[SILENT - 1.9s]
but until you start i i mean and still until you're honest with yourself we're not going to
solve these problems like how can we solve a security a privacy problem how can we solve
data ownership issues if we're not honest about who's doing what and how if we're not honest
about the perpetrators of of you know really bad security and privacy and data handling
then we're not going to stop it you can't say you over there you're not allowed to do it this
isn't like a drinking age folks like you can't say that it's good for some people and bad for others
you
Well, well, well, we're back.
Back on the microphone.
Microphone, check one, two, one, two.
What is happening, everybody?
It's your boy, Simon, in the greatest privacy podcast in the universe, in the morning.
Yes, what is going on?
Episode 55, Closed Network Privacy Podcast, recorded today, Sunday.
March 29th, 2026. Data privacy, data sovereignty. I don't know. I just want to use an operating
system. Can we just live? Can we just live a little? That's all I really want. And I kind of
feel like it's all just slipping away from us rapidly. And I try really hard when I'm putting
these podcasts and show notes together and things of that nature. I try really hard to not sound
negative through everything I'm talking about. And it's becoming increasingly difficult.
That's why I abuse nicotine. So I pop a fresh six milligram peppermint Zenichino, a little
nicotine pouch.
So...
So yeah, always trying to cope. I was trying to find ways to cope, right? And yeah, it's important
to stay healthy. So don't do everything I do. It's just, you know, some of my coping mechanisms.
And yeah, sometimes I need to do that in order to get through some of the things I'm about to
talk about. So yeah, welcome back. Episode 55, my issue with Ubuntu Linux. Your phone is now
the checkpoint. We're going to talk about age verification. We're going to talk about iOS 26.4,
the architecture of an identity-gated internet, which is what I'm labeling this episode. It's a
long label, but it kind of fits. And I'm going to kind of talk about what my strategy has been lately
and kind of how I'm shifting and changing things, both in my personal and in my work tech stack.
So I'm going to be talking about how your phone is now the checkpoint. We're going to talk a little
bit about age verification, a list of operating systems right now, rejecting or accepting age
verification.
uh you're going to be referencing some of that uh some of the current laws and current laws that
are coming into place including brazil's you know digital eca that went live on march 17th
no one was ready for that uh discord leak which that was actually back in october but i think
it's important to bring that up as well as in the united states colorado sbs 26-051 which is every
os must uh must check you know must must card you basically is set up and character.ai rolling out
kyc that's an ai companion that's now requiring government id as well as uh in the united states
kosa versus the app store accountability act two very different bills the kids online safety act
and the app store accountability act i think it's important to talk about that and the bypass problem
which is getting worse and with
you
ai deep fakes and how kids are getting around this stuff um i also uh going to reference a
video that was in i saw on youtube by austin evans pretty fairly popular youtuber and he was
did a video on his uh google takeout which is you know you can download everything google's
ever tracked about you and it's very very disheartening he had a 527 gigabyte data file
so i'm going to go a little bit into depth into these two particular topics my issue with
ubuntu canonical and just that the slow erosion of linux trust so that's going to be a large
portion of the show in addition to the phone being the checkpoint and the age of verification stuff
and i and i i kind of feel like a broken record and i'm i'm really trying not to talk about this
ad nauseum too much
because it's kind of everywhere but i think it's important to talk about these things and talk
about them with other people because we're starting to see some uh quite a few or at least i'm seeing
quite a few different like edge cases and they're not really so much edge cases as they're happening
a lot in the uk is ios 26.4 is rolled out and live and a lot of people are saying well just
don't upgrade well there's also a ton of zero day vulnerabilities in ios 18 uh that 18.4 that
you really kind of do need to upgrade unless you want to be uh at risk from some of those things
but um yeah so before before i get uh wow before i get too far too far into the weeds on all of that
um i'm just going to take a quick second and thanks thank thanks thanks to you thank you
to our patreon subscribers and lightning boosters and direct supporters and talk
a little bit about uh how i'm kind of shifting and changing things so i want to give a quick
shout out to michael bates david tk uh a new member trying who just signed up like the day
before yesterday vo mr milk mustache hutch uh thank you thank you for the patreon support
it is um very very helpful there's um other ways you can contribute as well i've also opened up
direct support at closed network.io so if you don't want to use patreon you can also subscribe for as
little as five bucks a month i might open up even cheaper plans if that's your thing this is a
totally listener supported podcast we don't take any advertisements we don't do any affiliate links
none of that horse business up in here the top lightning boosters these are people donating
with bitcoin bond wartime circus media
at SNX, Firefly Go, and a couple anonymous just absolute freaking chads out there donating
sats through Podcast 2.0 apps. Those are where you can stream Satoshis. They're just
small denominations of Bitcoin. You can support anyone that uses Podcast 2.0 doing that.
And most do. I was actually doing some yard work this afternoon and listening to
Linux Unplugged with Chris and all them. And they accept sats. They adopt what I call the
no agenda value for value model. And it's modeled after Adam Curry and John C. Dvorak. I've been a
long time no agenda listener. And I've always respected the model. Does it make you a lot of
money? No, it does not. I could probably at this point sell my soul and sell VPN ads and all that
kind of stuff. But I'm not going to do that. Because
I want to stay impartial. I want to stay objective. And if I talk about a service,
it's because I either like it, I've used it, but it's not because I'm incentivized to do so
financially. So that's why it's important that I take this time and say thank you to those who
support this because it's what keeps things going. It pays for infrastructure and server fees and
hosting fees and podcast microphones and all that fun stuff. And eventually one day I would love to
be able to either do this more full-time or maybe in full-time along with some other projects that
I'm working on. And that would be awesome. That would be a dream come true. But I also know that
the value comes with the value in exchange. So that's what I'm focused on is providing
quality information, infrastructure, community support, all those things. Because really,
I'm just a person who takes the time to do this, but I don't know everything and I'm not an expert.
and everything. And I'm not ignorant enough to claim that I could be. I just know I can't. So
the more people that we get together that are trying to solve a lot of these problems for
ourselves, the stronger we become. And that's why the community is really, really important.
And when I say community, I'm talking about people who contribute. So I want to say thank
you to Unintelligent 7. Thank you to Mattis Max and some other community members that are always
helpful in the matrix chat room, which currently sitting at 443 people in the main matrix chat
and a few hundred in our off-topic channel, our meme dump channel. And that's where a lot of the
conversation happens. We've actually had some spicy conversations going on in the SimpleX chat over
the last week. And of course, we also have a signal group chat. I decided for now to post those links.
So if you go to closednetwork.io and you go to the about section, you can actually, actually, no.
I didn't actually post those. I posted my direct access. So if you want to reach out to me,
it's easier for me to do it this way. Because in the past, I just had you guys email me and I send
you back a link. But better yet, if you're already on SimpleX or Signal, you can just go to the
website, go to about, add me, connect to me. Maybe we can chat. I'll do my little sniff fed check on
you. And if I don't detect anything too weird, then we'll get you into the groups if you're not
a Matrix person. Down the road at some point, I'd like to have some other more permanent stuff set
up, whether that's through Matrix on a dedicated server, whether that's maybe through something
else like XMPP. I'm not really sure. We'll cross that bridge. But I think once we get to like
1,000 or I don't know, more than 700 users in the Matrix chat because it's an encrypted,
it might become a little problematic. That might be a scaling issue we've got to deal with.
