> Some of these laws impose requirements on System76 and Linux distributions in general. The California law, and Colorado law modeled after it, were agreed in concert with major operating system providers. Should this method of age attestation become the standard, apps and websites will not assume liability when a signal is not provided and assume the lowest age bracket. Any Linux distribution that does not provide an age bracket signal will result in a nerfed internet for their users.

> We are accustomed to adding operating system features to comply with laws. Accessibility features for ADA, and power efficiency settings for Energy Star regulations are two examples. We are a part of this world and we believe in the rule of law. We still hope these laws will be recognized for the folly they are and removed from the books or found unconstitutional.

Anyways, it feels like all sides of the political spectrum are trying to strip away any semblance of anonymity or privacy online both in the US and abroad. No one should have to provide any personal details to use any general computing device. Otherwise, given the pervasive tracking done by corporations and the rise of constant surveillance outdoors, there will be nowhere for people to safely gather and express themselves freely and privately.

I agree. I also agree with S76 that some laws regarding how an operating system intended for wide use should function are acceptable. How would you react to this law if the requirement was only that the operating system had to ask the user what age bracket it should report to sites? You get to pick it, it isn't mandatory that it be checked, and it doesn't need to be a date, just the bucket. Is that still too onerous?

I ask because I feel like if we don't do something, the trajectory is that ~every website and app is going to either voluntarily or compulsorily do face scans, AI behavior analysis, and ID checks for their users, and I really don't want to live in that world.

Instead, the service should be telling your device the nature of the content. Then, if the content is for adults and you're not one, your parents can configure your device not to display it.

I think your example exemplifies this. Among Us is not inherently adult-only, but since it's multiplayer, they don't control what other player say and do. Definitively mixed content. They should not be asking you to verify, they should be telling you and letting you decide if your kid can play.

I kinda can't beleive their lawyers decided to go that route and assume all the PII responsibility that comes with collecting that data, instead of just making the "it's online and there might be d-bags on our servers" rating much more obvious and explicit.

If I ever turn uBO off, the ads I get are mostly for funeral plans or incontinence products, with a smattering of "126 year old mom lost 30 lbs of belly fat - click to see how!" (yeah, decomposition's a bitch...)

And, for the record, it's way better to get ads for BS like that than stuff that may actually influence you.

Don't limit, notify.

Has worked for TV (and movies to an extent, though theaters do limit somewhat, must have been some litigation around that...) pretty much forever.

If I ever find some idle time, I'd like to make an agent that surfs the web under my identity and several fake ones, but randomly according to several fake personality traits I program. Then, after some testing and analysis of the generated patterns of crawl, release it as freeware to allow anyone to participate in the obfuscation of individuals' behaviors.

You also need to account for how "easy" it is to de-anonymize a profile.

(Sorry I don't have links to sources handy.)

Differential privacy is just a bait to make surveillance more socially acceptable and to have arguments to silence critics ("no need to worry about the dangers - we have differential privacy"). :-(

There's no such thing as useless info. Companies will sell it, buy it, and act on it regardless of how true it is. Nobody cares if the data is accurate. Nobody is checking to see if it is. Filling your dossier with false information about yourself won't stop companies from using that data. It can still cost you a job. It can still be used as justification to increase what companies charge you. It can still influence which policies they apply to you or what services they offer/deny you. It can still get you arrested or investigated by police. It can still get you targeted by scammers or extremists.

Any and all of the data you give them will eventually be used against you somehow, no matter how false or misleading it is. Stuffing your dossier with more data does nothing but hand them more ammo to hit you with.

If the info becomes bad, it becomes much less useful and valuable.

I’m in the us and we o need some rights to privacy.

"Dad, I can't do my math homework, a pop up says you need to provide a copy of your bank statement, your mom's maiden name, and a copy of your birth certificate, SS card, and drivers license, and can you hurry up Dad, my homework is due tomorrow morning." And people will fall for this once they get used to the system being absurd enough.

The fraud machine must be kept fed...

So put the content tag at the granularity of the content.

