Per the very first reply on their thread discussing it in their forums, which I linked directly to for the post title:
We’ll NEVER require any verification or identification from the user.
However, what’s gonna happen should the attempts to age-gate the XDG portal screw over alt-init distros like Artix too? My guess is maybe they start blocking regions which force age gating like Arch Linux 32 is doing.
First Artix made me not vulnerable to the XZ backdoor (requires systemd). Now it saves me from age verification nonsense. Even on Lemmy sentiment seems people who avoid systemd are just cranks. But every time we are right.
Iirc, the XZ backdoor was specifically targeting RH and Debian, which for some reason link libsystemd into OpenSSH. Afaik even upstream Arch was unaffected, not just Artix. The exploit code, though non-functional, still made its way onto your system (assuming you updated when it was in a release version).
I’m not defending systemd though, it’s clear that Poettering’s goals do not align with the rest of the Linux community. I’m saying that Artix not being affected by the XZ backdoor is not a good argument for why to use Artix or avoid systemd.
It’s like saying “Linux doesn’t get malware” because most desktop malware targets the OS with the largest desktop userbase, Windows. This alone doesn’t suddenly make Linux “better”. That doesn’t mean there aren’t other reasons to avoid Windows.
xzutils doesn’t require systemd.
I doesn’t but the exploit required it.
deleted by creator
Good, Maybe a list of “Pirate Distros” would help people.
In this case Artix already is a systemd-free distro, but this is part of why i think it’s a bad idea that systemd is wanting to implement the age verification crap, cause i think the distro should be allowed to decide if they want to comply or not. Feels like distros that use systemd will be forced to comply unless they change init, which is probably a pain in of itself.
Btw, what does the desktop portal actually do? I’ve installed a lot of programs over the years, including flatpaks, and i never seemed to need it. I hope it stays that way considering they’re implementing this shit too.
In this case Artix already is a systemd-free distro, but this is part of why i think it’s a bad idea that systemd is wanting to implement the age verification crap, cause i think the distro should be allowed to decide if they want to comply or not. Feels like distros that use systemd will be forced to comply unless they change init, which is probably a pain in of itself.
Where do I install an Ageless-style patch to force flagrant non-compliance for systemd distros?
Artix is patching many packages anyway, so one more package patched to remove age stuff or add a dummy interface that always returns 18+ won’t be too difficult.
That’s what Ageless already does, so maybe Artix could implement that officially in their distro by what you’re suggesting?
That is why I donate to them.
I hope you donate to them
Tnx
We’ll NEVER require any verification or identification from the user.
Cool so no passwords?
In fact Arch and Artix do not require you to make a password to install the OS (even though you probably should).
But making a password doesn’t identify you or verify anything about you, anyway.
And regardless, say you do create a password at installation (as you should). The next time you type it in, that’s really you verifying yourself.
A password is litterally the OS verifying you are who you are claiming to be.
But making a password doesn’t identify you or verify anything about you, anyway.
Neither is putting in a date of birth.
I think there’s some confusion here about the concept of “identification”.
A date of birth is generally considered identifying information because it can be used to implicate other information about your real-life self, and it can have real-life consequences for you if it is known. It discrimantes and differentiates you from other individuals in ways that have real-life implications.
What does a password identify about you? Well it verifies that you are “the same person who set the password on the OS”.
So to compare and contrast, A DOB identifies you as…
- a person who may not be allowed to install certain programs or access certain information/content, based on age
- a person in a demographic who may be amenable to certain advertisements
- (if your system is compromised/leaked and age retrieved) someone who may be desireable by predators
- (in the context of investigation or stalking) someone who is not a specific other individual (ie it narrows you down from a pool of individuals)
Having entered a password identifies you as…
- the same person who set up the OS
- ??? - feel free to let me know if you’ve got anything here.
To consider the act of entering a password as an “identity” is pretty bizarre, and frankly the notion seems contrived just to be argumentative.
Wow sounds like they should only return an age bracket to mitigate most of those risks.
Also if your system is compromised it’s insane to think your DOB is the problem and not everything else on your system that can ID you.
Wow sounds like they should only return an age bracket to mitigate most of those risks.
Isn’t it even better just to take nothing related to your age at all?
…the problem…
But there isn’t “the problem”; there are multiple problems. Isn’t it good to have fewer problems?
…if your system is compromised…
Also it’s not just your system getting compromised that could be an issue. Say you put your age or age bracket in. Then some application or website retreives that, and stores it on their end, mapped to your user id or email or whatever. Then that system gets compromised. Even if your personal computer is perfectly safe and sound, they still got it.
That’s a real good case for the application website not storing it (which is in the CA law)
What about the websites that will store it anyway, despite it being illegal? And what about if the laws change?
No, it is the OS verifying what you know. The OS doesn’t care if you gave your password to anyone, just that whoever is opening the PC knows the password.
Verifying who you are would be biometric verification or ID verification.
In my case I require a password and a hardware key on login. That is still not verifying that I am myself, only that I know the password, and have the hardware key. If I added fingerprint scanning then I would have the holy trifecta and only then verify who I am.
If you think about it like that none of the proposed laws verify anything, even the worst one just verified you logged into the account with credentials for someone who put their DOB in the age bracket returned by the API
And that’s why I fear what comes next now that the infrastructure has been set for sharing sensitive data like DoB. Brazil’s law already stated that self-reporting age is not sufficient.
By that logic you should disconnect from the Internet entirely and use templeOS.
OR, we can just use a distro like Artix that doesn’t comply with the law.
And only the 7 people using the OS will care.
The fact you have exactly 7 downvotes is hilarious
it is copies?
