Bill Gates has revealed that he thinks everyone would be using Windows Mobile right now if Microsoft hadn't have been caught up in a US Justice Department antitrust investigation. From a report: Speaking at The New York Times' DealBook Conference earlier this week, Gates revealed his thoughts on Microsoft's mobile mistakes. "There's no doubt that the antitrust lawsuit was bad for Microsoft, and we would have been more focused on creating the phone operating system and so instead of using Android today you would be using Windows Mobile," claimed Gates. "If it hadn't been for the antitrust case... we were so close, I was just too distracted. I screwed that up because of the distraction."

Microsoft's messy move from Windows Mobile to Windows Phone allowed Android to thrive, but at the time the company had the biggest opportunity in mobile and gave it away. Gates also revealed that Microsoft also missed the opportunity to launch Windows Mobile on a key Motorola handset. "We were just three months too late on a release Motorola would have used on a phone, so yes it's a winner takes all game," explained Gates. "Now nobody here has ever heard of Windows Mobile, but oh well. That's a few hundred billion here or there."

The latest version of Chrome OS, version 78, adds separate browser and device settings, click-to-call, and picture-in-picture support for YouTube. It also introduces virtual desktop support for the operating system with a feature called Virtual Desks. 9to5Google reports: Chrome is getting another cross-device sharing feature after "Send this page" widely rolled in September. With "click-to-call," you can right-click on phone number links -- like tel:800-800-8000 -- to have them sent to your Android device. It's quicker than manually entering those digits or transferring via email. Chrome OS 78 will separate browser and device settings. The former is accessible directly at chrome://settings and what opens when clicking "Settings" at the bottom of the Overflow menu in the top-right corner of any browser window. It opens as a tab and provides web-related preferences. Meanwhile, chrome://os-settings opens as its own window, and can be accessed from the quick settings sheet. It provides device options like Wi-Fi, Bluetooth, and Assistant in a white Material Theme UI with an icon in the launcher/app shelf.

YouTube for Android now supports picture-in-picture with Chrome OS 78. After starting a video in the mobile client, switching to another window, covering, or minimizing the app will automatically open a PiP in the bottom-right corner. Available controls include switching to audio, play/pause, and skipping to the next track. In the top-left, you can expand the window and a settings gear on the other side allows you to open system settings. Tapping in the center expands and returns you to the YouTube Android app. Chrome OS 78 simplifies the printing experience by automatically listing compatible printers without any prior setup required. There are also a number of Linux on Chrome OS enhancements in this version:

- Backups of Linux apps and files can now be saved to local storage, external drive, or Google Drive. That copy can be then restored when setting up a new computer.
- Crostini GPU support will be enabled by default for a "crisp, lower-latency experience."
- You'll be warned when using a Linux app that does not support virtual keyboard in tablet mode.

Google has confirmed to The Verge that it will release "one final software update" next month for the original Google Pixel and Pixel XL. From the report: As of yesterday, it looked like the original Pixel was done getting updates, as Google released its November security update for most Pixel phones, but nothing for the Pixel or Pixel XL. Google tells The Verge that the Pixels won't get that November update, but it says December's "encapsulates a variety of updates" from the November and December updates that were issued for other Pixels.

It wasn't too surprising to see that Google's original Pixels didn't get yesterday's update. When Google announced the phones in 2016, the company said they would get two years of guaranteed Android version updates and three years of security updates, which is also reflected on Google's support page. That said, Google surprised Pixel owners earlier this year by letting them run Android 10, which is one more year of Android than Google originally promised, and now, they have one final update to look forward to as well.

