Age Checks and OSs

Posted on by pix
Age checks and OSs - banner

A stupid problem with a dumber solution

There used to be a sign in many amusement parks of a silhouette of a child and a measurement saying “You have to be this tall to ride the ride”. The idea was that that you could not be properly seat belted into the ride for your safety. This was OK it let your parents choose if they wanted to let you ride or not. Unfortunately times have changed. Right now some possibly well meaning legislators have tried to change the dynamic and take the choice from parents and take it upon themselves to “protect children”. Their latest craze is to have Operating Systems do the verification as to how old you are. Yes, I know how insane that actually sounds. But California, New York and several other states have started to pass those insane laws and like most stupid ideas they will spread.

What does this mean practically?

Any device that connects to the internet (Updates, Time, Email, and any telemetry) would be subject to these laws. That is your phone, laptop, workstation, any operating system (They probably haven’t even considered most of the Internet of Things) has to verify age.

For propitiatory operating systems (Apple and Microsoft) this would be a big technical challenge – going from an operating system and essentially becoming a digital identity provider. There are legal, privacy, and technical challenges to how to implement all of this legislative fantasy and make it feasible.

Some of the questions are:

  • Is there a central check on which age database is used?
  • What do we do with older devices that no longer receive updates?
  • Some devices are used by multiple people in a family what do we do then?
  • What about those devices that are non standard? (Flip Phones)
  • What about computers that can not use “modern” operating systems? Will they be exempt or unusable?
  • Where is the data kept? If it is centralized then it can be attacked easier.
  • How is the data secured? (All that data would be a tempting target and we all know that data breaches happen very frequently).
  • How is the data used? Is it just for verification or is it being used for tracking? Mission-creep as we have seen is rampant in government. Once something is in place it tends to be used for many nefarious things.

As you can see, this is a privacy minefield of epic proportions. This needs to be opposed in every state and place that it it proposed.

What about Businesses?

There are even more hurdles in the corporate world with this idea. What do you do when you have computers that have special functions and many users that don’t have to login? Computers that have older operating systems that only have a few programs vital to the operation of a department? Many doctor’s offices, accountants and others have legacy programs that can not be upgraded but play a role in their day to day operations. How could IT manage it all if you put another layer of complexity into the mix?

What about Linux?

One of the problems with the Linux ecosystem is that it is decentralized. There is the Kernel project which is the heart of the whole thing. But it is setup into different distributions, Ubuntu, Debian, SUSE and others. You can “roll your own” distribution – compile the Kernel and you have your own operating system. This makes it technically feasible to bypass any of these regulations. Yes, you do have to have some technical knowledge, but tutorials abound online to do this because it is part of the culture of experimentation.

What are we actually building?

Building onto operating systems may seem like the “thing to do”. It might seem like it would be more convenient to be able to bypass all of those annoying “age verification” things that might get in your way of browsing the web. But why even bother with them when there are things you don’t have to bother with them in the first place, just say “no” I don’t want your content if you are doing stupid things just to show me things.

I left the mainstream operating systems years ago because I saw the direction that they were going in. Yes, I have several propitiatory systems, but they are not connected to the internet. I used to tell people if they wanted to have privacy they could use them, but lock them down in many ways, but right now that is no longer the case.

We should oppose laws that take away our freedoms. Over reach of legislatures and Attorney Generals sound be a priority. Getting back to “normal” may seem like a lofty goal but it should be something to aspire to.

It is time to engage with the people that make the laws and tell them how crazy some of the proposals really are. Most if not all of them do not have the technical expertise to ask hard questions and have any answers. I urge you to write those who we have elected to step up and speak out against this mission creep of age verification. It will become the thread that will become the noose for privacy as we know it.

A link that may help:

How useful was this post?

Click on a star to rate it!

Average rating 5 / 5. Vote count: 1

No votes so far! Be the first to rate this post.

Leave a Reply