Ok, but if you are investing capital in some sort of production line or industrialization you are not going to want to do that in an area where you might just lose your entire investment instantly; instead, you're just going to invest it in Texas or China. Of course with more extreme examples like yours you do have to put some cost on the existing companies to get it fixed, but it would be something with a smaller cost like having to dispose of the mercury properly (whereas in this article's examples they just flat out ban these things, which you can't do to existing factories).
For sure there would be a disincentive to "invest" in the area where you might lose the investment. That would be intentional. As a voter, I specifically don't want companies to be making those kinds of "investments" in my region. Go "invest" your dirty industry in China. If California's reputation for harshly regulating these things prevents these kinds of businesses from opening here in the first place, I consider that Working As Intended. We could make that reputation even stronger by not grandfathering things.
As somebody who is entirely for restrictions on internet / social media, I think you're missing the bigger picture here. First, you assume that parents have the technical knowhow to restrict their kids from specific sites. My parents used a lot of different tools when I was a kid, but between figuring out passwords, putting my fingerprint onto my mom's phone, and spoofing mac addresses, I always found a way around the restrictions so I could stay up later.
But let's assume the majority of parents can actually do this. The problem with social media is not an individual one! We've fallen into a Nash Equilibrium, a game theory trap where we all defect and use our phones. If you don't have a phone or social media nowadays you will have much more trouble socializing than those who do, even though everyone would be better off if nobody used phones. As a teenager, you don't want to be the only one without a phone or social media. And so I truly do think the only solution is with higher level coordination.
Now, it's possible that the government isn't the right organization to enforce this coordination. Unfortunately, we don't really have any other forms of community that work for this. People already get mad at HOA's for making them trim their lawn; imagine an HOA for blocking social media! I do think the idea of a community doing this would be great though, assuming (obviously) that it was easy to move on and out of, as well as local. This would also help adults!
So to be honest, I don't think parents have the individual power to fix this, even with their kids.
Most of this is very true, except for the one caveat I'll point out that a space complexity O(P(n)) for some function P implies at least a O(cubedroot(P(n))) time complexity, but many algorithms don't have high space complexity. If you have a constant space complexity this doesn't factor in to time complexity at all. Some examples would be exponentiation by squaring, miller-rabin primality testing, pollard-rho factorization, etc.
Of course if you include the log(n) bits required just to store n, then sure you can factor in the log of the cubed root of n in the time complexity, but that's just log(n) / 3, so the cubed root doesn't matter here either.
I don't think this post reads as AI at all. It has none of the tell-tale signs either (em dashes, common constructions like 'not just ____ but ____, bullet points, headers, etc.)
The images are AI-generated. This makes them automatically bad in some people's view, but I think they're reasonably fitting here. With a little bit of work (e.g. attention to consistency between frames, blending into the site background) they could even be good.
The art’s aesthetic, which resembles Calvin and Hobbes, is disrespectful to its creator, Bill Watterson’s.
Bill spent a lot of energy fighting commercialization of his work, arguing that it would devalue his characters and their personalities. I don’t know what is cheaper than using an AI model to instantly generate similar art, for free.
You did do pretty well! I don't think the final result was ruined at all. Not many people will notice things like his pants only being brown in the first image, or their eyes only having whites in the third image, or his jacket sometimes having a hood and sometimes not.
Compared to what we see on most blogs, even patio11's, this is capital-A Art.
Just to be clear: bitlocker is NOT encrypting with your login password! I could be a little fuzzy on the details but I believe how it works is that your TPM (Trusted Platform Module) is able to decrypt your laptop, but will only do so if there is a fully signed and trusted boot chain, so if somebody gains access to your laptop and attempts to boot into anything other than Windows, it will ask for the bitlocker key because the TPM won't play ball.
The important bit here is that ~*nobody* who is using Windows cares about encryption or even knows what it is! This is all on by default, which is a good thing, but also means that yes, of course Microsoft has to store the keys, because otherwise a regular user will happen to mess around with their bios one day and accidentally lock themselves permanently out of their computer.
If you want regular FDE without giving Microsoft the key you can go ahead and do it fairly easily! But realistically if the people in these cases were using Linux or something instead the police wouldn't have needed an encryption key because they would never have encrypted their laptop in the first place.
> nobody who is using Windows cares about encryption or even knows what it is!
Right, so the solution is to silently upload their encryption keys to Microsoft's servers without telling them? If users don't understand encryption, they certainly don't understand they've just handed their keys to a third party subject to government data requests.