Xiaomi, which competes with Apple for the top position in the wearable market, today made the competition a little more interesting. The Chinese electronics giant has launched its first smartwatch called the Mi Watch that looks strikingly similar to the Apple Watch in its home market. From a report: The Mi Watch, like the Apple Watch, has a square body with a crown and a button. It sports a 1.78-inch AMOLED display (326 ppi) that offers the always-on capability and runs MIUI for Watch, the company's homegrown wearable operating system based on Google's Wear OS. Inside the metal housing -- aluminum alloy with a matte finish -- are microphones on two sides for recording audio and taking calls, and a loudspeaker on the left to listen to music or incoming calls. The Mi Watch, which comes in one size -- 44mm -- has a ceramic back, which is where the charging pins and a heart rate sensor are also placed. The Mi Watch is powered by Qualcomm's Snapdragon Wear 3100 4G chipset with four Cortex A7 cores clocked at 1.2GHz, coupled with 1GB of RAM and 8GB storage. The company says its first smartwatch supports cellular connectivity (through an eSIM), Wi-Fi, GPS, Bluetooth, and NFC for payments. The Mi Watch should last for 36 hours on a single charge on cellular mode, the company claimed. The Mi Watch is priced at CNY 1,299 ($185) and will go on sale in the country next week.

An anonymous reader quotes a report from ZDNet: Google patched last month an Android bug that can let hackers spread malware to a nearby phone via a little-known Android OS feature called NFC beaming. NFC beaming works via an internal Android OS service known as Android Beam. This service allows an Android device to send data such as images, files, videos, or even apps, to another nearby device using NFC (Near-Field Communication) radio waves, as an alternative to WiFi or Bluetooth. Typically, apps (APK files) sent via NFC beaming are stored on disk and a notification is shown on screen. The notification asks the device owner if he wants to allow the NFC service to install an app from an unknown source. But, in January this year, a security researcher named Y. Shafranovich discovered that apps sent via NFC beaming on Android 8 (Oreo) or later versions would not show this prompt. Instead, the notification would allow the user to install the app with one tap, without any security warning.

The CVE-2019-2114 bug resided in the fact that the Android Beam app was also whitelisted, receiving the same level of trust as the official Play Store app. Google said this wasn't meant to happen, as the Android Beam service was never meant as a way to install applications, but merely as a way to transfer data from device to device. The October 2019 Android patches removed the Android Beam service from the OS whitelist of trusted sources. However, many millions of users remain at risk. If users have the NFC service and the Android Beam service enabled, a nearby attacker could plant malware (malicious apps) on their phones. Since most newly-sold devices have the NFC feature enabled by default, you'll have to disable Android Beam and NFC or update your phone to receive the October 2019 security updates if you want to protect yourself from this bug.

David Ruddock of AndroidPolice technology blog tries to make sense of last week's $2.1 billion acquisition of Fitbit by Google. He argues that Fitbit's offerings -- hardware, software, engineering talent, or even patent wall -- can't save Google's wearable operating system Wear OS. From his column: Hardware is what Google is after, with a blog post cleatly stating its acquisition of Fitbit is about future Wear OS devices, meaning you can probably kiss Fitbit's unloved smartwatch OS goodbye. So, that means we can count on Google leveraging Fitbit's renowned hardware to finally give Wear OS the horsepower and capabilities it needs to compete with Apple, right? Well, no. Fitbit's smartwatches have been most lauded for their long battery life, which has historically been enabled by extremely slow but highly power-efficient processors. The Versa 2 allegedly comes with significant performance improvements, but as a smartwatch, it just isn't very... smart. Michael Fisher points out in his review that the Versa 2's near week-long life on a single charge is only impressive when looked at in a very generous light. The Versa 2 doesn't have GPS, the battery only lasts that long when not using the always-on display (with AoD, it's closer to 3 days), the watch itself doesn't work for almost anything but fitness tracking on its own, and most of your interactions with it end up happening on your smartphone anyway. I can also tell you from experience that the Apple Watch Series 5 lasts about two days on a charge with the always-on display enabled (and Samsung's watches last even longer), so Fitbit managing a day more which a much less useful watch isn't exactly game-changing technology.

