By Friday this week, Intel plans to remove old drivers and BIOS updates from its official website. From a report: "This download, BIOS Update [BLH6710H.86A] 0163, will no longer be available after November 22, 2019 and will not be supported with any additional functional, security, or other updates," reads a message posted to the download page of one of the impacted components. "Intel recommends that users of BIOS Update [BLH6710H.86A] 0163 uninstall and/or discontinue use as soon as possible," the message continues. The downloads are drivers and BIOS updates for Intel desktop components and motherboards the company released in the 90s and early-to-mid 2000s. Downloads for hundreds of components are believed to have been impacted, from motherboards to NIC cards and graphics cards. Most of the drivers are for Windows versions like 98, ME, XP, and older Windows Server editions -- old Windows OS versions that have themselves reached end-of-life (EOL) All components and motherboards reached (EOL) years ago, and Intel stopped delivering firmware updates as a result. Its website was merely hosting the older files for convenience.

In an interview about the 16-inch MacBook Pro, Apple senior vice president Phil Schiller made a direct attack on Chromebooks. When asked about the growth of Chrome OS in the education sector, Schiller attributes the success of Chromebooks to their being "cheap." He said: Kids who are really into learning and want to learn will have better success. It's not hard to understand why kids aren't engaged in a classroom without applying technology in a way that inspires them. You need to have these cutting-edge learning tools to help kids really achieve their best results. Yet Chromebooks don't do that. Chromebooks have gotten to the classroom because, frankly, they're cheap testing tools for required testing. If all you want to do is test kids, well, maybe a cheap notebook will do that. But they're not going to succeed.

Researchers at Intezer and IBM X-Force have detected an unconventional form of ransomware that's being deployed in targeted attacks against enterprise servers. They're calling it PureLocker because it's written in the PureBasic programming language. ZDNet reports: It's unusual for ransomware to be written in PureBasic, but it provides benefits to attackers because sometimes security vendors struggle to generate reliable detection signatures for malicious software written in this language. PureBasic is also transferable between Windows, Linux, and OS-X, meaning attackers can more easily target different platforms. "Targeting servers means the attackers are trying to hit their victims where it really hurts, especially databases which store the most critical information of the organization," Michael Kajiloti, security researcher at Intezer told ZDNet.

There's currently no figures on the number PureLocker victims, but Intezer and IBM X-Force have confirmed the ransomware campaign is active with the ransomware being offered to attackers 'as-a-service.' However, it's also believed than rather than being offered to anyone who wants it, the service is offered as a bespoke tool, only available to cyber criminal operations which can afford to pay a significant sum in the first place. The source code of PureLocker ransomware offers clues to its exclusive nature, as it contains strings from the 'more_eggs' backdoor malware. This malware is sold on the dark web by what researchers describe as a 'veteran' provider of malicious services. These tools have been used by some of the most prolific cyber criminal groups operating today, including Cobalt Gang and FIN6 -- and the ransomware shares code with previous campaigns by these hacking gangs. It indicates the PureLocker is designed for criminals who know what they're doing and know how to hit a large organization where it hurts.

Microsoft today started rolling out the free Windows 10 November 2019 Update. For those keeping track, this update is Windows 10 build 18363 and will bring Windows 10 to version 1909. From a report: The Windows 10 November 2019 Update (version 1909) is odd because it shares the same Cumulative Update packages as the Windows 10 May 2019 Update (version 1903). That means version 1909 will be delivered more quickly to version 1903 users -- it will install like a monthly security update. The build number will barely change: from build 18362 to build 18363. If two computers have the same servicing content, the build revision number should match: 18362.xxx and 18363.xxx. For developers, this means a new Windows SDK will not be issued in conjunction with this version of Windows (there aren't any new APIs).

Again, the Windows 10 November 2019 Update is not a typical release. It's a much smaller update, though it is still worth getting. Windows 10 version 1909 brings improvements to Windows containers, inking latency, and password recovery. User-facing features include letting third-party digital assistants to voice activate above the Lock screen, being able to create events straight from the Calendar flyout on the Taskbar, and displaying OneDrive content in the File Explorer search box. You may also notice some changes to notification management, better performance and reliability on certain CPUs, and battery life and power efficiency improvements.

