And as I said elsewhere, if that is true, then they're doing crypto objectively wrong. If the user isn't in control over the key — if part of the key comes from hardware and cannot be changed — then there is no way for users to know whether other parties are in possession of the key that they cannot change. Unchangeable keys have no place in legitimate crypto, period.
And, of course, if the key is changeable, then it is incorrect to claim that the T2 chip's encryption makes the connector useless; rather, the way that they are choosing to use it makes it useless, which is not the same thing, and basically brings us back to a five cent connector and a few lines of code.
I absolutely agree that backups are important, and that people should back up religiously. I also know that sometimes, bad things happen to good people, and that when people get really unlucky and they discover to their horror that their computer died, and that it mysteriously hadn't been backing up for the last two weeks, those folks are very grateful for that five cent connector inside the Mac that enables the Apple Genius to copy their data to an external hard drive, and won't be too happy with Apple for cheaping out on a five-cent connector.
What part of "and this assumes that Time Machine is actually backing things up correctly and that no files on your backup drive have exhibited bit rot" did you not understand?
So don't say "Time Machine works" unless you can guarantee that it always works 100% of the time. I do use Time Machine, but I also know people who have lost data because Time Machine didn't work for them.
Time Machine skips backups for open files. Historically, this meant that if you left iPhoto (at the time) open during all your backups, your photos would never get backed up. IIRC, later versions of iPhoto and, subsequently, Photos, worked around that, but who knows if third-party apps do the same for their libraries. Bundles are bad, m'kay?
Time Machine skips/Library (unless they have changed that recently), so if you have a web server configured with the historical default root directory (/LibraryWebServer/Documents), your web server is not getting backed up at all.
If you're doing backups to a local hard drive, it is inconvenient enough that users back up much less frequently, which means users are likely to lose several days' data (or even several weeks' data) every time.
If you're doing backups to a NAS, you can only back up while you're on a network that can "see" that NAS, which means that while traveling, you can lose all the data you created/accumulated during your trip.
And so on. There are countless tales of woe from people who lost countless hours of work because they relied exclusively on Time Machine for their backups. That's why most people familiar with Time Machine recommend regularly performing a second set of backups with some entirely different mechanism, such as online backups with CrashPlan or regular cloning with Carbon Copy Cloner. Given how unlikely it is that people will religiously do the latter, that basically leaves the former. As far as I'm concerned, regular online backups are absolutely mandatory with these new systems if your data has any value to you at all. So in effect, owning these new Mac laptops just got more expensive by $120 per year for as long as you own the hardware.
I would want my laptop to be 100% encrypted, in case i decided to travel to america or something.
Apple laptops have had optional full-disk encryption for seven years, and optional home directory encryption for fifteen years. Moreover, full-disk encryption has been automatic for four years. In no way should you interpret my comments to in any way imply that full-disk encryption itself is inherently risky. It is only the new implementation of FDE that is poorly designed.
In previous hardware iterations, you could copy the underlying encrypted data to an external hard drive using a specially designed cable attached to another computer. When the user attaches that external hard drive to a new machine, the computer's built-in firmware would ask the user for the password to unencrypt the disk. If he or she knows that password and types it in, the new computer would then be able to retrieve data from that copy just as easily as the original computer could retrieve it from the original flash drive.
Similarly, historically, if you didn't know the password, but printed out a copy of the recovery key, you could use that to decrypt your data.
What changed (reportedly) is that instead of using a pure software-based encryption scheme, they moved to a hardware-accelerated scheme, and instead of having the user be in complete control over the crypto key used, they began using a key that is burned into ROM on a chip on the motherboard for part (hopefully not all?) of the encryption. The result is that even if you copy the contents of the flash silicon to a new machine, that unchangeable hardware key cannot be retrieved (without uncapping the chip and using an electron microscope). Thus, even if you have the password or a recovery key, it is still not possible to decrypt the data without the chip from the original machine.
