Ten or fifteen years back, I had an ambition to buy such a vehicle and drive it around at Burning Man. I eventually settled for a deuce-and-a-half, which caused enough struggle and frustration that I'm glad I never actually bought a tank.
The conventional wisdom is that you need to buy several military vehicles in order to get and keep one up and running. Some things are going to come broken, some things will inevitably break, and the replacement parts aren't exactly at your local auto parts shop.
I'm not sure there is any law against owning an unarmed tank. But for "dangerous and unusual" weapons themselves, an important case is from 1939 - Miller vs USA. [1] And it's absurdly weird. Basically the defendant was a thug with a penchant for snitching on everybody.
In his final case, which he also snitched during, he argued that a law he had been charged under (a firearms regulation law) was unconstitutional. The judge who heard his case was very much in favor of the gun control law and had made numerous public statements as such, but he also likely knew that the law was on very shaky constitutional ground, and had been fishing for a test case to advance it. And he found that in Miller.
So he concurred with Miller about the law's unconstitutionality! That resulted in the case being appealed up to the Supreme Court. Conveniently for the state, neither Miller or his defense representation appeared. So it was argued with no defense whatsoever. And Miller was found shot to death shortly thereafter, which wasn't seen as particularly suspicious given his snitching habits. And that case set the ultimate standard that's still appealed to, to this very day.
This is made even more ironic by the fact that the weapon he was being charged for possession of as being 'dangerous and unusual' was just a short barrel shotgun, which was regularly used in the military.
> I’ve never really understood how the logic of the second amendment doesn’t extend to tanks and nukes.
Probably because if people could buy tanks to protect themselves, then the police would also need tanks to deconflict a situation where someone with a tank is upset and the damages are a bit higher when tank rounds start flying around. Imagine two neighbors getting into it in a a town, not to mention a city.
Even portable nukes are a stretch in the logic of "I need to protect my home" from intruders, not to mention the hundred kiloton yield ones.
The second amendment to the US Constitution doesn't concern itself with home defense justifications, but only with "we need to scare up a military force, right now". The "right way" to forbid tanks and tac nukes as arms that the people can own would have been to amend the Constitution with something that specifies the limits in some way, but instead we got creative interpretations of "shall not be infringed" to mean "can be infringed as long as a law or agency regulation is produced at either a federal or state level". Which is odd, as GP noted.
People can and do own tanks. Since they are giant (hard to park), slow moving, consume a lot of fuel, tend to need expensive maintenance, and can't be operated on many roads due to weight / vehicle restrictions, few people want to do this.
As far as nuclear bombs go... there are restrictions on owning fissile material in general that would preclude owning enough to have a working bomb.
I appreciate the attempt, but have never seen the point personally.
That is, many physical media collectors do it to have nice box sets to display, or in an attempt to have off-line copies of media, but I have never met anyone who goes to the effort of ensuring long-term readability - which is understandable, it is a huge hassle. Unless you are copying the content to new physical media every so often it will eventually rot and become unplayable.
For example, for optical media the expected lifetime is only a couple of decades depending on the type of media [1]. I believe commercially pressed DVD and blueray are somewhere around 10-20 years.
Outside of manufacturing defects you can expect HTL blu-rays to last for more than a hundred years when stored properly. Some estimates are as high as 300 years. Don't buy the cheap ones or store them outdoors and you'll be fine.
Some archival grade disc's are estimated to last 700 years or more and dont cost THAT much more.
DVD's and CDR'S used organic dies that broke down quickly. Blu-rays mostly use inorganic dies that last forever. Cheap LTH disc's being the exception.
MOST manufacturers like Verbatimm do not even produce the organic die LTH disc's anymore as people stopped buying them. There are still some floating around for sale, so avoid them.
Not necessarily as even the factory produced optical discs have had issues with de-lamination, oxidation etc. Of course a lot of that had to do with companies cheaping out on manufacturing in order to make that last tenth of a cent of profit as they tend to do.
>I think that is a little entitled. They should be happy google isn't just straight up emailing full-disclisure.
Google has literally billions of dollars in profits (in part because they use FFmpeg in a bunch of commercial products like Youtube and Chrome), and one of the largest software workforces in the world, including expertise on secure software and vulnerability remediation.
If anyone can afford to contribute back a fix instead of just raising a report, and has the ethical responsibility to do so, it's Google.
FWIW I tried replicating it and didn't get the same result. I end up with a failed conversion, exit code 69[0]. Same thing when I run with my installed version of ffmpeg.
But I think Google would still be concerned. Even if they're running ffmpeg in a sandbox you can escape sandboxes. The sandbox is a security layer, not what makes the thing safe. You should be using it as a layer of defense for unknown vulns, and try to resolve vulns. I mean Google is much more likely to have an attacker trying to chain a vuln with a sandbox escape than the average user.
Btw:
ffmpeg -codecs | cat | grep SANM 2&>/dev/null
ffmpeg version n8.0 Copyright (c) 2000-2025 the FFmpeg developers
... ffmpeg flags ...
D.V.L. sanm LucasArts SANM/SMUSH video
So my version does have that codec, as others are reporting.
Security vulnerability finding is a contribution. On the open market the type of service google is providing here would cost hundreds of thousands of dollars if not millions.
>That way when your CA private key leaks (the key which we never ever rotate, of course)
As with X.509, any serious usage will involve a hardware security module, so that compromise of the CA host does not allow the key to be leaked. You'd still have a very bad day, but it can be mitigated.
I do think it's a fairly significant flaw that SSH CA doesn't support intermediate CA's (or at least didn't last time I looked into it) to enable an offline root CA.
>Bonus points if the same CA is also used for authenticating users.
The SSH CA mechanism can be used for both Host and User auth, yes.
Keeping in mind, in a real use case this would be tied to something like active directory / LDAP, so you can automate issuance of ssh keys to users and hosts.
Systems configured to trust the SSH CA can trust that the user logging in is who they say they are because the principal has already been authenticated and vouched for by the identity provider, no more manually managing known_hosts and authorized_keys, or having to deal with Trust On First Use or host key changed errors.
You can also set the CA's endorsement of the issued keys to fairly short lifetimes, so you can simplify your keymat lifecycle management a great deal - no worrying about old keys lying around forever if the CA only issues them as valid for an hour / day / etc. .
Overall I think you still come out ahead on security.
