A game critic for the Los Angeles Times remembers his reaction to Star Wars: The Rise of Skywalker. "What a disappointment — if only it had been built for video game consoles." This leads to this epiphany: For all the deserved attention "The Mandalorian" series on Disney+ has received, the just-released game "Star Wars: Squadrons" reminds us that some of the best "Star Wars" stories in recent years have been in the video game space.... This is a work, in fact, that doesn't suffer from an action-focused, little-narrative approach — every second I've spent with this game has fulfilled the sort of personal "Star Wars" fantasy that's enhanced by giving the audience a bit of autonomy. It's also, for those privileged enough to own a virtual reality headset, the VR experience I've had at home that most represents what it's like to be in a theme park.

Rather than throwing spectacle after spectacle at me, it lets me partake in them, to scratch the itch of being in the center of intergalactic, aerial dogfights. But less than emphasizing awe, "Squadrons" centers on the feel of controlling a ship, making me feel a part of something bigger. Sure, that's just digital, fictional warfare, but "Squadrons" understands the appeal of "Star Wars" is that it's open to everyone, and any of us can be ace pilots if given the chance. We don't admire; we act.

There is nostalgia at play. The game recalls some of the LucasArts spaceflight simulators of yore that I obsessed with in my suburban Chicago basement, but there's a sense of swiftness and polish that makes this game as appealing as a coin-op arcade machine. And yet it's also in possession of confidence, a depth that I'll need to master if I really want to go hard in multiplayer battles. As a solo player without many friends who play multiplayer games — OK, fine, none — I'm not so sure I'll take the time to learn each individual ship and its advantages or disadvantages. But I'm not sure I need that because "Squadrons" has me smiling throughout, even if I accidentally turn my X-wing into an asteroid. While throwing me into larger-than-life moments — disable a giant, Imperial starship and help lead a capture of it — "Squadrons" succeeds in making them feel livable and conquerable.

In other words, by focusing so intently on the act of spaceflight, I don't feel like a tourist in the "Star Wars" universe, thrown a litany of "greatest hits" moments. Instead, "Squadron's" single-focus obsession allows my imagination to run free rather than have to wonder where I am, who I am or what I'm supposed to do now. I can just fly. And shoot. And it feels great.

Twitter, risking the ire of its best-known user, President Trump, said on Friday that it would turn off several of its routine features in an attempt to control the spread of misinformation in the final weeks before the presidential election. From a report: The first notable change, Twitter said, will essentially give users a timeout before they can hit the button to retweet a post from another account. A prompt will nudge them to add their own comment or context before sharing the original post. Twitter will also disable the system that suggests posts on the basis of someone's interests and the activity of accounts they follow. In their timelines, users will see only content from accounts they follow and ads. And if users try to share content that Twitter has flagged as false, a notice will warn them that they are about to share inaccurate information.

Brian Krebs writes via KrebsOnSecurity.com: There's an old adage in information security: "Every company gets penetration tested, whether or not they pay someone for the pleasure." Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in. But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today's attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained.

One of the most common ways such access is monetized these days is through ransomware, which holds a victim's data and/or computers hostage unless and until an extortion payment is made. But in most cases, there is a yawning gap of days, weeks or months between the initial intrusion and the deployment of ransomware within a victim organization. That's because it usually takes time and a good deal of effort for intruders to get from a single infected PC to seizing control over enough resources within the victim organization where it makes sense to launch the ransomware.

This includes pivoting from or converting a single compromised Microsoft Windows user account to an administrator account with greater privileges on the target network; the ability to sidestep and/or disable any security software; and gaining the access needed to disrupt or corrupt any data backup systems the victim firm may have. Each day, millions of malware-laced emails are blasted out containing booby-trapped attachments. If the attachment is opened, the malicious document proceeds to quietly download additional malware and hacking tools to the victim machine. From there, the infected system will report home to a malware control server operated by the spammers who sent the missive. At that point, control over the victim machine may be transferred or sold multiple times between different cybercriminals who specialize in exploiting such access. These folks are very often contractors who work with established ransomware groups, and who are paid a set percentage of any eventual ransom payments made by a victim company.

