in China, but also everything illegal appear to come from there. Their chemotherapy dose table is calculated for diluted compounds. Coupling their law text to regular universal enforcement is just a suicide.
Not sure when exactly that happen but decade years ago or so, people were sharing this spoofed infographic in which the Internet was a cable tv-like service where you'd pick big media sites you'd subscribe to, IPTV/streaming, optional secondary sites - all of this curated and safe, free of any dangers. No lewd content whatsoever.
And honestly, I can't get rid of the feeling that this is where we're heading into. These are last years of the wild Internet and its next iteration will be passive and probably in 99% generated corporate safe slop.
And the groundwork was laid by very well connected think-of-the-children evangelicals, transphobes and sex-work-phobes over years. Never forget this. Meta just added nitromethane fuel to a raging fire.
To be clear, I don't agree with these laws and think they are very much the wrong way to try to solve the problem.
But it is not a solved problem. From what I've seen parental control software is generally pretty terrible. But this age verification stuff isn't really helpful.
It's a solved problem with a slightly flawed implementation on the end devices.
You seem to be arguing that introducing the whole new class of legal frameworks, technical requirements and privacy scandals(1)(2) is somewhat better than fixing the end user software flaws.
That dude gives off such slimy vibes. Not like he’s evil. More like he’s unqualified to be in the position he’s found himself in. His presentations on talk shows gives me the impression he knows just enough about the topic of digital effects on society to throw together a book. The he lets people raise him up to the microphone and speaks for the sake of speaking. Hardly an expert, not an operator.
Compare to people who have the means to build, modify, and test the systems they talk about. Maybe no one can be this kind of an expert in the field of sociology. But if that’s the case do not present yourself as confident. Answer most questions with “I don’t know”. Refuse praise. Exude humility.
If you were familiar with his background you wouldn't be writing this comment, which makes what you wrote a bit awkwardly ironic.
Short of it: 30-ish year career as a psychology professor and researcher focused on morality and emotions. If you follow the track of his popular science books, The Anxious Generation (on smartphone use in teens) is very much a sequel to The Coddling of the American Mind, which itself is something of a sequel to The Righteous Mind, and so on. There's a very clear linearity and progression to his works.
I am familiar with his other books. And it’s clear he has an established career. I just don’t think he should try to present such simplified narratives. “Coddling of the American Mind” is what first put him on my radar and set off alarm bells.
At I said this might just be a field where normal expectations of expertise can’t be met. But that doesn’t mean you can rescale and match the confidence of other fields.
He’s putting himself in a position similar to politicians running for office.
So, firstly, before I dive into your comment; about the topic above, this is the result of a terrible headline gone wrong in a single state in the US. The language never required any changes to Linux, or Windows, or any other operating system, for that matter.
Someone read the text, and made a clickbaity headline, and it went viral. then, another state made a similar bill, and it went viral again.Age verification isn't coming to Linux any time soon, and no, you aren't breaking any laws by either developing for, and/or using Linux if you are a U.S. citizen. It is literally illegal to pass a law like that thanks to the constitution. Outside the U.S.? well depending on the country, you likely experienced something better or worse, Regardless...
It is pretty remarkable that it [age verification] has popped up in multiple countries at once. It is almost as though a certain few billionaires are interested in suppressing speech.I wonder who those folks might be? ;)
The folks trying to shut down the masses via stuff like this should probably read some history, because that never works out...like ever. Doing the same thing over and over again won't make it work. It won't work this time either.
> 1798.501. (a) An operating system provider shall do all of the following:
> (1) Provide an accessible interface at account setup that requires an account holder to indicate the birth date, age, or both, of the user of that device for the purpose of providing a signal regarding the user’s age bracket to applications available in a covered application store.
[And some other stuff]. A simple reading says operating systems need to ask the age of the accout holder during account setup. It says the purpose is to provide a signal to a covered app store, but it does not exempt operating systems without a covered app store.
To me, the biggest issue is that it seems to think of computers as something you use while being near and having only one user at a time accessing, where computers you use might be far away and have thousands of people accessing them per day with hundreds of concurrent users and tens of thousands of accounts.
If you don't intentionally allow accounts access to any app stores, do you still need to collect the data ? It says to collect it, and that's the purpose but it doesn't say if you're not permitting that purpose you don't have to collect it
That an issue to you, I, personally, love the idea of submitting my ID to McDonald's kiosk before ordering.
Maybe that would finally push them to make kiosks that run entirely without OS. I expect a big enough Rube Goldberg machine could do the task if not as efficiently, then at least in a more entertaining way.
I think, if there's no account setup, there's no need to request an age/birthday signal. Although if there's am app store and no account setup, you might have trouble.
> Something remarkable and unsettling is how the age verification debate has popped up almost simultaneously in the US, UK, and EU.
nothing strange about that. You have higher interests in control of the (national) governments in several countries, planning things at once. This is what you see as a result. It certainly did not involve democracy.
Eh, it really isn’t that surprising. “Activists” in any country are quick to capitalize on a news cycle. You also missed AU. If you squint you would realize that they are all English speaking (or use English as a common exchange language)
It’s not a solved problem at all. Your take is very libertarian, which I personally sympathize with, but if we’re being honest it doesn’t align with reality.
The truth is, there are a lot of bad parents that are, for various reasons, unable to perform these parental duties.
We’ve always restricted children from accessing certain things without relying solely on their parent’s abilities or discretion.
I’m strongly in favour in giving parents as much control as possible. That doesn’t negate the fact that the vast majority of children, for example, currently have completely unrestricted access to hardcore pornography.
Shrugging it off, proclaiming it’s a parental responsibility, doesn’t solve the real world problem.
Previous to the internet we didn’t allow free unrestricted distribution of pornography to children. We stepped in as a society and said, no actually if you’re selling that… fine, but you need to verify the age of the customer.
I don't think this is a left- or right-wing issue: Australia was one of the first to ban kids from social media, and Australia is not right-wing by any measure. Canada is hardly right-wing, but age verification is bill S-210 in their parliament.
What you're seeing is a coordinated push by transnational interests; Meta's name has come up in discussions of the funding behind this push. At the very lest, verifying age also verifies that a person is real and not a bot, so advertising firms like Meta will benefit from verification. That's not right-wing or left-wing but rather the influence of business over the political, and neither wing of the spectrum is immune to corruption.
Agreed, it clearly isn't a matter of left vs right. It's about liberal vs illiberal values. Unfortunately for all of us, liberty is falling out of favor.
> Separate from this policy debate I think you’ll find Australia is a country where the right frequently wins actual majorities of the vote.
Isn't that basically every democratic country?
We can't judge how "right" or "left" the political culture of a country is by how frequently the right or left win office, because in the long-run they tend to win office roughly equally often just about everywhere.
A better way of judging this question, is how the policies of their main left/right parties compare to those of their counterparts in comparable countries
>I don't think this is a left- or right-wing issue: Australia was one of the first to ban kids from social media, and Australia is not right-wing by any measure. Canada is hardly right-wing, but age verification is bill S-210 in their parliament.
I'd classify both as very corporate friendly, far centrist, which is just as good as "right wing". Nothing about actually empowering the masses, and even less so the working class, only elite pseudo prograssive talking points.
There's 2 axes on the political spectrum. Economic and Social axes. Liberal and Conservative is one dimension (Economic) and Authoritarian and Libertarian is another dimension (Social).
In the US both the Democratic Party (Liberal) and Republican Party (Conservatives) are considered Authoritarian on this 2 dimensional graph.
Milei claims to be a Conservative Libertarian so, in theory, he should be opposed to this. We'll see what he actually does.
it worked with p(l)andemics, why it wouldn't with online verification? they always come with some noble reason how to force something down the population throat and majority still falls for it
heck I don't see everyone boycotting and embarging US/Israel for their aggression against Iran, because they came up with good story once again, cough...Iraq WMD...cough
If you wanna surveil your children, surveil your own fucking children. You have no say in other people's lives.
Now, as for solutions, it's also simple but unpopular. People shouldn't be so rich they have transnational power. All this is happening because we let a tiny group of mostly anti-social people get so much money the only way they can spend it is this kind of BS.
People discuss policies all the time, and take inspiration from jurisdictions where those policies /appear/ to be implemented and "working"
The idea that there is an age requirement (for certain content) has been around for a very long time (Facebook, for example has a no under 13s rule in their T&Cs, many porn sites have a 18 years or older declaration before allowing access, and so on)
Australia has recently implemented law(s) that take the next step forward, and the other countries in the world that have been wanting something similar are seeing that, seeing that there haven't blowback from corporations or voters that makes the idea of the law unpalatable, and thinking that they too can implement laws that work in similar ways.
If you actually pay attention to global politics you will see that this sort of behaviour occurs fairly regularly (look, for example, and the legalisationg of homosexual marriage, there was a law legalising it in the Netherlands in 2001, then Belgium did similar in 2003... and so on as more countries saw that their own voters were amenable to the idea https://en.wikipedia.org/wiki/Legal_status_of_same-sex_marri...)
edit: There's no grand conspiracy at play
Another example is the cannabis use laws, cannabis was heavily criminalised in the 70s, there was pressure from the USA for other countries to follow suit.
BUT from the early 2010s several states of the USA legalised recreational use - this has also bought the debate back to the fore for many countries, with reassessments and changes occuring https://en.wikipedia.org/wiki/Legality_of_cannabis_by_U.S._j...
> how the age verification debate has popped up almost simultaneously in the US, UK, and EU
It's because of a mix of Barroness Kidron's lobbying [0] and companies trying to meet legislators halfway [1] due to latent legislative anger due to disinformation incidents that arose during the 2016 election, January 6th, January 8th in Brazil, the New Caledonia unrest, and a couple others.
Civil and digital libertarianism is not a mainstream view outside of a subset of techies.
Sadly, building and deploy a truly private and OSS authentication service was not on the radar in the early 2010s - that would have staved off the current iteration.
This is literally about making parental control applications work better. Nothing in the law requires a child setting up their own system to set their real age. It just lets a parent creating a limited account for a child.
Why are Linux operating system providers taking it upon themselves to comply with the California law especially if they are not selling anything. Since it is just a downloadable piece of software then it is up to California state to set up a firewall to protect themselves from such harmful software.
Let's say I am a generic linux developer who develops variants of Debian Linux while sitting in my basement in any part of the world.
If one country wants to ban my software because I don't ask for their age, then set up suitable protections for your citizens.
Don't force me to do that. I am not responsible for protecting your citizens.
That is like saying if Saudi wants your id to make sure only males can download operating systems, so now will I add another restriction.
At least China takes it upon themselves to ban sites that they deem harmful for their citizens rather than forcing devs.
because the laws are coming with massive fines and penalties that will apply to people not even selling anything
unless you can confidently dodge American law enforcement, which is a big ask unless you are solidly anonymous somehow, then you are forced to react in some way
These days it seems best to not be in the US or any vassal country, in order to avoid this ridiculous overreaching of "we are the center of the world" lawmakers in the US.
I wonder whether the blast radius of the law might interfere with OSs running on cloud machines. That might explain why California based companies in the cloud business might want to ensure that the bits they resell are compliant.
Very common pattern in compliance, if you want to export to a country, (regardless of monetization method), manufacturers and distributors comply with local requirements like for example getting approved for local electrical parameters and implementing specific plugs for local sockets.
You didn't geobock the download or prompt for then user's address first in your scenario. So it may constitute export because it would be reasonable to assume that you clearly intended to make it available worldwide.
Phil Zimmerman was investigated for illegaly exporting munitions because he made PGP available via FTP. The case was settled, so I don't know whether this argument would ultimately have been successful.
This is how the UK interprets things, but they seem to be alone on this in the present day.
Wyoming just passed a bill explicitly refuting this interpretation, other states are working on their own bills, and there is even a federal bill in the early stages.
The only exception that the US has ever acknowledged to this is ITAR, which is what the PGP case was built around, but it failed as you mentioned. But non age verified OSes are obviously not munitions.
Maybe some investigation worked this way, but to me it seems obvious twisting of supposed intention. If I don't geoblock, it is not necessarily because I want the thing to arrive somewhere. It can simply be, that I don't care who downloads it, or I don't want to waste my time with crazy laws, that I might not even know about. If Kiribati decides to have a new law, I probably won't even ever hear about it. Suddenly, me not knowing laws of another country, that don't even apply to me as citizen of my own country get construed into me "wanting to export"? Lol, what a silly line of thinking, which can only come from some people, who do everything to get to someone, including arguing in a completely twisted illogical way, and judges, who are removed from reality letting such a thing happen.
If we allow this shit to happen, be prepared for evolution deniers to push their nuts agenda through the same channels and similar. Suddenly, we won't find wikipedia articles any longer and suddenly having a blog about biology will lead to one being investigated.
If you gate access behind a Terms of Service, any violation is potentially a felony in USA. Any human who later litigated would have clicked Accept, or subverted your popup like a hacker.
Now this is what open source development should look like. I cannot believe a few days ago I was thumbing through an email thread on freedesktop.org about how they could implement the mandatory government API in dbus. Can they not read their own domain name?
It's designed for parents to enact parental controls on their children. If you're root, you're the parent. Obviously root can turn off parental controls.
I wouldn't be so sure, I think the ultimate goal is to link your network activity to your government id, just like the way it's done in China. So the only root left is the government basically.
The whole point of the California/Colorado laws is to provide an alternative to that. The whole point is that it provides a privacy preserving way to provide a signal about whether someone is in a particular age bracket, without requiring any kind of third party ID verification.
I am so puzzled by everyone who objects so strongly to these operating system based opt in systems; all it does is provide for a way for a parent to indicate the age of a child's account, and an API for apps and browsers to get that information. If you're the owner/admin of a system, you get to set that information however you want, and it's required that it only provides ranges and not specific birthdays in order to be privacy preserving.
Meta being behind all of these efforts makes it incredibly suspicious, especially given the New York law is ridiculously more invasive than the California one. It sure makes it seem like there's likely a larger plan here that this is merely facilitating.
So I don't think I can still buy it at face value that California's version is a good-faith attempt to balance privacy and child safety, even if that's what it is in the eyes of the legislature, given who's actually behind it and what else they've been pushing for.
> I am so puzzled by everyone who objects so strongly to these operating system based opt in systems
The government legislating APIs is an uncomfortable precedent given the culture wars that are raging right now. There seems little reason to expect this will stop here.
They are not legislating specific APIs. They are legislating that an API has to be provided, just like other laws legislate that you have to provide accessibility APIs, but the details of the APIs are left up to the companies.
I work in aviation, a highly regulated field. And that's a good thing. It does take some work to regulate well; there has been a migration in aviation to more prescriptive regulation about how things need to be, to less prescriptive like what the ultimate performance needs to be. But yeah, the aviation regulations aren't that you have to implement something a specific way, but that you have to be able to show that your aircraft has no more than a certain probability of catastrophic failure (where the probability varies base on certain things like the size and type of aircraft).
For this age verification law, all that is required is that there is an API provided for this purpose, and there is a way for the owner of the machine to set up user accounts with age information indicated, and that the APIs need to provide several rough age ranges, not specific birthdays.
Years later: "The current measures are a step in the right direction, but we have found them insufficient. We are now requiring the use of this specific proprietary binary blob for any action related to the verification process. It will conveniently run as a daemon so its exposed API will be accessible to any application that needs to query it, and it will automatically update itself so you don't have to worry about it, just set it up once and forget about it."
It might also include some additional text like "we have decided to collaborate with systemd to integrate this proprietary binary blob, to maximize the reach and eliminating any pains in the setup process caused by the vibrant ecosystem of package managers, while at the same time avoiding disrupting the development process of the Linux kernel".
BS. Does TempleOS support it? What about Plan9? MenuetOS?
Are these illegal operating systems?
Either you or someone else mentioned this talking point the other day, I asked for even a single example of an OS maker being sued over this successfully, and I got nothing.
I'm confused. What's the age definition of child? 12, 15, 18? Does this mean its against the law for children to install an operating system? What is the penalty for a child doing this and putting the wrong age or just doing it at all? What is the penalty for a parent or guardian of the child that does this? What happens to the parent or child if the child circumvents this control? Will child services be involved? Criminal penalties? Of course the only way to know an adult is the administrator is to tie the users government I'd to the account. Could this be done in some zero knowledge anonymous way? Sure, but I don't think it's likely. This seems to be the thin end of yet another wedge. The trend seems to be to be that we should be identified and survield every moment of our lives. The question is who does this surveillance serve? How much access do you have to your government or employer's data or advertisers or educators or ...? How does their access serve you?
That's a very long list of questions, most of which you wouldn't need to ask if you spent ten minutes reading the law. And the rhetorical point you seem to be working toward is much less effective when more than half of those questions evaporate.
It requires that operating systems provide a way, at account setup, to specify the age or birthdate of a user, and provides an API for indicating which age range the user falls in (under 13, 13 to 16, 16 to 18, or over 18) to an application, so the application can use that information to comply with any laws or regulations relating to the age of the user.
It doesn't make any requirement that the parent actually truthfully put that information in. It doesn't require that anyone verify the information. It doesnt provide for any requirement that a child not set up a user themselves. It explicitly calls out that there is no liability on any of the parties if one user uses a computer under another user's account.
So all it's doing is saying that there must be a reasonably accessible mechanism for a parent to indicate a child's age so that rough information about which age range the child is in can be provided.
Now, is it perfect? No.
It does seem a bit over broad as there are lots of things which be classified as computers uner this, like routers, smart TVs, graphing calculators, cars, etc. Having to provide account setup with age and an API to accesss it in all of these environments could be a bit of a lift in the time frame given. And it doesn't leave a lot of time for something like standardization of Unix APIs between operatings systems, so for systems not running graphical environments I'm sure we're going to get a bunch of different solutions from different OSes as everyone sticks it in a different place and provides a different way to access it. And this would need to be a new feature added into long-term supported maintenance releases operating systems.
So yeah, could it have been done better? Yes. Is it likely that they are actually going to fine OpenWRT developers if they don't implement this? I doubt it; it's pretty clear that the legislative intent is desktop and phone OSes, and other mass market consumer oriented devices that might offer app stores.
So yeah, I see some issues, but overall this seems like the right way to do things; just provide a way for parents to set an age on their children's account, and then provide that to any apps that might need to do age verification. That's it.
Well I think the goal is to link it with hackernews account such that ycombinator can accuratly measure how many of their startups you're interacting with.
I can't be an anarchist because I don't believe anarchy exists. In every group of humans, power structures and hierarchies form spontaneously from normal social interaction. Even if you abolished all forms of government, they would simply reform. A state of anarchy is impossible.
> Any man who breaks a law that conscience tells him is unjust and willingly accepts the penalty by staying in jail to arouse the conscience of the community on the injustice of the law is at that moment expressing the very highest respect for the law out of all other freedom struggles.
