There’s nothing “overboard” about pushing back on unnecessary political meddling. The operating system does not need to know your date of birth (or identity! Looking at you Micro$oft) in order to manage your hardware and software. The need to know is zero, and given the 1st Amendment I question that any political entity has the legitimate authority to compel one to alter software, open source or otherwise.
'Blowback' is handled by the Marketing department. 'Death threat' is handled by the Police department.
Technically, I can claim that every comment on Hacker News is a blog post, since it has a permalink and shows (threaded!) replies beneath it — supported by both posts and comments being the same /item?id= — but to make such a claim would be inappropriate in the site's context, both because certain 'items' get special treatment as 'posts' (e.g. cannot be downvoted), and because their underlying equivalence is invalid in the site's context. In the context of political pressure, 'blowback' describes press and public opinion drama; 'death threat' describes a criminal act. That some blowback contains death threats does not permit them to be lumped under the non-criminal heading of 'blowback'.
It's funny how people completely miss the meat of your post.
Political entities do not have the authority to compel this kind of activity. If you go along with it, you are given them a reason to keep going. You have to look at this from a rights perspective.
> It was to be expected that some members of the community would object; the actual response, however, has been shockingly hostile. Some of this has been fueled by a misinformation campaign that has targeted the systemd project and Taylor specifically, resulting in Taylor being doxxed and receiving death threats.
The operating system does not need to know your full name, email and location in order to manage your hardware and software, yet systemd has had optional fields for those for years and nobody complained. They added an extra optional field for the date of birth.
> Some of this has been fueled by a misinformation campaign that has targeted the systemd project and Taylor specifically, resulting in Taylor being doxxed and receiving death threats.
> systemd has had optional fields for those for years and nobody complained.
GECOS in 1962, and UNIX in '70s had them as well, and nobody threatened to kill their creators.
Having a field in a database is not equal to mandatory data collection. Let me remind of data that /etc/passwd allows to store on even an OS without systemd:
- User's full name (or application name, if the account is for a program)
- Building and room number or contact person
- Office telephone number
- Home telephone number
- Any other contact information (pager number, fax, external e-mail address, etc.)
> full name, email and location in order to manage your hardware and software, yet systemd has had optional fields for those for years and nobody complained.
Why, it's fine to have these values in a corporate environment: name, work email, office location. I'd be fine with an ability to store the birth date, the blood type, the zodiac sign, actually an arbitrary list of key-value pairs, as long as it's optional.
It's only a problem when the OS insists on recording your private information to let you access your private account.
Setting aside the obvious fact that it's morally wrong to harrass people, something tells me these harrassers never do the same to developers working on closed source software for companies, having the net effect of harming the FOSS movement overall.
Are Unix and Unix-like vendors making implementing this harder than it needs to be? Here is what is required for laws like California's.
1. To modify account creation so that in the scenarios where the law applies (account is being created for a child who is the primary user of the device) to ask for the age and/or birthdate of the child.
2. A way for applications to ask for the age range of the user ([0, 13), [13, 16), [16, 18), [18-infinity)).
Implicit is to store enough information from #1 to support #2.
The way I would store that information is by creating a directory, say /etc/age_group, and in that creating one file named after each age range. These files would be owned by root and not group or world readable.
On creating an account this applies to add an access control list (ACL) entry for that account to the appropriate file in /etc/age_group that allows that user to read it.
Then for #2 the way applications can check is by simply checking which files /etc/age_group it can open.
This should be more portable than the other ways I've seen proposed. POSIX access control lists are included I believe on every major Linux distribution (and also MacOS, FreeBSD, and maybe other BSDs).
This would give application writers on most Unix and Unix-like systems a common way to check if they are on a system that implements the California law (does it have /etc/age_group?) and a common way to check age group.
That’s a clever start, but it has a problem. What happens when the list of age groups changes? This list is not fixed; it changes over both time and space. How do I tell the difference between a system that doesn’t support age attestation vs one that only supports age groups that I don’t know about? For example, suppose I am looking to see if the user is in the over_13 age group, but only /etc/age_group/adolescente exists? What if there are multiple readable files?
Systemd’s solution is simpler and doesn’t have these edge cases. A higher level of software, such as the desktop environment, can query the user’s birth date from systemd and use their locale settings or time zone or other information to compute the correct age group.
This is a great idea. It very compactly implements a barebones parental control system: a parent (with admin access) can assign an age group to a user account, and apps which care can easily check it.
I think it's exactly how such a system should work: apps, sites, etc should declare an age limit, and the user's OS should decide if it's going to give the user access to them. This approach is opposite to having the user to prove their age (and worse, the legal identity) to the web site, app, etc.
I ran a Debian box for my daughter when she was a toddler and a pre-schooler. She was good at selecting her favorite movies and music in XBMC, and enjoyed simple drawing apps.
I think I'd feel the same way about race- or gender-attestation: none of your business. Let's not build the infrastructure into the operating system to selectively restrict civil rights by demographic.
Doesn't make sense to invoke civil rights and pretend there are no legislative limits. If a law is passed requiring age verification and the component can't attest, then its blocked. You must attest your age to vote for example.
