Language Selection

English French German Italian Portuguese Spanish

Microsoft

Openwashing and the Latest Microsoft Fakes

Filed under
Microsoft

Malicious Proprietary Software From Microsoft and Google

Filed under
Google
Microsoft
  • Microsoft rolls out a new update for Surface Duo SDK Preview

    The new update is available for Mac, Windows and Ubuntu....

  • Microsoft Brings Its Windows 10 Antivirus Arsenal to Linux [Ed: Wow. Softpedia's "LINUX" section (Popa) is now an arm of Microsoft proprietary software marketing. Sure missing Marius Nester there. Whose arsenal is this? NSA's?]
  • Microsoft: Linux Defender antivirus now in public preview, iOS and Android are next [Ed: Of course Microsoft's sponsored propaganda network also promotes Microsoft proprietary software in the “LINUX” section. It does this all the time. The site has also just put "GitHub: We won't take down any of your content unless we really have to" under the "LINUX" section because proprietary software (GitHub) is somehow "LINUX"?!]
  • Chrome deploys deep-linking tech in latest browser build despite privacy concerns

    Google has implemented a browser capability in Chrome called ScrollToTextFragment that enables deep links to web documents, but it has done so despite unresolved privacy concerns and lack of support from other browser makers.

    Via Twitter on Tuesday, Peter Snyder, privacy researcher at privacy-focused browser maker Brave Software, observed that ScrollToTextFragment shipped earlier this month in Chrome 80 unflagged, meaning it's active, despite privacy issues that have been raised.

    "Imposing privacy and security leaks to existing sites (many of which will never be updated) REALLY should be a 'don't break the web,' never-cross redline," he wrote. "This spec does that."

    The debate over the feature percolated last year on mailing lists and in GitHub issues posts and picked up in October when the team working on Chrome's Blink engine declared their intent to implement the specification. The feature rollout serves to illustrate that the consensus-based web standards process doesn't do much to constrain the technology Google deploys.

  •      

  • New Mexico Sues Google Over Collection of Children's Data

           

             

    New Mexico’s attorney general sued Google Thursday over allegations the tech company is illegally collecting personal data generated by children in violation of federal and state laws.

Malicious Proprietary Software

Filed under
Microsoft
Software
  • Discord Is Not An Acceptable Choice For Free Software Projects

    Discord’s communication is not end to end (e2e) encrypted. It is encrypted only between the individual user and the servers operated by Discord Inc. Their spying extends to every single message sent and received by anyone, including direct messages betweeen users. The service can and does log every message sent, both in-channel and DMs. It is impossible to have a private conversation on Discord, as there will always be an unencrypted log of it stored by Discord. Discord can, at their option, provide those stored messages to any third party they wish, including cops or government snoops, for any reason, even without a legal order, without any obligation to tell you that they have done so.

  • [Attackers] Were Inside Citrix for Five Months

    Networking software giant Citrix Systems says malicious [attackers] were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords.

  • [Vulnerable] firmware lurks inside Dell, HP and Lenovo computers amid supply chain security efforts

    “Firmware is meant to be invisible to the user, and so it’s not surprising that most people don’t pay attention to it,” said Eclypsium CEO Yuriy Bulgin. “However, these components make up the foundation upon which every device, operating system, and application depends.”

    Researchers used unsigned firmware to show how an attacker could compromise an operating system remotely in order to steal network data. The highlighted flaws could also enable “direct-memory access” attacks which exploit a computer’s core operating system.

  • Aera Launches Cognitive ‘Business Brain’ Operating System [Ed: This is NOT an 'operating system". Terms misused these days.]

    Infor labels one of its core brands Infor OS and quite unashamedly uses the term operating system to explain the function of its industry-specific Enterprise Resource Planning (ERP) and Supply Chain Management (SCM) cloud software. Mountain View headquartered Aera Technology has used a similar naming convention within its branding and called its automation-centric cloud platform the Aera Cognitive Operating System.

  • Microsoft Defender ATP for Linux Now In Public Preview

    Microsoft Defender ATP for Linux is now available in a public preview that allows administrators and security professionals to test the product in six different Linux distributions.

