> Is there a single person who things Trump gives a single damn about the birds? It is obviously just a pretext.

This can be seen by the changes to the interpretation of the 1918 Migratory Bird Treaty Act (MBTA) his administration made in 2017 during his first term.

Briefly, they said it only prohibited intentional killing of birds. So say I wanted to pave over some wetlands that are a crucial nesting grounds for some birds that are covered by the MBTA to build a parking lot.

Before, the near universal interpretation of the MBTA by nearly everyone in any of the countries that are a party to the treaty (US, Canada, Mexico, Japan, and Russia) was that I can't put my parking lot there.

Under the Trump interpretation as long as I'm not building my parking lot there to intentionally kill the birds I can do it.

This was overturned in court in 2020. Just before leaving office in 2021 they tried to again make that the interpretation.

Do any RE implementations do anything like the query planning that databases do or the rewrites that compilers do that can replace the RE with a different sequence of REs or string searches that might execute faster?

For example in the expression in your example (I'm assuming based on your description of the test data that /d+s+/ means the same as /\d+\s+/ in the RE engines I've used) any match must contain a digit followed by a space.

A scan for all places where a digit is followed by whitespace with each such place then being checked to find the length of the string of whitespace starting there and the length of the string of digits ending there should be linear time and constant heap space.

You're correct, I accidentally omitted backslashes on \d and \s. I checked and the pattern was correct during the test.

> They will likely lose, but the goal is not to win, it's to score points with their political base and maybe bankrupt the defendants with legal fees.

Or the goal might be to lose, but to establish some precedent that will hamper states like Texas that have tried similar things with abortion providers.

If that's what they wanted there is no reason not to start with laws like the TX and UT laws. You need the boiling the frog when you are trying to push the evelope.

> I appreciate the principled stand, but on the other hand the CA law only requires users to self-identify when setting up accounts (and then the OS will expose age to apps).

It is narrower than that. It only applies to accounts whose user is a child and is the primary user of the device.

See section 1798.500 (i) which says [1]:

  (i) “User” means a child that is the primary user of the device.

[1] https://law.justia.com/codes/california/code-civ/division-3/...

What do you find bizarre about them?

36% of missing person cases in the US are black women and children, even though only 13% of the population is black, but those cases get much less media attention and are treated less urgently than missing white people.

Creating a separate alert for those cases is meant to bring more attention to them.

There is a similar issue with Native Americans, who go missing at an even more disproportional rate than black women and children, and receive much less attention and resources than white cases.

Native American groups seem to think Feather alerts have been successful: https://www.aptnnews.ca/national-news/feather-alert-for-mmip...

That makes no sense.

First, fossil fuels currently are used to generate about 60% of the world's electricity. Nearly all of that could be replaced with renewables plus batteries.

Second, only around 20% of fossil fuel used for transportation is used in aviation or marine transportation. Most of the remaining 80% could be replaced by electric vehicles.

Overall something like 75% of what fossil fuels are extracted for could be replaced with renewables, leaving marine and aviation transportation and things that are not using them for their combustion chemistry.

The overbuilding that is required for stable electricity from the sun or wind makes that a non-starter. It is no wonder that when Germany tried this, they deindustrializrd, with some of the world's highest electricity prices. That should be a lesson to anyone who believes in renewables. Never mind the various issues that would occur with charging EVs during the night/overcast/non-breezy cconditions

(This is a reply to the dead comment, which was not dead when I start writing this)

I don't know how long their specific proposal would take, but on a Unix or Unix-like system the California bill could be done in a week.

0. Make a directory somewhere, say /etc/age_check, and in that directory create four files: 0-13, 13-16, 16-18, 18+, owned by some system account with permissions 000.

1. This would be the hardest part. Modify whatever is used to interactively create new user accounts to ask for the user age if the account is a child's account, and than add an ACL entry for the appropriate /etc/age_check file that allows the child's account to read that file.

The California bill says you have to ask for and age or birthdate but the API you provide for apps to ask for age information just requires giving an age bracket, so I'm taking that as meaning I am not required to actually store the age. I only have to make the API work.

2. The API for checking age is to try to open the files in /etc/age_check. Whichever open succeeds gives you the user's age bracket.

So basically parents set the child's age and apps rely on that if they need to know if the user is old enough?

That's pretty similar to the California bill. Parents set an age when creating a child's account. The OS provides an API to get the user's age bracket from that, which apps that need to know the age bracket of the user can call.

