Over the next 12 months, Microsoft is rolling out a series of updates for its OneNote apps on Windows with the intention of creating a single user experience. From a report: At the moment, there are two versions people can use: The OneNote app installed with Office and the OneNote for Windows 10 app available in the Microsoft Store. Microsoft will update the OneNote app with features currently exclusive to its counterpart pre-installed on Windows 10, though, and it will also give the program a visual refresh. Microsoft originally intended to kill the OneNote app when the one for Windows 10 became available, but it changed its plans and revived the app in 2019. It upgraded the note-taking program with a bunch of new features and bundled it with Office installs a year later. Now, the tech giant says it will update OneNote with visual elements that it'll share with other Windows apps as part of Microsoft's efforts to give Windows 11 a more seamless look. The merged OneNote application will also gain access to the latest Microsoft pen and ink features, as well as a new navigational UI layout option.

In the latest SolarWinds mass-phishing attack, "The highest percentage of emails went to the United States, but [incident response firm] Volexity also saw a significant number of victims in Europe..." according to Security Week.

In an article shared by Slashdot reader wiredmikey, they note that the attackers apparently compromised the Constant Contact account of USAID, an independent agency of the United States federal government that is primarily responsible for administering civilian foreign aid and development assistance — and then impersonated it in emails "to roughly 3,000 accounts across over 150 organizations in 24 countries."

So what happens next?

The Associated Press reports: The White House says it believes U.S. government agencies largely fended off the latest cyberespionage onslaught blamed on Russian intelligence operatives, saying the spear-phishing campaign should not further damage relations with Moscow ahead of next month's planned presidential summit. Officials downplayed the cyber assault as "basic phishing" in which hackers used malware-laden emails to target the computer systems of U.S. and foreign government agencies, think tanks and humanitarian groups.

Microsoft, which disclosed the effort late Thursday, said it believed most of the emails were blocked by automated systems that marked them as spam. As of Friday afternoon, the company said it was "not seeing evidence of any significant number of compromised organizations at this time."

Even so, the revelation of a new spy campaign so close to the June 16 summit between President Joe Biden and Russian counterpart Vladimir Putin adds to the urgency of White House efforts to confront the Kremlin over aggressive cyber activity that criminal indictments and diplomatic sanctions have done little to deter. "I don't think it'll create a new point of tension because the point of tension is already so big," said James Lewis, a senior vice president at the Center for Strategic and International Studies. "This clearly has to be on the summit agenda. The president has to lay down some markers" to make clear "that the days when you people could do whatever you want are over."
There's a famous story about Vladimir Putin meeting Joe Biden back in 2011. A decade earlier former U.S. president George W. Bush had said when he'd looked Putin in the eye, "I was able to get a sense of his soul." But as Biden tells it, when he'd met Putin (who was then Russia Prime Minister), "I said, 'Mr. Prime Minister, I'm looking into your eyes, and I don't think you have a soul.'"

"He looked back at me, and he smiled, and he said, 'We understand one another.'"

Ford unveiled Wednesday the F-150 Lightning, an all-electric pickup truck that is a critical piece of the company's $22 billion investment into electrification. TechCrunch reports: Ford had a challenging gig with the F-150 Lightning. The truck would need everything that has made its gas-powered counterpart the best-selling vehicle in North America as well as new benefits that come from going electric. That means torque, performance, towing capability and the general layout has to meet the needs of its customers, many of whom use it for commercial purposes. The vehicle specs suggest that Ford has delivered on the torque and power, while keeping the same cab and bed dimensions as its gas counterpart. [...] Will it convert or will the F-150 Lightning attract a whole new group of customers? It's a question that won't be answered until it comes to market in spring 2022.