An anonymous reader quotes ZDNet: The Russian Parliament is debating a bill that will force all electronic equipment sold in Russia — such as smartphones, computers, and smart TVs — to ship pre-installed with apps from Russian tech firms. According to lawmakers, "the bill will protect the interests of Russian Internet companies and will reduce the abuse by large foreign companies, working in the field of information technology."

If the bill is approved, the Russian government will publish a list of electronic devices that will need to comply with this new law. Smartphones, tablets, computers, servers, and smart TVs are expected to be on the list. Devices that don't run a complex OS or custom software will be exempt. The government will also publish, per each device type, a list of Russian software that equipment vendors will need to include on devices sold in Russia.

Slashdot reader dryriver writes: More and more professional 3D software like 3DMax, Maya, AutoCAD (Autodesk) and Substance Painter (Adobe) is now only available on a monthly or yearly subscription basis — you cannot buy any kind of perpetual license for these industry standard 3D tools anymore, cannot offline install or activate the tools, and the tools also phone home every few days over the internet to see whether you have "paid your rent". Stop paying your rent, and the software shuts down, leaving you unable to even look at any 3D project files you may have created with software.

This has caused so much frustration, concern and anxiety among 3D content creators that, increasingly, everybody is trying to replace their commercial 3D software with Open Source 3D tools. Thankfully, open source 3D tools have grown up nicely in recent years. Some of the most popular FOSS 3D tools are the complete 3D suite Blender, polygon modeling tool Wings 3D, polygon modeling tool Dust3D, CAD modeling tool FreeCAD, PBR texturing tool ArmorPaint, procedural materials generator Material Maker, image editing tool GIMP, painting tool Krita, vector illustration tool Inkscape and the 2D/3D game engine Godot Engine.

Along with these tools comes a beguiling possibility — while working with commercial 3D tools pretty much forced you to use Windows X in terms of OS choice in the past, all of the FOSS 3D tool alternatives have Linux versions. This means that for the first time, professional 3D users can give Windows a miss and work with Linux as their OS instead.
In a comment on the original submission, dryriver offers some anecdotal evidence: Go on any major 3D software forum on the Internet and it is filled with enraged 3D users revolting against forced software subscriptions and threatening to switch to FOSS Blender as soon as possible.

Some major 3D animation studios are also working Blender into their CGI pipeline. Companies like EPIC and Nvidia have begun donating to the Blender foundation. Its happening. The move away from commercial closed source tools - which are expensive, stagnant and don't offer you permanent licenses anymore - is in full swing. The fact that Blender has an innovative GPU accelerated realtime render engine called EEVEE that none of the commercial software has has only accelerated this trend.

Blender is widely believed to have 2 - 3 million active users already, and the fact that V 2.80 comes with a much more usable UI is only accelerating things.

Freshly Exhumed shares a report from Securelist: Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium (named after a password to one of the self-executable archives). Titanium is the final result of a sequence of dropping, downloading and installing stages. The malware hides at every step by mimicking common software (protection related, sound drivers software, DVD video creation tools).

The Titanium APT has a very complicated infiltration scheme. It involves numerous steps and requires good coordination between all of them. In addition, none of the files in the file system can be detected as malicious due to the use of encryption and fileless technologies. One other feature that makes detection harder is the mimicking of well-known software. One of the methods Titanium uses to infect its targets and spread is via a local intranet that has already been compromised with malware. Another is via an SFX archive containing a Windows task installation script. A third is shellcode that gets injected into the winlogon.exe process (it's still unknown how this happens).

Bill Gates has revealed that he thinks everyone would be using Windows Mobile right now if Microsoft hadn't have been caught up in a US Justice Department antitrust investigation. From a report: Speaking at The New York Times' DealBook Conference earlier this week, Gates revealed his thoughts on Microsoft's mobile mistakes. "There's no doubt that the antitrust lawsuit was bad for Microsoft, and we would have been more focused on creating the phone operating system and so instead of using Android today you would be using Windows Mobile," claimed Gates. "If it hadn't been for the antitrust case... we were so close, I was just too distracted. I screwed that up because of the distraction."

