Postgres is a db and Dovecot is a IMAP/POP thing. Exim is a MTA and I think you meant to say Postfix 8)
I personally use Exim. The developers of both have collaborated as required with each other in the past over certain issues and both projects are very mature. They are rather different beasts and there are loads of articles out there comparing them.
exim allows much more customization. Most people don't need that level of customization, and postfix is definitely easier to use precisely because you just write settings, you don't write configuration logic.
I'm still using exim, but not for any specific reason. It's just what I used in the beginning and I never had a reason to change.
> EXIM is much easier to configure than postfix. Postfix is faster than EXIM.
You might have the two reversed?
I don't have hands-on experience with Exim, but every "getting started with email" document on the internet seems to recommend Postfix as easier for a beginner to install.
Before Debian made exim default and made an ungodly mess of macros and unintelligible crap out of their config, it was pretty simple to configure.
In fact, as an old hand (been dealing with exim configs since 2001), the very first thing I did and still do is delete the default debian hell and copy-paste a simple two-screen config which then needs only 3-4 lines tweaked.
I don't have them reversed, EXIM is indeed far easier.
Postfix has a high learning curve; the master.cf vs main.cf and the "chaining" of email filters (milters) is a lot more of a hurdle than exims comparatively simple configuration.
The issue is mostly that postfix is installed by default more places, so it's the default, much like sendmail was. And that setting up an MTA is quite difficult anyway.
It's basically an accident of history. But both are fine in their own right, neither is inferior to the other, just trade offs.
to offload some of the postfix install complexity this repo is actively maintained ... been using it in prod for a few years with no issues ... postfix running on debian inside a docker container https://github.com/tomav/docker-mailserver
It likely has everything to do with our current President’s inability to strike a diplomatic tone in any public discourse.
Please don’t down vote me for an obvious statement, but I do feel the maturity of Political discourse was brought to the school playground level with the election in 2016.
Well still the default mta on Debian, so it has some userbase, at least as a local mta. Might catch some by surprise, but maybe those systems should not have had direct exposure to the internet in the first place.
It's supposed to be lighter for purely local installations with an single binary, and was the default mta for Debian for a long time for mostly that reason.
some of the points made doing that decision is available here https://wiki.debian.org/Debate/DefaultMTA#Comparison
For the most part postfix/dovecot have become the default for full scale mail servers but back when the Debian defaults were decided there was still some uncertainty about what would replace sendmailNG as the lightweight default mta.
IMHO, Exim's configuration is horrendously complicated. That's not to say that Postfix is a piece of cake; however, Postfix has fewer bells and whistles. For example, I struggle to comprehend the "router" system: https://www.exim.org/exim-html-current/doc/html/spec_html/ch...
Exim's configuration is very expressive. Being able to do complex things has the tradeoff of being able to get lost in the complex things you've done, that's a given.
But I wouldn't call it complicated, not really. Expansions usually bite, but it had a REPL-like facility for getting them right since forever. The rest is pretty nice and clean DSL in my opinion.
Most intriguing part of the story is the new ability of governments to call each other out, the deterioration of diplomatic tone and language whereby nation states would never explicitly attack each other verbally. Since the the controversy with Iran, foes have been more like five year olds in their criticism for each other. I'm sure everyone is aware of the mutually assured destruction brought forth by conflict (no one really wants a war), but none of these leaders are willing to back down at any cost.
I'm not sure openly calling out other countries like this is really new. See for instance [1]:
> By 1987, the Soviets began to sour on the campaign as Moscow’s scientific establishment rebuked it. Secretary of State George P. Shultz also accused Mikhail S. Gorbachev, who was then the leader of the Soviet Union, with hawking “bum dope about AIDS.” Mr. Gorbachev ordered the K.G.B. to stop spreading the conspiracy theory and after the collapse of the bloc, former Soviet intelligence officials owned up to it.
Oh, I know, I just thought it was funny to refer to disinformation as "hawking bum dope". (Though this is a merging of the NYT's word and the quote.) Not really something anyone would say in modern American English.
Ironic that nowadays the US government is the one promoting conspiracy theories about a pandemic. Even the theory is almost exactly the same: that the virus comes from a lab.
You're taking about the assertion that the virus spread from an accidental contamination at a lab in Wuhan. It is crossing into conspiracy theory territory to believe the assertion without proof. However, the theory itself is completely reasonable and sound. This is an unproven claim; a conspiracy theory is something different.
The theory is just as "reasonable" as the Soviet misinformation about HIV was. That is, not at all. It's a wildly implausible assertion that there's no evidence for.
