Debian Project Leader Andreas Tille has addressed the ongoing debate over age-verification laws and their potential impact on free software operating systems. Long story short: he clarified that Debian has not adopted a position and is awaiting legal analysis.
In his latest “Bits from the DPL” message, Tille stated that the main question is whether operating systems and package distribution mechanisms might be required to provide age-related information to applications.
He noted that Debian and other projects are discussing the issue, and that Software in the Public Interest, a non-profit corporation founded to act as a fiscal sponsor for organizations that develop open-source software and hardware, has begun seeking legal guidance.
Tille also emphasizes that Debian is not close to making a decision. He stated that the situation is still unclear and that further analysis is underway. He also noted that, from a non-lawyer perspective, it remains uncertain how these regulations would apply to a non-commercial, volunteer-driven project like Debian, which does not sell software and distributes it in a decentralized manner.
Tille suggested that, if such obligations arise, they would likely affect redistributors or commercial entities building on Debian, rather than the Debian project itself. He added that, in this scenario, Debian would accept contributions to help downstreams meet their requirements, provided these features remain optional and respect users in other jurisdictions.
So, for now, the project’s position is cautious: the legal situation is unresolved, no implementation path has been chosen, and any future work would be optional and intended to assist downstreams, if necessary. In other words, Debian is not planning any immediate implementation of age declaration measures.
As you can see, Debian’s position is measured and cautious, without any sudden moves. That’s understandable given the nature of the issue – a complex legal matter. It’s also clear that before any final decision is made, not just by Debian but by other Linux distributions as well, obviously, there will need to be input from legal experts.
For so long it was said systemd is spyware and crashes the whole system if one process f***ks up. Back to the old trusted SysV and runit
The powers that be KNOW Linux and alternative OSes are becoming popular and seek to SHUT THEM DOWN!
Soon it will be ILLEGAL to use anything other than state/corporation approved OSes.
The first Distro that adopts AV dies.
And, by the nature of Open Source, it would be removable anyway, by simply recompiling whichever module enforced it. It’s an utterly pointless exercise by an Administration that is up its own rear end.
The age of the person operating a computer system is of no consequence at system boot, it should only come into focus at login. To ensure age appropriate access to applications / content / data, an identity system would be required, citizens of planet earth are highly unlikely to comply with such systems a globally unique ids with name, age included as mandatory fields.
This leaves the governance of such a system beyond the realm of reality.
This would need to be an entirely user space enforcement requirement, not a kernel or system process …
Just exclude the areas that require it. This rule doesn’t make any sense, especially when enforced on servers.
I say tell California to go suck a rock. If you can’t distribute in California. So be it, then chaos theory takes over and let the business and citizens work it out with their policy makers. Free and open source is exactly that. No one decides anything, but the community.
I don’t think this isn’t accurate. It applies on the aspect that Debian packages software, yes. But Debian also distributes a desktop release and that will almost certainly be in scope. The user can download an installer and install Debian on their PCs. That part will need support for age verification.
Distribution via torrent is really tricky to put behind age verification. You cannot implement asking for age verification between every peer.
Magnet links, torrent files and http(s) mirrors, yes could have something when accessing from regions needing age verification, but it shouldn’t be universal.
It doesn’t necessarily have to support it, even if it’s in scope. Not complying with the law is always an option, subject to a risk analysis comparing the cost of compliance with the cost of noncompliance.
Doesn’t matter what Debian leadership says, age attestation has already been added to systemd, it’s there at the init level already!
You are so wrong in this statement. Systemd has only optional metadata field. Maybe real age attestation could potentially use it, but they should not rely on it as it is optional and doesn’t have any verification mechanism in it.
No, what has been added to systemd is purely a metadata field for date of birth. There is no enforcement anywhere to fill it.
Hopefully they’ll be able to ship with those facilities disabled, or perhaps patch it out of the builds.