True, but 1024 bit keys are on their way out as insecure. Your argument would have been better made about a my points #3 or #4. Just because there's only about 2^80th values you need to search for a 1024-bit key doesn't mean you can memorize a kilobit of seemingly-random data (I was refuting the argument that a cert is just "something you have to know").
Still, you have a good point about there being good passphrase-generation options available. I see somebody already posted the obligatory XKCD...
Sigh... At account setup time, the server generates the verifier using the password. The password can then be safely discarded, the server need never (and should never) see it again post-setup. However, that initial process - getting the verifier stored in the server's database - does require an out-of-band communication of password-equivalent material (if you want to be really pedantic about it). Unless that communication is secured in some way - probably public-key auth, if done over the Internet - an attacker could intercept that material in transit to steal and/or modify it.
Extensive C# and a bit of Scala, if any other languages I use support them (probably) I've never written one.
You did nothing at all to refute any of my arguments, or put forward any of your own. Thus, in the tone of your own comment, I surmise that you're just a fanboy and incapable of rationally defending your position.
The truly typical Linux installations - that is, the ones found in TVs, set-top boxes, cable modems, routers, "smart" appliances, and so on - are configured extremely insecurely. There are typically remote management backdoors and such, but even if there aren't, the systems usually use horribly outdated software, have exposed (vulnerable) servers, and run everything as root. Serious exploit mitigations like SELinux are almost unheard-of.
Linux servers, assuming a competent admin, are generally very secure. Of course, these days, so are Windows servers (under the same assumptions). Trojans and vulnerable management tools are the preferred tools to attack either of those, and have been for years.
Phones and other consumer electronics that are "pseudo-computers" (meaning they are capable of general-purpose computing but are used as appliances) fall somewhere in between. Except in very rare cases, even a competent user isn't really a competent *admin*; how many people have audited their phones' drivers for security vulnerabilities? Mobile device OEMs near-universally suck at creating secure software, a problem that is seen all the time on Android (and on other mobile platforms). Often, there isn't an option that *doesn't* suck. On the other hand, the sandboxing of mobile apps makes it a lot harder to have a Trojan completely take them over.
Um, no, You're *FULL* of bullshit if you talk about certs that way. You obviously don't have a clue.
Key differences between public key auth ("certs") and password auth (no particular order): 1) You can re-use your public key with multiple sites and even if one of them is actively malicious, it doesn't help them break into the others. Not so with passwords. 2) Passwords, or at least verifiers for them, must be stored by all sites you use the password with. Public keys don't do an attacker any good at all even if they compromise a service on which you used the same credentials as their real target. 3) Public/Private keypairs are automatically generated by programs that filter the results for security. Passwords are often generated by people who don't know a thing about security (like some/. users I know...). 4) Passwords are short, intended to be remembered and typed. Asymmetric keys are long, meant to be transported as files (or certificate blobs). The former is vastly easier to brute force (an extremely strong password might take weeks on typical commodity hardware but most would only take minutes) than the latter (factoring some sub-1024-bit RSA public keys - weaker than any in serious use today - has been an open challenge for *years* and the best we've managed before required the resources of a university supercomputer working for weeks). 5) Public Key Infrastructure certificates include mechanisms like expiration and revocation. Passwords have no such protection and must be manually changed or reset in the event of a potential compromise. 6) Private keys can (and should be) protected with passwords, making them in effect a form of two-factor authentication (you HAVE the key, you KNOW its password). Passwords are a single factor. 7) A password gets much harder to use as its length increases, and the strength doesn't always increase as a factor of length because long passphrases are more likely to be generated with predictable rules to aid memorization. Public keys can be made thousands of times as strong without making them any less convenient for the user (aside from an increase in the one-time generation time, a slight increase in authentication time, and a bit more bandwidth used). 8) A password is, almost by definition, short enough to memorize or at least write down in a reasonable time. Very few humans could ever manage to memorize even a 1024-bit key pair; anything much stronger is right out. Calling it "a secret someone has too[sic] know" is simple idiocy. 9) Certificates can be used over unsecured connections (in fact, they're how we establish secure connections). Passwords sort-of can (SRP) but the typical usage of them requires a protected channel as an eavesdropper otherwise can steal your credentials, and SRP requires that the password be communicated to the server out-of-band (typically over a connection secured with public key crypto...)