Google has recently removed 17 Android applications from the official Play Store because they were infected with the Joker (aka Bread) malware. ZDNet reports: "This spyware is designed to steal SMS messages, contact lists, and device information, along with silently signing up the victim for premium wireless application protocol (WAP) services," Zscaler security researcher Viral Gandhi said this week. The 17 malicious apps were uploaded on the Play Store this month and didn't get a chance to gain a following, having been downloaded more than 120,000 times before being detected.

Following its internal procedures, Google removed the apps from the Play Store, used the Play Protect service to disable the apps on infected devices, but users still need to manually intervene and remove the apps from their devices. But this recent takedown also marks the third such action from Google's security team against a batch of Joker-infected apps over the past few months. [...] The way these infected apps usually manage to sneak their way past Google's defenses and reach the Play Store is through a technique called "droppers," where the victim's device is infected in a multi-stage process. Malware authors begin by cloning the functionality of a legitimate app and uploading it on the Play Store. This app is fully functional, requests access to dangerous permissions, but also doesn't perform any malicious actions when it's first run.

Because the malicious actions are usually delayed by hours or days, Google's security scans don't pick up the malicious code, and Google usually allows the app to be listed on the Play Store. But once on a user's device, the app eventually downloads and "drops" (hence the name droppers, or loaders) other components or apps on the device that contain the Joker malware or other malware strains.

Ring's latest home security camera is an autonomous drone, called the Always Home Cam, that can fly around inside your home to give you a perspective of any room you want when you're not home. "Once it's done flying, the Always Home Cam returns to its dock to charge its battery," reports The Verge. "It is expected to cost $249.99 when it starts shipping next year." From the report: Jamie Siminoff, Ring's founder and "chief inventor," says the idea behind the Always Home Cam is to provide multiple viewpoints throughout the home without requiring the use of multiple cameras. In an interview ahead of the announcement, he said the company has spent the past two years on focused development of the device, and that it is an "obvious product that is very hard to build." Thanks to advancements in drone technology, the company is able to make a product like this and have it work as desired.

The Always Home Cam is fully autonomous, but owners can tell it what path it can take and where it can go. When you first get the device, you build a map of your home for it to follow, which allows you to ask it for specific viewpoints such as the kitchen or bedroom. The drone can be commanded to fly on demand or programmed to fly when a disturbance is detected by a linked Ring Alarm system. The charging dock blocks the camera's view, and the camera only records when it is in flight. Ring says the drone makes an audible noise when flying so it is obvious when footage is being recorded. Ring also rolled out new hardware for the automotive market with three different devices focused on car owners: Ring Car Alarm, Car Cam, and Car Connect.

The company also said they've added opt-in end-to-end video encryption, as well as the option to completely disable the "Neighbors" feed, which allows users to view local crime in real time and discuss it with people nearby.

An anonymous reader quotes a report from PC Gamer: A recent update to Windows 10 took away the ability for consumers to permanently disable Defender, the built-in antivirus software, no matter what the reason. However, Defender should voluntarily step aside if it detects the installation of a third-party AV program (emphasis on should). Before the update, if a user wanted to disable Defender on a permanent basis, they could edit a registry key called DisableAntiSpyware. That is no longer the case.

"DisableAntiSpyware is intended to be used by OEMs and IT Pros to disable Microsoft Defender Antivirus and deploy another antivirus product during deployment. This is a legacy setting that is no longer necessary as Microsoft Defender antivirus automatically turns itself off when it detects another antivirus program. This setting is not intended for consumer devices, and we've decided to remove this registry key," Microsoft explains in a support document.

Yahoo has replaced the comments section under its articles with a survey. Now, there's a message that reads: "Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting. In the meantime, we welcome your feedback to help us enhance the experience."

