Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×
Windows

The Long Reach of Windows 95 140

jfruh writes: I'm a Mac guy — have been ever since the '80s. When Windows 95 was released 20 years ago, I was among those who sneered that "Windows 95 is Macintosh 87." But now, as I type these words on a shiny new iMac, I can admit that my UI — and indeed the computing landscape in general — owes a lot to Windows 95, the most influential operating system that ever got no respect. ITWorld reports: "... even though many techies tend to dismiss UI innovation as eye candy, the fact is that the changes made in Windows 95 were incredibly successful in making the the system more accessible to users -- so successful, in fact, that a surprising number of them have endured and even spread to other operating systems. We still live in the world Windows 95 made. When I asked people on Twitter their thoughts about what aspects of Windows 95 have persisted, I think Aaron Webb said it best: 'All of it? Put a 15 year old in front of 3.1 and they would be lost. In front of Windows 95 they would be able to do any task quickly.'"
Security

Abusing Symbolic Links Like It's 1999 52

An anonymous reader writes with this snippet from James Forshaw's recent post at Google's Project Zero, which begins For the past couple of years I've been researching Windows elevation of privilege attacks. This might be escaping sandboxing or gaining system privileges. One of the techniques I've used multiple times is abusing the symbolic link facilities of the Windows operating system to redirect privileged code to create files or registry keys to escape the restrictive execution context. Symbolic links in themselves are not vulnerabilities, instead they're useful primitives for exploiting different classes of vulnerabilities such as resource planting or time-of-check time-of-use. Click through that link to see examples of this abuse in action, but also information about how the underlying risks have been (or can be) mitigated.
Microsoft

Microsoft Builds Open-Source Browser Using HTML, JavaScript, and CSS 70

An anonymous reader writes: Microsoft's new browser, Edge, has a new rendering engine, EdgeHTML. Like Edge, the new rendering engine is only available in Windows 10, but it does more than just power the company's new browser: It's also readily available to developers. To show off what EdgeHTML can do, Microsoft has built a browser using predominantly JavaScript, HTML, and CSS. Next, the company released the browser on the Windows Store and the sample code on GitHub.
Android

Since-Pulled Cyanogen Update For Oneplus Changes Default Home Page To Bing 86

ourlovecanlastforeve writes: Nestled into GSMArena's report on the Cyanogen OS 12.1 update for Oneplus [ Note: an update that the story reports has since been pulled.] is this tasty bite: "...you'll find out that your Chrome homepage has been changed to Bing." Then it's casually dismissed with "Thankfully though, you can easily get rid of Microsoft's search engine by using Chrome settings." as if this were the most normal thing to have to do after an OTA update. Is this the new normal? Has Microsoft set a new precedent that it's okay to expect users to have to go searching through every setting and proactively monitor network traffic to make sure their data isn't being stolen, modified or otherwise manipulated?
Privacy

How To Keep Microsoft's Nose Out of Your Personal Data In Windows 10 416

MojoKid writes: Amid the privacy concerns and arguably invasive nature of Microsoft's Windows 10 regarding user information, it's no surprise that details on how to minimize leaks as much as possible are often requested by users who have recently made the jump to the new operating system. If you are using Windows 10, or plan to upgrade soon, it's worth bearing in mind a number of privacy-related options that are available, even during the installation/upgrade. If you are already running the OS and forgot to turn them off during installation (or didn't even see them), they can be accessed via the Settings menu on the start menu, and then selecting Privacy from the pop-up menu. Among these menus are a plethora of options regarding what data can be gathered about you. It's worth noting, however, that changing any of these options may disable various OS related services, namely Cortana, as Microsoft's digital assistant has it tendrils buried deep.
Data Storage

Oakland Changes License Plate Reader Policy After Filling 80GB Hard Drive 275

An anonymous reader writes: License plate scanners are a contentious subject, generating lots of debate over what information the government should have, how long they should have it, and what they should do with it. However, it seems policy changes are driven more by practical matters than privacy concerns. Earlier this year, Ars Technica reported that the Oakland Police Department retained millions of records going back to 2010. Now, the department has implemented a six-month retention window, with older data being thrown out. Why the change? They filled up the 80GB hard drive on the Windows XP desktop that hosted the data, and it kept crashing.

