Skip to content
DevMeme
7092 of 7435
California Law Demands Age Verification in All OSes, Including Linux
OperatingSystems Post #7776, on Mar 1, 2026 in TG

California Law Demands Age Verification in All OSes, Including Linux

Why is this OperatingSystems meme funny?

Level 1: Carding the Sandbox

Imagine a new town rule that says every sandcastle must check the builder's ID before being built. Sandcastles made by companies with offices in town? Fine, they'll hire an ID-checker. But most sandcastles are built by anyone, anywhere, with free sand from a communal pile — some are even built by robots that make thousands of castles a minute. Who checks the robot's ID? The picture shows a politician proudly announcing this rule while everyone who's ever touched sand laughs, because the rule imagines a guard at a gate... for a beach that has no gate, no fence, and mostly no people.

Level 2: Why Devs Are Laughing

  • Linux isn't one product. It's an open-source kernel that anyone can package into a distro (Ubuntu, Debian, Arch, Alpine...). Nobody "owns" it the way Microsoft owns Windows, so there's no single party a law can compel.
  • Account setup on Linux is just a command (useradd/adduser) or a config file. Servers create accounts automatically with no human present — a cloud machine (like an AWS EC2 instance) can be born, create users, do its job, and be destroyed in minutes.
  • Age verification mandates usually target platforms (social media, adult sites). Extending it to operating systems means verifying the age of... whoever runs an installer? The 4,000 containers your CI spins up nightly?
  • Compliance burden: when laws don't match technical reality, companies implement symbolic checkboxes while actual enforcement is impossible — pure cost, zero protection.

The first time you boot a Linux server and realize there's no "sign-up" — just you, root, and a text file — is the moment this headline becomes funny forever.

Level 3: Compliance Theater Meets useradd

The screenshot is a verified PC Gamer tweet reporting, deadpan:

A new California law says all operating systems, including Linux, need to have some form of age verification at account setup

— over a link card of Governor Gavin Newsom, navy blazer, microphone in one hand, fist raised mid-gesture like he's personally about to enforce a PAM module. The comedy isn't manufactured; it's a real headline colliding with how computers actually work, and developers can hear the collision from orbit.

The core absurdity: Linux has no account setup authority. "An operating system" in legislative imagination is a product — Windows, with a Microsoft account funnel and an OOBE wizard a vendor can be ordered to modify. Linux is the opposite of that in every dimension that matters for enforcement. It's a kernel plus thousands of independently assembled distros, maintained by everyone from corporations to one Estonian volunteer, downloadable as an ISO with no vendor, no storefront, and no telemetry. "Account setup" is useradd alice — a one-line syscall wrapper any process with root can invoke, including a shell script, a Dockerfile, or cloud-init at instance boot. The channel author's caption lands the killing blow: "imagine age check for each new instance eg ec2 you spin up" — because in modern infrastructure, "accounts" are created programmatically millions of times a day by machines for machines. Is the autoscaler eighteen? Does a Kubernetes service account need a driver's license?

This is the recurring tragedy the meme taps: tech legislation written against a mental model fifteen years stale. Lawmakers regulate the artifact they can picture (a family PC at setup) and accidentally describe an unbounded set of things they can't (containers, VMs, embedded devices, your router, the seventeen Linux instances inside your car). Open source makes it worse for them: there's no legal entity to fine when the "vendor" of your OS is a Git repository and a mailing list. The realistic outcome — and every compliance engineer reading this already knows it — is not enforcement but selective theater: big commercial vendors bolt on a checkbox, the law is technically unenforceable against everyone else, and a thousand-comment orange-website thread argues about whether FROM ubuntu:24.04 now constitutes child endangerment.

The deeper irony: the gaming press covering it signals who actually feels the splash zone — age-verification laws aimed at content keep ricocheting into infrastructure, because legislators keep mistaking layers for products.

Description

A screenshot of a PC Gamer (@pcgamer) tweet on X.com with the headline: 'A new California law says all operating systems, including Linux, need to have some form of age verification at account setup'. The embedded link card from pcgamer.com shows California Governor Gavin Newsom in a navy blazer holding a microphone and gesturing with a raised fist, with the same headline overlaid at the bottom. The humor for developers lies in the regulatory absurdity of mandating age verification in Linux - a decentralized, open-source ecosystem with thousands of distros and no central 'account setup' authority - highlighting how legislators write tech laws without understanding how the tech works

Comments

63
Anonymous ★ Top Pick Can't wait for `sudo useradd --verify-age` - enforcement handled by an unmaintained PAM module compiled from an AUR package
  1. Anonymous ★ Top Pick

    Can't wait for `sudo useradd --verify-age` - enforcement handled by an unmaintained PAM module compiled from an AUR package

  2. @TheFloofyFloof 4mo

    It just requires either the birthdate or age to be set for an account along with an API to access the age range (not the age/birthdate)

  3. @TheFloofyFloof 4mo

    Wouldn't be difficult to add support even on headless systems, though I doubt it even applies there

  4. @deimossos 4mo

    Another instance of a politician, that doesn't know what he is talking about

    1. @TheFloofyFloof 4mo

      Did you ever read the proposed law?