In short, Fitbit's products are not ones Google should be excited about buying. The hardware is nothing special, and the software is clearly going in the dumpster. What has Google bought, then? The sad, very practical truth is probably patents and engineers. Fitbit does develop at least some of its hardware in-house, and likely has a decent number of patents related to fitness tracking and basic wearable technology, including those stemming from its acquisition of Pebble. Its product engineers would receive resources and tools at Google that Fitbit may not have afforded them. In short: Google's purchase is almost certainly a speculative one. Google is hoping that Fitbit's technology portfolio and its engineering talent can create a better, faster, stronger Wear OS watch. That isn't the kind of acquisition that screams "our product is successful," it's one that looks far more like a Hail Mary from a company that is rapidly losing any hope of remaining relevant in the wearables space. A more cynical view of Google's acquisition might argue that this is more about Fitbit's brand and users than anything else. If Google simply markets its in-house smartwatches as Fitbits running Wear OS, it would be more able to tap into Fitbit's existing customer base and retail relationships. Customer base is something Wear OS is sorely missing at the moment, and Fitbit is a brand that many consumers recognize, albeit mostly for the company's "dumb" fitness trackers, not its smartwatches. Speaking of, given Google's focus on Wear OS as part of this acquisition, my guess is that those more popular but very basic trackers will be discontinued.

Google announced this morning that it has entered an agreement to buy Fitbit for $2.1 billion. In a blog post, Google's Senior Vice President of Devices & Services, Rick Osterloh, said the company sees "an opportunity to invest even more in Wear OS as well as introduce Made by Google wearable devices into the market." He added, "Fitbit has been a true pioneer in the industry and has created engaging products, experiences and a vibrant community of users. By working closely with Fitbit's team of experts, and bringing together the best AI, software and hardware, we can help spur innovation in wearables and build products to benefit even more people around the world." From a report: Google's Wear OS wearable platform has been in something of a rut for the last few years. The company introduced the Android Wear to Wear OS rebrand in 2018 to revitalize its branding/image, but the hardware offerings have still been pretty ho-hum. Third-party watches like the Fossil Gen 5 have proven to be quite good, but without a proper "Made by Google" smartwatch and other major players, such as Samsung, ignoring the platform, it's been left to just sort of exist.

Fedora 31 has just rolled out the door. From a report: Is it an exciting release? No, not really. Sure, enthusiasts will find themselves thrilled withe inclusion of the GNOME 3.34 desktop environment (with Qt Wayland by default), Linux 5.3 kernel, and Mesa 9.2, but otherwise, it is fairly boring. You know what? That's not a bad thing. In 2019, Fedora is simply a mature and stable operating system that only needs to follow an evolutionary path at this time -- not revolutionary. It stands alone as the world's best desktop Linux distribution. "Fedora 31 Workstation provides new tools and features for general users as well as developers with the inclusion of GNOME 3.34. GNOME 3.34 brings significant performance enhancements which will be especially noticeable on lower-powered hardware. Fedora 31 Workstation also expands the default uses of Wayland, including allowing Firefox to run natively on Wayland under GNOME instead of the XWayland backend as with prior releases," says The Fedora Project.

Apple has released iOS 13.2 today, bringing over 60 new emoji, new Siri privacy settings, and Apple's new Deep Fusion camera technology. 9to5Mac reports: There are over 60 new emoji and emoji variations in iOS 13.2. Apple first previewed these emoji over the summer, and they are now available for everyone. In total, the new 2019 emoji set includes 59 new characters that make up for 75 total variations when gender options are taken into account, and 230 options when skin tone options are included. iOS 13.2 also includes the Announce Messages with Siri feature that was originally meant for iOS 13. This feature allows Siri to read messages back to you when connected to AirPods or other headphones with Apple's H1 chip.

Perhaps most notably, especially for iPhone 11 users, iOS 13.2 includes Apple's new Deep Fusion camera technology. Deep Fusion is Apple's new image processing technology that works in the background to improve image quality for iPhone 11 and iPhone 11 Pro users. iOS 13.2 also includes new Siri privacy settings that allow you to opt in or opt out of sharing your Siri interactions with Apple. You'll see a new splash screen the first time you boot into iOS 13.2 asking your preference. Last but not least, iOS 13.2 also includes support for the just-announced AirPods Pro. This includes settings for Transparency and Active Noise Cancellation modes.

