WingetUI is even better, as it can pull from multiple repositories, including Chocolatey.

Aside from the problems of achieving net positive output, there are practical problems that are far from being solved. The laser ignition demonstrated here has no practical path to producing power. Neither does magnetic confinement used in the Z-machine. The tokamak designs that are the primary focus use tritium, which is far more rare than most people realize. There are ideas for doing tritium generation on-site using lithium-6 blankets that capture neutrons and generate tritium (L6 + n -> He4 + T), but this has yet to be proven to work in practice. The Wendelstein 7-X stellarator is supposed to work using only hydrogen and deuterium, but it is also highly experimental, and it's not clear that it will ever achieve net positive output. No one expects anything within the next ten years. ITER is years behind because it's proven much harder than expected: first plasma and full fusion were originally scheduled for 2020 and 2023, respectively, and now those dates are 2025 and 2035. The companies that were all the big news over the last couple of years have only rarely made public admissions that they do not expect net positive output before 2035 or 2040. Once some design has achieved a net positive, it has to be shown to be economically viable, and then the plants themselves have to be constructed. That's another 5-10 years.

Realistically, battery technology will advance so rapidly that fusion research will likely drop back to a niche. Sodium-ion batteries are a major focus right now, with claims of being able to produce 160 Wh/kg batteries for $80/kWh now and $40 within a year or two, with the benefit of no conflict minerals, and in fact, using materials that are available at low cost throughout most of the world. There are iron-oxide flow batteries already in testing (Sacramento, CA, expects to connect theirs to the grid next year after they finish isolated testing) with absurdly low battery costs, though they require much more space. And there are other chemistries being looked at, too.

Battery technologies are where wind and solar were around 2015. There is much promise, and it could take off much, much faster than any of us expect. They could, like some building UPS systems, be the actual issuer of power in many places in a decade, with power plants feeding the batteries and the batteries feeding the grid, keeping a stable supply even as plants come on- and offline. And we may look back at the race for fusion and wonder why it seemed so important.

They weren't virgins as much as we're led to believe. Pre-marital sex has always been a thing.

I have young kids. The only "new" Mickey stuff I see is cheap Disney Channel filler. They're spending their money on live action remakes and new Pixar films, not retreading Mickey and his friends.

The House already left for their Christmas break, so no more legislation will pass in 2023. They won't be back again until after New Year's Day. Retroactive copyrights won't fare well with the courts. Disney has already made their peace with letting the original Mickey go.

This depends greatly on the country. The following numbers are from 2020.

- US per capita meat consumption is 149 kg per year, of which 58 kg is poultry (mostly chicken), 37 kg is beef, 40 kg is pork, and 22 kg is fish and seafood.
- Portugal has similar total consumption, but consumes 40 kg, 19 kg, 38 kg, and 59 kg, respectively.
- Spain is 33/12/52/40.
- Argentina is 46/47/14/7.
- Brazil is 48/35/14/8.
- China is 15/7/36/40.
- Japan is 22/10/22/47.
- Germany is 18/15/44/13
- World average is 16/9/14/20.

The world average has people consuming almost twice as much poultry (mostly chicken) than beef, likely because chicken is such an efficient livestock. Pork comes in close behind, but fish and seafood take the overall prize, though not by a huge margin.

This depends a lot on location. Red Delicious apples (the bottom of the barrel as far as widespread commercial versions go) runs almost $2/lb in Dallas, TX. Bananas aren't bad at around a quarter each, but oranges and most vegetables are $3+ per pound. The local Tom Thumb (Albertson's alternate brand) sells chicken breasts on a buy one, get two free basis, but even with that and careful selection, it's about $4/lb. I can get a whole chicken cheaper per pound, but I also have to know how to carve and cook it.

Meanwhile, ramen is still 30 cents a package, and Kraft Mac & Cheese (Kraft Dinner to Canadians) is about a buck a box and is worth a couple of meals.

Food deserts don't exist because people don't want to buy fresh food. They exist because it's cheaper to buy processed food.

I greatly respect the work that Joanna Rutkowska put into Qubes, and what her team did when she stepped away from it. But it's not usable as an enterprise platform. It doesn't fit into any remote administration tools that are out there (at least as far as I am aware), and that's a key part of getting enterprises to accept it. Another important thing is, who provides support if something breaks? There was a plan in 2016 to provide commercial support, but I don't believe that ever took off. There are a few small firms offering support, but I don't see anything bigger than boutique firms, and a lot of training and hand-holding would be required for a conversion of any significant size.

I tried it for a while, but eventually set it aside because I couldn't fit it into my workflow. It was too easy to break things, and the time that it took to fix them interfered with me getting actual work done. I could argue security benefits all day, but ultimately, if I can't do my job, they'll find someone who can.

I've heard plenty of people talk about running servers in their own VMs or containers. I do it myself. But that doesn't automatically increase security, and if one doesn't know what they're doing, it can make security worse.

But those aren't the issue, and you bringing them up is a non sequitur at best and a red herring at worst. Email clients are the issue. And while I have heard of a few people talk about running their clients in a VM, that doesn't address my original question: Who is recommending this as a best practice? Certainly not the Center for Internet Security, or SANS, or NIST, or anyone else that I can find who isn't a purist that values security over getting work done.

