Slashdot Deals: Prep for the CompTIA A+ certification exam. Save 95% on the CompTIA IT Certification Bundle ×
Security

Shifu Banking Trojan Has an Antivirus Feature To Keep Other Malware At Bay 59

An anonymous reader writes: Shifu is a banking trojan that's currently attacking 14 Japanese banks. Once it has infected a victim's machine, it will install a special module that keeps other banking-related trojans at bay. If this module sees suspicious, malware-looking content (unsigned executables) from unsecure HTTP connections, it tries to stop them. If it fails, it renames them to "infected.exx" and sends them to its C&C server. If the file is designed to autorun, Shifu will spoof an operating system "Out of memory" message.
Encryption

Browser Makers To End RC4 Support In Early 2016 40

msm1267 writes: Google, Microsoft and Mozilla today announced they've settled on an early 2016 timeframe to permanently deprecate the shaky RC4 encryption algorithm in their respective browsers. Mozilla said Firefox's shut-off date will coincide with the release of Firefox 44 on Jan. 26. Google and Microsoft said that Chrome and Internet Explorer 11 (and Microsoft Edge) respectively will also do so in the January-February timeframe. Attacks against RC4 are growing increasingly practical, rendering the algorithm more untrustworthy by the day.
Chrome

Chrome 45 Launches, Automatically Pauses Less Important Flash Content, Like Ads 79

An anonymous reader writes: Google today launched Chrome 45 for Windows, Mac, Linux, and Android with some expected changes and new developer tools. First and foremost, Chrome now automatically pauses less important Flash content (rolling out gradually, so be patient). This has been a longtime coming from both Google and Adobe, with the goal to make Flash content more power-efficient in Chrome: In March, a setting was introduced to play less Flash content on the page, but it wasn't turned on by default, and in June, the option was enabled in the browser's beta channel. Now it's being turned on for everyone.
Windows

Microsoft's Telemetry Additions To Windows 7 and 8 Raise Privacy Concerns 211

WheezyJoe writes: ghacks and Ars Technica are providing more detail about Windows 10's telemetry and "privacy invasion" features being backported to Windows 7 and 8. The articles list and explain some of the involved updates by number (e.g., KB3068708, KB3022345, KB3075249, and KB3080149). The Ars article says the Windows firewall can block the traffic just fine, and the service sending the telemetry can be disabled. "Additionally, most or all of the traffic appears to be contingent on participating in the CEIP in the first place. If the CEIP is disabled, it appears that little or no traffic gets sent. This may not always have been the case, however; the notes that accompany the 3080149 update say that the amount of network activity when not part of CEIP has been reduced." The ghacks article explains other ways block the unwanted traffic and uninstall the updates.
Stats

Windows 10 Grabs 5.21% Market Share, Passing Windows Vista and Windows 8 240

An anonymous reader writes: The effects of a free upgrade to Windows 10 are starting to trickle in. Available for just over a month, Windows 10 has now captured more than 5 percent market share, according to the latest figures from Net Applications. In just four weeks, Windows 10 has already been installed on over 75 million PCs. Microsoft is aiming to have 1 billion devices running Windows 10 "in two to three years," though that includes not just PCs, but smartphones, consoles, and other devices as well.
Windows

The Long Reach of Windows 95 337

jfruh writes: I'm a Mac guy — have been ever since the '80s. When Windows 95 was released 20 years ago, I was among those who sneered that "Windows 95 is Macintosh 87." But now, as I type these words on a shiny new iMac, I can admit that my UI — and indeed the computing landscape in general — owes a lot to Windows 95, the most influential operating system that ever got no respect. ITWorld reports: "... even though many techies tend to dismiss UI innovation as eye candy, the fact is that the changes made in Windows 95 were incredibly successful in making the the system more accessible to users -- so successful, in fact, that a surprising number of them have endured and even spread to other operating systems. We still live in the world Windows 95 made. When I asked people on Twitter their thoughts about what aspects of Windows 95 have persisted, I think Aaron Webb said it best: 'All of it? Put a 15 year old in front of 3.1 and they would be lost. In front of Windows 95 they would be able to do any task quickly.'"
Security

Abusing Symbolic Links Like It's 1999 53

An anonymous reader writes with this snippet from James Forshaw's recent post at Google's Project Zero, which begins For the past couple of years I've been researching Windows elevation of privilege attacks. This might be escaping sandboxing or gaining system privileges. One of the techniques I've used multiple times is abusing the symbolic link facilities of the Windows operating system to redirect privileged code to create files or registry keys to escape the restrictive execution context. Symbolic links in themselves are not vulnerabilities, instead they're useful primitives for exploiting different classes of vulnerabilities such as resource planting or time-of-check time-of-use. Click through that link to see examples of this abuse in action, but also information about how the underlying risks have been (or can be) mitigated.
Microsoft

