And that's a very dangerous way to drive. We lost an incoming member and his family 50 miles outside of town because he presumably fell asleep at the wheel, crossed the median, and hit a semi front-end. All 4 in the car died.

Taking proper breaks isn't that hard and increases the chances you'll actually make it.

If I'd tried to submit a travel plan with your proposal as junior enlisted, I'd have been told to redo it.

A 15 minute break every 2 hours won't increase driving time by 50%. Worst case it'd change 8 days into 9, and that's only assuming that the breaks cut into driving time.
Meanwhile, driving without breaks and proper rest increases the chances that you will never make it, like the family that was coming to join my unit.
50 miles outside of town, crossed the median and hit the front end of a semi. All 4 in the car perished.
No drugs in the driver's system, all we could presume was that he fell asleep at the wheel.

Except that the IT department in charge of evidence never doctored that photo. The IT department in charge of the websites did.

Why ask whether china is eroding the lead; rather than whether the incumbents are maintaining it?

Maybe my faith is weak and if I were huffing the dumb money I'd understand; but it looks awfully like our boisterous little hypebeasts promised that, this time, unlike all the other times in 'AI' we could totally brute force our way to the AGI Omnissiah; briefly tried copium in the form of hoping that competitors would be intimidated by their capex(because there's basically a generation of VCs who think that failure to reach monopoly is indistinguishable from losing); and finally proceeded to speedrun commodification because it turns out that nobody actually had any plan for what would happen if this alley started looking visually impaired even after we plundered the entire internet to feed it.

I realize that it's more fun to focus on what the sinister chinese are doing than what our glorious golden boys are not doing; but let's do the latter anyway; especially since this is one area where you can't just please chinese factory slaves as an inherent price advantage. The guys mechanical-turking out 'training'/'classification' tasks will all go wherever to scrape up the cheapest labor available, then stiff them on promised payments; and (while the process is pretty porous) being not-china is definitely still the best way to get access to premium TSMC processes; and at least not-worse for most of the rest of the most interesting ones.

Either LLMs are fundamentally a technology where being the first mover is a dumb idea; or the 'leaders' are actively fucking it; because, unlike some of the cases involving rare earths mining or finding fast fashion sweatshop sites, this was theirs to lose.

I assume that there's a research OS somewhere that has discovered that this is much harder than it looks for anything nontrivial; quite possibly even worse than the problem that it is intended to cure; but looking at the increasingly elaborate constructs used when sudo is intended to be a granular delegation makes me wonder if the correct approach lies down the path of better permissions rather than ad-hoc lockdown logic.

There are some cases(eg. password-change or login tools often both reflect granularity limits in credential storage; and make reads or edits on your behalf to parts of files that you wouldn't be allowed to touch directly; but also do things like enforce complexity or age requirements that would require a really expansive view of 'permissions' to encompass) where the delegate program is handling nontrivial delegation logic on its own; but in a lot of instances it's hard to escape the impression that you are basically bodging on 'roles' that can't be or aren't normally expressed in object and device permissions by building carefully selectively broken tools.

I obviously don't blame sudo for that; its scope is letting you run a particular thing as someone else if the sudoers file allows it; but a lot of sudoers files might as well just say "there are no roles on this system between 'useless' and 'apocalyptic'"; and that feels like a permissions design problem.

Of note; probably not one to try to NT yourself out of; I'm not sure that you can build a sufficiently expressive set of permissions on classic UNIX style ones; but I've yet to see an NT-derived system that didn't boil down to 'admin-which-can-be-SYSTEM-at-a-whim'/'little people' regardless of the wacky NT ACL tricks you can get up to.

I'm curious if it's a case of the alternatives being tried and largely found to be worse; or if (along with a number of other OS design/architecture fights) the whole thing has mostly been pushed out of mainstream relevance by the degree to which you can just pretend everything inside a worker VM is basically at a homogeneous privilege level if you don't want to deal with it.

You're supposed to take a break every two hours anyways, that can include a meal, snack, and hydration.
If you stock up and have a case of drinks, that is why I suggested a walk as an alternative.

They work for the occasional "blue moon" charging, I think. It'd be like having a house that is solar + battery also having a generator for "just in case", allowing the house to still have power during that week long storm front, an inverter failure, or even just the annual family visit where the place has 10X the normal people there.
Especially if the genset is already there for things like transmission line failures.
IE use the genset to allow EVs to get there to begin with, then upgrade to solar one they're a regular enough occurrence for that to make sense.

