I get it, but I believe it to be a false equivalence. This change is not happening in isolation. There is currently a general trend towards de-anonymising users, and this DOB field is a step in that direction.
The only real question is, do I want my computer storing more, or less, personally identifying information. Given that I don’t trust the intended use, or ANY use which is later enabled by this, my answer is ‘less’.
because it’s too late at that point, which is the whole point and issue!
if the field is necessary, but the data is useless, then it shouldn’t be there. if the data becomes required then it should not be there. so the result, it should not be there
because it’s too late at that point, which is the whole point and issue!
A PR is when the discussion is supposed to happen. It’s an open source project, nothing happens “too late” to discuss. You see that change in the pull request, you can start moaning about it.
if the field is necessary, but the data is useless, then it shouldn’t be there
Who defines what’s “useless”? You? On what authority?
the discussion happens right now, because i said so, because others are talking about it. and the data is useless when anything can be put in, it’s not used for anything, and it can’t be verified. it fails all three tests in determining usefulness
You do know that this is a slippery slope argument, right?
You would have to demonstrate that there is an intention there to require third party services to validate the age of users using Linux… Or that there is an intention to do so by systemd and the broader open source developers.
I don’t think it will be easily possible to lock out every Linux system from the internet that doesn’t implement some kind of hardware DRM mechanism to make sure that the user cannot just change the date of birth with root permissions.
I do understand that, but I think you are applying a post hoc rationalisation to the change.
For example, examining the change through the lens of intended use -> you can’t as there is no such use of the field today - it’s tomorrow’s use that is potentially problematic.
I don’t want to wait until a bad actor applies the field, I want to stop the field from existing.
This change is not happening in isolation. There is currently a general trend towards de-anonymising users, and this DOB field is a step in that direction.
The only real question is, do I want my computer storing more, or less, personally identifying information. Given that I don’t trust ANY use which may be later enabled by this change, my answer is ‘less’.
Maybe this is the issue. I have no problems with parents setting the age of the children in their account in order limit their access to certain content.
And there clearly exists a use-case for that.
My main issue is when it comes to third-party age/identity verification services. Age or identity verification in the hands of private for-profit companies is bad.
I’d rather give parents the tools to set individual restrictions locally on their devices, then pushing for a global internet based age filter.
most people can get behind parental control. that is why bad actors are pushing for age verification everywhere nowadays.
i think the issue many people have with that field is, that it enables bad actors to do things. all the while, it does not really do the thing it is supposed to do: if i trust my kid with sudo, the field can easily be altered. if i do not trust my kid with sudo, it cannot install anything either way.
with your last paragraph i (and probably most people) agree. but we already have those tools, right? at least until i knew computers better than my parents, there was no way i could install anything without them being OK with it. even when i was admin on my very own desktop, i was heavily reliant on the parents for everything costing money. yes, even my dumb ass figured out how to pirate stuff. but to do that while being afraid to brick your precious device with some virus - you need some tech literacy, which is for sure beyond changing one value.
most people can get behind parental control. that is why bad actors are pushing for age verification everywhere nowadays.
Yes. And I would complain if there is a requirement to need third-party for-profit companies in order to verify peoples ages. Companies want data, and government want control. Both are bad in this case.
i think the issue many people have with that field is, that it enables bad actors to do things.
This needs to be proven. Currently it doesn’t do anything. But there is work to integrate it with flathub, that would allow administrators e.g. parents, to limit access to certain apps. Maybe later there could be some kind of web interface, where a site that offers adult content, would ask the browser, and the browser would look into the account data and then respond if the logged in person is an adult or not. No third-party required, just the person that locally set the date of birth on an local account.
all the while, it does not really do the thing it is supposed to do: if i trust my kid with sudo, the field can easily be altered. if i do not trust my kid with sudo, it cannot install anything either way.
Many apps can be installed without root privileges, for instance via flatpak. And in the future it might prevent certain apps for kids.
with your last paragraph i (and probably most people) agree. but we already have those tools, right?
IDK… I think there are more tools available on Windows for that then on Linux… But I my parents never deployed those and I also never had the need for such tools.
But I guess, very often DNS block lists can be used to block adult content… But knowing the internet and adblockers based on DNS alone, that will often lead to many false negatives and positives. So I would argue that we don’t really have anything like it right now for Linux Desktops.
You , as the party making the accusation of fallacy would be required to prove that the expectation of escalation is unreasonable or that the intention was not there.
edit: asking for an explanation of their thoughts around the issue is fine, but a requirement it is not.
Why do people so often invert the burden of proof?
If someone says “Picking your nose will cause brain-cancer in 40 years.” Then they have the burden to proof that. Nobody has the burden to disprove that.
