Or the staggering number (likely a very large overlap with your group) who appear to see their tax refund as "free money back from the government" instead of what it really is: "you are simply getting back money you loaned to the government interest free for up to a year".
You passed '-f root' to login (a single long string). telnetd is likely passing '-f' 'root' to login (two arguments instead of one, whether this is because it creates two, or it uses the shell (which then reparses) I don't know).
But '-f' is a valid option to login (man login):
login [-p] [-h host] [-H] [-f username|username]
...
-f Used to skip a login authentication. This option is usually used by the getty(8) autologin feature.
I was reading https://www.offsec.com/blog/cve-2026-24061/, which implies that precisely that single long string passes through getenv("USER") in the attack. The mystery is how that single long string in telnetd becomes two separate arguments for login. execv or posix_spawn certainly won't do that. So either there's a version of /usr/bin/login that parses arguments in some very sus way, or there's a shell involved somehow.
It's as if people have never had shipping itemized before.
The only reason aliexpress shopping is cheap is because the rest of the world foots the bill. Unless somebody has finally removed China's "Developing Country" status thats gotten them essentially free international parcel service for the best part of 100 years.
Yeah OK, but if I only want 5 pieces and I have to choose between $5 or $30, I'm not going to think about the geopolitical situation, I'm just going to get the cheaper one.
I buy small parts with "Choice" shipping on AliExpress sometimes, because it's cheap and [usually] quick and they take care of all of that pesky tariff and customs business in ways that never have an opportunity to surprise me.
For years now, the shipping process has worked like this for me: They gather it up on their end and send the stuff on a cargo plane to a sort that is at or near JFK airport in New York.
If the order includes things from several different sellers, then at some point they generally get combined into one bag.
From there, they just mail it -- using regular, domestic USPS service. It shows up in my mailbox on my porch in Ohio a few days later.
Although it certainly was a thing I've experienced in the past, at no point does the process I've described exploit the "Developing County" loophole. They just send things to the other side of the world (at their expense), and then pay the post office the same way as anyone else does to bring it to my door.
EDIT: Oh lord, bad typo in my previous comment- it should have been aliexpress SHIPPING not Shopping.
It's not the same, what you described is Direct Entry (somewhere around page 25, linked below). Apparently the Terminal Dues system has been massively changed in the 5 years since I last looked- but it still appears unfavorable to USPS and US sellers, while favoring high volume foreign shippers.
As for how aliexpress delivers stuff, since the tarrifs: 1) no-name last mile. 2) USPS last mile, and USPS the entire way.
I don't know if any are associated with "Choice", Paid store shipping, and/or free store shipping.
Since I normally buy from aliexpress to avoid the insane 200-800% markups amazon/ebay/walmart/etc dropshippers demand the $5-$10 in shipping doesnt factor in.
As a consumer, here's how AliExpress Choice shipping functions for me: Like buying a widget from a shop downtown, the price is the price.
I don't see what anyone will pay (or has paid) for duties or tariffs or fees or delivery, I don't have any idea what the markup is at any level, and I don't know what GAO table they or anyone else used to get it to happen. That's outside of my purvey.
With this method: Same as with the shop downtown, I'm not importing anything myself; I don't see any customs forms or declarations at all. AliExpress handles all of that business, not me.
I can peek behind the curtain a bit and see some aspects of how things move from place to place as physical entities using the tracking data that they provide. And that's about it, until it eventually shows up inside of my mailbox -- and then I can have a nice gander at the labels and see that it was sent with USPS domestic postage.
This process doesn't (can't, AFAICT) abuse my nation's postal system, and I like that aspect quite a lot.
The downsides are cost and availability: There may be a dozen or more sellers offering seemingly-identical widgets on AliExpress, but maybe only one or two (if any) that ship that particular widget Choice. Like Prime, it can actually end up costing a bit more than other methods.
But it's fast, still cheap in absolute terms, and there's zero BS on my end so I like those parts, too.
