Jesting aside, OpenHub lists Linus Torvalds as having made 46,338 commits. 45,178 for Linux, 1,118 for Git. His most recent commit was 17 days ago. [1]
That is a far cry from a vibe-coder, no? :-)
Bit unfair to call his leadership vibe-coding, methinks.
> Just like stealing fractional amounts of money[3] should not be legal, violating the licenses of the training data by reusing fractional amounts from each should not be legal either.
I think you'll find that this is not settled in the courts, depending on how the data was obtained. If the data was obtained legally, say a purchased book, courts have been finding that using it for training is fair use (Bartz v. Anthropic, Kadrey v. Meta).
Morally the case gets interesting.
Historically, there was no such thing as copyright. The English 1710 Statute of Anne establishing copyright as a public law was titled 'for the Encouragement of Learning' and the US Constitution said 'Congress may secure exclusive rights to promote the progress of science and useful arts'; so essentially public benefits driven by the grant of private benefits.
The Moral Bottomline: if you didn't have to eat, would you care about who copies your work as long as you get credited?
The more the people that copy your work with attribution, the more famous you'll be. Now that's the currency of the future*. [1]
> The Moral Bottomline: if you didn't have to eat, would you care about who copies your work as long as you get credited?
Yes.
I have 2 issues with "post-scarcity":
- It often implicitly assumes humanity is one homogeneous group where this state applies to everyone. In reality, if post-scarcity is possible, some people will be lucky enough to have the means to live that lifestyle while others will still by dying of hunger, exposure and preventable diseases. All else being equal, I'd prefer being in the first group and my chance for that is being economically relevant.
- It often ignores that some people are OK with having enough while others have a need to have more than others, no matter how much they already have. The second group is the largest cause of exploitation and suffering in the world. And the second group will continue existing in a post-scarcity world and will work hard to make scarcity a real thing again.
---
Back to your question:
I made the mistake of publishing most of my public code under GPL or AGPL. I regret is because even though my work has brought many people some joy and a bit of my work was perhaps even useful, it has also been used by people who actively enjoy hurting others, who have caused measurable harm and who will continue causing harm as long as they're able to - in a small part enabled by my code.
Permissive licenses are socially agnostic - you can use the work and build on top of it no matter who you are and for what purpose.
A(GPL) is weakly pro-social - you can use the work no matter what but you can only build on top of it if you give back - this produces some small but non-zero social pressure (enforced by violence through governments) which benefits those who prefer cooperation instead of competition.
What I want is a strongly pro-social license - you can use or build on top of my work only if you fulfill criteria I specify such as being a net social good, not having committed any serious offenses, not taking actions to restrict other people's rights without a valid reason, etc.
There have been attempts in this direction[0] but not very successful.
In a world without LLMs, I'd be writing code using such a license but more clearly specified, even if I had to write my own. Yes, a layer would do a better job, that does not mean anything written by a non-lawyer is completely unenforceable.
With LLMs, I have stopped writing public code at all because the way I see it, it just makes people much richer than me even richer at a much faster rate than I can ever achieve myself. Ir just makes inequality worse. And with inequality, exploitation and oppression tends to soon follow.
> In reality, if post-scarcity is possible, some people will be lucky enough to have the means to live that lifestyle while others will still by dying of hunger, exposure and preventable diseases.
By definition, that's not a post-scarcity world; and that's already today's world.
> It often ignores that some people are OK with having enough while others have a need to have more than others, no matter how much they already have.
Do you think that's genetic, or environmental? Either way, maybe it will have been trained out of the kids.
> it has also been used by people who actively enjoy hurting others, who have caused measurable harm
Taxes work the same way too. "The Good Place" explores these second-order and higher-order effects in a surprisingly nuanced fashion.
Control over the actions of others, you have not. Keep you from your work, let them not.
> What I want is a strongly pro-social license - you can use or build on top of my work only if you fulfill criteria I specify such as being a net social good
These are all things necessary in a society with scarcity. Will they be needed in a post-scarcity society that has presumably solved all disorder that has its roots in scarcity?
> With LLMs, I have stopped writing public code at all because the way I see it, it just makes people much richer than me even richer at a much faster rate than I can ever achieve myself.
