Slashdot Mirror

If no one can see the problem here, they're avoiding it.

https://blogs.technet.microsof...

Of course this is political, the US military has been using Microsoft products to run all sorts of services etc etc that is used towards the same goal.

There is a difference between using a company's products for military purposes and having them specifically create something that is only for a military purpose. It is especially different when using a relatively new technology like artificial intelligence that is capable of becoming extremely evil by automation (which is exactly what had been warned about since AI first gained prominence).

Nowhere in the letter did it say that they would be OK with doing the project if Obama was running it. Instead, it talks about the ethical issues, and it is all about the inner workings of Microsoft and not the DOD's policies. I presume that you haven't read the letter, so here is a couple of paragraphs that demonstrate how this is an ethical story and not a political one:

Earlier this year Microsoft published "The Future Computed," examining the applications and potential dangers of A.I. It argues that strong ethical principles are necessary for the development of A.I. that will benefit people, and defines six core principles: "fair, reliable and safe, private and secure, inclusive, transparent, and accountable."

With JEDI, Microsoft executives are on track to betray these principles in exchange for short-term profits. If Microsoft is to be accountable for the products and services it makes, we need clear ethical guidelines and meaningful accountability governing how we determine which uses of our technology are acceptable, and which are off the table. Microsoft has already acknowledged the dangers of the tech it builds, even calling on the federal government to regulate A.I. technologies. But there is no law preventing the company from exercising its own internal scrutiny and standing by its own ethical compass.

What are you talking about?

https://docs.microsoft.com/en-...

"Microsoftâ(TM)s internal testing, additional data becomes necessary. This data can include any user content that might have triggered the problem and is gathered from a small sample of devices that have both opted into the Full diagnostic data level and have exhibited the problem."

" Microsoft engineers can use the following capabilities to get the information:

âAbility to run a limited, pre-approved list of Microsoft certified diagnostic tools, such as msinfo32.exe, powercfg.exe, and dxdiag.exe.

âAbility to get registry keys.
âAll crash dump types, including heap dumps and full dumps."

Are you serious? Every Surface runs Windows 10. None run a completely stripped-down OS (like iOS when compared to macOS). NONE compete with an iPad or iPad Pro, unless you also are willing to say that an iPad or iPad Pro competes with a Macbook.

Converting stolen credentials into actual money is hard. Since banks can repudiate and reverse password-enabled transfers you have to have a mule to be left holding the (empty) bag when the bank reverses the transfer. Microsoft had an interesting whitepaper on the topic a few years back: https://www.microsoft.com/en-u...

You mean like this? https://docs.microsoft.com/en-...

Microsoft announced acquisition of GitHub over three months ago. See the press release and coverage on Microsoft's official blog.

Microsoft announced acquisition of GitHub over three months ago. See the press release and coverage on Microsoft's official blog.

Not happening.

On Azure, specially their infrastructure, nobody pays for Windows, so Linux it is. On the desktop, the hardware sellers pay for Windows, no need for Linux there.

Microsoft will soon provide virtual managed desktops running on Azure. Perfect where you already are paying for a Windows Enterprise desktop OS + Office subscription per user - just add your Azure usage charges and you can use whatever old POS (or mobile device with external screen) still runs and connects to the network, and get your inhouse Win10 image delivered anywhere. https://www.microsoft.com/en-u...

Primarily regarding learning, obtaining a 180 day evaluation copy is trivial:

https://www.microsoft.com/en-u...

Maybe not so if you're allergic to filling out forms, but it seems not to care very much about the information provided. It has long been possible to do this, even without MSDN or Technet. Sometimes the evaluation disks are distributed with learning material, also.

Regarding development, Windows Professional versions typically meet all of the requirements, unless you're trying to interact with stuff that simply does not exist in consumer Windows versions.

OneNote is still supported and available on the Windows Apps store: https://www.microsoft.com/en-u...