Around 20 years ago, Germany actually made a law that would have enforced such a system. I still have a chart in my blog that explained it, https://www.onli-blogging.de/1026/JMStV-kurz-erklaert.html. Content for people over 16 would have to be marked accordingly or be put offline before 22:00, plus, if your site has a commercial character - which according to german courts is every single one in existence - you would need to hire a someone responsible for protecting teenagers and children (Jugenschutzbeauftragten).

Result: It was seen as a big censor machine and I saw many sites and blogs shut down. You maybe can make that law partly responsible for how far behind german internet enterprises still are. Only a particular kind of bureaucrat wants to make business in an environment that makes laws such as this.

Later the law wasn't actually followed. Only state media still has a system that blocks films for adults (=basically every action movie) from being accessed without age verification if not past 22:00.

You have that with any form of any of these things. They're almost certainly going to be set up so that you get in trouble for claiming that adult content isn't but not for having non-adult content behind the adult content tag.

Then you would be able to avoid legal questions by labeling your whole site as adult content, with the obvious drawback that then your whole site is labeled as adult content even though most of it isn't.

But using ID requirements instead doesn't get you out of that. You'd still need to either identify which content requires someone to provide an ID before they can view it, or ID everyone.

That's an argument for not doing any of these things, but not an argument for having ID requirements instead of content tags.

But you are right. It's an argument that the "just mark content accordingly" is also not a better solution, not that ID requirements are in any way better. The only solution is not to enable this censorship infrastructure, because no matter which way it's done, it will always function as one.

That's how you get the thing where instead of using different equipment to process the food with and without sesame seeds, they just put sesame seeds in everything on purpose so they can accurately label them as containing sesame seeds.

That is pretty much what the UK Online Safety Act requires: https://en.wikipedia.org/wiki/Online_Safety_Act_2023

Many small forums had to simply shut down, as was widely reported on HN at the time.

The alternative is that "just to be safe" you'll mark your entire site as needing age (identity, stool sample, whatever) verification. A single piece of sensitive content sets the requirements for the entire site.

> The child can install a virtual machine, create an account on the virtual machine and set the age to 18 or over

It's precisely how I worked around the parental control my parents put on my computer when I was ~12. Get Virtualbox, get a Kubuntu ISO, and voilà! The funniest is, I did not want to access adult content, but the software had thepiratebay on its blacklist, which I did want.

In the end, I proudly showed them (look ma!), and they promptly removed the control from the computer, as you can't fight a motivated kid.

That's assuming the parental controls allow the kid to create a virtual machine. And then that the kid knows how to create a virtual machine, which is already at the level of difficulty of getting the high school senior who is already 18 to loan you their ID.

None of this stuff is ever going to be Fort Knox. Locks are for keeping honest people honest.

I honestly don't really agree on the difficulty, as if this becomes a commonplace way to bypass such laws, you can expect tiktok to be full of videos about how to do it. People will provide already-installed VMs in a turnkey solution. It's not unlike how generations of kids playing minecraft learnt how to port forward and how to insatll VPNs for non-alleged-privacy reasons: something that was considered out of a kid's reach became a commodity.

> None of this stuff is ever going to be Fort Knox. Locks are for keeping honest people honest.

On that we agree, and it makes me sad. The gap between computer literate and illiterate will only widen a time passes. Non motivated kids will learn less, and motivated ones will get a kickstart by going around the locks.

That's assuming the permission is for "use of kernel-mode hardware virtualization" rather than "installation of virtualization apps".

Notice that if the kid can run arbitrary code then any of this was already a moot point because then they can already access websites in other countries that don't enforce any of this stuff.

It's just a bunch of clicks, even under linux.

Just install virtualbox. It literally walks you through a VM creation.

I promise there are people who can't figure out how to do it.

And again, the point of the lock on the door where you keep the porn is not to be robustly impenetrable to entry by a motivated 16 year old with a sledgehammer, it's only to make it obvious that they're not intended to go in there.

