to all y’all with the “it’s just a text field”: what if the field is “race”? “sexual orientation”? “jerks_off_to”? what the fuck has a system managing daemon got to do with any of that? and why would you preemptively put it in there without even a pretense of a fight?
fuck you make us! make linux illegal, in Cali of all places. guess how long that will last?
Yeah, scary.
What about some other scary fields like:
- Real Name
- Office Address
- Office number
- Office telephone number
- Home telephone number
- external e-mail address
I mean if those fields were stored, could you imagine the danger that Linux users would be in?
You don’t have to imagine, because those fields have been stored in UNIX/Linux since 1962. https://en.wikipedia.org/wiki/Gecos_field
Those are also entirely optional and not having them filled in doesn’t cause other software to stop doing what the user wants.
(same for the birthDate field)
Depends how these new laws are written.
Not true. Because the stated purpose of the laws at play is to enable that to be queried so that sites can decide what is appropriate for you to see.
That is the purpose, but the field is implemented as optional and modifiable with admin privileges.
That is not the point and you know it.
Your point is true, but I’m saying its impact is also optional.
Stored “because law”, right?
Who cares why it is stored, these fields exist for every user in every Linux system and they have existed for decades.
Either birthDate the field is dangerous or it isn’t. If it is, how?
It is no different than data fields that ask for way more identifiable and personal information such as Real Name and Office number which have, again, existed for decades without issue.
I care. One thing is “you know, fields with this name have been around since before you were born”, another thing is “some idiots passed the law half the globe away, now we are preparing your system to comply. Someone has to ©”. The field is not the danger, the thinking, attitude and act is
Edit: some local law, for fuck’s sake
Half a world away where do you live since this is happening everywhere. To be half a world away from any place doing this would be hard.
Being half a world away from Americas is pretty easy, don’t ya think?
That’s a fair argument.
Is it fair to say: The field is benign but there is contention about if it should be added or not and users of the software are concerned that their voices were not heard on the issue. That can be handled in the normal project framework, perhaps by suggesting a publicly stated policy about these issues around legal compliance so the community can determine if they want to support the project or not.
My argument is that I don’t think that the damage that was done justifies the hitpiece in the OP which is, almost literally, painting a target on the developer with the mugshot photograph and loaded language.
So, if you’re not one of the people then we’re having different conversations. In that conversation, I do agree with what you just said. I’d like to see the very large projects, which affect a lot of users, such as systemd, have a more formal way to accept public comment and respond on contentious changes and feature requests.
Is it fair to say: The field is benign
It is benign if it is optional, remains 100% local and under the user’s control and doesn’t prevent other software from functioning as expected.
It is optional, 100% local, under the user’s control and does not prevent other software from functioning as expected.
If it ever is not, then you can simply fork the project at or before that change.
It is not a hit piece. No call to action was stated.
It paints him as an active danger, puts his picture on a wanted poster, includes his full name, workplace and the city and state where he lives and then writes up an article like an after action report of a cyberattack.
It then implies that he’s going to do it again and that he can’t be persuaded and so will be ‘harder to stop’.
Taylor believes what he’s doing is right, which makes him harder to stop than someone acting for money. Taylor already has the resume line and knows the codebase well enough to try again. That’s the true believer pattern. The argument is ideological, so persuasion is off the table.
So if he’s done a bad thing, he’s going to do it again, and you can’t persuade him.
If you can’t read the implied call to action then you’re being deliberately dense.
To be fair, I am bit split on this. On one hand, name and shame is an effective strategy and should be used. On the other hand, “put age verification into Linux” is a hilarious stretch. And yes, it feels strange that I have yet to see any kind of response from other systemd maintainers and managers - after all, the man authored a pull-request, not merged into into upstream. I have not been looking for that kind of response myself though, which also serves your point: putting all the blame and anger on this one man (I purposefully omit name) is too much
Ah, but this time the government wants it to be able to be queried so that applications and web sites can decide what to do with you. That’s the difference.
The government’s wants are not in the PR. The PR is an optional JSON field.
The field isn’t dangerous, you’re conflating two different things.
The age verification laws are the threat, not an optional text field or the developer who added it.
Compliance in advance is also a threat. Do not comply, do not begin to comply. It’s a fascist law. Any compliance is collaborating with fascists.
