Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Microsoft

Windows 10 Anniversary Update: the Best New Features (theverge.com) 281

A year after the release of Windows 10, Microsoft is gearing up for Anniversary Update, the first major update to the company's desktop operating system. Ahead of the public release of Anniversary Update on August 2, Microsoft provided media outlets with the Anniversary Update, and their first impressions and reviews are out. The Verge has listed the big changes Windows 10 Anniversary ships with. From the article: Windows Ink: Windows Ink is without a doubt the best part of the Anniversary Update. It's essentially a central location to find built-in or third-party apps that work with your stylus. You can use the new sticky notes to note down reminders, and they'll even transform into true reminders as Cortana understands what you write.
Microsoft Edge extensions: If you're a fan of Chrome extensions, then you'll be glad to hear that they're heading to Microsoft's Edge browser. The Anniversary Update brings support for extensions, and it's now up to third-party developers to fill the Windows Store with their add-ons.
Cortana improvements: Microsoft's digital assistant, Cortana, debuted on Windows 10 last year, and the software maker is bringing it to the lock screen with the Anniversary Update. You'll be able to ask it to make a note, play music, set a reminder, and lots more without ever logging in. Cortana is also getting a little more intelligent, with the ability to schedule appointments in Outlook or options to send friends a document you were working on a week ago.
Dark theme and UI tweaks: You can switch on what I call even darker mode in settings, and it will switch built-in apps that typically use a white background over to black.
Other improvements include things like Windows 10's ability to set your time zone automatically, and opening up of Windows Hello, the biometric feature to apps and websites. Additionally, the Xbox One is getting Windows apps. The Verge adds, "It feels like a promise that was made years ago, but it's finally coming true with the Anniversary Update. As Windows 10 now powers the Xbox One, Microsoft will start rolling out an update to its console to provide support for Cortana on Xbox One and the new universal apps." Microsoft is also adding Bash, the Linux command line to Windows with the new update. It's an optional feature and users will need to enable it to use it. Users will also be able to "project to PC," a feature that will allow one to easily find a PC to project to from a phone or another PC. There's also a new Skype app, and syncing of notifications between PC and phone is getting better.
Going by the reviews, it appears Windows 10 Anniversary Update is substantially more stable, and has interesting new features. You can read the first impressions of it on ZDNet, and review on PCWorld.
Microsoft

Microsoft Cuts Xbox One Price To $249 - Would You Buy or Recommend One? (theverge.com) 134

Tom Warren, writing for The Verge: Microsoft is cutting the price of its Xbox One console to $249. The new price marks the third price cut in less than two months, ahead of the new Xbox One S launch on August 2nd. 500GB versions of the Xbox One are now $249, and this includes bundles with games like Gears of War: Ultimate Edition, Quantum Break, Forza Motorsport 6, Rise of the Tomb Raider, and Rare Replay. Retailers like Best Buy and Amazon will be selling Microsoft's Xbox One console at the new $249 price point immediately, and the software giant says the consoles will be available at $249 "while supplies last." Microsoft's aggressive Xbox One pricing follows a sales gap between its console and Sony's PlayStation 4. Sony has sold more than 40 million PS4s, but it's not clear exactly how many Xbox Ones have been sold as Microsoft hasn't provided sales figures for quite some time. EA previously revealed Microsoft had sold 19 million Xbox One consoles back in January.
Microsoft

Microsoft Can't Shield User Data From Government, Says Government (bloomberg.com) 171

Microsoft is now arguing in court that their customers have a right to know when the government is reading their e-mail. But "The U.S. said federal law allows it to obtain electronic communications without a warrant or without disclosure of a specific warrant if it would endanger an individual or an investigation," according to Bloomberg. An anonymous reader quotes their report: The software giant's lawsuit alleging that customers have a constitutional right to know if the government has searched or seized their property should be thrown out, the government said in a court filing... The U.S. says there's no legal basis for the government to be required to tell Microsoft customers when it intercepts their e-mail... The Justice Department's reply Friday underscores the government's willingness to fight back against tech companies it sees obstructing national security and law enforcement investigations...