Microsoft has introduced some sandbox isolation features into Windows, though it requires enabling Hyper-V, which brings its own mixed bag of issues. Edge, for example, can be sandboxed, and Outlook 365 has had the capability since 2020 (I have no idea whether the permanent license versions can do it). It's possible to sandbox other applications with some work. But sandboxing isn't containerizing, and it certainly isn't isolating them in a VM. Microsoft gently encourages sandboxing, but I'm not sure they've reached the level of best practice, and they certainly aren't calling isolating email in a VM a best practice.

Who is recommending this? I've been in security for nearly 20 years, and except for ultra-secure environments that 99.9% of users will never see, I've never seen such a suggestion. Further, almost no one is going to implement a VM just for their email client, and forget about an enterprise doing it to any real scale. There's just too much integration between programs for that to happen. They are especially not going to go the route of one VM for each account, and certainly not going to run Qubes.

PGP insists that someone signs the identity, not you specifically. I can create and upload a PGP key with your address to a key server and, unless you're monitoring for that, you would never know. If I can intercept your email traffic selectively, then since it's signed, it must be you, right? How many people contact their intended recipient to validate the fingerprint? How many of them know to do that, and of them, how many of them know how to reasonably securely contact you to validate that it's the right one?

In a usability study involving Signal[1], 21 out of 28 computer science students failed to establish and maintain a secure end to end encrypted connection.

If you look later in the study, you'll find that 13 of the 28 asked Bob to come into the room to compare the keys, but 6 failed to do the actual comparison, so it wasn't just that 75% utterly failed to do anything. There was some confusion about what to do, and the UI didn't help.

But that paper is also from seven years ago, first presented at EuroUSEC 2016 in July of that year. Signal made several changes afterward to make it clearer what should be done (it changed to safety numbers with clearer messaging and easier confirmation in November 2016) and has made further changes since then.

Ultimately, Signal is far easier to do than any version of PGP or GPG. Its encryption is much stronger, and while the implementation is not perfect, the fact that people who previously swore by PGP for secure communications have shifted says a lot about it.

PGP is essential, and there is no excuse for not using it. If you don't use PGP, or another open comparable solution, you don't care about security, period!

Phil Zimmermann, the man who created PGP, does not use PGP, or at least did not as of 2015, and had no way of encrypting or decrypting such email. He said at the time that he would try GPG, but it's not clear whether he ever did.

A number of other privacy luminaries have stepped away from it, some doing so publicly. Moxie Marlinspike did so in February 2015. Filippo Vasorda, one of the cryptographers behind TLSv1.3, followed suit in December 2016. Bruce Schneier has said many times over the last decade that he believes PGP is more difficult to use than it's worth. All of them prefer Signal, which has its issues (particularly being tied to a phone number, which is both a strength and a weakness) but which is far, far easier to use, available on almost every notable platform, and is probably more secure than PGP/GPG will ever be.

I would suggest that those last three, at least, care a great deal about security, since they have spent their careers working very hard at providing it for the masses and that Phil Zimmermann likely does, too, even if he's not been as involved for a while.

Why doesn't GMail?

Google looked at integrating OpenPGP into Gmail via an extension almost a decade ago, and they took a pretty good crack at it. Unfortunately, the threat model turned out to have so many holes that it wasn't worth the effort (though Eduardo Vela Nava, aka sirdarkcat, still updates the code every few years). Please do look over that page, as it's one of the best threat model summaries I've ever seen. If you read it in detail, they note in several places that they do not identify all the threats within a particular realm, and that some threats simply cannot be addressed with a browser-based implementation. They published the source code for the extension under Apache 2.0, so you're welcome to pick up from where they left off.

The battery manufacturers expect to cut the battery costs in half in a few years, not the cost of entire cars.

Cheaper batteries made from plentiful materials that are not resource constrained the way that lithium is (to say nothing of cobalt) make for a much easier supply chain, allowing a faster increase in production of inexpensive BEVs. Yes, BEVs will remain a relative luxury item for a bit, but not forever.

As I linked elsewhere, Sweden's Northvolt announced theirs with 160 Wh/kg just a few days ago, and CATL has been building them since the summer with the same reported capacity. Northvolt's pricing wasn't included, but CATL has priced theirs at around $80/kWh, less than the ~$100 that LFP costs for similar capacity and twice what they expect to get it down to in the next couple of years.

Sodium-ion batteries are entering production. They have similar capacity to LFP while being less expensive (around $80/kWh compared to LFP's $100/kWh) and not relying on expensive or geo-constrained materials, and with growing production, manufacturers expect to cut the cost in half within a few years.

That doesn't help. At best, this offsets a tiny part of flight operations for very small planes carrying fewer than 10 people or small cargo. For major use, the energy capacity needs to get a lot higher. Jet A1 (used in turboprops and jet engines) has a specific energy of 43.1 MJ/kg, or about 12 kWh/kg. NMC lithium batteries seem to max out right now at around 300 Wh/kg. Figuring out the energy efficiency of an aircraft is complicated for a number of reasons, but even with a presumed much higher efficiency (by integer factors) of a pure battery system, batteries are pretty far from powering aircraft responsible for the most emissions, and that's separate from the challenge of recharging them.