Brief items

One of the only definitive takeaways, besides "steer clear of free VPNs," is that your choice of VPN should depend on what you're using it for. If you're just trying to stay safe online, it may make sense to steer toward a larger, U.S.-based company that's clear about both who owns it and how it treats your data. If your goal is to torrent pirated files, view blocked content, assassinate an ambassador, or otherwise evade the long arm of your government (or the governments it shares intelligence with), one based offshore might be a better bet—provided you're quite sure it doesn't have secret ties to the government you're trying to evade.

The Crypto Wars have been waging off-and-on for a quarter-century. On one side is law enforcement, which wants to be able to break encryption, to access devices and communications of terrorists and criminals. On the other are almost every cryptographer and computer security expert, repeatedly explaining that there's no way to provide this capability without also weakening the security of every user of those devices and communications systems.

It's an impassioned debate, acrimonious at times, but there are real technologies that can be brought to bear on the problem: key-escrow technologies, code obfuscation technologies, and backdoors with different properties. Pervasive surveillance capitalism -- ­as practiced by the Internet companies that are already spying on everyone­ -- matters. So does society's underlying security needs. There is a security benefit to giving access to law enforcement, even though it would inevitably and invariably also give that access to others. However, there is also a security benefit of having these systems protected from all attackers, including law enforcement. These benefits are mutually exclusive. Which is more important, and to what degree?

The problem is that almost no policymakers are discussing this policy issue from a technologically informed perspective, and very few technologists truly understand the policy contours of the debate. The result is both sides consistently talking past each other, and policy proposals -- ­that occasionally become law­ -- that are technological disasters.

Linux supports ELF binaries for ~25 years now. a.out coredumping has bitrotten quite significantly and would need some fixing to get it into shape again but considering how even the toolchains cannot create a.out executables in its default configuration, let's deprecate a.out support and remove it a couple of releases later, instead.

Can I still get extra credit for fixing a bug that is 14.5 years old, if I'm the one who introduced it?

I think you are looking for the same thing a lot of people are wanting: A detailed "How the henry do I do this locally without using your buildsystem?" howto. Followed by "how to I use this for my own build system." and then "How do I do integrate this with some other system?" I am saying this because I see a lot of the frustration and venting seems to be that this information isn't easily found if it exists. I think that until such stuff is written, then we can get to informed frustrations of 'why did you do it this way?'