Windows

Windows Recall demands an extraordinary level of trust that Microsoft hasn’t earned

AI, copilot, copilot+ PC, Features, microsoft, NPU, Tech, Windows, Windows 11, windows 11 24h2 / Mike M. / June 4, 2024

Enlarge / The Recall feature as it currently exists in Windows 11 24H2 preview builds.

Andrew Cunningham

Microsoft’s Windows 11 Copilot+ PCs come with quite a few new AI and machine learning-driven features, but the tentpole is Recall. Described by Microsoft as a comprehensive record of everything you do on your PC, the feature is pitched as a way to help users remember where they’ve been and to provide Windows extra contextual information that can help it better understand requests from and meet the needs of individual users.

This, as many users in infosec communities on social media immediately pointed out, sounds like a potential security nightmare. That’s doubly true because Microsoft says that by default, Recall’s screenshots take no pains to redact sensitive information, from usernames and passwords to health care information to NSFW site visits. By default, on a PC with 256GB of storage, Recall can store a couple dozen gigabytes of data across three months of PC usage, a huge amount of personal data.

The line between “potential security nightmare” and “actual security nightmare” is at least partly about the implementation, and Microsoft has been saying things that are at least superficially reassuring. Copilot+ PCs are required to have a fast neural processing unit (NPU) so that processing can be performed locally rather than sending data to the cloud; local snapshots are protected at rest by Windows’ disk encryption technologies, which are generally on by default if you’ve signed into a Microsoft account; neither Microsoft nor other users on the PC are supposed to be able to access any particular user’s Recall snapshots; and users can choose to exclude apps or (in most browsers) individual websites to exclude from Recall’s snapshots.

This all sounds good in theory, but some users are beginning to use Recall now that the Windows 11 24H2 update is available in preview form, and the actual implementation has serious problems.

“Fundamentally breaks the promise of security in Windows”

Enlarge / This is Recall, as seen on a PC running a preview build of Windows 11 24H2. It takes and saves periodic screenshots, which can then be searched for and viewed in various ways.

Andrew Cunningham

Security researcher Kevin Beaumont, first in a thread on Mastodon and later in a more detailed blog post, has written about some of the potential implementation issues after enabling Recall on an unsupported system (which is currently the only way to try Recall since Copilot+ PCs that officially support the feature won’t ship until later this month). We’ve also given this early version of Recall a try on a Windows Dev Kit 2023, which we’ve used for all our recent Windows-on-Arm testing, and we’ve independently verified Beaumont’s claims about how easy it is to find and view raw Recall data once you have access to a user’s PC.

To test Recall yourself, developer and Windows enthusiast Albacore has published a tool called AmperageKit that will enable it on Arm-based Windows PCs running Windows 11 24H2 build 26100.712 (the build currently available in the Windows Insider Release Preview channel). Other Windows 11 24H2 versions are missing the underlying code necessary to enable Recall.

Windows uses OCR on all the text in all the screenshots it takes. That text is also saved to an SQLite database to facilitate faster searches.

Andrew Cunningham
Searching for “iCloud,” for example, brings up every single screenshot with the word “iCloud” in it, including the app itself and its entry in the Microsoft Store. If I had visited websites that mentioned it, they would show up here, too.

Andrew Cunningham

The short version is this: In its current form, Recall takes screenshots and uses OCR to grab the information on your screen; it then writes the contents of windows plus records of different user interactions in a locally stored SQLite database to track your activity. Data is stored on a per-app basis, presumably to make it easier for Microsoft’s app-exclusion feature to work. Beaumont says “several days” of data amounted to a database around 90KB in size. In our usage, screenshots taken by Recall on a PC with a 2560×1440 screen come in at 500KB or 600KB apiece (Recall saves screenshots at your PC’s native resolution, minus the taskbar area).

Recall works locally thanks to Azure AI code that runs on your device, and it works without Internet connectivity and without a Microsoft account. Data is encrypted at rest, sort of, at least insofar as your entire drive is generally encrypted when your PC is either signed into a Microsoft account or has Bitlocker turned on. But in its current form, Beaumont says Recall has “gaps you can drive a plane through” that make it trivially easy to grab and scan through a user’s Recall database if you either (1) have local access to the machine and can log into any account (not just the account of the user whose database you’re trying to see), or (2) are using a PC infected with some kind of info-stealer virus that can quickly transfer the SQLite database to another system.

Windows Recall demands an extraordinary level of trust that Microsoft hasn’t earned Read More »

Microsoft plans to lock down Windows DNS like never before. Here’s how.

Biz & IT, domain name system, microsoft, Security, Windows, ztdns / Blake Jones / May 4, 2024

Translating human-readable domain names into numerical IP addresses has long been fraught with gaping security risks. After all, lookups are rarely end-to-end encrypted. The servers providing domain name lookups provide translations for virtually any IP address—even when they’re known to be malicious. And many end-user devices can easily be configured to stop using authorized lookup servers and instead use malicious ones.

Microsoft on Friday provided a peek at a comprehensive framework that aims to sort out the Domain Name System (DNS) mess so that it’s better locked down inside Windows networks. It’s called ZTDNS (zero trust DNS). Its two main features are (1) encrypted and cryptographically authenticated connections between end-user clients and DNS servers and (2) the ability for administrators to tightly restrict the domains these servers will resolve.

Clearing the minefield

One of the reasons DNS has been such a security minefield is that these two features can be mutually exclusive. Adding cryptographic authentication and encryption to DNS often obscures the visibility admins need to prevent user devices from connecting to malicious domains or detect anomalous behavior inside a network. As a result, DNS traffic is either sent in clear text or it’s encrypted in a way that allows admins to decrypt it in transit through what is essentially an adversary-in-the-middle attack.