Microsoft's messy move from Windows Mobile to Windows Phone allowed Android to thrive, but at the time the company had the biggest opportunity in mobile and gave it away. Gates also revealed that Microsoft also missed the opportunity to launch Windows Mobile on a key Motorola handset. "We were just three months too late on a release Motorola would have used on a phone, so yes it's a winner takes all game," explained Gates. "Now nobody here has ever heard of Windows Mobile, but oh well. That's a few hundred billion here or there."

The latest version of Chrome OS, version 78, adds separate browser and device settings, click-to-call, and picture-in-picture support for YouTube. It also introduces virtual desktop support for the operating system with a feature called Virtual Desks. 9to5Google reports: Chrome is getting another cross-device sharing feature after "Send this page" widely rolled in September. With "click-to-call," you can right-click on phone number links -- like tel:800-800-8000 -- to have them sent to your Android device. It's quicker than manually entering those digits or transferring via email. Chrome OS 78 will separate browser and device settings. The former is accessible directly at chrome://settings and what opens when clicking "Settings" at the bottom of the Overflow menu in the top-right corner of any browser window. It opens as a tab and provides web-related preferences. Meanwhile, chrome://os-settings opens as its own window, and can be accessed from the quick settings sheet. It provides device options like Wi-Fi, Bluetooth, and Assistant in a white Material Theme UI with an icon in the launcher/app shelf.

YouTube for Android now supports picture-in-picture with Chrome OS 78. After starting a video in the mobile client, switching to another window, covering, or minimizing the app will automatically open a PiP in the bottom-right corner. Available controls include switching to audio, play/pause, and skipping to the next track. In the top-left, you can expand the window and a settings gear on the other side allows you to open system settings. Tapping in the center expands and returns you to the YouTube Android app. Chrome OS 78 simplifies the printing experience by automatically listing compatible printers without any prior setup required. There are also a number of Linux on Chrome OS enhancements in this version:

- Backups of Linux apps and files can now be saved to local storage, external drive, or Google Drive. That copy can be then restored when setting up a new computer.
- Crostini GPU support will be enabled by default for a "crisp, lower-latency experience."
- You'll be warned when using a Linux app that does not support virtual keyboard in tablet mode.

Google has confirmed to The Verge that it will release "one final software update" next month for the original Google Pixel and Pixel XL. From the report: As of yesterday, it looked like the original Pixel was done getting updates, as Google released its November security update for most Pixel phones, but nothing for the Pixel or Pixel XL. Google tells The Verge that the Pixels won't get that November update, but it says December's "encapsulates a variety of updates" from the November and December updates that were issued for other Pixels.

It wasn't too surprising to see that Google's original Pixels didn't get yesterday's update. When Google announced the phones in 2016, the company said they would get two years of guaranteed Android version updates and three years of security updates, which is also reflected on Google's support page. That said, Google surprised Pixel owners earlier this year by letting them run Android 10, which is one more year of Android than Google originally promised, and now, they have one final update to look forward to as well.

Xiaomi, which competes with Apple for the top position in the wearable market, today made the competition a little more interesting. The Chinese electronics giant has launched its first smartwatch called the Mi Watch that looks strikingly similar to the Apple Watch in its home market. From a report: The Mi Watch, like the Apple Watch, has a square body with a crown and a button. It sports a 1.78-inch AMOLED display (326 ppi) that offers the always-on capability and runs MIUI for Watch, the company's homegrown wearable operating system based on Google's Wear OS. Inside the metal housing -- aluminum alloy with a matte finish -- are microphones on two sides for recording audio and taking calls, and a loudspeaker on the left to listen to music or incoming calls. The Mi Watch, which comes in one size -- 44mm -- has a ceramic back, which is where the charging pins and a heart rate sensor are also placed. The Mi Watch is powered by Qualcomm's Snapdragon Wear 3100 4G chipset with four Cortex A7 cores clocked at 1.2GHz, coupled with 1GB of RAM and 8GB storage. The company says its first smartwatch supports cellular connectivity (through an eSIM), Wi-Fi, GPS, Bluetooth, and NFC for payments. The Mi Watch should last for 36 hours on a single charge on cellular mode, the company claimed. The Mi Watch is priced at CNY 1,299 ($185) and will go on sale in the country next week.

