The Morning After: Microsoft, Linux and Windows 10 - Engadget

Sponsored Links

ASSOCIATED PRESS

Hey, good morning! You look fabulous.

The week started with Microsoft's big developer conference, and at 1 PM ET, we'll be coming to you live from Google I/O 2019. Until then, check out the big news about Linux, and the first new iPhone game we've seen from Apple in over a decade.

---

For your consideration.Is it time we gave nuclear power another chance?

For a variety of reasons, nuclear power has been benched and is currently contributing a lot less than it could to our global energy needs. As the world looks for carbon-free energy sources to use before climate catastrophe strikes, Daniel Cooper explains why fusion should be on the table as an option.

---

This is the year of the Linux desktop.Windows 10 will get a built-in Linux kernel this summer

Microsoft announced in a blog post that it's going to ship a full Linux kernel in Windows 10. It will arrive first with Insider preview builds by the end of June, underpinning the new Windows Subsystem for Linux 2. By making this switch as a "drop-in replacement" for the current emulator, it should speed up performance significantly, with faster bootup and more efficient use of memory. Right now, developers can try out a new Windows Terminal command-line app.

---

Amazon's AI is ready to wake up when you do.You can tell Alexa to set a routine for sunrise instead of a specific time

As of today, you can set up an Alexa routine to trigger actions when your alarm stops. You might prompt Alexa to read your flash briefing a few minutes after your alarm goes off, or perhaps to turn on the coffee machine once you've finally stopped hitting the snooze button. It can trigger actions tied to when your security camera spots a human being or to sunrise/sunset, even as those shift from day to day.

---

Mystery solved?Dust storms may have stolen all Mars' water

After fine dust coated Opportunity's solar panels, the rover apparently lost power and was declared dead by NASA in February 2019. Now, scientists think similar storms may have also delivered a coup de grace to water on Mars, stripping it from its surface for good.

---

Keeping up with CarPlay.Android Auto redesign helps you focus on the road

Google has unveiled a new Android Auto interface that's designed to keep more of your attention on the road and, ultimately, adapt to the reality of modern touchscreen-centric cars. It's finally built to fit wider displays, and a dark theme helps it blend in with more interiors. There's also a new navigation bar that lets you juggle turn-by-turn directions with app controls and calling tasks, as well as a redefined notifications setup. The new revision should make an appearance on all compatible cars this summer.

But wait, there's more...

• Twitter lets you add GIFs to retweets
• Master & Dynamic's MW65 are its first noise-cancelling headphones
• Alexa takes hands-free voice commands on Windows 10 PCs
• Scientists find that playing 'Pokémon' as a kid may have rewired your brain
• Microsoft Edge is getting an Internet Explorer mode
• Microsoft's Fluid Framework is a new take on document collaboration
• Apple's first iPhone game in over a decade stars Warren Buffett
• Commercial drones are way more popular than the FAA expected
• Israel is the first to respond to a cyberattack with immediate force
• Apple's would-be sapphire-glass supplier GT Advanced Technologies charged with fraud

---

The Morning After is a new daily newsletter from Engadget designed to help you fight off FOMO. Who knows what you'll miss if you don't Subscribe.

Craving even more? Like us on Facebook or Follow us on Twitter.

Have a suggestion on how we can improve The Morning After? Send us a note.

In this article: art, entertainment, gadgetry, gadgets, gaming, gear, internet, mobile, opinion, personal computing, personalcomputing, security, themorningafter

Shares

Share

Tweet

Share

Save

Let's block ads! (Why?)

https://www.engadget.com/2019/05/07/the-morning-after/

2019-05-07 10:30:27Z
52780287597808

Samsung will cancel unconfirmed Galaxy Fold orders if it doesn’t ship this month - The Verge

Samsung says it will cancel all orders for the Galaxy Fold if it has not shipped the device by May 31st and if it has not heard otherwise from existing preorder customers, reports Reuters. Samsung postponed the original April 26th release date indefinitely after early tech reviewers damaged their devices during ordinary usage. The company is yet to confirm a revised release date for its foldable smartphone.

“If we do not hear from you and we have not shipped by May 31st, your order will be canceled automatically,” reads the email sent to Galaxy Fold pre-order customers on Monday.

When it announced the delay, Samsung said it was taking measures to “strengthen the display” in light of the reported issues. An email from AT&T appeared to suggest that the phone would be released in June, but Samsung’s latest announcement indicates that this is far from certain.

