An anonymous reader writes: Microsoft is using the IP address 'voluntarily' collected during its software activation process to sue a Comcast subscriber for pirating thousands of copies of Windows and Office. The Redmond giant wants the court to issue a subpoena which will force Comcast to hand over the pirating subscriber's info. If the infringing IP address belongs to another ISP which obtained it via Comcast, then Microsoft wants that ISP's info and the right to subpoena it as well. "Defendants activated and attempted to activate at least several thousand copies of Microsoft software, much of which was pirated and unlicensed," Microsoft's legal team wrote. The product keys "known to have been stolen" from Microsoft's supply chain were used to activate Windows 8, Windows 7, Office 2010, Windows Server 2012 and Windows Server 2008. The product keys, Microsoft said, were used "more times than is authorized by the applicable software license," used by "someone other than the authorized licensee," or were "activated outside the region for which they were intended." Whether or not the IP traces back to a Comcast subscriber or was assigned by Comcast to a different ISP, as the The Register pointed out, "It would be a significant gaffe on behalf of the alleged pirates if the IP address data pointed to their real identifies."

An anonymous reader writes: It appears that the KeRanger ransomware that's been tormenting Mac users for the past days is actually based on a ransomware variant that targets Linux servers, and not on a ransomware family coming from Windows. That particular Linux ransomware is also based on an open-source ransomware called Hidden Tear that was uploaded to GitHub by a Turkish security researcher. So obviously, the conclusion is that GitHub is to blame for the KeRanger Mac ransomware. (Note to readers: That last bit is tongue in anonymous cheek.)

An anonymous reader writes: Dell SecureWorks researchers have developed a tool that allows Windows system administrators to detect network intrusion attempts and pinpoint them to the original source (i.e. a compromised endpoint), and have made it available for everybody. The tool is called DCEPT (Domain Controller Enticing Password Tripwire). It consists of: The DCEPT Generation Server, which creates unique honeytoken credentials for Active Directory (AD), the Windows component used by network administrators to manage accounts, processes, and permissions on devices within their domain. The DCEPT Agent, which introduces them daily into the memory of each endpoint on the network. The DCEPT Sniffer, which looks for Kerberos pre-authentication packets destined for the AD domain controller that match the honeytoken username. If it detects one, it alerts the network administrator and points towards the compromised workstation. DCEPT has been open sourced and is available on GitHub, along with instructions for deployment.

An anonymous reader writes: Criminal gangs in Brazil are experimenting with the first malware families that are packaged as JAR files, capable of being deployed to Windows, Linux, Mac, and even Android from the same codebase, instead of relying on 4 different versions. Right now, only the malware dropper, a component used to infect computers with banking trojans, seems to have been coded in Java, but security experts expect a full-blown banking trojan to soon follow.

An anonymous reader writes: After almost a year of development, bug fixing and cleanup, BorgBackup 1.0.0 has been released. BorgBackup is a fork of the Attic-Backup project — a deduplicating, compressing, encrypting and authenticating backup program for Linux, FreeBSD, Mac OS X and other unixoid operating systems (Windows may also work using CygWin, but that is rather experimental/unsupported). It works on 32bit as well as on 64bit platforms, x86/x64 and ARM CPUs (maybe as well on others, but these are the tested ones). For Linux, FreeBSD and Mac OS X, there are single-file binaries which can be just copied onto a system and contain everything needed (Python, libraries, BorgBackup itself). Of course, it can be also installed from source. BorgBackup is FOSS (BSD License) and implemented in Python 3 (91%), speed critical parts are in C or Cython (9%).

New submitter sexconker writes: The recently-released cumulative update for Windows 10 (KB3140743) is reportedly causing problems. Symptoms include crashes, BSODs, and the inability to boot, even in safe mode. The Windows 10 subreddit has many threads detailing the inability to boot. The only fix seems to be booting to a recovery ISO, uninstalling the update / rolling back, and hoping you don't get hit again. W10Privacy 2 claims to be able to (among other things) give Windows 10 users control over the automatic updates.

itwbennett writes: Cerber, a new file-encrypting ransom ware, has a couple of interesting features. First, according to cyber intelligence outfit SenseCy, it is available for sale 'as a service' on a private Russian-language forum, which makes it 'available to low-level criminals who might not have the coding skills or resources to create their own ransom ware,' writes Lucian Constantin. Second, one of the 3 files it drops on a victim's desktop is a VBS (Visual Basic Scripting) file containing text-to-speech code that converts text into an audio message. 'When the above script is executed, your computer will speak a message stating that your computer's files were encrypted and will repeat itself numerous times,' said Lawrence Abrams, administrator of the technical support forum BleepingComputer.com, in a blog post.

