The Engineer Who Tried to Put Age Verification Into Linux
sambent.com/the-engineer-who-t…
The lasting damage was knowing it could happen at all: that a single contributor with no stated organizational backing could submit compliance infrastructure for surveillance law directly into the software that boots your computer, get it merged by two Microsoft employees, and have the creator of systemd personally block the removal.
The Engineer Who Tried to Put Age Verification Into Linux
Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert.Sam (Sam Bent)
reshared this
⁂ Fish Id Wardrobe
in reply to Khrys • • •we like to think of FOSS as some sort of anarchist collective°. it never has been.
it's run by a series of people with absolute power, for the most part. the benefit is that it's a lot of tiny dictators rather than a few big ones; that in theory anyone can become one, you don't need to be rich; and that these dictators tend to have technical knowledge.
but they can still be arseholes.
° i mean, we might not CALL it that.
Lazarou Monkey Terror 🚀💙🌈 reshared this.
Lorraine Lee
in reply to ⁂ Fish Id Wardrobe • • •reshared this
Lazarou Monkey Terror 🚀💙🌈 reshared this.
⁂ Fish Id Wardrobe
in reply to Lorraine Lee • • •@lori i've recently been thinking about — and this is beyond my skills, so i should really say "fantasising about" — some sort of common retrocomputing platform, maybe based on an esp32 or something, which is completely incompatible with commercial computers and so can't be used commercially.
but it would also be missing all the spy-firmware (minix in the cpu, tiny computers in usb plugs etc). maybe we could start our own replacement for the internet!
… yeah, right. sorry.
0x0
in reply to ⁂ Fish Id Wardrobe • • •@fishidwardrobe
Open hardware would be incompatible with modern day commercial aspirations.
Coupled with FOSS of course.
#ESP32 is more for IoT than regular computing – but you can use it for #meshcore (and other #LoRa-based projects), wish is an interesting, albeight very basic, alternative to common (controlled) networks.
@lori @Khrys
⁂ Fish Id Wardrobe
in reply to 0x0 • • •@0x0 @lori folks are, amazingly, building tiny computers that run python or basic around esp32. surprised me too!
you need another chip to handle vga, and some external static RAM, it appears.
here is a project emulating i386 that runs windows 98! on an esp32!! hackaday.com/2021/07/28/emulat…
Emulating The IBM PC On An ESP32
Lewin Day (Hackaday)0x0
in reply to ⁂ Fish Id Wardrobe • • •@fishidwardrobe
It really says a lot when we can use low end hardware (for today's standards) to run simpler software that suffices for most tasks.
Maybe RAM prices will bring that ingenuity back.
@lori @Khrys
⁂ Fish Id Wardrobe
in reply to 0x0 • • •@0x0 @lori i'm old enough to be certain that i, for one, do not need the power of a modern computer – given the right software.
something between a BBC Model B / Acorn Electron and a 386 would be just fine.
Brad Macpherson
in reply to ⁂ Fish Id Wardrobe • • •@fishidwardrobe @0x0 @lori The Motorola 68000 powered a generation of pretty awesome machines, I'd happily fall back to my STe as a daily driver for most tasks if I won the Lotto.
(Of course I would have to be paying the idiot tax for that scenario to have any possibility of happening 😂)
Lorraine Lee
in reply to ⁂ Fish Id Wardrobe • • •Everything I do other than surfing the web I could retrocompute. Both of the two (2) viable web layout engines are bloatware because the web standard is bloatware.
astoundingteam.com/2020/04/21/…
⁂ Fish Id Wardrobe
in reply to Lorraine Lee • • •maybe we should start a thing where we bring back "this site best viewed in Netscape Navigator"…
edit: for some reason caniuse.com does not list this browser.
0x0
in reply to ⁂ Fish Id Wardrobe • • •Or switch to #gemini or #gopher.
@lori @Khrys
⁂ Fish Id Wardrobe
in reply to 0x0 • • •Shinra
in reply to Lorraine Lee • • •0x0
in reply to ⁂ Fish Id Wardrobe • • •I'm glad most tend to be BDFLs.
@Khrys
⁂ Fish Id Wardrobe
in reply to 0x0 • • •Martijn Vos
in reply to Khrys • • •@Khrys
I don't understand what the fuss is about. This is exactly the right way to comply with that law: an optional birth date field. You don't want to have to submit an idea to your OS or implement facial recognition, and you certainly don't want to tie account creation to external services for those things, but now parents can fill in the birth date for their kids, and everybody else can ignore it. This kind of thing needs to be in the hands of parents, not external companies.
So I don't really see the problem here.
Martijn Vos
in reply to Martijn Vos • • •@Khrys
What the hell is the issue here? Do you need to be a member of an organization to submit a PR? And if the lack of organisational backing would be a problem, why is it a problem that the people merging it do work for an organisation? The only thing that matters is that an official committer approves it.
