This should be the time for open-source developers to use their common sense to decide whether we should push back.
If California wants to create its own Protect the children operating system, it should bear the cost and responsibility for this alone, and not export any of the sketchy political agenda to the wider open source community.
It's the law. If you live in the United States, and a minor in California uses your OS that didn't check age, you could be liable for up to $2500 per occurrence. That can add up quickly if California schoolkids discover your OS does an end run around the law. When ruin is the alternative, compliance becomes non-negotiable.
Did you consider that companies want to sell laptops/PC with Linux in California?
This is open-source, you can modify software to align with your business goals, including complying to regulations. If you have something against regulations, take that with lawmakers, not businesses which actually trying to promote Linux.
I don't mean to come across as a snob, or anything like that, but I find this PR really odd.
It's the authors first time contributing to this repo and it the feedback on the PR that was addressed is really odd, like some of it is super basic stuff, even if you're not familiar with the code base or the language.
Yeah, it's the most basic thing you could do that's not intrusive to the rest of the system. userdb is a local directory and most directories, like LDAP, have a DoB field. Even if these laws fizzle out the change would still be potentially useful for other things like parental controls apps.
The context is that this is in response to California in the US potentially passing a law that requires age verification on the operating system level.
First they have to build infrastructure for the future mandatory KYC. So, age field comes first, then comes new Poettering startup to deny you modifications of your Linux, and finally you are not allowed to use a computer unless you present your ID.
In late 90s we would have laughed if somebody proposed this was going to be a thing, let alone that linux community will just go with it. Heck, I would not have believed systemd was going to happen.
It's trusted in the sense that it lets the person with power (the root of trust) trust the hardware.
That person just isn't you.
It's a way to enforce power relations by making the hardware respect them. From this perspective, it's pretty evident how it degrades adversarial interoperability, which is about ignoring power relations to build your own system.
It's about making sure you can't bypass systems like this-- or rather, that when you use your rights under the GPL to remove this privacy invading crud or just otherwise modify your software you'll be broadly banned from interacting with third party services.
* LP had zero objections to merging this commit into systemd [1];
* Amutable CEO is confident they have a very robust path to revenue [2];
* It is Facebook that pushes age verification laws all around the world;
I sense that his new startup is exactly what we are afraid of: a way to prevent reverting of these patch and then actually enforce the upcoming mandatory KYC to use the computer.
I cannot express how disappointed I am to see open source projects giving in to complying with age attestation laws.
I feel like complying really undermines any first amendment arguments. Software is a first amendment protected form of expression, giving in before getting any actual threats from the state makes your participation seem voluntary.
Systemd's participation puts the entire world into compliance with a California law
BSDs don’t use SystemD, neither do some distros. After they have been exposed here as collaborators I suspect we will see freedom-respecting distros move away from them. I myself have been neutral to weakly positive on SystemD until now, as they put forward some decent solutions to longstanding problems, but from now on I intend to stop using their software entirely.
As it turns out, the people who warned against “professionalizing” and corporatizing Linux were correct.
Techbros gonna techbro... bending the knee to fascists and privacy traitors. The next law will groom something else and eventually it will be tech requiring digital identification and approval to use the internet.
They are the fascist. They are the private companies getting in cahoots with the state for their own gains. It was always about money and thus power for them. Never about freedom.
Will unincorporated distros who don't comply be illegal to use in the areas passing these laws? This isn't "obscenity" -- isn't there a first amendment argument for these projects?
It's scary how much global surveillance is closing in to become a reality with states passing these lesgilations, in the name of "protecting children", but it just serves to collect citizent personal data...
And now they are creeping into open source projects too. What once was thought as the bastion of absolute freedom from the state
> Stores the user's birth date for age verification, as required by recent laws in California (AB-1043), Colorado (SB26-051), Brazil (Lei 15.211/2025), etc.
The Brazilian law does NOT require this. This is a misconception, and likely based on an understanding of California's law being extrapolated to the Brazilian law.
They are almost complete opposites.
The Brazilian law (Lei 15.211/2025) puts the burden of age verification on *providers* of web platforms, app stores, or dumb terminals. Not on operational systems.
It also mentions "reasonable measurements" - which vary according to the type of content, platform, etc - and which are much less strict that anything written in California's or UK's laws regarding the same subject. It is far more based on individual risk assessment and purpose of the platforms themselves.
In all fairness, the Brazilian law is the most friendly to open source and the status quo. Even though I'm also worried about the long term results of this legislation, I'm somewhat relieved by the way it turned out.
The hope that humanity has learned something from wasting its time clicking away completely useless cookie pop-ups on websites has probably died once and for all.
I wonder who this https://github.com/dylanmtaylor guy is. Comes out of the blue and posts PRs into lots of open source repositories for this feature that should repulse every self-respecting human being.
And not only that, but he engages in communication with people in tickets and ignores all constructive criticism.
* LP had zero objections to merging this commit into systemd [1];
* Amutable CEO is confident they have a very robust path to revenue [2];
* It is Facebook that pushes age verification laws all around the world;
I sense that his new startup is exactly what we are afraid of: a way to prevent reverting of these patch and then actually enforce the upcoming mandatory KYC to use the computer.
Could someone clarify for a linux newbie like me... In practical terms, what does this mean? I'm on Debian so presumably Debian will eventually pick this update, and then what? When I upgrade my system I'll get a prompt asking for my date of birth?