They made the accusation that this is a step to make this age fields mandatory, and controlled by third-party age verification services, so they have the burden to proof that there is way to do that.
I find it highly unlikely, because most people using Linux systems at home have admin privileges. Which makes this whole point moot, since they can fake whatever they like to the software running on top.
Why do people so often invert the burden of proof?
I know, right ?
If someone says “Picking your nose will cause brain-cancer in 40 years.” Then they have the burden to proof that. Nobody has the burden to disprove that.
Absolutely, and if you’d asked for proof of their accusation you’d be correct in this instance.
They made the accusation that this is a step to make this age fields mandatory, and controlled by third-party age verification services, so they have the burden to proof that there is way to do that.
They did and you could ask them to make a case for that, you didn’t.
You provided your own accusation:
You do know that this is a slippery slope argument, right?
And proceeded to tell them that they are required to provide proof to dispute your new accusation.
You would have to demonstrate that there is an intention there to require third party services to validate the age of users using Linux… Or that there is an intention to do so by systemd and the broader open source developers.
Which is what i was addressing specifically when i said:
You , as the party making the accusation of fallacy would be required to prove that the expectation of escalation is unreasonable or that the intention was not there.
I find it highly unlikely, because most people using Linux systems at home have admin privileges. Which makes this whole point moot, since they can fake whatever they like to the software running on top.
It makes the field itself mostly a non issue in the single isolated context of “does this field, on it’s own, constitute age verification”.
The point most people are trying to make is that it’s a part of a larger context.
We are more than mere frogs in a pot though. We have made note of this. We outraged. We argued and counter argued. We will not forget so easily, no matter the view point on it.
If nothing comes of it, some of us can say “I’ve told you…”
If the next step gets implemented and the field becomes mandatory, some of us can say “See!! Froggies”
If it becomes mandatory and a further implementation also adds the framework to submit the data to some idp service, then we can get the pitchforks out.
I’m not really sure you can argue birthdate is the thin edge of the spear when the standard Linux user database already had fields for location, email, phone number, and real name. None of which have been used for anything up to this point, and systemd-homed is not as widely used.
I get it, but I believe it to be a false equivalence. This change is not happening in isolation. There is currently a general trend towards de-anonymising users, and this DOB field is a step in that direction.
The only real question is, do I want my computer storing more, or less, personally identifying information. Given that I don’t trust the intended use, or ANY use which is later enabled by this, my answer is ‘less’.
I agree with your second paragraph but I fail to see how the existing unused fields are somehow less dangerous or a “false equivalence” to a new unused DOB field which is significantly harder to use to deanonymize someone than their name, address, and phone number.
Hard disagree. This represents the pot getting turned up on the frog.
I acknowledge you are factually correct. However, once this field exists, it enables later reference and/or mandatory dependencies.
There is no positive use case , but lots of possibly negative use cases. For that reason, it shouldn’t exist.
Do you really draw the line at a date of birth field, when every linux system has fields for full name and address for every user account?
Yeah, this is a devious plan that has been going on for years, when they added the
realNamefield!I get it, but I believe it to be a false equivalence. This change is not happening in isolation. There is currently a general trend towards de-anonymising users, and this DOB field is a step in that direction.
The only real question is, do I want my computer storing more, or less, personally identifying information. Given that I don’t trust the intended use, or ANY use which is later enabled by this, my answer is ‘less’.
So, how about we start freaking out when someone starts making these fields required, instead of right away?
because it’s too late at that point, which is the whole point and issue!
if the field is necessary, but the data is useless, then it shouldn’t be there. if the data becomes required then it should not be there. so the result, it should not be there
A PR is when the discussion is supposed to happen. It’s an open source project, nothing happens “too late” to discuss. You see that change in the pull request, you can start moaning about it.
Who defines what’s “useless”? You? On what authority?
the discussion happens right now, because i said so, because others are talking about it. and the data is useless when anything can be put in, it’s not used for anything, and it can’t be verified. it fails all three tests in determining usefulness
Why hasn’t the discussion started when
realNamewas introduced?Someone may find these data points useful, for whatever reason. No point in being angry at a date field, mate.
let’s also talk about that then. we need to remove that immediately
You do know that this is a slippery slope argument, right?
You would have to demonstrate that there is an intention there to require third party services to validate the age of users using Linux… Or that there is an intention to do so by systemd and the broader open source developers.
I don’t think it will be easily possible to lock out every Linux system from the internet that doesn’t implement some kind of hardware DRM mechanism to make sure that the user cannot just change the date of birth with root permissions.
I do understand that, but I think you are applying a post hoc rationalisation to the change.
For example, examining the change through the lens of intended use -> you can’t as there is no such use of the field today - it’s tomorrow’s use that is potentially problematic.
I don’t want to wait until a bad actor applies the field, I want to stop the field from existing.
