yeah, that’s why i am happy to avoid the us when travelling, mainly because of reports that electeonics are bricked regulary by them, but this discussion is more about theft. like “never allow hand luggage to be checked, better miss the flight instead”:

https://travel.stackexchange.com/questions/99956/how-common-is-it-for-airport-officers-to-steal-valuables-from-luggage

it’s not always about travellers that could lay hands on your stuff, maybe staff “needs” a living wage too ;-)

and the ones finding apes on a planet just short ahead or into the beginning of those 10000 years might think “well lets teach them how to stack stones and let them call us gods for just showing some of our million years old and cheap replicated tech gadgets pewpew, how amusing! but now lets go on, this planet has water but way too much oxygen and also there is axial precession that would change weather over only few hundrets of thousands of years if not less, not the planet of choice for eternals like us, duh!”

while at the same time by-design cloaking it as pure bad quality could actually cause way more longterm damage than a little bit of paint.

on the other hand the paint could also be just a marketing strategy depending on what they smoked to get new ideas

Often children that are rescued are taken out immediataly and irrevocably for their security, this is done due to sometimes very realistic dangers to their life as well as to protect them from manipulation. Without such external help, a victim would have to do all alone what police in groups with lots of money sometimes struggle to accomplish. keeping kids safe (and that is true even when police does not have child abusers in their mids) is not always easy.

They don’t have anywhere else to turn :(

yes, i think that very often they have nowhere to turn to, and partly this is intentionally deployed by the abusers like cutting contacts with everyone that the child might be willing just to talk to so that some few words could reveal what really happens.

Also by schools that report kids bad behaviour to parents (which in general is seen somewhere between unproblematic and good, but to the abused child, the school working hand in hand with the abuser, does not help with anything). But the hope to “leave forever once grown up” can help do the (mental) split (possibly there are other solutions like living in fantasy worlds or such or combinations) But leaving for real also has(!) to wait until the abusers are not officially “responsible” for the victim any more, otherwise gov could make sure that the situation gets even worse and this is a very realistic horrifying danger to the victim and regularily happens too. Having to wait means a child of i.e. 5 years may have to decide to wait until it is like 18 years old to actually be able to do the escape it so badly needs to develop its own life, this means it would have to decide to wait another 3times of its current lifetime/age just to securely be able to leave for real and start with developing its own life while the abusers have plenty of time to go on damaging the victims life, body, mind and soul. Also please be aware that countries exist where government is running (as in organising, financing and protecting from any justicial consequences) projects that involve getting hands on helpless kids, handing over those helpless kids to known previously convicted pedophile sex abusers (explicitly selected because(!) of the criminal record as a pedo sex abuser…), then protecting the abuser as well as the knowledge about the explicit handover “to a selected known child abuser” from the public knowledge while presenting “protecting the child” as the official reason for not making details public or even investigating how suizidal (i.e.) that kid actually is.

That victims in general should seek help in such official child"care" facilities (which were the ones known to do the handover to the abusers) would not only be a slap in their face but could also might pose other serious threats to them. Already knowing a little bit how to handle and prevent worse abuses by that first abuser but beeing faced with a new unknown “parent” that is abusive too but maybe in other ways, is a huge risk and might get them in additional trouble just because they would have to start try protecting themselves but again with no knowledge about the new threat they are confronted with.

“Officially” stopped (as in “a single one” of those child"care" offices has only stopped doing the handovers) projects tend to go on very long (just look how long we still have pirates on the seas despite the british crown and others took back those “letters of marques” once payd by a gov, a legalized crime will go on for centuries especially if the abusers happen to be protected by gov) From that stopped “handover helpless childs to convicted pedophile sex abusers” project (kentler “experiment”) up until now AFAIK not a single child has been rescued so far (thus the project continues with happy abusers and likely suicidal thinking victims)

So in some lesser civilized countries (which usually thrive to call themselves the most civilized…) the official childcare much more looks like a real trap to face even more abuse.