  • Keen to check for 'abnormal' user behaviours? Microsoft talks insider risk, AWS imports and compliance at infosec shindig RSA [Ed: “Microsoft talks insider risk”; but Microsoft is the risk]

    As well as widening the preview of Microsoft Threat Protection, a system aimed at a more automated response to threats, the gang has also extended the cross-platform support for Microsoft Defender Advanced Threat Protection (ATP) to include a whole bunch of Linux distributions.

  • Microsoft plans to add Linux support for Chromium-based Edge

    Microsoft fought long and hard to maintain and push its own proprietary browser, even launching Edge, hoping to get away from the stigma against Internet Explorer. However, the dominating market share of Chromium-based browsers finally got to Microsoft, and the company announced it would rebuild Edge with the Chromium source code. Last month, we reported that Microsoft’s Chromium-based Edge was out of development and ready for public deployment.

Hardware: AMD "Rome", AMD Defects and Microsoft Defects

Filed under
Linux
Hardware
Microsoft
  • Google Cloud Rolls Out "N2D" VMs Built Atop AMD EPYC 7002 "Rome" CPUs

    We are seeing more cloud providers now offering AMD EPYC 7002 "Rome" series processors with the latest being Google now offering the new N2D VM family in beta for their public cloud.

  • AMD Announces EPYC 7532 + EPYC 7662 As Newest Rome Processors
  • Linux Will Finally Stop Flickering With AMD Stoney Ridge On 4K Displays

    For those still running the AMD "Stoney Ridge" mobile APUs from 2016 that were launched aside Bristol Ridge with Excavator-based CPU cores and GCN 1.2 graphics, the Linux kernel has a fix finally for flickering issues when driving a 4K display off the APU.

  • Microsoft crack habit reports: User claims Surface Laptop 3 screen fractured again after repair

    Screens on Microsoft's Surface Laptop 3 have appeared to develop a crack habit, with one of the latest complaints claiming this happened even after repair.

    Reports on Twitter noted whinges sprouting on Reddit and Microsoft's own support forums last week about the new hardware appearing to suffer from spontaneously cracked screens.

    Users have described hairline cracks on the touchscreens of the Surface Laptop 3, and have insisted that the things weren't dropped, bashed or otherwise interfered with, other than the usual stroking of the glass.

    A Microsoft agent in the company's forums told a customer, who had spanked the best part of a years' savings on a 13.5-inch matte black model only to find the fracture shortly after setting the thing up, that: "Physical damage do[es] not happen if there is no external force."

Windows 10 vs. Eight Linux Distributions On The Threadripper 3970X

Filed under
GNU
Graphics/Benchmarks
Linux
Microsoft

When taking the geometric mean of all these benchmark results, the Windows 10 Professional performance was the same as Windows 10 Enterprise for this Threadripper 3970X testing, unlike the Enterprise advantage we've seen on the larger Threadripper 3990X. The slowest of the eight Linux distributions tested was the Ubuntu 20.04 development snapshot, but that still came out to be 9.5% faster than Windows 10. The fastest Linux distribution was Clear Linux on the Threadripper 3970X with a 19% over Windows in these cross-platform benchmarks. Following Clear Linux with a strong showing was the new rolling-release CentOS Stream.

Read more

Microsoft Warning Issued For Millions Of Windows 10 Users

Filed under
Microsoft

Proactive users can also download the Windows Update troubleshooter, which will allow you to hide problematic updates and prevent them from reinstalling. As things stand, it is fast becoming essential software for all Windows 10 users.

This week Microsoft demonstrated the future of Windows updates. The advances target a new generation of dual-screen devices and are not meant for the millions of existing Windows 10 PCs and laptops. Meanwhile, long-overdue Windows 10 update improvements were suddenly shelved.

Microsoft, it is time to prioritize the present.

Read more

If you're running Windows, I feel bad for you, son. Microsoft's got 99 problems, better fix each one

Filed under
Microsoft

Microsoft had one of its largest patch bundles in recent memory, as the Windows giant released fixes for 99 CVE-listed vulnerabilities.

These included CVE-2020-0674, a remote code execution flaw in Internet Explorer's Trident rendering engine that is already being exploited in the wild. This hole would typically be exploited by a malicious webpage or the like to infect a visiting vulnerable computer.

"Even if you don’t use IE, you could still be affected by this bug though embedded objects in Office documents," noted Dustin Childs of the Trend Micro Zero Day Initiative.

"Considering the listed workaround – disabling jscript.dll – breaks a fair amount of functionality, you should prioritize the testing and deployment of this patch."

