OpenAI Is A Bad Business
OpenAI, a non-profit AI company that will lose anywhere from $4 billion to $5 billion this year, will at some point in the next six or so months convert into a for-profit AI company, at which point it will continue to lose money in exactly the same way. Shortly after this news broke, Chief Technology Officer Mira Murati resigned, followed by Chief Research Officer Bob McGrew and VP of Research, Post Training Barret Zoph, leaving OpenAI with exactly three of its eleven cofounders remaining.
This coincides suspiciously with OpenAI's increasingly-absurd fundraising efforts, where (as I predicted in late July) OpenAI has raised the largest venture-backed fundraise of all time $6.6 billion— at a valuation of $157 billion.
OpenAI Is A Bad Business
OpenAI, a non-profit AI company that will lose anywhere from $4 billion to $5 billion this year, will at some point in the next six or so months convert into a for-profit AI company, at which point it will continue to lose money in exactly the same w…Edward Zitron (Ed Zitron's Where's Your Ed At)
like this
Benign likes this.
Svartsjukedrama bakom våldsamheter. Enligt uppgifter i Afronbladet är flera våldsdåd i Stockholms den senaste tiden riktade mot en man som ska ha tillhört eller samarbetat med Hagsätranätverket. Det är emellertid inte han som drabbats utan släktingar till honom.
That's 3 years of space budget. Crazy!
like this
☆ Yσɠƚԋσʂ ☆ likes this.
like this
☆ Yσɠƚԋσʂ ☆ likes this.
like this
☆ Yσɠƚԋσʂ ☆ likes this.
Exactly, a good way to approach the problem is by asking what exactly is an economy. Fundamentally, it’s a system for ensuring that labor and resources are allocated to meet the needs of the people living in a particular society. Money is simply the mechanism that’s used to direct the allocation.
From this perspective, what a government does when it issues currency is stimulate activity in a particular sector of the economy where that currency is allocated. For example, Chinese government starting to do investments into chip development is resulting in that sector of the economy growing. Similarly, when private spending and markets allocate funds towards some area of the economy then supply grows to meet that demand.
That’s literally all this is, and obviously the government can issue as much currency as it wants, there’s no fundamental problem here because all it’s doing is directing the growth of the economy. Hence, as you point out, the issue isn’t with the money supply but how that money is used. The problem we have under capitalism is with labor and resource allocation being driven primarily by the interests of the capital owning class. Their goal is to direct labor to grow their capital, with any social benefits being strictly incidental. This breaks the connection between the government issuing currency and that currency being used to direct labor in a productive way.
Some Intel Linux Driver Maintainers Have Left The Company
Some Intel Linux Driver Maintainers Have Left The Company
With the recent Intel layoffs and early retirement / buyout packages, I have been curious to see what impact it will have on the open-source/Linux software engineers at the companywww.phoronix.com
like this
ShaunaTheDead likes this.
reshared this
Tech Cyborg reshared this.
They seem more concerned with their bonuses and stock buybacks. In August Intel announced that they'd be laying off 15k workers to "save" $10 billion US. They're also cutting back on R&D for the same reason. I guess the MBAs decided that losing customers by hamstringing Linux users is an acceptable loss. Not like folks won't forget about this six months from now, anyway...
like this
sunzu2 likes this.
Good, not great.
Amd has better gfx performance, but they're actually close in a lot of areas, if you don't need graphics and want compute probably better.
Id say it doesn't compete with Nvidia at all because if you're thinking green your concerns are so different nothing will sell you.
But holy shit the av1 encode is like nothing else on the planet. Multiple streams at 12x and it just barely ticks over.
What generation and model?
If you haven't seen any crashes then you are fine. Just update the bios and microcode if you are on high end 13 and 14 generation.
Another news, water is wet. People leave and join companies every day.
The amount of Intel products impacted is limited to specific models. Also Intel is now committed to replacing damaged hardware. If you update the microcode it will fix the issue and if you aren't experiencing crashes you are good.
I don’t think people understand that this is a WordPress blog, so their replies get converted to comments I have to approve. While your replies appear instantly on your instance, they have to be approved on mine. I trash all negative or antagonistic comments if I even read them.
If you are particularly persistent, I shadowban you by disallowing your comments. If your instance, as a whole, is problematic, I will just IP ban your entire host. This is my instance. I can do that. The way it works is that I can disallow your comments so that while they show up on your instance and the instances your instance is federated with, they are disallowed from even becoming pending comments. I don’t respond; I literally just delete your comments.
So, while your replies are visible on your side, they are not visible on my site because I’ve trashed them. How people waste their time is wild to me.
I just couldn’t imagine coming onto someone else’s site—this is a blog—and giving your unsolicited opinion to a complete stranger that no one asked you for, especially when they will just delete your reply.
While this is a blog and my posts are rather long-winded, make no mistake: I don’t write for a living. So, you are not affecting me in any way. You are just wasting your time because I will merely delete your reply.
If I am feeling particularly petty and it has no favorites or boosts, I might redraft the post so that your reply has been deleted on my end and is no longer linked to yours on your instance.
Nine out of ten times, I will not respond and will just think you are an idiot as I delete your reply without even fully reading it.
#Activitypub #election2024 #fediverse #Mastodon #openSource #politics #replyGuy #replyGuys #socialMedia #uspol #WordPress
PulseAudio hotkeys script
I've been using volumeicon for a long time, to enable the audio hotkeys on my laptop. But the problem is that if you plug in a USB or bluetooth headset, it doesn't automatically switch to it as the default. You'd have to kill the service and restart it.
So I wrote a script that can offer me all the same functionality, and just mapped my audio hotkeys in my WM.
Thought someone might find the source useful.
like this
ShaunaTheDead likes this.
Thanks for sharing.
As a somewhat related thing that others might find useful, here are my shortcuts to get my Varmilo keyboard media keys working with useful functions instead of the default stuff. I've got these set up as custom shortcuts in KDE, but they should work in any context:
Next track
dbus-send --print-reply --dest=org.mpris.MediaPlayer2.spotify /org/mpris/MediaPlayer2 org.mpris.MediaPlayer2.Player.Next
Previous track
dbus-send --print-reply --dest=org.mpris.MediaPlayer2.spotify /org/mpris/MediaPlayer2 org.mpris.MediaPlayer2.Player.Previous
Play-pause toggle
dbus-send --print-reply --dest=org.mpris.MediaPlayer2.spotify /org/mpris/MediaPlayer2 org.mpris.MediaPlayer2.Player.PlayPause
You can replace Spotify in the destination parameter with any MPRIS-capable program. To find out what's available on the dbus and get the exact name, use this command:
dbus-send --session --dest=org.freedesktop.DBus --type=method_call --print-reply /org/freedesktop/DBus org.freedesktop.DBus.ListNames
But the problem is that if you plug in a USB or bluetooth headset, it doesn’t automatically switch to it as the default.