An anonymous reader quotes a report from ZDNet: Google patched last month an Android bug that can let hackers spread malware to a nearby phone via a little-known Android OS feature called NFC beaming. NFC beaming works via an internal Android OS service known as Android Beam. This service allows an Android device to send data such as images, files, videos, or even apps, to another nearby device using NFC (Near-Field Communication) radio waves, as an alternative to WiFi or Bluetooth. Typically, apps (APK files) sent via NFC beaming are stored on disk and a notification is shown on screen. The notification asks the device owner if he wants to allow the NFC service to install an app from an unknown source. But, in January this year, a security researcher named Y. Shafranovich discovered that apps sent via NFC beaming on Android 8 (Oreo) or later versions would not show this prompt. Instead, the notification would allow the user to install the app with one tap, without any security warning.

The CVE-2019-2114 bug resided in the fact that the Android Beam app was also whitelisted, receiving the same level of trust as the official Play Store app. Google said this wasn't meant to happen, as the Android Beam service was never meant as a way to install applications, but merely as a way to transfer data from device to device. The October 2019 Android patches removed the Android Beam service from the OS whitelist of trusted sources. However, many millions of users remain at risk. If users have the NFC service and the Android Beam service enabled, a nearby attacker could plant malware (malicious apps) on their phones. Since most newly-sold devices have the NFC feature enabled by default, you'll have to disable Android Beam and NFC or update your phone to receive the October 2019 security updates if you want to protect yourself from this bug.

David Ruddock of AndroidPolice technology blog tries to make sense of last week's $2.1 billion acquisition of Fitbit by Google. He argues that Fitbit's offerings -- hardware, software, engineering talent, or even patent wall -- can't save Google's wearable operating system Wear OS. From his column: Hardware is what Google is after, with a blog post cleatly stating its acquisition of Fitbit is about future Wear OS devices, meaning you can probably kiss Fitbit's unloved smartwatch OS goodbye. So, that means we can count on Google leveraging Fitbit's renowned hardware to finally give Wear OS the horsepower and capabilities it needs to compete with Apple, right? Well, no. Fitbit's smartwatches have been most lauded for their long battery life, which has historically been enabled by extremely slow but highly power-efficient processors. The Versa 2 allegedly comes with significant performance improvements, but as a smartwatch, it just isn't very... smart. Michael Fisher points out in his review that the Versa 2's near week-long life on a single charge is only impressive when looked at in a very generous light. The Versa 2 doesn't have GPS, the battery only lasts that long when not using the always-on display (with AoD, it's closer to 3 days), the watch itself doesn't work for almost anything but fitness tracking on its own, and most of your interactions with it end up happening on your smartphone anyway. I can also tell you from experience that the Apple Watch Series 5 lasts about two days on a charge with the always-on display enabled (and Samsung's watches last even longer), so Fitbit managing a day more which a much less useful watch isn't exactly game-changing technology.

In short, Fitbit's products are not ones Google should be excited about buying. The hardware is nothing special, and the software is clearly going in the dumpster. What has Google bought, then? The sad, very practical truth is probably patents and engineers. Fitbit does develop at least some of its hardware in-house, and likely has a decent number of patents related to fitness tracking and basic wearable technology, including those stemming from its acquisition of Pebble. Its product engineers would receive resources and tools at Google that Fitbit may not have afforded them. In short: Google's purchase is almost certainly a speculative one. Google is hoping that Fitbit's technology portfolio and its engineering talent can create a better, faster, stronger Wear OS watch. That isn't the kind of acquisition that screams "our product is successful," it's one that looks far more like a Hail Mary from a company that is rapidly losing any hope of remaining relevant in the wearables space. A more cynical view of Google's acquisition might argue that this is more about Fitbit's brand and users than anything else. If Google simply markets its in-house smartwatches as Fitbits running Wear OS, it would be more able to tap into Fitbit's existing customer base and retail relationships. Customer base is something Wear OS is sorely missing at the moment, and Fitbit is a brand that many consumers recognize, albeit mostly for the company's "dumb" fitness trackers, not its smartwatches. Speaking of, given Google's focus on Wear OS as part of this acquisition, my guess is that those more popular but very basic trackers will be discontinued.