Some abusers build psycological traps for their victims like offering help but turn it into desaster then making the child (or even adults) responsible for any bad outcome (wich might as well be preparedly forged bad outcomes by the abusers. mind control bastards are in fact evil). Such experience could harm the victims overall acceptance of ‘help’ from anyone, effectively preventing offered true help from beeing accepted.

Now say what to choose where an abused child “should” turn to “in general” and how the help has to be organised and offered to those children to actually help.

Social workers often say that every abusive situation is very special while at the same times the schemes are often very similar.

No matter what, the solution is never easy unless the abuser dies by a true accident or real health issues and luck lets the child find (luck no2) someone really trustworthy - no matter by which way. When thinking of humans and eternal life the point of abusers never dying is the one point where i would say if abusers could also live forever in case that humanity in general could, then it would be better humanity in general could not live forever.

But also love IS part of human beeings, loving someone else makes us feel better and also heal a bit, pple say that sharing comes back twice and i think this is part of it. We humans do need to care for someone else or we get illminded, maybe feel the need of becoming richer and richer, more powerful and even more powerful every day, may it be in politics or in controlling other peoples lifes or minds effectively abusing them, becoming an abuser or such) that is loosing ground in our own minds and loosing real control over ones own life then sometimes raises the need to control others instead if that seems more easy or maybe more realistic or maybeveven pleasant, i don’t know. Maybe the love given by abused victims to their abusers is just that, keeping themselves sane, even if that sounds insane by itself, but given the circumstances sometimes could seem to be the smalles loss while loosing a whole life but just “not yet” every day :( which i see as a whole-life torture.

Thats about the main parts of what i think why, not a single reason but a bunch of maybe’s one worse than the other.

this is part 2 of 2

the “love” part is - as always - difficult to define. its a word widely abused by those who abuse in other ways anyway, while in non-abuse circumstances, “love” is kind of a word without clear definition. In some aspects this is very similar to love itself - as love has many ways and facets to it that can vary greatly - okay, but that possibly is only a thought fed by a lack of a more precise language and overall use of way too generic words.

A young child that is abused might not have experienced love in its short lifetime, yet it might use the word it once heared in different context out of just trying to get word meanings - that is learning to speak - or trying to figure out what could stop the abuser from abusing it, while their abusers might personally use the word “love” instead of “abuse” because abusing others - for the abuser - might be the one thing which makes them feel something that most closely matches what others say about how love feels. For the kid, love then is a wierd word with very contradicting meaning, which in turn would be said to be so by nearly all adults, but mostly for other reasons. Please try to be more precise when talking about serious love questions about abusive contexts =) let me now do a step aside to the literally cold part of the world. One knows snow and ice, but i once read in a documentation that some culture in an icy region has 32 words for different types of ice and snow for their daily use and i assume that this happened due to the need of definition what type of snow to expect ‘over there’, or maybe “tomorrow” or in discussions where to settle or how to reach a site… that is having only one word that has to fit-them-all yet beeing so important and prone to be abused(abuse of the word here) it seems to me that the lack of words for defining a bit more precisely if it is loving like a (non-abusive) mother loving like a real friend loving sth like an enthusiast … could probably have a slightly bigger role in the overall problem than anticipated in general.

but yes, the brain is programmable, you do it when learning to ride a bicycle. Social programming may work differently, but is also possible. See how many people are trained like apes to always shout how great their country is, how civilized etc they are, yet if you really look it, all the lies just stinc horribly and that so called civilisation is very far away from beeing civilised. yet all the programmed apes prodly shout the greatness does not even exist there, but maybe it exists in their dreams (only)…

but now to answer the question with what i personally think:

