Holy Misleading Headline, Batman…
The actual first sentence of the article:

Since 2019, the U.S. Department of Defense has been asking for a waiver from legislation barring it from doing business with companies reliant on telecommunications equipment manufactured by Huawei.

Emphasis added. This isn’t the DoD saying “we need to use Huawei hardware”, it’s the DoD saying “a fuck-ton of companies we do business with use Huawei hardware.” And that’s because Huawei hardware is cheap and businesses like cheap. While I do think the DoD has some leverage in contracts to say, “welcome to the Defense Industrial Base (DIB), you cannot use anything manufactured by Huawei in infrastructure which is within scope”. If the text of the law says that the DoD can’t do business with companies who use Huawei hardware at all, then that’s going to be very limiting.

By combining Mozilla’s scale and trusted reputation with Anonym’s cutting-edge technology…

Ya, that reputation is taking a big hit right now.

Congratulations, you have now arrived at the Trough of Disillusionment:

It remains to be seen if we can ever climb the Slope of Enlightenment and arrive at reasonable expectations and uses for LLMs. I personally believe it’s possible, but we need to get vendors and managers to stop trying to sprinkle “AI” in everything like some goddamn Good Idea Fairy. LLMs are good for providing answers to well defined problems which can be answered with existing documentation. When the problem is poorly defined and/or the answer isn’t as well documented or has a lot of nuance, they then do a spectacular job of generating bullshit.

That is a possibility. To be honest, I haven’t tried very hard yet. I’m currently working on spinning up a Win10 VM in KVM and I’ll see how that works. And Android emulator is another good idea, I’ll have to give that a go.

And once you have found your specific collection of plugins that happen not to put the exact features you need behind a paywall but others, you ain’t touching those either.

And this is why, when I’m investigating phishing links, I’ve gotten used to mumbling, “fucking WordPress”. WordPress itself is pretty secure. Many WordPress plugins, if kept up to date, are reasonably secure. But, for some god forsaken reason, people seem to be allergic to updating their WordPress plugins and end up getting pwned and turned into malware serving zombies. Please folks, if it’s going to be on the open internet, install your fucking updates!

Did the same. The writing has been on the wall for a long time, Microsoft’s anti-user behavior is only set to get worse. I made the jump to Linux (Arch) and things have been reasonably smooth. I did have a few issues with Enshrouded, but was able to get past those with Proton-GE. The only issue I haven’t worked around yet is Roblox with the kids. But, I may just have to pick up a cheap tablet for that.

I think AI is good with giving answers to well defined problems. The issue is that companies keep trying to throw it at poorly defined problems and the results are less useful. I work in the cybersecurity space and you can’t swing a dead cat without hitting a vendor talking about AI in their products. It’s the new, big marketing buzzword. The problem is that finding the bad stuff on a network is not a well defined problem. So instead, you get the unsupervised models faffing about, generating tons and tons of false positives. The only useful implementations of AI I’ve seen in these tools actually mirrors you own: they can be scary good at generating data queries from natural language prompts. Which is, once again, a well defined problem.

Overall, AI is a tool and used in the right way, it’s useful. It gets a bad rap because companies keep using it in bad ways and the end result can be worse than not having it at all.

what is the advantage in using Windows 11 over 10?

Many years ago, I was at a Windows XP launch event and the Microsoft Rep had a really honest line:
“Why should you start using Windows XP? Because we’re going to stop supporting Windows 98!”

And ya, that’s pretty much been the cattle prod Microsoft uses to push new versions, eventually you stop getting security updates for the older OS and at some point there are enough security vulnerabilities which make it no longer safe for daily use. That said, with Windows becoming more and more user hostile, other options start to make more sense.

The answer to that will be everyone’s favorite “it depends”. Specifically, it depends on everything you are trying to do. I have a fairly minimal setup, I host a WordPress site for my personal blog and I host a NextCloud instance for syncing my photos/documents/etc. I also have to admit that my backup situation is not good (I don’t have a remote backup). So, my costs are pretty minimal:

• $12/year - Domain
• $10/month - Linode/Akamai containers

The Domain fee is obvious, I pay for my own domain. For the containers, I have 2 containers hosted by the bought up husk of Linode. The first is just a Kali container I use for remote scanning and testing (of my own stuff and for work). So, not a necessary cost, but one I like to have. The other is a Wireguard container connecting back to my home network. This is necessary as my ISP makes use of CG-NAT. The short version of that is, I don’t actually have a public IP address on my home network and so have to work around that limitation. I do this by hosting NGinx on the Wireguard container and routing all traffic over a Wireguard VPN back to my home router. The VPN terminates on the outside interface and then traffic on 443/tcp is NAT’d through the firewall to my “server”. I have an NGinx container listening on 443 and based on host headers traffic goes to either the WordPress or NextCloud container which do their magic respectively. I also have a number of services, running in containers, on that server. But, none of those are hosted on the internet. Things like PiHole and Octoprint.