The F-150 Lightning will be offered in four trims, which includes the base, XLT, Lariat and Platinum series, and two battery options. The truck, which has an aluminum alloy body, is powered by two in-board electric motors, comes standard with four-wheel drive, and has an independent rear suspension. Ford is only releasing two prices at the moment. The base version will be priced at $39,974 before any federal or state tax credits, while the mid-series XLT model will start at $52,974. According to the reservations site, a fully loaded Lightning will go for $90,474. All of these prices exclude the destination fees and taxes.

The standard battery range truck delivers a targeted 426 horsepower and 775 pound-feet of torque. The F-150 Lightning equipped with the extended-range battery helps push the horsepower to 563 (or 420 kW) and has the same torque, which Ford says is the most of any F-150 ever. The vehicle's battery has a targeted range of 230 miles in the standard and pops up to 300 miles in the extended version. One question remains: how will the range be affected by towing a boat or trailer? [...] Ford notes that the new frame on the truck uses the strongest steel ever put in an F-150 frame and supports a maximum 2,000-pound payload and up to 10,000-pound towing capacity. Other features include a 15.5-inch infotainment system, support for Ford's hands-free driving feature called Blue Cruise, and 9.6 kW of back up power, which the company says can provide energy to a home during a blackout for up to 10 days.

An anonymous reader quotes a report from Interesting Engineering: In a world-first, a team of researchers at the Georgia Institute of Technology has developed a small, 3D-printed rectifying antenna that can harvest electromagnetic energy from 5G signals and use it to power devices, in a way turning 5G networks into "a wireless power grid," according to a press release by the university. As explained in the Jan.12 issue of the journal Scientific Reports, the flexible Rotman lens-based rectifying antenna, in other words, rectenna, system can perform millimeter-wave harvesting in the 28-GHz band. Commonly used in radar surveillance systems to see multiple directions without moving the antenna system, the Rotman lens is especially important for beamforming networks. However, larger antennas, which unfortunately have a narrowing field of view, are needed to harvest enough power to supply devices, and this limits the usage.

The researchers solved this problem by using a system that has a wide angle of coverage. The Rotman lens provides 6 levels of view at the same time in a pattern shaped like a spider. By enabling this structure to map a set of selected radiation directions to an associated set of beam-ports, the lens is used as an intermediate component between the antennas and the rectifiers. This way, the electromagnetic energy collected by the antenna arrays from one direction is combined and fed into a single rectifier. This maximizes efficiency, enabling a system with both high gain and large beamwidth. The system achieved a 21-fold increase in harvested power compared with a referenced counterpart in demonstrations. It was also able to maintain identical angular coverage.

Ryan Smith, writing at AnandTech: Following plans first unveiled last year during the launch of their DG1 GPU, Intel sends word this morning that the first Iris Xe video cards have finally begun shipping to OEMs. Based on the DG1 discrete GPU that's already being used in Intel's Iris Xe MAX laptop accelerators, the Iris Xe family of video cards are their desktop counterpart, implementing the GPU on a traditional video card. Overall, with specifications almost identical to Xe MAX, Intel is similarly positioning these cards for the entry-level market, where they are being released as an OEM-only part. As a quick refresher, the DG1 GPU is based on the same Xe-LP graphics architecture as Tiger Lake's integrated GPU. In fact, in broad terms the DG1 can be thought of as a nearly 1-to-1 discrete version of that iGPU, containing the same 96 EUs and 128-bit LPDDR4X memory interface as Tiger Lake itself. Consequently, while DG1 is a big first step for Intel -- marking the launch of their first discrete GPU of the modern era -- the company is planning very modestly for this generation of parts. The first DG1 GPUs were shipped in the fall as part of Intel's Iris Xe MAX graphics solution for laptops. At the time, Intel also indicated that a desktop card for OEMs would also be coming in 2021, and now, right on schedule, those desktop cards have begun shipping out. Further reading: Intel's Iris Xe DG1 Graphics Cards Not Compatible with AMD, Older Systems.