How other people respond is largely unrelated to principled notions of justice -- it will mostly depend on what benefits them. Populism, in other words.
We live in a deeply unjust world where laws are literally bought and paid for by corporations. This age verification nonsense is just the latest example. They aren't going to sit idle if we attack their lobbying efforts, they're going to come after us. God only knows what a surveillance company like Meta can do to you if they really hate your guts.
OK, so then you think the entire system is corrupt, and you should reform/replace it.
Selective rejection of laws based on your own personal morals is wrong in every circumstance.
Either you believe the system is just and you follow all the rules (and work through the system to changes the individual rules you believe are unjust), or you believe that the system is fundamentally unjust and you take drastic action to fix it. If you don't, then you're a hypocrite - you don't really believe that the system is unjust, you're just using that as an excuse to selectively ignore laws you disagree with.
This is a way to reform it. If nobody obeys a law, is it really illegal? It's more like a custom.
> Selective rejection of laws based on your own personal morals is wrong in every circumstance.
So if your so called authorities passed a law saying you're required to participate in some atrocity such as genocide, you'd do it with a clean conscience? Okay.
> you believe that the system is fundamentally unjust and you take drastic action to fix it
I don't have the power to do so. Also, people who try "drastic" actions are called terrorists.
Anyone ever heard about the story of how Phill Zimmerman made an absolute clown of the US federal government by publishing the source code of PGP as a book?
History of computing and open source is full of clever subversiveness. If back in the past hackers had the same attitude crying about complying otherwise fines we would have nothing today.
The problem is we’re regulating individual behavior by adding to the surveillance apparatus. We should be regulating the companies and dismantling the surveillance that makes the apps addictive to kids.
It’s a way of socializing the losses, this time you lose civil liberties and they get to keep acting unrestricted
All while these companies employ thousands of people whose only job it is to bypass parent's controls and find a way to get children hooked anyway? A mere slight imbalance, I would say ...
No, I am just saying what policy will allow the legislators to achieve their goals.
So if your goal is for the state to decide what is good or bad for children, then yes, giving parents fines when their children access 18+ content will motivate those parents to parent their children. That will be an effective way to achieve your goal. Other policies have issues with externalities (ignoring the inherent externalities of creating liabilities ex nihilo, which will exist no matter what policy you choose).
If you believe that parents should get to decide what content their children, then like me, you would oppose any kind of legislation with this goal in mind.
All regulations, because they cause increased costs, will affect the poor the most, since an increased cost will cause the marginal consumer/producer to become submarginal. That is the choice that is made when regulation is enacted, whether the regulatora recognize this fact or not.
Meta is why all these laws are happening. Please reach out to media outlets with this investigation so it can get more coverage. People need to be talking about this.
I'm fairly skeptical of the findings, as the majority of the research and writing was done by Claude Opus. I'd be more likely to believe groups like AIPAC are behind this - they have poured a lot of money into online censorship legislation.
It is a stupid law but I feel people are overthinking this.
For compliance the os has to provide an age category to an application and an interface for the user to enter this data. We already have an api to provide information to applications. it's called the filesystem. and an interface to enter the data, that's called the shell. so everything is already there. If the user lives in california and wants to be compliant (wait a minute, let me stop laughing) all they have to do is put a file somewhere with a age category in it. if the application can't find it. well it's not their fault the law is stupid.
I adore their courage. I assume they feel prepared to mount a legal defense? It would seem silly to be this forward about willful noncompliance if they're just hoping to stay under the radar. I can't tell if this is driven by impulsive pettiness with no real plan for how to mount a legal defense, or if they're engaging in a clear-minded legal mission.
> Ageless Linux is a registered operating system under the definitions established by the California Digital Age Assurance Act (AB 1043, Chapter 675, Statutes of 2025). We are in full, knowing, and intentional noncompliance with the age verification requirements of Cal. Civ. Code § 1798.501(a).
> Then we will have accomplished something no amount of mailing list discussion could: a court record establishing what AB 1043 actually means when applied to the real world. Does "operating system provider" cover a bash script? Does "general purpose computing device" cover a Raspberry Pi Pico? Can you fine someone "per affected child" when no mechanism exists to count affected children? These are questions the legislature left unanswered. We'd like answers. A fine would be the fastest way to get them.
Yep, the goal of civil disobedience is literally to get sued/charged/arrested in order to force the issue to be (hopefully) properly and publicly resolved.
On the one hand, I'd love a judge to respond 'yes' to all of these, if only to confirm how ridiculous they are and that a reasonable implementation is impossible. On the other hand, I'd hate for a judge to respond 'yes', because then the enforcement of said ridiculousness becomes vindicated.
These aren't all yes/no questions. And what I'm saying is I think anyone who thinks there's some sort of paradox in answering these will be in for a rude awakening. E.g., "How do you fine someone per child affected?" Idk, maybe the parents that become aware of their children being affected would join a lawsuit, and others would not be parties to the suit?
That seems pretty annoying for people who sell computing appliances like smart toasters, routers, and televisions, and videogame consoles—do they preemptively start implementing in case a judge decides they are covered? Why not write an easy-to-interpret law in the first place?
The truly aggravating part is that if they really wanted to thumb their noses at the Attorney General's office and get away with it there's a pretty straightforward way to do it: Fork every single project they want to offer through their operating system and thereby become a first-party developer-distributor thereof. AB 1043 is worded in such a way that it really doesn't apply if the operating system developer doesn't provide a covered application store (see 1798.501(a)(1)). This should apply in every other such app store accountability act in every other state (save Texas, since this is the text they seemed to adopt after the Texas law was challenged). Instead, all they're going to accomplish is getting pimpslapped by the Attorney General's office.
Maybe they're interested in performative noncompliance, but I'm not. I'd rather engage in creative and effective noncompliance.
The site makes it very clear that the purpose is very explicitly not to "get away with it", it's to try and get fined, presumably to then challenge the legality of the laws in a higher court.
They argue that they are a coverd application store.
'Definition: "Covered Application Store"
'"Covered application store" means a publicly available internet website, software application, online service, or platform that distributes and facilitates the download of applications from third-party developers to users of a computer, a mobile device, or any other general purpose computing device that can access a covered application store or can download an application.
— Cal. Civ. Code § 1798.500(e)(1)
'This website is a "publicly available internet website" that "distributes and facilitates the download of applications" (specifically: a bash script) "to users of a general purpose computing device." We are also a covered application store. Debian's APT repositories are covered application stores. The AUR is a covered application store. Any mirror hosting .deb files is a covered application store. GitHub is a covered application store. Your friend's personal website with a download link to their weekend project is a covered application store.'
Yes, I know that. I'm saying this is utterly futile and if they really wanted to accomplish something they'd structure themselves as I described above. If their goal is to highlight the absurdity of the law... they won't actually accomplish anything. The Attorney General is not going to magically decide this was a terrible idea and reverse course. If they want to change the law then this isn't the way to do it either. If they want to ensure business as usual then what I propose is one way to do that.
Generally the point is for these things to go to court to be struck down or otherwise limited. This is a valid and regularly used means to change the law. You seem to think that you are aware of how the legislations definition will be applied, but that is not known until these things are taken to court.
We The People are simply no longer represented. Do the math on historic representation ratios and you'll quickly see the first consolidation (long before corporate or bureaucratic) was Representation. We are about 6500 Reps shy of an actual Democratic Republic.
It was originally 30,000 but was changed, your author is using the updated version.
Additionally, there is another way to change it. The Texas State Legislature. Texas is the only state with Congressional pre-approval to break up into 4 more states. 5 total without the need for congresses approval. Texas breaks up, then California and New York are heavily outnumbered in the Senate as each state gets 2 Senators. Other states will follow and so too will calls to expand the House.
There is a path without state amendment process or congress.
There is no way that this will happen on any Linux box that I use. And this is why I'm an enemy of device attestation and the requirement to register operating systems in the first place, no matter whether it is Apple or Microsoft.
I have all the choice I need, I can build Linux from source and I'm old enough to know this stuff will outlast me.
F*ck Poettering. Want to bet that once he's done the damage his company will be acquired for a large amount of money by Microsoft? This is just another Nokia for them.
Looks like you're yet another person speaking out of their ass. There is no age attestation in the California bill. You specify an age at account creation that sites and apps must query. And they cannot fall back on other methods like uploading your drivers license to websites which is rapidly becoming a thing in red states. There is no verification. Just a system that enables your OS to respond to age queries and provide a privacy enforcing acknowledgement. This is in direct contrast to red state laws which require you to upload your drivers license to sites to verify your age. This enables parents who give a fuck to setup accounts for their children which reports their age to apps/websites. No more entering in random digits at random prompts. A consistent age qualifier set by the admin of the system. The websites cannot require further validation. No license uploads or anything else. This is a far better solution than anything else being implemented yet it stirs up far more ire from morons because it's California doing it not Texas. Maybe you'd rather upload your drivers license to access apps and websites. I don't. And I resent ignorant fucks who pretend like having your account provide an age range is so much worse than what everything else is trending towards.
For fucks sake, this would make your life easier. Instead of having to enter your DOB for everything you access, your OS based on your account can just send it. I'm tired as fuck of Steam asking my age even though my Steam account is 21 years old. If Steam and other websites / apps could query the age I've specified that would be far better and less disruptive.
> You specify an age at account creation that sites and apps must query.
The Internet has been a free place for 30+ years and I don't see a reason to change that. I grew up with the ability to access all kinds of content on the Internet, in an unrestricted manner, and it is sad to see that decision makers now want to take this away from younger generations.
We must absolutely resist any attempt at profiling Internet users. Age is only the first step. If people give in now, the next step will be other personal information, and it will also be done in the name of "protecting children" or "catching terrorists" as always. The writing is on the wall.
You grew up without parental oversight. I did too. This is an attempt to give parents the tools to manage what their children see on the internet. I disagree with that parental oversight probably far, far more than you do. I think it should be a crime when a parent indoctrinates their child into a religion. But this is a counter to far worse laws like requiring you to upload your photo ID to websites to get access. This explicitly forbids that sort of privacy violating situation.
> This is an attempt to give parents the tools to manage what their children see on the internet.
You're just gullible.
There is no website that I've ever uploaded my driving license or other ID to, the only place that I need that for is my bank and that's about a real world relationship, not about an online one.
Any website that wants me to verify my age is going to have to do without me, that's just none of their business. What children see on the internet is not going to change because of this, any parent that wants to modify their kids' behavior is going to have to do some actual parenting rather than to rely on gatekeeping technology because kids are far more capable than their parents when it comes to circumventing such restrictions.
The California law is actually the best form of age verification one can imagine. It only requires the OS to let the user to 'signal' their age. In other words, it's more like a checkbox asking if you're older than 18, instead of scanning your face or driving license. It doesn't require a cloud account either. Storing the ages the user inputted in /etc/ages besides /etc/passed and providing an API to read it is compliance.
How is it so bad that we need some civil disobedience movement over it? On the contrary to, UK's Online Safety Act and China asking all online platforms to verify your phone number?
Just because it's easy doesn't mean it's right. Give legislative busybodies the ability to force this little flag into the OS because it's no big deal, and next year they'll say "hey, make sure you only report 18+ if secure boot is enabled" and 5 years later it'll be "hey, you can only report 18+ if one of our Identity Partners has confirmed it."
It's the principle of the matter. The State should not be allowed to compel speech (what code you write) in your open source project. It may sound stubborn but if we don't fight it now it will only grow little by "easy feature" little.
I want to agree with you, but if it's my system and my browser reporting my bracket, wouldn't it be trivially easy to inject an http-header with the age I want to report?
And by "trivially easy" I mean "somebody already posted how-to for windows to stackoverflow"
The problem is not that it's hard to cheat (it's easy), the problem is it makes you officially a liar and liable for "illegal app use".
It might not be a problem for you, but some underage kid, who lied about their age, gets addicted to a game with in-game purchases and gets into financial trouble now has no recourse against the company who made the addicting game.
You see a slippery slope and I see a reasonable compromise. It's a wildly popular opinion that we should control which age groups can use social media[0][1][2]. Do you think these polls are astroturfed? If not, it's clear people want some sort of age verification, and I think California's way is the least intrusive.
And I know someone is going to say 'then we should regulate social media sites to force them to verify the users' ages...' no god please no. Normalizing cloud-based age verification is far, far worse than AB 1043. If there is a principle to be set that should be: cloud should trust local, not vice versa.
People, generally, have no grasp of what they really want or what downstream effects of what they think they want look like. They don't know what it would take to effect that ban. In fact, I would speculate that if the same group were asked "should you, personally, have to scan your ID to visit Facebook," you'd see a meaningful shift in responses. (yes, I know that's not the way this particular CA proposal would be implemented, the point is that people are fickle and polls are not a good guide for lawmaking)
I also don't base my principles on the desires of the masses. It's our duty as people who understand the technology to prevent the controversy-de-jour from wagging our dog.
I share your feeling that if everyone did it this way and the world promised to stop making bad, privacy-invading ID laws I could grin and bear it. I don't see that happening, thus I am hostile to it in any flavor.
> They don't know what it would take to effect that ban.
Exactly. This is why if there is no some less evil way to appease these stupid people we'll go all the way straight to the evilest way. Stupid and uninformed people do actually vote.
I'm curious what a poll of public opinion would say about certain demographics in 1930's Germany. Does that seem like a good argument for what the government should and shouldn't do?
A reasonable compromise? With who? Who here is somehow required to "compromise"?
I think the bigger factor there is that it requires apps to use that, which preempts things like Discord sharing info with Peter Thiel in the name of age verification.
Because people don't have real power, it's all indirect through politicians who are manipulated or paid by professionals.
Democracy should be direct and the gating function shouldn't be age but a test of intelligence, logical reasoning, general knowledge and ability to detect manipulation.
This is kind of neat, but the site design is very obviously Claude's handiwork. Has anyone else noticed this very distinctive look, which is a dark mode site with semi transparent cards with a thin less transparent border, maybe ten pixels of border radius... In the last six months this has shown up everywhere. Tools at work look like it. Blogs look like it. It's inoffensive but imperfect, and when so many sites look like it, it starts to look cheap.
Yes! This is very obviously AI. Even in the last week there have been several submissions that have this exact same style. Also, the text on the site is obviously AI, em-dashes and all. I don't have a problem with people using the tools to make stuff, but man...at least say it's generated somewhere.
You'd get 10-20% at best in favor. People are not even paying attention to what's happening in the White House, they're definitely not attuned to the storms brewing around social networks and their negative impacts.
unironically those pushing for blatantly unconstitutional laws should be charged for sedition and moved to a death penalty state
but that is an American solution, not a worldwide one and this is happening everywhere
would be great if the US provided a safe haven against all of this garbage, because this would essentially derail other efforts and other jurisdictions dead-set on them would have to go full China/Russia/Iran/NK and segregate themselves
To those who don't get it: this law is like the "Yes I'm 18+" button on porn sites.
Every kid knows they have to click that button to see the porn. It's not about keeping anyone out, it's about legal liability (i.e. making it easy for companies to blame you).
In this case, yes, this is probably a violation of the law as it is written. But I doubt law enforcement even notices or cares. You’re not actually doing anything to the kids. Maybe hypothetically you’re not setting/respecting an age flag in a web browser, but that’s the worst thing going on.
So it’s a nice statement but ultimately hollow because the devs aren’t at any real risk of being arrested or fined. This isn’t like Rosa Parks refusing to move to the back of the bus.
Want to make a real statement about software freedom? You gotta do something that makes the normies mad, like making an OS that explicitly helps kids do sports betting, buy drugs, watch porn, and whatever else. Then people will notice, but unfortunately you probably won’t convince them that this law is bad.
Unless Microsoft, Apple, or Google refuses to comply then I think this law is where commercial OSes are headed. But Linux doesn’t really need to worry, because nobody is going to arrest a nerd waving his arms saying, “look at me everybody, I’m breaking the law!”
Until the normies come in droves because their dear leader decided that it’s illegal to speak ill of him on a computer, or whatever drives mass change. The regulations will follow, and they will say what we were doing the whole time is impossible and would never work.
It's a consumer product safety law anyway. It won't be the police knocking down anyone's law, it will be whoever comes after you if you release a product containing 1% more arsenic than the legal limit.
That's interesting that you think whether someone is over 18 is a million times worse privacy invasion than their exact location, full name, browsing history, and date of birth. Can you substantiate why that is?
The former will be mandated by law, the cookie law requires a way to opt out. Why would you not prefer avoiding a privacy violation over a guaranteed one that is smaller...for now?
Honestly I don't think it's worth trying to engage with these people anymore. They sat silent while websites were asking for license uploads. They were silent while discord asked for face scans. They are outraged that California is trying to setup a system to bypass more privacy violating schemes. They are either illiterate or they know that this is a better solution and prefer the draconian ones.
Assuming that "these people" (like me?) are "illiterate" and evil and didn't speak out about worse problems because you didn't specifically see them complain in some other HN thread is not a very charitable interpretation.
But I agree it's not worth trying to engage with that kind of rhetoric.
I don't want to give the impression that I don't find the whole direction of travel concerning, because I do, but as I understand it, the requirement is that the system administrator assigns ages to the users on their system. That seems pretty reasonable to me, and maybe even like a good idea in some scenarios. As far as I know, we aren't talking about software that fights against the interests of the system owner - that's the admin. In fact, I think this might be a feature I would even want.
> but as I understand it, the requirement is that the system administrator assigns ages to the users on their system. That seems pretty reasonable to me, and maybe even like a good idea in some scenarios
Does it require exact age, or just a flag >=18 vs <18? It seems like this could be trivially met by something like a file /etc/userages, where if a login is missing from that file, it is assumed they are >=18 - and a missing file is equivalent to an empty file
> but as I understand it, the requirement is that the system administrator assigns ages to the users on their system. That seems pretty reasonable to me
Why would it be reasonable for a government to use the power of law to enforce the design of an open source operating system developed by an international consortium of developers? The very fact they are even considering this is extremely suspicious.
I honestly think the pushback against the California law is a mistake. We are being presented with an increasing number of services demanding identity verification, in the form of ID verification and/or video verification. California is offering an alternative to that, an alternative that only requires you provide your age, without verifying it.
If the California law flops, the result isn't going to be no age verification. It's going to be increasing numbers of internet services requiring that you verify their identity with them through some shady third-party you have no control over, until you effectively can't use the internet without giving away your ID.
I'd prefer to have no age verification, but it's pretty clear that's not an option. People in power are using minors accessing porn and social media as a cover to push age verification, and it's believable enough that people are going along with it. Approaches where someone attests their age on an OS or account level are our best shot at disarming this push.
I’ve fallen prey to too many people at the top of slippery slopes offering “gentle pushes”. The end result is always the same. If I’m to go down one it will be kicking and screaming not silent as a lamb.
