this post was submitted on 21 Feb 2026
238 points (98.0% liked)

Technology

81649 readers
7379 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
238
Colorado proposing Bill to move age verification to Operating System rather than web site (www.biometricupdate.com)
submitted 18 hours ago* (last edited 18 hours ago) by Beep@lemmus.org to c/technology@lemmy.world
93 comments fedilink hide all child comments
 

Senate Bill 26-051 reflects that pattern. The bill does not directly regulate individual websites that publish adult or otherwise restricted content. Instead, it shifts responsibility to operating system providers and app distribution infrastructure.

Under the bill, an operating system provider would be required to collect a user’s date of birth or age information when an account is established. The provider would then generate an age bracket signal and make that signal available to developers through an application programming interface when an app is downloaded or accessed through a covered application store.

App developers, in turn, would be required to request and use that age bracket signal.

Rather than mandating that every website perform its own age verification check, the bill attempts to embed age attestation within the operating system account layer and have that classification flow through app store ecosystems.

The measure represents the latest iteration in a series of Colorado efforts that have struggled to balance child safety, privacy, feasibility and constitutional limits.

you are viewing a single comment's thread
view the rest of the comments
[–] undu@discuss.tchncs.de 10 points 8 hours ago

As a software engineer that works on virtualization and is interested in software freedom, this law terrifies me because it's a trojan horse for something much much worse than the already shitty status quo: remote attestation.

And I will tell you this: the operating system is 100% where you want to do age verification

No, it's the last place you want to do this check. Let me explain: because users control the PCs they buy right now, meaning they can install any OS and programa the so wish to install; governments at some point will decide that they cannot trust the results given by any OS.

The only way for governments will be to actually trust third parties (again) that will check properties in your computer through a module that controls the whole computer and users don't have access to.

This is called remote attestation: https://www.eff.org/deeplinks/2023/08/your-computer-should-say-what-you-tell-it-say-1

With this technology, users don't decide what programa they can install and run, they can't even decide what websites can they visit.

It's a brutal encroachment on the computer freedom you have enjoyed up to now, and the perfect tool for an authoritarian government to enforce what can you watch and in general, can do with your computer.

If this law is approved, I guarantee you it will spread and will have expanded versions requiring remote attestation. (Don't worry, lobbyists will find a way to sell remote attestation preserves privacy to make it go down easier)

The end result is a nightmare-fueling scenario where someone like Peter Thiel through Persona not only has your information because it needed to verify to create the account in your computer, but Microsoft also has it, and governments through Microsoft may decide to limit which platforms you can access (X or something worse), if also if you've been a bad citizen, if you can run programs in any computer that can be legally sold.

All in all, this law is incredibly dangerous in the current political climate where even supposedly democratic governments are pushing for more authoritarian controls to digital life. And I'm surprised organisations like EFF haven't seen this yet