That is the flaw. Ostensibly, this reduces the risk of someone copying the encrypted data to another machine and then trying to brute-force your password, but in practice, this is a level of sophistication beyond all but the most targeted attacks. The overwhelming majority of people outside the corporate world would rather have the ability to recover their data in the event of a non-storage failure of their computer, rather than have that small bit of additional protection against attacks by CIA-level operatives. That's why that extra level of protection should be an extra checkbox that the user has to check when turning on the machine. Otherwise, it should use normal (but hardware-accelerated) FDE using a key that is entirely under the user's control, with the option of a recovery key, the ability to decrypt a copy of the disk, etc.
Enabling FDE does, of course, present a slightly greater risk of data loss, but that risk is largely mitigated by the fact that unless it gets struck by lightning and the hardware melts down, you can always copy the encrypted data to a new disk and then decrypt the data if you have the password or the (optional) recovery key. Enabling FDE with a fixed hardware key presents an unmitigated risk of data loss, which is what makes it almost always a bad idea unless you have reasonable cause to be afraid of men in black stealing your laptop, cloning it, and returning it without you noticing, then using billions of dollars worth of hardware to try to crack its encryption. And if you're really worried about that, you're either very, very important or very, very nuts.
Why should a drive be physically tied to a computer? If the data is encrypted, then it shouldn't matter if you connect it to another computer; it is still encrypted. And if you have the key information (password, recovery key, etc.), it should be possible to decrypt it from a different machine. The problem with this design (if the story is true) is that some of the crypto is performed using a fixed, hardware-defined key that is stored inside a chip on the motherboard external to the flash, and rather than providing hardware that enables external copying of the flash *through* that chip (which would decrypt it, after the user provides it with the password), they just left off that ability entirely.
Of course, the real problem there is the permanent, unchangeable key in hardware. At best, this can have only three effects:
Potentially weakening security by making part of the key unchangeable, thus reducing the complexity of a brute-force attack
*Slightly* increasing the amount of time required to perform encryption/decryption attempts (including attacks) by requiring an extra computation
Weakening reliability by making part of the key unattainable in the event of failure of hardware that otherwise would not prevent access to the storage
The only situations in which it would even have a small possibility of increasing security would be if you were trying to protect against a targeted attack from someone with the sophistication to unsolder the chips from the board and attach them to a new NAND flash controller, and even then, it would only provide a benefit if that attacker was not sophisticated enough to uncap the chip, remove the protective layers of metal, and use an electron microscope to read the hardware key off of the silicon. That's kind of a narrow window of hacking competence....
In practice, such a design just makes the computers less reliable, without increasing security. Unchangeable, unextractable keys have no place in real security. They are the computer security equivalent of a tiger-repelling rock. Protecting the key outside of the NAND flash is fine, but only if the user is in control of setting that key so that he/she can (if desired) produce a recovery key that does not require the chip to exist. Otherwise, it's a fundamentally flawed way of doing security/crypto.
I.e. They removed the port because the port was useless in light of their change to using hardware encrypted drives.
Hardware-accelerated crypto is great. Such a design does not necessitate storing keys in some special chip on the logic board, however, and in fact, designs that do so are quite commonly insecure by design, such as those "secure" USB sticks that you can crack by skipping the front end chip and talking directly to the storage controller. So the suggestion that the crypto could somehow be tied to hardware has me seriously concerned about whether the crypto is, in fact, as robust as in previous generations.
But even ignoring that issue, and even assuming the keys can be changed, unless you're a wacko who thinks someone is going to be able to feasibly brute-force your disk password, there is exactly zero benefit to storing the keys in the controller itself, rather than in external flash parts, and a huge loss in robustness from doing so.
Moreover, even if you assume that there is some benefit, there is no reason you couldn't put the contacts on the CPU side of that chip and provide a way for external hardware to talk to the T2 chip.
For that matter, there is no reason not to give users the choice in software when setting up the machine: More secure (risk of data loss from tying the key to the chip) or more recoverable (risk of a targeted attack in which someone unsolders the chips, solders them to a new controller, and brute-forces the password against the raw key, but in which that person is not quite skilled enough to extract the key from the T2 chip with an electron microscope and delamination).
So that explanation makes no sense to anyone who actually understands crypto. At best, it is an excuse to try to get out from under the lawsuits that will follow when users start losing data the next time an NVIDIA chip malfunction plagues their product line. At worst, it is a bunch of tech journalists who don't know what they are talking about spewing FUD. I'm hoping for the latter. If not, I think I'm going to start selling stock now, so that by the time the next NVIDIA/AMD nightmare happens, I'll be entirely divested. Just saying.
