- cross-posted to:
- privacy@lemmy.ml
- cross-posted to:
- privacy@lemmy.ml
You must log in or # to comment.
When these guys say “think of the children!”, it’s usually with their hands down their own pants.
Never forget who is behind this https://youtu.be/Yd7j_u-wPoM
Who knew 1984 would rear its ugly head wearing the sash of democracy (tons of leftist theorists knew)
Regulate the social networks instead
Finally, torrenting Linux distros becomes a thing, rather than a curiosity
The ONLY way I could remotely support age verification is if it was anonymized from the individual, similar to how companies like Mullvad do their VPN or with prepaid gift cards etc
You get a card that has a PIN behind a scratch-off section. You can buy the card for cash or order online, but there’s nothing tying the buyer to the card.
Age verification can be similar where you go to a registered location, provide valid ID and like $5 to get a scratch off card. The code on the card just validates “user is 18+” but otherwise has no ties back to their actual identity.
If a site wants to do an age check, it can validate the card PIN or on phone potentially scan a 3d barcode behind the scratch-off. Maybe some hash check could be involved to avoid the need for a centralized provider.
This would still be a bad idea as porn is still available elsewhere online.
The German ID card has that functionality. Date of birth is saved on the chip card and you can identify yourself via NFC reader and the open source ID app. You can see what information is transmitted before sending it. In the case of age verification, it would only be “underage yes/no”. It’s not perfect but pretty good from a privacy standpoint.
That sounds pretty close to what I’d expect, except for it presumably still being tied to the person overall
Or we could just let people do what they want on their own god damn computers.
Like… “This”
My computer, regardless of the OS that it runs, should do my bidding and only my bidding.
If I want to enable or disable something, that should be my prerogative.
I commented in a similar thread and I’ll restate it here:
I do support parental controls being an option, and will use the whole Free-Market thing and choose to use an OS that has parental controls for my children – but I am also happy to see my children evade my restrictions with their knowledge and skills. And, more specifically, these need to be OPT-IN. As a parent, I can create an account and identify it as supervised or give it an age range, and that’s all cool. What isn’t cool is making me Verify* MY age range in order to create an account on a device I own.
*especially verification that involves giving up my privacy, such as face scan, government ID or similar PII. We used to have laws protecting this data. I’ve helped build whole systems to ensure that only trained admins had rights to access customer PII.
H.R. 8250 is an attack on freedom to use… everything… It’s so vague, and doesn’t even describe it’s terms the way the California bill does. A Missile developed by Lockheed Martin has an Operating System and I’m certain that if I had one in my hands I could make it run DOOM, thus making it a ‘General Purpose Computing Device’.
… Maybe those Doom-on-fridge/toaster people were on to something. Samsung, LG, etc need to quickly evaluate their fucking toasters to ensure they can’t run DOOM, or ensure they can verify a user’s age before enabling toasting.
I also (dis)like how section 2.A.5.i will require the commission to describe how every operating system will verify a parent or legal guardian’s age’s within 6 months and then have an effective date of a year. Has anyone involved with writing this bill done software development?! Sure, this sounds simple on paper, but I have a 30+ year plan to actually implement it; because I’m a volunteer open source dev working on my OS in my free time without pay.
Anyone looking at this and thinking it’s a good idea, take a moment to think about this: Who has resources to dedicate whole teams to implementing this privacy invasion? It’s the big players like Microslop, Apple, Google, and a handful of Enterprise-grade Linux/Unix providers. Anyone else could face financial ruin for distributing their home-grown OS experiment if it gets enough attention and that will prevent new distros or operating systems from being developed, leading to effectively regulatory capture by the existing players. That’s not going to end well.
I mean, for the most part yes. I’m not even so much concerned about my kids viewing porn, more so than somebody else will make nasty deepfakes of them and post online etc, so age verification won’t fix that.
I could see it help with discriminating between people at their “own damn computers” and bots or misinformation/psyops campaigns run out of certain foreign countries though (assuming any ID also ties back to parent country).
