Pipes Feed Preview: gHacks Technology News

  1. DuckDuckGo Privacy Browser app does not block Microsoft trackers

    2022-05-25 13:40:13 UTC

    DuckDuckGo Privacy Browser isn't totally private, a security researcher has revealed. The privacy-focused search engine's app, for iOS and Android, is not blocking trackers from Microsoft. The news came to light when […]

    Thank you for being a Ghacks reader. The post DuckDuckGo Privacy Browser app does not block Microsoft trackers appeared first on gHacks Technology News.

    <p>DuckDuckGo Privacy Browser isn't totally private, a security researcher has revealed. The privacy-focused search engine's app, for iOS and Android, is not blocking trackers from Microsoft.</p> <p><img class="alignnone size-full wp-image-178772" src="https://www.ghacks.net/wp-content/uploads/2022/05/DuckDuckGo-Privacy-Browser-app-does-not-block-Microsoft-trackers.jpeg" alt="DuckDuckGo Privacy Browser app does not block Microsoft trackers" width="1200" height="1025" /></p> <p>The news came to light when security researcher, Zach Edwards, who was conducting a security audit of the browser, found that the app blocked trackers from Google and Facebook. He observed that the app didn't block Microsoft trackers. Screenshots and messages posted by Edwards on Twitter reveal that the app let the trackers run on Bing and LinkedIn's domains. This in turn puts the user's privacy at risk, since the Redmond company can collect information such as the IP address, user agent, and other relevant data.</p> <p>The app includes, among other things, a tracker blocker and a cookie blocker to protect the privacy of users. The description of DuckDuckGo Privacy Browser on the App Store and Google Play Store reads as follows,</p> <p>"Escape Website Tracking - Tracker Radar automatically blocks hidden third-party trackers we can find lurking on websites you visit in DuckDuckGo, which stops the companies behind those trackers from collecting and selling your data."</p> <p>When an app has a description like that, you would expect it to apply to all websites, wouldn't you? That's why the fact that it doesn't block Microsoft's trackers is a problem, it should have been upfront about the issue.</p> <h3><strong>Why does DuckDuckGo Privacy Browser allow trackers from Microsoft?</strong></h3> <p>Bing is one of the many sources from where DuckDuckGo pulls the results from. In case you aren't aware of it, the privacy-focused search engine has an agreement with Microsoft, to display contextual ads in its search results. These ads were generally believed to be non-tracking, as the service does not profile its users.</p> <p><img class="alignnone size-full wp-image-178773" src="https://www.ghacks.net/wp-content/uploads/2022/05/duckduckgo-browser-android-scaled.jpg" alt="duckduckgo browser android" width="540" height="1200" /></p> <p>Gabriel Weinberg, the founder and CEO of DuckDuckGo, responded to Edwards' findings, confirming that the browser allows Microsoft trackers.</p> <p><img class="alignnone size-full wp-image-178776" src="https://www.ghacks.net/wp-content/uploads/2022/05/dukduckgo-microsoft-ads-scaled.jpeg" alt="dukduckgo microsoft ads" width="1200" height="743" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/dukduckgo-microsoft-ads-scaled.jpeg 1200w, https://www.ghacks.net/wp-content/uploads/2022/05/dukduckgo-microsoft-ads-1536x951.jpeg 1536w" sizes="(max-width: 1200px) 100vw, 1200px" /></p> <p>He explained that the search engine ensured the anonymity of users when search results are loaded, and that this includes advertisements that are displayed. But, it appears that the internet company's agreement with Microsoft prevents DuckDuckGo from blocking its trackers.</p> <p><img class="alignnone size-full wp-image-178774" src="https://www.ghacks.net/wp-content/uploads/2022/05/duckduckgo-ads-privacy-policy-scaled.jpeg" alt="duckduckgo ads privacy policy" width="1200" height="657" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/duckduckgo-ads-privacy-policy-scaled.jpeg 1200w, https://www.ghacks.net/wp-content/uploads/2022/05/duckduckgo-ads-privacy-policy-1536x841.jpeg 1536w" sizes="(max-width: 1200px) 100vw, 1200px" /></p> <h4><strong>Is DuckDuckGo.com safe to use?</strong></h4> <p>Yes, it is. While the browser has been found guilty of allowing said trackers, Weinberg has confirmed the search engine remains untainted. So, there's a bit of good news amidst this chaos. I would still advise using an ad blocker, like uBlock Origin or AdGuard, to protect yourself from trackers. It is unclear if the macOS browser is affected, but given the nature of the issue, it is likely affected as well.</p> <p>In a statement sent to <a href="https://www.bleepingcomputer.com/news/security/duckduckgo-browser-allows-microsoft-trackers-due-to-search-agreement/" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">Bleeping Computer</a>, Weinberg said that his company is working with Microsoft on removing the restriction to block the trackers. He also defended DuckDuckGo's browser, stating that it blocks third-party tracking scripts before they load on sites, instead of following other browsers that just offer 3rd-party cookie protection and fingerprint protection. The company will also update its app store descriptions to provide more information.</p> <p>The timing of the discovery is particularly bad for DuckDuckGo, as it had criticized Google's privacy practices just a couple of weeks ago. It had proudly announced that its Chrome extension blocked Google's new tracking methods, such as Topics and FLEDGE.</p> <p>Practice what you preach, DuckDuckGo.</p> <p>References: <a href="https://twitter.com/thezedwards/status/1528808795983319041" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">Zach Edwards</a>, Gabriel Weinberg <a href="https://twitter.com/yegg/status/1528838579455250434" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">1</a>,<a href="https://twitter.com/yegg/status/1528838114558484480" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">2</a>, <a href="https://help.duckduckgo.com/duckduckgo-help-pages/company/ads-by-microsoft-on-duckduckgo-private-search/#:~:text=At%20that%20point%2C%20Microsoft%20Advertising%20will%20use%20your%20full%20IP%20address%20and%20user%2Dagent%20string%20so%20that%20it%20can%20properly%20process%20the%20ad%20click%20and%20charge%20the%20advertiser" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">DuckDuckGo Ads policy</a></p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/25/duckduckgo-privacy-browser-app-does-not-block-microsoft-trackers/" data-wpel-link="internal">DuckDuckGo Privacy Browser app does not block Microsoft trackers</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  2. Google Chrome 102 update patches 32 security issues (one critical)

    2022-05-25 08:35:02 UTC

    Google published updates for the company's Chrome web browser on May 24, 2022. The desktop version updates address security issues in the web browser. The Chrome team is delighted to announce the […]

    Thank you for being a Ghacks reader. The post Google Chrome 102 update patches 32 security issues (one critical) appeared first on gHacks Technology News.

    <p>Google <a href="https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_24.html" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">published</a> updates for the company's Chrome web browser on May 24, 2022. The desktop version updates address security issues in the web browser.</p> <p><img class="alignnone size-full wp-image-178769" src="https://www.ghacks.net/wp-content/uploads/2022/05/google-chrome-102-security-update.png" alt="google-chrome 102 security update" width="1457" height="825" /></p> <blockquote><p>The Chrome team is delighted to announce the promotion of Chrome 102 to the stable channel for Windows (102.0.5005.61/62/63), 102.0.5005.61 for Mac and Linux. Chrome 102 is also promoted to our new extended stable channel for Windows and Mac. This will roll out over the coming days/weeks.</p></blockquote> <p>Chrome 102 for desktop systems and mobile systems is available already. Google rolls out updates over time to the entire population. Desktop users who use Chrome can speed up the installation of the update to patch the security issues early.</p> <p>Selecting Menu &gt; Help &gt; About Chrome displays the version of the browser that is installed. Chrome runs a check for updates when the page is opened; it should pick up the new version and install it automatically.</p> <p>Chrome on Android updates rely on Google Play, which means that there is no option to speed up the upgrade on Android.</p> <p>Google makes no mention of security issue fixes in the Android and iOS releases of the web browser.</p> <h2>Chrome 102: security fixes</h2> <p>Google Chrome 102 is available as a stable channel version and extended stable channel version. Stable versions are upgraded every 4 weeks, extended stable versions every 8 weeks.</p> <p>The update includes a total of 32 security fixes. One issue has the highest severity rating of critical, several others a rating of high. The critical security issue is described as " Use after free in Indexed DB" and filed under CVE-2022-1853.</p> <p>Google makes no mention of attacks in the wild.  Chrome users should upgrade to the latest version quickly to protect their browsers against potential attacks targeting the new vulnerabilities</p> <h2>Chrome 102: improvements and features</h2> <p>Google lists 12 features that were added, removed or improved in Chrome 102 on the Chrome Status website. Most changes are of interest to developers only.</p> <ul> <li>Add Save Data Client Hint</li> <li>AudioContext.outputLatency</li> <li>Calling PaymentRequest.show without user activation</li> <li>Capture handle</li> <li>File Handling</li> <li>HTTP-&gt;HTTPS redirect for HTTPS DNS records</li> <li>Navigation API</li> <li>Origin Private File System extension: AccessHandle</li> <li>Secure Payment Confirmation API V3</li> <li>WebHID exclusionFilters option in requestDevice()</li> <li>[WebRTC] Deprecate and Remove Plan B</li> <li>inert attribute</li> </ul> <p>Descriptions of the changes are <a href="https://chromestatus.com/features#milestone%3D102" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">available</a> on the Chrome Status website.</p> <p><strong>Now You:</strong> do you use Chrome? When do you update your browsers?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/25/google-chrome-102-update-patches-32-security-issues-one-critical/" data-wpel-link="internal">Google Chrome 102 update patches 32 security issues (one critical)</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  3. Vivaldi Snapshot gets a new way to customize the toolbar; will soon let you block autoplay videos

