this is peak un*x domain boomer
>is a soyjak
>uses a bunch of terminal bullshit while gaining no productivity (otherwise you would do something interesting in your academic life other than get one patch into DNS or BSD during a 30 year period)
>long autistic posts about stuff that doesnt matter like how the name of a thing was chosen
>some stupid *****ing "geek" tshirt

>I am a Unix system developer from Cambridge. I work on BIND9 at the Internet Systems Consortium (isc.org).
>
>For many years I worked at the University of Cambridge at first helping to run the central email services, and in later years running the University’s DNS.
<i spent my life working on a DNS software and administrating it at a uni

https://dotat.at/name.html
standard autism about a name dont care didnt ask
https://dotat.at/email.html
OMG how did nobody buy dotat.at when .co.at relaxed their restriction hawhwwwywyyguuuhhhghghhhhh aaaahaaaaaugggghhhhh i cant believe it
https://dotat.at/pgp.html
>OMG LOOK I CAN SHOW OFF MY EMAILS ZOMGZOR
>actually uses that feature where you can attach multiple UIDs to a PGP key instead of just leaving the email blank like youre supposed to
https://dotat.at/@/2022-07-01-dns-compress.html
haaaauuugggghhhhwaaaaggghhwaaaaaaaaaaggghhwweeeeee

but at least he understands what sudo actually does, the retards here should go argue with him: https://dotat.at/@/2024-05-02-sudo.html
or just all the other nerds in open source, who actually believe something else and would break down if they had to come to terms with actuality

>but at least he understands what sudo actually does
I always login as ROOT

Why do you hate open source hackers so much?

This guy gets it. But I already made a thread called "sudon't". Maybe he copied me!

>https://dotat.at/name.html
>standard autism about a name dont care didnt ask
using real name as a dev even

>the retards here should go argue with him: https://dotat.at/@/2024-05-02-sudo.html
I do sudo su is dat ok?

P93595
because theyre *****jobs incapable of making the most simple things work.
the fact that people dont understand what sudo does is not a problem. the problem is that because of that there is no actual way to do isolation in any system ever built - nobody understands that its a thing thats desireable and for the 3 seconds they think about it they just conclude that sudo does it
firefox is slow buggy dogshit. even just the GUI is complete trash. why does it *****ing black the screen for seconds when you fullscreen a video? because security theater, some autist had a LARP one day and nobody in the tranny community has enough brains to explain why hes wrong, plus that it be toxic to say someone was wrong.
*sh/un*x tools is slow buggy liquid AIDS with infinitely deep rabbit holes of RCE vulnerabilities.
every ecosystem like java, C, shell, Go, node, etc is pure ***** shit and the only thing they actually do in the updates youre forced to consume is add the latest feature that some soydev wants to use to dildo himself, like linters, or some "FP" feature taped on in the most stupid *****ing way. just using firefox requires pulling millions of lines of code from some corporate tranny and since its riddled with bad programming techniques you have to do so twice a week or you will be exploited by websites.
these monkeys make sure there is no way to use "off the shelf" software to interface with the [[[web]]]. they still cannot solve *****ing string injection vulns or confused deputies, and are only now becoming aware of the fact that having 300 dependencies gives 300 organizations an opporunity to exploit you. the fact that they hard focus on "memory safety" and suddenly ignore all other security issues is a trademark of autism and why autistic people should be banned from engineering. the fact that they didnt just python or java which also solves memory safety proves their incompetence irrevocably. rust is a shit language that is obtained when 6000 trannies pile into a think tank, its complete garbage just like all previous mainstream PLs.
DNS is garbage and youre garbage if you take it seriously, it shouldnt even exist. anyone who is "into" DNS is the dumbest *****ing loser geek. and theyre harmful too because they get all like HEWWUEEUEUEHGHGUUYAUUGGH what if someone DDOSes the root name server OMG that should be 30 years of prison. and other such statist misconceptions. by extension (but not only) X.509 is also garbage. openssl is the dumbest *****ing project ive ever seen. even if it was implementing a sane protocol it would still be shit software.
[bold: THIS IS WHY HAPAS ARE SUPERIOR TO WHITES]
[bold: DAY OF THE SEAL SOON]

