While they're at it, why not update the SSH warning banner with a list of what we do and don't log on this system. As a courtesy to their adversary.
This sudo message has been the same since the dawn of time. There is literally no reason to correct it. This is the one place you don't want to be pedantic, leaking security configuration via stderr.
That message is poor UI. If you know what it means, you probably don't care about the possibility of sudo sending an email when you first typed it. If you don't know, you will be worried probably without a good reason to be so.
Nowadays it's even worse than it once was, because now the natural instinct of people is to think that the incident was reported to canonical or ibm. The opposite of how they are supposed to feel about when using free software.
I'd change it to "This attempted was logged" or something like that when that is true. Just so the user is aware that the data they are typing there may be seen by someone else. But by default, in their own systems, that message should never appear, unless they specifically configured it that way.
Reminds me of when I was younger and my mom and my brother were using a windows computer. They got the message “an illegal error has occurred” and my mom called me to ask if they had broken the law.
sometimes people also complain about xscreensaver's lock screen because it doesn't use a widget library, but the alternative lock screens can often be crashed through bugs in the widget libraries they use
When I was young I had messed with the computer and it showed an english message with the word "atom" in it. My mom not being a native speaker freaked out as if a nuclear explosion was about to take place.
I don't really think this is a security issue. If an attacker is able to try executing sudo on your system, you have much bigger problems (for example, data exfil can be done by non-sudo users in many cases, or if your system is sufficiently old there's known priviledge escalation exploits). I don't think an attacker gains much knowledge from knowing whether or not they're on the naughty list.
If the attacker can execute sudo they can probably just alias it to a sudo that sends them the password and wait. The number of users on multiuser systems who don't have sudo access is just vanishingly small. Universities perhaps. But in most companies, if they trust you with access to the machine in the first place they'll trust you with sudo access.
If you shouldn't be using sudo, then you shouldn't be listed as a sudoer on that system. If you're listed as a sudoer, then you should become familiar with what sudo does.
i'd argue in a different direction: if sudo barks a scary unknown message at me, i'd avoid using it altogether and just use su, which is the opposite of what people should be nudged to do.
Yes. Largely through torturing my system and reducing it to non-bootable state and having to read up on what symbols I mangled this time and how. Why do you ask?
Electric resistance heat is super inefficient. That's why it's often referred to as "emergency heat".
Ironically the best combo is a heat pump + natural gas furnace as a backup. Best of both worlds. But here we are making those illegal so we can pretend to save the planet.
> Ironically the best combo is a heat pump + natural gas furnace as a backup. Best of both worlds. But here we are making those illegal so we can pretend to save the planet.
How does this work in practice though? The natural gas distribution lines don't pay for themselves. If they're only gonna be used in emergencies then they'll be crazy expensive. You have a lot of money by not having to run natural gas through a neighborhood at all.
A more realistic backup in these types of places (which is used widely in the northeast) is heating fuel oil in a tank.
I agree with everything you said except there has been a war on heating oil since before this tiff with natural gas. So even suggesting that is anathema because it would be career suicide for the politicians pushing this. You can certainly use an oil furnace as a second stage, though oil is more often used as a boiler for steam or hydronic.
Storing heating oil is risky, expensive and is a dirty use of a property due to the need for an underground or above ground tank.
Abatement of tank leaks can run into the millions as you have to dig up all soil contaminated by heating oil when the tank is retired, and tank retirement is a cost that holds up many property sales and redevelopment here in the Pacific Northwest.
That's not really true elsewhere. Using in-ground oil tanks is an antiquated practice that isn't used anymore. Any modern heating oil installation has the tanks either in the cellar or in the yard behind the house. Either one would immediately reveal a leak so it could be remedied quickly. Yes Seattle is full of shitty bungalows with in-ground oil tanks that have to be condemned, it is a problem and one of the many reasons Seattle sucks. I did a stint at AWS so know the area. You can get away with a heat pump or baseboard electric in Seattle because the outdoor temperature rarely dips below 30F in winter. Go to a place like Maine where the vast majority of houses use oil. There is no natural gas infrastructure and heating with electric is impractical. 30F is a 'warm' winter day. A heat pump cannot effectively deal with the frigid climate in the NE and electric space heating would be insanely expensive. Many thousands of homes are heating with oil in the northeast everyday and not turning their yards into superfund sites. There are many compromises that work for the milquetoast PNW that won't work elsewhere.