An anonymous reader writes: It's been almost a year now since Oculus announced that the consumer version of the Rift virtual-reality headset would only support Windows PCs at launch -- a turnaround from development kits that worked fine on Mac and Linux boxes. Now, according to Oculus co-founder Palmer Luckey, it "is up to Apple" to change that state of affairs. Specifically, "if they ever release a good computer, we will do it," he told Shacknews recently. Basically, Luckey continued, even the highest-end Mac you can buy would not provide an enjoyable experience on the final Rift hardware, which is significantly more powerful than early development kits. "It just boils down to the fact that Apple doesn't prioritize high-end GPUs," he said. "You can buy a $6,000 Mac Pro with the top-of-the-line AMD FirePro D700, and it still doesn't match our recommended specs."

Vigile writes: Microsoft has big plans to try and merge the experiences of the Xbox One and Windows for gaming but the push back from the community and from major developers and personalities is mounting. Earlier this week PC Perspective posted a story that detailed the controversy around DX12 performance analysis without an exclusive full screen mode, changes to multi-GPU configurations and even compatibility issues with variable refresh that crop up from games from the Windows Store. Microsoft's only official response so far as been that it is listening to feedback and plans to address it with upcoming changes. Now today, Epic's Tim Sweeney has posted an editorial at The Guardian with an even more dramatic tone, saying that UWP (Unified Windows Platform) "can, should, must and will, die..." Clearly the stakes are being placed in the ground and even damage control from Phil Spencer on Twitter isn't likely to hold back angry PC users.

SmartAboutThings writes: Windows RT has been a terrible flop for Microsoft, but it seems the company isn't yet ready to totally abandon the concept. There's now speculation that Microsoft is working on Windows 10 RT, as mentions of the 'new OS' have been spotted inside of Device Guard which is a new security feature for Windows 10 Enterprise that scans a program for a digital signature, and determines whether it's trusted or not. Judging by its name, the OS should not be confused with proper Windows 10 that we see on Microsoft's mobile devices, as Windows 10 RT is a version of the OS that is designed for the desktop class PC and tablets.

An anonymous reader writes: Edge, Microsoft's new browser, uses the WinRT PDF library to automatically embed and present PDF files while navigating the web. This is what Java does with applets, and Flash with SWF files -- it unintentionally allows a hacker to append malicious code to PDF files and trigger drive-by attacks, which exploit WinRT vulnerabilities to target Windows 10 users. All that an attacker needs to do is to find and create a database of WinRT vulnerabilities it could leverage to distribute his malware.

New submitter Serzen writes: According to The Guardian, Microsoft is planning to end fixed console hardware for the Xbox One as a move towards one ecosystem running Unified Windows Applications. The head of the company's Xbox division, Phil Spencer, said that the Universal Windows Platform would be central to the company's gaming strategy. "That is our focus going forward," he told reporters. "Building out a complete gaming ecosystem for Universal Windows Applications." What this could mean is that the Xbox One becomes more like a PC, with Microsoft releasing updated versions at regular intervals with more powerful processors and graphics hardware. In theory, because games will be written as UWAs, older titles will remain compatible with the new machines.

mmoorebz writes: Microsoft is recognizing the increasingly sophisticated cyber attacks on enterprises, which is why it is taking a new approach to protect its customers. Today it announced its new post-breach enterprise security service called Windows Defender Advanced Threat Protection, which will respond to these advanced attacks on companies' networks. Attackers these days are using social engineering and zero-day vulnerabilities to break into corporate networks. According to Microsoft, thousands of attacks were reported in 2015 alone. The company found that it currently takes an enterprise more than 200 days to detect a security breach, and 80 days to contain it. When there is such a breach, the attackers can steal company data, find private information, and damage the brand and customer trust in the company.

