TechPulseTechPulse
Back to News
Advertisement
Advertisement

⚡ Community Insights

Discussion Sentiment

42% Positive

Analyzed from 1229 words in the discussion.

Trending Topics

#open#age#more#source#application#user#doesn#https#verification#trust

Discussion (66 Comments)Read Original on HackerNews

floxy•about 16 hours ago
(5)(a) "COVERED APPLICATION" MEANS A CONSUMER SOFTWARE APPLICATION THAT IS ACCESSED THROUGH A COVERED APPLICATION STORE AND THAT MAY BE RUN OR DIRECTED BY A USER ON A DEVICE.

(b) "COVERED APPLICATION" DOES NOT INCLUDE:

(I) A SOFTWARE APPLICATION THAT DOES NOT PROCESS USERS' PERSONAL DATA; OR

(II) AN APPLICATION FROM A FREE, PUBLICLY AVAILABLE CODE REPOSITORY.

vegadw•about 15 hours ago
That wording could be interesting, because it's ambiguous if free is applicable to the repository or the project. Presumably, the latter. This means you could absolutely do source-open but not open-source and still get around it.
fc417fc802•about 14 hours ago
Well it says code repository not artifact repository. But it doesn't prohibit obfuscation or transpilation and more generally doesn't appear to specify anything beyond "free and publicly available". I really get the feeling that the people who wrote the law don't have a clear idea of what they're trying to say here and that any court decision is going to be a roll of the dice.
HDBaseT•about 13 hours ago
Boiling frog strikes again.

"It's only for porn sites" to "its only for social media" to "its doesn't include open source projects" to "its only when you need an internet connection".

zx8080•about 11 hours ago
It took almost 30 years for politicians to close down the openness of the internet. Not too bad.
Muromec•about 12 hours ago
That's how politics works actually. Something has to be done but also not upset X, Y, Z because they will be loud. It's quite okay situation when it happens I think.
NewJazz•about 12 hours ago
Yeah. I think a lot of us just look at computers and operating systems differently than these legislators. But we need to more effectively communicate our needs and side effects of their policies. And elect younger folk sheesh.
hungryhobbit•about 14 hours ago
I foresee a wave of new porn-related open source applications in Colorado's future.
anigbrowl•about 9 hours ago
I'm actually OK if websites trend toward being endpoints and there's competition for frontends. The unification of the two by site owners has been a net negative for the internet.
fc417fc802•about 14 hours ago
So a FOSS app running a device local diffusion model specifically for porn would be free of age checks. From a technical perspective that's not all that different from, say, an ansible playbook or bash script or whatever to download a model from HF and configure a local inference stack yet I feel like it must be an unintended loophole.
jwitthuhn•about 10 hours ago
It is very fortunate for us that the authors were kind enough to demonstrate this has nothing to do with safety by adding this exemption.
doginasuit•about 13 hours ago
As someone working on an open source project in CO, this is a welcome fit of common sense. How do these laws typically work in other jurisdictions, do they block non-conforming sites? Or does it open you up to lawsuits?

Edit: It looks like these laws will be enforced by app stores primarily, because they have more significant liability. I'm guessing they won't take the effort to provide exemptions to jurisdictions with the open source carveout unless it is common.

mlinksva•about 13 hours ago
Good development, along with the most recent changes to https://leginfo.legislature.ca.gov/faces/billTextClient.xhtm...

A colleague is hosting a virtual session on these and other similar bills around the world in two days https://maintainermonth.github.com/schedule/2026-05-22-age-a...

Or, now slightly out of date, read https://github.blog/news-insights/policy-news-and-insights/w... Added: I had not scrolled far enough on the front page, https://news.ycombinator.com/item?id=48214215 is on this blog.

denimnerd42•about 14 hours ago
hopefully if each state starts crafting dumb laws like this they all get banned via commerce clause due to infeasibility of compliance
tzs•about 8 hours ago
This one is trivial to comply with.

You have to add a couple fields or so to whatever gathers user info at account creation time. Personally I would find that non-trivial because nowadays those are usually GUIs and I haven't done any GUI stuff in ages. People who current write GUI apps for current OSes would have no problem.

Then you need to use that data in a way that lets you provide an API for apps to check the age bracket of the current user.

That part is easy, although some people will no doubt make it way more complicated than it needs to be (probably making it part of systemd or something ridiculous like that).

What I would do is create a file in some standardized location for each age bracket. These files would be protect so that ordinary users cannot open them for reading. When an account is set up, an access control list entry would be added to the appropriate files that allows that user to open the file for reading.

