They weren’t already? The US spies on its allies. And those allies spy on the US. That anyone would only be figuring this out now is kinda sad. Any foreign travel (for whatever definition of “foreign” applies to you), should be made with the assumption that someone will be attacking your electronic devices. If you don’t need all of your personal/work data on the device you have with you, don’t keep it there. If you do need some of that data, have a way to get it over the internet, preferably using a VPN but at least using encryption. For the extra paranoid, you’ll need a way to verify the OS, applications and certificates of the device accessing the data. And that still leaves hardware based attacks as a risk.

Edit: Here is another tinfoil theory: the windows security subsystems special cases inetpub to allow all executables. If the path doesn’t exist, attackers can drop binaries in there to bypass security/codesigning etc. By creating it as SYSTEM, MS is ensuring that it can’t be written to without SYSTEM privs?

Ya, I’d bet on something similar. According to the CVE, the vulnerability is around “Improper link resolution before file access”. My bet is that there is something hardcoded somewhere which assumes the existence of this folder. If it doesn’t exist, this can let the attacker get something in place which then gets executed with SYSTEM permissions, leading to privilege escalation. Not the worst thing in the world, for most users. But, it would be a problem in an enterprise environment where part of the security model is users not having local admin.

Move fast and break things!
“Things” in many cases includes “security”.

Is it possible to move a windows install to a different drive and then install Linux on the main drive instead?

It should be possible to clone the current drive to a different drive. First and foremost though, backup any data you care about to a safe place (e.g. an external drive). Data loss is a real possibility. I’ve been in a professional context explaining to a customer just exactly how fucked they were, because they screwed up in cloning a drive. That wasn’t fun for me and it was expensive for them. Don’t be that guy.

If you have BitLocker enabled, I’d recommend disabling it. It shouldn’t cause problems; but, Microsoft software has a bad habit of giving you the middle finger when you least expect it.

The last time I did something like this, I used Yumi to create a bootable USB drive and selected a CloneZilla ISO. Once booted, you will want to do a device-device operation (WARNING: be very, very certain about the direction you are copying. If you screw that up, you will lose data. You did make a backup, right?) clone the whole disk and not just the partition. You can expand the partition with the actual OS, if you want, but leave any EFI or recovery partitions alone. There may also be a small amount of free space left on the drive (MS does this by default), leave that free.

Once the clone is complete, try booting and using it before you overwrite the old drive.

Second doubt is if I’ll have many issues daily driving Linux if I have an Nvidia card

I’m running an RTX 3080 myself and it’s been nearly flawless. That said, my next card (probably years off) is likely to be AMD just to avoid possible NVidia driver issues.

It was the auto-hiding replacement for the task bar. You opened it by moving the mouse pointer to the upper right or lower left corner. But unless you remembered where it was at, you’d get stuck asking, “where the fuck is the start menu”. It especially sucked when you were a normal version of windows and RDP’d into a Sever 2008 box and couldn’t use the Win key.

Kirk: Scotty AI, give me all she’s got!
Scotty AI: Aye captain, I’m draining the First Officer’s bank account and transferring it into your hidden account.
Kirk: No, wait, stop.
Scotty AI: Powering down engines.

Then no one would have noticed and sysadmins everywhere wouldn’t have their PTSD triggered by the words “charm bar”.
Shit, now I need whiskey.

You missed
winMe: you can’t change the thing because the OS already crashed.

What would have happened if we just dropped a 20tb hard drive in front of the computer researchers of that time?

Nothing, they would have no idea what it was, or how to interface with it. They might even end up destroying it because they have no idea of the power requirements. Even if they managed to get it powered up and guessed at what it was for, they would still be stuck with the issue of not having an operating system which is capable of logically addressing all of the storage. And the lack of drivers would make that even harder.

A lot of modern technology sits atop a mountain of other modern technology which must be sorted out before you can even start to think about designing the end product. It could be that, since they knew what was possible, and had an example to crib off of, scientists and engineers could have gotten to that point faster. But, there is just an insane amount of prior tech in front of modern computers that any one piece of it, thrown back that far, would likely just be shiny junk.

And people wonder why CCTV footage is always low res and grainy. I worked at a site with something north of 100 cameras and a requirement for 30 days storage. Their server room was mostly just racks and racks of hard drive chassis all wired up to the DVR system.

Step one: Document, Document, Document.
Step Two: Did we cover documentation yet?
Step Three: Complain, with documentation, to the apartment management.
Step Four: Document.

