In practice, no. The legislation has major loopholes, such as allowing unsolicited business-to-business marketing. And spammers still send junk to individuals with a disclaimer such as "This message is addressed to a business, if this is in error click here to opt out". And they seem to get away with it.
These kinds of attacks are already happening. It has actually happened in the apartment area where I live:
We have a hot water central heating system that distributes heat to the apartments buildings. To improve efficiency, this system was upgraded with "weather forecast" functionality. The supplier stated that this system would not work behind NAT or a firewall, and required a public IP address, so it was connected directly to the ISP's switch.
A couple of years later, in the summer, the system got cracked and the heating system was turned on and the system temperature was increased to the maximum. Because all radiators have (analog) thermostats on them, it didn't affect the indoor temperature, and it took a week until it was noticed.
If nobody had noticed, it would have resulted in a huge district heating bill. And if done on large scale, I guess it could overload or underload power plants (if using electric heating). So I disagree that there are little incentives (to bad guys) to crack heating systems.
As long as there are still incoming links to the domain, I think it's hard to make Google reset it's page rank permanently. You could do a HTTP 301 permanent redirect and use Google Webmaster Tools to make Google point to the new GitLab site, but a squatter can always revert these changes so it will never be 100% effective.
I know a small company that shut down it's Facebook page while keeping it's website (an old one, from 2005). Probably because it's not selling directly to it's end-customers, so the web site is focused on contact info (for store chains etc) + static web pages with product information. B2B doesn't seem to use Facebook very much at all.
Technology improvements are good, but all these sensors in devices scare me, especially in network-connected stuff. Let's say someone exploits and modifies the firmware to trigger on the word "confidential" and then upload the recordings to some server of the attackers choice. Or hides a modified device in someones office/home/etc.
Of course, that's not at all specific to IoT or voice-triggered microphones. Laptops and phones have large batteries and are regularly recharged so they could be exploited as well.
I've noticed that sometimes updates to Firefox cause it to stop working until it's restarted. If you're writing a long message, or filling in some form, or if you have an order confirmation page open, then you might lose that data.
I've never seen that happen in native GNU/Linux applications, though. I guess it might be related to the XUL stuff in Firefox.
But given that Firefox (and Chrome/ium) are memory hogs that eventually get OOM killed, you need to restart them periodically anyway, so it might not make a big difference if the OS does auto-updates in the background.
There's also the question of where we should draw the line. It's very different if you post a funny video of a cat, or if you write a joke at the end of a comment. IMHO the latter is OK.
I learned to program myself and did some small-scale freelancing as a web developer while in high school. But after that I went to university because I felt it would be easier to get a job with an academic education, and also because it's free in my country.
If I had to pay I'd probably not have applied. IMHO you can learn pretty much everything by reading Wikipedia and other free sites, as long as you're able to stay focused. On the other hand, you'll get to know like-minded people in university, and many people find their first job through their fellow students. So there's definitely a social aspect to it as you say.
Protocols that require online signing are impossible to cache and hard to scale. Even OCSP is often used with pre-produced offline signed responses for that reason (but they are periodically re-signed of course). So that's probably why DNSSEC supports offline signatures.
And while I agree that confidentiality of DNS would be a step in the right direction, there would still be many other leaks, e.g. the SNI field in TLS, or the destination IP address. To completely hide who is accessing which site, you'd need some kind of mixnet or onion routing.
