That's fucked up. Why don't they just tell parents to turn on their damn parental control settings if they care that much about the content their kids consume?
this post was submitted on 27 Feb 2026
181 points (98.4% liked)
Linux
12621 readers
230 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 2 years ago
MODERATORS
Apparently this will include Linux…
lol no it won't. what are they gonna do, go around the world knocking on doors asking open source devs to include age verification in their Linux distros? the law is completely unenforceable.
It isn't enforceable on the personal level, but every commercial distro will need an implementation (and let's be honest, they will each create their own) to sell pre-installed or to offer service for public and private device fleets.
Let's just add it to systemd
Meh, adding an age question to adduser wouldn't be that bad, we could even replace the current room number question
And non-commercial distros?
Depends if their non-profit is Californian or how deeply the mechanism is embedded into their base distro (if applicable).
If 0x0@infosec.pub is right and it's done through a simple addition to adduser (and the GUIs) every distro that doesn't actively patch against it, would get it upstream.
If you are a registered entity (even non-profit), you can be fined millions of dollars.
It is a very dumb law.
that's great. hey, why don't you ask the UK how fining foreign entities millions of dollars for not doing age verification is working out for them.
you see, laws only apply if the state has the ability to enforce them using violence. california does not have that ability outside of california. california can chew the bark off my big fat log for all I give a shit about the laws there.
Or if they can firewall them, China style. California probably can't do that, but the UK can.
So this is basically just misinformation. There is no age or identity verification as part of this bill, the age is self-reported by the user and you could select any age you want. The bill requires the operating system to have users select their age when creating an account. The intention is that parents will select their child's age when setting up their child's accounts on phones and computers, to age-gate them from accessing certain software or websites.
Regardless, I don't support this feature being mandatory, because it limits parents' choices. Parents should be able to choose to disable this feature entirely or allow their children to use an OS that does not include this feature, if that is what they feel is appropriate for their child.
Still fucking stupid and just a slow creep towards some bullshit like "kernel level age verification" where most Linux distros can't possibly comply because the chip manufacturers won't work with developers to certify unless they pay a $10,000 fee.
It's like Secure Boot but actually, 100% useless.
So the OS would also have to have built in content filters or what?
Software would ask the OS for the age range of the user (under 13, 13-15, 16-17, 18+). The software would implement content filters based on these age ranges.
The OS is only responsible for requiring the user to set an age and providing the age range to software.
Thanks for the additional info!
load more comments
(4 replies)
Cannot legally use BSD in Berkeley?
Wait. What?
Thanks. I know.
Just amusing irony worth pointing out.
Pedantically, I should have used "wont be able" to future-tense it.
Anyway, I'm ready already, with a script to add to any of my distro-respins:
#!/usr/bin/env fish
read -P "Are you old enough? (yes/no) " input
if test "$input" = "yes" -o "$input" = "Yes" ; echo "Proceeding..."
else ; echo "You are not old enough. Exiting." ; exit 1 ; end
;)
Anything but holding parents responsible.
Anything but giving parents/users responsibility.
Sudo su root!
Sudo su root now!
I'm giving root to my kids if and when I feel like they can handle it.
load more comments
(5 replies)
No operating system needs to know the age of a user, it's just not within the scope of how it operates normally. Software will always be bypassed no matter what the law is. Brb, "moving" my computers using a VPN.
I can actually imagine this being pretty useful on phones so you can give a kid a phone but prevent it from installing certain software (from normal sources)
My kid has a phone, their user doesn't have app installation permissions at all and app store is hidden
You can already require a pin to download anything off the store.
Stop buying anything that comes from California.
This is fucking stupid
In essence, while the bill doesn't seem to require the most egregious forms of age verification (face scans or similar), it does require OS providers to collect age verification of some form at the account/user creation stage—and to be able to pass a segmented version of that information to outside developers upon request.
