• On device enforcement of age verification?

    From David@wibble@btinternet.com to uk.comp.homebuilt on Tue Jun 16 13:09:40 2026
    From Newsgroup: uk.comp.homebuilt

    I was wondering how they expected to do this.

    Are they assuming that all access to social media will be via a mobile
    phone or tablet?

    I can't see on device enforcement working for a PC.
    Even if Apple and Microsoft cave, there are older versions of Windows and
    a whole raft of Linux distributions.

    Perhaps I should hang onto my stock of non W10 compatible devices to
    install Linux (or other Unix-a-like) to rent out to mid-teens to stay connected.

    Cheers



    Dave R
    --
    AMD FX-6300 in GA-990X-Gaming SLI-CF running Windows 10 x64

    --
    This email has been checked for viruses by Avast antivirus software. www.avast.com
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Theo@theom+news@chiark.greenend.org.uk to uk.comp.homebuilt on Tue Jun 16 14:56:26 2026
    From Newsgroup: uk.comp.homebuilt

    David <wibble@btinternet.com> wrote:
    I was wondering how they expected to do this.

    Are they assuming that all access to social media will be via a mobile
    phone or tablet?

    I can't see on device enforcement working for a PC.
    Even if Apple and Microsoft cave, there are older versions of Windows and
    a whole raft of Linux distributions.

    Perhaps I should hang onto my stock of non W10 compatible devices to
    install Linux (or other Unix-a-like) to rent out to mid-teens to stay connected.

    For the NY or California laws, it's about the user having an OS level
    age flag[*]. That's set up when the user account is created, eg by the administrator or the parent who does the first setup. Then apps (and presumably web apps via a web API) can query the flag as to whether the user
    is of age and decide whether to enable certain risky features.

    That means you can give a phone or laptop to a child and 'adult' apps won't work. Presumably they can't trivially reset the flag without the
    administrator password, which they'd have to ask the parent for.

    On PCs you could always reformat the PC and install OpenBSD, but the parent might notice. Parents could also enroll the PC in MDM to prevent a factory reset if they wanted.

    Some Linux/BSD distros are/have implemented such a feature: https://github.com/BryanLunduke/DoesItAgeVerify


    [*] not sure the specifics, but I assume it would only report coarse-grained outputs, like 'under 13', '13-16', '16-18', '18+' rather than the actual birthday. That's how Midnight BSD does it: https://github.com/MidnightBSD/src/blob/master/usr.sbin/aged/aged.8#L114
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Chris@ithinkiam@gmail.com to uk.comp.homebuilt on Tue Jun 16 14:29:00 2026
    From Newsgroup: uk.comp.homebuilt

    David <wibble@btinternet.com> wrote:
    I was wondering how they expected to do this.

    Are they assuming that all access to social media will be via a mobile
    phone or tablet?

    I can't see on device enforcement working for a PC.
    Even if Apple and Microsoft cave, there are older versions of Windows and
    a whole raft of Linux distributions.

    Perhaps I should hang onto my stock of non W10 compatible devices to
    install Linux (or other Unix-a-like) to rent out to mid-teens to stay connected.

    I believe this is to counter some of the gaps in the Australian system. Although many child accounts on social media were shut down, about 70% of children are still accessing SM.

    Having one source of truth (i.e. the device) should be more effective.

    Yes, it'll work far less with (Widows) PCs, but then you don't see kids on
    the bus carrying their Dells ;)

    The downside is that we will *all* have to do this to prove we are not children.
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From s|b@me@privacy.invalid to uk.comp.homebuilt on Tue Jun 16 17:03:05 2026
    From Newsgroup: uk.comp.homebuilt

    On Tue, 16 Jun 2026 14:29:00 -0000 (UTC), Chris wrote:

    I believe this is to counter some of the gaps in the Australian system. Although many child accounts on social media were shut down, about 70% of children are still accessing SM.

    I was never about the children...
    --
    s|b
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Richard Kettlewell@invalid@invalid.invalid to uk.comp.homebuilt on Tue Jun 16 17:27:34 2026
    From Newsgroup: uk.comp.homebuilt

    David <wibble@btinternet.com> writes:
    I was wondering how they expected to do this.

    Are they assuming that all access to social media will be via a mobile
    phone or tablet?

    I can't see on device enforcement working for a PC.
    Even if Apple and Microsoft cave, there are older versions of Windows and
    a whole raft of Linux distributions.

    If the device canrCOt/wonrCOt provide sufficient information there are
    plenty of fallbacks to establish a lower bound on age.

    Most obviously, age can be recovered from identity, and tools for
    confirming identity online are well-established and already heavily used
    by the financial sector and government.

    There are also indirect approaches, e.g. being able to authorize a
    credit card transaction.


    Personally I think social media should be restricted to people with
    basic critical thinking skills, rather than purely on age.
    --
    https://www.greenend.org.uk/rjk/
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Ian@${send-direct-email-to-news1021-at-jusme-dot-com-if-you-must}@jusme.com to uk.comp.homebuilt on Tue Jun 16 16:58:03 2026
    From Newsgroup: uk.comp.homebuilt

    On 2026-06-16, Theo <theom+news@chiark.greenend.org.uk> wrote:

    On PCs you could always reformat the PC and install OpenBSD

    Don't forget Microsoft controls the bootloader on all modern PCs[1].

