Apparently this will include Linux…
You must log in or # to comment.
They uh do realize busybox and BSD underpins nearly everyfuckingthing right? Including network stacks. So fucking stupid.
I saw the developers of MidnightBSD state that they are going to block users in California when this law gets put into place. I hope that more OSs do the same. Especially Windows, it could be devastating to California’s economy and make them, along with other states and countries, reconsider their decisions on age verification.
I don’t live in California but I’m interested in seeing if there are any other OSs that will be blocking California users. I’m probably fine to just continue using Linux Mint but I’m open to trying other distros/OSs in order to participate in this protest if Linux Mint doesn’t.
In my opinion, it is foolish and shortsighted of these developers to just block the state and move on. (I do live in Cali but hear me out)
Whether people like it or not we are stuck with this law now. A law that leaves all of the implementation details up in the air. The big corporations, Microsoft and Apple, are not going to be pulling out of California. Do we really want to leave all the power to determine how this system works to them? Leave the 4th largest economy in the world entirely in their hands?
If we ignore what is going on here then we will give up our chance to even propose a minimal acceptable solution to this law. One that does not require ID or face scans.
I desperately hope that the linux foundation is taking this seriously and is already looking at implementing a solution.
This law aims to place at least some of the responsibility back onto the parents that allow their children to run wild on the internet. Is the law perfect? Absolutely not. Would I repeal it if I could? Yes, of course. But this is the hand we are dealt.
(also it is midnightbsd)
I know that we do need better regulations for protecting children online but I don’t think we’re ever going to get that. It seems like the government that we have now just wants to have full control over everyone. In fact, the FTC made a statement saying that they’re basically giving companies a loophole that allows them to partially ignore COPPA, which is one of the best protections children had online. It’s obvious that they have no interest in protecting children online, if they’re making statements like that.
I mean, it’d suck for all of us outside of California to have more surveillance just because y’all have that law, and it’s absolutely not really about protecting children, it’s about surveillance
How will this affect enterprise systems with remote installs or ramdisks?
Please explain to a complete doofus how can someone enforce this?
Cant they just download any linux distro from millions of different places and install them on any machine, even offline?
The law only penalizes instances that affect children. So by circumventing this law does not mean you would be charged with any fines. But if you circumvent it and your child uses the device then you would be liable no more than 7500$ (since in this case it would be an intentional violation).
I am not a lawyer. This is just what I understand the law to penalize.
OS providers and developers are also not liable if you set an incorrect age for your child intentionally or by mistake, only you would be.
But if they flaunt this law (do not try to comply with best effort) then they would be liable for each affected child.
Edit: sorry this didn’t exactly answer your question. How they enforce it would be that it is tacked onto other charges from what I understand.
Edit 2: oh and children can’t be charged, only adults (18+).
Bios are becoming more and more locked down, that’ll be the next thing, at the tech lobbyists behest.
soon we will need bootloader unlock exploits (or the blessing of our overlords) to install anything other than the stock os, not unlike android and chromebooks.
we desperately need to break free from US tech.
In essence, while the bill doesn’t seem to require the most egregious forms of age verification (face scans or similar), it does require OS providers to collect age verification of some form at the account/user creation stage—and to be able to pass a segmented version of that information to outside developers upon request.
So you just fake a date and call it a day… thank you Cali…
For real though I can’t imagine the sysadmin and docker nightmares that arise from having to completely overhaul your account orchestration scripts to input a garbage birthday.
I don’t think anyone thought of the fact that an account on an OS doesn’t always correspond to a human.
The law only specifies “computer, mobile device, or any other general purpose computing device.”
Which is extremely vague. It appears that the intention was to just affect end user devices. Not specific purpose systems.
Gotta love it when people who have no understanding of how Linux works writes laws about how Linux should work…
The law only specifies “computer, mobile device, or any other general purpose computing device.”
Which is extremely vague. It appears that the intention was to just affect end user devices. Not specific purpose systems.
It goes way beyond Linux. Think any device that could download something at some point. Gas station pump, calculator, FreeDos, VxWorks, etc.
There is a lot of language like “or can download an application”, so if you can download something, then that thing could be an application, and thus that device and it’s OS is covered.
And every point of sale system everywhere
I have never internally facepalmed harder in my life
I have genuinely no idea how that could work.
I believe I get the genuine intent (protecting children) but I have so far never encountered any device or software or both that didn’t relatively easily bypass user authentication.