Regular people want to get things done, the tinkering is not a goal for them in itself and they gravitate to simple and convenient ways of achieving things, and don't care about abstract principles like open source or tech advantages or what they see as tinfoil hat stuff. But if they want to see their favorite TV series or movie, they will jump through hoops. Similarly for this case.

that is the job of parents/guardians

That would require people to be a responsible adult and actively parent their kids.

It's ironic, because people in this country identify with how hard they grind at work, but refuse to put a fraction of that effort into being an involved parent.

It's easier to just let the government ruin everyone else's good time online.

In return, the parents:

1. Get the illusion that their kids are safer (they aren't)

2. Get a clear conscience, and feel better mentally equipped to run on their corporate hamster wheel

That makes sense for purely offline media playback, but how could that work for a game or application or website? Ship several versions of the app for the different brackets and let the OS choose which to run? Then specifically design your telemetry to avoid logging which version is running?

You'd also not be reporting your age, you'd be sending a "please treat me like an adult" or "please treat me like a child" flag. That's hardly PII. More like a dark/light mode preference, or your language settings (which your browser does send).

Suppose you had an ID requirement instead. Are you going to make two different versions of your game or website, one for people who show ID and another for people who don't? If so, do the same thing. If not, then you have one version and it's either for adults only or it isn't.

> You'd also not be reporting your age, you'd be sending a "please treat me like an adult" or "please treat me like a child" flag.

Except that you essentially are reporting your age, because when you turn 18 the flag changes, which is a pretty strong signal that you just turned 18 and once they deduce your age they can calculate it going forward indefinitely.

This is even worse if it's an automated system because then the flag changes exactly when you turn 18, down to the day, which by itself is ~14 bits of entropy towards uniquely identifying you and in a city of a 100,000 people they only need ~17 bits in total.

But how does that do anything for you either way? Either you have two different versions based on whether the flag is present or not or you have one version and if it's adults only then you have to send the flag indicating you're an adult in order to use it.

Games already have PG ratings and similar in different countries, I don't see the issue there. Web content could set a age appropriateness header and let browsers deal with it, either for specific content or for the whole website if it relies on e.g. addictive mechanics.

Applications is a wide field, but I'd be interested in specific examples where you think it wouldn't work.

Sure. Take a game with voice chat. Child mode disables voice chat. How does the game, which presumably uses a load of telemetry, avoid incidentally leaking which users are children via the lack of voice telemetry data coming from the client? It's probably possible, but the fact is we're talking about third party code running on a computer, and the computer running different code paths based on some value. The third party code knows that value, and if it has internet access can exfiltrate it. In that sense, if there's an internet connection, there's not a meaningful difference between "the OS tells the service/app your age rating preference" and "the OS changes what it displays based on your age rating preference."

Though while I'm throwing out fantasy policies we could solve this by banning pervasive surveillance outright.

The service would then have to deduce the information instead of getting it explicitly and may be able to do that some of the time instead of all of the time, which is an improvement. And then people can work on anti-fingerprinting technologies with the premise that if they succeed it actually does something, instead of the information being required by law to leak to the service.

90% of an R rated movie might be ok for a 12 year old but those one or violent or sex scenes makes it R. Should we be rating every scene in movies?

Give parents general guidance and let them define the controls.

These questions of liberty are as old as the hills. And the keepers of the internet and virtually every single government past and present have repeatedly and endlessly shown themselves to be lying, conniving, self interested parties. When will 'we' ever learn?

*who decides who 'we' are.

Services can absolutely decide to provide their own content settings. It doesn't require a universal setting or OS requirements, and it doesn't require providing PII to every website or telling a central authority every site you visit.

You're going to get that, anyway. Platforms want to sell their userbases as real monetizable humans. Governments want to know who says and reads what online. AI companies want your face to train their systems they sell to the government, and they want to the be the gatekeepers that rank internet content for age appropriateness and use that content as free training material.

Age verification across platforms is already implemented as AI face and ID scans. This is where we're already at.

Any scheme that doesn’t require this won’t get pushback from me.

