I’ve been seeing news about the braindead bootlicker states of America trying to force “age verification” into Linux. I’m still not sure how much I should panic about this. I don’t see any of the communities of the distros I use talking about it, but it seems serious seeing how these devs aren’t anons and some of them may live in America.
How serious do you think this is on a scale from 1 to 10? With 1 being we laugh about it with our friends and 10 being we gonna have to manually remove the virus from the kernel every time we want to install a distro and risk prison time for doing it.
11 based on the GitHub issues and Kicksecure Wiki page references, and since this topic URL is also referenced in some of them, the topic name is now locked.
It is not an issue for Qubes, as a derivative distribution. Whatever
solution is produced by Fedora or Debian will feature in Qubes.
Completely upstream.
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
Maybe time to fork and rebase on Gentoo? Maybe pull in drobbins with a new challenge: qubify portage? Imagine a sys-portage build VM your other [Gentoo] templates build/update against…
Qubes (or Invisible Things Lab in this case) probably has to comply in order to avoid heavy, heavy fines. On the other hand, this is Linux and Free software we’re talking about so as a user there will hopefully be quite easy ways to bypass this.
This adds a thick and solid +1 to the long list of reasons devs of security-critical software should be anonymous.
Fxcking hell man. Oh well. Like you said I’m sure there will be a bypass, so that’s good, but it’s still extra work… I hate politics/legal people so SO fxcking much right now. First they came for our hardware, now they come for our software too. Our “FREE” software. Such pigs of hell.
It depends on how the law is implemented. For example, Qubes may need to comply if they want to distribute their software in California/wherever or otherwise would have to somehow “block” all Californian users from downloading Qubes OS. Similar to how the GDPR () also impacts non-European companies in a significant way.
Also, I am not a lawyer, so take everything I say with a grain of salt, it might not be fully correct.
Brazil passed a age verification law (Law 15.211) also, it takes effect on March 17th, 2026.
This is sad to see that QubesOS is going to implement it through their use of Fedora and Debian and almost any work around (besides using templates without age verification) is just going to give people unique identifiers.
Is it significantly different compared to the california one?
I’ve read the mailing lists a bit and assume that things said there aren’t entirely wrong for the following. As somebody have said, this is more of an age declaration than age verification. I bet that almost if not literally all 14 year olds capable of using linux will just set that age bracket to 18+ - this identifier is not much different from the fact that you are using linux.
Still, an encroach on privacy like this is bad, not because of this law specifically, but of what could follow. It seems like the developer doesn’t have a good way to fight back or ignore such laws.
Such ruling should be made illegal. Why a distributor supposed to care about other jurisdiction’s laws if they aren’t actively trying to ship their products there?
Alternatively, if there is a requirement to set specific age, perhaps there is a default people can agree on? There is little fingerprinting possible if everyone is born 1970-01-01
If QubesOS (as a reasonably secure operating system) supports sharing personal data (and a user’s age IS personal data) with third parties outside my computer without my consent, then this will be (and please take me as seriously as you can) the last day of my life as a (long-time) QubesOS user.
Self consent is the key to comply with California laws. I am currently residing the State. Please note that leaving the State won’t affect you greatly since not entire US will be freely available as the State.
You just never geoblock California if you try to because it compromise every single oceanic connections between oceanic nations to North America since all connections are delayed by connection vulnerability.
) also impacts non-European companies in a significant way.