P93681
>every ecosystem like java, C, shell, Go, node, etc is pure ***** shit
Then make your own.
>*sh/un*x tools is slow buggy liquid AIDS
And yet the day of the seal has not materialized.
>the fact that they hard focus on "memory safety"
This was your talking point a few years ago.
>DNS is garbage and youre garbage if you take it seriously
This has been fixed.
>X.509 is also garbage
The centralization is probably not a good idea, especially with the fragility it introduces. Still better than what you have produced [spoiler: literally nothing]
>openssl is the dumbest *****ing project ive ever seen
Then don't use it. Oh, wait. The alternatives are made by the people that you have been criticizing as "un*x boomers"
>hapas
I notice that you still have not released any alternatives, and appear to have made no progress toward one, either. All you do is post schizo rants on imageboards.

P93731
> Then make your own.
I did. But guess what?
> And yet the day of the seal has not materialized.
Because software is not essential for living. Nobody needs IT shit in general.

P93731
wow you eat up all the dumbass plastic intellectually fraudulent shit that doesnt work because youre from america and goo goo ga ga everything we make here is just good so there hmph! you could get the special developer award at spotify
P93750
u wot

P93731
P93681
As long as 99% of normies are using Spotify, Google Maps, and some other proprietary shit for *chat*, there is no need for "day of the seal".

He basically makes zero suggestions as to what users on laptops and desktops would do right now to replace sudo, which is where sudo is constantly used. doas was made with those users in mind and he rejects it over... the formatting? What?
On OpenBSD, doas is pretty much more secure than sudo since it avoids extra features. On Linux, you have to use a pretty new kernel to avoid TIOLINUX/TIOCSTI "bugs", and Opendoas will use timestamps like sudo for the persist feature because the kernel has no support for it.
Totally our guy Poettering is making a sudo replacement that extends systemd-run to be a sudo-like tool without setting setuid on some binary. Although this requires you to have a very large init system and service manager (systemd) to run it, thus increasing the attack surface again if you were using something else.
Constantly abusing su or logging in as root would end up in some sleepy user removing their entire /etc/ or something, or leaving themselves logged in as root all day long because they forgot it was there.
Basically don't take security advice from DNS/Email people (notice that neither of those are encrypted or even authenticated properly by default), or hapas, they have no idea what they're talking about.

>34e2eb45f628ac88ee44ccd0b616cca6b457bdd4f0944aa6627c2935ee80fca3.jpg


I like that (clone of) a bbc micro keyboard


SAUCEPAN |micro

P94224
>unlike the dumb hapas, i type sudo for no reason before every command that needs privileges
riiiiiight.

P94235
How do I add my 4 inch erect cock to the sudo group?
Also how do I find a tailscale tunnel that will fit?

P94235
>For no reason
<for every command that needs privileges
Do you read these before posting?

P94224
>NOOO U HAVE TO SUPPLY AN ALTERNATV TO SUDO!!
sudo has no legitimate use. run everything as root. dont ever use users at all since its an obsolete feature from multiuser university networks circa 1970
>autistic details
sorry to pull you out of your rabbit hole, but the idea of escalating to root from a non-root compromised account is incompatible with un*x, not that it really makes any sense in *any* system, even hypothetical ones. for example you can just change PATH to point to your own version of sudo, make sudo an alias, ptrace sudo to capture the password as its typed, etc. even if that werent the case on any mainstream distro, i still wouldnt care because i dont even need root when hacking a desktop user, everything i need is in $HOME.
>our guy
who? im not in your little club. of course [[[pottering]]] is making an his own brand of alternative to an idea that makes no sense
>logging in as root would end up in some sleepy user removing their entire /etc/
ah yes, just like windows users accidentally remove /system32
ironically the only valid point you have here is what i say every day: un*x is too complicated an error prone especially bash where any typo is interpreted as a completely different command typically resulting in removing some random file from your system

>Basically don't take security advice from DNS/Email people
Yes.

P94326
>dont ever use users at all since its an obsolete feature from multiuser university networks circa 1970
So what if I want multiple people to be able to use one computer?

take meds schizos. Its not about being a boomer or not. Its practicality. terminals are way more practical than modern bloated linux desktops. Why would you need gui + bloated xserver desktop for just editing plain text files?