The closest I’ve tried are (expensive) XR headsets like the Apple Vision Pro or the Microsoft HoloLens both thanks to eye tracking. Basically for these you have to validate you are who you claim to be when you put the headset on. If you remove it, put it back (or on someone else head) you have to do it again. Nobody else (unless you explicitly share) can then see what you are looking it.
Every other devices I’ve seen, including mobile phones with banking apps, typically ask you to authenticate then assume than you are the one who keeps using the device. Meanwhile anybody else can grab the device from your hand and be “you”. Typically specific action (e.g. password change) do require to authenticate again but “normal” usage does not.
I have genuinely no idea how that could work
It couldn’t. It’s political showboating.
I don’t care if there is a package called gnome-age-verification distributed in my linux distro and would prefer it if it means fewer sites with facial biometric tests. If I have concerns about the age verification, then I should be able to type:
sudo dnf remove gnome-age-verification
California probably wants it in linux distros so that linux can’t be a justification for big tech still demanding Orwellian stuff in every website (ie “but what about the children who use linux? we need to protect them with Persona too!”)
But where would it stop? The hell version of this would be kernel-level-approved-AI-agent-checks, with an OS required to have an approved AI agent with a validated third party key that reports to the government with required telemetry and the kernel makes sure the OS won’t run without the approved AI and then makes illegal any scripts for unapproved kernel code modification. And post-Tornado cash, we know code is unfortunately not protected US speech.
env USE=-fascism emerge -ave worldDoesn’t even make sense. Virtually all Linux distros can function completely offline. How do you do age verification completely offline? Classic politician who doesn’t understand tech trying to look like they’re doing something to save the kids.
"(1) Provide an accessible interface at account setup that requires an account holder to indicate the birth date, age, or both, of the user of that device for the purpose of providing a signal regarding the user’s age bracket to applications available in a covered application store.
Sounds like it’s a text box that enter input into. Making it completely pointless.
According to Gabe Newell, something like 90% of steam users were both on 1/1/99 (might be fudging the numbers somewhat but presumably you get the idea).
They will make it a crime to not have any OS that is not compliant, that simple.
The only platforms for now where this might work are Windows, macOS, iOS, and stock Android, however as Muta hypothesized, if this extends to hardware-level, a law could just mandate SecureBoot and lock out the ability to implement custom keys, and then only allow a short list of state-approved OSes to boot on the hardware, which no doubt Windows would be on that short list.
Similarly, all non-Apple mobile devices as an extension to that could be locked exclusively to stock Android, eliminating custom ROMs like LineageOS or GrapheneOS as an option entirely, let alone mobile Linux distros.
Me, buying cellphone parts from another state to assemble myself like an 80% lower to avoid having to drink a Verification Can every time somebody calls me:
I think I just invented the concept of a “ghost phone”
must be between the ages of 13 and 65 let’s go ahead and set it to retirement age
Can this be circumvated saying it’s distribution rather than OS ? 🤠
Or just refusing to run servers in California. Much like the US DRM encryption restrictions of the 90s. Where the whole Linux community just had distributions required parts of the download to happen in non US servers.
A single, (although big and very active in Linux) state, will always have more limitations then a nation. The issue comes if it becomes US national. And then the US starts pushing other nations to sign agreements.
Given at some point trumps harm to all international treaties will likely be repaired. Their may come a huge opportunity for US politicians to renegotiate international treaties.
Assuming trust is ever returned.
distinction without a difference - lawmakers won’t care
No more than gun laws can be circumvated by referring to firearms as ‘high energy shooting implements’
Define “Operating System”…
I guess my washing machine & car are also going to be “not for use in California.”
Those Cisco switches & Broadcom DSLAMs would be tricky too … I guess the internet’s “not for use in California.”
And the air-gapped power station control system? “not for use in California.”
It is annoying that these laws come in (I’m also including magical thinking about encryprion backdoors for “the good guys”) without any form of real-world, practical assessment. Complete waste of tax payers money and undue stress for everyone.
FFS.
Imagine you’re not allowed to use your washing machine if you’re under 18.
of all the shit out there, that’s what needed attention?!
Curious for what it’s a distraction, eh?
“At þe account creation screen” þe WHAT NOW? ah yes cause linux definitely has an account creation screen. Could be a loophole
Spotted the thorn þ enjoyer!
Real connoiſſeurs uſe the long s.
My linux has no screen.
That’s the problem. They don’t care if you have a screen, they need the screen.
The regulation also mentions an APP STORE