Your argument is an informal fallacy called Whataboutism.
I invite you to educate yourself by reading about it on Wikipedia
You should read the article and understand the difference between a comparison and Whataboutism.
You should re-read what you wrote and see why it applies.
deleted by creator
You must be off by a decade. Your reference mentions no OS and Unic was developed around 1970.
Your reference mentions no OS
Then he said Arch Linux should implement it anyway because the law requires it. archinstall PR #4290
Well, it’s not “the law”, it’s your local law. To most people on the planet, it doesn’t apply any more than for example North Korea’s laws. As far as I can find, Arch Linux is not owned by a foundation or similar legal entity (i.e. which could have been located in California), but the lead developer appears to live in Germany.
I mean they kidnapped maduro and are trying him under new york law so…
So… if the law interferes with your goals, apparently it is now perfectly fine to just ignore it.
That seems to be the approach the US government is taking.
I mean yes, the dems have been breathlessly going on about how that thing that Trump’s doing is illegal but nothing seems to happen. There is no opposition at all
2000s: war on general purpose computing because of copyright
2020s: war on general purpose computing because of child protection
In the 2000s the forces of freedom mostly won, e.g. https://en.wikipedia.org/wiki/Consumer_Broadband_and_Digital_Television_Promotion_Act didn’t become law. So far it seems that we are currently losing. :(
In Europe too, chatcontrol keeps being pushed no matter how often it’s being struck down.
Yes; recent news have made me somewhat optimistic that the resistance to it is winning though.
Age verification laws currently look like a much greater danger to freedom.
Personally I think that win (while really a win) is being overcelebrated.
It’s easily reverted. All they’ll have to do is find some csam or terrorism related scandal in the news and pump it as a big deal, and all the resistance will be gone at the next vote.
With chat control we actually have to distinguish two different things that people sometimes confuse:
- voluntary chat control (“chat control 1.0”), which is currently already the law in the EU
- mandatory chat control (“chat control 2.0”), proposed in 2022
Voluntary chat control is about letting operators of communication services voluntarily scan messages for certain illegal activity (without this constituting a violation of data protection laws). This doesn’t break encryption and isn’t a part of a war on general purpose computing. While there are many good arguments against it, it’s not especially catastrophic. It’s a detail of business regulation.
Mandatory chat control is about forcing them to do so, which must necessarily break encryption and impose limits on software freedom. This is what is most important to oppose.
The most recent win ended up rejecting even (most) voluntary chat control, which is a good sign that mandatory chat control won’t get a majority either.
It has very nearly got a majority several times. I’m sure that with some media manipulation (eg milking an incident) it will be easily pushed through.
Imagine if the Dutroux scandal would happen now. They’d jump on that to push all kinds of monitoring on everyone. Even though this would not be prevented by it in any way (and in fact that all happened long before WhatsApp even existed)
I hear you 100%. This sort of shit comes back with a different name each year. I am SOOOO sick of voting down abortion bans every election cycle.
26 US states, including mine, have initiative or referendum processes allowing citizens to place an issue on the ballot. In some states, that’s how the anti-abortion laws are ending up on the ballot, but we an use their own tools against them. In many states, these initiatives failed so we know we have a minimum of 51% support if it’s a law, and at least 33% support if it’s an amendment (depending on that state and their rules). Polling shows, an even larger percentage, most Americans, do not support these laws. The numbers are on our side.
https://ballotpedia.org/States_with_initiative_or_referendum
If we can collect enough signatures, the voters can put an end to this. If we add it to the state constitution, where the process allows this, we can completely prevent laws doing this from being considered because the only thing that can overrule a constitutional amendment is another constitutional amendment.
I’m gauging interest to do this in Colorado to foil age attestation laws, but we could potentially end the back and forth bullshit in multiple states.
Fucking fascists arent ever going to stop. They want to control everything, they want the people to be their slaves.
It gets worse every day.
I love the level of disdain the linux community has for this kinda bootlicking.
I have read the git thread related to the merge request.
I don’t see what’s the big deal. You have a user model that already contain fields like user’s full name, location, … among others and all this developer did was adding yet another optional field called date of birth.
This does nothing to verify user’s age and enforce nothing. They’ve stressed that repeatedly in the comments.