I'm not really sure.
also host around mastodon server you can connect there i'm on x i'm on nostr and uh there is a
youtube channel although i've only ever done a couple shorts and i was kind of messing around
with it but um i think i'm actually going to do a proper video on a new product that i ordered
uh for uh for myself as a work replacement machine so stick around for that i will probably
drop that into the group chats and probably patreon and things of that nature before uh
anything else but you know just subscribe or share it with your friends share it with your
family that would also be great uh the more reach that we can get the better so all the housekeeping
out of the way um we're gonna kind of i'm just gonna jump right into it i'm gonna jump right into
my issues with ubuntu lately now i am not a huge ubuntu user actually i haven't really
used if unto i do use uh ubuntu server uh in some of my self-hosts
environments whether they're virtual machines or native servers running for different purposes but
as far as on the desktop I've not really used Ubuntu in a very long time and I think I was just
I've just always been turned off by the snap stuff and everything and and I kind of dove into
some stuff that I wanted to understand a little better and it's a bit cringy so I'm just going to
kind of get right into it and I want to kind of walk through like a use case scenario so
this has been building for a few years now and this week it hit a point where I think
I just genuinely can't ignore it anymore so Ubuntu the distribution that arguably introduced
more people to Linux in the last 10-12 years than any other distribution it's it's massive
um
you
That kind of just works term is usually associated with Ubuntu.
And when I say Ubuntu, also derivatives or spinoffs like Linux Mint is a good example of that.
Pop OS, kind of, but they've actually kind of changed quite a lot there.
And I have a lot of respect for what Canonical has built.
But over the past few years, Canonical has been making a series of decisions that individually you can overlook
or explain away.
But together or compounding, they've formed this pattern.
And that pattern is worth understanding.
Whether you're a daily Ubuntu user, a sysadmin running it in production,
or just someone who cares about the direction of open source software, where it's heading.
So I kind of broke this into four different issues.
And these, I want to be clear, I'm speaking for myself.
And I don't necessarily want to feel like I'm projecting my...
ideology on you. I just want you to process this. Use your critical thinking skills. Listen to a
myriad of different sources. And then make your own decisions or forge your own path. Definitely
don't do something just because it's what I am doing or someone else is doing without kind of
looking into things yourself. But I deep dive into this stuff. So my issue with issue number one is
the silent snap installations. So here's a scenario. You do a fresh install of Ubuntu, let's
say 24.04. And you want to install a browser, right? Maybe it's brave, but let's just say
Chromium. Chromium is a good example. So you go to the command line and let's, you know, I'm a command
line kind of person when I install stuff, but maybe you're using the graphical user interface. It
doesn't really matter. But from the command line, you would type sudo apt install chromium dash browser.
So in this scenario, fresh install installing this, well, what something happens quietly.
in the background. There's no dialogue box. There's no warning, no consent prompt. And what
Canonical has done is replace that APT package with a traditional, or what they call a transitional
stub. Its only job is to silently pull the snap runtime and install a snap version of Chromium
instead. So you thought you were running a standard APT operation or an apt installation, but you
weren't. So now for a casual user, maybe that's fine. Maybe you don't care. You got a browser
installed, whatever. But for a sysadmin or someone running scripted deployments, for someone who's
explicitly removed snapd from their environment, this is a fundamental violation of what the package
manager is supposed to do. The contract between a user and their package manager is simple. Do exactly
what I tell you and nothing else. This is why we run Linux after all. This is, we've left the
Windows, we've left macOS ecosystems, and we have control over our computer and we want control over
what it installs and what it's doing. We want it to verbose on the screen what it's doing.
And that isn't just Chromium. On Ubuntu.24.04, several popular apt package names have been
quietly converted to these transitional stubs. The practical consequence does matter here. So
what happens is Snap reinstalls SnapD, even if you've previously removed it. The Snap package
auto-updates on their own schedule, completely independent of your apt upgrade commands or
planned maintenance windows. In enterprise environments, that's a compliance and change
management problem.
And
And snap binaries live outside standard path directories, which can silently break scripts
and monitoring tools.
This was a deliberate product decision.
And it's not only the place of canonical that treats your infrastructure as a delivery
mechanism for their ecosystem, right?
I mean, it's kind of like them taking over and choosing how your infrastructure and the
delivery of your packages gets installed within their environment, within their ecosystem,
the Ubuntu ecosystem.
So issue number two is the terminal is becoming a billboard.
And I want to be careful because I know it sounds like old man yelling at the clouds and
that kind of thing.
But just hang with me because there's a real operational concern underneath this annoyance
that I have.
And Ubuntu Pro upsell, right?
messages can appear inside apt upgrade output commands, like the output from those commands.
Canonical's message of the day news system fetches promotional content from Canonical servers
every single time you log in. These messages show up in automated logs, like a junior engineer
running a deployment at two o'clock in the morning sees this message in a terminal and
it's got to stop and figure out, is this a warning? Is this an error or is this an ad? Like what is
this extra data that's being fed to me inside the terminal? And here's the part that goes beyond
like the inconceivable part for me is that that message of the day fetch is making an outbound
HTTP request to Canonical servers on every login. So your infrastructure is phoning home
and you may not have consented to that.
Alright, let's do that.
Let's do that.
autoprote routes
it's not prominently
documented either from where I can
find this information
so
and this isn't new territory for
Canonical either if you
remember or if you were paying attention
you know a few years ago they were shipping
Amazon search
integration into the GNOME desktop
and it was collecting user search queries
and there was a big backlash
that forced them to roll it back
but it's something that they did
and you know
the promotional
instinct
didn't really
disappear though right it just found new
home inside the terminal now
and the command line has
decades
long reputation for precision
and honesty and just
kind of the purity of things like
when you're on the terminal or you're on your TTY
you should feel like you're just
it's just you and
the layer between commands being
issued to the kernel and the kernel processing
and there's nothing in Нач
but not some intermediary messaging promotion ad for Ubuntu Pro to upsell you to Ubuntu Pro
…
you
inside the terminal. I just think it's insane. And so, I don't know, inserting these commercial
messaging into it just kind of reflects like revenue optimization mindset for me, like kind
of in shittifying the application, the operating system. And we haven't even got to the age
verification stuff. But my third issue is also malware inside the Snap store. And I don't want
to be an alarmist, right? But the Snap ecosystem is proprietary. It's not like auditable by just
anybody. A lot of times there are packages and repositories of packages for different distributions
that are all very auditable. The package manager installer is auditable, but Snap isn't. So,
this is where it gets kind of more serious for me.
is when you force users onto a specific package distribution system,
you take on a responsibility and safety for that ecosystem.
And the Snap Store has kind of been struggling with that responsibility.
In February of, I was going to say last year, but actually the year before,
there was a fake Exodus Bitcoin wallet that got published to the Snap Store.
And there was a user thinking it was the legitimate application.
