Okay, so...

Back in the day, on Windows... 98 through to about 7? I used to use ZoneAlarm on my Windows machines.

Was that because we didn't have a network firewall at home? No. We did. In fact, I used to do quite a bit with Freesco (a single-floppy Linux router distro, designed to replace Cisco routers with commodity PCs). Our networking was DAMN good for a home network.

But I liked to use it because it would POP UP and tell you something was using the Internet. What port. To what domain/IP. That it wanted to listen on a port rather than send data? Allow or Deny? What kind of software profile to apply to this? Is this a game (i.e. some random outgoing stuff only)? Is this a web browser (let it do what it likes on 80/443)? Etc. To what zone? Internet? Local Network? etc.

That, I find, is the ONE THING that's still actively missing from all modern operating systems. I want that on my phone. I want that on my Windows PCs (Windows Defender doesn't even come CLOSE). I want that on my Linux PCs (but less of an issue there, for sure, and it's more difficult because they don't necessarily have a GUI by default).

A decent application firewall is severely lacking in modern machines, and part of that is the "UAC fatigue" that Microsoft introduced, where you got a dialog asking you inane questions about deep-level technical stuff. But I *want that*. The closest I've found is Comodo Free, which does the same. And you would be AMAZED how many programmes automatically do a DNS lookup and check-home as their very first action on a modern Windows machine. Basically EVERY piece of software you use. Every game. Every application. Every part of Windows. Every service.

And it's mostly unnecessary.

I would give my right arm for a decent GUI version of this, especially now that I'm entirely Linux again after 20+ years. Not because I expect it to defend me against attacks like a software firewall is sold as doing. But because I want to know why, in the ever living fuck, every tiny application thinks it has to immediately connect out to the Internet on random ports to talk-home in order to operate. So I can eliminate that feature / software.

Honestly... if there ever is a world war, the Internet will be the first thing under attack. And you'll realise - as I did even many years ago, how much stuff just jams up if it can't immediately DNS-lookup and connect out of your network. And how some stuff just then immediately stops working when you deny it, as in the programme just stops loading completely until you allow it.

If we change the "right to repair" laws, we should also change the liability laws. If a home-repaired unit becomes unsafe and injures people, who is responsible?

In the case of farming equipment, suppose a farmer makes a repair to a piece of equipment and then his son is injured or killed by said equipment. Who is liable?

The company would say that the farmer took full responsibility once he modified the equipment, while the farmer could say that his modifications did not affect the safety of the device.

It's also not at all clear whether a physical repair done by the farmer could have contributed to an accident made by software. Lots of things can affect software, such as the alignment of the two welded pieces. The software makes a performance analysis of stopping distance based on information it has, but the repair might have changed those parameters.

People who like to race want to download new parameters into the ECU of their car, but that's illegal. It actually is: the parameters are set to maximize efficiency, and while you can get better performance with different numbers, it would promote climate change, so it was made illegal.

Being able to repair things is good, and it's very clear that open source has driven the software industry forward, but we need to be careful about liability as well. Jailbreaking your phone is one thing, but jailbreaking your EV might have catastriphic consequences. I'm not a fan of ID-tagging headlights (BMW, Mazda), but if an accident occurs because of reduced visibility the company could be held liable.

I'm completely in favor of being able to repair things, and John Deere is the worst sort of predatory behaviour, but just wanted to point out that there's another side to the story and we should be careful.

Anyone with a brain, having just invented a deliberately anonymous cryptocurrency that starts to take off, would NOT EVER touch the seed coins, especially once it became obvious that everyone was watching their movement.

The second that stuff moves, Bitcoin value tanks AND the ultimate destination of all those coins becomes international news. Hardly anonymous.

No, whoever they were, and for literally whatever reason they started the project, they would have created other additional accounts later on, capitalised on those, had no connection to the original accounts, and still be a billionaire now. But just one of hundreds / thousands of others that are all untraceable and not really being watched.

And when Bitcoin mixing services came out, they'd have been all over it - just to preserve anonymity if nothing else.

We know precisely one thing about Satoshi - and that's that they don't want to identify themselves. Maybe there is $138bn sitting in an account they could in theory get access to. But it would immediately reveal information about themselves that may well work against them - taxation authorities would be all over it, press, public, every penny would be traced to its final destinations, etc.

So even if they only had, say, a couple of million in another account... they'd use that. Not everyone wants to be a stupendous billionaire in the public eye. You have to be a bit of a sociopath to be a billionaire at all. And then think of things like security, press, public scrutiny, etc.

Maybe they've got enough to live a life of luxury, that they've properly declared, never have to work again and, ultimately... still stay absolutely anonymous.

The one thing we know is that they understand anonymity. Why on earth would we ever expect them to do the most stupid thing ever and reveal themselves, rather than just hide amongst a large crowd and enjoy the rest of their life?

Make illegal phone calls (e.g. fraud, harassment, unsolicited commercial spam, etc.) and they'll cut your telephone off.

Far closer in terms of analogy and technology. And extremely viable.

The electricity company are not directly facilitating or have knowledge or would have reasonable knowledge of your Internet activites.

But your phone number is actively facilitating your phone service, the same way your ISP Is actively facilitating your Internet service. And you would get cut off by your ISP if you were sending spam, or hacking people, etc.