Nonsense, either get an Enterprise license

How many PCs does a company need before it qualifies to buy Windows 10 Enterprise licenses? And how much does it cost per seat? In my experience, "Request a Quote" as stated in Microsoft's comparison page means "if you have to ask, you can't afford it." The "Learn More & Try" link ultimately links to an ROI calculator, but I could not try the ROI calculator because it was blurred out by a modal dialog that requires the user to submit personal and company information and authorize a Microsoft salesperson to contact the user.

or just uninstall the apps

Just uninstalling the apps doesn't undo the fact that having downloaded them in the first place counts against the monthly data transfer allowance that your ISP imposes.

Yes, Windows 10 is a [...redacted...].

The document you're looking for is here, if you're stuck with it:

https://docs.microsoft.com/en-...

You think "security" is something that can be "built in." Security in software development is a mindset.

You mean I can't just order my embedded software from a Chinese menu and check the box for "Yes, security please" ?

My crash course in security paired down to what I could reasonably fit into a post:

The process of threat modeling is a formal analysis of the security of a system. One easy to remember process is to use the mnemonic STRIDE - Spoofing, Tampering, Repudiation (sharing of access tokens or accounts between users, man-in-the-middle, social engineering, phishing scams, etc), Information disclosure, Denial of service, Elevation of privilege.

You can begin to build a picture of your threat models with a tool like SeaMonster. That's only one example there are many other tools available of course, such as Microsoft's SDL Threat Modeling Tool.

A formal process is pretty important, even if it's as basic as a spreadsheet that lists the threats you came up with. Reviewing the list, prioritizing it, and determining a schedule for addressing threats is better than an ad hoc hand waive to developers a week before release. ("Guys, ya, um I'm going to need you to make it secure."). An iterative process for security that begins the same day you start architectural talks is the better way to approach the problem.

From the villain saddling the world with Windoz — and actively sabotaging compatibility with other people's software (DR-DOS, Samba), perception of Bill Gates has been gradually rising over the past 20 years — even on Slashdot, where the supposed "nerds" really ought to know better.

And now a very personal attack on Linux and Linus (if you can even separate the two) — who, along with the BSDs and GNU have been providing the computing world with the alternatives.

If New Yorker is not partaking of the Gates' PR campaign, they are leaving money on the table...

Here is the diagnostics list for the telemetry with an explanation of what the fields are, also it is anonymized.

You mean there's what Microsoft says it is or does. Since the data transmitted encrypted, all those claims are unverifiable. I know it, you know it, Microsoft knows it. Give the past, I'd feel stupid trusting in that Microsoft accurately describes what they are doing there. Wonder what makes you so certain?

You realise that one line of text in the start menu you can just turn off right?

Pretty sure it's more than "one line of text", and the fact that you can go out of your way to turn it off until the next upgrade is worthless.

Right. Personal data and usage habits are completely worthless to a company like Microsoft that has absolutely no incentive to, say, push ads out to users.

Here is the diagnostics list for the telemetry with an explanation of what the fields are, also it is anonymized.

Now if you'll excuse me, I have to buy this new product that I just saw in my start menu.

You realise that one line of text in the start menu you can just turn off right?

Components of WSL distributed as free software are subject to the Microsoft Open Source Code of Conduct. It's based on a combination of the same Contributor Covenant 1.4 that Linux uses and a (discontinued) TODO Group Code of Conduct.

This works great but the Quick Create image has only ~10 GB disk space and nothing I tried was able to successfully resize the partition. I started installing my dev tools (IntelliJ, Google Cloud SDK, etc..) and I started getting low disk space warnings before I could install the final couple of applications. You can get the same result with the same enhancements if you do your own installation of Ubuntu 18.04 under Hyper-V with your own disk space requirements by following the instructions at https://blogs.technet.microsof.... Just use the ubuntu/18.04 folder instead of the 16.04 for running the install.sh script. The display performance is not as good as VMWare Workstation and there is no sound but I found Hyper-V more stable with Ubuntu than VMWare Workstation or VirtualBox. Both of which would occasionally freeze on my workstation running Linux distributions.