while the mind is still developing to actually come into existance, conciousness still is a rare visitor as it comes into play and drifts away again without having a way to make it stay, one has only few things randomly choosen that can be directly remembered and huge parts of time inbetween conscious moments which start with a fast-forward in time while the inbetween is like the memory of a bad dream, blurred, not in order etc, but yet is the actual reality consciousness then stepped into. Stepping in of not yet developed consciousness may also have an incontrollable timing of stepping in-and-out, making decisions very urgend to do before blurrtime starts again and consciousness stepsl out. While not having consciousness at hand alltime, one can - during conscious times - only act or even think so little until unconscious time of “instinc-only” starts again. Again in nonconcious time contra-abuse actions cannot be performed or even thought of. body screams in pain, making the abuser causing more pain to victim which causes body to scream more until finally passing out. however thinking how to get out is only available in moments when the currently developing consciousness actually steps in again which can be quite short and not so easy to predict when that happens or when it ends again.

In later stages where consciousness - while not fully developed - at least is nearly alltime available -that is until passing out of course- actions can be adjusted to like not(!) crying in pain when waking up from passing out (while still beeing abused though) so to disrupt this specific downward spiral of screaming-is-punished-by-more-abuse.

In later stages when beeing able to observe the little hints of psychological instabilities of the abusers and their “abuse triggers” a “profile” becomes visible -that is when the victim has sort of a years long running statistics about that broken abusers “personality” not because the victim wants to make statistics but because of intentionally forgetting things is just not yet available to the under-stress-developing personality / brain functions of the victim as same as also intentionally remembering things (in general or circumstances related) too is a not yet available brain function. Also some parts of a more developed brain hide horrible experiences from consciousnes while other parts try to reach the memories to not only complete development but also to maybe find solutions to get out of the danger by analyzing memories of what happened when and why, when did it stop and maybe what caused the stop so one can start to handle it somehow. So it all forms a rather horrible yet “luckily incomplete” statistics done under stressfull fight against oneself then later called maybe hust “experience” or trauma etc. while the victim should learn to cope and handle and develop its own body or brain functions or even personality, to prepare for life, it is >500% overload-occupied with learning to cope with the junkyard of the abusers “personality” to prevent the small quantum fluctuations in the inbalances of the abusers psycholigical radioactive mess to avoid at least passing out due to abuse. trying to prevent the abuse is then the only available way of trying to survive, which is also instinct driven and surviving is n1 priority of the child, that is if course unless the child develops suicidal thoughts as a result of abuse. If and only if the victim somehow survives this mentally and becomes capable of doing the splits (mind, not sports) it is then eventually able to try to analyse how it could be possible and plan ahead solving the problem by maybe leaving forever or maybe finding other solutions, beeing on a constant lookout for what might bring security instead of learning to live or enjoying life let alone build up his life. Children don’t know what possibilities society in general offers or the risks child"care" offices pose to them (neither the other way around). They only rely on that little they know which is only their own experience and the “experience” of all ancestors combined and inherited in “instincts”, which are both unreliable in such cicrumstances: instincts are sort of predictable by adults and often abused by abusers thus bad to rely on in an abusive context when still a child. The own experience is still very little, likely poisoned by abusers and logic (brain instinct?) also needs all relevant variables to make good decisions while the lack of experience causes a lack of knowing what variables would be relevant or do exist at all also again likely beeing poisoned by abusers. Decisions are made out of the visible(!) possibilities which are likely also intentionally reduced overall by abusers for this very reason maybe by cutting the cholds connections to others, telling the child that those neigbours were very evil persons etc.

Some types of abusers intentionally destroy their victims believe in themselves. this makes it very hard or impossible for the victim to get out on his own, sometimes the victims mind may even start to think (what narcisists heavily work on to achieve) that the current abusive situation was the best possible outcome of their life, which then stops the “want” of leaving the abusive context as result of the psycoligical trap the abuser intentionally layed.

