143
I was expecting civil discourse and a level-headed response.
He may have been hoping for that, but surely he didn't truely expect it. The FOSS community can barely have a civil discussion about filesystems.
At the moment of most intense debates about mandatory age checks and government surveillance you (Dylan) hoped people to be calm about this? Then you my friend are simply delusional. They are angry and for a good reason. Why the rush to comply with a surveillance practice that hasn't forced on you with some sanction or enforcement. You did not even wait for it to play out. You did not have a discourse about alternatives. You just went ahead and hastily applied a change as if as if doing some sort of coup.
He didn't apply the change, he proposed it.
And there's zero surveillance in the change he proposed.
If we are going to get stuck in semantics, then he also did not just propose it. Propose would be opening an issue, describing how he would plan to do it and letting people discuss. This is how proposals work. Pushing a very controversial change and getting someone to accept it is not "proposing" when the change is something the community will obviously be so divided over.
And it does not have to implement a full on surveillance mechanism to take a step towards better compliance with possible future surveillance laws. The guy literally said in his comments that this was the intent:
https://github.com/archlinux/archinstall/pull/4290
What the hell are we even discussing here?
A pull request is very much a proposal: It is a proposal to make specific changes to the code-base. The developers are not forced to accept it in any form, and discussions can take place in the pull request, should the developers (or third parties) not agree with (the exact form of) the proposed changes. Which is exactly what happened in the systemd pull request, to the extent that the actual developers had to lock the thread.
In the case of systemd, the "someone", or rather the "someones", who accepted the pull request also included the lead developer on the project, namely Lennart Poettering. Who else do you propose should decide what pull requests and other proposals to accept?
Simply not true. In any such project, major proposals first get discussed as issues and community either vets a plan or comes up with an alternative before more solid steps such as PRs start. What is being done here is clearly trying to downplay a major change as a minor one. There are loads of blog posts and discussions on why this isn't a minor change, especially when the author of the PR himself admits the goal is to comply with age verification laws. I will not get into that here. Suffice to say, at best, this is a political statement of the kind "we are ok to comply with surveillance and will show minimal resistance". Yet they try to play this as if they are just changing a typo in the documents. Thanks to Lennart for his life long contributions to FOSS, despite him at some point joining Microsoft, the antithesis of everything that is FOSS. I am sure many things he did shaped how the open-source developed on a world-wide level. This still does not mean that his reaction to everything will be correct. To me this was more like a "fuck all, this was a minor change, don't care what you say" attitude, which in my world-view has place in propriety software world not FOSS.
You're approaching this with an everyday definition of "proposal", but in the industry that term is overloaded with more specific meanings.
If you asked 100 random devs, I have no doubt that the majority would call a PR to be something much more concrete than a proposal.
HEY MY GUY you want a CIVIL discussion about CIVIL DISCUSSION?
/s
Ugh, I’m forking this thread. If you guys can’t agree with me I’ll make my own.
load more comments
(1 replies)
Q. You say this is "just attestation, not verification" but we know that infrastructure always gets repurposed later. This is where the legit fear lies. Today it's birthDate. Tomorrow could it be location, identity, or verification tokens? I understand that you are providing a workaround but where should we draw the line between compliance and resistance?
A. Funny you mention that, location is already a field in userdb. Like birthDate, this field is also trivially nullable, stored locally, and can be set to anything. As long as we are talking about a user self-attesting a date - especially with the ability to enter any value we want - we aren't in the realm of identity tracking. I draw the line at when a third party internet-connected service is doing validation of ID. Let’s be honest though, I strongly believe such a thing isn’t possible on a FOSS operating system environment unless they could control what was bootable on the device at a firmware level, enforce signatures to ensure that you couldn’t boot something unrestricted, remove the ability to be root, and block LD_PRELOAD so signals couldn’t be faked. There’s probably more ways to circumvent that. What I’m trying to say is real ID verification on Linux would be awfully hard to implement, and I guarantee you, nobody would put up with it. They’d fork to a version that doesn’t have it immediately as a protest. Right now, we’re considering implementing something akin to the date pickers that were ubiquitous when signing up for internet services in the early 2000s where it’s just an honor system. Things like actual ID checks and/or facial scanning + age estimation would be just too incompatible with Linux where we have the freedom to change whatever we want to.
the intellectually diverse lemmings represented in this post and many others cannot understand this
won't stop them expressing their feelings tho, bless their hearts
That's a sound argument, mostly (in the quote, i mean)
If the technical implementation of how they would try and force age verification was the problem people were concerned about, this take would be very useful.
Physical locks on glass doors are easy to bypass, doesn't mean you won't get shafted if someone just so happens to catch you in the act.
If third party age verification is legally mandated the implementation being technically difficult (or easy to bypass) doesn't stop it from being illegal.
Being a condescending prick works better if the position you take is unassailable, you do you though.
You definitely can't have your cake and eat it too. Linux for many has been about freedom and privacy. He made a direct contribution toward a system that would help take that away
That's a rather negative view. There's a big difference between people who actually contribute to FOSS (in any way, not just code) and random keyboard warriors in the contents. Sure, there's always some drama somewhere, but that's not exclusive to FOSS.
There’s also a massive difference when one proactively participates in destroying linux users’ freedom, one of the pillars of foss
we're what happens when dumpster fighting punks need their laptops to work
Not surprising, this guy is also onboard with Google locking down Android: https://dylanmtaylor.com/posts/2026-03-19-googles-new-android-sideloading-flow-is-a-fair-trade
He barely went into developing systemd for two weeks before shoehorning in his bootlicking, he can fuck off. You're supposed to stick it to the man, not stick up for him
I can't help but feel bad for Dylan. It's not like if he hadn't done this someone else wouldn't have had to eventually.