An anonymous reader shares a report: 2020 was the year Samsung was forced to rethink its smartphone strategy. A pandemic-fueled global decline in sales and a frosty reception to its S20 lineup and the Galaxy Note 20, left Samsung looking up to another company for the first time in years. However, out of that moment came its most practical phone in recent memory, the Galaxy S20 Fan Edition. Where devices like the S20 Ultra and Note 20 Ultra showed Samsung at its most indulgent, the S20 FE proved the South Korean firm could still make a phone for the rest of us. And it's that phone that Samsung's new 2021 flagships, the Galaxy S21 and Galaxy S21+, announced today at the company's first Unpacked event of 2021, have the most in common. The price might be the most compelling part of these two devices.

When they go on sale on January 29th, the S21 and S21+ will start at $800 and $1,000. In other words, they'll both cost $200 less at launch than the Galaxy S20 and S20+ did when they come out partway through last year. That says a lot about what you need to know about the S21 and S21+. If you were expecting a flashy and expensive update to last year's models, that's not what these new phones are about. Instead, they make smart tradeoffs to make Samsung's flagship experience more attainable than at any point in the last couple of years. Let's start with the upgrades. In the US, both phones come with the Snapdragon 888 processor, 8GB of RAM and 128GB of storage to start. Not only can you expect Qualcomm's first 5nm chip to make the S21 and S21+ faster than Samsung's 2020 flagships, but it also comes with other improvements. One of the big ones is that the Snapdragon 888 includes an integrated 5G modem. That's a design feature that almost always leads to battery life improvements. It also won't hurt that the S21+ has a slightly higher-capacity 4,800mAh battery than its 2020 counterpart. From a connectivity standpoint, the new processor also has support for WiFi 6E and Bluetooth 5.2. And speaking of Bluetooth, both phones work with the new Galaxy SmartTag Samsung announced today.

"This terrible year has claimed a literary giant and a humanitarian spirit," tweeted novelist Stephen King, adding later that "The Little Drummer Girl was one of the best novels I've ever read." Margaret Atwood tweeted "His Smiley novels are key to understanding the mid-20th century."

And the Associated Press tells the story of how spy-novel writer John le Carré was "drawn to espionage by an upbringing that was superficially conventional but secretly tumultuous." Born David John Moore Cornwell in Poole, southwest England on Oct. 19, 1931, he appeared to have a standard upper-middle-class education: the private Sherborne School, a year studying German literature at the University of Bern, compulsory military service in Austria — where he interrogated Eastern Bloc defectors — and a degree in modern languages at Oxford University. But his ostensibly ordinary upbringing was an illusion. His father, Ronnie Cornwell, was a con man who was an associate of gangsters and spent time in jail for insurance fraud. His mother left the family when David was 5; he didn't meet her again until he was 21.

It was a childhood of uncertainty and extremes: one minute limousines and champagne, the next eviction from the family's latest accommodation. It bred insecurity, an acute awareness of the gap between surface and reality — and a familiarity with secrecy that would serve him well in his future profession. "These were very early experiences, actually, of clandestine survival," le Carré said in 1996. "The whole world was enemy territory."

After university, which was interrupted by his father's bankruptcy, he taught at the prestigious boarding school Eton before joining the foreign service. Officially a diplomat, he was in fact a "lowly" operative with the domestic intelligence service MI5 — he'd started as a student at Oxford — and then its overseas counterpart MI6, serving in Germany, on the Cold War front line, under the cover of second secretary at the British Embassy. His first three novels were written while he was a spy, and his employers required him to publish under a pseudonym. He remained "le Carré" for his entire career. He said he chose the name — square in French — simply because he liked the vaguely mysterious, European sound of it...

Le Carré said in 1990 that the fall of the Berlin Wall had come as a relief. "For me, it was absolutely wonderful. I was sick of writing about the Cold War."
His 1963 novel The Spy Who Came in from the Cold "was immediately hailed as a classic and allowed him to quit the intelligence service to become a full-time writer," the AP writes, adding that he ultimately won a critical respect that "eluded" James Bond's creator Ian Fleming.

And they note that le Carré ultimately described himself as a not-particularly-optimistic believer in humanity. "If only we could see it expressed in our institutional forms, we would have hope then," he told the AP. "I think the humanity will always be there. I think it will always be defeated."

Long-time Slashdot reader SonicSpike brings this report from AFP: Swiss politicians have voiced outrage and demanded an investigation after revelations that a second Swiss encryption company was allegedly used by the CIA and its German counterpart to spy on governments worldwide. "How can such a thing happen in a country that claims to be neutral like Switzerland?" co-head of Switzerland's Socialist Party, Cedric Wermuth, asked in an interview with Swiss public broadcaster SRF late Thursday. He called for a parliamentary inquiry after an SRF investigation broadcast on Wednesday found that a second Swiss encryption firm had been part of a spectacular espionage scheme orchestrated by U.S. and German intelligence services.

A first investigation had revealed back in February an elaborate, decades-long set-up, in which the CIA and its German counterpart creamed off the top-secret communications of governments through their hidden control of a Swiss encryption company called Crypto.

SRF's report this week found that a second but smaller Swiss encryption firm, Omnisec, had been used in the same way.

That company, which was split off from Swiss cryptographic equipment maker Gretag in 1987, sold voice, fax and data encryption equipment to governments around the world until it halted operations two years ago. SRF's investigative program Rundschau concluded that, like Crypto, Omnisec had sold manipulated equipment to foreign governments and armies. Omnisec meanwhile also sold its faulty OC-500 series devices to several federal agencies in Switzerland, including its own intelligence agencies, as well as to Switzerland's largest bank, UBS, and other private companies in the country, the SRF investigation showed.

The findings unleashed fresh outrage in Switzerland, which is still reeling from the Crypto revelations.
The first compromised cryptography company "served for decades as a Trojan horse to spy on governments worldwide," according to the article, citing news reports from SRF, the Washington Post and German broadcaster ZDF. "The company supplied devices for encoded communications to some 120 countries from after World War II to the beginning of this century, including to Iran, South American governments, India and Pakistan.

"Unknown to those governments, Crypto was secretly acquired in 1970 by the U.S. Central Intelligence Agency together with the then West Germanyâ(TM)s BND Federal Intelligence Service."

The Swiss intelligence service has known since at least 1993 that Switzerland-based encryption device maker Crypto AG was actually a front for the CIA and its German counterpart, according to a new report released by the Swiss Parliament, but Swiss leaders were in the dark until last year. From a report: Switzerland's intra-governmental information gap is unlikely to be welcome news in Europe, which already looks warily upon the U.S.' expansive surveillance practices. Still, Crypto AG provided information of incalculable value to U.S. policymakers over many decades. Crypto AG was controlled from 1970 on by the CIA and the West German BND intelligence agency. It sold encryption devices -- often employed in diplomatic communications -- that were used by over 120 countries through the 2000s.

Apple on Thursday released the latest version of macOS: macOS Big Sur (also known as macOS 11.0), which is available to download now -- assuming you have a compatible Mac. From a report: Big Sur is one of the biggest updates to Apple's laptop and desktop software in years, featuring a top-to-bottom redesign of the interface, icons, and menu bar, a new control center UI borrowed from iOS, widgets (also borrowed from iOS), and a variety of other improvements (see here for the full list). It's such a big change that Apple is actually moving on from the OS X / OS 10 branding that it's been using for Macs for almost 20 years. Apple's also adding some new privacy-focused features, including better tracking information in Safari and new privacy data in the Mac App Store for any apps you download. ArsTechnica has published a comprehensive review of the new operating system. An excerpt from their conclusion: The Good
The bright, fresh visual style mostly looks pretty good.
The Control Center (and other changes to the upper-right section of the Menu Bar) are genuinely useful additions.
The Messages app finally catches up to its iOS/iPadOS counterpart, thanks to Catalyst.
The APFS version of Time Machine seems like an improvement, though we'll need to wait to see what its long-term reliability is like.
Aside from the old AFP file-sharing protocol and the Network Utility, Big Sur doesn't remove too many things or add many new security settings that will break apps. There may be some visual issues, but my experience has actually been that Apple breaks a lot fewer apps moving from Catalina to Big Sur than it did moving from Mojave to Catalina.

