Virtualization != sandboxing. You can sandbox on Windows with SandboxIE, where all writes from the sandboxed app are redirected elsewhere. Doing this doesn't require a separate OS or filesystem, so it doesn't add that context shifting as overhead.

You can also run your Web browser in a VM. You get better separation, but at a price, although with hypervisors becoming the norm and not the exception, running VMs may not have as onerous a penalty as they used to.

I like a combination of the two. I like browser windows and tabs separated from each other, like what Chrome/Chromium does, but the browser should run in its own VM so if something does get out of the browser, it is in a completely separate user and machine context. Without the VM isolation, even if malware just has context of a user, that can allow files to be uploaded and ransomware to do its dirty work.

Jails are another solution, but it can be argued that it might be best to completely isolate filesystems, especially if some software decides to do stuff like mkdir foo; cd foo loops, or just create tons of files in order to use up all inodes. Done on a VM, worst case, it means one dumps the VM and rolls back. Done on a desktop, it can mean work stoppage.

This assumes that the two populations produce an equal number of top tier basketball players, which is highly unlikely to be true so with the assumption being false, the rest of the argument doesn't logically follow. But me simply saying it's unlikely to be true isn't really much better in terms of logical reasoning so consider the following argument as well:

In a sport like basketball where there are only a few players on the court at any one time, a single star player can vastly improve a team's success. If white people were being unfairly excluded, one or two teams that weren't discriminating would have access to an immense amount of talent that should allow them to dominate the league simply because other teams wouldn't acquire those players.

That we don't see something like this happening suggests that your assumption is wrong, unless you'd like to claim some kind of mass conspiracy. Also, we already know that teams are willing to take the best players as we've seen from history that many sports leagues excluded black players in the past, but quickly started to hire black athletes when those rules changed because there was a lot of untapped talent available and the teams that continued to discriminate missed out on those players and likely faired less well than those teams who went for the most talented individuals regardless of race.

Maybe the recruiter at their agency was Australian. It seems to have been a problem at least once in the past.

It's ugly as all hell, but it must be working, with the high incidence of HIV. Search for transgender aids hiv percentage and be prepared to be shocked. Highest incidence of aids of any group.

You can operate a mail server, an ftp server, even a web server without a DNS entry. Without a DNS entry they would have to have the actual IP. nslookup is useless in such cases.

Kids who have their own bank accounts and jobs wouldn't be on a site that caters to tweens (kids between 8 and 12). It's a site built around a flash game where kids can dress up their i-dolls and save them. and make stamps. teen-agers wouldn't be caught dead there.

Too ban that the law, my birth certificate, my ID, and my doctors all disagree with you. I'll take educated specialists over some know-nothing internet troll.

Then the people who have unreal expectations of how benign the real world is will learn the hard way. That's how people learn in the real world - by experience.

In Android at least, only one application can be running at the same time (no background processing unless you program a service for your app)

Bollocks.

And the rest of what you say has nothing to do with Android or ChromeOS. You can have access to root in both. Android devices generally have it disabled but it can be enabled - of course, even CyanogenMod discourages root access these days, as it shouldn't be necessary. ChromeOS? Off by default, but every ChromeBook let's you reconfigure ChromeOS to allow root if you desperately want it. As for "Spyware", it's entirely up to you whether you use Google's services or not.

And none of your objections have anything to do with the original point. You're complaining about the UI disabling certain features. The underlying operating system has those features. And, frankly, easy access to root was something that Windows 95 gave you by default that NT made a little harder to get...

None of this is of any value if you don't give your kids access to your credit card. And if you do, then you're already exposed to bigger threats.

What I'm saying is that private email servers only known to the users are much more easily hidden than a web sit with a dns entry. Can't DOS what you don't know exists. Much more or dark than the so-called darknet. How many ip6 addresses are they going to have to portscan to find one?

I'm sure there's a third "security best practice" that's not being followed.

I bet one of the accounts on there is a test account for the developer to test with in production, and the username/password is the same as the password to the FTP server or to the DNS registry or some other important service.

One passenger mile in a jet plane creates more atmospheric carbon than 1500 miles in a car.

And rich left wing scientists will *still* be creating atmospheric carbon taking jet planes everywhere.

Air travel should not be justifiable under any circumstances if AGW is true. It can only be justified if AGW is false.