People outside of labs are exposed to bat coronaviruses all the time. The chances that one of a very small number of highly trained researchers working according to strict protocols was patient zero - as opposed to the millions of regular people who come into contact with bat coronaviruses with absolutely no protection or training - is minuscule.
Just like the Soviet misinformation in the 1980s, the theory can't be disproven right now, in exactly the same way that any other malicious accusation made with zero evidence can't be disproven. The Trump administration is acting extremely recklessly by spreading this unsupported conspiracy theory.
After it spilled over naturally, it became the subject of intense study, sometimes in labs with poor procedures. Huge amounts of SARS-CoV were being cultured by people with little training.
That's an entirely different circumstance from now. The lab where they study coronaviruses in Wuhan operates at a much higher standard than poorly run Chinese labs in 2004. The lab in Wuhan wasn't even conceived back then.
It's essentially proven that SARS-CoV-2 was not under study before the outbreak, because the it's not in any of the standard databases where all known coronaviruses are published. But even disregarding that, the idea that huge quantities of a virus that nobody has ever heard of would be cultured is implausible.
It's a wildly implausible assertion that there's no evidence for.
No...it's an entirely plausible assertion that there's no evidence for. That's why it's gained traction so easily. Biohazard accidents have happened before. There's a lab doing work with dangerous microbes in Wuhan. That means plausible.
Conspiracy theories thrive on the tiny bit of truth buried in all the crap. If you dismiss the tiny bit of truth out of hand, it just becomes proof to the conspiracy that you're lying/deluded/part of the cabal.
highly trained researchers working according to strict protocols
To turn this back on your demand for evidence...how do you know? Is it plausible that someone was careless? Poorly trained? The protocols weren't as strictly adhered to as they should have been? Plausibility.
The Trump administration is acting extremely recklessly by spreading this unsupported conspiracy theory.
Well, duh. But you don't fight back with equally poorly considered knee-jerk retorts.
> No...it's an entirely plausible assertion that there's no evidence for.
Not technically impossible is not the same as plausible. It's technically possible that Hitler survived WWII and lived it his days in Argentina. It's not plausible.
> To turn this back on your demand for evidence...how do you know?
Because it's a BSL-4 lab built in collaboration with a top French lab. The researchers are trained at top national labs in the US, France and Australia. Top international virologists insist that the lab in Wuhan has an excellent safety record.
There are a whole number of things that make the theory utterly implausible:
1. The lab did not have SARS-CoV-2. They sequence and publish a segment of the genome of every coronavirus they identify. SARS-CoV-2 is not among the several hundred viruses they've identified and published in this manner. In order to get around this, as a conspiracy theorist, you'd have to assert that the lab, for some reason, decided in advance not to publish SARS-CoV-2. That's implausible element #1.
2. Even if the lab had discovered SARS-CoV-2, and then not published it for whatever unknown reason, they wouldn't have found it interesting. It's 20% divergent from SARS-CoV. Before this pandemic, researchers weren't particularly interested in viruses that are so different from SARS-CoV. There are viruses that are only a few percent different from SARS-CoV. Those are the types of viruses that are intensively studied, where you can start spinning theories about lab accidents. This is implausible element #2.
3. People outside labs are exposed to SARS-related viruses all the time. There are estimates that literally millions of people are exposed every year. If you compare that against a few highly trained researchers working under strict protocols, you begin to see the absurdity of blaming the researchers. We're talking about odds that are literally a million to one here. That's implausible element #3.
> But you don't fight back with equally poorly considered knee-jerk retorts.
You should learn something about the subject before you comment that the theory is plausible.
So...if you get to create narrow definitions of words the way you want, define your opinion ("they would not have found it interesting") as fact and use ad homen attacks ("You should learn something about the subject..."), you get to be right.
Like distinguishing between "plausible" and "not technically impossible"? If "plausible" now refers to anything not ruled out by the laws of physics, with no reference to likelihood, then anyone can make wild, unfounded accusations and say they're "plausible."
> define your opinion ("they would not have found it interesting")
It's not my opinion. Look at the scientific literature on SARS-related coronaviruses from before 2020. What viruses did the Wuhan Institute of Virology publish on?
> ad homen attacks ("You should learn something about the subject...")
I'm annoyed by people who have no idea what they're talking about boosting this conspiracy theory. This is an important enough subject that before making these sorts of wild accusations, you should actually understand something about the field.
I'm annoyed by people who don't actually read what is actually written. I never "boosted a conspiracy theory"; I was explaining why self righteous, ideological twits feed the conspiracy theory by playing into the reasons why people believe in them.
I'm annoyed by people who can't divorce their absolute, unshakable belief that their oh-so-exhaustively Googled faux-expertise from how actual humans are interpreting what is being said. Because, you spent so much time becoming an "expert", you can't possibly be wrong.