This is a Bitcoin wallet. It's pretty serious.
That had downloaded and deposited nine Bitcoin into that wallet at the time.
That was close to half a million dollars and lost it.
That was a life altering loss for that person or for a lot of people.
And that person was trusting that they were installing an application from a store,
from a proprietary store that had some sort of checks and balances,
especially for applications around finance.
You know, and you might-
I think.
expected that that would have triggered some sort of iron clan review process and instead the
problem uh you know escalated into january of 2026 you know by security researchers including
alan pope who spent over a decade at canonical i think and still you know maintains like nearly i
think uh dozens i'm 50 or more packages inside the snap store and exposed a sophisticated new attack
campaign and here's how that how that works is attackers stopped creating like new suspicious
accounts and instead they hunted for expired web domains that used to belong to legitimate
long-standing snap publishers and they'd register those domains set up uh and you know
set up email servers and use them to take over
the original developers, Snapcraft accounts. And once they controlled a trusted account with a
history of clean packages, they'd push a malicious update designed to harvest cryptocurrency wallet
recovery phrases or exfiltrate that data into attacker-controlled servers. And so by the time
the user noticed something was wrong, the damage was done. I mean, they've already kind of completed
what they were trying to achieve. And Alan Pope's public commentary on this, he was quite pointed.
He noted that even when security professionals actively report malicious snaps, removal can
take days. Days. So, you know, wallet draining malware or like living in the store and the
response time is days. So, you know, you're talking about a pretty large user base that
this could be impacting.
a lot of different people and i know that this may seem like well that doesn't sound
too serious too often but it just kind of again is one of my issues with ubuntu and kind of the
direction that they're going uh with with these package manager installations and then issue four
there's that cve 2026 3888 which is a privilege escalation and um there is uh i'm trying to
remember i because i didn't have it in my notes the research unit i think it was like qual something
call um q analysis or something like that and they they're they're a threat research unit and
they disclosed a high severity uh local privilege escalation vulnerability affecting the default
installation installation of the ubuntu desktop specifically 24.04 and later and it's being
tracked you can track it that
you
cve 2026-3888 um and it has a you know cv ss score of 7.8 pretty high so the the short version
of how it works is there's two core system components that are involved there's the snap
dash confine which is the highly privileged process that builds the secure sandbox before
a snap application runs and systemd dash temp files uh the service that automatically cleans up
the state uh temporary files so in default ubuntu configuration the cleanup daemon is scheduled to
remove old data from the temp directory on a cycle like 30 days and 24.04 and then 10 days and later
versions an attacker waits for that cleanup cycle to delete a specific critical directory that snap
dash confine depends on and once the system removes it the attacker quickly re
creates the directory with their own malicious payload in place and then on the next sandbox
initialization snap dash confine you know running as root blindly mounts those malicious files this
could be arbitrary code gets executed and could result in a full system compromise now um the
attack does you know requires local access and some patience for for the timing window obviously
for when these files are being purged but it requires no user interaction and minimal privileges
to execute and canonical has released patches so if you're running 24.04 25.10 or the
upcoming 26.04 which come out next month update your snap d packages like right away if you haven't
run updates if you're one of those people that's like i run updates like once every three months
six months like you might want to run that you might not be in you know as a high threat for
something like that
just being that you have to have local access, but nonetheless, I mean, these are just things
where it's like, why is this a thing, you know? But Snap was designed to increase security through
this containerization and strict permission model. That's the pitch. The reality is that
enforcing that isolation at the kernel level requires enormous complexity. And the more
complex, you know, the more complex things are, there's potentially larger attack surfaces and
the very system designed to make your software like safe or safer has introduced a root level
privilege escalation into potentially millions of default Ubuntu installations. So, you know,
I, again, I kind of want to, some of this is like not really that big of a deal.
And Ubuntu is not a bad operating system. I'm not.
trying to convince anybody to like oh my gosh like uninstall tomorrow and leave or do something
that's not really it but it's just genuinely like it is an important just you know it's probably one
of the most important distributions in the linux ecosystem and canonical is a financially successful
company they've reported you know uh i think approaching 300 million in annual revenue
and you know their work in cloud and iot and enterprise and all that is significant and
i don't want to like take away from all of the positive too that they've done but as i am the
reason why i'm highlighting this is i'll get into it a little bit later is these are things to research
when you're researching different operating systems that you might be wanting to solidify on because i
am in that mode i am evaluating different operating systems to migrate my work machines from mac os
to linux on my personal machines i've been running
Linux for a long time, but they're not always the best for a work environment because I generally
like to run Arch and I run a custom Hyperland configuration. I have another laptop, which I'm
running Omarchi on, and I'm just kind of trying different things and see, you know, CacheOS as
well I have on another ThinkPad. And for me, I'm trying to find an operating system that's not
forcing age verification or using the version of SystemD that's going to, you know, have that
implemented, but that can also be stable enough and use every day for work functions. And what I mean by
that is, you know, if I have to jump on an 8 a.m. call on Zoom or a Teams call or something of that
nature, I need the system to just work. I need not to have Wayland breaking or my window manager
breaking or because I'm on a rolling release, some packages broke and now my microphone doesn't work.
Uh, so,
speakers don't work. You know, if, if you're an Archie user, you're, you're familiar with dummy
output. It happens. Right. And you can't always just reboot in the, like in that, in that moment.
So, and I don't have all the answers. I'm just telling you the processes I go through and how
I evaluate. So what should you do if you are an Ubuntu user is just, you know, basically update
your system, right? That's a pseudo app update, ampersand, ampersand, pseudo app upgrade command,
make sure your snapd package is updated and then, you know, make, make decisions based on what she
feels right for you. And I feel like Ubuntu is at an inflection point where the upcoming 26.04 release
is expected to integrate snaps even deeper into the core system. Whether that deepens the trust
problem or resolves it depends on decisions Canonical hasn't really made yet or
made public or made that in anywhere that I can find. And so what I'd say to anyone evaluating
Ubuntu right now is, you know, go with an eye open, know what you're getting into. And if your
threat model or compliance requirements don't align with a proprietary auto-updating centrally
controlled software channel, might be a good time to look at alternatives that deserve your
attention. So that's all I'm going to say about that. And again, the reason why I even brought it
up is because Ubuntu has been in my scope for a potential work machine, work operating system.
