It rubs me the wrong way that the person opening this PR says "we have decided not to implement OS-level age attestation" when they seem to have no prior involvement with systemd, and it's clearly not their call to make.
I wouldn't go so far as to call it astroturfing, but it's the same thing that's irksome about anyone claiming to speak on behalf of a group they actually have no involvement in. Feels like someone trying to score cheap points.
Age verification through the OS could make parental control much easier. Just set the age of your child on a given system with your own account, and apps and websites can signal what the minimum age is, and then the OS can decide to block it or not. Could be very privacy friendly compared to the current online methods, like what Discord did.
Of course, I'm not in favour of actual verification of the age attribute. And I've heard the slippery slope arguments. But if I were a parent this would be great.
Problem with setting up parental controls currently is that it takes some effort and knowledge of these tools, not every parent has that. I mean, even people who do, are usually chaotic in the digital domain, like for example, (re-)using very bad passwords. So why expect people to do better with parental controls?
Legislating it in the OS takes power away from parental controls.
What you actually described, however, is websites and apps reporting information about their content to the OS. That would indeed give more power to parental controls. But what's being legislated is reporting age range to platforms.
Doesn't make much of a difference, the former is just slightly more privacy friendly than the latter. Which is preferable of course, but no big difference compared to reporting an age bracket to platforms.
I also don't see how it takes anything away, you could still set stricter policies with those tools, or more mild ones if you set the age to 18.
Sure, as something parents opt into and where the local OS is the place where age and content rating are compared it could be a useful parenting tool. As something that lets big social media companies shift responsibility onto everyone else and opens the door for more user tracking and targeted advertising, it's not doing me or my kids any favors.
We could set some sort of standard, eg using the <meta> tags on web pages to set an age bracket? (or better, include actual fine grained content warnings like PEGI provides?) , now the parents can control what the kid sees; or even the kids themselves at times, which is probably much closer to what is desirable.
Just yesterday I finally got tired of all the browser security warnings and decided to buy a domain name and set up SSL in my local network. I spent like 10 minutes flummoxed by why my reverse proxy couldn't get a new cert from Let's Encrypt until I looked in the logs to see that Let's Encrypt refused because the account my reverse proxy had been using since I set it up had the email address as "admin@hostname" because this was all for my own personal use and my local reverse proxy doesn't need an actual email address, it just needed some value for some entry in some database.
This is my long-winded way of saying, "Who cares?" Give it whatever age you want. When people object to these type of initiatives for political reasons, they should state the political argument for why they are bad. But rebelling against them for practical technical reasons always seems a little silly to me and can end up being counterproductive when it shifts the conversation away from the central issue.
I would agree when it comes to the most basic real-world skills, but even then you cannot prohibit it. When it comes to digital skills, no, you cannot expect everyone to understand it. Even when it comes to GUI tools. It's just not realistic.
Sounds like a great way to stunt development. Alcohol and cigarettes are unambiguously harmful to children. Computing is not so unambiguous, it has a lot of benefits. How many of us here would lead very different lives if we were treated that way?
This could be an option with children under the age of 12. Maybe only let them use a computer or gaming console in the living room, or something like that.
There's really a wide range between "not looking after kids" and "watching them every second." Unlike the physical world, digital items allow kids to transition from a totally safe space to an unsafe space within seconds.
For example, I can have my kid do whatever he wants in his room. I know what's in there and while he may have the occasional stupid idea, it's all fundamentally safe.
But even a tablet breaks that barrier. It's entirely safe for him to listen to music and stories and I want him to be able to do that unsupervised. But solid control over content on Spotify isn't a thing. The catalog contains things that I consider not appropriate for him. And they've lately been adding vidoes to the feed and while I know he tries hard to resist, they deliberately push videos further and further up. So we're back to "I can turn on the story for you and you can listen.", which is super stupid and could be much better if I had solid controls that I can trust.
Yes, I know I can talk to him about not watching the videos. How can an 8 year old compete with the combined effort of the Spotify team paid to make him watch videos? That's just not feasible.
If anything, the POSIX passwd specification should be updated to include age instead of introducing yet another dependency on systemd for something that affects the entire ecosystem.
If you have to have age, then I agree /etc/passwd is the best place.
But that means a user's birth date will be public viewable, for some people that would be an issue. In my opinion. bdate should not be stored anywhere in Linux or any UNIX type system. Linux and the BSD should ignore these laws completely and we move on from this.
I still do no understand why the Linux Foundation is not chiming in. By keeping quiet all the LF is doing is reinforcing the perception that LF is fully owned by "Big Tech".
Have fun debugging your brittle init scripts. All my systemd servers are working flawlessly, have done so for years, and will continue to do so.
The Linux ecosystem would be such a vastly more enjoyable place if you people would take all that energy you put into that petty fight over systemd into something productive.
“Inferior technology stack”. Didn’t I just read a few days ago about pf queues just now breaking 4Gbps? Look me up, I’ve written a lot about high speed networking.
How are those containers working out for you? Have you heard about these things called VMs? Which I moved on from like 8 years ago?
Not to mention ole Theo likes to alienate you folks at every possible opportunity, even when it doesn’t matter to the core philosophy of openbsd.
I mean, you do you, but at least demonstrate an ounce of intellectual integrity about it.
Not GP, but I'm running OpenBSD on a laptop, not in a datacenter. I have a small Alpine VM that I often forget about. I also have Debian 12 on a Mac Mini and while it's systemd, it could be OpenRC for all that I care about it.
I can see a case for systemd on a server, but have never seen the point on user-facing distro.