The thing is, I think these are distinctly different approaches. Mandating that OSes collect a provided age and that websites/software collect and use that is very different from making sites liable for providing various types of content to minors. The first one is basically standardizing parental controls. The second one is already happening and results in ID verification approaches. I really, really do not want the second one, and it is already happening.
Jurisdictions are already lining up to slide down the slope as fast as they can. New York intends to mandate real verification and anti-circumvention measures at the OS level. There is no room for compromise: any jurisdiction attempting to compel what must be included in an OS is batshit insane and normalizing this is going to very quickly lead to JesusTracker.exe being mandated by Texas and CrocCam.exe by Florida.
Contrary to your belief that if we just give them an inch they won't take the full mile, I think it is very important to get people rallied against OS modification altogether. If you take a murky position like "a little bit of age verification, as a treat", and sell people on voting for that / not protesting it, all you're doing is priming the average person for accepting age verification no matter how invasive. Average Joe isn't going to understand the nuances of when age verification may or may not be tolerable, nor is Average Joe going to understand the nuances of when compelled software inclusion may or may not be tolerable. If we want to get millions aligned in the same interest, the message needs to be extremely clear and straightforward, communicating exactly how bad of an idea it is to let each and every jurisdiction compel their own form of surveillance into your OS.
Average Joe thinks age verification is already palatable. Average Joe is happy to give away a photo of his ID. The alternative to OS age attestation isn't no age verification. It's almost every site, and every piece of internet-connected software, demanding your ID.
Putting your age into your user account is not the same thing.
> Average Joe is happy to give away a photo of his ID.
I don't think this is actually true. Discord walked back its implementation of global age verification for now because it was protested so heavily. Governments can get away with mandating ID for porn sites and Average Joe will not make a ruckus about it because it's a shameful/embarrassing topic they would rather sweep under the rug, but I don't think Average Joe is on board with ID verification to use their computer just yet.
Discord's still doing it, they just delayed it and will supposedly be offering other verification options. They still amount to identity verification, and the noose will be tightened over time.
Discord is going to try again later after waiting for the backlash to die down and seeing if they can massage the PR better, yes. The point is that Average Joe did not want it, so they have to take such measures. You asserted that Average Joe is happy to hand over his ID, but this seems clearly untrue. Even if Discord does do it later, I doubt it will go down happily.
I don't really want the free internet to be relegated to onion sites and a hypothetical mesh internet. As things stand, every service is going to either tightly control content or adopt age verification because the alternative is being taken down by governments.
Too bad, so sad. That's the entire reason onion exists. The public web is going to get increasing enshittified and you can either use Tor or get used to staying on Facebook with Grandma sharing cakes alongside 60 ads.
these laws are feckless and unenforceable, maximal non-compliance will expose that
the destiny you're describing only happens if you willingly accept it
do not comply
do not pay the fine
idiot geriatric lawmakers have no power over what you do with your computer
I do not want an "API" in my OS to reveal information about me. I do not want this to operate without my consent. I do not want to be limited from accessing certain sites because I refuse to implement this.
No age verification at the OS level. If Meta needs to verify ages for their _profitable_ business, that's entirely _their_ problem. Get your hands off my equipment.
It's not OS age verification. You put in an age. It does not check whether it's real. It does not ask for an ID. That will get provided to app stores and probably browsers. It should be possible to spoof, too.
The primary use case of this, in my mind, is so that a parent can give their kid a PC and set an age on the user account, and that will result in them being unable to access a variety of content. Same thing for phones.
You are already being limited from accessing certain sites, because those sites are going to ask you to provide an ID. This is an alternative. It frees sites from having to request an ID to verify ages, because the age signal from the OS is legally sufficient. If I'm remembering what I read, it actually bars them from trying to determine your age in other ways.
edit: also, the signal passed from OS to software isn't even your age, it's one of four age groups. three under-age groups, and one adult group. It's not even meaningfully de-anonymizing!
That's only going to apply to children, since there's only one age group for adults. There are definitely ways to solve that, too. It's not perfect, but I much prefer it to laws that force websites to ask for ID, or laws that do the same thing by making websites liable for children accessing them.
The law specifically says your OS has to implement this API. It burdens my OS vendor with adding this. In this case, that's me, since I roll my own linux.
> That will get provided to app stores and probably browsers.
And how will they behave when my *OS* decides not to provide that signal? Which is what's going to happen since there's no way in hell I'm playing along with this garbage.
> is so that a parent can give their kid a PC and set an age on the user account
You're telling me there isn't any software which does this already? That are no third party packages a parent can buy to achieve this? Aside from that you're missing the blindingly obvious, without an audit trail, none of this matters. The third party software can actually do that. This cockamamie nonsense can't.
> You are already being limited from accessing certain sites
Oh yea? Which ones? From my perspective this has never happened.
> because those sites are going to ask you to provide an ID.
That's on them. That's a choice they have to make in the market. Perhaps that will allow a competitor to provide the same service, with better safety, and no ID checks. I will refuse to use any service that requires this.
If you have to show your ID to enter, that's a seedy place, and no where children should even be near. Why does social media need the same restrictions as pornography, drugs and hard liqour? Why is facebook even trying to profit off of this gap?
> If I'm remembering what I read, it actually bars them from trying to determine your age in other ways.
I believe you have remembered incorrectly. Please show me where this is a part of actual law. Then please explain to me why this is a good thing.
> the signal passed from OS to software
That's the problem. I don't care what it conveys or of it's "de-anonymizing" or not. If the software wants to know it can ask me directly. I don't want a law that requires my OS to provide _any_ information about me. Full stop.
It's just not _meaningful_. It does nothing. It does not protect children. It lets seedy backalley social media networks to profit off of their corruption. This is morally bent.
Debian's interests, whether they know it or not, is for the government not to be able to mandate what features must be present in their open source software. They should be happy to have such a vocal advocate involved in this important fight.
Scene. Ext. Town street. Night. Invader military vehicles patrolling, announcing curfew through loudspeakers.
TEEN: *runs at invaders* Hey, you thugs! You can't make me obey! I support Bob, over there! *points at Bob's house*
THUGS: Grrr! Thugs smash!
BOB: Please! I have done nothing! I don't know who that teen is!
JOE: You should be happy to have such a vocal advocate in this important fight.
NARRATOR: Ironically, Bob and Jane were quietly plotting strategy and tactics for the Resistance. Until they and their children were dragged out into the street that night.
All of Linux should do this. Add to T&C that it cannot be legally used anywhere that requires an age check. Then have the big distros enforce it. See how long Silicon Valley lives with no Linux.
Seriously, we in the tech industry can help stop this 1984 stuff.
The problem is that organizations providing infrastructure (such as message exchange, money exchange, physical entities exchange) are allowed by law to manipulate the stream, heavily advertise, provide credit etc all kind of scum. Depriving children from writing a message to parents and friends is nonsense. Exposing them to these for-profit organizations is questionable. But that is also questionable with the grown ups.
Then they will up the ante to require age verification at the hardware level, using this bill as precedent, and all the people cheerleading this bill will say “what’s the big deal? You show your ID all the time! You can’t drive without ID!”
Notice how it's just accepted that, while burdensome and of dubious necessity, sure, the government can mandate that all software providers, and soon all websites (at least those that support user-generated content) perform rudimentary age verification, which everyone assumes will eventually become government id- or biometric-based age verification.
But suggest banning industrial-scale generative AI--which facilitates fraud and ID theft, and whose voluminous, spam-like output is fast drowning out actual humans, much to the chagrin of advertisers and those tech companies deriving much of their revenue from advertising, which is what I suspect is the real sudden impetus for these laws--and people act like you're either crazy or an authoritarian.
But banning OpenAI/Anthropic/Gemini would fix a lot of this. It would also reduce the burden caused by AI scraper DDoSing, and make computer hardware cheap again.
I wish iOS 26.4 didn't bother because I'm stuck with an immovable "verify you're 18+" flag[0] in Settings even though it was well into the previous century when I was even near 18.
[0] I have no credit card and it won't accept debit cards. It also won't use the fact that I've had an Apple account and spent 10s of thousands in my own name at their damn shops, online and real life, over the last 2 decades (and Apple/partners have done at least one credit check on me in that period!) But that's fine, there's an alternative! A driving licence (don't have one of those either) or a national ID (also don't have one of those.) Can I use my passport? NOPE. Absolute farce.
I'm so glad I grew up in an age before all this bullshit, when I could do all the same things on a computer an adult could (and frankly, more). I never would have developed the knowledge and skills that led to my career in such a stifled environment as we are setting our kids up in today.
I don't think anyone is trying to prevent kids from gaining knowledge and skills while using the internet on a computer. The kids can develop all the knowledge they can handle and more ... This (at least in theory) is about protecting them from dubious characters and services online .. just like you would want you local police protect your child if they walk to the store at night from dubious characters lurking in the street. Your kid can learn python and become a world leader using the internet and do fine, without accessing torture videos or sleazy markets to buy speed from online. And just like the cop will not always be able to see your kid buying drugs on the street because they might be hiding deliberately from the said cop.. the same may happen online.. and the kid might choose to go on sites by hiding their real age .. and go into a lot more of a psychological damaging enviroment than the back alley offered. The oversight is never perfect.. but it is a mental checkpoint that can steer a kid by at least showing the right path.. choice is always theirs. Now.. that this subject is being used by corporations for other reasons.. yeah. That is another debate. But we shouldn t cast stones at a rule just because it may be misused. Instead just work on it . Or hold the misusers accountable.. not the law.
The intent behind these laws is noble, but the implementation shows the deep-rooted corrupted nature of law making in these jurisdictions.
That said, the failure is shared evenly with the tech industry's refusal to work with governments to implement viable solutions.
Legislators favor their corporate benefactors, the tech industry favors its ideologies and freedom of developers and engineers. But who looks out for the regular individual? Who is making sure their interest is enforced first and foremost?
Consider these facts (and correct me if they're wrong):
1) it is possible to issue hardware to the public that verifies to computers and internet services alike the age of the bearer without disclosing anything else about the bearer.
2) Age verification laws for other things like drinking, smoking, and gambling all primarily require the seller to authenticate that the person has authentic identification, and their age is lawful for the activity.
3) The secure method of authenticating users requires MFA, a FIDO2 compliant device like a Yubikey is the most secure means of the 2nd factor of authentication. It requires knowing a secret, and physically touching the device.
Knowing all this, it is possible to issue the public devices that receive a challenge from a government operated server, require the user to tap on the device, and then enter a pin to respond with a signed version of the challenge, to verify they possess the device. The device could be sold or given to the public without any registration, the only thing required would be showing and verifying your valid ID at the point of sale (from a government office ideally).
This is just one solution, but the burden could be passed onto the government, and the tech industry to implement solutions that work with that.
If we had that, I wouldn't agree with it, but I would also not have a problem with requiring insertion of an age verification device to start installing Linux -- of course the installer wouldn't know it's in California, it would rely on the people installing it to tell them it is. And when selling devices in california, by default they could require inserting this device to proceed, but I see nothing preventing users from installing their own custom OS lawfully if they too the device elsewhere, and how can the device tell it is at "elsewhere", even if it has a GPS there is no law requiring GPS to be turned on for that purpose.
---
The key thing you should all consider is that this is the will of the people to the most part. Most people agree that access to tech should be age restricted, although to what degree is a different story. This isn't the 90s, using an OS is not a novel or special thing you do, it is similar to driving a car except we depend on these devices more than cars!! Things the public depends on, things a country depends on, will always require regulation of some sort.
Forget about what it was like for you in your nostalgic days of experimenting with Linux or whatever. These are not those days. this is happening. if you can stop age verification laws, please go ahead, you have my full support. But I don't see that happening. We will get shitty situations where third party companies bribing politicians collect our physical ID scans, and we'll be forced to not only disclose our identity to everyone and their mother on the internet, we'll be forced to let these 3rd parties and the government track every site we visit at this rate.
Corrupt lawmakers are one half of the problem, technologists refusing to adapt and make best of the situation and propose privacy preserving solutions is the other half. I'm glad so many are willing to go all-or-nothing and die on their hills, but there is no reason they have to drag everyone else with them.
It's obviously vibecoded; the prose is uncanny and grating in a very characteristic way. Easiest tell is how it names the "three device tiers" like a millennial burger joint started by "two crazy guys with a dream".
it's basically the government said "no asbestos in food" and some contrarians set up a website selling asbestos food, except not really because they don't have a product.
> it's basically the government said "no asbestos in food" and some contrarians
it's actually the government saying "you must include salt in your food" and a few people who cook dinner at home and don't care for salt set up a website teaching you how to desalinate your... (well, there's no direct continuation of the metaphor here, but the point is it's very important that this is not the government banning a developer from implementing something, it is them mandating a developer implement something. That's far more troubling than an "asbestos ban" as in "your open source project must not fry the computers it runs on," which is equally questionable in light of "no warranty expressed or implied" but a totally different ballgame from "this API is required")
I agree that measures like this, in which some character willfully finds practical ways to challenge a law, may faster lead to it being forcefully looked upon and probably amended. I also agree that age restriction software implementation may open the door to more tolerance regarding social control (under certain administrations). But as with most subjects that transcend borders and are multifaceted by nature with respect to any approach meant to deal with them, the age restriction digital regulation is prone to become a hard problem. There is the moral aspect that a child should be prevented from the worlds harm until the age of maturity because neurologically they lack the mechanisms that help them discern the world on their own, thus needing external support. There is the problem of the controlling entity, the enforcer, the authority, which is not impeccable. There is the problem of the speculator entity which hijacks the situation, creates certain narratives based on mass perception and may drive the process towards their own personal interests. There is the ideological perspective that only operates based on its underlying rules and filter every decision according to its ideological convictions. And this list is probably not exhaustive. So I think an appropriate angle to tackle this (or anything) is the balanced view. Which is hard. But from my current understanding: the law itself is well intended, just like a cop is put in the street from the good intention of protecting citizens, but just like the cop can turn bad... the entity enforcing the law can also. But the law itself.. is inherently a good point. A psychologically healthy point. A child should be .. somehow protected from situations in which, in lack of discerning, will almost always choose the bad option that is being offered... just for testing it, if not for anything else. So parents have rules, schools have rules, etc.. and no, they are not perfect. Nothing is. Should we give up on rules or the creation of new rules, just because they are not perfect? Well, in my opinion, that is precisely what a child would say, when presented with a new rule that does not entirely suite them. And that brings in the psychological argument. A mind that rejects a car seat belt simply because they don't want to be told what to do, and lack the perspective that it's simply a protective measure, which is ultimately imposed because of the lack of education characteristic of the individual rejecting it... is simply that.. an uneducated mind. Which in psychology means the individual has a mental age that is smaller than their biological age. So it boils down to education. But education starts when we are 0 days old. From parents, neighbors, schools and government... they all have to do their part. Each one. But when the parent does their job, the child complains... when the school does its job, the child and sometimes (more often I'd say) the parent complains... when the government tries to do its job, the parents, children and schools complain... so isn't this the perfect ouroboros. Now on top of this... the speculative entity comes and takes advantage of the situation. It manipulates narratives and entices the participant groups at each other's throats, steering the outcome for personal gain. This is all an entanglement that cannot be easily solved. It is human nature at its best. The perfect paradigm does not exist. So I guess the answer would be... what lesson can we gain out of this... (and this is with respect to every one's own perspective). I for one would welcome initiatives that try to protect, steer and show a righteous path.. even if the initiative is distorted by exterior forces, and try to work with it, iterate on it and implement it as best we can... as opposed to no action at all out of fear that the same exterior forces will act against us.
Some people are being played like a gosh dang fiddle.
Y'all are so pavlovian that you see Zuck/Meta and instantly rage.
The alternative to OS based verification isn't no verification. It's cloud-based verification
The cloud verifiers have all the interest in the world to making you hate the idea that this problem could be solved at the OS level without any third party involvement
Arguments for the lesser of two evils are just wrappers for slippery slope logic. The actual alternative is to pass air tight privacy laws that restrain the growing power of control systems.
It's not a slippery slope if it's already slipped. In over 20 states you have to do age verifications with online companies in order to do "adult" things online
Exactly. And the funniest part is that when Steam implemented cloud-based verification for UK compliance, many people on HN suggested that the correct approach is to verify on hardware/OS level.
Not by legal mandate! And especially not a universal one that applies to FOSS!
If legislators want to create some kind of legal category of child friendly device and put requirements around it, maybe that’s ok. Until they attempt to ban, restrict, or otherwise inconvenience non child friendly devices, and I guess I no longer have confidence that they won’t attempt that. At this point I’m only in favor of market based solutions and IDGAF if that fails.
Our country is apparently incapable of intelligent, fair legislation, and it’s going to be the end of us as a society.
> Not by legal mandate! And especially not a universal one that applies to FOSS!
How the fuck do you think these sorts of standards are created? The companies involved aren't going to do it out of the goodness of their hearts. That doesn't exist. So you've got multiple competing private standards which are all more privacy invasive or an option when you setup your account to specify an age that is reported to anyone who asks and is required to be accepted as true. The alternatives currently are uploading your photo ID to random websites to get access. And you think that's a better solution?
Something remarkable and unsettling is how the age verification debate has popped up almost simultaneously in the US, UK, and EU.
With the same logical fallacies. Pretty telling about how transnational lobbies and their interests work.
Controlling what children do online is a solved problem: Parenting and parental control applications.
I'm completely baffled why anyone still engages with the "official" framing around this. Obviously, it's not for protecting children. Obviously, it's a technocratic trojan horse for increasing surveillance capabilities on digital systems. This is so cynically anti-democratic that they obfuscate the real purpose, don't even bother to make it plausible, and everyone is left talking about how "awful it is" that it's already legislated.
I swear to God, if someone replies to this talking about how we need to protect the children I'm going to start requiring "age verification" from commenters, and I'll do a little background check to find out w̵h̵e̵r̵e̵ ̵t̵h̵e̵y̵ ̵l̵i̵v̵e̵ if they're over 18.
If this goes through, I wouldn't be surprised if facial recognition ends up being the "solution" to the problems this creates.
I walked to get a sandwich today and I counted no less than ten cameras along the way.
On an unrelated note, I'm thinking of taking up a laser hobby.
>I'm completely baffled why anyone still engages with the "official" framing around this.
We all know how these laws are not meant to protect children.
Then we decry the hypocrisy of it.
And then we stop at that.
So nobody is saying what needs to be said.
These laws are explicitly designed to hurt children.
Controlling what children do online is a solved problem: Parenting and parental control applications.
Spoken as someone who probably hasn't used iOS/Mac parental controls. It is a hot buggy mess that randomly blocks whitelisted applications as well. We use it, but it is a constant pain. Also a lot of applications only work half, e.g., TV apps blocking off all content rather than only content that is not age-appropriate.
