Language Selection

English French German Italian Portuguese Spanish

Microsoft

If you install Windows 11 on an unsupported PC, you will not get updates

Filed under
GNU
Linux
Microsoft

You can always install Ubuntu or Linux Mint

Being a Linux evangelist it would be very remiss of me not to at least mention it is an option that you have. Linux Distros like Ubuntu and Linux Mint are quite user friendly and easy to set up. It’s a lot easier to install Ubuntu on your laptop or PC than it is to install Windows. You can even install Ubuntu or Linux Mint alongside Windows and choose which OS you want to boot into during startup.

I am always telling people that these days it doesn’t really matter which OS you are using as long as you can install Google Chrome. Most of the stuff we do and need is in the cloud. If you are an accountant for example you can use Sage or QuickBooks in the cloud so there is no need for Windows support. You can use Office 365 or Google Workspace and so much more.

Your OS just sits behind the scenes unobtrusively facilitating your desires. There was a time when desktop apps ruled the roost and this was a big reason for you not to install Linux but those days are long gone. Ubuntu 20.04 will be supported for the next 10 years so, 2030 inenge ichipo!

Ubuntu will also run much faster than Windows 11 will ever will on your old Hardware. You can do that or just keep Windows 10 which Microsoft has said they will keep supporting and updating.

Read more

Microsoft is heading for a new antitrust showdown

Filed under
Microsoft
Legal

In July 2021, the UK government invited startups, businesses, and policymakers to a consultation about the most pressing competition problems in the tech industry, ahead of the launch of its new Digital Market Unit (DMU). One person familiar with the discussions says that something odd was happening behind closed doors. In private discussions entrepreneurs claimed Microsoft was behaving in a way they thought was detrimental to healthy competition; yet none dared to publicly call Microsoft out in the consultation.

Most startups complained about Microsoft’s tendency to “bundle” new features in its products that directly competed with the startups’ core creations. But the source says startup founders were too scared of Microsoft’s reaction to go public with their gripes. The founder of an enterprise software startup said that Microsoft would "absolutely kill" their business if they spoke out, the source claims– implying that they feared the tech giant would make their products incompatible with Microsoft’s software ecosystem.

The DMU consultation is slated to conclude on October 1 – whether any British startup will publicly denounce Microsoft is anyone’s guess.

The episode is indicative of an ongoing shift. While Microsoft has been largely absent from heated discussions about Big Tech’s anticompetitive practices for nearly a decade, new entrants are increasingly worried – if not necessarily vocal – about the company’s dominance in both the enterprise software and cloud domains. Regulators in the UK and Europe might soon start taking notice of that, too.

In the past, Microsoft’s tendency to bundle its software products – such as browsers and media players – together in a way that was considered damaging to competition was slapped down by the EU with multimillionaire fines. But since 2014, under the stewardship of CEO Satya Nadella, Microsoft has managed to pull off two great pivots. First, it swore off a software licence model in favour of Office 365’s cloud-based subscription-based model. Then it restyled itself as a tranquil benevolent actor, a far cry from both the second-wave tech giants routinely on the front pages of newspapers for data gluttony and fake news, and Microsoft’s own cutthroat reputation of yore. But several companies, especially in the less headline-grabbing b2b sector where Microsoft is king, think that it has not really changed.

Read more

Microsoft Exchange Autodiscover protocol found leaking hundreds of thousands of credentials

Filed under
Microsoft
Security

A flaw in Microsoft's Autodiscover protocol, used to configure Exchange clients like Outlook, can cause user credentials to leak to miscreants in certain circumstances.

The upshot is that your Exchange-connected email client may give away your username and password to a stranger, if the flaw is successfully exploited. In a report scheduled to be published on Wednesday, security firm Guardicore said it has identified a design blunder that leaks web requests to Autodiscover domains that are outside the user's domain but within the same top-level domain (TLD).

