this post was submitted on 21 Mar 2026
143 points (100.0% liked)

People Mastodon

393 readers
210 users here now

People tooting stuff. We allow toots from anyone and are platform agnostic (Mastodon, BlueSky, Twitter, Tumblr, FaceBook, Whatever)

founded 4 months ago
MODERATORS
Deceptichum@quokk.au
143
age verfication in linux is shady (quokk.au)
submitted 1 day ago by Deceptichum@quokk.au to c/peoplemastodon@quokk.au
48 comments fedilink hide all child comments
 
top 48 comments
sorted by: hot top controversial new old
[–] DireTech@sh.itjust.works 14 points 1 day ago (1 children)

Such a weird thing to get upset about. This is an easy way to allow flagging a user as underage without exposing actual identification to the users. You don’t have to put in their actual birth date, just use Jan 1 of whatever year.

If this sort of thing is accepted, this lets websites and games do a simple check and then all blame for underage access is on whoever setup the account on the computer.

Do people honestly prefer websites blocking access to countries and states because they have no way to check a users age? Those websites don’t give a shit, they just don’t want to be responsible. This gives them that out.

[–] Atlas_@lemmy.world 17 points 20 hours ago (1 children)

This is being made in response to a law that is a bellwether for compulsory identity verification, which should strike fear into the hearts of everyone (well, everyone who cares about their privacy. Which should be everyone, but ...)

[–] DireTech@sh.itjust.works 0 points 18 hours ago (1 children)

Yes, it’s in response to those laws, but it would also undermine their arguments. When a privacy protecting method of age checks is in place, they’ll need to use poorer arguments for why they should dox all internet users.

Regardless of the laws, having a simple age check from the browser/OS would be handy. Wish the EUs anti tracking had required it to be a check against a users predefined setting instead of the popup on every single website.

[–] Atlas_@lemmy.world 7 points 17 hours ago (1 children)

"just comply bro"

Do you hear yourself?

There is no way to age check that both preserves anonymity and isn't game-able by a motivated 12 year old.

"It'd be handy" isn't a good argument for taking away our rights to privacy.

[–] DireTech@sh.itjust.works 1 points 9 hours ago

You forget about sudo? If you give up the password, that’s on you. That’s the whole idea of letting the OS handle it. You aren’t trusting some other service with your info. It’s all on you if your kids get around it.

Complying would be installing back doors to id.me or some other such nonsense and the hell with that.

[–] Zagorath@quokk.au 25 points 1 day ago (9 children)

Geez this beat-up is getting tiring. I wrote up a complaint in another thread but I think the OP realised how terrible it was because it was deleted by the time I hit submit. That particular post was utter trash, not even attempting to maintain a reasonable tone or look at the situation dispassionately, despite being a full article (and not a short toot, where throwaway poorly-thought-out thoughts might be more justified). Its lede literally read:

Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert. Unpaid compliance simp.

And frankly, the author of that sort of hit piece should be ashamed of himself. Far, far more than Dylan should.

It's such a dumb thing to whinge about. Age verification is not a bad thing! What's bad is age verification that is implemented in a way that either requires, or significantly increases the chances of people's privacy being violated. Requiring people to upload photo ID directly to sites, or to third-party "trusted age verification partners". Or trusting bullshit AI face-detection age verification.

Age verification that's implemented by asking parents to...y'know, actually parent, and helping them to do that by giving them tools like OS-level parental controls, enforced through operating system and browser APIs that we mandate apps and websites use, is the way to go. The OS should expose to apps, and browsers expose to websites, only the simple answer to the question: "is the current user of a legal age to access this content?" as a boolean value, based on information stored in the OS by parents setting it. No fancy technology. No privacy invasion. Just simply giving parents the tools to help them do their job.

There are more complicated technical solutions that could be used. Things involving repeated hashes or blind digital signatures. But these are only appropriate if we pre-suppose that the government needs to strictly enforce it by requiring IDs or other sensitive information be used to age verify. And these solutions help minimise the risk by eliminating the connection between the age verification and which sites are being accessed (so the verifier can't see what sites the verifyee is viewing, and the sites can't see who the person being verified was, only that they were verified). And you don't need to go even that far. Because the best solution is right down on the user's device, with a simple setting that parents can set.