    2022-05-25 04:40:49 UTC

    Vivaldi latest Snapshot channel will soon add a much-needed feature to the browser, blocking autoplay videos. It's about time, other browsers have had this option for a long time. This feature was […]

    Thank you for being a Ghacks reader. The post Vivaldi Snapshot gets a new way to customize the toolbar; will soon let you block autoplay videos appeared first on gHacks Technology News.

    <p>Vivaldi latest Snapshot channel will soon add a much-needed feature to the browser, blocking autoplay videos. It's about time, other browsers have had this option for a long time.</p> <p><img class="alignnone size-full wp-image-178750" src="https://www.ghacks.net/wp-content/uploads/2022/05/how-to-block-autoplay-videos-in-vivaldi.png" alt="how to block autoplay videos in vivaldi" width="1200" height="781" /></p> <p>This feature was in fact live in <a href="https://vivaldi.com/blog/desktop/toolbar-customization-and-disabling-the-autoplay-of-videos-vivaldi-browser-snapshot-2679-3/" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">Vivaldi Snapshot 5.3.2679.3</a> that was released a few days ago. But it has been removed in the latest build, with Vivaldi reassuring users that it will be added back post the 5.3 snapshots, i.e., it will return when the 5.4 Snapshots are released. I'm not sure why the feature was removed as it did work on YouTube, Twitch and a few other sites.</p> <p>Why is this important? Autoplay videos are the one of the biggest annoyances on the internet, they play automatically coupled with some loud audio, sometimes giving you a jump scare. Nobody needs that blaring noise, right? The first thing I do is close the tab of the offending domain, and make a mental note not to visit the site again.</p> <p>Even the best ad blockers, like <a href="https://www.ghacks.net/2022/03/11/ublock-origin-is-now-the-most-popular-firefox-add-on/" target="_blank" rel="noopener" data-wpel-link="internal">uBlock Origin</a>, can't block all of these videos, because different sites embed autoplay videos in different ways. And they are not always ads per se, some of them could actually be useful content, but it's not polite to just play them without the user's permission.</p> <p>I've had mixed experiences with Vivaldi and the sites I've seen autoplay videos on. Sometimes they are usually muted by default, and doesn't start playing the audio until you click on the video player. Other sites have both audio and video set to autoplay, which is exactly why I welcome this feature.</p> <p>If you want to test it, you need to use the previous Snapshot build that I linked to above.  Autoplay isn't blocked by default in Vivaldi, let me show you to enable the blocker. Before that, visit any web page that contains an autoplay video, just for testing purposes.</p> <h3><strong>How to block autoplay videos in Vivaldi 5.3.2679.3<br /> </strong></h3> <p>1. Head to the Vivaldi menu and select Preferences.</p> <p>2. Click on the Privacy and Security tab on the sidebar.</p> <p><img class="alignnone size-full wp-image-178752" src="https://www.ghacks.net/wp-content/uploads/2022/05/vivaldi-autoplay-block.png" alt="vivaldi autoplay block" width="974" height="588" /></p> <p>3. Now, click the dropdown menu next to Autoplay and set it to Block.</p> <p>That's it, say bye to annoying autoplay videos. Try reloading the web page you were on, the video should not play automatically.</p> <h4><strong>Customize the toolbar in Vivaldi</strong></h4> <p>Vivaldi's Snapshot channel release has one more interesting addition. It introduces a new way to customize the toolbar, by dragging and dropping icons from an editor panel. To access it, right-click on Vivaldi's toolbar and select Customize.</p> <p><img class="alignnone size-full wp-image-178754" src="https://www.ghacks.net/wp-content/uploads/2022/05/vivaldi-customize-edit-toolbar.png" alt="vivaldi customize edit toolbar" width="1124" height="580" /></p> <p>This opens the Toolbar Editor, use the menu to choose the section you would like to edit:</p> <p>Navigation Toolbar<br /> Status Toolbar<br /> Mail Toolbar<br /> Mail Composer Toolbar<br /> Mail Message Toolbar<br /> Command Chains</p> <p><img class="alignnone size-full wp-image-178751" src="https://www.ghacks.net/wp-content/uploads/2022/05/vivaldi-toolbar-editor-menu.png" alt="vivaldi toolbar editor menu" width="1200" height="737" /></p> <p>The icons at the bottom of the screen represent the shortcuts that are available on the browser's toolbar. The icons in the top of the panel are buttons that you can drag and drop onto the toolbar. The odd thing here is that you have to drop the buttons on to the actual browser at the top of the browser (and not in the one displayed in the editor). You may use the editor mode to move buttons around, or remove options that you never use. Don't worry if you make a mistake, each section has a reset button that you can use to undo your changes.</p> <p><img class="alignnone size-full wp-image-178753" src="https://www.ghacks.net/wp-content/uploads/2022/05/vivaldi-toolbar-editor.png" alt="vivaldi toolbar editor" width="1200" height="737" /></p> <p>Download Vivaldi Snapshot <a href="https://vivaldi.com/blog/desktop/stabilization-for-5-3-vivaldi-browser-snapshot-2679-13/" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">5.3.2679.13</a> for Windows, macOS and Linux. The latest version is based on Chromium 102.</p> <p>The Snapshot build fixes a crash that was happening randomly on macOS. It also mitigates an issue that was causing the browser to crash, it occurred when closing a tab after using the capture tool.</p> <p>Please refer to the release notes, for a full list of changes in the build.</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/25/how-to-customize-the-toolbar-in-vivaldi-browser/" data-wpel-link="internal">Vivaldi Snapshot gets a new way to customize the toolbar; will soon let you block autoplay videos</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  4. DoNotSpy11 for Windows 11 is now available

    2022-05-25 04:38:19 UTC

    The developer of the popular privacy tool DoNotSpy10 released DoNotSpy11 for Windows 11 on May 24, 2022. The tools give users control over more than 140 privacy related features on Windows devices. […]

    Thank you for being a Ghacks reader. The post DoNotSpy11 for Windows 11 is now available appeared first on gHacks Technology News.

