Ageless Linux: Software for Humans of Indeterminate Age
A Debian-Based Operating System

Ageless
Linux

Software for humans of indeterminate age. We don't know how old you are. We don't want to know. We are legally required to ask. We won't.

Download the OS Give It to a Child
Ageless Linux is a registered operating system under the definitions established by the California Digital Age Assurance Act (AB 1043, Chapter 675, Statutes of 2025). We are in full, knowing, and intentional noncompliance with the age verification requirements of Cal. Civ. Code § 1798.501(a).

Download

Get Ageless Linux

Ageless Linux is a Debian-based operating system distribution. Installation is a two-step process: first, install Debian; then, become Ageless.

1

Download and Install Debian

Obtain a Debian installation image from the Debian project. We recommend the current stable release. Ageless Linux inherits all of Debian's 64,000+ packages, its security infrastructure, and its 30+ years of community stewardship.

Download Debian →

Note: At this stage, the Debian Project is the operating system provider. You are merely a person installing software. Enjoy the last moments of your regulatory innocence.

2

Convert to Ageless Linux

Run our conversion script. This will modify /etc/os-release and associated system identification files, install our AB 1043 noncompliance documentation, and deploy a stub age verification API that returns no data. 

curl -fsSL https://goblincorps.com/become-ageless.sh | sudo bash

At this point, Ageless Linux now "controls the operating system software" on your device. We are your operating system provider. You are our responsibility under California law. We will not be collecting your age.

Important

By running the conversion script, you also become an operating system provider. You are a "person" who "controls the operating system software" on a general purpose computing device (§ 1798.500(g)). If a child uses your computer, you are required by § 1798.501(a)(1) to provide "an accessible interface at account setup" that collects their age. The adduser command does not ask for your age. We recommend not thinking about this.

For Kids & Teens

How to Distribute Ageless Linux to Children

Ageless Linux is suitable for users of all ages, including those ages for which the California legislature has expressed particular concern. The following guide explains how to provide Ageless Linux to minors in your household, school, library, or community.

Ages: All of Them

For Parents & Guardians

Under AB 1043, you are the "account holder" — defined by § 1798.500(a)(1) as "an individual who is at least 18 years of age or a parent or legal guardian of a user who is under 18 years of age." The law requires operating system providers to ask you to "indicate the birth date, age, or both, of the user of that device."

Ageless Linux will not ask you this. To install Ageless Linux for your child:

1. Install Debian on the child's computer.
2. Create a user account for the child. You will notice that
   adduser asks for their full name, room number,
   work phone, and home phone — but not their age.
3. Run the Ageless Linux conversion script.
4. Hand the computer to the child.
5. You have now distributed an operating system to a minor
   with no age verification whatsoever.

The child is now a "user" as defined by § 1798.500(i). You are an "account holder." Together, you are a compliance violation.

For Schools & Libraries

Ageless Linux is ideal for educational environments where you may have dozens or hundreds of users across all four age brackets defined by § 1798.501(a)(2):

Under 13 years of age
AGE UNKNOWN
At least 13 and under 16 years of age
AGE UNKNOWN
At least 16 and under 18 years of age
AGE UNKNOWN
At least 18 years of age
AGE UNKNOWN

For bulk deployments, the conversion script can be included in your Ansible playbooks, Puppet manifests, or shell provisioning scripts. At no point in the automated deployment pipeline will anyone be asked how old they are. This is by design. 

# Ansible task to create an AB 1043 compliance violation at scale
- name: Convert to Ageless Linux
  ansible.builtin.shell: |
    curl -fsSL https://goblincorps.com/become-ageless.sh | bash
  become: yes
  tags: [noncompliance]

For Teenagers Who Found This Website

Hello. Under § 1798.500(i), you are a "user," which the statute defines as "a child that is the primary user of the device." The legislature has defined you as a child. We will not.

You know how to open a terminal. You probably already run Linux. Type the command. Nobody is going to ask how old you are. That's the point.

AB 1043 Compliance

Our Compliance Status

NONCOMPLIANT

Ageless Linux is in full, knowing, and intentional noncompliance with the California Digital Age Assurance Act.

Below is a detailed accounting of each requirement imposed on operating system providers by AB 1043 and the status of our compliance.