Many readers who frequently comment on Yahoo News articles are quite upset. Some feel as though they're being censored and that Yahoo has made a huge mistake. "Yahoo News nuked all of their comment sections! Guess they were tired of people pushing back against their narratives," one person wrote. "Yahoo just block[ed] their comment section as well. When you read thru them it was 90% conservative veiws [sic]. Guess they can't allow that type of 'free speech,'" said another. Others were thrilled to see Yahoo finally do away with a comment section that often contained messages of hate and vitriol. "Kudos to Yahoo for finally doing something about the comment threads on their articles," one person wrote. "I support the removal of comments. Share articles as is and people can share/comment on their preferred platform," another said.

Do you agree with Yahoo's decision to temporarily disable comments?

"Google has decided to disable a feature in Windows 10 version 2004 that allowed Chrome and Microsoft Edge browsers to use a lot less RAM," reports ZDNet: Windows 10 gave Win32 apps including Chrome access to a 'segment heap' API to allow apps to reduce memory usage, but as Techdows spotted, Chromium engineers have decided for now to turn off the feature by default in Chrome 85 after discovering it has a negative impact on CPU usage. Chrome 85 should reach stable status in August...

The CPU issue was discovered by an Intel engineer who found that when Chrome used segment heap, it led to significant performance regression in benchmarks on a PC with an Intel Core i9-9900K processor...

Microsoft has defended the trade-off between memory and CPU but conceded it can be implemented better to reduce the impact on CPU performance. "It is common practice to trade one resource for another. More often it's increased memory usage for reduced CPU usage. In this case it's increased CPU usage for dramatically reduced memory usage, or more accurately commit," wrote a Microsoft employee... "In the short term this is a good trade-off of one resource for another as memory/commit usage is a significant pain point for browser users," argued the Microsoft employee....

However, Chromium developers want to see more evidence about the possible impact of Chrome using segment heap... "The CPU cost (10% slowdown on Speedometer 2.0, 13% increase in CPU/power consumption) is too great for us to keep."

Both Edge and Chrome already allow users to try unreleased, experimental features (by typing about:flags in the address bar). Soon there'll be a similar "Firefox Experiments" option starting in Firefox 79.

Slashdot reader techtsp shares this report from the Windows Club: Mozilla has a dedicated Experimental Features page on MDN just for that. But limiting experimental features to Firefox's Nightly channel has a limitation: A fairly limited number of "curious" users. Now, extending some of these experimental features to stable releases will increase the scope of "Firefox Experiments" as a whole... This option will allow users to enable/disable experimental features under Preferences...

[In Firefox 79] Navigate to Preferences by entering about:preferences in the browser's address bar or click the gear icon and got to "Preferences." Discover and set browser.preferences.experimental to True. Now, you should be able to see the "Firefox Experiments" menu under Firefox 79 Preferences.

The following report appeared on Yahoo! Finance: Privacy-focused browser Brave was found to autocomplete several websites and keywords in its address bar with an affiliate code. Shortly after a user published his findings, Brave CEO and co-founder Brendan Eich addressed the incident and called it "a mistake we're correcting." Eich said that while Brave is a Binance affiliate [a cryptocurrency exchange], the browser's autocompleting feature should not have added any new affiliate codes.

"The autocomplete default was inspired by search query clientid attribution that all browsers do, but unlike keyword queries, a typed-in URL should go to the domain named, without any additions," Eich wrote in the thread. "Sorry for this mistake — we are clearly not perfect, but we correct course quickly," he added.
Android Police reports the mistake occured more than 10 weeks ago — and that referrer codes were also included for other cryptocurrency-related sites: The browser's GitHub repository reveals the functionality was first added on March 25th, and the current list of sites includes Binance, Coinbase, Ledger, and Trezor. Brave Software receives a kickback for purchases/accounts made with those services — for example, Coinbase says that when you refer a new customer to the service, you can earn 50% of their fees for the first three months.

