Ars Technica

Syndikovat obsah security – Ars Technica
Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Aktualizace: 17 min 53 sek zpět

Windows 10 October 2018 Update is at last being pushed automatically

17 Leden, 2019 - 19:38

Enlarge / Who doesn't love some new Windows? (credit: Peter Bright / Flickr)

The ill-fated Windows 10 October 2018 Update has hitherto been offered only to those Windows users who manually sought it, either by using the dedicated upgrade and media creation tools or by manually checking for the update in Windows Update. Three months after its initial release, Microsoft has at last started pushing it to Windows users automatically.

The update was originally withdrawn because of a data loss bug. A month after the initial release, the bug was fixed and the fixed update was made available. Even this release was limited, with a number of blocks in place due to known incompatibilities. As described above, it was then only offered to those taking certain manual steps to update their machines. One month ago, these blocks were largely removed.

Even with automatic deployment and installation now enabled, the beleaguered update is still rolling out in phases. Initially, it will be offered to spaces where Microsoft is most confident that the update will be trouble-free—machines with configurations already known and tested. As the tap is slowly opened more and the update is made available to a wider range of hardware, the company will use operating system telemetry to detect any lingering incompatibilities with device drivers or unusual software.

Read 1 remaining paragraphs | Comments

Kategorie: Hacking & Security

Windows 7 enters its final year of free support

14 Leden, 2019 - 19:50

Enlarge / Licensing and support lifecycles are not really the easiest topics to illustrate. (credit: Peter Bright)

Windows 7's five years of extended support will expire on January 14, 2020—exactly one year from today. After this date, security fixes will no longer be freely available for the operating system that's still widely used.

As always, the end of free support does not mean the end of support entirely. Microsoft has long offered paid support options for its operating systems beyond their normal lifetime, and Windows 7 is no different. What is different is the way that paid support will be offered. For previous versions of Windows, companies had to enter into a support contract of some kind to continue to receive patches. For Windows 7, however, the extra patches will simply be an optional extra that can be added to an existing volume license subscription—no separate support contract needed—on a per-device basis.

These Extended Security Updates (ESU) will be available for three years after the 2020 cut-off, with prices escalating each year.

Read 3 remaining paragraphs | Comments

Kategorie: Hacking & Security

New Windows 10 build silences Cortana, brings passwordless accounts

4 Leden, 2019 - 22:43

The latest Insider build of Windows 10, 18309, expands the use of a thing that Microsoft has recently introduced: passwordless Microsoft accounts. It's now possible to create a Microsoft account that uses a one-time code delivered over SMS as its primary authenticator, rather than a conventional password.

In the new Windows 10 build, these passwordless accounts can be used for logging into a machine locally. The initial sign-in will use SMS, and it will then prompt you to configure biometric or PIN authentication. Your face, fingerprint, or PIN will be used subsequently. This capability is in all the editions, from Home up to Enterprise. A few previous builds had constrained it to Home only.

While SMS-based authentication has security issues of its own, Microsoft seems to feel that it's a better bet for most home users than a likely insecure password. Removing the Windows login password is part of the company's broader efforts to switch to using a mix of one-time passwords, biometrics, and cryptographic keys.

Read 3 remaining paragraphs | Comments

Kategorie: Hacking & Security

Bay Area: Join us 1/9 to talk about personal data security in 2019

3 Leden, 2019 - 19:08

Enlarge / Askhan Soltani has worked with the FTC and as an independent researcher, exploring data privacy issues. Recently, he testified about Facebook's privacy policies before the US and UK governments. (credit: Ashkan Soltani)

The Cambridge Analytica scandal. Data breaches at hotels, banks, rideshare companies, and hospitals. Facial recognition. DNA databases. We're living through the data privacy apocalypse, and it's time to figure out what happens next. Here to discuss that with us at the next Ars Technica Live is Ashkan Soltani, an independent researcher and technologist who specializes in data privacy.

Recently, Soltani testified before the US and UK governments about Facebook's privacy practices and how they make user data available to third parties. Soltani also authored the California Consumer Privacy Act of 2018, which regulates large companies that make more than 50 percent of their revenues from selling California residents' personal information. The CCPA was signed into law earlier this year.

Soltani will be in conversation with Ars Technica editors Cyrus Farivar and Annalee Newitz.

Read 4 remaining paragraphs | Comments

Kategorie: Hacking & Security