The code you linked to isn't the code for a wrong password. It's a check to make sure you're using a TTY. That code isn't to prevent brute force. The delay there is 10 seconds.
It's really really not. By default PAM has a difficult-to-disable 2ish second minimum delay for all authentication methods. However this is completely pointless for local password authentication because PAM checks password using unix_chkpwd, which has no delay. The comment I linked to is explaining that unix_chkpwd has a silly security theatre delay if you try to run it in a tty, but that's trivial to avoid.
If you want to brute force local password authentication you can just run unix_chkpwd as fast as you like. You don't need to involve PAM at all, so its 2 seconds delay achieves nothing.
It maybe does more for remote connections but I'm not sure about that either - if you want to check 10k ssh passwords per second what stops you making 10k separate connections every second? I don't think the 2 second delay helps there at all.
> Change both the config files and you can remove the delay if you want.
This is extremely complicated. See the comments in the issue for details.
No, I'm right. You can't run unix_chkpwd against a local account without root because you won't be able to access /etc/shadow to get the hash. If you think you can, explain how. Otherwise you have to use the setuid version which won't let you run it directly.
And I just removed the delay using my method. Perhaps try checking something yourself?
I understand that you're being intentionally difficult, and probably think it's quite clever, but clear to the rest of us that the original point was that Norway is an extreme outlier with their immense (oil) wealth, hydroelectricity generation and tiny population density.
Mostly not marketing (still large), but the R&D costs and clinical trial costs. The latter are in hundreds of millions to billions range for the entire journey from a promising discovery to an FDA-approved medicine.
Every time Ive looked into it marketing is more than half of the costs of US pharma companies - and I would suspect even more as don't know if there has much work to unmask even more of that spending via channels that can occur in ways not obviously marked as marketing or at least are really not core to research and manufacturing.
e.g. is all the "discount coupon" pharmacy rigamarole considered marketing or administration.
This is not correct. Here's Pfizer's 2025 annual report [1]. Total expenses for the year were $55.1 billion. Advertising expenses were $2.7 billion of that, or just under 5%. R&D expenses were $12.1 billion, or just under 22%. They do have a lot of SG&A, but the large majority of that is not going to marketing.
Advertising is only a subset of marketing. From that doc, look at operating costs: SGA was ~$11B and R&D ~$12B - basically 50/50. Pfizer is very international, so is pretty difficult to break out US operating costs and what marketing vs R&D is for just the US. But one can also assume US marketing is higher than any other nation as direct-to-consumer advertising is primarily only allowed in the US.
No. Marketing is an issue but it's not the main driver.
Everybody else uses price controls to keep prices "reasonable"--the drug companies tolerate this so long as selling to the country exceeds their marginal cost of production. They count on the US market to recoup the $1B R&D costs.
Simply mandate that a drug company can't charge more in the US than they do in any other first world country. Major earthquake in drug costs.
The "discount card" bit is basically a reduction in revenue, it's neither marketing nor administration.
Right, but the idea that Americans specifically should pay higher prices is beyond propaganda. It's Stockholm Syndrome-level delusion. Big Pharm has thrived for generations on our research universities (for the time being anyway) and had a front row seat to expanding foreign markets under US-led globalization. In return, we get the world's most expensive healthcare system and the privilege of paying too much for meds because our leaders won't cut a deal. All they have to lose is the "hundreds of millions to billions range" in annual lobbying expenditures by Big Pharma.
In a sane world - or literally any other country - that $300-$500 million in annual lobbying would be the literal difference that makes medicine accessible for those who need it. Instead, it goes to expensive lunches.
Agreed. I mean, where did the COVID mRNA vaccine come from? Which company makes the GLP-1 inhibitors like Ozempic and Mounjaro? Are these American companies?
You should take your own advice and widen your media sources.
Yes, you only get a continuous glucose monitor for free if you really need it on the NHS. If you want one otherwise you need to spend $100. It's not going to bankrupt you.
That’s the price for one monitor You need to buy a new monitor every 10-15 days. And your point about my media sources doesn’t make sense. As stated, I researched the coverage of continuous glucose monitoring because my friend got prescribed one.
The point isn’t that the UK NHS should cover CGM. I think they shouldn’t; it’s a waste of money unless you really need one. My point was about why the media pays so much attention to denials of coverage while you don’t hear about the over-coverage. You can’t go by the anecdotes. Talking about insurance covering unnecessary procedures doesn’t generate clicks.
Right but if you read that page you quickly come to the quote "Parliament can make or unmake any law". Technically there is judicial review now, so there is some restrictions, but not like in a USA style constitution.
That provides an easy solution: complain to your MP. At length. And then ask if the planning officer happens to be a relative, as though it has just occurred to you.
And then you might consider talking to the local paper to see if it would make a story. Also the crapper tabloids might even pay for the story.
reply