An anonymous reader quotes a report from Bleeping Computer: As time goes on, it is becoming increasingly clear that Microsoft is trying to make local accounts a thing of the past and push all new Windows 10 users to a Microsoft account. Since Windows 10 1903, Microsoft quietly changed the Windows Out-of-box Experience (OOBE) or setup experience so that many users are no longer able to create a local account during set up as they could previously. Recently, this change also expanded to international users in India and Germany.

For those affected, the only way to create a local account during setup is to disconnect the computer from the Internet. Yes, that's right, Microsoft now makes you disconnect the computer from the Internet to create a local account during setup! If you don't want to disconnect your network, then you need to first set up Windows with a Microsoft Account and then when done with setup go into the Windows 10 'Family & other users' settings and create a local account. Even that is a bit convoluted as you have to first start the process of creating a Microsoft account and finally on the second screen, be given the option that you wish to create a local account. Once a local account has been created, you can delete the original Microsoft account you created during setup.

Mozilla will add a new security sandbox system to Firefox on Linux and Firefox on Mac. The new technology, named RLBox, works by separating third-party libraries from an app's native code. From a report: This process is called "sandboxing," and is a widely used technique that can prevent malicious code from escaping from within an app and executing at the OS level. RLBox is an innovative project because it takes sandboxing to the next level. Instead of isolating the app from the underlying operating system, RLBox separates an app's internal components -- namely its third-party libraries -- from the app's core engine. This technique prevents bugs and exploits found inside a third-party library from impacting another project that uses the same library.

Google has announced this week plans to crack down on Android apps that abuse the OS permissions system and request access to user geo-location data when the app is not in use. From a report: Starting with May, the OS maker plans to show warnings in the Play Store backend to all Android app developers about the need to update their apps. Going forward, Android apps will have to request access to location data based on the way they need this information. Google plans to review each app on a case-by-case basis and remove apps from the Play Store if they request access to location data and that's not immediately used inside the app. Google plans to review its own apps as well, the company said in a blog post this week. The goal of this major rule change is to crack down on apps that may be secretly harvesting location data while they are not in use. This type of data is called "background location data" and most app makers often sell it to analytics firms and online advertisers.

Microsoft is rolling out updates to the icons for Windows 10's core apps over the months ahead, starting with the Calendar and Mail apps in a new Release Preview for Windows Insiders in the Fast ring. Engadget reports: The company's design team explained that it wanted to break away from the flat, colorless icons you see today in favor of ones that are at once more consistent with newer branding (including apps available beyond Windows) and different enough that you'll have an easier time finding the one you want. This is arguably an overdue move. Microsoft hadn't really touched Windows 10's main icons since its debut in 2015, so they risked feeling old. There were also inconsistencies creeping in, especially once Office got its new look. This update drags Windows 10's appearance into the modern era, and might just give you a more colorful OS in the bargain. "Flat, monochrome icons look great in context of colorful tiles, but as more icon styles enter the ecosystem, this approach needs to evolve," reveals Christina Koehn, a design leader for Windows and Devices at Microsoft. "When icons in the taskbar and Start menu are different styles, it creates more cognitive load to scan and find applications. We needed to incorporate more visual cues into the icon design language using our modernized Fluent Design Language."

You can read more about Microsoft's approach to updating the icons in Windows 10 in this Medium post.

According to cybersecurity software company Malwarebytes' latest State of Malware report, the amount of malware on Macs is outpacing PCs for the first time ever. Recode reports: Windows machines still dominate the market share and tend to have more security vulnerabilities, which has for years made them the bigger and easier target for hackers. But as Apple's computers have grown in popularity, hackers appear to be focusing more of their attention on the versions of macOS that power them. Malwarebytes said there was a 400 percent increase in threats on Mac devices from 2018 to 2019, and found an average of 11 threats per Mac devices, which about twice the 5.8 average on Windows.