The Bad
A general reduction in contrast makes it harder to discern the difference between many buttons and controls at a glance.
If you want to fix any of these contrast issues in the Accessibility settings, it should be possible to increase contrast or reduce transparency in certain places without making it an all-or-nothing setting. Some of the new buttons and icons are nice. Some of them are less nice.
Big Sur on Apple Silicon Macs will give up the ability to run Windows in a virtual machine or on a separate partition, though Intel Macs can still do both things.

The Ugly
As usual, Apple is just a year or two more aggressive about dropping support for old Macs than I think they really need to be.

An anonymous reader quotes a report from The Washington Post: The CIA and German intelligence jeopardized Switzerland's historic reputation for neutrality by using a Swiss company as a platform for a global espionage operation for decades, according to a report released Tuesday by members of the Swiss parliament. Investigators concluded that Swiss authorities were aware of, and at times complicit in, an elaborate espionage operation in which the CIA covertly owned and controlled a Swiss company, Crypto AG, that secretly sold rigged encryption systems to foreign governments.

The report marks the culmination of a Swiss investigation launched after the history of the Crypto operation was revealed earlier this year by The Washington Post in collaboration with ZDF, German public television, and Swiss broadcaster SRF. The Crypto operation exploited "Switzerland's image abroad as a neutral state," according to the report, which also said that Swiss authorities had effectively allowed the CIA and its German counterpart, the BND, to carry out "intelligence operations to the detriment of other states by hiding behind a Swiss company." The probe marks the first public accounting by a foreign government of an espionage operation so successful and extensive that a classified CIA history referred to it as "the intelligence coup of the century." The CIA did not respond to a request for comment, and the BND previously declined to comment.

The New York Times' looks at "a deal that controls the internet" — Apple's agreement to feature Google as the preselected search engine for iPhones, saying America's Justice Department views it "as a prime example of what prosecutors say are Google's illegal tactics to protect its monopoly and choke off competition..." The scrutiny of the pact, which was first inked 15 years ago and has rarely been discussed by either company, has highlighted the special relationship between Silicon Valley's two most valuable companies — an unlikely union of rivals that regulators say is unfairly preventing smaller companies from flourishing. "We have this sort of strange term in Silicon Valley: co-opetition," said Bruce Sewell, Apple's general counsel from 2009 to 2017. "You have brutal competition, but at the same time, you have necessary cooperation." Apple and Google are joined at the hip even though Mr. Cook has said internet advertising, Google's bread and butter, engages in "surveillance" of consumers and even though Steve Jobs, Apple's co-founder, once promised "thermonuclear war" on his Silicon Valley neighbor when he learned it was working on a rival to the iPhone. Apple and Google's parent company, Alphabet, worth more than $3 trillion combined, do compete on plenty of fronts, like smartphones, digital maps and laptops. But they also know how to make nice when it suits their interests. And few deals have been nicer to both sides of the table than the iPhone search deal.

Nearly half of Google's search traffic now comes from Apple devices, according to the Justice Department, and the prospect of losing the Apple deal has been described as a "code red" scenario inside the company. When iPhone users search on Google, they see the search ads that drive Google's business. They can also find their way to other Google products, like YouTube. A former Google executive, who asked not to be identified because he was not permitted to talk about the deal, said the prospect of losing Apple's traffic was "terrifying" to the company. The Justice Department, which is asking for a court injunction preventing Google from entering into deals like the one it made with Apple, argues that the arrangement has unfairly helped make Google, which handles 92 percent of the world's internet searches, the center of consumers' online lives...