Admins are left to choose between equally unappealing options: (1) route DNS traffic in clear text with no means for the server and client device to authenticate each other so malicious domains can be blocked and network monitoring is possible, or (2) encrypt and authenticate DNS traffic and do away with the domain control and network visibility.

ZTDNS aims to solve this decades-old problem by integrating the Windows DNS engine with the Windows Filtering Platform—the core component of the Windows Firewall—directly into client devices.

Jake Williams, VP of research and development at consultancy Hunter Strategies, said the union of these previously disparate engines would allow updates to be made to the Windows firewall on a per-domain name basis. The result, he said, is a mechanism that allows organizations to, in essence, tell clients “only use our DNS server, that uses TLS, and will only resolve certain domains.” Microsoft calls this DNS server or servers the “protective DNS server.”

By default, the firewall will deny resolutions to all domains except those enumerated in allow lists. A separate allow list will contain IP address subnets that clients need to run authorized software. Key to making this work at scale inside an organization with rapidly changing needs. Networking security expert Royce Williams (no relation to Jake Williams) called this a “sort of a bidirectional API for the firewall layer, so you can both trigger firewall actions (by input *tothe firewall), and trigger external actions based on firewall state (output *fromthe firewall). So instead of having to reinvent the firewall wheel if you are an AV vendor or whatever, you just hook into WFP.”

Microsoft plans to lock down Windows DNS like never before. Here’s how. Read More »

The spam came from inside the house: How a smart TV can choke a Windows PC

Android TV, device association service, Hisense, registry keys, smart televisions, smart tvs, Tech, Windows, windows registry, windows task manager / Mike M. / April 24, 2024

There are a million protocols in the naked city —

The curious case of a living room screen making Windows’ Settings app disappear.

Kevin Purdy – Apr 23, 2024 10: 15 pm UTC

Image of silhouetted girl trapped inside a television inside an entertainment center — Enlarge / I have hundreds of UUIDs and I must scream.

Getty Images

The modern “smart” TV asks a lot of us. In exchange for connecting you to a few streaming services you use, a TV will collect data, show ads, and serve as another vector for bad actors. In a few reported cases, though, a modern connected TV has been blamed for attacks not on privacy, eyeballs, or passwords but on an entirely different computer.

The TV in question is a Hisense TV, and the computer is a Windows PC, specifically one belonging to Priscilla Snow, a musician and audio designer in Montréal, Quebec. Her post about her Hisense experience reads like a mystery. Of course, because you already know the crime and the culprit, it’s more like a Columbo episode. Either way, it’s thrilling in a very specific I-can’t-believe-that-fixed-it kind of thrill.

Disappearing Settings, keyboards, remote desktops, and eventually taskbars

Snow’s Windows PC had “a few hiccups over the past couple of years,” Snow wrote on April 19. She couldn’t open display settings, for one. A MIDI keyboard interface stopped working. Task manager would start to hang until force-closed. Video capture cards had trouble connecting. As Snow notes, any veteran of a Windows computer that has had lots of stuff installed on it can mentally write off most of these things, or at least stash them away until the next reinstall.

Then, while trying to figure out why a remote desktop session wasn’t working, the task bars on Snow’s PC disappeared. The PC refused to launch any settings panels. After updating drivers and restarting the PC, the taskbars returned, but only for six days. Snow hunted for solutions, and after using “the exact right string in my search,” she found a Reddit thread that led to a Microsoft support question, all describing the same kinds of seemingly spectral problems her computer was having over time, with no clear cause.

User Narayan B wrote in Microsoft’s forum that the issue is the Hisense TV generating “random UUIDs for UPNP network discovery every few minutes.” Windows, seemingly not knowing why any device would routinely do this, sees and adds those alternate Hisense devices to its Device Association Framework, or DAF. This service being stuffed full of attention-grabbing devices can hang up Task Manager, Bluetooth, the Settings apps, File Explorer, and more.

The fix is deleting hundreds of keys from the registry. Narayan B wrote that noticed his Hisense TV flooding Windows’ device discovery systems before but “didn’t think Windows would go for a toss due to this.” Snow did the same, and everything—Task Manager, MIDI keyboard, remote desktop, even a CRT monitor she had assumed was broken—started working again.

UUID, UPNP, DAF, and hundreds of Registry keys

Along with deleting hundreds of keys with maniacal keyboard pounding, Snow notes in chats attached to her post that she disabled “Set up network connected devices automatically” on her “Private networks” settings in Windows. And, of course, she recommend not buying the same Hisense 50Q8G she bought, or at least not having it on the same network.

The mystery is solved, but the culprit remains very much at large. Or culprits—plural—depending on how you think a Windows PC should react to a shapeshifting TV.

Ars reached out to Hisense to ask for comment and will update the post if we hear back.

The spam came from inside the house: How a smart TV can choke a Windows PC Read More »

Windows vulnerability reported by the NSA exploited to install Russian malware

Biz & IT, exploits, microsoft, Security, vulnerabilities, Windows / Mike M. / April 23, 2024

Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attacks that targeted a vast array of organizations with a previously undocumented tool, the software maker disclosed Monday.

When Microsoft patched the vulnerability in October 2022—at least two years after it came under attack by the Russian hackers—the company made no mention that it was under active exploitation. As of publication, the company’s advisory still made no mention of the in-the-wild targeting. Windows users frequently prioritize the installation of patches based on whether a vulnerability is likely to be exploited in real-world attacks.

Exploiting CVE-2022-38028, as the vulnerability is tracked, allows attackers to gain system privileges, the highest available in Windows, when combined with a separate exploit. Exploiting the flaw, which carries a 7.8 severity rating out of a possible 10, requires low existing privileges and little complexity. It resides in the Windows print spooler, a printer-management component that has harbored previous critical zero-days. Microsoft said at the time that it learned of the vulnerability from the US National Security Agency.