> otherwise a regular user will happen to mess around with their bios one day and accidentally lock themselves permanently out of their computer.
This is such transparent fear-mongering. How often does this actually happen versus how often are cloud providers breached or served with legal requests? You're solving a hypothetical edge case by creating an actual security vulnerability.
Encryption by default and cloud key escrow are separate decisions. You can have one without the other. The fact that Microsoft chose both doesn't make the second one necessary, it makes it convenient for Microsoft.
> If you want regular FDE without giving Microsoft the key you can go ahead and do it fairly easily!
Then why isn't that the default with cloud backup as opt-in? Oh right, because then Microsoft wouldn't have everyone's keys.
> Right, so the solution is to silently upload their encryption keys to Microsoft's servers without telling them? If users don't understand encryption, they certainly don't understand they've just handed their keys to a third party subject to government data requests.
What exactly are you hoping Windows does here? Anyone who knows anything about Bitlocker knows Microsoft has the keys (that's where you get the key when you need it, which I have needed it many times because I dual boot!) Microsoft could put a big screen on install saying 'we have your encryption keys!' — would this change literally anything? They would need to also explain what that means and what bitlocker is. And then after all of that, the only people who are going to decide 'actually I want to set up FDE myself' are going to be the technical people who already knew all of this already! This is just a non-issue.
> This is such transparent fear-mongering. How often does this actually happen versus how often are cloud providers breached or served with legal requests? You're solving a hypothetical edge case by creating an actual security vulnerability.
This is not fear mongering at all! The nice thing about Bitlocker is that you don't need to put in your key 99% of the time (and in fact 99% of Windows users — who are not technical! — don't even know they have Bitlocker). But occasionally you do need to put it in. Once or twice I've booted to the bitlocker screen and I actually don't even know why. Maybe my TPM got wiped somehow? Maybe my computer shut down in a really weird way? But it happens enough that it's clearly necessary! That big Crowdstrike screwup a year ago; one of the ways to fix it required having your Bitlocker key!
> Encryption by default and cloud key escrow are separate decisions. You can have one without the other. The fact that Microsoft chose both doesn't make the second one necessary, it makes it convenient for Microsoft.
Again, this is not true for a product like Windows where 99% of users are not technical. Remember, Bitlocker does not require your key on startup the vast majority the time! However, there is a chance that you will need the key at some point or you will be locked out of you data permanently. Where should Microsoft give the user the key? Should they say on install 'hey, write this down and don't lose it!' Any solution relying on the user is obviously a recipe for disaster. But again, let me remind you that encryption by default is important because you don't want any old random laptop thief to get access to your chrome account! So yes, I think Microsoft made the best and only choice here.
BitLocker encrypts data on a disk using what it calls a Full Volume Encryption Key (FVEK).[1][2] This FVEK is encrypted with a separate key which it calls a Volume Management Key (VMK) and the VMK-encrypted FVEK is stored in one to three (for redundancy) metadata blocks on the disk.[1][2] The VMK is then encrypted with one or more times with a key which is derived/stored using one or more methods which are identified with VolumeKeyProtectorID.[2][3] These methods include what I think would now be the default for modern Windows installations of 3 "Numerical password" (128-bit recovery key formatted with checksums) and 4 "TPM And PIN". Previously instead of 4 "TPM And PIN" most Windows installations (without TPMs forced to be used) would probably be using just 8 "Passphrase". Unless things have changed recently, in mode 4 "TPM And PIN", the TPM stores a partial key, and the PIN supplied by the user is the other partial key, and both partial keys are combined together to produce the key used to decrypt the VMK.
Seemingly once you've installed Windows and given the Microsoft your BitLocker keys in escrow, you could then use Remove-BitLockerKeyProtector to delete the VMK which is protected with mode 3 "Numerical password" (recovery key).[4] It appears that the escrow process (possibly the same as used by BackupToAAD-BitLockerKeyProtector) might only send the numerical key, rather than the VMK itself.[5][6] I couldn't find from a quick Internet search someone who has reverse engineered fveskybackup.dll to confirm this is the case though. If Microsoft are sending the VMK _and_ the numerical key, then they have everything needed to decrypt a disk. If Microsoft are only sending the numerical key, and all numerical key protected VMKs are later securely erased from the disk, the numerical key they hold in escrow wouldn't be useful later on.
