The Engineer Who Tried to Put Age Verification Into Linux
-
The lasting damage was knowing it could happen at all: that a single contributor with no stated organizational backing could submit compliance infrastructure for surveillance law directly into the software that boots your computer, get it merged by two Microsoft employees, and have the creator of systemd personally block the removal.
What the hell is the issue here? Do you need to be a member of an organization to submit a PR? And if the lack of organisational backing would be a problem, why is it a problem that the people merging it do work for an organisation? The only thing that matters is that an official committer approves it.This whole article sounds like pointless fear mongering. If there's anything else to it that I'm missing, I'd love for someone to explain it.
@mcv @Khrys let's take it a bit further too. Nobody uses a pre-built systemd straight from upstream, every distribution is building and packaging it.
This seems very trivial to patch right back out and/or put behind a define. (I would actually be surprised if it wasn't like that, to make compliance with different jurisdictions easier).
-
R relay@relay.infosec.exchange shared this topic
-
@biggrizzly @sebsauvage @Khrys Si on regarde la thèse de Gabriel Alcaras (https://theses.fr/2022EHES0120.pdf), le fait que de plus en plus de développeurs Open Source intègre le monde du libre et son développement (dans le kernel, et partout ailleurs), ce type de cas risque de se multiplier, les entreprises poussant linux à être le plus "Compliant" possible malheureusement ... Cela ne m'étonnerait pas que cela créé de plus en plus de remous, de plus en plus de FOSS se dotant de chartes heureusement
poke @khinsen@SReyCoyrehourcq On voit en effet de plus en plus de "corporate" dans l'univers Linux, et la Linux Foundation en est peut-être le symbol le plus visible. Je suppose que c'est pourquoi BSD (re-)trouve de plus en plus d'adhérents.
-
Nowhere do I call this a bug. It's an additional field in the user db. Just like userName, realName, emailAddress, location, timezone, preferredLanguage, and many others, some of which are at least as sensitive as age.
People are panicking about a complete non-issue. Read the actual discussion on the commit; there is actual discussion there, but nobody is panicking about it the way people here are.
The discussion on the Arch commit has a bit more pushback; there the contributor puts more emphasis on legal compliance, receives some pushback that it offers no reliable age verification, so how can it comply with the law? and the decision is made to put in on hold until they get some legal advice.
And with or without that law, I don't see any problem with storing yet another piece of personal information. It fits right in with everything else that's already stored. If you don't trust the privacy of your own PC, don't fill it in. It's optional.
But I can imagine that parents would want to set this for their kids, and may also want software to restrict their kids' access to certain kind of content based on that. But that's not what this does.
-
"Fuck you, make me."
Sorry, but nobody is making you fill this in. It's an optional field. And there's no verification on it. -
@filippo @Khrys @thedarktangent know what would prevent this shit in the first place? If actively supporting fascism had consequences.
Meet consequences.
@filippo @Khrys @thedarktangent oh, and the company he works for?
Brags about not doing credit checks before issuing payday loans at usurious rates, and charging a monthly subscription fee on top of it.
-
"Fuck you, make me."
Sorry, but nobody is making you fill this in. It's an optional field. And there's no verification on it.Not *yet*.
-
"Fuck you, make me."
Sorry, but nobody is making you fill this in. It's an optional field. And there's no verification on it.@mcv @Khrys Imagine if instead of your DOB, the field asked "Are you a Jew?" and it was also optional and didn't have any sort of verification attached to it. Just an innocent question, right? No one's being forced to answer it. Not a problem, right?
Except anyone who'd spend their time adding such a field to an open-source project in anticipation of an imagined legal requirement should immediately become radioactive in the community, as should anyone defending such an action.
-
@Khrys Please tell me the age of the "root" user?
-
The Engineer Who Tried to Put Age Verification Into Linux
The Engineer Who Tried to Put Age Verification Into Linux
Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert. Unpaid compliance simp.
Sam Bent (www.sambent.com)
The lasting damage was knowing it could happen at all: that a single contributor with no stated organizational backing could submit compliance infrastructure for surveillance law directly into the software that boots your computer, get it merged by two Microsoft employees, and have the creator of systemd personally block the removal.
@Khrys Further illustrating that systemd is evil and should be destroyed by fire.
-
@Khrys Please tell me the age of the "root" user?
-
The Engineer Who Tried to Put Age Verification Into Linux
The Engineer Who Tried to Put Age Verification Into Linux
Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert. Unpaid compliance simp.
Sam Bent (www.sambent.com)
The lasting damage was knowing it could happen at all: that a single contributor with no stated organizational backing could submit compliance infrastructure for surveillance law directly into the software that boots your computer, get it merged by two Microsoft employees, and have the creator of systemd personally block the removal.