    <p>The developer of the <a href="https://www.ghacks.net/2015/08/14/comparison-of-windows-10-privacy-tools/" data-wpel-link="internal">popular privacy tool</a> DoNotSpy10 released DoNotSpy11 for Windows 11 on May 24, 2022. The tools give users control over more than 140 privacy related features on Windows devices.</p> <p><img class="alignnone size-full wp-image-178766" src="https://www.ghacks.net/wp-content/uploads/2022/05/donotspy11-windows.png" alt="donotspy11 windows" width="1200" height="415" /></p> <p><a href="https://www.ghacks.net/2015/08/05/donotspy10-configure-windows-10-privacy-settings/" data-wpel-link="internal">We reviewed DoNotSpy10 in 2015</a> when it was released for Microsoft's Windows 10 operating system. We found it to be a good tool to adjust Windows settings related to privacy quickly and efficiently. We did not like the included adware offer back then, but this is a thing of the past as it is no longer included.</p> <p>DoNotSpy11 uses the core of the Windows 10 application. In fact, it supports Windows 10 and 11 systems alike.  The interface is identical, but that is not necessarily a bad thing, considering that users will feel right at home. It is streamlined and easy to use.</p> <p>First thing you need to do is download the latest version of the application from the developer website. Windows 11 may throw <a href="https://www.ghacks.net/2015/12/19/microsoft-smartscreen-gets-drive-by-attack-protection/" data-wpel-link="internal">a SmartScreen warning</a> on first run; the developer states that it is thrown because the application is not signed.</p> <p><img class="alignnone size-full wp-image-178764" src="https://www.ghacks.net/wp-content/uploads/2022/05/donotspy11.png" alt="donotspy11" width="925" height="636" /></p> <p>All available tweaks are listed in the main interface. Tweaks are sorted into categories, and a search is provided that helps you filter the large list.</p> <p>When you select a tweak, a description is provided that may provide additional information on the functionality of the feature that it controls.</p> <p>Checked tweaks are enabled on the device already. Each tweak has a color assigned to it that provides safety information. Blue tweaks are safe to use, red tweaks not recommended for the majority of users. Orange tweaks have info text that provides explanation, and gray colored tweaks highlight changes since the last time the app was started.</p> <p>DoNotSpy11 supports the manual creation of a system restore point via the Actions menu, but it will also display a system restore point before any changes are made.</p> <p>As far as differences to DoNotSpy10 are concerned, there are some. DoNotSpy11 detects Office and will display Office-specific tweaks in the case of detection. The following Office-specific privacy tweaks are supported in the current version:</p> <blockquote><p>Tweak added: Office: Disable First Run Movie<br /> Tweak added: Office: Disable Customer Experience Improvement Program<br /> Tweak added: Office: Disable Feedback<br /> Tweak added: Office: Disable Sending Personal Information<br /> Tweak added: Office: Disable Telemetry<br /> Tweak added: Office: Disable Connected Experiences That Analyze Content<br /> Tweak added: Office: Disable Connected Experiences That Download Online Content<br /> Tweak added: Office: Disable Additional Optional Connected Experiences<br /> Tweak added: Office: Disable In-Product Surveys<br /> Tweak added: Office: Block Signing Into Office<br /> Tweak added: Office: Disable LinkedIn Features</p></blockquote> <p>Several Windows 11 specific tweaks are also available. Users may disable <a href="https://www.ghacks.net/2022/04/27/those-icons-on-your-windows-taskbar-next-to-search-that-is-the-search-highlights-feature/" data-wpel-link="internal">Search Highlights</a>, Windows Spotlight on Desktop, or the display of Office.com Files in Explorer. You find the full changelog <a href="https://pxc-coding.com/donotspy11/donotspy-11-changelog/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">on the developer's website</a>.</p> <p><strong>Closing Words</strong></p> <p>DoNotSpy11 is a well designed privacy application for Windows. It supports the latest Windows 10 and 11 builds, and is regularly updated with new tweaks.</p> <p><strong>Now You:</strong> do you use privacy applications to tweak your operating systems?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/25/donotspy11-for-windows-11-is-now-available/" data-wpel-link="internal">DoNotSpy11 for Windows 11 is now available</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  5. DropPoint makes drag and drop operations easier

    2022-05-24 15:30:13 UTC

    Windows, Mac OS and Linux support drag and drop operations to move or copy files from one location to another. The open source cross-platform application DropPoint aims to make drag & drop […]

    Thank you for being a Ghacks reader. The post DropPoint makes drag and drop operations easier appeared first on gHacks Technology News.

    <p>Windows, Mac OS and Linux support drag and drop operations to move or copy files from one location to another. The open source cross-platform application DropPoint aims to make drag &amp; drop operations easier on all three desktop operating systems.</p> <p><img class="alignnone size-full wp-image-178759" src="https://www.ghacks.net/wp-content/uploads/2022/05/droppoint.png" alt="droppoint" width="1211" height="634" /></p> <p>Dragging files from one location to another can be time consuming. You may need to open a second window and place both windows next to each other before you can start the drag &amp; drop operation.</p> <p>DropPoint changes the process by adding an always visible element on the screen that can be used as temporary storage for files. All it takes is to drag all files onto the element on the screen and to drag them again from the element to the destination. It is like a shopping basket, but for files and folders. A keyboard shortcut, Shift-Caps Lock on Windows and Linux systems, and Shift-Tab on Mac OS systems, toggles the visibility of the element on the screen.</p> <p>DropPoint is available for Linux, Mac OS and Windows. <a href="https://www.ghacks.net/2012/11/03/turn-off-windows-protected-your-pc-windows-smartscreen/" data-wpel-link="internal">Windows may throw a SmartScreen warning</a> on first run of the application.</p> <p>It is an Electron application, which means that it has quite the large size, especially when compared to other applications of its type. File copy tools such as <a href="https://www.ghacks.net/2012/01/28/smartcopytool-lets-you-copy-files-from-large-folder-structures/" data-wpel-link="internal">SmartCopyTool</a>, <a href="https://www.ghacks.net/2020/11/19/windows-file-copy-tool-teracopy-3-5-is-out/" data-wpel-link="internal">TeraCopy</a>, or Copy Handler improve the copy process. Our first review of a specialized program dates back to the 2008 review of <a href="https://www.ghacks.net/2008/02/20/queue-file-operations-with-piky-basket/" data-wpel-link="internal">Piky Basket for Windows</a>.</p> <p>DropPoint supports a couple of features that users may like. Besides cross-platform support, it is also supporting virtual desktops and workspaces. Usage is always identical. Drop files onto the DropPoint element on the screen, and drag them from the element to the target location once you have added all the files that you want to copy to it.</p> <p>You can perform multiple drag operations onto the element to collect files from different locations before sending them to the desired target location.</p> <p>The open source tool supports copy operations only. If you want to move files, you still need to use other means to do so.</p> <p><strong>Closing Words</strong></p> <p>DropPoint is a useful open source tool designed to improve drag &amp; drop operations on desktop systems. It is easy to use and works exactly as described. The main downside to using the tool is that it has a large size when compared to copy tools that exist for all operating systems.</p> <p><strong>Now You</strong>: how do you copy files from one location to another?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/24/droppoint-makes-drag-and-drop-operations-easier/" data-wpel-link="internal">DropPoint makes drag and drop operations easier</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  6. Pre-hijacking Attacks of user accounts are on the rise

    2022-05-24 08:52:22 UTC

    Most computer users are aware that criminals may gain access to their online accounts, for instance, by stealing or guessing the password, through phishing or other forms of attack. Many may not […]

    Thank you for being a Ghacks reader. The post Pre-hijacking Attacks of user accounts are on the rise appeared first on gHacks Technology News.

