Yeah.GoL is all about that blogspam. But the real question will be what next month’s stats are.

Ooooh. Cloudflare Pages definitely looks like what I want.

Thanks

For no apparent reason:

Are there any good alternatives for gh-pages dor a super lazy/simple website? I’ve been meaning to actually use one of my domains for a personal website and pointing at which project is on which code repo site would be a good idea. But… I need that page to be hosted by one of them.

And that is perfectly fine. But:

White meat is a real challenge. Tenderloins and wings (and back meat if you are a culture that eats it) are pretty easy to cook up. But breasts, especially modern breasts, are a huge challenge.

In large part because you don’t want grizzle or dangly bits. That is what you SHOULD be trimming off. But you do want fat pockets and connective tissue in the meat itself. That melts/renders and keeps the meat juicy while also soaking it with a LOT of flavor. In thighs those are the little specs of white fat/“skin” that are left over on top of the meat itself even if you take the skin off. Trim those and you remove much of the flavor.

But for breasts? Most of that is going to come from the skin itself. A skinless breast is one where you better damned well have a good sauce (preferably marinade) because “dry brining” only goes so far. But, unless you (spatchcock and) roast it, getting that to a safe temperature (which is nowhere near as high as you think it is but…) without drying out large chunks of it is really difficult. Which is why people tend to butterfly and pound it to even things out. Which… means you no longer have the skin to flavor it.

Cook a chicken properly and it is delicious. The issue is that people mostly eat nuggets (which are good but…) where it is just breading and a bland flavorless mass.

Or they trim it to death and then overcook it (an ex managed to dry out thighs…). Which, to be fair, is true of beef as well. A LOT of the ultra lean cuts are horrendous without excessive amounts of sauce and spices.

Been a minute, but I want to say it was Impossible where some friends and I realized it had that aspertaine/diet coke after taste. Beyond was okay though.

But yeah. Anyone who claims the meat substitutes are “better” either haven’t eaten meat in ages or never liked it to begin with. And vegetarian food needs to stop emulating meat and instead focus on its actual strengths (mostly sauce absorption).

Except for black bean burgers. Prepped right and I would totally consider those better than beef burgers (way better than turkey burgers).

I mean… if you take into account fair price of utilities (water and electric) and skyrocketing costs of RAM… I don’t fully disagree.

Ballparking, but 50% of an engineer’s job being “boilerplate” and “charlie work” sounds reasonable to me. Maybe even 75%. That IS what generative AI is really good at. It is the kind of work that you can have a particularly ambitious student intern do.

What makes a good engineer is the ability to verify that work. In software this is “code review”. And the other aspect is actual innovation. Solving particularly complex problems or breaking a problem down into manageable and verifiable tasks.

And… guess how you maintain your skills to be able to do that? That’s right. Charlie Work.

Which is the problem. Managers (and wannabe managers) just see short term gains. So they want EVERYTHING to be done with “AI” because they want to bulk fire people and reduce operating costs. And they don’t at all care that they are causing a massive brain drain because that is next quarter’s problem.

But yeah. Use generative AI to accelerate your workflow. But also understand when it is very much worth taking your time. Either to keep those skills fresh or just because you can do it in a “fun” way. And if you feel that ALL of your workload can be done by chatgpt… maybe think about how much cheaper a claude subscription is compared to your salary and benefits.

It just seems like such a defeatist attitude to me to cede ground on this,

It’s not “ceding ground”. It is picking and choosing battles.

What does adding a DOB field to a user account do? Absolutely nothing that the Location, Email, Phone Number. whatever fields didn’t already do.

What does adding libraries to fetch cost us? Yes, I dislike that on principle. But it provides an OS functionality that is genuinely useful (age restricting accounts) and… it is one that I can work around should I ever need to.

What does it get us? It is an immediate response to “There is no way for parents to protect their children from this vile content” because… it is exactly that. It is an immediate response to “We can’t manage school systems” and “We want to provide a way to lock this down but those evil OSes won’t let us”.

Versus “holding the line” and ceding absolutely nothing… and then getting blindsided because this is a feature downstream companies actually want. So rather than implement it their way with all the hooks into remote databases at the systemd level, it is instead a wrapper for useradd commands.

especially when the laws you mentioned actually being worried about would use this as precedent.

They don’t need a precedent. They are already pushing their own (often more restrictive) laws.

without doing more reading on the topic

And that is what EVERYONE should be doing. Understand what is being demanded. Understand what is being done. And understand what the actual meaningful impact is.