Again, needing something stable, well-supported. And I know if you were in the comments,
you might say, oh, use Fedora, you know, use this, use that. And you're right. I mean,
I am evaluating a lot of...
different options because whatever i kind of choose for my work machines i kind of need them
to just be very stable uh maybe that's nix os and i don't know right might be an immutable
operating system like uh silver blue or whatever i think that's what it's called fedora's immutable
system where you don't actually update the system you update the you snapshot and you update the
entire image of the os versus updating the kernel and things of that nature so maybe that's a route
i'll look i mean i'm just kind of an old diehard arch guy and arch is 85 reliable 90 reliable for
me but that that's i need i need i need it to be a little bit more than that so i'm going to shift
gears and to the second major point uh or uh you know topic that i wanted to talk about and that is
the your phone is now the checkpoint so ios
26.4 rolled out a couple days ago. Already seeing tons of posts on X, aka Twitter, where people in
the UK are having the verify you're 18 or over message on their phones. And there are some
problems where there's even older people. I've seen some in 67 and 71 and different people that
are retired. They don't have credit cards. They may not even have a valid driver's license that
are having a real time proving that they're over 18 because they don't have an easy way to verify
with their credentials because they don't possess them. So they're being basically downgraded on their
experience to what they can surf, what they can watch, what they can search for, what apps they
can install on iOS. And, you know, I'm like, okay, these people updated their phone and didn't think
twice about it. And then right away, you know, the top of their settings.
is a new prompt. Confirm your 18 plus. Not from a website, not from an app, but from the operating
system. This is like the new internet where your phone decides what you're allowed to see before
you've even opened an app. And so kind of just pulling this apart at looking at some of the
most significant changes in how digital identity works at the device level. So we're specifically
in this context, I'm talking about iOS 26.4 and the UK rollout, as well as in the US state by state
legal kind of patchwork that's been building over the last couple of years and what it all means for
your privacy, your anonymity, and frankly, your freedom. Because to me, you can't really have
the
freedom of expression or thought or communication or ideas without having unfettered access to your
own hardware and having the you know the the wherewithal to run what you what works well for
your life and so this is going to become a big problem and in the united states um it's going
it's it's like being implemented over time i think in colorado this will be kind of in effect
january of 2027 there are versions or of this that are being introduced in different states
and honestly i don't know if something like this would ever roll out at the federal level
in the united states but i could maybe see people trying i could see legislators trying to do that
and yeah so a few days ago let's get let's get back to the apple thing before i drift off too far
in the so apple pushed ios 26.4 uh and they pushed it out everywhere but specifically to users in the uk
you
And buried in the update was something that caught a lot of people off guard, which is that OS level age verification prompt right at the boot, you know, right in the settings.
So the message was simple, like to change the restrictions, the UK requires you to confirm you are an adult.
And the reactions have been mixed, right?
All to save the children, to save one child.
So a quote from, I might mess up the name, Silky Carlo, director of the Big Brother Watch, called it absolutely outrageous, arguing that Apple had put a chokehold on Britain's freedom to access apps unless they hand over sensitive ID documents.
So on the other side, Ofcom, the UK regulator called the move a real win for children and families.
Yeah, so that that tension right there is pretty much.
much summed up in these, you know, entire debate in two sentences. You know, one is absolutely
outrageous and the other way is a real win for children and families. So child safety versus
adult freedom and privacy sits right in the middle. So how does this work? So when you install
iOS 26.4, Apple first tries to infer whether you're an adult from your existing account
signals. And I've talked about in the previous episodes, the last two episodes, I think about
these signals. So whether you have a credit card on file, how old your Apple account has been active
and when inference succeeds, the whole process is pretty quick. But if it doesn't usually like within
20, 30 seconds, right? If you have these signals, then it can know that you're, you know, an adult.
But if it doesn't, then you're asked to scan a government ID or a credit card. So
on-device. Now, fortunately, there are no third-party apps involved in doing this. So
Apple insisted on that. So the verification is at least happening between you and Apple.
Now, I would argue that you shouldn't have to do it with anyone, but I would rather it be with
the OS manufacturer than some shysty persona or third-party app that's been known to be breached
or sell that data. So what does Apple receive? It's a simple yes or no, whether you're over 18,
nothing else. So to Apple's credit, there's a meaningful better model than individual app
verification. But I kind of want to pump the brakes because the architecture is being built and it's
it isn't about just keeping kids off of adult content. It's about establishing something much
more foundational. And that's what I'm seeing also with what we're seeing in open source
operating systems that are on the fence of trying to figure out, do we do this?
Do we not? If we do, how do we handle it? So the bigger picture here is it's an identity
mediated internet is what we're moving to. One researcher described it, what's happening as an
identity mediated internet architecture, a digital environment configured around verified user
attributes before any other interactions occur. So age is just the first attribute being deployed
in the OS layer. And I believe that to be true. So think about what that means. So no app level
gating, right? Not website level gating, but device.
level gating. The phone becomes the checkpoint. And once the infrastructure exists and some time
goes by, once your device is the thing that vouches for who you are, it can be used for a lot
more than age. So California's AB 1043 requires every operating system provider, Apple, Google,
Microsoft, to collect user age at setup and broadcast an age bracket signal to apps.
And that deadline for California is also January 1, 2027. That's 32 and a half million smartphone
users in one state, right? That one state is bigger than a lot of countries that are also
pushing for this. So the shared logic, right? Driving this across every jurisdiction is the
app by app and site by site age checks are two.
fragmented to enforce. So moving verification to the OS layer creates a single auditable
checkpoint. An auditable, that word does a lot of work. For governments, that's a feature.
For privacy advocates and for anyone who values anonymous access to the internet,
that's the threat. So looking at the US landscape, it's basically just a patchwork on fire.
So we're just going to zoom out to the United States because that's what's happening
where it's arguably more chaotic and more consequential than anything Apple just did in
the UK. So let's kind of step back. 2025 was the year of age verification we went from
a fringe policy experiment to a sweeping reality. Roughly half
of us states now mandate some form of age gating nine states laws took effect in 2025 alone now
and i don't have them all off the top of my head but i know like louisiana and texas and a few
others so those are the ones age gating at at like websites like generally porn sites and things and
gambling sites and stuff but it's it's just like layer upon layer like lasagna right and
the legal ground like shifted in a major way last summer so in june of 2025 the u.s supreme court
upheld texas's age verification statute uh in the free speech coalition versus paxton ruling that
states can require adult websites to verify user ages so applying intermediate security
ruling it it didn't violate
the First Amendment, according to them. The ruling opened the floodgates, though.
So the quick tour of what's now in effect or coming online is what I'm about to go into.
So we have Utah's App Store Accountability Act that goes live May 6th of 2026. So that's
age categories shared with developers when requested. Louisiana has Act 481, which goes
into effect July 1st, 2026, which is the same framework, same API. Texas SB 2420 was effective
in effect January 1st of this year, 2026. New account holders are required to confirm age at
setup. So minors must join family sharing with parental consent for all downloads.
Currently, it's under preliminary injunction from a federal court.
So we'll verify the, you know, I have, I, I, I need to, I need to follow up on that,
but that's the last I remember looking at it for, for Texas SB 2420.
And then Alabama has Senate bill one eight six.
It goes a little further age prompt required a device set up.
If identified as a minor, a content filter activates automatically.
And then we obviously have Brazil as well as Australia and Singapore,
where Apple has all already blocking 18 plus apps downloads unless users confirm adulthood.
And then that went into effect on February 24th of 2026 of this year.
So the patent, that's why I kind of use this word patchwork because it's real and it's accelerating
and it's a very kind of complicated to stay on top of and follow.
Unless you're really paying attention to like some of the tech news,
you know, if you're not paying attention, you might just wake up one day.
And all of a sudden, your phone's asking you for your ID or your computer's asking for your ID.
And some of those state laws aren't using OS verification.