New submitter Firx writes: My university department has a tradition of selling its used computers and/or repurposing them with Linux for graduate students and science computer labs. With Windows no longer requiring one be able to disable secure boot, my department is writing up a procurement policy to ensure future machines we buy will still have this feature. Part of the draft motion reads: "Be it resolved that computers running or intending to run Microsoft Windows purchased by the department which boot using the Unified Extensible Firmware Interface (UEFI) have the ability to disable the Secure Boot features for both local hard drive and network booting." Is there something further we should be including here and what is the best way to explain the need for this policy to colleagues less technically literate?

nerdyalien writes: While everybody is immersed in the Apple vs. FBI case, WhatsApp has posted a blog entry that could potentially alter the mobile landscape as we know it today. By the end of 2016, WhatsApp will no longer support many older mobile operating systems from BlackBerry, Nokia, Android and Windows Phone. Moving forward, WhatsApp will only support the latest and greatest iPhone, Android and Windows Phone platforms. With over 1 billion active users, and the backing of Facebook, is WhatsApp finally reducing the mobile landscape to a three-horse race ?

Freshly Exhumed writes: Microsoft has mandated that the feedback functionality built into Windows Insider Preview beta be switched on -- a change from earlier when testers could block questions from the company about what users thought of specific features. Starting with Build 14271 and newer, the frequency in which Windows 10 will ask for your feedback will be locked to 'Automatically (Recommended)' in the Settings app. This would seem to disrupt what has traditionally been seen as a tacit understanding between corporations and their beta testers/sandboxers in that the latter would volunteer their time, effort, CPU cycles, possible hardware failures/breakage, and more as part of a bargain to receive feedback or to test fly the beta OS with internal software environments in private. Microsoft would now seem to be altering that relationship.

SteamOS just gained support for Vulkan, the cross-platform alternative to Microsoft's DirectX 12 and Apple's Metal. This should make it easier for developers to write and optimize games for SteamOS, closing the performance gap with Windows and encouraging more developers to support Linux. This feature arrived in SteamOS Brewmaster version 2.63. Valve added version 355 of the Linux Nvidia driver, which means SteamOS offers Vulkan support when used alongside Nvidia hardware. Intel's graphics hardware should also support Vulkan on SteamOS in the near future. AMD is still working on its new driver, known as AMDGPU, that will replace the current fglrx driver for SteamOS and other Linux-based platforms. If you use Linux distribution besides SteamOS, you can download Nvidia's Vulkan-ready Linux driver or an experimental version of Intel's Vulkan-enabled graphics driver.

New submitter Poohsticks writes: There's a nice breakdown of the updated information from Microsoft about what they are doing with the telemetry data that Windows 10 is collecting (original Technet article here) by Chris Williams at The Register. Interesting finds that better explain what's happening with that data (and how to control it).

Striek writes: Several media outlets are reporting that Windows 10 has now started showing full screen ads on users' lock screens. They can be turned off, but how many people will actually bother with this? "Tips site How-To Geek discovered that Windows Spotlight, which normally rotates between a selection of photographs, was being used to display an ad for Square Enix's Rise of the Tomb Raider. Understandably, most people probably don't want to be hit in the face with a full-screen ad for a video game before they even unlock their computer. If you want to make sure you're not hit with these ads, follow these steps to disable Windows Spotlight: Open the Start Menu and search for "Lock Screen Settings."; Under "Background," select either Picture or Slideshow, instead of Windows Spotlight.; Scroll down to "Get fun facts, tips, tricks, and more on your lock screen" and this toggle." Apparently the "and more" is where Microsoft hid the advertisements.

New submitter androlinuz writes: Microsoft has signed an agreement to acquire Xamarin, a leading platform provider for mobile app development. In conjunction with Visual Studio, Xamarin provides a rich mobile development offering that enables developers to build mobile apps using C# and deliver fully native mobile app experiences to all major devices, including iOS, Android, and Windows. Xamarin's approach enables developers to take advantage of the productivity and power of .NET to build mobile apps, and to use C# to write to the full set of native APIs and mobile capabilities provided by each device platform.