As much as I hate this, just filling in a drop down on OS install is fine with me. This is the ideal solution. Tell your kid’s device it’s for a kid, then use the default age restrictions correctly. That’s perfectly fine to me.
Anything to avoid evil age verification services that force deanonymization through every app and service.
I do still hold a strong reservation against these age locks — how long until the US deems LGBTQ and teaching about slavery as “mature” topics?
I disagree. This is a first step towards something far worse.
It sets up the infrastructure for getting user ages and allowing services and websites to get an attestation from the operating system. Once that system is widely used and becomes ingrained, they can create a follow-up bill that demands the attestation be cryptographically verifiable by a trusted party.
In that scenario, the only way the operating system's promise that you're not a minor would be trusted is if it was signed by whoever holds the private keys—and that's definitely not going to be you, the device owner.
It would either be the government, or more likely, the operating system vendor. In the former case, now services can cryptographically prove that you're a resident of $state in $country, which is amazing for fingerprinting and terrible for anonymity. In the latter case, you can guarantee that only the corporations will be holding the key (like with Microsoft and secure boot), and you can kiss goodbye to your ability to access services on FOSS operating systems like Linux or custom Android ROMs.
This proposal is just a way to get their foot in the door with something palatable. If you've ever come across banking apps on Android using Google Play Services' SafetyNet feature to restrict access to only "secure" devices, you'll know exactly how this turns out: either you use the phone you own the "approved" way with a stock ROM where Google has more permissions than you do, or you're not doing your banking on your phone.
Doing banking only in laptop is the way I chose. It's a pain in the ass.
If people don't push back on this, you might not even be able to do it the way you choose even with a laptop. Unless you choose Windows... or Ubuntu maybe.
Agree with everything you say, I don’t like that it has to happen but having the device report whether you’re a child or adult makes more sense than having every service do it poorly themselves.
I don't get how this can work practically. Say if I install Arch, right. At which point during the process of entering a bunch of commands when following the installation guide would I be entering my age? And what software would be mandatory to install to enforce blocking content based on my age? pacstrap would need to like, read some file with my age, then install whatever needed based on that?
This makes no sense to me, but maybe I'm missing something.
The law is not for the individual person, but for organisations that develop the OS. So they would go to Arch linux org and start threatening them with huge fines, unless they do something here. And all the headache of how exactly to implement this would fall on arch developers. At which point I suspect they would go the same route as Midnight BSD and just forbid the use in California, because as you rightly said it is impossible to implement age verification in DIY distro.
Blocking use in California is definitely the only way forward. This is not practical to implement.
They'll just do it everywhere else. What is the privacy distro that runs on USB that you just carry around? TailsOS or some such? You can just use it anywhere but since it's different than a live boot I guess you can have all the rest of your personal stuff in there too. Black market for tails OS USBs, or really, just use a VPS somewhere else or a VPN or just go out of state for a few minutes and buy a dumb phone for downloading whatever you want.
They'll just do it everywhere else.
I can't imagine this will get traction in the EU where I am. Sometimes the decisions made here are actually thought through lol.
I'm in the US. Never say "it will not happen here."
Good thing nobody said that
OpenBSD, (unlike Linux) not being copyrighted by a foundation under U.S. law, begs to differ. Fuck the upcoming California law, I say.
They need to do what Midnight BSD did, exclude California residents from the license.
How does BSD work, does it run all the programs Linux can run? Can I run Steam on it?
Depending on the particular BSD, yes and yes or yes and no. (FreeBSD has a Linux emulator in its kernel, which allows you to run Steam.)
Windows is still unbeaten for gaming though.
Windows is still unbeaten for gaming though.
Beg to differ on that one. Performance for me has been better on Linux for a few years now. Last year when I bought a completely new PC, I just didn't even bother to move over my Windows drive. Literally no use for it. Any game that doesn't run on Linux isn't worth playing IMO, if I need to use Windows. The game might as well come with a Windows install at that point lol.
Hey, thanks for the info on BSD! ❤️
view more: next ›