Windows 10 Creators Update now available to all, November Update end-of-life’d

Enlarge / The announcement of the Creators Update in October 2016. (credit: Ars Technica)

Some four months after its initial release, Microsoft says it has opened the floodgates and is now pushing out Windows 10 version 1703, the Creators Update, to every compatible PC (a category that excludes systems using Intel’s Clover Trail Atoms).

Earlier this month, AdDuplex, which tracks the penetration of the different Windows 10 versions, reported that as of July 18, the Creators Update had just passed 50 percent of Windows 10 systems. Forty-six percent are on the previous version, 1607 (aka the Anniversary Update).

Until now, the deployment of the Creators Update has been throttled to stage its rollout. That throttle is now removed, so most of that 46 percent should now start upgrading. Microsoft is also saying that with this full rollout, enterprise customers should have confidence deploying the update. With Microsoft getting rid

Continue reading “Windows 10 Creators Update now available to all, November Update end-of-life’d”

Stealthy Google Play apps recorded calls and stole e-mails and texts

Enlarge (credit: portal gda)

Google has expelled 20 Android apps from its Play marketplace after finding they contained code for monitoring and extracting users’ e-mail, text messages, locations, voice calls, and other sensitive data.

The apps, which made their way onto about 100 phones, exploited known vulnerabilities to “root” devices running older versions of Android. Root status allowed the apps to bypass security protections built into the mobile operating system. As a result, the apps were capable of surreptitiously accessing sensitive data stored, sent, or received by at least a dozen other apps, including Gmail, Hangouts, LinkedIn, and Messenger. The now-ejected apps also collected messages sent and received by Whatsapp, Telegram, and Viber, which all encrypt data in an attempt to make it harder for attackers to intercept messages while in transit.

The apps also contained functions allowing for:

Read 3 remaining paragraphs | Comments

Microsoft rationalizes and rebrands Windows 10, Office updates again

One of the more visible aspects of Windows as a Service is that Microsoft has been learning as it goes along, and didn’t come straight out the gate with a clear vision of precisely how Windows updates would be delivered, or when. Initially the plan was to push each release out to consumers as the “Current Build” (CB),  and a few months later bless it as good for businesses, as the “Current Build for Business” (CBB).

A clearer plan has been crystalizing over the last few months, first with the announcement in April that Windows and Office would have synchronized, twice-annual releases, and then June’s announcement that Windows Server would also be on the semi-annual release train.

Today, Microsoft has put all the pieces together and delivered what should be the long-term plan for Windows, Windows Server, and Office updates. It’s not a huge shake-up from the cobbled together

Continue reading “Microsoft rationalizes and rebrands Windows 10, Office updates again”

Cable lobby claims US is totally overflowing in broadband competition

(credit: Free Press)

Are you ever frustrated about a lack of choice for home Internet providers? Well, worry no more. The nation’s top cable lobby group is here to let you know that the US is simply overflowing in broadband competition.

In a new post titled, “America’s competitive TV and Internet markets,” NCTA-The Internet & Television Association says that Internet competition statistics are in great shape as long as you factor in slow DSL networks and smartphone access.

Competition isn’t just the rule in television, it defines broadband markets as well. In spite of living in one of the largest and most rural nations, 88 percent of American consumers can choose from at least two wired Internet service providers. When you include competition from mobile and satellite broadband providers, much of America is home to multiple competing ISPs leveraging different and ever-improving technologies. This competition has led to rapid

Continue reading “Cable lobby claims US is totally overflowing in broadband competition”

Microsoft expands bug bounty program to cover any Windows flaw

Some bugs aren’t worth very much cash. (credit: Daniel Novta)

Microsoft today announced a new bug bounty scheme that would see anyone finding a security flaw in Windows eligible for a payout of up to $15,000.

The company has been running bug bounty schemes, wherein security researchers are financially rewarded for discovering and reporting exploitable flaws, since 2013. Back then, it was paying up to $11,000 for bugs in Internet Explorer 11. In the years since then, Microsoft’s bounty schemes have expanded with specific programs offering rewards for those finding flaws in the Hyper-V hypervisor, Windows’ wide range of exploit mitigation systems such as DEP and ASLR, and the Edge browser.

Many of these bounty programs were time limited, covering software during its beta/development period but ending once it was released. This structure is an attempt to attract greater scrutiny before exploits are distributed to regular end-users. Last month, the

Continue reading “Microsoft expands bug bounty program to cover any Windows flaw”

USB 3.2 will make your cables twice as fast… once you’ve bought new devices

Enlarge (credit: USB-IF)

If you’ve invested heavily in USB Type-C cables, the USB Promoter Group has some good news for you. The next version of USB, USB 3.2, will double the speed of existing Type-C cables. Cables currently qualified for USB 3.1 generation 1’s 5 Gbps will be able to operate at 10 Gbps; those qualified for generation 2’s 10 Gbps will be able to run at 20 Gbps.

