Stopping Windows from running, probably not. MS could stop sending updates and could deactivate it, but it would mostly keep running. And, if any EU/Russian systems were not connected to the internet (yes, this sort of thing still happens in 2025), nothing MS did would matter. Office/Azure and other cloud based services are more vulnerable. Yes, Microsoft could geo-fence those services such that they did nor work if you were coming from an IP address in EU/Russia. Though, the simple workaround for this is to install a VPN. And given US sanctions on Russia, this is probably happening right now anyway.

As much as the tin-foil hat crowd likes to think about MS having some master control switch, it’s incredibly unlikely. The problem with backdoors is that hackers are constantly looking for ways to attack systems, especially Windows. If there was some sort of master “off switch” baked into the code, it’s likely some one would have stumbled upon it by now. Even if it’s that well hidden, it’s a “one use” item with high reputational damage attached. Stop and consider for a moment, what happens when that kill switch gets used? It’s going to be picked up on. People record internet traffic for fun. As soon as that kill command went out, security researchers, the world over, would be dissecting logs to find the command, and then it would be reversed engineered. That MS had such a kill switch in their codebase would cause massive distrust in MS software going forward. No one would want to take the risk of having that kill switch running in their environment, certainly not on anything critical. Also, given how bad people are at updating Windows, we’d probably see a lot of systems killed by hackers just doing hacker things. Since the versions with the kill code would be know, you’d get bored teenagers searching Shodan for vulnerable systems and sending the kill command for fun. And all of this would be “Microsoft’s fault” for having the backdoor. It would be a PR nightmare. And since everyone would now know what the kill command looked like, anyone who mattered would install filters to block it at the firewall. So, it got used once, caused some damage with a lot of damage to MS’s reputation but is now neutralized. Was it worth it? Probably not to Microsoft.

I kinda have the opposite problem. I’ll start some sprawling, open world game, get bored with the main gameplay loop and fire up a new world in Valheim.

I never get any responses, until like 3 days later when I check my spam folder and realize my scheduled interview appointment came from some random server that got deleted as spam mail.

It sucks, but this is kinda on you. Spam filters are pretty terrible at what they do. And with everyone and their dog adding “AI” to their security tools, it’s only getting worse. There is a fuckton of spam being sent to email addresses all the time. And the spammers are doing their level best to make that spam look more and more like legitimate emails. So, the terrible spam filters and crappy AI are hard pressed to filter out all the crap and not catch legitimate emails. And this problem with false positives is one of the reasons a lot of spam still sneaks through, most of the filters tend to err towards false negatives over false positives. Still, false positives will happen. If you are expecting an important email, you’re going to need to dive into the cesspit which is your spam folder regularly and make sure that email didn’t end up there.

As for the issues around job hunting, ya that whole process can suck. Depending on your skillset, experience and job criteria, the pool can get pretty small pretty fast. And online job hunting means that companies are getting hundreds of resumes for postings. On top of that, companies have stopped training and don’t do anything to build internal talent pipelines. So, if you are earlier in your career, you get stuck in a loop of not having experience, so no one will hire you to get experience. It just sucks and I don’t have an answer for you, only to keep plugging away and understand it’s a numbers game. Eventually the dice will come up for you, but that “eventually” can really, really suck.

Uh, no shit. State backed espionage groups are targeting the communications channels used by their primary targets. What are you going to tell me next? That water is wet and fire is hot? If the US government started using IP over Avian Carrier (RFC1149) you can bet that the GRU would start up a program to intercept the carriers.

This is why many communication options these days advertise that they are encrypted.

Like Signal. You know, the app they were using, as was mentioned in the article, multiple times. You did read the article, right?

Broadcom VMWare.
We all knew this was coming.

Do note that I made a mistake in the original post, but the conclusion was still the same. I forgot to divide the Expected Value (EV) for all dice by 6 (the number of faces).

If you could design a die with average face value of 3, min face value of 0, max face value of 6, what would be the best die?

I’m not sure how to prove this empirically, but playing with it on my whiteboard I get a sense that the die 444222 is going to have the best EV, under the given constraints and my value assignments. The real kicker is “average face value of 3”. Given that constraint, you will never be able to create a die with a positive or even zero EV using my values. Consider die 333333 and each face’s value:

This die has an average face value of 3 ( (3 * 6) / 3) and we can consider changing any face up or down. But, in order to keep the average a 3, moving one face up one number requires we move a different face down one number and vice-versa. For example, if we push one face from a 3 to a 4, we must also pull one face from a 3 to a 2 to balance out the average. And because the value for positive value numbers (4, 5, 6) starts off one doubling behind the values for the negative value numbers (3, 2, 1, 0), going any further than 4 in the positive direction on a face means that another face will be pushed down far enough to cancel out the benefit of going to a 5 or beyond.