The California bill gets it backwards. Rather than Internet services taking the user's age and deciding what content to serve, the Internet service or app should broadcast the age rating of its content to the OS (if convenience is desired), like how movie ratings work. The responsibility to decide what content is suitable for a child should rest in the hands of that child's parent, not the state or the corporation.

edit: on second thought, realistically, the API solution is too brittle regardless of which way it goes. Because the API requires every service to implement it and that's not happening, whereas an app installation lock only requires one child-friendly OS to implement it, then parents can choose that OS.

That's not my understanding. This is what the bill says: Provide a developer who has requested a signal with respect to a particular user with a digital signal via a reasonably consistent real-time application programming interface that identifies [the age group].

So the app requests a signal (like, calling an API), and the OS returns the signal (returning the age group).

Regarding API vs installation lock, TBH I don't think the law concerns that level of details. An OS or app-store installation lock that checks app ratings can be considered as a valid implementation.

The California law is horrible because it forces everyone to let tech companies and governments decide what's suitable for children, rather than let parents decide. It's telling parents to give every app their child's age and trust that the apps will do the right thing. It also legitimizes personal data collection (in this case, the user's age) for every app and service on the Internet that wants to know your age.

The password-based app installation lock I proposed in my original comment doesn't require any kind of age checking at all, so it naturally doesn't fit the California law. The device owner (in this case, the parent who buys the device for their child) gets to decide what apps can be installed on their child's phone on an app-by-app basis using a password set by the parent. The app store doesn't need to know, and the apps don't need to know.

You have a point. Though I suspect that average parents are either too lazy or not tech literate enough.

I do want to note that this California law alone doesn't say anything about content restriction. I won't be surprised if there was/will be another bill to assign the responsibility (which may be more controversial). But the current law is only about the age gating mechanism. And on the positive side it removes the need for actual age verification (like using ID) which other regions still insist on.

The California law is the closest thing to what we do in the physical world but better. We already decided as a society to limit the purchase of pornography, gambling, alcohol, tobacco, prostitution, drugs, via age gates and require the merchant to be liable for that. We already find this reasonable as a society. The California law recognizes the tracking problems of requiring a verifiable id online and instead recognizes that parental self-assertion at the point of account creation is enough.

Since tracking children is generally illegal, you can also voluntarily lie and label yourself as a child when you don't want to access such content.

We have decided as a society to age-gate the purchase of a very small selection of goods and services, but this did not require a law that says all merchants have the right to know your age. And in this case, it's not even just all merchants, but anyone that serves you any kind of information. The real world equivalent of this California bill would be more like: anyone you've ever talked to has the right to know your age.

A more reasonable approach would be for parents to keep tabs on (or for stricter parents, control) who their child is associating with and where they're going, and advise their child on who/what to stay away from if they're out alone. And of course that takes parenting effort. The digital equivalent of this are things like password-gating app installation in the OS and website-blocking in the WiFi router. But I will say, I don't think these kinds of analogies are good because the Internet is too different from the physical world.

And let's not underestimate the tracking power of a legally mandated data point: the age contains about 6 bits of information that can be used to identify your user account on the Internet across apps and websites, even if your inputted age is fake.

Would the content rating be per HTML element and the browser would delete the elements with bad ratings from the DOM, or how would it work?

I'd imagine it works like movie ratings. You don't filter movies from scene to scene. There's just one rating for an entire site or app.

But yeah I get the point, API based solutions are complicated and brittle because they require all services to implement it properly. In contrast a user-set app installation password in the OS settings is more effective and easier to implement.

If a chronological social media feed contains both R and G rated elements how would you implement that?

I shouldn't have defended the API or age rating solution. It's just a trap in hindsight. That kind of solution must be rejected altogether even if it's the OS checking the app/website's age rating header, because we'd be giving the OS oligopoly (Apple, Google, Microsoft) way too much leverage, and in the long term they're going to make it so that you can only run their approved apps because unapproved apps didn't implement their age rating API. And there is no competing OS to fix that situation if those same companies keep the bootloader on their hardware locked. That still puts authority over children in the hands of governments and corporations rather than parents.

I stand by my original comment. No new laws are needed. All of the features outlined in 1), 2), and 3) should be user-controlled, and there's no need to send info over the air.

You can still get hardware that you can install your own OS on. But you have to be deliberate about picking it out before a purchase, rather than hoping to unlock a random carrier phone down the line. For example my phone is a Pixel running Graphene. It has a locked down bootloader that could only be unlocked with the online consent of Google. While this most certainly chafes me (and if I could snap my fingers and make such schemes blink out of existence I would), I do have to admit that it really isn't that debilitating.