Secrecy orders on government warrants for access to private e-mail accounts generally prohibit Microsoft from telling customers about the requests for lengthy or even unlimited periods, the company said when it sued. At the time, federal courts had issued almost 2,600 secrecy orders to Microsoft alone, and more than two-thirds had no fixed end date, cases the company can never tell customers about, even after an investigation is completed.

Programming

Programming Language Gurus Converge on 'Curry On' Conference (curry-on.org) 81

Videos are now online from this week's Curry On conference, which incuded talks by programming pioneers Larry Wall and Matthias Felleisen, as well as speakers from Google, Twitter, Facebook, Microsoft, and Oracle. Dave Herman from Mozilla Research also talked about building an open source research lab, while Larry Wall's keynote was titled "It's the End of the World as We Know It, and I Feel Fine."

Billing itself as a non-profit conference about programming languages and emerging computer-industry challenges, this year's installment included talks about Java, Rust, Scala, Perl, Racket, Clojure, Rascal, Go and Oden. Held in a different European city each year, the annual conference hopes to provoke an open conversation between academia and the larger technology industry.
Security

'High-Risk Vulnerabilities' In Oracle File-Processing SDKs Affect Major Third-Party Products (csoonline.com) 11

itwbennett writes: "Seventeen high-risk vulnerabilities out of the 276 flaws fixed by Oracle Tuesday affect products from third-party software vendors," writes Lucian Constantin on CSOonline. The vulnerabilities, which were found by researchers from Cisco's Talos team, are in the Oracle Outside In Technology (OIT), a collection of SDKs that are used in third-party products, including Microsoft Exchange, Novell Groupwise, IBM WebSphere Portal, Google Search Appliance, Avira AntiVir for Exchange, Raytheon SureView, Guidance Encase and Veritas Enterprise Vault.

"It's not clear how many of those products are also affected by the newly patched seventeen flaws, because some of them might not use all of the vulnerable SDKs or might include other limiting factors," writes Constantin. But the Cisco researchers confirmed that Microsoft Exchange servers (version 2013 and earlier) are affected if they have WebReady Document Viewing enabled. In a blog post the researchers describe how an attacker could exploit these vulnerabilities.

TL;DR version: "Attackers can exploit the flaws to execute rogue code on systems by sending specifically crafted content to applications using the vulnerable OIT SDKs."
Businesses

Salesforce CEO Told LinkedIn He Would Have Paid Much More Than Microsoft (recode.net) 63

Ina Fried, reporting for Recode: It was already known that LinkedIn chose a potentially lower all-cash acquisition offer from Microsoft rather than take on the uncertainties of a stock-and-cash deal from Salesforce. But now it has been revealed that Salesforce might have been willing to go "much higher" than Microsoft's $26.2 billion, or change other terms of its bid, had it been given the chance. In a filing with regulators on Friday, LinkedIn said a board committee met on July 7 to discuss an email from Salesforce CEO Marc Benioff. "The email indicated that Party A would have bid much higher and made changes to the stock/cash components of its offers, but it was acting without communications from LinkedIn," LinkedIn said in the updated filing with the Securities and Exchange Commission.
Security

Microsoft Rewrites Wassenaar Arms Control Pact To Protect The Infosec Industry (theregister.co.uk) 20

The Wassenaar Arrangement "is threatening to choke the cyber-security industry, according to a consortium of cyber-security companies...supported by Microsoft among others," reports SC Magazine. "'Because the regulation is so overly broad, it would require cyber responders and security researchers to obtain an export license prior to exchanging essential information to remediate a newly identified network vulnerability, even when that vulnerability is capable of being exploited for purposes of surveillance,' wrote Alan Cohn from the CRC on a Microsoft blog." Reporter Darren Pauli contacted Slashdot with this report: If the Wassenaar Arrangement carries through under its current state, it will force Microsoft to submit some 3800 applications for arms export every year, company assistant general counsel Cristin Goodwin says... The Wassenaar Arrangement caught all corners of the security industry off guard, but its full potentially-devastating effects will only be realised in coming months and years... Goodwin and [Symantec director of government affairs] Fletcher are calling on the industry to lobby their agencies to overhaul the dual-use software definition of the Arrangement ahead of a closed-door meeting in September where changes can be proposed.
Businesses

