MIPS Technologies, the company that had been synonymous with the MIPS processor architecture, will now be developing processors based on RISC-V architecture. TuxPhones reports: The MIPS silicon manufacturer is one of the oldest RISC chip manufacturers, used in several systems since the late 80s. Characterized by clean and efficient designs, allowing adaption in varied applications, this company has been considered one of the most innovative in the market during its golden age - to the point that the Windows OS had a MIPS port in the early 90s. However, the company has been struggling with an increasingly lower market share and risked bankruptcy in recent years, ultimately leading to acquisition by start-up Wave Computing, which faced bankruptcy last year.

How this company was reborn just weeks ago, exiting the state of bankruptcy, is surprising, but not at all irrational: in its official statement, (the new) MIPS has become a member of RISC-V International, the non-profit organization managing the fully open-hardware ISA, substantially replacing their current architecture with the de facto open chip standard in its entirety. Licensing of the original MIPS architecture to third parties will probably be managed as before, so that the "old" architecture will remain available upon need. This is officially known as the "8th generation" of MIPS chips, indicating a total architectural gap from the previous seven iterations, essentially leaving the old architecture and fully embracing the new one. The Electronic Engineering Journal says it's likely that the new MIPS will continue to honor pre-existing licensing agreements, but it's unclear what level of support the company will offer for older MIPS-based chip designs.

After downloading Microsoft's Edge, "Technically Incorrect" columnist Chris Matyszczyk "was then subject to constant pestering from Microsoft to, well, download the new Edge. Which was an entirely new dimension of irritation."

But occasionally browsing with Edge triggered other responses... Initially, this annoyed Google. When the misguided logged into their Gmail accounts from Edge, Google sent them a helpful message telling them that Chrome was better. You know, fast, simple, and secure. Supposedly. As the months rolled on, things seem to calm down. Google and Microsoft came to a rapprochement. Edge is now the second most popular browser — it does help that it descends upon all Windows users like manna from Seattle.

Perhaps it's Edge's swift rise that has finally made Apple shriek in public. Last week, I opened Edge, only to get a big surprise. In the top right-hand corner of my MacBook Air, there appeared a message. From Apple. "TRY THE NEW SAFARI," shouted the headline. The text added: "Fast, energy efficient and with a beautiful design."

I gasped in wonder. I stared and then, naturally, took a screenshot.

The notifications in the top right-hand corner of my screen are usually confined to declarations of a pending update, or a nag about my last backup. But never actually selling. I've never seen an Apple ad appear there. I don't think I've ever seen Apple instantly react to my opening any rival's product on my MacBook Air.

It's not as if, every time I open Microsoft Word, Apple taps me on the shoulder and aggressively suggests I use Pages.

David Plummer is a retired Microsoft operating systems engineer, "going back to the MS-DOS and Windows 95 days." (He adds that in the early '90s he'd fixed a few handle leaks in the early source code of Linux, "and sent my changes off to Linus at Rutgers.")

This weekend on YouTube he shared his thoughts on "the classic confrontation: Windows versus Linux," promising an "epic operating systems face-off." Some highlights: On Usability: "Linux's itself lacks a proper user interface beyond the command line. That command line can be incredibly powerful, particularly if you're adept with Bash or Zsh or similar, but you can't really describe it as particularly usable. Of course most distributions do come with a desktop user interface of some kind if you prefer, but as a bit of a shell designer myself, if I might be so bold, they're generally pretty terrible. At least the Mint distribution looks pretty nice.

"Windows, on the other hand, includes by default a desktop shell interface that, if you set aside the entirely subjective design aesthetics, is professionally designed, usability tested and takes into consideration the varying levels of accessibility required by people with different limitations. In terms of usability, particularly if you do include accessibility in that metric, Windows comes out ahead..."

On Updates: "Windows users are well served by a dedicated Windows Update team at Microsoft, but the process has occasionally had its hiccups and growing pains. It's very easy to update a Linux system, and while there's no professional team sitting by the big red phone ready to respond to Day Zero exploits, the updates do come out with reasonable alacrity, and in some cases you can even update the kernel without rebooting.

