A small set of people are merging changes to various Linux components to make sure every application knows your birth date.
-
@tiotasram @ShadSterling @artemis @smn I think the warning on downloads is perfectly fine but let's step back for a second: which distros need to avoid liability?
Most distros likely don't, they have no assets or there's no organization to actually sue. A few distros have some assets but why would the AG ever consider suing them? And how would they prove the number of negligent violations? There's no centralized record of users.
Are there companies who might be at risk? Valve seems the most likely but the Steam Deck is a gaming platform in millions of houses. That's worth suing over. But why would they sue Canonical over Ubuntu? Are there even 100k kids in all of California using Ubuntu? I doubt it.@wwahammy @ShadSterling @artemis @smn agree with your logic but sadly logic is often not relevant when it comes to bureaucracy.
To put it another way: a vindictive suit designed to take down a distro web server could happen merely because some silicon valley VC got mad (or bored) and decided to drop $100k on an AG race somewhere?
There are innumerable bad reasons for a suit to arise that could absolutely happen, and being "technically in compliance due to disclaimer" probably heads off some number of these. The "don't download if you're in CA" language has other upsides too, like getting a broad group of users pissed at the law and priming them for non-compliance, and setting a standard for your community that you'll stand up to bad laws by refusing compliance.
-
In case anyone is unclear, since I hear he's also campaigning on this Linux age-gating trash:
Bryan Lunduke is a fascist hatemonger. He represents the absolute worst in free software and I believe he should be ostracized from any and all parts of our community. He wants software freedom for himself and in the abstract but despises individuals expressing their freedom. He believes in a software freedom that is hollowed out and missing love.
@wwahammy Ooh, well said.
-
@alice I really am impressed that I wrote something good enough for someone to share it with me unknowingly
I think I get some sort of angry FOSS activist sticker or something.
-
A small set of people are merging changes to various Linux components to make sure every application knows your birth date.
This is being done rapidly by people with questionable justifications and being merged with no youth and few marginalized people involved.
I don't suppose you could get a summarized list of this small set of people, including legal names and birthdates and "THESE ARE THE CORPORATE CREEPS ATTACKING LINUX PLEASE SLASH THEIR TIRES" on the top of the document? Asking for a friend -
A small set of people are merging changes to various Linux components to make sure every application knows your birth date.
This is being done rapidly by people with questionable justifications and being merged with no youth and few marginalized people involved.
@wwahammy is this being merged into systemd? Time to make a fork, then. What the unbelievable shit?
-
@artemis @wwahammy this isn't complying in advance, it's complying with the law. Which passed unanimously through the California assembly and senate and was signed into law by Gavin Newsom in 2025. It's not going to be repealed.
Open source projects do not have the type of budget that allows them to merely ignore the law and shrug off fines and legal fees.
-
-
A small set of people are merging changes to various Linux components to make sure every application knows your birth date.
This is being done rapidly by people with questionable justifications and being merged with no youth and few marginalized people involved.
@wwahammy
Also this is most likely illegal under gdpr as collecting personal data that is not required for the system to work is illegal. Only necessary data should be collected. So they just made systemd illegal in Europe. Good job. -
In case anyone is unclear, since I hear he's also campaigning on this Linux age-gating trash:
Bryan Lunduke is a fascist hatemonger. He represents the absolute worst in free software and I believe he should be ostracized from any and all parts of our community. He wants software freedom for himself and in the abstract but despises individuals expressing their freedom. He believes in a software freedom that is hollowed out and missing love.
@wwahammy he don't like wokes and he complains about new lead debian project because she is a women who wants more inclusivity
Lunduke =
Need more real free software radical left/rogressiv activists'
-
A small set of people are merging changes to various Linux components to make sure every application knows your birth date.
This is being done rapidly by people with questionable justifications and being merged with no youth and few marginalized people involved.
@wwahammy waiting for the gentoo -dystopia USE flag
-
@artemis @wwahammy this isn't complying in advance, it's complying with the law. Which passed unanimously through the California assembly and senate and was signed into law by Gavin Newsom in 2025. It's not going to be repealed.
Open source projects do not have the type of budget that allows them to merely ignore the law and shrug off fines and legal fees.
-
I found this a good write-up https://www.sambent.com/the-engineer-who-tried-to-put-age-verification-into-linux-5/
-
@wwahammy @ShadSterling @smn we are rapidly getting to a point (some would argue past a point) where resistance, for us white folks who've had little skin in the game, is going to mean real consequences and confronting the fact that the law is an ass.
@artemis @wwahammy @ShadSterling @smn the "good time" of white europeans is finish
️ -
@artemis @wwahammy this isn't complying in advance, it's complying with the law. Which passed unanimously through the California assembly and senate and was signed into law by Gavin Newsom in 2025. It's not going to be repealed.
Open source projects do not have the type of budget that allows them to merely ignore the law and shrug off fines and legal fees.
-
A small set of people are merging changes to various Linux components to make sure every application knows your birth date.
This is being done rapidly by people with questionable justifications and being merged with no youth and few marginalized people involved.
@wwahammy istg these sorts of things never get passed by the people they're set to effect ever
-
-
A small set of people are merging changes to various Linux components to make sure every application knows your birth date.
This is being done rapidly by people with questionable justifications and being merged with no youth and few marginalized people involved.
The community pushed back hard on this one. The Arch maintainers are holding, Canonical backed away, and Artix Linux, the systemd-free Arch derivative, issued the clearest statement: they will never require any verification or ID. It's FOSS When someone opened a revert PR, Lennart closed it himself on March 19th. The birthDate field is in systemd and it's staying.
It's funny because only Artix isn't actively enforcing this change. Arch are lying that they're holding (they're not). Canonical are lying that they're backing away (they're not). How can I tell? Both of them use systemd. Both of them require systemd. So anything that gets merged into systemd, they require, whether they want to or not.
It's a fuggin disgrace to see people downstream of an important change saying "Oh no, no we aren't gonna comply with this nosirree," while forcing upstream compliance of it down our throats just by being useless tools. -
I found this a good write-up https://www.sambent.com/the-engineer-who-tried-to-put-age-verification-into-linux-5/
The community pushed back hard on this one. The Arch maintainers are holding, Canonical backed away, and Artix Linux, the systemd-free Arch derivative, issued the clearest statement: they will never require any verification or ID. It's FOSS When someone opened a revert PR, Lennart closed it himself on March 19th. The birthDate field is in systemd and it's staying.
It's funny because only Artix isn't actively enforcing this change. Arch are lying that they're holding (they're not). Canonical are lying that they're backing away (they're not). How can I tell? Both of them use systemd. Both of them require systemd. So anything that gets merged into systemd, they require, whether they want to or not.
It's a fuggin disgrace to see people downstream of an important change saying "Oh no, no we aren't gonna comply with this nosirree," while forcing upstream compliance of it down our throats just by being useless tools.
CC: @wwahammy@treehouse.systems @k3ym0@infosec.exchange -
@wwahammy can’t we fork it prior to that commit and maintain a separate fork?
-
@artemis I don't know why.
And I'd say "why are people complying at all?".
I think this preemptive compliance has a lot to do with a lot of low-level open source development now being a regular day-job at a large tech company. So, you have people writing code who are embedded in an infrastructure with managers, performance targets, and the corporate culture associated with that, and where compliance with whatever the corporate hierarchy demands is the norm.
This is a very different situation when you compare that to entrepreneurs and academics like Phil Zimmermann and djb, who didn't preemptively comply with export control laws.
