Slashdot Mirror

On Tuesday, Microsoft expressed its intent to bid on the Joint Enterprise Defense Infrastructure (JEDI) contract -- a contract that represents a $10 billion project to build cloud services for the Department of Defense. The contract is massive in scope and shrouded in secrecy, which makes it nearly impossible to know what technologies Microsoft would be building for the Department of Defense. At an industry day for JEDI, DoD Chief Management Officer John H. Gibson II explained the program's impact, saying, "We need to be very clear. This program is truly about increasing the lethality of our department." This has ruffled a few feathers inside the Redmond-based software giant. In an open letter published Saturday, an unspecified number of Microsoft employees stated their disapproval. They wrote: Many Microsoft employees don't believe that what we build should be used for waging war. When we decided to work at Microsoft, we were doing so in the hopes of "empowering every person on the planet to achieve more," not with the intent of ending lives and enhancing lethality. For those who say that another company will simply pick up JEDI where Microsoft leaves it, we would ask workers at that company to do the same. A race to the bottom is not an ethical position. Like those who took action at Google, Salesforce, and Amazon, we ask all employees of tech companies to ask how your work will be used, where it will be applied, and act according to your principles.

We need to put JEDI in perspective. This is a secretive $10 billion project with the ambition of building "a more lethal" military force overseen by the Trump Administration. The Google workers who protested these collaborations and forced the company to take action saw this. We do too. So we ask, what are Microsoft's A.I. Principles, especially regarding the violent application of powerful A.I. technology? How will workers, who build and maintain these services in the first place, know whether our work is being used to aid profiling, surveillance, or killing? Earlier this year Microsoft published "The Future Computed," examining the applications and potential dangers of A.I. It argues that strong ethical principles are necessary for the development of A.I. that will benefit people, and defines six core principles: "fair, reliable and safe, private and secure, inclusive, transparent, and accountable."

With JEDI, Microsoft executives are on track to betray these principles in exchange for short-term profits. If Microsoft is to be accountable for the products and services it makes, we need clear ethical guidelines and meaningful accountability governing how we determine which uses of our technology are acceptable, and which are off the table. Microsoft has already acknowledged the dangers of the tech it builds, even calling on the federal government to regulate A.I. technologies. But there is no law preventing the company from exercising its own internal scrutiny and standing by its own ethical compass. Further reading: Google Drops Out of Pentagon's $10 Billion Cloud Competition.

Microsoft has unveiled "Project xCloud," its new game streaming service designed to work across consoles, PCs, and mobile devices. "Scaling and building out Project xCloud is a multi-year journey for us," explains Microsoft's cloud gaming chief Kareem Choudhry in a blog post. "We'll begin public trials in 2019 so we can learn and scale with different volumes and locations." The Verge reports: Microsoft has built custom hardware for its datacenters, as The Verge previously exclusively reported, so that existing and future Xbox games will be compatible with the services. Games will be streamed to devices, and Microsoft has been testing the xCloud service with Xbox wireless controllers connected to consoles, mobile devices, and PCs. Microsoft says its research teams are "creating ways to combat latency" via advanced network techniques combined with video encoding and decoding. This should make game streaming viable on 4G networks, too.

An anonymous reader writes: This October will see the fifth annual Hacktoberfest, "a month-long celebration of open source software run by DigitalOcean in partnership with GitHub and Twilio." Basically you sign up any time in October, then submit five quality pull requests to public GitHub repositories to win a t-shirt and stickers. (Issues and commits don't count, only pull requests created after October 1st -- but pull requests will still count even if they're not accepted or merged, "unless they are spam, irrelevant, or tagged as invalid.") "No contribution is too small -- bug fixes and documentation updates are valid ways of participating."
Here's Microsoft's own announcement about the event from their Open Source blog: We're excited to announce that we're participating in this year's Hacktoberfest! An annual celebration of all things open source, Hacktoberfest launched as a partnership between DigitalOcean and GitHub in 2014 and rallies a global community of contributors, with last year's event drawing more than 30K participants and nearly 240K pull requests.

This October, we'll recognize anyone who submits a pull request to one of our open source projects with a special limited-edition T-shirt (more details below)... Our projects span nearly all areas of computing, from developer tools and frameworks like .NET Core, Microsoft Cognitive Toolkit, Visual Studio Code, and Visual Studio Tools for Xamarin to Kubernetes tooling like Draft and the Service Fabric container orchestrator. Any contributions are welcome, so explore our GitHub repos, find something that interests you, and submit your first (or 100th) pull request.
Microsoft's t-shirt design includes a cameo appearance by.... Clippy, Microsoft's widely beloved default assistant for Office 2000/XP/2003.

An anonymous reader writes: This October will see the fifth annual Hacktoberfest, "a month-long celebration of open source software run by DigitalOcean in partnership with GitHub and Twilio." Basically you sign up any time in October, then submit five quality pull requests to public GitHub repositories to win a t-shirt and stickers. (Issues and commits don't count, only pull requests created after October 1st -- but pull requests will still count even if they're not accepted or merged, "unless they are spam, irrelevant, or tagged as invalid.") "No contribution is too small -- bug fixes and documentation updates are valid ways of participating."
Here's Microsoft's own announcement about the event from their Open Source blog: We're excited to announce that we're participating in this year's Hacktoberfest! An annual celebration of all things open source, Hacktoberfest launched as a partnership between DigitalOcean and GitHub in 2014 and rallies a global community of contributors, with last year's event drawing more than 30K participants and nearly 240K pull requests.

This October, we'll recognize anyone who submits a pull request to one of our open source projects with a special limited-edition T-shirt (more details below)... Our projects span nearly all areas of computing, from developer tools and frameworks like .NET Core, Microsoft Cognitive Toolkit, Visual Studio Code, and Visual Studio Tools for Xamarin to Kubernetes tooling like Draft and the Service Fabric container orchestrator. Any contributions are welcome, so explore our GitHub repos, find something that interests you, and submit your first (or 100th) pull request.
Microsoft's t-shirt design includes a cameo appearance by.... Clippy, Microsoft's widely beloved default assistant for Office 2000/XP/2003.

Microsoft unveiled a bunch of new hardware during a press event last night, but one of the most interesting announcements the company made was their new "Your Phone" app for Windows 10. Basically, the feature will let Android users mirror any app on their device to a Windows 10 desktop. The Verge's Tom Warren writes about how Microsoft is embracing Android as the mobile version of Windows: We've seen a variety of ways of bringing Android apps to Windows in recent years, including Bluestacks and even Dell's Mobile Connect software. This app mirroring is certainly easier to do with Android, as it's less restricted than iOS. Still, Microsoft's welcoming embrace of Android in Windows 10 with this app mirroring is just the latest in a number of steps the company has taken recently to really help align Android as the mobile equivalent of Windows.