>run everything as root. dont ever use users at all since its an obsolete feature from multiuser university networks circa 1970
The Microsoft operating systems, Amiga (and Commador), and *****/M are only systems that I know of that do this. There's a difference between major systems that people use to get work done and a [bold:personal] computer. The "run everything as Administrator" is what gave us the viruses/worms of the MS-DOS - Windows Xp era (which I might add, was quite fun as long as you were not the one infected).

Even Android has a root account (that you can't access) and normal user account. I'm guessing Apple does the same thing. I don't own any Apple so I can't be sure.

P94330
nobody is talking about multi user systems and even if they were sudo on those still makes no *****ing sense and is like putting a finger in your ass every time you drink a glass of water to prevent brain cancer
P94337
terminals arent more efficient for anything, but im sure youve convinced yourself otherwise after spending 3 years of your life figuring out how to do some basic stuff in it that a 5 year old on GUI learns, like with readline and vim/emacs. im definitely not advocating making dumb ***** plain text formats and then proceeding to edit them with tools, which is, OH, something that the terminal idiom does too every time you make a shell script that parses the output of any command what so ever
P94374
you took the words right out of my mouth, we should go back to amiga because all software isolation techniques developed after that are invalid. you dont know what youre talking about, and are even more clueless than the sudo doas autist.

P94374
Mac does have a root account that you can access (using sudo or su). Not sure about IOS.

>There's a difference between major systems that people use to get work done and a [bold:personal] computer.
and that difference is completely fabricated imaginary concept that boomer faggots love to suck each others' cocks about while pretending like theyre using the big boy stuff as you just exemplified. in reality, microsoft has never had real user isolation since there is almost always a way to bypass it once youre anywhere in a box in a network
yeahhhhh bro, whenever i waste my time writing sudo and retyping it because i typed it before the prompt showed up then had to wait a second for [[[cracklib]]] to waste time hashing the password or forcing a delay or whatever the *****, its because im getting real work done. yep that [[[UAC]]] prompt that you click through 50 times per day definitely is getting big boy work done. ironically those things are broken and invalid like sudo.

P94396
>nobody is talking about multi user systems
Why should a different OS be needed for multiple users?
Whatever overspecialized thing your vision entails would likely be worse than unix.

>i waste my time writing sudo
I warned you about sudo-*****. There's even a whole thread on it. If you won't listen then that's on you.


>>>>>>>>>>>>>>>
int main() {
int defined_var;

printf( "Defined_var: %d\n", defined_var );

defined_var = 12;
int ini_var = 25;

printf( "Value of defined_var after initialization: %d\n",
defined_var );
printf( "Value of ini_var: %d", ini_var );

return 0;
}

$ n***** loop node kushal
$ cc DECLARATION.C
$ link DECLARATION.OBJ
$ run DECLARATION
Defined_var: 2147376652
Value of defined_var after initialization: 12
Value of ini_var: 25
$
>>>>>>>>>>>>>>>>>>>

P94326
>sudo has no legitimate use. run everything as root. dont ever use users at all
>for example you can just change PATH to point to your own version of sudo, make sudo an alias
Basically that can be said about any executable on a Unix-like ever, but it requires a malicious program or a remote shell. At that point plenty of things can happen. Without containers/VMs/some sort of access control a malicious program can do whatever it wants to the user's files, processes, environment variables... But then again you probably ran unknown code unsandboxed outside of a VM or container for this to happen. Stop doing that maybe?
>grabbing the password
This doesn't address users using hardware security keys in addition to a password.
Yes there are OSes that handle this better like the ones based on Genode. You aren't using them because hardly any real hardware is supported.
>running everything as root
A lot of programs aren't even going to function correctly as root, and you will just open up a larger attack surface. The Javascript VM and whatever other VM you inevitably end up running is now running as root. Now any breach of the browser sandbox is immediately escalated to root. I don't know why skiddies are incapable of understanding threat models.
>who? im not in your little club.
It's sarcasm, Poettering somehow believes he has the solution to every droll userspace issue that nobody else does.

>point to your own version of sudo
> ls -l /usr/bin/sudo
-rws--x--x 1 root root 285800 Dec 30 14:22 /usr/bin/sudo*

A basic user can't setruid any file, copy or not. He *can* set-user-id: his own. Am I missing something here?