    <p>Most computer users are aware that criminals may gain access to their online accounts, for instance, by stealing or guessing the password, through phishing or other forms of attack.</p> <figure id="attachment_178739" aria-describedby="caption-attachment-178739" style="width: 2908px" class="wp-caption alignnone"><img class="wp-image-178739 size-full" src="https://www.ghacks.net/wp-content/uploads/2022/05/Account_Pre-Hijacking_Attacks_Overview.png" alt="" width="2908" height="1945" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/Account_Pre-Hijacking_Attacks_Overview.png 2908w, https://www.ghacks.net/wp-content/uploads/2022/05/Account_Pre-Hijacking_Attacks_Overview-1536x1027.png 1536w, https://www.ghacks.net/wp-content/uploads/2022/05/Account_Pre-Hijacking_Attacks_Overview-2048x1370.png 2048w" sizes="(max-width: 2908px) 100vw, 2908px" /><figcaption id="caption-attachment-178739" class="wp-caption-text">source <a href="https://msrc-blog.microsoft.com/2022/05/23/pre-hijacking-attacks/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Microsoft MSRC</a></figcaption></figure> <p>Many may not be aware of a new attack type that is creating accounts with a user's email address before the user does so. Malicious actors use account pre-hijacking attacks to prepare user accounts for full takeovers. The attacker creates accounts on sites and services using a victim's email address. Various techniques are then used to "put the account into a pre-hijacked state". Once a victim has recovered access to the account, after finding out during sign-up that an account with the victim's email address exists already, attacks are carried out to take over the account fully.</p> <p>Not all websites and services are vulnerable to account pre-hijacking attacks, but security researcher Avinash Sudhodanan believes that a significant number is. Sudhodanan <a href="https://arxiv.org/abs/2205.10174" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">published</a> the research paper "Pre-hijacked accounts: An Empirical Study of Security Failures in User Account Creation on the Web" in May 2022 in which he describes five types of pre-hijacking attacks.</p> <p>The creation of online accounts has evolved on the Internet. Previously, users used an identifier and password to create accounts. These accounts were linked to a user's email address usually. The method is still available on today's Internet, but sites started to support federated authentication as well, often in addition to supporting traditional account creation processes.</p> <p>Federated authentication, for example, Single Sign-On, adds a new layer of complexity to the user creation process, as sites and services often support both options. Companies such as Facebook, Microsoft or Google support federated authentication and act as identity providers. Users users may sign-up to third-party services that support Single Sign-On and the user's identity provider. Some sites allow users to link classic user accounts to Single Sign-On providers, which unlocks the ability to sign in using a username and password, or the identity provider.</p> <p>Websites and services have a strong incentive to support identity providers according to Sudhodanan, as "it improves the experience for users". Users may re-use accounts that they have created in the past across multiple services; this makes the account creation process easier, faster and may eliminate the need to set up account passwords. Previous research has shown that Single Sign-On providers become high value targets for attacks.</p> <p>Research <a href="https://www.cs.uic.edu/~mghasemi/assets/papers/sso-usenix18.pdf" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">focused</a> on security implications for existing accounts and less on the account creation process itself up to this point.</p> <h2>Account Pre-Hijacking Attacks</h2> <figure id="attachment_178741" aria-describedby="caption-attachment-178741" style="width: 1080px" class="wp-caption alignnone"><img class="size-full wp-image-178741" src="https://www.ghacks.net/wp-content/uploads/2022/05/pre-account-hi-jacking.png" alt="" width="1080" height="770" /><figcaption id="caption-attachment-178741" class="wp-caption-text">source: <a href="https://msrc-blog.microsoft.com/2022/05/23/pre-hijacking-attacks/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Microsoft MSRC</a></figcaption></figure> <p>In his research, Sudhodanan demonstrates that an entire class of account pre-hijacking attacks exists. All have in common that the attacker is performing actions at a target service before the victim does. None of the five different attack types that Sudhodanan  describes in the research paper require access to a victim's Identity Provider account.</p> <p>Attackers need to target services that victims will likely sign-up for in the future. Additional information, for instance about existing accounts or interests, may help with the selection of targets, but attackers may also pick targets by popularity, trends or even press releases if organizations are the target.</p> <p>The goal of account pre-hijacking attacks is the same as that of classic account hijacking attacks: to gain access to the victim's account.</p> <blockquote><p>Depending on the nature of the target service, a successful attack could allow the attacker to read/modify sensitive information associated with the account (e.g., messages, billing statements, usage history, etc.) or perform actions using  he victim’s identity (e.g., send spoofed messages, make purchases using saved payment methods, etc.)</p></blockquote> <p>An attack consists of three phases:</p> <ol> <li><strong>Pre-hijack</strong> -- The attacker uses the email addresses of victims to create accounts at target services. Knowledge of the email address is required to carry out the attack.</li> <li><strong>Victim action</strong> -- The victim needs to create an account at the target or recover the account that exists already.</li> <li><strong>Account takeover attack</strong> -- The attacker attempts to take over the user account at the target service using different attack forms.</li> </ol> <h3>Classic-Federated Merge Attack</h3> <p>The attack exploits interaction weaknesses between classic accounts and federated accounts at a single provider. The attacker may use a victim's email address to create an account at the provider; the victim may create an account using the federated provider instead using the same email address. Depending on how the service merges the two accounts, it could result in both parties having access to the same account.</p> <p>For the attack to be carried out successfully, it is required that the target service supports classic and federated accounts. Additionally, email addresses should be used as the unique account identifier and the merging of both account types needs to be supported.</p> <p>Once the victim creates the account using the federated provider, the target service may merge the accounts. Depending on how that is done, it may give the attacker access to the target service using the specified password.</p> <h3>Unexpired Session Attack</h3> <p>This attack exploits that some services do not sign-out users of their accounts if a password is reset. A victim may reset an account password at a service if the service informs the victim that an account exists already.</p> <p>The attack works if the service supports multiple concurrent sessions and if users are not signed-out of accounts if passwords are reset. The attacker needs to stay signed-in to the account to keep the session active.</p> <h3>Trojan Identifier Attack</h3> <p>The attacker creates an account at the target service using the victim's email address and any password. Once done, a second identifier is added to the account, e.g., another email address that the attacker controls.</p> <p>When the victim resets the passwords, the attacker may use the secondary identifier to regain access to the account.</p> <h3>Unexpired Email Change Attack</h3> <p>The attack exploits a vulnerability in the email changing process of target services. The attacker creates an account using the victim's email address and any password in the beginning. Afterwards, the attacker begins the process of changing the account's email address; this leads to a confirmation email being sent to the new email address.</p> <p>Instead of clicking on the provided link right away, the attacker waits for the victim to reset the account password of the account and to recover the account. The attacker will then activate the link to take control of the victim's account.</p> <p>The attack works only if the target service is not invalidating links after a set period.</p> <h3>Non-verifying IdP Attack</h3> <p>The attack mirrors the Classic-Federated Merge Attack. The attacker creates an account at a target service using an Identity Provider that "does not verify ownership of an email address when creating a federated identity".</p> <p>The victim would have to create a classic account at the target service. If the service combines the two, the attacker may be able to access the account.</p> <p><strong>Closing Words</strong></p> <p>Sudhodanan examined 75 sites of the Alexa top 150 sites to find out if these are vulnerable to one or multiple of the described attacks. He found 252 potential vulnerabilities and 56 confirmed vulnerabilities during the analysis. Dropbox, Instagram, LinkedIn, WordPress.com and Zoom were found to be vulnerable to one of the described attacks.</p> <p>The research paper is accessible <a href="https://arxiv.org/pdf/2205.10174.pdf" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">here</a>.</p> <p><strong>Now You:</strong> what do you do with account creation emails for accounts that you did not initiate?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/24/pre-hijacking-attacks-of-user-accounts-are-on-the-rise/" data-wpel-link="internal">Pre-hijacking Attacks of user accounts are on the rise</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  7. Next Windows 10 update to fix memory leaks, slow copy operations and app crashes

    2022-05-24 05:06:56 UTC

    Microsoft is in the last steps of releasing update previews for supported versions of Windows 10. The update will address several major issues in the company's operating system, including crashes of apps […]

    Thank you for being a Ghacks reader. The post Next Windows 10 update to fix memory leaks, slow copy operations and app crashes appeared first on gHacks Technology News.

    <p>Microsoft is in the last steps of releasing update previews for supported versions of Windows 10. The update will address several major issues in the company's operating system, including crashes of apps and games, memory leaks, and slow file copy operations.</p> <p><img class="alignnone size-full wp-image-147036" src="https://www.ghacks.net/wp-content/uploads/2018/08/windows-10-autoplay.jpg" alt="windows 10 autoplay" width="1920" height="1080" /></p> <p>The update is already available in the Release Preview ring of the Windows 10 Insider program. Microsoft releases preview updates for its Windows 10 and 11 operating systems after Patch Tuesday on any given month. Patch Tuesday takes place on the second Tuesday of each month, and the preview updates are released in the third or fourth week of the month usually.</p> <p>The company highlights all changes in a <a href="https://blogs.windows.com/windows-insider/2022/05/23/releasing-windows-10-build-19044-1739-to-release-preview-channel/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">blog post</a> on the official Windows Insider blog. The update addresses several long-standing issues in Windows 10, including a DirectX issue with d3d9.dll, which caused some apps and games to crash on affected systems.</p> <p>Several of the issues have not been confirmed officially by Microsoft; this is the case for the issue that slowed down file copy jobs on Windows. Windows 10 users can use third-party programs such as <a href="https://www.ghacks.net/2022/01/25/fastcopy-4-is-now-available/" data-wpel-link="internal">Fast Copy</a>, <a href="https://www.ghacks.net/2020/11/19/windows-file-copy-tool-teracopy-3-5-is-out/" data-wpel-link="internal">TeraCopy</a>, or <a href="https://www.ghacks.net/2019/10/30/ultracopier-is-an-open-source-file-copying-tool-for-windows-macos-and-linux/" data-wpel-link="internal">UltraCopier</a>, which promises more comfort and performance improvements when copying files.</p> <p>Microsoft plans to fix two memory-related issues in the next update as well. The first affected systems that are in use 24/7, the second was caused by a bug in the deduplication driver, which depleted all physical memory on affected machines.</p> <p>The most important ones are listed below for your convenience:</p> <ul> <li>We fixed an issue that might affect some apps that use d3d9.dll with certain graphics cards and might cause those apps to close unexpectedly.</li> <li>We fixed a rare issue that prevents Microsoft Excel or Microsoft Outlook from opening.</li> <li class="">We fixed a memory leak issue that affects Windows systems that are in use 24 hours each day of the week.</li> <li>We fixed an issue that causes Microsoft’s deduplication driver to consume large amounts of nonpaged pool memory. As a result, this depletes all the physical memory on the machine, which causes the server to stop responding.</li> <li>We fixed an issue that causes file copying to be slower.</li> <li>We fixed an issue that might cause a system to stop responding when a user signs out if Microsoft OneDrive is in use.</li> </ul> <p>Windows users who are affected by the issues may want to consider installing the upcoming preview updates for the stable versions of Windows 10 to fix those issues. The fixes will be released officially on the June 2022 Patch Tuesday.</p> <p><strong>Now You</strong>: did you run into any of these issues while using Windows?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/24/next-windows-10-update-to-fix-memory-leaks-slow-copy-operations-and-app-crashes/" data-wpel-link="internal">Next Windows 10 update to fix memory leaks, slow copy operations and app crashes</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  8. You should be exploring digital gaming marketplaces. Here’s why!