Having the logic board fail and nothing else is not a common failure mode.
You have obviously never owned an Apple laptop — or, for that matter, any laptop containing a standalone GPU soldered onto the logic board. Now that we don't have spinning rust for storage, logic boards are likely the most common non-power-related failure mode by a large margin.
No professional in his or her right might should seriously consider a laptop in which a logic board failure results in the loss of access to storage. Even if you just lose the storage since the last backup, that could be a considerable loss, and this assumes that Time Machine is actually backing things up correctly and that no files on your backup drive have exhibited bit rot. In the worst case, you might lose considerably more, like your entire photo library or some other "why the hell did Apple mark this as a bundle" folder.
No, if true, this qualifies as a showstopper-level flaw, sufficient to get upper management fired. I can't imagine that even the "thin über alles" folks at Apple would be THAT stupid. It seems far more likely that somebody changed a connector, and that they don't have the right tools at the various Apple stores yet, which while qualifying as seriously incompetent, is probably a failure of the Apple Store and/or AppleCare management chain, rather than engineering.
My gut says the sweet spot is probably somewhere around 7 hours a day, four days a week.
3.5 days per week is more efficient, because then you can have a Sunday through Wednesday shift and a Wednesday through Saturday shift and fully utilize your facilities during the day—two companies or teams, one building.
I'd probably even give up a bit in order to work less. It's not laziness. It's the recognition that I want more out of life than being someone's employee.
But then you'd have less value to society. As long as we're capitalistic-focused, your value in society is in what you produce and what you consume. Do less of either, and you're a less valuable person to society.
Actually, that’s not true. At some point, you’re working too much to consume things. Having more time off means you can travel and consume goods and services all over the world. Admittedly, a single day won’t do that, but it still means you have more time to consume.
Also, you’re incorrectly assuming that the product of your work is the most valuable output that you can produce. For most of us in software, our work will become less valuable over time as technology changes, and will slowly be replaced by someone else’s work. So if we have any creative hobbies that could produce something that has lasting value, such as music, art, poetry, or prose, then our potential value to society is being squandered by spending all day five days per week working in our primary jobs, and we would contribute more to society by working less so we can work more, so to speak.
Resisting dust may or may not be an improvement. After all, once the dust gets in there, those silicone membranes also almost certainly make it harder to get the dust back *out*.
Crumbs under keys cause problems. Nothing surprising there. There are only two possible design changes that could significantly improve things:
Crumb tolerance, so that even if crumbs get in, the key can still depress enough to close the keyswitch (probably requires a thicker laptop).
A removable keycap to make it easier to blow the dust out.
Any other change is likely to be largely meaningless in the grand scheme of things.
My understanding with apple's ecosystem, especially around messages and account details, is that the company doesn't hold the decryption keys. Each device creates a public/private key pair, the private keys are stored on device, the public keys are in an API you draw from to send a message to each of the recicioente devices. The downside to this form of communication is each outbound message has to be encrypted and transmitted multiple times (matching the device count of the recipient).
Therefore, it doesn't matter who has the data, as long as the government hasn't secretly cracked the form of encryption Apple uses, and they really never receive the private keys, which would otherwise be subject to subpoena.
That depends on whether "the data" includes the set of authorized keys. Otherwise, it could matter a great deal, at least for future communication.
Most of the hardware will probably eventually be used for its original purpose. It's like the self-driving car tech; the hardware works, but the software isn't ready yet.
Now, I'll sit back while everyone argues about whether I'm being serious or sarcastic.:-)
Except nuclear. For nuclear, the cost of ripping out the old one far exceeds any cost savings from being able to reuse the existing building, because you have to safely store all of the removed material for millennia, which means building a building or bunker or whatever. It is cheaper to just pump the whole thing full of concrete and entomb it in place, then build on a new site. Of course, they don't do that because they are not allowed to do so, but cost-wise, it is almost certainly the most effective solution.:-)
The turbine blades weigh as much as a small car and are 50 feet up in the air. Lawsuit waiting to happen.