Now, this isn't quite as bad as it may appear. First of all, as Malwarebytes notes, the increase in threats could be attributable to an increase in Mac devices running its software. That makes the per-device statistic a better barometer. In 2018, there were 4.8 threats per Mac device, which means the per-device number has more than doubled. That's not great, but it's not as bad as that 400 percent increase. Also, the report says, the types of threats differ between operating systems. While Windows devices were more prone to "traditional"; malware, the top 10 Mac threats were adware and what are known as "potentially unwanted programs."

Microsoft is revealing more about its Windows 10X operating system today, which is designed for new dual-screen devices. From a report: The software giant has re-engineered this special variant of Windows 10 to install and update the operating system a lot faster. This will allow Windows 10X to download an OS update and simply switch to it at reboot, all within less than 90 seconds. That's a big difference from what we're used to with Windows 10 today, which involves the OS downloading an update and then applying it and rebooting. This takes minutes even on high-end systems currently, but Microsoft has developed a special state separation in Windows 10X to improve this radically.

An anonymous reader quotes a report from ZDNet: In May 2019, South Korea's Interior Ministry announced plans to look into switching to the Linux desktop from Windows. It must have liked what it saw. According to the Korean news site Newsis, the South Korean Ministry of Strategy and Planning has announced the government is exploring moving most of its approximately 3.3 million Windows computers to Linux. The reason for this is simple. It's to reduce software licensing costs and the government's reliance on Windows. As Choi Jang-hyuk, the head of the Ministry of Strategy and Finance, said, "We will resolve our dependency on a single company while reducing the budget by introducing an open-source operating system."

How much? South Korean officials said it would cost 780 billion won (about $655 million) to move government PCs from Windows 7 to Windows 10. [...] Windows will still have a role to play for now on South Korean government computers. As the Aju Business Daily, a South Korean business news site, explained: Government officials currently use two physical, air-gapped PCs. One is external for internet use, and the other is internal for intranet tasks. Only the external one will use a Linux-based distro. Eventually, by 2026, most civil servants will use a single Windows-powered laptop. On that system, Windows will continue to be used for internal work, while Linux will be used as a virtual desktop via a Linux-powered cloud server. This looks to eventually end up as a Desktop-as-a-Service (DaaS) model. The report notes that the Ministry of National Defense and National Police Agency are already using the Ubuntu Linux 18.04 LTS-based Harmonica OS 3.0.

"Meanwhile, the Korean Postal Service division is moving to TMaxOS," reports ZDNet. "The Debian Linux-based South Korean Gooroom Cloud OS is also being used by Defense and the Ministry of Public Administration and Security."

An anonymous reader writes: A weird bug of unknown origins has been hitting Windows 7 computers this week, according to multiple reports online. Windows 7 users have been reporting that they are receiving a popup message that reads "You don't have permission to shut down this computer" every time they attempt to shut down or reboot their systems...

Windows 7 reached official end of life (EOL) on January 14, 2020 and is not scheduled to receive new fixes. Last month, Microsoft made an exception to this rule when it provided a fix for a bug that broke wallpaper display for Windows 7 users. Seeing that rebooting or shutting down your computer is a more important OS feature than wallpaper support, Microsoft will most likely need to make a another exception and deliver a second post-EOL update pretty soon.

In 2017 Elementary OS built a pay-what-you-want app store -- funded with $10,000 raised on IndieGogo. Now they're trying to raise another $10,000 for a one-week, in-person sprint in Denver, Colorado, Forbes reports, to upgrade the store while bringing an even grander concept to reality: That concept comprises 4 main goals:

- Enable open source developers to monetize their apps on every other Linux distribution

- Empower developers to ship apps with cutting-edge technologies

- Improve privacy, security, and stability

- Streamline the payments process

On the technical side of things, the team plans to rebuild AppCenter's backend from the ground up to enable newer technologies developers are asking for, and they're rallying behind the Flatpak packaging format to get it done. They've already been collaborating with the FlatHub team, and plan to bring in developers from Endless and GNOME to ensure that "our solution can be reused and improved by other Flatpak stores and the greater open source desktop ecosystem."
For a donation of $10, "you'll have your name immortalized in the AppCenter code on GitHub," explains a promotional video. (There's already 70 backers who have claimed this perk.) In fact, "Less than 8 hours ago we launched #AppCenterForEveryone, and we're 50% funded," announced an update Friday on Twitter. The campaign's web page shared this note of appreciation.