Microsoft Builds Open-Source Browser Using HTML, JavaScript, and CSS 70

An anonymous reader writes: Microsoft's new browser, Edge, has a new rendering engine, EdgeHTML. Like Edge, the new rendering engine is only available in Windows 10, but it does more than just power the company's new browser: It's also readily available to developers. To show off what EdgeHTML can do, Microsoft has built a browser using predominantly JavaScript, HTML, and CSS. Next, the company released the browser on the Windows Store and the sample code on GitHub.
Android

Since-Pulled Cyanogen Update For Oneplus Changes Default Home Page To Bing 86

ourlovecanlastforeve writes: Nestled into GSMArena's report on the Cyanogen OS 12.1 update for Oneplus [ Note: an update that the story reports has since been pulled.] is this tasty bite: "...you'll find out that your Chrome homepage has been changed to Bing." Then it's casually dismissed with "Thankfully though, you can easily get rid of Microsoft's search engine by using Chrome settings." as if this were the most normal thing to have to do after an OTA update. Is this the new normal? Has Microsoft set a new precedent that it's okay to expect users to have to go searching through every setting and proactively monitor network traffic to make sure their data isn't being stolen, modified or otherwise manipulated?
Privacy

How To Keep Microsoft's Nose Out of Your Personal Data In Windows 10 423

MojoKid writes: Amid the privacy concerns and arguably invasive nature of Microsoft's Windows 10 regarding user information, it's no surprise that details on how to minimize leaks as much as possible are often requested by users who have recently made the jump to the new operating system. If you are using Windows 10, or plan to upgrade soon, it's worth bearing in mind a number of privacy-related options that are available, even during the installation/upgrade. If you are already running the OS and forgot to turn them off during installation (or didn't even see them), they can be accessed via the Settings menu on the start menu, and then selecting Privacy from the pop-up menu. Among these menus are a plethora of options regarding what data can be gathered about you. It's worth noting, however, that changing any of these options may disable various OS related services, namely Cortana, as Microsoft's digital assistant has it tendrils buried deep.
Data Storage

Oakland Changes License Plate Reader Policy After Filling 80GB Hard Drive 275

An anonymous reader writes: License plate scanners are a contentious subject, generating lots of debate over what information the government should have, how long they should have it, and what they should do with it. However, it seems policy changes are driven more by practical matters than privacy concerns. Earlier this year, Ars Technica reported that the Oakland Police Department retained millions of records going back to 2010. Now, the department has implemented a six-month retention window, with older data being thrown out. Why the change? They filled up the 80GB hard drive on the Windows XP desktop that hosted the data, and it kept crashing.

Why not just buy a cheap drive with an order of magnitude more storage space? Sgt. Dave Burke said, "We don't just buy stuff from Amazon as you suggested. You have to go to a source, i.e., HP or any reputable source where the city has a contract. And there's a purchase order that has to be submitted, and there has to be money in the budget. Whatever we put on the system, has to be certified. You don't just put anything. I think in the beginning of the program, a desktop was appropriate, but now you start increasing the volume of the camera and vehicles, you have to change, otherwise you're going to drown in the amount of data that's being stored."
Windows

A Breakdown of the Windows 10 Privacy Policy 318

WheezyJoe writes: The Verge has a piece on Windows 10 privacy that presents actual passages from the EULA and privacy policy that suggest what the OS is capturing and sending back to Microsoft. The piece takes a Microsoft-friendly point of view, arguing that all Microsoft is doing is either helpful or already being done either by Google or older releases of Windows, and also touches on how to shut things off (which is also explained here). But the quoted passages from the EULA and the privacy policy are interesting to review, particularly if you look out for legal weasel words that are open to Microsoft's interpretation, such as "various types (of data)", diagnostic data "vital" to the operation of Windows (cannot be turned off), sharing personal data "as necessary" and "to protect the rights or property of Microsoft". And while their explanations following the quotes may attempt an overly friendly spin, the article may be right about one thing: "In all, only a handful of these new features, and the privacy concerns they bring, are actually in fact new... Most people have just been either unaware or just did not care of their existence in past operating systems and software." Even pirates are having privacy concerns and blocking Windows 10 users.
Input Devices