Yeah, but that also means they have as much metal as a small fleet of cars, once you factor in the support post. That's good recycling.:-)
But seriously, nobody in his/her right mind is going to tear down a wind turbine unless global climate change causes the wind to stop. In the worst likely case, when one of these things fails, the owners will temporarily take down the blades, replace the generator portion, and put the blades back up at a much lower labor cost than dismantling it, and at a far lower cost than building a new one from scratch. In the best case, they'll be able to repair it in place.
Yeah. And this wasn't the first time. When they first came out with the rental model for Photoshop, they clearly stated that it was not going to become rental-only, too. Then, after I bought CS6, they changed their minds. So basically, this has happened to me twice. But their denial that Lightroom would go that way was so much more emphatic than the previous denial, so I foolishly gave them the benefit of the doubt. In hindsight, trusting those greedy, blood-sucking leeches was a mistake, but a mistake that I can guarantee I will never make again, because their company is now on my permanent ban list.
At this point, the only way I would ever touch Adobe's products would be if the entire company got bought by a less-malicious software company that fired their upper management en masse and reversed the rental-only stupidity within the first week. And even then, technically, Adobe would still be on the permanent ban list; it just wouldn't be Adobe anymore.
Yeah, that's what I thought when I read this too. To prevent false alarms from testing, they're going to do a lot more testing which is designed to look like a real alarm?
No, it is designed to look like a real alarm to the participants. You'll be hitting the same button that you would hit to send a "chemical warfare storage depot is leaking" message, but the actual message transmitted will be a test message, just with the same alert sound as a real alert (WHY?).
The big difference is that I'm also considering going after Adobe in court for their broken promise that Lightroom would remain non-subscription. I bought LR6 with that promise in mind, confident that they would eventually add actual dual-pixel RAW support to Lightroom, and that I could buy an upgrade with that feature. Then, when the next version came out, they made what constitutes a material change to their policies that, had they been truthful up front, would have prevented me from even considering LR6, and would have caused me to switch to something else earlier. That, right there, is what is known as bait-and-switch, i.e. fraud.
Given that experience, it is safe to say that I will never consider any Adobe products for the rest of my life, and whenever any of my employers ask for recommendations, I will recommend strongly against any Adobe product. And if anybody knows a good class action lawyer, I and every other 5D Mark IV owner who uses Lightroom would like to talk to him/her.
They already build two laptops — three if you count the Air. They already have a pro and non-pro laptop line. The problem is that they have no clue what pro users want. If that were not the case, they would have acknowledged the feedback from 90% of users that the touchbar is a false-triggering nightmare of epidemic proportions, and they would offer an optional normal keyboard.
Slashdot Mirror
And as I said elsewhere, if that is true, then they're doing crypto objectively wrong. If the user isn't in control over the key — if part of the key comes from hardware and cannot be changed — then there is no way for users to know whether other parties are in possession of the key that they cannot change. Unchangeable keys have no place in legitimate crypto, period.
And, of course, if the key is changeable, then it is incorrect to claim that the T2 chip's encryption makes the connector useless; rather, the way that they are choosing to use it makes it useless, which is not the same thing, and basically brings us back to a five cent connector and a few lines of code.
I absolutely agree that backups are important, and that people should back up religiously. I also know that sometimes, bad things happen to good people, and that when people get really unlucky and they discover to their horror that their computer died, and that it mysteriously hadn't been backing up for the last two weeks, those folks are very grateful for that five cent connector inside the Mac that enables the Apple Genius to copy their data to an external hard drive, and won't be too happy with Apple for cheaping out on a five-cent connector.
Some of them are definitely the former, but you get my point. :-)
What part of "and this assumes that Time Machine is actually backing things up correctly and that no files on your backup drive have exhibited bit rot" did you not understand?
So don't say "Time Machine works" unless you can guarantee that it always works 100% of the time. I do use Time Machine, but I also know people who have lost data because Time Machine didn't work for them.
And so on. There are countless tales of woe from people who lost countless hours of work because they relied exclusively on Time Machine for their backups. That's why most people familiar with Time Machine recommend regularly performing a second set of backups with some entirely different mechanism, such as online backups with CrashPlan or regular cloning with Carbon Copy Cloner. Given how unlikely it is that people will religiously do the latter, that basically leaves the former. As far as I'm concerned, regular online backups are absolutely mandatory with these new systems if your data has any value to you at all. So in effect, owning these new Mac laptops just got more expensive by $120 per year for as long as you own the hardware.
