You can't do login in any remotely realistic way with that. For starters, you couldn't have bookmarks or type in the url and be logged in consistently (whenever your login cookie would change at all, all of your old links would break, and you probably want it to change for security reasons). On top of that, now any referrer leak is a security issue where you give away your account, instead of just a privacy leak.

And no, "replace every single link with a POST form request" is not reasonable, starting with the issue that now you can't hit back.

It almost entirely doesn't do that. Its uses are a) DRM b) corporate lockdown of hardware in the hands of employees where they don't want to give root c) DRM d) letting manufacturers or OS vendors control the machine you paid money for e) yeah that's it. The proponents like to say things like "prevent hardware attacks" (it doesn't, that's locking down the bios/bootloader and use encryption, which you could already do) or "prevent persistent malware" (which it does by their definitions, if you assume that the trusted code is bug-free... and that the old bios code permitted unsigned updates or had bugs). But "persistent" means "past wiping the drive and doing a full reinstall", which is not really relevant for anything other than that case d above. If a virus compromises a user's account, that's the actual harm done already, not reinfecting the machine. The closest thing to actual value is "maybe stopped people from using ancient terrible BIOS code".

They could be required to release the server code in a reasonably runnable form. Would this be an extra cost? Yes. Would it seriously cut into the total profits? No.

Yes. Consoles should also be held to this please.

There's a good reason to give preferential treatment to EVs - gas vehicles have costs that are not paid by the owner and instead paid by everyone. (Now you can certainly argue that it's better to instead tax the gas vehicles, or tax gas at a higher rate, or do so only for personal vehicles and not trucks or whatever)

Trump should not have been walking free outside of a jail cell four years later :P

Yeah, TPM provides no real security benefits to a home user. The best that preventing a persistent kernel compromise really gives is "maybe AV can be protected" (very maybe), potentially resulting in bricking the machine instead. For a user you've already completely lost when the web browser is compromised, far before root access. Its benefits for security in a corporate setting only exist if/because you can list every permitted executable and then it lets you lock down the machine even against a lot of physical access. The DRM "benefits" on the other hand are massive.

Yes, but TPM was never for security. It did not start as security, and it has never provided any security benefits for home machines. It has always been about lockdown, which is for DRM and corp security.

Along with the timeline in another comment; you should still shit on MS for breaking things around a SecureBoot "vuln". SecureBoot is just the advertising name for pushing DRM. It provides no security benefit against most attacks users would care about. (It helps against physical attacks and attacks that might try to persist through wiping the machine; ie the only real benefit is for companies that lock down corporate machines)

I mean, even if it is still pretty easy to switch to Firefox/Edge/etc, it's probably still reasonable to say that the market share of Chrome qualifies as monopoly (or separately, ads or search). AIUI, even if does qualify, that on its own is not illegal. What would be is then abusing that monopoly in certain ways. Like maybe banning ad blockers and privacy tools to support their ad business. Or possibly if they broke support for other browsers in search or other websites that they qualified as a monopoly in (they've massively cut down on internal testing on other browsers, but it seems unlikely that they'd manage to break search, and things like google docs probably don't qualify as a monopoly)

Secure boot maybe has some non-evil uses for servers/cloud stuff (if you trust Intel/AMD to not be evil *and* to be competent and don't trust Google/Amazon/MS). For consumer products the purpose is and always has been DRM. The "but it prevents rootkits" is always bullshit, all a virus/ransomware/etc needs to ruin is your user account and you've already lost everything you actually care about. (And for like a family machine that actually has multiple accounts in use, you're relying on windows security to prevent the infection spreading. Good luck with that)

I mean, the upside is that these datacenters (mostly) aren't exporting and hiding their costs. (Electricity generation's externalities are not the worst, but are often relevant) Companies trying to do the power-hungry AI training or running expensive models have to pay for that electricity themselves (and this provides direct incentive to try and find more efficient ways of training/etc). They might pass that cost on to the consumer, but that's in fairly obvious ways. Contrast all the cryptocurrency nonsense, where transaction fees and problems are generally less obvious, and the entire premise requires high power cost.

On top of that the main conclusion from "lots of new + more power-hungry datacenters = 2-6% increase in power usages" is not "this is an environmental crisis". It's "by Amdahl's law this isn't a particularly important place to optimize". It's new, so there might be low-hanging fruit compared to the things that actually cost energy, but when the absolute maximum improvement is single digit percentages, it's not the sort of thing you blame for any energy crisis.

You do not have copyright over the idea of your app and never have. That's not what copyright is for. You have copyright over the code of the implementation, and maybe could, depending on the random-ass decisions of your country's patent office, have a *patent* on the idea of it. Even the shittier patent offices hopefully would not give a patent for "make my phone into a flashlight", and the devs probably didn't try.

When a company acquires another like that it's to get the existing implementation and/or "hire" the people who came up with the idea. Chinese companies are probably being accused of stealing code/hardware designs/etc provided under NDA (or random nonsensical complaints too).

Even pure clones of an idea are not copyright infringement, that's not how it works, and is not how it has worked for about as long as computer games have existed. Atari lost that suit in like the 80s or something.

In general, the ability to maintain access (at least up to some expiration date longer than would otherwise be available) is the entire point of a session cookie - you don't need to log in repeatedly so long as you are still "there", similar to a screen saver password / lock on idle. And there is no possible way for anything to be stored in a relevantly encrypted form barring a setup where you do not actually control your computer (like iOS) combined with the web browser not being the compromised component in the first place. The web browser needs access to the unencrypted session cookie, and so anything that has access to what the web browser does will have access to the cookie. On a normal PC that's anything unsandboxed being run by the same user or a user with admin access. Things like denying debugger permissions by default only means that they have to wait for a browser restart or pretend to be legitimate for a UAC prompt / fake a sudo prompt / etc.