By the way, we were initially firm believers of not using parental controls at all, by limiting time and teaching kids about how to use devices in a healthy way. But a lot of apps (e.g. Roblox, YouTube Shorts) are made to be as addictive as crack, making it very hard for a still not fully developed brain to deal with it.
That said, I absolutely dislike the current lobby for age verification because the goal of Meta et al. seems to be to be to absolve themselves of any responsibility by moving verification to devices and to put up regulatory walls to make it more difficult for potential competitors to enter the market. It is regulatory capture.
The addiction economy is hard to deal with for anyone - regardless of age. So, I agree this is definitely not a solved problem, but from what I see the only viable way forward is actually to do pretty drastic things like not own a smartphone.
It’s not a parental controls / software problem. It’s a parents showing self control / parenting and monitoring their children in person thing.
Do you genuinely not remember being a child?
tbf, when most of those posting here were children, access to smartphones/tablets with unrestricted internet connection wasn't a problem
but i do remember my parents actually raising me pretty hands-on, taking care of me not watching stuff I shouldn't be watching which of course existed and was easily available
This is as intended.
This reddit thread¹ details thoroughly the connection to Meta (Facebook) and to a lesser extent Discord as being behind the push in the US.
1. https://old.reddit.com/r/linux/comments/1rshc1f/i_traced_2_b...
It’s not if you’ve paid attention to political trends for the last 15 years.
Everything is happening at the same time in every country. It’s clearly being coordinated.
Btw, it doesn't need to be actively coordinated for this to happen.
Building architectural styles used to be per city and now buildings look roughly the same worldwide. Style is dependent on the year built not the location.
Because every architect is "reading the same magazine" worldwide now that the internet exists, rather than debating in their own city.
Similar monoculture of global thought is happening in all fields.
Looks like it: https://tboteproject.com/
goes well beyond that
that is just the US
IMHO it’s a conspiracy against rights: https://en.wikipedia.org/wiki/Conspiracy_against_rights
And when this nonsense is defeated, I’d like to see aggressive prosecution wherever we can get it.
It's almost like a well-monied or well-connected lobbyist is pushing this heavily. Multiple contenders out there as to who it could be. But regardless of who the originator is, the push can be kneecapped. Imagine jurisdictions that have an opposite push - one that criminalizes use of age verification software such as mandating providing government ID or facial scans. It can be done!
It can't be done unless you have deeper pockets and access to media controlling the hard of thinking.
This Reddit thread claims to have identified Meta/Facebook as a/the major villain (for age verification):
https://old.reddit.com/r/linux/comments/1rshc1f/i_traced_2_b...
Disclaimer: I have not myself verified the claims.
Well obviously? It's literally being broadcast in the news when diplomats talk to each other. What do you think they are talking about if not policy discussions?
Trade, wars, stuff like that. Foreign affairs, not domestic affairs.
All discussion of foreign affairs is the discussion of domestic affairs somewhere.
So it seems normal that a bunch of politicians, in the current climate, got together and decided that the weakest form of age verification imaginable absolutely had to get passed everywhere?
That's incomprehensible to me.
I'm not saying there's definitely no coordination, but nobody had to get together to decide that 2026 was the year for 90s fashion to make a comeback. Human society is very prone to fads in all areas.
The simpler explanation is that we live in a world that is more connected than ever so politicians, campaigners and the rest can get policy ideas almost instantly. There is no grand conspiracy, just a smaller world.
Yeah, it's not like there's a literal james bond supervillain who writes books about this stuff and brags about how half of parliament is in his pocket.
For anyone that doesn't know, this is referring to Klaus Schwab, the founder of the World Economic Forum.
Shorter paths of communication.
Smaller quorums needed for control.
Fewer people with more wealth pushing through what they want across more borders.
Less and less concern for citizens in general.
We are seeing a rapid centralization of power.
Loss of democracy
More than one thing can be true.
Why are they getting ideas from each other instead of their own citizens? That in itself is a conspiracy of the elite cabal
My guess would be some very influential NGO(s). But I haven't looked into it or thought about it.
With every law we allowed in the name of child safety, we enabled the real goal, control. They barely have to even mention children in the new laws beyond "we have to legally cover ourselves against all the other child safety laws already in place."
I estimate we have two to three years in the English-speaking world to organize an effective lobby for the rights of the common man before changes to the speech environment and habitual methods of communication make it impossible. There's less than a year before the wave of lock-downs reaches normal internet users through announced policies like the Android software installation ban and through the growing effectiveness of algorithmic "Joy of TikTok"-style discussion selection, and one to two years after that before we run out of other avenues. The latter timeline could be too optimistic if the completion of the TPM-to-cloudflare chain of permission for desktop environments (steps had been made in the past but failed after public pushback) comes without a lot of advance notice. Don't forget - after each new constraint on the public, the next counter-reaction will be smaller, and the next change will be bigger or sooner.
Personally I do not believe this is a solved problem. Technically maybe, in practice not at all.
It is quite a job juggling the controls of the different companies. Microsoft even has two, one for Xbox one for windows.
And then your child turns 13 and your only option is to take away the devices entirely.
Another thing already discussed is school provided hardware. I know the schools try, but it is usually one person against 300+ students trying to figure out how to game/hack the system. Eg there's no reasonable way where you can expect one person to maintain a YouTube channel whitelist.
I do agree that we might be solving this issue the wrong way, but there is a definitely a problem here.
> Controlling what children do online is a solved problem: Parenting and parental control applications.
This is absolutely not true.
Here in the UK schools are swarming with ipads and shit like that. They're given to primary school children because they're "more engaging". Children are supposed to practice their reading and even handwriting[1] on ipads. Naturally they're on youtube instead. It's really bad. As far as I can tell, private schools are even worse. Currently the only way that I know to escape this is homeschooling.
Saying "it's a solved problem" is incredibly dismissive to parents who do everything right in their homes, but then send their children to school and schools exposed their children in this way.
Saying that phrase in such a definitive manner caters to the interests of the companies who push these shit onto schools. Please stop saying it, it's harmful.
[1] leaving this reference here because I'm certain that people without school aged children won't believe this is actually true: https://www.letterjoin.co.uk/
There's no (state) school giving out tablets that aren't pretty much single-use locked down devices.
That's the parents.
The expectation that "Parenting" is now outsourced to Teachers, to the Government, to anyone else. People seem to expect they just have a kid, and somehow magically they'll grow up to be a perfect person without any work from themselves. So there's over-reach, there's pressure on making "unworkable" soutions, because the people they're trying to force "solving" the problem aren't the people in the best position to do so.
Your comment seems working from that very same assumption.
Yes, all the "technical" part of content filtering etc. is very much a solved problem. The issue is that's not a "zero effort" solution - they still need to be enabled and managed. And I'm not sure that's a "technical" problem than can be solved.
There's huge pressure on teachers etc. to "solve" these sort of problems - just go to any PTA meeting and there's a lot of loud voices asking for stuff like the laws the original post is highlighting. And politicians listen to the loud voices, and feel they have to be "seen" doing something. Even if that "something" is impossible, unworkable, and fundamentally harmful.
> The expectation that "Parenting" is now outsourced to Teachers, to the Government, to anyone else. People seem to expect they just have a kid, and somehow magically they'll grow up to be a perfect person without any work from themselves. So there's over-reach, there's pressure on making "unworkable" soutions, because the people they're trying to force "solving" the problem aren't the people in the best position to do so.
Yeah, because the parents' time is now dedicated to their employers. When parenting wasn't outsourced, families typically had a parent at home doing it full time.
Don't blame the parents and ignore the story of reduced family capacity.
> Yeah, because the parent's time is now dedicated to their employers. When parenting wasn't outsourced, families typically had a parent at home doing it.
This seems to imply that the problem is that we started letting women work, but I suspect the actual problem is back to restrictive zoning again.
If you let people actually build housing, and then some people have two incomes, they use the extra money to build a big new house or drive newer cars etc. If you instead inhibit new construction, the people with two incomes outbid the families with one income for the artificially constrained housing stock, and then every family needs two incomes and like flipping a switch you go from "women are empowered by allowing them to work" to "women are oppressed by requiring them to work".
I don't think just building more housing is sufficient. That might decrease the cost of living somewhat, but probably not enough to remove the need for a second income.
I think ideally most families should be able to survive on the income of one parent, regardless of which parent that is. But I'm not sure how to get there, although I think the problem is closely tied to wealth inequality.
I also think in a better world, it would be practical for both parents to work, but work fewer hours, each working 20 hours a week. But in the US at least that generally isn't practical because most such jobs don't provide health insurance or retirement plans, and are typically very low paying jobs.
>I don't think just building more housing is sufficient. That might decrease the cost of living somewhat, but probably not enough to remove the need for a second income.
While shadowy special interest groups and large corporations are able to write text directly into the laws of anglophone countries, The People can't even talk about one instance without fragmenting into a trillion pieces covering topics such as the affordability of housing.
The left wing constantly says “we started letting women work”. Women have worked for thousands of years. The phenomenon of manipulating women into believing working for a corporation is some kind of “higher calling” is relatively new, and it’s been a disaster for the family unit.
We can distinguish these two things, right?
One is that people tell women it's good to work for a corporation, some of them believe that to be true and choose to do it, the others retain and exercise the option to do something else.
The other is that we set up an artificial scarcity treadmill so that if some families have two incomes, they outbid the ones that don't on life necessities and then women have to take a job at a corporation in order to be able to afford to live indoors even if that's not what they would otherwise choose to do.
Well the first naturally led to the other. So you can distinguish them, but they are not separate.
In order to get from the first to the second, you need the artificial scarcity laws, and we ought not to keep those.
> The expectation that "Parenting" is now outsourced to Teachers, to the Government, to anyone else. People seem to expect they just have a kid, and somehow magically they'll grow up to be a perfect person without any work from themselves. So there's over-reach, there's pressure on making "unworkable" soutions, because the people they're trying to force "solving" the problem aren't the people in the best position to do so.
NOT giving children addictive devices isn't not outsourcing parenting, it's basic social responsibility. Like not giving them cigarettes. I find it encourating that most other commenters understand this.
> There's no (state) school giving out tablets that aren't pretty much single-use locked down devices.
False, and this betrays that you have no experience with what you're talking out.
In theory „There's no (state) school giving out tablets that aren't pretty much single-use locked down devices.“
In practice, most schools lack anyone with enough technical literacy to lock down the device. So they just hand out unlocked cheap android tablets with all the stock spyware and advertisement pre-installed.
They don't "hand out" anything really - probably the closest thing is government programmes to fund laptops/tablets for low income families, but not a single school locally "gives out" tablets to kids. But they're all just "normal retail" devices.
They have some things used in lessons, but they're all given out at the beginning of the lesson, then gathered at the end.
You could argue that it's a problem they they assume home access to such things anyway - especially in later years - as things like online 'homework' is the norm.
Again, this is not true. Some public schools do buy ipads and licenses and do hand them out and some times they're unlocked. You COULD do a basic google search and learn about the topic on the news, you're you don't actually care to learn, you're just spreading noise.
You're talking about a solved problem and a few comments down there's a bunch of people in this very comment thread losing their minds about Linux devs working on implementing parental controls.
“There's no (state) school giving out tablets that aren't pretty much single-use locked down devices.”
They try, but kids are smart and there are holes in the tools to lock things down. You would not believe the inventive workarounds that kids find to circumvent content filters. It’s a losing battle to lock everything.
We figured out that if you clicked on the context menu fast enough we could bypass the block on “Run as administrator” and the rest was history.
Totally agree with you here, but this law - which I’m deeply offended was passed unanimously by our spineless legislators - will solve none of it.
Parents don't have the right tools to minimize harm to their kids online. The parental controls offered by Apple and Google were intentionally designed to be full of holes.
And incredibly hard to use, and very buggy.
>>> Controlling what children do online is a solved problem: Parenting and parental control applications. >This is absolutely not true.Here in the UK schools are swarming with ipads and shit like that. They're given to primary school children because they're "more engaging". Children are supposed to practice their reading and even handwriting on ipads. Naturally they're on youtube instead. It's really bad.
And how does that refute what the parent said? Those school ipads could also have YouTube locked or restricted to a whitelist of channels.
The schools could also simply not distribute tablets or laptops to students. The technology has not produced noticeably better readers, thinkers, or writers compared to the days when students read actual books and wrote on paper.
In fact this would be a great way to curb LLM cheating
> Those school ipads could also have YouTube locked or restricted to a whitelist of channels.
There's so much wrong here.
A) there's ways around that stuff that any child can figure out.
B) schools aren't in fact obligated to enable those, and some don't.
C) who decides on what channels are allowed? The school does. But teachers are basically people off the street that did some basic training and (from my experience) have zero critical thinking. This are not the best and brightest.
D) big tech will tell you "this is age appropriate" and the only thing that means is that you probably won't see porn. Anything else, including gambling ads on youtube, you do see.
You see, you're trying to discuss the specifics which in this case is a losing approach if your goal is to protect your chidlren from being victimized by the attention economy. The reason is that those benefiting from the attention economy have more lawyers and more engineers to deploy than any individual parent.
>A) there's ways around that stuff that any child can figure out.
No, there are not for hardware locked devices with the proper controls (what apps, websites, etc to allow).
>B) schools aren't in fact obligated to enable those, and some don't.
The technical problem is solved, if they don't want to implement the solution that's on them.
>C) who decides on what channels are allowed? The school does. But teachers are basically people off the street that did some basic training and (from my experience) have zero critical thinking. This are not the best and brightest.
Again, irrelevant. A common policy can be created (e.g. by ministry of education experts) and shared with schools.
> > B) schools aren't in fact obligated to enable those, and some don't.
> The technical problem is solved, if they don't want to implement the solution that's on them.
Just to be clear - do you not understand that a parent might be parenting, but some times their children is in care of a school? Your focus on "a technical solution exists" is missing the real issue here, and it's not a technical one.
>but some times their children is in care of a school?
And not only that but some of those times are dinner break, on a school campus with a thousand other kids and barely any supervision. Even if phones are banned, it's easy to hide one and for a child to be showing their friends unhinged stuff they found on 4chan.
And some of those times are on a bus carrying at least 50 kids when they're 'supervised' only by a driver ... and so on.
That's a good point.
But you know, I find it frustrating that the people we're talking to clearly have no experience with the subject but they come in here and state with confidence they're opinion on something which is for them a hypothetical. They don't know what's going on.
>Even if phones are banned, it's easy to hide one and for a child to be showing their friends unhinged stuff they found on 4chan.
That would still reduce ther exposure by 1-2 orders of magnitude, which is perfectly acceptable.
I mean, we all saw the occasional heinous stuff, goatse, lemon party, etc, that doesn't ruin you. I don't think preventing them from ever seeing anything disturbing is a realistic goal. It's more an issue when kids are allowed to be fully addicted on an ongoing basis instead of spending their time doing things that help them grow. I think keeping them from spending all their free time on youtube or in Roblox is more the goal.
This, it's the stupid addictive games like Roblox and social media like YouTube. Circling back to schools (not-UK), here even teachers let them play Roblox sometimes in primary school on school hardware. The problem as a parent is that you cannot get upset and fight about everything, you need to pick your battles. This is made worse that you are most likely a minority, most parents will say/think a little Roblox or Tik Tok at school is harmless fun.
IMO the problem is twofold: first, younger kid's brains are not developed enough to deal with games and social media that are intentionally made to be addictive. Heck, even a lot of adults have issues limiting their time. Addictive games and social media should just be forbidden under 16 years. Currently our government has only issued a recommendation, which does nada. Second, teachers and parents need to be educated better. Many have no idea that these addictive apps are an issue or just don't fully realize the damage they do.
I'm talking about both parents and schools: the technical solution exists. If parents/schools don't want to implement it, that's on them.
This answers your objection A and B. C is also a non-probem with a trivial fix, as I showed.
What we're discussing is whether age verification is needed. Based on the existence of other, perfectly fine solutions, it's not. "But schools don't bother implementing those other solutions" is not a counter-argument to this discussion.
> If parents/schools don't want to implement it, that's on them
Well that's not much of a solution is it now? More like an attempt that we all can see will fail.
Harm reduction is not the same as a solution.
But this thread is discussing the technical solution and how many jurisdictions are pretending there’s no technical solutions just so they can pass surveillance legislation?
Same argument(s) can be applied to age verification.
Exactly. We've completely lost (actually never had it) any social responsibility on the part of the social media/tech companies. Before we had the internet and all these apps and devices, parents looked after what their kids did but could also pretty much rely on other businesses to not do things like sell their kids cigarettes or pornography, let them in to R-rated movies, or expose them to other age-inappropriate stuff. Did it happen? Yes here and there but it wasn't easy for most kids.
Parents just want to be able to designate a device as belonging to a child---one setting---and have that respected. Not to have to dig into the settings of every account, service, app, and website and figure out how to set it in age-restricted mode (if that's even possible).
The tech companies have made this way too difficult and now they are facing the consequences of their shameful neglect by having to deal with all these new laws (which they will probably ignore, with no consequences, but we'll see).
It's understandable that parents are upset, but tech companies are not the ones harmed by these laws. When we've outlawed privacy, it will be the public who suffers.
In fact the big tech companies are involved in creating these laws.
> Parents just want to be able to designate a device as belonging to a child---one setting---and have that respected.
The problem here is, what does that actually do?
If you say the device is for kids, can the kids then see content related to firearms? What if the parents are Republicans and don't want that censored for their kids? Also, what does it even mean? Does a YouTube video on firearm safety get blocked because it contains firearms? Should "kids" be able to view sex education content?
If nobody agrees what should be blocked then the reason they don't have a setting is that nobody knows how to implement it.
Checking what the school is exposing the children to is part of parenting, if enough parents demand parental controls on the iPad you'd get that. Also it sounds insane that any school is given children iPads, if anything the studies show worse outcomes with iPads
> Checking what the school is exposing the children to is part of parenting, if enough parents demand parental controls on the iPad you'd get that.
Yes, but often times enough parents DONT demand that.
Most parents think "ipads are a good thing children need to learn tech in order to have good jobs". Other parents think "ipads aren't good but if I complain I'll be that annoying parent that no one likes". Only a minority is vocal.
Since schooling closer to home obviously solves this problem, and a host of many other problems, and doesn't introduce any real problems (bad schools don't save kids from bad parents, which seems to be a rebuttal to home-based education, it would seem to me the answer is obvious:
Return to a single income household economy and bring education closer to the home, if not outright in the home.
That the schools are unable to implement the technical solutions for parental control tells you about the schools, not about the technology.
And that parents rather have everyone's actions on the internet surveilled because they can't coordinate with their schools tells you about the parents.
But this is ridiculous. The problem was created by the state (which ultimately runs the schools), and now the state wants to impose additional rules on a bunch of totally unrelated adults to (probably fail to) solve their self-imposed problem.
You're saying that because you fell for the scam. Seriously, every "think of the children" initiative is a scam.
And especially for that one it was quite obvious lawmakers were purchased to introduce these laws.