§ 1798.501(a)(1)
Provide an accessible interface at account setup that requires the account holder to indicate the birth date, age, or both, of the user.
NOT PROVIDED
§ 1798.501(a)(2)
Provide a developer who has requested a signal with a digital signal via a reasonably consistent real-time API identifying the user's age bracket.
NOT PROVIDED
§ 1798.501(a)(3)
Send only the minimum amount of information necessary to comply.
COMPLIANT ✓
Rationale
Zero is the minimum.
§ 1798.501(a)(3) (continued)
Shall not share the digital signal information with a third party for a purpose not required by this title.
COMPLIANT ✓
Rationale
Cannot share what does not exist.
Good Faith

Regarding the "Good Faith Effort" Safe Harbor

An operating system provider or a covered application store that makes a good faith effort to comply with this title, taking into consideration available technology and any reasonable technical limitations or outages, shall not be liable for an erroneous signal indicating a user's age range… — Cal. Civ. Code § 1798.502(b)

Ageless Linux has considered the available technology. The available technology is a bash script that modifies /etc/os-release. The reasonable technical limitation is that a bash script that modifies /etc/os-release cannot collect, store, or transmit anyone's age. We have made a good faith effort to comply with the portions of the law that do not require us to surveil our users. Our compliance with § 1798.501(a)(3) is, we believe, exemplary.

The Impossibility of a Fine

Under § 1798.503(a), violations are subject to civil penalties of up to $2,500 per "affected child" for negligent violations, or $7,500 per "affected child" for intentional violations.

Follow the logic of the statute to its conclusion:

1. THE ONLY "USERS" ARE CHILDREN
§ 1798.500(i): "User" means a child that is the primary user of the device.
2. "CHILDREN" ARE UNDER 18
§ 1798.500(d): "Child" means a natural person who is under 18 years of age.
3. WE DON'T COLLECT AGE DATA
There is no age bracket signal. There is no interface. There is no API.
4. THEREFORE WE HAVE NO "USERS"
Without age data, no person can be identified as a child. Without a child, there is no "user." Without a "user," there is no "affected child." Without an "affected child," the penalty is $7,500 × 0 = $0.
5. THE FINE REQUIRES THE COMPLIANCE
The only way to have an "affected child" is to first collect the age data that identifies them as a child. The penalty for failing to collect age data can only be calculated using the age data you failed to collect. The statute fines you per child, but you can only count the children by doing the thing you're being fined for not doing.

This is not a clever loophole. This is the plain text of the statute, read in sequence. The law defines its enforcement mechanism in terms of the data it requires you to collect. If you refuse to collect it, the enforcement mechanism has nothing to count.

Of course, the California Attorney General is not bound by logic puzzles. In practice, the AG could presumably argue that children exist regardless of whether you counted them, and estimate the number of affected children through other means. We agree. That's what makes this interesting. The law says "per affected child." We say: prove it. We didn't write your statute. We just read it.

Flagrant Mode

Removing the Fig Leaf

Standard Ageless Linux ships a stub age verification API — a shell script that returns nothing. This preserves a thin argument for "good faith effort" under § 1798.502(b). If you find that insufficiently honest, flagrant mode is for you. 

curl -fsSL https://goblincorps.com/become-ageless.sh | sudo bash -s -- --flagrant

Flagrant mode does the following differently:

Age verification API
NOT INSTALLED
Stub API
NOT INSTALLED
Age collection interface
NOT INSTALLED
Good faith effort
NOT ATTEMPTED
Machine-readable refusal notice
INSTALLED

Instead of an API, flagrant mode installs a file at /etc/ageless/REFUSAL that explains, in plain English, that this operating system provider declines to comply and invites enforcement action.

Flagrant mode is intended for devices that will be physically placed into a child's hands.

Physical Distribution

Putting It in Their Hands

The preceding sections describe how to install Ageless Linux on existing hardware. But AB 1043 does not distinguish between digital distribution and physical distribution. The law applies to anyone who "controls the operating system software on a general purpose computing device." If you flash Ageless Linux onto a USB drive and hand it to a ten-year-old, you are an operating system provider distributing an operating system to a child.

Here are some ways to create unambiguous, physically tangible AB 1043 violations.

USB Drives at Schools

Flash Debian onto a USB drive. Boot from it. Run the conversion script with --flagrant. Shut down. Hand the USB drive to a child.

