Windows 10 Gets Core Console Host Enhancements ( 238

x0n writes: As of Windows 10 TH2 (10.0.1058), the core console subsystem has support for a large number of ANSI and VT100 escape sequences. This is likely to prepare for full Open SSH server/client integration, which is already underway over on github. It looks like xterm is finally coming to Windows. OpenSSH was previously announced (last year) by the very forward-looking PowerShell team. The linked article provides some context, and explains that the console host isn't the same as either cmd.exe or powershell.exe, but there is a lot of overlap in functionality.

Even With Telemetry Disabled, Windows 10 Talks To Dozens of Microsoft Servers ( 544

An esteemed reader writes: Curious about the various telemetry and personal information being collected by Windows 10, one user installed Windows 10 Enterprise and disabled all of the telemetry and reporting options. Then he configured his router to log all the connections that happened anyway. Even after opting out wherever possible, his firewall captured Windows making around 4,000 connection attempts to 93 different IP addresses during an 8 hour period, with most of those IPs controlled by Microsoft. Even the enterprise version of Windows 10 is checking in with Redmond when you tell it not to — and it's doing so frequently.

Avast SafeZone Browser Lets Attackers Access Your Filesystem ( 37

An anonymous reader writes: Just two days after Comodo's Chromodo browser was publicly shamed by Google Project Zero security researcher Tavis Ormandy, it's now Avast's turn to be publicly scorned for failing to provide a "secure" browser for its users. Called SafeZone, and also known as Avastium, Avast's custom browser is offered as a bundled download for all who purchase or upgrade to a paid version of Avast Antivirus 2016. This poor excuse of a browser was allowing attackers to access files on the user's filesystem just by clicking on malicious links. The browser wouldn't even have to be opened, and the malicious link could be clicked in "any" browser.

Ask Slashdot: Fixing UVC Camera Issues Under Windows? 148

Khyber writes: I bought some cheap Chinese camera glasses with built-in microphones. These are (supposedly) UVC cameras manufactured in 2015. Under Windows XP, these cameras are seen perfectly fine and work as web cameras; even the microphones work. Under Windows 7, the camera appears to install just fine, however I get the 'This device can perform faster if you connect to USB 2.0' (which it is connected to) and when I try to load it up with any camera viewer such as manycam or any chat program's built-in previewer, I cannot receive any video from the camera. I can get audio from the camera microphones under Windows 7, so I am wondering if the camera device is having problems enumerating as a USB 2.0 device due to some change in Windows 7 (which it doesn't seem to have issues doing under XP,) or if the UVC driver for Windows 7 is missing something in comparison to the one used for Windows XP. Anybody else had issues getting newer UVC cameras to work in newer operating systems?
Data Storage

Barracuda Copy Shutting Down ( 52

New submitter assaf07 writes: I received a notification [Monday] that Barracuda's excellent online storage option Copy will be shuttting down in May. A blog post by Rod Matthews, VP of Storage at Barracuda gives the usual business doublespeak excuse. Having used Google's Drive, Box, Dropbox, and Spideroak, I am very disappointed to lose Copy as its native Linux, Android, IOS, and Windows clients are/were wonderful.

Windows 10 Passes Windows XP In Market Share 311

An anonymous reader writes: Six months after its release, Windows 10 has finally passed 10 percent market share. Not only that, but the latest and greatest version from Microsoft has also overtaken Windows 8.1 and Windows XP, according to the latest figures from Net Applications. Windows 10 had 9.96 percent market share in December, and gained 1.89 percentage points to hit 11.85 percent in January. Maybe it will jump even faster soon, but not necessarily for the best of reasons.

Windows 10 Now a 'Recommended Update' For Windows 7 and 8.1 Users ( 581

Mark Wilson writes: Microsoft has been accused of pushing Windows 10 rather aggressively, and the company's latest move is going to do nothing to silence these accusations. For Windows 7 and Windows 8.1 users, Windows 10 just became a 'recommended update' in Windows Update.