And there are receipts, too: https://codeberg.org/svin/meta-lobbying-and-other-findings
This is true but then why regulate every website instead of regulating... The schools
100% agree with you. I'm not arguing for regulating websites. In my scenario the schools are the actual problem. (EDIT: Actually, Meta and such companies are the actual problem, but in our world nobody expects that they have anybody's best interests in mind. But schools should.)
I was strictly only responding to the phrase "this is a solved problem you just have to parent".
LoL scapegoat found. Actually not a bad idea. "Your child must not bring any digital end device, that is, in fact or in principle capable to connect to the internet, and display graphical content in any form other than text. Needs for telecommunication do not constitute a claim for exemption. Parents who want their child to be able to make calls from a mobile phone, may supply their child with what's colloquially called a "dumbphone" ,i.e. a phone that is not capable of the aforementioned technical features. Breaches justify the exclusion of your chid from participation in class for the day, or in cases of repeated violations of this policy, of up to one week. The parent agrees to have the full responsibility for the care and supervision of their child upon short notice. Resulting financial losses that might follow in the aftermath of such a transferral of guardianship back to the parents on short notice from thus necessitated time commitments for them are their responsibility alone and cannot constitute claims against the school. The responsibility to catch up on thus missed lessons lies with the pupil alone and does not constitute the privilege to be excused from examinations.
In my country, state schools strictly forbid students from bringing devices to school. This rule was actually introduced because of the haves/have-nots issue here, because many kids are too poor to afford devices. The schools themselves don't provide devices because it would be prohibitively expensive due to the large student population. Most private schools don't allow devices either.
Schools are being regulated too, don't be facetious.
When people say "parental controls" they obviously don't literally mean "parental controls controlled by PARENTS", they mean "parental controls controlled by parents AND OTHER guardians such as teachers and schools".
If the school can't be bothered to lock down their ipads, why not make a law that schools must lock down the ipads, rather than push this out to everyone universally?
It seems like another shoddy excuse of a panicked panopticon to me. Feel free to try to convince us otherwise.
I volunteer at a makerspace, twice already adults came to seek help "bricking" their smartphone, so it can only be used when a certain RFID token is present, the problem is there exist commercial solutions aimed at companies and institutions, where the employee can't disengage the lock, and then theres commercial (and open source) solutions aimed at individuals, but these can always be easily disengaged and bypassed.
I agree that children's elders (parents, teachers, ...) should be able to control the available apps and platforms, but only for a reasonably short period (so that kids don't grow up in censorship right until they are adult, it should be continuously relaxed until the kids are in control of their own impulses, so whatever mechanism is used, it should gradually relax willy nilly the opinions of the elders or the state).
This brings up the next problem: what if parents mutually disagree? and what if teachers mutually disagree? and what if parents and teachers disagree? So there should be some kind of jurisdiction awareness in the parental control system: when at mothers place, mothers rules, when at fathers place, fathers rules, when in this or that teachers class their rules, as that would be the technological agnostic position (regardless if the old ways were good or bad, thats what technological non-interference would suggest).
But even if all parents, all teachers agreed on the parental control settings for a child, they can't really do it effectively since they are placed at the whims of big tech, with clear visible conflicts of interest like advertising, engagement, etc.
To solve that government should mandate a simple secure way for the smartphone to accept a user generated cryptographic public key, upon proving ownership so that they can sign their own root, first non-ROM (actual silicon ROM, not firmware images) op-codes chosen by the user. Then they can install any open source parental control software they want.
Its the surveillance state refusing to give the populace the keys to their own smartphone, and then deciding to "solve" the resultant inability for effective and community controlled parental control mechanisms by degrading privacy for all.
"we have to reign in your privacy, because we refuse to give you the ability to sign your own bootloaders, for freedom and safety of course"
every time we have people complain about how expensive "bricking" software and effective parental control software are (the commercial solutions aimed at companies and institutions, which have special arrangements with smartphone industry), we should direct them to a petition to force an actual right to compute by mandating computers INCLUDING smartphones allow the end-user to sign their bootloaders with a self-generated key of their choice.
Then the problems will disappear overnight, and solutions for this problem will come in a form like all the big beautiful free and open source software, and it will work, and it will be sane.
Because the effects on our children is popping up simultaneously. Because globalization. Because every teenager is influenced by the likes of Andrew Tate and series like Adolescence. Either directly or indirectly.
This is what we wanted. We wanted a connected world. Be careful what you wish for.
That isn’t the cause of this phenomenon.
It's part of a whole bundle of tightening censorship and increasing control in a pivot towards techno-feudalism, and militarization of society...
They don't like what happened to their PR for what they did in gaza and they want to get ahead of the curve and stop us from seeing what they are going to do in IRAN without their SPIN.
Its a poison pull to lay down the infrastructure for controlling narrative on the internet
Might want to explore “Agenda 2030”. I don’t know for certain if it applies to this specific issue. But it does hint at a coordinated effort to build a completely new framework for managing the human species through technology.
Can you elaborate please?
Seen today on fedi—
vx-underground • @vxunderground
“Yeah, so basically the current prevailing sch[*]zo internet theory is that Al nerds have destroyed the internet and created infinite spam.
The advertisement goons are now incapable of determining who is a bot and who is an actual human. The advertisement goons no longer want to pay as much to social media networks.
Social media networks, in full blown panic of losing potential revenue, decided to lobby governments saying "we gotta protect the kids! ID everyone to protect the kids from pedophiles!".
The social media networks know this doesn't really protect kids. But, it does two things (and a third accidentally).
1. They now can identify who is human and who is Al slop machine, or enough to appease the advertisement goons
2. Advertising to children is a general no-no from politicians, or something, so with ID verification they can say with confidence they're not advertising to children because it's been ID verification. Basically, they can weed out the children and focus on advertising to adults
3. The feds can now tell who is human and who is Al slop. This inadvertently helps them with tracking people and serving fresh daily dumps of propaganda, or whatever they want to do. It's a win-win-win for advertisers, social media networks, the government, and any business which does data collections.
It fucks over everyone else.
Chat, I'm not going to lie to you. This is an extremely good conspiracy sch[*]zo theory and 1 unironically believe it.”
Mar 13, 2026 • 11:33 PM UTC*
That _sounds_ somewhat plausible but it means those social media management is completely anemic to everything if true. We just all know that getting verified is how AI spammers get to do spamming. Or post unwanted yet kosher contents. Everything unwanted can be made legal though not everything desired can be made legal.
Zuck wanting to build a centerpiece for his lair made out of resin fused copies of driver's licenses would sound more plausible.
In this case I think the schizos may be right. It makes complete sense. And $2b is peanuts to Meta, on par with the amount they’d authorize their lobbying department to spend over the course of a few years. I’m not surprised at all.
Same in Brazil. Economically and politically not nearly as important, but 250 million people affected by the same discoursem
It reaches far out, not just the West. China remains relatively immune. S. Korea and Japan immune to some degree. Russia, unfortunately, is not immune at all.
The things that our politicians want to make illegal for children were already illegal for everyone in China.
That probably has something to do with why China's economically outperforming us so much.
Everything appear to be illegal in China, but also everything illegal appear to come from there. Their chemotherapy dose table is calculated for diluted compounds. Coupling their law text to regular universal enforcement is just a suicide.
Not sure when exactly that happen but decade years ago or so, people were sharing this spoofed infographic in which the Internet was a cable tv-like service where you'd pick big media sites you'd subscribe to, IPTV/streaming, optional secondary sites - all of this curated and safe, free of any dangers. No lewd content whatsoever.
And honestly, I can't get rid of the feeling that this is where we're heading into. These are last years of the wild Internet and its next iteration will be passive and probably in 99% generated corporate safe slop.
Meta, a multi-national corporation, seems to be behind all of these.
See:
https://www.reddit.com/r/linux/comments/1rshc1f/i_traced_2_b...
https://www.reddit.com/r/LinusTechTips/comments/1rsn1tm/it_a...
And the groundwork was laid by very well connected think-of-the-children evangelicals, transphobes and sex-work-phobes over years. Never forget this. Meta just added nitromethane fuel to a raging fire.
Eshittification (by Cory Doctorov) is a shitty book but it does explain how that dynamic works.
To be clear, I don't agree with these laws and think they are very much the wrong way to try to solve the problem.
But it is not a solved problem. From what I've seen parental control software is generally pretty terrible. But this age verification stuff isn't really helpful.
It's a solved problem with a slightly flawed implementation on the end devices.
You seem to be arguing that introducing the whole new class of legal frameworks, technical requirements and privacy scandals(1)(2) is somewhat better than fixing the end user software flaws.
(1) https://www.msn.com/en-us/money/other/1-billion-identity-rec... (2) https://proton.me/blog/discord-age-verfication-breach
They all copy each other. Also some of it was set off by the book, Jonathan Haidt's The Anxious Generation.
That dude gives off such slimy vibes. Not like he’s evil. More like he’s unqualified to be in the position he’s found himself in. His presentations on talk shows gives me the impression he knows just enough about the topic of digital effects on society to throw together a book. The he lets people raise him up to the microphone and speaks for the sake of speaking. Hardly an expert, not an operator.
Compare to people who have the means to build, modify, and test the systems they talk about. Maybe no one can be this kind of an expert in the field of sociology. But if that’s the case do not present yourself as confident. Answer most questions with “I don’t know”. Refuse praise. Exude humility.
If you were familiar with his background you wouldn't be writing this comment, which makes what you wrote a bit awkwardly ironic.
Short of it: 30-ish year career as a psychology professor and researcher focused on morality and emotions. If you follow the track of his popular science books, The Anxious Generation (on smartphone use in teens) is very much a sequel to The Coddling of the American Mind, which itself is something of a sequel to The Righteous Mind, and so on. There's a very clear linearity and progression to his works.
I am familiar with his other books. And it’s clear he has an established career. I just don’t think he should try to present such simplified narratives. “Coddling of the American Mind” is what first put him on my radar and set off alarm bells.
At I said this might just be a field where normal expectations of expertise can’t be met. But that doesn’t mean you can rescale and match the confidence of other fields.
He’s putting himself in a position similar to politicians running for office.
> Controlling what children do online is a solved problem: Parenting and parental control applications.
Doesn't even seem close, but ok.
Indeed. It is too suspicious how legislation gets cross-nation synced.
A few get very rich right now. Pays well to be a lobbyist.
> Controlling what children do online is a solved problem: Parenting and parental control applications.
This is just the ruse, the carrot on the stick. They hate us for our freedom.
It’s worse than you think. It’s not even coordinated by someone in the background — it’s just the emergent overton window thanks to technology, see:
https://community.qbix.com/t/the-global-war-on-end-to-end-en...
So, firstly, before I dive into your comment; about the topic above, this is the result of a terrible headline gone wrong in a single state in the US. The language never required any changes to Linux, or Windows, or any other operating system, for that matter.
Someone read the text, and made a clickbaity headline, and it went viral. then, another state made a similar bill, and it went viral again.Age verification isn't coming to Linux any time soon, and no, you aren't breaking any laws by either developing for, and/or using Linux if you are a U.S. citizen. It is literally illegal to pass a law like that thanks to the constitution. Outside the U.S.? well depending on the country, you likely experienced something better or worse, Regardless...
It is pretty remarkable that it [age verification] has popped up in multiple countries at once. It is almost as though a certain few billionaires are interested in suppressing speech.I wonder who those folks might be? ;)
The folks trying to shut down the masses via stuff like this should probably read some history, because that never works out...like ever. Doing the same thing over and over again won't make it work. It won't work this time either.
The text of the law says:
> 1798.501. (a) An operating system provider shall do all of the following: > (1) Provide an accessible interface at account setup that requires an account holder to indicate the birth date, age, or both, of the user of that device for the purpose of providing a signal regarding the user’s age bracket to applications available in a covered application store.
[And some other stuff]. A simple reading says operating systems need to ask the age of the accout holder during account setup. It says the purpose is to provide a signal to a covered app store, but it does not exempt operating systems without a covered app store.
To me, the biggest issue is that it seems to think of computers as something you use while being near and having only one user at a time accessing, where computers you use might be far away and have thousands of people accessing them per day with hundreds of concurrent users and tens of thousands of accounts.
If you don't intentionally allow accounts access to any app stores, do you still need to collect the data ? It says to collect it, and that's the purpose but it doesn't say if you're not permitting that purpose you don't have to collect it
That an issue to you, I, personally, love the idea of submitting my ID to McDonald's kiosk before ordering.
Maybe that would finally push them to make kiosks that run entirely without OS. I expect a big enough Rube Goldberg machine could do the task if not as efficiently, then at least in a more entertaining way.
So would a single-user OS without accounts be ok?
I think, if there's no account setup, there's no need to request an age/birthday signal. Although if there's am app store and no account setup, you might have trouble.
I've looked at the bill and it sure seems like it would apply to Linux. What's your case that it doesn't?
As I understood it, the claim was that it wouldn't apply because of the Constitution, not because the text of the bill made it not apply to Linux.
In the sense that it compels speech, essentially? Hmm.
> Something remarkable and unsettling is how the age verification debate has popped up almost simultaneously in the US, UK, and EU.
nothing strange about that. You have higher interests in control of the (national) governments in several countries, planning things at once. This is what you see as a result. It certainly did not involve democracy.
Eh, it really isn’t that surprising. “Activists” in any country are quick to capitalize on a news cycle. You also missed AU. If you squint you would realize that they are all English speaking (or use English as a common exchange language)
It’s not a solved problem at all. Your take is very libertarian, which I personally sympathize with, but if we’re being honest it doesn’t align with reality.
The truth is, there are a lot of bad parents that are, for various reasons, unable to perform these parental duties.
We’ve always restricted children from accessing certain things without relying solely on their parent’s abilities or discretion.
I’m strongly in favour in giving parents as much control as possible. That doesn’t negate the fact that the vast majority of children, for example, currently have completely unrestricted access to hardcore pornography.
Shrugging it off, proclaiming it’s a parental responsibility, doesn’t solve the real world problem.
Previous to the internet we didn’t allow free unrestricted distribution of pornography to children. We stepped in as a society and said, no actually if you’re selling that… fine, but you need to verify the age of the customer.
Ask Zuck about it.
And LATAM probably soon to follow, specially Argentina with Milei and now Chile with their new right wing president
I don't think this is a left- or right-wing issue: Australia was one of the first to ban kids from social media, and Australia is not right-wing by any measure. Canada is hardly right-wing, but age verification is bill S-210 in their parliament.
What you're seeing is a coordinated push by transnational interests; Meta's name has come up in discussions of the funding behind this push. At the very lest, verifying age also verifies that a person is real and not a bot, so advertising firms like Meta will benefit from verification. That's not right-wing or left-wing but rather the influence of business over the political, and neither wing of the spectrum is immune to corruption.
Agreed, it clearly isn't a matter of left vs right. It's about liberal vs illiberal values. Unfortunately for all of us, liberty is falling out of favor.
Meta was strongly against the Australian social media ban.
Separate from this policy debate I think you’ll find Australia is a country where the right frequently wins actual majorities of the vote.
> Separate from this policy debate I think you’ll find Australia is a country where the right frequently wins actual majorities of the vote.
Isn't that basically every democratic country?
We can't judge how "right" or "left" the political culture of a country is by how frequently the right or left win office, because in the long-run they tend to win office roughly equally often just about everywhere.
A better way of judging this question, is how the policies of their main left/right parties compare to those of their counterparts in comparable countries
>I don't think this is a left- or right-wing issue: Australia was one of the first to ban kids from social media, and Australia is not right-wing by any measure. Canada is hardly right-wing, but age verification is bill S-210 in their parliament.
I'd classify both as very corporate friendly, far centrist, which is just as good as "right wing". Nothing about actually empowering the masses, and even less so the working class, only elite pseudo prograssive talking points.
There's 2 axes on the political spectrum. Economic and Social axes. Liberal and Conservative is one dimension (Economic) and Authoritarian and Libertarian is another dimension (Social).
In the US both the Democratic Party (Liberal) and Republican Party (Conservatives) are considered Authoritarian on this 2 dimensional graph.
Milei claims to be a Conservative Libertarian so, in theory, he should be opposed to this. We'll see what he actually does.
There are almost infinite axes. We can do a principal component analysis to find the most important 2.
>Milei claims to be a Conservative Libertarian so, in theory, he should be opposed to this. We'll see what he actually does.
That's just for the gullible. In practice he's about power and self-serving interests, just like any "libertarian" in office.
Milei is a libertarian, and would be very opposed to such a thing.
Running as a libertarian, and governing as a libertarian, are two entirely different things.
He has been doing pretty well so far.
Trump owns him now. He has to pay the piper.
Milei will do trumps bidding
I wouldn't bet on it
Because it's manufactured consent and propaganda driven by deep pockets and ideologues. It was rammed through by the elites.
it worked with p(l)andemics, why it wouldn't with online verification? they always come with some noble reason how to force something down the population throat and majority still falls for it
heck I don't see everyone boycotting and embarging US/Israel for their aggression against Iran, because they came up with good story once again, cough...Iraq WMD...cough
That's what I've been thinking this whole time.
If you wanna surveil your children, surveil your own fucking children. You have no say in other people's lives.
Now, as for solutions, it's also simple but unpopular. People shouldn't be so rich they have transnational power. All this is happening because we let a tiny group of mostly anti-social people get so much money the only way they can spend it is this kind of BS.
People discuss policies all the time, and take inspiration from jurisdictions where those policies /appear/ to be implemented and "working"
The idea that there is an age requirement (for certain content) has been around for a very long time (Facebook, for example has a no under 13s rule in their T&Cs, many porn sites have a 18 years or older declaration before allowing access, and so on)
Australia has recently implemented law(s) that take the next step forward, and the other countries in the world that have been wanting something similar are seeing that, seeing that there haven't blowback from corporations or voters that makes the idea of the law unpalatable, and thinking that they too can implement laws that work in similar ways.
If you actually pay attention to global politics you will see that this sort of behaviour occurs fairly regularly (look, for example, and the legalisationg of homosexual marriage, there was a law legalising it in the Netherlands in 2001, then Belgium did similar in 2003... and so on as more countries saw that their own voters were amenable to the idea https://en.wikipedia.org/wiki/Legal_status_of_same-sex_marri...)
edit: There's no grand conspiracy at play
Another example is the cannabis use laws, cannabis was heavily criminalised in the 70s, there was pressure from the USA for other countries to follow suit.
BUT from the early 2010s several states of the USA legalised recreational use - this has also bought the debate back to the fore for many countries, with reassessments and changes occuring https://en.wikipedia.org/wiki/Legality_of_cannabis_by_U.S._j...
> how the age verification debate has popped up almost simultaneously in the US, UK, and EU
It's because of a mix of Barroness Kidron's lobbying [0] and companies trying to meet legislators halfway [1] due to latent legislative anger due to disinformation incidents that arose during the 2016 election, January 6th, January 8th in Brazil, the New Caledonia unrest, and a couple others.