[–] Atlas_@lemmy.world 5 points 20 hours ago (1 children)

It's a bellwether for compulsory identity verification.

I don't think anyone should go after this guy personally, but I'd really hope that the people working on my OS care like I do about my rights and freedoms.

[–] Zagorath@quokk.au 2 points 16 hours ago (1 children)

https://yourlogicalfallacyis.com/slippery-slope

Nothing about this is in any way a restriction on your rights and freedoms.

[–] Atlas_@lemmy.world 5 points 16 hours ago

https://yourlogicalfallacyis.com/the-fallacy-fallacy

Furthermore, this isn't even the fallacy you claim. I'm making a statement about the intentions of the people pushing these laws. Which are actually known - It's mostly Meta, and their intentions are pretty clear: https://www.reddit.com/r/linux/comments/1rshc1f/i_traced_2_billion_in_nonprofit_grants_and_45/

[–] noride@lemmy.zip 61 points 1 day ago* (last edited 1 day ago) (1 children)

This age verification push is utterly bullshit and I'm shocked to find people carrying water for this on lemmy. It has absolutely nothing to do with age or saftey and everything to do with advertisers no longer having any way to know who is human on the llm-shit-bot infested internet they've created.

[–] Zagorath@quokk.au 8 points 1 day ago (2 children)

Oh come off of it. That's some serious bullshit conspiracy nonsense you're peddling there.

A flag set on your local machine that blocks children from accessing porn, if their parents choose to set the flag correctly on their child's account, is not some big-tech privacy invasion. It's just basic good sense. I'm shocked that people would actually be opposed to it.

Opposing it has no practical effect other than helping strengthen big tech's argument that the onus shouldn't be on them to ensure their platforms are safe to use. That people should have to upload their ID to sketchy third-parties to verify their age before making an account on every website, because that's the only way we could possible know that children aren't accessing dangerous content!

If you're going to disagree with me, fine. But at least actually live in the real world rather than throwing out nonsense conspiracies. And respond to the proposal that's actually on the table. To the single user-configurable field that this guy was trying to put into Linux. Or to the ideas I raised in my comment. Not to some fantasy straw-man you've concocted, or to the big-tech nightmare that I've already explained I disagree with.

[–] chicken@lemmy.dbzer0.com 6 points 1 day ago (1 children)

Opposing it has no practical effect other than helping strengthen big tech’s argument that the onus shouldn’t be on them to ensure their platforms are safe to use.

Isn't that the whole point of these laws though? They were lobbied for and written by Meta afaik, with the likely purpose being to reduce their legal liability.

[–] Zagorath@quokk.au 4 points 21 hours ago

Yeah, cos the alternative is having to trust Facebook with even more sensitive data. I don't want to do that. They don't want that. It is possible for interests to align even between two groups that otherwise rarely agree.

I'll give another example of that. In Australia, the Greens are the main party for progressives. Unfortunately they rarely hold very much power compared to the centrist Labor and far-right Liberal National Coalition, but they do exist and have a few seats in Parliament.

In my state, there is currently a petition being circulated to ban advertising of gambling in government-owned assets. It is being supported primarily by two groups: the progressive Greens party, and the extremely socially conservative Christian lobby. I can't think of a single other issue right now where these two would agree, but they'll work together because they do agree on this issue.

I'm happy to agree with Facebook that age verification belongs locally, not via sketchy third-parties who then have to hold on to sensitive data and hope they don't get hacked. And not by uploading sensitive data directly to social media or porn sites who have no business holding on to my photo ID.

[–] noride@lemmy.zip 25 points 1 day ago (1 children)

Buddy, get your head out of the sand. The Internet isn't half as gruesome as it used to be. Do you know how we used to find all the beheading videos? Just search YouTube! Sure, they are still there, somewhere, but definitely no longer popping up in my recommendation feed. Further, nowadays, content creators won't even use the word Sex on that platform for fear of demonization.

And yet why the sudden push to protect the children? You need look no further than Sam Almans "worldcoin" and similar projects for your answer, my guy.

