I suspect it’s not dissimilar to the way spam emails are full of typos and grammar errors. You may wonder why they don’t just get those fixed, but they’re specifically to filter out the people who notice them and dismiss the spam, as they (the spammers) are far less likely to successfully scam someone who is offended by the way the spam is written. They are a kind of first level filter.
MS are filtering out the vocal, knowledgable people who will cause problems next time they have some security breach or do something shady around privacy. Convert that relatively small number of people to Linux, and you’re left with a compliant and fully tracked customer base—far more use in the long run.
Just use Reader view or whatever that’s called in your browser. I use Arctic for Lemmy on iOS and it has a ‘default to reader’ for opening links. Can’t remember the last time I saw a paywall. There’s one news site that doesn’t work but it’s pretty obvious straight away.
Partially. The summary isn’t quite in line with the detail:
Android is the only operating system that fully immunizes VPN apps from the attack because it doesn't implement option 121. For all other OSes, there are no complete fixes. When apps run on Linux there’s a setting that minimizes the effects, but even then TunnelVision can be used to exploit a side channel that can be used to de-anonymize destination traffic and perform targeted denial-of-service attacks.
4-5 TOTP apps? So far, when, e.g. Microsoft or Google have insisted use of their own Authenticator app is required, it’s worked fine for me using Ente Auth or similar just by entering the code / QR.