This change is not happening in isolation. There is currently a general trend towards de-anonymising users, and this DOB field is a step in that direction.
The only real question is, do I want my computer storing more, or less, personally identifying information. Given that I don’t trust ANY use which may be later enabled by this change, my answer is ‘less’.
Maybe this is the issue. I have no problems with parents setting the age of the children in their account in order limit their access to certain content.
And there clearly exists a use-case for that.
My main issue is when it comes to third-party age/identity verification services. Age or identity verification in the hands of private for-profit companies is bad.
I’d rather give parents the tools to set individual restrictions locally on their devices, then pushing for a global internet based age filter.
most people can get behind parental control. that is why bad actors are pushing for age verification everywhere nowadays.
i think the issue many people have with that field is, that it enables bad actors to do things. all the while, it does not really do the thing it is supposed to do: if i trust my kid with
sudo, the field can easily be altered. if i do not trust my kid withsudo, it cannot install anything either way.with your last paragraph i (and probably most people) agree. but we already have those tools, right? at least until i knew computers better than my parents, there was no way i could install anything without them being OK with it. even when i was admin on my very own desktop, i was heavily reliant on the parents for everything costing money. yes, even my dumb ass figured out how to pirate stuff. but to do that while being afraid to brick your precious device with some virus - you need some tech literacy, which is for sure beyond changing one value.
Yes. And I would complain if there is a requirement to need third-party for-profit companies in order to verify peoples ages. Companies want data, and government want control. Both are bad in this case.
This needs to be proven. Currently it doesn’t do anything. But there is work to integrate it with flathub, that would allow administrators e.g. parents, to limit access to certain apps. Maybe later there could be some kind of web interface, where a site that offers adult content, would ask the browser, and the browser would look into the account data and then respond if the logged in person is an adult or not. No third-party required, just the person that locally set the date of birth on an local account.
Many apps can be installed without root privileges, for instance via flatpak. And in the future it might prevent certain apps for kids.
IDK… I think there are more tools available on Windows for that then on Linux… But I my parents never deployed those and I also never had the need for such tools.
But I guess, very often DNS block lists can be used to block adult content… But knowing the internet and adblockers based on DNS alone, that will often lead to many false negatives and positives. So I would argue that we don’t really have anything like it right now for Linux Desktops.
No, they don’t.
You , as the party making the accusation of fallacy would be required to prove that the expectation of escalation is unreasonable or that the intention was not there.
edit: asking for an explanation of their thoughts around the issue is fine, but a requirement it is not.
Why do people so often invert the burden of proof?
If someone says “Picking your nose will cause brain-cancer in 40 years.” Then they have the burden to proof that. Nobody has the burden to disprove that.
They made the accusation that this is a step to make this age fields mandatory, and controlled by third-party age verification services, so they have the burden to proof that there is way to do that.
I find it highly unlikely, because most people using Linux systems at home have admin privileges. Which makes this whole point moot, since they can fake whatever they like to the software running on top.
I know, right ?
Absolutely, and if you’d asked for proof of their accusation you’d be correct in this instance.
They did and you could ask them to make a case for that, you didn’t.
You provided your own accusation:
And proceeded to tell them that they are required to provide proof to dispute your new accusation.
Which is what i was addressing specifically when i said:
It makes the field itself mostly a non issue in the single isolated context of “does this field, on it’s own, constitute age verification”.
The point most people are trying to make is that it’s a part of a larger context.
How do commercial distros prevent getting blocked if not through this?
I think you might be replying to wrong conment
We are more than mere frogs in a pot though. We have made note of this. We outraged. We argued and counter argued. We will not forget so easily, no matter the view point on it.
If nothing comes of it, some of us can say “I’ve told you…”
If the next step gets implemented and the field becomes mandatory, some of us can say “See!! Froggies”
If it becomes mandatory and a further implementation also adds the framework to submit the data to some idp service, then we can get the pitchforks out.
I’m not really sure you can argue birthdate is the thin edge of the spear when the standard Linux user database already had fields for location, email, phone number, and real name. None of which have been used for anything up to this point, and systemd-homed is not as widely used.
I get it, but I believe it to be a false equivalence. This change is not happening in isolation. There is currently a general trend towards de-anonymising users, and this DOB field is a step in that direction.
The only real question is, do I want my computer storing more, or less, personally identifying information. Given that I don’t trust the intended use, or ANY use which is later enabled by this, my answer is ‘less’.
I agree with your second paragraph but I fail to see how the existing unused fields are somehow less dangerous or a “false equivalence” to a new unused DOB field which is significantly harder to use to deanonymize someone than their name, address, and phone number.
Sounds like we are violently in agreement then, that all of those fields should be removed.
Good outcome.