The only small inconvenience is that to use these new speeds you’ll need brand new devices at each end of the cable. But if you’ve managed to find some Type-C cables that actually properly comply with the specification—something rather harder than it should be—then you can rest assured that they’ll continue to work with the new spec, without holding back the performance of your devices.

As for how the cables are able to double in performance, the

Continue reading “USB 3.2 will make your cables twice as fast… once you’ve bought new devices”

Aboard the NS Savannah, America’s first (and last) nuclear merchant ship

(credit: Sean Gallagher)

BALTIMORE—Alongside a former grain pier in a strangely quiet corner of this cargo port, there’s a ship straight out of the future—the future, that is, as seen from the 1950s. Featuring sleek, modern lines and a giant insignia of an atom, the Nuclear Ship Savannah once sailed the world to demonstrate the peaceful potential of atomic energy.

Constructed at a cost of $46.9 million ($386.8 million in 2016 dollars) and launched on July 21, 1959, the Savannah was the world’s first nuclear cargo ship and the second nuclear-powered civilian ship (coming just two years after the Soviet nuclear icebreaker Lenin). Owned by the US Maritime Administration (MARAD) and operated by commercial cargo companies, for nearly a decade she carried cargo and passengers around the world. She also acted as a floating herald for America’s seemingly inevitable, cool Atomic Age future. Savannah boasted all the latest conveniences, including

Continue reading “Aboard the NS Savannah, America’s first (and last) nuclear merchant ship”

Zuckerberg and Musk are both wrong about AI

Enlarge / Enjoy your little squabbles. You foolish men know nothing about AI. (credit: Universal Pictures)

Back in 2015, a group of business leaders and scientists published an “open letter” about how controlling artificial superintelligence might be the most urgent task of the twenty-first century. Signed by luminaries like Elon Musk and Stephen Hawking, the letter has defined debates over AI in the years since. Bill Gates said in a Reddit AMA that he agrees with the letter. But, at last, there is a high-profile skeptic: Facebook giant Mark Zuckerberg, who has just come out strongly against the idea that AI is a threat to humanity.

At a backyard barbecue over the weekend, Zuckerberg fielded questions from Facebook Live. One asked about AI, and the social media mogul launched into a passionate rant:

I have pretty strong opinions on this. I am optimistic. I think you can build things

Continue reading “Zuckerberg and Musk are both wrong about AI”

Adobe ending Flash support at the end of 2020

Enlarge (credit: Aurich / Thinkstock)

Back in 2012, Adobe recognized that Flash’s end was near, with a five- to 10-year timeframe for its eventual phasing out. Today, the company got specific: Flash will be supported through to the end of 2020, after which the Flash player will cease to be developed and distributed.

In the early days of the Web, Flash served an essential role, offering graphical and interactive capabilities that simply had no equivalent in plain HTML and JavaScript. Since then, a raft of technologies—canvas for 2D graphics, WebGL for 3D graphics, HTML5’s video and audio tags, JavaScript interfaces for microphones and webcams, among others—have piece by piece eliminated the need for Flash. With, most recently, support for DRM-protected video being incorporated into HTML5, the need for Flash is largely eliminated.

As such, Adobe, together with Apple, Facebook, Google, Microsoft, and Mozilla, has planned to end-of-life the browser plugin.

Continue reading “Adobe ending Flash support at the end of 2020”

Elon Musk: Mark Zuckerberg’s understanding of AI is “limited”

Enlarge (credit: Bill Pugliano & Justin Sullivan, Getty Images)

There aren’t many people in the world who can justifiably call Mark Zuckerberg a dumb-ass, but Elon Musk is probably one of them.

Early on Tuesday morning, in the latest salvo of a tussle between the two tech billionaires over the dangers of advanced artificial intelligence, Musk said that Zuckerberg’s “understanding of the subject is limited.”

I won’t rehash the entire argument here, but basically Elon Musk has been warning society for the last few years that we need to be careful of advanced artificial intelligence. Musk is concerned that humans will either become second-class citizens under super-smart AIs, or alternatively that we’ll face a Skynet-like scenario against a robot uprising.