On Monday, Microsoft revealed that a hacking group tracked under the name Forest Blizzard has been exploiting CVE-2022-38028 since at least June 2020—and possibly as early as April 2019. The threat group—which is also tracked under names including APT28, Sednit, Sofacy, GRU Unit 26165, and Fancy Bear—has been linked by the US and the UK governments to Unit 26165 of the Main Intelligence Directorate, a Russian military intelligence arm better known as the GRU. Forest Blizzard focuses on intelligence gathering through the hacking of a wide array of organizations, mainly in the US, Europe, and the Middle East.

Since as early as April 2019, Forest Blizzard has been exploiting CVE-2022-38028 in attacks that, once system privileges are acquired, use a previously undocumented tool that Microsoft calls GooseEgg. The post-exploitation malware elevates privileges within a compromised system and goes on to provide a simple interface for installing additional pieces of malware that also run with system privileges. This additional malware, which includes credential stealers and tools for moving laterally through a compromised network, can be customized for each target.

“While a simple launcher application, GooseEgg is capable of spawning other applications specified at the command line with elevated permissions, allowing threat actors to support any follow-on objectives such as remote code execution, installing a backdoor, and moving laterally through compromised networks,” Microsoft officials wrote.

GooseEgg is typically installed using a simple batch script, which is executed following the successful exploitation of CVE-2022-38028 or another vulnerability, such as CVE-2023-23397, which Monday’s advisory said has also been exploited by Forest Blizzard. The script is responsible for installing the GooseEgg binary, often named justice.exe or DefragmentSrv.exe, then ensuring that they run each time the infected machine is rebooted.

Windows vulnerability reported by the NSA exploited to install Russian malware Read More »

German state gov. ditching Windows for Linux, 30K workers migrating

Biz & IT, germany, LibreOffice, Linux, microsoft, Software, Windows / Blake Jones / April 5, 2024

Open source FTW —

Schleswig-Holstein looks to succeed where Munich failed.

Scharon Harding – Apr 5, 2024 7: 03 pm UTC

Schleswig-Holstein, one of Germany’s 16 states, on Wednesday confirmed plans to move tens of thousands of systems from Microsoft Windows to Linux. The announcement follows previously established plans to migrate the state government off Microsoft Office in favor of open source LibreOffice.

As spotted by The Document Foundation, the government has apparently finished its pilot run of LibreOffice and is now announcing plans to expand to more open source offerings.

In 2021, the state government announced plans to move 25,000 computers to LibreOffice by 2026. At the time, Schleswig-Holstein said it had already been testing LibreOffice for two years.

As announced on Minister-President Daniel Gunther’s webpage this week, the state government confirmed that it’s moving all systems to the Linux operating system (OS), too. Per a website-provided translation:

With the cabinet decision, the state government has made the concrete beginning of the switch away from proprietary software and towards free, open-source systems and digitally sovereign IT workplaces for the state administration’s approximately 30,000 employees.

The state government is offering a training program that it said it will update as necessary.

Regarding LibreOffice, the government maintains the possibility that some jobs may use software so specialized that they won’t be able to move to open source software.

In 2021, Jan Philipp Albrecht, then-minister for Energy, Agriculture, the Environment, Nature, and Digitalization of Schleswig-Holstein, discussed interest in moving the state government off of Windows.

“Due to the high hardware requirements of Windows 11, we would have a problem with older computers. With Linux we don’t have that,” Albrecht told Heise magazine, per a Google translation.

This week’s announcement also said that the Schleswig-Holstein government will ditch Microsoft Sharepoint and Exchange/Outlook in favor of open source offerings Nextcloud and Open-Xchange, and Mozilla Thunderbird in conjunction with the Univention active directory connector.

Schleswig-Holstein is also developing an open source directory service to replace Microsoft’s Active Directory and an open source telephony offering.

Digital sovereignty dreams

Explaining the decision, the Schleswig-Holstein government’s announcement named enhanced IT security, cost efficiencies, and collaboration between different systems as its perceived benefits of switching to open source software.

Further, the government is pushing the idea of digital sovereignty, with Schleswig-Holstein Digitalization Minister Dirk Schrödter quoted in the announcement as comparing the concept’s value to that of energy sovereignty. The announcement also quoted Schrödter as saying that digital sovereignty isn’t achievable “with the current standard IT workplace products.”

Schrödter pointed to the state government’s growing reliance on cloud services and said that with related proprietary software, users have no influence on data flow and whether that data makes its way to other countries.

Schrödter also claimed that the move would help with the state’s budget by diverting money from licensing fees to “real programming services from our domestic digital economy” that could also create local jobs.

In 2021, Albrecht said the state was reaching its limits with proprietary software contracts because “license fees have continued to rise in recent years,” per Google’s translation.

“Secondly, regarding our goals for the digitalization of administration, open source simply offers us more flexibility,” he added.

At the time, Albrecht claimed that 90 percent of video conferences in the state government ran on the open source program Jitsi, which was advantageous during the COVID-19 pandemic because the state was able to quickly increase video conferencing capacity.

Additionally, he said that because the school portal was based on (unnamed) open source software, “we can design the interface flexibly and combine services the way we want.”

There are numerous other examples globally of government entities switching to Linux in favor of open source technology. Federal governments with particular interest in avoiding US-based technologies, including North Korea and China, are some examples. The South Korean government has also shared plans to move to Linux by 2026, and the city of Barcelona shared migration plans in 2018.

But some government bodies that have made the move regretted it and ended up crawling back to Windows. Vienna released the Debian-based distribution WIENUX in 2005 but gave up on migration by 2009.

In 2003, Munich announced it would be moving some 14,000 PCs off Windows and to Linux. In 2013, the LiMux project finished, but high associated costs and user dissatisfaction resulted in Munich announcing in 2017 that it would spend the next three years reverting back to Windows.