Microsoft Launcher is designed to replace the default Google experience on Android phones, and bring Microsoft's own services and Office connectivity to the home screen. It's a popular launcher that Microsoft keeps updating, and it's even getting support for the Windows 10 Timeline feature that lets you resume apps and sites across devices. All of this just reminds me of Windows Phone. It's only been three years since Microsoft launched its Lumia 950 Windows 10 Mobile device at a packed holiday hardware event. Windows Phone has vanished in the last couple of years, and Microsoft finally admitted Windows Phone was dead nearly a year ago. The software maker has now embraced the reality that people don't need Windows on a phone. Instead, it's embracing Android as the mobile version of Windows.

An anonymous reader quotes Microsoft's Developer blog: In March 2014, Microsoft released the source code to MS-DOS 1.25 and 2.0 via the Computer History Museum. The announcement also contains a brief history of how MS-DOS came to be for those new to the subject, and ends with many links to related articles and resources for those interested in learning more. Today, we're re-open-sourcing MS-DOS on GitHub. Why? Because it's much easier to find, read, and refer to MS-DOS source files if they're in a GitHub repo than in the original downloadable compressed archive file.... Enjoy exploring the initial foundations of a family of operating systems that helped fuel the explosion of computer technology that we all rely upon for so much of our modern lives!
While non-source modifications are welcome, "The source will be kept static," reads a note on the GitHub repo, "so please don't send Pull Requests suggesting any modifications to the source files."

"But feel free to fork this repo and experiment!"

theodp writes: Last fall, Microsoft and the Green Bay Packers announced a $10 million partnership to build TitletownTech, "an innovation center focused on developing and advancing scalable, technology-enabled ventures," which aims to bring an economic boost to the area near Lambeau Field (Microsoft President Brad Smith hails from the region). Unfortunately for them, they failed to secure their venture's namesake domain name ahead of time. GeekWire reports on the fate of a Wisconsin family that was sitting on the coveted titletowntech.com domain name and offered to give it up in exchange for $750,000 cash, 8 lifetime Packers season tickets, 2 parking passes, and 8 Microsoft Surface Pro tablets (with lifetime MS-Office licenses). The family said the admittedly-ridiculous demand wasn't meant to be taken seriously but was intended to send a message after they received a suspicious $5,000 buyout offer from an anonymous "service" that the Packers engaged to try to recover the fumbled domain. Not amused, Green Bay Packers, Inc. flexed its legal muscle, filing a domain dispute complaint with the World Intellectual Property Organization (WIPO), which ordered the disputed domain name to be transferred to the team shortly after the USPTO issued a Notice of Allowance to the NFL team for a trademark on TitletownTech, leaving the Wisconsin family with zilch. And so the old titletowntech.com ("TitleTown Tech Solutions") was just a bad memory by the time Microsoft returned to Green Bay last week to give an update on the joint venture, including the news that Microsoft will play a key role in the leadership team at TitletownTech, which will also house its TEALS program employees. [...] And as for the domain name, the NFL franchise with more titles than any other team ultimately did what it has done for years -- win.

At its Ignite 2018 conference, Microsoft said that Windows 10 has been installed on over 700 million active devices. Neowin reports of the confusion around this estimate, noting that "the last milestone was 600 million active devices" announced on November 29, 2017, nearly 10 months ago. From the report: If you follow Windows 10 news, this might not even seem like a major development. That's because the firm's communication around this has been wildly inconsistent. It started off when Windows and Devices chief Terry Myerson announced that he's leaving Microsoft, and he wrote in a farewell letter that Windows 10 is installed on nearly 700 million active devices. That was almost six months ago. At the firm's Build conference in May and at the Insider Dev Tour in July, Microsoft announced that Windows 10 is installed on over 700 million devices, only to retract those statements later on and say they were mistakes. But today after almost six months of "nearly 700 million", Windows 10 is officially installed on over 700 million devices.

An anonymous reader quotes a report from ZDNet: On Sept. 24, Microsoft announced what it's calling the Windows Virtual Desktop (WMD). WVD will allow users to virtualize Windows 7 and 10, Office 365 ProPlus apps and other third-party applications by running them remotely in Azure virtual machines. Using WMD, customers will be able to provide remote desktop sessions with multiple users logged into the same Windows 10 or Windows Server virtual machine. They also can opt to virtualize the full desktop or individual Microsoft Store and/or line-of-business applications. The WMD service also supports full VDI with Windows 10 and Windows 7, Microsoft officials told Ars Technica. (Those wanting to virtualize Windows 7 after Microsoft support ends in January 2020 will be able to do so for three years without paying for Extended Security Updates.)

Licenses for WVD will be provided for no additional cost as part of Windows Enterprise and Education E3 and E5 subscriptions. The aforementioned Windows 10 Enterprise for Virtual Desktops edition won't be released as a separate version of Windows 10 at all. That name is just for licensing purposes, officials said. Microsoft officials said a public preview of WVD will be available later this year, and those interested can request notification of the preview's availability. To use WVD, users need an Azure subscription and will be charged for the storage and compute their virtual machines use. Microsoft also plans to offer WVD via Microsoft Cloud Solution Providers and is working with third parties like Citrix to build on top of WVD, officials said.

An anonymous reader quotes a report from ZDNet: On Sept. 24, Microsoft announced what it's calling the Windows Virtual Desktop (WMD). WVD will allow users to virtualize Windows 7 and 10, Office 365 ProPlus apps and other third-party applications by running them remotely in Azure virtual machines. Using WMD, customers will be able to provide remote desktop sessions with multiple users logged into the same Windows 10 or Windows Server virtual machine. They also can opt to virtualize the full desktop or individual Microsoft Store and/or line-of-business applications. The WMD service also supports full VDI with Windows 10 and Windows 7, Microsoft officials told Ars Technica. (Those wanting to virtualize Windows 7 after Microsoft support ends in January 2020 will be able to do so for three years without paying for Extended Security Updates.)

Licenses for WVD will be provided for no additional cost as part of Windows Enterprise and Education E3 and E5 subscriptions. The aforementioned Windows 10 Enterprise for Virtual Desktops edition won't be released as a separate version of Windows 10 at all. That name is just for licensing purposes, officials said. Microsoft officials said a public preview of WVD will be available later this year, and those interested can request notification of the preview's availability. To use WVD, users need an Azure subscription and will be charged for the storage and compute their virtual machines use. Microsoft also plans to offer WVD via Microsoft Cloud Solution Providers and is working with third parties like Citrix to build on top of WVD, officials said.

An anonymous reader quotes a report from ZDNet: On Sept. 24, Microsoft announced what it's calling the Windows Virtual Desktop (WMD). WVD will allow users to virtualize Windows 7 and 10, Office 365 ProPlus apps and other third-party applications by running them remotely in Azure virtual machines. Using WMD, customers will be able to provide remote desktop sessions with multiple users logged into the same Windows 10 or Windows Server virtual machine. They also can opt to virtualize the full desktop or individual Microsoft Store and/or line-of-business applications. The WMD service also supports full VDI with Windows 10 and Windows 7, Microsoft officials told Ars Technica. (Those wanting to virtualize Windows 7 after Microsoft support ends in January 2020 will be able to do so for three years without paying for Extended Security Updates.)