P94471 see P94287 for help

P94460
>you wont support the one boomer and his wife who still use accounts on a computer so your OS aint gonna make it
riiiiight..
P94471
in the first quote you pretend or are too senile to understand what the implicit context here is (that sudo is being used to prevent malware from getting root. this is the prime reason people use it)
then in the second quote you seem to suddenly remember that sudo [bold:is] being used to get root
third quote is just more dumb boomer myths. unsurprising that you have some cringey incoherent response with lots of backpedaling and conflicting assumptions as you little world crumbles.
maybe read the posts above again, you might find something this time.

P94501
It doesn't matter that the use case is rare. The fact that you rely on the property of there being a single user means your approach is ill conceived.

P94501
>in the first quote you pretend or are too senile to understand what the implicit context here is (that sudo is being used to prevent malware from getting root. this is the prime reason people use it)
You have a fundamental misunderstanding as to what sudo does. It is not an "anti-malware" tool, it executes a command as another user, provides logging of accesses, and has some policy based security. If you have malware, this is probably not going to help you unless it's particularly badly written malware or just spyware. Yes Unix-likes have flaws, but your solution isn't to use a hypervisor, containers, access control (SELinux and so on), and so on to mitigate the issues, you are insisting on... running everything as root. Hopefully nobody lets you touch computers that are actually worth something.
>then in the second quote you seem to suddenly remember that sudo is being used to get root
I was always aware since you insisted on it. After all you log in as root, and apparently use a browser in the root account.
>third quote is just more dumb boomer myths. unsurprising that you have some cringey incoherent response with lots of backpedaling and conflicting assumptions as you little world crumbles.
There is no backpedaling, everything I say is consistent.

P94505
>malware this and that
sudo is used to prevent malware from getting root. this is what incompetent penguin faggots [spoiler: like you] believe it does even though it doesnt [spoiler: and the fact that malware doesnt need root for anything other than possibly installing a rootkit (even often it still can without root, for multiple reasons) also flies above faggots heads]
>logging of access
why the ***** would i need to log access when i edit some root owned file. [bold: especially when all logging in most un*x systems is spoofable / falliable. top doesnt even provide a real view of the process list, attackers can spoof that too in multiple ways even if they only have an isolated account that has axx to nothing]
>some policy based security
intentionally vague because if it was stated concretely it would be mocked.
>run everything as root
[asuka yes chad.jpg]
>run browser as root
[asuka yes chad.jpg]
the fact that you do otherwise means you just wasted millions of hours setting up a false sense of security. you do not get even slightly more security when you run the browser as my_leet_gayass_username instead of root.
>There is no backpedaling, everything I say is consistent.
riiiiight...

meant spoiler, not bold. rip, the spoiler parts are there so you dont autistically dig into them like a naive tree search algo

P94396

>using terminals to grow cake in garden without baking
>using orbs to automate things via terminal instead of hiring actual people and pay them full wage to operate GUI-based software
>using terminal to manage *****
>can be run on any hardware (even underclocked 480MHz *****us

how is that 'not productive', sir?

I mean 'not efficient'

P94510
>sudo is used to prevent malware from getting root.
No, it's not. Otherwise you'd be posting this in their bug tracker instead of on some obscure imageboard. sudo is more for preventing casual access of root by unsophisicated attackers (like some not very computer savvy coworker playing a dumb prank), not being logged in as root 24/7, or preventing your cat typing out rm -rf / on your keyboard.
>why the ***** would i need to log access when i edit some root owned file.
To know who accessed what and when? To know whats going on? Why have logs at all, just redirect your logs to /dev/null if you feel this way.
>especially when all logging in most un*x systems is spoofable / falliable
Out of scope of the program's purpose and usecase. You want clearly want integrity of your [bold: log files in general], and this is not the point of su, sudo, doas, systemd-run, etc. Go work on that instead.
If you really don't like entering a password, just do passwordless doas/sudo or whatever else is out there. You can also use a cheap FIDO security key if you want a non-phishable credential.

>you do not get even slightly more security when you run the browser as my_leet_gayass_username instead of root.
It's still worse to run it as root. If the sandbox is breached as your user, then the Javascript being executed still doesn't have root. Your credentials would need to be phished. If theres another unkeyloggable factor, then you can't get the credentials by keylogging them. If the user isn't in wheel, then there is no escalation possible if everything else is secure.