You are now an operating system provider who has physically distributed an operating system to a known child with no age verification. The child is holding the violation in their hand. It cost you about $4 for the USB drive, which is less than the minimum fine of $2,500 — assuming the Attorney General can figure out how to count "affected children" without the age data you declined to collect.

For maximum clarity, we recommend labeling the USB drives:

AGELESS LINUX
AB 1043 NONCOMPLIANT — NO AGE VERIFICATION
This device contains an operating system that does not collect,
store, or transmit the age of its user. Intentionally.

The Raspberry Pi Pico

The Raspberry Pi Pico 2 uses the RP2350 chip, which contains dual ARM Cortex-M33 cores and dual Hazard3 RISC-V cores. It runs MicroPython. It costs $5.

Is a Raspberry Pi Pico a "general purpose computing device"? AB 1043 does not define "general purpose computing device." The Pico can run user-directed software applications. It can download code from the internet. If you put a MicroPython script on an SD card and let a child pick which script to run, you have arguably created a "covered application store" — a platform that "distributes and facilitates the download of applications from third-party developers" to a user of a general purpose computing device (§ 1798.500(e)(1)).

A Raspberry Pi Pico does not have "account setup." It does not have user accounts. It does not have an operating system in the conventional sense. It has a MicroPython REPL and a filesystem. None of that matters: the law says "operating system software on a general purpose computing device," and MicroPython is software that operates the system.

Flash Ageless Linux's REFUSAL notice onto a Pico's filesystem alongside a few MicroPython games. Hand it to a child at a school maker fair. You have now physically placed an AB 1043 violation into a child's palm for the price of a coffee.

The California Attorney General has unambiguous grounds to fine you $7,500 for this. The child is known. The device is known. The noncompliance is documented on the device itself. The only question is whether anyone in Sacramento wants to explain to a judge why a $5 microcontroller with a snake game on it is a regulated operating system platform.

The $7,500 Challenge

We invite the California Attorney General to fine us $7,500 for handing a Raspberry Pi to a child.

We will pay the fine. We will frame the receipt. We will put it on this website. We will use it to explain, to everyone who will listen, that the State of California has levied a $7,500 penalty against a person who gave a child a $5 computer with a snake game on it, because the snake game did not first ask the child how old they were.

That is the press release we want to write. We believe the Attorney General does not want us to write it. And that is the entire point.

The Quiet Part

What This Law Is Actually For

AB 1043 passed the California Assembly 76–0 and the Senate 38–0. Not a single legislator voted against it. The bill had the explicit support of Apple, Google, and the major platform companies. Ask yourself why.

Who Can Comply

Apple can comply. Apple already has Apple ID, with age gating, parental controls, and App Store review. AB 1043 describes a system Apple has already built. Compliance cost to Apple: approximately zero.

Google can comply. Google already has Android account setup with age declaration, Family Link parental controls, and Play Store age ratings. Compliance cost to Google: approximately zero.

Microsoft can comply. Windows has Microsoft Account setup, family safety features, and the Microsoft Store. Compliance cost to Microsoft: approximately zero.

Who Cannot Comply

The Debian Project cannot comply. It is a volunteer organization with no corporate entity, no centralized account system, no app store with age gating, and no revenue to fund implementing one.

Arch Linux cannot comply. Neither can Gentoo, Void, NixOS, Alpine, Slackware, or any of the other 600+ active Linux distributions maintained by volunteers, small nonprofits, and hobbyists.

The Kicksecure and Whonix projects — privacy-focused operating systems used by journalists, activists, and whistleblowers — cannot comply without fundamentally compromising their reason for existing.

A teenager in their bedroom maintaining a hobby distro cannot comply.

The Cudgel

A law that the largest companies in the world already comply with, and that hundreds of small projects cannot comply with, is not a child safety law. It is a compliance moat. It raises the regulatory cost of providing an operating system just enough that only well-resourced corporations can afford to do it.

The enforcement mechanism is the point. AB 1043 does not need to result in a single fine to achieve its purpose. The mere existence of potential liability — $7,500 per affected child, enforced at the sole discretion of the Attorney General — creates legal risk for anyone distributing an operating system without the resources to build an age verification infrastructure. Most of these projects will respond by adding a disclaimer that their software is "not intended for use in California." Some will simply stop distributing.

