360
The Engineer Who Tried to Put Age Verification Into Linux
(www.sambent.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 21 Mar 2026
360 points (82.1% liked)
Linux
63789 readers
754 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 6 years ago
MODERATORS
I have read the git thread related to the merge request.
I don't see what's the big deal. You have a user model that already contain fields like user's full name, location, ... among others and all this developer did was adding yet another optional field called date of birth.
This does nothing to verify user's age and enforce nothing. They've stressed that repeatedly in the comments.
What that does is making it easy for a Linux distro to store user's birthday - should they wish to do so - and making that bit of info accessible to running apps so that each app can do what it wants with it.
User's fullname and location are already there which are also optional so what's the big deal?
Then why did they lock the fucking thread as controversial if it was such an innocent change?
It's paving the wave to implement a Californian law that can very easily end up meaning ID verification for everything.
They could just not have done this at zero cost but decide to go to multiple projects, at this specific time which obviously isn't coincidental, and actively work to start implementing this on Linux. I guess "Contributed to systemd" on their CV was more valuable than resisting the USA taking control of the whole internet and ending all sense of privacy.
For me the bigger problem is that was done without any community oversight.
Yeah it can be verified for now, but it's a foot in the door for a braindead law that no one in their right mind would follow.
What do you mean. It’s done in public
Yeah and against the massive outcry in the form of comments, the discussion was locked, and the general opinion was ignored in favor of 2 maintainers and a tool of a dev.
The person who has the most blame here is the lead dev of the project imo.
Why do you think this was locked? This fucking thread is a mugshot of a dev contributing to an open source project.
So they knew it was against the community and went right ahead?
There wouldn't be "this" thread if they had taken the community into consideration.
This isn't the gotcha you think it is. That "engineer" is ~~contributing~~ bullhorning this bullshit on multiple Linux based repositories.
The community is not against compliance, a loud minority is. The implementation is not where discussion needs to happen, as any software dev that had to implement shit they did not agree on, it rarely has a positive effect at this level
Blaming the victim, beautiful.
~~The thread was discussing age verification from what I read, but I read it when it was already locked.~~ I do not think harassment of the dev is appropriate and the article and this post is also needles drama imo. But the issue of age verification itself I think should be discussed by the community and not just accepted by one dictator.
Edit: I misread that you were talking about the GH thread. Yeah this thread is kinda shit, but discussion on how and if age verification should be done is important imo.
I completely agree.
I'm very against these age verification laws... but I focus my efforts on the politicians and companies like Meta who are actually trying to implement them.
This thread is a doxxing and harrasment campaign and should have been deleted in the first hour.
1000x this.
It doesn't matter how much you disagree with the change, brigading harassment is gross and should be called out every time someone tries.
This post should be nuked.
The problem is that Poettering is all in on attestation which is the underpinnings of age verification and remote attestation.
See amutable.com
Poettering has always been a piece of shit.
POS or not this is a reoccurring problem with open source. The benevolent dictator for life. Hopefully we can grow past it in the coming years.
Fork it and create a democratic project, nobody is stopping you. Wanna know projects that are very open and democratic? FreeBSD and OpenBSD. Wanna know why they aren't as popular as linux?
Python also dealt with this problem and seem to be doing fine.
It's definitely wrong to degrade or harass this guy for doing it.
Buuut this is being made to support a bad law that should be opposed. The law is a bellwether for compulsory age and identity verification, which should strike fear into the hearts of everyone. And especially everyone who cares about their privacy (which really should be everyone, but ...).
Furthermore, it's questionable whether a law like this can apply to open source software. IMO it really can't - who exactly is liable? Is the world really better with ageless Linux outlawed?
This is one of the most sensible comments in the thread. The law is the problem. This is something which should have been self regulated by websites themselves, but Meta lobbied for laws like this so they wouldn't have to police it. The law making this mandatory for everyone when this should be a parental control is the issue.
This is a law that companies are required to implement or stop making business in the states enforcing that law.
You probably feel that companies should just stop doing business in those states "to show them". Sadly a lot of profitable Linux companies that fund Linux development disagree with your high morals. They want to continue doing business there.
Adding that field help those company comply with the law and doesn't hurt you in anyway except maybe taking few bytes in your disk drive.
Even if the field is not added, those companies would come up with another place to store date of birth or even use systemd fork.
Its not like they will say since we can't store date of birth in systemd's user model then we'll have to abandon this project and close our branches in those states instead.
Yes it's technically trivial. I have read the patch. That's beside the point, which is social and political.
I get to decide and report what does and does not hurt me thankyouverymuch. And I do think this is a step that erodes my right to privacy, taken with shockingly little discussion. (Which got it reverted)
There's a lot of degrees of freedom between "just comply bro" and "good luck enforcing that". For example https://blog.system76.com/post/system76-on-age-verification
Fields like name and location do not have any expectation for the information being valid or accurate (see eg.:
adduser).DOB is different. It comes from a legal expectation that correctness of the information will be enforced somehow. If going by the Colorado and NY law proposals, IIRC, by using biometrics at the time of system install.
[citation needed]
not even said laws have an expectation that the date of birth provided would be accurate. the colorado bill just says "require[] an account holder to indicate" and never defines "indicate", the ny bill says "request an age category signal" and never defines "signal", so i assume they're like the california law which has been verified to be just "enter your date of birth in this text field/dropdown and we'll trust you girl". i don't think any of that involves biometrics
there's no alien intelligence or protocol specification in systemd that ensures or says the dob field must be accurate either
Exactly. There's a massive thread on Mastodon where everybody is panicking about this, but it's a nothing burger if ever there was one.
Sure, the timing and comments suggest it's meant for legal compliance, but if that's what it does, it does it by keeping full control in the hands of the user, where it should be.
If anyone is panicking, ask them how they feel about the 'RealName' field that has been in systemd for years (since the beginning?)
This is fake controversy and now it's at the point where people are spreading articles, like the OP, brigading people into harassing a systemd developer.
Exactly. And that's the part that worries me most: I'm seeing people investigating the guy, shaming him (he wrote a blog about using Claude to write a game in 90 minutes, so clearly he must be evil /s), and the article above is written in such a way to insinuate all sorts of nefarious goings on, but everything I see suggests this is just normal procedure.
I really feat this is going to hurt the community and chase good developers away.
Ask yourself if "RealName" field was added in response of a requirement that's supposed to assist with a bullshit law backed by a mega evil corp?
No?
Then how's it comparable?
Because they're both optional fields that have absolutely no checks on them where you're free to enter any information or none at all.
In this hypothetical threat that you're worrying about, there is no world where birthDate gives an 'evil corporation' more data about you than your REAL NAME and LOCATION.
Those fields have been in systemd since the beginning, have you noticed any problems related to using your Real Name and Location in your user profile... or do you simply not enter that data?