There were reason to believe they were less subject to US juridiction: their Subscriber Agreement is for "Sectigo Limited, a limited company formed
under the laws of England and Wales".
See https://www.sectigo.com/uploads/backgrounds/Certificate-Subs...
Sadly, their United Terms and Conditions in section 8.2 are even more restrictive than LE's.
They reject any entity
"located in, incorporated under the laws of, or owned (meaning 50% or greater ownership interest) or otherwise, directly or indirectly, controlled by, or acting on behalf of, a person located in, residing in, or organized under the laws of any country sanctioned under the laws of the U.S. or E.U."
See https://www.sectigo.com/uploads/backgrounds/United-Terms-and...
From a layman point of view, it could even mean that the ICC and the UN are prohibited from using Sectigo.
The Customer must have no "affiliates, officers, directors, or employees" that are on sanction lists, and the US have sanctioned some high-profile members of the UN and the ICC that spoke about the genocide in Gaza.
Couldn't LE have a branch in Europe or anywhere outside the USA and its minions?
Because they're betraying their own goals, as stated in their About page: “It is a service run for the public’s benefit. [...] Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost. [...] Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.” Now they own they are under the control of a political organization.
Here is the paragraph Let's Encrypt added to their Subscription Agreement on 2026-06-04:
> You are not a person or entity that is:
> (a) located in, organized under the laws of, or ordinarily resident in any country or territory that is the target
of comprehensive U.S. sanctions;
> (b) a prohibited or restricted party under U.S. or other applicable sanctions and export control laws and regulations;
> or (c) owned or controlled by or acting on behalf of anyone described in (a) or (b).
> You agree to use Let’s Encrypt Certificates and any services provided by or on behalf of ISRG in compliance with applicable U.S. export control and sanctions laws and regulations.
RISC-V Foundation did.. though they go out of their way to talk about it in terms that try not to piss anyone off..
> "Across 2018-2019, the RISC-V community has reflected on the geo-political landscape and we have heard concerns from around the world that investment in RISC-V must come with IP access continuity to ensure a long-term strategic investment. We first mentioned our intentions to move at the December 2018 summit. Incorporation in Switzerland has the effect of calming concerns of political disruption to the open collaboration model. RISC-V International does not maintain any commercial interest in products or services as a non-profit, membership organization. There have not been any export restrictions on RISC-V in the US and we have complied with all US laws. The move does not circumvent any existing restrictions, but rather alleviates uncertainty going forward.
> In March 2020, the RISC-V International Association was incorporated in Switzerland. Along with this, we shifted to a new, more inclusive membership structure. Members of RISC-V International have access to and participate in the development of the RISC-V ISA specification and extensions as well as related hardware and software. RISC-V has a Board of Directors composed of member representatives as well as a Technical Committee of work group leaders."
> RISC-V International has not incorporated in Switzerland based on any one country, company, government, or event. This move is reflective of community concern and managing strategic risk for our community investing in RISC-V for the next 50+ years.
> The IP contributed and produced by RISC-V International is held under industry and global standard licenses that are already open to leverage by any company regardless of jurisdiction. This licensing is a common open source approach to foster collaboration that is not tied to any geographic regulation. IP in the public domain has not been subject to export control.
The RISC-V foundation and related companies also got a bunch of money from Europe. I am not so sure this was about leaving a repressive regime as much as chasing the European "homegrown computing" money.
This is part of why the EU is looking to move away from US-based infrastructure. The CLOUD Act basically lets Washington have an off-switch on your computing infrastructure as well as giving Washington unlimited access to any data on your computers (or that passes through them).
This is not about countries sanctioning each other. This is the US sanctioning a local company because a foreign company doesn’t follow certain US laws in foreign soil, where such laws don’t apply.
It’s a bit like the US arresting your mom at home in Texas because you ate a baggie of magic truffles in Amsterdam.
You're being very vague. Please explain what you mean? I don't see anything here about the US "sanctioning a local company," and I'm not aware of that being possible under US law.
The way you are using these words seems to indicate you might be confused about how this works.
The US has not "sanctioned" LetsEncrypt or ISRG. The US sanctions foreign entities as punishment for various reasons precisely because they are not subject to US law. That's the entire point of leveraging a sanction -- to pressure those outside of your legal jurisdiction. If they were in your jurisdiction, you'd simply arrest them.
People and organizations basically anywhere not permitted to do business with anyone your country has sanctioned. Anyone who does business internationally should be aware of their country's sanctioned list. That applies no matter where you live on the planet.