Why not just buy a cheap drive with an order of magnitude more storage space? Sgt. Dave Burke said, "We don't just buy stuff from Amazon as you suggested. You have to go to a source, i.e., HP or any reputable source where the city has a contract. And there's a purchase order that has to be submitted, and there has to be money in the budget. Whatever we put on the system, has to be certified. You don't just put anything. I think in the beginning of the program, a desktop was appropriate, but now you start increasing the volume of the camera and vehicles, you have to change, otherwise you're going to drown in the amount of data that's being stored."
Windows

A Breakdown of the Windows 10 Privacy Policy 318

WheezyJoe writes: The Verge has a piece on Windows 10 privacy that presents actual passages from the EULA and privacy policy that suggest what the OS is capturing and sending back to Microsoft. The piece takes a Microsoft-friendly point of view, arguing that all Microsoft is doing is either helpful or already being done either by Google or older releases of Windows, and also touches on how to shut things off (which is also explained here). But the quoted passages from the EULA and the privacy policy are interesting to review, particularly if you look out for legal weasel words that are open to Microsoft's interpretation, such as "various types (of data)", diagnostic data "vital" to the operation of Windows (cannot be turned off), sharing personal data "as necessary" and "to protect the rights or property of Microsoft". And while their explanations following the quotes may attempt an overly friendly spin, the article may be right about one thing: "In all, only a handful of these new features, and the privacy concerns they bring, are actually in fact new... Most people have just been either unaware or just did not care of their existence in past operating systems and software." Even pirates are having privacy concerns and blocking Windows 10 users.
Input Devices

Skylake Has a Voice DSP and Listens To Your Commands 99

itwbennett writes: Intel's new Skylake processor (like the Core M processor released last year) comes with a built-in digital signal processor (DSP) that will allow you to turn on and control your PC with your voice. Although the feature is not new, what is new is the availability of a voice controlled app to use it: Enter Windows 10 and Cortana. If this sounds familiar, it should, writes Andy Patrizio: 'A few years back when the Xbox One was still in development, word came that Kinect, its motion and audio sensor controller, would be required to use the console and Kinect would always be listening for voice commands to start the console. This caused something of a freak-out among gamers, who feared Microsoft would be listening.'
Windows

Windows 95 Turns 20 284

Etherwalk writes: Windows 95 turns 20 tomorrow, August 24, 2015. Users looking to upgrade from Windows 3.1 should be warned that some reviewers on the Amazon purchase page have been receiving 3.5" high-density floppy disk versions instead of a modern 150 kbps CD-ROM disk. Do you remember first seeing or installing Windows 95? Do you have any systems still running it?
Windows

Underground Piracy Sites Want To Block Windows 10 Users 394

An anonymous reader writes: Some smaller pirate sites have become concerned about Windows 10 system phoning home too many hints regarding that the users are accessing their site. Therefore, the pirate administrators have started blocking Windows 10 users from accessing the BitTorrent trackers that the sites host. The first ones to hit the alarm button were iTS, which have posted a statement and started redirecting Windows 10 users to a YouTube video called Windows 10 is a Tool to Spy on Everything You Do. Additionally, according to TorrentFreak, two other similar dark web torrent trackers are also considering following suit. "As we all know, Microsoft recently released Windows 10. You as a member should know, that we as a site are thinking about banning the OS from FSC," said one of the FSC staff. Likewise, in a message to their users, a BB admin said something similar: "We have also found [Windows 10] will be gathering information on users' P2P use to be shared with anti piracy group."
Government

