So the main danger is that you're not running the real sudo.

I have an idea that I hope to implement one day to make sudo actually secure:

1. Authenticate with passkeys (webauthn) instead of passwords.

2. Sudo can only run an interactive root shell, not arbitrary commands. The session is time-bound, and the TTY output is recorded for auditing purposes.

This combination makes intercepting sudo largely useless. Passkey authentication cannot be replayed or relayed. The fact that sudo can only open an interactive shell makes it impossible for a sudo wrapper to pass a malicious to sudo. This way we're not dependent on whether the unprivileged shell is secured properly. It also solves approval fatigue (compared to running sudo separately for every command).

----

EDIT: now that I think about it: an attacker can still edit .bash_profile and reexec the shell in a malicious terminal emulator. Then when the user gets a sudo root shell, the malicious terminal emulator can inject malicious commands.

Looks like the only good way is to get a root privileges via a separate user account that doesn't have malware, and that also can't easily install malware (e.g. accidentally running npm, forgetting that that's not safe).

Another worry that I've had recently is that anybody who is able to get Github push access, can push new releases with malicious assets. Even if you have branch protection and environments, it doesn't do anything: the attacker can simply create a new workflow, push to a branch (which runs that workflow), and then the workflow creates a new release. No merge to main needed, pull request reviews bypassed. I want a policy that says "only this environment can create releases" (and "this environment can only be triggered by this workflow from this branch") but that's not possible.

Github, please step up.

1. shells support the notion of privileged commands, that can't be overridden with PATH manipulations, aliases or functions.

2. Sudo (or PAM actually) can authenticate with your identity provider (like Entra ID) instead of a local password. Then there is nothing to sniff and you can also use 2FA or passkeys.

Dependency is only problematic if you lack an alternative, and nobody is developing alternatives.

My gawd, lots of people in Netherlands want to contribute to the green ecosystem but govt can't even get permitting straight and everything is gridlocked. The electric grid is full and new houses and companies can't be connected to the grid, wnd if you want to install a heat pump or an AC then there are thousands of rules and anybody else in the neighborhood can block you for the slightest thing.

Less talking and more doing. The Chinese at least are all do and almost no talk.

Also, China has got nearly nothing in common with Russia. Don't lazily lump them together just because western popular thought likes to put the same label on them.

While you're at it, go look for elderlies in their 80s or older, who were born before the People's Republic's founding. Maybe they even witnessed the democratic era of the early Republic (not People's Republic). Go tell them your maximalist thoughts about democracy and see how they respond.

Meanwhile in China, you can't change the ruling party but you can change policies. They restrict media and speech freedom, but they also work tirelessly to improve the livelihoods of the people.

If the west chooses the value empty talk over outcomes, fine, you have the right to choose that. But no need to force that value on other societies. China and Chinese society at large has the right value unity and livelihood over speech. They have the right to prefer what westerners call an "authoritarian" government that delivers on those values, without getting demonized. They're not forcing their way on you, no need for you to force your way on them.

Still, I don't really have a reason to buy it. I don't avoid meat. I specifically eat beef for, for example, creatine and iron. But I guess it is good for people who crave beef yet have an ideological resistance against meat, a niche which I'm not sure how big it is.

I don't know man. I'm a health conscious person and I could just as easily choose normal chicken meat, or a beef steak that's not a hamburger, or fatty fish (omega-3!!). Why would I choose a hamburger substitute? I don't even particularly crave hamburgers.

I took a look at the ingredients list of the Dutch version, and it seems to be okay when it comes to amount of industrial fillers. It seems the preservative (potassium lactate) is the only problem, everything else seems acceptable. So I guess it's not that bad, but I still don't still really have a reason to choose it.

On days when I don't particularly want to eat a lot of meat, I just eat more rice, vegetables and beans. It's not that hard?

I think the OP is right: their niche seemed to be people who crave something like a hamburger or at least real meat while having an ideological opposition against meat and enough money.

The problem isn't they "pushing stuff down your throats", it's nobody else (including you) making alternatives that you like better. You are voluntarily ingesting their stuff because your only alternative is starving.

On a tangent, also very ironic that X (the successor of Twitter) has the exact same logo as X (the window system). It's like Elon Musk just Googled for the first X logo that came along and appropriated that and nobody seems to notice or care.