Why not let someone else do it then? Why eagerly sign up to be the one to do it?
Blessings to you young bootlicker. May you pay escalating subscriptions and own nothing eternally, forevermore, amen.
Why not wait until it becomes absolutely necessary and all other alternatives are exhausted? The mandatory age check thing hasn't been even accepted whole US wide let alone world-wide. He did not even wait for ut to play out. What is with the enthusiasm to jump on board with this?
It's not necessary. But also, where's the hate against the ass that merged this PR. They're worse.
load more comments
(1 replies)
Being on Linux and in control of your OS couldn't you just set the age statically to something like 99? I really do not understand the hate :/
I really do not understand the hate :/
The itsfoss interviewer goes into this:
A lot of backlash isn't about the code change, but about what it represents.
You say this is "just attestation, not verification" but we know that infrastructure always gets repurposed later. This is where the legit fear lies.
Do you think regulations like these will reshape desktop Linux in the next 5-10 years where we might have "compliant Linux" and "Freedom-first Linux"?
Sam Bent's article also goes into this (although, fuck that clickbait title): https://www.sambent.com/the-engineer-who-tried-to-put-age-verification-into-linux-5/
He read the laws, decided compliance was the correct response, and went to work. Every objection the community raised went nowhere: that this enables surveillance infrastructure, that lying is trivially easy, that the laws themselves are unconstitutional overreach. He'd already accepted the law as legitimate and moved to implementation.
He read the law, took it at face value, and started writing code. The word for what that is sits somewhere past malice, something more insidious: an engineer who treats compliance as engineering, who sees a legal requirement the way he sees a technical specification, and will implement whatever the spec says regardless of who wrote the spec or why.
The reason to name him is the pattern. The surveillance state runs on volunteers: people who do the implementation work for free, out of genuine conviction, with no paper trail connecting them to the money that wrote the laws.
Compliance with fascism is definitely not the correct response
Compliance with fascism is indistinguishable from fascism.
load more comments
(1 replies)
One interesting thought I’ve had is actually that if we strip this signal to websites/apps and do not report an age range at all, but the vast majority of users DO, that actually gives us a more unique and trackable browser fingerprint.
As someone who is not a fan of adding the age field I'm curious what people think of this.
This is stupid. We block fingerprinting.
Just because some people are fingerprint able doesn't mean all of us should suffer and bend at the knee to unjust laws
You can't really "block" fingerprinting. You can obfuscate it a bit, but the fingerprinting process happens server side, not on your device. So whether or not your system sends whatever age verification signal becomes a part of its fingerprint.
load more comments
(7 replies)
load more comments
(1 replies)
Woah, fuck this guy. He admitted the change was for the purpose of complying with these laws
What do you mean, he “admitted” that?
It’s quite literally the first thing he wrote in his pull request to systemd:
Stores the user's birth date for age verification, as required by recent laws in California (AB-1043), Colorado (SB26-051), Brazil (Lei 15.211/2025), etc.
And the second paragraph of his pull request to arch:
Recent age verification laws in California (AB-1043), Colorado (SB26-051), Brazil (Lei 15.211/2025), etc. require platforms to verify user age. Collecting birth date at install time ensures Arch Linux is compliant with these regulations.
load more comments
(1 replies)
It's a fucking field. Why is everyone loosing his mind over it? It's not like it is required, nor will it prevent you to do anything if you put data in (except not being able to change it later).
If you have to complain, complain about the law, not poor guy that has to add it, by law.
A single law pushed through in a single state in a single country should not lead to systemic changes in FOSS projects used worldwide.
That field is here to allow the support of it, not to make it required everywhere.
Seatbelts isn't required everywhere, but car maker won't make two version of a car, one that support seatbelts, and one that doesn't. They will make one model, with the required attach points to install a seatbelt, and install an actual seatbelt only on cars that goes somewhere where it is mandatory.
Here we are in a similar situation. That field is here to make of possible for OS to support that law, but it doesn't mean we'll all have to conform to that law unless you live in a country that have said law.
load more comments
(1 replies)
load more comments
(4 replies)
He has nothing to defend
The damage is done
He's a collaborator; we don't want parasites like him
In free software, there is FREEDOM
I didn't switch to Linux to end up under the thumb of Microsoft's henchmen and some random government
Lol.
The free part is you are free to remove the commit and build it yourself. Doofus.
Y'all are going after this guy rn but in a few months we should expect more and more distros to do changes like this. So lets think, what is the real issue going on here? The real issue is that these distros are hosted on GitHub, which is a Microsoft company, and they will comply in a heartbeat and take that shit down if the software is against the law. So the two options are to move off Github or wait until it gets taken down, and lawyer up and fight California and Colorado, which if so, we'd better start a fund as a community for some lawyers for these devs.
What fucking distro would make this change besides redhat?
Debian, Ubuntu, most of their derivatives except the niche ones, Arch, Endeavor, Manjaro, Fedora. Basically all major ones.
Mark my words.
load more comments
(8 replies)
load more comments
(5 replies)
Why would I want some stupid verification field needed only in one state in one country I don't even live in? It shouldn't be in my FOSS when it is not required in my home location. I would like to stay as far away from a dystopian police state as possible, tyvm. No lawyers needed; I'm not in their jurisdiction.
load more comments
(3 replies)
view more: next ›
this post was submitted on 26 Mar 2026
143 points (100.0% liked)
Linux
13131 readers
435 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 2 years ago
MODERATORS