This is literally about a company that has a branch in the USA and another branch in another country, where it's bound by that country's laws. If the foreign entity which just so happens to be commercially linked to the one in the USA has any dealings with countries sanctioned by the US, the US branch is punished.
There was a case a few years ago where a public University in Brazil bought lab computers from Dell Brasil. Dell Brasil is a subsidiary of Dell, but it's 100% incorporated in Brazil, the computers were manufactured in Brazil, everything following Brazilian law. The computers were delivered with terms of service that prohibited them from being used for any dealings with US-sanctioned countries such as Iran and Cuba. The University was caught by surprise and questioned it, since they had many academic links with Cuban Universities, and Dell Brasil explained that.
I don't know how the whole ordeal ended. The Brazilian Federal Government got involved, I believe the Ministry of Exterior and the Ministry of Commerce and Industry both got involved and were at one point going to sue Dell Brasil. I suspect it ended with the University returning the computers and purchasing from another supplier.
The suggestion that Let's Encrypt could work around US sanctions by opening a branch in the EU falls under similar conditions, and the US branch would be liable if the EU subsidiary had dealings with US-sanctioned countries.
Incorporating a subsidiary in a foreign country doesn't make the parent company immune to the legal obligations it has in it's home country. It would be absurd if that were the case. Sometimes people try setting up subsidiaries overseas to hide their evasion of the law, but it is illegal to do so.
> Incorporating a subsidiary in a foreign country doesn't make the parent company immune to the legal obligations it has in it's home country.
We're not talking about legal obligations in its home country though. I can buy Jack Daniels at age 19 in my country from their local subsidiary, and no-one thinks that this should be a crime for their US parent company because the US drinking age is higher. (Of course it would be a crime for either the parent or the subsidiary to sell to 19 year olds in the US)
(No-one is blaming Dell or Let's Encrypt here, to be clear, it's the US' excessive extraterritorial laws that are the problem)
If you are in the US you must ensure that your local company, and any sub-entity you control abroad complies with sanctions law. That is US law, and the US can apply that law to Dell the parent company, because it is in the US and controls the subsidary.
> I can buy Jack Daniels at age 19 in my country from their local subsidiary, and no-one thinks that this should be a crime for their US parent company because the US drinking age is higher.
Because there is no US law that says you cannot sell alcohol to people abroad under 19. Heck, there's no US federal law that says Jack Daniels can't sell to people in the US under 19, either. And in fact, there are some places in the US where you can legally drink at 18, e.g. Puerto Rico. But if the US congress wanted to pass one of these laws and enforce it, it could.
US sanctions law saying that you must not transfer X from the US to Iran, directly or indirectly, is reasonable. US sanctions law saying that you must not transfer X from Brazil to Iran is gross overreach. Yes, of course the US can apply its absurdly extraterritorial laws to any parent company in the US, just as Iran could penalise any Iranian company whose US subsidiary distributed a depiction of the prophet or whatever, but that doesn't make it good law or good practice.
But the US isn't really unique in applying their laws extraterritorially. See GDPR, Universal jurisdiction laws, China's National Security Law, etc... Every jurisdiction with sizable power does it. Some of these are even more extraterritorial in scope than US sanctions are.
Only applies to EU citizens' personal data, so while technically extraterritorial it doesn't feel like overreach in the same way.
> Universal jurisdiction laws
Rightly controversial when applied beyond things that are internationally agreed to be crimes against humanity, like torture or genocide.
> China's National Security Law
A perfect example of the kind of thing that the US used to define itself in opposition to.
Nations are sovereign and those with the might to push their requirements on others can do so. But I liked it better when we had a sense of the value of an open international order, where things like internet protocols were shared standards that everyone would collaborate on other than a handful of pariah states.
The difference between any of these is just a matter of opinion on what sovereignty means, what or who or where it applies to, what is a “human rights violation”, and who has the bigger britches to back it up. /shrug
Meh. You can fall back on might makes right and a Hobbesian war of all against all, or you can recognise that the Westphalian system has brought immense value to humanity and is worth trying to preserve and build on. There will always be disputes about how to extend our principles into new domains, but that doesn't mean those disputes are insoluble or that a few disagreements mean we should tear down the whole project.
The GDPR applies to the personal data of anyone physically in the EU, to the extent that the data are processed[0] while they are in the EU.
It also applies to the personal data of anybody anywhere in the world if the data controllers are based in the EU.