    2022-05-23 14:10:46 UTC

    If you are looking for a wide range of digital gaming items being sold at a great price, take a look at the Eneba marketplace! Video games, gaming subscriptions, DLCs, in-game currencies, […]

    Thank you for being a Ghacks reader. The post You should be exploring digital gaming marketplaces. Here’s why! appeared first on gHacks Technology News.

    <p><span style="font-weight: 400;">If you are looking for a wide range of <strong>digital gaming items</strong> being sold<strong> at a great price</strong>, take a look at the </span><a href="https://www.eneba.com/us/" target="_blank" rel="noopener external noreferrer" data-wpel-link="external"><span style="font-weight: 400;">Eneba</span></a><span style="font-weight: 400;"> marketplace! Video games, gaming subscriptions, DLCs, in-game currencies, gift cards, and loads more are available here. Not only are the goods considerably cheaper, but the shopping experience itself is also simple, and intuitive, and you get whatever you have purchased within minutes, sometimes even seconds, after your purchase is complete. We are living in the age of digital shopping after all, and there is no reason why you should be missing out!</span></p> <h2><span style="font-weight: 400;">Digital gaming opportunities</span></h2> <p><span style="font-weight: 400;">The digital world brings a whole new world of possibilities and opportunities into the world of gaming. Before digital marketplaces, there were two major products in gaming, these being gaming platforms, and video games themselves. With the growth of digital gaming, there has been an increase in the popularity of other goods that can significantly improve your gaming experience without you needing to buy a new console or update your library of games.</span></p> <p><span style="font-weight: 400;"><strong>Gaming subscriptions</strong> have become amongst the most popular gaming products with the rise of digital gaming, and for good reason. They offer the best value in gaming today, and nothing really even comes close. The yearly price for most of these subscriptions isn’t more expensive than buying a couple of AAA games upon their release, yet you <strong>get multiple new games to play every month</strong>, instant access to hundreds of other games, and the ability to <strong>play games in online multiplayer mode</strong>. This value is really hard to beat. Such goods as gift cards and in-game currencies have also thrived in the digital age, as they provide the option to upgrade your favorite games and make them feel fresh again, so you can enjoy a single game for years without getting tired or bored of it.</span></p> <p><img class="alignnone size-full wp-image-178732" src="https://www.ghacks.net/wp-content/uploads/2022/05/Eneba-marketplace-scaled.jpg" alt="" width="1200" height="675" /></p> <h2><span style="font-weight: 400;">Why choose digital?</span></h2> <p><span style="font-weight: 400;">Why choose digital over physical shopping for games and gaming goods? There is only one reasonable answer to this question – why would you not? The selection is bigger, the prices are better, and the shopping itself is faster, as you don’t even need to leave the house to get everything you need. On top of that, you get loads of options for places to shop at, all of which can have their <strong>perks</strong>. There are giants of the industry such as Steam or Kinguin but there are also others nibbling at their heels, such as the <strong>Eneba marketplace</strong>. You can browse the web amongst many different sites and find the deals that are most suitable for you. Many such websites have a lot of the same products but their prices can differ quite drastically and you can get yourself some amazing deals if you just take an extra minute to browse what’s on offer.</span></p> <p><span style="font-weight: 400;">All in all, digital gaming is definitely the future of the industry, and it is definitely a future to look forward to since the customer is the one that benefits from it the most. Gaming goods are cheaper, shopping is faster, and the selection is so massive that you will surely find everything that you may possibly need. All that’s left is to take your time and enjoy the experience!</span></p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/23/exploring-digital-gaming-marketplaces" data-wpel-link="internal">You should be exploring digital gaming marketplaces. Here’s why!</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  9. Microsoft: Windows 11's product satisfaction and adoption is highest ever

    2022-05-23 13:03:22 UTC

    Chief Product Officer at Microsoft, Panos Panay, held a keynote at Computex 2022, in which he revealed that Microsoft's Windows 11 operating system has the highest product satisfaction of all Windows operating […]

    Thank you for being a Ghacks reader. The post Microsoft: Windows 11's product satisfaction and adoption is highest ever appeared first on gHacks Technology News.

    <p>Chief Product Officer at Microsoft, Panos Panay, held a keynote at Computex 2022, in which he <a href="https://www.youtube.com/watch?v=2yZ9wwEMZYw" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">revealed</a> that Microsoft's Windows 11 operating system has the highest product satisfaction of all Windows operating system releases.</p> <p><img class="alignnone size-full wp-image-175121" src="https://www.ghacks.net/wp-content/uploads/2021/11/Windows-11-desktop-wallpaper.jpg" alt="Windows 11 desktop wallpaper" width="1920" height="1080" srcset="https://www.ghacks.net/wp-content/uploads/2021/11/Windows-11-desktop-wallpaper.jpg 1920w, https://www.ghacks.net/wp-content/uploads/2021/11/Windows-11-desktop-wallpaper-1536x864.jpg 1536w" sizes="(max-width: 1920px) 100vw, 1920px" /></p> <p>Microsoft released Windows 11 in October 2021 to the public. The operating system was released as a free upgrade for devices with eligible Windows 10 licenses, and as a commercial version that people from all over the world may purchase.</p> <p>This month, Microsoft switched the status of the operating system to <a href="https://www.ghacks.net/2022/05/19/windows-11-now-available-for-all-compatible-devices-according-to-microsoft/" data-wpel-link="internal">broad deployment</a>, a status that is used as a deployment signal by organizations around the world.</p> <p>In the keynote, which Panay held with Microsoft CVP of Device Partner Sales Nicole Dezen, Panay reiterated that quality is the most important thing for the team.</p> <blockquote><p>Here's the most important thing for our team, quality, quality, quality. People using it [Windows 11] are finding the quality in the product, which has just been awesome. That also translates to product satisfaction. It is the highest product satisfaction of any version of Windows we've ever shipped.</p></blockquote> <p>In January 2022, Panay used similar words to highlight the quality aspect of the operating system:</p> <blockquote><p>Windows 11 also has the highest quality scores and product satisfaction of any version of Windows we’ve ever shipped. Product quality was a huge focus for the team, and we took a deliberate and phased approach to how we rolled out the upgrade.</p></blockquote> <p>It is unclear how Panay and Microsoft define quality. Windows 11 launched with a fair share of issues, including one that <a href="https://www.ghacks.net/2021/10/07/amd-says-windows-11-is-slowing-down-its-processors-by-up-to-15/" data-wpel-link="internal">impacted the performance of AMD devices by up to 15%</a>, and <a href="https://www.ghacks.net/2021/10/12/brother-confirms-windows-11-printer-issues/" data-wpel-link="internal">one that affected printing on Brother printers</a>.</p> <p><iframe loading="lazy" width="560" height="315" src="https://www.youtube-nocookie.com/embed/2yZ9wwEMZYw" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe></p> <p>We have recorded a total of 24 officially <a href="https://www.ghacks.net/2021/10/09/windows-11-list-of-known-issues-and-resolved-issues/" data-wpel-link="internal">confirmed Windows 11 issues</a> since the release of the operating system.</p> <h2>Windows 11 adoption</h2> <p>Customers upgrade to Windows 11 at twice the rate that Microsoft recorded for its Windows 10 operating system. Considering that Microsoft used to push Windows 10 aggressively on customer devices to meet the 1 billion devices with Windows in 2-3 years goal, suggested growth is impressive. If you add the fact that Windows 11 can't be installed easily on incompatible devices, it is even more of a feat.</p> <p><a href="https://www.ghacks.net/2015/07/29/how-to-download-windows-10-and-create-installation-media/" data-wpel-link="internal">Microsoft released Windows 10 on July 29, 2015 officially</a>. One month later, on August 27, Microsoft revealed that Windows 10 was running on <a href="https://www.ghacks.net/2015/08/27/windows-10-stats-75-million-devices-6x-more-app-downloads-per-device/" data-wpel-link="internal">75 million devices</a>. Windows 11 would have to be running on 150 million devices one month after release at this stage to see twice the adoption rate.</p> <p>Windows 10 growth slowed down shortly thereafter. It took the operating system almost two years to reach <a href="https://www.ghacks.net/2017/05/11/windows-10-500-million-machines-and-counting/" data-wpel-link="internal">the 500 million devices milestone</a>.  Microsoft has not revealed the number of devices that Windows 11 is running on since the launch of the operating system.</p> <p><strong>Now You:</strong> do you run Windows 11? Do you agree with Microsoft's statement on the quality of the operating system? (via <a href="https://www.neowin.net/news/microsofts-panos-panay-reiterates-that-windows-11-is-all-about-quality/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Neowin</a>)</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/23/microsoft-windows-11s-product-satisfaction-and-adoption-is-highest-ever/" data-wpel-link="internal">Microsoft: Windows 11&#039;s product satisfaction and adoption is highest ever</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  10. Proton will increase the prices of premium plans for new subscribers of ProtonMail and VPN

    2022-05-23 12:15:31 UTC

    Proton AG has announced that it is making some changes to its services. The company published an article about it a few days ago, but has since replaced it with a different […]

    Thank you for being a Ghacks reader. The post Proton will increase the prices of premium plans for new subscribers of ProtonMail and VPN appeared first on gHacks Technology News.

