I can't comment on where sudo itself lives on the spectrum from aggressively solid implementation to really-dodgy-smell-around-the-edges; but it seems like its purpose is a fundamentally tricky problem even if its execution were impeccable.

The basic "user is authorized for root; but we'd prefer he be thinking and logged when he uses that authorization" is reasonably cogent use case; but it's more of a reminder than a security barrier. Then you get into the actually-interesting attempts at limited delegation and determine that you'd basically need a different userland for a lot of purposes: aside from the modest number of things(often with setuid already in place) built specifically to carefully do a very particular delegated function on your behalf and provide you with nothing else if they can help it; very little aside from garbage kiosk UIs or web or database-backed applications with user and permission structures mostly orthogonal to those of the underlying OS actually tries to constrain the user's use of the application(within whatever context that user is operating; generally having a privilege escalation is considered bad).

Half of what you run considers having an embedded shell to be a design feature; so including any of that on the sudoers list essentially means being able to chain arbitrary commands from that sudoers entry; and the other half doesn't outright intend to include a shell but would require some really brutal pruning, likely of important features, to prevent being able to chain a couple of interactions into having the ability to run whatever. And that is assuming that sudo itself is working entirely correctly.

I always look to people with degrees in 'community development' to tell me whether there are enough spooks in my computer science or not; it's just good sense.

If it's dissociality and/or disinhibition without an LLM fetish it's just an ICD-11 personality disorder.

Saying that, much less in public in a way that suggests you either think that it will be helpful or that people will view you as being helpful, seems like strong evidence of an AICD-11 personality disorder.

Why, exactly, are we listening to someone who passed through software engineering on his way into management claiming that software engineers(presumably now his direct reports) are the most spoiled profession and how it's just terrible that nobody is willing to spend several years working for peanuts to get experience(because the argument from race to the bottom is persuasive now?)

He then meanders over to the theory that if you are a real actually-good software engineer your job is clearly safe, because AI isn't set to replace you; ignoring the fact that entire teams, competent and all, get wiped out when the money sloshes a different way all the time; and 'AI' has seen some cataclysmic levels of frankly irrational money sloshing by some mixture of conmen, cultists, and the good old 'animal spirits' of that definitely rational market.

It's basically the same story about 'web developers' who learned how to knock together some HTML at a bootcamp somewhere, or 'IT' back when that was something where the money attracted some people who had no interest, warmed over and presented as novel; with a side helping of boundless(but notably vague) optimism about all the cool new AI-things that are being created that will need real engineers at some point.

Honestly, it's almost impressive how he manages to be so grating while being so vacuous.

The word "seems" in the sentence "They are drawn to it because they feel burned by the traditional system and want a fresh start with something that seems more modern and less manipulative." is so load-bearing I can only hope that the author is also a structural engineer.

To a darkly hilarious extent 'fintech' is more or less entirely regulatory arbitrage with a light skin of 'apps'.

So, on the minus side we've got people trying to game the system. On the more-minus side; the way they are trying to game the system suggests that peer review has, at least in part, been farmed out to chatbots because it's easier. Fantastic.

"A tandem charge the size of a solar system" isn't really the reassuring correction I was hoping for; to be honest.

Thankfully, you can sustain national greatness just by shouting belligerently about it; the idea that you actually need competence or execution is just a con; so this should have no side effects whatsoever.

Probably not great news that someone further up the Kardashev scale remains a fan of double tap strikes.

My suspicion is that they are probably in the clear. the USB PD spec includes 'vendor-defined messages'; both 'structured VDMs' that are standardized and 'unstructured VDMs' that are basically whatever the implementer feels like. This obviously doesn't prove that Nintendo are in full compliance with what the USB-IF really wants the USB trademarks applied to; but(along with the reports that it plays just fine with 3rd party chargers) it looks a lot more like a basically-compliant-minus-any-bugs-or-compatibility-hacks USB PD implementation that just doesn't mention DP alt mode unless it likes the unstructured VDM chatter. Dick move; but one you could do in full standards compliance.

Sounds like they are acting all pious over what is basically a workplace dispute over division of margins.

The outfits that do ransomware negotiations remain legal; because for some reason that's one area where nobody bats an eye at you doing business with transnational criminal syndicates; but they are basically just bagmen who take a cut of the deal for interacting with the disreputable ransomware guys for you. In this case, apparently one of the employees wanted a larger percentage of the cut than he was getting from his employer.

I suspect that what he did is some sort of crime in a way that what his employer does isn't; but it's the same business model; just with some disagreement over whether that guy gets a percentage directly as well or whether just the company does.

Eberhart seems like he may be falling for the hype himself. He says "What's happening now isn't innovation; it's aspiration masquerading as disruption..."; but fails to note the fairly profound differences in results between the orbital delivery guys and the moonshot guys; and how neatly that maps onto what is aspiration and what isn't.

Putting satellites into orbit is kind of mundane at this point, too common, too obviously useful; but it's sufficiently obviously useful that more or less anyone with nation-state aspirations wants to at least have a program that executes; and civilian and day-to-day operations want someone who executes but cheaper. And that exists. Going to the moon is cool, and it's a nice prestige project for when the gerontocracy needs to show that they still have it just like when they showed the commies what for; but it's unclear exactly what the point is or the stakes are beyond that. The customer presumably would like to actually land something on the moon, at some point, just to say that they did; but what they are buying is mostly aspiration on the cheap: We get to say that we have a lunar program for way less than Apollo money, you do some open-ended tinkering, honor satisfied.

He can talk about 'accountability'; but it seems like it's a fundamentally hard problem to actually sustain a lie about how serious you are, at an institutional level, in the long term. It's not like do-or-die projects are free of losers(especially because circumstances have a nasty habit of thrusting them on people whether they like it or not; rather than giving them the luxury of choosing whether or not to take on those stakes); but they tend to be animated by a sense of genuine urgency. Stuff that is, fundamentally, kind of optional, by contrast, tends to reflect that in bulk. Timmy Rockets may be genuinely more passionate about stir-welding than you've ever been about anything; but, like is cousin who is really passionate social worker, will soon discover that going to the moon and fighting poverty are open-ended projects we do because they sound nice, not because anyone who matters is actually committing to a deadline.

I can think of some niche cases where this might be useful(mostly HHD/SSD wear data; though bad actors have been able to tamper with those values without much difficulty); but overall this seems like throwing an awful lot of identifying data and a whole 'trust me bro' shadow subsystem at a problem that the data is unlikely to actually help all that much with.

This will be very good at fretting if the refurbisher swapped out RAM or mass storage; but it's not like onboard diagnostics are all that good at picking up the difference between a machine that has had a fairly hard life and now has somewhat dodgy ports and a bit of uncomfortable flex vs. one that sat on a dock most of its life and got unplugged only a handful of times; any any issue that the embedded diagnostics can pick up can also be picked up without any special recordkeeping by just running the diagnostics when you receive the device and verifying that it doesn't throw any errors out of the box.

If you've already got the trust me bro shadow subsystem I assume it's relatively cheap to propose having it keep more records; but I'm not really convinced of how much value is being added.

Is there some problem particular to human DNA that they are looking to solve; or is this just an extension of the ongoing work on DNA synthesis(if you are OK with relatively short segments that has come down to being something you can just order, not nearly as exotic as it once was) but being hyped because there's some human cell genetic engineering at the end; rather than just meeting more aggressive targets for achievable lengths?