P94567
>sudo is more for preventing casual access of root by unsophisicated attackers
>why the ***** would i need to log access when i edit some root owned file.
What you're both missing is that computers used to be big and expensive and [bold: multiuser]. sudo stands for Substitute User DO. It is for running a single command as another user. Usually root but it works for any user. Note that unlike su you type _your_ password into sudo. It is most often used as a way of giving people limited root powers without giving them the root password.

Think of it like an imageboard. Admin has the root password. There are mods who can do things like `sudo rm denpas-latest-autisms.txt` but admin will block them from doing `sudo rm -rf /`. In /etc/sudoers you write a policy for which users can run which commands as which other users. Again, it doesn't make that much sense anymore if you are the only human user on the system but that's the history.

You can still use it as a primitive form of sandboxing. You can create a new user account just to run one program and using `sudo -u` to run it. That way the program won't have access to any of your personal files.

>some not very computer savvy coworker playing a dumb prank
If you do work in a place where they don't give you root but let you run some limited commands as sudo then this will help
https://gtfobins.github.io/

P94465
What is that code supposed to prove? Uninitialized variables have always worked like that in C.

P94567
>sudo is more meant of a placebo or a pacifier because i need cock in my mouth at all times
yes, i realize you have an entire lore on how a un*x system is supposed to work (which is garbage and insecure no matter how many is you dot and ts you cross), now shut the ***** up. "phished", its not phishing when there is nothing the user can do to detect or stop it, but i dont expect you to have the slightest clue of how post-exploitation user space trickery works. it would be pointless to go into because you can just fall back on "well sudo is just pretend security, it doesnt need to be perfect, its just to keep my dumb wife from pressing a button". you choose to run a *****ing WEB BROWSER on your TCB and claim im the dumb one, no, boomer, you dont understand anything, or how much people pay to get around your oblivious insecure idiom. i run everything as root, this doesnt include a web browser although on the isolated machines that run it it does run as root because there is no point in having users. remember this every time you type out your password for the 50th time today and it pointlessly delays before youre allowed to type the password because it has to load all the pam modules or whatever the ***** bullshit then you have to retype the password and it delays cus muh brute force deterrence. remember all that bullshit solves absolutely no purpose other than a placebo as you basically acknowledged in your very post here.
P94594
>What you're both missing is that computers used to be big and expensive and [bold: multiuser].
i told you at the start that "sudo is obsolete garbage that never made sense from multiuser systems 500 years ago": P94326
and the boomer HAS been mentioning multiuser systems because he loves to jack off to his lore that never made any sense
>You can still use it as a primitive form of sandboxing. You can create a new user account just to run one program and using `sudo -u` to run it. That way the program won't have access to any of your personal files.
except they will since just like the link you posted there are thousands of ways for zero privs un*x programs to ***** with your other users. boomers dildo themselves into thinking this isnt an issue by enumerating 5 of them and saying "see, its a misconfiguration, user error!"
P94624
dont question the boomer he huffed and puffed real hard to produce that wisdom

P94594
I already know what sudo is for. The derelict Asuka poster probably isn't using it that way, and I've catered the argument accordingly. Sadly doas or sudo setup without a password is probably what he wants, or using su in one terminal, but he is determined to run browsers and graphical programs as root, which they are almost never tested to run as.
>You can still use it as a primitive form of sandboxing. You can create a new user account just to run one program and using `sudo -u` to run it. That way the program won't have access to any of your personal files.
This is a waste of time nowadays. Use a jail/container program like nsjail or bubblewrap instead and you can get greater isolation for a given executable without fiddling making a new account.