This whole article sounds like pointless fear mongering. If there's anything else to it that I'm missing, I'd love for someone to explain it.
draeath
in reply to Martijn Vos • • •let's take it a bit further too. Nobody uses a pre-built systemd straight from upstream, every distribution is building and packaging it.
This seems very trivial to patch right back out and/or put behind a define. (I would actually be surprised if it wasn't like that, to make compliance with different jurisdictions easier).
This is literally just an additional field for dbus' consumption, right? Tempest in a teacup.
Jules 🍺
in reply to Martijn Vos • • •I do, it was done unilaterally without discussion.
Even if it was technically correct and maybe we need to look at this, a single person making the decision and forcing it into the code is not the way this should be done.
Martijn Vos
in reply to Jules 🍺 • • •@Jules 🍺 @Khrys
But no single person can force this into the code, right? Someone submitted a PR, and two committers approved it, one of them the creator of the project, as far as I understand. If that's not good enough, then what is?
Of course discussion about this important, but can we do that without panic and fear mongering?
Jules 🍺
in reply to Martijn Vos • • •If you think that is a way that things are discussed and implemented then I guess that is all fine and dandy, yes three people implementing a change which affects millions, perfectly fine
Irom
in reply to Jules 🍺 • • •@julesbl @mcv
Another problem is that it starts implementing surveillance infrastructure without any pushback. Looking at many governments now I don't think that's advisable.
The law was lobbied into existence by Facebook/Meta and friends.
old.reddit.com/r/linux/comment…
tboteproject.com/
@Khrys
Age Verification Lobbying: Dark Money, Model Legislation & Institutional Capture
The TBOTE ProjectMartijn Vos
in reply to Jules 🍺 • • •@Jules 🍺 @Khrys
We've long depended on software maintained by fewer people than that.
The point is: anyone can contribute, committers review and approve. If that has always been a reasonable process, why not now? There are lots of open source projects where the creator of the project has more power than that, and we've always accepted it because we trust the maintainers, and when they break that trust, the community forks, which has also happened plenty of times.
But at the end of the day, it seems to me most people here are irrationally panicking about this. Isn't the field optional? Isn't what goes in the field entirely under the user's control?
By all means discuss this honestly, but I don't see anything here that justifies the hype and panic.
0x0
in reply to Jules 🍺 • • •Tbh that's how large FOSS projects work, yes.
Or do you expect a comitte for every code change?
@mcv @Khrys
Legit_Spaghetti
in reply to Martijn Vos • • •@mcv
I do. The problem is that the guy is complying in advance with unjust, abusive, and dangerous laws.
"Okay, guess I'll add it in" is not the correct response to an unjust legal requirement. The correct response is "Fuck you, make me."
Martijn Vos
in reply to Legit_Spaghetti • • •@Legit_Spaghetti @Khrys
Sorry, but nobody is making you fill this in. It's an optional field. And there's no verification on it.
Osma A 🇫🇮🇺🇦
in reply to Martijn Vos • • •@mcv @Khrys
George Liquor, American
in reply to Martijn Vos • • •@mcv Never heard of a slippery slope? It's a longstanding tradition in our legal system. Start with something that seems innocuous enough. Then when enough people have been lulled into complacency by arguments like yours, the law changes into something onerous and we're stuck dealing with that.
It's very basic stuff.
sebsauvage
in reply to Khrys • • •BigGrizzly
in reply to sebsauvage • • •@sebsauvage Comme je le commentais sur SeenThis dans la semaine, c'est la première vraie démonstration qu'il y a un problème avec systemd et que ce n'est donc finalement pas qu'un problème technique, et qu'il y a aussi un problème politique.
seenthis.net/messages/1163717
Ret - Mastodon
seenthis.netLien Rag
in reply to sebsauvage • • •@sebsauvage
Que le libre fonctionne comme il est censé le faire ?
Un contributeur voit un problème (réel : les lois sur la vérification de l'âge, poussée par Meta), propose une solution (bonne ou mauvaise, à débattre) qui est acceptée par certains projets, ce qui déclenche une shitstorm (bon cet aspect là est moins "comme le libre est censé fonctionner" que "comme il fonctionne en vrai") et le BDL ferme le ticket en disant "c'est optionnel donc chacun reste libre".
@Khrys
Fazal Majid
in reply to Khrys • • •Two? foxes in a trench coat
in reply to Fazal Majid • • •@fazalmajid You mean the very same Poettering which was responsible for this commit github.com/systemd/systemd/com… which was "Found with Claude Code Review" and it broke systemd-boot in one of the release candidates (260 RC3) github.com/systemd/systemd/iss…
"Anything LLM-generated will not be committed without a thorough human review" in practice. Yeah.
systemd 260-rc3 systemd-boot doesn't boot · Issue #41098 · systemd/systemd
tambry (GitHub)Fazal Majid
in reply to Two? foxes in a trench coat • • •Guillaume
in reply to Khrys • • •Ageless Linux — Software for Humans of Indeterminate Age
agelesslinux.orgbayo
in reply to Khrys • • •reshared this
Lazarou Monkey Terror 🚀💙🌈, Witchzilla and M Schommer reshared this.