I'm annoyed and Google-experts who think anyone who says "maybe you're looking at this the wrong way" turn into Donald Trump and accuse them of not just being wrong, but of "wild accusations" and "boosting conspiracies" and the rest.
I understand this far better than you. You are the problem.
>> However, the theory itself is completely reasonable and sound.
Isn't it the same with most conspiracy theories?(plain bullshit excluded) Just on History Channel you can see a lot of such cases about Hitler still being alive somewhere in Argentine, Ancient Aliens etc. Anyone can find compelling reasons to support anything but if you want to be objective you need to analyse the evidence. What evidence does Trump have that the virus was developed in a lab in China? Even with reasonable evidence I don't know who would believe him anyway.
The biologists that I saw talking about this topic all called it "possible" or "unlikely". Meanwhile the theories that you mentioned are pretty much impossible. "Hitler still being alive somewhere in Argentine" would mean that he is 131 years old.
I think that you let your political affiliations get in the way and cloud your view.
Nobody says that Hitler is still alive. The theory is that he was still alive after the war/was seen in Argentine (i.e he didn't commit suicide) which can be supported/may be "possible".
My point is that without hard evidence anyone can provide "reasonable" arguments for almost anything. That's why we have protocols and run clinical trials instead to rely on what "makes sense"(i.e inject disinfectant to kill covid-19) in our more or less sharp minds.
Now if someone talks bullshit all day long it is very hard to figure out when he says the truth so without evidence it would be safe to assume that whatever he says it is very likely to be false or at least partially false.
In the absence of proof, how is the contemporaneous assertion "[AIDS] was the product of biological weapons experiments conducted by the United States" any less reasonable? We didn't even realize until the 2000s that AIDS had been around for over 30 years at the time the assertions were made.
Prior to SARS-CoV-2, researchers around the world had been warning that the next global pandemic would likely 1) be a coronavirus that 2) emerges from bat reservoirs 3) in China. There was a whole special issue of the journal Virus with multiple papers making that claim: https://www.mdpi.com/journal/viruses/special_issues/viruses_...
At least one of those papers was written by a Wuhan Institute researcher.[1] Is that supposed to constitute circumstantial evidence that implicates the institute? That's the sort of spurious logic at the core of all conspiracy theories. You can implicate anything with coincidence; it's a collectionofrelatedcoincidences which constitute a hypothetical causalchain that make for evidence, and there are none with respect to the Wuhan Institute. And not only that, such a hypothesis has to overcome the a priori likelihood, not to mention substantive evidence (e.g. pangolin intermediary), of it emerging precisely as claimed by the consensus hypothesis.
Is it possible it leaked from the Wuhan Institute? Sure. Just as it was possible the U.S. manufactured AIDS as part of its extensive biowarfare program. They're both still nutty theories, it's just that one has the benefit of hindsight and distance filtering all the contemporaneous coincidences, while the other still seems intuitively plausible without the assistance of analytical thinking to clear the brain fog.
[1] "Thus, it is highly likely that future SARS- or MERS-like coronavirus outbreaks will originate from bats, and there is an increased probability that this will occur in China." Yi Fan, Kai Zhao, Zheng-Li Shi, Peng Zhou, Bat Coronaviruses in China, March 2, 2019. https://www.mdpi.com/1999-4915/11/3/210
>In the absence of proof, how is the contemporaneous assertion "[AIDS] was the product of biological weapons experiments conducted by the United States" any less reasonable?
Because that claim is nonsensical and defies common sense, whereas the idea that an accidental infection took place is entirely reasonable and requires no leaps of faith whatsoever.
>At least one of those papers was written by a Wuhan Institute researcher.[1] Is that supposed to constitute circumstantial evidence that implicates the institute?
What gave you the impression that this particular paper is the reason for the theory? This institute works extensively with bat coronaviruses, published over 40 papers on the subject, had teams doing field work in caves where they came in direct contact with bats, stored many samples on site, have had systemic deficiencies in their safety and training, and were in Wuhan, the ground zero which is hundreds of kilometres away from where the bat populations likely to carry the virus that SARS-CoV-2 mutated from actually live. All of this, while being insufficient to say anything definitive, together points to accidental release as a completely legitimate origin theory.
The US government of course may have a lot more information, leading it to believe that a lab accident is not just plausible, but likely. Or they could be lying and/or engaging in dirty politics. That too is a legitimate theory.
> not to mention substantive evidence (e.g. pangolin intermediary), of it emerging precisely as claimed by the consensus hypothesis.