      1. @deimossos 4mo

        Not yet

        1. @TheFloofyFloof 4mo

          https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=202520260AB1043

          1. @SamsonovAnton 4mo

            So, what is the purpose, and how are they going to verify the age?

            1. @TheFloofyFloof 4mo

              they aren't really verifying age, just providing a age signal that apps and sites are expected to trust

          2. @cacojo15 4mo

            I have been reading the law from your link. As I understand it, the law is way more reasonable that the text in the post suggests. The bill is titled "Age verification signal", but in the text they don't ask for formal verification. They ask to have a field when you setup your account on the OS where you can put either a birthdate or an age bracket. Then the OS should provide an API to query the age bracket of the user (under 13, 13-16, 16-18, 18 or more). App dev should query the info and provide/restrict feature according to that age bracket. The law asks that app don't forward that info to 3rd party.

            1. @TheFloofyFloof 4mo

              yup

            2. @kandiesky 4mo

              It doesn't matter that it looks more reasonable, it will not effectively be reasonable. Even the thought of that law is unreasonable and it's cost is absurd and retarded, like almost everything the government does

              1. @cacojo15 4mo

                What do you mean by "it will not effectively be reasonable" ? What I wanted to say by "more reasonable that the post suggest" is that when we have "some form of age verification" written, we think of ID verification or facial recognition. But the law just ask for self reported age, like on the Steam store page. So I think the post is at least deceptive, if not misinformation. I'm not for or against that law, I just don't like misinformation. Would you rather give your birthday date to telegram and every other platform that requires it to use their services ? Or enter it once on your OS and it would just tell the telegram app: "yes this user is above 18" ? As for the cost for app dev, its easier to program an API call to an OS than making the UI that ask for your age, then store it securely etc..., even if both are not hard to do.

                1. @kandiesky 4mo

                  I'd rather not provide any personal information, as it isn't necessary. Also, laws like these are a slippery slope. They start with something "simple and agreeable," and then later evolve into draconian measures of control - which is exactly what will happen in this case.

                  1. @cacojo15 4mo

                    Yes sure I also would prefer not to share anything, but private companies love to ask for data to use their free services, unless there is a law to prevent that like GDPR, it's their right. As for the slipery slope argument that a logical fallacy so I cannot really argue with that.

                    1. @kandiesky 4mo

                      Being a logical fallacy doesn't mean it's wrong, as it's been proven time and time again with these kind of laws. Also, the problem isn't private companies asking for data, it's the government. You're not obligated to give your data to private entities.

                      1. @tema3210 4mo

                        And between governments and privates - privates are smh more trustworthy to me.

            3. @death_by_oom 4mo

              The problem with these sorts of laws is they open the gate to add the actual verification in the future. There is parent control software you can install as a parent if you are worried about your children, you can set up website whitelisting for your children's accounts. Putting age restrictions in the domain of what the government does or in the domain of what the software devs are responsible for is a mistake. Look at the UK, that is the end of this path and it starts with these kinds of laws.

              1. @cacojo15 4mo

                I agree that it should be the parents responsibility to active parental control on devices. Then the dev should query that API and display content accordingly.

                1. @death_by_oom 4mo

                  Maybe they should, but the laws usually dictate what you must do. That is not the governments place to tell companies how they must implement age control, especially in terms of a blanket rule and not specifically in regards to nsfw content like gambling

            4. @afdanilkin 4mo

              But at the very least, why is this compulsory even in cases where there are no and maybe will not ever be any apps for the OS that are age-restricted and talk to the Internet? Like firmware for calculators, as I have seen people talking about

              1. @cacojo15 4mo

                As I understand it when I read it, the law only applies to OS with accounts. So it would not apply to OS that runs on embedded systems. As for OS with admin account, like for router, servers, etc... I don't know. This should have been better defined in the law in my opinion.

                1. @cacojo15 4mo

                  Of course there is no guarantees that an 8 year old won't encounter gore IRL, but is that possibility alone a reason to give up on preventing exposure through a display ? I remember being a bit disturbed by some killings in movies that were rated above my age when I was a kid already. I'm glad I did not find war footage or worse. But at the end of the day I would say, the reasons to prevent some contents are to try avoiding potential trauma or addictions that could affect kids way more than adults. Other stuff like: believes, ideology, etc.. are not restricted and I don't think this is seriously considered by lawmakers, at least not in EU/US. (you can maybe find some exception of course like everywhere).

                  1. @afdanilkin 4mo

                    This gives even more ways of power on a child and the legitimacy to use it to the IRL parents and can increase the risks of that

                    1. @cacojo15 4mo

                      Sorry, maybe I misunderstood, when you say "the legitimacy to use it to the IRL parents and can increase the risks of that", what is "it" and "that" in "the risks of that" ?

