this post was submitted on 02 Mar 2026
654 points (97.3% liked)

Technology

technology@lemmy.world
82227 readers
4334 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
654
California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup (www.tomshardware.com)
submitted 2 days ago by Amoxtli@thelemmy.club to c/technology@lemmy.world
383 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] super_user_do@feddit.it 24 points 1 day ago (1 child)

This is a whole new level for system level fingerprinting

[–] Schadrach@lemmy.sdf.org 1 point 1 day ago (1 child)

Am I missing something or would the following not meet the requirements?

Add a module that does the following:

On first account login to an interactive interface, ask for an age category (<=13, 15-15,16-17,18+). So a value between 0 and 3. Store that somewhere alongside user-level application settings. Include a library for applications to link against. Library contains one function, that function just returns whatever value was stored before.

I think that meets their bare minimum while also demonstrating just how dumb this is.

[–] super_user_do@feddit.it 0 points 1 day ago* (last edited 1 day ago) (2 children)

It wouldn't. It would require a dedicated server to ping constantly and also an API that applications should use to ask the computer for age in background. Everyone could therefore us this data to fingerprint users..this makes everything even dumber and more prone for mass surveillance 

EDIT: Sorry for the misunderstanding. Thanmk you for correcting me

[–] BennyTheExplorer@lemmy.world 4 points 1 day ago (1 child)

No, you're just wrong. The law just says, there needs to be a local API, that apps can use to ask, what of 4 age brackets the user is in. That's basically it. There is nothing about some online server that needs to hold that data.

[–] BartyDeCanter@lemmy.sdf.org 1 point 3 hours ago (1 child)

No, sorry, you’re wrong. Go read the bill, particularly section 1798.501.b, 1798.502.a and b. Every developer of every application that can be downloaded from every package system MUST request your age bracket every time it is downloaded. And possibly every time it is launched. Basic utilities like ‘ls’ and ‘cat’, that pong example I pushed as a test, everything.

[–] BennyTheExplorer@lemmy.world 1 point 2 hours ago (1 child)

But they could still just request the age bracket that is stored on the system at the time of download, no?

It's not at all impossible, it just has to be implemented.

[–] BartyDeCanter@lemmy.sdf.org 1 point 2 hours ago* (last edited 2 hours ago) (1 child)

That is correct. Every program that is downloadable on the internet, from a big commercial application store, a open source repository, a single project webpage, or a random personal hobby site that has a single file on it that gets an update after 1/1/2026 must request your age bracket when it is downloaded. Or launched. Every singe one, every single time.

Since I took at look at your user profile, that means you would need to add that to all of your github and itch.io projects. And if they are included in some other packaging system, you better be sure that they are doing it as well. Otherwise you will be personally responsible for a $2500-$7500 fine every time a kid downloads one of your games. Your site has a direct download, so what are you going to do to implement that?

Impossible? Certainly not. But why the fuck should we have to do that? Why should every bit of code you put up on the internet be required to check the age API every time it is run? What are you going to do?

[–] BennyTheExplorer@lemmy.world 1 point 1 hour ago* (last edited 1 hour ago) (1 child)

Yeah, don't get me wrong, this is an insane law. It makes no sense and it is utterly ridiculous and dystopian.

I am just saying, that it is still manageable to continue, we shouldn't give up. We should continue to fight against this law, but we can also realistically keep distributing our software regardless of this law.

I think, the age thing only has to be implemented by the operating system, not by every piece if software. We as app developers can then choose to use an API to age restrict our apps, if we want to.

We just have to make sure our app isn't recognized as an operating system in itself.

[–] BartyDeCanter@lemmy.sdf.org 1 point 1 hour ago* (last edited 1 hour ago)

I’m definitely not saying we give up, but this absolutely does impact every developer, not just OS developers. Go read the bill, but here are the relevant parts:

(c) “Application” means a software application that may be run or directed by a user on a computer, a mobile device, or any other general purpose computing device that can access a covered application store or download an application.

(e) (1) “Covered application store” means a publicly available internet website, software application, online service, or platform that distributes and facilitates the download of applications from third-party developers to users of a computer, a mobile device, or any other general purpose computing that can access a covered application store or can download an application.

(f) “Developer” means a person that owns, maintains, or controls an application.

(b) (1) A developer shall request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched.

Based on a very narrow reading of the “covered application store” definition, a personal website that only has applications developed by that person might be able to get around the age bracket request, but the application itself is still covered. As things like itch.io, crates.io, flathub, PyPI, and every package repo.

[–] Schadrach@lemmy.sdf.org 0 points 1 day ago

Nothing in the law requires some kind of online server. Only a local API, which a local library that can be linked is. And it only requires age to bebe described in four brackets, hence just storing a value 0-3. Didn't see anything obvious as to why this wouldn't actually meet the requirements, while being as dumb and pointless as possible.