The nature of these affiliate programs also allows the referrer — in this case, Brave Software — to view some amount of data about the customers who sign up with the code. Coinbase's program provides "direct access to your campaign's performance data," while Trezor offers a "detailed overview of purchases."
Brave CEO and co-founder Brendan Eich (who also created the JavaScript programming language) tweeted, "For what it's worth there's a setting to disable the autocomplete defaults that add affiliate codes, in brave://settings first page. Current plan is to flip default to off as shown here. You can disable ahead of our release schedule if you want to.

"Good to hear from supporters who'll enable it."

"A newly uncovered form of ransomware is going after Windows and Linux systems," reports ZDNet, "in what appears to be a targeted campaign." Named Tycoon after references in the code, this ransomware has been active since December 2019 and looks to be the work of cyber criminals who are highly selective in their targeting. The malware also uses an uncommon deployment technique that helps stay hidden on compromised networks. The main targets of Tycoon are organisations in the education and software industries.

Tycoon has been uncovered and detailed by researchers at BlackBerry working with security analysts at KPMG. It's an unusual form of ransomware because it's written in Java, deployed as a trojanised Java Runtime Environment and is compiled in a Java image file (Jimage) to hide the malicious intentions... [T]he first stage of Tycoon ransomware attacks is less uncommon, with the initial intrusion coming via insecure internet-facing Remote Desktop Protocol servers. This is a common attack vector for malware campaigns and it often exploits servers with weak or previously compromised passwords. Once inside the network, the attackers maintain persistence by using Image File Execution Options (IFEO) injection settings that more often provide developers with the ability to debug software. The attackers also use privileges to disable anti-malware software using ProcessHacker in order to stop removal of their attack...

After execution, the ransomware encrypts the network with files encrypted by Tycoon given extensions including .redrum, .grinch and .thanos — and the attackers demand a ransom in exchange for the decryption key. The attackers ask for payment in bitcoin and claim the price depends on how quickly the victim gets in touch via email.

The fact the campaign is still ongoing suggests that those behind it are finding success extorting payments from victims.

Remove China Apps, the viral Android app for flagging software made in China, has been removed from Google's Play Store. From a report: Before its demise, the app had reached the coveted number-one free download spot on the Play Store. The app was removed for violating Google's "Deceptive Behavior Policy," which states that apps cannot incentivize users to disable or remove other applications. Though Remove China Apps did not remove apps automatically, it did prompt users to do so. It had been downloaded more than 5 million times before its removal. Google is notoriously bad at policing its own Play Store, so the swift removal here is something of an outlier. The app's quick rise to fame made waves, especially in its home market of India, which likely led to a faster-than-usual investigation on Google's part.

New submitter FallOutBoyTonto shares a reprot from AnandTech: AMD today is reversing its decision to limit the BIOSes on the 400-series chipsets. To cut a long story short, the TL;DR mantra from AMD is: "We've heard our audience, and we understand the concerns. We are going to work out a way to support Zen 3 on our 400-series chipsets between now and launch -- we're still working out the what and the how, but we will update you closer to Zen 3 launch. [...]

1. We will develop and enable our motherboard partners with the code to support 'Zen 3'-based processors in select beta BIOSes for AMD B450 and X470 motherboards.
2. These optional BIOS updates will disable support for many existing AMD Ryzen Desktop Processor models to make the necessary ROM space available.
3. The select beta BIOSes will enable a one-way upgrade path for AMD Ryzen Processors with 'Zen 3,' coming later this year. Flashing back to an older BIOS version will not be supported.
4. To reduce the potential for confusion, our intent is to offer BIOS download only to verified customers of 400 Series motherboards who have purchased a new desktop processor with 'Zen 3' inside. This will help us ensure that customers have a bootable processor on-hand after the BIOS flash, minimizing the risk a user could get caught in a no-boot situation.
5. Timing and availability of the BIOS updates will vary and may not immediately coincide with the availability of the first 'Zen 3'-based processors.
6. This is the final pathway AMD can enable for 400 Series motherboards to add new CPU support. CPU releases beyond 'Zen 3' will require a newer motherboard.
7. AMD continues to recommend that customers choose an AMD 500 Series motherboard for the best performance and features with our new CPUs."