Consensus hypothesis is very much subject to change. For example, the wet market origin was a significant part of it, and just a few days ago China officially said it now no longer considers that to be the source of the patient zero transmission, but merely a site of a super-spreader event. The pangolin theory was dismissed as recently as a month ago, and now there's some new evidence in its favour. Nothing we're talking about, including accidental release from a lab in Wuhan, remotely crosses into conspiracy theory territory.
>Is it possible it leaked from the Wuhan Institute? Sure. Just as it was possible the U.S. manufactured AIDS as part of its extensive biowarfare program.
What do these word games add to an adult discussion? 'Possible' means nothing. The difference between these, much like the difference between a one in ten and one in a billion chance, is how possible.
>They're both still nutty theories, it's just that one has the benefit of hindsight and distance filtering all the contemporaneous coincidences, while the other still seems intuitively plausible without the assistance of analytical thinking to clear the brain fog.
Again, analytical thinking, if you do choose to apply it, would lead you to see the clear difference between a conspiracy theory and a legitimate theory without sufficient proof. Here we have the latter, since accidental release would be logical, plausible, contradict no firmly established facts at all and would require no leaps of faith at all (unless you consider the idea that the Chinese dictatorship tried to obfuscate and cover up the truth about such a theoretical accident).
> Because that claim is nonsensical and defies common sense, whereas the idea that an accidental infection took place is entirely reasonable and requires no leaps of faith whatsoever.
Only because of your political biases.
> unless you consider the idea that the Chinese dictatorship tried to obfuscate and cover up the truth about such a theoretical accident
This is how I know your views are driven by your political biases.
I'm sorry, this is a little unclear. The idea that a lab having an accident is reasonable because of my "political biases"? Are Chinese labs any different from Western labs, where this would also be entirely possible?
Or is it calling the Chinese dictatorship a dictatorship that's supposed to show my supposed "political biases"? I didn't realize pointing out directly observable facts has become so politically charged and controversial.
A level 4 virus lab had major incident at 16.09.2019: some equipment was stolen from lab, because of fire blast. Incident was caught on video. After that spike of pneumonia cases of unknown origin happens. Now, testing shows that people already have antibodies for SARS-CoV-2, but no virus, and they were not sick for two months, so they had it for at least two months before anybody else. However, lab is not in China, which Trump hates, but in another country near to China, which Trump loves.
That's precisely my point. I'm in no way suggesting that such incidents are only possible in China. Simply put, shit happens and protocols get violated. I work at a research institute with a level 3 lab and find it entirely plausible that it can happen here. So do the health and safety people who meticulously check whatever they can think of multiple times a year.
Accidental release of the virus from the lab is not unlikely (it happened at least twice with sars and chinese labs) nor a conspiracy theory (nobody conspired to anything, mistakes happen).
Everyone is promoting conspiracy theories about a pandemic. China’s Ministry of Foreign Affairs has claimed the virus was a was spread by members of the United States Army who visited Wuhan in October. Russia's Channel One has been saying the virus is US bioweapon. And everyone knows it's really caused by 5G and GMOs managed by Big Pharma and Bill Gates :-). So don't lay all this at the US's door.
Those other countries shouldn't be spreading conspiracy theories either, but the intensity with which the Trump administration has been promoting the lab theory is really unmatched. It's on an entirely different level.
You apparently are unaware of the intensity of the Chinese propaganda campaign in this area. I would counsel "You should learn something about the subject before you comment...", but only an ass would say that.
In 1987, they weren't on twitter, like the US and the Taliban exchanging agreement barbs recently. (unlike in certain quarters, I think these twitter presences have allowed some grievance airing which has actually helped the peace)
Maybe we can get them all to settle their differences with a dance-off on TikTok?
It's one of the main reasons why having an authoritarian lead your country is a bad thing. Things can much more easily escalate to war just because their personal feelings were hurt and won't admit to their mistakes.
They always called each other out, but this was usually done privately, not publically.
If it's done publically, it's usually not a message to a foreign entity but rather a message targeted for domestic consumption. The NSA got a bad reputation with the release of the Snowden files and I guess what we're seeing today is the result of that. Hiring talented people got more difficult for them. So they are releasing ghidra and doing PR stunts like this one to convince potential employees that the NSA isn't that bad.
I'm not making a judgement of what the NSA did or does is bad or what Snowden did was good or bad. Not even whether this PR move was warranted to show they are doing positive things. All I'm saying it's a PR move.
MAD is for nukes, there's not mutually assured destruction in many conflicts going on today. Least of all for nations hacking one another.
This is closer to calling out nations for spying - everyone knows nations spy on one another, but they call them out to humiliate or other goals. It's not really new.
The "Ex" in exim stood for experimental, and while it had some security goals, that was less up front. Unrelated, but interesting, the Exim author (Philip Hazel) also wrote the PCRE library.