Read 6 remaining paragraphs | Comments

Mac malware that went undetected for years, spied on everyday users

Enlarge (credit: Tim Malabuyo)

A mysterious piece of malware that gives attackers surreptitious control over webcams, keyboards, and other sensitive resources has been infecting Macs for at least five years. The infections—known to number nearly 400 and possibly much higher—remained undetected until recently and may have been active for almost a decade.

Patrick Wardle, a researcher with security firm Synack, said the malware is a variant of a malicious program that came to light in January after circulating for at least two years. Dubbed Fruitfly by some, both malware samples capture screenshots, keystrokes, webcam images, and information about each infected Mac. Both generations of Fruitfly also collect information about devices connected to the same network. After researchers from security firm Malwarebytes discovered the earlier Fruitfly variant infecting four Macs, Apple updated macOS to automatically detect the malware.

The variant found by Wardle, by contrast, has infected a much larger

Continue reading “Mac malware that went undetected for years, spied on everyday users”

Crewless electric cargo ships may be on the horizon in Norway

Enlarge / Robo-cranes load cargo onto the robo-boat Yara Birkeland in this rendering of the drone ship, under construction in Norway. (credit: Konsberg Gruppen)

SpaceX’s drone landing ships have already proven that uncrewed vessels can handle some of the most dangerous jobs at sea. Now, two Norwegian companies are poised to put robo-boats into one of the most dull: hauling cargo down the fjord.

Two Norwegian companies are teaming together to construct a short-range, all-electric coastal container ship that will eventually operate autonomously—eliminating up to 40,000 diesel truck trips per year. The ship, the Yara Birkeland, will begin operations in 2018 with a crew, but it’s expected to operate largely autonomously (and crewless) by 2020 (regulatory clearance permitting, of course).

The $25 million Birkeland—described by some shipping executives as the “Tesla of the Seas”— is being jointly developed by the fertilizer company Yara and the maritime and defense

Continue reading “Crewless electric cargo ships may be on the horizon in Norway”

Windows Paint is now officially not getting updated any more [Updated]

Enlarge / Who needs Aurich’s artistic talents, anyway? (credit: Peter Bright)

The venerable Windows Paint program, known to many by the name of its executable, mspaint.exe, has been marked as deprecated in the forthcoming Windows 10 Fall Creators Update, The Guardian reports.

Deprecation states formally that the feature is no longer actively developed, and it serves as a warning that Microsoft may remove the feature in a future release. Removal isn’t guaranteed, however; there are parts of the Win32 API that have been deprecated for 20 years but still haven’t been removed. It’s possible that Paint will continue to ship with Windows in a kind of zombie state: not subject to any active maintenance but kept around indefinitely since it’s self-contained and not a security risk.

Indeed, the end of the development of Paint is not going to surprise anyone who actually uses the thing; the last time it received

Continue reading “Windows Paint is now officially not getting updated any more [Updated]”

Verizon accused of throttling Netflix and YouTube, admits “video optimization”

Enlarge (credit: Getty Images | MrsWilkins)

Verizon Wireless customers this week noticed that Netflix’s speed test tool appears to be capped at 10Mbps, raising fears that the carrier is throttling video streaming on its mobile network.

When contacted by Ars this morning, Verizon acknowledged using a new video optimization system but said it is part of a temporary test and that it did not affect the actual quality of video. The video optimization appears to apply both to unlimited and limited mobile plans.

But some YouTube users are reporting degraded video, saying that using a VPN service can bypass the Verizon throttling. The Federal Communications Commission generally allows mobile carriers to limit video quality as long as the limitations are imposed equally across different video services despite net neutrality rules that outlaw throttling. The net neutrality rules have exceptions for network management.

Read 17 remaining paragraphs | Comments

Microsoft 4Q17: Office 365 revenue surpasses traditional licenses

(credit: Julien GONG Min)

In the fourth quarter of its 2017 financial year, Microsoft posted revenue of $23.3 billion, up 13 percent on a year ago, with an operating income of $5.3 billion (up 73 percent), a net income of $6.5 billion (up 109 percent), and earnings per share of $0.83 (up 112 percent on the same quarter last year).

For the full 2017 financial year, revenue was $90.0 billion (up 5 percent on 2016), operating income was $22.3 billion (up 11 percent), net income was $21.2 billion (up 26 percent), and earnings per share were $3.31 (up 29 percent).