Albrecht in 2021 addressed this failure when speaking to Heise, saying, per Google’s translation:

The main problem there was that the employees weren’t sufficiently involved. We do that better. We are planning long transition phases with parallel use. And we are introducing open source step by step where the departments are ready for it. This also creates the reason for further rollout because people see that it works.

German state gov. ditching Windows for Linux, 30K workers migrating Read More »

Copilot key is based on a button you probably haven’t seen since IBM’s Model M

AI, copilot, generative ai, Keyboards, laptops, microsoft, Tech, Windows, Windows 11 / Ari B / April 3, 2024

Microsoft chatbot button —

Left-Shift + Windows key + F23

Scharon Harding – Apr 3, 2024 7: 56 pm UTC

A Dell XPS 14 laptop with a Copilot key. — Enlarge / A Dell XPS 14 laptop. The Copilot key is to the right of the right-Alt button.

In January, Microsoft introduced a new key to Windows PC keyboards for the first time in 30 years. The Copilot key, dedicated to launching Microsoft’s eponymous generative AI assistant, is already on some Windows laptops released this year. On Monday, Tom’s Hardware dug into the new addition and determined exactly what pressing the button does, which is actually pretty simple. Pushing a computer’s integrated Copilot button is like pressing left-Shift + Windows key + F23 simultaneously.

Tom’s Hardware confirmed this after wondering if the Copilot key introduced a new scan code to Windows or if it worked differently. Using the scripting program AuthoHotkey with a new laptop with a Copilot button, Tom’s Hardware discovered the keystrokes registered when a user presses the Copilot key. The publication confirmed with Dell that “this key assignment is standard for the Copilot key and done at Microsoft’s direction.”

F23

Surprising to see in that string of keys is F23. Having a computer keyboard with a function row or rows that take you from F1 all the way to F23 is quite rare today. When I try to imagine a keyboard that comes with an F23 button, vintage keyboards come to mind, more specifically buckling spring keyboards from IBM.

IBM’s Model F, which debuted in 1981 and used buckling spring switches over a capacitive PCB, and the Model M, which launched in 1985 and used buckling spring switches over a membrane sheet, both offered layouts with 122 keys. These layouts included not one, but two rows of function keys that would leave today’s 60 percent keyboard fans sweating over the wasted space.

But having 122 keys was helpful for keyboards tied to IBM business terminals. The keyboard layout even included a bank of keys to the left of the primary alpha block of keys for even more forms of input.

Enlarge / An IBM Model M keyboard with an F23 key.

The 122-key keyboard layout with F23 lives on. Beyond people who still swear by old Model F and M keyboards, Model F Labs and Unicomp both currently sell modern buckling spring keyboards with built-in F23 buttons. Another reason a modern Windows PC user might have access to an F23 key is if they use a macro pad.

But even with those uses in mind, the F23 key remains rare. That helps explain why Microsoft would use the key for launching Copilot; users are unlikely to have F23 programmed for other functions. This was also likely less work than making a key with an entirely new scan code.

The Copilot button is reprogrammable

When I previewed Dell’s 2024 XPS laptops, a Dell representative told me that the integrated Copilot key wasn’t reprogrammable. However, in addition to providing some interesting information about the newest PC key since the Windows button, Tom’s Hardware’s revelation shows why the Copilot key is actually reprogrammable, even if OEMs don’t give users a way to do so out of the box. (If you need help, check out the website’s tutorial for reprogramming the Windows Copilot key.)

I suspect there’s a strong interest in reprogramming that button. For one, generative AI, despite all its hype and potential, is still an emerging technology. Many don’t need or want access to any chatbot—let alone Microsoft’s—instantly or even at all. Those who don’t use their system with a Microsoft account have no use for the button, since being logged in to a Microsoft account is required for the button to launch Copilot.

Enlarge / A rendering of the Copilot button.

Microsoft

Additionally, there are other easy ways to launch Copilot on a computer that has the program downloaded, like double-clicking an icon or pressing Windows + C, that make a dedicated button unnecessary. (Ars Technica asked Microsoft why the Copilot key doesn’t just register Windows + C, but the company declined to comment. Windows + C has launched other apps in the past, including Cortana, so it’s possible that Microsoft wanted to avoid the Copilot key performing a different function when pressed on computers that use Windows images without Copilot.)

In general, shoehorning the Copilot key into Windows laptops seems premature. Copilot is young and still a preview; just a few months ago, it was called Bing Chat. Further, the future of generative AI, including its popularity and top uses, is still forming and could evolve substantially during the lifetime of a Windows laptop. Microsoft’s generative AI efforts could also flounder over the years. Imagine if Microsoft went all-in on Bing back in the day and made all Windows keyboards have a Bing button, for example. Just because Microsoft wants something to become mainstream doesn’t mean that it will.

This all has made the Copilot button seem more like a way to force the adoption of Microsoft’s chatbot than a way to improve Windows keyboards. Microsoft has also made the Copilot button a requirement for its AI PC certification (which also requires an integrated neural processing unit and having Copilot pre-installed). Microsoft plans to make Copilot keys a requirement for Windows 11 OEM PCs eventually, it told Ars Technica in January.

At least for now, the basic way that the Copilot button works means you can turn the key into something more useful. Now, the tricky part would be finding a replacement keycap to eradicate Copilot’s influence from your keyboard.

Listing image by Microsoft

Copilot key is based on a button you probably haven’t seen since IBM’s Model M Read More »

Sixty Four is a beautiful system design toy that reveals something rather dark

gaming, idle clicker, idle game, idle games, macOS, sixty four, Windows / Ryan Harris / March 10, 2024

What is an idle clicker, really? —

Please do not load up this game if you have real tasks to accomplish, I beg you.