Take a look at https://docs.microsoft.com/en-... section 10.2.1

Will Google provide CAL licenses or is it up to customer to get those?

I'm neither Windows nor ChromeOS user, but just tought about the matter as Microsoft probably doesn't like this development and it may start asking audits for the customers having windows servers and knowingly also uses ChromeBooks.

WinSxS is supposed to be only hardlinks to files elsewhere, so it's not supposed to take up as much space as it looks (i.e., the actual file in c:\widnows and the version in winsxs is supposed to be NTFS hardlinks to the same sectors on disc.) SUPPOSED being the key-word, I'm sceptical it actually works. .. but frankly you're right, the PatchCache of MSI files is something that so could go to The Cloud!

(Honestly, c:\windows should be like \bin on a Unix system - completely read-only. I'd rather it was in fact a read-only "WIM' file or something and OS updates were simply 'rsync down a new WINDOWS.WIM file. And the engineers should take pride in every update to Windows, they get RID of stuff so this read-only binary gets smaller.)

The classic example is the very topic - I guarantee that, despite Storage Sense replacing the Disk Cleanup Wizard, the disk cleanup user interface exe file and now obsolete code will continue to be installed, wasting more disc space!

(Hell, the SxS is such a mess, even Microsoft have documentation on cleaning it.)

Microsoft made some serious effort toward unifying a desktop, tablet, and phone into a single unit with the Display Dock. Paired with UWP apps, this was a pretty slick little setup. Too bad the Windows phone platform never took off. https://www.microsoft.com/en-u...

Microsoft offers security-only patches here:

https://support.microsoft.com/en-us/help/22801/windows-7-and-windows-server-2008-r2-update-history

I am using it right now and you aren't hahaha!

https://support.microsoft.com/...

It's like going au-natural, free and loose

Hahaha... I remember being on Microsoft campus just after they released Windows 2000 server and they had those 5 nines posters all over the campus. I took it with a grain of salt but they seemed really serious about this.

https://news.microsoft.com/200...

The equivalent to multi-AZ is pick the region - "Southern USA" is one of 54 different regions - when deploying a resource, one simply choose which region it goes to (different regions have different costs, different packet latency profiles, different data sovereignty and sometimes other restricted use cases.

1)If multi-AZ is "pick multiple regions", why is Azure starting (https://azure.microsoft.com/en-us/updates/azure-availability-zones-ga/ ) with multi-AZ regions? Maybe they realise AWS is onto something?

It looks like MS would bill you for inter-region traffic, where AWS doesn't bill you for intra-region (inter-AZ) traffic. Going multi-region on Azure looks much more expensive than multi-AZ on AWS ...

2)54 different regions? You believe Microsoft's big number on the page, when it seems to be counting:
- Regions not accessible to you (e.g. DoD) (2)
- Regions that you aren't allow to use (US Gov) (4)
- Regions that aren't built yet (10)

On their map, I count 35 public "regions", but only 2 of those are multi-AZ.

AWS has 18 public launched regions most of which have 3 public AZs (four regions are still 2-AZ and will be addressed in future like the others that were back-filled to 3 AZs in the past 2 years). That doesn't include the 3 public regions and one GovCloud region that are currently being built.

3)While multi-AZ should result in very few issues on AWS, if you need more availability, AWS has been building lots of multi-region tools (e.g. inter-region replication for S3, Dynamo DB, Aurora etc.). Does Azure have any real tooling for multi-region (on top of multi-AZ)?

Yeah - the fact that Azure AD went down is far more surprising that the failure of the data centre. (Azure AD is supposed to be a multi-region auto-fail over distributed high-SLA service, failure of any one region isn't supposed to let this happen!)

