Will FreeBSD be available in California in 2027?

[CShell]

Usenet is alive and well and likely the largest "decentralized media backup" in the world

Ya -- (link Wikipedia) NNTP is still a going today.

My (original post) was very UUCP centric so I did use the past tense for that forum post.

 

[kjpetrie]

This looks like a situation where FOSS institutions need to band together and get some crowdfunding for legal advice. If writing software is a means of self-expression, does dictating how it should be written and what it must contain amount to a violation of the First Amendment in the US, and if so, could a case be brought to challenge those parts of the law which force writers to include certain things with which they might disagree? If it gets struck down other States will think twice before following the lead.

 

[vmb]

This stupid law that is just the first step in further reaching surveillance, should be resisted. The first move should be to legally exclude downloading and use in California. I think it will even be necessary to remove all distribution methods (official mirrors) from California and have a contractual agreement on every download page.

I have read the actual law https://legiscan.com/CA/text/AB1043/id/3269704 and my understanding is that it will require modifications to the package repo (and all mirrors) to prevent age restricted software from being downloaded or installed by a minor, and that to achieve that, EVERY package in the repo will have to be assessed and given an age rating. This means existing packages and every time a package is updated on the repo.

This is an enormous amount of work and could even include downloading from Git repos and other software source code repositories.

It is far simpler to change the licenses to have clauses that:
1. Prohibit the use of the software in California and other territories implementing the same or similar laws.
2. Prohibit the distribution of the software to anyone in California and other territories implementing the same or similar laws.
3. Prohibit the use of the software by all branches of the State of California Government.
4. Impose a contractual agreement for financial compensation paid to the software authors, publishers and distributors that is jointly and severally bound to all offenders that do not comply with the above clauses.

Yes, this is going to seriously affect the income of those doing business in California, but there is no other way.

 

[kjpetrie]

That will do nothing to stop the law spreading. Soon your new terms would outlaw the use of FreeBSD everywhere. True, without these new terms the law would outlaw FreeBSD itself, but all they achieve is to shift the blame. FOSS of all kinds couldn't be used legally either way.

That's why the only way to protect FOSS is to kill the law at source. If we just play whack-o-mole with each new implementation the game's over.

Maybe a better change to the licence is to add a clause to the "AS IS" disclaimer that the software is an expression of the views, techniques, and intentions of its author and as such it and its distribution within the terms of the license is protected by the First Amendment of the United States Constitution.

 

[AlfredoLlaquet]

I think "California" (its ruling elites) would feel more comfortable being part of the EU (European Union). "We" (our ruling elites, the European ruling elites) love regulating everything.

 

[CeXP1917]

Another way, but risky...

Just do nothing and watch what "lawmakers" will do. Ban FreeBSD, Linux distros, etc? Ok, but how? How much resources they need to make ban working on territory? How much money? Yep, one side -- pain for capitalists, money, and non-working law in real life, other side -- "cashback" economy, social-syndicalistic corruption (sawing budgets between "ours", I dont know correct translation of word "raspil"), working mad law.

 

[6502]

They will ban new versions. No way for current, at least not with this law. But the idea to fine developers for their work is disturbing. The standard software disclaimer is ignored:

IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY...

 

[MG]

Another way, but risky...

Just do nothing and watch what "lawmakers" will do. Ban FreeBSD, Linux distros, etc? Ok, but how? How much resources they need to make ban working on territory? How much money? Yep, one side -- pain for capitalists, money, and non-working law in real life, other side -- "cashback" economy, social-syndicalistic corruption (sawing budgets between "ours", I dont know correct translation of word "raspil"), working mad law.

Prohibit computers that support loading unsigned kernels on industrial level. IME 2.0...

 

[Espionage724]

Prohibit computers that support loading unsigned kernels on industrial level. IME 2.0...

China probably wouldn't get behind that, at least on US's level

 

[kpedersen]

Prohibit computers that support loading unsigned kernels on industrial level. IME 2.0...

Yeah, this is how they would approach it. Its why SecureBoot was not so well received because it is pushing that frontier.

You would need to piss around with jailbreaks for every western machine or try your luck importing from changing routes into the eastern market (they would i.e ban AliExpress making it fiddly)

And trying to procure open hardware in bulk for a business or lab with a reliable source, would be harder still.

 

[hruodr]

Who is obliged by that law? Where sits 'FreeBSD' development? Who is responsible?

 

[citisyn]

Question: are port maintainers considered part of the FreeBSD project? If so, one could argue that software available through the official repositories is not third party (since it is maintained by the “operating system provider”), which would mean the repositories are not a “covered application store.”

 

[6502]

Maybe The FreeBSD Foundation.

 

[vmb]

Maybe a better change to the licence is to add a clause to the "AS IS" disclaimer that the software is an expression of the views, techniques, and intentions of its author and as such it and its distribution within the terms of the license is protected by the First Amendment of the United States Constitution.

This may well work in the USA, but it will not apply in other territories that don't enjoy the same level of constitutional protection.

Territory excluding licensing may be our only option. A long time ago we had to do this with Kerberos, one version for the USA, another for everyone else. It is time for territorial license exclusions on operating systems and applications. There could be one or no version for California, and another for everyone else. My vote is for the total exclusion of California until the Digital Age Assurance Act is abolished.