Kevin Purdy – Mar 10, 2024 11: 21 am UTC

Enlarge / Your author is eight hours in and only recognizes roughly 50 percent of the objects and resources in this provided screenshot. It gets deeper—and weirder.

Playsaurus

There haven’t been many times in my life where I’ve wondered if this feeling I have is something that oil barons must have felt at the height of their Gilded Age powers.

But Sixty Four got me there. I’m still not sure I’ve ever played a $6 game that had me so fully engaged while also deeply disquieted about the nature of humanity.

Sixty Four (Windows and Mac, on Steam) has been running for more than seven hours on my computers. “Running” isn’t quite right, though. Early on in Sixty Four, you’re actively clicking, upgrading, and figuring out what’s going on. As the game goes on, and you figure out some virtuous loops, you can technically leave it running in the background while you do other things, checking in occasionally to fuel a machine or start a conversion. I write “technically” because while the game is capable of working in the background, indifferent to the human need to build, refine, and expand, you very well may not be.

Trailer for Sixty Four.

What are you building, and why? Where are you? It’s not clear. Sixty Four starts you in a blank white space, with a single machine, an Extracting Channel. Push it down, and you’ll see big black cubes emerge from the ground. Click on those cubes many times and they break into 64 smaller cubes, then eventually burst and collect in your inventory. With enough black cubes (Charonite) stashed, you can build machines that make cubes easier to break and faster to extract. Eventually, you can keep your extractor pressed down with a pressure pump and have an “Entropy resonator” click the cubes for you.

Your job shifts from cube-clicker to system-builder to optimizer. You set up machines to do things, machines that improve those other machines, machines to feed those machines that improve those other machines, machines that help you recover more resources from machines you later discard. At one point, the blocks cover so much of your screen that you build a radio tower that turns them into tiny lines, blowing like dandelion fluff from source to storage.

All I need is this extraction channel. And these fans to speed it up. The fans, a pressure pump, and some destabilizers. That’s it.

Playsaurus
Well, okay, maybe I’ve built out a few more things, but it’s only because the resources changed.

Playsaurus
The game’s forced isometric perspective can be a bit stifling, but you can peek through stuff with a keypress.

Playsaurus
Resources don’t just get collected, they fly out from origin point into your upper-left inventory. It’s fun to watch.

Playsaurus
The game’s night mode is perfect, doing just enough shading while not obscuring things too much.

Playsaurus

The resources flow at mesmerizing rates, with a beautifully chaotic, percussive sound. There is literally no reason you are doing this except that you can, in fact, do it. It gets more expensive to build another Extracting Channel, but you have to, because you need the Elmerine for your desablizers and pump stations, and we’ve dug way past Elmerine now. It only seems excessive if you don’t know how elegant this system you’ve built is, and how, with the next machine, it works even better.

Meanwhile, your friend keeps messaging you. You were supposed to head to their house, but you started messing with these machines. They can’t find you, and your messages about putting yellow stones inside machines, and how you can use the “Q” key to clone or destroy machines, are making them worry. The last few messages sent in my game regard Hell Gems, rare green cubes that show up very deep into … whatever it is from which we’re extracting. At this point, the friend is more bemused by my plight than worried. You can hide the friend’s messages, so you have more room for the important stuff.

From screenshots and glimpses in the trailer, you can glimpse how Sixty Four will go beyond mining (there’s a dev commentary video, too, but I’ve yet to watch it). I’ve seen some things, like Hollow Fruit and fission. The trailer suggests players will “Face the darkness” and “Find the light.” Is it going to get a bit meta? Probably, but that’s fine by me.

Each new object is a marvel of Sim City 3000-era micro-design, including a kind of unexplained but consistent numbering scheme for your machines. The isometric view can block your view sometimes, but there’s a transparency button to help, and (also like classic Sim City) you can make design choices specifically to address this, putting your less needy devices behind the resources. I dig the sounds the game makes, especially when your setup is semi-automated, but you can, of course, turn off the sound. There’s also a night mode toggle, too, which doesn’t crudely inverse the colors, but dulls the white background quite a bit.

Update: I’m now at eight hours in. Since I started writing this, I’ve spent another hour feeding my machines. I just need 32 Hell Gems to feed the Hell Gem Injector, which ups their occurrence in blocks. Once I’ve pulled 128 Hell Gems, I can swing an Excavating Channel, which puts me back into Elmerine and Qanetite, so I can feed the smaller devices. If I’m not expanding, I’m failing, and we can’t have that.

Sixty Four is a beautiful system design toy that reveals something rather dark Read More »

Nvidia’s new app doesn’t require you to log in to update your GPU driver

drivers, gaming, geforce experience, gpu drivers, NVIDIA, Software, Tech, Windows / Ryan Harris / February 23, 2024

Some updates are good, actually —

Removing little-used features also improved responsiveness and shrank the size.

Kevin Purdy – Feb 22, 2024 9: 11 pm UTC

Nvidia has announced a public beta of a new app for Windows, one that does a few useful things and one big thing.

The new app combines the functions of three apps you’d previously have to hunt through—the Nvidia Control Panel, GeForce Experience, and RTX Experience—into one app. Setting display preferences on games and seeing exactly how each notch between “Performance” and “Quality” will affect its settings is far easier and more visible inside the new app. The old-fashioned control panel is still there if you right-click the Nvidia app’s notification panel icon. Installing the new beta upgrades and essentially removes the Experience and Control Panel apps, but they’re still available online.

But perhaps most importantly, Nvidia’s new app allows you to update the driver for your graphics card, the one you paid for, without having to log in to an Nvidia account. I tested it, it worked, and I don’t know why I was surprised, but I’ve been conditioned that way. Given that driver updates are something people often do with new systems and the prior tendencies of Nvidia’s apps to log you out, this is a boon that will pay small but notable cumulative dividends for some time to come.