Civil and digital libertarianism is not a mainstream view outside of a subset of techies.
Sadly, building and deploy a truly private and OSS authentication service was not on the radar in the early 2010s - that would have staved off the current iteration.
[0] - https://www.politico.com/news/2023/06/14/british-baroness-on...
[1] - https://subscriber.politicopro.com/article/2025/11/exclusive...
Different people observed the same problem at the same time, and came to similar conclusions about how to solve it.
Evidence says otherwise: https://web.archive.org/web/20260313125244/https://old.reddi...
We should not give these human rights violations the dignity of being called "solutions", especially as they are anything but.
This is literally about making parental control applications work better. Nothing in the law requires a child setting up their own system to set their real age. It just lets a parent creating a limited account for a child.
Why are Linux operating system providers taking it upon themselves to comply with the California law especially if they are not selling anything. Since it is just a downloadable piece of software then it is up to California state to set up a firewall to protect themselves from such harmful software.
Let's say I am a generic linux developer who develops variants of Debian Linux while sitting in my basement in any part of the world.
If one country wants to ban my software because I don't ask for their age, then set up suitable protections for your citizens.
Don't force me to do that. I am not responsible for protecting your citizens.
That is like saying if Saudi wants your id to make sure only males can download operating systems, so now will I add another restriction.
At least China takes it upon themselves to ban sites that they deem harmful for their citizens rather than forcing devs.
because the laws are coming with massive fines and penalties that will apply to people not even selling anything
unless you can confidently dodge American law enforcement, which is a big ask unless you are solidly anonymous somehow, then you are forced to react in some way
These days it seems best to not be in the US or any vassal country, in order to avoid this ridiculous overreaching of "we are the center of the world" lawmakers in the US.
I think you’re replying to someone based outside of California.
I wonder whether the blast radius of the law might interfere with OSs running on cloud machines. That might explain why California based companies in the cloud business might want to ensure that the bits they resell are compliant.
Because despite the screeching, having good parental controls standardized across distros and OSS software is an idea that benefits Linux as a whole.
Do you think the mechanisms required by this law, as described in the linked article, constitute ”good parental control”?
Having good parental controls would be nice. Unfortunately that does not describe AB 1043
Very common pattern in compliance, if you want to export to a country, (regardless of monetization method), manufacturers and distributors comply with local requirements like for example getting approved for local electrical parameters and implementing specific plugs for local sockets.
If you came to my website and downloaded something, I did not export it. Maybe you imported it, that’s on you.
I am not a lawyer. Still, my two cents are:
You didn't geobock the download or prompt for then user's address first in your scenario. So it may constitute export because it would be reasonable to assume that you clearly intended to make it available worldwide.
Phil Zimmerman was investigated for illegaly exporting munitions because he made PGP available via FTP. The case was settled, so I don't know whether this argument would ultimately have been successful.
This is how the UK interprets things, but they seem to be alone on this in the present day.
Wyoming just passed a bill explicitly refuting this interpretation, other states are working on their own bills, and there is even a federal bill in the early stages.
The only exception that the US has ever acknowledged to this is ITAR, which is what the PGP case was built around, but it failed as you mentioned. But non age verified OSes are obviously not munitions.
Maybe some investigation worked this way, but to me it seems obvious twisting of supposed intention. If I don't geoblock, it is not necessarily because I want the thing to arrive somewhere. It can simply be, that I don't care who downloads it, or I don't want to waste my time with crazy laws, that I might not even know about. If Kiribati decides to have a new law, I probably won't even ever hear about it. Suddenly, me not knowing laws of another country, that don't even apply to me as citizen of my own country get construed into me "wanting to export"? Lol, what a silly line of thinking, which can only come from some people, who do everything to get to someone, including arguing in a completely twisted illogical way, and judges, who are removed from reality letting such a thing happen.
If we allow this shit to happen, be prepared for evolution deniers to push their nuts agenda through the same channels and similar. Suddenly, we won't find wikipedia articles any longer and suddenly having a blog about biology will lead to one being investigated.
If you gate access behind a Terms of Service, any violation is potentially a felony in USA. Any human who later litigated would have clicked Accept, or subverted your popup like a hacker.
Now this is what open source development should look like. I cannot believe a few days ago I was thumbing through an email thread on freedesktop.org about how they could implement the mandatory government API in dbus. Can they not read their own domain name?
The API seems like a funny joke anyway, `sudo setage 12987123`, done.
Oh nice! I’ve been wanting to ask someone of your age, how was the Middle Miocene Climate Optimum?
The climate was optimal. Everything else was kinda mid tbh.
It being Linux those would obviously be seconds so they are roughly half a year old.
It's designed for parents to enact parental controls on their children. If you're root, you're the parent. Obviously root can turn off parental controls.
I wouldn't be so sure, I think the ultimate goal is to link your network activity to your government id, just like the way it's done in China. So the only root left is the government basically.
The whole point of the California/Colorado laws is to provide an alternative to that. The whole point is that it provides a privacy preserving way to provide a signal about whether someone is in a particular age bracket, without requiring any kind of third party ID verification.
I am so puzzled by everyone who objects so strongly to these operating system based opt in systems; all it does is provide for a way for a parent to indicate the age of a child's account, and an API for apps and browsers to get that information. If you're the owner/admin of a system, you get to set that information however you want, and it's required that it only provides ranges and not specific birthdays in order to be privacy preserving.
I had the same reaction as you this entire time until half an hour ago when I saw the second link in this comment: https://news.ycombinator.com/item?id=47382650
Meta being behind all of these efforts makes it incredibly suspicious, especially given the New York law is ridiculously more invasive than the California one. It sure makes it seem like there's likely a larger plan here that this is merely facilitating.
So I don't think I can still buy it at face value that California's version is a good-faith attempt to balance privacy and child safety, even if that's what it is in the eyes of the legislature, given who's actually behind it and what else they've been pushing for.
The larger plan is probably to avoid banning social media for under-18s
Or get another source of demographic data and suppress smaller competitors who can't comply with onerous regulation.
> I am so puzzled by everyone who objects so strongly to these operating system based opt in systems
The government legislating APIs is an uncomfortable precedent given the culture wars that are raging right now. There seems little reason to expect this will stop here.
They are not legislating specific APIs. They are legislating that an API has to be provided, just like other laws legislate that you have to provide accessibility APIs, but the details of the APIs are left up to the companies.
I work in aviation, a highly regulated field. And that's a good thing. It does take some work to regulate well; there has been a migration in aviation to more prescriptive regulation about how things need to be, to less prescriptive like what the ultimate performance needs to be. But yeah, the aviation regulations aren't that you have to implement something a specific way, but that you have to be able to show that your aircraft has no more than a certain probability of catastrophic failure (where the probability varies base on certain things like the size and type of aircraft).
For this age verification law, all that is required is that there is an API provided for this purpose, and there is a way for the owner of the machine to set up user accounts with age information indicated, and that the APIs need to provide several rough age ranges, not specific birthdays.
Years later: "The current measures are a step in the right direction, but we have found them insufficient. We are now requiring the use of this specific proprietary binary blob for any action related to the verification process. It will conveniently run as a daemon so its exposed API will be accessible to any application that needs to query it, and it will automatically update itself so you don't have to worry about it, just set it up once and forget about it."
It might also include some additional text like "we have decided to collaborate with systemd to integrate this proprietary binary blob, to maximize the reach and eliminating any pains in the setup process caused by the vibrant ecosystem of package managers, while at the same time avoiding disrupting the development process of the Linux kernel".
What does "the government legislating APIs" mean? The ADA means every OS has to support screen readers.
BS. Does TempleOS support it? What about Plan9? MenuetOS?
Are these illegal operating systems?
Either you or someone else mentioned this talking point the other day, I asked for even a single example of an OS maker being sued over this successfully, and I got nothing.
I'm confused. What's the age definition of child? 12, 15, 18? Does this mean its against the law for children to install an operating system? What is the penalty for a child doing this and putting the wrong age or just doing it at all? What is the penalty for a parent or guardian of the child that does this? What happens to the parent or child if the child circumvents this control? Will child services be involved? Criminal penalties? Of course the only way to know an adult is the administrator is to tie the users government I'd to the account. Could this be done in some zero knowledge anonymous way? Sure, but I don't think it's likely. This seems to be the thin end of yet another wedge. The trend seems to be to be that we should be identified and survield every moment of our lives. The question is who does this surveillance serve? How much access do you have to your government or employer's data or advertisers or educators or ...? How does their access serve you?
That's a very long list of questions, most of which you wouldn't need to ask if you spent ten minutes reading the law. And the rhetorical point you seem to be working toward is much less effective when more than half of those questions evaporate.
Here's the law: https://leginfo.legislature.ca.gov/faces/billTextClient.xhtm...
It requires that operating systems provide a way, at account setup, to specify the age or birthdate of a user, and provides an API for indicating which age range the user falls in (under 13, 13 to 16, 16 to 18, or over 18) to an application, so the application can use that information to comply with any laws or regulations relating to the age of the user.
It doesn't make any requirement that the parent actually truthfully put that information in. It doesn't require that anyone verify the information. It doesnt provide for any requirement that a child not set up a user themselves. It explicitly calls out that there is no liability on any of the parties if one user uses a computer under another user's account.
So all it's doing is saying that there must be a reasonably accessible mechanism for a parent to indicate a child's age so that rough information about which age range the child is in can be provided.
Now, is it perfect? No.
It does seem a bit over broad as there are lots of things which be classified as computers uner this, like routers, smart TVs, graphing calculators, cars, etc. Having to provide account setup with age and an API to accesss it in all of these environments could be a bit of a lift in the time frame given. And it doesn't leave a lot of time for something like standardization of Unix APIs between operatings systems, so for systems not running graphical environments I'm sure we're going to get a bunch of different solutions from different OSes as everyone sticks it in a different place and provides a different way to access it. And this would need to be a new feature added into long-term supported maintenance releases operating systems.
So yeah, could it have been done better? Yes. Is it likely that they are actually going to fine OpenWRT developers if they don't implement this? I doubt it; it's pretty clear that the legislative intent is desktop and phone OSes, and other mass market consumer oriented devices that might offer app stores.
So yeah, I see some issues, but overall this seems like the right way to do things; just provide a way for parents to set an age on their children's account, and then provide that to any apps that might need to do age verification. That's it.
This holds true until you pass to the next age bracket for the first time.
Are we talking about what actually happened, or are we talking about doomsday fantasies?
Well I think the goal is to link it with hackernews account such that ycombinator can accuratly measure how many of their startups you're interacting with.
pocksuppet, please do tell us how it feels to be birthed by Google and Apple?
or do you have root on your iPhone?
Associating open source with projects that brazenly violate the law is not what open source should look like.
Sorry, was I too punk rock on hacker news?
It is when those laws were passed by totalitarian idiots.
Being passed by a "totalitarian idiot" does not mean that a law is not valid.
What a serf mindset.
Don’t be so unkind to serfs, most of them were merely stuck in an impossible situation, and to my knowledge most were not eunuchs.
Unjust laws should be violated.
Who decides if a law is unjust?
We do. Using our consciences.
What if two people's consciences disagree?
Do it regardless. If you're right other people will realize that. If not, they won't.
> If you're right other people will realize that. If not, they won't.
That literally does not answer the GP's question.
You're just an anarchist. We can save a lot of steps if you just state that outright.
I can't be an anarchist because I don't believe anarchy exists. In every group of humans, power structures and hierarchies form spontaneously from normal social interaction. Even if you abolished all forms of government, they would simply reform. A state of anarchy is impossible.
I'm merely a proponent of civil disobedience.
https://en.wikipedia.org/wiki/Civil_disobedience
> Any man who breaks a law that conscience tells him is unjust and willingly accepts the penalty by staying in jail to arouse the conscience of the community on the injustice of the law is at that moment expressing the very highest respect for the law out of all other freedom struggles.
> Martin Luther King Jr.
You're right, I misunderstood what anarchy was. My apologies.
Sounds like you're the type to lead a lynch mob. Do it regardless after all.
How other people respond is largely unrelated to principled notions of justice -- it will mostly depend on what benefits them. Populism, in other words.
I can't see how that could ever go wrong.
Found the anarchist
No need to hypothesize, just take a look around
This leads to anarchy or selective enforcement. Unjust laws should be removed.
In the US, the process of removing unjust laws generally involves violating them, so that courts have the opportunity to legislate from the bench.
> Unjust laws should be removed.
Yeah, in an ideal world. Good luck with that.
We live in a deeply unjust world where laws are literally bought and paid for by corporations. This age verification nonsense is just the latest example. They aren't going to sit idle if we attack their lobbying efforts, they're going to come after us. God only knows what a surveillance company like Meta can do to you if they really hate your guts.
OK, so then you think the entire system is corrupt, and you should reform/replace it.
Selective rejection of laws based on your own personal morals is wrong in every circumstance.
Either you believe the system is just and you follow all the rules (and work through the system to changes the individual rules you believe are unjust), or you believe that the system is fundamentally unjust and you take drastic action to fix it. If you don't, then you're a hypocrite - you don't really believe that the system is unjust, you're just using that as an excuse to selectively ignore laws you disagree with.
There are many unjust laws on the books, and that will always be true:
- some are backed by powerful interests
- some have become load-bearing and are too difficult to replace
- some just don't matter and aren't enforced
- even if you fix some, new ones will be passed, because people are not perfect
If I prove this to you, will you then take your own advice and "take drastic action" to replace the US government?
> There are many unjust laws on the books, and that will always be true:
> If I prove this to you, will you then take your own advice and "take drastic action" to replace the US government?
No. You didn't actually read my comments before responding, and you're fundamentally misunderstanding my position. That's not "my own advice".
> you think the entire system is corrupt
I do.
> you should reform/replace it
This is a way to reform it. If nobody obeys a law, is it really illegal? It's more like a custom.
> Selective rejection of laws based on your own personal morals is wrong in every circumstance.
So if your so called authorities passed a law saying you're required to participate in some atrocity such as genocide, you'd do it with a clean conscience? Okay.
> you believe that the system is fundamentally unjust and you take drastic action to fix it
I don't have the power to do so. Also, people who try "drastic" actions are called terrorists.
It’s exactly what FOSS should look like IMO. Keep fighting the system.
Anyone ever heard about the story of how Phill Zimmerman made an absolute clown of the US federal government by publishing the source code of PGP as a book?
History of computing and open source is full of clever subversiveness. If back in the past hackers had the same attitude crying about complying otherwise fines we would have nothing today.
The problem is we’re regulating individual behavior by adding to the surveillance apparatus. We should be regulating the companies and dismantling the surveillance that makes the apps addictive to kids.
It’s a way of socializing the losses, this time you lose civil liberties and they get to keep acting unrestricted
Regulating the companies also socializes the costs of implementing age verification measures.
The correct solution that does not do this is to put liability on the parents.
All while these companies employ thousands of people whose only job it is to bypass parent's controls and find a way to get children hooked anyway? A mere slight imbalance, I would say ...
So do you think we should remove all laws on selling cigarettes, alcohol and guns to children, make it the parents job?
Liability? You want to make give parents fines for their children accessing Facebook at a young age?
No, I am just saying what policy will allow the legislators to achieve their goals.
So if your goal is for the state to decide what is good or bad for children, then yes, giving parents fines when their children access 18+ content will motivate those parents to parent their children. That will be an effective way to achieve your goal. Other policies have issues with externalities (ignoring the inherent externalities of creating liabilities ex nihilo, which will exist no matter what policy you choose).
If you believe that parents should get to decide what content their children, then like me, you would oppose any kind of legislation with this goal in mind.
> ...giving parents fines when their children access 18+ content will motivate those parents to parent their children.
And, like most such policies, will disproportionately impact the working poor.
All regulations, because they cause increased costs, will affect the poor the most, since an increased cost will cause the marginal consumer/producer to become submarginal. That is the choice that is made when regulation is enacted, whether the regulatora recognize this fact or not.
> No, I am just saying what policy will allow the legislators to achieve their goals.
I guess we made a mistake in not consulting the oracle of all legal matters. Very sorry, we will consult you on all future proposals.
Meta is why all these laws are happening. Please reach out to media outlets with this investigation so it can get more coverage. People need to be talking about this.
https://tboteproject.com/
I'm fairly skeptical of the findings, as the majority of the research and writing was done by Claude Opus. I'd be more likely to believe groups like AIPAC are behind this - they have poured a lot of money into online censorship legislation.
I saw this posting from here the other day about how it’s meta wanting to pass the buck to OS and browser vendors a la Section 230: https://web.archive.org/web/20260313125244/https://old.reddi...
It is a stupid law but I feel people are overthinking this.
For compliance the os has to provide an age category to an application and an interface for the user to enter this data. We already have an api to provide information to applications. it's called the filesystem. and an interface to enter the data, that's called the shell. so everything is already there. If the user lives in california and wants to be compliant (wait a minute, let me stop laughing) all they have to do is put a file somewhere with a age category in it. if the application can't find it. well it's not their fault the law is stupid.
Yes people are overthinking.
Actually having a cross-distro way to specify an age group for parental control purposes would be very useful.
If the law starts to change and be about surveillance (which it isn't about _right now_) then distro maintainers will just not implement that.
You are underthinking this.
You described a technical solution to comply with this law. Yes, that's easy. The problem is the legal implications.
I adore their courage. I assume they feel prepared to mount a legal defense? It would seem silly to be this forward about willful noncompliance if they're just hoping to stay under the radar. I can't tell if this is driven by impulsive pettiness with no real plan for how to mount a legal defense, or if they're engaging in a clear-minded legal mission.
> Ageless Linux is a registered operating system under the definitions established by the California Digital Age Assurance Act (AB 1043, Chapter 675, Statutes of 2025). We are in full, knowing, and intentional noncompliance with the age verification requirements of Cal. Civ. Code § 1798.501(a).
They seem to be ready for this:
> Q: What if the AG actually fines you?
> Then we will have accomplished something no amount of mailing list discussion could: a court record establishing what AB 1043 actually means when applied to the real world. Does "operating system provider" cover a bash script? Does "general purpose computing device" cover a Raspberry Pi Pico? Can you fine someone "per affected child" when no mechanism exists to count affected children? These are questions the legislature left unanswered. We'd like answers. A fine would be the fastest way to get them.
Yep, the goal of civil disobedience is literally to get sued/charged/arrested in order to force the issue to be (hopefully) properly and publicly resolved.
I have a feeling they're going to be very disappointed with the actual answers they'll receive to these questions.
On the one hand, I'd love a judge to respond 'yes' to all of these, if only to confirm how ridiculous they are and that a reasonable implementation is impossible. On the other hand, I'd hate for a judge to respond 'yes', because then the enforcement of said ridiculousness becomes vindicated.
