<div class="header-image"></div> <table class="table-header"> <thead> <tr> <th colspan="2"></th> </tr> </thead> <tbody> <tr> <td>2026-04-06</td> <td style="text-align: right;"><a href="About.md" class="internal-link">About</a></td> </tr> </tbody> </table> # Age Verification, Digital ID, and WWW Alternatives  For the last month, open source tech news has been in tizzy over the news that several States in the US and different countries around the world are putting legislation in place that requires OS providers to require age verification of its users at the time of user account creation. And it's surprising to me the number of distributions whose official stance is to figure out the best way to actually implement these regulations. I should pause here and say that I do believe that something really should be done about minors viewing 18+ material online. And I will acknowledge that this does mean that somewhere along the line age verification is necessary. But I don't agree that it must be enforced at the OS level. There's no need for me to give any identifying information about myself if I avoid 18+ content. This needs to be enforced *only as needed*. These laws are all calling for age verification upon user creation on the OS itself, which removes all choice in the matter. Bryan Lunduke, the journalist who initially broke this story, is keeping a [running scorecard](https://github.com/BryanLunduke/DoesItAgeVerify), as it were, on the offical stance of age verification that has been made by different distributions. The list is surprisingly short. This whole episode has been a fairly stark reminder that the open source world is a very different one now than it was 10+ years ago. One of the shining examples of open source and collaborative development used to be the OpenOffice suite. Around 2010, Oracle purchased Sun Microsystems for $7.5 billion, and with it, OpenOffice. The Linux community had a lot of distrust for Oracle, as they had always prioritised profits over community collaboration. After the purchase, development for OpenOffice slowed to a halt, and in response, the community forked the project to create LibreOffice. The response to this, by *all* distributions that preinstalled OpenOffice, was to switch to LibreOffice. It was a universal decision that the project was too important to leave to a corporation like Oracle, who certainly wouldn't respect the freedoms to which Linux users had grown accustomed. The Linux and Open Source world of those days would *never* have accepted age verification in their operating system (I don't think Windows users would have either, tbh). Fast-forward to today, however, and the largest distros are falling over themselves in order to comply. This, I believe, is a result of the largest distros being run by corporations, as opposed to community developers. Ubuntu, Fedora, and PopOS are all seeking to comply with these mandates. Linux has become dangerously corporate. It's no longer an alternative to corporate interests. It *is* the corporate interest. Linux was once a playful subversity for nerds. It was a thumb of the nose to Microsoft. It said "We don't need you. We can do our own thing." And now, our own thing has turned into Red Hat, worth a billion dollars, serving its own interests rather than that of its users. And while still possible, it's difficult to leave the IBM/Red Hat microcosm. The kernel itself gets most of its funding from IBM. The Wayland project is plagued with toxic exclusionary politics to the point of rejecting submissions from very talented programmers, simply because they can't control how said programmers run their own community Discord. I'm speaking, of course, of Vaxry, the developer of Hyprland, who was unceremoniously kicked out of the OpenDesktop community simply because of how he chose to operate the Hyprland community Discord. OpenDesktop is where contributions to Wayland are made, and is run by Red Hat. To be clear: Hyprland has *nothing whatsoever* to do with Red Hat or IBM, and neither does the Hyprland Discord server. There was no danger at all that anyone would, for some reason, associate the two. They just wanted to control it. Once upon a time, when the Internet was filled primarily with anonymous nerds, there was the optimistic dream that the Internet was going to be the great equaliser. Because nobody knew who was saying what, or who was submitting what code, the thought was that it would eliminate all racism, sexism, and homophobia. All speech, code, art, etc., would be judged solely on its own merit, rather than the person writing it. Without knowing who was behind the words you were reading, the actual words were what was left. It didn't matter whether the writer was black, white, gay, whatever. You didn't even know. All that mattered was the content. And thus, the best written work, the best code, the greatest art, would rise to the top, regardless of the person behind the work. In those heady days, it wouldn't have mattered that Vaxry let his users talk about whatever they wanted. The OpenDesktop community and the Hyprland discord are two completely separate entities. It was *his own* community. He can run it however he likes. The sad part of all this is that it was in this relaxed atmosphere that Red Hat planted its roots. It was these sorts of communities that made Red Hat what it is today. It's sad that they've become the very controlling corporation that its founders were getting away from in the first place. And now this oppressive nature has permeated all through the Linux and Open Source world, to the point where it looks like the major Linux distros are all going to comply with this age verification nonsense. And to those who cannot see why this is a big deal, that you can just lie and make up a birthdate, I ask you: do you really think this is going to end here? Individual web sites used to ask for ages of its users long ago. A pop-up would appear asking if you were 18 or not. You had to click "yes" in order to get access to the site. This practice was eventually abandoned because it didn't do any good. Underage viewers could just click "yes" and get access like anyone else. I will say that instead of just giving up, there should have been some legislation put in place to put the onus on adult sites to actually verify age rather than just click a button, but that's another conversation. My point is, with requiring an age at the OS level, right now you can lie, just like in the old days. And the API that these laws are requiring would querry the birthdate at the request of individual web sites, app stores, etc., and allow access. But how is this any different from a popup asking if you're over 18? It isn't. This won't do anything. So why then is it being put into law? What sense does that make? It doesn't make any sense at all *unless it's going to be expanded upon in the future*. I believe this will, eventually, turn into a form of personal digital ID. And the way to force it on everyone will be to make it illegal to serve any online data to an OS without one. The open source spirit of the past would have been outraged at this. It would have vehemently rejected any foot in the door to allow this sort of thing. Now, as I pointed out above, there *are* some distros that are doing just this. To name a few: Omarchy, Slackware, Zorin, and Artix, among others, have all stated that they have no plans to comply with these new laws. One distro that isn't mentioned at all, however, is Arch. And honestly, it probably makes sense, and there never will be any official statement. And while systemd (Arch's default init) has [added a birthDate field into its JSON user records](https://github.com/systemd/systemd/pull/40954), simply adding a birthDate field doesn't actually do anything, other than to give the OS a place to store data. It's the distro itself that would have to actually collect it. So unless Arch adds age verification to the archinstall script (and/or some other method), the user will never have to actually enter any info there, and the birthDate field can just remain empty. But the fact that it's there at all will definitely leave a bad taste in people's mouths. Alternative install scripts will be created, and more people will probably go back to the old method of installing each component manually, and avoid anything that could be used to store identifying information. I have been looking at alternatives to the www itself. This will lead to a bit of a writeup later, but the one I've been looking at is IPFS, which seems to have a lower barrier to entry, and isn't TOR (I specifically wanted to avoid TOR because of its reputation, and the fact that its reputation is deserved, for the most part). I feel like age verification in everything will be inevitable, sooner or later. Content from different areas of the world will soon have to retrieve age attestation from the OS, and eventually that will change to digital ID. And an OS that doesn't have this ID available will simply be unable to retrieve data from the server. It will start small, but as more areas of the world start to get on board and adopt similar laws, pretty soon access to the Internet will be limited to those who are willing to share this digital ID with every site and service on the web. So learning to use a web alternative now seems to me to be a pretty good idea. One cool thing about IPFS is that parts of the web are mirrored to it. There are multiple snapshots of Wikipedia mirrored to IPFS, for example. I have some time to figure this stuff out; these laws haven't yet entered Canada, and even when they do, I'm sure I'll figure my way around it for a while at least. If I'm right, though, and an OS-embedded digital ID becomes a requirement to participate on the World Wide Web, an entirely new workflow will be required and I want to have my options ready.