Will FreeBSD be available in California in 2027?

blackbird9 said:
My reading of it is that the (admittedly highly ambiguous) description of the mechanisms given in the legislation can be entirely implemented in the browser and target websites, without requiring any change to the underlying operating system on the device being used to access those websites.
Click to expand...
I have read only few paragraphs and not sure for details of this law but it sounds like OS requirement, not browser's:

"The OS must show an interface during account setup. This screen requires the user to provide their birth date or age."

If the responsibility is for OS manufacturer (developer) plus open source OS, it looks like impossible mission. 13yo child can get the OS in source form, remove 5-10 lines, compile and have unrestricted OS.
 
Yeah, it does say that... but I think they've got their knickers in a twist over the wording and terminology. There is no online account to set up, when you install something like freebsd and create a userid, is there. It doesn't make any sense. Not to me, anyway.
 
6502 said:
I have read only few paragraphs and not sure for details of this law but it sounds like OS requirement, not browser's:

"The OS must show an interface during account setup. This screen requires the user to provide their birth date or age."

If the responsibility is for OS manufacturer (developer) plus open source OS, it looks like impossible mission. 13yo child can get the OS in source form, remove 5-10 lines, compile and have unrestricted OS.
Click to expand...
To have any sort of hope of working reliably, it has to be in the OS, and probably firmware of the computer really. If it were just at the browser level, it wouldn't be able to influence any other software that could be used to access materials.
 
I heard the OS option was to allow apps to query it (maybe the OS has to note it somewhere like Windows registry, but the OS itself doesn't have to do anything with the age nor collect as telemetry?)
 
All this speculation without (so far as I can see) anyone posting a link to the Act - https://legiscan.com/CA/text/AB1043/2025. The wording is clear, not ambiguous, and laws don't work by what people think they mean but by what judges determine they do mean. The definition reads '“Operating system provider” means a person or entity that develops, licenses, or controls the operating system software on a computer, mobile device, or any other general purpose computing device.' The OS is required to store the user's age or DOB in their account and to make this information available in an interface so any program can request it in four age categories. Any developer of an application is required to ensure the app requests the data and uses it to comply with "any applicable law". In other words a developer needs to know what a person of that age is or is not permitted to do and ensure the person is blocked from doing something not permitted. No data is being collected and no surveillance is needed (use for surveillance is actually prohibited) - it all happens in the local machine, but the programmer is responsible for ensuring people cannot use the software to do something illegal or unlawful. It's a bit like making the car designer responsible for ensuring the car can't be used in a bank robbery.

The problem is, given the specific requirements of different jurisdictions, how is the software going to know how to cut the cake? Different countries might have different ages of consent for different activities and applications or the underlying OS will need a huge database of those restrictions for every country in the world in order to apply the right ones. This is a huge burden on the hobbyist programmer, especially as every program is required at least to query the data, even if it has nothing to do with downloading external content. What exactly does a word processor do with this information once it's queried it?

Given the tech industry, both commercial and Free, is largely based in California, it seems strange no one has actually pointed out to them the undesired consequences of this law, in killing the very innovation that makes Silicon Valley so attractive. That said, the basic idea of protecting children from some of the worst commercial or criminal actors is not a bad one. They just don't seem to understand.

I've just popped over to the FSF website to see what they have to say about this - nothing! They don't even mention it. Now that's interesting!
 
kjpetrie said:
The problem is, given the specific requirements of different jurisdictions, how is the software going to know how to cut the cake? Different countries might have different ages of consent for different activities and applications or the underlying OS will need a huge database of those restrictions for every country in the world in order to apply the right ones.
Click to expand...
Windows does it (I used to select Philippines since it had Cortana region-disabled :p)
 
kjpetrie said:
Which of course shows the obvious flaw. Children will just lie about their age and although the law requires the developer to do something about that if they become aware of it, it's not clear how an app could work that out.
Click to expand...
I'm quite sure the digital ID thing is bound to a person based on biometric data like a fingerprint or irisscan, or a rfid-like key provided by the government. Problem is that it requires a "compromised" computer because the owner could manipulate the scan device output, thus should be locked out of the process and placed in a software jail cell, away from the metal.
 
Thanks for looking it up and the explanation. So you WILL be asked to provide data like age when you create a userid with 'adduser', by the sounds of it. It doesn't sound good to me.
 
kjpetrie said:
Which of course shows the obvious flaw. Children will just lie about their age and although the law requires the developer to do something about that if they become aware of it, it's not clear how an app could work that out.
Click to expand...
Sometimes I think that is a feature and not a bug. If you make it easy like that, then the adults that get to vote are less likely to vote against it or the politicians that put it into place.
 
If this means that some unique identifier like a personal digital ID (as proposed by UK and some other governments) could be transmitted from the machine with every access to every online resource, it will effectively negate privacy measures like vpn's (or even TOR) and end any notion of online anonymity or privacy. It sounds similar in intent to the proposed EU chat control law.
 
