110

Inside the Systemd Age Verification Debate: Developer Responds to Criticism (itsfoss.com)

submitted 1 day ago by cm0002@europe.pub to c/linux@programming.dev

68 comments fedilink hide all child comments

Dylan M. Taylor is not a household name in the Linux world. At least, he wasn’t until recently.

The software engineer and longtime open source contributor has quietly built a respectable track record over the years: writing Python code for the Arch Linux installer, maintaining packages for NixOS, and contributing CI/CD pipelines to various FOSS projects.

But a recent change he made to systemd has pushed him into the spotlight, along with a wave of intense debate.

At the center of the controversy is a seemingly simple addition Dylan made: an optional birthDate field in systemd’s user database.

you are viewing a single comment's thread
view the rest of the comments

[-] IrateAnteater@sh.itjust.works 92 points 1 day ago

I was expecting civil discourse and a level-headed response.

He may have been hoping for that, but surely he didn't truely expect it. The FOSS community can barely have a civil discussion about filesystems.

[-] tangonov@lemmy.ca 6 points 11 hours ago

You definitely can't have your cake and eat it too. Linux for many has been about freedom and privacy. He made a direct contribution toward a system that would help take that away

[-] jimmy90@lemmy.world 9 points 15 hours ago* (last edited 15 hours ago)

Q. You say this is "just attestation, not verification" but we know that infrastructure always gets repurposed later. This is where the legit fear lies. Today it's birthDate. Tomorrow could it be location, identity, or verification tokens? I understand that you are providing a workaround but where should we draw the line between compliance and resistance?

A. Funny you mention that, location is already a field in userdb. Like birthDate, this field is also trivially nullable, stored locally, and can be set to anything. As long as we are talking about a user self-attesting a date - especially with the ability to enter any value we want - we aren't in the realm of identity tracking. I draw the line at when a third party internet-connected service is doing validation of ID. Let’s be honest though, I strongly believe such a thing isn’t possible on a FOSS operating system environment unless they could control what was bootable on the device at a firmware level, enforce signatures to ensure that you couldn’t boot something unrestricted, remove the ability to be root, and block LD_PRELOAD so signals couldn’t be faked. There’s probably more ways to circumvent that. What I’m trying to say is real ID verification on Linux would be awfully hard to implement, and I guarantee you, nobody would put up with it. They’d fork to a version that doesn’t have it immediately as a protest. Right now, we’re considering implementing something akin to the date pickers that were ubiquitous when signing up for internet services in the early 2000s where it’s just an honor system. Things like actual ID checks and/or facial scanning + age estimation would be just too incompatible with Linux where we have the freedom to change whatever we want to.

the intellectually diverse lemmings represented in this post and many others cannot understand this

won't stop them expressing their feelings tho, bless their hearts

[-] Senal@programming.dev 2 points 8 hours ago* (last edited 8 hours ago)

That's a sound argument, mostly (in the quote, i mean)

If the technical implementation of how they would try and force age verification was the problem people were concerned about, this take would be very useful.

Physical locks on glass doors are easy to bypass, doesn't mean you won't get shafted if someone just so happens to catch you in the act.

If third party age verification is legally mandated the implementation being technically difficult (or easy to bypass) doesn't stop it from being illegal.

Being a condescending prick works better if the position you take is unassailable, you do you though.

[-] Avicenna@programming.dev 22 points 1 day ago* (last edited 1 day ago)

At the moment of most intense debates about mandatory age checks and government surveillance you (Dylan) hoped people to be calm about this? Then you my friend are simply delusional. They are angry and for a good reason. Why the rush to comply with a surveillance practice that hasn't forced on you with some sanction or enforcement. You did not even wait for it to play out. You did not have a discourse about alternatives. You just went ahead and hastily applied a change as if as if doing some sort of coup.

[-] mech@feddit.org -3 points 18 hours ago

He didn't apply the change, he proposed it.
And there's zero surveillance in the change he proposed.

[-] Avicenna@programming.dev 5 points 17 hours ago* (last edited 17 hours ago)

If we are going to get stuck in semantics, then he also did not just propose it. Propose would be opening an issue, describing how he would plan to do it and letting people discuss. This is how proposals work. Pushing a very controversial change and getting someone to accept it is not "proposing" when the change is something the community will obviously be so divided over.

And it does not have to implement a full on surveillance mechanism to take a step towards better compliance with possible future surveillance laws. The guy literally said in his comments that this was the intent:

https://github.com/archlinux/archinstall/pull/4290

What the hell are we even discussing here?

[-] fruitcantfly@programming.dev 2 points 15 hours ago* (last edited 15 hours ago)

A pull request is very much a proposal: It is a proposal to make specific changes to the code-base. The developers are not forced to accept it in any form, and discussions can take place in the pull request, should the developers (or third parties) not agree with (the exact form of) the proposed changes. Which is exactly what happened in the systemd pull request, to the extent that the actual developers had to lock the thread.

In the case of systemd, the "someone", or rather the "someones", who accepted the pull request also included the lead developer on the project, namely Lennart Poettering. Who else do you propose should decide what pull requests and other proposals to accept?

[-] FooBarrington@lemmy.world 2 points 14 hours ago

You're approaching this with an everyday definition of "proposal", but in the industry that term is overloaded with more specific meanings.

If you asked 100 random devs, I have no doubt that the majority would call a PR to be something much more concrete than a proposal.

[-] breadsmasher@lemmy.world 16 points 1 day ago

HEY MY GUY you want a CIVIL discussion about CIVIL DISCUSSION?

[-] panda_abyss@lemmy.ca 11 points 1 day ago

Ugh, I’m forking this thread. If you guys can’t agree with me I’ll make my own.

[-] Hupf@feddit.org 2 points 18 hours ago

How nation states were formed

[-] panda_abyss@lemmy.ca 4 points 1 day ago

Oh wow, this guy ^ is the best at civil discussion!

[-] Linearity@piefed.zip 1 points 1 day ago

Why’d you reply to yourself 😭😭

[-] panda_abyss@lemmy.ca 6 points 1 day ago

It's my thread I can do what I want

[-] Overspark@piefed.social 6 points 1 day ago

That's a rather negative view. There's a big difference between people who actually contribute to FOSS (in any way, not just code) and random keyboard warriors in the contents. Sure, there's always some drama somewhere, but that's not exclusive to FOSS.

[-] quips@slrpnk.net -3 points 20 hours ago* (last edited 20 hours ago)

There’s also a massive difference when one proactively participates in destroying linux users’ freedom, one of the pillars of foss

[-] Quill7513@slrpnk.net 6 points 1 day ago

we're what happens when dumpster fighting punks need their laptops to work

this post was submitted on 26 Mar 2026

110 points (91.7% liked)

Linux

12991 readers

313 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev