Government

Think Tanks: How a Bill [Gates Agenda] Becomes a Law 110

Posted by Soulskill
from the daily-dose-of-cynicism dept.
theodp writes: The NY Times' Eric Lipton was just awarded a 2015 Pulitzer Prize for investigative reporting that shed light on how foreign powers buy influence at think tanks. So, it probably bears mentioning that Microsoft's 'two-pronged' National Talent Strategy (PDF) to increase K-12 CS education and the number of H-1B visas — which is on the verge of being codified into laws — was hatched at an influential Microsoft and Gates Foundation-backed think tank mentioned in Lipton's reporting, the Brookings Institution. In 2012, the Center for Technology Innovation at Brookings hosted a forum on STEM education and immigration reforms, where fabricating a crisis was discussed as a strategy to succeed with Microsoft's agenda after earlier lobbying attempts by Bill Gates and Microsoft had failed. "So, Brad [Microsoft General Counsel Brad Smith]," asked the Brookings Institution's Darrell West at the event, "you're the only [one] who mentioned this topic of making the problem bigger. So, we galvanize action by really producing a crisis, I take it?" "Yeah," Smith replied (video). And, with the help of nonprofit organizations like Code.org and FWD.us that were founded shortly thereafter, a national K-12 CS and tech immigration crisis was indeed created.
Patents

Microsoft Increases Android Patent Licensing Reach 97

Posted by Soulskill
from the if-you-can't-beat-'em,-bleed-'em dept.
BrianFagioli writes: Microsoft may not be winning in the mobile arena, but they're still making tons of money from those who are. Patent licensing agreements net the company billions each year from device makers like Samsung, Foxconn, and ZTE. Now, Microsoft has added another company to that list: Qisda Corp. They make a number of Android and Chrome-based devices under the Qisda brand and the BenQ brand, and now Microsoft will be making money off those, too.
Security

Microsoft Opens Vulnerability Bounty Program For Spartan Browser 51

Posted by timothy
from the why-not-leave-the-code-to-survive-infancy-alone? dept.
jones_supa writes: As it did in the past when it tried to make Internet Explorer more secure, Microsoft has launched a new bug bounty program for Spartan browser, the default application of Windows 10 for surfing the information highway. A typical remote code execution flaw can bring between $1,500 and $15,000, and for the top payment you also need to provide a functioning exploit. The company says that it could pay even more than that, if you convince the jury on the entry quality and complexity. Sandbox escape vulnerabilities with Enhanced Protected Mode enabled, important or higher severity vulnerabilities in Spartan or its engine, and ASLR info disclosure vulnerabilities are also eligible. If you want to accept the challenge, Microsoft provides more information on how to participate.
DRM

Microsoft, Chip Makers Working On Hardware DRM For Windows 10 PCs 279

Posted by Soulskill
from the just-what-users-wanted dept.
writertype writes: Last month, Microsoft began talking about PlayReady 3.0, which adds hardware DRM to secure 4K movies. Intel, AMD, Nvidia, and Qualcomm are all building it in, according to Microsoft. "Older generations of PCs used software-based DRM technology. The new hardware-based technology will know who you are, what rights your PC has, and won’t ever allow your PC to unlock the content so it can be ripped. ... Unfortunately, it looks like the advent of PlayReady 3.0 could leave older PCs in the lurch. Previous PlayReady technology secured content up to 1080p resolution using software DRM—and that could be the maximum resolution for older PCs without PlayReady 3.0." Years back, a number of people got upset when Hollywood talked about locking down "our content." It looks like we may be facing it again for 4K video.
Cloud

Amazon's Profits Are Floating On a Cloud (Computing) 76

Posted by Soulskill
from the they're-hoping-the-weather-holds dept.
HughPickens.com writes: The NY Times reports that Amazon unveiled the financial performance of its powerful growth engine for the first time on Thursday, and the numbers looked good, energized primarily by renting processing power to start-ups and, increasingly, established businesses. Amazon said in its first-quarter earnings report that its cloud division, Amazon Web Services, had revenue of $1.57 billion during the first three months of the year. Even though the company often reports losses, the cloud business is generating substantial profits. The company said its operating income from AWS was $265 million.

Amazon helped popularize the field starting in 2006 and largely had commercial cloud computing to itself for years, an enormous advantage in an industry where rivals usually watch one another closely. At the moment, there is no contest: Amazon is dominant and might even be extending its lead. Microsoft ranks a distant No. 2 in cloud computing but hopes to pick up the slack with infrastructure-related services it sells through Azure, the name of its cloud service. Amazon executives have said they expect AWS to eventually rival the company's other businesses in size. The cloud business has been growing at about 40 percent a year, more than twice the rate of the overall company and many Wall Street analysts have been hoping for a spinoff.

As for Google, the cloud was barely mentioned in Google's earnings call. Nor did the search giant offer any cloud numbers, making it impossible to gauge how well it is doing. But the enthusiasm of Eric Schmidt, Google's executive chairman, was manifest when he spoke at an event for cloud software developers this week. "The entire world will be defined by smartphones, Android or Apple, a very fast network, and cloud computing," said Schmidt. "The space is very large, very vast, and no one is covering all of it."
Bug

Groupon Refuses To Pay Security Expert Who Found Serious XSS Site Bugs 144

Posted by samzenpus
from the pay-the-man dept.
Mark Wilson writes: Bounty programs benefit everyone. Companies like Microsoft get help from security experts, customers gain improved security, and those who discover and report vulnerabilities reap the rewards financially. Or at least that's how things are supposed to work. Having reported a series of security problems to discount and deal site Groupon, security researcher Brute Logic from XSSposed.org was expecting a pay-out — but the site refuses to give up the cash. In all, Brute Logic reported more than 30 security issues with Groupon's site, but the company cites its Responsible Disclosure policy as the reason for not handing over the cash.
Windows

Microsoft Announces Device Guard For Windows 10 189

Posted by Soulskill
from the throwing-up-a-new-moat dept.
jones_supa writes: Microsoft has announced a new feature for Windows 10 called Device Guard, which aims to give administrators full control over what software can or cannot be installed on a device. "It provides better security against malware and zero days for Windows 10 by blocking anything other than trusted apps—which are apps that are signed by specific software vendors, the Windows Store, or even your own organization. ... To help protect users from malware, when an app is executed, Windows makes a determination on whether that app is trustworthy, and notifies the user if it is not. Device Guard can use hardware technology and virtualization to isolate that decision making function from the rest of the Windows operating system, which helps provide protection from attackers or malware that have managed to gain full system privilege." It's intended to be used in conjunction with traditional anti-virus, not as a replacement.
AI

Concerns of an Artificial Intelligence Pioneer 195

Posted by Soulskill
from the nobody-program-it-to-think-humans-can-be-used-as-batteries dept.
An anonymous reader writes: In January, the British-American computer scientist Stuart Russell drafted and became the first signatory of an open letter calling for researchers to look beyond the goal of merely making artificial intelligence more powerful. "We recommend expanded research aimed at ensuring that increasingly capable AI systems are robust and beneficial," the letter states. "Our AI systems must do what we want them to do." Thousands of people have since signed the letter, including leading artificial intelligence researchers at Google, Facebook, Microsoft and other industry hubs along with top computer scientists, physicists and philosophers around the world. By the end of March, about 300 research groups had applied to pursue new research into "keeping artificial intelligence beneficial" with funds contributed by the letter's 37th signatory, the inventor-entrepreneur Elon Musk.

Russell, 53, a professor of computer science and founder of the Center for Intelligent Systems at the University of California, Berkeley, has long been contemplating the power and perils of thinking machines. He is the author of more than 200 papers as well as the field's standard textbook, Artificial Intelligence: A Modern Approach (with Peter Norvig, head of research at Google). But increasingly rapid advances in artificial intelligence have given Russell's longstanding concerns heightened urgency.
Facebook

Facebook Working To Weed Out Fake Likes 74

Posted by timothy
from the click-here-to-weed-out-fake-likes dept.
jfruh writes In the early days of brands on Facebook, it was crucial for companies to garner as many "likes" as possible to boost their image, and that led to some unethical businesses selling likes that came from fake accounts. Now Facebook is informing brands that they're working to root out fake likes, leaving like counts lower but realer. Now if only I could get my relatives to stop clicking on pictures that say they like puppies and are against cancer.
Cellphones

Does Lack of FM Support On Phones Increase Your Chances of Dying In a Disaster? 350

Posted by timothy
from the well-if-you-put-it-that-way dept.
theodp writes "You may not know it," reports NPR's Emma Bowman, "but most of today's smartphones have FM radios inside of them. But the FM chip is not activated on two-thirds of devices. That's because mobile makers have the FM capability switched off. The National Association of Broadcasters has been asking mobile makers to change this. But the mobile industry, which profits from selling data to smartphone users, says that with the consumer's move toward mobile streaming apps, the demand for radio simply isn't there." But FEMA Administrator Craig Fugate says radio-enabled smartphones could sure come in handy during times of emergency. So, is it irresponsible not to activate the FM chips? And should it's-the-app-way-or-the-highway Apple follow Microsoft's lead and make no-static-at-all FM available on iPhones?
Security

Exploit For Crashing Minecraft Servers Made Public 118

Posted by timothy
from the hey-fellas-door's-unlocked dept.
An anonymous reader writes "After nearly two years of waiting for Mojang to fix a security vulnerability that can be used to crash Minecraft servers, programmer Ammar Askar has released a proof of concept exploit for the flaw in the hopes that this will force them to do something about it. "Mojang is no longer a small indie company making a little indie game, their software is used by thousands of servers, hundreds of thousands people play on servers running their software at any given time. They have a responsibility to fix and properly work out problems like this," he noted." Here is Askar's own post on the exploit, and his frustration with the response he's gotten to disclosing it to the developers.
Microsoft

Microsoft Open Technologies Is Closing: Good Or Bad News For Open Source? 110

Posted by timothy
from the sea-change-or-see-no-change dept.
BrianFagioli writes When Microsoft Open Technologies was founded as a subsidiary of Microsoft — under Steve Ballmer's reign — many in the open source community hailed it as a major win, and it was. Today, however, the subsidiary is shutting down and being folded into Microsoft. While some will view this as a loss for open source, I disagree; Microsoft has evolved so much under Satya Nadella, that a separate subsidiary is simply no longer needed. Microsoft could easily be the world's biggest vendor of open source software, which is probably one reason some people don't like the term.
Microsoft

Microsoft's Role As Accuser In the Antitrust Suit Against Google 192

Posted by samzenpus
from the on-the-other-side dept.
HughPickens.com writes Danny Hakim reports at the NYT that as European antitrust regulators formally accuse Google of abusing its dominance, Microsoft is relishing playing a behind-the-scenes role of scold instead of victim. Microsoft has founded or funded a cottage industry of splinter groups to go after Google. The most prominent, the Initiative for a Competitive Online Marketplace, or Icomp, has waged a relentless public relations campaign promoting grievances against Google. It conducted a study that suggested changes made by Google to appease regulators were largely window dressing. "Microsoft is doing its best to create problems for Google," says Manfred Weber, the chairman of the European People's Party, the center-right party that is the largest voting bloc in the European Parliament. "It's interesting. Ten years ago Microsoft was a big and strong company. Now they are the underdog."

According to Hakim, Microsoft and Google are the Cain and Abel of American technology, locked in the kind of struggle that often takes place when a new giant threatens an older one. Microsoft was frustrated after American regulators at the Federal Trade Commission didn't act on a similar antitrust investigation against Google in 2013, calling it a "missed opportunity." It has taken the fight to the state level, along with a number of other opponents of Google. Microsoft alleges that Google's anti-competitive practices include stopping Bing from indexing content on Google-owned YouTube; blocking Microsoft Windows smartphones from "operating properly" with YouTube; blocking access to content owned by book publishers; and limiting the flow of ad campaign information back to advertisers, making it more expensive to run ads with rivals. "Over the past year, a growing number of advertisers, publishers, and consumers have expressed to us their concerns about the search market in Europe," says Brad Smith, Microsoft's general counsel. "They've urged us to share our knowledge of the search market with competition officials."
Android

Cyanogen Partners With Microsoft To Replace Google Apps 179

Posted by Soulskill
from the unexpected-alliances dept.
Unknown Lamer writes: Microsoft and Cyanogen Inc have announced a partnership to bring Microsoft applications to Cyanogen OS. "Under the partnership, Cyanogen will integrate and distribute Microsoft's consumer apps and services across core categories, including productivity, messaging, utilities, and cloud-based services. As part of this collaboration, Microsoft will create native integrations on Cyanogen OS, enabling a powerful new class of experiences." Ars Technica comments, "If Cyanogen really wants to ship a Googleless Android, it will need to provide alternatives to Google's services, and this Microsoft deal is a small start. Microsoft can provide alternatives for Search (Bing), Google Drive (OneDrive and Office), and Gmail (Outlook). The real missing pieces are alternatives to Google Play, Google Maps, and Google Play Services."