Google announced this morning that it has entered an agreement to buy Fitbit for $2.1 billion. In a blog post, Google's Senior Vice President of Devices & Services, Rick Osterloh, said the company sees "an opportunity to invest even more in Wear OS as well as introduce Made by Google wearable devices into the market." He added, "Fitbit has been a true pioneer in the industry and has created engaging products, experiences and a vibrant community of users. By working closely with Fitbit's team of experts, and bringing together the best AI, software and hardware, we can help spur innovation in wearables and build products to benefit even more people around the world." From a report: Google's Wear OS wearable platform has been in something of a rut for the last few years. The company introduced the Android Wear to Wear OS rebrand in 2018 to revitalize its branding/image, but the hardware offerings have still been pretty ho-hum. Third-party watches like the Fossil Gen 5 have proven to be quite good, but without a proper "Made by Google" smartwatch and other major players, such as Samsung, ignoring the platform, it's been left to just sort of exist.

Fedora 31 has just rolled out the door. From a report: Is it an exciting release? No, not really. Sure, enthusiasts will find themselves thrilled withe inclusion of the GNOME 3.34 desktop environment (with Qt Wayland by default), Linux 5.3 kernel, and Mesa 9.2, but otherwise, it is fairly boring. You know what? That's not a bad thing. In 2019, Fedora is simply a mature and stable operating system that only needs to follow an evolutionary path at this time -- not revolutionary. It stands alone as the world's best desktop Linux distribution. "Fedora 31 Workstation provides new tools and features for general users as well as developers with the inclusion of GNOME 3.34. GNOME 3.34 brings significant performance enhancements which will be especially noticeable on lower-powered hardware. Fedora 31 Workstation also expands the default uses of Wayland, including allowing Firefox to run natively on Wayland under GNOME instead of the XWayland backend as with prior releases," says The Fedora Project.

Apple has released iOS 13.2 today, bringing over 60 new emoji, new Siri privacy settings, and Apple's new Deep Fusion camera technology. 9to5Mac reports: There are over 60 new emoji and emoji variations in iOS 13.2. Apple first previewed these emoji over the summer, and they are now available for everyone. In total, the new 2019 emoji set includes 59 new characters that make up for 75 total variations when gender options are taken into account, and 230 options when skin tone options are included. iOS 13.2 also includes the Announce Messages with Siri feature that was originally meant for iOS 13. This feature allows Siri to read messages back to you when connected to AirPods or other headphones with Apple's H1 chip.

Perhaps most notably, especially for iPhone 11 users, iOS 13.2 includes Apple's new Deep Fusion camera technology. Deep Fusion is Apple's new image processing technology that works in the background to improve image quality for iPhone 11 and iPhone 11 Pro users. iOS 13.2 also includes new Siri privacy settings that allow you to opt in or opt out of sharing your Siri interactions with Apple. You'll see a new splash screen the first time you boot into iOS 13.2 asking your preference. Last but not least, iOS 13.2 also includes support for the just-announced AirPods Pro. This includes settings for Transparency and Active Noise Cancellation modes.