Cyanogen Inc. Reportedly Fires OS Development Arm, Switches To Apps (arstechnica.com) 122

An anonymous reader writes: Android Police is reporting that the Android software company Cyanogen Inc. will be laying off 20 percent of its workforce, and will transition from OS development to applications. The Android Police report says "roughly 30 out of the 136 people Cyanogen Inc. employs" are being cut, and that the layoffs "most heavily impact the open source arm" of the company. Android Police goes on to say that CyanogenMod development by Cyanogen Inc "may be eliminated entirely." Ars Technica notes the differences between each "Cyanogen" branding. Specifically, CyanogenMod is a "free, open source, OS heavily based on Android and compatible with hundreds of devices," while Cyanogen Inc. is "a for-profit company that aims to sell Cyanogen OS to OEMs." It appears that many of the core CyanogenMod developers will no longer be paid to work on CyanogenMod, though the community is still free to develop the software." Android Police details the firing process in their report: "Layoffs reportedly came after a long executive retreat for the company's leaders and were conducted with no advanced notice. Employees who were not let go were told not to show up to work today. Those who did show up were the unlucky ones: they had generic human resources meetings rather ominously added to their calendars last night. So, everyone who arrived at Cyanogen Inc. in Seattle this morning did so to lose their job (aside from those conducting the layoffs)." Early last year, Microsoft invested in a roughly $70 million round of equity financing for the then-startup Cyanogen Inc. Not too long before that, Google tried to acquire Cyanogen Inc., but the company turned down Google's offer to seek funding from investors and major tech companies at a valuation of around $1 billion. Cyanogen Inc. CEO Kirt McMaster once said the company was "attempting to take Android away from Google" and that it was "putting a bullet through Google's head."

UPDATE 7/25/16: Cyanogen CEO and cofounder Kirt McMaster took to Twitter to dispel some of the rumors, tweeting: "Cyanogen NOT pivoting to apps. We are an OS company and our mission of creating an OPEN ANDROID stands. FALSE reporting was outstanding."
Security

Auto Industry Publishes Its First Set of Cybersecurity Best Practices (securityledger.com) 38

chicksdaddy quotes a report from Security Ledger: The Automotive industry's main group for coordinating policy on information security and "cyber" threats has published a "Best Practices" document, giving individual automakers guidance on implementing cybersecurity in their vehicles for the first time. The Automotive Information Sharing and Analysis Center (ISAC) released the Automotive Cybersecurity Best Practices document on July 21st, saying the guidelines are for auto manufacturers as well as their suppliers. The Best Practices cover organizational and technical aspects of vehicle cybersecurity, including governance, risk management, security by design, threat detection, incident response, training, and collaboration with appropriate third parties. Taken together, they move the auto industry closer to standards pioneered decades ago and embraced by companies like Microsoft. They call on automakers to design software to be secure from the ground up and to take a sober look at risks to connected vehicles as part of the design process. Automakers are urged to test for and respond to software vulnerabilities, to develop methods for assessing and fixing security vulnerabilities, to create training programs, promote cybersecurity awareness for both information technology and vehicle specific risks, and educate employees about security awareness. The document comes after a Kelly Blue Book survey that found that 62% of drivers think "connected cars will be hacked," and that 42% say they "want cars to be more connected."
PlayStation (Games)

