Linux and open source getting age checking exemptions could be problematic

Quoting: STiATAge checking on OS-Level is nothing more than a patch on a severed limb.

It solves nothing.

It just gives problems and more power to corporations.

There's really not much power in a company having the answer to the question if a user is 18+ or not.
Nor is there a problem with that information.
Quite frankly, it could be public, next to all our profiles, and it wouldn't really matter.
I'll tell you right here: I'm 18+. Crazy, huh?
Feel powerful now? No? Exactly.

If it was done reasonably, it could just use the same kinds of service that already exists in many countries for citizens/residents to identify themselves for various services (banking, taxes, insurances, etc.), which usually means some kind of app verification.

The one asking for that information then only gains the minimum amount of data from that source (whatever it is they require to do their thing) and you can still just decide to not use given service.
So for this case, the only information would be "Is this user 18+ or not?" (or different age group ranges, whatever).

The one holding all that information is then just whoever you entrusted with that info already (mobile provider, bank, whatever).
The information isn't given out to any rando, either, but only to entities that have been checked first.
Honestly, this issue has already been solved in many places and nobody makes a fuss about it there.

The only problem would lie in a shitty implementation that would leak way too much information than what was initially asked.
Which... I won't lie, in some places is probably a possibility.

Last edited by TheSHEEEP on 26 May 2026 at 7:38 pm UTC

Quoting: The_Real_BittermanAs a fun side note "Deutsche Bahn AG", the major train operator here in Germany, blocked all Linux users to buy tickets or even look at train schedules online if they detected "Linux" in the Browsers user agent... You could even trigger it by setting the user agent on Windows to Linux. Blocked!

I was on a developer meeting this weekend in Germany and was affected by this bullshit. A friend is working on trains and told me the DB did not even know themselves what is causing this issue ... sounds like a vibe-coded bug, lol.

I then used railway-gtk to get access and it worked at first, but next day also blocked ...

Next I tried to get a Flixtrain route booked, they did not accept my legit payed email address with own domain. German public infrastructure is as bad as media tell us ... But this is a different story.

Quoting: CaldathrasAren't we already there with websites that offer the "login with your Google Account" pop-up?

I never had any issue to create an own account, since I do not own a Google acc. As long as this is optional, people just expose themselves and until now I never saw I was forced to use the Google acc.

Quoting: TheSHEEEPThere's really not much power in a company having the answer to the question if a user is 18+ or not.
Nor is there a problem with that information.

Again someone spread these false information. Age verification is a huge problem. Sure, you are 18+ at the beginning, you do not expose a lot of information. But with your opinion you force all kids below 18 to expose their birth-dates. Once they hit 18 they have to change the entry to "being adult". Even if they do it a week after their birthday, there are less than 300.000 people each day that become 18. In additional services also often know where you are coming from (where you connect to their page from) and may collect further data and you are exposed very easily.

The almost perfect birthday is one of the best identifiers a company can get. In comparison your sex only half the amount of people from 8 billion to 4 billion while the exact birthday tells "you are one of around 267k people" with no additional information.

The almost perfect birthday is one of the best identifiers a company can get.

I have a bunch of microsoft fonts installed on my linux laptop and just that immediately nails me down to 1 person according to eff's fingerprinting test😭

Quoting: TheSHEEEP... The one asking for that information then only gains the minimum amount of data from that source...

Ever heard the phrase "The nose of the camel inside the tent flap"? It doesn't take long before the whole camel is inside. While this might start with the minimum amount of your private information being exposed, how long before they start asking for the maximum amount?

Quoting: PlayingOnLinuxphone... The almost perfect birthday is one of the best identifiers a company can get. In comparison your sex only half the amount of people from 8 billion to 4 billion while the exact birthday tells "you are one of around 267k people" with no additional information.

I highly doubt that, for the very reason that the identifiers that they already use today can pinpoint you basically exactly.

Already back in 2006 researchers could use anonymized search data from AOL to identify individual people (down to name, age and address). Not only have this been finetuned over the 20 years since they, today we also have companies like Palantir.

So this age verification is not the government or companies wanting to gain access to more information. Following the money we get to META and it looks like one of their reasons is to create high barriers to entry for competition. From the gov side this most likely is wanting to demonstrate that "they are doing something for the safety of the children" since that makes them look good, if it works or not they do not care since this are about the image of doing something.