Exchange's Autodiscover protocol, specifically the version based on POX XML, provides a way for client applications to obtain the configuration data necessary to communicate with the Exchange server. It gets invoked, for example, when adding a new Exchange account to Outlook. After a user supplies a name, email address, and password, Outlook tries to use Autodiscover to set up the client.

Read more

Windows 11 will be the new Vista (or Windows 8)

Filed under
Microsoft

I've been using Windows 10 in production for about two years now - testing it since even before the official release. Early on, my impression was that it was comparable to Windows 7. Okay. Nothing too special, new or revolutionary. Over time, this impression has changed. With subsequent semi-annual releases, I encountered issues I've never had in Windows before, mostly various system errors and bugs that speak of low quality and bad design. Then, Windows 10 would occasionally undo some of my tweaks and options, wasting my time, and forcing me to tighten the screws ever more. All in all, my outlook isn't bright or happy. Bored and exhausted by the nonsense would be the best word.

Now, Windows 11 is coming. As I've done many times in the past, I logged into my Insiders account and started testing, to see what awaits me. Right away, I found the experience quite dejecting. My early impression of Windows 11 Dev Build was mediocre at best, and it progressively got worse with each update. Different from Windows 10, though. What happened was, I found myself reliving 2011, when I tested Windows 8 and came to pretty much the same conclusions. To wit, this is what I think will unfold.

Read more

Security and Proprietary Software

Filed under
Microsoft
Security
  • Security updates for Monday

    Security updates have been issued by Debian (gnutls28, nettle, nextcloud-desktop, and openssl1.0), Fedora (dovecot-fts-xapian, drupal7, ghostscript, haproxy, libtpms, lynx, wordpress, and xen), openSUSE (xen), Red Hat (rh-ruby27-ruby), and SUSE (openssl, openssl1, and xen).

  • Microsoft Ruined Passwords, Now Aims for a Passwordless Future

    There’s no shortage of security people who will tell you that passwords are broken. It’s also not a coincidence how many of them sell products to supplement or replace passwords. Microsoft just announced that the passwordless future is here. In their announcement they make it clear that passwords are broken, and they should know–they broke them!

    This passwordless future requires that Microsoft follow in Apple’s and Google’s footsteps in deciding which software you are allowed to run on your computer. These vendors don’t trust you to manage your own security, instead they want you to hand all trust over to them. Without them in control, they don’t believe your hardware can be trusted and untrusted hardware isn’t allowed to login to the passwordless future. As more vendors follow in Microsoft’s footsteps to implement passwordless logins, they too will anchor their trust in the hardware and ultimately in Microsoft (or Apple or Google). In the name of security and convenience your computer will be less and less your own.

  • American Malware Purveyor That Did Nothing To Limit Misuse Now Horrified To Find Gov't Of India Misused Its Products

    Another malware purveyor is shocked, SHOCKED to discover its products have been used to do Very Bad Things. Thomas Brewster has more details for Forbes. Here's the setup:

  • Does Your Organization Have a Security.txt File?

    It happens all the time: Organizations get hacked because there isn’t an obvious way for security researchers to let them know about security vulnerabilities or data leaks. Or maybe it isn’t entirely clear who should get the report when remote access to an organization’s internal network is being sold in the cybercrime underground.

  • Major agriculture group New Cooperative hit by ransomware attack [iophk: Windows TCO]

    Agriculture group New Cooperative group was hit by a ransomware attack over the weekend, potentially endangering operations of a company key to the agricultural supply chain.

    A spokesperson for New Cooperative confirmed the attack to The Hill on Monday, noting in a statement that the company "recently identified a cybersecurity incident that is impacting some of our company’s devices and systems."

  • [Old] Explainer: Digitech risks for School Boards

    I'm a parent with two children in public schools in Christchurch, NZ. I'm also a software developer with an interest in education. I'm writing this post to make members of NZ school boards of trustees aware of a significant risks they face, but which I believe few if any school boards in NZ recognise, much less attempt to mitigate.