City of Munich Struggling With Basic Linux Functionality 394

jones_supa writes: Just like the city planned a year ago, Munich is still calling for a switch back to Windows from LiMux, their Ubuntu derivative. The councilors from Munich's conservative CSU party have called the operating system installed on their laptops "cumbersome to use" and "of very limited use." The letter from the two senior members of the city's IT committee (PDF in German) asks the mayor to consider removing the Linux-based OS and to install Windows and Office. "There are no programs for text editing, Skype, Office etc. installed and that prevents normal use," the letter argues. Another complaint from councilors is that "the lack of user permissions makes them of limited use." These kind of arguments raise eyebrows, as all that functionality is certainly found on Linux.
Desktops (Apple)

Could the Best Windows 10 Laptop Be a Mac? 435

dkatana writes: Now that Windows 10 is finally out there many people are looking for the best laptop with the power to make the new OS shine. The sweet spot appears to be in $900-$1500 machines from Dell, Asus and HP. But Apple, the company that has been fighting Windows for ever, has other options for Windows 10: the MacBook Pro and MacBook Air. According to InformationWeek there are many reasons to consider purchasing a MacBook as the next Windows machine, including design, reliability, performance, battery life, display quality and better keyboard. Also MacBooks have a higher resell value, retaining up to 50% of their price after five years.
Bug

Air Traffic Snafu: FAA System Runs Out of Memory 234

minstrelmike writes: Over the weekend, hundreds of flights were delayed or canceled in the Washington, D.C. area after air traffic systems malfunctioned. Now, the FAA says the problem was related to a recent software upgrade at a local radar facility. The software had been upgraded to display customized windows of reference data that were supposed to disappear once deleted. Unfortunately, the systems ended up running out of memory. The FAA's report is vague about whether it was operator error or software error: "... as controllers adjusted their unique settings, those changes remained in memory until the storage limit was filled." Wonder what programming language they used?
Internet Explorer

Microsoft Patches Remote Code Execution Hole for Internet Explorer 56

mask.of.sanity writes: Microsoft has released an out-of-band patch for Internet Explorer versions seven to 11 that closes a dangerous remote code execution flaw allowing attackers to commandeer machines. From their advisory: "An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from this vulnerability." The attack could assist in watering hole and malvertising campaigns. The Windows 10 Edge browser is not impacted.
Windows

Windows Memory Manager To Introduce Compression 231

jones_supa writes: Even though the RTM version of Windows 10 is already out of the door, Microsoft will keep releasing beta builds of the operating system to Windows Insiders. The first one will be build 10525, which introduces some color personalization options, but also interesting improvements to memory management. A new concept is called a compression store, which is an in-memory collection of compressed pages. When memory pressure gets high enough, stale pages will be compressed instead of swapping them out. The compression store will live in the System process's working set. As usual, Microsoft will be receiving comments on the new features via the Feedback app.
Programming

"Father Time" Gets Another Year At NTP From Linux Foundation 157

dkatana writes: Harlan Stenn, Father Time to some and beleaguered maintainer of the Network Time Protocol (NTP) to others, will stay working for the NTP another year. But there is concern that support will decline as more people believe that NTP works just fine and doesn't need any supervision. NTP is the preeminent time synchronization system for Macs, Windows, and Linux computers and most servers on networks. According to IW, for the last three-and-a-half years, Stenn said he's worked 100-plus hours a week answering emails, accepting patches, rewriting patches to work across multiple operating systems, piecing together new releases, and administering the NTP mailing list. If NTP should get hacked or for some reason stop functioning, hundreds of thousands of systems would feel the consequences. "If that happened, all the critics would say, 'See, you can't trust open source code,'" said Stenn.
Government

Virginia Ditches 'America's Worst Voting Machines' 393

Geoffrey.landis writes: Computerized voting machines are bad news in general, but the WINVote machines used in Virginia might just have earned their reputation as the most insecure voting machine in America. They feature Wi-Fi that can't be turned off (protected, however, with a WEP password of "abcde"), an unencrypted database, and administrative access with a hardcoded password of "admin." According to security researcher Jeremy Epstein, if the machines weren't hacked in past elections, "it was because nobody tried." But with no paper trail, we'll never know.