Someone did however ask the same question I first had. What if I had, for example, a billion BitLocker recovery keys I wanted to ensure were backed up for my protection, safety and peace of mind? This curious person did however already know the limit was 200 recovery keys per device, and found out re-encryption would fail if this limit had been reached, then realised Microsoft had fixed this bug by adding a mechanism to automatically delete stale recovery keys in escrow, then reverse engineered fveskybackup.dll and an undocumented Microsoft Graph API call used to delete (or "delete") escrowed BitLocker recovery keys in batches of 16.[7]
It also appears you might only be able to encrypt 10000 disks per day or change your mind on your disk's BitLocker recovery keys 10000 times per day.[8] That might sound like a lot for particularly an individual, but the API also perhaps applies a limit of 150 disks being encrypted every 15 minutes for an entire organisation/tenancy. It doesn't look like anyone has written up an investigation into the limits that might apply for personal Microsoft accounts, or if limits differ if the MS-Organization-Access certificate is presented, or what happens to a Windows installation if a limit is encountered (does it skip BitLocker and continue the installation with it disabled?).
I think most people don't understand that 99% of people don't know what data encryption is and definitely don't care about it. If it weren't for Bitlocker, their laptops wouldn't be encrypted at all! And of course if your software (Windows) encrypts by default but you don't want to bother the average user with the details (because they don't know anything about this or care about it) you will need to store the key in case they need it.
To everyone saying 'time to use Linux!'; recognize that if these people were using Linux, their laptops wouldn't be encrypted at all!
> If it weren't for Bitlocker, their laptops wouldn't be encrypted at all!
And because of Bitlocker, their encryption is worth nothing in the end.
> if these people were using Linux, their laptops wouldn't be encrypted
Maybe, maybe not. Ubuntu and Fedora both have FDE options in the installer. That's objectively more honest and secure than forcing a flawed default in my opinion.
> And because of Bitlocker, their encryption is worth nothing in the end.
No, it's worth exactly what it's meant for: in case your laptop gets stolen!
> flawed default
Look, in terms of flaws I would argue 'the government can for legal reasons request the key to decrypt my laptop' is pretty low down there. Again, we're dealing with the general populace here; if it's a choice between them getting locked out of their computer completely vs the government being able to decrypt their laptop this is clearly the better option. Those who actually care about privacy will setup FDE themselves, and everyone else gets safety in case their laptop gets stolen.
> No, it's worth exactly what it's meant for: in case your laptop gets stolen!
If my laptop gets stolen and it's worth something, the thief will wait until they can crack the management keys. We see this with corporate-locked laptops and Macbooks, iPhones and Androids, and other encrypted curiosities that get cracked at a lab in Tel Aviv for pennies on the dollar.
> Those who actually care about privacy will setup FDE themselves
This line is equivalent to forfeiting your position so I don't even know what to argue over anymore. I do care about privacy and I have no idea who you're arguing in-favor of.
I agree with a lot of what you've said, but I completely disagree that LLM's are no longer sycophantic. GPT-5 is definitely still very sycophantic, 'You're absolutely right!' still happens, etc. It's true it happens far less in a pure coding context (Claude Code / Codex) but I suspect only because of the system prompts, and those tools are by far in the minority of LLM usage.
I think it's enlightening to open up ChatGPT on the web with no custom instructions and just send a regular request and see the way it responds.
Whenever this comes up people point out, 'Come on, let parents decide for their kids!' -- I sympathize with this argument, but let me explain why I don't believe that actually fixes the real problem. For reference, I'm gen-Z, COVID hit while I was in highschool, and I have seen and to this day see Tiktok / Reels / Shorts used every day by my friends (and to some extent me).
I may not be having kids for a while yet, but if I had teenagers today I would absolutely move somewhere where it is not legal for kids to have social media accounts. The underlying problem is that this isn't an individual problem, it's a social one! If a teenager's friends all have social media, he is going to be left out! It is going to severely hurt his life. Even if he never watches short-form video (the main component of social media I think is detrimental), his friends will! When I was in highschool sometimes my friends and I would get together and we would be bored, have no clue what to do. Instead of messing around doing random things, a couple of them would just open up Instagram reels and bam, afternoon wasted. If the half the group isn't trying to do something, you aren't going to do anything. Contrast this with before I was a teenager and before phones, I vividly remember me and my friends just exploring and doing random things. It's just a different experience and I think social media needs to be banned for everyone for it to be effective.
reply