Why do you think the G has been pushing DNS over HTTPS? Their end-game is to completely secure the delivery channel and become the cable-TV king of the internet.

> The owner of a CA root certificate can not decrypt information encrypted with the host certificate

They most certainly can - just issue themselves with a host cert signed by that CA (or even a wildcard if they're lazy) and m-i-t-m it.

Doing this on-the-fly is SOP for most corporate security suites.

Doing it undetected is a little more challenging...

This is a pure money-grab by AWS. No company who wants a serious Internet presence will give up on IPv4 at this point (or at any point in the foreseeable future).

Sure, there will be some cases where public IPs are being used, where private RFC1918 addresses can be used instead, but that's only likely to be a small number of very badly designed systems, and there may be some consolidation to reduce the number of public IPv4s in use, but approximately nobody is going to go IPv6-only because of this charge.

How about building some nuclear plant back down here where we need it?

Not that I'd have anything to do with this nonsense, though I'm sure it'll make them a lot of money - P. T. Barnum style.

Recently house-hunting, any place that was blurred out on streetview was immediately skipped (what were they hiding? What would our friends/family think when they look us up if we did buy?)

"ten" "nought" "do" "eye" "dot" "loop"

No it hasn't. We have managed a day without coal, but with nuclear, gas hydro and solar. And a mild summer non-working day at that.

https://www.gridwatch.templar.co.uk/

(You can download the whole dataset from there and search it if you like...)

No, you have to buy Microsoft(r) Linux(tm).

Or run your Linux tools on WSL.

That's why they've been so keen to "embrace"

Can we not see Microsoftâ(TM)s strategy here?

Why run Linux for free (or pay RedHat, who are rapidly becoming the M$ of open source themselves...) when you could be paying the eye-watering Windows licensing fees, then run your Linux applications on top of it?

Rocksmith has been using that font for its lyrics for years.

Probably.

...and isn't that the platform every website is targetting now?

Just go look in your browser certificate store and see world+dog being trusted. That's why they had to introduce Extended Validation certificates - for sites that really really (cross-my-heart-and-hope-to-die) want you to think they are secure.

A false sense of security is worse than no security. On an http site you know anyone could be viewing and tampering with your data. Deal with it. On a plain https site your best bet is to assume the same.

It's about time some of these security-by-rote rituals were challenged and changed or abolished. They may appear to be making things more secure, but sometimes the actual effect is the opposite, like insisting on ridiculous password policies. For the topic being discussed, I've had to reduce the strength of a friends wi-fi password as it was almost impossible to enter a long complex string correctly on a variety of devices, some with horrible UIs, when you couldn't even see if what you were entering was correct. In this case making visibility an option seems best.