[C]ompetitors like DuckDuckGo, a small search engine that sells itself as a privacy-focused alternative to Google, could never match Google's tab with Apple. Apple now receives an estimated $8 billion to $12 billion in annual payments — up from $1 billion a year in 2014 — in exchange for building Google's search engine into its products. It is probably the single biggest payment that Google makes to anyone and accounts for 14 to 21 percent of Apple's annual profits. That's not money Apple would be eager to walk away from.

In fact, Mr. Cook and Mr. Pichai met again in 2018 to discuss how they could increase revenue from search. After the meeting, a senior Apple employee wrote to a Google counterpart that "our vision is that we work as if we are one company," according to the Justice Department's complaint. The article remembers Steve Jobs unveiling the iPhone in 2007 — and then inviting Google CEO Eric Schmidt onto the stage. Schmidt, who was also on Apple's board of directors, joked "If we just sort of merged the two companies, we could just call them AppleGoo."

He'd also added that with Google search on the iPhone, "you can actually merge without merging."

Netflix CEO Reed Hastings, writing at CNBC: In the first few years of Netflix, we were growing fast and needed to hire more software engineers. With my new understanding that high talent density would be the engine of our success, we focused on finding the top performers in the market. In Silicon Valley, many of them worked for Google, Apple, and Facebook -- and they were being paid a lot. We didn't have the cash to lure them away in any numbers. But, as an engineer, I was familiar with a concept that has been understood in software since 1968, referred to as the "rock-star principle." The rock-star principle is rooted in a famous study that took place in a basement in Santa Monica, California. At 6:30 a.m., nine trainee programmers were led into a room with dozens of computers. Each was handed a manila envelope, explaining a series of coding and debugging tasks they would need to complete to their best ability in the next 120 minutes. The researchers expected that the best programmer would outperform his average counterpart by a factor of two or three. But it turned out that the most skilled programmer far outperformed the worst. He was 20 times faster at coding, 25 times faster at debugging, and 10 times faster at program execution than the programmer with the lowest marks.

This study has caused ripples across the software industry since it was published, as managers grapple with how some programmers can be worth so much more than their perfectly adequate colleagues. With a fixed amount of money for salaries and a project I needed to complete, I had a choice: Hire 10 to 25 average engineers, or hire one "rock-star" and pay significantly more than what I'd pay the others, if necessary. Over the years, I've come to see that the best programmer doesn't add 10 times the value. He or she adds more like a 100 times. Bill Gates, whom I worked with while on the Microsoft board, purportedly went further. He is often quoted as saying, "A great lathe operator commands several times the wages of an average lathe operator, but a great writer of software code is worth 10,000 times the price of an average software writer." In the software industry, this is a known principle (although still much debated). I started thinking about where this model applied outside the software industry. The reason the rock-star engineer is so much more valuable than his counterparts isn't unique to programming. The great software engineer is incredibly creative and can see conceptual patterns that others can't.

MojoKid writes: NVIDIA's GeForce RTX 3090, which just launched this morning, is the single most powerful graphics card money can buy currently (almost). It sits at the top of NVIDIA's product stack, and according to the company, it enables new experiences like smooth 8K gaming and seamless processing of massive content creation workloads, thanks in part to its 24GB of on-board GDDR6X memory. A graphics card like the GeForce RTX 3090 isn't for everyone, however. Though its asking price is about a $1,000 lower than its previous-gen, Turing-based Titan RTX counterpart, it is still out of reach for most gamers. That said, content creation and workstation rendering professionals can more easily justify its cost.

In performance testing fresh off the NDA lift, versus the GeForce RTX 3080 that arrived last week, the more powerful RTX 3090's gains range from about 4% to 20%. Versus the more expensive previous generation Titan RTX though, the GeForce RTX 3090's advantages increase to approximately 6% to 40%. When you factor in complex creator workloads that can leverage the GeForce RTX 3090's additional resources and memory, however, it can be many times faster than either the RTX 3080 or Titan RTX. The GeForce RTX 3090 will be available in limited quantities today but the company pledges to make more available directly and through OEM board partners as soon as possible.