As an alternative: I already have government-issued ID and that branch of government already has my private info; have it give me a cryptographic token I can use to prove my age bracket to the root of trust module in my computer; then allow the OS to state my age to third parties when it needs to with a protocol that proves it has seen the appropriate government token but reveals nothing else about my identity.

Other alternatives are possible.

It's much easier for clueless lawmakers to write "the computer check the age", and make it everyone else's problem.

Like - you don't make it illegal to not do age attestations, but you provide a mechanism to encourage it.

You get a certification you can slap on your website and devices stating you meet the requirements of a California Family-Friendly Operating System or whatever. Maybe that comes with some kind of tax break, maybe it provides absolution in the case of some law being broken while using your OS, maybe it just means you get listed on a website of state-recommended operating systems.

That certification wouldn't necessarily have to deal with age attestation at all. It could just mean the device/OS has features for parents - built-in website filtering, whatever restrictions they need. Parents could see the label and go "great, this label tells me I can set this up in a kid-safe way."

Hell, maybe it is all about age certification/attestation. Part of that certification could be when setting it up, you do have to tell it a birthdate and the OS auto-applies some restrictions. Tells app stores your age, whatever.

The point is an OS doesn't want to participate they don't have to. Linux distros etc would just not be California Family-Friendly Certified™.

I wouldn't have to really care if California Family-Friendly Certified™ operating systems are scanning faces, IDs, birth certificates, collecting DNA, whatever. I'd have the choice to use a different operating system that suits my needs.

It's pointless, does not increase security, does increase complexity of every interaction, and introduces a lot of weird edge cases.

What i want is full anonymity enshrined in law, while at the same time giving parents, not governments, but parents, options to limit what their children can do on the internet.

The only reason they'd _have_ to do that is government laws making them do so. When the law is vague around what age verification is, if one company decided to do ID verification, now any site that doesn't might not be doing 'enough' in the eyes of the law (it'd come down to a court case if not specifically defined).

Though it may seem more convenient to just do it at the os level (though really the browser level would make more sense with a required header/cookie no?), I'd be shocked if you don't see it expanded in the future to be more than a checkbox.

What's the point in doing any of this if it doesn't result in materially better outcomes?

Second, it would signal to worried parents and busybodies that something has been done to deal with the danger that unmediated internet access might pose to minors. I don't think that it's a big issue, but a lot of energy has gone into convincing a lot of people that it is.

The other part of achieving a good outcome would be to disempower those in the political and private sphere who benefit from a paranoid and censorious public and have worked to foment this panic. That's the much harder part, but it's not really the one being discussed here. I'm pitching the low-intrusiveness version to gauge sentiment here for that easier part of the path.

I genuinely think the only two solutions to this problem that are workable are "zero privacy, zero freedom" or "fuck the children, we don't care".

Now, to be fair... there is a middle-ground that is neither of those options that I believe would be much more effective and allow us to retain our freedom and privacy and keep kids a lot safer. It's called education. But... no one will go for it, because I think for it to truly be effective you'd have to go as far as showing very young kids all the darkness that's out there and lay it out in paintstaking detail exactly how it works and deeply drill it into them. Ain't a snowballs chance in hell anyone would go for that, BUT... would it work? I'd bet you bottom dollar it would. The current extent of this education in public schools is a half hour visit from a police offer to the classroom and handing out a sheet to the kids and giving a 'good touch' / 'bad touch' talk. What's needed is a full length university level course on the whole topic from end to end.

If you're in an adversarial relationship and need to defend yourself the best thing you can do is "know your enemy". But no... "they're too young to learn about that stuff, we need to shield them from it - think of the children!" is the reasoning people throw back at you when you suggest it. It hands down has to be the number one thing that could actually move the dial significantly, and it's just completely unpalatable to the majority of the populace.

If this mattered to the market, don't you think a company would have implemented it or would have been built to fill the need?

2. I'm making an ought statement of values, like "we ought not pollute rivers." I don't really care what any system of resource allocation has to say about that.

