Maybe it was a slow news day at The Daily Beast?

Publicly traded US companies have to follow US laws on disclosures. Lying to the US government as a company officer who is a foreign national being in a different country isn't magically protected when there's an extradition treaty.

Criteria from the summary:

Release date of the MacBook Neo from Wikipedia

Yeah that's exactly what I said, less repairable devices are unsurprisingly market driven. I am agreeing that people, including you, want light weight devices. Likewise manufacturers want to sell more units when devices break. To state my position then that "it is crap and should not be sold to anyone." is quite the strawman. I don't advocate for banning those devices at all, only on the desifgn incentives. Likewise repairability is scoped more in this article quite a bit more than device design, including availability of repair documentation, spare parts, spare-parts affordability, and right-to-repair.

Here's some questions that hopefully explain my position:

• Is there any societal good for people keeping devices for longer?
• If there is societal good, are the market pressures trending towards or against that?
• If trending against, how should the government appropriately affect change?
• Do you think that manufacturer's would still produce light weight devices if also incentivized for repairability?
• And if the more light weight device costed a bit more, but other more repairable models a bit less, with societal cost of disposal was less of an externality, would that be more or less fair?

In undoubted agreement about most of what you say here as market forces driving the outcome was my entire point. The outstanding points that are unaddressed was the negative externality that the incentivized planned obsolescence has on the environment, the role of government has in consumer protection against market driven adverse consequences, and inequality of bargaining power. Which all leads into an open question on the how and when to address outcomes because market failure isn't a binary and economic Pareto optimization is rarely achieved.

More simply when price, weight, and repairability aren't incompatible, is there any reasonable method to subtly tip the scales so that repairability is not sacrificed to the detriment of the consumer?

That's almost assuredly because the how they got into the routers wasn't something new and unexplained.

Consumer routers generally don't run the web interface on the WAN port by default. Mikrotik has had a couple big older CVEs with "Winbox" and gives the power to the user to shoot themselves in the foot with exposing interfaces. Search for FOISTed or the Meris botnet for tech details on those exploits.

CVEs against the web interface with a large number of devices rules out social engineering as the primary mechanism.

Lateral movement would undoubtedly be the best way to hit an internal network web interface.

These things aren't mutually exclusive. The malware install on the routers clearly was persistent.

Likely installing anything fresh or just patching and following vendor guidance would have dodged these, since there wasn't a mention of any newly discovered zero-days.

This is undoubtedly safest assumption throw a bad device on a network (like a picture frame, a pirate streaming device, or an IoT appliance) and then there's a foothold to run an exploit framework and identify other devices to hop to.

When consumer more heavily weight price, aesthetics, and weight over repairability in their decision making and vendors have an greater financial incentive to sell a higher margin new device over repair parts and bear little of the cost of disposal, it's unsurprising that devices will trend towards less repairable.

So then when the free market trends towards something counter to public good, regulation is one of the few tools to correct. And then it's unsurprising for consumer devices makers to lobby against those regulations.

Hard to get traction with political forces going the other direction with more divisive social issues are stronger wedge issues. But who knows, things like charging port standards have happened. Maybe someone will come up with incentives that reward device life and more appropriate share the costs of disposal.

From Lumen's blog post:

Doing a simple search for TP-link and Mikrotik CVEs leave a few that aren't just denial of service attacks but fit that description of against a web interface.

You are correct that it's unlikely that those devices were the final goal. The security game is all about moving sideways from easy targets to important ones.

Maybe they would be able to use that equipment to proxy traffic to dodge geoblocking, use it to denial of service a piece of infrastructure for a bigger target, or snag some information from an employee of a juicy target. Or maybe they wouldn't be used again, but maintaining low effort footholds is worth the cost for a starting point for a possible future campaign.

Fancy Bear is the Crowdstrike's "Adjective-Animal" naming scheme where Bear is Russian and China is Panda. Microsoft goes with Noun Noun where Russia is Blizzard, so this group is named Forest Blizzard in that scheme. FireEye uses a simple numbering scheme for there "Advance Persistent Threats" so known as APT28 there. The earliest external naming of the group was after a 2014 attack, Sofacy. Here's a whole list of associated names for the group

Likely the the group is Russia's GRU Unit 26165, but what that group calls itself internally isn't known.

Here's the blog post with more tech details than marketing fluff with links to the bugs.

It's all personal preference except the loss of screen space moving from the title bar. If you have enough tabs that the titles are getting lost, then maybe the extra screen space is well used. Likewise if most of the content viewed is responsively designed for a phone in a shrunken column or infinite scrolling on low resolution displays, then losing that space doesn't matter.

But in my preference, vertical tabs infringes too much on the page content especially with side-by-side snapped windows and shifts the viewing position to an odd place relative to most windowed applications.

"Virtual fencing" is literally the first part of the Halter sales pitch. Whether that works as well as the sales pitch remains to be seen. From their home page:

Also need to avoid basically the web or interacting with most big corps, you might not be directly exposed but all that Copilot in Azure and M365 has your data just the same.

I mean for the true early adopters there's already Bluetooth enabled shock collars. Just on AI slopped app away to make the jump from the pocket to neck.