The equivalent to multi-AZ is pick the region - "Southern USA" is one of 54 different regions - when deploying a resource, one simply choose which region it goes to (different regions have different costs, different packet latency profiles, different data sovereignty and sometimes other restricted use cases.

"... and Improved Spying! You forgot THAT feature..."

A long time ago, I installed the Google Chrome browser. It installed 3 system services. I discovered that using the free SysInternals Process Explorer. Chrome back then took control over computers.

Does Chrome still install 3 system services? Is Chrome spyware?

I recommend Microsoft's SysInternals. There are numerous helpful programs written by one of the best programmers ever connected with Microsoft, Mark Russinovich. (He is now CTO of Microsoft Azure, which is having major problems today.)

"... and Improved Spying! You forgot THAT feature..."

A long time ago, I installed the Google Chrome browser. It installed 3 system services. I discovered that using the free SysInternals Process Explorer. Chrome back then took control over computers.

Does Chrome still install 3 system services? Is Chrome spyware?

I recommend Microsoft's SysInternals. There are numerous helpful programs written by one of the best programmers ever connected with Microsoft, Mark Russinovich. (He is now CTO of Microsoft Azure, which is having major problems today.)

FYI, Microsoft will eventually deprecate Skype for Business to be replaced by Teams

https://docs.microsoft.com/en-...

well, I guess I'll undo my mod points on this thread because this comment is worth responding to.

https://docs.microsoft.com/en-...

Once you get on RS5 (coming out this year), you can install RSAT as an option feature of windows and it'll persist across upgrades.

Now... get back to pushing out those policyDefinitions!

Software engineer / developer here. I can.

You provide a lot of what-ifs, but leave out the most important one: what if Adobe developers were at least remotely competent at cross-platform development, and created an actual API that they would code to. Implement that API once across each supported platform, then stop worrying about it. That's cross-platform development tutorial #1.

This isn't a "cross-platform development" issue, this is an "older operating systems are missing features that will help us make better software" issue.

In Adobe's case, OS X El Capitan is the first version to support Metal -- this API is much more efficient on systems with multiple CPU cores. Windows 10 is the first version to support DirectX 12, which opens op the capability of using multiple discrete GPUs for rendering tasks on Windows. There is no "cross-platform" or "backwards-compatible" way of doing these kinds of things -- all applications, including your mythical compatibility layer, will depend on the low-level graphics capabilities of the operating systems they use. It's completely unreasonable to expect Adobe to reimplement core OS features just to appease some technological refuseniks who prefer decade-old operating systems for aesthetic or emotional reasons.

And look, I get it, people don't like Windows 10 because they've bought into the hype that it's a "spying operating system". Yes, it sends a list of your installed apps to Microsoft, but they do that so you won't receive Windows Updates with known compatibility issues. And yes, it's measuring how long certain operations take, like opening the Settings app, but they do that so that Microsoft can prioritize performance improvements.

As for Apple, yes, macOS High Sierra has been the worst Mac OS release in over a decade, and macOS Mojave is shortening the leash on supported hardware range for Macs to 6-7 years, and it's removing features that people actually use like Back To My Mac... it's really super-frustrating.

But here's the thing: both operating systems also continue to add very useful programming APIs for developers so that they can continue to improve their software. The next update to Windows 10 is finally adding native Unix-style ptys, for instance, and the console natively supports xterm-256color. Mojave, for its part, is finally implementing the OpenType-SVG font standard, i.e. fonts with colour. Maybe these don't interest you, but there's literally thousands of low-level improvements like these over the last several years, many of which would make your computing life nicer.

But if you don't know about those things, and make personal computing choices based solely on press negativity, you'll never get to learn about, much less enjoy the upsides.

As of version 10, Windows is also a moving target.

https://www.microsoft.com/en-u...

If you're only worried about Linux being a moving target because you write poorly-coded crapware, then good news! Windows update always breaks SOMETHING on all the poorly-coded crapware IT installs on my work desktop. Seriously. Every. Time. It. Runs.