The only laws the government should pass regulating software running on someones computer are laws protecting those consumers from the companies writing that software. For example, anti-malware/anti-spyware.

The government has no business telling a random company that their software needs to report my age, whether it's unverified and self-reported or not.

Of course, but that's exactly the framing of the verification laws. Protecting underage computer users from products/services unsuitable for them. If you want protection to be effective then it needs to be on by default, but also needs to ultimately be controlled by the user, and it's that second part that ID checks and the like fail.

In this case, it's a slippery slope; if we're normalized to this, what other incursions into our 1A rights to free speech, religious freedom and public gathering will we allow?

And I say religious freedom, because these kinds of laws are largely peddled by religious folk or people who otherwise have been deeply influenced by early American Puritan religious culture.

I, nor my children, should be forced to subject to such religiously-motivated laws. I can decide for myself and for my child what is appropriate.

I, nor my children, cannot be compelled to enter personal information into a machine created by someone who is also illegally compelled to require it.

I, nor my children, can be compelled to avoid publicly gathering on the internet just because we don't want to show identification and normalize chilling surveillance capitalism.

I thought this was fucking America.

Isn't that what the CA law is?

Honestly it’s the dumbest thing ever. Best just not to play that game.

> It shifts the responsibility back to parents.

Without these stupid laws parents already _have_ that responsibility.

Where is that actually stated in any law being discussed? If a parent gives a child a device with admin access, that’s their choice to do so. But it also makes sense that we, the minds behind all of this technology, also provide parents with the most basic of tools to restrict a child’s access online and hold accountable companies that knowingly serve adult content to children. That’s all the CA law does AFAIK.

Sure, my generation was raised on 4chan. But I can understand why parents today may want the tools to limit that.

As a silly example, tax software probably has your full birthday, including year, which is more precise. Many social networks collected this data, as did a lot of major tech companies that implemented parental controls already.

Isn't it just pointless?

I'm getting upset by face scan creep too. I do not like it. No sir. But mandating a self-reporting mechanism feels about as useful as DNT cookies, or those "are you 18? yes/no" gates on beer sites.

I.e. it would be a standardization of parental controls with added responsibility on sites/apps to self-determine if they should be blocked or limit functionality, rather than relying on big white/blacklists. Basically an infrastructure upgrade, rather than relying on a patchwork of competing private solutions to parental controls and age checks. The hope is also that a system like this would remove concerned parents from the list of supporters for pervasive mass surveillance and age scans. If they feel like you'd need to be a moron to miss the "This is a child device" button while setting up their kid's phone and laptop, and it's broadly understood that just pressing that button locks down what the device can access pretty effectively, that puts and damper on the FUD surrounding their child's internet usage.

Yes, because (a) it wouldn't do anything, and (b) it would take about 5 seconds for the morons who push this stuff to start whining about that fact, and using the fact that "Society(TM) has mandated this and people are avoiding it" to demand effective verification, which would be a huge disaster.

They won't be placated by anything short of total victory, and if you give them anything, you're just enouraging them.

The point remains though. They have zero way to enforce it if we choose to not comply. Just saying.

<< If you're going to host a service, I guess consider using Tor or something.

That one confused me. What do you mean?

I know the CA law is civil only, so I don't think there is much CA can do if you publish an OS and don't make money from CA folks, but other implementations may decide to impose criminal penalties.

The problem is that the comparison falls flat. ADA does not sniff for birth date and surrender that data to others. One has to look at things at a cohesive unit, e. g. insecure bootloaders by Microsoft surrendering data to others. It seems as if they try to make computers spy-devices. That in itself is suspicious. Why should we support any such move? Some laws are clearly written by lobbyists.

So it is Microsoft, Google and Apple pushing for this.

Disclosure: I work at Google, but not on anything related to this.

Seems exactly like the useless process fixation that Abundance advocates abhor.

What was the legislative history for the California law? Who sponsored it, and who are their backers? Is there some coordinated effort by surveillance state proponents?