Apple laptops have had optional full-disk encryption for seven years, and optional home directory encryption for fifteen years. Moreover, full-disk encryption has been automatic for four years. In no way should you interpret my comments to in any way imply that full-disk encryption itself is inherently risky. It is only the new implementation of FDE that is poorly designed.
In previous hardware iterations, you could copy the underlying encrypted data to an external hard drive using a specially designed cable attached to another computer. When the user attaches that external hard drive to a new machine, the computer's built-in firmware would ask the user for the password to unencrypt the disk. If he or she knows that password and types it in, the new computer would then be able to retrieve data from that copy just as easily as the original computer could retrieve it from the original flash drive.
Similarly, historically, if you didn't know the password, but printed out a copy of the recovery key, you could use that to decrypt your data.
What changed (reportedly) is that instead of using a pure software-based encryption scheme, they moved to a hardware-accelerated scheme, and instead of having the user be in complete control over the crypto key used, they began using a key that is burned into ROM on a chip on the motherboard for part (hopefully not all?) of the encryption. The result is that even if you copy the contents of the flash silicon to a new machine, that unchangeable hardware key cannot be retrieved (without uncapping the chip and using an electron microscope). Thus, even if you have the password or a recovery key, it is still not possible to decrypt the data without the chip from the original machine.
That is the flaw. Ostensibly, this reduces the risk of someone copying the encrypted data to another machine and then trying to brute-force your password, but in practice, this is a level of sophistication beyond all but the most targeted attacks. The overwhelming majority of people outside the corporate world would rather have the ability to recover their data in the event of a non-storage failure of their computer, rather than have that small bit of additional protection against attacks by CIA-level operatives. That's why that extra level of protection should be an extra checkbox that the user has to check when turning on the machine. Otherwise, it should use normal (but hardware-accelerated) FDE using a key that is entirely under the user's control, with the option of a recovery key, the ability to decrypt a copy of the disk, etc.
Enabling FDE does, of course, present a slightly greater risk of data loss, but that risk is largely mitigated by the fact that unless it gets struck by lightning and the hardware melts down, you can always copy the encrypted data to a new disk and then decrypt the data if you have the password or the (optional) recovery key. Enabling FDE with a fixed hardware key presents an unmitigated risk of data loss, which is what makes it almost always a bad idea unless you have reasonable cause to be afraid of men in black stealing your laptop, cloning it, and returning it without you noticing, then using billions of dollars worth of hardware to try to crack its encryption. And if you're really worried about that, you're either very, very important or very, very nuts.
You forget how much money can be made selling equipment for pretending to be effective.
Uh, no. Just no.
Why should a drive be physically tied to a computer? If the data is encrypted, then it shouldn't matter if you connect it to another computer; it is still encrypted. And if you have the key information (password, recovery key, etc.), it should be possible to decrypt it from a different machine. The problem with this design (if the story is true) is that some of the crypto is performed using a fixed, hardware-defined key that is stored inside a chip on the motherboard external to the flash, and rather than providing hardware that enables external copying of the flash *through* that chip (which would decrypt it, after the user provides it with the password), they just left off that ability entirely.
Of course, the real problem there is the permanent, unchangeable key in hardware. At best, this can have only three effects:
The only situations in which it would even have a small possibility of increasing security would be if you were trying to protect against a targeted attack from someone with the sophistication to unsolder the chips from the board and attach them to a new NAND flash controller, and even then, it would only provide a benefit if that attacker was not sophisticated enough to uncap the chip, remove the protective layers of metal, and use an electron microscope to read the hardware key off of the silicon. That's kind of a narrow window of hacking competence....
In practice, such a design just makes the computers less reliable, without increasing security. Unchangeable, unextractable keys have no place in real security. They are the computer security equivalent of a tiger-repelling rock. Protecting the key outside of the NAND flash is fine, but only if the user is in control of setting that key so that he/she can (if desired) produce a recovery key that does not require the chip to exist. Otherwise, it's a fundamentally flawed way of doing security/crypto.
