Per the very first reply on their thread discussing it in their forums, which I linked directly to for the post title:
We’ll NEVER require any verification or identification from the user.
However, what’s gonna happen should the attempts to age-gate the XDG portal screw over alt-init distros like Artix too? My guess is maybe they start blocking regions which force age gating like Arch Linux 32 is doing.
You must log in or # to comment.
First Artix made me not vulnerable to the XZ backdoor (requires systemd). Now it saves me from age verification nonsense. Even on Lemmy sentiment seems people who avoid systemd are just cranks. But every time we are right.
It saves you from what exactly? As a rational crank, surely you have an explanation.
Unless you use xdg-desktop-portal, the field that systemd added does absolutely nothing.
It’s an optional information field for user accounts, systemd doesn’t require that it is filled nor does systemd do anything to verify or check the field. User accounts also store e-mail and location and you are free to not enter that information or to enter fake information.
I don’t see the vulnerability, especially considering that you’re comparing it to an SSH vulnerability (which, it should be noted, was caught in testing and never released).
We’ll NEVER require any verification or identification from the user.
Cool so no passwords?
In fact Arch and Artix do not require you to make a password to install the OS (even though you probably should).
But making a password doesn’t identify you or verify anything about you, anyway.
And regardless, say you do create a password at installation (as you should). The next time you type it in, that’s really you verifying yourself.
A password is litterally the OS verifying you are who you are claiming to be.
But making a password doesn’t identify you or verify anything about you, anyway.
Neither is putting in a date of birth.
I think there’s some confusion here about the concept of “identification”.
A date of birth is generally considered identifying information because it can be used to implicate other information about your real-life self, and it can have real-life consequences for you if it is known. It discrimantes and differentiates you from other individuals in ways that have real-life implications.
What does a password identify about you? Well it verifies that you are “the same person who set the password on the OS”.
So to compare and contrast, A DOB identifies you as…
- a person who may not be allowed to install certain programs or access certain information/content, based on age
- a person in a demographic who may be amenable to certain advertisements
- (if your system is compromised/leaked and age retrieved) someone who may be desireable by predators
- (in the context of investigation or stalking) someone who is not a specific other individual (ie it narrows you down from a pool of individuals)
Having entered a password identifies you as…
- the same person who set up the OS
- ??? - feel free to let me know if you’ve got anything here.
To consider the act of entering a password as an “identity” is pretty bizarre, and frankly the notion seems contrived just to be argumentative.
Wow sounds like they should only return an age bracket to mitigate most of those risks.
Also if your system is compromised it’s insane to think your DOB is the problem and not everything else on your system that can ID you.
Wow sounds like they should only return an age bracket to mitigate most of those risks.
Isn’t it even better just to take nothing related to your age at all?
…the problem…
But there isn’t “the problem”; there are multiple problems. Isn’t it good to have fewer problems?
…if your system is compromised…
Also it’s not just your system getting compromised that could be an issue. Say you put your age or age bracket in. Then some application or website retreives that, and stores it on their end, mapped to your user id or email or whatever. Then that system gets compromised. Even if your personal computer is perfectly safe and sound, they still got it.
That’s a real good case for the application website not storing it (which is in the CA law)
And only the 7 people using the OS will care.
Good, Maybe a list of “Pirate Distros” would help people.
Kinda crazy how downloading Linux isos might actually become illegal.
What a fucking clown world we live in.
Lol, which is funny as every torrent client gives the example of downloading Linux isos (which is probably for legality reasons)
Yep, that’s me, just Linux isos, I just like to collect 'em, y’know, and store them on a small 100TB NAS I can access from any
Plex clientcomputer in the house should I need them. You never know.