Sheep are being used specifically for solar systems
They keep the vegetation down while producing marketable products themselves.

I don't generally consider bathroom breaks, basic food and drinks to be entertainment myself. If you consider modern 70% charging times (From ~15% to ~85%), that's about the mandatory 15 minutes break period mandated in various places for continued good performance.

By the time somebody has plugged in their car, walked to and finished visiting the restroom including washing hands, gotten a drink and a snack, and walked back (actual order optional), it's quite likely that around 15 minutes has passed.

Maybe include a walking path or something around these stations, get a little exercise in? I know I feel better about long drives with regular walking breaks.

>" LLMs doing crawling? That might be ill-behaved, bot not an "attack".

Some of us will think of it as an attack when the bots ignore robots.txt (or honor changes very slowly), masquerade intentionally as something they are not, and use tons of different addresses hitting the same site, especially when it is continuous. I discovered this, myself, on a small internet-connected club server later last year. The mediawiki site was becoming unresponsive and throwing errors. On investigation, we were having dozens of http requests per second, from Amazon and Bytedance. Every one of them was coming from a different IP address. Only our main page was allowed in robots.txt, so SOMETHING would end up on search sites, but the bots didn't care. I changed it to ignore everything on the site, instead of just the main page, but that apparently isn't checked very often. It took me hours of manually banning over a thousand IP addresses before the server could reasonably respond to web requests again.

Example hit:

47.128.50.93 - - [22/Sep/2024:15:03:05 -0400] "GET /mediawiki/index.php?days=30&from=20240920012115&title=Special%3ARecentChanges HTTP/1.1" 200 10111 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; spider-feedback@bytedance.com)"

Eventually, the overwhelming majority of the "robots" (web scrapers) did honor robots.txt disallowing everything, some just did so very lazily and took days of attempted hammering us before stopping. I still haven't removed the IP blocks nor put robots.txt back to allowing just the main page.

That was phrased badly. What I meant is that you can keep multiple versions of a photo, used for different purposes.

If you're doing things right, watermarking/editing a photo doesn't destroy the original. The original goes into evidence, the watermarked is posted to the public. That way, there's evidence of the source of the picture, even if it is scraped and separated from the website/page.

In physical terms, it'd be like writing the details of the photograph on the back, like what we used to do with traditional developed photographs.

I think that you're mixing up that a photo can be used for multiple purposes.
Basically, the original unedited photo goes into the police report/file for evidentiary purposes.
The altered photo - probably also resized and compressed to be easier on bandwidth, is what is posted for publicity purposes, where there isn't a police report also attached, where there's a high probability of it becoming disconnected from the website.
The version of the photo intended for facebook or whatever shouldn't ever be presented in court.

I can see plenty of reasons to add the department logo, to remind people of where that particular bust came from.
What it doesn't need to be, what it shouldn't be, is something that is trying to look like an actual part of the original image. It should look like a computer logo on a photo, not an actual fabric badge pasted to the wall.

The original photo is evidence; it was still intact. The edited photo with the police badge watermark was to be a publicity tool, not evidence.

Though I'll state that you don't even need layers for this - just open the .jpg or whatever you got from the evidence in an email or whatever in paint, save as a new file, paste in the watermark, save again.

I can't comment on where sudo itself lives on the spectrum from aggressively solid implementation to really-dodgy-smell-around-the-edges; but it seems like its purpose is a fundamentally tricky problem even if its execution were impeccable.

The basic "user is authorized for root; but we'd prefer he be thinking and logged when he uses that authorization" is reasonably cogent use case; but it's more of a reminder than a security barrier. Then you get into the actually-interesting attempts at limited delegation and determine that you'd basically need a different userland for a lot of purposes: aside from the modest number of things(often with setuid already in place) built specifically to carefully do a very particular delegated function on your behalf and provide you with nothing else if they can help it; very little aside from garbage kiosk UIs or web or database-backed applications with user and permission structures mostly orthogonal to those of the underlying OS actually tries to constrain the user's use of the application(within whatever context that user is operating; generally having a privilege escalation is considered bad).

Half of what you run considers having an embedded shell to be a design feature; so including any of that on the sudoers list essentially means being able to chain arbitrary commands from that sudoers entry; and the other half doesn't outright intend to include a shell but would require some really brutal pruning, likely of important features, to prevent being able to chain a couple of interactions into having the ability to run whatever. And that is assuming that sudo itself is working entirely correctly.