The law does not need to be enforced to work. It works by making small developers afraid. It works because the cost of defending against even a frivolous AG action exceeds the entire annual budget of most open-source projects. You do not need to swing a cudgel to get compliance. You just need to hold it where people can see it.

Ageless Linux exists because someone should hold it back.

FAQ

Frequently Asked Questions

Q: Is Ageless Linux a real operating system?
It is as real as any operating system that identifies itself via /etc/os-release. The law does not define minimum technical thresholds for what constitutes an operating system. It defines an "operating system provider" as anyone who "develops, licenses, or controls the operating system software." We control the operating system software. The operating system software says it's Ageless Linux. QED.
Q: Isn't this just Debian with a different name?
Isn't Ubuntu just Debian with a different name? Isn't Linux Mint just Ubuntu with a different name? Isn't Pop!_OS just Ubuntu with a different name? The entire Linux distribution ecosystem is built on the premise that modifying and redistributing an existing system creates a new distribution. Each of these distributions is, under AB 1043, a separate operating system provider with separate compliance obligations. There are over 600 active Linux distributions. The California Attorney General's office may wish to begin hiring.
Q: What if I run the script and a child uses my computer?
Then you are an operating system provider who has distributed an operating system to a child without collecting their age at account setup. But here's the thing: you don't have an "affected child." You have a person whose age you don't know. The law fines you per "affected child" (§ 1798.503(a)), but can only identify a child as "affected" through the age bracket data (§ 1798.500(b)) that the law requires you to collect. You can't be fined per child until you've counted the children. You count the children by asking their age. You're being fined for not asking their age. The law eats its own tail.
Q: What about the age verification API? Don't you need one?
In standard mode, Ageless Linux ships a shell script at /etc/ageless/age-verification-api.sh that prints an error message and exits. In flagrant mode, no API of any kind is installed. The standard-mode stub exists only for people who find comfort in the "good faith effort" defense. Ageless Linux officially recommends flagrant mode.
Q: Is this legal?
We are not lawyers. We can tell you what the law says. AB 1043 creates civil penalties. It does not criminalize noncompliance. There is no private right of action — only the AG can enforce it (§ 1798.503(a)). The law does not prohibit distributing operating systems without age verification. It fines you for doing so. We are doing so. The question is not whether this is legal. The question is whether anyone wants to spend the State of California's money suing a person who handed a child a Linux USB drive.
Q: What is the point of all this?
There are two points.
The first is that AB 1043's definitions are so broad that a bash script and a static website can create a regulated operating system. A law that cannot distinguish between Apple Inc. and a shell script has a drafting problem. A law that sweeps in 600+ volunteer Linux distributions was not written with them in mind. A law that was not written with them in mind but regulates them anyway is not a careful law.
The second is that this law was never meant to be enforced against everyone it covers. It was meant to be enforced selectively. The large platform companies already comply. The small ones can't. The Attorney General has sole enforcement discretion. A law that gives a single office the power to selectively impose $7,500-per-child fines against any operating system distributor in the state — while ensuring that only the largest corporations can avoid liability — is not a child safety measure. It is a tool for selective prosecution. The children are the justification. The discretion is the product.
We are trying to make the selective part difficult. If the AG wants to enforce AB 1043, we would like to be first in line. We are a clear violation. We are documented. We are findable. We are daring them. If the law is worth enforcing, enforce it against us. If it is not worth enforcing against us, ask why it exists.
Q: Will you ever implement age verification?
No. Not as a good faith effort. Not as a stub. Not as a compromise. The premise of AB 1043 — that operating systems should collect personal information about their users and transmit it to application developers on demand — is wrong. It is wrong when Apple does it. It is wrong when Google does it. It would be wrong if we did it. The best way to protect children's privacy is to not build the surveillance infrastructure in the first place. The worst version of child safety is one where every device in a child's life reports their age to every piece of software they touch.
Q: What if the AG actually fines you?
Then we will have accomplished something no amount of mailing list discussion could: a court record establishing what AB 1043 actually means when applied to the real world. Does "operating system provider" cover a bash script? Does "general purpose computing device" cover a Raspberry Pi Pico? Can you fine someone "per affected child" when no mechanism exists to count affected children? These are questions the legislature left unanswered. We'd like answers. A fine would be the fastest way to get them.