The reason why it's different to US sanctions/export controls is that the GDPR doesn't say you can't work with certain people in certain circumstances because of who they are in order to punish those people for whatever reason. It's fundamentally to protect the data subjects.
You may call it a subsidiary all you want, but it's still a company that's wholly incorporated in foreign soil, doing business in foreign soil.
At least in Brazil, companies that operate there must obey local laws. What happens when those laws are in contradiction with US laws, like in the example I cited? Is Brazil supposed to cave? Is Brazil supposed to keep fining Dell Brasil until it folds? Maybe prosecute Dell Brasil's directors for actively and repeatedly disregarding the law and fines?
How does that work on a global scale?
I'll say again, this is not about a US company opening a foreign subsidiary to do things in the US that are forbidden in the US. This is about a company incorporated abroad having to follow US laws while operating wholly abroad. This is a breach of sovereignty however you look at it.
It is plainly routine for a company to have to deal with multiple legal jurisdictions at a time.
Yes, sometimes this causes compliance complication. This isn't unusual, it happens frequently.
Ultimately, every government exercises the laws of their country as they see fit, using the enforcement tools they have available to them. These rules often extend outside of their borders and apply to foreign or partially-foreign entities depending on the situation. The only limits on this are the practical means of enforcing it.
Dell Brazil would have been subject to Cuba sanctions because it was controlled by the US parent company. The US has obvious jurisdiction over Dell Technologies the parent company, and the nexus to enforce it.
Nothing you are are describing is even remotely unique to the US. No country is going to let you set up a foreign subsidiary to launder goods around sanctions law. If they did, everyone would do that and nobody would ever follow sanctions.
I don't know, and to be fair they might have done just that - and it wouldn't surprise me if that happened with the blessings of the Federal Government.
As I mentioned, I didn't follow up on the story and in fact when I searched for it a few years ago, I couldn't even find the original articles any more.
Ah, so it would be like the EU fining a US based company for not following certain GDPR laws even if they don't have a presence in the EU? Definitely would never happen!
If they set up a subsidiary in Europe, they could be held liable for actions of European subsidiary.
If an independent org is stood up in Europe, with European directors, staff and funding, legally independent of US org, and the US org just provides advice/assistance to Europe org without ability to control it-legal liability for US org for Europe org’s decisions is less likely. Of course, ask a lawyer-but if you openly say “we are doing this to work around US sanctions” you could still be liable; if you say “this has nothing to do with sanctions this is about resilience of global digital infrastructure and European digital sovereignty” then under what legal theory is the US org liable?
It shouldn't be located in Europe (because, as you said, US minions are no better than the US itself). Instead it should move to a neutral country, somewhere like Singapore or Uruguay.
You're assuming that satellites are exterritorial. They aren't, they're ab initio the launching state's property and responsibility, barring other agreements to transfer them - and getting one out into a "legal void" isn't going to be trivial.
Over the centuries I am sure there will be random satellites that are defunct that will be hacked or otherwise "taken over" by someone with the right skills. These things are tiny compared to the distances involved and in the future you might end up using them as data reservoirs since in many cases it will be cost prohibitive for any authority to go collect or otherwise stake authority over an old piece of hardware considered junked.
In a hundred years, sure. Current satellites have neither storage nor compute capabilities of note.
That said, they don't have to grab the satellite. They have to grab you. Computer vandalism/sabotage/... laws in a lot of legal systems already apply to the controlling people in their home location regardless of the physical location/origin of the computer activity. Your controlling the computer/satellite/botnet/... is the illegal act, not the network packets leaving those systems.
They'll have to identify you first though, which might give some legal shielding.
A ship in international waters with satellite internet connection would be much cheaper, except it runs into the same problems as described by the sibling comment: https://news.ycombinator.com/item?id=48469397
Let's encrypt is not some code or even a company that you can split into different branches. Their existence is one based on trust relations that let's encrypt has with browsers and operative systems. It is in one part similar to both domain names and IP address space, in that the technical aspects of creating alternative roots is almost trivial in comparison to getting the trust that is required for an alternative root to be accepted by the rest of the world.
Let say someone created an Russian Let's Encrypt. It has all the technical aspects as regular LE in that you can request a certificate and get one through an acme challenge. That is all great and all, but no browser will recognize it as valid. No operative system will recognize it as valid. The Russian state might add the new LE as valid for government computers, but the real work would be to get any other participants in the world to do the same. The issue is not a technical one but rather a social one that is built on trust.