Hardware-accelerated crypto is great. Such a design does not necessitate storing keys in some special chip on the logic board, however, and in fact, designs that do so are quite commonly insecure by design, such as those "secure" USB sticks that you can crack by skipping the front end chip and talking directly to the storage controller. So the suggestion that the crypto could somehow be tied to hardware has me seriously concerned about whether the crypto is, in fact, as robust as in previous generations.
But even ignoring that issue, and even assuming the keys can be changed, unless you're a wacko who thinks someone is going to be able to feasibly brute-force your disk password, there is exactly zero benefit to storing the keys in the controller itself, rather than in external flash parts, and a huge loss in robustness from doing so.
Moreover, even if you assume that there is some benefit, there is no reason you couldn't put the contacts on the CPU side of that chip and provide a way for external hardware to talk to the T2 chip.
For that matter, there is no reason not to give users the choice in software when setting up the machine: More secure (risk of data loss from tying the key to the chip) or more recoverable (risk of a targeted attack in which someone unsolders the chips, solders them to a new controller, and brute-forces the password against the raw key, but in which that person is not quite skilled enough to extract the key from the T2 chip with an electron microscope and delamination).
So that explanation makes no sense to anyone who actually understands crypto. At best, it is an excuse to try to get out from under the lawsuits that will follow when users start losing data the next time an NVIDIA chip malfunction plagues their product line. At worst, it is a bunch of tech journalists who don't know what they are talking about spewing FUD. I'm hoping for the latter. If not, I think I'm going to start selling stock now, so that by the time the next NVIDIA/AMD nightmare happens, I'll be entirely divested. Just saying.
You have obviously never owned an Apple laptop — or, for that matter, any laptop containing a standalone GPU soldered onto the logic board. Now that we don't have spinning rust for storage, logic boards are likely the most common non-power-related failure mode by a large margin.
No professional in his or her right might should seriously consider a laptop in which a logic board failure results in the loss of access to storage. Even if you just lose the storage since the last backup, that could be a considerable loss, and this assumes that Time Machine is actually backing things up correctly and that no files on your backup drive have exhibited bit rot. In the worst case, you might lose considerably more, like your entire photo library or some other "why the hell did Apple mark this as a bundle" folder.
No, if true, this qualifies as a showstopper-level flaw, sufficient to get upper management fired. I can't imagine that even the "thin über alles" folks at Apple would be THAT stupid. It seems far more likely that somebody changed a connector, and that they don't have the right tools at the various Apple stores yet, which while qualifying as seriously incompetent, is probably a failure of the Apple Store and/or AppleCare management chain, rather than engineering.
Not true. Museums attract tourist dollars.
Well, it does, just not that much.
My gut says the sweet spot is probably somewhere around 7 hours a day, four days a week.
3.5 days per week is more efficient, because then you can have a Sunday through Wednesday shift and a Wednesday through Saturday shift and fully utilize your facilities during the day—two companies or teams, one building.
I'd probably even give up a bit in order to work less. It's not laziness. It's the recognition that I want more out of life than being someone's employee.
But then you'd have less value to society. As long as we're capitalistic-focused, your value in society is in what you produce and what you consume. Do less of either, and you're a less valuable person to society.
Actually, that’s not true. At some point, you’re working too much to consume things. Having more time off means you can travel and consume goods and services all over the world. Admittedly, a single day won’t do that, but it still means you have more time to consume.
Also, you’re incorrectly assuming that the product of your work is the most valuable output that you can produce. For most of us in software, our work will become less valuable over time as technology changes, and will slowly be replaced by someone else’s work. So if we have any creative hobbies that could produce something that has lasting value, such as music, art, poetry, or prose, then our potential value to society is being squandered by spending all day five days per week working in our primary jobs, and we would contribute more to society by working less so we can work more, so to speak.
Resisting dust may or may not be an improvement. After all, once the dust gets in there, those silicone membranes also almost certainly make it harder to get the dust back *out*.
Crumbs under keys cause problems. Nothing surprising there. There are only two possible design changes that could significantly improve things:
Any other change is likely to be largely meaningless in the grand scheme of things.