Mate, they can’t even stop scammers faking a caller ID. This will do absolutely nothing against bad faith actors.
I think it’s less a matter of “can’t” and more a matter of “can’t … be added to bother putting in a significant effort/investment”
So why do you think this will be any different?
we already have laws for all those issues you mentioned but there is no profit in the way they are currently enforced. this bill will create massive profit opportunities and kill off a ton of the little guys; for fb etc it’s competition squishing essentially.
I would support a simple toggle, a content safe mode and an unrestricted mode, selectable at the OS level through a parental controls option. Then have sites flag all “objectionable” or not safe for work material. The restricted mode would not even download such content.
Done, more power to parents, and smart kids, while not destroying the internet to block content that conservatives don’t like. Which is what all of these laws are based on.
You can kinda already do that with parental controls on kids’ devices and many routers, as well as services provided by ISP’s. In Canada there’s also a free national DNS provider that has a tier the filters out known malicious and/or adult sites at the DNS level depending on which hosts you point at.
Waiting for half of the fediverse to excuse devs complying in advance again.
I feel like OS age verification is similar to when they started asking for zip codes at checkout (U.S.). At first it was seen as weird and brushed off as harmless, but now they shamelessly ask for your email and phone number and get annoyed when you say no.
Everyone will also be automatically registered to vote Republican.
In the future, you’ll be sentenced to 10 years hard labour for a contraband OS while children are raped openly at lavish parties.
You will be sent to die for Israel 🤣
🎶Your government is run by pedophiles! 🎶
I’m so sick of this depraved pedophile oligarch Mossad shit
Palantir really wants it’s fucking database.
All because Petey truly believes that there are demons living in the United States.
He is right, demons live in US. They are in various Federal, State, Local and Corporate functions. For example current Federal government are all demons (pretty much) and all of ICE employees. Demon here is “spirit or lesser humanity” or simly said Inhuman individuals.
I keep seeing comments like this, and I just need to say, no Palantir doesn’t have any database. It’s a completely evil company that makes and sells surveillance software to governments and companies. Then the governments and companies have these terrible databases that they manage with the Palantir software.
Palantir themselves don’t do any spying or data collecting. They sell tools so that others can do that. They absolutely take the blame, but I want people to understand what’s actually happening.
there are demons living in the USA. all Petey has to do to find the closest one… is look in a mirror.
No the sad truth is that Peter Theil is, in fact, human. A human that we are all capable of becoming.
You just have to make a billion bad decisions to get where he is now.
Peter Theil and Sam Altman are why “queer owned business” is no longer an interesting label to be.
Tim Apple as well
I didn’t know, but I’m actually not surprised.
Nazis aren’t human. they are evil given physical form.
No, they are human and they bleed the same. The irony is that they don’t see the rest of us as human.
they need more summoning salts (full minor soul crystals)
The History of Superpower Implosion Speedrun World Records
Rules being implemented and enforced by actual pedophiles
*Ruling class rapists.
Rapist class
Pedophile class
Obviously everyone here hates this, but I’m gonna offer another perspective here and prepare for the down votes I guess.
There is a very good argument for OS level age ‘tracking’ as a means of creating a cohesive environment for software and websites to operate without having to implement individual age verification. The biggest actual issue here is how the OS determines what the user’s age is. If this is implemented similar to what California has done, the OS would simply ask for the user’s age at setup, and store that value, which can then be reported to programs and websites as needed. This would allow parents to setup a device for the child and not have to separately implement parental controls on every individual conceivable program, which are often easily circumvented. This would undermine any individual website’s attempts to use age verification as an excuse to collect government ID data, and the security risks inherent to that.
There’s no need to put any kind of validation onto this, it should simply be self-reported.
Now admittedly I don’t trust our government to implement this in any kind of reasonable way so I definitely understand and respect the outrage, but I guess I’m just trying to find some positive aspect of how this might be implemented.