Three U.S. senators today urged Comcast to open all of its Wi-Fi hotspots to children who lack Internet access at home during the pandemic. Ars Technica reports: A letter (PDF) from Sens. Ron Wyden (D-Ore.), Kamala Harris (D-Calif.), and Cory Booker (D-N.J.) says that Comcast recently refused a request to do so because it would cause congestion for subscribers. But the senators argue that "Comcast's excuse simply does not add up." Comcast has been praised by advocates for its pandemic response, which includes two free months of home-Internet service for new low-income subscribers, temporary suspension of its data cap, and making many of its hotspots free to the general public. But while Comcast opened up 1.5 million hotspots located at businesses and other public areas, there's another category of Comcast Wi-Fi hotspots that still require a Comcast login and subscription. Those are the hotspots that are enabled by default on Xfinity routers used by home-Internet subscribers.

Since 2013, Xfinity gateways have broadcasted a separate network that other Comcast subscribers can log in to with a Comcast username and password. Unless you've disabled the functionality, anyone within range of your Comcast router can get Internet access if they have a Comcast subscription or have paid for a temporary Wi-Fi pass. Wyden, Harris, and Booker argue that Comcast should open these hotspots to children without Internet access during the pandemic so that kids can get free broadband at home instead of having to go to a parking lot or other public places. In the letter, the senators ask Comcast to answer a list of questions by May 22. They also want the company to provide specific details on how opening up the hotspots would affect network performance.

"Please identify the specific performance issues that you anticipate would impact Comcast subscribers and their ability to get the level of service for which they pay if Comcast removed the paywall on its residential public Wi-Fi networks," the senators wrote. "For each issue you identify, please explain why the use today of a subscriber's public network by someone who has purchased an access pass from Comcast does not cause the same problem."

Google Authenticator, the company's code-based authentication app, has received its first update in three years, updating the app's interface for larger screens with more modern aspect ratios and delivering one of the platform's most-needed features. From a report: The Android version was last updated on August 22nd, 2017, while the iOS one was updated around a year ago to adjust it for iPhone X screens. Now, for the first time, Authenticator users will be able to easily transfer their account from one device to another without needing to manually transfer each code or disable and reenable two-factor authentication (2FA) on each account. The update introduces this feature through an import / export tool that lets you choose which accounts to include and transfer using a single QR code scan. It's a feature that competitor Authy has provided for quite some time, so it's refreshing to see it come to Authenticator, even if it's years late.

An anonymous reader writes: Browser maker Mozilla is working on a new service called Private Relay that generates unique aliases to hide a user's email address from advertisers and spam operators when filling in online forms. The service entered testing last month and is currently in a closed beta, with a public beta currently scheduled for later this year, ZDNet has learned. Private Relay will be available as a Firefox add-on that lets users generate a unique email address -- an email alias -- with one click. The user can then enter this email address in web forms to send contact requests, subscribe to newsletters, and register new accounts. "We will forward emails from the alias to your real inbox," Mozilla says on the Firefox Private Relay website. "If any alias starts to receive emails you don't want, you can disable it or delete it completely," the browser maker said.

An anonymous reader quotes a report from The Verge: On Friday, Apple and Google revised their ambitious automatic contact-tracing proposal, just two weeks after the system was first announced. An Apple representative said the changes were the result of feedback both companies had received about the specifications and how they might be improved. The companies also released a "Frequently Asked Questions" page, which rehashes much of the information already made public. On a call accompanying the announcement, representatives from each company pledged for the first time to disable the service after the outbreak had been sufficiently contained. Such a decision would have to be made on a region-by-region basis, and it's unclear how public health authorities would reach such a determination. However, the engineers stated definitively that the APIs were not intended to be maintained indefinitely.