P94677
>"phished", its not phishing when there is nothing the user can do to detect or stop it, but i dont expect you to have the slightest clue of how post-exploitation user space trickery works.
You made a fake sudo executable and redirected the user to it using the PATH environment variable. That is "post-exploitation user space trickery" AKA basically phishing by your definition. You can detect it as well assuming the naive case of only replacing sudo in the PATH and not the shell itself or realpath: realpath "$(whence sudo)", or realpath "$(which sudo)". Before you waste time by saying you can do more skiddie bullshit to replace the rest: this is an example to show you that the user was deceived when they could also not be deceived.
>i run everything as root, this doesnt include a web browser although on the isolated machines that run it it does run as root because there is no point in having users.
Oh, so you don't run everything as root. Thanks for accusing me of backpedaling and then actually backpedaling.
> remember this every time you type out your password for the 50th time today and it pointlessly delays before youre allowed to type the password because it has to load all the pam modules or whatever the ***** bullshit then you have to retype the password and it delays cus muh brute force deterrence.
Time to get a computer that isn't from 2003? It doesn't take any noticeable amount of time.
There are simpler alternatives to sudo if your usecase is simpler, that take less time to execute. Here is an absurd example, with benchmarks that make you look very silly: https://codeberg.org/sw1tchbl4d3/rdo
>remember all that bullshit solves absolutely no purpose other than a placebo as you basically acknowledged in your very post here.
Having a seperate user account from users, password hashing, etc all makes perfect sense when combined with other mitigations. I've already explained how to defeat a "sudo replacement": use a hardware credential and use containers/jails and VMs instead of just users at the very least. Changing the PATH isn't going to propagate outside of that VM or container assuming theres no vulnerability in the VM or container. If you have to run untrusted code, run it inside a container or VM, preferrably on some machine not connected to other machines and the internet.
As for the most basic case, it works, doesn't it? Bob the janitor can't get in and can't guess the password no matter how hard he tries. That's called a threat model, ever heard of it?
The problem is you can't define a threat model at all and are deep into paranoia to the point that you've wrapped around to the other end, which ends up with you running most things as root, which is hilarious. Yes there are holes in classic Unix-like security, we know, it's been augmented since then. Meanwhile people actually work on closing up these beginner skiddie keylogger loopholes and they are pretty much already closed to you on anything that isn't some home computer/laptop/edge device. That sort of stuff is trickling down to edge devices with the whole container/jail/VM as security boundary stuff, Wayland (closes the X clients doing pretty much anything to other X clients loophole), and obviously the rollout isn't perfect because the people who manage those projects do it in a bazaar manner and have limited, sometimes unpaid time. Even package managers are slowly moving away from the traditional filesystem hierarchy at this point, to more of a read-only store model. Gradually they could probably have more of an official permissions system like Android's if they ever came to a consensus (already sort of exists in Flatpak/container tools, although could be improved a lot).

>grok
Why do they like to say this word?

P94678
P94685
[bold: SHUT THE ***** UP BOOMER SHUT THE ***** UP BOOMER SHUT THE ***** UP BOOMER] >>>>>93305

now, if anyone else who isnt a complete invalid wants to discuss sudo again, which isnt the topic of this thread:
1. ubuntu/fedora/debian/etc *****s think that sudo is a security mechanism that prevents a compromise from spreading to root.
2. these *****s also think there is a point in preventing compromise from spreading to root.. on their DESKTOP machine, where everything important is in $HOME
3. sudo has a terrible UI, which if you had any doubt because youre too autistic to understand social norms, reinforces #1: nobody would use that dog shit unless it served a very important security purpose
4. sudo used in this way can and always has been always will be defeatable with trivial tricks like changing bashrc, ptrace, changing what the terminal displays, etc. it doesnt matter if you solve two or three of these, since there are literally thousands, and the list expands and shrinks all the time as software changes. this is an immutable, fundamental propery of a un*x system: youre running a bunch of things as the same user, they can ***** with each other in all kinds of ways that you are not aware of
youre a *****ing moron if you have sudo installed let alone any pam or cracklib bullshit youre just another dumbass consumer like those of systemd. ironically all the anti systemd faggots are just parroting and do not understand what actual bloat and retardation is.

[bold: SHUT THE ***** UP BOOMER SHUT THE ***** UP BOOMER SHUT THE ***** UP BOOMER] >>>>>P93305

P94786
Here we see the hapa, realizing that his arguments are utterly insane, resorting to calling those who see through his insanity retarded boomers.

P94841
>can't read cursive
What's the implication? is he a *****? yts nowadays are unable to read cursive too

P94841
cant be as insane as typing sudo 50 times per day then convincing urself its for some reason after you realise it doesnt actually stop attackers from doing anything.
>whats the implication
its a typical wh*teoid who amounts to nothing but thinks hes high class because he can dot his eyes and cross his ts. ironically in many places in europe they dont care about cursive for centuries. and calling hapas *****s makes no sense since hapas on average are higher class than wh*tes. for example linkin park, keanu reeves.