[–] CannonFodder@lemmy.world 6 points 1 day ago

Ah but think of the positives - we can now get back the death videos and all the pushing of sex content if the producers can theoretically rely on age verification.

[–] obelisk_complex@piefed.ca 37 points 1 day ago

The OS should expose to apps, and browsers expose to websites, only the simple answer to the question: “is the current user of a legal age to access this content?” as a boolean value, based on information stored in the OS by parents setting it

No, it shouldn't. Period, dot, end of fucking story. There are already filters available for online content and they don't require both client and server to be correctly configured so they by default work better than this ever could; on that alone, your argument to force this shit on the entire ecosystem fails the smell test.

[–] grue@lemmy.world 22 points 1 day ago (2 children)

It's not about what the change is, it's about why the change is being made. Complying in advance with totalitarianism makes you a piece of shit.

[–] pupbiru@aussie.zone 3 points 21 hours ago

okay but the change is being made (perhaps) so that websites can shove those disgusting identify verification apps everywhere

… so the response to that is to introduce user-controlled solutions like this that are technically compliant whilst circumventing the bad part about it

i’d argue it’s malicious compliance, or at worst like a cookie banner

[–] Zagorath@quokk.au 3 points 1 day ago (1 children)

I don't view age verification as totalitarianism. If they mandated it be done by submitting your photo ID to the government (or to a private "trusted" third-party), I might feel differently. But a law that permits a system like this, where age verification is done by parents setting the age of their child's accounts on the operating system, is not in and of itself totalitarian.

[–] grue@lemmy.world 19 points 1 day ago (1 children)

What part of "complying in advance" did you not understand?

If they were doing this on their own initiative because they genuinely thought it was a useful feature, that'd be one thing. But that's not what's happening here. What's happening here is that they are falling over themselves in their haste to signal political support for California's privacy-eroding, pearl-clutching bullshit.

[–] Zagorath@quokk.au 4 points 1 day ago (1 children)

What part of "it's not a bad thing" did you not understand?

"Don't comply in advance" is an instruction not to comply with bad things in an act of appeasement or to try to curry favour with the totalitarians. Complying with an actual well-intentioned policy is not "complying in advance" in the way that phrase is intended.

signal political support for California's privacy-eroding, pearl-clutching bullshit

I dunno what's going on in California. To be quite honest I don't care what's going on in California, or anywhere in America, in this regard. The UK and my own country of Australia have introduced age verification laws recently. And to be frank, they're shit. Australia's law was rushed through Parliament with zero scrutiny and zero regard for the ramifications of the law.

And this feature? It would not comply with that law. Because our law actually requires some method of verification done by the sites themselves.

My interpretation of what's going on here is Linux would be showing the Australian government "hey look, we don't give a fuck what the law you wrote says because it's shit. We're doing something that achieves the outcomes you claim to want in a way that doesn't have the downsides of your shitty law."

I've been advocating for exactly what this guy did right here since November 2024, when the Australian government first pushed through its shitty law without regard for how the law actually worked. Because it's a good use of technology to achieve a well-meaning outcome, in a way that is well-considered rather than doing the laziest privacy-invasive method. If California has come up with a law that can be complied with in that way, I guess well done to them. I'm not changing my opinion on good policy just because someone I don't trust for unrelated reasons also agrees with it.

[–] grue@lemmy.world 8 points 1 day ago* (last edited 1 day ago) (1 children)

Complying with an actual well-intentioned policy

I reiterate: "complying in advance with totalitarianism makes you a piece of shit."

If you think any part of this is "well-intentioned," you are part of the problem. Be a better person.

[–] Zagorath@quokk.au 2 points 1 day ago

And I reiterate, calling it totalitarianism is fucking bullshit.

Calling me a piece of shit is playing the man, not the ball, and that's fucking cunt behaviour. Be better.

[–] corsicanguppy@lemmy.ca 1 points 18 hours ago

literally

Sorry. You lost me here.

[–] curbstickle@anarchist.nexus 10 points 1 day ago (1 children)

I'm having a really hard time determining if youre incredibly naive, incredibly ignorant, or both.

What's getting tiring is decades of this shit being pushed under the guise of "protecting children" when it doesnt remotely do anything to protect children.