Generally any actual surveillance state people would be tag-along donors to the org.

It's not this or that political party, your neighbors simply don't share your values. Maybe you don't agree with their values either — like to what degree we should be ceding privacy in favor of fighting child exploitation on the internet. Child protection arguments work because it is a compass to the true feelings of your neighbors.

If you see politics through this lens then the 'democratic backsliding' that has been universal across the world for the past two decades is entirely unsurprising.

Vae Victus.

The problem with this argument is that everyone agrees with protecting children.

"Think of the children" arguments are the legislator's fallacy: Something must be done, this is something, therefore we must do this.

In reality there are alternative means to accomplish any given goal, and the debate is about what should be done, because no one benefits from using methods that cost more than they're worth.

Well, almost no one. The opportunists who drape themselves in the cloak of "safety" when they want to have the government mandate the use of their services or use it as an excuse to monopolize markets or establish a chokepoint for surveillance and censorship do benefit from the machinations that allow them to screw the majority of the population. But the majority of the population doesn't.

We kept saying parental controls are all that's really needed, these states said "ok then, do parental controls" and we're still complaining.

_register typewriters_

>he who slays the dragon

никто тут этого кина не видел и никто не понял какого в сраку дракона в какую позу.

у меня тоже знакомый из СССР->США->Канада прокатился в 90-ых. вы не из академгородка?

* It’s ambiguous how your proposed parental setup and control process would work for anything other than walled gardens like Apple’s ecosystem. On an OS like Debian, does that mean a child can’t have the root password in case they use to it change the age? Does that mean we need a second password that needs to be entered in addition to the root password to change the age? Will Arduinos and similar devices also need to be age gated?

* Those edge cases might seem small, but read broadly they would require substantial, invasive, and perhaps even impossible changes to how FOSS works. If the law isn’t changed and FOSS doesn’t adapt, this basically means the entire space will exist in a legal gray area where an overzealous prosecutor could easily kill everything.

* This is not a matter of “perfect vs good enough”, this is a major slippery slope to go down. Also, this doesn’t mean age _verification_ will simply go away.

No. You're still not quite internalizing that the California regulation does not mandate any verification or enforcement or protection of the accuracy of the age bracket data. It mandates that the question be asked, and the answer taken as-is.

Which means that many of the concerns about implementation disappear, because the setting really does not need to be anything more than a simple flag that apps can check.

> Will Arduinos and similar devices also need to be age gated?

Only to the extent that they are general purpose computing devices, have an operating system, are capable of downloading apps, and are actually used by children (since the enforcement mechanism requires a child to be affected by the non-compliance). And if an app fails to obtain age information but also doesn't do anything that is legally problematic for a user that is a child, then it's hard to argue that the app's ignorance affected the child.

> Also, this doesn’t mean age _verification_ will simply go away.

It will in California, until the law gets repealed or amended. Apps won't be allowed to ask for further age-related information or second-guess the user-reported age information, except when the app has clear and convincing information that the reported age is inaccurate.

That was my read of this as well. OS developers seems not not necessarilly need to make any effort here. Ask for an age as a number at account creation and let the user change it as they please at any given time.

This might be a dumb question, but what actually constitutes an "affected child for each intentional violation"? Violation of what? The text specifies that "A developer shall request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched." Am I being negligent just for not checking the age, even if the application is unequivocally ok for all ages? And are children affected by my negligence in any way even though no one was hurt?

If anything, this seems like a convenient path to mandating far more restrictive measures under the guise of “fixing an obvious loophole in the law”.

So my kid's micro:bit, running an OS she built, is eligible. As is half the esp-ecosystem.

Hopefully it stays that way.

Instead it was drafted by people not understanding the difference between browser, app, and "OS", explaining the result.

Part of the purpose of education is exposing students to strange, uncomfortable, and even frightening ideas and giving them the tools to critically think about and even empathize with such ideas. They don’t have to even be “useful” ideas, since it’s important that students are given the tools to grow and become anything they want. It seems like a lot of groups around the country just want students to grow up to become drones working to prop up the economy. Anything that might make people question the nature of society or their role in it must be suppressed according to them.