Read more

Proprietary Windows Stories and Proprietary Microsoft SDK

Filed under
Microsoft
Security

Lessons learned maintaining EdgeDeflector for Windows 10

Filed under
Microsoft
Web

Three years ago, I released EdgeDeflector; a tiny open-source utility program for Windows 10. It reinforces the default web browser setting in situations when Microsoft ignores its own setting and pushes you to use its Edge browser instead. It’s a tiny software project that I’ve not had to write any new code for in years. However, supporting it has proven a frustrating experience.

The origin story of EdgeDeflector is a tiny act of rebellion against tech behemoths abusing their market positions. Microsoft uses Windows 10 features like Search, Cortana, and others to force users to open links in its Microsoft Edge web browser. The operating system has a default web browser setting, but Microsoft circumvents this setting in certain parts of its operating system. It doesn’t respect the choices of its consumers to not use its software. EdgeDeflector gave back this control.

EdgeDeflector was positively received by users and has been downloaded over 300 000 times. 265 000 through the project page on GitHub and 35 000 times from mirrors. It popped up in all the Windows news/fan blogs within a few months of its launch. It still occasionally receives coverage from tech blogs with nothing more original to cover.

Read more

Also: I opened up Edge to test something and it added BING as a search provider in Firefox. The only thing in there before was DuckDuckGo.

Microsoft flirts with new anti-trust challenge with new Start Menu-based Edge ads

Filed under
Microsoft
Moz/FF
Legal

Microsoft originally implemented the “Suggested” section on the Windows 10 Start Menu as a way to advertise its official apps; but in the latest listing, Microsoft has gone beyond self-promotion.

Microsoft’s recent extensive advertising is becoming hard to ignore, which has prompted many users to disable the ads. Those who haven’t done so may have noticed the most recent one takes a dig at a competitor browser.

The listing displays “Still using Firefox? Microsoft Edge is here”, to all users of the former- even with the latter already installed. The ad provides a link to download the chromium-based browser.

Read more

Also: Windows 7: a major bug prevents turning off or restarting the PC

Syndicate content

More in Tux Machines

Today in Techrights

Planet Changes and Cilium

  • Planet Arch Linux migration

    The software behind planet.archlinux.org was implemented in Python 2 and is no longer maintained upstream. This functionality has now been implemented in archlinux.org's archweb backend which is actively maintained but offers a slightly different experience.

  • Cilium drops 1.7 release, upping insight and manageability

    Network and API connectivity project Cilium has been released in version 1.7, providing users with a UI for observability platform Hubble and the option to apply cluster-wide network policies. Cilium is an open source project developed by US startup Isovalent to provide and secure network connectivity and load balancing for workloads such as application containers or processes. It is based on a virtual machine-like construct called Berkeley Packet Filter (BPF) which can be found in the Linux kernel.

OSS and Development

  • Someone is selling the free, open source Playnite launcher on Steam for $100

    Playnite is a free open source PC application designed to be an all-in-one answer to the growing number of game launchers we've all got on our desktops. In other words, it combines libraries from the likes of Steam, Epic Games Store, Uplay and GOG Galaxy, and then lets you organise them however you see fit. Jody tried it last year and came away impressed. I should emphasise the "free" above: it is available straight from the source here and, according to the site, "no features are locked behind a paywall and the complete source code is available under the MIT license". The MIT license basically surrenders the software to any kind of use with no restrictions, including resales.

  • uGet is an open source download manager for Windows and Linux that also supports Torrents and Video downloads

    The GUI has four panes, a menu bar and a toolbar. The Status pane in the top left corner displays all downloads and the ones which are Active, Queuing, Finished, and Recycled (deleted). The total number of downloads for each category is displayed next to its name, and you can click on any of these to see the list of items contained. Switch to the Category pane to jump between the default and the ones you have created. You can use the Category menu to add new sorting options, set the default download folder for each category, maximum active downloads, and also the maximum upload and download speeds. The pane below the toolbar is the download list pane; anything that you select in the status pane is displayed here. It shows the name, the file size of the download that has been completed, the total size, the progression percentage, time left to complete the download, and the upload/download speeds of each file. The View menu can be used to customize the columns that are displayed in the list pane, and the other visual elements of the program. Highlighting an item in the download list brings up its summary on the bottom pane.