"Keep in mind, however, that Linux is a monolithic kernel, which means that it's all one big happy kernel. Almost everything is in there. If they hadn't started to add that ability a few years back, you'd be rebooting for every driver install. The reality is that some parts of the Linux kernel are just going to require a reboot, just as some parts of the Windows system are going to as well. I think we can likely all agree, however, that Windows software is hardly selective about rebooting the system, and you're asked to do it far too often.

"While we're on the topic of upgrades, we can't overlook the fact that upgrades are generally free in the Open Source world, unless you're using a pre-built distribution from a vendor. To it's credit, though, I don't remember the last time Microsoft actually charged for an operating system upgrade if you were just a normal end user or enthusiast. Still, this point goes to Linux."
Plummer also says he agrees with the argument that open source software is more open to security exploits, "simply because, all else equal, it's easy to figure out where the bugs are to exploit in the first place," while proprietary software has professional test organizations hunting for bugs. "I think it's a bit of a fallacy to rely on the 'many eyeballs' approach..."

Yet he still ultimately concludes Linux is more secure simply because the vast universe of Windows makes it a much more attractive target. Especially since most Windows users retain full administrator privileges...

An anonymous reader quotes a report from Ars Technica: Microsoft has released a new version of source-code editor Visual Studio Code that runs natively on Apple Silicon Macs like the MacBook Air, MacBook Pro, and Mac mini models with Apple M1 chips. The change came in Visual Studio Code 1.54 (now 1.54.1, thanks to a bug fix update), which is available as a universal 64-bit binary, as is standard for apps with Apple Silicon support. That said, Microsoft also offers downloads for x86-64 and Arm64 versions specifically, if desired.

There are no differences in features between the two versions, of course. And the non-Apple Silicon version worked just fine on M1 Macs previously via Rosetta, but Microsoft says M1 users can expect a few optimizations with the new binaries: "We are happy to announce our first release of stable Apple Silicon builds this iteration. Users on Macs with M1 chips can now use VS Code without emulation with Rosetta, and will notice better performance and longer battery life when running VS Code. Thanks to the community for self-hosting with the Insiders build and reporting issues early in the iteration." Other key features in Visual Studio Code 1.54 include the ability to retain terminal processes on window reload, performance improvements in the Windows version, product icon themes, improvements when viewing Git history timeline entries, and various accessibility improvements.

Several new features are on the way to Microsoft Edge this month, including vertical tabs, startup boost, and modern Microsoft Bing search experiences. The new features were recently shown off by Microsoft in a recent blog post. Windows Central reports: First up is vertical tabs. This feature allows you to move the tabs from across the top of your browser over to the side. The feature lets you see more of your tabs at once. We recently saw the option to resize vertical tabs in Microsoft Edge Canary, but it is now rolling out to Dev too.

Next, are Microsoft's new Bing search experiences. Microsoft's new experiences help you see the information that you'd like without having to click around and fish through content as much. For example, when searching for a recipe, the new recipe experience will show ingredient lists, substitutions, and more information just by hovering over a search result. The experience will also play any video if you hover over a result. There are similar new experiences for other content, like DIY projects and gardening. Microsoft also announced improvements to how it aggregates information for topics you search.

Lastly, startup boost is a new feature that should cut down how long it takes Edge to launch after you reboot your PC. The feature will roll out this month, and Microsoft says that it will cut down launch times by between 29% -- 41%.

An anonymous reader quotes a report from ZDNet: Google has announced Flutter 2, a major upgrade to its framework for building user interfaces for mobile, the web and desktop. Flutter promises to allow developers to use the same codebase to build native apps for iOS, Android, Windows 10, macOS, and Linux and for the web on browsers including Chrome, Firefox, Safari or Edge. It can also be embedded in an IoT device with a screen, such as cars, TVs, and home appliances.

The move to Flutter 2 promises to benefit the over 150,000 Flutter Android apps already available on the Play Store. Every app will get a free upgrade with Flutter 2 allowing developers to target desktop and web without rewriting them. Google apps now built with Flutter include Google Pay, Stadia and Google Nest Hub among others. Flutter 2 also brings production quality support for the web, with a focus on progressive web apps (PWAs) that behave like desktop apps, single page apps, and mobile apps on the web. Google has added a new CanvasKit-powered rendering engine built with WebAssembly. For mobile web apps, in recent months it's added autofill, control over address bar URLs and routing, and PWA manifests.