"With your support, we'll be able to accelerate the timeline on adopting cutting edge technology and making an even more competitive Open Source operating system and a compelling foundation for all Flatpak stores."

A ransomware gang is installing vulnerable GIGABYTE drivers on computers it wants to infect. From a report: The purpose of these drivers is to allow the hackers to disable security products so their ransomware strain can encrypt files without being detected or stopped. This new novel technique has been spotted in two ransomware incidents so far, according to UK cybersecurity firm Sophos. In both cases, the ransomware was RobbinHood, a strain of "big-game" ransomware that's usually employed in targeted attacks against selected, high-value targets. In a report published late last night, Sophos described this new technique as follows:
1. Ransomware gang gets a foothold on a victim's network.
2. Hackers install legitimate Gigabyte kernel driver GDRV.SYS.
3. Hackers exploit a vulnerability in this legitimate driver to gain kernel access.
4. Attackers use the kernel access to temporarily disable the Windows OS driver signature enforcement.
5. Hackers install a malicious kernel driver named RBNL.SYS.
6. Attackers use this driver to disable or stop antivirus and other security products running on an infected host.
7. Hackers execute the RobbinHood ransomware and encrypt the victim's files

An anonymous reader quotes a report from ZDNet: Google has patched this week a critical security flaw in Android's Bluetooth component. If left unpatched, the vulnerability can be exploited without any user interaction and can even be used to create self-spreading Bluetooth worms. Researchers said that exploiting the bug requires no user interaction. All that is required is that the user has Bluetooth enabled on his device. However, while this requirement would have limited the attack surface in past years, it does not today since modern Android OS versions ship with Bluetooth enabled by default and many Android users use Bluetooth-based headphones meaning the Bluetooth service is likely to be enabled on many handsets. The bug can lead to remote code execution and the hijacking of a device. Fixes for the bug are available via the Android February 2020 Security Bulletin, which has been available for download starting this week. Android 9 and earlier are impacted.

Apple this week has been granted a patent for a foldable device with a unique hinge mechanism that utilizes movable flaps to help prevent the display from being creased or damaged when folded. From a report: Published by the U.S. Patent and Trademark Office today, the patent explains that the hinge mechanism would ensure adequate separation between the first and second portions of the display. When the device is unfolded, movable flaps would extend to cover the gap, and then retract when the device is folded. Early foldable smartphones like Samsung's Galaxy Fold and Huawei's Mate X have noticeable creases along the bending portion of the display. Motorola's new foldable Razr avoids this issue with a unique hinge design, but early reviews indicate the device makes creaking sounds when opened or closed.

An anonymous reader quotes a report from VentureBeat: Google today launched Chrome 80 for Windows, Mac, Linux, Android, and iOS. The release includes autoupgrading mixed content to HTTPS, SameSite cookie changes, quieter permission UI for notifications, and more developer features. This release thus beefs up security for the world's most popular browser and begins cracking down on cross-site cookies. You can update to the latest version now using Chrome's built-in updater or download it directly from google.com/chrome. With over 1 billion users, Chrome is both a browser and a major platform that web developers must consider. In fact, with Chrome's regular additions and changes, developers often have to stay on top of everything available -- as well as what has been deprecated or removed. Among other things, Chrome 80 has started deprecating FTP support by disabling it by default for non-enterprise clients.

An anonymous reader quotes a report from Ars Technica: Sudo, a utility found in dozens of Unix-like operating systems, has received a patch for a potentially serious bug that allows unprivileged users to easily obtain unfettered root privileges on vulnerable systems. The vulnerability, tracked as CVE-2019-18634, is the result of a stack-based buffer-overflow bug found in versions 1.7.1 through 1.8.25p1. It can be triggered only when either an administrator or a downstream OS, such as Linux Mint and Elementary OS, has enabled an option known as pwfeedback. With pwfeedback turned on, the vulnerability can be exploited even by users who aren't listed in sudoers, a file that contains rules that users must follow when using the sudo command.

