endlesseden

the law wouldn’t hold up in court anyway. its not practical for any ecosystem outside online sites.

accounts and users are the same thing, despite what the law says. it also doesn’t different a person from a user, meaning a compromised system that is complying with the law, its actions represent the user, and the account holder is held responsible.

its made to absolve meta/Microsoft/google from their actions in targeting kids with intentionally addictive content and making the “account holder” at fault.

are you sure it’s even a person, not a bot? because this all screams either bot or seeking internet fame as the “hero to kids”.

because it’s all part of a larger project to collect usable data. you can’t force standards, but you can force laws.

if you build a standard and no one follows it. then it’s wasted time and money. Meta, Google and Microsoft all have a vested interest in user data. more so with law enforcement buying it in bulk to build identity profiles of /individuals/.

if tomorrow they got added to the law to store and transmit a string of your government ID, would you be more resistant?

the issue is, VPNs hide your ISPs assigned IP. till now there has been a higher difficulty in differentiating traffic from the same IP with similar metadata. the more user specific metadata that’s added, the easier it is to differentiate devices and users.

this makes targeting specific devices with malware for spying significantly easier. at the very least.

but at a bigger point of view, it gives provable cause because the way the law is written implies every user that installs the OS becomes a OS distributor and every user is a minor by definition, even if the API flag says otherwise.

I recommend you read that again and if the words “probable cause” don’t come to mind you don’t understand the risk of a “minor” identifying as a adult.

yes. every time in the history of gnu software when a function is added without a purpose its for a later feature.

otherwise there is no need for the form? since when do we leave empty forms in software that can be used to store strings, that hold no meaning…

only two uses for this. to implement the full API later or to have a string the user normally does not see that becomes a perfect place to store malware. full stop.

complying with the API is a act of absolute stupidity…

not really, the law is written that complaince makes you complicit. every user is a child. there is no adult users.

it’s a really messed up law…

above all else, even if the API is used properly, unless it’s giving false positives, it creates a metric that can be tracked to form patterns. these are all a advanced method to identify individuals to unmask online identities…

lol yes, that’s the point. narcassism only ever has one winner.

infeasible for whom? I mean we’re only talking like 10 years of survival max on another planet, then complete extinction of the species lol

but no one took their money!

Better yet, vote/demand actual punishments for parents when their children chose to commit crimes as they don’t want to parent.

However this is not entirely true either, for two reasons.

1. Philosophical: FOSS relies on the “many eyes” approach to security. Adding any API, even internal adds another layer of risk. This is exactly why some projects refuse to have API access to application data, even if it runs from a privileged forked service. (Using locked sockets or other methods instead).

Any open port is a attack vector and no matter how secure it is today, tomorrow is not a promise. More so with how this overlaps with laws like Australia’s, which requires all encryption to provide a backdoor for government access. (This means the 5 eyes nations get access by definition to this API while it’s in transit, as soon as it leaves the host system…)

But that’s not just the only issue. The whole issue with libxz being targeted by nation state sabotage proved that, it’s possible to put backdoors into applications despite “many eyes” on the code. (That case was only caught because one obsessive person over the /testing/ speed… 90% of such attempts in most projects would go unnoticed simply as there is not enough maintainers)

2. Licensed software: not all applications are completely open, even if the underlying OS is. This is a API thats exposed to all userland applications. Nothing stops Firefox for example from using binary blobs in Thier source to “sign” this data for supporting websites, then send this data to places you don’t consent.

Firefox is just a example, so many applications use permissable licenses that don’t require all of the sourcecode to be human readable or even accessible.

Big thing is nothing stops driver vendors from stealing this data too, no different than Microsoft does, whether or not you are signed Into a Microsoft account on windows. Telemetry is already a growing issue and the scope of telemetry data in closed source blobs doesn’t have to be defined…

So by definition it’s not any more secure…

Even if it was, the bigger question is why. Why does the application or web service need to know.

If a child walks into a liquor store and steals alcohol, they get arrested. The burden of proof was never on the liquor store. Why is the burden of proof on the OS and not the parent or child.

We don’t need nanny software, that teaches kids to be better liars. We need stronger punishments for criminal actions, regardless of age and more importantly punishments for the parents for allowing it to occur. Babygating the entire OS for some one elses children that would never touch it, legally. Is a example of creating solutions for a problem YOU(parents/government) created.

All of these age laws came from the social media bans. These of which only came into existence as a means of datacollection… Non-compliance, is actually compliance with how they are written, as they all place the burden of proof on you. No evidence == no crime. It’s still a crime to lie about your age to age restricted content.

can’t expose what doesn’t exist. if a site asks for age verification, stop using it and find a alternative that respects privacy.

your OS starts asking for your identity information, to share with everyone that pokes a open API, it’s time to jump OSs…

privacy is something you make a best effort to avoid creating obvious methods of exploiting. you don’t share your credit card numbers with every email too, just because they say they cannot prove it was your card on file?

identity is personal online, no one is entitled to it unless you choose to share it. otherwise it’s a invasion of privacy.

want to protect kids? educate them and keep them off tiktok/social media by fining the parents when they are identified.

fined twice? treat the kid like you would any other time a theft of service occurs.

there is no such thing as privacy when sharing private information, that’s accessible remotely.

leaks can and will occur. but more importantly this will be used to create digital associations between inviduals and Their online presence, just like all the other digital identity laws have.

it protects no one, as getting around it is easy as lying. while intentionally harming adults that comply out of necessity.

there is a reason people are jumping ship from privacy invading services already…

the solution is holding parents (and the child) responsible for the action of their childrens actions and not trying to create industry wide privacy invasion for bad actors to use. what’s next, gold stars for Linux users to wear?

I completely agree with this. treat it like a privilege level. it’s that simple. it doesn’t need to define “age”, it can just define what a account cannot access.

this is all a slippery slope, and a terrible one at that. gates protect no one and just tech people to learn to get around them…

billionaires already have. why do you think they are all determined to get to mars…

they destroy earth for the rest of us and live the rest of their days in luxury on a planet no one but them can be on. if this doesn’t sound like peak sociopath and probable, no one is paying attention…

practically have to have self destructing images, when specific passwords are used…

something about religions and militaries only lead to institutions of the criminaly insane.

look at the crusades and you will see parallels.

it’s almost like corporations should be required to report all assets every year along with Thier taxable expenditures…

it’s almost like their should be capital interest tax and loan resurgence limits, that require a federal application and limits on how it can be used (like home and auto loans are)

news is about bringing awareness to the masses. so they can make informed decisions and act accordingly.

articles like this are meant to tell the general public “Hey, start yelling at your politicians to fix this, before it’s you they are buying information on to target you for something you didn’t do!”

I mean most ceos went to uni for business and paid others to do their course work it seems. Then got hired on the vibes.

Shareholders care about only one thing, and its not the company or its employees. Of course maniacal idiots are at the top of the list for CEO, their too narcissistic and lack empathy to care.