My understanding with apple's ecosystem, especially around messages and account details, is that the company doesn't hold the decryption keys. Each device creates a public/private key pair, the private keys are stored on device, the public keys are in an API you draw from to send a message to each of the recicioente devices. The downside to this form of communication is each outbound message has to be encrypted and transmitted multiple times (matching the device count of the recipient).
Therefore, it doesn't matter who has the data, as long as the government hasn't secretly cracked the form of encryption Apple uses, and they really never receive the private keys, which would otherwise be subject to subpoena.
That depends on whether "the data" includes the set of authorized keys. Otherwise, it could matter a great deal, at least for future communication.
I was going to say Netscape Navigator, but either way.
Most of the hardware will probably eventually be used for its original purpose. It's like the self-driving car tech; the hardware works, but the software isn't ready yet.
Now, I'll sit back while everyone argues about whether I'm being serious or sarcastic. :-)
It’s the “one giant switch in a while loop” design pattern.
Except nuclear. For nuclear, the cost of ripping out the old one far exceeds any cost savings from being able to reuse the existing building, because you have to safely store all of the removed material for millennia, which means building a building or bunker or whatever. It is cheaper to just pump the whole thing full of concrete and entomb it in place, then build on a new site. Of course, they don't do that because they are not allowed to do so, but cost-wise, it is almost certainly the most effective solution. :-)
Yeah, but that also means they have as much metal as a small fleet of cars, once you factor in the support post. That's good recycling. :-)
But seriously, nobody in his/her right mind is going to tear down a wind turbine unless global climate change causes the wind to stop. In the worst likely case, when one of these things fails, the owners will temporarily take down the blades, replace the generator portion, and put the blades back up at a much lower labor cost than dismantling it, and at a far lower cost than building a new one from scratch. In the best case, they'll be able to repair it in place.
In other words, this story is pure FUD.
Yeah. And this wasn't the first time. When they first came out with the rental model for Photoshop, they clearly stated that it was not going to become rental-only, too. Then, after I bought CS6, they changed their minds. So basically, this has happened to me twice. But their denial that Lightroom would go that way was so much more emphatic than the previous denial, so I foolishly gave them the benefit of the doubt. In hindsight, trusting those greedy, blood-sucking leeches was a mistake, but a mistake that I can guarantee I will never make again, because their company is now on my permanent ban list.
At this point, the only way I would ever touch Adobe's products would be if the entire company got bought by a less-malicious software company that fired their upper management en masse and reversed the rental-only stupidity within the first week. And even then, technically, Adobe would still be on the permanent ban list; it just wouldn't be Adobe anymore.
No, it is designed to look like a real alarm to the participants. You'll be hitting the same button that you would hit to send a "chemical warfare storage depot is leaking" message, but the actual message transmitted will be a test message, just with the same alert sound as a real alert (WHY?).
"Had this been a real alert, you would all be dead by now"
"Had this been a real alert, the sound you just heard would be followed by screaming, wailing, and the sounds of vehicles rapidly leaving the area"
"Had this been a real alert, do you really think we'd warn YOU?"
Nah, you'll probably live for several weeks after getting radiation poisoning.
Just long enough to eat the tasty brains of the people who failed to warn them about the zombie apocalypse. BRAAAAAAINS.
I'm in the same position, almost.
The big difference is that I'm also considering going after Adobe in court for their broken promise that Lightroom would remain non-subscription. I bought LR6 with that promise in mind, confident that they would eventually add actual dual-pixel RAW support to Lightroom, and that I could buy an upgrade with that feature. Then, when the next version came out, they made what constitutes a material change to their policies that, had they been truthful up front, would have prevented me from even considering LR6, and would have caused me to switch to something else earlier. That, right there, is what is known as bait-and-switch, i.e. fraud.
Given that experience, it is safe to say that I will never consider any Adobe products for the rest of my life, and whenever any of my employers ask for recommendations, I will recommend strongly against any Adobe product. And if anybody knows a good class action lawyer, I and every other 5D Mark IV owner who uses Lightroom would like to talk to him/her.
They already build two laptops — three if you count the Air. They already have a pro and non-pro laptop line. The problem is that they have no clue what pro users want. If that were not the case, they would have acknowledged the feedback from 90% of users that the touchbar is a false-triggering nightmare of epidemic proportions, and they would offer an optional normal keyboard.