As a parent, I welcome these changes. When people say, "parent your kids," this is what I need to do that: an os-level setting that serves as a source of truth, a browser that reads it, and sites that require it.
If you don't like those things then use another distro or create your own, branch a browser, and create your own Internet. I welcome that. Until then, don't say the contradictory phrases of "parent your kids," and resist any of the infrastructure to actually accomplish that.
> > I understood that the change was not going to be popular, but I was expecting civil discourse and a level-headed response.
Not to give credit to the antisocial mob, but it would be a lot easier to take the maintainers' side here if the discourse was started before the change was merged into production.
It's incredibly ironic that the LWN article praises Jeremy Soller for having reasonable objections against the change but fails to mention that systemd maintainers locked the issue* when he tried to raise his objections (and implicitly called them spam). I really fail to see how anyone could expect civil discourse given these circumstances.
* In an incredibly pathetic way too - the systemd maintainer responded to his comment, then immediately locked the issue without even waiting to see what Soller would write in return.
I'm a Mac person through and through but I've always had the deepest respect for the sincere commitment to freedom and privacy that you find in the FOSS world.
I am shocked by what's going on with systemd and by how suddenly bootlicky LWN has gotten.
1. Harrassment of these devs is wrong (no matter how shitty Lennart and systemd is (for those of us who dislike it)).
2. Why do the worst of the worst have to be on "my side" (like this harrassment, and other issues, where they are polar opposites of me when it comes to social issues). But. You have to go to war with the army/allies you have, and if that means I have to be in bed with ... a certain unduke, then I guess it shall be.
3. I remember when statements like the following would have been laughed at by the free software/"open source" community. Instead of acquiescing, and saying "well we have to plan for this big totalitarian overreach" (if you think it isn't, look at Palantir and all the big tech CEOs getting their mitts everywhere), it would have been calling to RESIST and do everything we can technically, organizationally and politically to push back against this, but here we are willingly just building our future prisons. At the behest of giant "open source" corporations who "have nothing to hide" after all.
Of course systemd is NOT a free/libre project in any sense of the word, which is all the more reason I distrust it, and this latest is going to push me off it (I'm on Cachy now). But like I am, we all just sit in the boiling water. I'm still on Firefox for example. I'm on Facebook. This is why it's important to resist BEFORE, so it doesn't become a systemic thing where everyone feels compelled to "go with the flow".
(the following, as referred to in point 3):
"Zbigniew Jędrzejewski-Szmek replied that while it was possible California's law would be changed, ""similar ideas are popping up in other contexts and it's unlikely that they'll all go away"". Ultimately, Luca Boccassi merged Taylor's changes after a bit of back-and-forth about the implementation."
If I could trust that "it's just a field, maaaaan" fine, but I don't. I see how politics is played and plays out and it's the people who are building this that should reconsider, because they ARE enabling future abuse of these systems merely by putting them in. "Oh look - we now have an affordance there's no reason not to exploit it and put it in our central repository of "authentic" validated computer users).
How long before felons are disallowed from owning/using computers? No matter how necessary that is (and I don't mean "1337 hackers" just "we must punish 'the bad guys').
If I felt we were in a forward moving direction maybe I wouldn't be so resistant, but the past 15-20 years should have taught us well about this process of enshittification and corporate capture of tech in a way we never thought possible (just like the shock of the AT&T room wiretap back in the 00s, etc...)
That said, stop harrassing these people in this manner, it is not good and does a disservice for "our cause". Goddamnit, people.
No, they don't! Entitled people doing opinion psyops normalizing overreach is the problem. We are private citizens. Public officers need to be transparent! Not the other way around.
47 comments
Technically, I can claim that every comment on Hacker News is a blog post, since it has a permalink and shows (threaded!) replies beneath it — supported by both posts and comments being the same /item?id= — but to make such a claim would be inappropriate in the site's context, both because certain 'items' get special treatment as 'posts' (e.g. cannot be downvoted), and because their underlying equivalence is invalid in the site's context. In the context of political pressure, 'blowback' describes press and public opinion drama; 'death threat' describes a criminal act. That some blowback contains death threats does not permit them to be lumped under the non-criminal heading of 'blowback'.
Political entities do not have the authority to compel this kind of activity. If you go along with it, you are given them a reason to keep going. You have to look at this from a rights perspective.
> It was to be expected that some members of the community would object; the actual response, however, has been shockingly hostile. Some of this has been fueled by a misinformation campaign that has targeted the systemd project and Taylor specifically, resulting in Taylor being doxxed and receiving death threats.
I think we can agree this is overboard
> I think we can agree this is overboard
Yeah it’s not like these people are IRC operators or something!
> Some of this has been fueled by a misinformation campaign that has targeted the systemd project and Taylor specifically, resulting in Taylor being doxxed and receiving death threats.
I see.
> systemd has had optional fields for those for years and nobody complained.
GECOS in 1962, and UNIX in '70s had them as well, and nobody threatened to kill their creators.
