is this website accurate? https://www.census.gov/popclock/world says we're notably farther away, and im inclined to trust a government over a site run by an unknown group
People who like this might also like Welcome to Night Vale [0], a podcast with a similar vibe that takes place in the American Southwest.
[0]: https://www.welcometonightvale.com/
Not at all. This is something I'm passionate about.
Copyright made sense before computers existed. Back then it was still possible to infringe copyright. For example, people could copy books by hand. However, the scale of such operations was small. To operate at massive scales you had to be a major industry player and own machinery such as printing presses. It's trivial to enforce copyright against such huge targets. Therefore, artificial scarcity was easy to create and it made sense.
Fast forward to the 21st century. Networked computers exist and everything is data. Filling up an entire hard drive with copies is as easy as copy paste. It's trivial to duplicate information and transmit data to other computers. People now have worldwide networked computers in their pockets. People now infringe copyright on a massive scale without even realizing what they are doing simply because technology has changed the way people perceive copyrighted works. Nobody really thinks before downloading stuff and sending it to their friends even though this is unauthorized copying and therefore copyright infringement. Nobody thinks before editing some picture and making a funny meme out of it even though it's a derivative work. Nobody thinks before reposting someone else's work on social media. Copyright infringement has become natural.
The truth is computers make a mockery of copyright. The fundamental notion behind copyright is artificial scarcity. Computers make data infinitely abundant. It's incredibly subversive technology. Before computers you needed expensive hardware and logistics to produce and distribute a million books or a million records. With computers it's a trivial task. The world has been changed forever and there's no way to go back.
They're definitely trying to rewind the clock though. To create artificial scarcity of data in the 21st century, free computing must be destroyed. We must not be allowed to run arbitrary software or make our own software. Hacking as we know it must come to an end. They must lock down computers so that we can only run software they approve, software that obeys them instead of us, software that only copies when they authorize. This is completely aligned with government interests in banning civilian use of cryptography.
I say computers are too important to allow them to become mere tools of aging industries and oppressive governments. Copyright makes no sense in the 21st century, it's time to abolish it. The alternative is to give up our computing freedom. I'd rather sacrifice the entire copyright industry than live in such a bleak future.
Copyright is also a tool that corporations use against other countries via political pressure by the US government. These corporations are extremely rich, they can afford to lobby the US government to the point it applies pressure on foreign nations. I've posted about this before:
I wish I could find one particular news article I remember reading years ago. It was about some MPAA official who came to my country to lobby the government on their copyright interests. Some journalist approached him and asked him point blank if he thought this should be a priority in a country that fails to offer even basic infrastructure such as sanitation to its entire population. Obviously he had no response.
Copyright holders also lobby governments in order to extend copyright duration indefinitely. They have effectively robbed us all of our public domain rights. I've written about this before too:
On the one hand, I get that not everybody needs all the features of sudo, but on the other.... Sudo is way more useful than doas. If you really go through all its functionality, you start using it in ways you didn't think to before.
You can have a custom AuthZ solution and automatically inherit sudo permissions based on groups. It supports a configurable askpass. You can background jobs, change working directory, selectively pass or set environment variables, set $HOME, use a login shell, preserve origin groups, use a chroot, read a password from STDIN, override the shell, set a timeout. And of course the sudoedit features.
I know we all like programs that "do one thing well", but sometimes the best way to support all the use cases we want is a big honking program.
> I feel that it's better than `sudo -e`, but would love to see an example where `sudo -e` is better.
It is way worse than `sudo -e`, because it runs the entire editor as root, whereas `sudo -e` runs a few file copies / move as root. So `sudo -e` has a significantly lower amount of stuff in the "secure zone", and thus, much in the same way `doas` is more secure than `sudo`, `sudo -e` is a lot more secure than running the entire editor.
It also works with anything you can set as $EDITOR.
Some editors (like vscode) will outright refuse to run as root by default.
Actually, `sudo -e` forces VIM onto innocent users. You are free to `sudo nano` if that's your preference.
> `sudo -e` runs a few file copies / move as root.
Interesting, thank you, I did not know that the editor is not run as root with -e. So presumably that means that it will have my environment, e.g. will run my .vimrc? Though that could be an attack vector too.
> Actually, `sudo -e` forces VIM onto innocent users
No, it does not. It runs whatever EDITOR is set to (technically the first set of SUDO_EDITOR, VISUAL, and EDITOR).
> So presumably that means that it will have my environment, e.g. will run my .vimrc?
That is correct.
> Though that could be an attack vector too.
Only on the specific file, which would usually be a lot more noticeable unless the attack specifically manages to recognise and target sudoedited files while closing the buffer.
> Only on the specific file, which would usually be a lot more
> noticeable unless the attack specifically manages to recognise
> and target sudoedited files while closing the buffer.
I've seen far more sophisticated attacks than that. Though vimscript itself is kind of a barrier to entry ))
Which is arguable an attack vector. Depending on how careless the user is, there is far more likely a chance that malicious code is found in .vimrc than is found in the VIM executable.
They’re probably referring to the attack surfaces of the extensions you have loaded in your normal configuration, as opposed to the probably empty environment of root.
I actually would prefer the editor binary to run as root, rather than have my VIM config available. Any malware that could replace my system VIM would already have access to do whatever it wants to anyway. But malware to alter my own VIM configuration has a much lower barrier to entry.
> The temp file is a feature but not essential to getting work done.
The entire point of sudoedit is to reduce the attack surface, without that it's absolutely useless since you can just `sudo` whatever editor you prefer.