Linux is the new normal.

> Need something without violence these days.

I hear Flower and Journey is available on PS3 & PS4. =P

/me ducks

Seriously though aren't there any puzzle games on the Xbone? Have you played The Witness ?

--
Microsoft Windows, noun: A 64-bit compilation of 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor written by a 2 bit company that can't stand 1 bit of competition with 0 bit of understanding good UI.

> Need something without violence these days.

I hear Flower and Journey is available on PS3 & PS4. =P

/me ducks

Seriously though aren't there any puzzle games on the Xbone? Have you played The Witness ?

--
Microsoft Windows, noun: A 64-bit compilation of 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor written by a 2 bit company that can't stand 1 bit of competition with 0 bit of understanding good UI.

In a properly-running Windows 95, DOS was hardly used at all. There's a blog post that was even on Slashdot awhile back talking about it. It didn't really do any "heavy lifting" unless there was a legacy driver installed.

Windows 95 also supported APM just fine. I believe Win95C supported ACPI, but I'd have to double check that - but Windows 98 did support ACPI just fine. I had a couple Win95 laptops back in the day that did PC Card hot swapping just fine, although I didn't use it super extensively. So anecdotal there.

When you install a .NET application, it would mount all of those things, as well as a .NET runtime for the app.

Would this .NET runtime allow use of mixed assemblies (which contain both native and CIL code) or other unsafe CIL? If not, read on:

You can get a Python and Java VM running on .NET, which may allow extending this to other types of native applications using the same runtime.

I read years back about something called C++/CLI, which extends ISO C++ with .NET-specific syntax for pointers and references in verifiably type-safe code. ISO C++ uses * to declare pointers and & to declare references, but C++/CLI uses those to mean unsafe pointers and references. Use of these causes verification of type safety at load time to fail. To declare pointers and references to managed objects, C++/CLI instead uses ^ for a pointer and % for a reference. (Source: "Component Extensions for Runtime Platforms")

Can ISO C or ISO C++ be compiled to verifiably type-safe .NET bytecode? Or is there a useful subset that can be automatically translated both to ISO C++ and to verifiably type-safe subset of C++/CLI? I don't think so given Microsoft's attitude in the following document: "If your code needs to be safe or verifiable, then we recommend that you port it to C#." (Source: "Pure and verifiable code (C++/CLI)")

When you install a .NET application, it would mount all of those things, as well as a .NET runtime for the app.

Would this .NET runtime allow use of mixed assemblies (which contain both native and CIL code) or other unsafe CIL? If not, read on:

You can get a Python and Java VM running on .NET, which may allow extending this to other types of native applications using the same runtime.

I read years back about something called C++/CLI, which extends ISO C++ with .NET-specific syntax for pointers and references in verifiably type-safe code. ISO C++ uses * to declare pointers and & to declare references, but C++/CLI uses those to mean unsafe pointers and references. Use of these causes verification of type safety at load time to fail. To declare pointers and references to managed objects, C++/CLI instead uses ^ for a pointer and % for a reference. (Source: "Component Extensions for Runtime Platforms")

Can ISO C or ISO C++ be compiled to verifiably type-safe .NET bytecode? Or is there a useful subset that can be automatically translated both to ISO C++ and to verifiably type-safe subset of C++/CLI? I don't think so given Microsoft's attitude in the following document: "If your code needs to be safe or verifiable, then we recommend that you port it to C#." (Source: "Pure and verifiable code (C++/CLI)")

Dam right this isn't your father's Microsoft.

* Thinks MSVC telemtry is OK
* Thinks Forced updates is OK
* Thinks 100+ endpoints for Win10 is OK
* Thinks DX12 only for Win10 is OK

Yeah, no. Sorry, no longer interested in what spyware you are peddling today MS.

Not to mention Windows 10 on ARM and of course broad Linux support.

Of course there's always the possibility that they might lock down the bootloader just to freeze out Linux.