Licenses for WVD will be provided for no additional cost as part of Windows Enterprise and Education E3 and E5 subscriptions. The aforementioned Windows 10 Enterprise for Virtual Desktops edition won't be released as a separate version of Windows 10 at all. That name is just for licensing purposes, officials said. Microsoft officials said a public preview of WVD will be available later this year, and those interested can request notification of the preview's availability. To use WVD, users need an Azure subscription and will be charged for the storage and compute their virtual machines use. Microsoft also plans to offer WVD via Microsoft Cloud Solution Providers and is working with third parties like Citrix to build on top of WVD, officials said.

An anonymous reader quotes MSPowerUser: Nearly every Linux distro is already available in the Microsoft Store, allowing developers to use Linux scripting and other tools running on the Windows Subsystem for Linux (WSL). Now another distro has popped up in the Store, and unlike the others it claims to be specifically optimised for WSL, meaning a smaller and more appropriate package with sane defaults which helps developers get up and running faster.

WLinux is based on Debian, and the developer, Whitewater Foundry, claims their custom distro will also allow faster patching of security and compatibility issues that appear from time to time between upstream distros and WSL... Popular development tools, including git and python3, are pre-installed. Additional packages can be easily installed via the apt package management system... A handful of unnecessary packages, such as systemd, have been removed to improve stability and security.
The distro also offers out of the box support for GUI apps with your choice of X client, according to the original submission.

WLinux is open source under the MIT license, and is available for free on GitHub. It can also be downloaded from Microsoft Store at a 50% discount, with the development company promising the revenue will be invested back into new features.

A file named WaitList.dat, found only on touchscreen-capable Windows PCs, may be collecting your sensitive data like passwords and emails. According to ZDNet, in order for the file to exist users have to enable "the handwriting recognition feature that automatically translates stylus/touchscreen scribbles into formatted text." From the report: The handwriting to formatted text conversion feature has been added in Windows 8, which means the WaitList.dat file has been around for years. The role of this file is to store text to help Windows improve its handwriting recognition feature, in order to recognize and suggest corrections or words a user is using more often than others. "In my testing, population of WaitList.dat commences after you begin using handwriting gestures," [Digital Forensics and Incident Response expert Barnaby Skeggs] told ZDNet in an interview. "This 'flicks the switch' (registry key) to turn the text harvester functionality (which generates WaitList.dat) on." "Once it is on, text from every document and email which is indexed by the Windows Search Indexer service is stored in WaitList.dat. Not just the files interacted via the touchscreen writing feature," Skeggs says.

Since the Windows Search Indexer service powers the system-wide Windows Search functionality, this means data from all text-based files found on a computer, such as emails or Office documents, is gathered inside the WaitList.dat file. This doesn't include only metadata, but the actual document's text. "The user doesn't even have to open the file/email, so long as there is a copy of the file on disk, and the file's format is supported by the Microsoft Search Indexer service," Skeggs told ZDNet. "On my PC, and in my many test cases, WaitList.dat contained a text extract of every document or email file on the system, even if the source file had since been deleted," the researcher added. Furthermore, Skeggs says WaitList.dat can be used to recover text from deleted documents.

Liam Tung reporting for ZDNet: Ubuntu maintainer Canonical and Microsoft have teamed up to release an optimized Ubuntu Desktop image that's available through Microsoft's Hyper-V gallery. The Ubuntu Desktop image should deliver a better experience when running it as a guest on a Windows 10 Pro host, according to Canonical. The optimized version is Ubuntu Desktop 18.04.1 LTS release, also known as Bionic Beaver. Microsoft's work with Canonical was prompted by its users who wanted a "first-class experience" on Linux virtual machines (VMs) as well as Windows VMs. To achieve this goal, Microsoft worked with the developers of XRDP, an open-source remote-desktop protocol (RDP) for Linux based on Microsoft's RDP for Windows. Thanks to that work, XRDP now supports Microsoft's Enhanced Session Mode, which allows Hyper-V to use the open-source implementation of RDP to connect to Linux VMs. This in turn gives Ubuntu VMs on Windows hosts a better mouse experience, an integrated clipboard, windows resizing, and shared folders for easier file transfers between host and guest. Microsoft's Hyper-V Quick Create VM setup wizard should also help improve the experience. "With the Hyper-V Quick Create feature added in the Windows 10 Fall Creators Update, we have partnered with Ubuntu and added a virtual machine image so in a few quick minutes, you'll be up and developing," said Clint Rutkas, a senior technical product manager on Microsoft's Windows Developer Team. "This is available now -- just type 'Hyper-V Quick Create' in your start menu."

The next update to Windows 10, due to be released in October, will be smarter about how it frees up disk space and cleans up temporary files. Ars Technica reports: As part of its Storage Sense feature, Windows will be able to automatically remove the local copies of OneDrive files (unless they've been set as always available offline). The operating system will determine which files to remove based on when they were opened: files used more recently than a certain number of days will be retained locally, while those that haven't been used will be replaced with placeholders. The system will remove files until the operating system reckons it has enough free space for normal operation.

Storage Sense will also be able to remove temporary or otherwise unneeded files such as system logs and image thumbnails. It will also be able to remove old files from the download directory. The temporary-file cleanup (which can also remove certain cache files, driver packages, old anti-virus definitions, and more) was previously handled by the Disk Cleanup tool. That tool is now deprecated, as Storage Sense does everything it used to do and more. Storage Sense can perform its cleanup process periodically (every day, week, or month) or automatically whenever the system is low on disk space.

The next update to Windows 10, due to be released in October, will be smarter about how it frees up disk space and cleans up temporary files. Ars Technica reports: As part of its Storage Sense feature, Windows will be able to automatically remove the local copies of OneDrive files (unless they've been set as always available offline). The operating system will determine which files to remove based on when they were opened: files used more recently than a certain number of days will be retained locally, while those that haven't been used will be replaced with placeholders. The system will remove files until the operating system reckons it has enough free space for normal operation.

Storage Sense will also be able to remove temporary or otherwise unneeded files such as system logs and image thumbnails. It will also be able to remove old files from the download directory. The temporary-file cleanup (which can also remove certain cache files, driver packages, old anti-virus definitions, and more) was previously handled by the Disk Cleanup tool. That tool is now deprecated, as Storage Sense does everything it used to do and more. Storage Sense can perform its cleanup process periodically (every day, week, or month) or automatically whenever the system is low on disk space.

Microsoft Research has pre-published a new paper to be presented at the IEEE Cybersecurity Development Conference 2018 describing their progress on Checked C, "an extension to C designed to support spatial safety, implemented in Clang and LLVM."

From "Checked C: Making C Safe By Extension": Checked C's design is distinguished by its focus on backward-compatibility, incremental conversion, developer control, and enabling highly performant code... Any part of a program may contain, and benefit from, checked pointers. Such pointers are binary-compatible with legacy, unchecked pointers but have explicitly annotated and enforced bounds. Code units annotated as checked regions provide guaranteed safety: The code within may not use unchecked pointers or unsafe casts that could result in spatial safety violations.