My recollection it was billed as easier to setup than Sendmail. During the vote to make it default[1] it was also helped by being smaller than Postfix (at a time when Debian was still supporting floppy disks for installation). There may have been some (with hindsight naive) justification that the easier configuration would make systems more secure by avoiding common Sendmail pitfalls. But I don't think we were thinking about security 20 years ago the same as we do now. It was mostly a "if you can put it in a chroot you'll be fine" attitude.
(When I joined the university in 1997 it was fully deployed there; most people accessed their mail by telnet to a single large Sun server which ran PINE.)
Heck, I'm impressed that enough people are running an MTA that touches incoming mail for this to be effective. It was never "easy", even in the 90s. Back then it was an issue of having a performant, secure config. But these days, it's way more complex and too much money.
I wouldn't think that many people are using fetchmail + local MTA anymore, but maybe I'm wrong.
I used to do it for my family, but maintaining an MTA, spam filtering, IMAP/POP, webmail, CalDAV & CardDAV is rough. And supporting folks hooking up their devices that increasingly needed to go 8 menus deep to punch in the settings for something that wasn't gmail/hotmail/outlook was just too much.
And then you can't run it out of your house, unless you pay money for static IPs, or you pay for hosting and make sure you keep yourself off blocklists. Just the cost of doing it made it not worth it unless you hit economy of scale number of users.
That said, sendmail did improve my M4 skills FWIW.
1) Get all of the source code for Exim, and other codebases, codebases for which vulnerabilities have been discovered -- but before the vulnerability has been removed from source code.
2) Run machine learning on the code, with the understanding that different parts of code may have been written by different authors.
3) Use those ML models to see if other codebases, codebases which are as-of-yet unknown if they contain vulnerablilties, to see if those might have the same coding patterns in certain areas as the affected software above, indicating potential tampering.
In other words, via ML, software which has been tampered with -- might be able to be detected preemptively...
Disclaimer: I am not a ML expert, and this might be a somewhat futuristic idea, due to various constraints...
Once again, this feels politically motivated.
1. It's old news.
2. They blame Russian hackers, but we rarely ever have full certainty into the true source of an attack. This is due to false flags (for example, the Germans adding some Russian comments to their code) and hackers routing their attacks via a daisy chain of compromised machines all over the world.
3. The NSA are the worst offenders when it comes to exploiting software vulnerabilities.
This isn't some conspiracy theory. The NSA is simply doing what people have been asking of them for years: be more proactive and public on the defensive side of things. The fact they are also burning RU methods is just icing on the cake for them.
There is no evidence presented that Russia and the GRU used this. None. Could be true. Could be false. Could be trying to propagate this ridiculous "it's the Russians" narrative so prevalent to explain everything those in 3 letter agencies don't like politically. From the electoral unpopularity of Hilary Clinton, through why Wikileaks publishing secrets of their crimes is not in your interest to now why people are protesting (not record unemployment, not continuing police brutality, not the existence of an underclass in the richest nation on the planet no. Russians).
So yeah, could be true but if you laugh at anyone claiming *Russians" with no evidence to back it that's probably the safest thing to do.
No evidence at all of Russian hacking Hilary's email if you were paying attention in the last week or so other than from evidence free DNC claims. Maybe they did, sure. And maybe Saddam had WMD - believing that lie, and i did, cost us rather a lot. It would be silly to fall for it again.
70 comments
[ 2.2 ms ] story [ 123 ms ] threadSo I guess this is an attempt to get exim users to update.
Though not for RedHat or Ubuntu, both use postfix.
I personally use Exim. The developers of both have collaborated as required with each other in the past over certain issues and both projects are very mature. They are rather different beasts and there are loads of articles out there comparing them.
I'm still using exim, but not for any specific reason. It's just what I used in the beginning and I never had a reason to change.
They are both mail-trasport daemons (basically mail relays).
dovecot is comparable to Cyrus, it's not a mail relay, it's POP/IMAP server used for accessing mail from storage.
You might have the two reversed?
I don't have hands-on experience with Exim, but every "getting started with email" document on the internet seems to recommend Postfix as easier for a beginner to install.
In fact, as an old hand (been dealing with exim configs since 2001), the very first thing I did and still do is delete the default debian hell and copy-paste a simple two-screen config which then needs only 3-4 lines tweaked.
Postfix has a high learning curve; the master.cf vs main.cf and the "chaining" of email filters (milters) is a lot more of a hurdle than exims comparatively simple configuration.
The issue is mostly that postfix is installed by default more places, so it's the default, much like sendmail was. And that setting up an MTA is quite difficult anyway.
It's basically an accident of history. But both are fine in their own right, neither is inferior to the other, just trade offs.
