microsoft

brussels-explores-antitrust-probe-into-microsoft’s-partnership-with-openai

Brussels explores antitrust probe into Microsoft’s partnership with OpenAI

AI, antitrust, brussels, European Union, microsoft, microsoft openai, openai, Policy, syndication / /

still asking questions —

EU executive arm drops merger review into US tech companies’ alliance.

EU competition chief Margrethe Vestager said the bloc was looking into practices that could in effect lead to a company controlling a greater share of the AI market.

Enlarge / EU competition chief Margrethe Vestager said the bloc was looking into practices that could in effect lead to a company controlling a greater share of the AI market.

Brussels is preparing for an antitrust investigation into Microsoft’s $13 billion investment into OpenAI, after the European Union decided not to proceed with a merger review into the most powerful alliance in the artificial intelligence industry.

The European Commission, the EU’s executive arm, began to explore a review under merger control rules in January, but on Friday announced that it would not proceed due to a lack of evidence that Microsoft controls OpenAI.

However, the commission said it was now exploring the possibility of a traditional antitrust investigation into whether the tie-up between the world’s most valuable listed company and the best-funded AI start-up was harming competition in the fast-growing market.

The commission has also made inquiries about Google’s deal with Samsung to install a modified version of its Gemini AI system in the South Korean manufacturer’s smartphones, it revealed on Friday.

Margrethe Vestager, the bloc’s competition chief, said in a speech on Friday: “The key question was whether Microsoft had acquired control on a lasting basis over OpenAI. After a thorough review we concluded that such was not the case. So we are closing this chapter, but the story is not over.”

She said the EU had sent a new set of questions to understand whether “certain exclusivity clauses” in the agreement between Microsoft and OpenAI “could have a negative effect on competitors.” The move is seen as a key step toward a formal antitrust probe.

The bloc had already sent questions to Microsoft and other tech companies in March to determine whether market concentration in AI could potentially block new companies from entering the market, Vestager said.

Microsoft said: “We appreciate the European Commission’s thorough review and its conclusion that Microsoft’s investment and partnership with OpenAI does not give Microsoft control over the company.”

Brussels began examining Microsoft’s relationship with the ChatGPT maker after OpenAI’s board abruptly dismissed its chief executive Sam Altman in November 2023, only to be rehired a few days later. He briefly joined Microsoft as the head of a new AI research unit, highlighting the close relationship between the two companies.

Regulators in the US and UK are also scrutinizing the alliance. Microsoft is the biggest backer of OpenAI, although its investment of up to $13 billion, which was expanded in January 2023, does not involve acquiring conventional equity due to the startup’s unusual corporate structure. Microsoft has a minority interest in OpenAI’s commercial subsidiary, which is owned by a not-for-profit organization.

Antitrust investigations tend to last years, compared with a much shorter period for merger reviews, and they focus on conduct that could be undermining rivals. Companies that are eventually found to be breaking the law, for example by bundling products or blocking competitors from access to key technology, risk hefty fines and legal obligations to change their behavior.

Vestager said the EU was looking into practices that could in effect lead to a company controlling a greater share of the AI market. She pointed to a practice called “acqui-hires,” where a company buys another one mainly to get its talent. For example, Microsoft recently struck a deal to hire most of the top team from AI start-up Inflection, in which it had previously invested. Inflection remains an independent company, however, complicating any traditional merger investigation.

The EU’s competition chief said regulators were also looking into the way big tech companies may be preventing smaller AI models from reaching users.

“This is why we are also sending requests for information to better understand the effects of Google’s arrangement with Samsung to pre-install its small model ‘Gemini nano’ on certain Samsung devices,” said Vestager.

Jonathan Kanter, the top US antitrust enforcer, told the Financial Times earlier this month that he was also examining “monopoly choke points and the competitive landscape” in AI. The UK’s Competition and Markets Authority said in December that it had “decided to investigate” the Microsoft-OpenAI deal when it invited comments from customers and rivals.

© 2024 The Financial Times Ltd. All rights reserved. Please do not copy and paste FT articles and redistribute by email or post to the web.

Brussels explores antitrust probe into Microsoft’s partnership with OpenAI Read More »

patent-document-showcases-the-cloud-only-streaming-xbox-console-that-never-was

Patent document showcases the cloud-only streaming Xbox console that never was

cloud gaming, gaming, keystone, microsoft, Tech, xbox, xbox cloud gaming, xbox series s / /

keystone revealed —

Microsoft couldn’t get the price of its streaming Xbox low enough to release it.

  • The streaming-only Xbox would have looked like a smaller, squarer relative of the Series S.

    Microsoft

  • The console had cutouts on the bottom and back, presumably for air cooling.

    Microsoft

  • Front-mounted Xbox button and USB port, much like the Series S.

    Microsoft

  • Rear-mounted Ethernet, HDMI, and power. The console would likely have worked over Wi-Fi, too, but wired Ethernet does help with latency and consistency when streaming games.

    Microsoft

  • Controller sync button on the side.

    Microsoft

  • There was a logo and a Series S-ish circle on the top of the Keystone Xbox, but there are no cutouts depicted, so this may have been a stylistic choice rather than a place for the console to vent hot air.

    Microsoft

Microsoft’s mid-generation plans for the Xbox Series S and X consoles looked a whole lot different a couple of years ago than it does now. A leaked slide deck from the FTC v. Microsoft case last year outlined detailed plans for a spruced up Series S, an overhauled Series X, and even a redesigned controller. Another part of that roadmap included a streaming-only version of the Xbox, codenamed Keystone, that was designed to connect to Microsoft’s Xbox Cloud Gaming servers rather than rendering games locally.

Microsoft has talked openly about this version of the Xbox before. Microsoft Gaming CEO Phil Spencer told The Verge that the Keystone console was designed and fully functional, but that it wasn’t launched because Microsoft had a hard time getting the price down low enough that it made sense next to the $299 Series S (which already occasionally goes on sale in the $200 to $250 range).

We’ve already seen glimpses of Keystone—once on Spencer’s shelf, and again in the FTC v. Microsoft documents. Both of those depictions were partial, or seen from a distance. But a new design patent document (PDF) unearthed by Windows Central shows even more detailed renderings of what the cloud Xbox would have looked like.

Series S meets Apple TV

Keystone’s styling was strongly reminiscent of the disc-drive-less Series S, with the same boxy white design and front-mounted Xbox button and USB port. There’s also a similar circular cutout on top, though it may not be an air vent as it is in the Series S—all of the holes depicted in the patent are on the back and bottom, and a streaming box certainly wouldn’t have needed the same cooling capacity as the AMD-designed CPU and GPU in the Series S.

The console also would have been square-shaped and considerably smaller than a Series S—not quite as small as a dedicated video-streaming box like an Apple TV or Roku Ultra, but not too far off either (the patent document doesn’t list dimensions, but we’ve done a rough size comparison using the HDMI and Ethernet ports on the Keystone box and an Apple TV 4K). The console’s controller sync button would have been mounted on its side, rather than in front, as it is on the Series S.

The cloud Xbox compared to a current-generation Apple TV 4K, with sizes roughly normalized based on the sizes of the HDMI and Ethernet ports. The Xbox console would have been a bit larger, but not dramatically so.

Enlarge / The cloud Xbox compared to a current-generation Apple TV 4K, with sizes roughly normalized based on the sizes of the HDMI and Ethernet ports. The Xbox console would have been a bit larger, but not dramatically so.

Apple/Microsoft/Andrew Cunningham

In the alternate reality of the FTC v. Microsoft slide deck, all of these new consoles and the new controller would have been announced or launched by now. But as Microsoft Gaming CEO Phil Spencer said shortly after those documents leaked, the company’s plans have changed substantially in the interim. A disc-less version of the Series X is coming, but it looks exactly like the current version of the console without a disc drive; Microsoft is also pursuing a strategy where it takes more of its internally developed games multi-platform, rather than restricting them to the Xbox and to Windows PCs. These moves are at least partially in response to sliding revenue from Microsoft’s console business, which has seen its revenue decline by double digits year over year for the last couple of years.

Neither Spencer nor Microsoft has ever said never about the Keystone console, leaving the door open to an eventual release if and when the price of manufacturing the console comes down. In the meantime, the streaming-only Xbox lives on as an app for newer Samsung smart TVs.

Listing image by Microsoft

Patent document showcases the cloud-only streaming Xbox console that never was Read More »

microsoft-risks-huge-fine-over-“possibly-abusive”-bundling-of-teams-and-office

Microsoft risks huge fine over “possibly abusive” bundling of Teams and Office

alfaview, anticompetitive behavior, Antitrust law, Digital Markets Act, European Commission, European Union, Google, microsoft, monopoly, Policy, SaaS, slack, software as a service / /
A screen shows a virtual meeting with Microsoft Teams at a conference on January 30, 2024 in Barcelona, Spain.

Enlarge / A screen shows a virtual meeting with Microsoft Teams at a conference on January 30, 2024 in Barcelona, Spain.

Microsoft may be hit with a massive fine in the European Union for “possibly abusively” bundling Teams with its Office 365 and Microsoft 365 software suites for businesses.

On Tuesday, the European Commission (EC) announced preliminary findings of an investigation into whether Microsoft’s “suite-centric business model combining multiple types of software in a single offering” unfairly shut out rivals in the “software as a service” (SaaS) market.

“Since at least April 2019,” the EC found, Microsoft’s practice of “tying Teams with its core SaaS productivity applications” potentially restricted competition in the “market for communication and collaboration products.”

The EC is also “concerned” that the practice may have helped Microsoft defend its dominant market position by shutting out “competing suppliers of individual software” like Slack and German video-conferencing software Alfaview. Makers of those rival products had complained to the EC last year, setting off the ongoing probe into Microsoft’s bundling.

Customers should have choices, the EC said, and seemingly at every step, Microsoft sought instead to lock customers into using only its software.

“Microsoft may have granted Teams a distribution advantage by not giving customers the choice whether or not to acquire access to Teams when they subscribe to their SaaS productivity applications,” the EC wrote. This alleged abusive practice “may have been further exacerbated by interoperability limitations between Teams’ competitors and Microsoft’s offerings.”

For Microsoft, the EC’s findings are likely not entirely unexpected, although Tuesday’s announcement must be disappointing. The company had been hoping to avoid further scrutiny by introducing some major changes last year. Most drastically, Microsoft began “offering some suites without Teams,” the EC said, but even that wasn’t enough to appease EU regulators.

“The Commission preliminarily finds that these changes are insufficient to address its concerns and that more changes to Microsoft’s conduct are necessary to restore competition,” the EC said, concluding that “the conduct may have prevented Teams’ rivals from competing, and in turn innovating, to the detriment of customers in the European Economic Area.”

Microsoft will now be given an opportunity to defend its practices. If the company is unsuccessful, it risks a potential fine up to 10 percent of its annual worldwide turnover and an order possibly impacting how the leading global company conducts business.

In a statement to Ars, Microsoft President Brad Smith confirmed that the tech giant would work with the commission to figure out a better solution.

“Having unbundled Teams and taken initial interoperability steps, we appreciate the additional clarity provided today and will work to find solutions to address the commission’s remaining concerns,” Smith said.

The EC’s executive vice-president in charge of competition policy, Margrethe Vestager, explained in a statement why the commission refuses to back down from closely scrutinizing Microsoft’s alleged unfair practices.

“We are concerned that Microsoft may be giving its own communication product Teams an undue advantage over competitors by tying it to its popular productivity suites for businesses,” Vestager said. “And preserving competition for remote communication and collaboration tools is essential as it also fosters innovation” in these markets.

Changes coming to EU antitrust law in 2025

The EC initially launched its investigation into Microsoft’s allegedly abusive Teams bundling last July. Its probe came after Slack and Alfaview makers complained that Microsoft may be violating Article 102 of the Treaty on the Functioning of the European Union (TFEU), “which prohibits the abuse of a dominant market position.”

Nearly one year later, there’s no telling when the EC’s inquiry into Microsoft Teams will end. Microsoft will have a chance to review all evidence of infringement gathered by EU regulators to form its response. After that, the EC will review any additional evidence before making its decision, and there is no legal deadline to complete the antitrust inquiry, the EC said.

It’s possible that the EC’s decision may come next year when the EU is preparing to release new guidance to more “vigorously” and effectively enforce TFEU.

Last March, the EC called for stakeholder feedback after rolling out “the first major policy initiative in the area of abuse of dominance rules.” The initiative sought to update TFEU for the first time since 2008 based on reviewing relevant case law.

“A robust enforcement of rules on abuse of dominance benefits both consumers and a stronger European economy,” Vestager said at that time. “We have carefully analyzed numerous EU court judgments on the application of Article 102, and it is time for us to start working on guidelines reflecting this case law.”

Microsoft risks huge fine over “possibly abusive” bundling of Teams and Office Read More »

microsoft-removes-documentation-for-switching-to-a-local-account-in-windows-11

Microsoft removes documentation for switching to a local account in Windows 11

microsoft, Tech, Windows 10, Windows 11, windows 11 23h2, windows 11 24h2 / /

you’re *sureyou don’t want to use a Microsoft account?? —

But most Microsoft account sign-in workarounds for Windows 11 continue to work.

A laptop PC running Windows 11 sitting next to a coffee mug.

Enlarge / A PC running Windows 11.

Microsoft

One of Windows 11’s more contentious changes is that, by default, both the Home and Pro editions of the operating system require users to sign in with a Microsoft account during setup. Signing in with an account does get you some benefits, at least if you’re a regular user of other Microsoft products like OneDrive, GamePass, or Microsoft 365 (aka Office). But if you don’t use those services, a lot of what a Microsoft account gets you in Windows 11 is repeated ads and reminders about signing up for those services. Using Windows with a traditional local account is still extremely possible, but it does require a small amount of know-how beyond just clicking the right buttons.

On the know-how front, Microsoft has taken one more minor, but nevertheless irritating, step away from allowing users to sign in with local accounts. This official Microsoft support page walks users with local accounts through the process of signing in to a Microsoft account. As recently as June 12, that page also included instructions for converting a Microsoft account into a local account. But according to Tom’s Hardware and the Internet Wayback Machine, those instructions disappeared on or around June 17 and haven’t been seen since.

Despite the documentation change, most of the workarounds for creating a local account still work in both Windows 11 23H2 (the publicly available version of Windows 11 for most PCs) and 24H2 (available now on Copilot+ PCs, later this fall for everyone else). The easiest way to do it on a PC you just took out of the box is to press Shift+F10 during the setup process to bring up a command prompt window, typing OOBEBYPASSNRO, rebooting, and then clicking the “I don’t have Internet” button when asked to connect to a Wi-Fi network.

Other workarounds include using the Rufus tool to create a USB installer that will automatically bypass the Microsoft account sign-in requirement, or (for Windows 11 Pro users) indicating that you want to join the PC to a corporate domain and then not actually joining it to a domain. Setting the PC up with a Microsoft account and then signing out afterward is also still an option.

There is one workaround that has allegedly stopped working—it used to be that trying to “sign in” with a nonexistent email account would get you a local sign-in option. But as of earlier this month, according to Windows Central editor Zac Bowden, it looks like the Windows 11 setup screen will just ask you to try another email address instead.

To be fair to Microsoft, all the big tech companies want you to sign in with an account before you can use all the features of the software, but neither Apple nor Google goes as far as to mandate account sign-in to access basic functionality. Macs, iPhones, and iPads will all let you complete the setup process without signing in, though you do have to know which buttons to click. Google will allow you to use Chromebooks in guest mode, and Android phones and tablets are still usable without signing in (though this does make it more difficult to find and install apps). Microsoft’s pushiness remains unique; there’s definitely a difference between a company that would really prefer that you sign in, and one that forces you to.

Microsoft removes documentation for switching to a local account in Windows 11 Read More »

music-industry-giants-allege-mass-copyright-violation-by-ai-firms

Music industry giants allege mass copyright violation by AI firms

AI, AI lawsuit, audio synthesis, Biz & IT, generative ai, Google, machine learning, Michael Jackson, microsoft, music synthesis, openai, Policy, Reuters, sony music, Suno, Udio, Univeral Music Group, voice synthesis, Warner Records / /

No one wants to be defeated —

Suno and Udio could face damages of up to $150,000 per song allegedly infringed.

Michael Jackson in concert, 1986. Sony Music owns a large portion of publishing rights to Jackson's music.

Enlarge / Michael Jackson in concert, 1986. Sony Music owns a large portion of publishing rights to Jackson’s music.

Universal Music Group, Sony Music, and Warner Records have sued AI music-synthesis companies Udio and Suno for allegedly committing mass copyright infringement by using recordings owned by the labels to train music-generating AI models, reports Reuters. Udio and Suno can generate novel song recordings based on text-based descriptions of music (i.e., “a dubstep song about Linus Torvalds”).

The lawsuits, filed in federal courts in New York and Massachusetts, claim that the AI companies’ use of copyrighted material to train their systems could lead to AI-generated music that directly competes with and potentially devalues the work of human artists.

Like other generative AI models, both Udio and Suno (which we covered separately in April) rely on a broad selection of existing human-created artworks that teach a neural network the relationship between words in a written prompt and styles of music. The record labels correctly note that these companies have been deliberately vague about the sources of their training data.

Until generative AI models hit the mainstream in 2022, it was common practice in machine learning to scrape and use copyrighted information without seeking permission to do so. But now that the applications of those technologies have become commercial products themselves, rightsholders have come knocking to collect. In the case of Udio and Suno, the record labels are seeking statutory damages of up to $150,000 per song used in training.

In the lawsuit, the record labels cite specific examples of AI-generated content that allegedly re-creates elements of well-known songs, including The Temptations’ “My Girl,” Mariah Carey’s “All I Want for Christmas Is You,” and James Brown’s “I Got You (I Feel Good).” It also claims the music-synthesis models can produce vocals resembling those of famous artists, such as Michael Jackson and Bruce Springsteen.

Reuters claims it’s the first instance of lawsuits specifically targeting music-generating AI, but music companies and artists alike have been gearing up to deal with challenges the technology may pose for some time.

In May, Sony Music sent warning letters to over 700 AI companies (including OpenAI, Microsoft, Google, Suno, and Udio) and music-streaming services that prohibited any AI researchers from using its music to train AI models. In April, over 200 musical artists signed an open letter that called on AI companies to stop using AI to “devalue the rights of human artists.” And last November, Universal Music filed a copyright infringement lawsuit against Anthropic for allegedly including artists’ lyrics in its Claude LLM training data.

Similar to The New York Times’ lawsuit against OpenAI over the use of training data, the outcome of the record labels’ new suit could have deep implications for the future development of generative AI in creative fields, including requiring companies to license all musical training data used in creating music-synthesis models.

Compulsory licenses for AI training data could make AI model development economically impractical for small startups like Udio and Suno—and judging by the aforementioned open letter, many musical artists may applaud that potential outcome. But such a development would not preclude major labels from eventually developing their own AI music generators themselves, allowing only large corporations with deep pockets to control generative music tools for the foreseeable future.

Music industry giants allege mass copyright violation by AI firms Read More »

ifixit-says-new-arm-surface-hardware-“puts-repair-front-and-center”

iFixit says new Arm Surface hardware “puts repair front and center”

copilot+ PC, microsoft, Microsoft Surface, qualcomm, snapdragon x elite, Tech, Windows 11, windows 11 24h2, windows on arm / /

how things have changed —

Both devices make it relatively easy to get at the battery and SSD.

Microsoft's 11th-edition Surface Pro, as exploded by iFixit. Despite adhesive holding in the screen and the fact that you need to remove the heatsink to get at the battery, it's still much more repairable than past Surfaces or competing tablets.

Enlarge / Microsoft’s 11th-edition Surface Pro, as exploded by iFixit. Despite adhesive holding in the screen and the fact that you need to remove the heatsink to get at the battery, it’s still much more repairable than past Surfaces or competing tablets.

For a long time, Microsoft’s Surface hardware was difficult-to-impossible to open and repair, and devices as recent as 2019’s Surface Pro 7 still managed a repairability score of just 1 out of 10 on iFixit’s scale. 2017’s original Surface Laptop needed to be physically sliced apart to access its internals, making it essentially impossible to try to fix the machine without destroying it.

But in recent years, partly due to pressure from shareholders and others, Microsoft has made an earnest effort to improve the repairability of its devices. The company has published detailed repair manuals and videos and has made changes to its hardware designs over the years to make it easier to open them without breaking them and easier to replace parts once you’re inside. Microsoft also sells some first-party parts for repairs, though not every part from every Surface is available, and Microsoft and iFixit have partnered to offer other parts as well.

Now, iFixit has torn apart the most recent Snapdragon X-powered Surface Pro and Surface Laptop devices and has mostly high praise for both devices in its preliminary teardown video. Both devices earn an 8 out of 10 on iFixit’s repairability scale, thanks to Microsoft’s first-party service manuals, the relative ease with which both devices can be opened, and clearly labeled internal components.

Beneath the Surface

To open the Surface Laptop, iFixit says you only need to undo four screws, hidden beneath the laptop’s rubber feet; at that point, the bottom of the machine is only attached by magnets, rather than breakable retention clips. Opening the bottom of the laptop provides easy access to the battery and an M.2 2232 SSD. Labels inside the device indicate which screws need to be removed to replace which parts, and what kind of screwdriver you’ll need to do the job; scannable barcodes also make it easier to find repair manuals and parts on Microsoft’s site. Most other parts are easy to remove and replace once the bottom of the laptop is off.

The Surface Pro’s best repairability feature remains its easily accessible M.2 2232 SSD, present under a pop-off cover on the back of the tablet. From there, things get more difficult—accessing the battery and other components requires removing the screen, which is still held in place with adhesive rather than screws or magnets. This adhesive needs to be removed—iFixit cut it away with a thin plastic tool, and closing the tablet back up securely would likely require new adhesive to be applied. Once inside, the parts and screws are still labeled clearly, but you do need to remove the entire heatsink before you can replace the battery.

iFixit uses slightly different criteria for evaluating the repairability of laptops and tablets since tablets are more tightly integrated devices. So despite the identical repairability scores, the Surface Pro remains slightly more difficult to open and fix than the laptop; iFixit is just comparing it to devices like the iPad Air and Pro rather than other PC laptops, and the Surface Pro still looks better than other tablets by comparison despite the use of adhesive.

The teardown video didn’t detail exactly why iFixit knocked points off of each device’s repairability score, though iFixit took note of the soldered-down non-upgradeable RAM and Wi-Fi/Bluetooth modules. Both devices also use way more screws and clips than something like the Framework Laptop, which could also be a factor.

We’ve been using the new Snapdragon-powered Surface devices for a few days now, and we’ll have more thoughts to share about the hardware and its performance in the coming days.

iFixit says new Arm Surface hardware “puts repair front and center” Read More »

microsoft-delays-recall-again,-won’t-debut-it-with-new-copilot+-pcs-after-all

Microsoft delays Recall again, won’t debut it with new Copilot+ PCs after all

AI, copilot, copilot+ PC, microsoft, microsoft recall, recall, Tech, Windows 11, windows 11 24h2, windows recall / /

another setback —

Recall will go through Windows Insider pipeline like any other Windows feature.

Recall is part of Microsoft's Copilot+ PC program.

Enlarge / Recall is part of Microsoft’s Copilot+ PC program.

Microsoft

Microsoft will be delaying its controversial Recall feature again, according to an updated blog post by Windows and Devices VP Pavan Davuluri. And when the feature does return “in the coming weeks,” Davuluri writes, it will be as a preview available to PCs in the Windows Insider Program, the same public testing and validation pipeline that all other Windows features usually go through before being released to the general populace.

Recall is a new Windows 11 AI feature that will be available on PCs that meet the company’s requirements for its “Copilot+ PC” program. Copilot+ PCs need at least 16GB of RAM, 256GB of storage, and a neural processing unit (NPU) capable of at least 40 trillion operations per second (TOPS). The first (and for a few months, only) PCs that will meet this requirement are all using Qualcomm’s Snapdragon X Plus and X Elite Arm chips, with compatible Intel and AMD processors following later this year. Copilot+ PCs ship with other generative AI features, too, but Recall’s widely publicized security problems have sucked most of the oxygen out of the room so far.

The Windows Insider preview of Recall will still require a PC that meets the Copilot+ requirements, though third-party scripts may be able to turn on Recall for PCs without the necessary hardware. We’ll know more when Recall makes its reappearance.

Why Recall was recalled

Recall works by periodically capturing screenshots of your PC and saving them to disk, and scanning those screenshots with OCR to make a big searchable text database that can help you find anything you had previously viewed on your PC.

The main problem, as we confirmed with our own testing, was that all of this was saved to disk with no additional encryption or other protection and was easily viewable and copyable by pretty much any user (or attacker) with access to the PC. Recall was also going to be enabled by default on Copilot+ PCs despite being a “preview,” meaning that users who didn’t touch the default settings were going to have all of this data recorded by default.

This was the version of Recall that was initially meant to ship out to reviewers this week on the first wave of Copilot+ PCs from Microsoft and other PC companies. After security researcher Kevin Beaumont publicized these security holes in that version of Recall, the company promised to add additional encryption and authentication protections and to disable Recall by default. These tweaks would have gone out as an update to the first shipments of Copilot+ PCs on June 18 (reviewers also wouldn’t get systems before June 18, a sign of how much Microsoft was rushing behind the scenes to implement these changes). Now Recall is being pushed back again.

A report from Windows Central claims that Recall was developed “in secret” and that it wasn’t even distributed widely within Microsoft before it was announced, which could explain why these security issues weren’t flagged and fixed before the feature showed up in a publicly available version of Windows.

Microsoft’s Recall delay follows Microsoft President Brad Smith’s testimony to Congress during a House Committee on Homeland Security hearing about the company’s “cascade of security failures” in recent months. Among other things, Smith said that Microsoft would commit to prioritizing security issues over new AI-powered features as part of the company’s recently announced Secure Future Initiative (SFI). Microsoft has also hired additional security personnel and tied executive pay to meeting security goals.

“If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security,” wrote Microsoft CEO Satya Nadella in an internal memo about the SFI announcement. “In some cases, this will mean prioritizing security above other things we do, such as releasing new features or providing ongoing support for legacy systems.”

Recall has managed to tie together all the big Windows and Microsoft stories from the last year or two: the company’s all-consuming push to quickly release generative AI features, its security failures and subsequent promises to do better, and the general degradation of the Windows 11 user interface with unwanted apps, ads, reminders, account sign-in requirements, and other cruft.

Microsoft delays Recall again, won’t debut it with new Copilot+ PCs after all Read More »

microsoft-is-reworking-recall-after-researchers-point-out-its-security-problems

Microsoft is reworking Recall after researchers point out its security problems

microsoft, Tech, Windows 11 / /

recalling recall? —

Windows Hello authentication, additional encryption being added to protect data.

Microsoft's Recall feature is switching to be opt-in by default, and is adding new encryption protections in an effort to safeguard user data.

Enlarge / Microsoft’s Recall feature is switching to be opt-in by default, and is adding new encryption protections in an effort to safeguard user data.

Microsoft

Microsoft’s upcoming Recall feature in Windows 11 has generated a wave of controversy this week following early testing that revealed huge security holes. The initial version of Recall saves screenshots and a large plaintext database tracking everything that users do on their PCs, and in the current version of the feature, it’s trivially easy to steal and view that database and all of those screenshots for any user on a given PC, even if you don’t have administrator access. Recall also does little to nothing to redact sensitive information from its screenshots or that database.

Microsoft has announced that it’s making some substantial changes to Recall ahead of its release on the first wave of Copilot+ PCs later this month.

“Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards,” wrote Microsoft Windows and Devices Corporate Vice President Pavan Davuluri in a blog post. “With that in mind we are announcing updates that will go into effect before Recall (preview) ships to customers on June 18.”

First and most significantly, the company says that Recall will be opt-in by default, so users will need to decide to turn it on. It may seem like a small change, but many users never touch the defaults on their PCs, and for Recall to be grabbing all of that data by default definitely puts more users at risk of having their data stolen unawares.

The company also says it’s adding additional protections to Recall to make the data harder to access. You’ll need to enable Windows Hello to use Recall, and you’ll need to authenticate via Windows Hello (whether it’s a face-scanning camera, fingerprint sensor, or PIN) each time you want to open the Recall app to view your data.

Both the screenshots and the SQLite database used for Recall searches are being encrypted and will require Windows Hello authentication to be decrypted. Microsoft described Recall data as “encrypted” before, but there was no specific encryption used for any of the screenshots or the database beyond the Bitlocker full-disk encryption that is turned on by default for most PCs when they sign into a Microsoft account.

That last change should address the biggest problem with Recall: that any user signed in to a PC (or any malware that was able to gain access to the filesystem) could easily view and copy another user’s Recall screenshots and database on the same PC. The text database’s size is measured in kilobytes rather than megabytes or gigabytes, so it wouldn’t take much time to swipe if someone managed to access your system.

Microsoft also reiterated some of its assurances about the privacy and security of Recall writ large, saying that all data is processed locally, that it’s never sent to Microsoft, that you’ll know when Recall has been enabled thanks to taskbar and system tray icons, and that you can disable the feature or exclude specific apps or sites from being snapshotted at your discretion.

All of the new additions to Recall are still being actively developed—current testing builds of Windows 11 still use the unsecured version of Recall, and our review units of the new Surface hardware are being delayed by a week or so, presumably so Microsoft can update them.

Microsoft reiterated that Recall is being released as a preview, a label the company also applies to the Copilot chatbot to deflect criticism of some of its early and ongoing missteps. We’ll need to use the updated version of Recall to see whether the new protections work like they’re supposed to, but it’s at least mildly encouraging to see Microsoft take a beat to rework Recall’s security and default settings before releasing it to the public, even though these are protections should have been present in the first place.

Recall is normally only available on Copilot+ PCs, a new branding banner from Microsoft that applies to PCs with sufficiently fast neural processing units (NPUs), at least 16GB of RAM, and at least 256GB of storage. Existing Windows 11 PCs won’t get Recall, though it can currently be enabled forcibly by the third-party AmperageKit script on Arm PCs that are running version 26100.712 of Windows 11 24H2. It’s possible that tools will exist to enable it on other unsupported PCs later on.

The first wave of Copilot+ PCs will use Qualcomm’s Snapdragon X Elite and X Plus processors exclusively. Intel and AMD systems that meet the Copilot+ requirements won’t be available until later this year, and Microsoft hasn’t said when the Copilot+ features will actually be available for these non-Arm PCs.

Microsoft is reworking Recall after researchers point out its security problems Read More »

us-agencies-to-probe-ai-dominance-of-nvidia,-microsoft,-and-openai

US agencies to probe AI dominance of Nvidia, Microsoft, and OpenAI

microsoft, microsoft ai, NVIDIA, nvidia ai, openai, Policy / /

AI Antitrust —

DOJ to probe Nvidia while FTC takes lead in investigating Microsoft and OpenAI.

A large Nvidia logo at a conference hall

Enlarge / Nvidia logo at Impact 2024 event in Poznan, Poland on May 16, 2024.

Getty Images | NurPhoto

The US Justice Department and Federal Trade Commission reportedly plan investigations into whether Nvidia, Microsoft, and OpenAI are snuffing out competition in artificial intelligence technology.

The agencies struck a deal on how to divide up the investigations, The New York Times reported yesterday. Under this deal, the Justice Department will take the lead role in investigating Nvidia’s behavior while the FTC will take the lead in investigating Microsoft and OpenAI.

The agencies’ agreement “allows them to proceed with antitrust investigations into the dominant roles that Microsoft, OpenAI, and Nvidia play in the artificial intelligence industry, in the strongest sign of how regulatory scrutiny into the powerful technology has escalated,” the NYT wrote.

One potential area of investigation is Nvidia’s chip dominance, “including how the company’s software locks customers into using its chips, as well as how Nvidia distributes those chips to customers,” the report said. An Nvidia spokesperson declined to comment when contacted by Ars today.

High-end GPUs are “scarce,” antitrust chief says

Jonathan Kanter, the assistant attorney general in charge of the DOJ’s antitrust division, discussed the agency’s plans in an interview with the Financial Times this week. Kanter said the DOJ is examining “monopoly choke points and the competitive landscape” in AI.

The DOJ’s examination of the sector encompasses “everything from computing power and the data used to train large language models, to cloud service providers, engineering talent and access to essential hardware such as graphics processing unit chips,” the FT wrote.

Kanter said regulators are worried that AI is “at the high-water mark of competition, not the floor” and want to take action before smaller competitors are shut out of the market. The GPUs needed to train large language models are a “scarce resource,” he was quoted as saying.

“Sometimes the most meaningful intervention is when the intervention is in real time,” Kanter told the Financial Times. “The beauty of that is you can be less invasive.”

Microsoft deal scrutinized

The FTC is scrutinizing Microsoft over a March 2024 move in which it hired the CEO of artificial intelligence startup Inflection and most of the company’s staff and paid Inflection $650 million as part of a licensing deal to resell its technology. The FTC is investigating whether Microsoft structured the deal “to avoid a government antitrust review of the transaction,” The Wall Street Journal reported today.

“Companies are required to report acquisitions valued at more than $119 million to federal antitrust-enforcement agencies, which have the option to investigate a deal’s impact on competition,” the WSJ wrote. The FTC reportedly sent subpoenas to Microsoft and Inflection in an attempt “to determine whether Microsoft crafted a deal that would give it control of Inflection but also dodge FTC review of the transaction.”

Inflection built a large language model and a chatbot called Pi. Former Inflection employees are now working on Microsoft’s Copilot chatbot.

“If the agency finds that Microsoft should have reported and sought government review of its deal with Inflection, the FTC could bring an enforcement action against Microsoft,” the WSJ report said. “Officials could ask a court to fine Microsoft and suspend the transaction while the FTC conducts a full-scale investigation of the deal’s impact on competition.”

Microsoft told the WSJ that it complied with antitrust laws, that Inflection continues to operate independently, and that the deals gave Microsoft “the opportunity to recruit individuals at Inflection AI and build a team capable of accelerating Microsoft Copilot.”

OpenAI

Microsoft’s investment in OpenAI has also faced regulatory scrutiny, particularly in Europe. Microsoft has a profit-sharing agreement with OpenAI.

Microsoft President Brad Smith defended the partnership in comments to the Financial Times this week. “The partnerships that we’re pursuing have demonstrably added competition to the marketplace,” Smith was quoted as saying. “I might argue that Microsoft’s partnership with OpenAI has created this new AI market,” and that OpenAI “would not have been able to train or deploy its models” without Microsoft’s help, he said.

We contacted OpenAI today and will update this article if it provides any comment.

In January 2024, the FTC launched an inquiry into AI-related investments and partnerships involving Alphabet, Amazon, Anthropic, Microsoft, and OpenAI.

The FTC also started a separate investigation into OpenAI last year. A civil investigative demand sent to OpenAI focused on potentially unfair or deceptive privacy and data security practices, and “risks of harm to consumers, including reputational harm.” The probe focused partly on “generation of harmful or misleading content.”

US agencies to probe AI dominance of Nvidia, Microsoft, and OpenAI Read More »

microsoft-to-test-“new-features-and-more”-for-aging,-stubbornly-popular-windows-10

Microsoft to test “new features and more” for aging, stubbornly popular Windows 10

microsoft, Tech, Windows 10, windows 10 22h2, Windows 11, windows insider / /

but the clock is still ticking —

Support ends next year, but Windows 10 remains the most-used version of the OS.

Microsoft to test “new features and more” for aging, stubbornly popular Windows 10

Microsoft

In October 2025, Microsoft will stop supporting Windows 10 for most PC users, which means no more technical support and (crucially) no more security updates unless you decide to pay for them. To encourage adoption, the vast majority of new Windows development is happening in Windows 11, which will get one of its biggest updates since release sometime this fall.

But Windows 10 is casting a long shadow. It remains the most-used version of Windows by all publicly available metrics, including Statcounter (where Windows 11’s growth has been largely stagnant all year) and the Steam Hardware Survey. And last November, Microsoft decided to release a fairly major batch of Windows 10 updates that introduced the Copilot chatbot and other changes to the aging operating system.

That may not be the end of the road. Microsoft has announced that it is reopening a Windows Insider Beta Channel for PCs still running Windows 10, which will be used to test “new features and more improvements to Windows 10 as needed.” Users can opt into the Windows 10 Beta Channel regardless of whether their PC meets the requirements for Windows 11; if your PC is compatible, signing up for the less-stable Dev or Canary channels will still upgrade your PC to Windows 11.

Any new Windows 10 features that are released will be added to Windows 10 22H2, the operating system’s last major yearly update. Per usual for Windows Insider builds, Microsoft may choose not to release all new features that it tests, and new features will be released for the public version of Windows 10 “when they’re ready.”

One thing this new beta program doesn’t change is the end-of-support date for Windows 10, which Microsoft says is still October 14, 2025. Microsoft says that joining the beta program doesn’t extend support. The only way to continue getting Windows 10 security updates past 2025 is to pay for the Extended Security Updates (ESU) program; Microsoft plans to offer these updates to individual users but still hasn’t announced pricing for individuals. Businesses will pay as much as $61 per PC for the first year of updates, while schools will pay as little as $1 per PC.

Beta program or no, we still wouldn’t expect Windows 10 to change dramatically between now and its end-of-support date. We’d guess that most changes will relate to the Copilot assistant, given how aggressively Microsoft has moved to add generative AI to all of its products. For example, the Windows 11 version of Copilot is shedding its “preview” tag and becoming an app that runs in a regular window rather than a persistent sidebar, changes Microsoft could also choose to implement in Windows 10.

Microsoft to test “new features and more” for aging, stubbornly popular Windows 10 Read More »

windows-recall-demands-an-extraordinary-level-of-trust-that-microsoft-hasn’t-earned

Windows Recall demands an extraordinary level of trust that Microsoft hasn’t earned

AI, copilot, copilot+ PC, Features, microsoft, NPU, Tech, Windows, Windows 11, windows 11 24h2 / /
The Recall feature as it currently exists in Windows 11 24H2 preview builds.

Enlarge / The Recall feature as it currently exists in Windows 11 24H2 preview builds.

Andrew Cunningham

Microsoft’s Windows 11 Copilot+ PCs come with quite a few new AI and machine learning-driven features, but the tentpole is Recall. Described by Microsoft as a comprehensive record of everything you do on your PC, the feature is pitched as a way to help users remember where they’ve been and to provide Windows extra contextual information that can help it better understand requests from and meet the needs of individual users.

This, as many users in infosec communities on social media immediately pointed out, sounds like a potential security nightmare. That’s doubly true because Microsoft says that by default, Recall’s screenshots take no pains to redact sensitive information, from usernames and passwords to health care information to NSFW site visits. By default, on a PC with 256GB of storage, Recall can store a couple dozen gigabytes of data across three months of PC usage, a huge amount of personal data.

The line between “potential security nightmare” and “actual security nightmare” is at least partly about the implementation, and Microsoft has been saying things that are at least superficially reassuring. Copilot+ PCs are required to have a fast neural processing unit (NPU) so that processing can be performed locally rather than sending data to the cloud; local snapshots are protected at rest by Windows’ disk encryption technologies, which are generally on by default if you’ve signed into a Microsoft account; neither Microsoft nor other users on the PC are supposed to be able to access any particular user’s Recall snapshots; and users can choose to exclude apps or (in most browsers) individual websites to exclude from Recall’s snapshots.

This all sounds good in theory, but some users are beginning to use Recall now that the Windows 11 24H2 update is available in preview form, and the actual implementation has serious problems.