This is not a new thing. This is a new approach to the same bullshit that does absolutely nothing to protect children, instead creating opportunities for exploitation while absolving corporations of their responsibilities.

Defending this is fucking stupid.

[–] Zagorath@quokk.au 3 points 1 day ago (2 children)

Simply stating it without adding anything to the conversation doesn't make it so. Your comment is a complete waste of my time, your own time, and everyone unfortunate enough to read it.

If you're going to leave a comment, say something of value in it. You can disagree, but do it while actually saying something more than "no you're wrong".

[–] mysticalone@lemmy.world 6 points 1 day ago (1 children)

You should take your own advice. You comments willfully ignore the point against forcing age verification at the OS level.

[–] Zagorath@quokk.au 1 points 21 hours ago

What points? All I've seen is people railing against the very idea that parents should be given tools that help.

[–] curbstickle@anarchist.nexus 4 points 1 day ago

Thanks for confirming I should just not bother with you.

[–] BrilliantantTurd4361@sh.itjust.works 1 points 20 hours ago

You dont have kids, hey?

[–] Deceptichum@quokk.au 14 points 1 day ago* (last edited 1 day ago) (1 children)

Oh, looks like the shitty .world mods deleted my post, claiming it wasn’t tech related yet maga liking an AI picture is?

I’ll repost it in another community as it’s important information to get out there. And frankly the person pushing these changes needs a physical hit alongside a hit piece.

Age verification is bad, flat out bad. There is no authority that can verify my information that can be trusted with keeping it secure, end of story.

Catering to these corporate driven demands that empower states to further track and control citizens online, even with “soft” solutions such as a OS settings only legitimises and empowers them to expand on it once the foot is in the door.

Ultimately we need zero age verification. It’s a direction that helps no one and endangers everyone.

[–] Zagorath@quokk.au 2 points 1 day ago (1 children)

There is no authority that can verify my information

There is no authority that's trying to verify your information, with the proposal this guy was putting into Linux. It's literally you setting the value yourself. That's exactly how it should work, and that's a good thing.

[–] Deceptichum@quokk.au 16 points 1 day ago (2 children)

I already explained that soft solutions are still an issue.

And if it’s such an utterly useless setting, don’t waste anyone’s time with it in the first place as children defeat such weak measures all the time.

[–] Zagorath@quokk.au 3 points 1 day ago

as children defeat such weak measures all the time

It's actually not any weaker than the onerous privacy-invading options big tech is forcing on us regardless. It can be gotten around by accessing sites that don't enforce it, maybe. But a well-made parental control system could actually be far, far more effective. It could block installation of any app that doesn't comply, if the parents choose to enable that functionality. And compliant browsers could, if they wanted, rely on some other crowd-sourced list of sites to block access to sites that don't enforce it themselves.

Being based right in the user's operating system means that if it's well-designed, it maintains complete privacy and is as difficult to bypass as it's possible to devise. The only way I can think a well-designed system could be bypassed would be by the child installing their own separate partition or running a live-USB. There may even be ways that can be prevented; I'm not sure.

But frankly, at that point we're teaching the kids how to be comfortable doing things to take ownership of their own machines. And I see that as an absolute win.

[–] Zagorath@quokk.au 3 points 1 day ago (1 children)

Except that you're claiming it empowers tracking when it does no such thing. The server-side age verification that's happening already, and which this exists as an alternative to are tracking. This is a way of achieving a good outcome (children not accessing porn, and parents being given tools to help parent their children instead of big tech letting them roam free on their harmful addictive algorithms) without tracking.

[–] Deceptichum@quokk.au 14 points 1 day ago* (last edited 1 day ago) (1 children)

It does because it legitimises something that should not exist in the first place and is part of a large global push to get verification of users embedded everywhere from the OS level to websites.

Once it’s in place it’s only a matter of time until “this doesn’t go far enough, the bot accounts are set to adult age and bypassing the age check we need them to verify it with us to ensure it’s legitimate”

Wrapping up loss of freedom under “think of the children” is nothing new, and it’s sad to see people supporting it still.