"It might be the next best thing to a coronavirus vaccine," writes the Los Angeles Times. "Scientists have devised a way to use the antibody-rich blood plasma of Covid-19 survivors for an upper-arm injection that they say could inoculate people against the virus for months." Using technology that's been proven effective in preventing other diseases such as hepatitis A, the injections would be administered to high-risk health care workers, nursing home patients, or even at public drive-through sites — potentially protecting millions of lives, the doctors and other experts say. The two scientists who spearheaded the proposal — an 83-year-old shingles researcher and his counterpart, an HIV gene therapy expert — have garnered widespread support from leading blood and immunology specialists, including those at the center of the nation's Covid-19 plasma research.

But the idea exists only on paper. Federal officials have twice rejected requests to discuss the proposal, and pharmaceutical companies — even acknowledging the likely efficacy of the plan — have declined to design or manufacture the shots, according to a Los Angeles Times investigation... There is little disagreement that the idea holds promise; the dispute is over the timing. Federal health officials and industry groups say the development of plasma-based therapies should focus on treating people who are already sick, not on preventing infections in those who are still healthy...

But scientists who question the delay argue that the immunity shots are easy to scale up and should enter clinical trials immediately. They say that until there's a vaccine, the shots offer the only plausible method for preventing potentially millions of infections at a critical moment in the pandemic. "Beyond being a lost opportunity, this is a real head-scratcher," said Dr. Michael Joyner, a Mayo Clinic researcher who leads a program sponsored by the Food and Drug Administration to capitalize on coronavirus antibodies from COVID-19 survivors. "It seems obvious." The use of so-called convalescent plasma has already become widespread. More than 28,000 patients have already received the IV treatment, and preliminary data suggest that the method is safe.

A Chinese bank required at least two western companies to install malware-laced tax software, according to a new report from the cyber-security firm Trustwave.

"The two companies are a UK-based technology/software vendor and a major financial institution, both of which had recently opened offices in China," reports ZDNet: "Discussions with our client revealed that [the malware] was part of their bank's required tax software," Trustwave said Thursday... Trustwave, who was providing cyber-security services for the UK software vendor, said it identified the malware after observing suspicious network requests originating from its customer's network... Trustwave said the software worked as advertised, allowing its customer to pay local taxes, but that it also installed a hidden backdoor. The security firm says this backdoor, which Trustwave codenamed GoldenSpy and said it ran with SYSTEM-level access, allowed a remote attacker to connect to the infected system and run Windows commands, or upload and install other software...

GoldenSpy installs two identical versions of itself, both as persistent autostart services. If either stops running, it will respawn its counterpart... The Intelligent Tax software's uninstall feature will not uninstall GoldenSpy. It leaves GoldenSpy running as an open backdoor into the environment, even after the tax software is fully removed. GoldenSpy is not downloaded and installed until a full two hours after the tax software installation process is completed. When it finally downloads and installs, it does so silently, with no notification on the system.

Later this year, the International Space Station will receive a new and improved toilet system designed to bridge the gap between current lavatorial space tech and what humans will need to make extended visits to, say, Mars, in comfort. Space.com reports: It has a fancier name, of course; officially, the commode is NASA's Universal Waste Management System (UWMS). The launch is targeted for no earlier than the fall, a NASA spokesperson confirmed to Space.com, although the agency is still determining what spacecraft will carry the new plumbing up. The toilet currently on offer on the U.S. side of the space station was designed in the 1990s and based on its shuttle counterpart, according to a detailed review of space toiletry. But the apparatus has its flaws. It can be clunky to use, particularly for women, and it is "sensitive to crew alignment on the seat," sometimes resulting in messes, according to that review.

