The arm based (non-pro) surface models have a permanently locked bootloader. The x86 based (pro) surface models have a regular secure boot setup (locked by default but can be unlocked by the user).

To clarify I fully understand why startSSL do this, they are a buisness and they need to make money and they are certainly the best value widely recognised CA I have found.

I just don't think using startSSLs limited free certs as a rebuttal to claims that SSL increases costs for website operators is reasonable. Either you pay to get the wildcard certs or you pay to get extra IPv4 addresses or some combination of the two.

What gets me about java is that they add fancy new stuff like lambdas while leaving out basics like properties, operator overloading and user defined value types.

The problem is not so much sending encrypted mail. The problem is sending signed mail or receiving encrypted mail. In those cases you need to provide your private key to the mail software.

If the mail software is running on a third party server then that means handing your private key over to them. If the mail software is javascript in a browser then the javascript could be written to keep the private key in the browser but there is a significant risk of the javascript being quietly substituted.

The usual way to do multi-recpiant encryptions is you encyrpt the message with a freshly generated symmetric session key. Then you encrypt the sesssion key multiple times with the recipiants public keys.

Indeed it does, in security there is always a balance between keeping prying eyes out and keeping records available to those with legitimate reason to access them.

It didn't but yahoo is a webmail provider and webmail kinda implies that the provider will either be storing the key or at the very least be able to access it by tweaking some javascript a litte.

The reason PGP is difficult for the plebs is that secure encryption requires you to take responsibility for your own key management and ensure to the best of your ability that the key does not leave devices you control (if you are really paranoid you don't even put it on an internet connected machine). If you leave key management up to a third party then your whole security becomes dependent on them.

What games did they test? I've certainly seen games where a SSD made a BIG difference to loading times (roller coaster tycoon 3 springs to mind)

If the game just wants to load a big block of predetermined data from a sequential set of locations in a data file then HDD is fine, the problem comes when due to either lack of optimisation or the open/flexible nature of the game it needs to load lots of small peices in a non-sequential manner than a SSD makes a big difference.

Hardly an official service, just a commerical CA that hands out freebies to some but not all sites that ask for them and puts technical restritions on those freebies which push people to either buy the commercial products or spend more on hosting (do I pay for n extra n IPv4 addresses or do I pay for a wildcard cert).

Sadly not implemented anywhere near widely enough to be useful.

They do BUT

1: their rules on who can get the free certs seem to be varied and arbitary. I've seen reports of an opensource developer being given a free cert initially but then come renewal time told that merely having a donation button makes their site count as "ecommerce" and therefore ineligable
2: they make the expiry artifically short (the CA industry as a whole does this but startSSLs free certs are epecially bad),
3: they refuse to renew certs until just before they expire and refuse to reissue certs without revoking the old one.
4: each free cert only covers a domain and one hostname under that domain (e.g. bar.com and foo.bar.com). This effectively means you end up needing one IP per hostname you want SSL on (until IE on XP becomes insignificant anyway).

It's nice that there is a free (as in beer) option for some people but it's also clearly got a number of artificial restrictions on it to push people towards their paid options.

We are talking about websites here not end user connections. Unlike with "broadband" ISPs there is plenty of competition in hosting providers.

An incentive to website operators to tell their hosting providers "either you give me IPv6 or I go elsewhere" sounds find to me.

I suspect the bad PR from "abusing" the bandwidth of those dumb enough to run skype on an open internet connection where it could act as a router node was also an issue.

Ears give us a lot of frequency information but very little spacial information.
Eyes give us a lot of spacial information but very little frequency information.

Our eyes are already the highest information rate of our senses, "true color vision" would increase that even more. Could our brain cope?

Coal to gas conversion is pretty easy (though the result won't be as efficient as a combined cycle plant desgined to run on GAS). You just have to add some gas jets and gas piping to the combustion chamber. The design of the boiler and it's operating pressure can stay much the same and any extra physical space requirements are minimal.

That doesn't mean coal to other things will be anywhere near as easy even if the fundamental "boiling water drives steam tubine" bit remains. You have to think of the physical location requirements of the new steam source, the steam pressures it can provide without overheating (AIUI nuclear power plants tend to run at lower temperature/pressure than coal fired ones).

In the case of fusion it is expected that to achive breakeven fusion plants will have to be BIG.

Unfortunately locking out features and charging for unlocking them seems to be the industry standard. I can't think of any scope vendors that DON'T do it.

I disagree, a scope is the go-to tool for poking around an electronic system that isn't working as you expect checking which signals are doing what you think they should be doing and which are not.

A logic analyser does have advantages over a scope (more channels, more decode capabilities) but it won't tell you that the IO voltage is wrong or that a line is sitting at intermediate levels because of conflicting drive.