Skylake Has a Voice DSP and Listens To Your Commands 99

itwbennett writes: Intel's new Skylake processor (like the Core M processor released last year) comes with a built-in digital signal processor (DSP) that will allow you to turn on and control your PC with your voice. Although the feature is not new, what is new is the availability of a voice controlled app to use it: Enter Windows 10 and Cortana. If this sounds familiar, it should, writes Andy Patrizio: 'A few years back when the Xbox One was still in development, word came that Kinect, its motion and audio sensor controller, would be required to use the console and Kinect would always be listening for voice commands to start the console. This caused something of a freak-out among gamers, who feared Microsoft would be listening.'
Windows

Windows 95 Turns 20 284

Etherwalk writes: Windows 95 turns 20 tomorrow, August 24, 2015. Users looking to upgrade from Windows 3.1 should be warned that some reviewers on the Amazon purchase page have been receiving 3.5" high-density floppy disk versions instead of a modern 150 kbps CD-ROM disk. Do you remember first seeing or installing Windows 95? Do you have any systems still running it?
Windows

Underground Piracy Sites Want To Block Windows 10 Users 394

An anonymous reader writes: Some smaller pirate sites have become concerned about Windows 10 system phoning home too many hints regarding that the users are accessing their site. Therefore, the pirate administrators have started blocking Windows 10 users from accessing the BitTorrent trackers that the sites host. The first ones to hit the alarm button were iTS, which have posted a statement and started redirecting Windows 10 users to a YouTube video called Windows 10 is a Tool to Spy on Everything You Do. Additionally, according to TorrentFreak, two other similar dark web torrent trackers are also considering following suit. "As we all know, Microsoft recently released Windows 10. You as a member should know, that we as a site are thinking about banning the OS from FSC," said one of the FSC staff. Likewise, in a message to their users, a BB admin said something similar: "We have also found [Windows 10] will be gathering information on users' P2P use to be shared with anti piracy group."
Government

City of Munich Struggling With Basic Linux Functionality 394

jones_supa writes: Just like the city planned a year ago, Munich is still calling for a switch back to Windows from LiMux, their Ubuntu derivative. The councilors from Munich's conservative CSU party have called the operating system installed on their laptops "cumbersome to use" and "of very limited use." The letter from the two senior members of the city's IT committee (PDF in German) asks the mayor to consider removing the Linux-based OS and to install Windows and Office. "There are no programs for text editing, Skype, Office etc. installed and that prevents normal use," the letter argues. Another complaint from councilors is that "the lack of user permissions makes them of limited use." These kind of arguments raise eyebrows, as all that functionality is certainly found on Linux.
Desktops (Apple)

Could the Best Windows 10 Laptop Be a Mac? 435

dkatana writes: Now that Windows 10 is finally out there many people are looking for the best laptop with the power to make the new OS shine. The sweet spot appears to be in $900-$1500 machines from Dell, Asus and HP. But Apple, the company that has been fighting Windows for ever, has other options for Windows 10: the MacBook Pro and MacBook Air. According to InformationWeek there are many reasons to consider purchasing a MacBook as the next Windows machine, including design, reliability, performance, battery life, display quality and better keyboard. Also MacBooks have a higher resell value, retaining up to 50% of their price after five years.
Bug

Air Traffic Snafu: FAA System Runs Out of Memory 234

minstrelmike writes: Over the weekend, hundreds of flights were delayed or canceled in the Washington, D.C. area after air traffic systems malfunctioned. Now, the FAA says the problem was related to a recent software upgrade at a local radar facility. The software had been upgraded to display customized windows of reference data that were supposed to disappear once deleted. Unfortunately, the systems ended up running out of memory. The FAA's report is vague about whether it was operator error or software error: "... as controllers adjusted their unique settings, those changes remained in memory until the storage limit was filled." Wonder what programming language they used?
Internet Explorer

Microsoft Patches Remote Code Execution Hole for Internet Explorer 56

mask.of.sanity writes: Microsoft has released an out-of-band patch for Internet Explorer versions seven to 11 that closes a dangerous remote code execution flaw allowing attackers to commandeer machines. From their advisory: "An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from this vulnerability." The attack could assist in watering hole and malvertising campaigns. The Windows 10 Edge browser is not impacted.
Windows

Windows Memory Manager To Introduce Compression 231

jones_supa writes: Even though the RTM version of Windows 10 is already out of the door, Microsoft will keep releasing beta builds of the operating system to Windows Insiders. The first one will be build 10525, which introduces some color personalization options, but also interesting improvements to memory management. A new concept is called a compression store, which is an in-memory collection of compressed pages. When memory pressure gets high enough, stale pages will be compressed instead of swapping them out. The compression store will live in the System process's working set. As usual, Microsoft will be receiving comments on the new features via the Feedback app.