So NASA has tried to keep the aspects that have gotten positive reviews while trimming mass and volume and making some design changes, like adjusting the shape of the seat and replacing the apparatus that compresses the waste. Another change mimics a feature of the toilet on the Russian side of the space station, where astronauts simply hook their feet into toe bars, rather than the thigh bars used on the American equivalent to anchor the astronaut in the microgravity environment. The UWMS will remain on the space station for the rest of the orbiting laboratory's lifetime, and a second toilet of the same model will fly on the Orion capsule that astronauts use to fly around the moon on the first crewed Artemis mission in NASA's ambitious lunar return plan, according to the agency.

An anonymous reader quotes a report from IEEE Spectrum: Flat solar panels still face big limitations when it comes to making the most of the available sunlight each day. A new spherical solar cell design aims to boost solar power harvesting potential from nearly every angle without requiring expensive moving parts to keep tracking the sun's apparent movement across the sky. The spherical solar cell prototype designed by Saudi researchers is a tiny blue sphere that a person can easily hold in one hand like a ping pong ball. Indoor experiments with a solar simulator lamp have already shown that it can achieve between 15 percent and 100 percent more power output compared with a flat solar cell with the same total surface area, depending on the background materials reflecting sunlight into the solar cells. The research group hopes its nature-inspired design can fare similarly well in future field tests in many different locations around the world.

Testing with the solar simulator lamp showed that the spherical solar cell provided 24 percent more power output over a traditional flat solar cell upon immediate exposure to sunlight. That power advantage jumped to 39 percent after both types of solar cells had begun to heat up and suffered some loss in power efficiency -- an indication that the spherical shape may have some advantages in dissipating heat. The spherical solar cell also delivered about 60 percent more power output than its flat counterpart when both could collect only scattered sunlight under a simulated roof rather than receiving direct sunlight. Additional experiments with different reflective backgrounds -- including an aluminum cup, aluminum paper, white paper, and sand -- showed that the hexagonal aluminum cup background helped the spherical solar cell outperform the flat solar cell by 100 percent in terms of power output. The new work is detailed in a paper submitted for review to the journal MRS Communications.

An anonymous reader quotes a report from Reuters: France and Germany threw their weight on Thursday behind plans to create a cloud computing ecosystem that seeks to reduce Europe's dependence on Silicon Valley giants Amazon, Microsoft and Google. The project, dubbed Gaia-X, will establish common standards for storing and processing data on servers that are sited locally and comply with the European Union's strict laws on data privacy. German Economy Minister Peter Altmaier, speaking in Berlin, described Gaia-X as a "moonshot" that would help reassert Europe's technological sovereignty, and invited other countries and companies to join. "We are not China, we are not the United States, we are European countries with our own values and with our own economic interest that we want to defend," his French counterpart Bruno Le Maire said in Paris in a joint video news conference.

In an initial step, 22 French and German companies will set up a non-profit foundation to run Gaia-X, which is not conceived as a direct rival to the "hyperscale" U.S. cloud providers but would instead referee a common set of European rules. "Building a European-based alternative is possible only if we play collectively," said Michel Paulin, CEO of independent French cloud service provider OVHcloud. One important concept underpinning Gaia-X is "reversibility," a principle that would allow users to easily switch providers. First services are due to be offered in 2021.

An anonymous reader quotes Engadget: Texas Instruments' graphing calculators have a reputation as hobbyist devices given their program support, but they just lost some of their appeal. Cemetech has learned (via Linus Tech Tips) that Texas Instruments is pulling support for assembly- and C-based programs on the TI-84 Plus CE and its French counterpart, the TI-83 Premium CE. Install the latest firmware for both (OS 5.6 and OS 5.5 respectively) and you'll not only lose access to those apps, but won't have a way to roll back.

The company explained the move as an effort to "prioritize learning and minimize any security risks." It's to reduce cheating, to put it another way... While this could please teachers worried that students will use apps to cheat during exams, enthusiasts are unsurprisingly mad. This reduces the amount of control programmers have over their calculator apps.