For desktop browsers, it has added interactive scrollbars and keyboard shortcuts, increased the default content density in desktop modes, and added screen reader support for accessibility on Windows, macOS and ChromeOS. Google has been working with Ubuntu maker Canonical to bring Flutter to the desktop. Canonical will make Flutter the default choice for future desktop and mobile apps it creates. Microsoft is also releasing contributions to the Flutter engine that supports foldable Android devices, such as the Microsoft Surface Duo.

An anonymous reader quotes a report from Ars Technica: Bitflips are events that cause individual bits stored in an electronic device to flip, turning a 0 to a 1 or vice versa. Cosmic radiation and fluctuations in power or temperature are the most common naturally occurring causes. Research from 2010 estimated that a computer with 4GB of commodity RAM has a 96 percent chance of experiencing a bitflip within three days. An independent researcher recently demonstrated how bitflips can come back to bite Windows users when their PCs reach out to Microsoft's windows.com domain. Windows devices do this regularly to perform actions like making sure the time shown in the computer clock is accurate, connecting to Microsoft's cloud-based services, and recovering from crashes.

Remy, as the researcher asked to be referred to, mapped the 32 valid domain names that were one bitflip away from windows.com. Of the 32 bit-flipped values that were valid domain names, Remy found that 14 of them were still available for purchase. This was surprising because Microsoft and other companies normally buy these types of one-off domains to protect customers against phishing attacks. He bought them for $126 and set out to see what would happen.

Over the course of two weeks, Remy's server received 199,180 connections from 626 unique IP addresses that were trying to contact ntp.windows.com. By default, Windows machines will connect to this domain once per week to check that the time shown on the device clock is correct. What the researcher found next was even more surprising. "The NTP client for windows OS has no inherent verification of authenticity, so there is nothing stopping a malicious person from telling all these computers that it's after 03:14:07 on Tuesday, 19 January 2038 and wreaking unknown havoc as the memory storing the signed 32-bit integer for time overflows," he wrote in a post summarizing his findings. "As it turns out though, for ~30% of these computers doing that would make little to no difference at all to those users because their clock is already broken."

AmiMoJo shares a report: Last month, the Linux Mint team published a post on the organization's official blog about the importance of installing security updates on machines running the Linux distribution. The essence of the post was that a sizeable number of Linux Mint devices was running outdated applications, packages or even an outdated version of the operating system itself. A sizeable number of devices run on Linux Mint 17.x, according to the blog post, a version of Linux Mint that reached end of support in April 2019. A new blog post, published yesterday, provides information on how the team plans to reduce the update reluctance of Linux Mint users. Next to showing reminders to users, Linux Mint's Update Manager may enforce some of the updates according to the blog post.

"In some cases the Update Manager will be able to remind you to apply updates. In a few of them it might even insist." Upcoming versions will provide information on the implementation, how the "insisting" part may look like, and whether the installation of updates will be enforced. All of this boils down to a single question: how far should operating system developers go when it comes to updates? BetaNews adds: "And now, it seems the Linux Mint developers are taking a page out of Microsoft's playbook by planning to force some updates on its users. Yes, folks, Linux Mint is becoming more like Windows 10."

Catalin Cimpanu, reporting for The Record: A fully weaponized exploit for the Spectre CPU vulnerability was uploaded on the malware-scanning website VirusTotal last month, marking the first time a working exploit capable of doing actual damage has entered the public domain. The exploit was discovered by French security researcher Julien Voisin. It targets Spectre, a major vulnerability that was disclosed in January 2018. [...] The vulnerability, which won a Pwnie Award in 2018 for one of the best security bug discoveries of the year, was considered a milestone moment in the evolution and history of the modern CPU. Its discovery, along with the Meltdown bug, effectively forced CPU vendors to rethink their approach to designing processors, making it clear that they cannot focus on performance alone, to the detriment of data security. Software patches were released at the time, but the Meltdown and Spectre disclosures forced Intel to rethink its entire approach to CPU designs going forward.