They already did.

System.Fundamentals.Firmware.UEFISecureBoot:

"Enable/Disable Secure Boot. On non-ARM systems, it is required to implement the ability to disable Secure Boot via firmware setup. A physically present user must be allowed to disable Secure Boot via firmware setup without possession of PKpriv. A Windows Server may also disable Secure Boot remotely using a strongly authenticated (preferably public-key based) out-of-band management connection, such as to a baseboard management controller or service processor. Programmatic disabling of Secure Boot either during Boot Services or after exiting EFI Boot Services MUST NOT be possible. Disabling Secure Boot must not be possible on ARM systems."

Emphasis mine.

I'm actually hoping for this because I don't perceive any other path at the moment to getting a decent ARM Linux laptop.

Keep dreaming, it won't happen anytime soon unless some startup wants to manufacture hardware for linux specifically, or Windows implodes.

It is a dumb idea because like all your security measures are easily circumvented and provides no real security. Also if I don't trust your program I wouldn't trust its self check either no matter how many times it performs it.

It doesn't matter if I have done better, I have but then unlike you I don't work on toy problems, as we were discussing the poor quality of your work.

How come I can't find any official documentation for the hosts file stating hosts does port filtering as you claim? Not here, not here, and not here (says it follows the BSD format in previous links though). That doesn't mean that someone didn't create some stupid 3rd party program that does such a thing as I have seen lots of stupid shit added to the hosts file by programs and sysadmis. By doing that one could also make just as valid claim that hosts is also a Turing complete programming language too but no one makes that claim because it is fucking stupid just like yours.

So they rejected a simplistic idea because you weren't persuasive enough to convince them to accept your code. Either it was really dumb or your code was shitty.

Must be hard being constantly shown to be a loser. You never learn which is why so few people effort post with you and thus it is understandable why they just make fun of you.

They did think of that! No fires for those datacenters.

From the source:

Internal Operating Environment
1 atmosphere pressure, dry nitrogen.

you do not see much effort in reverse.

Not true, actually. Microsoft now officially supports and invests a lot of money in running Linux both under the Windows desktop and in the cloud. I would go so far as to speculate that Microsoft now has more money invested in this than the sum total of all the work that went into Wine.

But the elephant under the rug is, it's actually better to do it the other way: run Windows in a vm, that way you can keep your critical work and data entirely out of the hands of Microsoft. Microsoft knows this and now has a whole bunch of money invested in various efforts to forestall it. To be honest, it's hard to see that as a bad thing, it's the nearest thing to honest competition I have ever seen from that gang.

The web cams are pretty cool. I didn't realize there were so many fish in the ocean in that part of the world. I kind of considered the North sea and areas around it to be rather dead and devoid of life. Now I see I was wrong.

In summary, your text editor works with text. Dropbox works with files on a very fundamental level. It stands to reason that they need to care about the underlying filesystem.

Dropbox reads and writes files using the same filesystem drivers as every other application. It reads and modifies file attributes through those drivers, as well. Anything it does at the filesystem level can be achieved with the mv, rm, cat, chmod, touch, and mkfifo commands.

there's actual technical reasons why a program like Dropbox needs to understand the abilities of the underlying filesystem and not treat it as a dumb pipe via some API.

No, not really. Look at OwnCloud's sync app as an example of how all of the things DropBox does can be done on any filesystem, on any OS, treating the filesystem as a dumb pipe via some API. Including notifying users via their file browser that files are in a certain state (done via OS-level APIs that may or may not exist at the filesystem level). On Windows, you do this via Overlay Handlers, you use Finder Sync Extensions on a Mac. On Linux, the method varies based on window manager (not filesystem) but there exists at least one library for that; the bonus is that it's cross-platform. Phantom downloads are easily done using named pipes and filesystem monitors, which are used by every realtime-scanning antivirus, exist at the OS level, and are filesystem independent. With a little creativity, I'm sure you can figure out how it's done. Here's a hint: the named pipes don't exist until you open the directory.