Checked C's bounds-safe interfaces provide checked types to unchecked code, which is useful for retrofitting third party and standard libraries. Together, these features permit incrementally adding safety to a legacy program, rather than making it an all-or-nothing proposition. Our implementation of Checked C as an LLVM extension enjoys good performance, with relatively low run-time and compilation overheads. It is freely available at https://github.com/Microsoft/checkedc and continues to be actively developed.
The extension is enabled as a flag passed to Clang -- the average run-time overhead introduced by adding dynamic checks was 8.6%, though in more than half of the benchmarks the overhead was less than 1%. They also note that from 2012 to 2018, buffer overruns were the leading single cause of CVEs.

Microsoft Research says they're now evaluating Checked C, formalizing a proof of its safety guarantee -- and developing a tool to semi-automatically rewrite legacy C programs.

Microsoft Research has pre-published a new paper to be presented at the IEEE Cybersecurity Development Conference 2018 describing their progress on Checked C, "an extension to C designed to support spatial safety, implemented in Clang and LLVM."

From "Checked C: Making C Safe By Extension": Checked C's design is distinguished by its focus on backward-compatibility, incremental conversion, developer control, and enabling highly performant code... Any part of a program may contain, and benefit from, checked pointers. Such pointers are binary-compatible with legacy, unchecked pointers but have explicitly annotated and enforced bounds. Code units annotated as checked regions provide guaranteed safety: The code within may not use unchecked pointers or unsafe casts that could result in spatial safety violations.

Checked C's bounds-safe interfaces provide checked types to unchecked code, which is useful for retrofitting third party and standard libraries. Together, these features permit incrementally adding safety to a legacy program, rather than making it an all-or-nothing proposition. Our implementation of Checked C as an LLVM extension enjoys good performance, with relatively low run-time and compilation overheads. It is freely available at https://github.com/Microsoft/checkedc and continues to be actively developed.
The extension is enabled as a flag passed to Clang -- the average run-time overhead introduced by adding dynamic checks was 8.6%, though in more than half of the benchmarks the overhead was less than 1%. They also note that from 2012 to 2018, buffer overruns were the leading single cause of CVEs.

Microsoft Research says they're now evaluating Checked C, formalizing a proof of its safety guarantee -- and developing a tool to semi-automatically rewrite legacy C programs.

New submitter courcoul alerted us to Azure outage, which is affecting several customers in many parts of the world: Some Microsoft Azure customers with workloads running in its South Central US data center are having big problems coming back from the holiday weekend Tuesday, after shutdown procedures were initiated following a spike in temperature inside one of its facilities. Around 230am Pacific Time, Microsoft identified problems with the cooling systems in one part of its Texas data center complex, which caused a spike in temperature and forced it to shut down equipment in order to prevent a more catastrophic failure, according to the Azure status page. These issues have also caused cascading effects for some Microsoft Office 365 users as well as those who rely on Microsoft Active Directory to log into their accounts. The cooling system is the most critical part of a modern data center, given the intense heat produced by thousands of servers cranking away in an enclosed area. More resources: The official status page of Azure; and third-party web tracking tool DownDetector's assessment. Further reading: Microsoft Azure suffers outage after cooling issue.

Long time reader theodp writes: According to a Microsoft-commissioned survey, 50% of parents in the U.S. with children aged 18 and under believed coding and computer programming to be the most beneficial subject to their child's future employability ("compared to foreign language skills at 28%"). From the Microsoft Education blog post: "When asked about the technology industry's involvement, 75 percent of parents said they believe big tech companies should be involved in helping schools build kids' digital skills. Many companies, including Microsoft and organizations like Code.org, are working to do just that. Programs like TEALS, which is supported by Microsoft Philanthropies, pairs trained Computer Science professionals from across the technology industry with classroom teachers to team-teach the subject." In 2016, Microsoft partnered with Rhode Island Gov. Gina Raimondo to help bring computer science education to every public K-12 school across the state, an initiative that Raimondo is now touting in her 2018 bid for re-election (political ad).

Long time reader theodp writes: According to a Microsoft-commissioned survey, 50% of parents in the U.S. with children aged 18 and under believed coding and computer programming to be the most beneficial subject to their child's future employability ("compared to foreign language skills at 28%"). From the Microsoft Education blog post: "When asked about the technology industry's involvement, 75 percent of parents said they believe big tech companies should be involved in helping schools build kids' digital skills. Many companies, including Microsoft and organizations like Code.org, are working to do just that. Programs like TEALS, which is supported by Microsoft Philanthropies, pairs trained Computer Science professionals from across the technology industry with classroom teachers to team-teach the subject." In 2016, Microsoft partnered with Rhode Island Gov. Gina Raimondo to help bring computer science education to every public K-12 school across the state, an initiative that Raimondo is now touting in her 2018 bid for re-election (political ad).

Starting October 2nd, Office 365 Home users will no longer be restricted to 10 devices across five users and Personal subscribers will no longer have a limit of one computer and one tablet. The catch is that you can only stay signed in on five devices at once. Engadget reports: Meanwhile, Home users can let another person use the productivity suite through their account, with Microsoft bumping up the number of licenses per subscriber from five to six. Each user has access to Word, Excel, PowerPoint, Outlook and OneNote, along with 1TB of individual storage. Microsoft is also integrating Home subscriptions with its family service, so you can automatically share your Office 365 plan with people you've set up as family members. Elsewhere, you'll manage your subscription from within your Microsoft account settings from now on.

Google is planning to open a 14,000 square-foot retail store in Chicago's Fulton Market district, according to local media reports from Crain's Chicago Business and Chicago Tribune. While Google has opened pop-up stores in the past, this would be its first permanent location. Ad Age reports: In 2015, Google abandoned plans to open a store in New York City, after spending $6 million renovating the 131 Greene St. location, Crain's New York Business reported at the time. The Chicago store would give Google a bricks-and-mortar location to show off its expanding line of products, including Pixel phones, Daydream VR headsets, Nest products and more. The location Google is eyeing in Chicago is just a few blocks from Google's Midwest headquarters. The Fulton Market neighborhood, part of Chicago's West Loop, is formerly a meatpacking district. It has been transformed in recent years and is now home to some of Chicago's hottest restaurants. The report notes that there's still a future in brick-and-mortar locations, citing Amazon's interest in Whole Foods and the fact that retail stores have been a key part of Apple's strategy. Microsoft operates stores in 35 states.

An anonymous reader quotes a report fro Motherboard: In June, Microsoft announced that it had placed a self-sufficient, waterproof data center off the coast of the Orkney Islands in Scotland. The data center, loaded with 864 servers capable of handling 27.6 petabytes of data, represented the culmination of nearly four years of research and development on the project, codenamed Natick. The underwater data center is the first of its kind. It's a proof of concept that aims to cut down on one of the biggest costs of running a data center on land -- cooling -- and can be rapidly deployed anywhere in the world. Due to the experimental nature of the project, however, Microsoft needed to keep a close eye on its pilot project. In order to monitor the environmental conditions around the tank, it placed two cameras nearby that livestream from the bottom of the ocean 24/7.

