Aged and agectl are just the first steps towards censorship and surveillance.

[daffy1234]

I understand the impulse of wanting to stay compliant under governments that demand certain things from certain people, but we must remain critical of authority, especially when such authority is threatening the safety of others. It has become commonplace on various platforms to demand age verification. This, on the surface, makes sense. We don't want kids viewing adult content, but we haven't stopped to think of the collateral damage that can be caused by blanket age checks at the OS level.

The US government is currently targeting LGBT people, particularly trans people. The US government is now considering making trans-related content considered "mature" under the FCC rules. What happens when gender-questioning kids with unsupportive parents wish to research their thoughts? If these laws pass, MidnightBSD has already created the infrastructure to block them from accessing these materials.

What if they wish to browse these securely using Tor browser or something similar? Shall we mark Tor browser 18+ as well? It sure has access to a lot of adult material.

These age restrictions are not in furtherance of protecting people, but rather suppressing people. It is infrastructure designed to control, not to protect. So I ask. Why has MidnightBSD decided to implement aged? Does it help the users? No, not in any way I can see. The only entities I can see it being helpful towards are the governments who are enacting these laws. The timeliness of the implementation as well is very suspect. It was not in response to users asking for this new infrastructure, it was a direct response to government action. Not even court order, not being directly demanded. Just simple compliance.

And to go further, what happens next? You say there are no ID verifications, that's good, but for how long? Will you comply as well when those are mandated? How can I trust you anymore, when you've shown that your priorities are compliance over safety?

[laffer1]

We are looking at this as a parental control feature. aged can be turned off or put into a mode where it returns -2 for everything which means it's turned off. There are 2 different ways to disable it! Further, the latest version in current allows you to set a jurisdiction. If you pick one that isn't known to us to require this, it's disabled (returns -2). It can be turned on for other jurisdictions with a parental setting but it's not required to be enabled everywhere.

If a user is in California and they decide to disable this, they would be out of compliance and subject to fines there. That's a user choice.

Adding parental controls is a feature, and it's reasonable. The government mandating it is not reasonable.

ID checks are coming in several jurisdictions. It's only a matter of time. The practical matter is that we cannot comply with ID checks even if we wanted to . The services are expensive. We don't charge users anything to use MidnightBSD. With ID checks, we'd have to charge activation fees, and we'd have to have enough volume in those to pay the monthly base fee for offering it. It's not financially viable to do.

I don't support ID checks because it's a huge privacy invasion. Providing an age range isn't nearly as bad as an ID check. It's still PII and we do take that seriously. That's why we offer the ability to turn off the daemon to begin with, and why it runs as a non-root user with isolated access.

The only solution to this problem is to get people to write their representatives to fight the laws, not get upset at projects trying to follow laws. Not doing it isn't going to make it go away. That's the illusion that some content creators have put out on YouTube. It's not true. They don't care about me or you or Linux or *BSD. Microsoft and Apple are on board. That's all they need. Apple has already done the work to make this happen. Microsoft has too. IBM is working on it for Red Hat.

What pushed me into working on this was the thought that users would be unable to access any websites in California or other states because we didn't have the signal at all. I didn't want everyone to be treated like a 4 year old online. If users want to be 4 online, they can turn off the daemon. (some jurisdictions range down to 4, others 9 or 13)

I think parents should be making decisions about what their kids consume online, not the federal or state government. I've now offered a mechanism for them to do some filtering if they choose to. They don't have to use it.

There are many scenarios where kids in bad household situations may get blocked from content. That can happen with DNS filters now. Most don't know how to circumvent them. That's stuff to write your representatives about and vote for people who won't support it. (both parties in the US seem to love this)