Either the ISP has NO business doing that (and thus they couldn't cut you off for sending spam) or they are monitoring and able to cut you off (in which case they could cut you off for piracy).

If you kept sending spam email, your email account would be terminated. If you used your ISP connection to do it, they would start terminating your connection. Whether that was personal, business, paid or free.

How is that different to keeping using your ISP connection to download illegal stuff, once the ISP has been notified of that?

Are we saying that unsolicited commercial email is somehow significantly more damaging to people and incurring a greater commercial cost than pirating movies?

Ah, yes, the same cautionary notice they have to put on psychics, palm readers and tarot readers in my country.

Because even the government realise that they're just talking bollocks.

"Fluid" intelligence is the ability to think, reason, solve problems, and learn things. "Crystallized" intelligence is your amassed knowledge.

These are technical terms used in the literature.

Intelligence is nature's guess as to how complex your environment will be... but there's an out. People with low fluid intelligence have to work harder to understand things, but if they put in the work they can amass a body of knowledge that rivals that of people with high fluid intelligence.

And of course, lots of people with high intelligence stop learning in their mid twenties. At that point they've conquered their environment and are living successful lives (good job, married, kids &c) so there's no real reason to push themselves. Lots and lots of people, even smart people, haven't read a single book in the last year - and this observation was true in the 1970's before the internet.

(And nowadays this is probably more accurate due to the appalling quality of information found on the internet.)

It's a question of training. We're evolved to believe what people say, it's a way of reducing the cognitive load of learning things (by believing what someone else has already figured out). We're not used to questioning the logic of someone else's beliefs.

As an example of this, note that Warren Buffet has built a career on identifying fallacies in business, google "Warren Buffet fallacies" for a list.

None of these fallacies is taught in school, everyone has to find them and figure them out on their own. And then you have to use them in your daily lives.

Almost no one is used to doing that, which leads to the current problems with AI.

Why does everybody think I'm a lawyer?

Everything needs to be branded or monetised.

It's why I want large commercial organisations as far away from my data, computers and workflow as possible.

I do not care about you, I don't want to be reminded you even exist, and I certainly don't want to give you money. Go away.

I want to turn on my computer, load up the browser of my choice, and that's it. I don't need to see a single brand, no "notifications", no messages of your choosing, nothing. My boot screen is a spinner. My desktop is a flat, blank, plain colour. I have my browser pinned as a single recognisable icon (doesn't even have the name).

That is what an OS should be. That is what most services should be. We shouldn't be spending our life subject to the whims of a corporation trying to wheedle money out of us or "foster brand engagement" or whatever nonsense they class it as.

The one good thing about hitting limits on CPU clock speed, memory shortages, etc. is that they might finally have to start actually making programmes vaguely efficient again.

There's also yet-another reason that I don't use Windows, and that's that everything seems to want an app running on startup to cache what it needs to to present these shitty web UIs with any semblance of performance, to do the most worthless things.

There are far too many programmes that just don't function correctly if you have a software firewall other than Windows Defender and you deny them web access, for instance. Windows Defender just lets it all through, but if you have a "ZoneAlarm-type" firewall, you see that EVERYTHING wants to talk-home or connect to a local web service and, when denied, it hangs up and falls over itself rather than deals with it gracefully.

Not what you want to see in critical services, for example.

Tell me how you're ever going to implement this on any open-source operating system ever?

Because people will just patch it out.

It's not like it's even a boot-time requirement (thus necessitating it being in the kernel/initrd, etc.). It's an account requirement. Which means that it can be patched out in no time at all.

As far as I know, not one single open-source OS has actually implemented this requirement (they put a field that would be useful for it into systemd, but nobody's actually using it).

Apple push an silent automatic update just for your computer that the next time you type in that key, it sends it to the FBI.

Next?

We're not dealing with a bit of software piracy or finding out who stole someone's Bitcoin, you're talking about agencies dealing with anti-terrorism and wars.

Only in America could you legally argue that an unnecessary profit-making middle-man was legally required and that it would somehow "reduce costs".

There's no such thing as technologically unable to comply.

If a nation state law enforcement insists, they will make you comply, and you and I will never hear about it.

A simple OS update with "If phone MAC == XXXXXXXXXX then send copy to FBI", targeted specifically at one phone, deployed only to that one phone, would go entirely unnoticed by the world.

And Official Secrets Act / equivalent, combined with a government-NDA and jail time for talking about it's very existence is literally routine. Has been since the days of black boxes in ISPs and them tapping Google's inter-datacentre links.

If someone like the FBI, NSA, MI5, GCHQ, etc. wants you to do something... you have literally zero choice in the matter. And talking about it will get you immediately jailed. And it really doesn't matter how big you are.

You think that Whatsapp end-to-end encryption is just going to make GCHQ etc. go "Oh well, nothing we can do?" No. If they need it, there'll be a guy knocking on your head office with a bunch of people, he'll only tell you why he's there in a closed meeting, you will comply, even if that means throwing everyone out of the datacentre and doing it yourself, and if anyone hears what he asked you to do, you will go to jail.

Been the same for decades. They just don't use it for ordinary crimes and petty stuff, mostly because of the resources they have to deploy to ensure that it stays quiet.

So we're giving up on CAPTCHA then, are we?

And the only alternative we can come up with is literal ID verification?

Something tells me that we skipped a step - i.e. a better CAPTCHA.