To look at it another way (the way I did on my whiteboard), let’s just consider a two sided die (a coin flip). Using the same values for each number, we can consider a 33 coin. This has an EV of -1 ( (-1 * 2) / 2) and an average of 3 ( (3 * 2) / 2 ). Now, move the numbers, but keep the same average of 3. Moving to a 42 coin changes the EV to -1/2 ( (+1 + (-2)) / 2 ) and the average is still 3 ( (4 + 2) / 2 ). The EV got better. So, let’s take another step in each direction. We get a 51 coin with an EV of -1 ( (+2 + (-4)) / 2) and the average is unchanged at 3 ( (5 + 1) / 2 ). And going to a 60 coin takes us to an EV of -2 ( (+4 + (-8)) /2 ) with a average of 3 ( (6 + 0) / 2 ). This means that the best coin for this scenario is a 42 coin. Taking that coin idea back to the die, you can think of the die as a bunch of linked coins. If you want one face to be a 5 the one face must be a 2, which would be worse than having the pair of faces be a 4 and a 2. So, to maximize the EV, you want to create a bunch of 42 pairs.

Of course, we could fiddle with multiple faces at once. What about a 622233 die. Well, it gets worse. EV is -2/3 ( +4 + (-2) + (-2) + (-2) + (-1) + (-1))/6).
Maybe a 522333, EV is -5/6 ( (+2 + (-2) + (-2) + (-1) + (-1) + (-1)) / 6). Again, since lower numbers get a more negative valuation faster than higher numbers get a positive valuation, you just really don’t want to let numbers get any lower than necessary. The 42 paring just happens to hit a sweet spot where that effect isn’t yet pronounced enough to cause the EV to drop off.

So ya, while I don’t know the maths to prove it. I’m gonna say that the 444222 probably maximizes the EV under the given model.

Option C “222444”.
I coded successes as positive values and failures as negative values. I arbitrarily used a doubling for each greater success/failure level and came up with the following value coding:

This results in the following expected values for the offered dice:

A: -2
B: -1
C: -1/2
D: -1

All dice are bad, option C is the least bad. And this kinda makes sense. For option A, you may have a fantastic success, but you are also just as likely to complete crash out. And a “crash out” should happen after very few rolls. Option B is a slightly less extreme version of this, but any gains from the 5 results should be more than wiped out by the 1 results. And those should be happening with similar frequency. Option C is again the same thing, but with a slower circling of the drain. 4 results let you recover some, but the 2 wipes out that 4’s benefits and more resulting in a slow decline. And option D is just straight out bad, every result is a failure.

It seems that the only good choice is not to play. ;-)

EDIT: I realized, I made a mistake in my original numbers, I forgot to divide by 6. And this is why coffee should come before math. The conclusions are still the same, but the numbers are different. I’ve corrected those.

I’m going to go with option C with the following reasoning:
I’m going to assigned (somewhat arbitrarily) the following values to each outcome:

0 | 1 | 2 | 3 | 4 | 5 | 6

• | - | - | - | - | - | - -8 | -4 | -2 | -1 | +1 | +2 | +4

This codes failure outcomes as having a negative value and success outcomes as having a positive value, with the value doubling for each increase in success/failure. So, the expected value for the 4 options are:

A: -12 B: -6 C: -3 D: -6

Meaning all of the options are bad, but the least bad is option C. And this makes some intuitive sense. You have an equal chance of success or failure and while no success will be all that spectacular, you will also never suffer a spectacular failure. Die A seems like an interesting choice, but you would expect to suffer a catastrophic failure about half the time and that may end your ability to keep rolling. Die B is a slightly less bad version of die A, and may be an ok choice, if a 1 result doesn’t result in you no longer being allowed to roll. Though, if you are not able to stop rolling whenever you want, a 5 outcome is likely to be wiped out fairly soon. Die D is just straight out bad. It always results in a failure; so, there is no point playing.

I was introduced to it when it was still Hero’s Quest (and EGA)

This is the version I always play. There’s something just “right” about the EGA graphics and text parser. A clicky interface will never replicate:
Hut of brown, now sit down

There’s probably a lot of nostalgia in the choice, but my all time favorite game is Quest for Glory: So You Want to be a Hero. The game was just the right mix of fantasy, adventure and humor for a young me, and I still go back an play it about once a year. A close second is Valheim. It’s kinda my “cozy game”. I find building and exploring relaxing, and there’s enough fighting to keep the game from getting boring.

For indoor rock climbing (probably outdoor as well): you need, at least, two pairs of climbing shoes. One pair will be out for a re-sole and you can use the other. Though, don’t buy your own shoes until you are sure you’re going to stick with it for a while. No point ending up with used shoes you’ll never use again, because you finally decided the sport isn’t for you.

I tried that, I ended up with this weird “Windows 11” adware installed and couldn’t get rid of it. There was also a problem with odd programs and advertising showing up in my Start Menu, even after I removed them. Also, my settings would occasionally just change, without my knowledge or permission.