Microsoft currently has three reporting segments: Productivity and Business Processes (covering Office, Exchange, SharePoint, Skype, and Dynamics), Intelligent Cloud (including Azure, Windows Server, SQL Server, Visual Studio, and Enterprise Services), and More Personal Computing (covering Windows, hardware, and Xbox, as well

Continue reading “Microsoft 4Q17: Office 365 revenue surpasses traditional licenses”

Google drops the boom on WoSign, StartCom certs for good

(credit: Michael Rosenstein)

Last August, after being alerted by GitHub’s security team that the certificate authority WoSign had errantly issued a certificate for a GitHub domain to someone other than GitHub, Google began an investigation in collaboration with the Mozilla Foundation and a group of security professionals into the company’s certificate issuance practices. The investigation uncovered a pattern of bad practices at WoSign and its subsidiary StartCom dating back to the spring of 2015. As a result, Google moved last October to begin distrusting new certificates issued by the two companies, stating “Google has determined that two CAs, WoSign and StartCom, have not maintained the high standards expected of CAs and will no longer be trusted by Google Chrome.”

WoSign (based in Shenzen, China) and StartCom (based in Eliat, Israel) are among the few low-cost certificate providers who’ve offered wildcard certificates. StartCom’s StartSSL offers free Class 1

Continue reading “Google drops the boom on WoSign, StartCom certs for good”

Meet your new fungible, phallic robot friend

Demonstration of how the robot grows, reaching a maximum speed of 10 meters per second (22 miles per hour). (video link)

A group of mechanical engineers at Stanford has created a transparent robot that looks and behaves like a worm, elongating its body in order to move. Using a pneumatic control system, an operator can make the bot turn corners and even squeeze itself through a narrow crack between two pieces of sticky flypaper. In the crowded field of soft robotics, this strange creature is one of the most intriguing.

Mechanical-engineering researcher Elliot Hawkes and his team designed the robot for a variety of applications, including search and rescue. In a recent issue of Science Robotics, they explain that the bot could also be used to create instant 3-D structures like a spiral-shaped antenna.

Read 9 remaining paragraphs | Comments

State Department moves to downgrade cyber-diplomacy office

Enlarge / Rex Tillerson, US secretary of state, has decided to merge the State Department’s Office for the Coordination of Cyber Issues into the department’s economic bureau, as State’s chief cyber-diplomat departs. (credit: Inga Kjer/Photothek via Getty Images)

On the heels of the resignation of State Department Cyber Coordinator Chris Painter—the top diplomat for negotiations on setting norms for nations’ behavior in “cyberspace”—a State Department spokesperson confirmed that Secretary of State Rex Tillerson is moving toward shutting down the department’s Office for the Coordination of Cyber Issues.

The office, set up by former Secretary of State Hillary Clinton during the Obama administration, has taken the lead in negotiations with other nations on cybersecurity policy issues. It also works out how existing international law applies to hacking, cyber-espionage, and other state-directed activities on the Internet. The Cyber Coordinator, who leads the office, has reported directly to the secretary of state.

Continue reading “State Department moves to downgrade cyber-diplomacy office”

Clover Trail systems won’t get Windows 10 Creators Update, ever

Enlarge / One of the affected Atom processors. (credit: Intel)

Systems using Intel’s Clover Trail Atom processors and running Windows 10 won’t ever receive the Creators Update, or any major Windows 10 updates in future. But in an exception to its normal Windows 10 support policy, Microsoft has said that it will provide security updates to those systems until January 2023.

We wrote earlier this week about the tricky situation of the Clover Trail systems. Those machines shipped with Windows 8 and 8.1 were due to receive software support until 2023. However, the systems were also eligible for the free upgrade to Windows 10. But to receive security fixes on Windows 10, you have to keep pace with the periodic regular major upgrades that Microsoft makes to that operating system. Each of these named releases is only supported for 18 months, after which you have to upgrade, or else

Continue reading “Clover Trail systems won’t get Windows 10 Creators Update, ever”

FCC has no documentation of DDoS attack that hit net neutrality comments

Enlarge / John Oliver takes on FCC Chairman Ajit Pai in net neutrality segment. (credit: HBO Last Week Tonight)

The US Federal Communications Commission says it has no written analysis of DDoS attacks that hit the commission’s net neutrality comment system in May.

In its response to a Freedom of Information Act (FoIA) request filed by Gizmodo, the FCC said its analysis of DDoS attacks “stemmed from real time observation and feedback by Commission IT staff and did not result in written documentation.” Gizmodo had asked for a copy of any records related to the FCC analysis that concluded DDoS attacks had taken place. Because there was no “written documentation,” the FCC provided no documents in response to this portion of the Gizmodo FoIA request.

The FCC also declined to release 209 pages of records, citing several exemptions to the FoIA law. For example, publication of documents related to “staffing

Continue reading “FCC has no documentation of DDoS attack that hit net neutrality comments”