Some of you need to watch this video, and hang your head in shame.
Dylan Taylor has been receiving constant harassment, including threats to his life and safety, for actions done collectively by SystemD. The article by Sam Bent was explictly mentioned as part of the harassment campaign, and rightfully so.
I don’t think enough people realize that this is catastrophically bad. It’ll discourage people from becoming open source developers, it’ll discourage people from using Linux, and it’ll discourage legislators from taking the Linux community seriously.
If you ever wished ill upon another human being for complying with a relatively inconsequential law, you are better off never touching a computer again. The Linux community has collectively gone so far beyond what is acceptable here.
Can someone explain why it isn’t just a boolean that say is adult or something like that? Maybe I misunderstood but it seems like the new California law would approve that.
But I would rather the parents to use parent control.
Yeah the fact that this “guy” wouldn’t be on video or audio even with the guy interviewing him and only did DMs furthers my suspicion that this dude is straight up a bot or a group of people working for a company.
Seriously, has anyone ever seen or heard this person? He has a blog and stuff where he parrots Google talking points and the like.
Weird doing an interview all by DMs honestly.
People normally don’t want to record video of themselves while actively being lynched. The ones that do are the exception, not the norm. Hell, most people don’t even want to do that as part of a job application.
And in the first place, there’s no reason to suspect this is a bot. There’s nothing abnormal about any of this, with laws mandating age indication and someone suggesting adding an age field alongside the user’s full name and email address to the user.json.
Yeah both are good points actually you’re probably right
complying with a relatively inconsequential law
This downplays the impact to privacy these laws can have but sure, personal harassment is bad.
Counterpoint: fuck this guy for complying with the technofascists in advance like the bootlicker he is.
No one is forcing you to use a distro that uses systemd
Threats against a developer, no matter whether he’s a chud or not; is unacceptable, unhinged behavior. You have a remedy that isn’t harassment. Just don’t use his software
No one is forcing you
They absolutely forced the changes upon us.
You are free to switch distros
“You are free to use increasingly niche technology until you’re marginalized out of existence or give in and lick the boot”
they are also free to not implement spyware on theirs.
Nah this guy sucks. Obviously death threats are over the line but making his life uncomfortable is the least the Judas Iscariot of Linux deserves. We don’t need devs like this anyways, I hope he steps away from the project forever.
Grow up.
Obviously death threats are over the line but making his life uncomfortable is the least the Judas Iscariot of Linux deserves.
Harassment is over the line.
Do you really think that people on the Internet will show restraint and ‘only’ harass the person without taking it too far?
No, because there are crazy people online. Supporting any kind of mob harassment is supporting death threats and violence because they inevitably follow once the mob is large enough.
Hey, abusing his position as a maintainer is absolutely abusing that social contract, so he does lose some protection that social contract afforded.
He should be uncomfortable, not afraid for his life.
Possibly a relevant historical parallel on how this might happen (the differences are surface-level): https://lists.debian.org/debian-devel/2026/03/msg00359.html
actions done collectively by SystemD
Nope. It only needs one maintainer to do the PR
It’ll discourage people from becoming open source developers
You know what will discourage Them more? Id verification
relatively inconsequential law
Give me your Id. Seriously, go and give me your ID with nothing blurred.
Give me your Id. Seriously, go and give me your ID with nothing blurred.
My age is 26.
That’s not what they asked
I also want to see your passport and your original birth certificate
That’s not what they asked
Wrong. That is all that is asked in the Californian legislation.
so far
That’s not what they asked
Yes, I know. I answered the question that reasonably follows from the context. Not their loaded question that assumes something which was not in the pull request.
I know a lot of people like to use the slippery slope fallacy here but even if that applies, you should limit your resistance to points where you actually have a leg to stand on. It’s not like the government would find it much harder to jump straight to age verification without this age indication step. Going all-in know just does all manner of a disservice to the cause of digital privacy.
what follows from context is you giving them your ID and birth certificate so he knows you aren’t lying about your age.
We’ll deal with that when it happens. Not fighting against an imagined threat by using the slippery slope fallacy.
Start by fighting the New York one.
except they are literally eroding privacy as we speak in this slope we have been slipping down on for a decade or two at this point, as if this is happening in a vacuum.
we can be mad at multiple things at once, especially when they are all part of the same effort.