This is a change from the previous categorization of the upgrade as an 'optional update' and it means that there is renewed potential for unwanted installations. After the launch of Windows 10, there were numerous reports of not only the automatic download of OS installation files, but also unrequested upgrades. The changed status of the update means that, on some machines, the installation of Windows 10 could start automatically.


After More Than a Decade, MSN Chat Authentication Is Documented ( 27

An anonymous reader writes: After MSN Chat closed in 2003, and then again in 2006, some guy has finally documented the authentication system used — over a decade later! Developer Joshua Davison writes by way of explanation: I think it's important to document the challenge we (users, scripters, hackers) faced connecting to MSN Chat, which is the only known 'proper' implementation of IRCX v8.1 at this time. MSN Chat introduced a GateKeeper SASL authentication protocol, which implemented 'GateKeeper' and 'GateKeeperPassport' (not dissimilar to the widely documented NTLM authentication protocol, which was also implemented as NTLM, and NTMLPassport) The GateKeeper Security Support Provider (GKSSP) functioned in two ways; allowing a user to login with a Microsoft Account (Previously known as Microsoft Passport, .NET Passport, Microsoft Passport Network, and Windows Live ID), and also allowed guest authentication for users without, or not willing to use a Microsoft Account. While most users didn't need or want to understand how the protocol worked, there were many of us who did, and many that just preferred to use MSN Chat outside of the browser.

Running "rm -rf /" Is Now Bricking Linux Systems ( 698

An anonymous reader writes: For newer systems utilizing UEFI, running rm -rf / is enough to permanently brick your system. While it's a trivial command to run on Linux systems, Windows and other operating systems are also prone to this issue when using UEFI. The problem comes down to UEFI variables being mounted with read/write permissions and when recursively deleting everything, the UEFI variables get wiped too. Systemd developers have rejected mounting the EFI variables as read-only, since there are valid use-cases for writing to them. Mounting them read-only can also break other applications, so for now there is no good solution to avoid potentially bricking your system, but kernel developers are investigating the issue.

FTDI Driver Breaks Hardware Again ( 268

janoc writes: It seems that the infamous FTDI driver that got famous by intentionally bricking counterfeit chips [NOTE: that driver was later removed] has got a new update that injects garbage data ('NON GENUINE DEVICE FOUND!') into the serial data. This was apparently going on for a while, but only now is the driver being pushed as an automatic update through Windows Update, thus many more people stand to be affected by this.

Let's hope that nobody dies in an industrial accident when a tech connects their cheap USB-to-serial cable to a piece of machinery and the controller misinterprets the garbage data.


Microsoft's Windows Phone Platform Is Dead ( 455

Ammalgam writes: Tom Warren at the Verge today gave voice to what a lot of other technology analysts and today definitively declared that Microsoft's Windows Phone platform is dead. This largely based on the abysmal adoption numbers released in Microsoft's most recent earnings report. Mr. Warren articulates the obvious by stating: "With Lumia sales on the decline and Microsoft's plan to not produce a large amount of handsets, it's clear we're witnessing the end of Windows Phone. Rumors suggest Microsoft is developing a Surface Phone, but it has to make it to the market first. Windows Phone has long been in decline and its app situation is only getting worse. With a lack of hardware, lack of sales, and less than 2 percent market share, it's time to call it: Windows Phone is dead. "

Now this news should not be surprising to anyone who has watched the slow decline of Windows Phone. Last December, in an article on, Onuora Amobi also wrote off the platform. In this case, his analysis was based on the nonconformity of the Microsoft user interface to Apple and Android's widely adopted aesthetic appeal. He wrote "I believe Windows Phone is dead. Kaput. Finished. Over. Done. ... Windows 10 is successful in part because it's a return to Windows 7 in many ways and that's what made the consumers happy. One of the definitions of insanity is "doing the same thing over and over again but expecting a different result". This is exactly what Microsoft is doing and it's insane. Over 90% of Microsoft's desired audience like the look and feel of iPhones and Android devices. They do – it's not good or bad – it just is what it is. They spend their money on those two user interfaces."