Sony Is the Only Remaining Obstacle To PS4-Xbox Cross-Play (kotaku.com) 57

In March, Microsoft announced native support for cross-platform play between Xbox One and Windows 10. At the time, the company also added that this support could be extended to "other console and PC networks," something which led people to wonder if truly cross-platform gaming, on any platform, was next. When asked, Sony did say that it was open to the idea. "PlayStation has been supporting cross-platform play between PC on several software titles starting with Final Fantasy 11 on PS2 and PC back in 2002. We would be happy to have the conversation with any publishers or developers who are interested in cross-platform play." But since then, it appears that Sony has had a change of heart, which has resulted in developers asking the company for an update. Kotaku reports: In recent days, the developers behind Rocket League and The Witcher 3 have both called for Sony to break down the walls separating PlayStation Network and Xbox Live and allow cross-platform multiplayer. What's changed in the last few days are developers making an open call for Sony to make good on having that conversation with publishers and developers. In an interview with IGN, Psyonix president Jeremy Dunham explained how the Rocket League developer had already taken care of the technical side of things. "We're literally at the point where all we need is the go-ahead on the Sony side," said Dunham, "and we can, in less than a business day, turn it on and have it up and working no problem. It'd literally take a few hours to propagate throughout the whole world, so really we're just waiting on the permission to do so." In another statement to IGN, CD Projekt RED CEO Marcin Iwinski supported Psyonix.
Microsoft

Microsoft's Surface Hub Is a 'Hit', Demand Outstrips Supply (petri.com) 67

Microsoft said on Thursday that it has sold over 500 units of the Surface Hubs, a number that apparently "exceeded" the company's initial forecasts. In a statement to Microsoft-centric blog Petri, the company said: "Demand for Surface Hubs is very strong and exceeded initial forecasts. To date, we've shipped to over 500 customers worldwide and that number continues to grow. We are ramping up production to meet this strong demand via our partner reseller channel as soon as possible. Customers are encouraged to speak with their sales representative if interested in ordering Surface Hubs." For a refresh, the Surface Hub is a giant all-in-one Windows 10 computer which retails at a starting price point of $8,999 for the 55-inch model, and goes all the way up to $21,999 for the 84-inch model.
Microsoft

Microsoft Responds To Allegations That Windows 10 Collects 'Excessive Personal Data' (betanews.com) 144

BetaNews's Mark Wilson writes: Yesterday France's National Data Protection Commission (CNIL) slapped a formal order on Microsoft to comply with data protection laws after it found Windows 10 was collecting "excessive data" about users. The company has been given three months to meet the demands or it will face fines. Microsoft has now responded, saying it is happy to work with the CNIL to work towards an acceptable solution. Interestingly, while not denying the allegations set against it, the company does nothing to defend the amount of data collected by Windows 10, and also fails to address the privacy concerns it raises. Microsoft does address concerns about the transfer of data between Europe and the US, saying that while the Safe Harbor agreement is no longer valid, the company still complied with it up until the adoption of Privacy Shield. It's interesting to see that Microsoft, in response to a series of complaints very clearly leveled at Windows 10, manages to mention the operating system only once. There is the promise of a statement about privacy next week, but for now we have Microsoft's response to the CNIL's order.
Microsoft

France: Windows 10 Collects 'Excessive Personal Data', Issues Microsoft With Formal Warning (betanews.com) 112

France's National Data Protection Commission (CNIL) has ordered Microsoft to "stop collecting excessive data and tracking browsing by users without consent," adding that Microsoft must comply with the French Data Protection Act within next three months. BetaNews reports: In addition to this, the chair of CNIL has notified Microsoft that it needs to take "satisfactory measures to ensure the security and confidentiality of user data." The notice comes after numerous complaints about Windows 10, and a series of investigations by French authorities which revealed a number of failings on Microsoft's part. Microsoft is accused of not only gathering excessive data about users, but also irrelevant data. The CNIL points to Windows 10's telemetry service which gathers information about the apps users have installed and how long each is used for. The complaint is that "these data are not necessary for the operation of the service."
Microsoft

Skype Finalizes Its Move To the Cloud; To Kill Older Clients -- Remains Tight Lipped About Privacy (arstechnica.com) 74