You’re saying there are already age checks for certain sites (and analysis of your web traffic and associated data being sold) and that this is no different, if I understand correctly.

Correct-ish.

I would amend that to be “All of this information is already out there and you provide it, without thinking, often multiple times per day”. But with the added caveat that this ONLY changes if a third party verification is required.

It is worth pointing out that while the California law requires no verification, the New York law potentially requires more than just a declaration of age. It’s worse elsewhere in the world.

To my knowledge (and skimming what I can find), the New York bill also does not require third party verification. At least, as of 2025-S8102A.

But yes, fully agree regarding the rest of the world. People get EXTRA pissy if you point out the EU isn’t magically doing exactly what they want it to do and always siding with “consumers” but… the frameworks and legislature being pushed through there are deeply alarming.

Right, but you see how this is also a bad thing right? Given that the FBI has now spoken about buying this data and uses it to target people, I would think that we would all want better privacy protections, not fewer.

Do not expect companies (and company adjacent) orgs to protect your rights.

But also? The FBI doesn’t need to “buy this data”. They can just buy the same marketing data everyone already has on them (unless you go above and beyond to obfuscate that).

And this legislature has absolutely zero bearing on any of that.

I don’t see how that should sway opinion about this being a good or a bad thing. It’s a bad thing for everyone, right?

No, it is not. Like I pointed out above: We always say “parents should watch what their kids are watching so that I can keep getting my goon on with tiktok” and all that nonsense. And do you know what the first step to ACTUALLY protecting kids online is? That’s right. Restricting accounts based on age.

Adding a user provided birthdate to your account in systemd is no more dangerous than having a field for location or phone number. Having an API to fetch this from the OS IS concerning but is also very much in that realm of "This genuinely makes browsing the internet easier"as, depending on implementation, your computer can auto-verify you so you don’t have to wipe the lube off your hand when you change sites.

And… its almost like those of us on open source OSes can maybe consider a way to go even farther with controlling what gets sent…

I don’t see how that should sway opinion about this being a good or a bad thing. It’s a bad thing for everyone, right?

Correct. But I would bet my bottom dollar that at least a few of the folk insisting this is the evil US (fair) forcing their will upon the world don’t realize their own governments might actually even be ahead of the game. Like apparently a bunch of live service games disabled chat in the UK in the past day or two?

No, I am saying that. I was saying that calling this a slippery slope doesn’t feel like it is based in the history of privacy erosion.

Again, that privacy already eroded away years ago. Pretending otherwise is just lying to yourself and increasing your own risks.

but just because it isn’t the first step doesn’t mean we shouldn’t fight against consolidated, government-mandated privacy violations, right?

The door to your home fell off and all your windows are shattered. Does it make ANY sense to freak out that your ex still has a key to your front door?

And that is why… it is more than a bit tinfoil hat but I really do wonder how much of this “outrage” is being intentionally stoked to distract from the very real concerns. If you actually care about your privacy then you need to educate yourself on what you should have been doing for years now. And consider getting on that.

I’m asking why we don’t try and just fix the problem instead of letting something like this slide by because there are other, similar issues.

Yes, let’s try to fix it. Complaining about a single field being added to a user profile (that already has user provided location, phone number, email, etc) ain’t it.

Focusing on the third party verification component… is part of it.

But also understanding that all of this is out there and never coming back is more important.

One of the biggest con jobs facebook has ever done is to pretend that they let you delete your account. And they do. Except… not really. Because User 1234 who has the real name field of “Fred Jones” was deleted. But User 1235 “Daphne Blake” isn’t and she has lots of pictures of her and Fred. And Old Man Wilkinson also has pictures of his home that some meddling potheads raided last month. So removing metadata from THEM would violate their digital rights.

So (simplifying), User 1234’s “real name” field is indeed voided. But their profile remains the same so all associations with Daphne and Shaggy and all the mansions remain the same. Same with the knowledge that some blonde haired d-bag with an ascot went to school with Red Herring. And that he is related to Skip and Peggy Jones. And that his name is suspected to be “Fred Jones” for the purposes of making sure to protect his identity in case someone registers as him and can’t provide ID to prove that.

But folk just fixate on “Delete your profile so that zuckerberg can’t control you!” and ignore all that.

Because understanding things is hard.

Can I ask you to explain your point, “age doesn’t matter, your digital footprint carries over?”

I… didn’t say that? Not sure if you replied to the wrong person?

But I’ll try to respond to what I can?

You mention solutions to protect yourself from the digital footprint carry over, but this law would just make it easier to overcome those solutions.