You are right that it was a loaded question, and you had a smart answer, but the implication of this “inconsequential” change represented by the current birthdate is of course more invasive identification later.
Otherwise why would they bother, because as it is now it is useless or inconsequential.
Otherwise why would they bother, because as it is now it is useless or inconsequential.
The leading theory is that this is to help companies in California comply with the child online privacy laws.
They don’t want to be correct, they want to be outraged.
This is the same Reddit-brained nonsense that ruined those communities.
I would like to live in a world that does not inspire outrage
Plenty of distros out there that don’t use systemd
I just started using Linux Mint 22. Does that use systemd?
Yes
And people down voted me when I called out the Sam Bent blog post for what it is. A hit piece.
Parental controls on linux are a good thing. This is a fine privacy respecting implementation. People are overreacting.
Parental controls already exist in linux, they are entirely optional to those who want them, we do not need those controls to be rolled out to every user!
Not to mention
- My router, an Asus one has parental controls settings already
- My ISP router, bog standard one has parental controls settings already
- My ISP account has parental controls settings already at account level, if Ia m not technical enough, I can call them and ask them to set it up
- My phone provider has parental controls
this is entirely optional. Just because they exist doesnt mean they can be improved. The ones currently available do not cover this usecase. The use case being a locally installed application wants to check if the user is 18 before showing them something.
You do realise you can easily restrict who can run what applications (or terminal commands) by using
guid? So you can easily restrict a child account being able to execute applications or games already? And you know what, this method does not rely on application developer implementing any kind of age gatekeeping using DOB field… Its generic to all distributions even ones that don’t use systemd. This is why this change is dumb and not needed.You can even use it to restrict access to terminal commands such as curl so children cannot download something they shouldn’t…
You realise some applications have a mix of content right?
Sir, this is a Lemmy.ml thread.
Reasonable, considered responses are not welcome here.
Unfortunately appeasement upwards has been taken advantage of over and over.
It’s logical to take a stance of ok what can we do to head off the bigger problem. But the truth is, over authoritative governments and tech businesses will overstep that rational offering. So appeasement needs to stop, and recognising this as the line is already occurring.
I am not gonna wish harm on the guy, but I really don’t have a lot of sympathy for a techbro simp.
Yeah preemptive bootlicking before even getting sued is not a characteristic i love to see in a dev that works on one of the most important pieces of linux software.
When the Ai companys acted after this maxime, ignore laws until getting sued, there was a huge outrage but here everyone wants the same from open source companies and developers.
It seems that double Standards are fine after all.
I dunno the exact law, but I’d differentiate based on whether the law in place is bad, or good (in my opinion). Maybe the guys doing the “double standard” also think like this.
So you say that opinion and subjective classification of good or bad is the only valid measurement?
That is the issue with double standard, everyone has their own subjective viewpoint of good or bad, of morality, of which laws to ignore and which to follow. And a lot of really bad things are done all the time in the name of good and moral reasons!
Why make any law at all if only personal, subjectiv morallity matters?
This one is a very old debate, and you are taking my opinion to an extreme. Not that I think it’s particularly offensive or anything.
This question is rhetorical: would you uphold racial segregation laws because they are the law?
There are many takes one what one should do.
I don’t think the changes in question are “upholding” any law, but rather giving system admins and software devs a convenient/predefined way to attempt to comply with the law if they choose. “Upholding” the law would be requiring the field to be filled or checked.
That said, to your point, if someone proposed a race field “so that devs can implement segregation if they choose,” I’d find that reprehensible even though it doesn’t do anything on its own. Similarly, I object to the systemd change.
I would fight the law itself, not single persons.
I agree in principle. Thankfully, the law is not “in place” in the US yet, there’s still time to amend, repeal, etc., so we are not in trouble for now.
Ofc, John Brown would disagree with you, but he is extreme by today’s standards.
A better example would be the many people who try to block policemen from evicting people from rented apartments (mostly old/sick people who cannot pay). Ofc, one could pay for one being evicted, but that would just strengthen the landlord.
I’m not US and my country doesn’t have such a law, can’t fight foreign laws.