    <p>Proton AG has announced that it is making some changes to its services. The company published an article about it a few days ago, but has since replaced it with a different version.</p> <p><img class="alignnone size-full wp-image-178719" src="https://www.ghacks.net/wp-content/uploads/2022/05/Proton-will-increase-price-of-premium-plans-for-new-subscribers-of-ProtonMail-and-VPN.png" alt="Proton will increase price of premium plans for new subscribers of ProtonMail and VPN" width="1024" height="512" /></p> <p>I compared both articles to gather the important information from them.</p> <h3><strong>What are the upcoming changes to ProtonMail?</strong></h3> <p>Proton wants to update its services with a uniform design to represent its brand. This "visual identity" will include new logos and colors by which users will recognize Proton's services. The unified service will be accessible from the Proton.me domain. The company is shifting to it to highlight the fact that it offers more than just mail services, it has ProtonDrive, Calendar, VPN, etc. It's quite similar to what Google does with its suite of web apps.</p> <p>While your <a href="https://www.ghacks.net/2022/04/27/protonmail-will-not-delete-inactive-user-accounts-for-former-premium-subscribers/" target="_blank" rel="noopener" data-wpel-link="internal">ProtonMail</a> address will remain the same, any official communication including newsletters, notifications, password reset messages that you receive from the company will use the @proton.me domain instead of @protonmail.com. So don't be alarmed thinking you got a mail from a user who is impersonating the brand. Mails from Proton are always starred to indicate it is sent by the company.</p> <p>The original article indicated that Proton will redirect users who access Protonmail.com, mail.protonmail.com, calendar.protonmail.com, etc., to their respective Proton.me domains. This will only affect new user sessions, i.e., users who are already logged in to their accounts will remain on the .com domain. ProtonVPN will also remain at protonvpn.com for now, but it too will be updated in the future. The unified service will allow users to add events in your mails to your calendar, and files that you have stored in Proton Drive can be sent as attachments simply by linking to them.</p> <p>And now, for the important changes regarding the Premium subscription plans.</p> <h4><strong>Upcoming changes to Proton Plans<br /> </strong></h4> <p>After listening to feedback from users, Proton says that it will not change the prices of the plans for existing subscribers. It is worth mentioning that the original announcement caused a bit of confusion, as it did not mention whether this price hike would affect renewals, but the updated post has confirmed that existing subscribers can renew their plan at the current prices. This basically confirms that new users will have to pay a higher fee than the current rates.</p> <p>The original article also mentioned that Proton users who subscribe to ProtonMail and ProtonVPN will be automatically updated to a new bundle that also includes Proton Drive and Proton Calendar, and that this upgrade will be free of charge. But that statement has been removed in the new article, it now reads "all plans will be upgraded to provide more storage and features for our existing subscribers". This probably includes Drive and Calendar.</p> <p>Here are the current prices of ProtonMail and ProtonVPN for reference.</p> <img width="1171" height="597" src="https://www.ghacks.net/wp-content/uploads/2022/05/ProtonMail-prices-Euros.jpg" class="attachment-full size-full" alt="ProtonMail prices Euros" link="none" columns="2" size="full" ids="178716,178717,178714,178715" orderby="post__in" include="178716,178717,178714,178715" /> <img width="1171" height="597" src="https://www.ghacks.net/wp-content/uploads/2022/05/ProtonMail-prices-May-2022.jpg" class="attachment-full size-full" alt="ProtonMail prices May 2022" link="none" columns="2" size="full" ids="178716,178717,178714,178715" orderby="post__in" include="178716,178717,178714,178715" /> <img width="1200" height="467" src="https://www.ghacks.net/wp-content/uploads/2022/05/ProtonVPN-prices-Euros-scaled.jpg" class="attachment-full size-full" alt="ProtonVPN prices Euros" link="none" columns="2" size="full" ids="178716,178717,178714,178715" orderby="post__in" include="178716,178717,178714,178715" /> <img width="1200" height="467" src="https://www.ghacks.net/wp-content/uploads/2022/05/ProtonVPN-prices-May-2022-scaled.jpg" class="attachment-full size-full" alt="ProtonVPN prices May 2022" link="none" columns="2" size="full" ids="178716,178717,178714,178715" orderby="post__in" include="178716,178717,178714,178715" /> <p>I didn't save a screenshot of the original announcement or the page itself to web archive, but my RSS reader saved an offline copy of the contents. I used the text from it to upload the text to a privacy-friendly <a href="https://privatepastebin.com/?450bf777d24b9f85#Czfj4TjxkA5ZExLEARcNGG89v6SVXpAHoDL8AYr11z5Y" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">paste bin</a> site. You can read it, and compare it with the current post on <a href="https://protonmail.com/blog/upcoming-changes/" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">Proton's site</a>. It's important because the new article seems to lack some information.</p> <p><img class="alignnone size-full wp-image-178718" src="https://www.ghacks.net/wp-content/uploads/2022/05/Protonmail-rss-feed-reader.jpg" alt="Protonmail rss feed reader" width="1200" height="646" /></p> <p>Proton intends to roll out the updates to its services this week, but has not revealed its new premium plan prices yet.</p> <p>What's your take on this? Will you lock in to the current prices by subscribing to a plan now?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/23/protonmail-and-vpn-price-increase-incoming/" data-wpel-link="internal">Proton will increase the prices of premium plans for new subscribers of ProtonMail and VPN</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  11. Brave joins Mozilla in declaring Google's First-Party Sets feature harmful to privacy

    2022-05-23 05:29:06 UTC

    First-Party Sets is a proposed feature by Google that is designed to give site owners an option to declare multiple owned sites as first-party. Companies may own multiple domain names, and with […]

    Thank you for being a Ghacks reader. The post Brave joins Mozilla in declaring Google's First-Party Sets feature harmful to privacy appeared first on gHacks Technology News.

