- cross-posted to:
- linux@programming.dev
- cross-posted to:
- linux@programming.dev
Some of you need to watch this video, and hang your head in shame.
Dylan Taylor has been receiving constant harassment, including threats to his life and safety, for actions done collectively by SystemD. The article by Sam Bent was explictly mentioned as part of the harassment campaign, and rightfully so.
I don’t think enough people realize that this is catastrophically bad. It’ll discourage people from becoming open source developers, it’ll discourage people from using Linux, and it’ll discourage legislators from taking the Linux community seriously.
If you ever wished ill upon another human being for complying with a relatively inconsequential law, you are better off never touching a computer again. The Linux community has collectively gone so far beyond what is acceptable here.
Why does anybody submit changes to any project? Probably a wide variety of reasons.
I hope that you can see that there are people who see this addition as being not a big deal: optional field, no verification, GECOS fields already storing ‘realName’, ‘location’, etc.
It doesn’t seem like a huge stretch to understand why a person would submit a simple update when they don’t think it’s of world changing significance.
I’m one of those people so maybe I can help.
Yes, we are. That’s why I don’t use their software or services. The major, and most important, reason why this isn’t a big deal to me is that Apple, Meta and Microsoft don’t choose the software that is part of my system. We’re not in commercial software land, this is the FOSS world. Here, I get to choose what happens on my system because I am the one in completely control.
If a project decides that I have to submit to age verification then I simply won’t use their project, it’s just that simple. But, that is not what is happening here. There is no verification of any sort, nor is the operation of systemd affected by this field in ANY way.
I don’t buy the slippery slope argument that’s being presented around this topic which makes the change seem like the beginning of fascisim or the end of privacy or whatever other hyperbolic situations that people are breathlessly inventing to justify their outrage.
We already have fields to store personal data and those fields are optional and rarely used. They exist because they are needed in some cases and in the cases where they are not needed they do not do anything. The birthDate field is exactly the same as the realName field in that sense. It only does something if you choose to install software that uses it.
This field will NEVER affect you unless you choose to install software on your system that requires it.
What’s happening here is that people are treating this single JSON field as a stand-in for age verification. It is not. If someone wants to meaningfully fight age verification laws then they need to involve themselves in politics instead of social media brigading and harassment campaigns against developers.
In my view, this ‘situation’ exists because it allows hoards of people to appear to be ‘doing something’ without actually doing anything. It’s low effort activisim. People find it much easier to write self-righteous and hyperbolic comments and to get into internet fights than to do the hard work required to affect the politicians and laws that are passed.
On top of this we have the signal boosting effect of trend following, clickbait-driven sites and content creators looking to boost ad revenue by playing up outrage and drama.
I disagree with these laws, but this is not the hill where the battle is being fought. It is a pointless distraction and one that is being used to actively target a person for harm.
Nothing is going to happen on your system unless you choose to let it happen. No software update by any project will ever change this.
The only thing that will change it, and the thing that people should focus on, are the laws in the places where they live.
If the field did not exist software could not be made to utilize it.
Do you think that would prevent or discourage age verification software from existing? It’s not as if a systemd user field is the only place a user’s birthday could be stored.
Realistically, age verification software that is seriously attempting age verification isn’t even going to touch the systemd field, because why would it? The field could only be trusted if it is managed by an age verification service anyway, in which case the service could just as easily store the data outside of systemd.
Who gets to decide what software should and should not be allowed to exist?
If someone wanted to store a birthDate (and, evidence exists to say that they do) then the most logical place to store that user detail is with all of the other user details… in systemd.
You can choose what you put on your system, that’s the Free in FOSS. But, you cannot choose what other people put on their systems.
Its not leaving a lot of choice if it’s part of systemd and I’d wager far more people do not want this than were asking for it. There’s no benefit to it except for the government and corporations that want your data.
The field doesn’t do anything by itself. There is zero harm inflicted on people using systemd. There are probably lots of features of systemd that you don’t want or use and the entire negative effect that you suffer is a few megabytes less free storage space.
The only way the field would be used is if a person decided to use a different piece of software that wants a birthdate. If they don’t choose to install such a program then the field is no more a danger than the realName or location fields. They have scary sounding labels but do absolutely nothing unless the user chooses to use them.
It leave the door open for this to happen. A malicious software may not advertise that it is harvesting your demographic information. Now that this is in place it’s one more thing we have to worry about when evaluating software. There is absolutely no reason to be storing PII in a centralized spot where anything and everything can request it. If I want an app to have any of that shit I’ll enter it on a case by case basis.
You can say “well don’t put it in there” but what happens when big monopolistic corporations start requiring it to use some service of theirs that you don’t have an alternative for? Now I have to maintain a separate PC for that shit? Fuck that.
If you choose to use a service that requires age verification then that service will store your age verification information on your computer somewhere. If it is stored in systemd, malicious programs will be able to access it. If it is not stored in systemd, malicious programs will still be able to access it.
If you choose to not use a service that requires age verification, then you will not store any age verification information on your computer to be stolen by malicious software. Even if systemd has a birthDate field you will not store any age verification information.
The difference in these two scenarios is your choice to use age verification or not. The location where the data is stored doesn’t change the scenario.
I ve got a feeling he wont change his mind. This kind of people are just too optimistic