Microsoft officials said the company's Azure Sphere microcontroller (MCU) and associated cloud security service will be generally available in February 2020. From a report: Microsoft also introduced new branding today for the ThreadX RTOS technology it acquired when it bought Express Logic in April 2019. Going forward, this product will be known as Azure RTOS. ThreadX is one of the most-deployed real-time operating systems in the world. Today, Microsoft said that Renesesas, a major microcontroller manufacturer, announced that Azure RTOS will be be broadly available across its products, including the Synergy and RA MCU families. Microsoft has been working for at least a couple of years to secure low-cost Internet-connected devices. Microsoft Research's "Project Sopris" was all about creating a highly secure microcontroller. That project morphed into Azure Sphere, which Microsoft announced in April 2018. The first Azure Sphere chip was the MediaTek MT3620, which included an onboard security subsystem MIcrosoft christened "Pluton." The Azure Sphere OS included a Microsoft-developed custom Linux kernel, plus secured application containers.

SmartAboutThings tipped us off to an interesting bug reported by ZDNet Thursday: For the fourth time in three months, a Symantec security product is crashing user apps, and this time it's the latest Chrome release, v78, which rolled out earlier this week, on Tuesday, October 22. According to reports on Reddit [1, 2] the Google support forums [1, 2], and in comments on the official Google Chrome blog, Symantec Endpoint Protection 14 is crashing Chrome 78 instances with an "Aw, Snap! Something went wrong while displaying this webpage" error... The errors have been plaguing users for the past two days, with the vast majority of reports coming from enterprise environments, where SEP installs are more prevalent....

According to the antivirus maker, the issues are only affecting SEP 14 users on Windows 10 RS1, Windows Server 2012, and Windows Server 2016 operating systems. Symantec users on other OS versions can fix this by updating to the latest SEP 14.2 release. Users of Microsoft Edge Chromium are also impacted, but the Chromium-based Edge version has not been officially released; hence there are almost no users impacted by this issue in the real world...

Symantec blamed the issue on Microsoft's Code Integrity security feature, which Google uses to protect the Chrome browser process. As a temporary solution, Symantec recommends that users exclude Chrome from receiving protection from their antivirus product, or modify their Chrome clients, so the browser starts without Code Integrity protections. However, this opens the browser to various attacks and is not recommended as long as users can simply use another browser until this is fixed.
ZDNet adds that the issue "should have not surprised Symantec staff, who received early warnings about this more than three months ago, according to a bug report filed in early August while Chrome 78 was still in testing in the Canary channel."

Reddit users have discovered that the Pixel 4's 90Hz refresh rate drops to 60Hz when the display brightness falls below 75 percent. This means that you're only getting the full 90Hz display rate when the brightness level is high. The Verge reports: It's not clear why Google has chosen the 75 percent mark, but droidlife has discovered you can head into the developer settings and force the 90Hz setting to always be enabled regardless of brightness levels. This will likely impact the battery life, which is something you'll want to consider before forcing the 90Hz display to always-on. Other 90Hz OLED Android phones like the OnePlus 7T keep the display running at its max 90Hz all of the time, but Google has stated it will automatically switch the display refresh rate on the Pixel 4 "for some content." Google issued a statement explaining its decision to limit the refresh rate, adding that it will issue an update in the coming weeks that will allow 90Hz in more brightness conditions.

Here's the full statement: "We designed Smooth Display so that users could enjoy the benefits of 90Hz for improved UI interactions and content consumption, while also preserving battery when higher refresh rates are not critical by lowering back down to 60Hz. In some conditions or situations, however, we set the refresh rate to 60Hz. Some of these situations include: when the user turns on battery saver, certain content such as video (as it's largely shot at 24 or 30fps), and even various brightness or ambient conditions. We constantly assess whether these parameters lead to the best overall user experience. We have previously planned updates that we'll roll out in the coming weeks that include enabling 90hz in more brightness conditions."

As for whether or not 90Hz has a serious impact on battery life, YouTube Tech Reviewer Matthew Moniz reports only a marginal difference.

Google today shared that in August 2019, Android Pie had 22.6% adoption. From a report: That means the second-latest version of Android was running on a fifth of devices after some 12 months. Google did not share adoption numbers for any other Android version, including Android 10, the latest version that started rolling out last month. Meanwhile, iOS 13 passed 50% adoption in less than a month. With over 2.5 billion active Android devices out there, Android's distribution is useful information for anyone who makes decisions regarding Google's mobile operating system.