At the time, the teams behind the Meltdown and Spectre bugs published their work in the form of research papers and some trivial proof-of-concept code to prove their attacks. Shortly after the Meltdown and Spectre publications, experts at AV-TEST, Fortinet, and Minerva Labs spotted a spike in VirusTotal uploads for both CPU bugs. While initially there was a fear that malware authors might be experimenting with the two bugs as a way to steal data from targeted systems, the exploits were classified as harmless variations of the public PoC code published by the Meltdown and Spectre researchers and no evidence was found of in-the-wild attacks. But today, Voisin said he discovered new Spectre exploits -- one for Windows and one for Linux -- different from the ones before. In particular, Voisin said he found a Linux Spectre exploit capable of dumping the contents of /etc/shadow, a Linux file that stores details on OS user accounts.

chicksdaddy writes: The Security Ledger reports that a flaw in Zoom's Keybase secure chat application left copies of images contained in secure communications on Keybase users' computers after they were supposedly deleted, according to researchers from the security research group Sakura Samurai.

The flaw in the encrypted messaging application, CVE-2021-23827 does not expose Keybase users to remote compromise. However, it could put their security, privacy and safety at risk, especially for users living under authoritarian regimes in which apps like Keybase and Signal are increasingly relied on as a way to conduct conversations out of earshot of law enforcement or security services. It comes as millions of users have flocked to apps like Keybase, Signal and Telegram in recent months.

Sakura Samurai researchers Aubrey Cottle, Robert Willis, and Jackson Henry discovered an unencrypted directory, /Cache, associated with the Keybase client that contained a comprehensive record of images from encrypted chat sessions. The application used a custom extension to name the files, but they were easily viewable directly or simply by changing the custom file extension to the PNG image format, researcher John Jackson told Security Ledger.

In a statement, a Zoom spokesman said that the company appreciates the work of the researchers and takes privacy and security "very seriously."

"We addressed the issue identified by the Sakura Samurai researchers on our Keybase platform in version 5.6.0 for Windows and macOS and version 5.6.1 for Linux. Users can help keep themselves secure by applying current updates or downloading the latest Keybase software with all current security updates," the spokesman said.

In most cases, the failure to remove files from cache after they were deleted would count as a "low priority" security flaw. However, in the context of an end-to-end encrypted communications application like Keybase, the failure takes on added weight, Jackson wrote.

Koreantoast writes: With the number of carjackings more than doubling in the city of Chicago during 2020, one lawmaker knows who to blame: the video game "Grand Theft Auto." According to Chicago ABC 7, Democratic State Representative Marcus Williams believes the video game is causing the rise in carjackings, stating that "Grand Theft Auto' and other violent video games are getting in the minds of our young people and perpetuating the normalcy of carjacking. Carjacking is not normal and carjacking must stop." He plans on introducing a bill to ban sales of the game in the state of Illinois.

Some are skeptical of Rep. Williams claims however. Columnist Joe Jurado of the Root points out that the franchise is hardly new and widely distributed, with the latest iteration, GTA V, released eight years ago and having sold 130 million copies. He adds that attempting to ban the game would be incredibly difficult writing, "Let me entertain this stupid-a** notion for a second. Say they're successful and get the game off store shelves in Illinois. What are you going to do about digital sales? You're telling me that the state of Illinois is willing to expend the time, money, and technical know-how to block the game off of PlayStation Network, Xbox Live, Epic Games, and the Rockstar storefront? I've worked for the state government, and I know damn well those Windows XP-using a**es ain't built for this life."

Microsoft is planning to add text predictions to Word in March. From a report: The new feature will work similarly to Google Docs' Smart Compose option, using machine learning to predict what words an author will need to speed up document creation. Microsoft originally announced a beta of text predictions last year, but it's now on the Microsoft 365 roadmap to reach all Word users on Windows next month. Word will highlight grayed-out predictions when users are writing a document, and the suggestions can be accepted using the Tab key or rejected by hitting Escape. Text predictions can also be completely disabled by Word users.