Quoting: Mountain Man

Quoting: TheSHEEEP... The one asking for that information then only gains the minimum amount of data from that source...

Ever heard the phrase "The nose of the camel inside the tent flap"? It doesn't take long before the whole camel is inside. While this might start with the minimum amount of your private information being exposed, how long before they start asking for the maximum amount?

The problem with this theory is that the Camel is so far inside the Tent already that you have to buy a larger tent.

Last edited by F.Ultra on 26 May 2026 at 9:58 pm UTC

"what if we just complied with the tyrannical government, wouldn't that be easier for us?"

It would be easier, but I won't be doing it.

Quoting: F.Ultra

Quoting: Mountain Man

Quoting: TheSHEEEP... The one asking for that information then only gains the minimum amount of data from that source...

Ever heard the phrase "The nose of the camel inside the tent flap"? It doesn't take long before the whole camel is inside. While this might start with the minimum amount of your private information being exposed, how long before they start asking for the maximum amount?

The problem with this theory is that the Camel is so far inside the Tent already that you have to buy a larger tent.

People have gotten savvy and are able to take some steps to protect themselves with ad blockers, tracking blockers, randomized online "fingerprints", virtual private networks, and so on. This plan would effectively circumvent all of that.

Are we really arguing in favor of age verification here?

If the law says Linux does not require age-checking, then there is no reason to block Linux users when they don't provide age checking.

"Unless Linux distributions / desktop environments do end up implementing something that correctly adheres to these laws"

They would be correctly adhering to these laws, which would not require age verification on Linux.

No one is arguing for age-verification. The article is simply pointing out that websites and apps will simply block Linux devices (if detected) because it's safer for them to do so, rather than "trusting" the offered response from those devices, which they know will be engineered/bogus.

If you think a gambling website is going to take the risk on allowing Linux devices after this law passes, I think you'll be in for a shock. It's unlikely to be worth the risk of facing a huge fine the first time an underage child is found gambling by using Linux.

Right now, in the UK, if you want to see adult content, you have to either use a VPN, or submit to age verification, on a per-site basis. The idea behind age-verification at the O/S level is that sites won't have to deal with this themselves - they'll simply ask the device if the user is of an appropriate age.

So websites may very well end up blocking any device which could falsify that response. Because if they trust that device, the UK government could come knocking under the OSA (UK's online safety act) and throw "10% of revenue" fines around.

It is staggering to me how the conversation barely even acknowledges that anyone that is younger than 18, and thus who these laws are "protecting", is a child. And children have guardians. If you want to control what your child can access, then do it. You SHOULD be limiting what your children can get to online. And don't give me the excuse that they can get access some other way. Because that same thing will still happen no matter what laws you put in place.

I'm so tired of daddy government being the arbiter of SaFtEy for the children. And somehow the conclusion, if you even accept such a premise, is that literally every. single. person. must comply with an ever growing complex of hoops to be jumped through.

Oh daddy government, if you care soooo much about the children... release the Epstein files!

Quoting: F.UltraI highly doubt that, for the very reason that the identifiers that they already use today can pinpoint you basically exactly.

Already back in 2006 researchers could use anonymized search data from AOL to identify individual people (down to name, age and address). Not only have this been finetuned over the 20 years since they, today we also have companies like Palantir.

That is just half of the truth. You claim it as we lost the privacy fight anyway, so we should just accept being naked all the time. But you do not tell that privacy fighters are also increasing their weapon arsenal. And it is also a difference if we expose our data to one specific company (as back in 2006 to AOL in your example) or to every company that just needs to read your data from OS.

Search results is a complex thing. You put in thousands of unique data points over time which makes it easy to identify you. But if you research on TOR where you change your identity multiple times each hour, something like AOL is not possible any longer. With your OS-level birthday data you just spread a very strong identifier to every company that requests it. It becomes much harder to stay anonymous.

And even Palantir has not success everywhere. There are countries using their products to hack into smartphones and also deliver data how often it was used and how often they had success. Even against normal people they just had a chance to hack into their phones. Privacy and security is not black and white, it is an ongoing fight, still without true winner or loser right now in 2026.