Proof that you can, miracle of miracles, download an Nvidia driver update in Nvidia's new app without having to sign in. — Proof that you can, miracle of miracles, download an Nvidia driver update in Nvidia’s new app without having to sign in.

Game performance tools are much easier to use, or at least understand, in the new Nvidia app. It depends on the game, but you get a slider to move between “Performance” and “Quality.” Some games don’t offer more than one or two notches to use, like Monster Train or Against the Storm. Some, like Hitman 3 or Deep Rock Galactic, offer so many notches that you could make a day out of adjusting and testing. Whenever you move the slider, you can see exactly what changed in a kind of diff display.

Changing the settings in <em>Elden Ring</em> with the more granular controls available in Nvidia’s new beta app.” height=”1009″ src=”https://cdn.arstechnica.net/wp-content/uploads/2024/02/Screenshot-2024-02-22-134416.png” width=”1282″></img><figcaption>
<p>Changing the settings in <em>Elden Ring</em> with the more granular controls available in Nvidia’s new beta app.</p>
<p>Nvidia/Kevin Purdy</p>
</figcaption></figure>
<p>If you use Nvidia’s in-game overlay, triggered with Alt+Z, you can test that out, see its new look and feel, set up performance metrics, and change its settings from Nvidia’s beta app. Driver updates now come with more information about what changed, rather than sending you to a website of release notes. On cards with AI-powered offerings, you’ll also get tools for Nvidia Freestyle, RTX Dynamic Vibrance, RTX HDR, and other such nit-picky options.</p>
<p>Not everything available in the prior apps is making it into this new all-in-one app, however. Nvidia notes that GPU overclocking and driver rollback are on the way. And the company says it has decided to “discontinue a few features that were underutilized,” including the ability to broadcast to Twitch and YouTube, share video or stills to Facebook and YouTube, and make Photo 360 and Stereo captures. Noting that “good alternatives exist,” Nvidia says culling these things halves the new app’s install time, improves responsiveness by 50 percent, and takes up 17 percent less disk space.</p>
</p></div>
</section></div>
</div>
<p class=

Windows 11 24H2 goes from “unsupported” to “unbootable” on some older PCs

Tech, Windows, Windows 11, windows 11 24h2 / Blake Jones / February 14, 2024

is anyone still reading this using a Core 2 Duo? —

New Windows version needs CPU features that became common in the late 00s.

Andrew Cunningham – Feb 13, 2024 7: 51 pm UTC

We've installed Windows 11 on systems as old as this Core 2 Duo Inspiron tower. As of version 24H2, the OS may no longer be bootable on these systems. — Enlarge / We’ve installed Windows 11 on systems as old as this Core 2 Duo Inspiron tower. As of version 24H2, the OS may no longer be bootable on these systems.

Andrew Cunningham

Officially, Windows 11 has higher system requirements than Windows 10. But to date, once you’ve bypassed those requirement checks, there have been few consequences to running Windows 11 on old hardware. Unsupported or not, Windows 11 would run on pretty much any 64-bit PC that could boot Windows 10—we’ve run it on PCs as old as a Windows XP-era Core 2 Duo desktop.

That’s apparently changing a bit in Windows 11’s 24H2 update, which Microsoft began testing earlier this month. According to posts from a user named Bob Pony on X, formerly Twitter, the latest Windows 11 builds refuse to boot on older processors that don’t support a relatively obscure instruction called “POPCNT.” Short for “population count,” it’s used for “counting the number of bits in a machine word,” according to an explainer by programmer Vaibhav Sagar.

It’s unclear why POPCNT has become the load-bearing CPU instruction for a whole bunch of Windows components, but it looks like the Windows kernel, the system’s USB and network drivers, and other core system files now require the instruction as of Windows 11 24H2.

In modern x86 CPUs, POPCNT is implemented as part of the SSE4 instruction set. For Intel’s chips, it was added as part of SSE4.2 in the original first-generation Core architecture, codenamed Nehalem. In AMD’s processors, it’s included in SSE4a, first used in Phenom, Athlon, and Sempron CPUs based on the K10 architecture. These architectures date back to 2008 and 2007, respectively.

That effectively bars mid-2000s Intel Core 2 Duo systems and early Athlon 64-era PCs from booting Windows 11 at all, not that they officially supported it in the first place. This means the change should mainly affect retro-computing enthusiasts who spend their days making YouTube videos in the “we installed Windows 11 on a potato, let’s see how it runs” genre rather than users of actual systems. Even if you upgraded these PCs with 4 or 8GB of RAM and changed out the creaky old hard drives for SSDs, these are not PCs that will run Windows 10, Windows 11, or any modern apps particularly well.

These same retro-computing enthusiasts may also find a way around this requirement eventually. Windows 10 and 11 won’t boot on systems without SSE2 support, for example, but that hasn’t stopped people from finding a way to do it anyway.

Though Windows 11’s system requirements suggest CPU clock speed and the amounts of RAM and storage your PC has, system requirements in the modern era have become more granular and esoteric. For example, it seems as though Windows 11’s CPU requirement (an 8th-gen Intel Core CPU or newer, or an AMD Ryzen 2000-series CPU or newer) is driven at least partly by support for “mode-based execution control” (MBEC), a security feature that accelerates some of the operating system’s memory integrity protections. No CPU manufacturer is including stuff like POPCNT or MBEC in their marketing materials, but modern Windows support is increasingly dictated by these kinds of features.

Listing image by Microsoft

Windows 11 24H2 goes from “unsupported” to “unbootable” on some older PCs Read More »

Microsoft starts testing Windows 11 24H2 as this year’s big update takes shape

microsoft, Tech, Windows, Windows 11, windows 11 24h2, windows 12, windows insider program / Ari B / February 13, 2024

24h1 isn’t even over yet —

Windows 11 23H2 didn’t make its first appearance until much later in the year.