The unlocking process zaps the userdata partition. This security model would totally suffice for locking down a child's phone. If the child zaps their phone and erases everything on it, then the parent can handle that out of band.

For the general problem, I would say that there has been a longstanding market failure here, in that parental control software isn't widespread or straightforwardly usable across different websites. Your 3 points don't really address that. (2) has been doable on standard desktops forever, and (3) just pushes mobile devices back towards the capability of desktops (which on its own is laudable!). But standard desktops have had these capabilities for decades and still haven't evolved the kind of straightforward parental controls that most parents are demanding.

I don't think it's a market failure. The reality that password-gating software installation at the OS level can be done on most desktops but not most phones is the opposite sign of a market failure. Mobile OSes have increasingly stripped down capabilities in recent years precisely because of anti-competitive practices. The reason standard desktops have not evolved even better parental control features is not because they're not doing better than phones under a free market. They are already doing better in spite of the fact that most kids use desktops a lot less than they use phones. It's just that the absolute level of demand for parental control features has been low until recent years, and even this recent wave of demand is somewhat manufactured.

You're focused on "password gating" for installing apps, but the largest subject here is websites. (also a nit: very few Linux systems are set up with noexec on home directories, I know "portable apps" exist for Windows, and I assume MacOS has similar dynamics)

> the absolute level of demand for parental control features has been low until recent years, and even this recent wave of demand is somewhat manufactured.

I don't agree with this. I think the demand has always been there and has been sort of discarded. I've personally done some of that discarding, in my younger days when the worry was of violent content but still on desktop/laptop computers where use was generally socially legible to parents. But these days we're dealing with pocket-sized devices that are no longer socially legible, plus malevolent commercial interests drawing kids in to get them hooked on dopamine drip loops.

But you seem to think the problem is solved, so tell me: what exactly are parents supposed to do here? I'm a new parent, we're still at the stage of watch videos with mama/dada, and play with the calculator app. The next step is probably curated sources of content/apps with general web browsing locked down (including self-curated things like perhaps a local copy of wikipedia). But then after that? What's the next level of expanding their scope look like, without them being subject to attack by corpos showing them ads/social media/weird slop shit/etc? Especially if they are going to have a SIM card such that I can't just filter most of this at the network level.

I haven't researched it all, and I'm sure there are some solutions. But I'm also more capable of seeking out bespoke solutions and actively choosing to use one, as opposed to the average person who wants things to "just work" and isn't going to delve too hard. Can't we agree that the pressure for this shitty legislation is coming from somewhere beyond merely Faceboot's money?

Ok, I'll give you my two cents, but you'll have to fill in the details on your own.

After curated local content, you could get an old desktop (and later a laptop too) and install a Linux distro of your choice on it, something reasonably modern. Put Minecraft on it, and show your child how to start a singleplayer world. Show them how to use the web browser, and add a curated list of sites in the bookmarks. Leave them to figure out the rest on their own. Withhold the sudo and BIOS passwords at the beginning, but give them the passwords when they're ready. I think for the sudo password, it's when they try to host their own Minecraft server for the first time, and BIOS password when they explicitly ask you for it (though these may never happen, depends on the kid, so set your own milestones). Configure the OS and programs as you see fit early on, but don't make changes secretly after they've had the computer for a few months. Block unwanted sites and limit access times with your WiFi router or OS firewall as you see fit. Eventually, they'll figure out how to get around or tear down the barriers you put up, and that's fine, just pretend you don't know or give them a vague hint if they do something too egregious like stealing the neighbor's WiFi. Gradually loosen your control as they get older. And if something breaks, let them watch how you fix it.

Don't give them a phone. Or even if you do, strip it down so that it can only be used for calls, but you can add apps over time. Don't buy them mobile data. Let them buy their own phone and mobile data when they're old enough to earn the money, and that's when your digital supervision ends.

Regarding a solution that "just works": when your child goes out to play, you're the guide that protects them and shows them around town. You know the roads, buildings, people and rules better than they do. There aren't any solutions that "just work" which exempt you from your job as a guide. Well, there are, but that just means someone else is watching your child for you. I think digital parenting is similar in this regard. Parents needs to understand the digital landscape well enough to guide and advise their kids. Solutions which don't strip away parental rights and responsibilities will require some effort to use.