"Exploiting the bug does not require sudo permissions, merely that pwfeedback be enabled," an advisory published by sudo developers said. "The bug can be reproduced by passing a large input to sudo via a pipe when it prompts for a password." The advisory lists two flaws that lead to the vulnerability. The first: pwfeedback isn't ignored as it should be when reading from something other than a terminal. As a result, the saved version of a line erase character remains at its initialized value of 0. The second contributor is that the code that erases the line of asterisks doesn't properly reset the buffer position if there is an error writing data. Instead, the code resets only the remaining buffer length. As a result, input can write past the end of the buffers. Systems with unidirectional pipe allow an attempt to write to the read end of the pipe to result in a write error. Because the remaining buffer length isn't reset correctly when write errors result from line erasures, the stack buffer can be overflowed. The report notes the vulnerability was introduced in 2009 and remained active until 2018, with the release of 1.8.26b1. "Systems or software using a vulnerable version should move to version 1.8.31 as soon as practical," reports Ars. "Those who can't update right away can prevent exploits by making sure pwfeedback is disabled."

There is now a special page in the Firefox browser where users can see what telemetry data Mozilla is collecting from their browser. From a report: Accessible by typing about:telemetry in the browser's URL address bar, this new section is a recent addition to Firefox. The page shows deeply technical information about browser settings, installed add-ons, OS/hardware information, browser session details, and running processes. The information is what you'd expect a software vendor to collect about users in order to fix bugs and keep a statistical track of its userbase. A Firefox engineer told ZDNet the page was primarily created for selfish reasons, in order to help engineers debug Firefox test installs. However, it was allowed to ship to the stable branch also as a PR move, to put users' minds at ease about what type of data the browser maker collects from its users.

Phoronix's Michael Larabel is doing some performance testing on Walmart's $199 Motile-branded M141 laptop (which has an AMD Ryzen 3 3200U processor, Vega 3 graphics, 4GB of RAM, and a 14-inch 1080p display).

But first he compared the performance of its pre-installed Windows 10 OS against the forthcoming Ubuntu 20.04 LTS Linux distribution.

Some highlights: - Java text rendering performance did come out much faster on Ubuntu 20.04 with this Ryzen 3 3200U laptop...

- The GraphicsMagick imaging program tended to run much better on Linux, which we've seen on other systems in the past as well.

- Intel's Embree path-tracer was running faster on Ubuntu...

- Various video benchmarks were generally favoring Ubuntu for better performance though I wouldn't recommend much in the way of video encoding from such a low-end device...

- The GIMP image editing software was running much faster on Ubuntu 20.04 in its development state than GIMP 2.10 on Windows 10...

- Python 3 performance is still much faster on Linux than Windows.

- If planning to do any web/LAMP development from the budget laptop and testing PHP scripts locally, Ubuntu's PHP7 performance continues running much stronger than Windows 10. - Git also continues running much faster on Linux.
Their conclusion? "Out of 63 tests ran on both operating systems, Ubuntu 20.04 was the fastest... coming in front 60% of the time." (This sounds like 38 wins for Ubuntu versus 25 wins for Windows 10.)

"If taking the geometric mean of all 63 tests, the Motile $199 laptop with Ryzen 3 3200U was 15% faster on Ubuntu Linux over Windows 10."

Due to a U.S. government ban on sales to Huawei, Google revoked its license for popular apps last spring (including Gmail and the Play Store). But this week Huawei executive Fred Wangfei suggested that even if that ban is lifted, Huawei would continue developing its own app ecosystem instead to avoid the possibility of future political complications.

The vice president of risk management and partner relations at Huawei later called those remarks "incorrect," while elsewhere Huawei issued a slightly different statement -- that "An open Android ecosystem is still our first choice, but if we are not able to continue to use it, we have the ability to develop our own." But BGR was already noting that Huawei "is ready to invest $3 billion this year to incentivize more than 4,000 developers to improve its Huawei Mobile Services system. Another billion is reserved for marketing purposes."