Yes, the futility of our actions can be infuriating, disheartening, and debilitating. Comes to mind the story about the chap that was tossing washed-ashore starfish one by one. There were thousands. When asked why do this futile task - can't throw them all back- he answered as he threw the next ones: it matters to this one, it matters to this one, ...
Hopefully, your code helped someone. That's a good enough reason to do it.
IANAL; this is what my limited understanding of the matter is. With that caveat: it is easy to forget that copyright is on output- verbatim or exact reproductions and derivatives of a covered work are already covered under copyright.
So if the AI outputs Starry Night or Starry Night in different color theme, that's likely infringement without permission from van Gogh, who would have recourse against someone, either the user or the AI provider.
But a starry-night style picture of an aquarium might not be infringing at all.
>For small contributions to the Linux kernel it would be hard to argue that a passing resemblance of say a for loop in the contribution to some for loop in somebody else's code base would be anything else than coincidence or fair use.
I would argue that if it was a verbatim reproduction of a copyrighted piece of software, that would likely be infringing. But if it was similar only in style, with different function names and structure, probably not infringing.
Folks will argue that some things might be too small to do any different, for example a tiny snippet like python print("hello") or 1+1=2 or a for loop in your example. In that case it's too lacking in original expression to qualify for copyright protection anyway.
> Signed-Off ...
> The human submitter is responsible for:
> Reviewing all AI-generated code
> Ensuring compliance with licensing requirements
> Adding their own Signed-off-by tag to certify the DCO
> Taking full responsibility for the contribution
> Attribution: ... Contributions should include an Assisted-by tag in the following format:
Responsibility assigned to where it should lie. Expected no less from Torvalds, the progenitor of Linux and Git. No demagoguery, no b*.
I am sure that this was reviewed by attorneys before being published as policy, because of the copyright implications.
Hopefully this will set the trend and provide definitive guidance for a number of Devs that were not only seeing the utility behind ai assistance but also the acrimony from some quarters, causing some fence-sitting.
Signed-off-by is already a custom/formality that is surely cargo-culted by many first-time/infrequent contributors. It has an air of "the plans were on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard.'" There's no way to assert that every contributor has read a random document declaring what that line means in kernel parlance.
I recently made a kernel contribution. Another contributor took issue with my patch and used it as the impetus for a larger refactor. The refactor was primarily done by a third contributor, but the original objector was strangely insistent on getting the "author" credit. They added our names at the bottom in "Co-developed-by" and "Signed-off-by" tags. The final submission included bits I hadn't seen before. I would have polished it more if I had.
I'm not raising a stink about it because I want the feature to land - it's the whole reason I submitted the first patch. And since it's a refactor of a patch I initially submitted (and "Signed-off-by,") you can make the argument that I signed off on the parts of my code that were incorporated.
But so far as I can tell, there's nothing keeping you from adding "Co-developed-by" and "Signed-off-by Jim-Bob Someguy" to the bottom of your submission. Maybe a lawyer would eventually be mad at you if Jim-Bob said he didn't sign off.
There's no magic pixie dust that gives those incantations legal standing, and nothing that keeps LLMs from adding them unless the LLMs internalize the new AI guidance.
The way you describe it, the developers all did the right thing. You contributed something to the patch, and even if it wasn't in your preferred final form (and it's basically never going to be for a kernel contribution of any significance), you were correctly credited.
If you didn't want to be credited you should have said.
Signed-off-by probably has some legal weight. When you add that to code you are making a clear statement about the origins of the code and that you have legal authority to contribute it - for example, that you asked your company for permission if needed. As far as I know none of this has been tested in court, but it seems reasonable to assume it might be one day.
The problem is they've got a doc that declares "when you say balacalaboozy, you're declaring that a specific set of legal conditions is met. You must say balacalaboozy to proceed."
Newcomers see everyone saying balacalaboozy, so they say it to. It doesn't mean that they have read or agree to the doc that declared its meaning.
LLMs are the world's most sophisticated copycats. Surely they too will parrot balacalaboozy, unless their training is updated to include, understand, and consistently follow these new guidelines.
> You contributed something to the patch, and even if it wasn't in your preferred final form (and it's basically never going to be for a kernel contribution of any significance), you were correctly credited.
I don't see how the "signed-off-by" attestation constitutes correct credit here. It's claiming that GP saw the final result and approved of it, which is apparently false.
> Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
Enterprise environments use a number of tools like Powerbroker, UCS, Centrify/Delinea etc to bind linux machines to active directory and manage identity and access through active directory. This is for mixed environments with both Windows and Linux machines.
For pure linux environments, there are a number of tools like FreeIPA/IdM, Samba AD/DC (for A/D like management), and OpenText's eDirectory for the current version of Novell's eDirectory counterpart to A/D. They all provide centralized user/host/policy/access management.
Since Entra+Intune are the recent MS products, cloud-based equivalents are Jumpcloud+Fleet, Okta PAM, FreeIPA/IdM.
At first I thought this was a Nature paper. Turns out, it's a feature article.
The true test for this would be a blind test that involves human doctors - primary care since that's where something like this fits - exposed to the same data (fake papers), as well as LLMs.
Isn't it interesting that the fake papers made it onto science preprint servers? I didn't think that they were open to posting by random authors and had some basic checks in place. Currently these papers are showing as "withdrawn" on their DOI links [1] [2].
> While I personally doubt that for $17M one could build such a vacuum robot prototype (for a vacuum cleaner company, investing this amount of money - if it worked - would be a rounding error)
The first Roomba prototype from iRobot was two weeks and $10k in 1999 [1], and S. C. Johnson's funding was up to $2M [1]. The public estimate for total pre-launch program cost is $3M. [2]
In 2026 $, that's about $19k, $4M and $6M respectively.
Science is hard. This reporter is no scientist, and not very good with logic, or managing context. The article feels like an amateur in a fever dream, whose conclusion is ultimately wrong.
Two of the problems with this article, among others:
> we identified 325 distinct errors in Satoshi’s use of hyphens.
> Mr. Back was a clear outlier. He shared 67 of Satoshi’s exact hyphenation errors. The person with the second-most matches had 38.
The fact that there is such a huge gap between Satoshi and Back, substantially more than the gap between Back and the next person, is a really strong indicator that Back is not Satoshi, rather than being an indicator that he is.
> It was when I was walking him through the similarities between things he and Satoshi had written.
> Implicit in that was an acknowledgment that he had been the one who wrote the quote.
So this reporter Carreyrou is walking someone through similar quotes, and that person responds with why they may have made the statement, but Carreyrou's conclusion is that they were talking about the Satoshi quote and not their own? That seems a bit, silly.
If I'm in a conversation comparing my similar quotes, and 2 or 3 deep into the list, do I even need to know my specific quote before responding with why I might have said something similar?
The quotes in question:
> Satoshi: I'm better with code than with words though.
> Back: I'm better at coding, than constructing convincing arguments.
Pretty sure a lot of folks in the tech community have said something along these lines, and very nearly exactly the first part.
This article seems to conclude that a specialist in a domain sounds very much like another specialist in that domain, over the span of two decades, no less, cherry picking tiny bits of output over the two decades, so therefore they must be the same person. And on top of that, ignores evidence to the contrary, like the massive gap in hyphenation errors. LoL. Science & logic this article is not.
I wonder, based on the large number of distinct hyphenation errors, whether Satoshi is even from the UK or the US. Add in the use of a Japanese alias, and the Tokyo-based anonymizer, and the evidence starts to point towards a non-UK/US origin.
And then, not cashing out any of that massive hoard of wealth, how very Zen of them.
It has been clear for a while that certain providers and services need to be regulated as utilities - Microsoft, Google, Apple, Visa, Mastercard, and soon Openai and Anthropic.
It should be illegal for these companies, just like utilities, to deny service to anyone or any entity in good standing for dues.
There is little hope for getting this through in the US where most politicians of any stripe hate the public, and the ones that don't have hardly any power. But it might be possible to do this in the EU.
Then, we non-EU folks need to apply for Estonian e-residency [1] which may get us EU regulatory coverage.
It would not surprise me if these actions are coming at the requests of governments. Strong encryption is one of the few things that challenges their monopoly on information; they have a very strong incentive to apply political pressure to the maintainers of these projects to, well, stop maintaining the projects. We've seen this in overt actions that the EU takes; in more covert actions that the U.S. government is suspected of taking; and in the news headlines about third-world dictatorships that just shut off the Internet. Tech companies are perhaps the most convenient leverage point for these actions.
More regulation won't help here, because the regulation-maker is itself the hostile party.