Having a field in a database is not equal to mandatory data collection. Let me remind of data that /etc/passwd allows to store on even an OS without systemd:
- User's full name (or application name, if the account is for a program)
- Building and room number or contact person
- Office telephone number
- Home telephone number
- Any other contact information (pager number, fax, external e-mail address, etc.)
> full name, email and location in order to manage your hardware and software, yet systemd has had optional fields for those for years and nobody complained.
maybe we should complain
It's only a problem when the OS insists on recording your private information to let you access your private account.
1. To modify account creation so that in the scenarios where the law applies (account is being created for a child who is the primary user of the device) to ask for the age and/or birthdate of the child.
2. A way for applications to ask for the age range of the user ([0, 13), [13, 16), [16, 18), [18-infinity)).
Implicit is to store enough information from #1 to support #2.
The way I would store that information is by creating a directory, say /etc/age_group, and in that creating one file named after each age range. These files would be owned by root and not group or world readable.
On creating an account this applies to add an access control list (ACL) entry for that account to the appropriate file in /etc/age_group that allows that user to read it.
Then for #2 the way applications can check is by simply checking which files /etc/age_group it can open.
This should be more portable than the other ways I've seen proposed. POSIX access control lists are included I believe on every major Linux distribution (and also MacOS, FreeBSD, and maybe other BSDs).
This would give application writers on most Unix and Unix-like systems a common way to check if they are on a system that implements the California law (does it have /etc/age_group?) and a common way to check age group.
over_13age group, but only/etc/age_group/adolescenteexists? What if there are multiple readable files?Systemd’s solution is simpler and doesn’t have these edge cases. A higher level of software, such as the desktop environment, can query the user’s birth date from systemd and use their locale settings or time zone or other information to compute the correct age group.
I think it's exactly how such a system should work: apps, sites, etc should declare an age limit, and the user's OS should decide if it's going to give the user access to them. This approach is opposite to having the user to prove their age (and worse, the legal identity) to the web site, app, etc.
For the most part, I actually agree that Ubuntu is an appropriate operating system for toddlers.
If you don't like those things then use another distro or create your own, branch a browser, and create your own Internet. I welcome that. Until then, don't say the contradictory phrases of "parent your kids," and resist any of the infrastructure to actually accomplish that.
> > I understood that the change was not going to be popular, but I was expecting civil discourse and a level-headed response.
Not to give credit to the antisocial mob, but it would be a lot easier to take the maintainers' side here if the discourse was started before the change was merged into production.
It's incredibly ironic that the LWN article praises Jeremy Soller for having reasonable objections against the change but fails to mention that systemd maintainers locked the issue* when he tried to raise his objections (and implicitly called them spam). I really fail to see how anyone could expect civil discourse given these circumstances.
* In an incredibly pathetic way too - the systemd maintainer responded to his comment, then immediately locked the issue without even waiting to see what Soller would write in return.
I am shocked by what's going on with systemd and by how suddenly bootlicky LWN has gotten.
2. Why do the worst of the worst have to be on "my side" (like this harrassment, and other issues, where they are polar opposites of me when it comes to social issues). But. You have to go to war with the army/allies you have, and if that means I have to be in bed with ... a certain unduke, then I guess it shall be.
3. I remember when statements like the following would have been laughed at by the free software/"open source" community. Instead of acquiescing, and saying "well we have to plan for this big totalitarian overreach" (if you think it isn't, look at Palantir and all the big tech CEOs getting their mitts everywhere), it would have been calling to RESIST and do everything we can technically, organizationally and politically to push back against this, but here we are willingly just building our future prisons. At the behest of giant "open source" corporations who "have nothing to hide" after all.
Of course systemd is NOT a free/libre project in any sense of the word, which is all the more reason I distrust it, and this latest is going to push me off it (I'm on Cachy now). But like I am, we all just sit in the boiling water. I'm still on Firefox for example. I'm on Facebook. This is why it's important to resist BEFORE, so it doesn't become a systemic thing where everyone feels compelled to "go with the flow".
(the following, as referred to in point 3): "Zbigniew Jędrzejewski-Szmek replied that while it was possible California's law would be changed, ""similar ideas are popping up in other contexts and it's unlikely that they'll all go away"". Ultimately, Luca Boccassi merged Taylor's changes after a bit of back-and-forth about the implementation."
If I could trust that "it's just a field, maaaaan" fine, but I don't. I see how politics is played and plays out and it's the people who are building this that should reconsider, because they ARE enabling future abuse of these systems merely by putting them in. "Oh look - we now have an affordance there's no reason not to exploit it and put it in our central repository of "authentic" validated computer users).
How long before felons are disallowed from owning/using computers? No matter how necessary that is (and I don't mean "1337 hackers" just "we must punish 'the bad guys').
If I felt we were in a forward moving direction maybe I wouldn't be so resistant, but the past 15-20 years should have taught us well about this process of enshittification and corporate capture of tech in a way we never thought possible (just like the shock of the AT&T room wiretap back in the 00s, etc...)
That said, stop harrassing these people in this manner, it is not good and does a disservice for "our cause". Goddamnit, people.
>systemd age-attestation changes
WTF?