When Russia invaded Ukraine there was a major discussion if IANA/ICANN should have disconnected Russia from domain names and IP addresses. That discussion ended on a decision to not do that because the symbolic benefit was deemed minor compared to the harm to the system in large, especially once the war end. If you got two roots, then a domain name or IP address can now suddenly have two locations, and it would be a massive pain to try fix it even if people wanted to fix it. Certificate Authorities do not share this trait since there can be an almost unlimited number of roots and none of them can conflict with each other (assuming no hash collision). If Russia spins up a new CA then people can use that one today if they want to, and they can continue to do so after the war has ended.
It is a lunacy, complete delusion to think that privately owned (by oligarchy) root CA that trusted by every web browser and OS on the planet is somehow superiorly safer from the point of state actor attack than those explicitly state owned root CA. You must be livin in fairyland.
The problem with this article is that the benchmark method they use is flawed. The documentation of zshbench explains why: https://github.com/romkatv/zsh-bench
Even with a low grade laptop, my zsh config grants me a sub 5ms prompt and a sub 1ms input lag, and that's far more important than the exit time.
./zsh-bench
==> benchmarking login shell of user XYZ ...
creates_tty=0
has_compsys=1
has_syntax_highlighting=0
has_autosuggestions=0
has_git_prompt=1
first_prompt_lag_ms=54.942
first_command_lag_ms=57.069
command_lag_ms=4.275
input_lag_ms=0.669
exit_time_ms=26.522
hyperfine --warmup 3 'zsh -i -c exit'
Benchmark 1: zsh -i -c exit
Time (mean ± σ): 26.5 ms ± 0.5 ms
Range (min … max): 25.5 ms … 27.6 ms
Not too bad? A hidden procedure with ten clicks, which the user has to repeat for each web browser. And it may break at any time if the browser changes some details. Or if KDE changes. And it's specific to KDE, with no alternatives in most Wayland WMs.
All that for _one_ feature which works out-of-the-box with Xorg, and which Wayland removed for security reasons. From what I've seen, sharing the screen is another common feature which was broken with Wayland and is still painful.
I don't think Wayland's security model is very relevant to me since I have faith in Debian for filtering out rogue applications. So I have to reason to drop my smooth UX for a world of "not too bad" workarounds.
Look, I'm not a Wayland booster, I still prefer X11 most of the time, but this is really the way it should work. Applications should not be allowed to dictate how windows appear. That is the job of the window manager. Chrome's PIP is a stupid workaround for Windows and Mac because they do not have robust window management.
This is the issue with imposing semantics of the programming model on the behaviour.
User behaviour is the only _real_ thing, it happens. Everything else is in your head. If people in the real world use PiP, then it should happen. The programming model has to bend and change to support it. It simply does not matter if the window manager does something or the window does something.
Sure, there is always the security argument wayland folks fall back to. But what ever is the problem with making a one-time permission popup? "Google Chrome wants to open in PiP: allow | allow once.". Just expose the existing PiP code in the window manager as an API guarded with an `if` that apps can call. It's not even that much real work, just pure bikeshedding and architecture astronauting.
Permission prompts still only allow things that have already been thought of so we will see less innovation in the future. I don't think this kind of security model is needed at all for an open source desktop where we can enforce directly that programs respect the user instead.
Right right, and I'm not saying users shouldn't be able to have a floating window with video (or whatever) in it. I'm saying it shouldn't be Chrome making that window floating and always visible.
That expectation is really an immediate major UX defect. Most really good GUIs rely on tons and tons of subtle behaviors to work right (that is, to assist the user). That means - counterintuitively - that they need a lot of leeway in how they get to control their own windows to appear on the screen.
Ultimately, the screen is just an unbroken flat surface and windows are just a software level abstraction that has been tortured beyond hope and one that users shouldn't have to micromanage or understand deeply.
If an application needs something to appear at a specific spot in a specific way, the display manager needs to bend over backwards to make it happen or it's broken. Windows understands it. MacOS understands it. X11 understand it, but the community is working hard to throw that wisdom away.
I don't get it, if you're on google meet, and you want to make one of many videos PiP. How can you ever do that in the window manager? It has to be done in the application! You right click or click on the menu on that particular video, and click Picture in picture.
The application could tell the window manager it wanted an always on top window. The window manager could ask the user if it should allow or reject and remember for this application or not.