Microsoft officials said the company's Azure Sphere microcontroller (MCU) and associated cloud security service will be generally available in February 2020. From a report: Microsoft also introduced new branding today for the ThreadX RTOS technology it acquired when it bought Express Logic in April 2019. Going forward, this product will be known as Azure RTOS. ThreadX is one of the most-deployed real-time operating systems in the world. Today, Microsoft said that Renesesas, a major microcontroller manufacturer, announced that Azure RTOS will be be broadly available across its products, including the Synergy and RA MCU families. Microsoft has been working for at least a couple of years to secure low-cost Internet-connected devices. Microsoft Research's "Project Sopris" was all about creating a highly secure microcontroller. That project morphed into Azure Sphere, which Microsoft announced in April 2018. The first Azure Sphere chip was the MediaTek MT3620, which included an onboard security subsystem MIcrosoft christened "Pluton." The Azure Sphere OS included a Microsoft-developed custom Linux kernel, plus secured application containers.

SmartAboutThings tipped us off to an interesting bug reported by ZDNet Thursday: For the fourth time in three months, a Symantec security product is crashing user apps, and this time it's the latest Chrome release, v78, which rolled out earlier this week, on Tuesday, October 22. According to reports on Reddit [1, 2] the Google support forums [1, 2], and in comments on the official Google Chrome blog, Symantec Endpoint Protection 14 is crashing Chrome 78 instances with an "Aw, Snap! Something went wrong while displaying this webpage" error... The errors have been plaguing users for the past two days, with the vast majority of reports coming from enterprise environments, where SEP installs are more prevalent....

According to the antivirus maker, the issues are only affecting SEP 14 users on Windows 10 RS1, Windows Server 2012, and Windows Server 2016 operating systems. Symantec users on other OS versions can fix this by updating to the latest SEP 14.2 release. Users of Microsoft Edge Chromium are also impacted, but the Chromium-based Edge version has not been officially released; hence there are almost no users impacted by this issue in the real world...

Symantec blamed the issue on Microsoft's Code Integrity security feature, which Google uses to protect the Chrome browser process. As a temporary solution, Symantec recommends that users exclude Chrome from receiving protection from their antivirus product, or modify their Chrome clients, so the browser starts without Code Integrity protections. However, this opens the browser to various attacks and is not recommended as long as users can simply use another browser until this is fixed.
ZDNet adds that the issue "should have not surprised Symantec staff, who received early warnings about this more than three months ago, according to a bug report filed in early August while Chrome 78 was still in testing in the Canary channel."

Reddit users have discovered that the Pixel 4's 90Hz refresh rate drops to 60Hz when the display brightness falls below 75 percent. This means that you're only getting the full 90Hz display rate when the brightness level is high. The Verge reports: It's not clear why Google has chosen the 75 percent mark, but droidlife has discovered you can head into the developer settings and force the 90Hz setting to always be enabled regardless of brightness levels. This will likely impact the battery life, which is something you'll want to consider before forcing the 90Hz display to always-on. Other 90Hz OLED Android phones like the OnePlus 7T keep the display running at its max 90Hz all of the time, but Google has stated it will automatically switch the display refresh rate on the Pixel 4 "for some content." Google issued a statement explaining its decision to limit the refresh rate, adding that it will issue an update in the coming weeks that will allow 90Hz in more brightness conditions.

Here's the full statement: "We designed Smooth Display so that users could enjoy the benefits of 90Hz for improved UI interactions and content consumption, while also preserving battery when higher refresh rates are not critical by lowering back down to 60Hz. In some conditions or situations, however, we set the refresh rate to 60Hz. Some of these situations include: when the user turns on battery saver, certain content such as video (as it's largely shot at 24 or 30fps), and even various brightness or ambient conditions. We constantly assess whether these parameters lead to the best overall user experience. We have previously planned updates that we'll roll out in the coming weeks that include enabling 90hz in more brightness conditions."

As for whether or not 90Hz has a serious impact on battery life, YouTube Tech Reviewer Matthew Moniz reports only a marginal difference.