The API for apps to check if the user is in an age range they allow is to simply use the normal file access API to try to open the age bracket files corresponding to the age ranges they are checking for.

declan_roberts•about 11 hours ago
This TOTALLY ORGANIC movement to suddenly please think about the children with required age verification in software makes me sick.

Whoever is behind this needs to be exposed, tarred, and feathered.

tomhow•about 5 hours ago
Please don't fulminate or use all-caps on HN. The guidelines make it clear we're trying for something better here. https://news.ycombinator.com/newsguidelines.html
CamperBob2•about 11 hours ago
It's pretty well understood to be Meta, isn't it?
nl•about 10 hours ago
Not as simple as that.

Meta's well know campaign was actually to make the app stores (and maybe OSes) responsible for age verification, not apps.

Google and Apple campaigned to make apps responsible for it.

inetknght•about 10 hours ago
Meta and the spooks, yeah
NotPractical•about 10 hours ago
Does anyone have a citation for this that wasn't written by Claude? It wouldn't surprise me, but I refuse to look through AI slop to check the accuracy of the report.
Cider9986•about 10 hours ago
It was written by Claude, the question is if it's accurate.
userbinator•about 9 hours ago
Big Tech in general.
mtoner23•about 8 hours ago
The kids are very fucked up tho by the internet in our pockets. I'm Not sure that id on OS is the solution. But we should be trying something
DJBunnies•about 8 hours ago
Parenting problems require parenting solutions.
CJefferson•about 7 hours ago
There are so many things where we don’t do that. There are laws against giving children so many dangerous things, because you can’t watch them constantly outside the house, and honest I think unrestricted internet is worse for a child than alcohol. I’m not saying this is the right answer, but pretending it’s just a parental problem seems oversimplifying.
Cider9986•about 10 hours ago
Call it an Identity Verification Bill, or think of something even more negative. That is more accurate and doesn't sound as attractive.

Names matter. We saw ChatControl 1.0 get defeated, it probably didn't hurt that the name implied censorship.

tardedmeme•about 1 hour ago
But it doesn't verify your identity so why would you call it that? It just says an OS has to have the option to create a child user account.
jdgoesmarching•about 13 hours ago
I know this is attached to a stupid bill, but I really like the general idea of special carve outs for open source projects.
alwa•about 12 hours ago
It does seem kind of elegant, doesn’t it, in terms of aligning incentives?

Annoyed by the age gating, or feel it to be commercially burdensome? Open your source, and poof, no more mandate!

Just trying to build and maintain a cool thing, and share it with the world? Never mind the compliance burden.

afaawfawf•about 13 hours ago
Of course you do. And farmers like subsidies for corn. That's a general idea for them too. And of course you're going to say the public benefits from open source projects and the farmer will say starving no good. Middle class see, middle class do but think they no do.
polski-g•about 8 hours ago
This makes it even more unconstitutional. Privileging certain classes over others for compelled speech makes is way easier to strike down.
Advertisement
jmward01•about 10 hours ago
We have age verification for many things. The problem now is trust. There is, for obvious reasons, negative trust that this won't ultimately harm people. That it won't be used to harvest more data and invade our digital lives even more. That negative trust is there because we see a constant ability to gather even more information about us, and use it to produce real harm, but no hint at an entity actually fighting back to protect people. If anyone in any government is reading this, you do not gain my trust that big tech will not abuse my information by requiring big tech to collect more of my information, you just loose my trust in the government. Earn my trust back and then, maybe, in some distant future, we can talk about 'but who will think of the children' legislation like this.
vsgherzi•about 13 hours ago
Good, California too now
calvinmorrison•about 11 hours ago
will colorado be issuing arrest warrants for developers ?
Cider9986•about 10 hours ago
The DOJ already has been prosecuting developers of open source tools.

(https://www.therage.co/tag/tornado-cash/)

hunterpayne•about 13 hours ago
Contributing to an open source project is one of the very few things on the net that I actually would want id verification on.
giancarlostoro•about 13 hours ago
What for? That's kind of strange. Maybe if its a critical project, but for random projects that aren't like apache web server, nginx, or Linux Kernel, I don't care, heck I would argue if its a very very small change, and it has been scrutinized I don't care who it came from.
altairprime•about 13 hours ago
Raises the defensive bar for today-unaccountable slop and malware, at minimum.
edoceo•about 8 hours ago
Is there any push-back options?

I feel like age verification is important online - a copy of the real world. Check my ID before I go in the pub.

It feels like it's jumped all the way to positive-ID. Not just "of age" but become you are "First Last".

It's possible (right?) to assert age and is-human attributes w/o knowing which specific human at what specific age I am online?