That's exactly what I said... and also not how wayland works.
I cannot comprehend the way wayland folks think... quote from the xdg-pip discussion:
> To not make PiP windows effectively "always on top" and "on every workspace" dialogs - a terrible and sadly by applications used concept on X11 - PiP windows must be input-only, i.e. not receive keyboard, pointer and touch input
Like what the heck even? That is how pip windows are expected to work? And of course you want inputs on them? e.g to mute/unmute on a video call? Like these are use cases used daily by people. And its "terrible".
How many buttons do you want on a window frame then? The typical 4 buttons already take a lot of space in the title bar. Not everything that seems like a good idea at first glance is actually good design.
I don't know man, everybody is fine with putting tabs, and searchbars, and a bunch of other shit in the titlebar, but god forbid we put one button that's actually incredibly useful.
alt + left mouse button anywhere in the window (maybe win button or something is default now).
using the titlebar for moving a window is extremely backwards and productivity killer.
that being said, I agree with you, and I think its an outright abomination to put the tabs in the titlebar, and its disgusting how crome and firefox by default removes the real titlebar
Alt+LMB drag is impossible to do properly, at least on Windows, because too many applications use that for their own inputs. There are some X11 applications that also use that (Blender?), so while it's cool when it works, it comes with pretty severe problems.
I've fucking had it with you people and your "design"
As many buttons as he thinks he needs, and as a compromise they can be disabled by default and enabled through settings. Instead your ilk will probably remove even those remaining buttons and replace them with some obscure movement command
No, I wouldn't. I'm not your enemy. Please don't antagonize people like that. It's rude and I considered not replying because of your tone.
I have a pretty strong oppinion that GUI basics must be simple but more advanced stuff (e.g. tools that trainee professionals spend most of their workday in) must not hide its raw power because the user can be expected to learn.
User interface essentials have to be understandable without mental gymnastics by default without appearing overwhelming. The overwhelming majority of computer users don't change defaults on most software and a shockingly big number of computer users deal with them only because they must, not because they derive joy from it. They don't engage deeply with these devices at all. So those defaults must be picked carefully to keep the UI approachable. This isn't the same as ripping out features or antagonizing power users that do bother to learn.
That's what I have in my setup, six titlebar buttons: send to other screen, sticky among workspaces and always on top in addition to the base 3. Can't imagine ever using something that gives me less control again.
The job of the window manager is to manage windows if the user wants it to do that. However there's many situations in which users want the application to be in charge of window positioning.
Making a decision on the user's behalf doesn't sound very free to me.
>> Chrome's PIP is a stupid workaround for Windows and Mac because they do not have robust window management.
What are you talking about? It's very convenient when I watch video while I do some work or entertaining thing on other web page or app. It's fine if you don't want to use it but many people do.
I actually prefer macOS's PiP handling compared to other operating systems. In that it's a blessed concept that only goes to one corner of the screen and can be shunted out of the way easily.
I use pinned (always above + on all workspace/desktop) quite often.
And to make it ergonomic I scripted kwin and set some shortcuts.
So yes, you can have any window PiP the way you like. But it requires you to do a long sequence of actions. Versus a single click for very specific PiP behavior.
Consider a window in a web browser tab. You could click the PiP button, which will pop out a tiny window, most likely already in a corner of the screen. This window is a mini video player. Your original browser tab stays untoucher, still at the same place in your web browser tab list, the rest of the tab still readable and scrollable etc etc.
Or, you could clone the tab. Move it to its own window. Locate the video. Put it in full screen. Un-fullscreen the window. Click on the pin button. Resize the window to the corner.
> I have faith in Debian for filtering out rogue applications
Sorry but all I can say to that is: lol
As for security, it's easy/possible to cut holes into a solid wall. But if your whole system is swiss cheese, you can't plug all of them in. Wayland is a solid wall where protocols are the means to cut new holes. Sure, protocol development is slow (at least their acceptance), but this is the proper way to do it.
And even if you have faith in your applications, do you also have faith in your data? Because it's a mostly C/c++ application set, one vulnerability is enough to make them malicious. And with the beautifully engineered default "GNU/Linux" userspace security model, the only thing a random script can't do on your machine is install a new video card driver. But everything else is under the same user and readily accessible with full network access.
Debian applications are not sandboxed so gimping the window system gains you exactly nothing. And yes, we can expect Debian to filter rogue applications.
There's one problem with arrays that I haven't seen mentioned here or by the OP: when inserting a key-value, the type of the key may change.