Let's block ads! (Why?)

https://www.theverge.com/circuitbreaker/2019/5/7/18535075/samsung-galaxy-fold-cancel-orders-may-31-indefinite-delay-preorders

2019-05-07 08:54:09Z
52780285492037

Samsung is still ‘enhancing’ the Galaxy Fold, assumes you want to cancel order - Android Authority

It’s been a pretty quiet few weeks for the Samsung Galaxy Fold, as the company investigates several defects reported by reviewers. The Korean company has reportedly issued an update this week though.

In an email sent to pre-order customers (obtained by Droid-Life), Samsung noted that it was “making progress in enhancing” the foldable phone.

“This means that we cannot confirm the anticipated ship date yet,” the Korean firm explains. The lack of a shipping date suggests the company simply needs more time to carry out required changes, or that it’s still investigating defects.

Droid-Life

The email also calls for customers to tap a button to ensure they keep their Galaxy Fold pre-order. “If we do not hear from you and we have not shipped by May 31st your order will be cancelled automatically,” reads an excerpt of the message.

We’re glad to see the firm providing an update of sorts to consumers, although the automatic pre-order opt-out is a little strange. After all, what if you don’t have access to your email for whatever reason? Samsung will simply assume you don’t want a device you’ve pre-ordered anyway. Users have roughly four weeks to respond to the email though, so that should be plenty of time to make a decision.

Read: The ultimate guide to replacing your smartphone battery

The delay comes after several reviewers reported issues with Galaxy Fold sample units. Several users accidentally peeled off an integral screen layer on the foldable phone, while a few others reported completely broken main screens.

Hopefully Samsung’s changes are enough to prevent any more serious issues with the Galaxy Fold. Are you still interested in the device? Let us know in the comments.

NEXT: Google Fi accidentally charging customers full price for discounted Pixel 3 phones

Let's block ads! (Why?)

https://www.androidauthority.com/samsung-galaxy-fold-enhance-982951/

2019-05-07 06:28:00Z
52780285492037

Stolen NSA hacking tools were used in the wild 14 months before Shadow Brokers leak - Ars Technica

Enlarge / The National Security Agency headquarters in Fort Meade, Maryland.

National Security Agency

On of the most significant events in computer security came in April 2017, when a still-unidentified group calling itself the Shadow Brokers published a trove of the National Security Agency’s most coveted hacking tools. The leak and the subsequent repurposing of the exploits in the WannaCry and NotPetya worms that shut down computers worldwide made the theft arguably one of the NSA’s biggest operational mistakes ever.

On Monday, security firm Symantec reported that two of those advanced hacking tools were used against a host of targets starting in March 2016, fourteen months prior to the Shadow Brokers leak. An advanced persistent threat hacking group that Symantec has been tracking since 2010 somehow got access to a variant of the NSA-developed DoublePulsar backdoor and one of the Windows exploits the NSA used to remotely install it on targeted computers.

Killing NOBUS

The revelation that the powerful NSA tools were being repurposed much earlier than previously thought is sure to touch off a new round of criticism about the agency’s inability to secure its arsenal.

“This definitely should bring additional criticism of the ability to protect their tools,” Jake Williams, a former NSA hacker who is now a cofounder of Rendition Infosec, told Ars. “If they didn't lose the tools from a direct compromise, then the exploits were intercepted in transit or they were independently discovered. All of this completely kills the NOBUS argument.”

“NOBUS” is shorthand for nobody but us, a mantra NSA officials use to justify their practice of privately stockpiling certain exploits, rather than reporting the underlying vulnerabilities so they can be fixed.

Symantec researchers said they didn’t know how the hacking group—known alternately as Buckeye, APT3, Gothic Panda, UPS Team, and TG-0110—obtained the tools. The researchers said the limited number of tools used suggested the hackers’ access wasn’t as broad as the access enjoyed by the Shadow Brokers. The researchers speculated that the hackers may have reverse engineered technical “artefacts” they captured from attacks the NSA carried out on it own targets. Other less likely possibilities, Symantec said, were Buckeye stealing the tools from an unsecured or poorly secured NSA server or a rogue NSA group member or associate leaking the tools to Buckeye.