Jeff McNeill
in reply to Khrys • • •Blub
in reply to Khrys • • •Bloognoo
in reply to Khrys • • •'He read the law, took it at face value, and started writing code. The word for what that is sits somewhere past malice, something more insidious: an engineer who treats compliance as engineering, who sees a legal requirement the way he sees a technical specification, and will implement whatever the spec says regardless of who wrote the spec or why.'
Zealot. The word is Zealot. His god spoke and he responded.
Peter Kratz
in reply to Khrys • • •Leisure Suit Larry 1:In the Land of the Lounge Lizards (1987) Theme Music
RedDragonPalace (YouTube)Kerplunk
in reply to Khrys • • •The lasting damage was knowing it could happen at all: that a single contributor with no stated organizational backing could submit compliance infrastructure for surveillance law directly into the software that boots your computer, get it merged by two Microsoft employees, and have the creator of systemd personally block the removal.
NO, THE LASTING DAMAGE IS ACCEPTING INTRODUCTION AND USAGE OF OF SYSTEMD.
Paid for by IBM and later Microsoft to dominate (destroy) Linux
Juffo-Wup
in reply to Khrys • • •So, tl;dr, someone added an age field, and the trolls went crazy?
And now everybody hates everybody, and each side is calling the other one "zealot" with religious fervor?
Just another day in toxicland, I guess. 🤷
Kevin Karhan
in reply to Khrys • • •cyberfascism at play..
infosec.space/@kkarhan/1162670…
Kevin Karhan :verified: (@kkarhan@infosec.space)
Kevin Karhan :verified: (Infosec.Space)joschi
in reply to Khrys • • •@nblr @doingfedtime What kind of bullshit hit piece is this?
We’re now blaming developers for contributing to FOSS projects?
Great job everyone, you can be really proud of yourselves! 👏 /s
~n
in reply to joschi • • •"Contributing"
joschi
in reply to ~n • • •@nblr @doingfedtime Save the nitpicking. It is a contribution, just one you don’t like.
I’m not saying I’m thrilled about it either, but writing and promoting this hit piece is low. Very low…
Martijn Vos
in reply to joschi • • •@joschi @~n @Sam Bent @Khrys
That's my real worry. People are piling on long-standing open source contributors and pretending they're nazi collaborators. These are people who donate their time writing software that everybody can use for free.
eobet
in reply to Khrys • • •Violet/Multi
in reply to eobet • • •Filippo Valsorda
in reply to Khrys • • •RootWyrm 🇺🇦
in reply to Filippo Valsorda • • •@filippo @thedarktangent know what would prevent this shit in the first place? If actively supporting fascism had consequences.
Meet consequences.
RootWyrm 🇺🇦
in reply to RootWyrm 🇺🇦 • • •@filippo @thedarktangent oh, and the company he works for?
Brags about not doing credit checks before issuing payday loans at usurious rates, and charging a monthly subscription fee on top of it.
RevK
in reply to Khrys • • •Plan-A likes this.
Plan-A
in reply to RevK • •RevK likes this.
Monte Freeman
in reply to RevK • • •🙃🙃🙃😉🤓
Monte Freeman
in reply to Khrys • • •thetooter
in reply to Khrys • • •Lars Hansson
in reply to Khrys • • •7666
in reply to Khrys • • •Ultra Verified 🇺🇦 🇬🇱
in reply to Khrys • • •Too old for Linux
I think that's a rock opera, isn't it?
Ultra Verified 🇺🇦 🇬🇱
in reply to Khrys • • •Also, #fuckedCompany
" .... name is Dylan M. Taylor, a Senior DevOps Engineer at Credit Genie, a Khosla Ventures-backed fintech startup in Durham, North Carolina."
LMR 🇦🇹🇪🇺🏳️🌈🏳️⚧️🏴☠️
in reply to Khrys • • •needlessly dramatic for what was an entirely unsurprising development. wake me up if they do anything beyond a glorified text field, something almost all other OSs have had for decades.
I mean I agree that the sentiment is bad. but do we need the entire linux community to explode over this? hardly
jonathankoren™
in reply to Khrys • • •let’s be completely honest here. The choices are:
- Non compliance resulting in everyone complaining that your device is “broken”
- Non compliance (this option)
- Full compliance with outside verification (a horrible option)
If a mandated API is made called, then easiest option is just to return “adult” and move on, rather than the millions of people complaining that “it doesn’t work”
I really don’t get what the point of this hit piece is.
Remember Remember 7th November
in reply to jonathankoren™ • • •@jonathankoren The point is that you don’t just give away your freedom because it’s easier. You *at least* say ‘fuck you, make me’ first.
There are way more people for who this is NOT law than for who it IS. So much for the land of the free and the home of the brave.
f_ 🇵🇸
in reply to Khrys • • •