@Khrys let's kill this guy with hammers. tbh tbh -
The Engineer Who Tried to Put Age Verification Into Linux
The Engineer Who Tried to Put Age Verification Into Linux
Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert. Unpaid compliance simp.
Sam Bent (www.sambent.com)
The lasting damage was knowing it could happen at all: that a single contributor with no stated organizational backing could submit compliance infrastructure for surveillance law directly into the software that boots your computer, get it merged by two Microsoft employees, and have the creator of systemd personally block the removal.
@Khrys this is why Lennart isn't allowed to submit code to the kernel
-
The Engineer Who Tried to Put Age Verification Into Linux
The Engineer Who Tried to Put Age Verification Into Linux
Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert. Unpaid compliance simp.
Sam Bent (www.sambent.com)
The lasting damage was knowing it could happen at all: that a single contributor with no stated organizational backing could submit compliance infrastructure for surveillance law directly into the software that boots your computer, get it merged by two Microsoft employees, and have the creator of systemd personally block the removal.
@Khrys for someone who uses the phrase "microslop" the whole thing reads like slop -
The Engineer Who Tried to Put Age Verification Into Linux
The Engineer Who Tried to Put Age Verification Into Linux
Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert. Unpaid compliance simp.
Sam Bent (www.sambent.com)
The lasting damage was knowing it could happen at all: that a single contributor with no stated organizational backing could submit compliance infrastructure for surveillance law directly into the software that boots your computer, get it merged by two Microsoft employees, and have the creator of systemd personally block the removal.
-
The Engineer Who Tried to Put Age Verification Into Linux
The Engineer Who Tried to Put Age Verification Into Linux
Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert. Unpaid compliance simp.
Sam Bent (www.sambent.com)
The lasting damage was knowing it could happen at all: that a single contributor with no stated organizational backing could submit compliance infrastructure for surveillance law directly into the software that boots your computer, get it merged by two Microsoft employees, and have the creator of systemd personally block the removal.
Also, #fuckedCompany
" .... name is Dylan M. Taylor, a Senior DevOps Engineer at Credit Genie, a Khosla Ventures-backed fintech startup in Durham, North Carolina."
-
The Engineer Who Tried to Put Age Verification Into Linux
The Engineer Who Tried to Put Age Verification Into Linux
Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert. Unpaid compliance simp.
Sam Bent (www.sambent.com)
The lasting damage was knowing it could happen at all: that a single contributor with no stated organizational backing could submit compliance infrastructure for surveillance law directly into the software that boots your computer, get it merged by two Microsoft employees, and have the creator of systemd personally block the removal.
@Khrys@mamot.fr needlessly dramatic for what was an entirely unsurprising development. wake me up if they do anything beyond a glorified text field, something almost all other OSs have had for decades.
I mean I agree that the sentiment is bad. but do we need the entire linux community to explode over this? hardly
-
I don't understand what the fuss is about. This is exactly the right way to comply with that law: an optional birth date field. You don't want to have to submit an idea to your OS or implement facial recognition, and you certainly don't want to tie account creation to external services for those things, but now parents can fill in the birth date for their kids, and everybody else can ignore it. This kind of thing needs to be in the hands of parents, not external companies.
So I don't really see the problem here.
-
The Engineer Who Tried to Put Age Verification Into Linux
The Engineer Who Tried to Put Age Verification Into Linux
Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert. Unpaid compliance simp.
Sam Bent (www.sambent.com)
The lasting damage was knowing it could happen at all: that a single contributor with no stated organizational backing could submit compliance infrastructure for surveillance law directly into the software that boots your computer, get it merged by two Microsoft employees, and have the creator of systemd personally block the removal.
@Khrys let’s be completely honest here. The choices are:
- Non compliance resulting in everyone complaining that your device is “broken”
- Non compliance (this option)
- Full compliance with outside verification (a horrible option)If a mandated API is made called, then easiest option is just to return “adult” and move on, rather than the millions of people complaining that “it doesn’t work”
I really don’t get what the point of this hit piece is.
-
@Khrys let’s be completely honest here. The choices are:
- Non compliance resulting in everyone complaining that your device is “broken”
- Non compliance (this option)
- Full compliance with outside verification (a horrible option)If a mandated API is made called, then easiest option is just to return “adult” and move on, rather than the millions of people complaining that “it doesn’t work”
I really don’t get what the point of this hit piece is.
@jonathankoren @Khrys The point is that you don’t just give away your freedom because it’s easier. You *at least* say ‘fuck you, make me’ first.
There are way more people for who this is NOT law than for who it IS. So much for the land of the free and the home of the brave.
-
@jonathankoren @Khrys The point is that you don’t just give away your freedom because it’s easier. You *at least* say ‘fuck you, make me’ first.
There are way more people for who this is NOT law than for who it IS. So much for the land of the free and the home of the brave.