Assuming we are referring to the California legislature (I believe most/all of the US legislature if on the same grounds. The proposed EU "framework"s are very different), there is no requirement for third party verification.

It is literally the same check we already have. “Enter a random ass date that is more than 18 years ago”. This doesn’t “overcome” anything and, arguably, is a good law to get on the books so that you can say “Something is being done” before all the legislature and “frameworks” that want to be built around third party verification and “digital passports” do gain traction.

Now instead of having to figure out the various unique patterns of accessing the internet to determine info about you, you just tell them your age (or that you’re an adult, whatever) on those systems directly.

All of this is already happening and HAS already happened. You know all those stories about how google knows you are pregnant before you miss your first period? You know how you can quite often just click “verify you are human” and it processes without making you generate training data?

Hell, you know how targeted ads are a thing?

All of that is the same thing. It is about building profiles that tend to be so ridiculously specific that it isn’t even “This user connecting from Norway actually lives in the US and is from Cleveland” and is more “Oh, this is Oswald Harvey using his nordvpn subscription that he got with a discount from a Spiffing Brit video. He tends to favor the endpoints that are 25% down the list”

I also think it’s a bit disingenuous to call ‘this is the first step towards something worse’ a slippery slope when that is exactly how the creeping erosion of privacy has gone in the US historically, but especially the last few decades.

1. This is not exclusive to the US. This is something being pushed globally.
2. I never said this is “the first step towards something worse”. That step happened LONG before programming computers was “women’s work” and the cray loveseat was a genuine accomplishment

Both of which speak towards why people need to educate themselves to understand what information is already out there.

You acknowledge that a lot of people don’t fully understand how to protect themselves (and offer solutions that require more money, time, and education to accomplish) and in the same breath that is why it’s okay that we make data collection easier.

Yes? I am sorry that protecting your privacy takes effort? I am sure that if you pay a random sponsor on an LTT video that they’ll claim to do everything for you?

Like… I really don’t know what to tell you?

That is really going to depend on what your actual risk is. There are a decent number of articles and videos out there that go into what journalists have to do and… they are generally ahead of the curve on stuff like that.

But what people SHOULD do is to gain an understanding of what is actually going on. This entire debacle REALLY feels like a mix of people being mislead as to what the California legislature actually is (whether for Views or more nefarious reasons) combined with making it abundantly clear that they know absolutely nothing about their current risks.

Like, you telling pornhub you are over 18 is not telling PornhubCorp anything they don’t already know from all the other cookies and fingerprints you are carrying everywhere. Hell, a lot of services are dedicated to tracking by IP to get around incognito mode and even caching to get around VPNs (although, most don’t have to bother since people have been trained to just put EVERYTHING through a vpn so that it doesn’t matter in the first place). They are literally just ticking a checkbox in the hope of not getting blocked by more payment processors.

So if you truly care about protecting your age? Have multiple devices. Learn how to split your traffic based upon device to get around many fingerprinting techniques. Figure out where to sit at Starbucks so that you have your back to a wall but don’t look like a pervert. And so forth.

Rather than freaking out and throwing tantrums because people are trying to inform you about how little a self-reported age at the OS level that can be requested matters.

One fun bit of paranoia. I am sure most people are aware of the “Abnormal behavior has been detected from your IP. Please click here and then do some ML training to prove you are human” prompts that tend to come up on shared connections or if you have too many adblockers running.

Understand a lot of that is you “consenting” to have even more of your specific cookies checked (which is what happens when they “verify” you without a test). But a few years back there was an excellent paper that actually used how you perform on the ML training to further fingerprint you. The person at 1.2.3.4 with these cookies who is probably color blind is distinguished from the person at 1.2.3.4 with most of the same cookies (everyone loves going to Dildos R Us) but gets confused over whether a hotel shuttle is a bus.

And that all goes towards making sure they know exactly who you are and what ads (and trackers) to use.

I have a choice to who an d which third party collects my data.

Only if you actually understand what information you are and aren’t exposing about yourself in your every day activities.

Which… yeah, does really feel like understanding the meaning of a text/concept. So… spot on?

People can run secure systems that share minimal info.

And those generally aren’t the machines you want to connect to the internet and use for all your everyday browsing.

This requires all systems to store and share specific info.

Specific, unverified, info. That you are already sharing in most of the situations where it is being asked for.

So you’re making it illegal to have a private system. Sure most people don’t, but now you’re making it illegal.

A lot of things are illegal. Without the third party verification requirement, you are perfectly fine to hardcode that to say you were born on June 9th, 1969 by default. And that complies with the California legislation (last I read through it).