    These risks are created by the software adopted by nearly every school in NZ. This software is provided via national-level agreements made by the Ministry of Education with their vendors, who are mostly US-based multinational technology corporations. Increasingly, school curriculums completely depend on this software.

    Today, nearly every school in NZ is either a 'Microsoft Office 365' or a 'Google Classroom' school. Many schools also embed products like SeeSaw and StoryPark into their student assessment process and depend on them for parental engagement.

    My goal here is to explain the liabilities lurking within this status quo, and how the Ministry of Education has divested responsibility for these liabilities onto individual school board members.

Proprietary Software 'Security'

Filed under
Microsoft
Security

Proprietary Security Issues

Filed under
Microsoft
Mac
Security

Kernel: Microsoft E.E.E. Against Mesa (DirectX, Vista Service Pack 10/11) and HP OMEN Laptops

Filed under
Linux
Microsoft
  • Microsoft Adds An EGL Implementation To Mesa For Windows

    Microsoft is increasingly investing in Mesa as part of working on their Windows Subsystem for Linux graphics support as well as also getting OpenGL and OpenCL working on Windows implemented over Direct3D 12. In fact, Microsoft is one of the gold sponsors for this week's X.Org Developers' Conference (XDC2021).

  • HP OMEN Laptops To Be Better Supported With Linux 5.16 - Phoronix

    HP's higher-end "OMEN" laptop series is set to see better support with the next kernel cycle.

    While just missing out on the Linux 5.15 merge window, one of the early changes queued up so far this week in any of the "-next" branches is the x86 platform drivers picking up HP OMEN laptop support within the HP WMI driver.

  • Orange Publishes An In-Kernel eBPF-Powered Cache - Can Speed Up Memcached By ~18x - Phoronix

    French telecommunications giant Orange has published "BMC" as the (e)BPF Memory Cache providing a cache focused on memcached usage within the Linux kernel.

    Orange's open-source BPF Memory Cache allows for handling memcached requests before the standard network stack and is said to be crash-safe and this module requires no other kernel modules. Additionally, the memcached user-space software itself can run unmodified atop BMC.

Proprietary Software Security

Filed under
Microsoft
Mac
Security
  • OMIGOD: Azure users running Linux VMs need to update now [Ed: They need to abandon Microsoft Azure and get reprimanded by the employer for ever choosing this NSA company as a host in the first place]
  • Microsoft September 2021 Patch Tuesday: Remote code execution flaws in MSHTML, OMI fixed
  • Microsoft Patch Tuesday, September 2021 Edition

    Microsoft today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, Apple has issued an emergency update to fix a flaw that’s reportedly been abused to install spyware on iOS products, and Google‘s got a new version of Chrome that tackles two zero-day flaws. Finally, Adobe has released critical security updates for Acrobat, Reader and a slew of other software.

  • Apple Patches Up Devices In Response To The Exposure Of Yet Another NSO Group Exploit

    Israeli digital arms merchant NSO Group continues to sell its malware to a wide variety of governments. The governments it sells to, which includes a bunch of notorious human rights abusers, continue to use these exploits to target dissidents, activists, journalists, religious leaders, and political opponents. And the manufacturers of the devices exploited by governments to harm people these governments don't like (NSO says "criminals and terrorists," long-term customers say "eh, whoever") continue to patch things up so these exploits no longer work.

  • It's not just you: Emergency software patches are on the rise

    Researchers raised the alarm Monday about a big one: The Israeli spyware company NSO Group, which sells programs for governments to remotely take over people’s smartphones and computers, had figured out a new way into practically any Apple device by sending a fake GIF through iMessage. The only way to guard against it is to install Apple’s emergency software update.