These aren't all yes/no questions. And what I'm saying is I think anyone who thinks there's some sort of paradox in answering these will be in for a rude awakening. E.g., "How do you fine someone per child affected?" Idk, maybe the parents that become aware of their children being affected would join a lawsuit, and others would not be parties to the suit?
so many people start asking random questions like these acting as if judges are drooling baboons or something
“What’s even an operating system will this apply to my toaster?” - probably not, a judge would ultimately decide.
That seems pretty annoying for people who sell computing appliances like smart toasters, routers, and televisions, and videogame consoles—do they preemptively start implementing in case a judge decides they are covered? Why not write an easy-to-interpret law in the first place?
Exactly which part of AB 1043 makes you think a "smart toaster" could reasonably fall under it?
I was responding to the scenario set out in the comment I responded to.
> “What’s even an operating system will this apply to my toaster?” - probably not, a judge would ultimately decide.
I am predicting it now: They will not be sued or fined.
The truly aggravating part is that if they really wanted to thumb their noses at the Attorney General's office and get away with it there's a pretty straightforward way to do it: Fork every single project they want to offer through their operating system and thereby become a first-party developer-distributor thereof. AB 1043 is worded in such a way that it really doesn't apply if the operating system developer doesn't provide a covered application store (see 1798.501(a)(1)). This should apply in every other such app store accountability act in every other state (save Texas, since this is the text they seemed to adopt after the Texas law was challenged). Instead, all they're going to accomplish is getting pimpslapped by the Attorney General's office.
Maybe they're interested in performative noncompliance, but I'm not. I'd rather engage in creative and effective noncompliance.
The site makes it very clear that the purpose is very explicitly not to "get away with it", it's to try and get fined, presumably to then challenge the legality of the laws in a higher court.
They argue that they are a coverd application store.
'Definition: "Covered Application Store" '"Covered application store" means a publicly available internet website, software application, online service, or platform that distributes and facilitates the download of applications from third-party developers to users of a computer, a mobile device, or any other general purpose computing device that can access a covered application store or can download an application. — Cal. Civ. Code § 1798.500(e)(1) 'This website is a "publicly available internet website" that "distributes and facilitates the download of applications" (specifically: a bash script) "to users of a general purpose computing device." We are also a covered application store. Debian's APT repositories are covered application stores. The AUR is a covered application store. Any mirror hosting .deb files is a covered application store. GitHub is a covered application store. Your friend's personal website with a download link to their weekend project is a covered application store.'
Yes, I know that. I'm saying this is utterly futile and if they really wanted to accomplish something they'd structure themselves as I described above. If their goal is to highlight the absurdity of the law... they won't actually accomplish anything. The Attorney General is not going to magically decide this was a terrible idea and reverse course. If they want to change the law then this isn't the way to do it either. If they want to ensure business as usual then what I propose is one way to do that.
Generally the point is for these things to go to court to be struck down or otherwise limited. This is a valid and regularly used means to change the law. You seem to think that you are aware of how the legislations definition will be applied, but that is not known until these things are taken to court.
> The child has learned the following lesson: legal compliance prompts are obstacles to be bypassed.
This is a good lesson. What is legal is orthogonal to what is moral and/or good for you.
"AB 1043 passed the California Assembly 76–0 and the Senate 38–0. Not a single legislator voted against it."
Amazing. We the people are not engaged. It really feels like we're at the end of history or something.
We The People are simply no longer represented. Do the math on historic representation ratios and you'll quickly see the first consolidation (long before corporate or bureaucratic) was Representation. We are about 6500 Reps shy of an actual Democratic Republic.
Relevant: https://www.astralcodexten.com/p/last-rights
>not less than 40,000
It was originally 30,000 but was changed, your author is using the updated version.
Additionally, there is another way to change it. The Texas State Legislature. Texas is the only state with Congressional pre-approval to break up into 4 more states. 5 total without the need for congresses approval. Texas breaks up, then California and New York are heavily outnumbered in the Senate as each state gets 2 Senators. Other states will follow and so too will calls to expand the House.
There is a path without state amendment process or congress.
There is no way that this will happen on any Linux box that I use. And this is why I'm an enemy of device attestation and the requirement to register operating systems in the first place, no matter whether it is Apple or Microsoft.
Once the new Poettering startup took off you won't get any choice. SCNR.
I have all the choice I need, I can build Linux from source and I'm old enough to know this stuff will outlast me.
F*ck Poettering. Want to bet that once he's done the damage his company will be acquired for a large amount of money by Microsoft? This is just another Nokia for them.
Looks like you're yet another person speaking out of their ass. There is no age attestation in the California bill. You specify an age at account creation that sites and apps must query. And they cannot fall back on other methods like uploading your drivers license to websites which is rapidly becoming a thing in red states. There is no verification. Just a system that enables your OS to respond to age queries and provide a privacy enforcing acknowledgement. This is in direct contrast to red state laws which require you to upload your drivers license to sites to verify your age. This enables parents who give a fuck to setup accounts for their children which reports their age to apps/websites. No more entering in random digits at random prompts. A consistent age qualifier set by the admin of the system. The websites cannot require further validation. No license uploads or anything else. This is a far better solution than anything else being implemented yet it stirs up far more ire from morons because it's California doing it not Texas. Maybe you'd rather upload your drivers license to access apps and websites. I don't. And I resent ignorant fucks who pretend like having your account provide an age range is so much worse than what everything else is trending towards.
For fucks sake, this would make your life easier. Instead of having to enter your DOB for everything you access, your OS based on your account can just send it. I'm tired as fuck of Steam asking my age even though my Steam account is 21 years old. If Steam and other websites / apps could query the age I've specified that would be far better and less disruptive.
> You specify an age at account creation that sites and apps must query.
The Internet has been a free place for 30+ years and I don't see a reason to change that. I grew up with the ability to access all kinds of content on the Internet, in an unrestricted manner, and it is sad to see that decision makers now want to take this away from younger generations.
We must absolutely resist any attempt at profiling Internet users. Age is only the first step. If people give in now, the next step will be other personal information, and it will also be done in the name of "protecting children" or "catching terrorists" as always. The writing is on the wall.
You grew up without parental oversight. I did too. This is an attempt to give parents the tools to manage what their children see on the internet. I disagree with that parental oversight probably far, far more than you do. I think it should be a crime when a parent indoctrinates their child into a religion. But this is a counter to far worse laws like requiring you to upload your photo ID to websites to get access. This explicitly forbids that sort of privacy violating situation.
> This is an attempt to give parents the tools to manage what their children see on the internet.
You're just gullible.
There is no website that I've ever uploaded my driving license or other ID to, the only place that I need that for is my bank and that's about a real world relationship, not about an online one.
Any website that wants me to verify my age is going to have to do without me, that's just none of their business. What children see on the internet is not going to change because of this, any parent that wants to modify their kids' behavior is going to have to do some actual parenting rather than to rely on gatekeeping technology because kids are far more capable than their parents when it comes to circumventing such restrictions.
The California law is actually the best form of age verification one can imagine. It only requires the OS to let the user to 'signal' their age. In other words, it's more like a checkbox asking if you're older than 18, instead of scanning your face or driving license. It doesn't require a cloud account either. Storing the ages the user inputted in /etc/ages besides /etc/passed and providing an API to read it is compliance.
How is it so bad that we need some civil disobedience movement over it? On the contrary to, UK's Online Safety Act and China asking all online platforms to verify your phone number?
Just because it's easy doesn't mean it's right. Give legislative busybodies the ability to force this little flag into the OS because it's no big deal, and next year they'll say "hey, make sure you only report 18+ if secure boot is enabled" and 5 years later it'll be "hey, you can only report 18+ if one of our Identity Partners has confirmed it."
It's the principle of the matter. The State should not be allowed to compel speech (what code you write) in your open source project. It may sound stubborn but if we don't fight it now it will only grow little by "easy feature" little.
I want to agree with you, but if it's my system and my browser reporting my bracket, wouldn't it be trivially easy to inject an http-header with the age I want to report?
And by "trivially easy" I mean "somebody already posted how-to for windows to stackoverflow"
The problem is not that it's hard to cheat (it's easy), the problem is it makes you officially a liar and liable for "illegal app use".
It might not be a problem for you, but some underage kid, who lied about their age, gets addicted to a game with in-game purchases and gets into financial trouble now has no recourse against the company who made the addicting game.
You see a slippery slope and I see a reasonable compromise. It's a wildly popular opinion that we should control which age groups can use social media[0][1][2]. Do you think these polls are astroturfed? If not, it's clear people want some sort of age verification, and I think California's way is the least intrusive.
And I know someone is going to say 'then we should regulate social media sites to force them to verify the users' ages...' no god please no. Normalizing cloud-based age verification is far, far worse than AB 1043. If there is a principle to be set that should be: cloud should trust local, not vice versa.
[0]: https://yougov.com/articles/51000-support-for-under-16-socia...
[1]: https://www.ipsos.com/en-us/widespread-support-banning-socia...
[2]: https://www.independent.co.uk/news/uk/home-news/gen-z-social...
People, generally, have no grasp of what they really want or what downstream effects of what they think they want look like. They don't know what it would take to effect that ban. In fact, I would speculate that if the same group were asked "should you, personally, have to scan your ID to visit Facebook," you'd see a meaningful shift in responses. (yes, I know that's not the way this particular CA proposal would be implemented, the point is that people are fickle and polls are not a good guide for lawmaking)
I also don't base my principles on the desires of the masses. It's our duty as people who understand the technology to prevent the controversy-de-jour from wagging our dog.
I share your feeling that if everyone did it this way and the world promised to stop making bad, privacy-invading ID laws I could grin and bear it. I don't see that happening, thus I am hostile to it in any flavor.
> They don't know what it would take to effect that ban.
Exactly. This is why if there is no some less evil way to appease these stupid people we'll go all the way straight to the evilest way. Stupid and uninformed people do actually vote.
I'm curious what a poll of public opinion would say about certain demographics in 1930's Germany. Does that seem like a good argument for what the government should and shouldn't do?
A reasonable compromise? With who? Who here is somehow required to "compromise"?
"It's the principle of the matter. The State should not be allowed to compel speech (what code you write)"
What a stretch man. Is banning nuclear weapons a restriction of free speech because it compels speech (the blueprints and specs engineers write).
I think the bigger factor there is that it requires apps to use that, which preempts things like Discord sharing info with Peter Thiel in the name of age verification.
One day ago: https://news.ycombinator.com/item?id=47364591
> Have you heard of the slippery slope? A cornerstone of American political philosophy?
> Arguments like this one are why the authoritarian ratchet continues to turn unimpeded over time.
Compelling any speech or written code is a violation of our rights as recognized by the first amendment of the United States Constitution.
Because people don't have real power, it's all indirect through politicians who are manipulated or paid by professionals.
Democracy should be direct and the gating function shouldn't be age but a test of intelligence, logical reasoning, general knowledge and ability to detect manipulation.
People want age restrictions on social media; this seems like politicians enacting the will of their constituents
This is kind of neat, but the site design is very obviously Claude's handiwork. Has anyone else noticed this very distinctive look, which is a dark mode site with semi transparent cards with a thin less transparent border, maybe ten pixels of border radius... In the last six months this has shown up everywhere. Tools at work look like it. Blogs look like it. It's inoffensive but imperfect, and when so many sites look like it, it starts to look cheap.
Yes! This is very obviously AI. Even in the last week there have been several submissions that have this exact same style. Also, the text on the site is obviously AI, em-dashes and all. I don't have a problem with people using the tools to make stuff, but man...at least say it's generated somewhere.
I wonder if we can get a popular referendum to sentence Meta to capital punishment.
There would be great rejoicing.
You'd get 10-20% at best in favor. People are not even paying attention to what's happening in the White House, they're definitely not attuned to the storms brewing around social networks and their negative impacts.
unironically those pushing for blatantly unconstitutional laws should be charged for sedition and moved to a death penalty state
but that is an American solution, not a worldwide one and this is happening everywhere
would be great if the US provided a safe haven against all of this garbage, because this would essentially derail other efforts and other jurisdictions dead-set on them would have to go full China/Russia/Iran/NK and segregate themselves
To those who don't get it: this law is like the "Yes I'm 18+" button on porn sites.
Every kid knows they have to click that button to see the porn. It's not about keeping anyone out, it's about legal liability (i.e. making it easy for companies to blame you).
In this case, yes, this is probably a violation of the law as it is written. But I doubt law enforcement even notices or cares. You’re not actually doing anything to the kids. Maybe hypothetically you’re not setting/respecting an age flag in a web browser, but that’s the worst thing going on.
So it’s a nice statement but ultimately hollow because the devs aren’t at any real risk of being arrested or fined. This isn’t like Rosa Parks refusing to move to the back of the bus.
Want to make a real statement about software freedom? You gotta do something that makes the normies mad, like making an OS that explicitly helps kids do sports betting, buy drugs, watch porn, and whatever else. Then people will notice, but unfortunately you probably won’t convince them that this law is bad.
Unless Microsoft, Apple, or Google refuses to comply then I think this law is where commercial OSes are headed. But Linux doesn’t really need to worry, because nobody is going to arrest a nerd waving his arms saying, “look at me everybody, I’m breaking the law!”
Until the normies come in droves because their dear leader decided that it’s illegal to speak ill of him on a computer, or whatever drives mass change. The regulations will follow, and they will say what we were doing the whole time is impossible and would never work.
It's a consumer product safety law anyway. It won't be the police knocking down anyone's law, it will be whoever comes after you if you release a product containing 1% more arsenic than the legal limit.
Age checks are 1 million times worse than cookie verifications.
That's interesting that you think whether someone is over 18 is a million times worse privacy invasion than their exact location, full name, browsing history, and date of birth. Can you substantiate why that is?
The former will be mandated by law, the cookie law requires a way to opt out. Why would you not prefer avoiding a privacy violation over a guaranteed one that is smaller...for now?
The former also makes it illegal for internet things to demand your ID to know if you're over 18. They have to trust the setting.
Honestly I don't think it's worth trying to engage with these people anymore. They sat silent while websites were asking for license uploads. They were silent while discord asked for face scans. They are outraged that California is trying to setup a system to bypass more privacy violating schemes. They are either illiterate or they know that this is a better solution and prefer the draconian ones.
Assuming that "these people" (like me?) are "illiterate" and evil and didn't speak out about worse problems because you didn't specifically see them complain in some other HN thread is not a very charitable interpretation.
But I agree it's not worth trying to engage with that kind of rhetoric.
I don't want to give the impression that I don't find the whole direction of travel concerning, because I do, but as I understand it, the requirement is that the system administrator assigns ages to the users on their system. That seems pretty reasonable to me, and maybe even like a good idea in some scenarios. As far as I know, we aren't talking about software that fights against the interests of the system owner - that's the admin. In fact, I think this might be a feature I would even want.
Imagine your kid not being able to click "Im over 18" on a porn site, because Chrome read /etc/age and ratted the children's account out.
Imagine your kid not being able to buy cigarettes easily because it can't pass an ID check at the convenience store.
For most parents, this is actually nice-to-hav e. For the HN crowd, it's a doomsday scenario full of dictatorial government control.
> but as I understand it, the requirement is that the system administrator assigns ages to the users on their system. That seems pretty reasonable to me, and maybe even like a good idea in some scenarios
Does it require exact age, or just a flag >=18 vs <18? It seems like this could be trivially met by something like a file /etc/userages, where if a login is missing from that file, it is assumed they are >=18 - and a missing file is equivalent to an empty file
> but as I understand it, the requirement is that the system administrator assigns ages to the users on their system. That seems pretty reasonable to me
Why would it be reasonable for a government to use the power of law to enforce the design of an open source operating system developed by an international consortium of developers? The very fact they are even considering this is extremely suspicious.
It's a shim for a legal requirement to tie TPM to your license and then to all online activity and computing.
I’m glad some people see this because the number of “oh but it’s just a small legal requirement they’re imposing” is nuts.
LLMs have really made pushing out protest websites easier recently, hasn't it.
We've seen tonnes on HN recently
I honestly think the pushback against the California law is a mistake. We are being presented with an increasing number of services demanding identity verification, in the form of ID verification and/or video verification. California is offering an alternative to that, an alternative that only requires you provide your age, without verifying it.
If the California law flops, the result isn't going to be no age verification. It's going to be increasing numbers of internet services requiring that you verify their identity with them through some shady third-party you have no control over, until you effectively can't use the internet without giving away your ID.
I'd prefer to have no age verification, but it's pretty clear that's not an option. People in power are using minors accessing porn and social media as a cover to push age verification, and it's believable enough that people are going along with it. Approaches where someone attests their age on an OS or account level are our best shot at disarming this push.
Hell no. Burn it to the ground instead and make an embarrassment out of the illiterate politicians. Nobody voted for this. Nobody wants it.
Tarring and feathering was once acceptable. Shame it's out of style.
No one seems to be actually doing that.
> out of style
a bunch of viral tiktok videos could bring it back pretty easy.
> Nobody voted for this. Nobody wants it.
That's just not true!
There's like... one or two people that really, really want it.
They're also rich and powerful.
You're not, and we are not.
Hence our vote simply doesn't get counted.
Or, did you have a different, cutely naive view of how democracy works?
I’ve fallen prey to too many people at the top of slippery slopes offering “gentle pushes”. The end result is always the same. If I’m to go down one it will be kicking and screaming not silent as a lamb.
The thing is, I think these are distinctly different approaches. Mandating that OSes collect a provided age and that websites/software collect and use that is very different from making sites liable for providing various types of content to minors. The first one is basically standardizing parental controls. The second one is already happening and results in ID verification approaches. I really, really do not want the second one, and it is already happening.
Why was my comment flagged next to this one?
Jurisdictions are already lining up to slide down the slope as fast as they can. New York intends to mandate real verification and anti-circumvention measures at the OS level. There is no room for compromise: any jurisdiction attempting to compel what must be included in an OS is batshit insane and normalizing this is going to very quickly lead to JesusTracker.exe being mandated by Texas and CrocCam.exe by Florida.
Contrary to your belief that if we just give them an inch they won't take the full mile, I think it is very important to get people rallied against OS modification altogether. If you take a murky position like "a little bit of age verification, as a treat", and sell people on voting for that / not protesting it, all you're doing is priming the average person for accepting age verification no matter how invasive. Average Joe isn't going to understand the nuances of when age verification may or may not be tolerable, nor is Average Joe going to understand the nuances of when compelled software inclusion may or may not be tolerable. If we want to get millions aligned in the same interest, the message needs to be extremely clear and straightforward, communicating exactly how bad of an idea it is to let each and every jurisdiction compel their own form of surveillance into your OS.
Average Joe thinks age verification is already palatable. Average Joe is happy to give away a photo of his ID. The alternative to OS age attestation isn't no age verification. It's almost every site, and every piece of internet-connected software, demanding your ID.
