it sounds like a Linux password is a red herring, and a secure password even more so

Yes and no. A secure password is extremely important against some security threats, but completely useless against others. It’s like vitamin C. If you don’t get enough, that’s a massive problem and opens you up to a ton of serious issues, same as if you don’t have enough complexity in your password. But even if you do, it won’t effectively protect you from, say, cancer or unprivileged malware respectively.

There’s nothing stopping any program from attempting to bruteforce your Linux password, literally running through possibilities hoping to guess it. Modern password implementations usually have some form of bruteforce protection. If you’ve ever entered your password wrong in sudo or KDE’s lock screen, it usually hangs for a few seconds before telling you your password is wrong, even though any modern computer will have determined it was wrong in literally an instant. This is to prevent a malicious program from endlessly trying random guesses until it gets it by making the time it would take to guess a sufficiently unique password too long to be practical. Your phone and optional software available for Linux go a step further, imposing longer and longer delays with each subsequent failed password attempt, and also prevents malicious programs from spawning many threads each independently calling sudo to bruteforce in parallel by completely disabling access until the time penalty elapses. Though you absolutely do need a sufficiently secure password, making it overly long has diminishing returns past a certain point, it doesn’t matter how many millions of years it would take to bruteforce with a 1 second delay for wrong attempts, but the upgrade from millions of seconds with a simple password like “hunter2” to years is the important part.

Also, a password with no encryption is like a padlock on a wooden box. Even if they don’t have the key, they can still just cut the box open. In computer terms this would be like if someone accessed the files in your SSD directly and injected malware with root privileges, since both completely bypass the check that’s “normally” supposed to stop unauthorized users. Encryption can help but like you said, physical access is generally considered game over anyway unless they found your computer while it’s off and it is never returned to you for you to enter your password. A computer with encrypted everything wouldn’t be able to boot. Your EFI partition and especially your BIOS/firmware have to be unencrypted, and anything unencrypted can be tampered with by a sufficiently skilled attacker with physical access to add things like keyloggers and backdoors that sit dormant until you graciously decrypt everything for them.

Your password strength matters a lot more with encryption though. If you’re going to the trouble of full disk encrypting your computer, make the password as long and random as you can practically remember. If someone is trying to decrypt your computer’s drive, they’ve probably imaged it and are using a separate machine with no rate limiting whatsoever, and modern GPUs can do a ton of cryptographic operations in a short time. And don’t use that password for your user account once decrypted.

If SSH is disabled the class of attacks to be prevented are users ‘voluntarily’ running malware pretending to be goodware.

More or less as far as I know, provided you don’t have any other way of remote access (VNC, RDP, Anydesk/Teamviewer and similar, that weird Steam remote desktop app, a server running vulnerable software on an open port that can be hijacked, etc). In computing, the general rule to follow is if you don’t need it, don’t enable it, otherwise it’s ripe for abuse. That being said, your router should be configured to block local port access from the internet anyway, but if you have another infected device on your network, that’s a major threat. If you do want SSH, configure it to only accept the keys of your trusted devices and not just respond with a password prompt to any device that comes knocking.

True, but does anyone operate this way? At that point it becomes an iPad or a Chromebook.

“Trust” in computing is fickle and complicated, just like real life. At the end of the day, you have to make a decison on who and what you personally trust. An iPad or Chromebook would be the least trustworthy computers in my mind because they’re locked down and administered by companies I absolutely do not trust, and though the locked down architecture does prevent other malware from infecting it, there’s probably already malware by any other name on it with proper Google or Apple security signatures that came with the device from the factory.

This is the same as if your distro maintainer is untrustworthy. They could slip in malware into the official package manager or installer ISO and you’d never know. I personally trust a reputable Linux distro over the literal biggest tech corporations in the world, but I’m still putting my faith in an organization I do not control nor personally know the people in control.

Open source is more trustworthy than proprietary software because the source code is available, but even that isn’t completely guaranteed to stop malicious code from making it in. The recent xz backdoor comes to mind. You’re still trusting that the other people looking at the source code actually catch the malicious part, and that’s not guaranteed even with the most trustworthy people when everyone working on it are overworked, stressed, and in the grip of tunnel vision to get their small part of it done like software developers tend to be, and even when that happens, it might be months or years down the line after the damage has already been done. There’s a reason a full security audit of an app can cost anywhere from thousands to millions of dollars depending on how big the codebase is. Also, because the vast majority of software aren’t compiled in a reproducible way, you don’t really have a guarantee that the actual binary executable that’s on your computer exactly matches the source code unless you go through the (usually difficult and frustrating) process of actually compiling it yourself. Sure, you can probably assume that the official binary released by the source code authors and signed with their cryptographic keys matches the source code since both come from the same place, but that’s not guaranteed and you’re still trusting a person or organization.