It depends on the environment. I’ve been in a couple of places which use Linux for various professional purposes. At one site, all systems with a network connection were required to have A/V, on-access scanning and regular system scans. So, even the Linux systems had a full A/V agent and we were in the process of rolling out EDR to all Linux based hosts when I left. That was a site where security tended to be prioritized, though much of it was also “checkbox security”. At another site, A/V didn’t really exist on Linux systems and they were basically black boxes on the network, with zero security oversight. Last I heard, that was finally starting to change and Linux hosts were getting the full A/V and EDR treatment. Though, that’s always a long process. I also see a similar level of complacency in “the cloud”. Devs spin random shit up, give it a public IP, set the VPS to a default allow and act like it’s somehow secure because, “it’s in the cloud”. Some of that will be Linux based. And in six months to a year, it’s woefully out of date, probably running software with known vulnerabilities, fully exposed to the internet and the dev who spun it up may or may not be with the company anymore. Also, since they were “agile”, the documentation for the system is filed under “lol, wut?”

Overall, I think Linux systems are a mixed bag. For a long time, they just weren’t targeted with normal malware. And this led to a lot of complacency. Most sites I have been at have had a few Linux systems kicking about; but, because they were “one off” systems and from a certain sense of invulnerability they were poorly updated and often lacked a secure baseline configuration. The whole “Linux doesn’t get malware” mantra was used to avoid security scrutiny. At the same time, Linux system do tend to default to a more secure configuration. You’re not going to get a BlueKeep type vulnerability from a default config. Still, it’s not hard for someone who doesn’t know any better to end up with a vulnerable system. And things like ransomware, password stealers, RATs or other basic attacks often run just fine in a user context. It’s only when the attacker needs to get root that things get harder.

In a way, I’d actually appreciate a wide scale, well publicized ransomware attack on Linux systems. First off, it would show that Linux is finally big enough for attackers to care about. Second, it would provide concrete proof as to why Linux systems should be given as much attention and centrally managed/secured in the Enterprise. I know everyone hates dealing with IT for provisioning systems, and the security software sucks balls; but, given the constant barrage of attacks, those sorts of things really are needed.

It was kinda thought of in the '50s. Ford’s concept the Nucleon was to use a fission reaction to heat water, which was used in a steam turbine engine. One of the issues folks worried about was, what happens in a crash? No, no one with a clue worried about a nuclear explosion, but the release of radioactive material would have been a real concern.

Some of this might change with the use of fusion. But, it’s going to be a long time before a fusion reactor would be small/light enough to slap in a car. At the moment, we haven’t really demonstrated a reactor which can commercially produce a net output of power. There has been some small scale experiments which technically produce more power than is used to initiate the fusion; but, that also relied a bit on an accounting trick (they only counted the energy of the lasers themselves, not the total energy used).

Also, when you get down to it, this is the ultimate goal of electric vehicles. Maybe someday, most of our electricity will come from grid scale fusion reactors. Those will charge the batteries which drive EVs. Moving the reactor into the car itself could happen some day. On the other hand, considering how poorly some folks maintain their cars now, would your really trust them to maintain a reactor? Again, not worried about explosions or anything silly. But, the release of radioactive material might still be a concern. It’s probably safe to just use batteries and keep the reactors locked up in large facilities.

We dun fucked up when we made tarring and feathering CEOs illegal.

This is exactly the problem, they have no accountability for bad updates causing hardware to become unusable. So, Q&A just becomes a needless expense and untested firmware is dropped on users. Sure, you could try and sue, or more likely get fucked by a binding arbitration clause. But, the cost would be far beyond what the device costs. So, it never makes sense. There need to be fines when this shit happens, which are significant percentages of worldwide revenue, to scare companies into actually testing updates before they are released.

In the end, all we can do is shake our heads and remind folks to never buy HP. They put out great products 30 years ago, but those days are long gone. Now, they just put out crap.

Why do you expect to receive someone else’s work for free? Part of the reason the web has become so enshitified is that no one is willing to pay for anything anymore. We all expect everything to be “ad supported”, and then we act shocked when everything is covered in ads.

That said, there are usually open source alternatives for most software packages out there. They may not have complete feature parity or have quite the same slick UI as the commercial products. But, they do tend to be both free in terms of cost and ads. E.g for image editing, there is Gimp. It’s not going to replace Adobe Photoshop in professional spaces anytime soon. But, for a home user who isn’t willing to shell out the Adobe Tax, it’s a reasonable choice.

But, the reason so much is paywalled is because everything takes time and money to create. Someone has to pay that cost. Maybe it’s advertisers, maybe it’s a dedicated team of volunteers. But increasingly, creators are asking users to pay directly.

Decades ago, my father would have some fun with the receipt checkers at Costco. After a shopping trip, we’d commonly have lunch at the cafe in Costco. When leaving the store, he’d hand the receipt checker the receipt for lunch rather than the receipt for the items bought. More than half the time, the checker would just swipe the receipt with a highlighter (their way of marking it “checked”) without noticing that it was the wrong receipt. So ya, it’s complete security theater. Anyone with a modicum of thought can figure ways around it, and it only accomplishes inconveniencing the people who aren’t trying to get away with anything.

Always look on the bright side of life