In a lot of way, what we are witnessing in a counter movement swinging opposite to the heavy push for critical theory in the public sphere. Critical theory is not neutral. It is teleological in nature.

Schools have been a battle ground for decades I fear.

You may be okay with your children reading some books. That's great, and you should be able to find the right school districts for them, and I should be able to do the same to ensure my children don't read through explicit material without any form of parental oversight.

From the TFA, the proposed bill "would modify the Elementary and Secondary Education Act of 1965 by prohibiting use of funds under the act". This is hardly a case of the federal government running roughshod over sates and local jurisdictions.

This is a wild exaggeration to call this a national book ban.

You can argue about whether imposing a financial disincentive on working is a good or bad policy but there isn't really any case to be made for it not being what they're doing.

Go ahead and try to distinguish this from de jure financial penalties. If you get cited for speeding, that's definitely a fine, right? But the money then goes into the same general fund as other tax revenue. We're not even consistent in what we call this. The "tax" on cigarettes is clearly a penalty intended to deter usage, the proponents openly admit to it. The federal tax code is absolutely riddled with rules that cause you to pay a different amount based on whether you do or don't do something. The debates about which forms of taxation to use are fundamentally about which activities we want or don't want to be disincentivizing -- witness the people who openly express the intention to tax the rich specifically as a penalty for having too much money. Meanwhile the Georgists think we should use Land Value Tax instead of penalizing people for working.

The penalties for doing something look like you paying them when you do it. The penalties for not doing something look like them paying you when you do it. But because they don't actually have any of their own money, it's never actually them who is paying you, which means that everyone who "gets paid" (i.e. isn't penalized) is extracting that money from the penalties paid by everyone else. Who wouldn't have had to pay that both in the case where they did the thing required to avoid the penalty and where the government offered no such disincentive for not doing it by not collecting the money in taxes and other fines.

You're trying to make an exception out of the person who is actually paying $0 in all taxes, but to begin with that is extremely uncommon, e.g. good luck directly and indirectly avoiding property tax if you live indoors, or avoiding indirectly paying federal income tax if you eat food or consume any other goods or services. It's pretty plausible that such people don't really exist, and even if some did, the penalty still applies to everyone else.

And even for the hypothetical person who somehow directly and indirectly paid actual zero in all taxes, if they stop doing the thing, their personal finances still see the same disincentive as everyone else -- they still get penalized for not doing it. If we had a UBI and then someone got cited for speeding but the speeding fine was less than the UBI, would you say that they aren't being penalized for speeding? No, because if they hadn't gotten the citation they would have gotten more. And so it is with not doing something.

The reason this is important is that there are things the government isn't supposed to punish you for doing, meaning they're not to give you any disincentive of any kind. Offering you money -- which for substantially everyone in real life is actually their own money -- and then taking it away if you do the thing they're not allowed to punish you for doing, is punishing you for doing it.

This variation of the origin story gets a lot of play. However it doesn't address the outside book-ban groups who provide titles to parents - or who just appear at school board meetings themselves.

    Eleven "super requesters" — those who raised concerns about or challenged
    15 or more titles at a time — accounted for 73% of the targeted books. 
    They often referred to lists of books originating in other districts 
    or from online forums. Some had no children in the district. 
    In nearly 60 cases, the school district didn’t own the book 
    the requester sought to remove.

Can you elaborate?

>The system, for once, seems to be working.

Interesting worldview.

That’s definitely not how this is playing out.

The problem is that the core technology that makes ASML's tech valuable is the EUV light source which is entirely designed, developed, and manufactured by Cymer in California, which is a US company that ASML acquired in 2013. That acquisition was permitted only under strict technology sharing and export-control agreements.

I have no doubt that this administration would forcefully "take back" Cymer if the EU tried to restrict access to ASML lithography machines. They would force a sale back to US ownership, TikTok-style.