I’m not fighting the dev either and I don’t approve harassment, I’m just switching to non-systemd distro, that’s the best message anyone can send against this.
Don’t collaborate with fascists.
systemd maintainers rolling over and complying in advance somehow isn’t even that surprising.
I don’t get the “complying in advance” argument here. What would be an appropriate date for something like this to be accepted?
Never. Let shit hit the fan if it has to. Fight back instead of swallowing the whole boot.
Legitimately the way various porn sites addressed similar laws is the way to go. Verification required in this state? “Well we’re no longer serving this state’s traffic at all, and conveniently here’s the contact info of the government officials to blame, enjoy!”
Hi. Are you a maintainer of one of the distros that might be affected by this law? If you aren’t then you have no standing to blindly tell them that they should not follow the law and risk fines that would ruin the funding for their project(s).
Bringing up porn sites is a false equivalency. Many of these laws do not require verification of ID or face scans as some are incorrectly claiming. They require a birthdate be entered during installation. The laws surrounding porn sites required 3rd party age verification which many of these sites said would not only crater their traffic from these states but also introduce a privacy nightmare which would also work against their business interests.
Well, the law doesn’t come into effect until Jan 1st 2027, so you could delay until then at the latest. Or you wait a bit longer to see what the enforcement looks like and make the companies/politicians at least sweat a bit from any potential fallout. With GDPR some companies took a long time of dragging their feet to become compliant (partially because initial enforcement was lenient to give them time).
Right. I thin you are ignoring some complexity here. This developer added a field to store some optional data in systemd. That code needs to be tested, reviewed, debated, and eventually needs to be merged in. Those merges, at least with large projects, don’t typically get added directly to main they get added to a release branch. That release branch then needs to be completed and merged where it will then be packaged. Then different distributions/installers need to add that field as a requirement to their code which typically goes through the same process. Then all those changes need to be packaged for release by the distros themselves.
So I’ll ask again. Assuming that distros do not want to risk being fined and financially ruined. What is a appropriate time before January 1st 2027 to open this pull request in systemd?
This would also assume that we would like to propose a solution (for the data storage) early enough that distros do not all come up with their own implementations and leave PII strewn across the system.
I imagine it feels quite righteous to drop maxims like this. I too am reminded everyday how glad I am not to have to live in a fascist state.
That said I think this sort of superficial dismissal is really unhelpful.
I think the vast majority of Linux users will agree we don’t want to have to work with these laws but the reality is that we do. Far better we focus our efforts on minimising harm and promoting alternative mechanisms (e.g. zero-knowledge proofs).
Further I fear this righteousness actually serves to foster a toxic culture in the free software movement. And do you know what we call belligerent people who want to stifle dissent? Fascists!
plonk
+1 for the wayback machine ;-)
I don’t wish Dylan harm, and I’m not doing anything to him. I also believe nobody here is sending threats. If you saw the video, you probably noticed that it contained a screenshot from 4chan. 4chan users have been known for terrible behaviour and they are fascists, who also oppose this change. I’m almost completely sure that they are the ones doing the bullying, not users from here.
I’d prefer if the age verification landscape would be fragmented an unusable, compared to systemd offering it in a consistent manner. Websites will use the offered APIs and will use it for extending fingerprinting. No, fake birth dates won’t save you. Even the disabled canvas API is used for fingerprinting. It just shouldn’t be exposed at all. Not that it matters because every other OS will comply and desktop linux is negligible.
The arguments presented in the video won’t convince anyone who bully people on the internet. They are most often fash and they believe that only power matters. Bullying is exerting power over people, and if they succeed in bullying them into reverting the change, they will be satisfied. Not that I think it will achieve anything, but they do. They follow Carl Schmitt’s teachings.
On “better ways to make a change”: If somebody doesn’t live in the US, and lives in sort of a dictatorship, they can neither affect murican lawmaking nor do their govt listen to anyone other than a few. If this age attestation/verification shit comes into place, their only choice here would be to go and not install systemd-userdb (or use linux without systemd). The disabled API would probably break even more websites than disabling 3rd party javascript. Their govt could also use the fingerprinting to spy more on citizens (they prolly already do).