You think that’s okay because we don’t have good privacy laws right now? You want to give up?

No. I want people to actually understand what is going on so that they can actually protect themselves.

“More secure” is a minefield of marketing and intentionally misleading the populace. In a “perfect” world, everyone would believe that just putting something in a txt file protects it from The Government. Its akin to how so much media has pushed the “if you’re a cop you have to tell me” myth.

But mostly I see it listed more as a way to build up precedent/probable cause. I forget which country it was, but Graphene was specifically listed as being used by criminals/drug dealers. Whether that is true or not isn’t the point. The point is that now, using Graphene, counts against you for the purposes of pressing charges or taking you to a black site.

Which is the reality of a lot of laws. Let’s say it is declared illegal to have the text of Animorphs 01 in your possession. Cops aren’t going to be going door to door to find out if you are a Friend of Katherine. But if they raid your home because they decided you are a drug dealer or a dissident and find it? That is an extra charge. Or their suspicion that you had it is the entire reason they raided in the first place.

Which IS the reality with a lot of “decency” laws. That isn’t to say they are all evil (CSAM being pretty universally accepted as being banned for a reason) but it is important to always understand how enforceable a law is and whether it actually changes anything.

This is being baked in because of US law. I wouldn’t be surprised if the US made some federal laws requiring your religion in the near future.

And that is why it is a slippery slope fallacy. Eventually, superpowers are going to want to have access to your machines (they already do, but mostly in isolated cases). So any kind of data storage and overrides should be destroyed. So let’s go shred our hard drives and remove the concept of sudo/root access?

Also, I will just add on that it is more than just the US that is increasingly pushing for age verification.

That doesn’t seem like a great argument for doing something that further reduces privacy and protection.

The point is that, without third party verification (which I am vehemently opposed to), it changes absolutely nothing. So it is just people whining about “freedoms” they don’t even have.

And… there actually are arguments that it is good to tear down the security/privacy theatre so that people can make informed decisions and understand their actual exposure and risks.

A good example of this is that I am REALLY happy that we, as a society, have seen a drastic shift between calling things “Private Messages” and instead calling them “Direct Messages”. The former implies that only you and the recipient can see them. The latter does away with that and people rapidly learn (and communicate) that site owners and often mods can see everything you send along those avenues.

Cookies already exist and there is countless leakage (both intentional and unintentional…). Like most things, you are not as private and protected as you seem to think you are. Just because a website is asking you to tell it (which is mostly for compliance, not knowledge) doesn’t mean they already know that you said you were 250 years old but your shopping habits suggest you are actually in your 20s and live in Detroit and really enjoy pegging.

Maybe we should add religion and skin color too

To my knowledge, very few nations tie laws or access to that slippery slope fallacy. And parents generally have those same traits (at least while the kid is living with them). So I am not seeing much benefit from this?

And if/when we reach the point where that is the case? Uhm… I don’t think companies and software will be given anywhere near as much freedom to say “Sure, we’ll comply so that we can be eligible for these contracts” or “No, we won’t comply so that we can market ourselves as protecting people”

Even if we say I agree with this, why even ask for a specific year? Separate into child and adult, and let the super user make that change when asked.

Different countries (actually different regions within said countries) have different laws related to what “kids” can and can’t see and what age defines a “kid”. How much that matters is up to you. But it provides an automated check that ALSO avoids having to say “Hey mom? I just turned 18 and for no reason whatsoever it would be great if you could switch my account to an adult. Also make sure to knock and don’t look too closely at my laundry basket ever again”.

Websites and applications should never be allowed to know any PII without explicit consent.

And what do you think you are providing every time you tick “Yes, I am 18 years or older” or “Yes, I was born in 1920 or whatever the first option is now”?

I would go so far as to say they are only big enough to make an updoot-bait headline at that.

Localized age checks ARE a good system and are something that should have been in the OS for decades. It is the basis for being able to make “child accounts” and is a genuine requirement for Linux to be a meaningful option for “normal people”. And having a protocol for software/websites to request that is a very good system to build on that.

We talk about how the problem of kids getting exposed to horrendous shit is a problem of “bad parenting”. This is the tool you provide to allow parents some control.

The issue is not the age check. The issue is verification. To my understanding, the California legislature explicitly does NOT require a third party. So it is literally just you saying “Sure, whatever. I was born in 1901. Now load the Maya Woulfe video faster”. And yes, this is a step towards that. But so is having network access or user accounts at all.