How about module-switch-on-connect?
volumeicon. For instance, when I'd pair a bluetooth headset I would start getting audio through it, but my hotkeys would still be trying to adjust the previous sink. I'd have to kill and restart volumeicon for it to work again.
Google removes Kaspersky's antivirus software from Play Store
Over the weekend, Google removed Kaspersky's Android security apps from the Google Play store and disabled the Russian company's developer accounts.
Users have been reporting over the last week that Kaspersky's products (including Kaspersky Endpoint Security and VPN & Antivirus by Kaspersky) are no longer available on Google Play in the United States and other world regions.
Kaspersky confirmed the issue on the company's official forums on Sunday and said that it's currently investigating why its software is no longer available on Google's app store.
Source: bleepingcomputer.com/news/secu…
like this
SuiXi3D likes this.
I’m confused: Kaspersky just finished transferring its endpoint security software in these regions to a different company’s product via a software update. Kaspersky has sent messages out to customers saying that they are leaving this marketplace.
Given this context, I can see no reason why Google would leave their Android product available when they’re not technically allowed to sell it and Kaspersky has said that they won’t be selling it into these markets going forward. It does, of course, prevent Kaspersky from pulling another bait and switch and “updating” mobile devices to a third party product. That would be the reason for locking out the developer accounts.
Actually, it may. The US has some odd laws where US companies have to enforce US restrictions globally. However, it wasn’t my understanding that Kaspersky was on any of the lists that would have resulted in this. Possibly it boils down to a Google ToS violation?
I’m sure we’ll be hearing more details this week.
There's an app called Cheq, which is a means for foreigners to buy stuff in India using their QR payment system, that's normally restricted for citizens only.
Follow the link on cheq.money to the correct version for your phone, there are a bunch of other apps and service providers piggybacking off of the name.
They'll charge you a sign-on fee of 999 Rupees (about 10 bucks), I'd suggest you use a virtual credit card from wise.com or something for that. I inherently distrust random online shops in third world countries. Once you've done that, they ask for your location to perform an in-person ID verification to make sure you actually live in India.
That's the point where you choose a random location out in the sticks. Say Lemru town in Chhattisgarh State or something - you might try a few until you find something where they show you a local account manager but no physical shop to perform the activation. That part is key.
Contact the account manager via whatsapp (can be registered with your regular phone number, the service is aimed at tourists and foreign residents alike). Normally they are supposed to come visit you, but they can't be bothered to drive 3h to see you, especially if you press it a bit and call it urgent. Eventually they'll just ask to send a passport copy directly to them, and they'll activate it remotely.
You can then use a VPN to set your play store (should work for Apple store as well) country to India, enter a random address there, select "UPI" as payment method, and open the Cheq app when prompted. After a couple hours you'll get an email that your play store country has been changed, and from then on you can use Cheq to buy stuff for cheap. Top up the balance with virtual cards whenever needed, you can't use non-indian credit cards directly in google play. You can however buy gift cards on amazon.in with them, have the code send to yourself and redeem it, that works without problems.
Cheq UPI | Payments For Foreign Tourists | UPI Wallets for All
Cheq UPI Payment Wallets For Foreign Tourists. Let’s you pay anywhere in India using your phone through the UPI Platform.Cheq UPI for Foreign tourists
Neo-Nazis head to encrypted SimpleX Chat app, bail on Telegram
Dozens of neo-Nazis are fleeing Telegram and moving to a relatively unknown secret chat app that has received funding from Twitter founder Jack Dorsey.
In a report from the Institute for Strategic Dialogue published on Friday morning, researchers found that in the wake of the arrest of Telegram founder Pavel Durov and charges against leaders of the so-called Terrorgram Collective, dozens of extremist groups have moved to the app SimpleX Chat in recent weeks over fears that Telegram’s privacy policies expose them to being arrested. The Terrorgram Collective is a neo-Nazi propaganda network that calls for acolytes to target government officials, attack power stations, and murder people of color.
Source: arstechnica.com/tech-policy/20…
like this
originalucifer, aramis87, TVA and SuiXi3D like this.
like this
dandi8 likes this.
like this
rem26_art likes this.
I doubt that's the real reason. There are enough smart people on top who could set up and run a self-hosted solution.
It's easy to attribute nazis with a lack of intelligence due to their stupid and narrow minded beliefs, but we should never underestimate them.
I'd wager that the average fascist is just as much a "follower" as the average antifa sympathizer.
On top of that: Setting up and hosting a platform exposes the system to a single point of failure, whereas using existing third party infrastructure means that they have a "legit" operation as well, so the risk of a total shutdown is probably lower. Plus, there is a higher chance external security researchers/auditors will investigate the platform and point out vulnerabilities.
None of your arguments are really an answer to anything.
Every app, telegram, simplex, ICQ are single points of failure - by design - whereas services like xmpp/jabber or even the self hosted variants of signal, simplex or matrix don't have these problems. But they don't do that. At least nothing that I heard of.
I think the reality is much more that most of the Nazis are inherently not constructive. They don't create anything, they have no real vision, just hate for whatever group they think is worst right now.
They are literal leeches, they take over what they can get. Telegram, Twitter, now SimpleX. Volk ohne Messenger, if you want. There is exactly one platform that was created by them, truth social, and that's a grift by Trump and his team, not something growing from within the community.
Nazis and their like don’t use reason or logic. Many aren’t able to plan ahead. Their entire ideology requires shutting down big portions of one’s brain to become a frothing reactionary, impermeable to any information which could change their hateful views.
They don’t create things, they mostly aren’t very tech savvy, and all look for a leader to tell them what to do (go look at their forums, they’re all busy accusing each other of being glowies, just itching for Trump or someone else to give them “the signal” for them to act).
Sounds more like you never dealt with them. I'm German, we still got plenty of ideologically challenged individuals in country, and they are not stupid.