    <p>First-Party Sets is a proposed feature by Google that is designed to give site owners an option to declare multiple owned sites as first-party. Companies may own multiple domain names, and with first-party sets, they could get supporting browsers to handle all of the properties identical.</p> <p><img class="alignnone size-full wp-image-178711" src="https://www.ghacks.net/wp-content/uploads/2022/05/google-first-party-sets-privacy.png" alt="google first-party sets privacy" width="1427" height="665" /></p> <p>Currently, different domain names are considered third-parties in most cases, even if they belong to the same company. With the new technology in place, Google could group all of its properties together to improve communication and data flows between them.</p> <p>Brave believes that first-party sets are harmful to user privacy, as companies may use the feature to track users across their properties. Third-party cookies, which are used for the same tracking purpose, will be a thing of the past soon.</p> <p>Google explains that first-party sets "define a more realistic 'privacy boundary' by reflecting the real-world organization of websites, which often span multiple registrable domains".  Google points out that the feature would standardize functionality for the entire Web.</p> <p>Mozilla, the organization that is making the Firefox web browser, <a href="https://github.com/mozilla/standards-positions/pull/360" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">declared</a> First-Party Sets harmful back in 2020. Feedback from Apple was positive, according <a href="https://chromestatus.com/feature/5640066519007232" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">to this</a> Chrome Status page.</p> <p>Brave Software, maker of the Brave browser, joined Mozilla recently in declaring first-party sets an anti-privacy feature. Brave Senior director of privacy, Peter Snyder, pointed out on the official blog that the adoption of the feature would make it harder for "user-respecting browsers to protect their users' privacy".</p> <blockquote><p>First-Party Sets will allow more sites to track more of your behavior on the Web, and make it more difficult for users to predict how their information will be shared.</p></blockquote> <p>Snyder believes that Chrome's dominance will likely lead to the implementation of the feature in other browsers to "maintain compatibility with the Web". Chrome has a market share of over 60% and many browsers are using the same source as Chrome already. The two main exceptions are Apple's Safari and Mozilla's Firefox web browser. Other browsers, including Microsoft Edge, Brave, Vivaldi or Opera, use Chromium as the source.</p> <p>First-party sets enable the tracking of users across properties that organizations and individuals own. Google could declare most of its properties a first-party set; this would mean that if a user is known on google.com, it is also known on any other site of the first-party set, even if that site was never visited or is visited for the first time.</p> <p>Google would know about the user who visits YouTube, Blogger, or Alphabet.com for the first time, provided that these domains would be in the same first-party set.  Worse still, according to Snyder, users would have no control over the mechanism.</p> <p>Google is arguing that first-party sets is improving privacy, as it paves the way for removing support for third-party cookies in the browser. Snyder argues that first-party sets is not a privacy feature, but one designed to "ensure companies can continue to identify and track people across sites".</p> <p>Google is continuing its work on its Privacy Sandbox project. The company dropped support for the controversial FLoC in January 2022 to replace it with the <a href="https://www.ghacks.net/2022/01/26/google-drops-floc-and-announces-topics-as-the-future-cookie-less-advertising-system/" data-wpel-link="internal">equally-controversial Topics system</a>. The company is <a href="https://www.ghacks.net/2022/04/26/chrome-101-ships-with-controversial-advertising-system-trials/" data-wpel-link="internal">running advertising system trials in Chrome currently</a>.</p> <p>Chrome's dominance makes it difficult to oppose features. While browser makers may choose to ignore certain features that Google implements in Chromium and Chrome, it could result in web compatibility issues, as many developers look at Chrome first when it comes to web standards and support.</p> <p><strong>Now You:</strong> what is your take on first-party sets?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/23/brave-joins-mozilla-in-declaring-googles-first-party-sets-feature-harmful-to-privacy/" data-wpel-link="internal">Brave joins Mozilla in declaring Google&#039;s First-Party Sets feature harmful to privacy</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  12. Ubuntu 22.10 is dropping PulseAudio

    2022-05-23 04:28:06 UTC

    Ubuntu 22.10 is making a big change to the future of the Ubuntu Linux distribution line, by switching the audio server setup from PulseAudio to PipeWire. The news was confirmed officially by […]

    Thank you for being a Ghacks reader. The post Ubuntu 22.10 is dropping PulseAudio appeared first on gHacks Technology News.

    <p>Ubuntu 22.10 is making a big change to the future of the Ubuntu Linux distribution line, by switching the audio server setup from PulseAudio to PipeWire.</p> <p><img class="alignnone size-full wp-image-178221" src="https://www.ghacks.net/wp-content/uploads/2022/04/Ubuntu_22.04-scaled.jpg" alt="" width="1200" height="502" srcset="https://www.ghacks.net/wp-content/uploads/2022/04/Ubuntu_22.04-scaled.jpg 1200w, https://www.ghacks.net/wp-content/uploads/2022/04/Ubuntu_22.04-1536x643.jpg 1536w, https://www.ghacks.net/wp-content/uploads/2022/04/Ubuntu_22.04-2048x857.jpg 2048w" sizes="(max-width: 1200px) 100vw, 1200px" /></p> <p>The news was confirmed officially by Canonical Employee and Ubuntu Desktop Developer, Heather Ellsworth, on the Ubuntu Discourse thread about the <a href="https://discourse.ubuntu.com/t/pipewire-as-a-replacement-for-pulseaudio/28489" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">topic,</a></p> <p>“<em>That’s right, as of today the Kinetic iso (pending, not yet current since the changes were just made) has been updated to run only pipewire and not pulseaudio. So <a href="https://discourse.ubuntu.com/u/copong" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">@copong</a>, you can look forward to this for kinetic.</em></p> <p><em>For Jammy, you might notice that you have both pipewire and pulseaudio running. This is because pulseaudio is still being used for the audio but pipewire is being used for the video. (Pipewire is needed for screencasting and screensharing on Wayland.)</em></p> <p><em>I hope that clears up our plans regarding pipewire/pulseaudio but let us know if you have more questions.</em>”</p> <p>Ubuntu currently for 22.04LTS uses PipeWire for screencasting, but is still using PulseAudio for audio.</p> <p><img class="size-full wp-image-178705" style="-webkit-user-drag: none; display: inline-block; margin-bottom: -1ex;" src="https://www.ghacks.net/wp-content/uploads/2022/05/pipewire.gif" alt="Image courtesy of Pipewire.org" width="160" height="144" />Image courtesy of Pipewire.org</p> <p>Other popular distributions that use PipeWire are Fedora, EndeavourOS and Slackware.</p> <p>The PipeWire <a href="https://pipewire.org/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">homepage</a> says,</p> <p>“<em>PipeWire is a project that aims to greatly improve handling of audio and video under Linux. It provides a low-latency, graph based processing engine on top of audio and video devices that can be used to support the use cases currently handled by both pulseaudio and JACK. PipeWire was designed with a powerful security model that makes interacting with audio and video devices from containerized applications easy, with supporting Flatpak applications being the primary goal. Alongside Wayland and Flatpak we expect PipeWire to provide a core building block for the future of Linux application development.</em>”</p> <p>There are instructions for installing PipeWire directly on the front page of the site, which is always cool to see as it makes it very simple for users. As well, the PipeWire documentation seemed fairly thorough as I skimmed through it, so if you do want to dig deeper beyond the installation instructions, plenty of information is available at their <a href="https://docs.pipewire.org/page_overview.html" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">docs</a> page.</p> <p>I can say that I have no personal experience that is of note with PipeWire. I have used and I adore EndeavourOS, but I am unsure if the last time I used it, it used PipeWire, and to what extent. So, I can not give a personal review at this time; however, I can say that after digging a bit deeper and researching into this topic more for this article, I think PipeWire does sound like the way forward, in comparison to PulseAudio. PulseAudio works…sort of…until it doesn’t…And it’s served us for years, but I don’t think I know many Linux users who would turn down switching to a different audio system if it meant more stability, less latency, and plenty of customization and power under the hood. I for one am looking forward to the next Ubuntu release, and I will be sure to test out and comment about the audio when I do a review of it in the fall of 2022!</p> <h3>NOW YOU</h3> <p>What are your thoughts on the switch of audio systems from PulseAudio to PipeWire? Do you have experience using it for audio in your own configuration? Let us know in the comments!</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/23/ubuntu-22-10-dropping-pulseaudio/" data-wpel-link="internal">Ubuntu 22.10 is dropping PulseAudio</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  13. Microsoft Turing Image Super Resolution promises to do away with low-res images everywhere

    2022-05-22 06:06:33 UTC

    Did you ever have to look at or work with bad quality images? Maybe an image from an old camera that is low resolution, a badly taken photo of an eBay auction […]

    Thank you for being a Ghacks reader. The post Microsoft Turing Image Super Resolution promises to do away with low-res images everywhere appeared first on gHacks Technology News.

