California moves to exempt Linux from its age-verification law after backlash (opens in new tab)

The only device mandates that should be taking place is for the default installations of web clients should be checking to see if parental controls are enabled. This only impacts the major browsers. An intern at each browser company could add this check in minutes. If they are enabled and the person logged in is on a regular account (not admin or power user of sorts) then the base installation of web clients must check for an RTA header [1]. If present, prompt for a override password and also give the option for the admin to approve-list the domain at that time. That's it. Not perfect, nothing is or will be.

The only thing server, platform, website, service providers should be doing is setting an RTA header if the content could possibly be adult or user-contributed content that could dynamically become adult, moderation aside. This knocks out two issues with one fix. Small children don't see much if any adult content and they are kept off social media until the admin (parent or legal guardian) approves it.

If a site is not adding the RTA header then progressively fine them into oblivion. If they accept the fines as the cost of doing business then seize everything and put everyone in GenPop. An intern could enable the header in 5 minutes.

All legislation regarding age verification must revolve around this otherwise people must reject it as an abusive form of tracking and privacy invasion. The focus should be on small children as teen share porn, warez, movies and such within Rated-G games.

[1] - https://news.ycombinator.com/item?id=47950091

As usual 95+% of people commenting have no idea what is actually in the California law, and so are commenting about things that have nothing to do with it.

Different states, countries, and multi-country organizations that have legislated in this area or are working on legislating in this area have went with many different approaches. These differ in their scope, how age is verified (or even if age is actually verified), what documentation is required (or even if documentation is required), whether they apply to the web or to apps or to both, whether they make anonymous use harder or not, how much if any sensitive information they disclose to the apps/sites that need to check age, whether they could allow government to track your usage, and in other ways.

Most ridiculous are the comments that after saying how bad it is (clearly talking about things not in the California law) then say how it should work and describe something close to the California law.

Who is actually writing this very concerning California Internet legislation, which will ultimately affect the entire nation and world?

Did someone write California Internet legislation without consulting any California Internet companies?

Did some California Internet companies write California Internet legislation?

Did some other party write California Internet legislation?

All this because public institutions have lost the will or capacity to regulate the companies. So they switch to burdening the consumers.

A cynical person might suspect that the reason they are doing this is so that Linux developers don't have standing to challenge the law on 1st amendment grounds...

Wow this is smart politically because the largest group against this age verification bulls*t just so happens to overlap a lot with people who love open source software (technical people who value user freedom)

Of course this also means that the nerds who use linux or lineageos get to win cool points because they can access more adult stuff

This is a bad move. California has no age verification law, only an age asking law and all of the reasons it's good to ask if the user is over 18 are still good reasons if the OS is Linux. And the penalty for providing an OS that doesn't ask if you're over 18 is that it's considered a defective product and you can return it for a refund, but open source software is already provided for free with no warranty so who cares. Unless you bought it from Red Hat so this is basically just giving Red Hat impunity to violate this law, for no reason.

Not just Linux. More specifically: “Operating system provider” does not mean a person or entity that distributes an operating system or application under license terms that permit a recipient to copy, redistribute, and modify the software.

>> SteamOS could still be affected

Steam itself does age verification, which when you first boot a steamdesk, afaik it forces you to log into steam before you can do much of anything without some initial hackery. That said, once in there's nothing stopping them from launching into desktop mode, launching firefox, and watching pr0n that way.

Sadly the solution is still for parents to do real parenting, but that's like saying stupid people shouldn't breed.

Okay, let's flip it: why would Apple, Microsoft, etc.. agree with such a law? What would the trickle down be for browser makers and website creators?

This will only help if the law states that internet companies that check this have to default to assuming the user is an adult. Otherwise the end result will be that Linux clients will get caught in a dragnet of automatic denial.

As a dad of two younger kids (7 and 10), I have been incredibly frustrated with the way age restrictions are handled across various services.

Really, my main complaint comes down to: I completely disagree with what these services choose to restrict for kids and what they allow.

They block my kids from doing things I have no problem with them doing and they allow things I would never want my kids to do in 1000 years. It is incredibly frustrating.