I’ll appreciate that it’s hard to be a devil’s advocate on an argument and provide a nuanced take. But I will say the points made on the Ageless Linux website demonstrate why that’s an issue, primarily around how you’re teaching kids from their first time on the internet to lie. It really doesn’t matter whether this happens through a drivers’ license pic or a DOB selector.
Their argument is entirely based on the assumption that the child can change their DOB on the device at any time. That’s trivially easy to avoid with a simple admin password requirement. If this was implemented in any competent way (granted, that is a lot to expect of legislators) the DOB would not be able to be changed once the device/user account is setup, or would require an administrator password which obviously shouldn’t be given to the child.
But they turn around and say this is good and how things should work:
This app lets you chat with people on the internet. If you’re a kid: ask an adult before chatting online.
Yeah, the kid that’s willing to change their device settings is definitely going to go check in with Mom before they access something they know they shouldn’t be on. That’s just an unbelievably bad argument.
In the normal case where a moderate/low-tech mom buys a child an iPad, there is no step at which they’re likely to recognize it has an “admin setup”, or configure a password. They unwrap their christmas gift, and they’re likely the one to figure it out.
I can easily picture this discussion in a household strangled for time.
“Mom! I tried to use that new tablet, but it wouldn’t work!”
“Okay…sweetie, I’m running late for my shift, what’s the problem?”
“It says I’m…that I must be 18 or older to akkept the terms-”
“Did you give it your age?”
“My birthday? Yeah. Does it give you like presents on your birthday?”
“Put in…put in 1980 for the year. It’s fine. I gotta go. Love you.”
"Really? Okay. …Hey, it worked! I can play Fortnite now!-
slam
“Huh. What’s HotChat…?”Versus this: (What the website proposes)
“Mom? Is it okay if I chat with people on the internet?”
“Chat with who? You mean like your friends? Is Derek from school on there?”
“Well there’s this thing that came installed on the tablet. It says I can chat with people on the internet. But I should ask first.”
“Let me see. …Sweetie, this doesn’t look like something that’s for you. We don’t know if the people you’re talking to are strangers, or even dangerous people.” “Ohhh.”
“I can…I gotta go, but I’ll try to find you some apps that will let you chat with kids from school. Okay?”
“Aw. Okay. I can still play Fortnite though, right?”
“I…yeah. Fortnite is fine. Don’t put anything on there without talking to me, you promise?”
“I promise.”The site even backs this up: That open communication about dangers, rather than hard, automatic restrictions tends to lead to healthier upbringing from kids. Setting up fully automated barriers just leads to creative workarounds, since ultimately, adults and businesses will demand convenience - and kids will find ways to get access to it too.
So scenario one has a parent who is paying no attention to their child’s questions, but in scenario 2 they’re suddenly attentive and totally in tune with what their child is doing?
Look, you can’t fix everything for everyone, but a simple explanation for first time setup of a device is not difficult, especially if it was implemented as a national movement (law or otherwise). Absentee parents are still gonna absentee, but it would be a tool that parents who give a shit could really benefit from.
Both scenarios I give involve the parent attempting to address the problem the child has. In the first one, the child had to ask for a way around an age blocker. The parent was never going to say no to the request because they’re not going to make the case that the child “doesn’t deserve to use devices”. You could even theorize that the last part, discovering “HotChat”, happens on their own time.
In the second one, the child was advised to consult an adult before using a chat program. The answer to their problem was a direct refusal - a NO from the parent, and an explanation as to why not to proceed - rather than any form of direct help. I’m even positing this second scenario starts from the child being left to their devices.
I’d need a much more detailed description of what a universal, government-driven, “simple explanation for first time setup” would be, for all operating systems on the market: Forcing all users to make admin accounts, store a password, and then create a child account; and trusting that people won’t take simple paths for it, when most children are granted their own devices.
I’m very much in favor of giving parents tools for those things. But the way security works is, it will always be at war with convenience. As soon as people lean towards shortcuts that circumvent the intent of security (because not everyone’s lives are based around these secure systems), the tight-gripped approach to security fails out. We want parents to choose to learn these tools on their own time, not simply have them presented as a roadblock to access.