                      1. @afdanilkin 4mo

                        I wanted to say, this gives even more means of power on a child and the legitimacy to use this power to the IRL parents and can thus increase the risks of encounter gore IRL (as children are more isolated and deprived of rights and maintained in control by their parents in the country, that what such laws signify)

  5. @macabre133 4mo

    I'm sure root comes preverified

  6. @kobe_koto 4mo

    Can't wait to see Persona being integrated into Linux kernel

  7. @afdanilkin 4mo

    Why parents and government can classify people into four age groups to impose restrictions on access to information and communication, why is this fine at all?

    1. @azizhakberdiev 4mo

      Information isn't just an inanimate toy. A grown up with a strong stomach and broad worldview can probably take anything without much effort, but when you expose children they may develop trauma or erroneous beliefs

      1. @feedable 4mo

        and how does one develop a broad worldview?

        1. @azizhakberdiev 4mo

          live long enough to see the real world

          1. @afdanilkin 4mo

            How can you see the real world then, and not only a small part of it that surrounds you that can be arbitrarily horrible?

      2. @afdanilkin 4mo

        But that’s the point! Access to information available on the Internet and a possibility to talk to people online and collaborate with them can allow some children to discover more diversified ideas than that of their biggoted parents, develop a better worldview than one imposed by the dictatorship they live in, and to socialize and participate in shared activities with people when it is impossible to do so with ones comprising their violent surroundings

        1. @azizhakberdiev 4mo

          Do you even know what you are talking about? There are people who spread extremistic or suicidal ideas exatly to the children. It may affect only one or two at most through internet. But what happens after it does affect someone? The kid goes and shows it to his friend which also gets interested. Others become curious too, but later it may spread uncontrollably because of peer pressure

          1. @afdanilkin 4mo

            How is it possible that all the authority pressure of the society, parents, teachers, classmates, textbooks not be stronger in the peer ground than some craze some child read somewhere?

            1. @feedable 4mo

              because authority is not persuasive

      3. @evankh 4mo

        Access to free, uncensored information is a human right. Doesn't matter how old you are

        1. @death_by_oom 4mo

          No, it's not, wtf? Is it my human right to see your full uncensored medical history? There is absolutely information that is restricted for a good reason

          1. @tema3210 4mo

            Any human may know how to do anything - just because. Any argumentation against it is the same as "why do you need to decide for yourself? Just do as told" (knowledge is prerequisite to freedom, and censorship is already borderline on slavery)

            1. @death_by_oom 4mo

              Any human can know anything, that doesn't mean anyone should easily get any public info

              1. @tema3210 4mo

                No, it absolutely means. Or scrap info from public space if you don't want it accessible. But then info isn't public. Note: debate on what should be public info is separate

                1. @death_by_oom 4mo

                  Removing public info from the public domain is called censorship

                  1. @tema3210 4mo

                    Fair. Then absolutely don't allow leakages) afterall, pipe bomb recipes have leaked years ago, many drug syntheses also have. Take care of the private details such as crypto keys, passwords, sensitive document IDs, etc. Ppl already do this.

                    1. @death_by_oom 4mo

                      Sure, my original point is that there is no human basic right to uncensored information

                      1. @tema3210 4mo

                        But you literally cannot access uncensored information, if you can access it - it's by definition public. Like having a right doesn't imply having an ability. But reverse holds.

                        1. @death_by_oom 4mo

                          Having a human right to unrestricted uncensored information implies that censorship is against human rights, I am saying that it's not

                    2. @Daonifur 4mo

                      Even though they're incredibly easy to make. Just stick any explosive in a pipe and cap it, pipe bomb

        2. @azizhakberdiev 4mo

          kids are free to access that, nobody is gonna arrest them for watching some nsfw by accident It's just will not be flashing all over the screen if they accidentally search something similar

    2. @cacojo15 4mo

      That is a good question actually. I think there are thing that are more or less obvious to me like gambling or graphic/gore footage when you are 8 year old, but for the rest I would agree with you.

      1. @afdanilkin 4mo

        The thing is, in the society there are no effective guarantees that a 8 year olds (which are in almost complete control of their powerful parents) will not see this “gore” closer to them than on a device screen…

  8. @azizhakberdiev 4mo

    it implies telling them what to avoid exactly

  9. @feedable 4mo

    Well parents may actually just not notice

    1. @feedable 4mo

      that happens now and will happen in the future, and it's a cost that has to be beared

    2. @death_by_oom 4mo

      Well maybe it's better to focus on educating parents on how to better teach their children how to use the internet then invest in a fucking surveillance state?

      1. @feedable 4mo

        Of course it is, yes, there is a whole separate discussion about this in the actual chat

  10. @afdanilkin 4mo

    Is this sarcasm?

  11. @afdanilkin 4mo

    Ah, but in this last message I talked about IRL experiences too

  12. @afdanilkin 4mo

    The parents do not necessary have this know-how themselves

  13. @Daonifur 4mo

    Suddenly all people in California stopped using electronics

    1. @MilesTFox 2w

      When the grid collapses due to all the EVs, they will.

  14. @Dark_Lord_of_Debian 3mo

    Me (seeing age verification): January 1st, 1900 looks like a good year... Default age, here I come!

  15. Burak 2w

    Go back to Windows 3.1, without accounts...

Use J and K for navigation