Also leaving abusive circumstances always is risky, and one should be thoughtful about risky decisions in general, right? Obviously abusers already are ok with substancially harming the victims body, mind, life and soul. Also they usually fear to face consequences (not sociopath or psychopath they don’t fear consequences), some would rather completely destroy the life of their victim than facing the consequences of their actions. Narcisists would probably make the friends of the victim believe the narcisist was the victim and the victim was the offender, deliberately destroying all friendships A sociopath would probalby cause unimaginable damages of any type to the victim not preventing even damage to himself, while a psychopath would maybe kill the victim for any reason including removal of evidences. Considering all of this does not make “leaving” abusive situations an easygoing task but a decision that can possibly and realistically end very horrible. Additionally victims might fear to get similar punishments from others when telling the truth so in fear might not even tell the truth when help would really be at the tip of their nose. Then saying weird things could be such an instinct kicking in and maybe not(!) a thoughtful decision. Saying such things (out of trained fear) that protect the abuser or even add insult to the victim itself (as trained by the abuser that the victim always has to insult and calling itself beeing responsible for all bad things or face even worse punishing) might also affect the victim to start to believe really untrue thing about itself. Most people struggle to get out if a single devils-circle, but what if a second circle was added?

this is part 1…

• The good’ol cursing seemed to work without radio or someone actually listening
• it seems boeing was already cursed with parasites in high positions. not sure if additional cursing could actually increase a long painful death curse by anything other than its duration.
• The “pick them up” they’ld rather want, does not work through radio yet, rescue missions for biological personnel sadly still need to be made of/by solids.
• unfortunately radio is a bit flawed during the plasma phase of reentry, while i think the plasma phase ‘is’ the reentry, before is only getting closer, after its basically flying or gliding/falling down, maybe parachuting. the plasma is a bit of a barrier for radio signals they said long ago. however i was quite surprised to see a new "documentation’ lately about the columbia shuttle during reentry where i was sure the original documentation said that they were in the no-radio phase due to plasma while the new ‘documentation’ said they could communicate through radio even seconds before the destruction of the shuttle, the new documentation even showed they had sensor metrics about first sensors to measure high temp while afaik those sensors were initially later installed only “because” of the aftermath for this very nasa failure … so could be that also the informations we got from tha liers about the plasma phase is also a bit “flawed”.
• last, i’ld guess that they don’t have equipment for amateur radio frequencies on board, all involved are picky about overall rather “deadly” leaking of informations important for the public.

so to answer your question: my guess is no one will.

the “news” i “know” about india is little, some historical “facts” written mostly by uncivilized brutish invaders compacted to youtube videos by part or fulltime streamers. Some other “facts” which sound often bad i sometims mostly have from official media known to promote any “nice” propaganda - that is, depicting other countries worse than the own one so that people do not hunt their own gov with garden forks just to stop the crimes. Well i really “know” nothing about India.

But beeing proud of culture usually is a good thing, but that is only if it is culture and as such does not(!) base on abuse or similar.

Maybe what you experience could be a crowd effect that protects the people from seeing what they (group, society) do wrong while at the same time it protects the worst wrongdoers from punishment or at least from getting stopped. Such as it could be a self-sustaining downwards spiral taking more and more and everything down with it slowly increaaing pace. At least what you wrote sounded a slight bit chilling like that.

It could be hormones and how culture tells you to act or not act on them, or a lack of culture about such, maybe a combination of culture to “support your group” while that support does not always protect integrity of the overall concept of what that culture was meant for. A group of people cheering to each other how good they are might not want to stop cheering for “minor reasons” because it just feels good. While doing wrong things they could “help” each other (which is supposedly a good thing but can do lot of harm too) with arguments that this wrongdoing would be ok or even "good’ in this specific moment because of <insert_bullshit_here>. alltogether spiralling downwards doing so more often every day. So all of them can go on wrongdoing while feeling well supported or even falsely feel superior in general.

however a figure (real/not real?) well known in india once said something like “it is better to calm down and just do your thing than to overreact”. (this is the shortes version i’ve ever tried to compact it to but maybe you get the idea anyway).