There is a very good argument for OS level age ‘tracking’ as a means of creating a cohesive environment for software and websites to operate without having to implement individual age verification. The biggest actual issue here is how the OS determines what the user’s age is.
I agree with you on this. I wouldn’t mind if there was a mechanism on browsers which would send ‘child/teen/adult’ (or whatever they’d be called) data to websites in request headers since they already report a ton of stuff to the server anyways. It would be trivial for adult sites to check one header and limit access based on that. But the setting needs to be local only, so that parents could easily set restricted accounts for their kids. The point where user age must be validated via any 3rd party it’s no longer about parental controls and the whole thing becomes a surveillance tool.
Also the limits should be agreed somehow on at least somewhat global basis so that it’s only used for porn/gore/horror and other stuff like that. Things like sexual education, religious topics (likely both pro- and against-), medical stuff and things like that should be left out of the filtering. But as with practically every ‘think of the children’-thing proposed for the internet it’s got nothing to do with children nor used only for that.
The biggest damned issue i have with the “child / teen / adult” markers is they would literally serve up minors to predators.
Malicious sites already use browser markers to tailor exploits, now they can scoop up the kiddies with ease. A 14 year old browsing substack is currently just another random user. But put in OS level markers and now they’re spotlighted.
That’s the irony. It would make kids more fucking readily ltargetted.
Of all the comments this post has generated, this is absolutely the most compelling argument against what I suggested. Thanks for your input.
That is a problem, I agree. But I still feel like it would be beneficial if there was some standard on HTTP or other protocols which could limit user access based on PG-rating instead of everyone developing their own approach. It could also be something like robots.txt, but for PG-rating, where client would do the verification.
And, as I already mentioned, that should be strictly local only setting and only for parental/guardian controlling what minors can and can’t do with their devices.
Wholeheartedly disagree. OS level age verification only removes the responsibility to protect users from the software developer and shifts it to the OS makers. Meta and OpenAI want this so bad so they don’t have to protect their users and their users children. Meta created the software the has lead to hundreds, if not thousands, of child suicide and they don’t want to be held accountable. AI companies have allowed the proliferation of CSAM, copyright infringement, and straight up theft of intellectual property, and want to push that off to OS as the responsible party. Google and Apple don’t fight it because they have extraordinarily deep pockets and already have the infrastructures in place in their app stores to accommodate this tomfoolery. This is also another avenue for increased surveillance at the deepest level of your digital life that is already extremely compromised. If we want parents to have more controls, then mandate easy to use parent controls for OS’s, apps, and web apps. Legislate mandating firewalls and routers have easy to use parental controls for internet settings. Pay people living wages and work them less hours so they can learn to use those things. Don’t add spyware into the OS. “Take off your tin hat dude.” How do you think they’ll verify age at the OS level? It will have to have an api that can be used to obtain the age verified information. Who’s responsive for reviewing all that PII? Where does that go? Who retains that information and for how long? What encryption technology is mandated to protect it from breach? Nah, man, no thanks.
Legislate mandating firewalls and routers have easy to use parental controls for internet settings.
Sorry but no. That would drive up the cost of all firewalls and routers, for no real reason, except that the manufacturers can because the government says they have to. And most firewalls that offer content filtering need some sort of a subscription to keep the filters up-to-date.
Never mind the fact that a router’s job isn’t content filtering (it’s routing).
Todays parents grew up exposed to the internet. If we don’t know how to protect our own kids and teach them how to safely use the internet, then we are hopeless as a generation.
Btw, Cloudflare WARP is free for a small number of users and has a pretty decent web filter built in. It’s far from easy to use, but it’s free and effective. I use it on my 9yo’s Fedora laptop, and as long as he can’t sudo, he can’t turn it off. And if he even tries to sudo, he will be reminded that he’s not in the sudoers file, and this incident WILL be reported.