Don't get me wrong, passwords have advantages (mostly in matters of convenience at a cost to security, but a secure system that is so inconvenient to use that nobody ever does so isn't any better than no system at all). I'm not saying we should do away with them. It was just painful to read the complete nonsense in your post, and I felt I had to set the record straight lest some other ignorant fool mistakenly believe you to know what you're talking about.
To be fair, it's completely possible for women to be sexist against other women. A woman (A) who worked her way up in a business may see another woman (B) trying to do the same but getting stymied by things that A didn't let stop her may consider B to be weak for failing. Another woman (C) who came in from a completely unrelated angle - such as the non-technical wife of the head of the company - may assume neither A nor B can possibly be as technically skilled as a man, because C is bad at technical things and in her worldview, men start successful technical businesses, and women marry them.
The whole problem of cultural influence towards sexism affects women as well as men, and individual success (for whatever metric of "success" you care to apply, including success in a male-dominated world) doesn't mean they won't think (consciously or subconsciously) that they themselves are just an exception to the otherwise valid stereotype. This applies to racism as well, incidentally.
It's also possible, though less common in my experience, for men to be sexist against other men. The only place I can recall personally seeing it is in kitchens, where even some male cooks will assume women are better than men, although I wouldn't be surprised if it happens other "traditionally" female roles like nursing and child-care too.
... ugh. As they say, it beats casting to larger types all the time, especially with the performance hit of the Big* types, but it's still not as good as just giving us some damn uints.
Meh. Explicit getters and setters are annoyingly boilerplate-y but properties aren't much better. They let you save a few characters on the API-use side, but not enough that I find them that important. They do cut down on the massive list of "getFoo, getBar, getBaz, setFoo, setBaz" functions which are divided in your IDE by a bunch of other APIs (oh look, no at-a glance way to tell that Bar is read-only) but that's one of the few good things I have to say about them. They're also annoyingly magic-ish; functions that *look* like simple public members but can have all kinds of side effects and such (yeah, they *shouldn't*, but we already have language semantics for "this operation will invoke a function call" as opposed to "this operation will simply access a member variable" and properties overload the latter to tack on the former.
C/C++ across multiple runtimes on *one* platform are relatively easy, though. Not so with Java. Trying to find a common version of Java that works on any three given enterprise apps can be a real pain in the ass, and I can guarantee you it's not going to be recent or up to date on security patches.
Really, really hard. Linux is a mess of mutually incompatible pieces with mutually incompatible dependencies. There have been attempts to create a "common base" that can be used, but very few people seem to use it. Pretty much the only truly safe way I've found to distribute Linux binaries (as opposed to source code, for which there's autoconf and friends) is to statically link all your dependencies and build for as many architectures as you feel like supporting (x86 obviously - probably i586 at best, though and maybe i386 - and likely x64; maybe ARM but probably not). This produces huge binaries with a lot of redundant code compiled in, but it means it works regardless of which libc you use, what version of openssl (or gnutls) you have, and so on.
Distro-specific builds let you use package files which pull in the requisite dependencies. They have smaller install footprints and smaller downloads, and you don't have to push a whole new version every time a dependent package fixes a security bug; you can expect the user's package manager to handle that. You can also massively reduce support costs by assuming that users have a common base of software installed (a full set of standard utilities instead of busybox, a version of python that can execute a given script, etc.)
However, distro-specific builds have their own costs. If you say you support distros X and Y, you have to test on all the common configurations of those distros. The more you add, the more the costs go up. There are over a thousand tracked distros on distrowatch. You have to draw the line somewhere. Ubuntu and Mint are close enough that it's really easy to handle both of them, but it's awkward for those who don't use Debian-derived distros.
For what it's worth, some game companies do take the "support generic Linux" approach. Heroes of Newerth, for example (a DotA clone that predates, and is in some ways better than, DotA 2) has a Linux client that often works... but sometimes it doesn't (I've had real issues with some older Fedora machines), and troubleshooting why can be a real pain.
Does EverNote support things like handwriting recognition (so you can search handwritten notes)? Also, how much of that gigabyte is Office common libraries? OneNote supports a lot of integration with other MSOffice programs, and if you have them installed already you won't need to install another instance of the common tools.