  • Open Source Music Tagger Picard 2.3 Released With Custom MP4 Tags Support

    Free and Open source MusicBrainz announced the point release of Picard 2.3 with major changes to the user interface, tag, and desktop integration support. MusicBrainz stores all the metadata of the music and Picard is the official tag editor that helps in identifying and organizing the digital audio recording.

  • For Square Crypto, the Way to Bitcoin Mass Adoption Is Open Source

    When Jack Dorsey founded Square in February 2009, Bitcoin was all of one month old. In fact, Satoshi Nakamoto and Dorsey were likely laying the groundwork for their respective creations concurrently in the year prior. Ten years later, the two would converge in what now seems like an inevitable collision. Square launched its Venmo-like payment service, Cash App, in 2013. The application features common stock investing, and i

  • Gold-nuggeting: Machine learning tool simplifies target discovery for pen testers

    Recognizing this analogy with the precious metals industry, researchers at Delve Labs have developed Batea, an open source tool that leverages machine learning to find valuable information in network device data.

  • ’Second Revolution’ In Electronic Bond Trading

    Sri Ambati, chief executive and founder at H2O.ai, told Markets Media that the firm’s open source platform can perform one billion regressions in less than five seconds.

  • Google ‘AutoFlip’ can resize video using AI

    The way we consume video has changed a lot over the course of the last decade. We now watch videos on our mobile devices from anywhere and because of this, video content comes in a wide variety of formats. Google recognizes this shift and so last week their AI team announced ‘AutoFlip’ an open-source framework for “intelligent video reframing.”

  • This open-source framework, ‘AutoFlip’, can do automated video cropping using AI

    Many times when we see a video on mobile devices is badly cropped, it is not much you can do about it. Understanding this problem, Google’s AI’s team has built an open-source solution on top of MediaPipe, Autoflip, which can reframe a video that fits any device or dimension (landscape, portrait, etc.). AutoFlip works in three phases. The first phase includes scene detection; the second is the video content analysis, and the third is reframing. For this tool, if a video and a target dimension are given, it analyzes the video content. Later it develops optimal tracking and cropping strategies, which finally enables it to create an output video at the same time limit in the desired aspect ratio.

  • Tech Events in Africa: Nerds Unite, Open Source Festival and #CodeZone

    It’s a new week and another opportunity to meet up with like-minded people, become better in your chosen field and seal those deals for your startup. And we at TechNext want to help with a list of tech events happening around you this week.

  • An unofficial version of Brave browser brings native ARM64 support

    Privacy-focused Brave browser launched late last year after almost four years of being in the works. The browser is based on the Chromium open-source project and joins the likes of Microsoft Edge that is built on that platform. However, while Mozilla Firefox and Microsoft’s offering currently support ARM64 PCs natively in the stable channels, Brave does not. That might change, as Windows Insider MVP Jeremy Sinclair was able to compile an unofficial build of the open-source Brave browser that natively supports ARM64 PCs. The recompiled build (version 1.6.33) uses Microsoft’s ARM64 Chromium libraries and can run natively on those PCs like the Surface Pro X. Samsung Galaxy Book S. Native support results in improved performance and efficiency since the browser will not have to run in emulation.

  • The Brave web browser is taking on Google Chrome: Is it safe?

    The creator of Brave, Brendan Eich, also created JavaScript and co-founded the Mozilla Project that led to the development of the Firefox browser. Brave is based on the open-source Chromium browser that’s also the basis for Google’s Chrome, Opera and most recently Microsoft’s Chromium Edge browser. Open-source means that anyone can take the source code and build whatever they’d like out of it, but it doesn’t mean that all the browsers are the same. In the case of Brave, they chose to focus on user privacy by blocking trackers, scripts and ads by default. The natural by-product of blocking all this activity that usually goes unnoticed by the average user is faster load times. Brave can also make use of the wide variety of extensions for Chromium-based browsers via the Chrome Web Store at chrome.google.com.

  • This new tool could improve economic analysis of sub-national climate policies in the US

    Empowered by the Paris Agreement and a lack of national leadership on climate policy in the United States, state and local governments are leading on their own climate initiatives. California, New York and Colorado have set ambitious greenhouse gas emission and renewable energy targets for 2030. Just last week, Massachusetts introduced sweeping climate legislation targeting net zero emissions by 2050. As these environmental and energy policies move ahead, experts need to invest in economic data and tools that allow them to conduct robust economic analysis, to better inform policymakers, stakeholders and the public on how to design robust alternative climate and energy policies.