Don’t get me wrong, I was not advocating. I was pointing out directed ways to actually “protect” kids that would be a lot less likely to really be surveillance. I don’t think any of that should happen.
I mean, it very easily could be. A service like WARP, they can decrypt the traffic, if you allow them to (it is off by default). The warp client will add the certificate to the trust-store, and the traffic will get decrypted on Cloudflare’s end.
For my kid, I kept deep-inspection off. If he figures out how to get past DNS and SNI inspections, he deserves to see a boob or two.
Well that’s just nonsensical. The only obligation it removes for software developers is the need to obtain (and justification for storing) personally identifying information on its users. Websites and apps would still be responsible for moderating their content and only serving appropriate content to underage users. It wouldn’t do anything whatsoever to remove accountability for Meta.
That’s also just a minorities to the data intrusion and surveillance this is really building. Data is king, and adding age and other demographics obtained at the OS level to more sell more targeted adds to manipulate people. The same data bend used to target political opponents by governments. But it’s cool. It’s for the safety of the kids!!!
Companies are already required to ask if their users are kids because, among other reasons, there are laws against creating ad profiles for kids, and companies have been sued for doing this even accidentally. The California law just changes how they’re required to check if they’re a kid from asking them at account creation to asking the OS at account creation, where the parents have set the age for them when the OS account was created. It gives the company checking if they’re a kid no more information than they had before. I agree with Havoc8154@mander.xyz that this is totally reasonable.
This particular federal bill, on the other hand seems closer to the Florida bill in that it requires some form of age verification instead of just accepting what the parents enter when creating the OS account. That is unreasonable. Complain to your representative, and we’ll see how it gets amended.
If the companies already have to do this, then what is the point of the OS asking for more personal notifying information than it needs just to operate? Thank beyond the seemingly “simplicity” of this and think how it can be used against you. Then decide if it’s rational. People thought the patriot act was a great idea after 911… They were wrong.
what is the point of the OS asking
Because for the purpose of securing kids accounts, it doesn’t make sense for the kids to enter their ages themselves each time they create an account at a new website.
Tell me how it can be used against me. It doesn’t give out any information beyond what I let it give out about me, and that information (an age range) is derived from information I get to make up. Remember, the California law doesn’t require any verification of the age data that is given to the OS.
Let’s just say meta delivers some problematic content that traumatizes a kid and really upsets parents. This content was on the 12-year-olds Chromebook. The kid, then setting up the laptop with his parents had his age in there appropriately, and Met used theAPI to obtain it to prevent adult content delivery. However, kid is tech savvy, creates a secondary accounts, says they are 45. Maybe uses parents ID or something to do it. They then get the adult content. Parents file suit. Meta lawyers: Our API works as designed, and we can be held liable when the OS API says the person is 45 and not 12. Case dismissed. Profit.
But okay, definitely nonsensical.
How is that any different from what happens today? Kid makes fake account - gets adult content - Meta shrugs and says they did what they could. Of course there would be ways it can be circumvented, this would change nothing about that situation except shift the responsibility of correctly inputting the users age onto the user, which is where it should be. I’d much rather have that scenario than one where meta is forcing all users to upload government IDs; Using that excuse to harvest and store even more data than necessary.
Should you have to verify your age to your car before you can turn it in, to drive to the DMV before you can obtain your license and registration? Who should have the burden?
Should your front door verify your age before you leave to go buy alcohol from the local liquor store?
Should your bed verify your age and the age of your lover before you have sex?
Also, this isn’t even the biggest problem, the problem is this is just more surveillance. Don’t comply in advance. Default to protect and keep your freedom by protecting your privacy.
😐 How do you think they will verify the age entered into the OS? Smh
So you didn’t bother to read my original post I guess, no wonder you’re confused.
I did… and everything you say is nonsensical. So I responded in the only way this system would make any sense.
Your way, the OS just takes in an age on trust, then the apps have to verify anyway. How do they do that? They need ID, when it would’ve raise to get that validation from the OS that already had the ID verified. Your way means nothing. It does nothing. It adds an age to a system for no reason and is completely unusable.