Not that I disagree that the install footprint is huge. I know the mobile versions aren't nearly that big...
"... and only using Microsoft's network sharing protocols." Not that I really recommend anybody use NFS, but Windows does support it. Look under "Turn Windows features on or off" (optionalfeatures.exe). It's called Services for NFS, and you can mount NFS shares as drive letters just fine.
The Windows version doesn't have a Ctrl+S shortcut for "Save As" either (and never has). Data is saved to disk automatically as you work, so a shortcut to "save" was never needed (in fact, for a remote notebook, "sync" makes more sense than "save".
With that said, the Windows version (paid at least; seriously, it's been in virtually every version of Office for years now) does have a "Save As" option to export the files (both as OneNote files and as things like PDF and HTML).
Sure, because "...scanning the OneNote data for monetizing purposes. Why else would they prevent the free OneNote users from storing data on non-Microsoft servers?" and "...preventing you from storing data locally, because you have to pay money and subscribe to their online office offering to get local notebooks." are totally the same thing, right? You didn't claim that they were doing a freemium model, you claimed that they were spying on your data. darrylo didn't say that they *aren't* spying (because honestly, how would anybody know?) but they did say they were doing it to create an incentive toward the paid version. That's not what you said at all, because the key portion of your argument was that they were scanning your data. You didn't even consider the possibility that they were offering the free version as a sort of demo for the paid version, for example.
This has been reading comprehension 101. Thank you for your attention...
The Lumia (not "Lumina", lol...) 1020 isn't *that* expensive. Its sensor is top-notch for a smartphone today, but it was only a few years ago that 5MPx was considered excellent in a phone and only professional gear (typically tens of thousands of dollars) could hit 40+MPx. Technology marches on. Today, a low-end smartphone typically has a 5MPx sensor. Assuming CCDs and/or CMOS chips follow Moore's Law (they might not, but I suspect they do, or something close to it) in about six years even cheap phones will have 40MPx camera sensors. This doesn't sound like too early to start working on the implications of that sort of capability at all...
Sad but true. I would have *loved* a system like this. In my part of the US, nothing at the elementary level was divided this way (there was - sometimes - a gifted program, but it was all-or-nothing). In Jr. High (grades 7-9 in my district, though 9th grade was technically high school and went on our transcripts as such) I was able to skip ahead in math... but only by up to two years, which means when I finished the 10th grade math in one semester (while ostensibly in 8th grade) and then most of the 11th grade course on independent study, I was told I'd be required to re-take it the next year anyhow (and I was, which was about as fun as it sounds).
It wasn't until "real" high school - until I was 15 and in 10th grade - that I was offered the option of taking AP classes in subjects I was good at (math, hard science, CS) and "normal" classes in other subjects. Even just two tracks per subject was a lot better than what I'd had before. On the other hand, not all AP courses were offered (we were lucky to have CS, for example) and some of my classes still had people who were well below the rest of their peers and slowed the whole class down.
Ugh... this whole discussion is giving me flashbacks to elementary school and jr. high. Not fun. Anyhow...
TL;DR: the focus needs to be on individual potential, not the potential of the whole class, or everybody ends up at the speed of the slowest student in every subject.
In second grade, my parents (who had been badgering the school my entire 1st grade year) managed to get me put into a 4th-grade math class. Where the teacher, after determining that I did in fact already know how to do long multiplication, handed me the textbook and told me to work out of it "until the rest of the class caught up". What a waste of most of a school year... I had to go to nearly the back of the book to find anything I didn't already know, and the book was intended as supplementary to instruction (in fact, it was mostly problem sets), not to be a primary source of instruction itself. Meanwhile the rest of the class was a distraction and the homework and tests were a complete waste of time.
Then, in third grade, after I'd spent most of the last year demonstrating that I was ahead of the 4th grade class, I was put back into the third grade class. You can guess how happy I was about that... I spent the entire time with my textbook on my desk hiding the novel I was reading behind it. The teacher probably knew, but at least she didn't raise a fuss.