I don’t track costs for electricity, but that should be minimal for my server. The rest of the network equipment is a wash, as I would be using that anyway for home internet. So overall, I pay $11/month in fixed costs and then any upgrades/changes to my server have a one-time capital cost. For example, I just upgraded the CPU in it as it was struggling under the Enshrouded server I was running for my Wife and I.

Attempt at serious answer (warning: may be slightly offensive)

Wow, you are a fucking moron. But, there is an interesting question buried in there, you just managed to ask it in a monumentally stupid way. So, let’s pick this apart a bit. Assuming Trump gets re-elected and speed-runs the US into global irrelevancy, what happens to the various standards and standards bodies? tl;dr: Not much.

• FIPS - This will be the most effected. If companies no longer need to care about working with the US Government (USG), no one is going to bother with FIPS. FIPS is really only a list of cryptographic standards which are considered “secure enough” for USG use. The standards won’t actually change and the USG may still continue to update FIPS, people would just stop noticing.
• UNICODE - Right so UNICODE is a code page maintained by the Unicode Consortium. Maybe with the US being less dominant, we see the inclusion of more stuff; but, it’s just a way to define printable characters. It works incredibly well and there’s no reason such would be abandoned. Also, there are already plenty of other code pages, Unicode is just popular because it covers so much. Maybe the headquarters for the consortium ends up elsewhere.
• ANSI - Isn’t a standard, it’s a US Government Body. So, assuming it stops being good at it’s job, other countries/organizations would likely stop listening to it’s ideas. The ANSI standards which exist will continue to exist, if ANSI continues to exist, it’ll probably keep publishing standards but only the US would care about them.
• ISO - Again, this isn’t a standard, it’s a Non-Governmental Organization, headquartered in Switzerland. Also, ISO is not an acronym, it’s borrowed from Greek. And ya, this one would almost certainly keep chugging along. Probably a bit more Euro-centric than they are now, but mostly unchanged.

For this reason, and a lot of other reasons, I am in favor of liberterianism because then, it would not be a government ran by octogenarians deciding standards for communication,

It’s ok, I was young and stupid once too. The fact is that, while many telecommunications standards started off in the US, and some even in the USG, most of them have long since been handed off to industry groups. The Internet Engineering Task Force is responsible for most of the standards we follow today. They were spun off from the USG in 1993 and are mostly a consensus driven organization with input from all over the world. In a less US centric world, the makeup of the body might change some. But, I suspect things would keep humming along much as they have for the last few decades.

Will we live in a post-standard world?

This depends on the level of fracturing of networks. Over time, there has been a move towards standardization because it makes sense. Sure, companies resist and all of them try to own the standard, but there has been a lot of pushback against that and often from outside the US. For example, the EU’s law to require common charging ports. In many ways, the EU is now doing more for standardization than the US.

Worse, cryptography. Well, for ‘serious shit’, people roll their own crypto because…

Tell me you know fuck all about security without saying you know fuck all about security. There is a well accepted maxim, called “Schneier’s law” based on this classic essay. It’s often shortened to “Don’t roll your own crypto”. And this goes back to that FIPS standard mentioned earlier. FIPS is useful mostly because it keeps various bits of the USG from picking bad crypto. The algorithms listed in FIPS are all bog-standard stuff, from things like the Advanced Encryption Standard (AES) process. The primitives and standards are the primitives and standards because they fucking work and have been heavily tested and shown to be secure over a lot of years of really smart people trying to break them. Ironically, it was that same sort of open testing that resulted in the NSA being caught trying to create a crypto backdoor.
So no, for ‘serious shit’ no one rolls their own crypto, because that would be fucking dumb.

But what about primitives? For every suite, for every protocol, people use the same primitives, which are standardized.

And ya, they would continue to be, as said above, they have been demonstrated over and over again to work. If they are found not to work, people stop using them (se:e SHA1, MD5, DES). Its funny that, for someone who is “in favor of liberterianism” you seem to be very poorly informed of examples where private groups and industry are actually doing a very good job of things without government oversight.

Overall, you seem to have a very poor understanding of how these standards get created in the modern world. Yes, the US was behind a lot of them. But, as they have been handed over to private (and often international) organizations, they have moved further and further away from US Government control. Now, that isn’t to say that US Based companies don’t have a lot of clout in those organizations. Let’s face it, we are all at the mercy of Microsoft and Google way too often. But, even if those companies fall to irrelevance, the organizations they are part of will likely continue to do what they already do. It’s possible that we’d see a faster balkanization of the internet, something we already see a bit of. Countries like China, Iran or Russia may do more to wall their people off from US/EU influence, if they don’t have an economic interest in some communications. Though, it’s just as likely that trade will continue to keep those barriers to the flow of information as open as possible.

The major change could really be in language. Without the US propping it up, English may lose it’s standing as the lingua franca of the world. As it stands right now, it’s not uncommon for two people, neither of which speaks English as their native language, to end up conversing in English as that is the language the two of them share. If a new superpower rises, perhaps the lingua franca shifts and the majority of sites on the internet shift with it. Though, that’s likely to be a multi-generational change. And it could be a good thing. English is a terrible language, it’s less a language and more three languages dressed up in a trench coat pretending to be one.

