the law didn't even get written

https://calmatters.digitaldemocracy.org/bills/ca_202520260ab1043

Current Status: PASSED

Ummm… what?

You mean tied to IDs or something?

Commercial services would’ve just implemented that anyway. And yeah, likely with “absolute bare minimum effort.”

I’m still a bit confused. This thread is acting like this is a slope to systemd distros requiring an ID check, if I’m reading it right.

Yes, the Unix epoch is the obvious choice of birth date here

We should all agree on a common birthday, until operating systems enforce ID upload

You must be the most dramatic person in the universe, calling that a "meltdown".

What part of "now I do" you didn't understand?

Kinda. What I want is there now (niri, helix, relatively recent Gnome apps, librewolf), but it's not Nix. If you want the latest wlroots bling, it's likely not packaged. The guix pull time has not gotten better, it actually feels worse than I remember.

Very true, and this is a good argument for the importance of diversity in everything Linux.

The fact that there are distros not using it at least means there's room to fuck off to those if this gets out of hand.

Nope. I'm John Doe, living in Nice Try, Atlantis, and my email is "who@car.es". But I draw the line at being asked for my birthday (which is 1970-01-01).

The userdb already has fields for other information. Nobody enforces putting anything there, nor verifies the contents. Why should DoB be different? And why should that be on the userdb?

Red Hat probably could afford to go to court over those laws. Maybe should, too. Maybe just passively ignore them until someone drags them to court for it. But all of that would be independent of this change.

impacts the majority of distros?

And just what is that impact?

"Here, you have a space to write stuff down." So what? If I'll never read it or verify the contents, what difference does it make?

?

Yes, I get that they may want verification with government ID... but unless they do it at a firmware level, anything above a FOSS Linux kernel on my own unlocked hardware, is fully under my control.

So far, it sounds to me like "age verif theatre" as applied to single user "jailbroken" systems. If they added this on a locked down Android system, as a requirement for network access (note: this is an actual proposal being floated around) then that would be of some concern... but systemd? 🤨

That memory surely also prompted this feeling. It's just that Meta seems to be putting a lot of effort everywhere to push for this. Not so difficult to put, or corrupt, or push, people in dev communities and repos.

• get top recent commiters with https://github.com/systemd/systemd/pulse
• click on 1st link https://github.com/bluca and see https://github.com/microsoft in profile

Just 2 steps.

Yes Poettering isn't at Microsoft but seems the person driving the project at the moment is.

There's also Linux MX, Debian based, on their latest release they added systemd as an option, but you can choose sysv at first boot if you want, and that's what will be installed and used.

I understand your point and agree that this is the thin end of the wedge.

What we're doing here is discussing the phenomenon and I'm highlighting some concerns.

I believe that this is how you get a dialogue happening which will effect change, which is what we're both advocating.

I think that age verification is about surveillance rather than protecting children and I think it should be fought at every level.

This is me contributing to that fight.

Everyone knows Jesus was born one 0001-12-25

He thinks that systemd is desktop linux.

I would say the majority of objections to systemd pertain to perceived overreaches of the project (perceptions I generally share). So in that sense, it is kind of on brand.

it is crazy that Poettering is even considering merging this

You've, uh, seen systemd, right? Cmon; this is just one more section for the cancer to eat.

https://blogs.gnome.org/adrianvovk/2025/06/10/gnome-systemd-dependencies/

Unless first worlders get out of their comfort zone and fight back, nothing can be done.

🤷

In a few years, we may be smuggling in contraband Chinese RISC-V computers.

I'll never buy a computer that can't be run without this shit. If that means I run what I have until it breaks and then never have a PC again then that's what I'll do

Email your legislators telling them that parents already have access to network block tools, these laws won’t stop the problem anyway (run through a vpn), they’re a free speech nightmare, they’re collecting more data on American citizens when America has data breaches losing data every few days, and Congress literally studied this twenty years ago and decided it wasn’t a good idea then, what makes it a good idea now?