    Not a huge step to these "apps" requiring a "secure" OS on a "secure"
    device. There's a reason a TPM is required for Windows 11, and it
    ain't for the users benefit...

    </tinfoilhat>


    [1] https://www.redhat.com/en/blog/expiration-secure-boot-signing-certificates-2026
    --
    Ian

    "Tamahome!!!" - "Miaka!!!"
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Richard Kettlewell@invalid@invalid.invalid to uk.comp.homebuilt on Tue Jun 16 22:48:11 2026
    From Newsgroup: uk.comp.homebuilt

    Ian
    <${send-direct-email-to-news1021-at-jusme-dot-com-if-you-must}@jusme.com> writes:
    On 2026-06-16, Theo <theom+news@chiark.greenend.org.uk> wrote:

    On PCs you could always reformat the PC and install OpenBSD

    Don't forget Microsoft controls the bootloader on all modern PCs[1].

    No. The thing they control is the signing key which modern PCs trust by default. But that does not represent full control of the boot loader by
    any means: you can disable secure boot, generally very easily (I have
    done it a number of times for pragmatic reasons, most recently this
    evening as a temporary measure).

    You can also install your own keys.
    --
    https://www.greenend.org.uk/rjk/
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Chris@ithinkiam@gmail.com to uk.comp.homebuilt on Tue Jun 16 23:31:50 2026
    From Newsgroup: uk.comp.homebuilt

    s|b <me@privacy.invalid> wrote:
    On Tue, 16 Jun 2026 14:29:00 -0000 (UTC), Chris wrote:

    I believe this is to counter some of the gaps in the Australian system.
    Although many child accounts on social media were shut down, about 70% of
    children are still accessing SM.

    I was never about the children...

    That's false. Don't fall for the techbro narrative.

    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Mike Scott@usenet.16@scottsonline.org.uk.invalid to uk.comp.homebuilt on Wed Jun 17 08:24:26 2026
    From Newsgroup: uk.comp.homebuilt

    On 16/06/2026 22:48, Richard Kettlewell wrote:
    you can disable secure boot, generally very easily

    Until the makers remove the 'disable secure boot' option, that is. Along
    with the ability to install new keys. ("key's expired guv? Just buy a
    new mobo").

    It makes me uncomfortable that MS seem to 'own' the secure keys to the
    world's PCs.
    --
    Mike Scott
    Harlow, England
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Richard Kettlewell@invalid@invalid.invalid to uk.comp.homebuilt on Wed Jun 17 08:44:56 2026
    From Newsgroup: uk.comp.homebuilt

    Mike Scott <usenet.16@scottsonline.org.uk.invalid> writes:
    On 16/06/2026 22:48, Richard Kettlewell wrote:
    you can disable secure boot, generally very easily

    Until the makers remove the 'disable secure boot' option, that
    is. Along with the ability to install new keys. ("key's expired guv?
    Just buy a new mobo").

    ThatrCOs purely speculative; itrCOs not happened in 15 years of secure boot
    on PCs. (Also it would violate MicrosoftrCOs Windows hardware
    compatibility requirements.)

    It makes me uncomfortable that MS seem to 'own' the secure keys to the world's PCs.

    IrCOd rather it was someone more independent too, but Microsoft have the technical capability to get it right and very strong incentives to do so (anything they sign impacts the entire Windows customer base).
    --
    https://www.greenend.org.uk/rjk/
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Gordon@Gordon@leaf.net.nz to uk.comp.homebuilt on Wed Jun 17 08:11:21 2026
    From Newsgroup: uk.comp.homebuilt

    On 2026-06-16, Richard Kettlewell <invalid@invalid.invalid> wrote:
    David <wibble@btinternet.com> writes:
    I was wondering how they expected to do this.

    Are they assuming that all access to social media will be via a mobile
    phone or tablet?

    I can't see on device enforcement working for a PC.
    Even if Apple and Microsoft cave, there are older versions of Windows and >> a whole raft of Linux distributions.

    If the device canrCOt/wonrCOt provide sufficient information there are
    plenty of fallbacks to establish a lower bound on age.

    Most obviously, age can be recovered from identity, and tools for
    confirming identity online are well-established and already heavily used
    by the financial sector and government.

    There are also indirect approaches, e.g. being able to authorize a
    credit card transaction.


    Personally I think social media should be restricted to people with
    basic critical thinking skills, rather than purely on age.

    That would be very useful.
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From s|b@me@privacy.invalid to uk.comp.homebuilt on Wed Jun 17 15:48:21 2026
    From Newsgroup: uk.comp.homebuilt

    On Tue, 16 Jun 2026 23:31:50 -0000 (UTC), Chris wrote:

    s|b <me@privacy.invalid> wrote:
    On Tue, 16 Jun 2026 14:29:00 -0000 (UTC), Chris wrote:

    I believe this is to counter some of the gaps in the Australian system.
    Although many child accounts on social media were shut down, about 70% of >> children are still accessing SM.

    I was never about the children...

    That's false. Don't fall for the techbro narrative.

    Don't tell me you believe it was all about the children?
    --
    s|b
    --- Synchronet 3.22a-Linux NewsLink 1.2