The principal's rationale for this educational atrocity? "Every child has potential." Meaning *equal* potential, meaning the class moves at the speed of the slowest student. There was no place in her worldview for a student who broke the upper part of the curve. The district-mandated gifted program had one teacher (for six grades) who took a single age-group of students out of their normal classes one day a week (one group must have been doubled; I'm guessing 5th/6th but I don't remember), and who had to teach in a small portable building as far as possible from any of the actual classrooms (or their bathrooms...). I came to *really* cherish Tuesdays. By the way, Mrs. Thacker, on the offhand chance that you're reading this: you're still one of my favorite teachers ever!
Meanwhile, even the "average" (in quotes because almost nobody is truly average; we all have strengths and weaknesses such as my weakness in history) students in each subject were moving slower than they could have been. Most of them didn't care, because it meant the class was easy, but for a handful of us in each subject, class was mind-numbingly boring and an utter waste of time. There was nothing we could do about it, though. The teachers didn't have the time for individual attention to students like myself (not that the ratio was actually bad; they just gave all their spare time to the strugglers). The principal refused to acknowledge the problem. The district didn't really care, as long as we did well on standardized tests the school was doing its job in their eyes.
My parents finally managed to get me moved to another school (same district, but much further away; normally this wouldn't have been allowed but they argued that the lack of a full-time gifted program at my first school meant it was necessary to change) which had *much* better gifted programs. Even there, things weren't perfect - I was still top of (and sometimes bored in) math class, and I found foreign language to be *really* hard (I'm good at linguistics, awful at vocabulary) - but the experience was much better overall, and the teachers were more understanding of the needs of some students to push ahead harder.
Most of Scandinavia is doing a lot better than we are, too. I'm semi-seriously looking into emigrating to Sweden. Iceland is also on the list for consideration.
Not all services run as Admin or System. Also, the default configuration of UAC on Win7 and up is insecure; you need to turn UAC to the top level (the default, "Don't notify me when I make changes to Windows settings", can be used for invisible elevation to Admin).
LOL indeed! Did you know that when your ancestors were still throwing their shit out the window every morning into the gutter, and took a bath maybe one or two times a year, the Muslim world (much of which is black, incidentally) had sewer systems and the closest thing to modern medicine available at the time? Yeah, I bet you didn't. History seems highly unlikely to be your strong point.
Photovoltaics are incredibly inefficient. I don't know how much energy they're losing in the glass, but it's probably not 70%-80%.
Also, photovoltaics and batteries are expensive. A lens (doesn't have to be a really good lens) and some glass fibers is probably cheaper. That matters a *lot* for the uses they're envisioning.
Not actually true (you don't really know that much about MIC on Windows, do you?) Standard user processes, including non-sandboxed browsers, run at Medium IL. Admin processes, including services, run at High IL. Medium IL is just as incapable of attaching to a High IL process as Low is to Medium.
Vista or greater; Mandatory Integrity Control was introduced with NT 6.0, not 6.1 (better known as Win7). IE7 on Vista was the first browser to use the Low Integrity Level sandbox.
By default, Low IL actually does allow reading much of the file system and registry. It just can't do anything to any of it.
For what it's worth, you can *kind of* get the same benefit on XP by running a browser as a very-low-rights user. That causes no end of problems for some use cases (like downloading files), though.
Too bad there's more than 10 programs I use regularly (I currently have 18 on my taskbar, and there are many others that I'm not using at the moment). You can extend that system to use letters and such, of course, but then you're in a crappy position when you switch to new programs and need to re-learn those mappings.
Besides, search works for a lot more than just programs. You can find Control Panel items (even link directly to ones that would otherwise take multiple clicks, like "prox" for the system proxy settings) and files (which will open in their default associated program) as well. You can also hold Ctrl+Shift when hitting Enter to launch a program as Admin (very handy with, for example, CMD).
Oh, by the way, Win+[number row item] as a chord will open the taskbar icon (active or pinned) corresponding to that number. For example, on my system, Win+4 launches Powershell. Ctrl+Win+4 opens the most recent powershell if you have more than one, or a new one if you don't have any (this also works with the mouse, Ctrl+Click-on-taskbar-icon to open the most recently used instance if you have multiple instances running). Shift+Win+4 opens a new Powershell, even if I already have one open (this also works with the mouse). Ctrl+Shift+Win+4 will launch a new Powershell as Admin (again, works with mouse) whether I have any currently running or not.