“Fundamentally breaks the promise of security in Windows”

This is Recall, as seen on a PC running a preview build of Windows 11 24H2. It takes and saves periodic screenshots, which can then be searched for and viewed in various ways.

Enlarge / This is Recall, as seen on a PC running a preview build of Windows 11 24H2. It takes and saves periodic screenshots, which can then be searched for and viewed in various ways.

Andrew Cunningham

Security researcher Kevin Beaumont, first in a thread on Mastodon and later in a more detailed blog post, has written about some of the potential implementation issues after enabling Recall on an unsupported system (which is currently the only way to try Recall since Copilot+ PCs that officially support the feature won’t ship until later this month). We’ve also given this early version of Recall a try on a Windows Dev Kit 2023, which we’ve used for all our recent Windows-on-Arm testing, and we’ve independently verified Beaumont’s claims about how easy it is to find and view raw Recall data once you have access to a user’s PC.

To test Recall yourself, developer and Windows enthusiast Albacore has published a tool called AmperageKit that will enable it on Arm-based Windows PCs running Windows 11 24H2 build 26100.712 (the build currently available in the Windows Insider Release Preview channel). Other Windows 11 24H2 versions are missing the underlying code necessary to enable Recall.

  • Windows uses OCR on all the text in all the screenshots it takes. That text is also saved to an SQLite database to facilitate faster searches.

    Andrew Cunningham

  • Searching for “iCloud,” for example, brings up every single screenshot with the word “iCloud” in it, including the app itself and its entry in the Microsoft Store. If I had visited websites that mentioned it, they would show up here, too.

    Andrew Cunningham

The short version is this: In its current form, Recall takes screenshots and uses OCR to grab the information on your screen; it then writes the contents of windows plus records of different user interactions in a locally stored SQLite database to track your activity. Data is stored on a per-app basis, presumably to make it easier for Microsoft’s app-exclusion feature to work. Beaumont says “several days” of data amounted to a database around 90KB in size. In our usage, screenshots taken by Recall on a PC with a 2560×1440 screen come in at 500KB or 600KB apiece (Recall saves screenshots at your PC’s native resolution, minus the taskbar area).

Recall works locally thanks to Azure AI code that runs on your device, and it works without Internet connectivity and without a Microsoft account. Data is encrypted at rest, sort of, at least insofar as your entire drive is generally encrypted when your PC is either signed into a Microsoft account or has Bitlocker turned on. But in its current form, Beaumont says Recall has “gaps you can drive a plane through” that make it trivially easy to grab and scan through a user’s Recall database if you either (1) have local access to the machine and can log into any account (not just the account of the user whose database you’re trying to see), or (2) are using a PC infected with some kind of info-stealer virus that can quickly transfer the SQLite database to another system.

Windows Recall demands an extraordinary level of trust that Microsoft hasn’t earned Read More »

bing-outage-shows-just-how-little-competition-google-search-really-has

Bing outage shows just how little competition Google search really has

AI, ai overview, Bing, Biz & IT, chatgpt, duckduckgo, ecosia, gby, Google, kagi, microsoft, mojeek, reddit, right dao, search, stract, Tech, yandex, yep / /

Searching for new search —

Opinion: Actively searching without Google or Bing is harder than it looks.

Google logo on a phone in front of a Bing logo in the background

Getty Images

Bing, Microsoft’s search engine platform, went down in the very early morning today. That meant that searches from Microsoft’s Edge browsers that had yet to change their default providers didn’t work. It also meant that services relying on Bing’s search API—Microsoft’s own Copilot, ChatGPT search, Yahoo, Ecosia, and DuckDuckGo—similarly failed.

Services were largely restored by the morning Eastern work hours, but the timing feels apt, concerning, or some combination of the two. Google, the consistently dominating search platform, just last week announced and debuted AI Overviews as a default addition to all searches. If you don’t want an AI response but still want to use Google, you can hunt down the new “Web” option in a menu, or you can, per Ernie Smith, tack “&udm=14” onto your search or use Smith’s own “Konami code” shortcut page.

If dismay about AI’s hallucinations, power draw, or pizza recipes concern you—along with perhaps broader Google issues involving privacy, tracking, news, SEO, or monopoly power—most of your other major options were brought down by a single API outage this morning. Moving past that kind of single point of vulnerability will take some work, both by the industry and by you, the person wondering if there’s a real alternative.

Search engine market share, as measured by StatCounter, April 2023–April 2024.

Search engine market share, as measured by StatCounter, April 2023–April 2024.

StatCounter

Upward of a billion dollars a year

The overwhelming majority of search tools offering an “alternative” to Google are using Google, Bing, or Yandex, the three major search engines that maintain massive global indexes. Yandex, being based in Russia, is a non-starter for many people around the world at the moment. Bing offers its services widely, most notably to DuckDuckGo, but its ad-based revenue model and privacy particulars have caused some friction there in the past. Before his company was able to block more of Microsoft’s own tracking scripts, DuckDuckGo CEO and founder Gabriel Weinberg explained in a Reddit reply why firms like his weren’t going the full DIY route:

… [W]e source most of our traditional links and images privately from Bing … Really only two companies (Google and Microsoft) have a high-quality global web link index (because I believe it costs upwards of a billion dollars a year to do), and so literally every other global search engine needs to bootstrap with one or both of them to provide a mainstream search product. The same is true for maps btw — only the biggest companies can similarly afford to put satellites up and send ground cars to take streetview pictures of every neighborhood.

Bing makes Microsoft money, if not quite profit yet. It’s in Microsoft’s interest to keep its search index stocked and API open, even if its focus is almost entirely on its own AI chatbot version of Bing. Yet if Microsoft decided to pull API access, or it became unreliable, Google’s default position gets even stronger. What would non-conformists have to choose from then?

Bing outage shows just how little competition Google search really has Read More »