It's an article about Windows, whaddya expect? 😂

Nothing to see here, move along. 😜

I wouldn't even log into X as root, ever. Just way too much code running as root that does not need root access. It's a very big risk. All it takes is one flaw in the millions of lines of code in the X code base, or any of the associated utilities and programs, and you're screwed.

As someone once said:

Nobody is perfect. I am Nobody.

🤣

Secure Boot has always rang hollow for me. It's like MS is trying hard to shout louder to drown out the voices customers calling Windows insecure. "We have Secure Boot! It's Secure! Cuz we named it so!  Trust us! It's Secure, people, Secure!  That's what it's called!"

What use is Secure Boot when the rest of the OS is designed in an inherently flawed, insecure way? The chain is only as strong as its weakest link.

Not to mention that all the usual implementations of Secure Boot manage to achieve is to make things needlessly harder for users of alternative OSes like Devuan to install the OS of their choice.

Do you know what's at the bottom of the Bermuda Triangle?

A wreck tangle. 

And on a lighter note, this incident serves as conclusive proof that Windows has true preemptive multitasking: it can boot and crash at the same time!

"Did you hear the news?  That famous actress just got stabbed! Reese whatshername..."

"Witherspoon??"

"No, with a knife, you silly."

It's not so much a grand conspiracy, as the natural consequence of seeking a business model which is safe against cheaters and ensures continual income. In general they're not out to control you in the sense of a dictatorship, but they do want to control how you use their software so that you only use it in a way that ensures their continued income. All this is done, ultimately, for the bottom line, as they say.

But the inevitable outcome of such a design motivation is always that the end users suffer. Both in terms of suboptimal software design, performance, and lost privacy and freedom to use the software as a tool in the way you see fit. Arbitrary restrictions are placed on what would otherwise be normal, reasonable use, because of the bottom line. Interoperability suffers because it defeats vendor lock in, which hurts the bottom line. Software and devices that, logically speaking, ought to work together, don't work together, or do so only poorly, because of the bottom line.

You see these symptoms everywhere in modern software. Apple apps don't work on Windows, Windows programs don't work on iPhones, and nothing runs on Linux except Linux programs because nobody else wants to bother with interoperability. It's easy to copy files on Android but on iPhone next to impossible except for specialized purposes. There's no technical reasons for this; it's all about restricting what the user can do in order to maximize the bottom line. I could go on all day about arbitrary restrictions and crippled functionality that arose because of the bottom line. Things that ought to be easy are needlessly hard because of the bottom line.

This is why I can no longer trust designs controlled by corporations whose sole underlying motivation is money.

Exactly!! For certain things, it might make sense (e.g., publish a folder of files to a remote webserver for a website so that it can be served to customers -- distribute it across multiple servers to reduce server-to-customer roundtrip times).

For other things, it totally does not make any sense. Like having system-critical functions depend on connectivity to the cloud. Like part of your OS doesn't exist on the local drive and must be downloaded before your system is usable.  Or backing up personal data "to the cloud", usually with weak or non-existent encryption. Or encryption where the provider holds the keys (wow, really? you'd trust your private data to someone who can access it whenever they want without you knowing?).  Or having push updates that update your entire clientele's worth of computers only to turn out faulty, causing your entire clientele to go down in flames.

Now multiply this by 100,000 or 1,000,000 customers all depending on the same 3 companies to do their jobs, and you're talking about 1/3 of the entire world's internet infrastructure going down when one of these companies make a boo-boo.  Or worse yet, these 3 companies depend on each other's services in order to work. (Remember the AWS outage?  IIRC, MS was also affected. So apparently MS depends on AWS, which probably in turn depends on MS. When either of them fail, both automatically fail. Just great.)

I know somebody who used to work in the commercial aircraft design industry, and there, through the painful lessons of actual airplane crashes and losses of life, they learned to design their aircrafts without a single point of failure. That is, every subsystem has a backup, and the backup is not a mere clone of the primary; it's a completely separate design by a completely different, independent team that has no access to the first team's design apart from the functional specifications.  Each subsystem also has its own, independent circuitry with its own power sources that are not linked to the other systems in any way.