Well, after ignoring the well-documented problems for over a decade, Virginia finally decided to decommission the machines... after the governor had problems with the machines last election and demanded an investigation. Quoting: "In total, the vulnerabilities investigators found were so severe and so trivial to exploit, Epstein noted that 'anyone with even a modicum of training could have succeeded' in hacking them. An attacker wouldn't have needed to be inside a polling place either to subvert an election... someone 'within a half mile with a rudimentary antenna built using a Pringles can could also have attacked them.'"
Firefox

How to Quash Firefox's Silent Requests 294

An anonymous reader writes: Unlike older versions of Firefox, more recent versions will make a request to a destination server just by hovering over a link. No CSS, no JavaScript, no prefetch required. Try it for yourself. Disable CSS and JavaScript and fire up iftop or Windows Resource Monitor, hover over some links and watch the fun begin. There once was a time when you hovered over a link to check the 'real link' before you clicked on it. Well no more. Just looking at it makes a 'silent request.' This behavior is the result of the Mozilla speculative connect API . Here is a bug referencing the API when hovering over a thumbnail on the new tab page. And another bug requesting there be an option to turn it off. Strangely enough the latter bug is still labeled WONTFIX even though the solution is in the comments (setting network.http.speculative-parallel-limit to 0).

Firefox's own How to stop Firefox from making automatic connections also mentions setting network.http.speculative-parallel-limit to 0 to to stop predictive connections when a user "hovers their mouse over thumbnails on the New Tab Page or the user starts to search in the Search Bar" but no mention regarding hovering over a normal link. Good thing setting network.http.speculative-parallel-limit to 0 does appear to disable speculative connect on normal links too. One can expect Firefox to make requests in the background to its own servers for things such as checking for updates to plugins etc. But silently making requests to random links on a page (and connecting to those servers) simply by hovering over them is something very different.
Windows

Windows 10 Still Phones Home With Data In Spite of Privacy Settings 316

Penguinisto writes: According to Ars Technica, Windows 10 will still send telemetry and other data to Microsoft-owned domains — no matter how tightly you crank down the privacy settings. Even with everything buttoned down, Cortana, OneDrive, and Web Search from the Start Menu disabled, the OS still phones home, using a random system ID that persists across reboots. It apparently also tries to bypass proxies to do it. "Some of the traffic looks harmless but feels like it shouldn't be happening. For example, even with no Live tiles pinned to Start (and hence no obvious need to poll for new tile data), Windows 10 seems to download new tile info from MSN's network from time to time, using unencrypted HTTP to do so. ... Other traffic looks a little more troublesome. Windows 10 will periodically send data to a Microsoft server named ssw.live.com. ... The exact nature of the information being sent isn't clear—it appears to be referencing telemetry settings—and again, it's not clear why any data is being sent at all. We disabled telemetry on our test machine using group policies."
Microsoft

How Microsoft Built, and Is Still Building, Windows 10 193

An anonymous reader writes with this Venturebeat story about how Windows 10 is different from previous versions because of the way it was designed, including 15 public preview builds, and how much work is still being done. Windows 10 for PCs arrived two weeks ago. Thankfully, we don't need to wait years to say this will be a Microsoft operating system release like no other. The most obvious clue is not the fact that Windows 10 was installed on more than 14 million devices in 24 hours, that you can get it for cheap or upgrade to it for free, nor even that it ships with a digital assistant and a proper browser. No, the big deal here is that Microsoft is turning its OS into a service, and that means as you read these words, it's still being built. For the next few years, we'll be getting not just Windows 10 updates and patches, but new improvments and features. This is possible because Microsoft built this version very differently from all its previous releases.