Microsoft released version 3.0 of TypeScript, which Microsoft describes as an "extension" of JavaScript "that aims to bring static types to modern JavaScript." Quoting Microsoft's Developer Tools blog: The TypeScript compiler reads in TypeScript code, which has things like type declarations and type annotations, and emits clean readable JavaScript with those constructs transformed and removed. That code runs in any ECMAScript runtime like your favorite browsers and Node.js. At its core, this experience means analyzing your code to catch things like bugs and typos before your users run into them; but it brings more than that. Thanks to all that information and analysis TypeScript can provide a better authoring experience, providing code completion and navigation features like Find all References, Go to Definition, and Rename in your favorite editor.
Neowin reports: With any major version release, it is not unexpected for breaking changes to be introduced and that's certainly the case for TypeScript 3.0. One obvious change is that with "unknown" becoming a new type, it is now a reserved type name and can no longer be used in type declarations. Otherwise, there's a range of API breaking changes due to a number of functions and internal methods being deprecated or being made internal.
On the plus side, TypeScript 3.0 reportedly has improved error messages, along with project references that let TypeScript projects have dependencies on other TypeScript projects.

Microsoft released version 3.0 of TypeScript, which Microsoft describes as an "extension" of JavaScript "that aims to bring static types to modern JavaScript." Quoting Microsoft's Developer Tools blog: The TypeScript compiler reads in TypeScript code, which has things like type declarations and type annotations, and emits clean readable JavaScript with those constructs transformed and removed. That code runs in any ECMAScript runtime like your favorite browsers and Node.js. At its core, this experience means analyzing your code to catch things like bugs and typos before your users run into them; but it brings more than that. Thanks to all that information and analysis TypeScript can provide a better authoring experience, providing code completion and navigation features like Find all References, Go to Definition, and Rename in your favorite editor.
Neowin reports: With any major version release, it is not unexpected for breaking changes to be introduced and that's certainly the case for TypeScript 3.0. One obvious change is that with "unknown" becoming a new type, it is now a reserved type name and can no longer be used in type declarations. Otherwise, there's a range of API breaking changes due to a number of functions and internal methods being deprecated or being made internal.
On the plus side, TypeScript 3.0 reportedly has improved error messages, along with project references that let TypeScript projects have dependencies on other TypeScript projects.

MightyMartian shares a report from The Guardian: On April 30, 2019, Emperor Akihito of Japan is expected to abdicate the chrysanthemum throne. The decision was announced in December 2017 so as to ensure an orderly transition to Akihito's son, Naruhito, but the coronation could cause concerns in an unlikely place: the technology sector. The Japanese calendar counts up from the coronation of a new emperor, using not the name of the emperor, but the name of the era they herald. Akihito's coronation in January 1989 marked the beginning of the Heisei era, and the end of the Shwa era that preceded him; and Naruhito's coronation will itself mark another new era. But that brings problems. For one, Akihito has been on the throne for almost the entirety of the information age, meaning that many systems have never had to deal with a switchover in era. For another, the official name of Naruhito's era has yet to be announced, causing concern for diary publishers, calendar printers and international standards bodies. It's why some are calling it "Japan's Y2K problem." "The magnitude of this event on computing systems using the Japanese Calendar may be similar to the Y2K event with the Gregorian Calendar," said Microsoft's Shawn Steele. "For the Y2K event, there was world-wide recognition of the upcoming change, resulting in governments and software vendors beginning to work on solutions for that problem several years before January 1, 2000. Even with that preparation many organizations encountered problems due to the millennial transition. Fortunately, this is a rare event, however it means that most software has not been tested to ensure that it will behave with an additional era."

Unicode's Ken Whistler wrote in a message earlier this month: "The [Unicode Technical Committee] cannot afford to make any mistakes here, nor can it just *guess* and release the code point early. All of this is pointing directly to the necessity of issuing a Unicode 12.1 release sharply on the heels of Unicode 12.0, incorporating the addition of the new Japanese era name character, which all vendors will be under great pressure to immediately support in 2019 software releases."

BrianFagioli shares a report from BetaNews: Microsoft seems eager to get programmers on the quantum bandwagon, as today, it launched the open-source Quantum Katas on GitHub. What exactly is it? It is essentially a project deigned to teach Q# programming for free. "For those who want to explore quantum computing and learn the Q# programming language at their own pace, we have created the Quantum Katas -- an open-source project containing a series of programming exercises that provide immediate feedback as you progress," says The Microsoft Quantum Team. "Coding katas are great tools for learning a programming language. They rely on several simple learning principles: active learning, incremental complexity growth, and feedback."

The team further says, "The Microsoft Quantum Katas are a series of self-paced tutorials aimed at teaching elements of quantum computing and Q# programming at the same time. Each kata offers a sequence of tasks on a certain quantum computing topic, progressing from simple to challenging. Each task requires you to fill in some code; the first task might require just one line, and the last one might require a sizable fragment of code. A testing framework validates your solutions, providing real-time feedback." You can view the project on GitHub here.

Mehedi Hassan, writing for Thurrott: Microsoft is bringing support for leap seconds -- yes, that one extra second -- to Windows, starting with Windows 10 Redstone 5 and Windows Server 2019. With the upcoming updates for Windows 10, Microsoft's operating system now deals with leap seconds in a way that is incredibly accurate, UTC-compliant, and traceable. Leap seconds typically occur every 18 months, resulting in one extra second. The extra leap second occurs to adjust with the earth's slowed down rotation, and an extra second is added to UTC in order to keep it in-sync with mean solar time. To deal with the extra second more appropriately, Windows 10 will now display that extra second, instead of directly jumping to the next one. H/T Perfycat who adds: The new move makes Windows Server the first OS to have full support of the rare but valid timestamp of: 23:59:60. Linus Torvalds has long maintained that users needs to chill out about leap seconds. Further reading: Microsoft's blog post 1, and blog post 2.

Mehedi Hassan, writing for Thurrott: Microsoft is bringing support for leap seconds -- yes, that one extra second -- to Windows, starting with Windows 10 Redstone 5 and Windows Server 2019. With the upcoming updates for Windows 10, Microsoft's operating system now deals with leap seconds in a way that is incredibly accurate, UTC-compliant, and traceable. Leap seconds typically occur every 18 months, resulting in one extra second. The extra leap second occurs to adjust with the earth's slowed down rotation, and an extra second is added to UTC in order to keep it in-sync with mean solar time. To deal with the extra second more appropriately, Windows 10 will now display that extra second, instead of directly jumping to the next one. H/T Perfycat who adds: The new move makes Windows Server the first OS to have full support of the rare but valid timestamp of: 23:59:60. Linus Torvalds has long maintained that users needs to chill out about leap seconds. Further reading: Microsoft's blog post 1, and blog post 2.