What would help is full control over the supply chain. Hardware that you own, free and open-source operating systems where no single person is the bottleneck to distribution, and free software that again has no single person who is a failure point and no way to control its distribution.
VLayer (my project) scans healthcare codebases for HIPAA compliance issues before they reach production. One thing I learned building it: developers rarely think about encryption until it's too late. Tools like VeraCrypt solve the "data at rest" problem, but the bigger issue in healthcare software is unencrypted data in logs and API responses — stuff that's much harder to audit manually.
>More regulation won't help here, because the regulation-maker is itself the hostile party.
It's easy to paint the big gov as bad, but this is a case where unfortunately the populace seems to be in agreement with the big bad gov. While most US citizens support encryption, 76% or so, the vast majority 63% also favor government "backdoor" access for national security reasons.
I guess either we believe in democracy or we don't. It could be said that if Veracrypt isn't/can't be backdoor'd, perhaps the gov is simply implementing the will of the people :( via Microsoft.
Does the majority of the population even have a self-formed opinion on this or are they just parroting what the media tells them (which in many "democratic" countries is directly or indirectly controlled by the government, i.e. propaganda).
WASHINGTON, DC—Assuming that there must be a good reason for the order, U.S. citizens lined up at elementary schools and community centers across the nation Monday for government-mandated fingerprinting. “I’m not exactly sure what this is all about,” said Ft. Smith, AR, resident Meredith Lovell while waiting in line. “But given all the crazy stuff that’s going on these days, I’m sure the government has a very good reason.” Said Amos Hawkins, a Rockford, IL, delivery driver: “I guess this is another thing they have to do to ensure our freedom.”
What does democracy have to do with electronic encryption? Democracy existed before computers.
There are legitimate reasons for governments to intercept information, with the correct oversight -- enforced legally in an "checks and balances" manner. The fact that there is a breakdown of trust between government and people won't be solved with more encryption.
A core tenet of Truecrypt + Veracrypt (developer guarantee) has always been no backdoors, even if requested by government.
If in a democratic society, the majority agrees that government should have backdoors (with the correct oversight). Then it follows that Veracrypt should be illegal as its use is not in alignment with the will of the majority.
I personally don't agree with the majority here but can you fault the logic?
Most forms of democracy do not have a direct correspondence between "the will of the people" and the actual policies enacted. As another poster mentioned, tyranny of the majority is a thing, and robust democracies have evolved institutions to deal with it. Otherwise there's nothing stopping the majority from periodically voting the minority off the island, Survivor style, until only a single dictator remains.
In the U.S. in particular, there's strong respect for individual rights enshrined in the Constitution, and a key role of the judicial branch is ensuring that those rights are respected regardless of what the majority thinks. The majority cannot enslave the minority, for example, regardless of what the legislature votes. Nor can it deprive it of speech or free assembly, or guns, or a right to trial by jury.
I'd be very wary about such specific surveys, because they're often very much not conducted in a scientifically responsible manner, and based on actual studies across the spectrum of political issues there's basically no alignment between public opinion/preferences and actual policymaking in the US.
Could this be the one exceptional case where people agree with the direction of policymaking? Sure. Is that likely? No, not really.
Technofeudalism is what happens when grossly under-regulated anarcho-capitalism dominates rather than sustainable, more ordinary capitalism where government regulation is the supreme, minimized biased arbiter that keeps things fairer and sensible for the benefit of the many rather than the benefit of the few.
"In addition to the information referred to in paragraph 1, the controller shall, at the time when personal data are obtained, provide the data subject with the following further information necessary to ensure fair and transparent processing: the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject."
C‑634/21 is also somewhat relevant to understand how courts have applied ADM in general context of credit reporting https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A... though it didn't specify what information actually needs to provided for 13(2)(f).
I understand the sentiment, but.. do you realize how much more expensive that would make all these services?
I don’t know the number. But personally I think using the services and ‘simply’ only use them if the disappearance isn’t catastrophic and have the price be low or free while it works isn’t too bad a trade-off.
If this requirement was in place they would be a bit more careful about terminating accounts because the cost equation would incentivize it. Maybe they would be more careful in their automation or require more than one level of human review before cutting off access.
These companies are gatekeepers for their platform. It isn’t crazy to require them to act more responsibly.