And Android Authority suggests Huawei should stick to its original statement. "Maybe it's time for Huawei to go all-in on Harmony OS and do what it can to bring a viable alternative to Android and iOS..."
If there's any company today that has the financial resources and raw talent necessary to bring in a viable third choice for smartphone operating systems, it's Huawei... Sure, it would be a long-term investment and there would inevitably be short-term losses as the company tries to find its footing and develop Harmony OS to have its own identity. But it would prevent something like the Huawei ban from happening to the company again as well as further the company's ambitions as not only a smartphone manufacturer but as a technology creator....

Huawei would have major difficulties in encouraging wide adoption of Harmony OS for one major reason: it's Huawei. The Huawei ban exists because the United States government doesn't trust Huawei and there are numerous (as yet unproven) accusations against the company related to espionage, IP theft, fraud, and even violations of international treaties... Huawei is already in a bad situation. It's going to need to dig itself out of the hole it's in regardless, so why not use this opportunity to turn lemons into lemonade and develop Harmony OS as a viable third option on the way?

Maybe the industry needs a shake-up... Maybe a new operating system is just the kind of fire OEMs need to turn the market around. Maybe a real, potent threat that the billions of people who use Android and iOS just might jump ship to something else would scare companies into taking some real risks.

As I said earlier, there aren't too many companies out there right now that could do this, but Huawei could.

The launch of the iPad ten years ago was a big surprise to everyone in the industry -- including to Microsoft executives. Steven Sinofsky, the former President of the Windows Division at Microsoft, shares Microsoft's perspective as well as those of the other industry figures and press on the iPad: The announcement 10 years ago today of the "magical" iPad was clearly a milestone in computing. It was billed to be the "next" computer. For me, managing Windows, just weeks after the launch of Microsoft's "latest creation" Windows 7, it was a as much a challenge as magical. Given that Star Trek had tablets it was inevitable that the form factor would make it to computing (yes, the dynabook...). Microsoft had been working for more than 10 years starting with "WinPad" through Tablet PC. We were fixated on Win32, Pen, and more. The success of iPhone (140K apps & 3B downloads announced that day) blinded us at Microsoft as to where Apple was heading. Endless rumors of Apple's tablet *obviously* meant a pen computer based on Mac. Why not? The industry chased this for 20 years. That was our context. The press, however, was fixated on Apple lacking an "answer" (pundits seem to demand answers) to Netbooks -- those small, cheap, Windows laptops sweeping the world. Over 40 million sold. "What would Apple's response be?" We worried -- a cheap, pen-based, Mac. Sorry Harry!

Jobs said that a new computer needed to be better at some things, better than an iPhone/iPod and better than a laptop. Then he just went right at Netbooks answering what could be better at these things. "Some people have thought that that's a Netbook." (The audience joined in a round of laughter.) Then he said, "The problem is ... Netbooks aren't better at anything ... They're slow. They have low quality displays ... and they run clunky old PC software ... They're just cheap laptops." "Cheap laptops" ... from my perch that was a good thing. I mean inexpensive was a better word. But we knew that Netbooks (and ATOM) were really just a way to make use of the struggling efforts to make low-power, fanless, intel chips for phones. A brutal takedown of 40M units. Sitting in a Le Corbusier chair, he showed the "extraordinary" things his new device did, from browsing to email to photos and videos and more. The real kicker was that it achieved 10 hours of battery life -- unachievable in PCs struggling for 4 hours with their whirring fans.