The author is not from the places where he claims that these are laws. The Californian law is not in effect.
Dylan M. Taylor's GH profile claims that he's from Durham, NC (which does not have this law). He also references to a draft to xdg-desktop-portal which has not been accepted. (Add parental controls to the Accounts portal: https://github.com/flatpak/xdg-desktop-portal/pull/1922)
I'm asking:
- What is this guy's personal interest in pushing this through? (It seems non-neccessary and is questionable at what the end goal)
- Who's political agenda is he sponsoring for this?
- Is he getting financially incentivized to do this?
57 comments
[ 3.0 ms ] story [ 75.5 ms ] threadIf California wants to create its own Protect the children operating system, it should bear the cost and responsibility for this alone, and not export any of the sketchy political agenda to the wider open source community.
It's the authors first time contributing to this repo and it the feedback on the PR that was addressed is really odd, like some of it is super basic stuff, even if you're not familiar with the code base or the language.
Just an all round weird vibe.
I’ve seen Claude reproduce nearly identical comments, wonder if that’s a couidence
A few years down the road it might not be.
In late 90s we would have laughed if somebody proposed this was going to be a thing, let alone that linux community will just go with it. Heck, I would not have believed systemd was going to happen.
And yet, here we are.
I am out of the loop: what is so special about 1969 concerning age verification?
i'm always a fan of 1-JAN-1970
[eg. the "birth" of UNIX-like OSes unix-timestamp eg. "0" ;]
or
date -d @0
cheers a..z
[0]: https://news.ycombinator.com/item?id=46784572
That person just isn't you.
It's a way to enforce power relations by making the hardware respect them. From this perspective, it's pretty evident how it degrades adversarial interoperability, which is about ignoring power relations to build your own system.
* LP had zero objections to merging this commit into systemd [1];
* Amutable CEO is confident they have a very robust path to revenue [2];
* It is Facebook that pushes age verification laws all around the world;
I sense that his new startup is exactly what we are afraid of: a way to prevent reverting of these patch and then actually enforce the upcoming mandatory KYC to use the computer.
[1] https://github.com/systemd/systemd/pull/40954#issuecomment-4...
[2] https://news.ycombinator.com/item?id=46785048
I feel like complying really undermines any first amendment arguments. Software is a first amendment protected form of expression, giving in before getting any actual threats from the state makes your participation seem voluntary.
Systemd's participation puts the entire world into compliance with a California law
As it turns out, the people who warned against “professionalizing” and corporatizing Linux were correct.
They cannot loose markets, like California or Brazil.
But if this becomes a thing in Linux for the distro I use (doubtful), I will abandon Linux after 30+ years.
I am rather confident OpenBSD will ignore this law and I expect other BSDs will to. If not, back to DOS :)
Note, I have a BSD on a coupld of old laptops for testing reasons. I test what I write in the BSDs to help find issues, that works well.
as per usual, liberal policy doing the exact opposite thing they claim it does.
And now they are creeping into open source projects too. What once was thought as the bastion of absolute freedom from the state
This developer should be blacklisted from all open source projects, permanently.
> Stores the user's birth date for age verification, as required by recent laws in California (AB-1043), Colorado (SB26-051), Brazil (Lei 15.211/2025), etc.
The Brazilian law does NOT require this. This is a misconception, and likely based on an understanding of California's law being extrapolated to the Brazilian law.
They are almost complete opposites.
The Brazilian law (Lei 15.211/2025) puts the burden of age verification on *providers* of web platforms, app stores, or dumb terminals. Not on operational systems.
It also mentions "reasonable measurements" - which vary according to the type of content, platform, etc - and which are much less strict that anything written in California's or UK's laws regarding the same subject. It is far more based on individual risk assessment and purpose of the platforms themselves.
In all fairness, the Brazilian law is the most friendly to open source and the status quo. Even though I'm also worried about the long term results of this legislation, I'm somewhat relieved by the way it turned out.
And not only that, but he engages in communication with people in tickets and ignores all constructive criticism.
* LP had zero objections to merging this commit into systemd [1];
* Amutable CEO is confident they have a very robust path to revenue [2];
* It is Facebook that pushes age verification laws all around the world;
I sense that his new startup is exactly what we are afraid of: a way to prevent reverting of these patch and then actually enforce the upcoming mandatory KYC to use the computer.
[1] https://github.com/systemd/systemd/pull/40954#issuecomment-4...
[2] https://news.ycombinator.com/item?id=46785048
Dylan M. Taylor's GH profile claims that he's from Durham, NC (which does not have this law). He also references to a draft to xdg-desktop-portal which has not been accepted. (Add parental controls to the Accounts portal: https://github.com/flatpak/xdg-desktop-portal/pull/1922)
I'm asking:
- What is this guy's personal interest in pushing this through? (It seems non-neccessary and is questionable at what the end goal)
- Who's political agenda is he sponsoring for this?
- Is he getting financially incentivized to do this?
- https://github.com/archlinux/archinstall/pull/4290
- https://gitlab.freedesktop.org/xdg/xdg-specs/-/merge_request...
- https://github.com/canonical/ubuntu-desktop-provision/pull/1...
- https://github.com/canonical/ubuntu-desktop-provision/pull/1... -