So yes, there would likely be changes over time. But, it’s likely more around the edges than some wholesale abandoning of standards. And who knows, maybe we’ll end up with people learning to write well researched and thought out questions on the internet, and not whatever drivel you just shat out. Na, that’s too much to hope for.

Microsoft: “We’re sorry, this is all just a misunderstanding. We thought you were too stupid to notice.”

I would expect so. Pretty much all settings in Windows are buried in the Registry somewhere. Whether or not this will be well documented, is an open question. Granted, Microsoft has a habit of changing settings like this, whenever the fancy strike them. So, you’ll need to track that setting over time.

So far, the toggle is built in:

Either way, these recommendations can be disabled by going into the Windows 11 Settings app, so you can avoid them. However, app recommendations are tied to other content in this section, so you’ll miss out on some features by turning it off.

Not sure what else will be “missed”. But, my guess is they will be “missed” in the same way that one misses a case of chlamydia.

Yo ho, yo ho off to the digital seas we go!

In fairness, I can see a use case for this as something to have on in the background while doing other tasks or as a way to discover new content either the algorithms would have never shown you or you might not have clicked on. But, I can also see the service providers using this to further try to show-horn ads into everything and fuck up the current system of “pick a show I want to watch and watch it now”. In which case, it’s once again time for them to learn that piracy isn’t so much a price problem as a service one.

Windows 10 released in 2015. Windows 11 released in 2021. It’s pretty much in line with other release cycles for Windows Desktop OS releases.

• XP -> Vista - was about 6 years
• Vista -> 7 - Was about 2 (But everyone sane basically skipped Vista)
• 7-> 8 - Was 3 years, with a fourth year to get to 8.1.
• 8 -> 10 - Was about 3 years.

If you only look at the releases which mattered, XP -> 7 was 8 years and 7 -> 10 was 6. So, it seems like Microsoft kinda accepted reality this time around and we didn’t get some sort of asinine Windows Mojave shenanigans trying to polish a turd. That said, I’m still running 10 on my main system and my experiences with 11 are making me consider an upgrade path to Linux when Win10 goes EoL.

And Windows Me never even made the list.
Having been an early adopter of it, I know why.

It’s always a “chicken or the egg” situation. Right now, there isn’t much need for a home router with anything faster than a 1Gbps port. In the prosumer space 10Gbps is available, but it’s not super cheap (about $300 with SFP module). But, if something like 50Gbps becomes common, manufacturers will be incentivized to make products for it. The economies of scale and the effects of competition will kick in and prices will come down.

I’m old. I was at one of the events where Intel announced 1Gbps over copper. This was supposed to be impossible, there was no way to push 1Gbps over Cat-5 cables. But, with Cat-5e and Cat-6, they had cracked it. At the time, there was no way this was ever going to be a cheap technology and it was intended for large enterprises for major switch interconnect runs. Now it’s everywhere.

Maybe 50Gbps to the home won’t happen. And this is just some exec blowing smoke. But, maybe they’ll do it and kick off the market for cheaper equipment in that class. While I do agree that we’re lacking the “killer app” to make that much bandwidth to the home necessary. Things like music and video streaming came about after the advent of faster speeds. It wasn’t until we had DSL that people realized that streaming music, in real time, would be a thing. We needed the bandwidth to be there for the use cases to be discovered.

From the unsaflok.com site:

Dormakaba uses a Key Derivation Function (KDF) to derive the keys for some of the Saflok MIFARE Classic sectors. This proprietary KDF only uses the card’s Unique IDentifier (UID) as an input.
Knowledge of the KDF allows an attacker to easily read and clone a Saflok MIFARE Classic card. However, the KDF by itself is not sufficient for an attacker to create arbitrary Saflok keycards.

Security is hard. Cryptography is even harder. Don’t roll your own algorithms, it’s just asking for a problem. And given that “oversight”, I’d bet that the rest of the kill chain involves equally bad encryption or hashing being used on the cards.

Piracy and torrenting was always a service issue. Sure, there is some core of people who will never pay for content or a service. But, a lot of people will be happy to pay something for content, so long as they can get what they want without too much hassle. And that has largely been the landscape for the past decade or so. Apple Music popped up and gave people the same sort of access to music Napster did, at a cost which wasn’t ridiculous. It also didn’t host a million viruses and didn’t carry with it any sort of moral questions or legal risks. Netflix did the same for movies and TV, shrinking the space for video piracy. And many movie and TV producers are finally accepting the new paradigm and trying to carve out their own space which mimics the speed and convenience of piracy, while still earning them some money. We probably have a long way to go and a lot of growing pains. But, the fact that torrent traffic is falling and official streaming services’ bandwidth usage is growing shows that they are doing something right. That said, I suspect that we will see them fluctuate for a while as customers punish the more outlandish attempt to monetize streaming services. When the official services start getting too bad again, we’ll see more black flags flying. And that’s a good thing.

Um, no shit?
Seriously, Microsoft is running offering a service, for free, which uses considerable amounts of processing power. And people didn’t think that everything they typed in was being logged, catalog, dissected and used for any possible purpose to make money?