Slashdot Mirror
True, but 1024 bit keys are on their way out as insecure. Your argument would have been better made about a my points #3 or #4. Just because there's only about 2^80th values you need to search for a 1024-bit key doesn't mean you can memorize a kilobit of seemingly-random data (I was refuting the argument that a cert is just "something you have to know").
Still, you have a good point about there being good passphrase-generation options available. I see somebody already posted the obligatory XKCD...
Sigh... At account setup time, the server generates the verifier using the password. The password can then be safely discarded, the server need never (and should never) see it again post-setup. However, that initial process - getting the verifier stored in the server's database - does require an out-of-band communication of password-equivalent material (if you want to be really pedantic about it). Unless that communication is secured in some way - probably public-key auth, if done over the Internet - an attacker could intercept that material in transit to steal and/or modify it.
Extensive C# and a bit of Scala, if any other languages I use support them (probably) I've never written one.
You did nothing at all to refute any of my arguments, or put forward any of your own. Thus, in the tone of your own comment, I surmise that you're just a fanboy and incapable of rationally defending your position.
The truly typical Linux installations - that is, the ones found in TVs, set-top boxes, cable modems, routers, "smart" appliances, and so on - are configured extremely insecurely. There are typically remote management backdoors and such, but even if there aren't, the systems usually use horribly outdated software, have exposed (vulnerable) servers, and run everything as root. Serious exploit mitigations like SELinux are almost unheard-of.
Linux servers, assuming a competent admin, are generally very secure. Of course, these days, so are Windows servers (under the same assumptions). Trojans and vulnerable management tools are the preferred tools to attack either of those, and have been for years.
Phones and other consumer electronics that are "pseudo-computers" (meaning they are capable of general-purpose computing but are used as appliances) fall somewhere in between. Except in very rare cases, even a competent user isn't really a competent *admin*; how many people have audited their phones' drivers for security vulnerabilities? Mobile device OEMs near-universally suck at creating secure software, a problem that is seen all the time on Android (and on other mobile platforms). Often, there isn't an option that *doesn't* suck. On the other hand, the sandboxing of mobile apps makes it a lot harder to have a Trojan completely take them over.
Hmm... mine prints "unknown option" (no use of the word "illegal") and then prints usage info.
Um, no, You're *FULL* of bullshit if you talk about certs that way. You obviously don't have a clue.
Key differences between public key auth ("certs") and password auth (no particular order): /. users I know...).
1) You can re-use your public key with multiple sites and even if one of them is actively malicious, it doesn't help them break into the others. Not so with passwords.
2) Passwords, or at least verifiers for them, must be stored by all sites you use the password with. Public keys don't do an attacker any good at all even if they compromise a service on which you used the same credentials as their real target.
3) Public/Private keypairs are automatically generated by programs that filter the results for security. Passwords are often generated by people who don't know a thing about security (like some
4) Passwords are short, intended to be remembered and typed. Asymmetric keys are long, meant to be transported as files (or certificate blobs). The former is vastly easier to brute force (an extremely strong password might take weeks on typical commodity hardware but most would only take minutes) than the latter (factoring some sub-1024-bit RSA public keys - weaker than any in serious use today - has been an open challenge for *years* and the best we've managed before required the resources of a university supercomputer working for weeks).
5) Public Key Infrastructure certificates include mechanisms like expiration and revocation. Passwords have no such protection and must be manually changed or reset in the event of a potential compromise.
6) Private keys can (and should be) protected with passwords, making them in effect a form of two-factor authentication (you HAVE the key, you KNOW its password). Passwords are a single factor.
7) A password gets much harder to use as its length increases, and the strength doesn't always increase as a factor of length because long passphrases are more likely to be generated with predictable rules to aid memorization. Public keys can be made thousands of times as strong without making them any less convenient for the user (aside from an increase in the one-time generation time, a slight increase in authentication time, and a bit more bandwidth used).
8) A password is, almost by definition, short enough to memorize or at least write down in a reasonable time. Very few humans could ever manage to memorize even a 1024-bit key pair; anything much stronger is right out. Calling it "a secret someone has too[sic] know" is simple idiocy.
9) Certificates can be used over unsecured connections (in fact, they're how we establish secure connections). Passwords sort-of can (SRP) but the typical usage of them requires a protected channel as an eavesdropper otherwise can steal your credentials, and SRP requires that the password be communicated to the server out-of-band (typically over a connection secured with public key crypto...)