An anonymous reader quotes a report from Ars Technica: Over the last few years, Microsoft has been working to improve the Windows console. Console windows now maximize properly, for example. In the olden days, hitting maximize would make the window taller but not wider. Today, the action will fill the whole screen, just like any other window. Especially motivated by the Windows subsystem for Linux, the console in Windows 10 supports 16 million colors and VT escape sequences, enabling much richer console output than has traditionally been possible on Windows.

Microsoft is working to build a better console for Windows, one that we hope will open the door to the same flexibility and capabilities that Unix users have enjoyed for more than 40 years. The APIs seem to be in the latest Windows 10 Insider builds, though documentation is a little scarce for now. The command-line team is publishing a series of blog posts describing the history of the Windows command-line, and how the operating system's console works. The big reveal of the new API is coming soon, and with this, Windows should finally be able to have reliable, effective tabbed consoles, with emoji support, rich Unicode, and all the other things that the Windows console doesn't do... yet.

"Despite Microsoft's assurances, Windows 10 1803 isn't ready for prime time," writes ComputerWorld's Woody Leonhard, adding "Microsoft's patches in June took on some unexpected twists..." Win10 1803 was declared fully fit for business, a pronouncement that was followed weeks later by fixes for a few glaring, acknowledged bugs -- and stony silence for other known problems. We're continuing the two-big-cumulative-updates-a-month pace for all supported versions of Windows 10. The second cumulative update frequently fixes bugs introduced by the first cumulative update. Microsoft may think that Win10 (1803) is ready for widespread deployment, but there are a few folks who would take issue with that stance...

Tuesday, Microsoft finally released a fix for two big bugs that have dogged Win10 1803 since its inception... In practice, life isn't so simple. WSUS (the Windows Update Server software) isn't "seeing" KB 4284848, as of late Wednesday afternoon -- which may be a good thing. Along with the second cumulative update this month, there are additional releases to fix the Servicing Stack, and a new "Compatibility update" that, per the documentation, is designed to make it easier to upgrade Win10 1803 Enterprise to Win10 1803 Enterprise (not a typo)...

One problem that has been acknowledged -- but only by a Microsoft Agent on an Answers Forum post -- says that installing 1803 can clobber your peer-to-peer network. That certainly matches my experience.
Woody concludes, "If you think Win10 1803 is ready for prime time, you're welcome to give it a try."

"Despite Microsoft's assurances, Windows 10 1803 isn't ready for prime time," writes ComputerWorld's Woody Leonhard, adding "Microsoft's patches in June took on some unexpected twists..." Win10 1803 was declared fully fit for business, a pronouncement that was followed weeks later by fixes for a few glaring, acknowledged bugs -- and stony silence for other known problems. We're continuing the two-big-cumulative-updates-a-month pace for all supported versions of Windows 10. The second cumulative update frequently fixes bugs introduced by the first cumulative update. Microsoft may think that Win10 (1803) is ready for widespread deployment, but there are a few folks who would take issue with that stance...

Tuesday, Microsoft finally released a fix for two big bugs that have dogged Win10 1803 since its inception... In practice, life isn't so simple. WSUS (the Windows Update Server software) isn't "seeing" KB 4284848, as of late Wednesday afternoon -- which may be a good thing. Along with the second cumulative update this month, there are additional releases to fix the Servicing Stack, and a new "Compatibility update" that, per the documentation, is designed to make it easier to upgrade Win10 1803 Enterprise to Win10 1803 Enterprise (not a typo)...

One problem that has been acknowledged -- but only by a Microsoft Agent on an Answers Forum post -- says that installing 1803 can clobber your peer-to-peer network. That certainly matches my experience.
Woody concludes, "If you think Win10 1803 is ready for prime time, you're welcome to give it a try."

As rumored, Microsoft said Monday that it has acquired code repository website GitHub for a whopping sum of $7.5B in Microsoft stock. Microsoft Corporate Vice President Nat Friedman, founder of Xamarin and an open source veteran, will assume the role of GitHub CEO. GitHub's current CEO, Chris Wanstrath, will become a Microsoft technical fellow, reporting to Executive Vice President Scott Guthrie, to work on strategic software initiatives. From the blog post: "Microsoft is a developer-first company, and by joining forces with GitHub we strengthen our commitment to developer freedom, openness and innovation," said Satya Nadella, CEO, Microsoft. "We recognize the community responsibility we take on with this agreement and will do our best work to empower every developer to build, innovate and solve the world's most pressing challenges." Under the terms of the agreement, Microsoft will acquire GitHub for $7.5 billion in Microsoft stock. Subject to customary closing conditions and completion of regulatory review, the acquisition is expected to close by the end of the calendar year. GitHub will retain its developer-first ethos and will operate independently to provide an open platform for all developers in all industries. Developers will continue to be able to use the programming languages, tools and operating systems of their choice for their projects -- and will still be able to deploy their code to any operating system, any cloud and any device. The two companies, together, will "empower developers to achieve more at every stage of the development lifecycle, accelerate enterprise use of GitHub, and bring Microsoft's developer tools and services to new audiences," Microsoft said. A portion of the developer community has opposed the move, with some already leaving the platform for alternative services.

Update: In a conference call with reporters, Mr. Nadella said today the company is "all in with open source," and requested people to judge the company's commitment to the open source community with its actions in the recent past, today, and in the coming future. GitHub will remain open and independent, Mr. Nadella said.

madsci1016 writes: Frustrated with how long my Windows Server 2016 Essentials was taking to apply weekly updates, I turned to the web. A quick search revealed that I'm not alone. Many people are reporting similar experiences across the web. All sharing stories of weekly patching taking hours and sometimes ending in hung welcome screens. Some of these threads started a year ago and are still active, with no response from Microsoft addressing the issue. If you use Server 2016, have you experienced this problem?

madsci1016 writes: Frustrated with how long my Windows Server 2016 Essentials was taking to apply weekly updates, I turned to the web. A quick search revealed that I'm not alone. Many people are reporting similar experiences across the web. All sharing stories of weekly patching taking hours and sometimes ending in hung welcome screens. Some of these threads started a year ago and are still active, with no response from Microsoft addressing the issue. If you use Server 2016, have you experienced this problem?

Billly Gates writes: Windows 10 build 1803 has come out this month, but with some problems. AnandTech has a deep-dive with the review examing many new features including the much better support for Linux. WSL (Windows Subsystem for Linux) now has native Curt and Tar from the command prompt as well as a utility to convert Unix to Windows pathnames called WSLpath.exe which is documented here. In addition it was mentioned on Slashdot in the past about OpenSSH being ported natively to Win32 in certain early builds. It now seems the reason was for Linux interoperability with this Spring Update 2. Unix sockets mean you can run Kali Linux on Windows 10 for penetration testing or run an Apache server in the background with full Linux networking support. Deemons now run in the background even with the command prompt closed. [...]

An anonymous reader writes: A new feature proposal for the Python programming language wants to add "transparency" to the runtime and let security and auditing tools view when Python may be running potentially dangerous operations. In its current form, Python does not allow security tools to see what operations the runtime is performing. Unless one of those operations generates particular errors that may raise a sign of alarm, security and auditing tools are blind that an attacker may be using Python to carry out malicious operations on a system.