In a company blog post Thursday, Microsoft released more details about the new, flat-price version of its Office productivity software coming later this year. The company emphasized that while its main focus remains in its subscription offering, Microsoft 365, it will release the one-time purchase Office 2021 for those who aren't ready to move to the cloud. From a report: Office 2021 will arrive in two versions: one for commercial users, called Office LTSC (which stands for Long Term Servicing Channel), and one for personal use. Office LTSC will include enhanced accessibility features, performance improvements across Word, Excel and PowerPoint, and visual improvements, like dark mode support across apps. It's meant for specialty situations, as opposed to for an entire organization, such as process control devices on the manufacturing floor that are not connected to the internet. More details about pricing and new features for the commercial version and the personal version will be announced when Office 2021 is closer to general availability. Both will have both Windows and Mac versions, and will ship with the OneNote app. They will also ship both 32- and 64-bit versions, according to the post. Microsoft will support the software for five years, and said it does not plan to change the price at the time of release.

Microsoft has begun deploying this week KB4577586, a Windows update that permanently removes the Adobe Flash Player software from Windows devices. From a report: The update was formally announced last year at the end of October when Microsoft and other browser makers were preparing for the impending Flash end-of-life, scheduled for the end of 2020. According to a support document published at the time, the update was initially supposed to be optional. System administrators who wanted to remove Flash before the EOL date could access the Microsoft Update Catalog, download the KB4577586 packages, and remove Flash to avoid any security-related issues. But this week, multiple Windows 10 users reported that Microsoft is now forcibly installing KB4577586 on their devices and removing Flash support from the OS. While users might think this would cause issues for some enterprises, it actually does not. Last year, Adobe introduced a time bomb in the Flash Player code that prevents the Flash Player app from playing content after January 12.

New numbers show 2020 was the first year that Chromebooks outsold Macs, posting impressive market share gains at the expense of Windows. From a report: Computers powered by Google's Chrome OS have outsold Apple's computers in individual quarters before, but 2020 was the first full year that Chrome OS took second place. Microsoft's Windows still retained majority market share, but also took a big hit as both Chrome OS and macOS gained share. The milestone is based on numbers provided by IDC, which doesn't typically break out sales based on device operating system. But when we went looking to see how the pandemic may have impacted the PC market, IDC analyst Mike Shirer confirmed the findings to GeekWire. This is a big win for Google and a warning for both Apple and Microsoft. It also signals to app and game developers that Chrome OS can no longer be ignored. Frankly, any business that provides a product or service over the internet should be setting aside resources to ensure the Chrome OS experience is comparable to Windows and macOS.

LastPass is adding new restrictions to its free subscription tier starting March 16th that'll only allow users to view and manage passwords on one category of devices: mobile or computer. From a report: Mobile users will be limited to iOS and Android phones, iPads, Android tablets, and smartwatches. Computer subscribers will be able to use their passwords from Windows, macOS, and Linux desktops and laptops, the LastPass browser extension, and Windows tablets. Users on LastPass' free tier will be asked to pick between the two options the first time they log in after March 16th, and the company says they'll be able to switch between categories up to three times after they've picked. Although customers are restricted to a single category of devices on the free tier, they'll still be able view and manage passwords from an unlimited number of devices within either the mobile or computer category. LastPass says no users will be locked out of their accounts or lose access to their passwords as a result of the changes. As well as restricting its device types, LastPass is also changing the kinds of customer support free tier users will be able to access. From May 17th, free users will lose access to email support, the company announced.

An anonymous reader quotes a report from Ars Technica: The Florida water treatment facility whose computer system experienced a potentially hazardous computer breach last week used an unsupported version of Windows with no firewall and shared the same TeamViewer password among its employees, government officials have reported. The computer intrusion happened last Friday in Oldsmar, a Florida city of about 15,000 that's roughly 15 miles northwest of Tampa. After gaining remote access to a computer that controlled equipment inside the Oldsmar water treatment plant, the unknown intruder increased the amount of sodium hydroxide -- a caustic chemical better known as lye -- by a factor of 100. The tampering could have caused severe sickness or death had it not been for safeguards the city has in place.