FreeBSD has 34,126 packaged ports. Each one of those packages requires ongoing age suitability assessment. It is hard enough keeping package maintainers as it is. California now requires us to maintain a consistent standard of judging age suitability for each package. The easy way out is marking the entire repo 18+. If we don't go for 18+ on everything another larger repo may have a different opinion on ratings. If the Debian repo decides a package we say is OK for 13+ is in their opinion rated 18+, where does the FreeBSD author, packager, distributor stand?

There is no point any Linux distro (Ubuntu) sucking up to California unless they are willing to pay for the ongoing process of determining the age suitability of the software in their package repo. Adding a signal in the OS account creation process is trivial in comparison to age rating every package, and enforcing that on every package install. I guess loads of Docker containers and Ansible playbooks will be broken next year! Hmm... what about pip and npm, they must be in this mess as well.

Will Ubuntu become the arbitrary age suitability assessor for open source packages? I guess if there is an exemption granted for open source packages, then FreeBSD 15.0 built on pkgbase will also be exempt.

 

[Espionage724]

Is any OS besides MidnightBSD taking any kind of stance against the implementation? What about users? Has any OS board marched down to CA/etc to voice their opinion yet?

A US president can get crowds without directly thinking about em; where's the crowds against this? (or will they finally appear once the age restriction hits Discord?)

---

Ubuntu/Canonical has a response (they're aware/no action currently): https://discourse.ubuntu.com/t/ubun...rnias-digital-age-assurance-act-ab-1043/77948

Canonical is aware of the legislation and is reviewing it internally with legal counsel, but there are currently no concrete plans on how, or even whether, Ubuntu will change in response.

 

[6502]

FreeBSD has 34,126 packaged ports. Each one of those packages requires ongoing age suitability assessment. It is hard enough keeping package maintainers as it is.

California requirement is for the OS (kernel) to keep information for age and give it to software which requires it. Other 34126 packages can be without changes.

 

[hasbeen]

The Actual intent of that Law has little to do with age verification or protecting kids from Internet services that are advertising, influencing, persuading , scamming or hacking anyone, at any age. The Califoney State, influenced by the High Tech boys there, cooked up and made up the State Law to kill off any and all Open Source operating systems and related projects that provide software for free or less than cheap, without restriction on who, how and where will use the software. The men with the gold rule the rulers, the rulers make the rules to appease the men with the gold and the masses have to obey all the rules, or else...

 

[Espionage724]

give it to software which requires it

What software would require it? Wouldn't those apps need changed to know about the OS age setting?

 

[6502]

What software would require it? Wouldn't those apps need changed to know about the OS age setting?

If software is web browser, it will need age info and will ask the OS for that info. If the software is local Chess game or desktop calculator or word processor - it does not have age limitation and does not need this info. (This is how I understand the law.)

 

[hasbeen]

If they really wanted to implement age verification, they should start with ISP(s) with the task of monitoring 15 year/olds that access porn sites or hack TCP/IP with FreeBSD

 

[Espionage724]

If they really wanted to implement age verification, they should start with ISP(s) with the task of monitoring 15 year/olds that access porn sites or hack TCP/IP with FreeBSD

Nah; that'd take down self-hosting opportunities (plus I'd like to think I turned out ok browsing un-sanctioned back then )

It's the hosts themselves that are the problem: Maybe question the chat platform that has nefarious activities going on freely before collecting a list of who indirectly looks at it.

 

[kjpetrie]

If software is web browser, it will need age info and will ask the OS for that info. If the software is local Chess game or desktop calculator or word processor - it does not have age limitation and does not need this info. (This is how I understand the law.)

That's not how I read it. I think every application has to check the age and then see whether any of its actions have an age verification applied to them. In that case the local chess game would have to check which age groups are permitted to play chess (or whether any moves are forbidden to minors).

hasbeen might or might not be right about the underlying motive of those moving for this legislation, but we can only argue on the published purpose, not the unknown ulterior motives of people who might have influence.

 

[blackbird9]

But the idea to fine developers for their work is disturbing.

*** THIS ***. How the hell is that even enforcable? Will they sue the distribution organisations and make THEM police everything that is checked into their codebases? Under pain of being fined thousands of dollars if they get it wrong? Nuts!

 

[hedwards]

*** THIS ***. How the hell is that even enforcable? Will they sue the distribution organisations and make THEM police everything that is checked into their codebases? Under pain of being fined thousands of dollars if they get it wrong? Nuts!

IANAL, but from what I remember from the business law class I took, unless the developers live in CA, or at least have assets there, there isn't really anything that can be done to developers outside the US. They could potentially convict/fine them, but there'd be no actually consequences for the developers as long as they stay out of areas with extradition or enforcement agreements in place. Inside the US, it can potentially get kind of complicated, but the same sort of thing should apply that CA can't compel them to follow their state law.

That being said, the GPDR is sort of the same thing, as much as the EU might like to enforce that globally, they don't have jurisdiction globally,so they can't really enforce it unless there's some part of the business there, or at bare minimum some stuff there to seize if they successfully prosecuted. It tends to be a bit of a moot point as there aren't that many businesses that do business with Europeans and don't have enough presence there to have to comply.

 

[Crivens]

Maybe it is sufficient and much easier to move the post box of the foundation to, say, Geneva?