I don't really understand why such a law is needed in the first place. After all, how many teenagers are still installing operating systems onto personal computers, given the fact that everyone now has a smart device in their pocket? Back in the 90s, when my own boys were growing up, they were constantly loading floppies into their machines, but these days my grandchildren don't own any computers, and all they do is play around with tablets and smart phones. It seems that such a law might have been somewhat justifiable twenty five years-ago, but it seems very questionable now in 2026.
 
(e) (1) “Covered application store” means a publicly available internet website, software application, online service, or platform that distributes and facilitates the download of applications from third-party developers to users of a computer, a mobile device, or any other general purpose computing that can access a covered application store or can download an application.
Click to expand...
This seems to infer that, e.g. the FreeBSD ports collection would fall into such a category. Though the grey areas are too numerous.

The legislation seems like it was put together by those who are only aware / concerned with MS or google accounts or Apple ID and "stores" as in those provided by the aforementioned.
 
blackhole said:
This seems to infer that, e.g. the FreeBSD ports collection would fall into such a category. Though the grey areas are too numerous.
Click to expand...
I would debate that. You don't need any account on the ports collection to access them, and there should be nothing in there that is age restricted. So you have no reason to check any age. Germany has a guideline/rule not to request data you don't need. How about the rest of the world?
Anyway, ask two lawyers get four opinions.
 
Crivens said:
I would debate that. You don't need any account on the ports collection to access them, and there should be nothing in there that is age restricted. So you have no reason to check any age. Germany has a guideline/rule not to request data you don't need. How about the rest of the world?
Anyway, ask two lawyers get four opinions.
Click to expand...
My thoughts exactly, seems far to grey. The target appears to be "app stores", and emphasis is on the providers of the OS, the stores and the app developers themselves, to adhere / self police or face fines.
 
Kai Burghardt said:
To answer your question: Yes, it will be available in California, but it may be illegal. It’s like recreational drugs, policymakers ban them, but you can still get them, you just need to know where to look.​
Click to expand...
I wouldn't be surprised if people start using VPNs for the purpose of being "outside" of CA from all appearances. I worry mostly about what this could do to developers in the state as anybody outside of the state shouldn't really be under any obligation to follow the law. A click through like they've had for the official Java would probably address most of the other issues.
 
The worrying thing is that midnightbsd are taking it seriously enough to ban use in california. We shall have to see if any of the larger distributions ... ghostbsd, freebsd itself, some of the mainstream linux variants, take this thing seriously and take similar measures.

Personally I can see potential synergies between this and government issued personal digital ID that has been proposed in various countries, but I think we have to wait and see what eventuates. Once you have a system set up to make user age reporting mandatory, it doesn't take much imagination to envisage a change from age (a number) to digital ID (another number). The UK parliament dropped plans to implement mandatory personal digital ID here recently, mainly due to civil liberties concerns; but they may always try to introduce it again in future. Any such move would be the end of any notion of personal internet freedom; they would be able to monitor, track and record everything you look at and everything you say online, if they wanted to.
www.eff.org

The UK Has It Wrong on Digital ID. Here’s Why.

In late September, the United Kingdom’s Prime Minister Keir Starmer announced his government’s plans to introduce a new digital ID scheme in the country to take effect before the end of the Parliament (no later than August 2029). The scheme will, according to the Prime Minister, “cut the faff” in...
www.eff.org www.eff.org
theconversation.com

Mandatory digital ID cards abandoned: where did the government go wrong?

The other benefits of digital ID, beyond curbing illegal immigration, needed much more attention.
theconversation.com theconversation.com
Final scary thought: imagine a government keeping a life-long blockchain of everything you do online. Total lifelong surveillance. Of course, this is all speculation.
Am I being paranoid? I don't know. I remember what Andy Grove said. If I can naively imagine this kind of stuff over the span of a few minutes, I'm sure certain other people will have evaluated these kinds of ideas in much greater detail. In the past, in the days of 20 MB hard drives, the obvious response would have been that the amount of data required would be impossible to store. But today? Or in ten years time? The key part is the legally mandated operating system facility for the mandatory reporting of a number like age (or digital id) in every online access made from the system, which appears to be what this law proposes.
 
CShell said:
If a User wanted to view uuencoded data that was sent to the USENET Newsgroup they would run (link to FreeBSD man page) uudecode(1) to turn the received USENET newsgroup contents back into native binary again. The User would then display the received binary data on an appropriate device or route the binary data directly to a local printer, etc.

In the "late stage" of USENET readers -- a User could just hit a key (like "a") on their keyboard and the just received Newsgroup posting containing uuencoded data would be automatically uudecoded and immediately displayed on the Users terminal (assuming an X session, native Windows, etc).
Click to expand...
Not sure why you are using the past tense here. Usenet is alive and well and likely the largest "decentralized media backup" in the world. And yes, that still includes porn.
 
Maturin said:
warning signs everywhere warning everbody
Click to expand...
Sings.jpg
 
You must log in or register to reply here.
Back
Top