No idea what a glowie is, but those trump worshiping clowns you got in the US aren't the people I'm worried about. Over here there is no discernible education gap between left and right wing.
Glowie is online slang for stassi types... Jan6 strung together abunch of mouth breezers for the Insurrection. There clowns were organized and support by the federal agents.
Similar thing happened with "BLM" protests although those might have been taken over after they blew up.
Current working theory of these events is that glowies play a key role in such events.
There is also the legend of some military base having too much reddit traffic too.
Either way, got to make your fed work for you, paying him good money anyway.
There is also the legend of some military base having too much reddit traffic too.
It was no legend. A (since-deleted) reddit blog post called out Eglin AFB by name.
web.archive.org/web/2016041008…
The other two cities listed under most "addicted" have large data centers.
The conspiracy theory though... Meh.
sunzu2 likes this.
I’m Jewish and have had my living room windows shot at because my parents had a chanukkah menorah in the window and I had to hide my identity from everyone out of risk that they will be violent or treat me badly if they found out the religion I was born into.
I’m very well versed with Nazis, white supremacists, and what other forms they come in North America. This isn’t a dick measuring contest.
I imagine, part of the reason is that you can really get fucked by law enforcement in many countries, if you operate a server and don't curb illegal content that you're aware of.
That wouldn't sit well with me either, if my friends' concept of free speech is just continuously saying illegal things for no good reason.
People are spreading child abuse content on social media and platforms don't get in trouble....
There is a pattern here.
The Terrorgram Collective
What a bunch of reasonable sounding individuals.
like this
dandi8 likes this.
How many times will this get reposted around here?
Feels like a smear against encrypted communications...
Pfffff no one would ever do that, what are you some kind of conspiracy weirdo??
Stop being so paranoid, no one's out to get you.
If you haven't done anything wrong, what have you got to hide?
like this
sunzu2 likes this.
Israel’s War on Healthcare
Israel appears to have adopted its Gaza playbook in Lebanon. Its bombing of Lebanon has matched the frequency of its historically destructive airstrikes in Gaza. Last Monday (Sep 23), Israel dramatically escalated its war in Lebanon, claiming to have hit more than 1,600 targets that day alone. By Wednesday, nearly 600 civilians were killed by Israeli bombardment, including 50 children and 94 women. By Friday, Israel had killed more than 700 civilians, injured several thousand, and displaced 120,000. Like in Gaza, the daily death toll in Lebanon is higher than in any recent war.
Israel killed at least 50 healthcare workers in Lebanon in the last two weeks alone. Yesterday, Israel bombed a medical center in central Beirut, killing at least nine. Since September 23, Israel has attacked healthcare workers and infrastructure in Lebanon 14 times, according to my analysis of World Health Organization data. Since October 7, there have been over 30 attacks such attacks (I discuss one of them here). Hospitals are closing down across southern Lebanon, including in Marjayoun, Mais al-Jabal, and Bint Jbeil. Healthcare is virtually non-existent south of the Litani River.
like this
NoneOfUrBusiness likes this.
Can someone explain to me how to use pass?
Can I use it fully offline?
How do I back it up to USB drive?
What does the day-to-day operation of Pass compared to Keepass look like?
I am trying to learn it as I want to use it, as I think that keepass is bloated for my use case, and I would appreciate any help here.
like this
ShaunaTheDead likes this.
Can someone explain to me how to use pass?
Maybe start by reading the documentation on their website.
Can I use it fully offline?
Seems like it. Sounds like it's only online if you send the encrypted files to some cloud storage. They suggest using git.
How do I back it up to USB drive?
Same way you'd backup any other file. You could probably even clone using git.
What does the day-to-day operation of Pass compared to Keepass look like?
No idea. I use Bitwarden.
I second that. The official documentation is always the place to start.
Then, if you need more info or other explanation I usually recommend looking at the arch wiki. Whether or not you're using arch, instructions there are valid and one of the best you can find.
Finally, this tuto may help you as well
What does the day-to-day operation of Pass compared to Keepass look like?
Someone else can confirm but Keepass seems to use symmetric encryption, whereas Pass definitely uses an asymmetric key pair.
This is why I gave up on Pass. Obviously it has its advantages or they wouldn't have done it, but personally I find that this is too much complexity for something as critical as password storage. I want to be able to access the vault with a single memorized master password and nothing else. That is only possible with symmetric encryption.
This is not correct as pass uses GPG, and you can do symmetric encryption with it, it is just a different parameter in the command.
You can use a different password per file, or the same one
man page says nothing about that. Of course, you can use GPG directly to get symmetric, that is what I chose to do
I'm guessing, they did it this way, because there's no persistent process to keep the decrypted files open. You'd need to ask the user for the password for every single command they run. With GPG, that persistent process is gpg-agent.
Of course, encryption with a GPG key is also going to be more secure than the longest password you can come up with.
I guess, many people will want access to GPG, too, if they want access to their passwords, so they're not bothered by it.
But yeah, I do also remember setting that up on Android, where you need a separate app to do the GPG, and it really stops feeling simple pretty quickly...
Pass uses GPG and git under the hood.
You create keys to encrypt your data, and keep the encrypted data in git locally which can be cloned to github, gitlab and the like.
It's just files on your computer, so you can back them up that way, or use a thumb drive as a remote git repo and push to it.
Day to day
Type pass and tab complete to find the entry. Enter the command and be prompted to unlock it. It will then print the credentials to the terminal.
To create a new password, you type and add command followed by a name and a text editor opens up for you to type credentials in, or it can generate them for you.
To keep your backup up to date you just git push to the remote of your choice. I use github
I use qtpass as a GUI for pass
Can I use it fully offline?
Yes, it is fully offline, you can back it up by any mean you could any other file, and it should be fine as the files are encrypted (should store the keys separated), can be a USB, an external drive, another computer in your LAN, a git repo, nextcloud, syncthing.
How do I back it up to USB drive?
You copy and paste the files
What does the day-to-day operation of Pass compared to Keepass look like?
As I said I use qtpass as a GUI so, open qtpass, search for the specific password file, double click, put the password for my gpg key and then the password I need is stored in clipboard for 30sec (this is customizable or can be disabled) and I paste it where I need it.
If I need to store a new password, just use the add password button, and input the data, it is that simple.
You can read more about it on the Wikipedia link included.
In short it's a password manager with cli and GUI available.