Putting your age into your user account is not the same thing.
> Average Joe is happy to give away a photo of his ID.
I don't think this is actually true. Discord walked back its implementation of global age verification for now because it was protested so heavily. Governments can get away with mandating ID for porn sites and Average Joe will not make a ruckus about it because it's a shameful/embarrassing topic they would rather sweep under the rug, but I don't think Average Joe is on board with ID verification to use their computer just yet.
Discord's still doing it, they just delayed it and will supposedly be offering other verification options. They still amount to identity verification, and the noose will be tightened over time.
Discord is going to try again later after waiting for the backlash to die down and seeing if they can massage the PR better, yes. The point is that Average Joe did not want it, so they have to take such measures. You asserted that Average Joe is happy to hand over his ID, but this seems clearly untrue. Even if Discord does do it later, I doubt it will go down happily.
Then we don't use those services and then they die. The world isn't Instagram. There have been decentralized channels for literally decades.
I don't really want the free internet to be relegated to onion sites and a hypothetical mesh internet. As things stand, every service is going to either tightly control content or adopt age verification because the alternative is being taken down by governments.
Too bad, so sad. That's the entire reason onion exists. The public web is going to get increasing enshittified and you can either use Tor or get used to staying on Facebook with Grandma sharing cakes alongside 60 ads.
Hear hear. Clearnet is becoming television, sadly.
these laws are feckless and unenforceable, maximal non-compliance will expose that the destiny you're describing only happens if you willingly accept it
do not comply do not pay the fine idiot geriatric lawmakers have no power over what you do with your computer
They have plenty of power over what website operators and ISPs do, and I rather like the internet.
No.
I do not want an "API" in my OS to reveal information about me. I do not want this to operate without my consent. I do not want to be limited from accessing certain sites because I refuse to implement this.
No age verification at the OS level. If Meta needs to verify ages for their _profitable_ business, that's entirely _their_ problem. Get your hands off my equipment.
It's not OS age verification. You put in an age. It does not check whether it's real. It does not ask for an ID. That will get provided to app stores and probably browsers. It should be possible to spoof, too.
The primary use case of this, in my mind, is so that a parent can give their kid a PC and set an age on the user account, and that will result in them being unable to access a variety of content. Same thing for phones.
You are already being limited from accessing certain sites, because those sites are going to ask you to provide an ID. This is an alternative. It frees sites from having to request an ID to verify ages, because the age signal from the OS is legally sufficient. If I'm remembering what I read, it actually bars them from trying to determine your age in other ways.
edit: also, the signal passed from OS to software isn't even your age, it's one of four age groups. three under-age groups, and one adult group. It's not even meaningfully de-anonymizing!
> It's not even meaningfully de-anonymizing!
Until I poll the API every day until the bucket changes and now I know your exact birthdate. This law is not well-baked.
That's only going to apply to children, since there's only one age group for adults. There are definitely ways to solve that, too. It's not perfect, but I much prefer it to laws that force websites to ask for ID, or laws that do the same thing by making websites liable for children accessing them.
> It's not OS age verification.
The law specifically says your OS has to implement this API. It burdens my OS vendor with adding this. In this case, that's me, since I roll my own linux.
> That will get provided to app stores and probably browsers.
And how will they behave when my *OS* decides not to provide that signal? Which is what's going to happen since there's no way in hell I'm playing along with this garbage.
> is so that a parent can give their kid a PC and set an age on the user account
You're telling me there isn't any software which does this already? That are no third party packages a parent can buy to achieve this? Aside from that you're missing the blindingly obvious, without an audit trail, none of this matters. The third party software can actually do that. This cockamamie nonsense can't.
> You are already being limited from accessing certain sites
Oh yea? Which ones? From my perspective this has never happened.
> because those sites are going to ask you to provide an ID.
That's on them. That's a choice they have to make in the market. Perhaps that will allow a competitor to provide the same service, with better safety, and no ID checks. I will refuse to use any service that requires this.
If you have to show your ID to enter, that's a seedy place, and no where children should even be near. Why does social media need the same restrictions as pornography, drugs and hard liqour? Why is facebook even trying to profit off of this gap?
> If I'm remembering what I read, it actually bars them from trying to determine your age in other ways.
I believe you have remembered incorrectly. Please show me where this is a part of actual law. Then please explain to me why this is a good thing.
> the signal passed from OS to software
That's the problem. I don't care what it conveys or of it's "de-anonymizing" or not. If the software wants to know it can ask me directly. I don't want a law that requires my OS to provide _any_ information about me. Full stop.
It's just not _meaningful_. It does nothing. It does not protect children. It lets seedy backalley social media networks to profit off of their corruption. This is morally bent.
> Why does social media need the same restrictions as pornography?
this one is easy, as a parent I would rather have my daughter watch 10,000 hours of pornography than spent 1 hour on social media
Well, now I've seen everything.
You have posted wrongthink.
Apparently, yes.
Reminds me of the DeCSS T-shirts [0] and the Penguin Liberation Front [1]. That logo was so cool for 16 years old me.
[0] https://en.wikipedia.org/wiki/DeCSS
[1] https://es.wikipedia.org/wiki/Penguin_Liberation_Front
1. By involving Debian prominently in its stunt, is this drawing fire upon Debian?
2. Are the pile of assertions they're making (which sound like legal arguments and stipulations to me) against Debian's interests?
Debian's interests, whether they know it or not, is for the government not to be able to mandate what features must be present in their open source software. They should be happy to have such a vocal advocate involved in this important fight.
Scene. Ext. Town street. Night. Invader military vehicles patrolling, announcing curfew through loudspeakers.
TEEN: *runs at invaders* Hey, you thugs! You can't make me obey! I support Bob, over there! *points at Bob's house*
THUGS: Grrr! Thugs smash!
BOB: Please! I have done nothing! I don't know who that teen is!
JOE: You should be happy to have such a vocal advocate in this important fight.
NARRATOR: Ironically, Bob and Jane were quietly plotting strategy and tactics for the Resistance. Until they and their children were dragged out into the street that night.
Nice, but in this case the advocate is open and willing to take the heat himself, even encouraging it.
The teen was also sent to the prison camp.
This doesn't meaningfully increase risk to the Debian project, which is already one of the most prominent Linux projects.
The law is absurd. We should not discuss compliance to absurd laws.
I think this falls under what lawyers call "being cute"
All of Linux should do this. Add to T&C that it cannot be legally used anywhere that requires an age check. Then have the big distros enforce it. See how long Silicon Valley lives with no Linux.
Seriously, we in the tech industry can help stop this 1984 stuff.
The problem is that organizations providing infrastructure (such as message exchange, money exchange, physical entities exchange) are allowed by law to manipulate the stream, heavily advertise, provide credit etc all kind of scum. Depriving children from writing a message to parents and friends is nonsense. Exposing them to these for-profit organizations is questionable. But that is also questionable with the grown ups.
maybe its being done by the people lobbying for the OS-based ID malarkey, so they can have something to point at and jump up and down
I may be missing something obvious but, what happens if people just lie about their age en masse?
That's not the problem this is meant to solve.
You can give your kid a cigarette, a gun, alcohol, heroine and the car keys.
What this enables is to set up a children's account on Linux.
Then they will up the ante to require age verification at the hardware level, using this bill as precedent, and all the people cheerleading this bill will say “what’s the big deal? You show your ID all the time! You can’t drive without ID!”
Everyone wants to find out your age now.
How about "age-agnostic Linux"? Just work?
Notice how it's just accepted that, while burdensome and of dubious necessity, sure, the government can mandate that all software providers, and soon all websites (at least those that support user-generated content) perform rudimentary age verification, which everyone assumes will eventually become government id- or biometric-based age verification.
But suggest banning industrial-scale generative AI--which facilitates fraud and ID theft, and whose voluminous, spam-like output is fast drowning out actual humans, much to the chagrin of advertisers and those tech companies deriving much of their revenue from advertising, which is what I suspect is the real sudden impetus for these laws--and people act like you're either crazy or an authoritarian.
But banning OpenAI/Anthropic/Gemini would fix a lot of this. It would also reduce the burden caused by AI scraper DDoSing, and make computer hardware cheap again.
> But banning OpenAI/Anthropic/Gemini would fix a lot of this.
I doubt that anyone authoring these laws even thinks about the two concepts on the same day. I think these issues are totally separate.
> I think these issues are totally separate.
You don't think the timing is suspicious?
I wish iOS 26.4 didn't bother because I'm stuck with an immovable "verify you're 18+" flag[0] in Settings even though it was well into the previous century when I was even near 18.
[0] I have no credit card and it won't accept debit cards. It also won't use the fact that I've had an Apple account and spent 10s of thousands in my own name at their damn shops, online and real life, over the last 2 decades (and Apple/partners have done at least one credit check on me in that period!) But that's fine, there's an alternative! A driving licence (don't have one of those either) or a national ID (also don't have one of those.) Can I use my passport? NOPE. Absolute farce.
You should hope the California law passes, because it'll be illegal for them to verify you're 18+ instead of just asking you whether you're 18+.
Are you referring to the law that the California governor signed five months ago?
Horrible take.
I'm so glad I grew up in an age before all this bullshit, when I could do all the same things on a computer an adult could (and frankly, more). I never would have developed the knowledge and skills that led to my career in such a stifled environment as we are setting our kids up in today.
I don't think anyone is trying to prevent kids from gaining knowledge and skills while using the internet on a computer. The kids can develop all the knowledge they can handle and more ... This (at least in theory) is about protecting them from dubious characters and services online .. just like you would want you local police protect your child if they walk to the store at night from dubious characters lurking in the street. Your kid can learn python and become a world leader using the internet and do fine, without accessing torture videos or sleazy markets to buy speed from online. And just like the cop will not always be able to see your kid buying drugs on the street because they might be hiding deliberately from the said cop.. the same may happen online.. and the kid might choose to go on sites by hiding their real age .. and go into a lot more of a psychological damaging enviroment than the back alley offered. The oversight is never perfect.. but it is a mental checkpoint that can steer a kid by at least showing the right path.. choice is always theirs. Now.. that this subject is being used by corporations for other reasons.. yeah. That is another debate. But we shouldn t cast stones at a rule just because it may be misused. Instead just work on it . Or hold the misusers accountable.. not the law.
Great analysis that traces these laws back to Meta:
https://www.reddit.com/r/linux/comments/1rshc1f/i_traced_2_b...
The intent behind these laws is noble, but the implementation shows the deep-rooted corrupted nature of law making in these jurisdictions.
That said, the failure is shared evenly with the tech industry's refusal to work with governments to implement viable solutions.
Legislators favor their corporate benefactors, the tech industry favors its ideologies and freedom of developers and engineers. But who looks out for the regular individual? Who is making sure their interest is enforced first and foremost?
Consider these facts (and correct me if they're wrong):
1) it is possible to issue hardware to the public that verifies to computers and internet services alike the age of the bearer without disclosing anything else about the bearer.
2) Age verification laws for other things like drinking, smoking, and gambling all primarily require the seller to authenticate that the person has authentic identification, and their age is lawful for the activity.
3) The secure method of authenticating users requires MFA, a FIDO2 compliant device like a Yubikey is the most secure means of the 2nd factor of authentication. It requires knowing a secret, and physically touching the device.
Knowing all this, it is possible to issue the public devices that receive a challenge from a government operated server, require the user to tap on the device, and then enter a pin to respond with a signed version of the challenge, to verify they possess the device. The device could be sold or given to the public without any registration, the only thing required would be showing and verifying your valid ID at the point of sale (from a government office ideally).
This is just one solution, but the burden could be passed onto the government, and the tech industry to implement solutions that work with that.
If we had that, I wouldn't agree with it, but I would also not have a problem with requiring insertion of an age verification device to start installing Linux -- of course the installer wouldn't know it's in California, it would rely on the people installing it to tell them it is. And when selling devices in california, by default they could require inserting this device to proceed, but I see nothing preventing users from installing their own custom OS lawfully if they too the device elsewhere, and how can the device tell it is at "elsewhere", even if it has a GPS there is no law requiring GPS to be turned on for that purpose.
---
The key thing you should all consider is that this is the will of the people to the most part. Most people agree that access to tech should be age restricted, although to what degree is a different story. This isn't the 90s, using an OS is not a novel or special thing you do, it is similar to driving a car except we depend on these devices more than cars!! Things the public depends on, things a country depends on, will always require regulation of some sort.
Forget about what it was like for you in your nostalgic days of experimenting with Linux or whatever. These are not those days. this is happening. if you can stop age verification laws, please go ahead, you have my full support. But I don't see that happening. We will get shitty situations where third party companies bribing politicians collect our physical ID scans, and we'll be forced to not only disclose our identity to everyone and their mother on the internet, we'll be forced to let these 3rd parties and the government track every site we visit at this rate.
Corrupt lawmakers are one half of the problem, technologists refusing to adapt and make best of the situation and propose privacy preserving solutions is the other half. I'm glad so many are willing to go all-or-nothing and die on their hills, but there is no reason they have to drag everyone else with them.
large print and I'm in
I feel like I need to read the prompt to understand what this website wants me to download here. What is it installing? What is it promoting?
It's obviously vibecoded; the prose is uncanny and grating in a very characteristic way. Easiest tell is how it names the "three device tiers" like a millennial burger joint started by "two crazy guys with a dream".
It's shocking how few people here seem to notice it, you would expect people using claude et al all day could feel the distinct smell of slop.
It took me a bit, but the choppy, repetitive sentence structure eventually became apparent.
Also the theme. Claude makes sites with this color scheme and layout by default.
Well, the device tiers could be an intentional joke also
I think it just wants to invite a lawsuit
it's basically the government said "no asbestos in food" and some contrarians set up a website selling asbestos food, except not really because they don't have a product.
> it's basically the government said "no asbestos in food" and some contrarians
it's actually the government saying "you must include salt in your food" and a few people who cook dinner at home and don't care for salt set up a website teaching you how to desalinate your... (well, there's no direct continuation of the metaphor here, but the point is it's very important that this is not the government banning a developer from implementing something, it is them mandating a developer implement something. That's far more troubling than an "asbestos ban" as in "your open source project must not fry the computers it runs on," which is equally questionable in light of "no warranty expressed or implied" but a totally different ballgame from "this API is required")
I can not help but think that this is performative AI slop
We get it, you’re against the government and big tech
This is real, we will not comply with authoritarian laws that nobody voted for. Seriously.
I agree that measures like this, in which some character willfully finds practical ways to challenge a law, may faster lead to it being forcefully looked upon and probably amended. I also agree that age restriction software implementation may open the door to more tolerance regarding social control (under certain administrations). But as with most subjects that transcend borders and are multifaceted by nature with respect to any approach meant to deal with them, the age restriction digital regulation is prone to become a hard problem. There is the moral aspect that a child should be prevented from the worlds harm until the age of maturity because neurologically they lack the mechanisms that help them discern the world on their own, thus needing external support. There is the problem of the controlling entity, the enforcer, the authority, which is not impeccable. There is the problem of the speculator entity which hijacks the situation, creates certain narratives based on mass perception and may drive the process towards their own personal interests. There is the ideological perspective that only operates based on its underlying rules and filter every decision according to its ideological convictions. And this list is probably not exhaustive. So I think an appropriate angle to tackle this (or anything) is the balanced view. Which is hard. But from my current understanding: the law itself is well intended, just like a cop is put in the street from the good intention of protecting citizens, but just like the cop can turn bad... the entity enforcing the law can also. But the law itself.. is inherently a good point. A psychologically healthy point. A child should be .. somehow protected from situations in which, in lack of discerning, will almost always choose the bad option that is being offered... just for testing it, if not for anything else. So parents have rules, schools have rules, etc.. and no, they are not perfect. Nothing is. Should we give up on rules or the creation of new rules, just because they are not perfect? Well, in my opinion, that is precisely what a child would say, when presented with a new rule that does not entirely suite them. And that brings in the psychological argument. A mind that rejects a car seat belt simply because they don't want to be told what to do, and lack the perspective that it's simply a protective measure, which is ultimately imposed because of the lack of education characteristic of the individual rejecting it... is simply that.. an uneducated mind. Which in psychology means the individual has a mental age that is smaller than their biological age. So it boils down to education. But education starts when we are 0 days old. From parents, neighbors, schools and government... they all have to do their part. Each one. But when the parent does their job, the child complains... when the school does its job, the child and sometimes (more often I'd say) the parent complains... when the government tries to do its job, the parents, children and schools complain... so isn't this the perfect ouroboros. Now on top of this... the speculative entity comes and takes advantage of the situation. It manipulates narratives and entices the participant groups at each other's throats, steering the outcome for personal gain. This is all an entanglement that cannot be easily solved. It is human nature at its best. The perfect paradigm does not exist. So I guess the answer would be... what lesson can we gain out of this... (and this is with respect to every one's own perspective). I for one would welcome initiatives that try to protect, steer and show a righteous path.. even if the initiative is distorted by exterior forces, and try to work with it, iterate on it and implement it as best we can... as opposed to no action at all out of fear that the same exterior forces will act against us.
cool
I like the idea, and hope that they are ready to challenge the law. However, the text in this website has a very distinct Claude feel to it.
Some people are being played like a gosh dang fiddle.
Y'all are so pavlovian that you see Zuck/Meta and instantly rage.
The alternative to OS based verification isn't no verification. It's cloud-based verification
The cloud verifiers have all the interest in the world to making you hate the idea that this problem could be solved at the OS level without any third party involvement
Arguments for the lesser of two evils are just wrappers for slippery slope logic. The actual alternative is to pass air tight privacy laws that restrain the growing power of control systems.
It's not a slippery slope if it's already slipped. In over 20 states you have to do age verifications with online companies in order to do "adult" things online
Exactly. And the funniest part is that when Steam implemented cloud-based verification for UK compliance, many people on HN suggested that the correct approach is to verify on hardware/OS level.
Not by legal mandate! And especially not a universal one that applies to FOSS!
If legislators want to create some kind of legal category of child friendly device and put requirements around it, maybe that’s ok. Until they attempt to ban, restrict, or otherwise inconvenience non child friendly devices, and I guess I no longer have confidence that they won’t attempt that. At this point I’m only in favor of market based solutions and IDGAF if that fails.
Our country is apparently incapable of intelligent, fair legislation, and it’s going to be the end of us as a society.
> Not by legal mandate! And especially not a universal one that applies to FOSS!
How the fuck do you think these sorts of standards are created? The companies involved aren't going to do it out of the goodness of their hearts. That doesn't exist. So you've got multiple competing private standards which are all more privacy invasive or an option when you setup your account to specify an age that is reported to anyone who asks and is required to be accepted as true. The alternatives currently are uploading your photo ID to random websites to get access. And you think that's a better solution?
We're just antisheeple who'll go for the opposite of whatever our flock leader says.