But wait, there’s more! The compiler you use is itself a program that needed to be compiled by another compiler, and so on and so fourth until you literally reach the stage decades back when someone manually wrote the individual bits for the very first compiler in that chain. A malicious compiler can be made to obfuscate the fact that it’s malicious, and only a manual review and reverse engineering of the raw binary (without reverse engineering software, mind you) can prove or disprove it’s compromised.

Finally, there’s hardware. Even if you audit every single literal bit of software, the processor itself has immense complexity that you can’t audit without, 1, extremely expensive scientific equipment, and 2, destroying it in the process, and that’s only one chip out of the tens of chips in a computer. Your processor could have secret instructions that bypass all security and your only real hope is to bruteforce every possible input to see what happens. And proving existence of a backdoor is intrinsically much easier than proving absence.

I’m not trying to scare you, but I do want to illustrate just how hard it is to have absolute trust in any computer. At the end of the day, you can never have a computer you completely trust unless you manually assembeled it from raw materials (not aided by any existing computer) and hand wrote every bit that goes into it. Like I said, we all need to make a decision to have faith in some person or organization we do not know. You can spend every waking minute auditing every last part of your computer, hardware and software, but then you wouldn’t have time to actually use it for the things you want to do. There’s no solution to this, there’s only higher and lower degrees of trust and security, which only you can determine for yourself.

So no, no one operates that way, because it’s impossible.

It does look like flatpaks or docker containers isolate behavior, so that’s a win.

Generally, yes, but remember there’s always the possibility of a bug that allows containers to break out of containers. This is not unique to Docker, any sandbox or hypervisor can be breached if there’s an exploit, just like any other software. Doesn’t invalidate the value of containerization, but it must be kept in mind that nothing guaranteed to be completely safe and “malware proof.”

OK, face of Karl Marx then. The German guy who never even set foot in the USSR.

Oh wait you think that’s bad too.

What about Mao-no.

What about Che Guev-no.

Ho Chi-no.

Venez-no.

What about the Paris commune? No? Still bad in your mind?

Marxist Austria? Nah I’m sure the army that put an end to that is preferable according to you. They called themselves socialist with none of the Soviet imagery after all!

Even if we completely rebranded socialism you’d make it your mission to add the Soviet imagery back in and remind everyone of it. Like y’all do for decidedly capitalist bandaids like student loan forgiveness or food stamps that don’t even have anything to do with socialism.

You’re a hypocrite for asking me not to or pointing it out.

No? I’m definitely what people like you call an “authoritarian seeseepee tankie” who supposedly loves suppressing speech for sport. My comment was perfectly inline (get it? cause I toe the party line?) with the totalitarian dictatorship aspirations I definitely totally have.

An AGI wouldn’t need to read every book because it can build on the knowledge it already has to draw new conclusions it wasn’t “taught.”

Also, an AGI would be able to keep a consistent narrative regardless of the amount of data or context it has, because it would be able to create an internal model of what is happening and selectively remember the most important things more so than things that are inconsequential (not to mention assess what’s important and what can be forgotten to shed processing overhead), all things a human does instinctively when given more information than your brain can immediately handle. Meanwhile, an LLM is totally dependent on how much context it actually has bufferered, and giving it too much information will literally push all the old information out of its context, never to be recalled again. It has no ability to determine what’s worth keeping and that’s not, only what’s more or less recent. I’ve personally noticed this especially with smaller locally run LLMs with very limited context windows. If I begin troubleshooting some Linux issue using it, I have to be careful with how much of a log I paste into the prompt, because if I paste too much, it will literally forget why I pasted the log in the first place. This is most obvious with Deepseek and other reasoning models because it will actually start trying to figure out why it was given that input when “thinking,” but it’s a problem with any context based model because that’s its only active memory. I think the reason this happens so obviously when you paste too much in a single prompt and less so when having a conversation with smaller prompts is because it also has its previous outputs in its context, so while it might have forgotten the very first prompt and response, it repeats the information enough times in subsequent prompts to keep it in its more recent context (ever notice how verbose AI tends to be? That could potentially be a mitigation strategy). Meanwhile, when you give it a very large prompt as big or bigger than its context window, it completely overwrites the previous responses, leaving no hints to what was there before.

unprivileged programs have limited/no ability to do scary things to your computer. they might be able to read some data, but it’s not going to implant malware in the boot sequence for Windows.

No, but they can still severely harm your computer/data. Unprivileged programs can still delete or encrypt everything in your home directory or inject themselves into other unprivileged programs or a commonly used shortcut file. You’re probably thinking of containerized apps which are much more limited than the default user permissions and access can be given only to what is needed instead of everything your user has access to.

