Everything needs to be branded or monetised.

It's why I want large commercial organisations as far away from my data, computers and workflow as possible.

I do not care about you, I don't want to be reminded you even exist, and I certainly don't want to give you money. Go away.

I want to turn on my computer, load up the browser of my choice, and that's it. I don't need to see a single brand, no "notifications", no messages of your choosing, nothing. My boot screen is a spinner. My desktop is a flat, blank, plain colour. I have my browser pinned as a single recognisable icon (doesn't even have the name).

That is what an OS should be. That is what most services should be. We shouldn't be spending our life subject to the whims of a corporation trying to wheedle money out of us or "foster brand engagement" or whatever nonsense they class it as.

The one good thing about hitting limits on CPU clock speed, memory shortages, etc. is that they might finally have to start actually making programmes vaguely efficient again.

There's also yet-another reason that I don't use Windows, and that's that everything seems to want an app running on startup to cache what it needs to to present these shitty web UIs with any semblance of performance, to do the most worthless things.

There are far too many programmes that just don't function correctly if you have a software firewall other than Windows Defender and you deny them web access, for instance. Windows Defender just lets it all through, but if you have a "ZoneAlarm-type" firewall, you see that EVERYTHING wants to talk-home or connect to a local web service and, when denied, it hangs up and falls over itself rather than deals with it gracefully.

Not what you want to see in critical services, for example.

"away from densely populated areas" is both subjective and not the same as "away from other development".

This kind of article should wait until the study has been peer-reviewed, not flood the zone with unreviewed slop.

I understood the question to be whether the study controlled for other changes in land use in the surrounding area. For example, northern Virginia has built a ton of new data centers close together over the last decade -- in many cases, replacing pastures. Attributing the results of the whole set to individual data centers would be a methodological error.

They have working software: OCX is intended to replace the current ground system, Operational Control System (OCS). They have launched a lot more than 30 satellites -- in fact, most of them have been decommissioned, although the currently operational set have mostly outlived their design lifetimes by a lot. The oldest active satellites are Block IIR satellites, with a design life of 7.5 years ... and launched between 1997 and 2004 (so the youngest of them would be old enough to drink alcohol in the US).

https://en.wikipedia.org/wiki/...

That doesn't at all answer the question that was asked.

Parents have extremely broad rights to manage their children's upbringings. Kids have no right to use end-to-end encryption without parental consent, although I don't think a court has held that parental consent is necessary.

Tell me how you're ever going to implement this on any open-source operating system ever?

Because people will just patch it out.

It's not like it's even a boot-time requirement (thus necessitating it being in the kernel/initrd, etc.). It's an account requirement. Which means that it can be patched out in no time at all.

As far as I know, not one single open-source OS has actually implemented this requirement (they put a field that would be useful for it into systemd, but nobody's actually using it).

Apple push an silent automatic update just for your computer that the next time you type in that key, it sends it to the FBI.

Next?

We're not dealing with a bit of software piracy or finding out who stole someone's Bitcoin, you're talking about agencies dealing with anti-terrorism and wars.

Only in America could you legally argue that an unnecessary profit-making middle-man was legally required and that it would somehow "reduce costs".

Sure, it is not a big problem for SSH. It is a problem when you connect to a web site, especially as certificate lifetimes get shorter: you need the whole certificate chain from a root (that your browser trusts) to the web server, which means at least two public keys and signatures and often more.

The NIST-approved post-quantum options and PK/sig sizes (in bytes, for "security level 1", which is the lowest) are Crystals Dilithium 2 (1312 / 2420), Falcon-512 (897 / 666 but computationally expensive) or SPHINCS+-SHA2-128s (32 / 7856 for the smaller but more computationally expensive signatures; same for SPHINCS+-SHAKE-128s). This compares to 32/64 or 64/48 bytes for 256-bit ECC algorithms and 256/256 bytes for 2048-bit RSA. If you are fetching a few kilobytes of text or CSS, this additional overhead is huge.

Yup. I'm waiting for any quantum computer to actually break a non-trivial public key, even of a laughably small order (like RSA130, which was factored by classical computers 30 years ago). Lots of people get famous for papers based on theoretical quantum gates that nobody knows how to realize.

Elliptic curve crypto is vulnerable to the same kind of theoretical quantum attacks as integer-factorization cryptography. You currently need to use algorithms with unfortunate trade-off (large public keys or large signatures/key agreements) to get resistance to quantum attacks.

Assuming quantum computers ever factor numbers larger than 21 without cheating or falling back to deterministic algorithms, at least.

There's no such thing as technologically unable to comply.

If a nation state law enforcement insists, they will make you comply, and you and I will never hear about it.

A simple OS update with "If phone MAC == XXXXXXXXXX then send copy to FBI", targeted specifically at one phone, deployed only to that one phone, would go entirely unnoticed by the world.

And Official Secrets Act / equivalent, combined with a government-NDA and jail time for talking about it's very existence is literally routine. Has been since the days of black boxes in ISPs and them tapping Google's inter-datacentre links.

If someone like the FBI, NSA, MI5, GCHQ, etc. wants you to do something... you have literally zero choice in the matter. And talking about it will get you immediately jailed. And it really doesn't matter how big you are.

You think that Whatsapp end-to-end encryption is just going to make GCHQ etc. go "Oh well, nothing we can do?" No. If they need it, there'll be a guy knocking on your head office with a bunch of people, he'll only tell you why he's there in a closed meeting, you will comply, even if that means throwing everyone out of the datacentre and doing it yourself, and if anyone hears what he asked you to do, you will go to jail.

Been the same for decades. They just don't use it for ordinary crimes and petty stuff, mostly because of the resources they have to deploy to ensure that it stays quiet.

So we're giving up on CAPTCHA then, are we?

And the only alternative we can come up with is literal ID verification?

Something tells me that we skipped a step - i.e. a better CAPTCHA.