Scientists Have Created Hybrid Intelligence
Scientists Have Created Hybrid Intelligence
Scientists integrated lab-grown brain organoids with robots, creating hybrid intelligence. It offers new potential for neurological condition treatments.Darren Orf (Popular Mechanics)
like this
ShaunaTheDead likes this.
Uncanny X-Men, October 2024
like this
Oofnik and ShaunaTheDead like this.
Need help: USB unlock LUKS on Alpine Linux
Hi folks,
I have Alpine Linux installed in an encrypted LUKS partition. I came across this tutorial which shows how to setup a key in a USB drive and when the drive is inserted and the computer booted, the LUKS partition auto-unlocks with the key on the USB drive.
askubuntu.com/questions/141461…
I would like to setup the same thing but I do not have Alpine linux installed on ZFS, so I'm looking for ways to adapt the instructions.
So far, what I've done is:
1) I've setup the key on the usb stick and I can unlock the LUKS partition with that key.
2) create a /etc/mkinitfs/features.d/usb-unlock.sh script with the following content:
(the echo to /dev/kmesg was to check whether the script did indeed run at boot by trying to print to the kernel messages but I can't find anything in the kernel messages).
\#!/bin/sh
echo "usb-unlock script starting..." > /dev/kmsg
USB_MOUNT="/mnt/my-usb-key" # The USB stick mounting point
LUKS_KEY_FILE="awesome.key" # The name of your keyfile on the USB stick
# Search for the USB stick with the key
for device in $(ls /dev/disk/by-uuid/*); do
mount $device $USB_MOUNT 2>/dev/null
if [ -f "$USB_MOUNT/$LUKS_KEY_FILE" ]; then
# Unlock the LUKS partition
cryptsetup luksOpen /dev/sda3 cryptroot \
--key-file "$USB_MOUNT/$LUKS_KEY_FILE" && exit 0
fi
umount $USB_MOUNT
done
echo "No USB key found, falling back to password prompt." # this message never appears, despite not having found the key on the usb stick
echo "usb-unlock script ending." > /dev/kmsg3) I added
usb-unlock to the features in mkinitfs.conf:mytestalpine:~# cat /etc/mkinitfs/mkinitfs.conf
features="ata base ide scsi usb virtio ext4 cryptsetup keymap usb-unlock"4) run
mkinitfs to rebuild the initramfs. Then reboot to test the implementation, which was unsuccessful.What am I missing / doing wrong?
Thank you for your help!
Edit: forgot to add step 4
like this
ShaunaTheDead likes this.
reshared this
Tech Cyborg reshared this.
usb-unlock.sh script is even running at boot. Any thoughts?
Seems that the file /etc/mkinitfs/features.d/ is only linux alphine thing so creating it for another linux distro does nothing.
wiki.alpinelinux.org/wiki/Init…
I would create a systemd service instead if your distro is using systemd slingacademy.com/article/ubunt…
Edit: Sorry please ignore my comment. Your entire system is encrypted so that won't work.
I'll see if there is another solution and post it
Edit2: Maybe you need to place the file here instead /usr/share/initramfs-
tools/scripts/ ?
manpages.ubuntu.com/manpages/b…
I think you may want to usefor device in /dev/disk/by-uuid/*
That doesn't explain why you aren't seeing messages.
I see there is a shebang at the start of the script. Can you confirm that the script has the executable bit set for the root user?
Yes it does (have the execution bit).
edit: added paranthesis
More of a debugging step, but have you tried running lsinitrd on the initramfs afterwards to verify your script actually got added?
You theoretically could decompress the entire image to look around as well. I don't know the specifics for alpine, but presumably there would be a file present somewhere that should be calling your custom script.
EDIT: Could it also be failing because the folder you are trying to mount to does not exist? Don't you need a mkdir somewhere in your script?
/etc/mkinitfs/features.d/
mkinitfs doesn't support running custom shell hooks. mkinitfs is very, very, very bare-bones custom code and the whole features concept exists only to pull extra files and kernel modules into the initramfs, not for extra logic.
You'd either have to customize the init script itself (not impossible, it's 1000 lines) and pass -i/set init= in the .conf, or install Dracut/Booster instead (which should "just work" if you apk add them, but I've had no need to do so).
It seems you might be right. There is so little documentation for initramfs in Alpine Linux (the wiki page is very barebones), but I did manage to find this open issue:
gitlab.alpinelinux.org/alpine/…
So I guess this confirms that it is not yet possible.
Could you expand on your suggestion with customizing the init script? Where is this file located, and would you have some pointers of how to get started to customize it for my use case?
chameleon likes this.
You'd be looking for /usr/share/mkinitfs/initramfs-init . I've never customized that myself, but it looks like there's already some support for a keyfile if you look for KOPT_cryptroot and check that block of code. That looks like it's mostly set up for a keyfile embedded into the initramfs, but I guess it should be possible to replace that code with something that grabs the keyfile off an USB drive.
I suppose you'd make a copy of it, put it somewhere in /etc or whatever and change the mkinitfs.conf to point to it. init="/etc/whatever/myinitramfs-init" should do the trick since the config file just gets sourced in. That said you're definitively heading into unknown territory here. It might be easier to just use Dracut or the like instead.
Thank you for your help.
I decided to give dracut a shot, see how far I could get.
I created a directory /usr/lib/dracut/modules.d/99usb-mount in which I created two scripts:
A first module /usr/lib/dracut/modules.d/99usb-mount/module-setup.sh, executable:
\#!/bin/bash
check() {
return 0
}
depends() {
echo "crypt"
return 0
}
install() {
inst_hook pre-mount 90 "$moddir/usb-mount.sh"
}And a second script
/usr/lib/dracut/modules.d/99usb-mount/usb-mount.sh, also executable:\#!/bin/bash
LUKS_PARTITION=/dev/sda3
USB_NKL=/dev/disk/by-uuid/<MY-UUID>
USB_MOUNT_DIR=/mnt/my-usb/
KEY_FILENAME=mykey.key
# Wait for the USB to be detected and available
for i in {1..10}; do
if [ -b ${USB_NKL} ]; then
break
fi
sleep 1
done
# Mount the USB stick
mount ${USB_NKL} ${USB_MOUNT_DIR}
# Check if the mount was successful
if [ $? -ne 0 ]; then
echo "Failed to mount USB stick"
exit 1
fi
# Unlock the LUKS partition using the keyfile
if [ -e "${USB_MOUNT_DIR}/${KEY_FILENAME}" ]; then
cryptsetup luksOpen "${LUKS_PARTITION}" cryptroot --key-file "${USB_MOUNT_DIR}/${KEY_FILENAME}"
else
echo "Keyfile not found!"
