Many years ago. Flew internationally with no ticket, boarding pass, or passport. Then, as now, the weakness in the system is people. Social engineering has always been a hugely successful vector for compromise. For example, I got past the gate staff by inundating them with questions about the plane, until they got annoyed and started intentionally ignoring me at which stage I could wander down the ramp.

Actually, my means of bypassing that final check (since there's so many ways one could conceivably get to air-side of an airport, the boarding gate is a vital security nexus) triggered a worldwide airport improvement to enclose the sides of the gate entry of international flights so that a passenger can't wander from the windows directly to the ramp behind the staff - they have to come around and walk directly between the staff. They're not as stringent for domestic gates, since carrying a passenger domestically without documentation is just the airline's loss. Carrying a passenger internationally without documentation triggers a whole range of problems to deal with and penalties for the airline.

I too was checked at security, although at that time there was no checking of documents at security. I understand commonly in many places at least the boarding pass is checked at security, in my part of the world the document check often comes at a separate point before security screening, and if one is able to bypass the document check, won't have a separate check at security screening. And that's still a weakness - there should be document verification at every point of ingress.

Several other people have achieved the same. Some by forging documentation, but by and large whenever this occurs, generally people are the weakness in the system that allows it. I'm not dismissing the culpability of those who do so, just mentioning this as a look at the security apparatus. We're doing mostly the right thing from the technical aspects of security, although in this particular instance it seems like a use case where AI could be deployed to identify tail-gaters as they happen.

Not quite, but close enough to the mark that it should count. To run it is one thing, to *trust* it is another entirely, and we generally engage it quite a bit of data security, isolation, and threat mitigation on the basis that no, we don't trust it. Sure, run it, but accordingly, regard it as a threat and take whatever measures you can to mitigate that threat. And from a security standpoint, the same is true of Linux as well. Protect your data, because you can't "trust" code from anywhere. (Sidenote: obviously, we always have to balance trust risk vs mitigation cost, and they're both high in the case of Windows, and both low in the case of Linux, which is why I admit, the point you're making should effectively count as correct anyhow.)

You can't "trust" code from anywhere, ever. At least with open source, however, you're given the opportunity to review the code yourself. But no responsible organization should ever be trusting code from a third party.

It's not about the apps specifically. The "not for thee" is due to the fact that the exploited backdoors put in place in communications infrastructure were at the requirement of the government. They could remove these backdoors but won't for wish to continue to use them to surveil the citizenry. They're not advising everyone to stop using phones or text messages; they want everyone else to keep using them so they can keep monitoring them. Just not senior government officials.

Sure, you can use the apps too, it's just that they're just not telling you you should. This was the point OP was raising - that everyone would benefit from more secure communications. The government could either remove the backdoors which caused their telecommunications infrastructure to become compromised in the first place, or recommend everyone use secure apps. But they're not doing either of these. Hence OP's "for me, but not for thee" - it's not claimed to be an absolute.

And besides, in regards to apps, the federal government keeps raising concerns with the level of encryption present in consumer products. Nobody is claiming the public is yet being prevented from using these apps, but unfortunately the "yet" there could at any time be only a serious incident or "public mandate" away.

Intentionally ambiguous season pass descriptions are a significant frustration with some titles. For example, some games teasing future season passes which happen to include DLC already released, but not telling you that in the description so that one ends up double-dipping. Or games with multiple useless single-player cosmetic DLCs and a handful of content DLCs, dropping a season pass priced *slightly less* than those combined, but not telling you which of the content DLCs are included, so that you go for the "cheaper" option of buying the season pass, only be stuck with one content DLC and a bunch of cosmetics. And so forth and so on.

Sure - sometimes reading comments/reviews can help get around these and similar traps. And always, simply not buying from publishers who engage such scummy practices would always avoid it. But not everybody is an as perfectly refined and wondrously logical being as you are, and for those individuals, it's certainly a step in the right direction to have the storefront require publishers to actually tell purchases what they're buying. I mean, it seems obvious that should have always been a thing, but it hasn't been, and its a fix better late rather than never.

Right, so if you're travelling to the US for example where border security can require access to your phone and/or computer, you just have to decide beforehand if you're willing to abandon transit to avoid your phone being searched. If your answer to that is No, then there's no point powering it off to avoid search, since you already know you won't abandon transit in order to do so. That's all I was saying - the advice is useless for most people. Only useful for people who know ahead of time they *will* abandon transit if a search of their devices is requested.

Not much point for most folk, since border control can generally require you to turn on and unlock your phone. The only reason to take the extra step of turning off your phone is if it actually has something illegal on it, and you're willing to sacrifice your transit if you're asked to unlock it and refuse to. For everyone else who's *not* willing to sacrifice their transit and will comply with any lawful order, turning it off just takes up more of your time.

"But what if I have nothing illegal on it and don't want to unlock it on principal". Like I said - it's useless advice for people who *aren't* willing to sacrifice their transit. If you're willing to sacrifice your transit for that principal, that's fine. But there's exceedingly few people this applies to.

To be clear, nobody is making this claim, but what data do you have on the heart health of primitive humans in order to use them as a rebuttal argument against the story? For all you know, they had terrible heart health, and since as best we can tell they had fairly short, violent lives with mostly young deaths, it bewilders me that you'd bring primitive humans up as a rebuttal.

It sounds like you're making the same non-sequitur argument folks make when they say "eating paleo must be the best diet for us because it's what our ancestors ate" - as if the availability or lack thereof of a thing within a specific period in time is what makes it best. Which is not to say the average modern adult's diet isn't terrible, but in no way implies a paleo diet is the best thing for us either.

Rather than making up nonsense rebuttals, just find the science which shows standing still for more than 2 hours a day is beneficial for our health, and the science which debunks and explains the findings of this study with a better hypothesis.

Let me start by saying, I think this is a terrible product and support any efforts to circumvent it. However, in answer to your question, there's no second party here. It's not a GDPR issue nor requires consent. The model is run locally on your PC, by you. Once the model is downloaded, it works offline, and nobody else is making a recording. Whether that data gets to them through some other delineated feature or software is another matter, but on it's own, there is no second party involved in the processing of this data.

That being said, it can be disabled through Group Policy Editor. At least for now. Most OS telemetry (but not all) can be disabled without any third-party software, and this falls well within the most category, especially since at present it requires express consent to install the appropriate model in the first place.