Recordings such as video and audio are useful. Just keeping a log of all such interactions can help as well. But, you want to have the documentation to prove your side of things. If things go really sideways and you end up in court, the judge won’t give a fuck about what you say, only what you can prove. Be ready to prove your claims. As we say in the DFIR world, “logs or it didn’t happen”. Then, start complaining to management. And document (keep a written log, you probably won’t be able to record) your interactions with management. All logs should include date, time, who you spoke with, what you spoke about and any actions which management said they would take or actions you said you would take. If it’s an option, keep your communications with management in email. Both the sending and received emails will be timestamped and the headers will provide a reasonable record showing that the emails were to or from management controlled email servers and addresses. And they log what was talked about quite nicely.

Ultimately, the goal is to move this from being your problem to management’s problem. And it’s possible that your problem neighbor is also someone else’s problem. If management has three tenants all complaining about the same neighbor, they have more impetus to take action against the problem. Of course, this assumes a neutral management, which can be an open question. But, this is likely the least costly way to resolve the issue.

Not humming, but I do make noise intentionally. I’m a big guy and understand that I could be threatening to women in the wrong circumstance. I also walk fairly quietly just as a matter of the way I walk; so, I’ve scared folks on more than one occasion by “sneaking” up on them unintentionally. So, if I think I am doing that, I’ll land a few footfalls hard and flat to make my foot slap the ground and alert the person of my presence before I get too close. I also try to give space to strangers while walking. Things like moving to the other side of the sidewalk/street, slowing down or speeding up to pass. Basically, trying to not look like I’m stalking them.

Maybe we should consider, not letting everyone setup whatever the fuck they want, whenever the they want, however they want and assuming it’s all good because, “it’s in the cloud”. And then that setup gets either dumped in IT’s lap in it’s half-assed state (if you’re lucky) or is left running, long forgotten, until an attacker finds it and informs the organization about it’s continued existence by spinning up a coin miner.

“The cloud” does need a lot of work on configuration management. But, that doesn’t mean just another fancy tool to fix the fuckups. It means policies and procedures to make the broken configs harder to implement in the first place. But that doesn’t have AI and flashy dashboards to wow the execs into spending more money. It just has users whining about waiting for an understaffed IT organization not getting things done “right now” for a project that has a deadline i tomorrow, which has been known about for three months.

the rights it licensed to Otherside for System Shock 3 had been sold on to Tencent

Be careful what you wish for.

Why am I expecting to need to buy “energy” or “gems” or some other bullshit “pay to keep playing” mechanic? Likely with some other “pay to skip grinding” mechanic.

Spaceballs?!?!

Stopping Windows from running, probably not. MS could stop sending updates and could deactivate it, but it would mostly keep running. And, if any EU/Russian systems were not connected to the internet (yes, this sort of thing still happens in 2025), nothing MS did would matter. Office/Azure and other cloud based services are more vulnerable. Yes, Microsoft could geo-fence those services such that they did nor work if you were coming from an IP address in EU/Russia. Though, the simple workaround for this is to install a VPN. And given US sanctions on Russia, this is probably happening right now anyway.

As much as the tin-foil hat crowd likes to think about MS having some master control switch, it’s incredibly unlikely. The problem with backdoors is that hackers are constantly looking for ways to attack systems, especially Windows. If there was some sort of master “off switch” baked into the code, it’s likely some one would have stumbled upon it by now. Even if it’s that well hidden, it’s a “one use” item with high reputational damage attached. Stop and consider for a moment, what happens when that kill switch gets used? It’s going to be picked up on. People record internet traffic for fun. As soon as that kill command went out, security researchers, the world over, would be dissecting logs to find the command, and then it would be reversed engineered. That MS had such a kill switch in their codebase would cause massive distrust in MS software going forward. No one would want to take the risk of having that kill switch running in their environment, certainly not on anything critical. Also, given how bad people are at updating Windows, we’d probably see a lot of systems killed by hackers just doing hacker things. Since the versions with the kill code would be know, you’d get bored teenagers searching Shodan for vulnerable systems and sending the kill command for fun. And all of this would be “Microsoft’s fault” for having the backdoor. It would be a PR nightmare. And since everyone would now know what the kill command looked like, anyone who mattered would install filters to block it at the firewall. So, it got used once, caused some damage with a lot of damage to MS’s reputation but is now neutralized. Was it worth it? Probably not to Microsoft.

Uh, no shit. State backed espionage groups are targeting the communications channels used by their primary targets. What are you going to tell me next? That water is wet and fire is hot? If the US government started using IP over Avian Carrier (RFC1149) you can bet that the GRU would start up a program to intercept the carriers.

It’s also not really a bug. It’s just understanding that whitespace characters are often ignored and can be used to push a command past the end of the textbox in the “edit shortcut” form. I’m not sure I really see a fix for it either. Granted, I think always showing file extensions would be a good start; but, that horse is so long out of the barn it’s grown old and died in the woods. Much like hyperlinks, I think people just need to learn to be careful where they put their click.

You could create one with the normal shortcut editor, which is built right into Windows. As for considering Windows a risk, well yes it is.