echo "Failed to unlock LUKS partition"
exit 1
fiI then fixed some dependencies and got around installing
device-mapper, providing dmsetup, required by dm, required by crypt, required by my scripts.Then I ran: dracut -f, which didn't seem to have any issue and includes my module:
[...]
dracut[I]: *** Including module: usb-mount ***
[...]
dracut[E]: ldconfig exited ungracefully
[...]
dracut[I]: *** Creating initramfs image file '/boot/initramfs-6.6.54-0-lts.img' done ***Not sure if this
ldconfig error should be of any concern? The end image seems to have been created successfully.When I check the verbose output, I see my module being included:
dracut[D]: -rwxr-xr-x 0/0 747 2024-10-07 22:30:00 lib/dracut/hooks/pre-mount/90-usb-mount.shHowever, it is here numbered 90 when above I had placed it in 99, no idea what that's about? (edit: actually I wrote 90 in the
module-setup.sh, so this is normal I guess).Then I rebooted with my key and the prompt for my password to unlock my LUKS partition still appeared.
In the kernel messages I see my usb stick being detected (perhaps not mounted?) prior to the password prompt, so not sure what's going on. Do you see any issue with my attempt? Or would you happen to have any propositions for debugging this further? I'm a bit lost as to how I can diagnose the issue.
Here are the kernel messages regarding the usb detection and a few seconds later, me unlocking the LUKS partition:
[ 1.748076] usb 1-1: new high-speed USB device number 2 using xhci_hcd # usb 1-1 / sdb is my USBkey. It seems to have been detected but not mounted?
[ 2.068060] device-mapper: uevent: version 1.0.3
[ 2.068190] device-mapper: ioctl: 4.48.0-ioctl (2023-03-01) initialised: dm-devel@redhat.com
[ 2.078157] Key type encrypted registered
[ 2.153792] usb 1-1: New USB device found, idVendor=067b, idProduct=2517, bcdDevice= 1.00
[ 2.153799] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=6
[ 2.153801] usb 1-1: Product: ClipDrive
[ 2.153803] usb 1-1: Manufacturer: BUFFALO
[ 2.153805] usb 1-1: SerialNumber: A9200502030000221
[ 2.155494] usb-storage 1-1:1.0: USB Mass Storage device detected
[ 2.157341] scsi host3: usb-storage 1-1:1.0
[ 2.159772] usbcore: registered new interface driver uas
[ 3.221531] scsi 3:0:0:0: Direct-Access BUFFALO ClipDrive 1.00 PQ: 0 ANSI: 0 CCS
[ 3.224250] sd 3:0:0:0: [sdb] 507904 512-byte logical blocks: (260 MB/248 MiB)
[ 3.227885] sd 3:0:0:0: [sdb] Write Protect is off
[ 3.227899] sd 3:0:0:0: [sdb] Mode Sense: 23 00 00 00
[ 3.231635] sd 3:0:0:0: [sdb] No Caching mode page found
[ 3.231645] sd 3:0:0:0: [sdb] Assuming drive cache: write through
[ 3.247551] sd 3:0:0:0: [sdb] Attached SCSI removable disk
[ 6.323670] EXT4-fs (dm-0): orphan cleanup on readonly fs # the 3 seconds gap is me unlocking the LUKS using the keyboard
[ 6.323954] EXT4-fs (dm-0): mounted filesystem 33a8b408-37ff-4b8a-98bf-bba8b6f00604 ro with ordered data mode. Quota mode: none.
[ 6.324134] Mounting root: ok.
Dracut may have this functionality already built in via rd.luks.key, so a custom module would really only make sense if you're trying to do more than that. You can probably get away with just using that if you just want it to work, but if you want to customize stuff:
I suspect your module is running well after the device is already supposed to be cryptsetup opened. The way the default crypt module handles it is by setting up udev configuration in a very early phase, and then having udev request the password a little bit later when it finds the device it's trying to open, until all devices are ready. It's a complex mechanism compared to Alpine's straightforward script, but it's much more flexible when it comes to ordering of things like RAID/network devices/LUKS/etc.
The result of that is that your code would have to run much earlier. There's some documentation on how hooks work, and the builtin rd.luks.key / keydev handler runs at cmdline 10. That's well before your pre-mount, and probably where you'd want to run your code. Based on a cursory inspection of the other code, you could either cryptsetup open it yourself if you use the name it expects (rd.luks.name= cmdline parameter or luks-$luks_container_uuid), or you could use that /tmp/luks.keys mechanism (it's a dracut-internal thing so you won't find much documentation, but it lives in crypt-lib.sh, cryptroot-ask.sh and probe-keydev.sh).
As for debugging, the cmdline manpage has a few decent enough options. rd.break=cmdline or similar can force a shell before Dracut goes through a specific phase of hooks. You should be able to manually test doing things similar to your script at that point.
Thank you for your help. I spent time digging into this rabbit hole, and while I've learned a lot, I am struggling to get the basics to work.
Right now, I'm focusing on being able to just boot an image I created using dracut, excluding all the initial stuff I wanted, just be able to reproduce the original functionality of being able to unlock my luks partition using my keyboard.
Where I'm at:
I am building my initramfs using the following command: dracut -f -v --add crypt --add lvm --add dm. I get the following output log:
::: spoiler Output log
mytestalpine:~# dracut -f -v --add crypt --add lvm --add dm
dracut[I]: Executing: /usr/bin/dracut -f -v --add crypt --add lvm --add dm
dracut[I]: Module 'dash' will not be installed, because command 'dash' could not be found!
dracut[I]: Module 'mksh' will not be installed, because command 'mksh' could not be found!
dracut[I]: Module 'caps' will not be installed, because command 'capsh' could not be found!
dracut[I]: Module 'modsign' will not be installed, because command 'keyctl' could not be found!
dracut[I]: Module 'i18n' will not be installed, because command 'loadkeys' could not be found!
dracut[I]: Module 'url-lib' will not be installed, because command 'curl' could not be found!
dracut[I]: Module 'btrfs' will not be installed, because command 'btrfs' could not be found!