For damn good reason, most operating systems prevent direct-to-disk modification of a mounted filesystem (e.g. bypassing the driver for writes), which makes much of what Dropbox does simply impossible on those systems unless it's done via the filesystem driver APIs. Since you can't mount a filesystem twice, Dropbox accessing the filesystem directly would require the OS to unmount it and cede control to Dropbox; which would leave the OS (and thus the user) unable to access the files contained therein. As additional food for thought: if Dropbox were accessing the filesystem directly, think about it, it wouldn't work on a Mac at all, as Apple filesystems are proprietary, meaning that the Dropbox team would have no way of writing interface code for Apple's filesystems. Yet it works on a Mac.

In short, Dropbox is very much accessing files the same way your text editor does. It does a few things with those files that your text editor probably doesn't do, but it's not reading directly from, nor writing directly to, your disk.

If only someone (*cough* microsoft) did this with a modern smartphone (*cough* lumia) running a modern OS (*cough* windows 10).

https://www.microsoft.com/en-u...

Ahem. Yeah, sorry something caught in my throat there.

I know we all hate Microsoft and Windows here, but I think their phone ecosystem was abandoned / ignored for little reason other than spite and possibly ignorance.

Windows is trying to avoid conflicts that arise from a "mixed binary" situation, where different running processes are linking to different versions of a system library. It's the same reason Ubuntu got a bunch of "reboot-required" notifications a few years back, when OpenSSL was being updated rapidly to fix a whole bunch of newly discovered vulnerabilities.

Thanks for a real answer instead of ranting about programmers from India.

In Linux it's routine to have multiple versions of a library installed. This is simple and easy; the .so files (similar to .dll if you didn't know) have versioned names. An application links to whichever one it needs, no big deal. Windows still doesn't do it this way? If not, I can see how that could cause real problems. DLL Hell is a well documented thing.

Even for updates of system libraries there is no (or not much) problem with "mixed binaries" and I'll give an example. Say I'm running my compositing window manager (so, it uses OpenGL/3D accel) and also running a DirectX game via Wine (same). While these are running, I update my proprietary nvidia driver. Any new OpenGL/3D apps I try to start will now fail with an error because the new library (OpenGL) version doesn't match the still-loaded old kernel video driver version. However, my window manager and my DirectX game continue to run flawlessly because the ones they need are loaded in memory. There is certainly nothing here that would justify forcing a user to reboot whether they want to do it at that time or not. I finish whatever I'm doing at my own leisure. I pick this example because it's about the only one that would actually require action on my part, other than a kernel update. With any other update besides those two I just carry on like nothing happened.

You mentioned Ubuntu... I suppose eventually deciding to "just reboot" is the easy brush-off advice, but all I really have to do is restart the window manager in order to load the new kernel driver and I'm good to go. Likewise, there is nothing about OpenSSL that requires a reboot. Just restart any important servers/apps using it and you're good to go. There is one and only one reason why I ever reboot my Linux machine: to load a new kernel (even that has workarounds). I'm never forced to do it.

'let's dumb down computer programming".

Actually, there's some bits that require dumbing down.

QBasic was as simple as "Screen 13", followed by "Pset (1,1),43", plus there's other quick graphics functions available. This is as simple as it gets.

In C for MS-DOS, you could do simple graphics rather quickly. Maybe you needed a library for C in order to quickly produce graphics, but you're still only one step away from drawing whatever picture is desired. You may need a library, but any proper compiler would have allowed directly calling the appropriate BIOS procedure. Still on the simple side.

In C/C++ for Windows, creating a drawing space is much more complex, requiring a few screens of code just to setup the drawing region, Read here to see how it's bulky. Similar reasoning applies to XWindows.

Most of this bulk is expected, since one has to create a window and make sure it doesn't interfere with others. However, it's still something that could take a lot of simplification in the future.