I know for a fact that this is not true,

i don’t know the underlying things that make it a fact, plz share.

that a moderately clever human can talk them into doing pretty much anything.

besides that LLMs are good enough to let moderately clever humans believe that they actually got an answer that was more than guessing and probabilities based on millions of trolls messages, advertising lies, fantasy books, scammer webpages, fake news, astroturfing, propaganda of the past centuries including the current made up narratives and a quite long prompt invisible to that human.

cheerio!

1. i am sure you won’t pay for it if my laptop disappears this way (if yes, lets make a contract with a lifetime “fee” of 0$ i pay you whilst you pay for everything that got stolen from me in a plane)
2. ppl with kleptomania do travel too
3. how could you know? you are not talking about you and your colleagues or such?
4. such statistics were made by those who benefit from planes looking more safe.
5. “work and travel” vs “steal and travel”, which is more likely be done by a thiev?
6. not all theives “need” to steal, some just do so because they can, others maybe because its family tradition.
7. sometimes it could be more important that nobody could possibly put something into(!) your bag (and remove it later) to let you get it through customs for them, those arguably “would” buy such tickets to do so, as it’s probably part of their income, but i guess thats only a problem when flying in or out of countries with big illegal drug imports.
8. <something i forgot>

it might take ages for her to choose the right boots for rebooting ;-)

if your wife wasn’t vi-impressed, maybe she already is vi-improved ;-)

I see only one reason, why i would want to be early at the seat. its bcs if i am not, my backpack might be placed above but multiple seats away by the crew, where it is then uneasy for me to have an eye on it whilst easy for theives to take and open them, especially on long flights there would be plenty of opportunity like when everyone is sleeping.

but for this case i use locks on the backpack anyway, so that anyone who wants to open it, either opens it where nothing of value is in it thus no lock, or at least has a much harder time than when trying the very same with other bags…

also on longer flights i usually did not have that problem, but that could also have been just luck

after looking at the ticket myself i think the relevant things IMHO are:

• a person filed a bug report due to not seeing what changes in the new version caused a different behaviour
• that person seemed pushy, first telling the dev where patches should be sent to (is this normal? i guess not, better let the dev decide where patches go or -in this case- if patches are needed at all), then coming up with ceo style wordings (highly visible, customer experience of untested but nevertheless released to live product is bad due to this (implicitly “your”) bug)
• pushiness is counterparted by “please help”
• free-of-charge consulting was given by the one pointing to changes likely beeing visible in changelog (i did not look though) but nevertheless it was pointed out to the parameter which assumes RTFM (if docs were indeed updated) that a default value had changed and its behavior could be adjusted by using that given parameter.

up to there that person -belonging to M$ or not (don’t know and don’t care) - behaved IMHO rather correctly, submitting a bug report for something that looked like it, beeing a bit pushy, wanting priority, trying to command, but still formally at least “asking” for help. but at that point the “bug” seemed to have been resolved to me, it looks like the person was either not reading the manual and changelog, or maybe manual or changelog lacks that information, but that was not stated later so i guess that person just did not read neither changelog nor manual.

instead - so it seems to me - that person demanded immediate and free-of-charge consulting of how exactly the switch should be used to work in that specific use case which would imply the dev looks into the example files, maybe try and error for himself just so that that person does not need to neither invest the time to learn use the software the company depends on, nor hire a consultant to do the work.

i think (intentional or not) abusing a bug tracker for demanding free-of-charge enduser consulting by a dev is a bad idea unless one wants(!) to actively waste the precious time of the dev (that high priority ticket for the highly visible already live released product relies on) or has even worse intentions like:

• uploading example files with exploits in them, pointing to the exact versions that include the RCE vulnerability that sample file would abuse and the “bug” was just reported cause it fits the version needed for exploitation and pressure was made by naming big companies to maybe make the dev run a vulnerable version on it on his workstation before someone finds out, so that an upstream attack could take place directly on the devs workstation. but thats just creating a fictive worst case scenario.