dracut[I]: Module 'dmraid' will not be installed, because command 'dmraid' could not be found!
dracut[I]: Module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found!
dracut[I]: Module 'mdraid' will not be installed, because command 'mdadm' could not be found!
dracut[I]: Module 'crypt-gpg' will not be installed, because command 'gpg' could not be found!
dracut[I]: Module 'cifs' will not be installed, because command 'mount.cifs' could not be found!
dracut[I]: Module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found!
dracut[I]: Module 'iscsi' will not be installed, because command 'iscsiadm' could not be found!
dracut[I]: Module 'iscsi' will not be installed, because command 'iscsid' could not be found!
dracut[I]: 95nfs: Could not find any command of 'rpcbind portmap'!
dracut[I]: Module 'nvmf' will not be installed, because command 'nvme' could not be found!
dracut[I]: Module 'nvmf' will not be installed, because command 'jq' could not be found!
dracut[I]: Module 'biosdevname' will not be installed, because command 'biosdevname' could not be found!
dracut[I]: Module 'masterkey' will not be installed, because command 'keyctl' could not be found!
dracut[I]: Module 'dash' will not be installed, because command 'dash' could not be found!
dracut[I]: Module 'mksh' will not be installed, because command 'mksh' could not be found!
dracut[I]: Module 'caps' will not be installed, because command 'capsh' could not be found!
dracut[I]: Module 'modsign' will not be installed, because command 'keyctl' could not be found!
dracut[I]: Module 'url-lib' will not be installed, because command 'curl' could not be found!
dracut[I]: Module 'btrfs' will not be installed, because command 'btrfs' could not be found!
dracut[I]: Module 'dmraid' will not be installed, because command 'dmraid' could not be found!
dracut[I]: Module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found!
dracut[I]: Module 'mdraid' will not be installed, because command 'mdadm' could not be found!
dracut[I]: Module 'crypt-gpg' will not be installed, because command 'gpg' could not be found!
dracut[I]: Module 'cifs' will not be installed, because command 'mount.cifs' could not be found!
dracut[I]: Module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found!
dracut[I]: Module 'iscsi' will not be installed, because command 'iscsiadm' could not be found!
dracut[I]: Module 'iscsi' will not be installed, because command 'iscsid' could not be found!
dracut[I]: 95nfs: Could not find any command of 'rpcbind portmap'!
dracut[I]: Module 'nvmf' will not be installed, because command 'nvme' could not be found!
dracut[I]: Module 'nvmf' will not be installed, because command 'jq' could not be found!
dracut[I]: Module 'masterkey' will not be installed, because command 'keyctl' could not be found!
dracut[I]: *** Including module: sh ***
dracut[I]: *** Including module: busybox ***
dracut[I]: *** Including module: crypt ***
dracut[I]: *** Including module: dm ***
dracut[D]: Skipping udev rule: 10-dm.rules
dracut[D]: Skipping udev rule: 13-dm-disk.rules
dracut[D]: Skipping udev rule: 95-dm-notify.rules
dracut[D]: Skipping udev rule: 64-device-mapper.rules
dracut[D]: Skipping udev rule: 60-persistent-storage-dm.rules
dracut[D]: Skipping udev rule: 55-dm.rules
dracut[I]: *** Including module: kernel-modules ***
dracut[I]: *** Including module: kernel-modules-extra ***
dracut[D]: kernel-modules-extra: configuration source "/run/depmod.d" does not exist
dracut[D]: kernel-modules-extra: configuration source "/etc/depmod.d" does not exist
dracut[D]: kernel-modules-extra: configuration source "/lib/depmod.d" does not exist
dracut[I]: *** Including module: lvm ***
dracut[D]: Skipping udev rule: 11-dm-lvm.rules
dracut[D]: Skipping udev rule: 64-device-mapper.rules
dracut[D]: Skipping udev rule: 56-lvm.rules
dracut[D]: Skipping udev rule: 60-persistent-storage-lvm.rules
dracut[I]: *** Including module: rootfs-block ***
dracut[I]: *** Including module: terminfo ***
dracut[I]: *** Including module: udev-rules ***
dracut[D]: Skipping udev rule: 70-persistent-net.rules
dracut[I]: *** Including module: usrmount ***
dracut[I]: *** Including module: base ***
dracut[I]: *** Including module: fs-lib ***
dracut[I]: *** Including module: shutdown ***
dracut[I]: *** Including modules done ***
dracut[I]: *** Installing kernel module dependencies ***
dracut[I]: *** Installing kernel module dependencies done ***
dracut[I]: *** Resolving executable dependencies ***
dracut[I]: *** Resolving executable dependencies done ***
dracut[I]: *** Hardlinking files ***
dracut[D]: Mode: real
dracut[D]: Method: sha256
dracut[D]: Files: 457
dracut[D]: Linked: 0 files
dracut[D]: Compared: 0 xattrs
dracut[D]: Compared: 6 files
dracut[D]: Saved: 0 B
dracut[D]: Duration: 0.015759 seconds
dracut[I]: *** Hardlinking files done ***
dracut[I]: Could not find 'strip'. Not stripping the initramfs.
dracut[I]: *** Generating early-microcode cpio image ***
dracut[I]: *** Store current command line parameters ***
dracut[I]: Stored kernel commandline:
dracut[I]: rootfstype=ext4 rootflags=rw,relatime
dracut[E]: ldconfig exited ungracefully
dracut[I]: *** Creating image file '/boot/initramfs-6.6.56-0-lts.img' ***
dracut[I]: Using auto-determined compression method 'gzip'
dracut[D]: Image: /var/tmp/dracut.Ds3W3x/initramfs.img: 12M
dracut[D]: ========================================================================
dracut[D]: Version: dracut-060
dracut[D]: lib/dracut/dracut-060
dracut[D]:
dracut[D]: Arguments: -f -v --add 'crypt' --add 'lvm' --add 'dm'
dracut[D]: lib/dracut/build-parameter.txt
dracut[D]:
dracut[D]: dracut modules:
dracut[D]: sh
dracut[D]: busybox
dracut[D]: crypt
dracut[D]: dm
dracut[D]: kernel-modules
dracut[D]: kernel-modules-extra
dracut[D]: lvm
dracut[D]: rootfs-block
dracut[D]: terminfo
dracut[D]: udev-rules
dracut[D]: usrmount
dracut[D]: base
dracut[D]: fs-lib
dracut[D]: shutdown
dracut[D]: lib/dracut/modules.txt
dracut[D]: ========================================================================
:::
Then I updated the /boot/extlinux.conf file, adding the following second entry (displaying the first one just for comparison):
LABEL lts
MENU DEFAULT
MENU LABEL Linux lts
LINUX vmlinuz-lts
INITRD initramfs-lts
APPEND root=/dev/mapper/root modules=sd-mod,usb-storage,ext4 cryptroot=<my-uuid> cryptdm=root quiet rootfstype=ext4
LABEL lts
MENU LABEL dracut-img
LINUX vmlinuz-lts
INITRD /boot/initramfs-6.6.56-0-lts.img
APPEND root=/dev/mapper/root modules=sd-mod,usb-storage,ext4 cryptroot=UUID=<my-uuid> cryptdm=root quiet rootfstype=ext4 rootflags=rw,relatimeI added the
rootflags=rw,relatime because this was shown in the dracut log, so I thought perhaps that mattered. But for the most part I left it the same as the previous entry, because I'm trying to do the same thing I suppose. Perhaps I'm mistaken?The current result of booting that image leads to a long loading (not asking for the passphrase to unlock the partition) then displaying the following error:
dracut Warning: Could not boot.
