What with the discussion of age verification it'd be a really good idea to get the iso of your favorite distro(s) _now_ before they take down all legacy downloads without the age verification. It could also be good to keep their torrents seeded.
Timeline
Post
Remote status
Context
5@heavens_feel@poa.st No, people are freaking out over nothing. This California law is an absolute nothingburger.
You don't have to download ISOs now, because first of all it will go into effect in 2027.
And second of all if you actually read the bill you'd know that it never requires any sort of online ID verification. It simply requires the "account holder" to indicate their date of birth. This means if simply adding a date of birth field without any online checks is sufficient to comply.
And also if you as a developer don't live in California you don't have to give a shit.
@SuperDicq @heavens_feel Let me remind you of this: https://en.wikipedia.org/wiki/Slippery_slope
If you don't see it as a trojan horse to figure out who is willing to comply and who is not, only to then try to force more egregious age verification, you aren't seeing the full picture. The point of all of this is to make a base, lawmakers can then abuse to push ID verification and whatnot, because they already have an API capable of doing exactly that.
If you don't see it as a trojan horse to figure out who is willing to comply and who is not, only to then try to force more egregious age verification, you aren't seeing the full picture. The point of all of this is to make a base, lawmakers can then abuse to push ID verification and whatnot, because they already have an API capable of doing exactly that.
@phnt@pl.borked.technology @heavens_feel@poa.st Pushing ID verification into GNU/Linux is literally impossible. It's free software, the user can just remove it.
@SuperDicq @heavens_feel It is not, you can simply ban use of systems without verification, now GuhNU/Loonix is illegal for desktop use.
And in the case of this law, distros would be forced to comply anyway as they are the vendor. The law does not talk about the end user. Sure, a user might then tear it out with patches, that is perfectly legal to do (now), but the vendors and even developers such as GNU have to comply. Especially since the FSF is registered in California iirc.
And in the case of this law, distros would be forced to comply anyway as they are the vendor. The law does not talk about the end user. Sure, a user might then tear it out with patches, that is perfectly legal to do (now), but the vendors and even developers such as GNU have to comply. Especially since the FSF is registered in California iirc.
@SuperDicq @heavens_feel That law makes developing a piece of software not using an age indication API illegal, so even publishing that piece of hobby software on Github without that API being used is illegal per that law.
It is extremely dumb, but such is California. It is similar to the EU's secure software legislation thing, that effectively bans anything that has public source code, because it is deemed unsecure.
It is extremely dumb, but such is California. It is similar to the EU's secure software legislation thing, that effectively bans anything that has public source code, because it is deemed unsecure.
Replies
4@phnt@pl.borked.technology @heavens_feel@poa.st
It is similar to the EU's secure software legislation thing, that effectively bans anything that has public source code, because it is deemed unsecure.What the fuck are you even talking about?
@SuperDicq @heavens_feel First drafts of the CRA did exactly that. It is less retarded now, but still dumb. It used to require that free and open-source software used in commercial products had to establish security reporting contacts and fix issues within some time frame and pushed it on developers. Now manufacturers using that software are responsible for most of that.
https://digital-strategy.ec.europa.eu/en/policies/cra-open-source
image.png
image.png
https://digital-strategy.ec.europa.eu/en/policies/cra-open-source
image.png
image.png
@SuperDicq @heavens_feel And here's the part I don't like about the california law besides it mandating an age indication API. This is what makes developing apps without using the API technically illegal.
Full text here: https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=202520260AB1043
image.png
Full text here: https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=202520260AB1043
image.png
@phnt@pl.borked.technology @heavens_feel@poa.st Oh you're talking about the CRA.
Yeah the CRA is pretty dumb. But trust me as a European when I say this, but this is one of those acts that will change absolutely nothing in practice.
Because this applies to "product with digital elements in the EU market". Simply distributing software does not make it a product in the market. You would actually have to sell copies for that I think.
And if you sell copies of software you will have some minimal common obligations that any notable commercial free software project basically already complies with because it is fucking common sense:
* Allowing users to report security issues
* Tell users how to update their software when you fix a security issue
* Distribute your software with sane default settings
So this law is also essentially a nothingburger where nothing changes.