What that does is making it easy for a Linux distro to store user’s birthday - should they wish to do so - and making that bit of info accessible to running apps so that each app can do what it wants with it.
User’s fullname and location are already there which are also optional so what’s the big deal?
Fields like name and location do not have any expectation for the information being valid or accurate (see eg.:
adduser).DOB is different. It comes from a legal expectation that correctness of the information will be enforced somehow. If going by the Colorado and NY law proposals, IIRC, by using biometrics at the time of system install.
DOB is different. It comes from a legal expectation that correctness of the information will be enforced somehow.
[citation needed]
…Have you eve been following the news and the law proposals? I’m not sure you are engaging in good faith here.
I know what’s been going on.
However, the statement “legal expectation that correctness of the information will be enforced somehow” requires proof because it’s currently not true.
not even said laws have an expectation that the date of birth provided would be accurate. the colorado bill just says “require[] an account holder to indicate” and never defines “indicate”, the ny bill says “request an age category signal” and never defines “signal”, so i assume they’re like the california law which has been verified to be just “enter your date of birth in this text field/dropdown and we’ll trust you girl”. i don’t think any of that involves biometrics
there’s no alien intelligence or protocol specification in systemd that ensures or says the dob field must be accurate either
Wow, picking choice words only in sections of the laws and proposals. At least try and engage in honest discussion, mate,
Honestly, just go check Ageless Linux’s site. They have a complete rundown on how and where does each law’s expectation come from.
Just one (1) example:
SB 142 — App Store Accountability Act
Requires “commercially reasonable” method. In other words, the powerful agents of the market (the Googles, the Facebooks, the NSAs) get to choose what you have to do to validate. Could even require biometrics.
there’s no alien intelligence or protocol specification in systemd that ensures or says the dob field must be accurate either
That’s because systemd, a well-known Microslop infection into the Linux ecosystem, is using the wayland playbook: specify nothing, leave to other projects the task and legal weight of implementation. All systemd has to do is to ship the field, then other projects are delegated the task of entering in a “legally compliant” way.
You specifically named the bills from Colorado and NY. They simply do not include those. https://leg.colorado.gov/bills/SB26-051 https://www.nysenate.gov/legislation/bills/2025/S8102/amendment/A I wholeheartedly believe my characterization of these bills are faithful.
Specifically due to how barebones it is, it is trivial to modify yourself the birthdate sent to applications, as long as you have the system password.
Then why did they lock the fucking thread as controversial if it was such an innocent change?
It’s paving the wave to implement a Californian law that can very easily end up meaning ID verification for everything.
They could just not have done this at zero cost but decide to go to multiple projects, at this specific time which obviously isn’t coincidental, and actively work to start implementing this on Linux. I guess “Contributed to systemd” on their CV was more valuable than resisting the USA taking control of the whole internet and ending all sense of privacy.
It’s definitely wrong to degrade or harass this guy for doing it.
Buuut this is being made to support a bad law that should be opposed. The law is a bellwether for compulsory age and identity verification, which should strike fear into the hearts of everyone. And especially everyone who cares about their privacy (which really should be everyone, but …).
Furthermore, it’s questionable whether a law like this can apply to open source software. IMO it really can’t - who exactly is liable? Is the world really better with ageless Linux outlawed?
This is one of the most sensible comments in the thread. The law is the problem. This is something which should have been self regulated by websites themselves, but Meta lobbied for laws like this so they wouldn’t have to police it. The law making this mandatory for everyone when this should be a parental control is the issue.
This is a law that companies are required to implement or stop making business in the states enforcing that law.
You probably feel that companies should just stop doing business in those states “to show them”. Sadly a lot of profitable Linux companies that fund Linux development disagree with your high morals. They want to continue doing business there.
Adding that field help those company comply with the law and doesn’t hurt you in anyway except maybe taking few bytes in your disk drive.
Even if the field is not added, those companies would come up with another place to store date of birth or even use systemd fork.
Its not like they will say since we can’t store date of birth in systemd’s user model then we’ll have to abandon this project and close our branches in those states instead.
Yes it’s technically trivial. I have read the patch. That’s beside the point, which is social and political.