As a thought experiment: please recommend them a better way than bullying. No, not living in a shithole country is not an option. No, they don’t have the spare money to found/donate to an existing org that fights against this. Also, companies pushing this would just outspend them.
There’s also the aspect of corporate influence over linux. It directs changes in order to further business interest over normal users’ interests. Personally, I prefer companies be out of linux and would accept lower-quality things. But also, I think the ones most hurt by these laws are the system integrators (mentioned in the video), who actually need to do things that align with normal users’ interests.
On the parental control thing: yes, age things could be used for it, but the parents know better than the computer, and user settings would be preferable (for example, kid should be able to this and that program, open this site, but not others). I think it shouldn’t be the websites who decide. Yes, parenting takes a lot of time, but we can’t substitute it with automatated fence-building.
As a thought experiment: please recommend them a better way than bullying
We could:
- reject the PR: no, because it’s already accepted by the lead.
- try to argue with the project maintainers: already failed. This is systemd we’re talking about. They are used to just plowing on regardless of what the wider community thinks.
- reject the software: systemd is fundamental to a lot of systems, so this is very painful.
It’s not hard to see why people have resorted to bullying. It’s not right, but there’s no way to make your voice heard. OSS development is not a democracy. It’s a do-ocracy. Those that d"do" dictate. Fine when the developer is aligned with the users. Chaos otherwise.
You missed this option:
- Ignore the feature and don’t use it.
systemd is quite modular. For example, if you abhor systemd-resolved (not at unreasonable stance) it’s NBD to disable it.
Recently (<1 year?) I frequently see the notion that software is “tainted” by having been touched by Bad. I find this a bit silly. Especially if it’s from a user who’s not even spending time in the codebase.
If the law creates this new API, nobody will be able to get away without leaking PII to the web (I think it will have a javascript API). 1970 jan 1 identifies *nix users, 1900 jan 1, even an “unset” will leak info on people, etc. entropy and shit. Websites will also try to use the API. One could set the function to crash JS, or disable all JS, but that already breaks 90% of the web. One could also: either not install userdb (like I do), or install a non-systemd linux, but those still will leak “unset” or “API disabled”.
There’s no getting away from this, it really is the law that we should push back against. Unfortunately it’s a fight currently only Americans and Brazilians can participate in properly. Donations won’t work well, govts these days often clamp down on NGOs because they often get money internationally, and therefore, they are “foreign interference” etc.
“user is likely accessing service from a *nix device” isn’t PII. of course anything can be used for fingerprinting, but this type of “leak” is about as insignificant as it gets. It’s not what most people would consider a violation of their privacy.
I agree with most of what you said, however, I’m not worried about most people. I’m more worried about people who are trying to act against tracking. Maybe I shouldn’t, and we cannot “personal responsibility” our way out of this, but I still haven’t processed that loss.
I’m also not worried about “user is likely accessing service from a *nix device” in itself. It’s hard to say how insignificant this particular bit is. I’ll prolly need to spoof this info, too.
The systemd change is fairly insignificant, yes. That the xdg-desktop-portal people will implement this is more worrying. I’m also worried that the systemd addition will be used as “proof” that the linux landscape is perfectly capable of adding age attestation and verification, and therefore they will dismiss any possibly amendment to the US bills and the EU wouldn’t even consider adding an exception.
I also believe nobody here is sending threats.
I wouldn’t be so sure of your tribe. 19 users so far upvoted a comment with among other concerning bits:
if you’re anti this bullshit “law” then you are also pro physically harming poor FOSS “contributors”.
A good response. Informative, mature, and well thought out.
I don’t wish Dylan harm, and I’m not doing anything to him. I also believe nobody here is sending threats.
True, but publicly wishing ill upon someone for something as trivial as this (i.e. something with zero basis in the real world) is extremely toxic. The odds are slim he’d ever be seen on Lemmy, saying the kinds of things some people here have been saying publicly demonstrates a tremendous lack of empathy and maturity. And that this community is so accepting of those kinds of words is a real problem.
There’s also the Sam Bent article, that was posted here on Lemmy. That’s probably the most directly harmful thing someone’s done. By sharing that article it’s possible someone here was inspired to harass him, and even though nobody probably did the risk is non-zero.