They're using third parties to verify your identity.
And you don't have any control of who has access to them, how long to retain,
what the security is of them.
Are they verifying your age and saying, cool, if you're buying alcohol at a liquor store
and you flash your ID, is it only for that moment and they verify you
and then you're good and you leave?
Or is it stored forever?
We don't always know because that isn't disclosed to us at the time
where you're being prompted to prove that you're over 18.
And some of these applications, by the way, too,
are not necessarily have anything to do with adult content specifically.
They're just maybe social media apps or communication apps
or apps for booking travel even in some cases.
So what's the privacy problem?
here? And who does it hurt? So this is, you know, I guess it depends on what side of the fence
you're on. But the EFF's 2025 assessment is age verification measures sensor for the internet
and burdens access to online speech. They undermine the fundamental speech rights of adults
and young people alike, creating new barriers to internet access, and put at risk all internet
users' privacy, anonymity, and security. And they're not wrong. Age verification systems,
no matter how privacy-preserving the architecture claims to be, creates a new data surface, a new
point of failure, a new choke point that can be subpoenaed, hacked, or quietly repurposed.
And these age gates deterred.
deter lawful adult access, reduce anonymity, and create friction that changes behavior.
So some adults get blocked, or some individuals will get blocked entirely, and those without
government-issued ID, those incorrectly flagged by automated systems, those that are unbanked,
and the undocumented domestic abuse survivors who don't want to hand a credit card to a tech
company, these are scenarios or real people in the real world that will be impacted by this,
that cannot do the verification, or they are unwilling to do so because they are living a
greater fear than the average person. Yeah, teenagers who just want to access information
about their own health, their sexuality, their safety, those are impacted. The systems are
designed to protect vulnerable.
often, the most vulnerable are often excluded first, right? And that creates this bypass
problem. So what are we talking about bypass? So we've seen skyrocketing increases of VPN uses,
VPN usage, like NordVPN reported 1000% increase in the UK in purchases after the Online Safety Act
when enforced. ProtonVPN now saw 1400% more signups in minutes immediately after the law was
implemented. You might have seen that. It's probably kind of starting to flatten a little
bit, but we're seeing people who know how to use a VPN and they're using them to circumvent
where their location is. The people who don't know have no workaround and their internet just
got significantly smaller, especially if they can't verify it because maybe they're
one of these elderly retired they don't have a credit card fixed income they don't use credit
and maybe they have an expired driver's license because they don't drive anymore
i don't know i know it's especially in the u.s like id is kind of a very touchy subject right
people will be like well who who doesn't have id well you know i'm typically that's used in the
context for voting and most people do have id but there's a lot of undocumented people who need to
use the internet and pay bills and download apps and whatsapp and talk to friends and family back
home they might be here illegally whatever that can't and what about those people i'm not really
sure i'm not i'm just kind of i'm trying trying to come up with scenarios and different people that
will be impacted uh because this is just kind of like a clean across across the board so
centralizing these age checks at the os layer is a more privacy protective uh process and i i think
i think than the fragmented alternative which is each
Each app by app or each developer, you know, that has an app that needs to be verified because requiring verification of the app marketplace level is, you know, not not ideal.
At least in my opinion, it's not ideal.
And Apple's model, you know, right now, from what I can see, what they're looking like is it's you're verifying with them.
It's on device processing and there's no third party broker.
And versus the alternative.
So none of it's good.
And, you know, and I don't I don't think I think we're just going to continue to see these laws roll out in different countries, in different states in the US.
I don't haven't seen much in Canada that's doing that yet, but I would imagine that might be a topic of discussion.
So we'll see age is the first attribute being deployed in this in this layer.
And.
I don't know.
the way I see it is that's the infrastructure being built and that infrastructure could support
other layers. It might be that in order to use a social media platform, and I'm just coming up
with what we could see, in order to use a social media platform, you will have to use your real
identity associated to that registration of the account because they want to make sure, and
they'll say it's to protect kids, and they'll say it's to reduce bots and reduce harmful speech or
whatever they want to label it, but what it does is it ties everything you say back to an audible route
to a real identity, so the freedom of talking about uncomfortable topics and what would be
anonymous channels may not exist in the future, at least not in today's internet, the centralized
internet that we talk about, and that's not parallel.
paranoia. That's just how the infrastructure works. You know, roads get built for commerce
and then used for surveillance, right? Networks get built for communication, and then they're
used for monitoring. The pattern is consistent. And the legal pressure isn't slowing down.
Analysts expect states to continue passing these laws, age verification, design code requirements,
restriction on minors access. Despite significant losses in court, you know, more restrictions or
content and advertising, you know, will follow. More lawsuits, you know, probably will come,
but they just keep changing and altering some of these laws that are proposed that get challenged
in the courts, and they kind of just reintroduce it in a different package. And so the momentum isn't
really stopping. And the question is whether it gets, you know, channeled toward genuinely private
privacy preserving architecture or towards the kind of ID everywhere internet that makes
anonymity this structurally impossible to achieve so where does that leave us right now so if you're
in the uk you just got hit with the ios 26.4 prompt and this is specifically to apple users
and there are 31 of you listening so this is highly applicable um you have options right you
have the credit card confirmation it's probably the lowest friction point uh long account history
may clear you automatically uh if if you have neither of those apple's asking for a government
id scan and it is on device and but it's still it's still scan it's still a scan and i you know
i don't i don't i don't again i don't have all the answers i'm just trying to come up with good
good scenarios if you're in the u.s and your state you know determines um your exposure right now like
utah texas louisiana alabama you're already inside the compliance windows so
So, you know, write your legislators.
Reach out to your congressional representatives
and lobby for your freedom.
On the global side, the pressure is moving in one direction
to device-level identity and away from anonymous access.
So you can stay informed,
understand what signals your device is transmitting about you
to the apps that you use,
you can, you know, follow the podcast.
And, you know, it's like,
it's kind of like there's not a lot of great off-ramps
unless you're willing to switch to something
that's maybe slightly more inconvenient
or slightly more uncomfortable to use.
But, you know, it preserves your privacy,
like trying to obtain a Pixel phone,
an unlocked Pixel phone,
preferably secondhand or...
without any KYC tied to the IMEI, meaning that you are buying it used secondhand or a friend or
family members may be buying it and you're giving the money or you're ordering it anonymously using
like a non-shop or something like that. And then you're putting Graphene OS on it because Graphene
OS has said publicly on Twitter that they will not implement any OS verification into the operating
system. Now, that may mean that you are breaking a law in your jurisdiction and that's something that
you're going to have to be okay with. But I think that the sooner you come to grips with some of
these things and the sooner you start experimenting with some of these open source projects that are
focused on preserving your privacy, the more comfortable you can get with the idea of
managing your operational security that doesn't docks you out. So there's actually a pretty good
resource that Lunduk, he is.
a podcaster, put on a GitHub page that will be linked in the show notes. And I also copied the
current list today of developers or publishers that have decided they will not implement age
verification or are currently restricting access in regions with age verification laws to their
websites or downloads. So on the operating system side, we have Omarchi Linux, Devon Linux, Slackware,
Vendifal, Wolf Linux, Graphene OS, FreeDOS, Artix Linux, DB48X, Arch Linux 32, which is a 32-bit
operating system, Ageless Linux, Garuda Linux, Void Linux, and Endeavor OS Linux. And I'm glad to see
endeavors on there because that actually is one that I've been considering for my work machine,
though I'll probably start out with Arch.