Linux is as susceptible to this as Windows. It’s not that hard to write a proof of concept malware in Python that copies itself to somewhere in your home directory and appends python ~/.some-boring-config-directory-most-people-never-open/some/more/subdirectories/for/obfuscation/persist.py to your bashrc. You can do the same on Windows with Powershell, JScript, or even VBS, all of which can do severe damage even without privilege escalation.

For example, there was that fake captcha scam a while back which social engineered people into pasting Powershell scripts into their run window, and is able to persist even without UAC permissions. A well known equivalent attack on Linux are those bash shell tutorial sites with the handy copy button next to the listed commands, which can control what is pasted into your clipboard and might not actually give you the command it appears to give you. Even on a user space bash terminal, something like rm -rf /* can delete all your data, ironically not the system and application files that can be replaced (since those require root) but it can delete your personal files that you actually care about just fine. They can also persist on your system by appending stuff into your bashrc with >>, because that file is owned by your user and therefore doesn’t need extra permissions.

Any modern operating system is so complex and has so many parts interacting with each other that it’s always possible to hide something malicious somewhere in the Rube Goldberg machine which most people will never notice. Real malware don’t use the typical persistence methods normal programs do because they are well documented and easy to defend against. Linux can be said to be better than Windows in this regard due to being open source and auditable and therefore doesn’t have nearly as many undocumented hiding places (and Linux is generally less Rube Goldbergy), but it is definitely not immune. Never ever run any untrusted program or script, not even unprivileged. The biggest thing Linux has over Windows in this regard is the package manager, which is actively moderated by your distro maintainers, so you don’t have to download random installers from the internet like on Windows.

The irony being that the boomers who say the “builds character” shit had a vastly easier life compared to their parents and grandparents, who fought literal world wars. They think all societal change before them was good (including stuff like colonialism which they see as “civilizing” the savage natives) but any progress after them is the devil because it means they might have to change their behaviour or worldviews, hell, or even the idea that people they think are less than them getting less disadvantaged and oppressed than before which I guess make them jealous or something?

anarchist erasure

You know you can just repost this with the anarchist symbol pasted over the hammer and sickle in response right? Like you think the OP presumably did to your symbol. If you care, there’s nothing stopping you from erasing us tankies right back, we can handle it. You could even snarkily title it “Perspectives about life (fixed)” or something. Go crazy, this is literally the meme community.

Also, ironic that an anarchist is protesting someone covering up their symbol to express a different thought. No kings or masters or hierarchy but an abstract symbol on a shitpost is sacred and can’t be touched?

“DUHH, IT’S BECAUSE SPEECH IN CHINA IS CENSORED AND YOU’LL LITERALLY GET SENT TO A XINJIANG CONCENTRATION CAMP IF YOU TRIED BEING A VLOGGER”

By squeezing an entire can until its contents shoot up in the air, catching it with your mouth, and then flexing your uncanny overly defined biceps.

Unless you have a Graphene or Linux phone it’s probably just as bad if not worse than using Edge.

I mean, unless you’re a legend and memorized the Firefox latest release URL you still have to navigate to a website to get the link.

EDGE is a useful app for downloading your new Linux ISO

FTFY

Definitely check the signature though in case Edge decides to inject some “improved UX” into Linux.

As a general rule of thumb, any in-store prepared food in a large grocery store (the ones that come in the store’s own packaging) was probably raw food that had been sitting for ages and they couldn’t sell in time. They’ll literally cut mold out of fruits and slice up the rest for those plastic platters. Every time they re-print a label, it resets the expiry date and you have no idea how many times they’ve done that and just shuffled food around by turning it into different forms.

CBC Marketplace video: https://www.youtube.com/watch?v=ZxCT_D6HBd8

Define “doing things which enable you to survive.” In my definition, that doesn’t involve being king or exploiting others to hoard more wealth than you could ever hope to spend. You need some minimum amount of resources to survive but hoarding many times more than you need doesn’t help you survive and only harms others.

“If a monkey hoards more bananas than it can eat, causing its peers to starve while most of the bananas rot in its pile, scientists will study its brain to find out what the hell is wrong with it. But when a human does it, they get celebrated under capitalism.”

Also, it was once human nature to flee from fire, but once we learned to control it, it became an integral part of our lives. Human “nature” changes over time because your brain is pretty much a blank slate when you’re born and doesn’t fully finish structuring itself until your 20s. Your entire childhood is spent developing your “nature” that you’ll have for your adult life (and even then you can change it at will even in adulthood if you change your living conditions), which is why we’re more influenced by the conditions we grow up in than any sort of innate biology. What “nature” was best for hunter gatherer or even medieval times are totally obsolete in our modern day, so they stop being our default “nature” due to children no longer growing up in those conditions.

