- cross-posted to:
- linux@lemmy.world
- cross-posted to:
- linux@lemmy.world
Add a required birth date prompt (YYYY-MM-DD) to the user creation flow, stored as a systemd userdb JSON drop-in at /etc/userdb/<user>.user on the target system.
Motivation
Recent age verification laws in California (AB-1043), Colorado (SB26-051), Brazil (Lei 15.211/2025), etc. require platforms to verify user age. Collecting birth date at install time ensures Arch Linux is compliant with these regulations.
This is just a pull request, no changes yet.
The pull-request discussion thread has been locked, just like it happened for the similar thread in Systemd, owing to the amount of negative comments…
I have no idea what to think because this sounds reasonable, but so do the arguments that it’s a slippery slope and complying now makes it easier to surveil us all later. (Yes, I know this is the name of a fallacy. I’m curious as to when is it a fallacy and when is it not. I can absolutely imagine people saying “slippery slope fallacy” and being right, I can also imagine a different situation where people say “slippery slope fallacy” to something and it happens exactly as the people whose claim is being denied with “slippery slope” fallacy said.)
I guess that is why controversial issues are controversial, no easy and obvious resolution?
A slippery slope isn’t always a fallacy. Yes, that is a specific name of a fallacy, which people commonly point out, but it is also the form of a valid logical argument. If there is support that this will happen, it isn’t a fallacy.
I this case, a user-entered field is useless to “protect children” (being generous and assuming this is the actual reason for the laws). Children will just lie, as they have been doing for decades. The state will point to this as the law not fulfilling its stated goals, so they’ll need to verify age through other means. Even if the goal isn’t surveillance of people, this is still likely to be the result logically. This means the slippery slope argument is valid.
But this is the crux of the fallacy. What evidence is anyone providing that there is indeed an insidious chain of events we are enabling by adding the birthdate field? Are there examples of cases similar to this in history?
EDIT: I can tell people are getting emotional about this because I’m being down voted for just asking a question that elaborates the point someone is making.
The justification of the slippery slope is pretty simple.
They ask to add in a DoB field that must be filled out and reported at all times. So we add it into our systems and say no big deal. If you hate it put down your birthday as 1900-01-01 and call it a day.
But what is the problem with a self reported, unconfirmed field like this? It is utterly useless BECAUSE it is a self reported, unconfirmed field. It doesn’t solve any problem AND it doesn’t provide any real personal information. So why even ask for it?
The two options are malicious intent and stupidity that tech can’t be worked around.
We can skip the latter as stupid people will always be stupid. So the former, malicious intent. When they point out that this new law isn’t actually fixing things because of the fact people are lying about their age they will inevitably say we need government IDs added to the system. They will not only make sure you are the correct age for content, but know WHO is viewing such content and they will be tracking it.
Now you might say, wait there is a third option, benevolent people actually wanting safety. Creating a system where personal information is mandatory to your interaction with the internet creates a security target that we all know cannot be covered. And we also know that all tech can be broken so kids will find a way around this stuff. Using your parent’s ID, a globally shared fake ID, hacking the protocol for certification. they will get around it.
The slope is slippery because the only options are
yes. every time in the history of gnu software when a function is added without a purpose its for a later feature.
otherwise there is no need for the form? since when do we leave empty forms in software that can be used to store strings, that hold no meaning…
only two uses for this. to implement the full API later or to have a string the user normally does not see that becomes a perfect place to store malware. full stop.
complying with the API is a act of absolute stupidity…
They’re not handing over private crypto keys here. It’s a database entry that the person installing the system can put whatever they like in.
It could be a slippery slope. That’s why the point is not to just accept it and move on, but to comply while pushing back against it.
And complying right away, but with a bullshit field, is a good way to signal “we do not agree, and we’re going to always find a way to fight back”.
Taking a hit to avoid defeat, does not mean surrendering. It just means that you need to recognise when a battle is lost. In a way, the other side of the slippery slope is the sunk cost fallacy, where you refuse to admit that something is a lost cause and you keep on pushing, making things worse.
It’s a matter of balance and reason, which people nowadays reaaaally struggle with.