[–] Zagorath@quokk.au 3 points 1 day ago (1 children)

I don't buy the slippery slope argument. Ever. It's fallacious lazy reasoning. If they introduce bad policy, oppose it when it's bad policy. Not when it's a good policy that might later become bad policy if it's changed.

That's not the same, fwiw, as opposing bad policy that's bad now and also has the potential to be extended to be worse policy in the future. Which is where I honestly think you're sitting with this here, based on your other comments. But if that's the case, don't hide behind a comment like this one that entirely rests on "it could be bad in the future".

[–] Deceptichum@quokk.au 7 points 1 day ago* (last edited 1 day ago) (1 children)

And I don’t buy the Mrs.Lovejoy. You don’t wait until the car hits someone to tell them to stop accelerating.

There is zero benefit to this, it’s not a good policy at all. If your issue is parental control over children how about you take issue with parents giving their children access without oversight.

And you should be far more concerned over kids playing predator den child centric games like Roblox vs them going to pornhub.

[–] Zagorath@quokk.au 4 points 1 day ago (1 children)

how about you take issue with parents giving their children access without oversight

Because that's not a bad thing? Children deserve privacy and the ability to explore. Exactly how much freedom they should have to do that will change as they age. The digital realm is no different in this regard than the physical. A toddler should basically never be out of sight of a responsible adult. A young teenager's parents should probably know vaguely where they're going and with whom, but they don't necessarily need to know the precise details as their child develops their sense of independence. This is a tool that simply helps parents with that. That is unequivocally a good thing.

You're not wrong about Roblox. I agree it needs to be harshly cracked down on. But that's not the subject of this conversation and serves only to distract from the topic at hand.

[–] TheTetrapod@lemmy.world 3 points 1 day ago (1 children)

This whole argument is part of why I never want children. Having unfettered internet access was a hugely formative, largely positive aspect of my childhood, and I would hate to deny that to my children, but I obviously know that you should.

[–] Zagorath@quokk.au 1 points 1 day ago

Apparently a lot of people disagree that it's even a good idea.

I grew up without much parental oversight online. And I'm glad for it. But today's algorithmic social media didn't exist when I was young. I strongly opposed Australia's social media minimum age law when it was passed, and still do. But that was because of the manner in which it was passed, and the particulars of its approach.

If it had been done by mandating operating systems provide a feature like this. And by having the Minister designate sites it applies to, instead of applying everywhere, so he can designate Facebook, Instagram, and other sites with known harmful algorithms while not applying to the fediverse, I'd have enthusiastically supported it.

Ironically, this approach would have brought a kid today's experience online closer to what you and I grew up with than what no law whatsoever probably gives them.

[–] Mistakes@sopuli.xyz 6 points 1 day ago (1 children)

The operating system does not need to know anything about me to operate the system. It is my hardware and it shall not operate in a manner that I do not approve of.

[–] Zagorath@quokk.au 2 points 1 day ago

Ok? So don't use the setting then. That's easy.

[–] superweeniehutjrs@lemmy.world 15 points 1 day ago (2 children)

So, will this be a new sudo where I have to scan my ID?

[–] horn_e4_beaver@discuss.tchncs.de 5 points 1 day ago* (last edited 1 day ago) (2 children)

Isn't this the opposite of having to provide ID to verify your age? This is like the less-bad way of doing age verification whilst maintaining some level of privacy.

[–] StealthLizardDrop@piefed.social 3 points 19 hours ago* (last edited 19 hours ago)

Do you know whats less bad way of doing forced age verification? Don't ask. What ever happened to parents actually educating their children...

Its enter your age box today
Tomorrow it will be upload your id, you are already okay with the age box

I am not in US or Brazil, why is this nonsense forced on me? Well I just won't use systemd but it still sets a bad precedent to comply with bullshit legislation written by people with half a braincell, high on jesus

Utter nonsense made by nonses

[–] _spiffy@piefed.ca 2 points 1 day ago

I think people are going hard on the slippery slope thing with this. I don't really care either way but there are lots of fediverse folks who are upset about it.

[–] Zagorath@quokk.au 1 points 1 day ago

No, it's literally just a field that you can set on your kid's devices to prevent them accessing porn (from sites that comply with the law).