Andrew Cunningham – Feb 12, 2024 8: 01 pm UTC

Enlarge / Windows 11 24H2 has made its first appearance.

Andrew Cunningham

The next major release of Windows isn’t due until the end of the year, but it looks like Microsoft is getting an early start. New Windows Insider builds released to the Canary and Dev channels both roll their version numbers to “24H2,” indicating that they’re the earliest builds of what Microsoft will eventually release to all Windows users sometime this fall.

New features in 24H2 include a smattering of things Microsoft has already been testing in public since the big batch of new features that dropped last September, plus a handful of new things. The biggest new one is the addition of Sudo for Windows, a version of a Linux/Unix terminal command that first broke cover in a preview build earlier this month. The new build also includes better support for hearing aids, support for creating 7-zip and TAR archives in File Explorer, an energy-saving mode, and new changes to the SMB protocol. This build also removes both the WordPad and the Tips apps.

Some of these features may be released to all Windows 11 users before the end of the year. During the Windows 11 era, it’s been Microsoft’s practice to drop new features in several small batches throughout the year.

The early change to the 24H2 numbering is a departure from last year, where Windows 11 23H2 didn’t appear publicly until the end of October. And even then, it was mostly just an update that rolled over the version number and Microsoft’s support clock for software updates—most of its “new” features had actually rolled out to PCs running Windows 11 22H2 the month before.

There are some signs that this update will be fairly significant in scope. In addition to all the features Microsoft listed, there are signs that the company is revising things like the Windows setup process that you go through when installing the OS from scratch. The current setup screens have remained essentially unchanged since Windows Vista in 2006, with only light and mostly cosmetic tweaks since then (and even in the redesigned version, window borders are still done in the Vista/7 style).

Logistically, this initial build of Windows 11 24H2 allows Windows Insider testers in the most unstable Canary channel to switch to the less unstable Dev channel without completely reinstalling Windows. Eventually, this… window will close, and the Canary channel will jump into a new series of build numbers.

Whither Windows 12?

Some news outlets and users have taken this update’s announcement as proof that the rumored “Windows 12” won’t happen this year. The existence of Windows 12, largely inferred based on rumors and stray statements from PC makers and analysts, has never been officially confirmed or denied by Microsoft.

A 24H2 update does suggest that Windows 11 will continue on for at least another year, but it doesn’t necessarily preclude a Windows 12 launch this year. Windows 10 received a 21H2 update the year Windows 11 came out and a 22H2 update the year after that (not that either came with significant new features). Microsoft could decide to rename the upcoming feature update on relatively short notice—like it originally did with Windows 11, which began as a design overhaul for Windows 10. Windows 12 might happen, or it might not, but I wouldn’t take this Windows 11 24H2 update as decisive evidence one way or the other.

AI was said to be a major focus for the hypothetical Windows 12, as it has been for the last few major Windows 11 updates. Trendforce went as far as to say that “AI PCs” running “the next generation of Windows” would need a “baseline” of 16GB of RAM, though when asked about this, a Microsoft representative told us that the company “doesn’t comment on rumors and speculation.” Trendforce also said that these AI PCs would need neural processing units (NPUs) that met certain performance standards.

To date, Microsoft hasn’t imposed any specific system requirements for Copilot or Windows’ other generative AI features, aside from 4GB RAM and 720p screen requirements for the Windows 10 version of Copilot, but this could change if more of Windows’ AI features begin relying on local processing rather than cloud processing.

Listing image by Microsoft

Microsoft starts testing Windows 11 24H2 as this year’s big update takes shape Read More »

Apple overhauls its entire Windows app suite, including iCloud and Apple Music

Apple, Apple Music, iCloud, iTunes, Tech, Windows / Blake Jones / February 9, 2024

apple <3 windows —

New iCloud, music, TV, and device-management apps bring macOS features to PCs.

Andrew Cunningham – Feb 8, 2024 7: 35 pm UTC

The new iCloud for Windows app, which does a surprisingly good job of looking like a native Windows 11 app. It also respects the system dark mode setting.
The old iCloud for Windows app, which has looked pretty similar to this for its entire existence up to this point.

Big news for people who prefer iPhones but also prefer to use Windows PCs: Apple has quietly overhauled its entire suite of Windows apps, including non-beta versions of the Apple Music, Apple TV, and Devices apps that it began previewing for Windows 11 users over a year ago. Collectively, these apps replace most of the functionality from the iTunes for Windows app; iTunes for macOS was discontinued all the way back in 2019. Apple has also released a major iCloud for Windows update with an overhauled design.

All of the apps are currently available in the Microsoft Store. While the previews that Apple released last year required Windows 11 22H2 or newer, the final versions of all four new apps also work in Windows 10 for people who have chosen not to upgrade or whose PCs do not meet the system requirements.

The Apple Music and Apple TV apps both offer access to Apple’s streaming music and video libraries for people with subscriptions, though both apps will also import and play your local music and video libraries from iTunes if you have them.

That said, these apps don’t put the final nail in iTunes for Windows’ coffin just yet; iTunes is still used to manage podcasts and audiobooks in Windows, as the app will inform you if you try to launch it after installing the Music or TV apps. If Apple eventually plans to launch Windows versions of the Podcasts or Books apps from macOS and iOS, the company hasn’t done so yet.

The Apple Devices app is what you’ll use if you want to back up an iPhone or iPad to your PC or perform system restores for iDevices in recovery mode. It can also be useful when trying to install updates on devices without enough free space to download and install updates themselves. This app doesn’t exist in macOS, but it’s broadly similar to a bunch of features that landed in the Finder when Apple initially discontinued iTunes for macOS back in 2019.