But in Python Enhancement Proposal 551 (PEP-551), Steve Dower, a core Python developer, has proposed the addition of two new APIs that will let security tools detect when Python is executing potentially dangerous operations. The first, the Audit Hook API, will raise warning messages about certain type of Python operations; while the second, the Verified Open Hook API, is a mechanism to let the Python runtime know what files it is permitted to execute or tamper with.

Initial plans were to have PEP-551 ship with Python 3.7, scheduled for release in mid-June 2018, but the proposal did not make the final cut, according to a list of new features added for next month's release. This doesn't mean PEP-551 won't ship with a future version of Python. This is the second major scripting engine to open its runtime to security tools, after PowerShell.

In its most recent reports, AV-Test had very few flattering things to say about Windows Defender. Microsoft's security suite was rated as the seventh best antivirus product in the independent test. In total, 15 AV products were tested. Microsoft, however, has now disputed AV-Test's methodology and conclusion. For some context, the top AV products rated by AV-Test on Windows 10 were Trend Micro, Vipre, AhnLab, Avira, Bitdefender, Kaspersky, and McAfee.

Windows Defender was able to detect 100 percent of new and old malware, but it lost few points for performance (which, AV-Test measures on the basis of how a security suite slows applications and websites on the test computer); and usability (which counts false-positives or instances where AV wrongly identifies a file as malicious.) From a report: Windows Defender's performance rating was dragged down because it slowed the installation of frequently used applications more than the industry average, and wrongly detected 16 pieces of legitimate software compared with the industry average of four. But Microsoft wants enterprise customers to know that Windows Defender is only half the picture, given the option for customers to also deploy Windows Defender Advanced Threat Protection's (ATP) "stack components" including Smartscreen, Application Guard, and Application Control.

In the January and February test Windows Defender also scored 100 percent on protection. However it did miss two samples. Since then it's retrained its machine-learning classifiers to detect them. But Microsoft notes in a new paper that Defender ATP did catch them, which isn't reflected in AV-Test's or other testing firms' result. Microsoft hopes to change this so that testers include so-called stack components available in ATP. "As threats become more sophisticated, Microsoft and other security platform vendors continue evolving their product capabilities to detect threats across different attack stages," Microsoft's Windows Defender Research team writes. "We hope to see independent testers evolve their methodologies as well. Our customers need greater transparency and optics into what an end-to-end solution can accomplish in terms of total preventive protection, including the quality of individual components like antivirus."

Google is reportedly working on a standalone augmented reality headset that will use new Qualcomm chips. "It will be built by Taiwanese computer maker Quanta," reports The Verge. "The project is still in its early stages, according to documents obtained by WinFuture." From the report: The AR headset is supposed to be similar to Microsoft's HoloLens, a headset that came out in 2016 and is aimed at design, training, and industrial use. The Google AR headset that's in development will reportedly be self-contained and powered by a Qualcomm chip, rather than tethered to another device. It will also include cameras and microphones. The headset is currently going by the name "Google A65." There's no release date yet for the Google A65 as it's still in the prototype stage, according to WinFuture. The headset won't only operate like a HoloLens, but it will use the same chips. HoloLens is rumored to be getting an update this year, with a new ARM-powered design and an improved field of view. The Qualcomm chips that will reportedly be used in both the new HoloLens and the new Google headset are the Qualcomm QSC603 four-core chips, based on ARM architecture.

A new Xbox controller designed for people with disabilities has been announced by Microsoft today. The Xbox Adaptive Controller features two large programmable buttons and 19 jacks that can be connected to a range of joysticks, buttons, and switches to make it easier for a wider range of people to play games on Xbox One and Windows 10 PCs. The Verge reports: "I can customize how I interface with the Xbox Adaptive Controller to whatever I want," says Solomon Romney, a Microsoft Store learning specialist who was born without fingers on his left hand. "If I want to play a game entirely with my feet, I can. I can make the controls fit my body, my desires, and I can change them anytime I want. You plug in whatever you want and go. It takes virtually no time to set it up and use it. It could not be simpler."

The focus is on connectivity and customizability, with players able to build a setup that works for their capabilities and needs. It won't be an all-in-one solution for many games, but through the use of peripherals and the Xbox's system-level button remapping, the possibilities could be endless. The Xbox Adaptive Controller will cost $99.99 and goes on sale later this year.

theodp writes: Almost 1.5 million foreign students have been allowed to stay and work in the U.S. after graduation as part of the Optional Practical Training (OPT) program, which is now larger than the controversial H-1B program (Warning: source may be paywalled; alternative source). According to new Pew Research analysis of U.S. Immigration and Customs Enforcement data obtained through a Freedom of Information Act request, the number of students authorized to work under OPT has grown 400% since the federal government in 2008 increased the amount of time graduates with science, technology, engineering and math (STEM) degrees could remain in the United States and work. More than half of those working under OPT from 2004 to 2016 were in STEM fields, Pew found, and as a result, were eligible for the so-called STEM extension.

The OPT program added a 17-month STEM extension in 2008, shortly after Microsoft co-founder Bill Gates suggested it in testimony to Congress after complaining that the cap for the H-1B program had caused a serious disruption in the flow of talented STEM graduates to U.S. companies. In 2016, another 12-month extension was added after a Federal judge threatened to torpedo the STEM extension program, saying it "appears to have been adopted directly from the unanimous suggestions by Microsoft and similar industry groups." In its Top Ten Tech Issues for 2018, Microsoft expressed "concern that in 2018 the White House will announce a rollback of the extended period of Optional Practical Training for STEM graduates." Pew also took note of allegations that "visa mills" have sprung up in response to demand driven by the OPT program.

Microsoft is unable to find a software or firmware fix for Surface Pro 4 tablets affected by screen flickering, so it's launching a replacement program for them. Any Surface Pro 4 units experiencing the problem will be covered for up to three years from the time of original purchase. The Verge reports: The annoying flickering has been well-documented on Microsoft's support forums, with some users taking drastic steps like putting their Surface Pro 4 in a freezer to temporarily fix the issue. Back in February, Microsoft said it was closely monitoring the situation, and the company came to the conclusion that there's no convenient fix. Some customers have already paid for a screen replacement to stop the flickering since the problem typically arises when a machine is out of warranty; Microsoft says they'll be "offered a refund." The company notes that this three-year coverage doesn't extend to other problems your Surface Pro might experience outside the warranty period; it only applies to the screen issue. Replacement devices are refurbished -- not brand new -- Surface Pro 4s.