I get to decide and report what does and does not hurt me thankyouverymuch. And I do think this is a step that erodes my right to privacy, taken with shockingly little discussion. (Which got it reverted)
There’s a lot of degrees of freedom between “just comply bro” and “good luck enforcing that”. For example https://blog.system76.com/post/system76-on-age-verification
Fucking bootlicker
Collaborator
Someone would have had to do this eventually anyways. Be angry at the geriatric fascists, not developers. If it comes to it that the project cannot survive without these changes, then it would be made so that these changes are made.
Dylan is a lowlife fucking looser
Nobody paid him to do this. He’s a cloud engineer who read the law and decided someone needed to implement it.
Well, how do you know that?
Removed by mod
Petition to name the inevitable fork of this “SystemFree”
Beautiful performative activism.
Why actually make a PR, do any code changes or participate in any project discussions when you can just make a fake petition on social media to grab a tiny hit of dopamine before moving on to something else for your next hit of outrage.
I still don’t understand why it needs to be implemented as part of systemd, and not - say - as a service. Or, if we want to “go with” the law - make it a kernel module, which sounds more impressive (“we are complying at the kernel level!”) but in practice so much easier to opt out of.
I don’t see what’s wrong with implementing it as an add-on to the https://en.wikipedia.org/wiki/Gecos_field as the PR in question does. It’s the most logical place as the location to store user information and is even easier to opt out of—you just edit a file—than choosing whether to compile Linux with/add to DKMS a kernel module.
Edit: One can see https://github.com/systemd/systemd/blob/8878df45c1a58afdfb500fdc53ec50e057a240ce/docs/USER_RECORD_BLOB_DIRS.md?plain=1#L103 for an example of a user record file and its path. Further documentation you can read at https://github.com/systemd/systemd/blob/8878df45c1a58afdfb500fdc53ec50e057a240ce/man/systemd-userdbd.service.xml#L36 and https://github.com/systemd/systemd/blob/8878df45c1a58afdfb500fdc53ec50e057a240ce/docs/USER_RECORD.md .
I disagree with age verification as well, but attacking a person like this is gross.
This article is all but brigading people into harassing this guy.
A spade’s a spade. This is malicious compliance. The law might be the problem here but it’s on us to resist and try to make a change. Every last one of us. After all, the surveillance state workers in China and Russia are all just doing their jobs right?
Why the heck would we ever want a DoB field in systemd, optional or otherwise?
deleted by creator
Why the heck would we ever want a DoB field in systemd, optional or otherwise?
There is a field for your REAL NAME and LOCATION also. Who would ever want that?
Both of these fields contain way more identifying information about a user than birthDate. Do you feel the same way about them? Because they’ve been in systemd since the beginning.
and the GECOS field (https://en.wikipedia.org/wiki/Gecos_field) containing fields for your real name, work address, which room in the building you work in, your home and office telephone numbers and external e-mail have been in UNIX/LINUX since 1962
This is manufactured outrage, the article is doxxing a person and painting a literal target on their head by photoshopping their picture to look like a mugshot in order to drive traffic for ad revenue.
It’s one thing to be against the laws, I’m against the laws. It’s another thing to personally attack a developer, that’s way beyond anything that is acceptable.
Removed by mod
Timing’s a bit shit to add a DoB field don’t you think. I also don’t think you can compare computing in a professional setting in the 1960s to modern day surveillance states. I can also say as a parent there’s only one thing protecting your kid from the internet and its not whatever poorly standardized notion of Linux parental controls that exist today. Only actual parenting can.
As for the developer’s publicly observable commits and the following publicly available criticism of it, you can call it painting a target but I think even that’s a bit of a stretch. What’s most outrageous about the institution that is the United States of America in 2026 is how all of it was even allowed to get so far. So yeah, expect some activism.
I also don’t think you can compare computing in a professional setting in the 1960s to modern day surveillance states.
My point was that the fields themselves are no more dangerous than we make them. The GECOS fields are not a thing that used to exist in the 1960s, they exist in your system in 2026.
My point was that the criticism here isn’t about the field, because there are way ‘worse’ fields that have existed for decades. The criticism is about the law and this is a kind of misplaced activisim. Where it goes wrong is deliberately targeting one person for harassment as if they are the scapegoat for all of these age verification laws.