to me this clearly looks like a “different culture” problem. in companies where all are paid from basically the same employer, abusing an internal bug tracker for quick internal consulting would probably be seen as just normal and best practice because the dev who knows and is actually working on the code is likely to have the solution right at hand without thinking much while the other person, who is in charge of quick fixing an untested but already live to customers released product, does not have sufficient knowledge of how the thing works and neither is given the time to learn or at least read changelogs and manual nor the time to learn the basics of general upstream software culture.

in companies the https://en.m.wikipedia.org/wiki/Peter_principle could be a problem that imho likely leads to such situations, but this is a guess as i know nobody working there and i am not convinced that that person is in fact working for the named company, instead in that ticket shows up a name that i would assume to be a reason to not rely too much about names in the tickes system always be realnames.

the behaviour that causes the bad postings here in this lemmy thread is to me likely “just” a culture problem and that person would be advised well if told to learn to know the open source culture, netiquette etc and learn to behave differently depending on to who, where and how they communicate with, what to expect and how to interact productively to the benefit of their upstream too, which is the “real price” all so often in open source. it could be that in the company that rolled out the untested product it is seen to be best practice to immediately grab the dev who knows a software and let him help you with whatever you can’t on your own (for whatever reason) whenever you manage to encounter one =]

i assume the pushyness could likely come from their hierarchy. it is not uncommon that so called leaders just create pressure to below because they maybe have no clue of the thing and not want to gain that clue, but that i cannot know, its just a picture in my head. but in a company that seems to put pressure on releasing an untested product to customers i guess i am not too wrong with the direction of that assumption. what the company maybe should learn is that releasing untested and/or unfinished products to live is a bad habit. but i also assume that if they wanted to learn that, they maybe would have started to learn it like roundabout 2 decades ago. again, i do not know for what company that person works -or worked- for, could be just a subcontractor of the named one too. and also could be that the pushyness (telling its for m$, that its live, has impact to customers etc) was really decided by someone up the latter who would have literally no experience at all on how to handle upstream in such situations. hierarchies can be very dysfunctional sometimes and in companies saying “impact to customers” sometimes is likely the same as saying “boss says asap”.

what i would suggest their customers (those who were given a beta version as production ready) should learn is that when someone (maybe) continously delivers differently than advertised, that after some few times of experiencing this, the customer would be insane when assuming that that bad behaviour would vanish by pure hope + throwing money into hands where money maybe already didn’t help improving their habits for assumingly decades. And when feeding everhungry with money does not resolve the problems, that maybe looking towards those who do have a non-money-dependant grown-up culture could actually provide more really usable products. Evaluation of new solutions (which one would really be best for a specific usecase i.e.) or testing new versions before really rolling them out to live might be costly especially when done throughout, but can provide a lot of really high valueable stability otherwise unreachable by those who only throw money at shareholders of brands and maybe rely on pure hope for all of the rest. Especially when that brand maybe even officially anounced to remove their testing department ;+) what should a sane and educated customer expect then ? but again to note, i do not know which companies really are involved and how exactly. from the ticket i do not see which company that person directly works for, nor if the claim that m$ is involved is a fact or just a false claim in hope for quicker help (companies already too desperate to test products before live could be desperate again in need for even more help when their bad habits piled up too long and begin falling on their heads)

the xz vulnerability was done through a superflous dependency to systemd, xz was only the library that was abused to use systemd’s superflous dependency hell. sshd does not use xz, but systemd does depend on it. sshd does not need systemd, but it was attacked through its library dependency.

we should remove any pointless dependencies that can be found on a system to prevent such attacks in future by reducing dependency based attack vectors to a minimum.

also we should increase the overall level of privilege separation where systemd is a good bad example, just look at the init binary and its capability zoo.