Microsoft is unable to find a software or firmware fix for Surface Pro 4 tablets affected by screen flickering, so it's launching a replacement program for them. Any Surface Pro 4 units experiencing the problem will be covered for up to three years from the time of original purchase. The Verge reports: The annoying flickering has been well-documented on Microsoft's support forums, with some users taking drastic steps like putting their Surface Pro 4 in a freezer to temporarily fix the issue. Back in February, Microsoft said it was closely monitoring the situation, and the company came to the conclusion that there's no convenient fix. Some customers have already paid for a screen replacement to stop the flickering since the problem typically arises when a machine is out of warranty; Microsoft says they'll be "offered a refund." The company notes that this three-year coverage doesn't extend to other problems your Surface Pro might experience outside the warranty period; it only applies to the screen issue. Replacement devices are refurbished -- not brand new -- Surface Pro 4s.

Microsoft's text editing app, Notepad, which has been shipping with Windows since version 1.0 in 1985, now supports line endings in text files created on Linux, Unix, Mac OS, and macOS devices. "This has been a major annoyance for developers, IT Pros, administrators, and end users throughout the community," Microsoft said in a blog post today. The Register reports: Notepad previously recognized only the Windows End of Line (EOL) characters, specifically Carriage Return (CR, \r, 0x0d) and Line Feed (LF, \n, 0x0a) together. For old-school Mac OS, the EOL character is just Carriage Return (CR, \r, 0x0d) and for Linux/Unix it's just Line Feed (LF, \n, 0x0a). Modern macOS, since Mac OS X, follows the Unix convention. Opening a file written on macOS, Mac OS, Linux, or Unix-flavored computers in Windows Notepad therefore looked like a long wall of text with no separation between paragraphs and lines. Relief arrives in the current Windows 10 Insider Build.

Notepad will continue to output CRLF as its EOL character by default. It's not changing its stripes entirely. But it will retain the formatting of the files it opens so users will be able to view, edit and print text files with non-Windows line ends. Microsoft has thoughtfully provided an out for Windows users counting on the app's past inflexibility: the new behavior can be undone with a registry key change.

An anonymous reader quotes BleepingComputer: Microsoft's patches for the Meltdown vulnerability have had a fatal flaw all these past months, according to Alex Ionescu, a security researcher with cyber-security firm Crowdstrike. Only patches for Windows 10 versions were affected, the researcher wrote today in a tweet. Microsoft quietly fixed the issue on Windows 10 Redstone 4 (v1803), also known as the April 2018 Update, released on Monday.

"Welp, it turns out the Meltdown patches for Windows 10 had a fatal flaw: calling NtCallEnclave returned back to user space with the full kernel page table directory, completely undermining the mitigation," Ionescu wrote. Ionescu pointed out that older versions of Windows 10 are still running with outdated and bypass-able Meltdown patches.

Wednesday Microsoft issued a security update, but it wasn't to backport the "fixed" Meltdown patches for older Windows 10 versions. Instead, the emergency update fixed a vulnerability in the Windows Host Compute Service Shim (hcsshim) library (CVE-2018-8115) that allows an attacker to remotely execute code on vulnerable systems.

iTunes is now available in the Microsoft Store, almost a year after Microsoft first revealed it was working with Apple to get iTunes listed in the Store. Windows Central reports: For a portion of Windows 10 users, iTunes' appearance on the Microsoft Store may not matter much because they can use the standard desktop app. Where it will have an impact, however, is for anyone using Windows 10 S, which is locked down and only allows installation of apps from the Microsoft Store. For those users, the full desktop iTunes experience should be available here, complete with access to Apple Music streaming and iPhone syncing.

At a small press event in San Francisco, Microsoft today announced the launch of a secure end-to-end IoT product that focuses on microcontroller-based devices -- the kind of devices that use tiny and relatively low-powered microcontrollers (MCUs) for basic control or connectivity features. TechCrunch reports: At the core of Azure Sphere is a new class of certified MCUs. As Microsoft president and chief legal officer Brad Smith stressed in today's announcement, Microsoft will license these new Azure Sphere chips for free, in hopes to jump-start the Azure Sphere ecosystem. Because it's hard to secure a device you can't update or get telemetry from, it's no surprise that these devices will feature built-in connectivity. And with that connectivity, these devices can also connect to the Azure Sphere Security Service in the cloud. For the first time ever, Microsoft is launching a custom Linux kernel and distribution: the Azure Sphere OS. It's an update to the kind of real-time operating systems that today's MCUs often use.

Why use Linux? "With Azure Sphere, Microsoft is addressing an entirely new class of IoT devices, the MCU," Rob Lefferts, Microsoft's partner director for Windows enterprise and security told me at the event. "Windows IoT runs on microprocessor units (MPUs) which have at least 100x the power of the MCU. The Microsoft-secured Linux kernel used in the Azure Sphere IoT OS is shared under an OSS license so that silicon partners can rapidly enable new silicon innovations." And those partners are also very comfortable with taking an open-source release and integrating that with their products. To get the process started, MediaTek is producing the first set of these new MCUs. These are low-powered, single-core ARM-A7 systems that run at 500MHz and include WiFi connectivity as well as a number of other I/O options.

At a small press event in San Francisco, Microsoft today announced the launch of a secure end-to-end IoT product that focuses on microcontroller-based devices -- the kind of devices that use tiny and relatively low-powered microcontrollers (MCUs) for basic control or connectivity features. TechCrunch reports: At the core of Azure Sphere is a new class of certified MCUs. As Microsoft president and chief legal officer Brad Smith stressed in today's announcement, Microsoft will license these new Azure Sphere chips for free, in hopes to jump-start the Azure Sphere ecosystem. Because it's hard to secure a device you can't update or get telemetry from, it's no surprise that these devices will feature built-in connectivity. And with that connectivity, these devices can also connect to the Azure Sphere Security Service in the cloud. For the first time ever, Microsoft is launching a custom Linux kernel and distribution: the Azure Sphere OS. It's an update to the kind of real-time operating systems that today's MCUs often use.

Why use Linux? "With Azure Sphere, Microsoft is addressing an entirely new class of IoT devices, the MCU," Rob Lefferts, Microsoft's partner director for Windows enterprise and security told me at the event. "Windows IoT runs on microprocessor units (MPUs) which have at least 100x the power of the MCU. The Microsoft-secured Linux kernel used in the Azure Sphere IoT OS is shared under an OSS license so that silicon partners can rapidly enable new silicon innovations." And those partners are also very comfortable with taking an open-source release and integrating that with their products. To get the process started, MediaTek is producing the first set of these new MCUs. These are low-powered, single-core ARM-A7 systems that run at 500MHz and include WiFi connectivity as well as a number of other I/O options.

Long-time Slashdot reader Billly Gates writes: Debian is now available in the Windows app store. It joins Ubuntu, Suse Leap, SuSe enterprise, and Kali Linux for those who cannot or do not want to bother with a virtual machine or a full install of the OS. However, it included stable 9.3. 9.4 is available from the repository if you run apt-get update and apt-get upgrade.
"Fedora is not yet available, although Microsoft has stated openly that it is working to make it so," reports Computer Weekly. And there's more: Microsoft has also provided an open source tool called Microsoft WSL/DistroLauncher for users who want to build their own Linux package where a particular distribution is either a) not available yet or b) is available, but the user wants to apply a greater degree of customisation to it than comes as standard.