We’re mindlessly bashing Apple here, we don’t need your sensible reasoning!

That’s fair!

Sure, I use a ThunderBolt dock at home, but being docked 100% of the time is probably not normal.

The article says it’s a stock photo that has been edited with AI.

Interesting point about the KVM. To make it transparent the KVM would need to report the model of a real monitor in the display EDID data. Also if you’re monitoring the device, which is almost certainly a laptop, it would be suspicious if it was plugged in to a monitor 100% of the time.

Cameras? Maybe it’s a UK thing, but the only ones I can ever find on eBay are yellowed G3s for silly money.

2FA by SMS you mean? TOTP codes are generated offline

Not always. It can be perfectly reasonable to implement something in a quick and dirty way to get it out there with a view to either kill it off (eg if it doesn’t get adopted by users) or re-write before it needs to be extended. The key is having the awareness when putting yourself in that position.