Google today shared that in August 2019, Android Pie had 22.6% adoption. From a report: That means the second-latest version of Android was running on a fifth of devices after some 12 months. Google did not share adoption numbers for any other Android version, including Android 10, the latest version that started rolling out last month. Meanwhile, iOS 13 passed 50% adoption in less than a month. With over 2.5 billion active Android devices out there, Android's distribution is useful information for anyone who makes decisions regarding Google's mobile operating system.

The Pixel 4 is shipping with a face-unlock security issue that's not expected to get fixed for quite some time. "Unlike the iPhone's FaceID (and Google's earlier face-unlock system on Android 4.1), the Pixel 4's face unlock doesn't look for the user's eyes, so the phone could be pointed at a sleeping or unconscious owner and unlocked without their consent," reports Ars Technica. Google said in a statement that a fix requiring a user's eyes to be looking at the device "will be delivered in a software update in the coming months." Ars Technica reports: The Pixel 4 was announced last week, and instead of including a fingerprint reader like most Android phones do, the Pixel 4 features Google's newly developed face-unlock system as the only biometric option. Google is clearly chasing the iPhone here, and the Pixel 4's face unlock works just like Apple's Face ID system: an IR dot projector blasts a grid of invisible dots onto the user's face, and a camera (a pair of cameras, in the case of the Pixel 4) reads the user's face in 3D. As part of the many pre-release Pixel 4 leaks, screenshots of pre-release builds of the Pixel 4's software showed an option to "require eyes to be open." So we know Google hasn't been completely blindsided by this problem; the fix just wasn't ready in time for launch.

Microsoft today announced a new initiative to combat threats specifically targeted at the firmware level and data stored in memory: Secured-core PCs. From a report: Microsoft partnered with chip and computer makers to apply "security best practices of isolation and minimal trust to the firmware layer, or the device core, that underpins the Windows operating system." Secured-core PCs will be available from Dell, Dynabook, HP, Lenovo, Panasonic, and Surface. Microsoft hasn't released a full list of Secured-core PCs, but two examples include HP's Elite Dragonfly and Microsoft's Surface Pro X.

Firmware is used to initialize the hardware and other software on the device. The firmware layer runs underneath the OS, where it has more access and privilege than the hypervisor and kernel. Firmware is thus emerging as a top target for attackers since the malicious code can be hard to detect and difficult to remove, persisting even with an OS reinstall or a hard drive replacement. Microsoft points to the National Vulnerability Database, which shows the number of discovered firmware vulnerabilities growing each year. As such, Secured-core PCs are designed for industries like financial services, government, and healthcare. They are also meant for workers who handle highly sensitive IP, customer, or personal data that poses higher-value targets for nationstate attackers.

An anonymous reader quotes Engadget: If you've been using Linux on DeX (aka Linux on Galaxy) to turn your Samsung phone into a PC, you'll need to make a change of plans. Samsung is warning users that it's shutting down the Linux on DeX beta program, and that its Android 10 update won't support using the open source OS as a desktop environment. The company didn't explain why it was shutting things down, but it did note that the Android 10 beta is already going without the Linux option...

Samsung is still committed to DeX, and recently enabled its desktop-style space on Macs and Windows PCs. However, it's clear that the dreams of fully replacing a PC with your Galaxy phone will have to wait, at least for now.

Forbes senior contributor Jason Evangelho dedicated a whole article to a coming update for one Chinese-domestic Linux distribution: If you haven't been paying attention to a little Linux desktop distribution called Deepin, it's time to put it on your radar. Nevermind that Huawei chose Deepin to ship on their MateBook laptop lineup. Nevermind that Deepin Cloud Sync [for system settings] is a killer, forward-thinking feature that every Linux distro needs to adopt. Nevermind that its slide-out control center resembles something sexy and sensible straight out of the future. But looking toward 2020, Deepin is poised to be absolutely stunning.

This is without question the most beautiful desktop environment I've ever laid eyes on... For me, the UX is more intuitive and more enjoyable than macOS and Windows 10. And fortunately, a quick setting can also transform Deepin to resemble the traditional Windows or macOS desktop paradigms you're already comfortable with. Hell, even the installer is a breath of fresh air.