For instance ["4" => "four"] === [4 => "Four"]
This can lead to some unexpected behaviors. For example, I've already been bitten by `array_merge()` whose result is different if its parameters are arrays with numeric indexes.
The key type changing is generally not a problem per se, but it's definitely odd with the default re-indexing behaviour depending on whether something is integer keys only or not.
That's exactly what I've been complaining in my post above. If there were no automatic reindexing, then this wouldn't be a problem either.
It's surprisingly rare that it becomes a problem, but I've definitely been bit by it before when getting array keys, expecting them to be strings and doing === comparisons.
It may work in your IDE (autocompletion, etc.) but there is no standard on this side. Some IDE have their own parsers, others use one of the LSPs for PHP.
Yeah, at the moment we use arrays as anonymous objects and phpdoc+phpstan to verify the types, but I want it in the language. PHP already supports intersection and union types, it really feels like just skipping the naming part and going all in on structural typing is not that far fetched by now.
As far as I know, the ISO standard for zip only specifies two compression methods: "store" (no compression) and "deflate". If I follow that, when I create a zip file, I know it's not performant, but at least it's almost universal (except for file ownership, permissions, character encoding and anything modern).
The corporate PKWARE has added other compressions to their original zip software, but those are not in the standard. They will not work for an EPUB, a LibreOffice file, etc. If I want a good compression, I reach for zstd (often through `tar`) or 7z if I want more portability.
I had no heard of ECT, but I'm not impressed.
I've just benchmarked it against two others PNG optimizers, and here are the file sizes for default and max levels:
BTW, I could not compile ECT on my Linux system, because its CMake config was too old. I used the Windows release through Wine, but it shouldn't change the results above.
I tried to apply ECT to a few .gz files, but it complained it was not compatible, and I did not dig further.
Good to know that oxipng has surpassed ECT; there is a reason why i put "(still?)" in my original comment. How quick is it? (The main selling point of ECT was that it was way faster than OptiPNG etc. while results being smaller.)
Not the GP, but I also have mixed feelings about Standard Ebooks. They modernise texts for American readers. This means changing the punctuation, merging some words, altering the syntax, etc.
When I read an old novel, written two centuries ago in England, the little differences to modern English are part of the charm, and I certainly don't want any Americanism mixed in. For one of my favorite novels, The Forsyte saga, the author deliberately used some rare forms of words, which SE replaced with the mainstream forms.
SE editor in chief here. What you describe is incorrect. The only thing we do is very light sound-alike spelling modernization, like "to-night" -> "tonight". We do not do things like change from en-GB to en-US, replace old words with different modern words, or change text for "American readers", whatever that means. I have no idea where you got that impression.
I personally worked on the Forsyte saga. If you think something was done in error, please let us know and we'll be happy to fix it.
You may already be aware, but SE marks all commits making those kinds of changes as '[Editorial]', so it is generally trivial to use their tooling to build your own high-quality ebook without any of the editorial changes.
When I tried this in the past, it was non-trivial because the editorial changes are mixed with the technical changes. Reverting the editorial changes broke the technical changes.
Not parent, but while I can appreciate your viewpoint, I would like to point out that many many many books have abridged, reworded, simplified, or disambiguated versions for different audiences.
The Bible is I daresay the most famous of these. Translations aside, even the English versions have had significant alterations done to wording, spelling, and meaning depending on the version.
There's also the Great Illustrated Classics imprint for certain classic novels like H.G. Wells's The Invisible Man. (I read that one like 10 times as a kid and it's what got me into sci-fi as a whole I'd argue. Haha.)
Whether these alternate versions are good or bad is obviously up for debate and depends on the person, but I'm just saying that what SE does is hardly new in the publishing world.
Sadly, their United Terms and Conditions in section 8.2 are even more restrictive than LE's. They reject any entity "located in, incorporated under the laws of, or owned (meaning 50% or greater ownership interest) or otherwise, directly or indirectly, controlled by, or acting on behalf of, a person located in, residing in, or organized under the laws of any country sanctioned under the laws of the U.S. or E.U." See https://www.sectigo.com/uploads/backgrounds/United-Terms-and...
From a layman point of view, it could even mean that the ICC and the UN are prohibited from using Sectigo. The Customer must have no "affiliates, officers, directors, or employees" that are on sanction lists, and the US have sanctioned some high-profile members of the UN and the ICC that spoke about the genocide in Gaza.
reply