The reason is this: if the primary system and its backup are running the same code, if there's a bug in the code, it will affect both systems. Therefore, when the first system fails, the backup system will likely also fail due to the same problem. Result: plane crash, lives lost. If the primary and secondary systems are independent, then it's far more likely the second system won't fail due to the same circumstances that caused the first system to fail.  Unless the second system shares the same power source as the first; then a failure of the power source will mean a plane crash and lives lost. So in order for the backup subsystem to truly be a backup, in the true sense of the word, it must be completely separate from the primary system. There must be no shared component between the two systems; they must be completely separate. They don't even share the same power circuitry; the secondary monitors the primary system using independent sensors, and if it detects a problem, it automatically takes over control of the aircraft.

In a nutshell, this is the design principle of no single point of failure.

Today's "cloud" infrastructure, unfortunately, violates this principle almost everywhere.  See how many systems went down today because of Crowdstrike.  It's because it's a single component that has no redundant backup, or the redundant backup depends on the same faulty component as the primary system, so when this component fails, it takes down both systems.  Now it's already bad enough if one critical piece of infrastructure (say banks) depended on this single component.  But here we're talking about all kinds of systems that, at first glance, ought to be independent of each other, but turn out to depend on the same single point of failure: i.e., MS's wonderful OS and the single point of failure within it: the Crowdstrike component.  Just look at the scale of the outage today.  How many systems, companies, industries, depend on this single faulty component?  If the world were an aircraft, we'd all be dead right now.

You'd think people would've clued up since the infamous AWS outage a couple o' years ago.  But nooo, it happened again.  And will continue to happen again as long as people keep barging ahead like there's no tomorrow without learning the lessons they should be learning.  (Well, maybe there truly isn't any tomorrow, if the current trends continue.)

Yep, me too. Been skeptical of it since day one.  In fact, one of my prime reasons to ditch the Windoze world and go all-out Linux was to get away from the MS Big Brother mentality that says "trust us, we're the good guys, we'll manage your system for you, we'll handle your data for you, we'll run your services for you".  It's one thing if they could actually fulfill that promise.  Their track record, however, says otherwise.  Besides, the problem is that they become a single point of failure.

Same philosophy goes behind the whole cloud hype: "trust company XYZ, their job is to handle the network, you don't have to do it yourself, they can do it better than you, leave it to them".  Maybe they can, but the problem?  Single point of failure.

Same philosophy with mail servers that store all your messages on the network. Problem?  Single point of failure.  When the server is down, your messages are inaccessible.  If the server gets compromised, or if the provider has ulterior motives, your data is at their disposal.  I much prefer downloading my messages to my personal machine, thank you very much, you don't have to keep it on some server somewhere out there where it's constantly present on a publicly-accessible server where it's just a matter of time before somebody breaks in and accesses data they aren't supposed to.

Same philosophy with source code with remote dependencies. When the internet connection goes down, you can't compile your program anymore. Or if the remote server decides to go offline for a vacation. How does that even make any sense?!  You're entrusting the buildability of your program to the competence of some anonymous stranger somewhere out who knows where in the wild west of the internet.  How is that even a reasonable solution at all?!

...

Now it seems certain personae in the Linux world want to go back to this same philosophy, the MS, centralized, bureaucratic model. Systemd being one of the symptoms of this sort of attitude. "Trust us, we're the good guys, there's nothing wrong with systemd having massive scope creep and doing way too many things that should have been left to other applications."  Push updates is another symptom, one that the Ubuntu folks can't seem to wait to force down our collective throats.  Again, single point of failure.  If the push server for any reason gets compromised, you're looking at the entire flaming customer base being at the disposal of the attacker.  That's just way too much power to be centralized in one entity.  Too attractive of a target for attackers.  And too big of a consequence in the case of failure.  And again: single point of failure.

Sometimes it really makes one wonder, when will people finally get the point??!

This morning the local pharmacy was broken into, and apparently weight loss pills were stolen.

Police say suspects are still at large.

I have a procrastination problem, so I decided to join a help group.

It's called the Wait Watchers.