The biggest change in the new iCloud for Windows app is an overhauled design, and though some will lament the decreased information density, it actually does a surprisingly good job of looking like a native Windows 11 app. It supports Dark Mode in both Windows 10 and Windows 11, and in Windows 11 it even uses the “mica” background material that Settings and other Windows 11 apps use to pick up a color tint from your PC’s underlying desktop wallpaper (Apple does something similar in macOS). The app also features a streamlined first-time setup process that asks you what you would like to sync and how.

But functionally, the app still does pretty much what it did before. The iCloud for Windows app will sync iCloud Drive files locally; offers password syncing via a Chrome/Edge browser extension; will bookmark syncing for Chrome, Edge, and Firefox; has mail, contact, and calendar syncing via the new Outlook for Windows app; and also provides iCloud Photos syncing, with the option to download either native HEIF images that modern iPhones capture by default, or more-compatible JPEG versions.

There are still plenty of iCloud features that aren’t available in Windows, including syncing for Notes and Reminders, native versions of the Pages, Numbers, and Keynote apps, and a handful of other things. But iCloud for Windows has gradually become much more useful and full-featured after existing for many years as a glorified sync service for browser bookmarks.

Though it’s still nowhere near as seamless as using an iPhone with a Mac, using an iPhone with a PC has gradually become more pleasant over the past year or two. Besides the addition of iCloud photo and password syncing, Microsoft also added rudimentary iMessage support to its Phone Link app back in April, finally allowing iPhone users to see and respond to basic text messages via their PC. The app (previously called “Your Phone”) had already supported syncing Android phones for years.

If you want to know why Apple is putting more care into its Windows apps these days, a look at the company’s revenue offers a potential suggestion: for the past few years, its “Services” division has continued growing at a steady clip even as revenue from hardware sales has stayed level or declined slightly. The Services division encompasses all the revenue Apple makes from iCloud, Apple Music, Apple TV+, and its other subscription plans.

Though Apple would clearly prefer that you buy Apple hardware to use Apple services, offering decent apps for competing ecosystems at least ensures that people who use a mix of devices—an iPhone with a PC, or an Android phone with a Mac or iPad—have the option of staying within Apple’s ecosystem rather than going with broadly compatible third-party apps like Spotify or Dropbox.

Listing image by Apple/Microsoft/Andrew Cunningham

Apple overhauls its entire Windows app suite, including iCloud and Apple Music Read More »

WordPad out; 80Gbps USB support and other Win 11 features in testing this month

AI, chatgpt, copilot, microsoft, Tech, Windows, Windows 11 / Ari B / January 19, 2024

Can’t stop won’t stop —

Microsoft’s next batch of Windows 11 feature updates is taking shape.

Andrew Cunningham – Jan 19, 2024 11: 03 pm UTC

Windows 11’s big feature update in September included a long list of minor changes, plus the Copilot AI assistant; that update was followed by Windows 11 23H2 in late October, which reset the operating system’s timeline for technical support and security updates but didn’t add much else in and of itself. But Windows development never stops these days, and this month’s Insider Preview builds have already shown us a few things that could end up in the stable version of the operating system in the next couple of months.

One major addition, which rolled out to Dev Channel builds on January 11 and Beta Channel builds today, is support for 80Gbps USB 4 ports. These speeds are part of the USB4 Version 2.0 spec—named with the USB-IF’s typical flair for clarity and consistency—that was published in 2022. Full 80Gbps speeds are still rare and will be for the foreseeable future, but Microsoft says that they’ll be included the Razer Blade 18 and a handful of other PCs with Intel’s 14th-generation HX-series laptop processors. We’d expect the new speeds to proliferate slowly and mostly in high-end systems over the next few months and years.

Another addition to that January 11 Dev Channel build is a change in how the Copilot generative AI assistant works. Normally, Copilot is launched by the user manually, either by clicking the icon on the taskbar, hitting the Win+C key combo, or (in some new PCs) by using the dedicated Copilot button on the keyboard. In recent Dev Channel builds, the Copilot window will open automatically on certain PCs as soon as you log into Windows, becoming part of your default desktop unless you turn it off in Settings.

The Copilot panel will only open by default on screens that meet minimum size and resolution requirements, things that Windows already detects and takes into account when setting your PC’s default zoom and showing available Snap Layouts, among other things. Microsoft says it’s testing the feature on screens that are 27 inches or larger with 1,920 or more horizontal pixels (for most screens, this means a minimum resolution of 1080p). For PCs without Copilot, including those that haven’t been signed into a Microsoft account, the feature will continue to be absent.

Enlarge / The “richer weather experience on the Lock screen,” seen in the bottom-center of this screenshot.

Microsoft

Other additions to the Dev Channel builds this month include easy Snipping Tool editing for Android screenshots from phones that have been paired to your PC, custom user-created voice commands, the ability to share URLs directly to services like WhatsApp and Gmail from the Windows share window, a new Weather widget for the Windows lock screen, and app install notifications from the Microsoft store.

Microsoft hasn’t publicized any of the changes it has made to its Canary channel builds since January 4—this is typical since it changes the fastest, and the tested features are the most likely to be removed or significantly tweaked before being released to the public. Most of the significant additions from that announcement have since made it out to the other channels, but there are a couple of things worth noting. First, there’s a new Energy Saver taskbar icon for desktop PCs without batteries, making it easier to tell when the feature is on without creating confusion. And the venerable WordPad app, originally marked for deletion in September, has also been removed from these builds and can’t be reinstalled.

Microsoft doesn’t publish Windows feature updates on an exact cadence beyond its commitment to deliver one with a new version number once per year in the fall. Last year’s first major batch of Windows 11 additions rolled out at the end of February, so a late winter or early spring launch window for the next batch of features could make sense.

WordPad out; 80Gbps USB support and other Win 11 features in testing this month Read More »