There was no stylus..no pen. How could one input or be PRODUCTIVE? PC brains were so wedded to a keyboard, mouse, and pen alternative that the idea of being productive without those seemed fanciful. Also instant standby, no viruses, rotate-able, maintained quality over time... As if to emphasize the point, Schiller showed "rewritten" versions of Apple's iWork apps for the iPad. The iPad would have a word processor, spreadsheet, and presentation graphics. Rounding out the demonstration, the iPad would also sync settings with iTune -- content too. This was still early in the travails of iCloud but really a game changer Windows completely lacked except in enterprise with crazy server infrastructure or "consumer" Live apps. iPad had a 3G modem BECAUSE it was built on the iPhone. If you could figure out the device drivers and software for a PC, you'd need a multi-hundred dollar USB modem and a $60/month fee at best. The iPad made this a $29.99 option on AT&T and a slight uptick in purchase price. Starting at $499, iPad was a shot right across the consumer laptop. Consumer laptops were selling over 100 million units a year! Pundits were shocked at the price. I ordered mine arriving in 60/90 days.

At CES weeks earlier, there were the earliest tablets -- made with no help from Google a few fringe Chinese ODMs were shopping hacky tablets called "Mobile Internet Devices" or "Media Tablets". Samsung's Galaxy was 9 months away. Android support (for 4:3 screens) aways. The first looks and reviews a bit later were just endless (and now tiresome) commentary on how the iPad was really for "consumption" and not productivity. There were no files. No keyboard. No mouse. No overlapping windows. Can't write code! In a literally classically defined case of disruption, iPad didn't do those things but what it did, it did so much better not only did people prefer it but they changed what they did in order to use it. Besides, email was the most used too and iPad was great for that. In first year 2010-2011 Apple sold 20 million iPads. That same year would turn out to be an historical high water mark for PCs (365M, ~180M laptops). Analysts had forecasted more than 500M PCs were now rapidly increasing tablet forecasts to 100s of million and dropping PC. The iPad and iPhone were soundly existential threats to Microsoft's core platform business.

Without a platform Microsoft controlled that developers sought out, the soul of the company was "missing." The PC had been overrun by browsers, a change 10 years in the making. PC OEMs were deeply concerned about a rise of Android and loved the Android model (no PC maker would ultimately be a major Android OEM, however). Even Windows Server was eclipsed by Linux and Open Source. The kicker for me, though, was that keyboard stand for the iPad. It was such a hack. Such an obvious "objection handler." But it was critically important because it was a clear reminder that the underlying operating system was "real" ...it was not a "phone OS". Knowing the iPhone and now iPad ran an robust OS under the hood, with a totally different "shell", interface model (touch), and app model (APIs and architecture) had massive implications for being the leading platform provider for computers. That was my Jan 27, 2010. Further reading: The iPad's original software designer and program lead look back on the device's first 10 years.

Apple applied for a patent for an ambitious design for a new all-in-one computer which integrates both its keyboard and screen into a single curved sheet of glass. The Verge reports: The patent application, which was first spotted by Patently Apple, and which was filed in May last year, describes how the iMac-like computer's "input area" and "display area" could be built into a single continuous surface, while a support structure behind the display could then contain the computer's processing unit, as well as providing space for all the machine's ports.

It's a pretty striking design for a couple of reasons. For one thing, the amount of curved glass involved is far more than Apple has ever used in one of its products before. It's also interesting to see that the company is thinking about taking the iMac's all-in-one design even further, by integrating not just the computer and display together, but also a keyboard and touchpad as well (although the application also describes how the keyboard could be detached during use). The patent also describes how one could dock a MacBook into the device and output the screen to the iMac's display, while its keyboard would pass through a hole in the middle of the machine to let you use it as normal.

Additionally, "the application suggests that its single sheet of glass could fold down its middle to allow you to pack it away when not in use," reports The Verge.

Mark Wycislik-Wilson, writing for BetaNews: Some Windows 7 users who installed the KB4534310 update found that their desktops turned black. With the operating system having now reached end of life, the company said that it would only make a fix available to organizations paying for Windows 7 Extended Security Updates (ESU). But Microsoft has changed its mind. It now says that it will make a patch available for all Windows 7 users, addressing the bug introduced by the last ever freely available Windows 7 update. As we reported the other day, Microsoft had already suggested some workarounds for the black desktop problem. The company had said that it was working on a fix that would be released next month: "We are working on a resolution and estimate a solution will be available in mid-February for organizations who have purchased Windows 7 Extended Security Updates (ESU)."