Attackers Use Microsoft Office To Push BlackEnergy Malware ( 51

itwbennett writes: Researchers at SentinelOne reverse engineered the latest variant of the BlackEnergy 3 rootkit (the same malware used in recent attacks against Ukraine's critical infrastructure) and found indicators that suggest it is being used by insiders and that it is the byproduct of a nation-sponsored campaign. 'BlackEnergy 3 exploits an Office 2013 vulnerability that was patched some time ago, so it only works if the target machine isn't patched or an employee (either deliberately or after being tricked into it) executes the malicious Excel document,' writes CSO's Steve Ragan.

The US Government and Open Standards: a Tale of Personal Woe ( 256

An anonymous reader writes: This article details a Linux user's struggles to submit a grant application when the process requires finicky, proprietary software. It also covers familiar ground made timely by the upcoming elections: the U.S. should prefer open source software and open standards over proprietary alternatives. The grant application required a PDF created by Adobe Acrobat — software Adobe no longer supports for Linux. Once the document was created, attempting to submit it while using Ubuntu fails silently. (On Windows 7, it worked immediately.) The reader argues, "By requiring Acrobat the government gives preference to a particular software vendor, assuring that thousands of people who otherwise would not choose to use Adobe software are forced to install it. Worse, endorsing a proprietary, narrowly supported technology for government data poses the risk that public information could become inaccessible if the vendor decides to stop supporting the software. Last but not least, there are privacy and fairness issues at stake. Acrobat is a totally closed-source program, which means we have to take Adobe's word for it that nothing sketchy is going on in its code. ... It would seem to be in the interest of the public for the government to prefer an open source solution, since it is much harder to hide nefarious features inside code that can be publicly inspected."

Firefox 44 Arrives With Push Notifications ( 182

An anonymous reader writes: Mozilla today launched Firefox 44 for Windows, Mac, Linux, and Android. Notable additions to the browser include push notifications, the removal of RC4 encryption, and new powerful developer tools. Mozilla made three promises for push notifications: "1. To prevent cross-site correlations, every website receives a different, anonymous Web Push identifier for your browser. 2. To thwart eavesdropping, payloads are encrypted to a public / private keypair held only by your browser. 3. Firefox only connects to the Push Service if you have an active Web Push subscription. This could be to a website, or to a browser feature like Firefox Hello or Firefox Sync." Here are the full changelogs: Desktop and Android.

Hot Potato Exploit Gives Attackers the Upper Hand On Multiple Windows Versions 127

An anonymous reader writes: By chaining together a series of known Windows security flaws, researchers from Foxglove Security have discovered a way to break into almost all of Microsoft's recent versions of Windows. The exploit, named Hot Potato, relies on three different types of attacks, some of which were discovered back at the start of the new millennium, in 2000. Going through these exploits one by one may take attackers from minutes to days, but if successful, the attacker can elevate an application's permissions from the lowest rank to system-level privileges. All of these security flaws have been left unpatched by Microsoft, with the explanation that by patching them, the company would effectively break compatibility between the different versions of their operating system.

Intel Compute Stick Updated With Cherry Trail Atom, Tested ( 90

MojoKid writes: The original Intel Compute Stick wasn't without issues. Last year's model featured dated 802.11n wireless connectivity and had only a single USB port, which meant using a hub and/or dongles, should you want to connect multiple peripherals to the device or boost its wireless capabilities. The new updated Intel Compute Stick, however, features Intel's newer Cherry Trail Atom platform, with 802.11ac 2x2 WiFi, and USB 3.0. There's still just 2GB of RAM in the device, along with 32GB of storage, but Windows 10 Home also now comes pre-installed. The result is a fully functional PC that won't burn up any benchmarks but offers utility for mainstream computing tasks and is even capable of streaming up to 4K video content. The little device can essentially turn any HDMI-equipped display into a basic PC.

Slashdot Top Deals