The real problem with this theory is that EUV isn't a product with a capturable bottleneck. It's more like a standing wave of institutional knowledge distributed across organizations that have been co-developing at picometer tolerances for 30 years. TRUMPF's leadership described the arrangement as a "virtually merged company" with open books across all three firms. That kind of integration knowledge doesn't transfer via acquisition. China has been throwing enormous resources at this with access to published research and former ASML engineers, and their prototype still isn’t expected to produce working chips until 2028-2030. Saying the US could grab Cymer and start producing EUV machines is like seizing a transmission plant and calling yourself a car manufacturer.

It's a bargaining chip that this administration will undoubtedly use to make sure that US access to ASML lithography machines remains undisturbed.

Similar to TRUMPF lasers and Zeiss optics, other companies from US and Japan like Coherent and Canon could have a crack at replicating the laser and mirrors given enough IP and resources if the US really wanted to decouple from ASML, since they're still man made objects, not magic things given by gods.

US is the richest country in the world and the second biggest manufacturer after China. Do you think the country that built the SR-72 and other sci-fi shit wouldn't be able to make a EUV lithography machine in house if they were to treat it like a Manhattan project instead of a side hustle?

this exact same logic applies the other way, though... unless Cymer is selling magic objects given by gods?

>Do you think the country that built the SR-72 and other sci-fi shit wouldn't be able to make a EUV lithography machine in house if they were to treat it like a Manhattan project instead of a side hustle?

do you think that ASML (or TRUMPF or whatever non-US entity) would be unable to make the EUV light source in house if they were to treat it like a Manhattan project instead of a side hustle?

It's a gentlemen's agreement that will be held together by mutually assured destruction if one party tries to decouple completely.

The general decoupling from US tech you see has started after the general enshitification of major IT services from FFANG, not exclusively due to Trump, and not exclusively to US, Spotify is also seeing a lot of backlash.

>do you think that ASML (or TRUMPF or whatever non-US entity) would be unable to make the EUV light source in house if they were to treat it like a Manhattan project instead of a side hustle?

The EU(Germany, Spain and France) can't unite to build a next gen fighter jet together, can't decide how to tackle illegal mass migration, can't decide a sane energy policy that isn't hypocritical or anti-industry, or on a single direction on defeating Russia. A EUV Manhattan project is the least of their issues right now which moves the balance of power in the US court for the moment until EU members figure out how to work together.

the mass migration caused by american wars in the middle east you mean? Also, frontex seems to be working fine so far.

>on a single direction on defeating Russia

unlike the US, which has stopped all military aid to ukraine in 2025, and seems to be favouring russia more and more.

Lets not forget, europe is increasing its military en masse mainly because on one hand you have the russian flattening ukraine, and on other hand you have the US demanding greenland.

Who needs further enemies with friends like this?

Nobody forced the EU to open its borders. It's their job to defend their borders from intruders, foreign especially military aged males with no visa, instead of acting as a global charity with their taxpayers' money then wonder why the far right is booming and arrest them for hate speech.

>unlike the US, which has stopped all military aid to ukraine in 2025

This is news to me that doesn't math what Google returns. Care to back that up?

>and on other hand you have the US demanding greenland

That's bad indeed on the US, but EU can't even defend Ukraine from Russia, a broke-ass country, do you think they would have gone to war with the US over Greenland? The US can do this because the EE can't do anything.

And good luck with fighting all of NATO in a conventional war. According to Trump US is such losers they even lost in Afghanistan against the Talibans. And now you wanna fight rest of NATO (that has more soldiers than US).

Source: https://en.wikipedia.org/wiki/ASML_Holding

Right, so that the USA would cut us from DTCC?

Eu finance sector is MUCH more dependent on access to US markets than the other way around.

for everything inside the EU, i highly doubt it is. For extraterritioral trade. The EU is large enough to trade with other countries in euros instead of dollars.

There is a bit of M.A.D. scenario: a bunch of components in ASML machines (like EUV light generation?) come from US companies. Also, the two main chip CAD software vendors (duopoly) are in the US.