Um, but we'll see.
So the short, the, the, the list is fairly short so far down.
A lot of other distributions haven't necessarily kind of remained quiet.
I know Papa West, uh, is based out of Colorado system.
76 is based out of Colorado.
They will likely have to, uh, get in line to do age verification.
The developers or publishers, uh, that have said that they, uh, have plans or intend to
comply with the new age verification laws.
As of yet, the functionality is not implemented, but they have said that they're either planning
to find a way to be compliant would be Ubuntu, Pop OS, Elementary OS, Midnight BSD, and Fedora.
Doesn't really surprise me with Fedora and Ubuntu, especially specifically because Fedora is pretty
much, you know, owned by Red Hat, AKA IBM.
Ubuntu is, you know, canonical.
these are big for-profit corporations and they don't want that liability same with pop os that
system 76 they're literally operating in in a state that's already uh have plans to implement
this uh is is law so you know yeah covering covering outside the u.s we have the brazil
uh digital eca which went live literally just uh in the last two weeks and that's their
mandatory age verification law um right after that proton vpn reported they had like a 250 percent
increase in brazilian signups between monday and thursday on that march 17th that it rolled out
and tuesday the very next day and you users scrambled uh to avoid submitting biometric scans
identity documents to to access their social media there was uh uh you know p you know people are
people who don't follow this kind of
of stuff or just kind of getting hit with it. And all of a sudden you're like, wait, what I can't,
I can't access my social media. I can't do stuff without age verifying myself. So, uh, said that
there was an article in, um, at a fruit, uh, I think I have a link to it in the show notes at a
fruit. I just found it in my, in my searches, just a blog. Uh, so the law contains its own
internal contradiction. Article 37 says regulations cannot impose mass generic or indiscriminate
surveillance mechanisms, but article nine bans self-reported age. And then article 12 demands
an auditable verification. So, um, and it's, they're also, they're putting together a list.
Allegedly Brazil has a list of, of specific companies, including Ubuntu, where they're
following and making sure that the, you know, this includes like rockstar games and steam OS and
Apple and Microsoft, but also Ubuntu is on there that they're making sure, um,
um,
that they're following the laws. So they're looking at this, they're like calling out
companies specifically. And then Colorado SB 26, uh, dash zero five, one age attestation on
computing devices. So that passed the Senate on March 3rd of 2026 with a 28 to seven vote.
And there's a Lincoln legis scan where the bill, where you can go look at the bill and see who
voted how, but the bill, uh, doesn't regulate websites. It shifts responsibility directly to
the operating system providers and app distribution infrastructure. So OS providers would be required
to collect a user's date of birth at the account setup, generate an age bracket signal and make
it available to developers via an API every time an app is downloaded or launched. And, um, the
kicker is the bill will never, never specifies how age is actually determined. Um, account holders just
indicate.
and airing and quotes their birth date so there's no id check no verification mechanism any user
could lie and the system would accept it so uh there was an article on on it's fos saying it's
a strong angle this is it's you know it's a strange angle this california ab1043 is a you know
little sibling to to to that law but potentially even more technically sweeping because it
explicitly covers linux distros and general purpose computing devices so it does include that
again this patchwork stuff right and so what what am i doing i am trying to set myself up for success
for the long haul where i am using as little or no operating systems going into next year
uh that are going to be complying with this and it's out of principle right not every
one can do that. And, you know, it's very likely that I might be in a similar scenario where
for my personal devices, I could probably do that. For my work machine, I am, you know,
an entrepreneur, I have business, I have employees, I have clients, where I may still be stuck
using, just like a lot of people who work in corporations or whatever, using Microsoft or
using, you know, Apple products where, you know, you are required to use certain tools to do certain
jobs, especially when you are working with clients with different deliverables and you're collaborating
and, you know, it's easy to say, oh, well, I just use Slackware and a Graphene OS phone and I won't
use anything but Signal and I'm just going to use Tor. It's like, well, yeah, I mean, if you like
live in your mom's basement and don't have a real job or it requires you to use these,
any of these technologies, sure, you could do that. But for most
people in the real world that have uh jobs or kids that require them to use certain things for
their school accessing their grades or communicating with their teachers and all these different things
like you can't just say like oh i only talk to people on signal so if you're not going to talk
to me on signal i guess we're just not talking you can't say that to clients or uh potentially
employers and things of that nature you have to work with the systems that they have implemented
so in my case i'm i i have already for a very long time isolated by device compartmentalization
right i have certain devices that are work machines or a work phone and i have other devices that are
my simon as i live in the world devices my computer my laptop tablets and things of that nature my
phones and you know it's hard because i'm sitting here going like i'm gonna have to you know do some
of this
stuff likely with some of this but i'm trying my goal is to see if i can even get all the way out
of that will i be successful i'm not sure that's part of the journey i will tell you this don't
drive yourself crazy uh don't don't give yourself an anxiety attack over this stuff because really
depending upon your threat model it it may or may not it really just doesn't need to take over your
your entire life and i've let that happen to me on many occasions and i'm sure some of you might be
able to relate where you you spend too much time going down the rabbit hole and you feel you get
this like defeatist feeling of like how am i going to navigate my digital life in the future and
maintain as much sovereignty as possible right well every little thing you do can help whether
that's switching to paid services that uh are are are
you
focused on privacy and security over corporate profits, whether it's self-hosting and learning
how to do some basic stuff with an old laptop, an old computer, a Raspberry Pi. And maybe you
just want to say, I just think I want to have a backup of my photos locally. I'm going to set up
an image server or is it Prism? I forget the other. I actually never really used it. I use image
and NT for my photos. Locally, I use image. Maybe it's just your contacts. You want to manage your
contacts in your calendar and you want to do that through CalDev using like NextCloud. Maybe it's
not even that complicated. Maybe it's something simple, your notes. Maybe you just want to go
ahead and use a local notes taker or maybe use something that's, if you're not ready to host
something like that, maybe use Notes Nook or Standard Notes, something that's end-to-end.