But let's take a peek at what's coming next. This week, the Deepin Linux Youtube channel quietly released a preview of its Deepin v20 Launcher (just one component of the forthcoming OS), and it's bound to turn some heads. Take a look [YouTube video]. It's merely a tease ahead of this November's expected Deepin v20 beta release, but the Deepin developers have apparently devoted most of 2019 working on the upcoming version. From the category-driven app browser and animations, to the basic desktop layout we see in the teaser video, things appear quite polished already.
The article points out that Deepin is also a stand-alone desktop environment for any current Linux distribution -- and that it's one of the 248 operating systems available for online testing at DistroTest.net.

Long-time Slashdot reader Kekke shared this article from Ars Technica: A potentially serious vulnerability in Linux may make it possible for nearby devices to use Wi-Fi signals to crash or fully compromise vulnerable machines, a security researcher said.

The flaw is located in the RTLWIFI driver, which is used to support Realtek Wi-Fi chips in Linux devices. The vulnerability triggers a buffer overflow in the Linux kernel when a machine with a Realtek Wi-Fi chip is within radio range of a malicious device. At a minimum, exploits would cause an operating-system crash and could possibly allow a hacker to gain complete control of the computer. The flaw dates back to version 3.10.1 of the Linux kernel released in 2013...

The vulnerability is tracked as CVE-2019-17666. Linux developers proposed a fix on Wednesday that will likely be incorporated into the OS kernel in the coming days or weeks. Only after that will the fix make its way into various Linux distributions.

Nico Waisman, who is a principal security engineer at Github [and discovered the bug] said he has not yet devised a proof-of-concept attack that exploits the vulnerability in a way that can execute malicious code on a vulnerable machine. "I'm still working on exploitation, and it will definitely... take some time (of course, it might not be possible)," he wrote in a direct message. "On paper, [this] is an overflow that should be exploitable. Worst-case scenario, [this] is a denial of service; best scenario, you get a shell."
The article notes that the flaw "can't be triggered if Wi-Fi is turned off or if the device uses a Wi-Fi chip from a different manufacturer."

Following the beta period, one of the best and most popular Linux-based desktop operating systems reaches a major milestone -- you can now download Ubuntu 19.10! Code-named "Eoan Ermine", the distro is better and faster then ever. From a report: By default, Ubuntu 19.10 comes with one of the greatest desktop environments -- GNOME 3.34. In addition, users will be delighted by an all-new optional Yaru light theme. There is even baked-in support for the Raspberry Pi 4. The kernel is based on Linux 5.3 and comes with support for AMD Navi GPUs. There are plenty of excellent pre-installed programs too, such as LibreOffice 6.3, Firefox 69, and Thunderbird 68. While many users will be quick to install Google Chrome, I would suggest giving Firefox a try -- it has improved immensely lately. "With GNOME 3.34, Ubuntu 19.10 is the fastest release yet with significant performance improvements delivering a more responsive and smooth experience, even on older hardware. App organization is easier with the ability to drag and drop icons into categorized folders, while users can select light or dark Yaru theme variants depending on their preference or for improved viewing accessibility. Native support for ZFS on the root partition is introduced as an experimental desktop installer option. Coupled with the new zsys package, benefits include automated snapshots of file system states, allowing users to boot to a previous update and easily roll forwards and backwards in case of failure," says Canonical.

If Chrome for Android users visit a site where they enter passwords, Chrome will isolate that site from all the other tabs in a separate Android process, keeping the user's data safe from Spectre-like attacks, Google said today. From a report: Furthermore, Site Isolation, which has been available for desktop users since July 2018, has also been expanded for Windows, Mac, Linux, and Chrome OS users, which now receive protection against more attacks than the original Meltdown and Spectre vulnerabilities. Site Isolation is a Chrome security feature that Google started developing as a way to isolate each website from one another, so malicious code running on one site/tab couldn't steal data from other websites/tabs. Site Isolation was developed to act as a second layer of protection on top of Same Origin Policy (SOP), a browser feature that prevents websites from accessing each other's data. Google developed Site Isolation because browser bugs often allowed sites to jump the SOP barrier and steal user data stored in the browser, created by other sites.