I agree in that case but be wary with these kind of assessments. There are tons of regulations that are meant for big players but can also affect much smaller negatively.
For instance I don't think to this day it is possible to operate a Mastodon server and be compliant with GPDR and the UK online safety Act. There was the famous case of LFGSS forum about to shut down due to the former, the forum was kind of saved by a group of individuals willing to take the risk but the founder stepped down from fear of legal risks.
There hasn't been home raided and servers and personal computers seized yet but that doesn't mean it can't happen and technically any EU or UK volunteer hosting some forums or open source based social media that isn't GPDR or online safety act compliant could be at risk. For most I believe it is not that they don't want to be compliant but they aren't aware of that and/or don't have the technical means without further development on the software they are using and despite them not abiding to their own user rights, most of their users would be more sad to see them shutdown than the current status of not obeying the law.
Even if they somehow were so expensive, that it would no longer scale to their size, that is still not our problem and if anything, a sign that either they need to improve their systems, or simply cannot be as big as they are. Shit happens, scale down, I won't cry for them.
Honestly, it's not our problem. Once a service becomes so vital it cannot be terminated without any meaningful process. My meta developer account is suspended and none of my appeals are responded to . Who can I talk to? Nobody. It's wrong.
> I understand the sentiment, but.. do you realize how much more expensive that would make all these services?
It wouldn't. For example, before Gmail, email was often free or nearly free (bundled with your internet service), but in most cases, you could talk to a human if you had issues with the service.
What we couldn't do is turn these business models into planetary-scale behemoths that rake in hundreds of billions of dollars in revenue. In essence, you couldn't have Google or Facebook with good customer support. I'm not here to argue that Google or Facebook are a net negative, but the trade-offs here are different from what you describe.
I don't think they would be so much more expensive but they would be less profitable for sure and perhaps less "innovative" as a big chunk of the profit will go into regulation stuff.
These services are designed such that security sort of depends on reviewing the programs that are allowed to run. Microsoft, Google and Apple all do this. It adds expense, annoyance, limitations, and really very little security.
The contrasting approach, where one designs a platform that remains secure even if the owner is allowed to run whatever software they like, may be more complex but is overall much better. There aren’t many personal-use systems like this, but systems like AWS take this approach and generally do quite well with it.
> The contrasting approach, where one designs a platform that remains secure even if the owner is allowed to run whatever software they like
There's a lot that one can gripe about Amazon as a company about, but credit where credit is due -- their inversion of responsibility is game-changing.
You see this around the company, back to their "Accept returns without question" days of mail order.
Most critically, this inversion turns customer experience problems (it's the customer's problem) into Amazon problems.
Which turns fixing them into Amazon's responsibility.
Want return rates to go down because the blanket approval is costing the company too much money? Amazon should fix that problem.
Too often companies (coughGoogleMicrosoftMetacough) set up feedback loops where the company is insulated from customer pain... and then everyone is surprised when the company doesn't allocate resources to fix the underlying issue.
If false positive account bans were required to be remediated manually by the same team who owned automated banning, we'd likely see different corporate response.
They should probably be regulated as utilities and broken up into smaller companies, so that it's easier for people to migrate to alternatives when one company does something bad.
I've gotten business verification for Microsoft before. The kind you need in order to get certain oauth scopes for their O365 platform.
Do not discount complete, total, utter, profound fucking incompetence as the driving reason behind this.
Getting the business verification was an astounding shitshow. With a registered C corp and everything, massively unclear instructions, UI nestled in a partner site with tons of dead ends. And then even after all the docs, it took another week because -- in an action that nobody could possibly have ever foreseen -- we had two different microsoft accounts due to a cofounder buying ONE LICENSE of O365 for excel and doing domain verification because it suggested it.
It always weird to see how dichotomy of some people saying AI will never be profitable and are doomed to fail and others saying that they are such a essential public service that they are a utility and should be subject to government regulation. Hopefully they are not the same group of people, but I suspect there is a greater overlap that one would expect.
I'm not one of those people but want to point out that there isn't much of a contradiction there. I don't know if hospitals, universities, train tracks, roads, and libraries technically speaking count as utilities but they overall don't seem to be profitable and at the same time are extremely desirable for a society and an economy to have. AI could turn out to be of the same sort.