dracut Warning: "/dev/mapper/root" does not exist
Generating "/run/initramfs/rdsosreport.txt"
You might want to save "/run/initramfs/rdsosreport.txt" to a USB stick or /boot after mounting them and attach it to a bug report.
To get more debug information in the report, reboot with "rd.debug" added to the kernel command line.
Dropping to debug shell.Before dropping me in a shell, in which I have not found anything useful to do. I am surely missing something basic as my understanding of what's happening is pretty superfluous.
What I'm noticing which may be of importance:
* dracut[E]: ldconfig exited ungracefully, in the dracut output log. Perhaps this matters and should be fixed? An image is nonetheless generated.
* there are many missing modules when creating an image, but I don't know if any of them matter, at least for my purpose.
* One thing I can't wrap my head around is, how come the original kernal image work, when I had packages such as device-mapper and lvm missing, why did dracut complain about them missing for me to compile my own image? and would I need to add options in the /boot/extlinux.conf file, when they are not required for the original boot entry, when all I'm trying to do (as a start) is just make sure I can reproduce a bootable kernel image?
I think you should check your root= line and add a rd.luks.uuid= to make it open it. Dracut will by default open the root FS as /dev/mapper/luks-abcdef... based on the LUKS container UUID. You can get that with cryptsetup luksUUID. /dev/mapper/root is just never going to show up unless you've assigned a custom name to that with the barely documented rd.luks.name, and I don't see that in your setup. The cryptroot and cryptdm parameters aren't used by Dracut either.
With all of that missing it's just gonna wait for that /dev/mapper/root to magically show up out of nowhere, without ever trying to open it.
A correct cmdline will probably look something along the lines of root=/dev/mapper/luks-<uuid> modules=sd-mod,usb-storage,ext4 rootfstype=ext4 rootflags=rw,relatime rd.luks.uuid=<uuid> and once opening with passphrase works, you can start to mess with rd.luks.key=/awesome.key (and readd quiet when done debugging, if you want it that way).
ldconfig errors and the missing modules should be fine. musl's ldconfig is just a bit different but also isn't required in quite the same way. I don't think you should need to mess with modules manually. I don't think you're using LVM's userland for your setup, just all the device-mapper kernel modules. Dracut will pull all the necessary bits in for you if you're setting it up for LUKS.
I'm very grateful for your extended help. I've made some progress. I'm able to get the prompt to appear asking me for my passphrase to unlock the right partition (sda3 in my case). Entering the passphrase, however, drops me in the Dracut emergency shell after ~3min of dracut logs, seemingly looping. (Edit: the reason for why it drops me in the shell is very unclear. It says Dropping to debug shell. /bin/sh: can't access tty: job control turned off. And if I try to exit the dracut shell, it says dracut Warning: could not boot.).
In the Dracut emergency shell, checking /dev/mapper/ I see a luks-<sda3-uuid> listed. Running blkid I see it listed too with TYPE=crypto_LUKS. I also see a dev/dm-0 with a dedicated UUID, in ext4. I ran blkid which shows:
/dev/mapper/luks-705fc477-573a-4ef6-81b6-a14c43cda1f5: UUID="57955343-922a-4918-9bc1-797ca8d13a9c" TYPE="ext4"
/dev/sda1: UUID="cc5e0b03-3544-4bef-ab8b-8b72dd236926" TYPE="ext4"
/dev/sda2: UUID="4df1af6c-3199-4bb2-bb12-bcf897cfc6fc" TYPE="swap"
/dev/sda3: UUID="705fc477-573a-4ef6-81b6-a14c43cda1f5" TYPE="crypto_LUKS"
/dev/dm-0: UUID="57955343-922a-4918-9bc1-797ca8d13a9c" TYPE="ext4"I checked the status of the filesystem running
cryptsetup status /dev/mapper/luks-<sda3-uuid> and it says it is active, which I guess means it is unlocked?I checked the /root directory, and it is empty. So I tried to mount the partition myself: mount /dev/mapper/luks-<sda3-uuid> /root but it fails saying mount: mounting /dev/mapper/luks-<sda3-uuid> on /root failed: No such file or directory and that got me really puzzled? I've been searching far and wide but I can't seem to find anyone with a similar situation. I feel like I'm close to getting this working.
Below is my syslinux kernel config, and the 2nd and 3rd items are what I booted into (/boot/extlinux.conf)
# Generated by update-extlinux 6.04_pre1-r15
DEFAULT menu.c32
PROMPT 0
MENU TITLE Alpine/Linux Boot Menu
MENU HIDDEN
MENU AUTOBOOT Alpine will be booted automatically in # seconds.