The problem is when it kicks in for everyone in the neighborhood at the same time on an especially cold night and causes a brown out. (Happened to me this winter.)
They ARE required by code and have been for years. Parent's "luxury" apartment was not built to code. Probably one of those illegal NYC apartments where you tear open the walls and there's a whole other furnished room inside that isn't shown on the blueprints.
It's very possible, and might be impossible to upgrade a large multi unit building. In most jurisdictions a large renovation would force you to upgrade such things. In this case I would assume simply disallowing a gas stove without proper venting. Though I suspect the permitting process in NYC resembles something out of The Sopranos, assuming the proper permits were obtained.
Not when the power's out for days - as often happens in winter storms.
You can run the blower and electronics of a natural gas furnace or boiler off a little camping generator for a week or even better a natural gas whole house unit in perpetuity.
If you take the investment that is the infrastructure for gas lines (all underground) and do similar for most electricity then storms don't take out electricity and people don't die.
Best of all, the total investment and maintenance actually decreases.
"You can run the blower and electronics of a natural gas furnace or boiler off a little camping generator.."
Likewise for a heat pump, right?
Does this "power out for days after a winter storm" thing actually happen very often? I am from Manitoba and my worst-ever experience was 10-11 hours when it was very, very cold out in 35+ years.
You need way to power to drive the heat pump than you do to run the blower. But I agree, it's stupid to act like a natural gas furnace is a good choice for long-term power outages.
Depending on your definition of long term… I’ve got ~900lbs of propane tanks sitting beside my house, a propane forced air furnace, and a dual fuel generator that can run on propane.
Assuming I run the generator for 12 hours a day at half load (powering my whole house, still firing my equipment up and working remotely…) and the furnace runs for three hours a day throughout that time… I can keep going for a couple of weeks. If I _can_ get gas to fuel the generator with that can be extended pretty substantially—the generator is really what’s using up all my propane.
So in the realm of the kind of power outages where you reasonably expect society to recover and continue… works pretty well for me.
But yeah, in the future I would love to move over to a heat pump and solar generation / local storage. That extends your potential runtime pretty near indefinitely. (We’re talking lifetime of batteries and solar panels at that point instead of “when the propane truck can come by next”.)
> Does this "power out for days after a winter storm" thing actually happen very often?
Near Ottawa—in the past 12 months I’ve had an eight day outage, a four day outage, and a few day long outages.
We don’t need to survive the -40 or -50 of the prairies, but even with good insulation a -10 day in the spring makes the house pretty cold after a couple of days.
They clearly over-generalized. I didn't say they "overstated." They didn't say "in some parts of Seattle" they said "in Seattle."
I'm sure there have been edge cases in every state of the country where the power has been 10 days at someone's house because of unique circumstances. That doesn't meaningfully change the risk profile of a heat pump over gas furnaces.
It wasn't a unique case. It happens about once every 20 years. The time before the 10 day event it was 4 days. I live in the middle of the Seattle metropolitan area, not out in the country. The powerlines were down for miles around. The powerlines thread through the trees, and the trees fall on them during a windstorm.
No. A heat pump requires a significantly higher amount of electricity to function.
An average gas furnace blower motor draws around 7A at 120V.
A heat pump can require between 20A-40A at *240V* PLUS the air handler which is the same as above. A heat pump air handler is just a furnace without burners. If supplemental heat strips are needed they can be on a 50A breaker at 240V.
What nonsense. If you ha e a backup generator your power isn't out. Gas heat doesn't work with the power out. Why are you resorting to lies to push fossil fuels?
One can go on Amazon and order himself a high powered FM transmitter direct from China. Stick an antenna in the attic and you'll be heard for miles. If you don't gaf about spurious emissions or laws or anything like that you too can be Christian Slater in Pump Up the Volume. The fines for this in the US can be pretty severe but Amazon is happy to sell you the rope to hang yourself with free shipping.
Why not just have it drain into an ordinary condensate pump which is built for this purpose? Those roll around ACs usually have a spigot to attach a hose you can run into a drain.