Under the new encryption specification, daily tracing keys will now be randomly generated rather than mathematically derived from a user's private key. Crucially, the daily tracing key is shared with the central database if a user decides to report their positive diagnosis. As part of the change, the daily key is now referred to as the "temporary tracing key," and the long-term tracing key included in the original specification is no longer present. The new encryption specification also establishes specific protections around the metadata associated with the system's Bluetooth transmissions. Along with the random codes, devices will also broadcast their base power level (used in calculating proximity) and which version of the tool they are running. The companies are also changing the language they use to describe the project. The protocols were initially announced as a contact-tracing system, it is now referred to as an "exposure notification" system. The companies say the name change reflects that the new system should be "in service of broader contact tracing efforts by public health authorities."

Vivaldi, the browser launched by former Opera CEO Jon von Tetzchner, has long positioned itself as a highly customizable alternative to Chrome and Firefox for power users. Today, the team is launching version 3.0 of its desktop browser, with built-in tracker and ad blockers, and it's bringing its Android browser out of beta. From a report: I've long been a fan of Vivaldi, but the company was relatively late to the tracking protection game. Now it's doubling down by integrating a blocklist powered by DuckDuckGo's Tracker Radar. Like competing browsers, Vivaldi offers three blocking levels that users can easily toggle on and off for individual websites. Those blocking levels are relatively blunt, though, with the options to either block trackers, block trackers and ads, or disable blocking. Competitors like Edge offer slightly more nuanced options for blocking trackers, though I would expect Vivaldi to adopt a similar scheme over time.

The Entertainment Software Rating Board (ESRB), which is the organization that rates the content of video games, announced a new label today to indicate that a game will offer in-game purchases of loot boxes or similar types of items that provide a player with randomized rewards. The Verge reports: "This new Interactive Element, In-Game Purchases (Includes Random Items), will be assigned to any game that contains in-game offers to purchase digital goods or premiums with real world currency (or with virtual coins or other forms of in-game currency that can be purchased with real world currency) for which the player doesn't know prior to purchase the specific digital goods or premiums they will be receiving (e.g., loot boxes, item packs, mystery awards)," according to the ESRB. The label will be applied to "loot boxes, gacha games, item or card packs, prize wheels, treasure chests, and more," the organization said.

The new label will sit below the game's content rating, as seen in the photo above. The ESRB originally introduced the "in-game purchases" label in February 2018, but that label was broad enough that it could be applied to any game that offered any sort of buyable digital good, including non-randomized items like subscriptions, season passes, or upgrades to disable ads.

Ghacks writes: Observant Firefox users on Windows who have updated the web browser to Firefox 75 may have noticed that the upgrade brought along with it a new scheduled tasks. The scheduled task is also added if Firefox 75 is installed on a Windows device. The task's name is Firefox Default Browser Agent and it is set to run once per day...
Mozilla says:

• "We're collecting information related to the system's current and previous default browser setting, as well as the operating system locale and version. This data cannot be associated with regular profile based telemetry data..."
• "We'll respect user configured telemetry opt-out settings by looking at the most recently used Firefox profile."
• "We'll respect custom Enterprise telemetry related policy settings if they exist. We'll also respect policy to specifically disable this task."

"Collecting telemetry is one way we're able to ensure we can understand default browser trends in a way that helps us improve Firefox. It's our hope that by better understanding more about our users and their choices around browser preferences, we can continue to build a better Firefox."

Long-time Slashdot reader AmiMoJo writes, "Opting out can be done via the Privacy & Security section of the preferences screen. You can view collected telemetry and view your current settings at about:telemetry."

Bleeping Computer also notes that by default, "For some time, Firefox has been collecting telemetry data about how you use the browser, such as the number of web pages you visit, safebrowsing information, the number of open tabs and windows, what add-ons are installed, and more. This telemetry data is kept for 13 months and IP addresses listed in server logs are deleted every 30 days.

"On my computer, Firefox has collected over 400KB of information."