The company who hired “the” systemd developer should IMHO start to really fix these issues !

so please hold your “$they have fixed it” back until the the root cause that made the xz dependency level attack possible in the first place has been really fixed =)

Of course pointing it out was good, but now the root cause should be fixed, not just a random symptom that happened to be the first visible atrack that used this attack vector introduced by systemd.

looking at the official timeline it is not completely a microsoft product, but…

1. microsoft hated all of linux/open source for ages, even publicly called it a cancer etc.
2. microsoft suddenly stopped it’s hatespeech after the long-term “ineffectivenes” (as in not destroying) of its actions against the open source world became obvious by time
3. systemd appeared on stage
4. everything within systemd is microsoft style, journald is literally microsoft logging, how services are “managed” started etc is exactly the flawed microsoft service management, how systemd was pushed to distributions is similar to how microsoft pushes things to its victi… eh… “custumers”, systemd breaks its promises like microsoft does (i.e. it has never been a drop-in-replacement, like microsoft claimed its OS to be secure while making actual use of separation of users from admins i.e. by filesystem permissions first “really” in 2007 with the need of an extra click, where unix already used permissions for such protection in 1973), systemd causes chaos and removes the deterministic behaviour from linux distributions (i.e. before systemd windows was the only operating system that would show different errors at different times during installtion on the very same perfectly working hardware, now on systemd distros similar chaos can be observed too). there AFAIK still does not exist a definition of the 'binary" protocol of journald, every normal open source project would have done that official definition in the first place, systemd developers statement was like “we take care for it, just use our libraries” wich is microsoft style saying “use our products”, the superflous systems features do harm more than they help (journald’s “protection” from log flooding use like 50% cpu cycles for huge amount of wanted and normal logs while a sane logging system would be happily only using 3%cpu for the very same amount of logs/second whilst ‘not’ throwing away single log lines like journald, thus journald exhaustively and pointlessly abuses system resources for features that do more harm where they are said to help with in the first place), making the init process a network reachable service looks to me like as bad as microsoft once put its web rendering enginge (iis) into kernelspace to be a bit faster but still beeing slower than apache while adding insecurity that later was an abused attack vector. systemd adding pointless dependencies all along the way like microsoft does with its official products to put some force on its customers for whatever official reason they like best. systemd beeing pushed to distributions with a lot of force and damage even to distributions that had this type of freedom of choice to NOT force their users to use a specific init system in its very roots (and the push to place systemd inside of those distros even was pushed furzher to circumvent the unstable->testing->stable rules like microsoft does with its patches i.e.), this list is very far from complete and still no end is in sight.
5. “the” systemd developer is finally officially hired by microsoft

i said that systemd was a microsoft product long before its developer was then hired by microsoft in 2022. And even if he wasn’t hired by them, systemd is still a microsoft-style product in every important way with all what is wrong in how microsoft does things wrong, beginning with design flaws, added insecurities and unneeded attack vectors, added performance issues, false promises, usage bugs (like i’ve never seen an already just logged in user to be directly be logged off in a linux system, except for when systemd wants to stop-start something in background because of it’s ‘fk y’ and where one would 'just try to login again and dont think about it" like with any other of microsofts shitware), ending in insecure and instable systems where one has to “hope” that “the providers” will take care for it without continueing to add even more superflous features, attack vectors etc. as they always did until now.

systemd is in every way i care about a microsoft product. And systemd’s attack vectors by “needless dependencies” just have been added to the list of “prooven” (not only predicted) to be as bad as any M$ product in this regard.

I would not go as far to say that this specific attack was done by microsoft itself (how could i ?), but i consider it a possibility given the facts that they once publicly named linux/open source a “cancer” and now their “sudden” change to “support the open source world” looks to me like the poison “Gríma” used on “Théoden” as well as some other observations and interpretations. however i strongly believe that microsoft secretly actually “likes” every single damage any of systemd’s pointlessly added dependencies or other flaws could do to linux/open source very much. and why shouldn’t they like any damage that was done to any of their obvious opponents (as in money-gain and “dictatorship”-power)? it’s a us company, what would one expect?