  • Apple Rushes Out Emergency Update to Stop ‘No Click’ Spyware

    The flaw, disclosed Monday by Citizen Lab, allowed a hacker using NSO’s Pegasus malware to gain access to a device owned by an unnamed Saudi activist, according to security researchers. Apple said the flaw could be exploited if a user on a vulnerable device received a “maliciously crafted” PDF file.

More Microsoftisation of Linux Kernel and Linux Foundation

Filed under
Linux
Microsoft
Syndicate content

More in Tux Machines

today's howtos

  • How to use wall command in linux - Unixcop

    wall is (an abbreviation of write to all) is a Unix command-line utility that displays the contents of a computer file or standard input to all logged-in users. It is used by root to send out shutting down message to all users just before poweroff. It displays a message on the terminals of all logged-in users. The messages can_be either typed on the terminal or the contents of a file. Also usually, system administrators send messages to announce maintenance and ask users to log out and close all open programs.The messages ‘re shown to all logged in users with a terminal open.

  • Any Port in a Storm: Ports and Security, Part 1

    When IT and Security professionals talk about port numbers, we’re referring to the TCP and UDP port numbers a service is running on that are waiting to accept connections. But what exactly is a port?

  • Book Review: Data Science at the Command Line By Jeroen Janssens

    Data Science at the Command Line: Obtain, Scrub, Explore, and Model Data with Unix Power Tools written by Jeroen Janssens is the second edition of the series “Data Science at the Command Line”. This book demonstrates how the flexibility of the command line can help you become a more efficient and productive data scientist. You will learn how to combine small yet powerful command-line tools to quickly obtain, scrub, explore, and model your data. To get you started, author Jeroen Janssens provides a Docker image packed with over 80 tools–useful whether you work with Windows, macOS, or Linux.

  • How to Take a Typing Test on Linux With tt

    In the modern era of technology, typing has become one of the most common activities for a lot of professions. Learning to type faster with accuracy can help you get more things done in the same amount of time. However, touch typing is not a skill that you can master overnight. It takes regular practice and testing to improve your speed and accuracy gradually. While there are a lot of websites that help you achieve this, all you essentially need on Linux is a terminal. Let's see how.

  • FIX: Google Chrome doesn’t work on Kali linux
  • How to install OpenToonz on a Chromebook

    Today we are looking at how to install OpenToonz on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below. If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!

Security and DRM Leftovers

Linux 5.15-rc3

So after a somewhat rocky merge window and second rc, things are now
actually looking pretty normal for rc3. Knock wood.

There are fixes all over, and the statistics look fairly regular, with
drivers dominating as they should (since they are most of the tree).
And outside of drivers, we have a fairly usual mix of changes -
architecture fixes, networking, filesystems, and tooling (the latter
being mostly kvm selftests).

Shortlog appended, it's not too long and easy to scan through to get a
flavor for the details if you happen to care.

Please do give it a whirl,

             Linus

Read more Also: Linux 5.15-rc3 Released - Looking "Pretty Normal" Plus Performance Fix - Phoronix

Huawei launches OS openEuler, aims to construct 'ecological base of national digital infrastructure'

Chinese tech giant Huawei launched openEuler operating system (OS) on Saturday, another self-developed OS after the HarmonyOS, as it tries to "solve the domestic stranglehold problem of lacking its homegrown OS in basic technology," and build a full-scenario covered ecosystem to prepare for more US bans. The openEuler OS can be widely deployed in various forms of equipment such as servers, cloud computing and edge computing. Its application scenarios cover Information Technology, Communication Technology and Operational Technology to achieve unifying an operating system with multi-device support, according to the company's introduction. In the ICT field, Huawei provides products and solutions such as servers, storage, cloud services, edge computing, base stations, routers, industrial control among others, all of which need to be equipped with an OS. Huawei has therefore been building capabilities to achieve a unified OS architecture, and meet the demands of different application scenarios, the firm said on Saturday. The openEuler program was initially announced back in 2019 as an open source operating system. Today's launch is an updated one. Read more