Snot Flickerman

https://leg.colorado.gov/bills/SB26-051

Here’s a summary, but the text of the actual bill can be gotten by clicking on “Recent Bill (PDF)”

No shit, I was one of those people. I just don’t ascribe to malice what can adequately be explained by stupidity, being out of touch, and not thinking through long-term political consequences. Once again, the Omnibus Counterterrorism Act was largely in response to white nationalist home-grown terrorism, which not having squashed that in the 90s is literally part of why we have the problems we have to day with a white nationalist government. Still didn’t make it great, but I have a lot more sympathy for its origins in that era.

Well, not all of them, obviously. Yet, for example, I tend to think Joe Biden actually did have good intentions considering the bulk of the PATRIOT Act was based on his prior legislation in the 90s, his Omnibus Counterterrorism Act. It’s worth noting this was in response to a wave of US homegrown right-wing white nationalist radicalism and terrorism in the 1990’s such as Waco and Ruby Ridge. The Oklahoma City Bombing would happen a month after this bill first appeared. Considering the shitstorm we’re in regarding virulent white nationalist terrorism, I kind of think back when he first wrote it that it wasn’t such a bad idea.

People who were more clearly war hawks like Hillary Clinton? Probably a lot less likely to have had great intentions.

Yet others, like Ron Wyden, who has been a consistent critic of the out of control national security state and voted against military intervention in Iraq in 2002 also voted for the PATRIOT Act. He also spent a great deal of time trying to amend the PATRIOT Act as well.

And as much as Democrats drink from the same well of corporate funding as Republicans, I wouldn’t say the majority of the party is outright evil or don’t care what happens to their constituents. Schumer obviously doesn’t give a fuck, but I also don’t think he’s actually representative of the party as a whole as much as he just has power in a party that puts seniority over merit in intraparty politics.

It’s easy to forget how much shock and terror 9/11 really did put into people which colored how quickly they foolishly signed off on the PATRIOT Act.

I think it’s pretty clear that this was written by people who are used to getting everything from the iOS store/macOS store/Microsoft store/Google Play store and have no fucking clue what using a computer that isn’t “app-based” is like.

More anti-tech old farts making the rules

Wish we could blame it on them being old, but the primary sponsors aren’t that old. Matt Ball looks late thirties, early forties at most and Amy Paschal looks late forties, early fifties at most. I couldn’t find background on their specific ages, but Matt Ball’s bio refers to still raising his children, which also implies the younger side.

https://leg.colorado.gov/bills/SB26-051

https://leg.colorado.gov/legislators/matt-ball

https://leg.colorado.gov/legislators/amy-paschal

Do you have any fruit computers to declare?

Like those cases where the cyberbullying was coming from the children’s own fucking parents.

Presumably quite selectively, based on the user’s political leanings.

Not defend Democrats too much here, but they clearly have far less of a habit of doling out enforcement based on political leanings than the Republicans, even if they do enforce things quite selectively when it comes to actual leftists while letting Nazis run around with seeming impunity.

Colorado has been a solidly Blue state since the end of the W. Bush years, and even then, it was pretty split down the middle with just over half of the votes going to Bush. It’s honestly been mostly-Blue-dominated since 1992. (Lauren Boebert notwithstanding)

Further, the two main sponsors of the bill are both Democrats. This genuinely seems to me to be another example of “heart in the right place but don’t know what the fuck they’re actually doing” which seems common for the tech illiterate and often for Democrats in general.

Once again, not saying Democrats aren’t guilty of selective enforcement, just pointing out that they’re far less likely to do so (or at least less likely to do so against conservatives, for genuine leftists it seems up for debate).

Now, that also means nothing in context to how other politicians can use this kind of legislation negatively, even if the writers and sponsors truly have the best of intentions. Democrats had the best intentions when it came to the PATRIOT Act and the creation of the Department of Homeland Security as well, and way back then folks like me were saying “this seems pretty dangerous, especially if we ever have a despot take control of the country and the levers for these tools” which clearly has come to pass.

I think part of the problem is there shouldn’t be a server-side to this. Because that’s opening the door to all kinds of intrusive data-collection to determine age, even if they claim it should be done “minimally.” Define “minimal.” That seems to fly in the face of “clear and convincing information that a user’s age is different than the age indicated by an age signal” which is a direct quote from the Bill.

And as for number 3, I don’t see how no persistent knowledge could work. If the client app has read the data (“scanned the ID”) that means the client-app can now store that data anywhere the client-app has write access.

Further, it’s not like in real life when the bartender can scan the person up and down, look at the ID and make the assessment that McLovin is clearly underage.

Definitely same.

1. How do they secure age data? Age is most likely two characters, with a max of three characters. If there are penalties for sharing the age data when they aren’t supposed to, how do they secure this? Even with cryptography a two character number with only 70-ish reasonable and expected variations is going to be difficult to secure.

2. How do they ensure no one who is a different age ever uses the device? “Use mom’s iPad” is univseral. Does mom get in trouble for letting her child use her device, does the parent end up with the fine?

However, if a developer has clear and convincing information that a user’s age is different than the age indicated by an age signal, the developer shall use that information as the primary indicator of the user’s age range.

3. How do they determine age other than self-reporting with anything other than wholesale spying on user habits? What other way could they possibly glean “clear and convincing information that a user’s age is different than the age indicated by an age signal” other than spying on a user’s device use? This also implies remote-control of the OS if the operating system vendor can change the age-gate remotely based on user habits.

Show me who on the board of Amutable is who he is “working” for, since he’s one of the founders, and most of the people involved are European, or show me the funding for Amutable that’s coming from these “pedomericans” you claim or seriously shut the fuck up. Because none of what you’re saying makes a lick of sense.

You don’t have to like or use the tools these people create. Are you forced to use systemd? No, there are alternatives. There’s valid criticisms (of which there are many for Poettering) and then there’s whatever horseshit you’re peddling here.

Another aspect beyond making Linux legally dubious is this: How do they actually secure the age-data?

Age is generally two characters with a limited character set [0-9] even with an extremely well hashed and salted you’re looking at only less than 70 combinations being very likely.

There are penalties for sharing with a third party, but what if it’s trivial for a third party to exfiltrate this data?

Dude, Poettering is literally Guatemalan by birth, grew up in Brazil, and lives in Germany. Amutable is based out of fucking Berlin!

Stop reaching.

“Guys will do literally anything but go to therapy use systemd.”

Bro Poettering worked for Microsoft for four years after working for Red Hat for fourteen and then left to create Amutable, and no offense, but I don’t see his goals for Amutable to be about trying to force everyone to use his solution as much as giving groups who use massive numbers of Linux servers an option for something they can more securely lock down and ensure hasn’t been fucked with. I don’t think he’s out here building a desktop distribution and telling end-users they need it for security.

This is just FUD fearmongering, especially considering how small the company is. He isn’t forcing the entire ecosystem to adopt his ideas.

We can only hope that their businesses crash hard before any of these deals come to fruition and then when the hardware has nowhere to go we can all “buy the dip” so to speak.

To be clear, I know most of this stuff will be specialized server hardware, but hopefully it all crashing down will help get more people into self-hosting and working on community resources and networks instead of having everything live in the cloud.

KDE is premier for a modern system, but I have a handful of low-power devices where XFCE or LXQt are a lot more useful despite disliking their interfaces.

XFCE is great for mid-range old devices, and LXQt is great for dogshit old devices.

loose /= lose

Sorry this one had bothered me for years now and it just seems to get worse over time.

“I let the dogs loose from their enclosure.”

“Of course I would lose my phone when I don’t have Google’s Find My Phone anymore.”

/grammar nazi