Don't get me wrong, passwords have advantages (mostly in matters of convenience at a cost to security, but a secure system that is so inconvenient to use that nobody ever does so isn't any better than no system at all). I'm not saying we should do away with them. It was just painful to read the complete nonsense in your post, and I felt I had to set the record straight lest some other ignorant fool mistakenly believe you to know what you're talking about.
To be fair, it's completely possible for women to be sexist against other women. A woman (A) who worked her way up in a business may see another woman (B) trying to do the same but getting stymied by things that A didn't let stop her may consider B to be weak for failing. Another woman (C) who came in from a completely unrelated angle - such as the non-technical wife of the head of the company - may assume neither A nor B can possibly be as technically skilled as a man, because C is bad at technical things and in her worldview, men start successful technical businesses, and women marry them.
The whole problem of cultural influence towards sexism affects women as well as men, and individual success (for whatever metric of "success" you care to apply, including success in a male-dominated world) doesn't mean they won't think (consciously or subconsciously) that they themselves are just an exception to the otherwise valid stereotype. This applies to racism as well, incidentally.
It's also possible, though less common in my experience, for men to be sexist against other men. The only place I can recall personally seeing it is in kitchens, where even some male cooks will assume women are better than men, although I wouldn't be surprised if it happens other "traditionally" female roles like nursing and child-care too.
... ugh. As they say, it beats casting to larger types all the time, especially with the performance hit of the Big* types, but it's still not as good as just giving us some damn uints.
Meh. Explicit getters and setters are annoyingly boilerplate-y but properties aren't much better. They let you save a few characters on the API-use side, but not enough that I find them that important. They do cut down on the massive list of "getFoo, getBar, getBaz, setFoo, setBaz" functions which are divided in your IDE by a bunch of other APIs (oh look, no at-a glance way to tell that Bar is read-only) but that's one of the few good things I have to say about them. They're also annoyingly magic-ish; functions that *look* like simple public members but can have all kinds of side effects and such (yeah, they *shouldn't*, but we already have language semantics for "this operation will invoke a function call" as opposed to "this operation will simply access a member variable" and properties overload the latter to tack on the former.
C/C++ across multiple runtimes on *one* platform are relatively easy, though. Not so with Java. Trying to find a common version of Java that works on any three given enterprise apps can be a real pain in the ass, and I can guarantee you it's not going to be recent or up to date on security patches.
'How hard can that be?"
Really, really hard. Linux is a mess of mutually incompatible pieces with mutually incompatible dependencies. There have been attempts to create a "common base" that can be used, but very few people seem to use it. Pretty much the only truly safe way I've found to distribute Linux binaries (as opposed to source code, for which there's autoconf and friends) is to statically link all your dependencies and build for as many architectures as you feel like supporting (x86 obviously - probably i586 at best, though and maybe i386 - and likely x64; maybe ARM but probably not). This produces huge binaries with a lot of redundant code compiled in, but it means it works regardless of which libc you use, what version of openssl (or gnutls) you have, and so on.
Distro-specific builds let you use package files which pull in the requisite dependencies. They have smaller install footprints and smaller downloads, and you don't have to push a whole new version every time a dependent package fixes a security bug; you can expect the user's package manager to handle that. You can also massively reduce support costs by assuming that users have a common base of software installed (a full set of standard utilities instead of busybox, a version of python that can execute a given script, etc.)
However, distro-specific builds have their own costs. If you say you support distros X and Y, you have to test on all the common configurations of those distros. The more you add, the more the costs go up. There are over a thousand tracked distros on distrowatch. You have to draw the line somewhere. Ubuntu and Mint are close enough that it's really easy to handle both of them, but it's awkward for those who don't use Debian-derived distros.
For what it's worth, some game companies do take the "support generic Linux" approach. Heroes of Newerth, for example (a DotA clone that predates, and is in some ways better than, DotA 2) has a Linux client that often works... but sometimes it doesn't (I've had real issues with some older Fedora machines), and troubleshooting why can be a real pain.
Does EverNote support things like handwriting recognition (so you can search handwritten notes)? Also, how much of that gigabyte is Office common libraries? OneNote supports a lot of integration with other MSOffice programs, and if you have them installed already you won't need to install another instance of the common tools.