Please don’t down vote me for an obvious statement, but I do feel the maturity of Political discourse was brought to the school playground level with the election in 2016.
For the most part postfix/dovecot have become the default for full scale mail servers but back when the Debian defaults were decided there was still some uncertainty about what would replace sendmailNG as the lightweight default mta.
But I wouldn't call it complicated, not really. Expansions usually bite, but it had a REPL-like facility for getting them right since forever. The rest is pretty nice and clean DSL in my opinion.
> By 1987, the Soviets began to sour on the campaign as Moscow’s scientific establishment rebuked it. Secretary of State George P. Shultz also accused Mikhail S. Gorbachev, who was then the leader of the Soviet Union, with hawking “bum dope about AIDS.” Mr. Gorbachev ordered the K.G.B. to stop spreading the conspiracy theory and after the collapse of the bloc, former Soviet intelligence officials owned up to it.
[1] https://www.nytimes.com/2017/12/12/us/politics/russian-disin...
Odd turn of phrase.
https://thereader.mitpress.mit.edu/operation-denver-kgb-aids...
People outside of labs are exposed to bat coronaviruses all the time. The chances that one of a very small number of highly trained researchers working according to strict protocols was patient zero - as opposed to the millions of regular people who come into contact with bat coronaviruses with absolutely no protection or training - is minuscule.
Just like the Soviet misinformation in the 1980s, the theory can't be disproven right now, in exactly the same way that any other malicious accusation made with zero evidence can't be disproven. The Trump administration is acting extremely recklessly by spreading this unsupported conspiracy theory.
Explain the previous sars releases then.
After it spilled over naturally, it became the subject of intense study, sometimes in labs with poor procedures. Huge amounts of SARS-CoV were being cultured by people with little training.
That's an entirely different circumstance from now. The lab where they study coronaviruses in Wuhan operates at a much higher standard than poorly run Chinese labs in 2004. The lab in Wuhan wasn't even conceived back then.
It's essentially proven that SARS-CoV-2 was not under study before the outbreak, because the it's not in any of the standard databases where all known coronaviruses are published. But even disregarding that, the idea that huge quantities of a virus that nobody has ever heard of would be cultured is implausible.
No...it's an entirely plausible assertion that there's no evidence for. That's why it's gained traction so easily. Biohazard accidents have happened before. There's a lab doing work with dangerous microbes in Wuhan. That means plausible.
Conspiracy theories thrive on the tiny bit of truth buried in all the crap. If you dismiss the tiny bit of truth out of hand, it just becomes proof to the conspiracy that you're lying/deluded/part of the cabal.
highly trained researchers working according to strict protocols
To turn this back on your demand for evidence...how do you know? Is it plausible that someone was careless? Poorly trained? The protocols weren't as strictly adhered to as they should have been? Plausibility.
The Trump administration is acting extremely recklessly by spreading this unsupported conspiracy theory.
Well, duh. But you don't fight back with equally poorly considered knee-jerk retorts.
Not technically impossible is not the same as plausible. It's technically possible that Hitler survived WWII and lived it his days in Argentina. It's not plausible.
> To turn this back on your demand for evidence...how do you know?
Because it's a BSL-4 lab built in collaboration with a top French lab. The researchers are trained at top national labs in the US, France and Australia. Top international virologists insist that the lab in Wuhan has an excellent safety record.
There are a whole number of things that make the theory utterly implausible:
1. The lab did not have SARS-CoV-2. They sequence and publish a segment of the genome of every coronavirus they identify. SARS-CoV-2 is not among the several hundred viruses they've identified and published in this manner. In order to get around this, as a conspiracy theorist, you'd have to assert that the lab, for some reason, decided in advance not to publish SARS-CoV-2. That's implausible element #1.
2. Even if the lab had discovered SARS-CoV-2, and then not published it for whatever unknown reason, they wouldn't have found it interesting. It's 20% divergent from SARS-CoV. Before this pandemic, researchers weren't particularly interested in viruses that are so different from SARS-CoV. There are viruses that are only a few percent different from SARS-CoV. Those are the types of viruses that are intensively studied, where you can start spinning theories about lab accidents. This is implausible element #2.
3. People outside labs are exposed to SARS-related viruses all the time. There are estimates that literally millions of people are exposed every year. If you compare that against a few highly trained researchers working under strict protocols, you begin to see the absurdity of blaming the researchers. We're talking about odds that are literally a million to one here. That's implausible element #3.
> But you don't fight back with equally poorly considered knee-jerk retorts.
You should learn something about the subject before you comment that the theory is plausible.
You are undoubtedly a joy at parties.