What if users are redefined as context? Now the is does not have users anymore. That's not a 'root' user, it's a 'root' context. And that's non root context with supercontext privileges

By implementing it all in the most brain dead, user space writable fashion

@ominouslemon@sh.itjust.works @linux@lemmy.ml

The git PR specifically mentions a birthDate, a data struct that feels like it could easily be tampered with (therefore, far from "confiável" (trustworthy) as explicitly required by "deverão ser adotados mecanismos confiáveis de verificação de idade" ("trustworthy age checking mechanisms must be adopted")).

Thinking of age checking as some kind of OAuth flow, one would ideally store the authz token from whatever age checking provider validated the user's age, instead of some plain data which, depending on the provider, wouldn't even be handed to the application.

I can sort of imagine the following, hypothetical flow:

1. Human tries to access the system for the first time
2. System asks for human consent to proceed with age checking
3. Human (is compelled to) accept going through age checking shenanigans
4. System redirects human to 3rd-party age checking provider interface (e.g. Persona).
5. Provider proceeds with whatever means necessary for the human to upload ID and/or selfie, who does whatever is required from them by the provider interface.
6. In case of IDs, the provider talks with gov databases (e.g. Receita Federal do Brasil for CPF "Cadastro de Pessoa Física") in order to attest the validity of the ID. In case of selfie, provider communicates with a facial recognition model/algorithm/platform.
7. Provider gets the information necessary for age-bracketing, appends it to their own DB with a signing hash, then returns the digest of said hash as a token to the system.
8. System receives the authorization payload and confirms with the provider whether it's a valid token.
9. Provider replies positively, perhaps with some kind of checksum, regarding validity of the token.
10. System stores the token to hand it to whatever subsystem (for OSes, a software; for online platforms such as social media, a module/route) requesting age info.
11. Subsystem allows or denies human access.

Some age checking models (such as EU) seems to be doing a similar thing to what I hypothesized above: the EU Digital Wallet returns a token, instead of PII. A token that can be checked against the Digital Wallet API for validity (theoretically) without disclosing who the user is (in practice, it'd be another, pretty reliable piece of traceable data despite any "anonymity")

I'm not sure whether a similar thing will be implemented here in Brazil (we got an official gov app, gov.br, which can already be used for "social log-in" by 3rd-party platforms, but I don't know whether it's ready for age check provisioning).

As far as I know Brazil and Brazilians, it's highly likely we'd end up with dependencies on Microsoft or Google services because Brazilian gov can't help but handing its own sovereignty to US tech corps, which adds to the dystopia.

I must make something very clear: I'm far from agreeing with this dystopia, I deeply despise this whole "age check" thing going on worldwide; I'm just thinking as a DevOps would.

Either this or block access to people living in hostile places. Currently it is a parental control with no verification of the thruth. You can put 01/01/01 there, if you want. If it turns into identity verification we will see what we can do.

To my understanding, it's also Meta that is lobbying for this. Basically pushing the responsibility elsewhere to the operating system vendors

Great that California allows us to be angry about it.

There are fascist governments demanding genital inspection for playing highschool sports

• That is already going on in the very same country we’re discussing.
• “Things could be even worse, so until things are just as bad as that, don’t complain or try to stop it from getting worse.”

Artix (Arch w/out systemd) supports many inits. I'd recommend dinit (which is very easy to use) or s6 (which seems more stable on Artix, but less user friendly helper tools). Both are very fast, faster than the other inits.

• There is also Chimera Linux which uses dinit and is very clean imho. A very modern take on making a traditional Linux distro which does things well and uses clean and simple OS software stack.
• Void Linux uses runit
• Devuan (Debian w/out systemd) you can use sysV, OpenRC, or runit
• And obviously there is Gentoo, which supports using OpenRC, with unofficial community guides for some other inits.

That is wild. I assume that's part of the design from the get go with btrfs? That sounds like it would have to be.

I am currently using btrfs afaik, I'll have to check on this tomorrow.

Nix is very heavily tied to systemd though

Is the idea here that an agnostic package manager will install everything within home as well, and so when that's ported, and you have one of those PMs installed, it'll pick up where you left off or is there any specific protocol for importing something like that?

How about any open source alternative e.g. https://www.luanti.org/ or Minetest or Terasology or Voxel.js or...?