And if you want to argue that systemd is not “officially” a product of the microsoft company… well people also say “i googled it” when they mean “i used one of the search engines actually better than google.com” same with other things like “tempo” or “zewa” where i live. since the systemd developer works for microsoft and it seems he works on systemd as part of this work contract, and given all the microsoft style flaws within from the beginning, i consider systemd a product of microsoft. i think systemd overall also “has components” of apple products, but these are IMHO none of technical nature and thus far from beeing part of the discussion here and also apple does not produce “even more systemd” also apple has -as of my experience- very other flaws i did not encounter in systemd (yet?) thus it’s clearly not an apple product.

usually at first you can do such, and later on, when a ceo wants more money, you then can buy that together with the new “pro” features actually nobody needs nor wants.

maybe better look for more stable solutions before they start acting like a broadcom ;-)

Before pointing to vulnerabilities of open source software in general, please always look into the details, who -and if so - “without any need” thus also maybe “why” introduced the actual attack vector in the first place. The strength of open source in action should not be seen as a deficit, especially not in such a context.

To me it looks like an evilish company has put lots of efforts over many years to inject its very own overall steady attack-vector-increase by “otherwise” needless increase of indroduction of uncounted dependencies into many distros.

such a ‘needless’ dependency is liblzma for ssh:

https://lwn.net/ml/oss-security/20240329155126.kjjfduxw2yrlxgzm@awork3.anarazel.de/

openssh does not directly use liblzma. However debian and several other distributions patch openssh to support systemd notification, and libsystemd does depend on lzma.

… and that was were and how the attack then surprisingly* “happened”

I consider the attack vector here to have been the superlfous systemd with its excessive dependency cancer. Thus result of using a Microsoft-alike product. Using M$-alike code, what would one expect to get?

*) no surprises here, let me predict that we will see more of their attack vectors in action in the future: as an example have a look at the init process, systemd changed it into a ‘network’ reachable service. And look at all the “cute” capabilities it was designed to “need” ;-)

however distributions free of microsoft(-ish) systemd are available for all who do not want to get the “microsoft experience” in otherwise security driven** distros

**) like doing privilege separation instead of the exact opposite by “design”

there was a study saying that there is not “the” best way of learning, but it is best to combine multiple ways, like with an app, by book, listening to audio only (i listened to radio stations via internet and got some exercise for free), a bit of talking, visiting a country that only speaks that language and so on. trying everything a bit in parallel.

that is because of our brain learns better when given more different types of “connections” to learn.

i started with duolingo (website only, not the app and only the free parts) 4 years ago and now i speak quite fluently. but i also partly read a book about grammatics, visited a spanish speaking country (more than once), viewed movies with only subtitle in my language and did lots of phone calls in spanish only.

my advice is:

look at free apps, whatever pleases you, take chances, listen to the sound (movies, radio), try to speak, and read easy books or go through exercise books.

duolingo is good to keep on going while not really motivated as the shortest thing that counts are really only minutes and one can choose to do something that is already easy. this way at least continuation is kept even if pace is down for a while. and it is much easier to go on with pace when not having really stopped.

went through lots of plane accidents to find the one i think to remember, but had to stop as i do not want to increase fear of flying. however i stumbled about this one, Airbus A320 Air France flight 296 on 26th of June, 1988 which was sort of related as some “security” mechs seemed to have prevented crash prevention there and fired discussions. but this one was earlier and it was not boeing (and it looks like no one tried to cover things). however since it was during an airshow, not a commercial flight, i now figured out that the one i remember could have been a testflight, cargo flight or something else like a flight show as well… not sure if i “can” find it, the little i remember.

woman would take care for a literal horse instead of going to therapy. i don’t see anything wrong there either.

just a horse is way more expensive, cannot be put aside for a week on vacations (could a notebook be put aside?) and one cannot make backups of horses or carry them with you when visiting friends. Horses are way more cute, though.