When it was first created, Skype network was built as a decentralized peer-to-peer system. PCs that had enough processing muscle and bandwidth acted as "supernodes," and coordinated connections between other machines on the network. This p2p system was generally perceived as being relatively private, a belief that has since been debunked. There were several technical challenges, which led Microsoft to move most of Skype's operations to the cloud. Ars Technica is reporting that the company has finalized the switch. From the article: Microsoft has developed a more conventional client-server network, with clients that act as pure clients and dedicated cloud servers. The company is starting to transition to this network exclusively. This transition means that old peer-to-peer Skype clients will cease to work. Clients for the new network will be available for Windows XP and up, OS X Yosemite and up, iOS 8 and up, and Android 4.03 and up. However, certain embedded clients -- in particular, those integrated into smart TVs and available for the PlayStation 3 -- are being deprecated, with no replacement. Microsoft says that since those clients are little used and since almost every user of those platforms has other Skype-capable devices available, it is no longer worth continuing to support them.The issue, as the report points out, is that Microsoft is strangely not talking about privacy and security concerns. The article adds: The Ed Snowden leaks raised substantial questions about the privacy of services such as Skype and have caused an increasing interest in platforms that offer end-to-end encryption. The ability to intercept or wiretap Skype came as a shock to many, especially given Skype's traditionally peer-to-peer infrastructure. Accordingly, we've seen similar services such as iMessage, WhatsApp, and even Facebook Messenger, start introducing end-to-end encryption. The abandonment of Skype's peer-to-peer system can only raise suspicions here.Matthew Green, who teaches cryptography at Johns Hopkins, said: "The surprising thing here is not that Microsoft can intercept Skype calls (duh) but that they won't just admit it."
Chrome

Safari Browser May Soon Be Just As Fast As Chrome With WebP Integration (thenextweb.com) 105

An anonymous reader writes from a report via The Next Web: The Safari browser included in Apple's iOS 10 and macOS Sierra software is testing WebP, technology from Google that allows developers to create smaller, richer images that make the web faster. Basically, it's a way for webpages to load more quickly. The Next Web reports: "WebP was built into Chrome back at build 32 (2013!), so it's not unproven. It's also used by Facebook due to its image compression underpinnings, and is in use across many Google properties, including YouTube." Microsoft is one of the only major players to not use WebP, according to CNET. It's not included in Internet Explorer and the company has "no plans" to integrate it into Edge. Even though iOS 10 and macOS Sierra are in beta, it's promising that we will see WebP make its debut in Safari latest this year. "It's hard to imagine Apple turning away tried and true technology that's found in a more popular browser -- one that's favored by many over Safari due to its speed, where WebP plays a huge part," reports The Next Web. "Safari is currently the second most popular browser to Chrome." What's also interesting is how WebP isn't mentioned at all in the logs for Apple's Safari Technology Preview.
Google

Google and Bing Have No Obligation To Censor Searches For Torrents (betanews.com) 62

Microsoft and Google are under no obligation to weed out 'torrent' results from their respective search engines, the High Court of Paris has ruled. BetaNews adds: French music industry group SNEP went to court on behalf of a trio of artists, requesting that Microsoft and Google automatically filter out links to pirated material. The group had called for a complete block on searches that include the word 'torrent' as well as blocking sites whose name includes the word. The court found that SNEP's request was far too broad, saying: "SNEP's requests are general, and pertain not to a specific site but to all websites accessible through the stated methods, without consideration for identifying or even determining the site's content, on the premise that the term 'Torrent' is necessarily associated with infringing content".The court added that 'torrent' is a common noun, which has a range of different meanings.
Windows

Windows 10 Warns Chrome and Firefox Users About Battery Drain, Recommends Switching To Edge (venturebeat.com) 374

A month after Microsoft claimed that its Edge web browser is more power efficient than Google Chrome and Firefox, the company is now warning Windows 10 users about the same. VentureBeat reports: Microsoft has turned on a new set of Windows Tips that warn Windows 10 users that Google Chrome or Mozilla Firefox is draining their laptop's battery. The solution, according to the notification, is to use Microsoft Edge.In a statement to the publication, the company said: "These Windows Tips notifications were created to provide people with quick, easy information that can help them enhance their Windows 10 experience, including information that can help users extend battery life. That said, with Windows 10 you can easily choose the default browser and search engine of your choice."
The Almighty Buck