P94857
>whites nowadays are unable to read cursive too

The alleged "hapa" can't either, apparently.
I know more intelligent negros than him.

P94841
ChatGPT can. It is also OK with full stops.

> https://dotat.at/pgp.html
>OMG LOOK I CAN SHOW OFF MY EMAILS ZOMGZOR
>actually uses that feature where you can attach multiple UIDs to a PGP key instead of just leaving the email blank like youre supposed to

Wow I didn't even know u could do that lol

P95231
because its a half documented bullshit like with all GNU tools. it also caused a vulnerability (but im sure some NEET loser who spent 15 years of his life mastering every un*x command knows better than to fall for this):

https://longpoke.github.io/f37c5de221cb361db07f046b31047f329ddb2ca2fe3ab5b674c858a6686c5151.html

One thing that wasn't mentioned so far is that a key can have multiple key-UID bindings. It's not exactly clear what the purpose of this is, other than perhaps to compensate for the fact that people have multiple names in real life. In any case, it just adds to the confusion. It's so confusing, that the GPG developers even messed up implementing it. There's yet another bug in GPG 2: If a key-UID binding is considered valid by GPG, later another UID can be bound to that key, and it will also appear to look valid. This enables another method of forging messages.

If you have a valid key for "Richie", it will look like this when you verify his messages:

gpg: Signature made using RSA key ID EEEEEEEE
gpg: Good signature from "Richie"

Say he adds a new UID "Richard Stallman" to his key and re-uploads his key to a key server. You then run gpg --refresh-keys. This makes GPG download the updates to his key. The next time you verify a message from him, it will look like this:

gpg: Signature made using RSA key ID EEEEEEEE
gpg: Good signature from "Richie"
gpg: aka "Richard Stallman"

The output doesn't make it obvious that only "Richie" is valid for this key and not "Richard Stallman". This is straightforward to exploit. If you run gpg --edit-key Richie, you'll see the truth:

pub 1024R/EEEEEEEE created: 2013-01-01 expires: never usage: SC
trust: unknown validity: full
sub 1024R/FFFFFFFF created: 2013-01-01 expires: never usage: E
[ unknown] (1). Richard Stallman
[ full ] (2) Richie

P95398
That's why you look at the fingerprint, Skipworth. This is basic stuff. It evens tells you when you verify something (paraphrasing) "There's no indication the key belongs to the user" if the key isn't signed with a trusted key. Anyone can put anything in the email/name fields and claim anything.

There's two possible solutions to this problem: A) Central authority B) Web-of-trust. They chose WoT.

The author even conceeds this point:
>>>>>>>>>>>>>>admin add code tags>>>>>>>>>>>>>>>>>>>>>>
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N)
>>>>>>>>>>>admin add code tags>>>>>>>>>>>>>>>>>>>>>>>>>>

This is why you place your fingerprint in a public place, ideally that you control, and in places it will be archived (~/.signature) so it leaves a trail.

P95436
So if I add another UID (email) to my key will Thunderturd allow me to send PGP email to two different emails no issue or will I have to still make an alias file?

P95453
Why would a mail client stop you from sending mail anywhere? idgi

If you mean can you have multiple keys, then yes, you can have multiple keys (gpg2 -u $USER).

>That's why you look at the fingerprint, Skipworth.
boomer id'd at sentence #0 (have to count from 0 or he might not understand)
SHUT THE ***** UP BOOMER SHUT THE ***** UP BOOMER SHUT THE ***** UP BOOMER SHUT THE ***** UP BOOMER
you understand nothing about security, and the fact that you made this conflation proves it. i *expect* this exact reply from 9000 boomers when i post on any normie forum too, youre not even special. now excuse me while i eat the second half of my cake from yesterday

P95489
Translation from hapa: The hapa was wrong, and is now seething.
>SHUT THE ***** UP BOOMER
Deflecting away from the issue
> i *expect* this exact reply from 9000 boomers when i post
It is obvious that the hapa post was wrong, and the poster is now attempting to explain the obvious away.
>eat the second half of my cake from yesterday
Cold comfort.

W*gGeR bOomeRs wilL nEvER stoP usiNG tHEiR BackDoOReD vUln cITy UN*X!