Not that I disagree that the install footprint is huge. I know the mobile versions aren't nearly that big...
"... and only using Microsoft's network sharing protocols."
Not that I really recommend anybody use NFS, but Windows does support it. Look under "Turn Windows features on or off" (optionalfeatures.exe). It's called Services for NFS, and you can mount NFS shares as drive letters just fine.
The Windows version doesn't have a Ctrl+S shortcut for "Save As" either (and never has). Data is saved to disk automatically as you work, so a shortcut to "save" was never needed (in fact, for a remote notebook, "sync" makes more sense than "save".
With that said, the Windows version (paid at least; seriously, it's been in virtually every version of Office for years now) does have a "Save As" option to export the files (both as OneNote files and as things like PDF and HTML).
Sure, because "...scanning the OneNote data for monetizing purposes. Why else would they prevent the free OneNote users from storing data on non-Microsoft servers?" and "...preventing you from storing data locally, because you have to pay money and subscribe to their online office offering to get local notebooks." are totally the same thing, right? You didn't claim that they were doing a freemium model, you claimed that they were spying on your data. darrylo didn't say that they *aren't* spying (because honestly, how would anybody know?) but they did say they were doing it to create an incentive toward the paid version. That's not what you said at all, because the key portion of your argument was that they were scanning your data. You didn't even consider the possibility that they were offering the free version as a sort of demo for the paid version, for example.
This has been reading comprehension 101. Thank you for your attention...
The Lumia (not "Lumina", lol...) 1020 isn't *that* expensive. Its sensor is top-notch for a smartphone today, but it was only a few years ago that 5MPx was considered excellent in a phone and only professional gear (typically tens of thousands of dollars) could hit 40+MPx. Technology marches on. Today, a low-end smartphone typically has a 5MPx sensor. Assuming CCDs and/or CMOS chips follow Moore's Law (they might not, but I suspect they do, or something close to it) in about six years even cheap phones will have 40MPx camera sensors. This doesn't sound like too early to start working on the implications of that sort of capability at all...
Sad but true. I would have *loved* a system like this. In my part of the US, nothing at the elementary level was divided this way (there was - sometimes - a gifted program, but it was all-or-nothing). In Jr. High (grades 7-9 in my district, though 9th grade was technically high school and went on our transcripts as such) I was able to skip ahead in math... but only by up to two years, which means when I finished the 10th grade math in one semester (while ostensibly in 8th grade) and then most of the 11th grade course on independent study, I was told I'd be required to re-take it the next year anyhow (and I was, which was about as fun as it sounds).
It wasn't until "real" high school - until I was 15 and in 10th grade - that I was offered the option of taking AP classes in subjects I was good at (math, hard science, CS) and "normal" classes in other subjects. Even just two tracks per subject was a lot better than what I'd had before. On the other hand, not all AP courses were offered (we were lucky to have CS, for example) and some of my classes still had people who were well below the rest of their peers and slowed the whole class down.
Ugh... this whole discussion is giving me flashbacks to elementary school and jr. high. Not fun. Anyhow...
TL;DR: the focus needs to be on individual potential, not the potential of the whole class, or everybody ends up at the speed of the slowest student in every subject.
In second grade, my parents (who had been badgering the school my entire 1st grade year) managed to get me put into a 4th-grade math class. Where the teacher, after determining that I did in fact already know how to do long multiplication, handed me the textbook and told me to work out of it "until the rest of the class caught up". What a waste of most of a school year... I had to go to nearly the back of the book to find anything I didn't already know, and the book was intended as supplementary to instruction (in fact, it was mostly problem sets), not to be a primary source of instruction itself. Meanwhile the rest of the class was a distraction and the homework and tests were a complete waste of time.
Then, in third grade, after I'd spent most of the last year demonstrating that I was ahead of the 4th grade class, I was put back into the third grade class. You can guess how happy I was about that... I spent the entire time with my textbook on my desk hiding the novel I was reading behind it. The teacher probably knew, but at least she didn't raise a fuss.