> Nevertheless, an optimum seems to have been reached around 20 years ago, and since then more often than not I see only worse interfaces that make harder
A consequence of having "UI designers" paid on salary instead of individual contract jobs that expire when the specific fix is complete. In order to preserve their continuing salary, the UI designers have to continue making changes for changes sake (so that the accounting dept. does not begin asking: "why are we paying salary for all these UI designers if they are not creating any output"). So combining reaching an optimum 20 years ago with the fact that the UI designers must make changes for the sake of change, results in the changes being sub-optimal.
Appending is much better than prefixing, but having "." in the path, anywhere, can still open you up to running mistyped commands (arguably a much less common possibility, but still a possibility).
I.e., you have "." as the very last item in your path. You are in /tmp/ (so a directory other uses can write files to). You mean to type "ls -l something" to look for "something" files. But instead, you just miss the space, and type "ls-l something*", and some other nefarious user has left a /tmp/ls-l binary behind just waiting to be run. It could package up your ~/.ssh folder and ship it off to "nefarious" user, and then do a proper "ls -l" so that you may not even notice the typo.
And, if you happen to be root when you are in /tmp and mistype ls-l, and if the ls-l binary checks to see if it is being run as root, it could then do even worse. For example, it could leave behind an suid to root bash or sh executable in 'nefarious user's' home dir, so that 'nefarious' can now become root at some point later and proceed to actually 'own' the system.
> I take about 60 sec per crimp, and I don't have the exact tools in this guide
What tool(s) do you have?
> Buy better crimp tools
This is most likely your better path forward (as even if you go with pre-crimped, unless you can get all custom wires pre-crimped on both ends you'll likely still need to make some crimped ends). And not only "crimp" tools, but also better wire stripping tools (as you do have to strip the wire before you crimp it). The better tools significantly reduce the time needed, and for 15+ crimps per unit, may make a world of difference overall.
The issue is that the "over 70s" group, while on the whole averages out to moderate safety, includes a number of individuals that are very dangerous drivers (to themselves, and to others). If one looks at the overall statistics, the group as a whole looks ok, but those dangerous outliers are the ones that get the "press coverage" on the nightly news when they do cause an incident, skewing peoples view of "over 70s drivers".
> to the lucky ones able to afford living close to the city center.
Which is also, to some extent, the reality in the US as well. Some number of the "city centers" have better public transport and/or walk-ability [1] available than what is available just outside those city centers.
One big difference in the US is the massive land area difference as compared to Europe means there is a huge amount more land area (and therefore population) with little to no public transport or walk-ability available and a car becomes mandatory rather than optional in those areas.
[1] It's not perfect, I'm sure there are plenty of city centers in western states where even the city center itself is so spread out that walk-ability suffers and that a car tends to become more necessary.
Which is the same in small European towns and villages, there are only a couple of buses, many of which stop around 8 PM, and tend to occur once an hour in most cases, if not less.
Basic stuff like taking kids to school requires having a car, or being lucky to have some kind of Bus service collecting the kids, for some school levels, and doesn't cover stuff like taking them to other after school activities.
Want to go to the big commercial surfaces? They are all outside the town center and seldom have bus connections.
> What's your take - are living in this world from now on, or will it revert, and why?
I expect it will revert, but what I cannot predict is when the reversion will occur.
Why:
1) Eventually another "AI Winter" [1] is going to occur (again, no way to predict when). But the current hype cycle and endless money burn with no visible path to profitability is going to catch up to all of the AI's and an AI Winter will occur. When that happens, the AI demand for RAM/GPU's will crater (and, as well, some portion of the existing purchases will be sold off at bankruptcy discounts). Both will result in a reversion in pricing when the winter arrives.
2) The current extreme pricing will also encourage one or both of:
2a) existing players to ramp up their production capacity to meet the demand; (this will be sluggish, but as they begin to ramp up their capacity, the result will be a softening of prices)
2b) the high prices may encourage other players to enter the production market to capture some of the current profits, this will also soften pricing;
Once the current demand spike calms down (and it will calm down) both 2a and 2b will lead to a reversion in pricing.
What I can't tell you is how long we may have to wait for the reversion. It is coming, sometime in the future, but how long we have to suffer the current extreme pricing before it arrives we can't predict.
reply