Does that mean the only official email app will be the one that uploads the passwords to all your email accounts to Microsoft?

Others have written about how windows does it, but here's some more details.

A window which runs with higher privileges (even just elevated to admin but still with your same account) cannot be read by normal privileges. You can see this when you use a custom screenshot program with some privileged system utility, but it's key combo does not work when the higher privileged window is active (in the foreground, selected). The screenshot program could not access UI elements in the privileged window, and can't send messages to it, but it can still see it rendered and capture it.

There's also a feature called "secure desktop". This is a bit like opening a new desktop with it's separate "window namespace". It's distinct so much that it doesn't have the taskbar and start menu, and by default it would be blackness, but you don't notice it because the system takes a screenshot before opening it and sets that as background.
Admin utils rarely use this feature, as I know this is only used for the User Account Control window that appears when a program is asking for elevated permissions. This is where you type your password, or just accept or deny the elevation request.
The Keepass password manager can also make use of this feature for the unlock prompt, but it can't use it that effectively, because the new secure desktop can be found in some way by other programs if it was not created with elevated privileges. It writes about this in it's documentation.
Even though Linux nowadays has a password prompt dialog, it does not have anything similar to this secure desktop thing as I know.

Other than that, on windows (maybe linux too?) processes of the same user and privilege level can read each other's memory. Without elevation. It's quite complicated but it's always there.
And like with gdb and strace on linux, there are ways on windows too to analyze or modify at runtime how a process works.

What controller? That does not seem to be a problem with the portal concept, but a pretty weird bug in the implementation of some part of it.

I don't understand your point. If they don't have enough access to install a keylogger, then they can't grant permission to themselves. That's why you want to keep them from being able to do that.

Sorry but I don't see how that would happen.

As land becomes more valuable it is important that people use it more productively.

How would people be able to do that when they have a normal workplace? This sounds like having to work additional hours to be able to keep my home.

Land value tax encourages building denser and reduces urban sprawl.

Sorry but you sound like someone who wants to force people into panel housing, and I don't want to participate in that.

Many people rent housing.

People who rent are damn close to being slaves. They don't have existential safety. Their housing can be taken away by yet another party by any semi-arbitrary reason, and all their belongings are lost because where they put them?

Sorry but I can't get behind any kind of land value tax idea. Not at least until it only applies to those having 2+ or such amount of properties, maybe further restricted related to family structure.

Just a similar tech. Few years ago they transitioned to something else for peer to peer load balancing.

What happened?

that ~~tried~~ tries to break E2EE.

Not this option, but generally I agree. Currently I don't think this is bad, and in the longer term we will see if this leaks any identifyable data.

At that point why not just mock google's various data mining services' APIs?

I think making it an opt-out is sensible

The GDPR does not think so, does it?