The principal's rationale for this educational atrocity? "Every child has potential." Meaning *equal* potential, meaning the class moves at the speed of the slowest student. There was no place in her worldview for a student who broke the upper part of the curve. The district-mandated gifted program had one teacher (for six grades) who took a single age-group of students out of their normal classes one day a week (one group must have been doubled; I'm guessing 5th/6th but I don't remember), and who had to teach in a small portable building as far as possible from any of the actual classrooms (or their bathrooms...). I came to *really* cherish Tuesdays. By the way, Mrs. Thacker, on the offhand chance that you're reading this: you're still one of my favorite teachers ever!
Meanwhile, even the "average" (in quotes because almost nobody is truly average; we all have strengths and weaknesses such as my weakness in history) students in each subject were moving slower than they could have been. Most of them didn't care, because it meant the class was easy, but for a handful of us in each subject, class was mind-numbingly boring and an utter waste of time. There was nothing we could do about it, though. The teachers didn't have the time for individual attention to students like myself (not that the ratio was actually bad; they just gave all their spare time to the strugglers). The principal refused to acknowledge the problem. The district didn't really care, as long as we did well on standardized tests the school was doing its job in their eyes.
My parents finally managed to get me moved to another school (same district, but much further away; normally this wouldn't have been allowed but they argued that the lack of a full-time gifted program at my first school meant it was necessary to change) which had *much* better gifted programs. Even there, things weren't perfect - I was still top of (and sometimes bored in) math class, and I found foreign language to be *really* hard (I'm good at linguistics, awful at vocabulary) - but the experience was much better overall, and the teachers were more understanding of the needs of some students to push ahead harder.
Most of Scandinavia is doing a lot better than we are, too. I'm semi-seriously looking into emigrating to Sweden. Iceland is also on the list for consideration.
Not all services run as Admin or System. Also, the default configuration of UAC on Win7 and up is insecure; you need to turn UAC to the top level (the default, "Don't notify me when I make changes to Windows settings", can be used for invisible elevation to Admin).
LOL indeed! Did you know that when your ancestors were still throwing their shit out the window every morning into the gutter, and took a bath maybe one or two times a year, the Muslim world (much of which is black, incidentally) had sewer systems and the closest thing to modern medicine available at the time? Yeah, I bet you didn't. History seems highly unlikely to be your strong point.
Photovoltaics are incredibly inefficient. I don't know how much energy they're losing in the glass, but it's probably not 70%-80%.
Also, photovoltaics and batteries are expensive. A lens (doesn't have to be a really good lens) and some glass fibers is probably cheaper. That matters a *lot* for the uses they're envisioning.
Not actually true (you don't really know that much about MIC on Windows, do you?) Standard user processes, including non-sandboxed browsers, run at Medium IL. Admin processes, including services, run at High IL. Medium IL is just as incapable of attaching to a High IL process as Low is to Medium.
Vista or greater; Mandatory Integrity Control was introduced with NT 6.0, not 6.1 (better known as Win7). IE7 on Vista was the first browser to use the Low Integrity Level sandbox.
By default, Low IL actually does allow reading much of the file system and registry. It just can't do anything to any of it.
For what it's worth, you can *kind of* get the same benefit on XP by running a browser as a very-low-rights user. That causes no end of problems for some use cases (like downloading files), though.
Too bad there's more than 10 programs I use regularly (I currently have 18 on my taskbar, and there are many others that I'm not using at the moment). You can extend that system to use letters and such, of course, but then you're in a crappy position when you switch to new programs and need to re-learn those mappings.
Besides, search works for a lot more than just programs. You can find Control Panel items (even link directly to ones that would otherwise take multiple clicks, like "prox" for the system proxy settings) and files (which will open in their default associated program) as well. You can also hold Ctrl+Shift when hitting Enter to launch a program as Admin (very handy with, for example, CMD).
Oh, by the way, Win+[number row item] as a chord will open the taskbar icon (active or pinned) corresponding to that number. For example, on my system, Win+4 launches Powershell. Ctrl+Win+4 opens the most recent powershell if you have more than one, or a new one if you don't have any (this also works with the mouse, Ctrl+Click-on-taskbar-icon to open the most recently used instance if you have multiple instances running). Shift+Win+4 opens a new Powershell, even if I already have one open (this also works with the mouse). Ctrl+Shift+Win+4 will launch a new Powershell as Admin (again, works with mouse) whether I have any currently running or not.