fushuan

Web browser doesn’t mean much, you still are using a web client. OP mentioned Blorp, that has a web client and some instances give you the choice of using the client you prefer. Check blahaj for example.

No one of the people I know that use passkeys use it from the phone, either they use a password manager, they have passwords on a physical note, on an excel file in the desktop, a physical yubikey, or bitwarden like me. That’s everyone I physically know including every family member, friends and work people.

I know it’s anecdotal, but you present your “wide populace” fact without giving sources too, and since I know no one that uses phone based passkeys, even if my experience is anecdotal, I say sus. Check your bias.

Idk man, why put it? I agree, I down voted the proposal since it was useless. Didn’t go mad posting about it tho.

I understood from the beginning that you are trying to make a “slippery slope” point, but this is open source, each change should be evaluated as is, with what it implies. A local field that isn’t being used in anything doesn’t condition users or Devs to anything that will then make them accommodated and easier to approve an actual invasive feature.

I will agree with the slippery slope argument when they propose a feature that is minimally invasive. This was both useless and 0 invasive.

Edit: actually no, this feature wasn’t useless overall. It was useless for age verification, but great for parental control. The moment a kid doesn’t have root access to the computer, a parent can put whatever age to block the kid from whatever features the parent wants to block them from. Think about it, self enforcing age verification doesn’t give power to governments, it gives it to the root user of the computer, aka parents. It’s something that actually works.

deleted by creator

It really doesn’t. You are showing you don’t know how it works.

Webpages can enforce remote verification for sure, that would fuck anyone, Linux included, but a local data file doesn’t leave anything open for the idea I just said.

If you have root access you have complete control of what happens in your local environment. The only way to enforce user verification is to make it remote reliant (just like it’s done in Spain for example, government regulated digital certificates), and then this new field is useless.

It wasn’t a good proposal given that the original intention was compliance in a very useless way, but y’all are going crazy without learning about it.

The first thing on the post you linked is the systemd change which adds a new number field in a completely user controlled local environment where they can write anything they want.

Oh nooooo… ಠ_ಠ

Are you referring to the userd field? That would mean nothing if the user has total control on what can be written there.

Whatever device based verification those websites or electron apps were communicating with can be spoofed in a system where you have complete control.

Games are cracked in weeks at most, don’t you think that whatever secure communication is established won’t be cracked lightning fast by the whole FOSS community? Once the “secure communication” between local apps is broken, a third package can mitm that shit easily. It’s a local environment.

Not really, Vaultwarden/bitwa4den offer passkey support. When I log into a service a popup shows on my extension, I click it and I’m in. It’s not gonna lead to device locking if you don’t want to…

in international pronunciation, lemao