This is steel-manning an argument for a feature no one wants which is most likely the thin end of the wedge for increased surveillance and censorship.
This is just how it starts so they can trick well meaning developers into making websites and platforms which make use of this verification while it is still self-ID, but when the laws become more demanding and require connecting your user account to your real-world identity, it’ll already be too late, all of your online activity can be tied back to you.
When I make this argument, people like to call it a slippery slope, but the fact is that there are so many nations cracking down on free, unmonitored access to the internet, with social media restrictions, platforms like Discord requiring you to provide identification, and so on.
All for this, all of that risk, all for a feature that adds very little value to the computing experience of anyone.
deleted by creator
Sure, make it an optional field that you can fill in with whatever. Don’t make laws requiring it though.
The system D thing was optional and self reported and had no call home.
Dude got fucking death threats over it
You LITERALLY can’t win.
The death threats were shitty, I agree. But they were at least partially fueled by the fact that we have lawmakers trying to make it illegal to use an operating system that doesn’t ask for your age. If that systemd change was introduced in a different time, I doubt people would have even noticed or cared.
Not trying to excuse the death threats, because again, that’s shitty, there’s no reason to do that. I think it’s important to understand the context and nuance around all that though.
Wrong. There are things that belong at the application level and others that belong in user space. Fundamentally it doesn’t make sense for any sort of mandate.
TF should I have to put my age or any other personal information into my pihole or any other system I’m running.
Absolutely not, age data is biometric data. It can and will be used to fingerprint you.
So just put in a different DOB. My suggestion is entirely self reported. The point is for parents to be able to setup a device and have a single point of control.
-
I still have an issue with that. It’s like having a public facing UUID. "Man these ‘users’ all born at the same time seem to have similar habitats.
-
You’re not thinking ahead. Think about the people who aren’t even part of the discussion today. Will they know not to answer truthfully?
-
See I would be fine with this. A user input. Cannot be modified after installation. The parent installs the OS, the kid is locked down. Easy.
I’d suggest it would need to be per-user. Family computers are a lot less common nowadays, but are still a thing
Maybe not family computers so much any more, but shared devices, absolutely.
It still needs to be per user, per app. If I hand my phone to my kid or my niece, I don’t need them looking up or accidentally seeing adult content because the apps don’t ask anymore.
If the apps stop asking the user, and instead just query the OS, there’s no longer any connection to the current user. So porn sites, for example, or any app that might have adult-only content, would still have to ask. In which case - what’s the point of the OS age requirement? This is in no way more secure than the apps or websites just asking the user.
What about servers? I have several devices in my house that serve content to the rest of the house or provide other services. Would they need my birthday, even though my kids use the services? What about gaming consoles, or TVs? IoT devices? Does my thermostat, garage door opener, living room lamp, or washing machine need my birthdate?
This whole thing is truly a slippery slope that hasn’t been thought through, at least on its face. Unless, of course, the whole point of this legislation has nothing to do with “protecting children”.
Has Bipartisan support too. The corporations want this, and both of our parties listen to them first and us a distant second. Catering to corporate wants is about the only thing the two parties can agree on. It’s probably going to pass, even if I hope it doesn’t. Buckle up my friends…
Wow. They did it. The dems found a way to lose the midterms.
I doubt this will have any major effect, the vast majority of people don’t care. They are much better at ruining themselves.
Okay, what is this bill actually saying?
That soon, you won’t even be able to own most computers without registering it under a government ID?
Because that’s fucking nuts.
LoRa
If only there were more support for reticulum.
I’m more interested in meshcore, which seems to take inspiration both from reticulum and meshtastic, but i’ve heard interesting stuff about reticulum.
I reckon that’s the plan
The way things are going both with the hardware market and government over reach it won’t be long until all we can own are thin clients that rent hardware from virtual servers. In less than 10 years we won’t own our PCs and will have absolutely no privacy or anonymity online.