Like distinguishing between "plausible" and "not technically impossible"? If "plausible" now refers to anything not ruled out by the laws of physics, with no reference to likelihood, then anyone can make wild, unfounded accusations and say they're "plausible."
> define your opinion ("they would not have found it interesting")
It's not my opinion. Look at the scientific literature on SARS-related coronaviruses from before 2020. What viruses did the Wuhan Institute of Virology publish on?
> ad homen attacks ("You should learn something about the subject...")
I'm annoyed by people who have no idea what they're talking about boosting this conspiracy theory. This is an important enough subject that before making these sorts of wild accusations, you should actually understand something about the field.
I'm annoyed by people who can't divorce their absolute, unshakable belief that their oh-so-exhaustively Googled faux-expertise from how actual humans are interpreting what is being said. Because, you spent so much time becoming an "expert", you can't possibly be wrong.
I'm annoyed and Google-experts who think anyone who says "maybe you're looking at this the wrong way" turn into Donald Trump and accuse them of not just being wrong, but of "wild accusations" and "boosting conspiracies" and the rest.
I understand this far better than you. You are the problem.
Isn't it the same with most conspiracy theories?(plain bullshit excluded) Just on History Channel you can see a lot of such cases about Hitler still being alive somewhere in Argentine, Ancient Aliens etc. Anyone can find compelling reasons to support anything but if you want to be objective you need to analyse the evidence. What evidence does Trump have that the virus was developed in a lab in China? Even with reasonable evidence I don't know who would believe him anyway.
These ones that you listed were plain bullshit though.
I think that you let your political affiliations get in the way and cloud your view.
My point is that without hard evidence anyone can provide "reasonable" arguments for almost anything. That's why we have protocols and run clinical trials instead to rely on what "makes sense"(i.e inject disinfectant to kill covid-19) in our more or less sharp minds.
Now if someone talks bullshit all day long it is very hard to figure out when he says the truth so without evidence it would be safe to assume that whatever he says it is very likely to be false or at least partially false.
I was replying to "Just on History Channel you can see a lot of such cases about Hitler still being alive somewhere in Argentine"
I hope you don't expect me to give all the inner details in a comment. Here[0] is a small summary though.
How is this more bullshit than "your" covid lab theory?
[0] https://en.m.wikipedia.org/wiki/Hunting_Hitler
Prior to SARS-CoV-2, researchers around the world had been warning that the next global pandemic would likely 1) be a coronavirus that 2) emerges from bat reservoirs 3) in China. There was a whole special issue of the journal Virus with multiple papers making that claim: https://www.mdpi.com/journal/viruses/special_issues/viruses_...
At least one of those papers was written by a Wuhan Institute researcher.[1] Is that supposed to constitute circumstantial evidence that implicates the institute? That's the sort of spurious logic at the core of all conspiracy theories. You can implicate anything with coincidence; it's a collection of related coincidences which constitute a hypothetical causal chain that make for evidence, and there are none with respect to the Wuhan Institute. And not only that, such a hypothesis has to overcome the a priori likelihood, not to mention substantive evidence (e.g. pangolin intermediary), of it emerging precisely as claimed by the consensus hypothesis.
Is it possible it leaked from the Wuhan Institute? Sure. Just as it was possible the U.S. manufactured AIDS as part of its extensive biowarfare program. They're both still nutty theories, it's just that one has the benefit of hindsight and distance filtering all the contemporaneous coincidences, while the other still seems intuitively plausible without the assistance of analytical thinking to clear the brain fog.
[1] "Thus, it is highly likely that future SARS- or MERS-like coronavirus outbreaks will originate from bats, and there is an increased probability that this will occur in China." Yi Fan, Kai Zhao, Zheng-Li Shi, Peng Zhou, Bat Coronaviruses in China, March 2, 2019. https://www.mdpi.com/1999-4915/11/3/210
Because that claim is nonsensical and defies common sense, whereas the idea that an accidental infection took place is entirely reasonable and requires no leaps of faith whatsoever.
>At least one of those papers was written by a Wuhan Institute researcher.[1] Is that supposed to constitute circumstantial evidence that implicates the institute?
What gave you the impression that this particular paper is the reason for the theory? This institute works extensively with bat coronaviruses, published over 40 papers on the subject, had teams doing field work in caves where they came in direct contact with bats, stored many samples on site, have had systemic deficiencies in their safety and training, and were in Wuhan, the ground zero which is hundreds of kilometres away from where the bat populations likely to carry the virus that SARS-CoV-2 mutated from actually live. All of this, while being insufficient to say anything definitive, together points to accidental release as a completely legitimate origin theory.
The US government of course may have a lot more information, leading it to believe that a lab accident is not just plausible, but likely. Or they could be lying and/or engaging in dirty politics. That too is a legitimate theory.