encrypted but you pay for these services and you pay for them because it costs money to run this
infrastructure it costs money to pay developers to maintain the applications and keep the servers on
ideally you know you want to eventually maybe move to a model where you're the person that's
responsible for maintaining your servers but maybe that's like maybe a little too technical so you
know you're not comfortable and that's okay move to things that you're comfortable with and i've
said it in the past i'll say it again use a password manager right try to break up your
identity that you use for registering accounts on different websites with email aliases uh like
simple login or non-daddy or whatever you want to choose you know create an email alias so it's just
a unique email address for that one thing you're going to sign up for online or you're going to buy
a product online use you know if you're in the u.s you can
use shielded uh payment systems like privacy.com cloaked my sudo it's a different you know number
of different services there's jmp.chat for phone numbers there's you know sms for sats there's
uh different different ways to break up the association of what information you're giving
out to who you are in the real world and just by adding these different little things in can
actually really add a lot of make it much more difficult for correlating identities uh back to
who you are in the real world and let's be real the trade-off is pretty crappy right the grocery
stores the gas stations every single place you go to has some sort of real crappy loyalty oh if you
if you give us your information we'll give you a five cents off a gallon of your gas today
that's how little they care about your your data like they should you know
what i mean like five cents off a gallon really really you're gonna save 50 60 70 cents and trade
off all your personal information your email address your name your phone number maybe your
address for 60 70 cents i mean i know what you're saying well then i'll get it every time i go yeah
but what do they get why do they offer you anything at all like they because this is the
new oil your information not just your data but like your purchasing habits your travel habits your
known friends and colleagues who you're with what you do where you go what you buy what time you buy
how what frequency you buy all of that is where the real value is for these you know marketing
companies that are that are selling and trading your data uh as a commodity because it is a commodity
it's very valuable to them and the more
more you can break up that chain of identity correlation back to you, the more A, you can
track who's selling your information, and B, you can burn that stuff at any time. And it doesn't
mean anything, right? Especially if you only use it that one time. And you can find hacks
to use this stuff, right? You can actually manipulate the system. I don't know if I should
say this, but not very often. But once in a blue moon, we like to go to Chili's for dinner. And
it's a chain restaurant. And it's generally microwave food. But whatever. They have good
chips and salsa. And they have okay drinks at the bar. And some other stuff's all right.
Am I recommending it? No, not necessarily. But it is what it is. Well, if you register for their
chili rewards, you get free chips and salsa when you go. So what I often do is I'll
Oh, yeah. You want to go to Chili's? All right, let's go to Chili's. I'll fire up a my pseudo
profile.
file. I'll go onto their website and I'll be like, yes, I'd like to join your rewards program. I'll
give them that one, that, that pseudo account. I just created the email address, the phone number
attached to it. Cool. We go to eat dinner and we go to pay. They have the little tablet on the
table, which always annoys the crap out of me, but whatever. And so I just punched the number in
and I get the chips and salsa taken off. It's free. Right. And I pay for the meal and we leave
and I literally burn that pseudo account. You're never going to contact me again. You don't know
who I am and I will do this every time. Do I feel bad about it? Not at all. Not at all because
they are going, they get so much more value in the long run out of collecting all this information
from all the users that like, this is how they increase their revenues. They, they literally
that like, they're basically saying like, yeah, we're going to, we want to, cause they'll track
you through all different other ways, not Chili's directly, but the ad companies that, that are,
are, are responsible for.
all these loyalty programs, everything. They're the ones that are actually doing all the tracking
and, and brokering your information. So for me, I'm like, dude, if you're going to, if you're
going to hellscape me, I'm going to hellscape you back. You know, like let's, let's play,
let's dance, let's do this. And I know it's kind of silly, but those like small little things can
just give you a little bit of feeling of like ownership and control back over who gets access
to what of you, you are not in any way, like we've been conditioned to just like, oh, we have to give
this information. Like they asked for my phone number. I need to give it to them, especially
if I want to redeem my points or whatever, create pseudo accounts for this. Is it a little bit more
work? Is a little bit more time consuming? Can it actually end up costing you money? Yes, but that's
the price to preserve it. It's also the price to protect yourself. You want to sign up for that $2
dollar and 99 cent Hulu 30 days special.
sign up for it. Use an email alias, create a unique password in your password manager,
use a privacy.com one-time use card that can only be charged like five bucks and you pause
it immediately after, or it's a one-time use. And you know what? When they try to charge you
for the full amount the following month, it's not going to go through. And you got a month worth of
TV. They're the ones that offered it to you at $2.99, $3, right? And they'll do it over and over
and over again to win your business because for them, it's a numbers game. And very few people
will use that kind of a method. They'll just use their regular credit card. They'll use their
regular Gmail address, like their normal stuff. And then they'll forget to cancel it until they
see it on their credit card statement. And then boom, they just milked you for another 50 bucks
or whatever the plan is after the promotional offer. Netflix is increasing. Everything's getting more
expensive. So, you know, it's either like accepting this mentality of like, I will just always pay for
what I need in perpetuity forever.
that will always get more expensive
and own nothing
or I can set up my own server.
I can buy my own used CDs off eBay.
I can go to the music store.
I can actually enjoy the process
of discovering physical media
and then rip it to my Jellyfin server.
I can rip my DVDs.
I can, you know,
we'll just kind of end it there.
But you get the idea, right?
You can actually own that content again
and watch it wherever you want,
wherever you are.
And that's, to me,
that's like what ownership is.
Do I own the media?
No, no, I get it.
It's a lot of people out there.
I get emails.
If you buy it,
you don't own the movie.
I know that.
But I own the right to watch it
anytime I want.
If I go buy a paperback
or hardback book,
it sits on my shelf.
And unless there's a fire
or I lose it
or lend it to someone
and never get it back,
like that's my book forever.
Do I own the words in the book?
No, it's copyright.
it, but I own the right to read it anytime I want versus a digital publication. And then a year from
now, I bought this digital download for an ebook or something. And then like it disappeared because
now they no longer have a deal with that publisher. So now the money I spent, it's just in the
garbage, right? So this is, you know, and that goes for all sorts of stuff, movies and TV shows
and everything else. I'm just sick of it. I am so just tired of being worn down and monthly
subscriptions and you pay for stuff, you try to do the right thing and then boom, they can just yank
it out from you. Whether it's a video game, whether it's a movie, it's so frustrating. And yeah, I just
want to empower people. I just want to empower you to like, feel like it, get some wins where you can
just a little bit. You don't have to, you know, eat, what is it? Eat the whole elephant? How do
you eat an elephant? One bite at a time.
you know you're not trying to eat the whole thing at once that's a terrible analogy that's probably
an american thing too but the point is is that you're not trying to consume and you're not trying
to do it all overnight over a week over a month i've said it many times before this is and it can
this is a process and it could be fun it can be fun to learn new technology it could be fun to learn
how to code it could be fun to learn a new operating system uh you know it wasn't too long ago not
everyone had a smartphone and that's only been in the last 20 years really probably 17 to 18 years
uh where where not every single person had one right you might have had cell phones but they
were more primitive but smartphones really we're talking about a decade and a half like and you
learn how to use that you learn how to use setup you know phones and rokus and apple tvs and all
this other stuff learning how to use a linux
operating system and maybe try experimenting with docker or a raspberry pi with like umbral or
casa os or something of that nature i mean that maybe jump right to like proxmox virtual servers
and stuff but you could start really simple there are a myriad of youtube videos there are so many
great youtube channels out there people who make fantastic content on self-hosting you just start
searching self-hosting whatever it is you want to self-host and there are guaranteed like some very
good youtubers with very good tutorials and guides on like how to set this stuff up where do you think
i learned how to do it all right forum threads uh youtube videos and talking to people online
oh i ran i'm setting this up i ran into this problem oh try this okay cool oh that worked
thanks for that i mean it's like everything else right i mean i'm not a karmic
but I can research some videos and help my son changes lower control arms and a suspension.