I already considered trying a BSD, but the GNU parts are the things I have no problem with and confound myself. So BSD might not be the answer, when it's the non-GNU parts of my GNU/Linux install that annoy me.
The GNU parts of GNU/Linux were written the way they were so the FSF wouldn't get sued by AT&T. Come to the dark side and see what software can be when written for programmers instead of lawyers.
I like *BSD, I have like 4 machines in my home running Free or Open, but no, this is not why GNU has the personality it does.
I feel a lot of it is the way it is because in the pre-linux era, it was common to run GNU tools on commercial Unix, and so it absorbed may options, flags, syntaxes etc. from those various systems that it needed to be drop in replacements for. In the old school Unix wars of SysV vs BSD, it wound up with more of a SysV personality.
I currently like Debian, because of the stability and them removing unwanted features and integrating software with the OS. I mostly run a 10years+ laptop.
How so "inferior"? It's a proven techonology widely adopted by major linux distros that has been practical for everyone wanting to manage their system.
Give me your alternative of "superior" technology.
The original rc-style sysvinit scripts of arch were neither brittle nor buggy. Everything could be configured with "rc.conf" and writing own services was dead simple. All of this was possible with many orders of magnitudes of less complexity.
From the comment closing the revert by Poettering:
>It's an optional field in the userdb JSON object. It's not a policy engine, not an API for apps. We just define the field, so that it's standardized iff people want to store the date there, but it's entirely optional.
I wouldn't go so far as to call it astroturfing, but it's the same thing that's irksome about anyone claiming to speak on behalf of a group they actually have no involvement in. Feels like someone trying to score cheap points.
Of course, I'm not in favour of actual verification of the age attribute. And I've heard the slippery slope arguments. But if I were a parent this would be great.
Problem with setting up parental controls currently is that it takes some effort and knowledge of these tools, not every parent has that. I mean, even people who do, are usually chaotic in the digital domain, like for example, (re-)using very bad passwords. So why expect people to do better with parental controls?
What you actually described, however, is websites and apps reporting information about their content to the OS. That would indeed give more power to parental controls. But what's being legislated is reporting age range to platforms.
I also don't see how it takes anything away, you could still set stricter policies with those tools, or more mild ones if you set the age to 18.
This is my long-winded way of saying, "Who cares?" Give it whatever age you want. When people object to these type of initiatives for political reasons, they should state the political argument for why they are bad. But rebelling against them for practical technical reasons always seems a little silly to me and can end up being counterproductive when it shifts the conversation away from the central issue.
any parents caught providing such things to their children go on a register and have mandatory courses on parenting.
For example, I can have my kid do whatever he wants in his room. I know what's in there and while he may have the occasional stupid idea, it's all fundamentally safe.
But even a tablet breaks that barrier. It's entirely safe for him to listen to music and stories and I want him to be able to do that unsupervised. But solid control over content on Spotify isn't a thing. The catalog contains things that I consider not appropriate for him. And they've lately been adding vidoes to the feed and while I know he tries hard to resist, they deliberately push videos further and further up. So we're back to "I can turn on the story for you and you can listen.", which is super stupid and could be much better if I had solid controls that I can trust.
Yes, I know I can talk to him about not watching the videos. How can an 8 year old compete with the combined effort of the Spotify team paid to make him watch videos? That's just not feasible.
But that means a user's birth date will be public viewable, for some people that would be an issue. In my opinion. bdate should not be stored anywhere in Linux or any UNIX type system. Linux and the BSD should ignore these laws completely and we move on from this.
I still do no understand why the Linux Foundation is not chiming in. By keeping quiet all the LF is doing is reinforcing the perception that LF is fully owned by "Big Tech".
If only every major distribution didn't break backwards compatibility to play with the cool kids.
Time to get back to programs that do one thing and do it well.
The Linux ecosystem would be such a vastly more enjoyable place if you people would take all that energy you put into that petty fight over systemd into something productive.
Seeing Linux drama at this point is just entertainment.
The inferior technology stack pushed by big tech and defended by people who know better has been something else.
You'll take my software freedom from my cold dead hands.
“Inferior technology stack”. Didn’t I just read a few days ago about pf queues just now breaking 4Gbps? Look me up, I’ve written a lot about high speed networking.
How are those containers working out for you? Have you heard about these things called VMs? Which I moved on from like 8 years ago?
Not to mention ole Theo likes to alienate you folks at every possible opportunity, even when it doesn’t matter to the core philosophy of openbsd.
I mean, you do you, but at least demonstrate an ounce of intellectual integrity about it.
I can see a case for systemd on a server, but have never seen the point on user-facing distro.
I’m just stating that Linux being technologically inferior because of something-something corporate overlords is… silly
I feel a lot of it is the way it is because in the pre-linux era, it was common to run GNU tools on commercial Unix, and so it absorbed may options, flags, syntaxes etc. from those various systems that it needed to be drop in replacements for. In the old school Unix wars of SysV vs BSD, it wound up with more of a SysV personality.
I currently like Debian, because of the stability and them removing unwanted features and integrating software with the OS. I mostly run a 10years+ laptop.
How so "inferior"? It's a proven techonology widely adopted by major linux distros that has been practical for everyone wanting to manage their system.
Give me your alternative of "superior" technology.
From the comment closing the revert by Poettering:
>It's an optional field in the userdb JSON object. It's not a policy engine, not an API for apps. We just define the field, so that it's standardized iff people want to store the date there, but it's entirely optional.
And the author of the PR came in a little hot, which probably didn't help.