> not to mention substantive evidence (e.g. pangolin intermediary), of it emerging precisely as claimed by the consensus hypothesis.
Consensus hypothesis is very much subject to change. For example, the wet market origin was a significant part of it, and just a few days ago China officially said it now no longer considers that to be the source of the patient zero transmission, but merely a site of a super-spreader event. The pangolin theory was dismissed as recently as a month ago, and now there's some new evidence in its favour. Nothing we're talking about, including accidental release from a lab in Wuhan, remotely crosses into conspiracy theory territory.
>Is it possible it leaked from the Wuhan Institute? Sure. Just as it was possible the U.S. manufactured AIDS as part of its extensive biowarfare program.
What do these word games add to an adult discussion? 'Possible' means nothing. The difference between these, much like the difference between a one in ten and one in a billion chance, is how possible.
>They're both still nutty theories, it's just that one has the benefit of hindsight and distance filtering all the contemporaneous coincidences, while the other still seems intuitively plausible without the assistance of analytical thinking to clear the brain fog.
Again, analytical thinking, if you do choose to apply it, would lead you to see the clear difference between a conspiracy theory and a legitimate theory without sufficient proof. Here we have the latter, since accidental release would be logical, plausible, contradict no firmly established facts at all and would require no leaps of faith at all (unless you consider the idea that the Chinese dictatorship tried to obfuscate and cover up the truth about such a theoretical accident).
Only because of your political biases.
> unless you consider the idea that the Chinese dictatorship tried to obfuscate and cover up the truth about such a theoretical accident
This is how I know your views are driven by your political biases.
Or is it calling the Chinese dictatorship a dictatorship that's supposed to show my supposed "political biases"? I didn't realize pointing out directly observable facts has become so politically charged and controversial.
Maybe we can get them all to settle their differences with a dance-off on TikTok?
If it's done publically, it's usually not a message to a foreign entity but rather a message targeted for domestic consumption. The NSA got a bad reputation with the release of the Snowden files and I guess what we're seeing today is the result of that. Hiring talented people got more difficult for them. So they are releasing ghidra and doing PR stunts like this one to convince potential employees that the NSA isn't that bad.
I'm not making a judgement of what the NSA did or does is bad or what Snowden did was good or bad. Not even whether this PR move was warranted to show they are doing positive things. All I'm saying it's a PR move.
This is closer to calling out nations for spying - everyone knows nations spy on one another, but they call them out to humiliate or other goals. It's not really new.
Edit: on a second thought, "more secure than sendmail" means nothing. It is probably impossible to be _less_ secure than sendmail.
No piece of software is 100% flawless.
The "Ex" in exim stood for experimental, and while it had some security goals, that was less up front. Unrelated, but interesting, the Exim author (Philip Hazel) also wrote the PCRE library.
[1] https://wiki.debian.org/Debate/DefaultMTA
(When I joined the university in 1997 it was fully deployed there; most people accessed their mail by telnet to a single large Sun server which ran PINE.)
I wouldn't think that many people are using fetchmail + local MTA anymore, but maybe I'm wrong.
I used to do it for my family, but maintaining an MTA, spam filtering, IMAP/POP, webmail, CalDAV & CardDAV is rough. And supporting folks hooking up their devices that increasingly needed to go 8 menus deep to punch in the settings for something that wasn't gmail/hotmail/outlook was just too much.
And then you can't run it out of your house, unless you pay money for static IPs, or you pay for hosting and make sure you keep yourself off blocklists. Just the cost of doing it made it not worth it unless you hit economy of scale number of users.
That said, sendmail did improve my M4 skills FWIW.
(I think it was running by default, too, but I don't trust my memory. I uninstalled it pretty quickly.)
Someone should do the following:
1) Get all of the source code for Exim, and other codebases, codebases for which vulnerabilities have been discovered -- but before the vulnerability has been removed from source code.
2) Run machine learning on the code, with the understanding that different parts of code may have been written by different authors.
3) Use those ML models to see if other codebases, codebases which are as-of-yet unknown if they contain vulnerablilties, to see if those might have the same coding patterns in certain areas as the affected software above, indicating potential tampering.
In other words, via ML, software which has been tampered with -- might be able to be detected preemptively...
Disclaimer: I am not a ML expert, and this might be a somewhat futuristic idea, due to various constraints...
So yeah, could be true but if you laugh at anyone claiming *Russians" with no evidence to back it that's probably the safest thing to do.
No evidence at all of Russian hacking Hilary's email if you were paying attention in the last week or so other than from evidence free DNC claims. Maybe they did, sure. And maybe Saddam had WMD - believing that lie, and i did, cost us rather a lot. It would be silly to fall for it again.