Rather than distribute more proprietary services, how about ownCloud for Drive, K-9 Mail for Gmail, OsmAnd for Maps, and F-Droid for an app store? Mozilla and DuckDuckGo provide Free Software search providers for Android, too. With Google neglecting the Android Open Source Project and Cyanogen partnering with Microsoft, the future for Free Software Android as anything but a shell for proprietary software looks bleak.
Windows

Remote Code Execution Vulnerability Found In Windows HTTP Stack 119

Posted by Soulskill
from the another-day,-another-vuln dept.
jones_supa writes: A remote code execution vulnerability exists in the Windows HTTP stack that is caused when HTTP.SYS parses specially-crafted HTTP requests. An attacker who has successfully exploited this vulnerability could execute arbitrary code under the SYSTEM context. Details of the bug are withheld, but exploit code is floating around. Microsoft describes the issue in security bulletin MS15-034. An update (KB3042553) is already available for all supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. As a workaround, Microsoft offers disabling IIS kernel caching.
Businesses

How Mission Creep Killed a Gaming Studio 131

Posted by Soulskill
from the not-actually-about-duke-nukem-forever dept.
Nerval's Lobster writes: Over at Kotaku, there's an interesting story about the reported demise of Darkside Game Studios, a game-development firm that thought it finally had a shot at the big time only to collapse once its project requirements spun out of control. Darkside got a chance to show off its own stuff with a proposed remake of Phantom Dust, an action-strategy game that became something of a cult favorite. Microsoft, which offered Darkside the budget to make the game, had a very specific list of requirements for the actual gameplay. The problem, as Kotaku describes, is those requirements shifted after the project was well underway. Darkside needed more developers, artists, and other skilled tech pros to finish the game with its expanded requirements, but (anonymous sources claimed) Microsoft refused to offer up more money to actually hire the necessary people. As a result, the game's development imploded, reportedly followed by the studio. What's the lesson in all this? It's one of the oldest in the book: Escalating and unanticipated requirements, especially without added budget to meet those requirements, can have devastating effects on both a project and the larger software company.
Microsoft

Microsoft Starts Working On an LLVM-Based Compiler For .NET 125

Posted by timothy
from the spreading-like-bamboo dept.
An anonymous reader writes Are the days of Microsoft's proprietary compiler over? Microsoft has announced they've started work on a new .NET compiler using LLVM and targets their CoreCLR — any C# program written for the .NET core class libraries can now run on any OS where CoreCLR and LLVM are supported. Right now the compiler only supports JIT compilation but AOT is being worked on along with other features. The new Microsoft LLVM compiler is called LLILC and is MIT-licensed.
Education

US Dept. of Education Teams With Microsoft-Led Teach.org On Teacher Diversity 148

Posted by Soulskill
from the no-politically-correct-dept-lines-found dept.
theodp writes: Citing a new study that suggests academic achievement can benefit when children are taught by a teacher of their own race, the NY Times asks, Where Are the Teachers of Color? Towards that end, the Times reports that "Teach.org, a partnership between the Department of Education and several companies, teachers unions and other groups, is specifically targeting racial minorities for recruitment." Teach.org describes itself as a "public-private partnership led by Microsoft, State Farm and the U.S. Department of Education." To the consternation of some, the U.S. Dept. of Education delegated teacher recruitment to Microsoft in 2011. With its 2.2% African American/Black and 3.9% Latino/Hispanic tech workforce, who better to increase diversity than Microsoft, right?
Microsoft

Windows Remains Vulnerable To Serious 18-Year-Old SMB Security Flaw 171

Posted by samzenpus
from the protect-ya-neck dept.
Mark Wilson writes A serious security hole leaves millions of Windows users open to attack, making it possible to extract encrypted credentials from a target machine. Researchers at Cylance say the problem affects "any Windows PC, tablet or server" (including Windows 10) and is a slight progression of the Redirect to SMB attack discovered by Aaron Spangler way back in 1997. Redirect to SMB is essentially a man-in-the-middle attack which involves taking control of a network connection. As the name suggests, victims are then redirected to a malicious SMB server which can extract usernames, domains and passwords. Cylance also reports that software from companies such as Adobe, Oracle and Symantec — including security and antivirus tools — are affected.
Microsoft

Microsoft and Miele Team Collaborate To Cook Up an IoT Revolution 105

Posted by samzenpus
from the bake-me-a-cake dept.
Mark Wilson writes When people talk about the Internet of Things, there are often semi-joking references to fridges that know when you've run out of milk and ovens that know how to cook whatever you put in them. Forget the jokes; this is now a reality. We've already seen a generation of smart appliances, and Microsoft wants to be part of what happens next. At Hannover Messe today, Miele — of oven, vacuum cleaner and washing machine fame — announces it is working on a new breed of appliances based on Microsoft Azure Internet of Things (IoT) services What does this mean? Ultimately it means you'll be able to find a recipe online, have the ingredient list and preparation instructions sent to your mobile device, and your smart oven will be automatically configured with the correct settings.