According to an advisory from the state of Massachusetts, employees with the Oldsmar facility used a computer running Windows 7 to remotely access plant controls known as a SCADA -- short for "supervisory control and data acquisition" -- system. What's more, the computer had no firewall installed and used a password that was shared among employees for remotely logging into city systems with the TeamViewer application. [...] The revelations illustrate the lack of security rigor found inside many critical infrastructure environments. In January, Microsoft ended support for Windows 7, a move that ended security updates for the operating system. Windows 7 also provides fewer security protections than Windows 10. The lack of a firewall and a password that was the same for each employee are also signs that the department's security regimen wasn't as tight as it could have been.

If you're one of the few people still using a PC with an x86 processor more than 15 years old, here's another reason to upgrade: the devices will not work with future Chrome releases, starting with version 89 of the world's most popular browser. TechSpot reports: The Chromium development team announced that CPUs older than the Intel Core 2 Duo and AMD Athlon 64 would not work with Chrome 89 and future versions as they do not meet the new minimum instruction set requirement of SSE3 (Supplemental Streaming SIMD Extensions 3) support. So, if you are still sporting an Intel Atom or Celeron M CPU, you'll soon be counting Chrome as one of the many programs that are incompatible with your potato-like rig. The devices will no longer attempt to install the browser, while running it will result in the software crashing. It's noted that the change only affects Windows as Chrome OS, Android and, Mac already require SSE3 support.

New reader allquixotic writes: Since late January, most users running a pre-installed Lenovo image of Windows 10 has been bitten by a bug in Lenovo's System Update Service (SUService.exe) causing it to constantly occupy a CPU thread. This was noticed by many ThinkPad and IdeaPad users as an unexpected increase in fan noise, but many desktop users might not notice the problem. I'm submitting this story to Slashdot because Lenovo does not provide an official support venue for their software, and the problem has persisted for several weeks with no indication of a patch forthcoming. While this bug continues to persist, anyone with a preinstalled Lenovo image of Windows 10 will have greatly reduced battery life on a laptop, and greatly increased power consumption in any case. As a thought experiment, if this causes 1 million systems to increase their idle power consumption by 40 watts, this software bug is currently wasting 40 megawatts, or about 1/20th the output of a typical commercial power station. On my ThinkPad P15, this bug actually wastes 80 watts of power, so the indication is that 40 watts per system is a very conservative number.

Lenovo's official forums and unofficial reddit pages have seen several threads pop up since late January with confused users noticing the issue, but so far Lenovo is yet to issue an official statement. Users have recommended uninstalling the Lenovo System Update Service as a workaround, but that won't stop this power virus from eating up megawatts of power around the world for those who don't notice this power virus's impact on system performance.

It's been estimated that there are 24 million developers in the world. 14 million of them now use Microsoft's Visual Studio Code (VS Code) as their IDE, reports ZDNet, with five million new users arriving in 2020.

Julia Liuson, corporate vice president of Microsoft's developer division, tells them why: "The strategy for VS Code is really to support our any, any, any strategy. You can be a developer working with any programming language, working on any operating system and develop any kind of software." VS Code runs on macOS, Windows 10, and multiple distributions of Linux, it supports Arm64 on Linux, and runs on Raspberry Pi and Chromebooks. It's also available in preview form
Part of VS Code's popularity is the breadth of language extensions for C++, C#, Python and various Python libraries for data scientists, Java, and JavaScript/Typescript... "We have almost two million Python developers using VS Code and well over a million C++ developers using VS Code," said Liuson. "And even our Java usage is approaching one million...."

Liuson also talked about Microsoft's inner source approach to software development. The company doubled down on inner source in 2019, and recently highlighted its inner-source approach as a factor that mitigated the threat of the SolarWinds hackers accessing its source code. Microsoft didn't make up the term inner source and the approach means taking open-source development practices and applying them inside a single organization. GitHub and GitHub's Enterprise Server fits snuggly with this approach to help organizations collaborate but do so in private.

"Inner source means if you have private IP, but you're inviting other teams within the company to collaborate with you. That's the fundamental difference between open source and inner source. Today, it's very common in large enterprise..."