I helped my brother. We did a body lift on a Sequoia a month ago. I mean, like, I don't know,
but you know what? You just start turning wrenches and you start doing stuff. And when you run into
a snag, you research, you ask for help, and then you move on. And so I feel like that's kind of
what self-hosting is in a lot of ways where you're like, Hey, um, okay, let me start with photos.
Let me start with my contacts. Let me start with like my files. Okay. I want to get my stuff out
of Google drive and put it somewhere where only I have access or control who has access to it or
scan it or whatever. What does that look like? Maybe that's just something as simple as buying
an off the shelf Synology NAS. I probably wouldn't pick that my first pick, but you know what? If
you're not that technical, that would be a better solution than giving it to Google or using heaven
forbid Microsoft one drive, please kill me now. Do not use one drive. So I'm just kind of, uh,
ranting at this point. I'm way off track from like some of the other things that I was going
to talk about. But really, I think at its core, these are the things that are on my radar. We
also have such other weird stuff going on. The US is banning like Chinese made routers and stuff
now. I don't know what that means. So I'm over here going like, huh, A, I can stock up on some
gateways that I think I might need down the road, which I actually did this week. I picked up
another Unify machine just in case for my work side of my infrastructure. I don't know if
they'll get banned. Maybe they probably might. I don't know. Who makes routers in the United
States? I don't know. There's a single company. So what's the alternative if my back is up against
the wall? Well, I guess I'll use a Linux box and I'll install OpenSense and learn how to do
everything that way. There is an option. There are options. Is it the easiest way? Not
necessarily. But is it a better way?
probably yes right to go down a path that you're maybe a little uncomfortable going down and then
you know what if if you if you find that you enjoy it this could even be potentially something you
could do for a living down the road i don't know so uh you know because ai might be replacing my
job so i got to figure something else out right it's like you know think about it first so some
things i'm experimenting right now is um a i'm getting a new piece of hardware that i'm very
excited about b i'm experimenting with open claw and running um a self-hosted self-managed
assistant using both local llms as well as uh commercial llms for for different use cases
trying trying that some of this stuff out i'm not ready to talk about it yet i still have a lot to
learn this is an area without i'm not an expert i don't know i'm figuring it out and once i find
stuff that works if it's beneficial i'll share it if it's not i won't share it i don't know
you
um but that's that's kind of how all this works right we just just try stuff try on shoes see
how you look you know you check out you check yourself out in the mirror right when you're
putting those new shoes on you're like i don't know do i do i see myself wearing these new j's
i don't know they look kind of kind of fresh but are they me um these are this is kind of what
you're trying stuff on maybe linux different linux distributions you're trying different
applications that could replace something and maybe it's libre office maybe it's only office
maybe it's something else to replace microsoft office to save you that money on that subscription
because what do you really use anyway you make a couple powerpoints a year and you use some word
documents and you got your spreadsheets for your budgets and things like that too libre office can
do all that could do all of that next cloud could do that only office can do that so you know also
think about saving yourself money for the rest of your life using open source software
you're ah yeah so you know
You know?
I don't know.
Am I frustrated?
Am I a little down?
Maybe a little bit.
I'd be lying if I didn't, you know, think like all this dystopian crap wasn't real.
It is real.
It's the reality we live in.
But, you know, again, take some time, step back and say, well, okay, what am I going
to do?
Build a plan.
And come join the chat.
Come talk to us.
Come talk to me.
Come talk to other people.
We're all in the same boat.
We're all trying to figure out the same thing.
We're asking the same questions.
There's no 100% way to do the right thing.
It's kind of tailored.
You figure out what works best for you over time.
Maybe you just set up a sync thing server and you just, you know, save your stuff locally
and sync thing between a laptop running in the closet somewhere.
It doesn't have to be this crazy elaborate system.
But at the end of the day is you want to be in control of your data.
Your data is like your files.
It doesn't have to be in control of your data.
your email, your communications, right?
You at least want to know how it's being used
and how much of it is being exposed.
And the more you start understanding that,
the more you will determine for yourself
what's important to you and what you care about.
And sometimes you still have to, you know,
deal with stuff in the real world,
but you get smarter about how you go about that.
You get smarter about what information you give
to sign up for those accounts.
And you just become a savvier person.
And this will also protect you.
It'll keep you protected from being hacked as easy
or a data breach exposing something
because that data breach maybe exposed your login,
but that login was only good for that one website.
It doesn't work on other websites.
So you become a smaller target, right?
Because there are going to be other targets
that are going to be easier in that breach.
And so they generally will go for the easy kill.
first right they're going to spend a lot of time when i say they most of the time these things are
scripted out by hackers they're not like an actual person trying to log into each account these are
scripts that are running and checking and seeing if they can log into different websites with with
the credentials they found in that data breach so anyway um normally i have like i kind of keep
forgetting to have like an app recommendation so i was like looking at my phone while i was
to see if i had like any cool app recommendations and um i i don't i don't i don't really have
anything on this particular episode to recommend um i i have set up my own audiobook server i'm
enjoying that very much and um you know that's an open source project and there's a audiobooks
mobile app that i'm looking at on my phone i i've really started i've really an audiobook shelf is
what i'm using and quite enjoying that a lot and especially running my own server that that's
there's just something very big
about that that you know um but i have a couple of some things in the works uh for some episodes
i've been working on the youtube content um also too i am doing a newsletter i actually pushed out
my first one you can register for free over at closed network.io i'm the only one that will ever
see the email address but i love seeing all the email aliases keep that up you can also join for
free uh you can also join for as little as five bucks a month if you want to support the podcast
the show you know all the stuff that we do um the forum the chats the you know uh mastodon server all
these different things uh that's always appreciated and uh but you don't have to there's you don't have
to pay you can join for free or you can subscribe to the newsletter for free and i have some uh blog
posts that i'm working on that i'll be putting out this week and those go out in the in the email
blast um i also
last
last episode was like a mini pod. So I put that in there too. And it's just another way to kind
of keep people updated or things that I think are important or that I'm writing about. I actually
have a blog post that I'm working on right now, specifically on the Ubuntu stuff. And I think
sometimes that might be easier to share with a friend or family member that you might think
would benefit from that. So I'm trying to expand my content reach and be a little bit more
direct in my communication through like email and things of that nature. So I'm going to try to
stay consistent with that. And also, I know I've got to talk to Aaron about reticulum and yeah,
so some cool stuff coming up. Anyway, thanks for being part of this. Thanks for listening. Even
if you're just listening and you don't want to participate, that's totally cool. I hope you're
doing well.
you're doing well.
I hope everything's going great for you.
And if you have any questions for me directly,
you can always just shoot me an email,
simon at closednetwork.io.
And until next time,
I'll catch you when I catch you.
I'm lacking the spirit.
You talk out your neck,
I'm going to show you I'm with it.
I've been really happy you to sit and watch me win again
and win again and win again.
I know it's probably getting on me
when I'm sending them.
So if I ever win again,
there's nobody to minimum.
I didn't have to sell my soul.
Please don't play no games with me.