The idea that your nature is influenced by your conditions isn’t even unique to humans. Most animals are the same, a house cat or dog will learn from a very young age how to beg for food from their owners while a feral cat/dog won’t because that’s not beneficial for their survival when they’re not a pet. Hell, house cats keep making kitten sounds because their owners keep treating them like kittens, while feral cats stop meowing once they leave their parents. Animals born and raised in captivity in general often show completely different behaviors and personality compared to wild animals of the same species, because their brains are literally structured differently due to growing up in different conditions.

Yes. Because it benefited them over others. Humans are capable of choosing to do things that benefit them and it has nothing to do with their “nature”. Human nature is to not die and in the ages when humans could barely produce enough food for their own survival, it was beneficial to be in a position of power because it let you control the resources, ensuring you had enough for yourself and maybe some of your subjects as an afterthought. Marxism does not reject the notion that power benefits the people who have then, in fact that’s a core fact that Marxism is based on, and it calls out the fact that feudal/monarchist/capitalist power benefits the ruling class by subjugating and exploiting the working class, and proposes that fully collective control of resources will benefit everyone much more equally than the current system. I don’t think you have to agree with Marxism’s proposed solution to this to recognize the problem it points out. It asserts that because we have lived in such systems our whole lives, we think it’s human nature when in reality a person born and living in some other system (Marxist or otherwise) will think their system is human nature, because in reality no system is and they’re all abstract inventions with nothing to do with our neurobiology or evolution.

For a non political example, I write code all day because it benefits me and I think it’s the most normal and intuitive thing ever, even though I doubt programming was something humans evolved to do, we figured it out ourselves and it had nothing to do with our nature. You literally have to learn and practice abstract computational thinking while learning to program because it’s very unintuitive at times compared to how humans think by default, yet people learn it just fine and once you do, it becomes your nature.

The cool thing about humans is we’re not bound to natural instincts and can choose to live however we want. I think we should leverage this ability instead of using it as a justification for maintaining the same broken systems that have let us down over and over again.

Because humans experiment with societal rules as societies were developing and get into self reinforcing loops that go on long after everyone’s forgotten why it happened in the first place.

Human nature is to form societies. What happens in those societies and how they are structured are the result of chaotic interactions and competing thought that, again, are the result of material conditions those humans find themselves in.

There are plenty of societies that don’t strictly follow the Roman/European system of power. Japan for example had their emperor reduced to a symbolic position long before European contact, but even though the emperor had most of his real power taken away, everyone still called him emperor and worshipped him because he was so important to their culture, power or not. Meanwhile, in what would be modern day India, multiple different religions arose based on selfless sacrifice for others and rejection of indulgence and pleasure in favor of self reflection and simple living, with many people throughout history in the region (princes, heirs of family fortunes, etc) fully rejecting their very privileged lifestyles to embrace aestheticism. Same with ancient Greek stoic and cynic philosophers many of which came from rich and powerful families yet deliberately choose to reject all of it. That all seems pretty against “human nature” no? Then you had the Indigenous tribes of the world who practiced small egalitarian societal groups and did perfectly fine until Europeans intervened.

Any system predicated on obtaining as much wealth or power as possible will see people fixating on that and eventually divorcing the wealth/power itself from the material conditions that they arose from. Why do you think so many corporations turn into death spirals where they try to increase profits at all costs, abandoning their actual products and customers, and then act all shocked when they inevetably go bankrupt due to no longer having a customer base because they alienated everyone with their shitty profit oriented practices? The only way to solve this is to change the system people live under.

Yes. When your rule is based on seizing wealth and power you’ll keep doing that perpetually so you don’t lose your place in the ruling class. The fact that they did that is more consistent with the Marxist notion that human “nature” is shaped by the material conditions they’re born into.

Meanwhile, the vast majority of peasants of that time fully accepted and even embraced their position due to all the religious brainwashing. Most had no real aspirations of power (supposedly despite their nature to desire power) because they’ve been taught their whole life that it’s better for that to be taken care of by someone else that “God” supposedly chose. If anything, our uncritical acceptance of our place within capitalism is closer to what the serfs thought.

Capitalism arose from European feudalism. Which in turn arose from Christianity. Which in turn became mandated by the Roman Empire right before it totally coincidentally collapsed. The decisions behind this progression were limited to a tiny subset of the local human population, the ruling class which back then was basically seen as a completely different (superior) race compared to the commoners and peasants, to the point they chose to breed with their own relatives instead of polluting their blood with that of the people below them. Therefore, they absolutely did not represent the wishes of most humans at the time and certainly did not represent the “nature” of most humans, just the ones most corrupted by power and exceptionalism in a system they created specifically to keep themselves in power and separate from the masses. They’re not human nature, they’re the societal cancer that actively rejected and suppressed real human nature.

Killing people who don’t worship the same Gods as you, taking slaves from the neighboring city state, and having a harem of sex slaves “wives” are all “human nature” that have all been done since before we had the technology to record them all the way up to today. Should those be tolerated in modern society too? Hell no.