TIMEOUT 10
LABEL lts
MENU DEFAULT
MENU LABEL Linux lts
LINUX vmlinuz-lts
INITRD initramfs-lts
APPEND root=/dev/mapper/root modules=sd-mod,usb-storage,ext4 cryptroot=UUID=705fc477-573a-4ef6-81b6-a14c43cda1f5 cryptdm=root rootfstype=ext4 rd.debug log_buf_len=1M rd.shell
LABEL lts
MENU DEFAULT
MENU LABEL Dracut Linux lts
LINUX vmlinuz-lts
INITRD /boot/initramfs-6.6.56-0-lts.img
APPEND root=/dev/mapper/luks-705fc477-573a-4ef6-81b6-a14c43cda1f5 modules=sd-mod,usb-storage,ext4 rootfstype=ext4 rd.shell rd.debug log_buf_len=1M rd.luks.uuid=705fc477-573a-4ef6-81b6-a14c43cda1f5
LABEL lts
MENU DEFAULT
MENU LABEL Dracut Linux lts 2
LINUX vmlinuz-lts
INITRD /boot/initramfs-6.6.56-0-lts.img
APPEND modules=sd-mod,usb-storage,ext4,dm,crypt,rootfs-block rootfstype=ext4 rootflags=rw,relatime rd.shell rd.debug log_buf_len=1M root=UUID=57955343-922a-4918-9bc1-797ca8d13a9c rd.luks.uuid=705fc477-573a-4ef6-81b6-a14c43cda1f5And here the
/proc/cmdline of the booted partition:BOOT_IMAGE=vmlinuz-lts modules=sd-mod,usb-storage,ext4,dm,crypt,rootfs-block rootfstype=ext4 rootflags=rw,relatime rd.shell rd.debug log_buf_len=1M root=UUID=57955343-922a-4918-9bc1-797ca8d13a9c rd.luks.uuid=705fc477-573a-4ef6-81b6-a14c43cda1f5 initrd=/boot/initramfs-6.6.56-0-lts.imgHere is my setup, when I boot in my regular initramfs (the one I'm trying to replicate using dracut):
mytestalpine:~# lsblk -o NAME,FSTYPE,FSVER,LABEL,UUID,FSAVAIL,FSUSE%,MOUNTPOINTS
NAME FSTYPE FSVER LABEL UUID FSAVAIL FSUSE% MOUNTPOINTS
sda
├─sda1 ext4 cc5e0b03-3544-4bef-ab8b-8b72dd236926 195.5M 21% /boot
├─sda2 swap 4df1af6c-3199-4bb2-bb12-bcf897cfc6fc [SWAP]
└─sda3 crypto_LUKS 705fc477-573a-4ef6-81b6-a14c43cda1f5
└─root ext4 57955343-922a-4918-9bc1-797ca8d13a9c 2.3G 8% /
mytestalpine:~# lsblk -l -n /dev/sda3
sda3 8:3 0 2.8G 0 part
root 253:0 0 2.8G 0 crypt /Note: No idea of the relevance, but I'm testing this setup in a VM, with a BIOS firmware.
Introducing Kühlmak, my layout analyzer and optimizer
After a few years of tinkering and learning I'm finally ready to share the result of my work. Meet Kühlmak. What started out as my attempt to create the perfect keyboard layout morphed into a project to make a flexible and fast analyzer and optimizer. The feature highlights:
- Command line interface
- Information-rich, text-based layout overview and stats
- Support for different types of physical keyboard layouts and fingerings (row-staggered, angle-mod, column-staggered and more)
- Extremely fast analyzer that enables simulated annealing
- Multi-threaded annealing to find many optimized layouts quickly
- Multi-objective fitness function with soft targets for individual objectives
- Multi-objective ranking system to identify the best trade-offs out of many generated layouts
- Metrics that naturally favour finger and/or hand balance for effort, travel and n-grams
- Finger travel distance weighted by speed (inspired by Semimak)
- Comprehensive same-hand bigram, disjointed-bigram and same-hand 3-gram scoring system
- Support for affinity of Space to one thumb or both
- Optional constraints to enable steering certain layout features (e.g. preferred positions of punctuations and shortcuts)
The terminology and metrics are partially inspired by and partially adapted to The Keyboard Layouts Doc (2nd edition). However, I made some deliberate design choices and probably introduced more subtle biases that deviate from some of those definitions. There is lots more information in the README.
At this point I consider it ready enough to finally optimize a layout for my Mantis keyboard and see if it works as well as I hope it will.
like this
ShaunaTheDead likes this.
Clent
in reply to Jure Repinc • • •Microsoft and Nvidia are investing but they are both positioned to gain a return on investment by cloud hosting and hardware sales respectively.
Apple dropping out indicates they saw behind the curtain, did the math and realized they can create their own platform for less.
There is no path to profitability for them. Unlike other recent billion dollar tech companies there are no human workers to squeeze. Hardware doesn't work for less than minimum wattage.
imPastaSyndrome
in reply to Clent • • •Kind of funny to see them Trying to capitalism squeeze physical laws And fail.
WaterSword
in reply to Clent • • •SorteKanin
in reply to Jure Repinc • • •Gork
in reply to Jure Repinc • • •So I have a slightly different experience here. When I lost my job recently I actually ended up signing up for ChatGPT plus. I abused the ever living hell out of 4o to crank out tailored cover letters and matching resumes. I was able to roughly triple my job search productivity until I got a job three months later.
Was it worth it? For that timeframe (3 months, $60) hell yeah since the mental labor of handcrafting cover letters for each job listing is extremely taxing and takes some of the awfulness out of the entire job hunt.
sevan
in reply to Gork • • •Gork
in reply to sevan • • •It helps when you've fed a few that you've made by hand to start in the same thread for it to use as an example (and format), along with one of your resumes. Then copy and paste the job description and have it generate a cover letter for you.
Keep it all in one massive thread, if it makes a mistake, correct it and tell it to apply those changes to future ones as well (in my case it kept saying I had over ten years of experience when in actually I just had ten, so I had to correct that behavior).
Since it's an AI it will sometimes hallucinate, this usually happens if there are terms in the job description that aren't in your resume... either have it regenerate (if it will take more than a few minutes to edit) or strip out the offending sentences. Some will need very little editing, especially if the job description closely aligns with what you have on your resume.
Oh and be polite because it now knows all your skills and can probably murder you in your sleep lol
sevan
in reply to Gork • • •hperrin
in reply to Jure Repinc • • •I feel like if ChatGPT were the only LLM on the market, they’d have a real path to profitability, but it’s not even the best LLM on the market. And the open source models are nearly as good, meaning the vast majority of people who need an LLM can run it on their own hardware.
It’s kind of like trying to make a profitable business out of offering a special sauce that isn’t as good as your competitors sauce, and is barely better than the free sauce from Taco Bell. Oh and it costs you millions of dollars to produce a single bottle.