Often times, there is literally no way for me to bypass some stupid restriction they put on my kids, so the only way I can get it to work is to help my kids lie about their age… and at that point, I lose the ability to actually block things I care about.

These laws are just going to make it worse. I don’t want someone else choosing how I control what my kids do. Give me tools to control it myself, and you can choose some presets for parents to use, but don’t force me to use your definition of age appropriate.

If it gets horny teenagers into free software, that's a good thing, I guess :)

This law should never have been proposed to begin with. The fact that the backlash was needed is indicative of a huge problem in our lawmaking.

So are kids not going to have access to llms? Seems trivial to get around this from a technical standpoint for frontier llms no matter how this is implemented.

We did it despite the naysayers who faught us saying it "wasn't a big deal" and that this is the "best version of the law we could get". Never listen to the naysayers and compromise your principles to appease them, stay true to what you believe.

Who else has that Tux plushie tho? I've had one since I was like 11 years old.

Ah, but what about my internet connected TI 84 calculator?

This is the whole 'opt-in vs opt-out' at a high level. A better law would be crafted like 'some services have been determined to be harmful to minors and require age verification. Those -specific- services shall have these specific mitigations.....' Facebook and others should have a clear legal distinction of 'harmful to children' and then the law kicks in.

The entire age verification and identity verification surveillance system shows state democrats aren’t on our side.

No, not exemptions! Drop the stupid-ass law all together.

Patching inherently bad legislation doesn’t solve the problems it’ll cause.

Sounds like any GPL and perhaps other licences. Not just Linux.

I don't trust this one bit.

The reason is simple: the pattern I see hints that there is:

a) money spent, to push through age-sniffing, and b) it is happening almost globally.

I am not necessarily saying that all this can be singularized down to one bribe-using company, be it Meta, Google or what not, or state actors becoming beyond Evil. But just as the butterfly effect is used as analogy how a strong wind can be created further downstream, I see the situation here VERY similar. To me it is not confined to age-sniffing. Remember the sudden declaration of war by the UK against VPN. This is in my opinion connected here. The goal is not "protect the children" but instead spy more on people than before. A gradual extension of this. And some companies and private interests will benefit. See also the recent Palantir claim made against London aka "the major is responsible for more robberies when he refused to obey to our rule". These companies are greedy - and insolent.

Parental controls should be a client side option set by the user.

Sure, make it easy for users to do so, but it's a users choice.

Kids don't buy phones or computers, their parents do, and during initial setup, parents could choose "this pc is used by a child" option, input some override password to disable this in the future, and the phone could block whatever needs to be blocked.

Hopefully the add the BSDs too.

And yet, still unlawful compelled speech

Why should Linux be exempt? Linux lobbyists seem to be against the public good. It takes an AI agent 5 minutes to add this feature and then they add be good forevermore. And given that the software is open source, everyone can use the same library to be compliant. Belly-aching snowflakes…

And I bet that Microsoft employee who was sending PRs to all the linux distros (and systemd) will not bother sending apologies to them for wasting their time.

The state should handle personal records, authentication, and age verification. Compliance should be as simple as implementing dead simple state provided interfaces.

What's depressing to me is just how self-serving all this is. The original bill was AB 1043. Who supported that, breaking with other tech companies? Why Meta of course [1][2]! Meta likes this because it pushes liability onto the OS providers. Guess who doesn't have an OS? Google's support is a little stranger given Android. It seems like AB 1043 also shifted liability to third-party app developers instead of the app store so, conflicting goals?

Likewise, you'll have Microsoft and maybe Apple pushing for Linux to be included for, again, entirely self-serving reasons. Microsoft is never one to miss an opportunity to benefit Windows.

All that's going on here is competing corporate interests. Likely nobody in power actually cares the actual end users.

As much as libertarians chafe against it, I think we've demonstrated that something has to be done in relation to children online. Advertising to children, harmful impacts of social media, cyberbullying, addictive behavior and selling the data of minors needs to stop. How we get there is unclear. Meanwhile, everyone responsible is just trying to limit and shift their legal liability and that's it.

[1]: https://www.politico.com/news/2025/09/13/california-advances...

[2]: https://www.reddit.com/r/linux/comments/1rshc1f/i_traced_2_b...

next step age-verification at BIOS/EFI level /s