The attack used to install Buckeye's DoublePulsar variant exploited a Windows vulnerability indexed as CVE-2017-0143. It was one of several Windows flaws exploited in Shadow Broker-leaked NSA tools with names that included Eternal Romance and Eternal Synergy. Microsoft patched the vulnerability in March 2017 after being tipped off by NSA officials that the exploits were likely to be published soon.

Symantec’s report means that by the time the NSA reported the vulnerabilities to Microsoft, they had already been exploited in the wild for months.

“The fact that another group (besides NSA) were able to successfully exploit the Eternal series of vulnerabilities successfully is very impressive,” Williams said. “It speaks to their technical abilities and resourcing. Even if they stole the vulnerabilities while they were being used on the network, that's not enough to recreate reliable exploitation without tons of extra research.”

Tale of two exploits

Security protections built into modern versions of Windows required two separate vulnerabilities be exploited to successfully install DoublePulsar. Both the NSA and Buckeye exploited CVE-2017-0143 to corrupt Windows memory. From there, attackers needed to exploit a separate vulnerability that would divulge the memory layout of the targeted computer. Buckeye relied on a different information-disclosure vulnerability than the NSA’s Eternal attacks used. The vulnerability used by Buckeye, CVE-2019-0703, received a patch in March, six months after Symantec privately reported it to Microsoft.

Symantec said the earliest known instance of Buckeye using the NSA variants came on March 31, 2016 in an attack on a target in Hong Kong. It came in a custom-designed trojan dubbed Bemstour that installed DoublePulsar, which runs only in memory. From there, DoublePulsar installed a secondary payload that gave the attackers persistent access to the computer, even if it was rebooted and DoublePulsar was no longer running. An hour after the Hong Kong attack, Buckeye used Bemstour against an educational institution in Belgium.

Six months later—sometime in September, 2016—Buckeye unleashed a significantly improved variant of Bemstour on an educational institution in Hong Kong. One improvement: unlike the original Bemstour, which ran only on 32-bit hardware, the updated version ran on 64-bit systems as well. Another advance in the updated Bestour was its ability to execute arbitrary shell commands on the infected computer. This allowed the malware to deliver custom payloads on 64-bit infected computers. The attackers typically used the capability to create new user accounts.

Bemstour was used again in June 2017 against a target in Luxembourg. From June to September of that year Bemstour infected targets in the Philippines and Vietnam. Development of the trojan continued into this year, with the most recent sample having a compilation date of March 23, 11 days after Microsoft patched the CVE-2019-0703 zeroday.

Symantec researchers were surprised to see Bemstour being actively used for so long. Previously, the researchers believed that APT3 had disbanded following the November 2017 indictment of three Chinese nationals on hacking charges. While the indictment didn’t identify the group the defendants allegedly worked for, some of the tools prosecutors identified implicated APT3.

Monday’s report said Bemstour’s use following the apparent disappearance of Buckeye remained a mystery.

“It may suggest that Buckeye retooled following its exposure in 2017, abandoning all tools publicly associated with the group,” company researchers wrote. “However, aside from the continued use of the tools, Symantec has found no other evidence suggesting Buckeye has retooled. Another possibility is that Buckeye passed on some of its tools to an associated group.”

Let's block ads! (Why?)

https://arstechnica.com/information-technology/2019/05/stolen-nsa-hacking-tools-were-used-in-the-wild-14-months-before-shadow-brokers-leak/

2019-05-07 06:15:01Z
52780287960344

Windows 10 will get a built-in Linux kernel this summer - Engadget

Sponsored Links

The new Windows Terminal Microsoft

The suddenly-cozy relationship between Linux and Windows is taking another step forward, as Microsoft announced in a blog post that it's going to ship a full Linux kernel in Windows 10. It will arrive first with Insider preview builds by the end of Jun, underpinning the new Windows Subsystem for Linux 2. The first release will be based on version 4.19, the latest stable Linux release, and will keep up with each stable release going forward. According to Microsoft this isn't its first release of a Linux kernel -- that came last year on Azure Sphere -- but it is the first time on Windows.

By making this switch as a "drop-in replacement" for the current emulator, it should speed up performance significantly, with faster bootup and more efficient use of memory. Users can interface with it either by installing a distribution from the Microsoft Store or sideloading.

Also, the kernel itself will be open source, with instructions available to create your own, and Microsoft has pledged to contribute changes it makes open for others to use. All of this news also came after Microsoft earlier announced a new version of its Windows Terminal command line app.

Catch up on all the latest news from Build 2019 here!