I can also say as a parent there’s only one thing protecting your kid from the internet and its not whatever poorly standardized notion of Linux parental controls that exist today. Only actual parenting can.
I completely agree. These laws are worthless for their stated goals because, as you’ve said, it is a parenting problem.
As for the developer’s publicly observable commits and the following publicly available criticism of it, you can call it painting a target but I think even that’s a bit of a stretch.
They photoshopped his face on a mugshot like he’s a criminal and in the article they list his full name, job title, place of work and the state and city where he works. They also list his personal blog.
In addition to all of the personal details, the wording and framing of the article make it sound like an after action report on a cyberattack
Here’s some select quotes. This isn’t about activisim about a law, this is about painting a person as evil, bad, etc (and if you look at the comments in this post, that framing worked.
He hit three separate projects in one week.
Taylor believes what he’s doing is right, which makes him harder to stop than someone acting for money.
The argument is ideological, so persuasion is off the table.
“He’s going to be hard to stop and you can’t persuade him”
The word for what that is sits somewhere past malice, something more insidious:
Taylor already has the resume line and knows the codebase well enough to try again.
“He’s going to do it again!”
This kind of framing against a person is dangerous. If you stir up enough people on the Internet you’re going to stir up some people who are unstable and willing to act on this violent framing.
I agree that the laws are wrong, but this kind of personal attack is far, far more immediately dangerous.
Ask yourself, if it was your picture in the mugshot and your personal address being plastered all over Reddit would you feel safe?
https://github.com/archlinux/archinstall/pull/4290 his motivation is crystal clear. Its compliance before it’s even required. Not just for Californians but for me in Canada, too. This is why he’s on the angry end of activism. He’s proactively helping Linux become a state surveillance machine.
You can make whatever further strawman arguments you’d like but I’m pretty sure a Spade’s a Spade. He may not be a “criminal” but you bet that everyone who resists this crap in the coming years will be if we keep this up. Resist.
He got a huge amount of criticisms and negative comments from the community while he was working on this on GitHub; look at the comment thread of his implementation on GitHub. Essentially the community was telling him “we don’t want this”. And who are you working for in a FOSS project, if not for the community? Yet he disregarded the comments and went on.
On top of this, he appeared out of the blue with this implementation. He had not made any pull requests to this git before now. Nobody had assigned this task to him.
So the situation is not that this is some employee who was asked to implement something, and did it without knowing what the feedback would have been.
Spreading his face around doctored as if it were a mugshot in a community where people are calling him a traitor and other things is a recipe for someone to be hurt or killed.
This thread isn’t a community discussion about implementing a feature, it’s people trying to whip up a mob to attack a person. It doesn’t matter how much you dislike the field name he added to a JSON document, you don’t stir up a mob that can lead to people getting hurt.
In principle I agree with you, pacific discussion and democracy should be the way to go. But it seems that “discussion” doesn’t lead anywhere these times. Politicians do whatever they like (or what lobbies tell them to do), without checking if the majority of the population really agree with some decisions. A developer does whatever he likes, without bothering about the more or less pacific feedback he gets on github. Nobody really seems to want to have a discussion. Well guess then what the “mob” does at some point: they don’t care about discussions anymore either, and they do as they please too.
I fear that riots will start on a larger scale. Even if the context today is different, the situation reminds me somewhat of what happened with the 1981 riots in Toxteth, in Brixton, and other previous riots. Unjust or misused laws; deafness of authorities about discontent; innocent and not-so-innocent people getting hurt.
A developer does whatever he likes, without bothering about the more or less pacific feedback he gets on github. Nobody really seems to want to have a discussion. Well guess then what the “mob” does at some point: they don’t care about discussions anymore either, and they do as they please too.
It’s pretty cliche but: Two wrongs don’t make a right.
In the FOSS world, there are many ways to handle this kind of situation. A mob-led harassment campaign is not one of them.
If you disagree with how a project is going then you can fork it. LibreOffice disagreed with the direction of OpenOffice and forked it, NextCloud and OwnCloud forked from one another when there was major disagreement.
At no point should volunteer developers have their face plastered on a mugshot and their personal information blasted to a mob of angry people.
Be angry at the politicians and mega corporations who are voting and funding these initiatives, not the developers who are caught in the middle.