True, however, that has been the case for quite a while. This particular incident doesn't change that, except for the VeraCrypt developer, who is in a crappy situation now (not just regarding VeraCrypt, he mentions he was using the certificate for his main job as well, so this sucks a lot for him).
So far I haven't had much concrete reason for my family to switch away from Windows. The updates maybe, needing to pay for a new license and the UI changes are like pulling the chair out from under them, especially as they get older (Windows 7 was hard for my grandma, thankfully they left 10 mostly alone but 11 is quite different again so she's currently staying on 10 — not that her hardware supports 11 anyway but that's fixable), but it's either learning the new Windows UI, let's say ten storypoints of newness, or learning some Linux desktop environment, even if it's Mint which is similar to 7/XP it's not quite the same either and probably like 15 storypoints at minimum, even if then you're done for much longer
But if OSes are being locked down and software has trouble distributing security updates through official repositories for Windows... that's a good reason to finally make the switch. Same as why my family is on Android: I can install f-droid, disable the google store, and don't have to worry about them installing malware / spyware / adware
There's different degrees of openness. Android till 2026 was an acceptable compromise (let's see how it goed forwards). Windows is also on the decline with their account policy, not sure about this certificate revocation thing (thankfully haven't had to deal with it yet; I'm not a user myself) but it sounds like they're moving to a walled garden also
When the degree changes and gets even less open, yeah you can say "well of course, they were never truly open, they're commercial" but it's still a change and might lead people to alter their choices
You'll find that people that are not computer experts will take to modern Linux with much more ease than those that have complex needs, which for 90% of the people these days means that access to the Web satisfies all their needs.
Moving from Windows 7 to 11 will probably be as traumatic as moving from Windows 11 to KDE, so it's an investment worth doing in my opinion.
That's my expectation, but I've got a father who forces Microsoft products upon everyone for the reason that they're paid and industry standard and thus must be good (no, there is no argument possible; yes, it's worth the money even if mom touches spreadsheets less than once a year). I have the greatest trouble getting Libreoffice and Thunderbird to be a thing (since I can actually support that over the phone); Linux will be a whole 'nother challenge. He's quite full of himself and people eat it up, and free stuff that nerds use is definitely not on his prestige list
One day for sure though. They're slowly all getting old and asking more of me. Maybe when the current hardware generation needs replacing I'll give it a stab. Indeed, they need very little beyond a browser, Thunderbird (just because they're used to a local email client), a PDF reader (Evince/PdfJS have way fewer buttons and clutter and pop-ups than the Adobe crap), and some WYSIWYG editor compatible with the old doc(x) format (like Libreoffice). The time where local stores shipped photo-album-designer software are probably long gone, though I should double check beforehand
While I agree entirely that Linux in 2026 has never been more usable… how much actual work is being put into Office and 365 tooling native on Linux?
Like none. Literally the best office you MIGHT KIND OF be able to run in 2016, but probably more like 2013.
Valve focused on games, that is awesome and really helpful…
But there are 10,000 distros and instead of putting real resources to put even rickety bridges over MS’s moat, no sorry, this team is making duplication-of-effort distro 10,001 which is now identical to thousands of others but the taskbar is in the middle of screen.
The people working on Linux are consistently uninterested in then things people would need to drop windows.
I think business are going to be forced to change their thinking on this. Im not interesting in emulating windows progs in wine. I switched to Thunderbird a long time ago and other programs that give me the features I need with-out sacrificing my freedom.
Except compulsory age verification in Linux is now becoming a real threat. Some Linux distros are actively against this but many are not seemingly interested in fighting it: CachyOS, Ubuntu, Fedora and others.
Age Verification is the thin end of a much bigger wedge in "open" OS's
I really believe most "open source" big projects have been compromised long ago. We have saw all those "Foundations" taking them over with all their governance, bureaucracy and goal which do not make any sense at the first look.
One example is Fedora, which is part of "The Digital Public Goods Alliance" [0], "a multi-stakeholder initiative that accelerates the attainment of the Sustainable Development Goals by facilitating the discovery, development, use of, and investment in digital public goods."
The Digital Public Goods Alliance has about every governments as member plus all the usual suspects: Gate Foundation and co.
All the leaderships have usually no background or experience in open source or even computers but are just magically placed there. But you can't say anything because they are mostly women.