Source: Microsoft (1), (2), (3)

Coverage: Thurrott, Hacker News, ZDNet

In this article: build 2019, build2019, gear, Linux, microsoft, personal computing, personalcomputing, Windows 10, Windows Insider, Windows Subsystem for Linux, Windows Terminal

1822 Shares

Share

Tweet

Share

Save

Let's block ads! (Why?)

https://www.engadget.com/2019/05/07/linux-windows-10-terminal/

2019-05-07 05:13:01Z
52780287597808

Google refreshes Android Auto with new features and a darker look - TechCrunch

Android Auto — the in-car platform that brings the look and functions of a smartphone to the vehicle’s central screen — is getting a new look and improved navigation and communication features that will roll out this summer.

The improvements and new look were revealed Monday during Google I/O 2019, the annual developer conference.

The most noticeable change might be the overall look of Android Auto. It now has a dark theme, new fonts and color accents designed to make it easier for drivers to quickly and more easily see the content on the car’s central screen.

The new version of Android Auto has also improved its notifications. Drivers can choose to view, listen and respond to messages and calls more easily.

Engineers have updated the software to make it more seamless. The system, if properly enable, would pop up on the car’s screen once the vehicle was turned on. However, the user would still have to restart their media or navigation option. Now, Android Auto will continue playing the media and navigation app of the driver’s choice. Drivers can  tap on a suggested location or say “Hey Google” to navigate to a new place.

The navigation bar on Android Auto has changed as well. Drivers will be able to see their turn-by-turn directions and control apps and phone on the same screen.

Finally, the platform has been adjusted so it will fit various sized-screens. Android Auto now maximizes the in-car display to show more information, like next-turn directions, playback controls and ongoing calls.

Android Auto is not an operating system. It’s a secondary interface — or HMI layer — that sits on top of an operating system. Google released Android Auto in 2015. Rival Apple introduced its own in-car platform, Apple CarPlay, that same year.

Automakers that wanted to give consumers a better in-car experience without giving Google or Apple total access quickly adopted the platform. Even some holdouts, such as Toyota, have come around. Today, Android Auto is available in more than 500 car models from 50 different brands, according to Android Auto product manager Rod Lopez.

Google has since developed an operating system called Android Automotive OS that’s modeled after its open-source mobile operating system that runs on Linux. Instead of running smartphones and tablets, Google modified it so it could be used in cars. Polestar, Volvo’s standalone performance electric car brand, is going to produce a new vehicle, the Polestar 2 that has an infotainment system powered by Android Automotive OS.

Let's block ads! (Why?)

https://techcrunch.com/2019/05/06/google-refreshes-android-auto-with-new-features-and-a-darker-look/

2019-05-06 17:00:54Z
52780287638809

Google may let users limit tracking in Chrome - Engadget

Sponsored Links

Carsten Koall/Getty Images

Google might not be done tightening privacy controls. Wall Street Journal contacts claim that the search firm is poised to launch a "dashboard-like" element in Chrome that would not only show more detail about tracking cookies, but give you options to limit them. While the concept isn't novel (Mozilla practically builds Firefox around tracking protection), it would be a significant break for a company whose very business revolves around advertising and user data.

The tools could arrive "as soon as this week," the sources said.

While the tools would come as a relative surprise to users, they've apparently been six years in the making. In addition to technical concerns, Google reportedly talked to advertising executives to gauge their opinions on "hypothetical scenarios" due to the seriousness of the change. While tracking cookies aren't as heavily used as in the past (smartphone apps play a large role), many advertisers still use them for targeting. These marketers may have to rethink their strategies knowing that Chrome users can easily disable tracking.

Not that Google is likely to mind much. The company reportedly stepped up its anti-tracking efforts in the wake of Facebook's Cambridge Analytica scandal, and is overall more concerned about privacy than it has been in the past. The damage done to advertisers might be considered worth the trade-off if users put more trust in Google and stick to its software.

Source: Wall Street Journal

In this article: browser, chrome, cookies, gear, google, internet, personal computing, personalcomputing, privacy, software, tracking, web

Shares

Share

Tweet

Share

Save

Let's block ads! (Why?)

https://www.engadget.com/2019/05/06/google-chrome-tracking-cookie-tool-leak/

2019-05-06 15:47:53Z
CAIiEPk8OdouTFxFoI5EAbiC25sqGAgEKg8IACoHCAowwOjjAjDp3xswpuqvAw