No
Keep up the good fight Don Quixote
I will. You keep showing sympathy for those you relate to.
Removed by mod
Have you?
No, he chose to do this and deserves all the vitriol coming his way.
If you don’t want people to retaliate for fucking them over, then don’t fuck them over. Simple concept.
Looks like you’re trying to fuck someone over too.
Would you care to post your real name, place of work and the city and state where you live? I mean if you don’t want people to retaliate for fucking them over, then don’t fuck them over.
Or, do you understand the danger of having unhinged people on the Internet paint you as a target?
If I screwed someone over, I wouldn’t be surprised if they did something to screw me back. I don’t start it, but I damn well finish it. The moral of the story is to not screw people over. If he needs to learn that the hard way like so many others, so be it. They shouldn’t have to sit back while they get fucked.
You need to stop projecting your own lack of a spine onto everyone else.
What a pointless drama article this is. FLOSS software does stuff for legal compliance more often than you’d think. The whole point is people can contribute fly by patches and the maintainers make the decision to merge. It seems like being an optional field but potentially providing useful functionality is enough for systemd. If you don’t like it I’m sure there are forks you could join or even use a different init system. No one’s freedom is being oppressed here.
That isn’t really the point. All this nonsense happened without community discussion beforehand.
Who are the community employing? Why do they need consulting before code changes are made?
Your comment is nonsense.
I think what ze’s saying is https://mikemcquaid.com/open-source-maintainers-owe-you-nothing/ . the nature of open source—atl in accord with the hacker ethic—is that everything is just a passion project, there is no responsibility to not make bad decisions, and bad decisions result in decreased adoption and lost trust. after all, open source has always been about making a new alternative because existing solutions are bad.
So we aren’t supposed to talk about or react to said bad decisions? Come on.
nah as an anarchist i am against silence. i’m just saying that in our capitalist society open source maintainers do not in fact have responsibility to the community, only to their market share, and this works slightly less dysfunctionally than proprietary because come what may the opposition may fork it. but that and the transparency and the ability to volunteer your labor for them are the only things that open source does guarantee.
So we aren’t supposed to talk about or react to said bad decisions? Come on.
Do you want to post your real name and place of work online for everyone to see or do you understand why that kind of action is dangerous and wrong?
What in the fascist fuck are you talking about
Discussions happen after the PRs in most projects, because there is no point discussing code that ain’t there.
And they usually don’t get pushed through when discussion is just starting.
My OS should have no details on me besides the account name which didn’t necessarily correspond to my real name.
It does have some old fields for location etc but those stem from the times of massive multi user systems.
He didn’t just try. He succeeded in doing so. His pull request was merged into systemd and will land into your distro eventually (if it is systemd-based).
There are distros free of systemd, like Devuan, based on Debian.
There are distros free of systemd, like Devuan, based on Debian.
AntiX, Artix, Guix System and a few others
Gentoo has 5 different init systems
systemd already stores your realName and location. It has stored that information since the beginning.
There is nothing that birthDate will tell a person that they can’t find out using your realName and location.
I agree with you but repeating your arguments in mass replies does not make it stronger.
I don’t think that it does, if this were a wikipedia discussion where bad faith arguments and trolling were removed then I’d agree.
But since the moderation on this topic doesn’t exist, the only thing remaining to Team ‘Don’t Dox and Harass Developers’ is the blunt instrument of repetition.
You are trying to protect the villain in the story.
Yes, you’re right.
This story was written to turn a developer in a villain. You are uncritically accepting the framing and supporting a harassment campaign.
Not uncritically at all. I’m just not a collaborator or one to defend collaborators. Zero tolerance for them.
Is there an Arch fork that is not implementing this shit or do I have to go non systemd now? Because this BS is not going on any of my machines.
+1 I spent years wondering if my decision to invest in learning systemd was worth it. The sunk cost fallacy blinded me for too long but I am now willing to ditch systemd if a fork is not made.
I believe this pissed of enough users and it’s likely we will see a fork
Artix is one, but I have no experience with it.
https://aur.archlinux.org/packages/systemd-liberated-libs-git
systemd has already been forked
Don’t go around installing random AUR packages, this really shouldn’t need to be said.