Quoting: scaineIf you think a gambling website is going to take the risk on allowing Linux devices after this law passes, I think you'll be in for a shock.

So you're saying Linux users won't be able to access gambling websites? Win!!!

Quoting: eggroleIt is staggering to me how the conversation barely even acknowledges that anyone that is younger than 18, and thus who these laws are "protecting", is a child. And children have guardians. If you want to control what your child can access, then do it. You SHOULD be limiting what your children can get to online. And don't give me the excuse that they can get access some other way. Because that same thing will still happen no matter what laws you put in place.

I'm so tired of daddy government being the arbiter of SaFtEy for the children. And somehow the conclusion, if you even accept such a premise, is that literally every. single. person. must comply with an ever growing complex of hoops to be jumped through.

Oh daddy government, if you care soooo much about the children... release the Epstein files!

I have known too many parents to be confident that government is always the wrong answer.

Quoting: Mountain Man

Quoting: TheSHEEEP... The one asking for that information then only gains the minimum amount of data from that source...

Ever heard the phrase "The nose of the camel inside the tent flap"? It doesn't take long before the whole camel is inside. While this might start with the minimum amount of your private information being exposed, how long before they start asking for the maximum amount?

First of all, no, never heard of it.
Second, ah, the slippery slope fallacy.
Good luck with that. Especially in this case.

Quoting: PlayingOnLinuxphoneAgain someone spread these false information. Age verification is a huge problem. Sure, you are 18+ at the beginning, you do not expose a lot of information. But with your opinion you force all kids below 18 to expose their birth-dates. Once they hit 18 they have to change the entry to "being adult". Even if they do it a week after their birthday, there are less than 300.000 people each day that become 18. In additional services also often know where you are coming from (where you connect to their page from) and may collect further data and you are exposed very easily.

The almost perfect birthday is one of the best identifiers a company can get. In comparison your sex only half the amount of people from 8 billion to 4 billion while the exact birthday tells "you are one of around 267k people" with no additional information.

You have failed entirely to explain how any of this is supposed to be an issue for me.

You are arguing from a standpoint of "what if someone knew who you are".
News flash, in case you've been living under a rock: Tons of people, services, entities, ... already know who you are and where you live, by far not only those where you have entered the info yourself, and all of that quite precisely.
The age of anonymity and full privacy - which arguably never really existed in the first place - is well and truly over. And has been for decades at this point, at least for the average person.
We already get the occasional leaks of one data source or another (remember the Ashley Madison one? Oohhhh, spicyyy!!! 😅 ). We already get stalkers and everything else.
Laws such as these change exactly nothing, other than making things already happening more obvious, which IMO isn't a bad thing.
We could enforce full public profiles, ending any form of online anonymity entirely, and it would have only a comparatively small impact on most (after the initial outrage).

This thing you are afraid of? You've been living in it for a veeery long time already.
If you think using Linux protects you from that, all I can offer is a giggle.

Instead of trying to hang on to the corpse of something, hoping that it will mystically revive, I would find it a lot more pragmatic to teach people how to live in a largely surveilled world without endangering themselves.

Telling them to go off the grid or just don't participate "cause privacy" isn't part of the suggested curriculum.

Last edited by TheSHEEEP on 27 May 2026 at 6:23 am UTC

Quoting: mr-victoryBut android also reports linux, it doesn't make sense. Do they check linux + x86_64?

Probably yes. Android adds Android to the user Agent.

Quoting: TheSHEEEPNews flash, in case you've been living under a rock: Tons of people, services, entities, ... already know who you are and where you live, by far not only those where you have entered the info yourself, and all of that quite precisely.

Oh again someone with the hybris to know more about me than that person actually knows about me. The internet is boring as ever. I know how to anonymize myself well enough, starting from not exposing myself over digital self-defence using privacy tools as script blockers, TOR-network in some cases and more. Oh and did I tell that I don't own a smartphone, paying many things non digital etc? Even Google knows less about me than GOL does.

Only because YOU cannot defend yourself in age of spyware doesn't mean I can neither.

I don't answer to the rest of your post, because it only continues false information. If you want to expose yourself, do it without removing clothes from all others around your as well. I don't want to live in a dictatorship and so I am fighting and acting against - don't stop people like me, only because you think you know it better. Which, oh news, you clearly do not.