You read the goals and roadmaps of those foundations and find out it has nothing to do with software or open source. It is basically there to control those projects and then have them implement all the age verification, digital id, etc.
So yes this is not a surprise all those projects are now all in absurd features such as age verification.
Yes, all the code of conducts pushed onto open source projects, often by outside actors or novice contributors backed by a mob, has been mostly about replacing people who care about the projects with people who care more about following rules and will do what they will be told.
the current law requires no verification at all simple attestation, you could put in _any_ age. it also does not effect linux distros as a whole, only distros in jurisdictions with the laws.
Sure, for now... I simply don't believe it will stop at "simple attestation", because we all know that simple attestation is practically useless, but once the various distros accept this "trivial" inconvenience, "Age verification 2" with harsher requirements will soon be on the way.
I would be ecstatic to be proved wrong on this, but experience tells me that is not likely to happen.
We all know it's not about age, it's about user identity. As above, it's clearly a wedge so it's not rhetorical to observe more invasive and controlling features are coming.
I wouldn't be surprised if it is being done to help microslop and AI companies lock in their profit margins.
Right now, if a handful of tech companies crater they'll take the whole world's financial systems out with them, so the government could easily be made complicit in any scheme they can conceive of to bolster their finances.
Simple attestation is very useful for the case where a parent gives a child access to a computer and wants that computer to block porn. That's the use case everyone is clamoring for, and asking the root user "how old is this user?" solves it in a simple, open, privacy-preserving way. Everybody wins, except the teenager who wants to watch porn. If this were not legally mandated, everyone would support it as a useful feature, but since it is legally mandated, we have to get angry about it.
This has got very little to do with children - that is just the excuse that sounds good. "Think of the children" is a rhetorical tactic that anyone who wants to get unfettered access to your data rolls out whenever they can. It is a tactic that unreasonable people use to influence reasonable people, because it is so difficult for a reasonable person to argue against without coming across as uncaring and/or bigoted.
If it was an excuse to get your data there would be some data-getting involved. It may be hard for you to believe, but lots of people really do want parental controls that actually work and are bound by the force of law.
This is likely the first step, and in itself is not much of a concern but only if it stops there, which it almost certainly will not. The next step, where the government argue that simple attestation is not secure enough to protect the children, and now we need to show a government ID is when the true damage starts.
This is a little like the joke: "Madam, would you sleep with me for 1 million dollars?", to which she replies "I would". "Madam, would you sleep with me for 1 dollar?", to which she replies, "Sir, what sort of woman do you think I am?" To which he replies "We have already established what sort of woman you are, now we are just trying to establish your price!"
By agreeing to this initial Age Verification, companies are establishing that they are willing to implement checks on age for their users, now we will see just how much more they are willing to do - all to protect the children of course.
Yes that may be true, but parents are being misguided by efforts that are trying to control aspects of data.
If you, as a parent, make yourself open to this attack, you will find that you are making us less free of a society by expecting others to parent for you.
If you oppose minimal, sensible parental controls, you open the door to whatever someone can jam down our throats that also happens to implement parental controls as a side effect.
If you oppose the law to force liquor stores to deny service to minors, but people are still upset about minors getting alcohol, you have no right to be surprised when the next proposal is to ban alcohol for everyone, and you have no right to be surprised if it passes.
Worse, they are making society less free for their children - the parents themselves will be either dead or too old to care by the time the consequences are in full swing.
If you think you are anyone can stop motivated teenagers from watching porn then I have a bridge to sell you. That is such an absurd goal that you really should be asking what the real motivations for this are.
If you think you are anyone can stop motivated teenagers from getting alcohol then I have a bridge to sell you. That is such an absurd goal that you really should be asking what the real motivations for [forcing liquor stores not to serve minors] are.
Literally the entire purpose of the law California passed, which Linux is responding to, is to preempt such laws: If someone says "we need identity verification because think of the kids looking at porn", it's now trivial to say "we already solved that problem, without deanonymizing everyone on the internet".
LoL.
Jesting aside, OpenHub lists Linus Torvalds as having made 46,338 commits. 45,178 for Linux, 1,118 for Git. His most recent commit was 17 days ago. [1]
That is a far cry from a vibe-coder, no? :-)
Bit unfair to call his leadership vibe-coding, methinks.
[1] https://openhub.net/accounts/9897
reply