Marissa Mayer Says Yahoo Continues To Make Solid Progress, Earnings Report Says Otherwise (fool.com) 130

tomhath quotes a report from Fool: Yahoo! CEO Marissa Mayer tried to emphasize the progress that the company has made. "We continue to make solid progress against our 2016 plan," Mayer said, and "in addition to our efforts to improve the operating business, our board has made great progress on strategic alternatives." The CEO argued that the results met or exceeded the company's own guidance. Yahoo! was able to post a revenue increase by changing the ways that it presents revenue related to its search agreement with Microsoft, and without that change, adjusted revenue of $1.055 billion was down 15% from the year-ago quarter. That was even worse than the 13% drop investors were expecting, and adjusted EBITDA fell by more than a third. That resulted in adjusted net earnings of $0.09 per share, missing the consensus forecast by a penny but also glossing over a $440 million net loss on a GAAP basis. The company took a $395 million goodwill impairment charge and an $87 million intangibles impairment charge related to its Tumblr unit, determining that the fair value of the division is less than the amount indicated on Yahoo!'s balance sheet. It was also revealed that Yahoo is writing down the value of its Tumblr acquisition by $482 million, citing lower projections for the social network's future performance, according to a report from CNNMoney. Last quarter, the company took a $230 million write-down on its Tumblr acquisition. Since Yahoo acquired Tumblr for $1.1 billion in 2013, Yahoo has written down more than half of its value.
Communications

Researcher Finds Way To Steal Cash From Google, Instagram, and Microsoft Through The Phone (onthewire.io) 35

Trailrunner7 quotes a report from On the Wire: A security researcher has discovered a method that would have enabled fraudsters to steal thousands of dollars from Facebook, Microsoft, and Google by linking premium-rate numbers to various accounts as part of the two-step verification process. Arne Swinnen discovered the issue several months ago after looking at the way that several of these companies's services set up their two-step verification procedures. Facebook uses two-step verification for some of its services, including Instagram, and Google and Microsoft also employ it for some of their user accounts. Swinnen realized that the companies made a mistake in not checking to see whether the numbers that users supply as contact points are legitimate. "They all offer services to supply users with a token via a computer-voiced phone call, but neglected to properly verify whether supplied phone numbers were legitimate, non-premium numbers. This allowed a dedicated attacker to steal thousands of EUR/USD/GBP," Swinnen said in a post explaining the bug. "For services such as Instagram and Gmail, users can associate a phone number with their accounts," reports On the Wire. "In the case of Instagram, users can find other people by their phone number, and when a user adds a number, Instagram will send a text to verify the number. If the user never enters the code included in the text, Instagram will eventually call the number. Swinnen noticed that Instagramâ(TM)s robocallers would call any number supplied, including premium-rate numbers. 'One attacker could thus steal 1 GBP per 30 minutes, or 48 GBP/day, 1.440 GBP/month or 17.280/year with one pair. However, a dedicated attacker could easily setup and manage 100 of these pairs, increasing these numbers by a factor 100: 4.800 GBP/day, 144.000 GBP/month or 1.728.000 GBP/year.'"
Republicans

RNC Is Preparing For Cyberattacks (cnbc.com) 96

An anonymous reader writes from a report via CNBC: The Republican National Convention will be a popular target for cyberattacks. An official in charge of securing the network has said the RNC already had to fend off a wave of cyberattacks before the convention opened. Many more attacks are expected throughout the convention ranging from "nation-states hunting for intelligence or protesters trying to disrupt the network at the convention," said the consulting chief information officer for the RNC, Max Everett. Donald Trump's campaign appears to only fuel attackers, security experts said. The convention opens Monday afternoon and will attract roughly 50,000 people in addition to a global audience watching from afar. "A successful attack could impact physical security on the ground, for example, by taking connected security scanners offline. It could also affect online activity, for example, by hijacking the livestream and derailing the GOP's message," reports CNBC. The Secret Service has designated the conventions "national special security events." Everett and his team of 70 IT specialists will be using Microsoft and ForeScout software to monitor the network in real time, working with ATT and Cisco on securing external access to the network and a firm called Dark Cubed to share real-time threat information among the firms trying to defend against cyberattacks.

Slashdot Top Deals