Windows 10 Security is so great that they will hand over control of your machine to another Windows domain simply by clicking on a link that shows no indication that your machine is about to be subverted. They literally let outsiders steal administrative control of a machine that you own, without notification, by design.

And then you can't administer your own machine anymore until you disconnect it, if you are lucky enough to be able to do that. So I can't really take their insistence on great security very seriously when they have intentionally designed their operating system not to have any.

There is a very simple solution to that kind of thing. Block, filter, and censor. Nothing is stopping the establishment of the Great Firewall of the UK, right?

If you must, you can require all such enterprises to have local executives that you can summon and throw in jail if necessary. And the networks that do not want to comply can just do without participants in the UK and users in the UK without them. Does Facebook (for example) really need to be international unless it wants to be subject to prosecution in a hundred countries or more?

When Russia gets ready to rejoin the civilized world, I am sure they will bring their intellectual property laws back to normal status as well.

As long as they are turning Ukraine or any other country into a wasteland, who really cares how much software they pirate? Concern for copyright violations when there is a major war on is an insult to the people suffering and dying over there.

I imagine generating Linear (LX format) executables for OS/2 might be an equally significant problem.

There is not likely to be any major difference between a Rust compiler that targets x86 on Windows and one that targets x86 on OS/2.

If only Huawei could persuade their country to be less of a genocidal police state, so they could have a world wide market again.

The FCC isn't really in the business of stopping anyone from making defective receivers. The FAA on the other hand ought to care about that very much, and apparently they have been missing in action on this subject.

Yes. The bottom line is that too many radar altimeters are defective, are effectively squatting on frequency bands assigned for other uses, and will need to be replaced. This should have been apparent from the beginning.

The idea that this artificial clock "sets" the risk of anything is one of the most unscientific ideas I have ever heard, not to mention a ridiculous conceit, a sign of a magical world view, and an if-we-believe-it-it-must-be-true level of solipsism.

Any interference with neighboring bands is highly likely to be intermittent at best. These are not high powered signals. It is more likely that the FAA would prohibit use temporarily out of an abundance of caution than for 5G users in the vicinity of major airports to notice that much of anything is going on.

It is the airlines who are violating the rules with their defective radio altimeters, not the 5G people. The mobile carriers have a legitimate complaint against the airlines for unlawful interference, not the reverse.

And its true, the airlines and the FAA should have thought about fixing the problem decades ago, not last week. Not that there is any hard evidence that their defective altimeters are going to be vulnerable to 5G transmissions in practice, as of yet.

The problem is the FAA should have approved non-defective radio altimeter designs that stayed within their allotted bandwidth decades ago, instead of ones that splat (and receive) signals from all over the nearby spectrum.

I think the idea that this behavior should be preserved for convenience or backward compatibility is (now, finally) a thing of the past among the Log4J people though.

I should back pedal on that. It appears that the Log4J 2 developers have had a change of heart due to recent events and really are trying to prevent any kind of substitution in untrusted data, including thread context data, and may have succeeded as of version 2.17.

Unfortunately, Log4J 2 did not fail due to the presence of any kind of bug. It failed due to a defective design that the developers refused to fix for years. It is still defective, and no one in their right mind should use it. Why should anyone trust software from developers with a fatal case of confusion between code and data?

Who think that scanning and evaluating attacker controlled data for lookup expressions is a convenient design feature? In engineering terms, they are insane, and the software in version 2 is not trustable, and was not trustable the day it was designed. It is still a latent world class security vulnerability, a disaster waiting to happen, albeit somewhat less so than a couple of weeks ago. Now they only evaluate untrusted thread context data, not untrusted message data.