  • 2020 Open Access Award Finalists Named

    The Benjamin Franklin Award for Open Access in the Life Sciences is a humanitarian/bioethics award presented annually by Bioinformatics.org to an individual who has, in his or her practice, promoted free and open access to the materials and methods used in the life sciences.

  • Are we having fund yet, npm? CTO calls for patience after devs complain promised donations platform has stalled

    At the end of August, JavaScript package registry NPM Inc said it intended "to finalize and launch an Open Source funding platform by the end of 2019." But instead of a platform, what's available at the moment might be better referred to as a feature of the npm command-line interface (CLI). The announcement was received with some skepticism at the time and the project hasn't managed to defy that expectation: There was a minor milestone last November with the addition of the "fund" command to npm v6.13.0. But not much has changed since then.

  • RcppSimdJson 0.0.2: First Update!

    RcppSimdJson wraps the fantastic simdjson library by Daniel Lemire which truly impressive. Via some very clever algorithmic engineering to obtain largely branch-free code, coupled with modern C++ and newer compiler instructions, it results in persing gigabytes of JSON parsed per second which is quite mindboggling. I highly recommend the video of the recent talk by Daniel Lemire at QCon (which was also voted best talk). The best-case performance is ‘faster than CPU speed’ as use of parallel SIMD instructions and careful branch avoidance can lead to less than one cpu cycle use per byte parsed. This release syncs the simdjson headers with upstream, and polishes the build a little by conditioning on actually having a C++17 compiler rather than just suggesting it. The NEWS entry follows.

  • Nvidia Blames ‘Misunderstanding’ for Activision Faux Pas

    When Nvidia Corp. abruptly dropped Activision Blizzard Inc. games from its new GeForce Now service earlier this week, it left customers wondering what happened. Nvidia said on Tuesday that Activision had asked to have its titles removed from GeForce, but didn’t explain why. It turns out that the video-game giant wanted a commercial agreement with Nvidia before they proceeded -- and the situation stemmed from a simple misunderstanding, Nvidia said on Thursday.

Web Standards

  • Inrupt, Tim Berners-Lee's Solid, and Me

    All of this is a long-winded way of saying that I have joined a company called Inrupt that is working to bring Tim Berners-Lee's distributed data ownership model that is Solid into the mainstream. (I think of Inrupt basically as the Red Hat of Solid.) I joined the Inrupt team last summer as its Chief of Security Architecture, and have been in stealth mode until now.

    The idea behind Solid is both simple and extraordinarily powerful. Your data lives in a pod that is controlled by you. Data generated by your things -- your computer, your phone, your IoT whatever -- is written to your pod. You authorize granular access to that pod to whoever you want for whatever reason you want. Your data is no longer in a bazillion places on the Internet, controlled by you-have-no-idea-who. It's yours. If you want your insurance company to have access to your fitness data, you grant it through your pod. If you want your friends to have access to your vacation photos, you grant it through your pod. If you want your thermostat to share data with your air conditioner, you give both of them access through your pod.

  • World wide web founder scales up efforts to reshape internet
  • Sir Tim Berners-Lee's Inrupt is Redesigning the way the web is to Work and Apple is working with them on their Data Transfer Project

    Inrupt, the start-up company founded by Sir Tim Berners-Lee to redesign the way the web works, is expanding its operational team and launching pilot projects in its quest to develop a "massively scalable, production-quality technology platform."

  • Inconsistent user-experiences with native lazy-loading images

    The specification for web browser native support for lazy-loading images landed in the HTML Living Standard a week ago. This new feature lets web developers tell the browser to defer loading an image until it is scrolled into view, or it’s about to be scrolled into view. Images account for 49 % of the median webpage’s byte size, according to the HTTP Archive. Lazy image loading can help reduce these images’ impact on page load performance. It can also help lower data costs by clients that never scroll down to images far down on a page. Historically, lazy-loading was implemented by responding to changes in the scroll position and tracking the image element’s offset from the top of the page. This could degrade page-scrolling performance. Comparatively, the new native lazy loading for images is easier to implement and doesn’t degrade scrolling performance.