    <p>Did you ever have to look at or work with bad quality images? Maybe an image from an old camera that is low resolution, a badly taken photo of an eBay auction item, or a post on a forum that showed only the thumbnails but not the full images? There is often little that you can do to improve the quality of such images.  While you may be able to find a better version, e.g., by running reverse image searches, there is no guarantee for that.</p> <figure id="attachment_178700" aria-describedby="caption-attachment-178700" style="width: 1479px" class="wp-caption alignnone"><img class="size-full wp-image-178700" src="https://www.ghacks.net/wp-content/uploads/2022/05/microsoft-turing-image-super.png" alt="microsoft turing image super" width="1479" height="793" /><figcaption id="caption-attachment-178700" class="wp-caption-text">source: <a href="https://blogs.bing.com/search-quality-insights/may-2022/Turing-Image-Super-Resolution" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Microsoft Bing</a></figcaption></figure> <p>Microsoft believes it has the answer for that. Turing Image Super Resolution is using AI to enhance images. Already used on Bing Maps and currently being rolled out to some Microsoft Edge Canary users, Microsoft <a href="https://blogs.bing.com/search-quality-insights/may-2022/Turing-Image-Super-Resolution" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">believes</a> that its technology will do away with bad and low resolution images everywhere in the future.</p> <blockquote><p>The ultimate mission for the Turing Super-Resolution effort is to turn any application where people view, consume or create media into an “HD” experience. We are closely working with key teams across Microsoft to explore how to achieve that vision in more places and on more devices.</p></blockquote> <p>Microsoft published a blog post on the official Microsoft Bing blog in which the company explains the technology. Several before and after photos are provided to highlight the changes that Turing-ISR made to the original photos. The thumbnail images that Microsoft posted lack quality, and it is necessary to open the images or save them to the local system to compare the full resolution versions against each other.</p> <p>When you do, you may notice that Turing Image Super Resolution is capable of performing different operations on source images. Besides improving the resolution of images right away, it may also improve the clarity of images or enhance images in other ways.</p> <figure id="attachment_178701" aria-describedby="caption-attachment-178701" style="width: 4281px" class="wp-caption alignnone"><img class="size-full wp-image-178701" src="https://www.ghacks.net/wp-content/uploads/2022/05/deep-zoom.png" alt="" width="4281" height="1801" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/deep-zoom.png 4281w, https://www.ghacks.net/wp-content/uploads/2022/05/deep-zoom-1536x646.png 1536w, https://www.ghacks.net/wp-content/uploads/2022/05/deep-zoom-2048x862.png 2048w" sizes="(max-width: 4281px) 100vw, 4281px" /><figcaption id="caption-attachment-178701" class="wp-caption-text">source: <a href="https://blogs.bing.com/search-quality-insights/may-2022/Turing-Image-Super-Resolution" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Microsoft Bing</a></figcaption></figure> <p>Microsoft is using the new technology on Bing Maps' <a href="https://www.bing.com/maps?osid=57866c43-69ac-46e9-8edb-633c97d3b07a&amp;cp=41.902559%7E12.453252&amp;lvl=19.0&amp;style=a&amp;imgid=035d20b4-675b-44c5-a705-70d67896cc07&amp;v=2&amp;sV=2&amp;form=S00027" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">aerial imagery</a> feature already. Microsoft states that it has rolled out the functionality to "most of the world's land area" already, and that 98% of side-by-side test users preferred the enhanced imagery over the originals.</p> <p>Some Microsoft Edge Canary users are already seeing image enhancements in the browser. Microsoft does not provide details on the implementation in Edge at this time, but explains, that it is using content distribution networks for enhanced images to avoid having to process images repeatedly.</p> <p>The company's goal is to turn "Microsoft Edge into the best browser for viewing images on the web" according to the blog post.</p> <p>The technical part of the blog post provides details on the model, including on how it cleans, enhances and scales images. The improvements work on all kinds of images, including images with text.</p> <p>Closing Words</p> <p>Improved image qualities of low quality images appears to be something that most Internet users would welcome. The implementation matters: is the functionality enabled all the time? what about on/off switches or exceptions? what about Telemetry and connections to Microsoft controlled CDNs whenever these images are displayed in the browser?</p> <p><strong>Now You: </strong>do you find AI image enhancements on the Web and elsewhere useful?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/22/microsoft-turing-image-super-resolution-promises-to-do-away-with-low-res-images-everywhere/" data-wpel-link="internal">Microsoft Turing Image Super Resolution promises to do away with low-res images everywhere</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  14. Pwn2Own 2022: Windows 11, Ubuntu, Firefox, Safari, Tesla and more hacked

    2022-05-21 17:52:46 UTC

    The hacking event Pwn2Own took place from May 18 to May 20 of 2022. This year, security researchers managed to hack Windows 11 and Ubuntu, Firefox, Safari, Microsoft Teams, a Tesla and […]

    Thank you for being a Ghacks reader. The post Pwn2Own 2022: Windows 11, Ubuntu, Firefox, Safari, Tesla and more hacked appeared first on gHacks Technology News.

    <p>The hacking event Pwn2Own took place from May 18 to May 20 of 2022. This year, security researchers managed to hack Windows 11 and Ubuntu, Firefox, Safari, Microsoft Teams, a Tesla and other targets successfully during the three days of the event.</p> <figure id="attachment_178697" aria-describedby="caption-attachment-178697" style="width: 1200px" class="wp-caption alignnone"><img class="wp-image-178697 size-full" src="https://www.ghacks.net/wp-content/uploads/2022/05/pwn2own-2022-scaled.jpg" alt="pwn2own 2022" width="1200" height="900" /><figcaption id="caption-attachment-178697" class="wp-caption-text">Source: <a href="https://www.zerodayinitiative.com/blog/2022/5/18/pwn2own-vancouver-2022-the-results#three" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Zero Day Initiative</a></figcaption></figure> <p>Pwn2Own is a yearly event that brings together security researchers from all over the world. On the 15th anniversary of the event, 17 security researchers attempted to exploit 21 targets across multiple categories.</p> <p>On day 1 of the event, researchers managed to hack Microsoft Teams, Oracle VirtualBox, Mozilla Firefox, Microsoft Windows 11, Apple Safari, and Ubuntu Desktop. Microsoft Teams and Ubuntu Desktop were hacked successfully multiple teams during the day. All attempts were successful on the day.</p> <p>On day 2,  security researchers hacked the Tesla Model 3 Infotainment System, Ubuntu Desktop and Microsoft windows 11. Ubuntu Desktop was hacked twice successfully. Two hacking attempts against Microsoft Windows 11 and Tesla failed on that day.</p> <p>On day 3, hackers managed to exploit Windows 11 and Ubuntu Desktop successfully. Researchers exploited Microsoft's Windows 11 operating system thrice on the day, with no failed attempts.</p> <p>Mozilla did release an update for the organization's Firefox web browser already. <a href="https://www.ghacks.net/2022/05/21/mozilla-patches-two-critical-security-issues-in-firefox-and-thunderbird/" data-wpel-link="internal">Firefox 100.0.2</a>, Firefox ESR 91.9.1, Firefox for Android 100.3, and Thunderbird 91.9.1 are already available with patches for the reported security vulnerability.</p> <p>Here is an overview of the successful Windows 11 hacks:</p> <blockquote><p>Marcin Wi?zowski was able to execute an out-of-bounds write escalation of privilege on Microsoft Windows 11, earning $40,000 and 4 Master of Pwn points, and high praise on the accompanying whitepaper from the Microsoft team.</p> <p>Phan Thanh Duy (@PTDuy and Lê H?u Quang Linh (@linhlhq of STAR Labs earned $40K and 4 Master of Pwn points for a Use-After-Free elevation of privilege on Microsoft Windows 11.</p> <p>T0 was able to successfully show an improper access control bug leading to elevation of privilege on Microsoft Windows 11 - earning $40,000 and 4 Master of Pwn points.</p> <p>nghiadt12 from Viettel Cyber Security was able to successfully show an escalation of privilege via Integer Overflow on Microsoft Windows 11 - earning $40,000 and 4 Master of Pwn points.</p> <p>vinhthp1712 successfully achieved Elevation of Privilege via Improper Access Control on Microsoft Windows 11. vinhthp1712 earns $40,000 and 4 Master of Pwn points</p> <p>On the final attempt of the competition, Bruno PUJOS (@brunopujos) from REverse Tactics successfully achieved Elevation of Privilege via Use-After-Free on Microsoft Windows 11. Bruno earns $40,000 and 4 Master of Pwn points.</p></blockquote> <p>Microsoft is expected to release updates for Windows 11 in the coming weeks. A likely target is the June 2022 Patch Day, which is scheduled for June 14, 2022. Critical security issues may be patched earlier by the company, as emergency updates may be released to address issues at any time.</p> <p>Vendors whose products were attacked during the event "have 90 days to produce a fix" for discovered vulnerabilities, <a href="https://www.zerodayinitiative.com/blog/2022/5/18/pwn2own-vancouver-2022-the-results#three" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">according</a> to the Zero Initiate website.</p> <p>You may check out the full overview of the event <a href="https://www.zerodayinitiative.com/blog/2022/5/18/pwn2own-vancouver-2022-the-results#one" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">here</a> if you are interested in additional details on specific hacks or links to the hacker profiles of security researchers who participated in the event.</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/21/pwn2own-2022-windows-11-ubuntu-firefox-safari-tesla-and-more-hacked/" data-wpel-link="internal">Pwn2Own 2022: Windows 11, Ubuntu, Firefox, Safari, Tesla and more hacked</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  15. Mozilla patches two critical security issues in Firefox and Thunderbird

    2022-05-21 05:08:01 UTC

    Mozilla published updates for its Firefox and Firefox ESR web browsers on May 20, 2022. The Thunderbird development team released a patch for the email client as well. The security updates patch […]

    Thank you for being a Ghacks reader. The post Mozilla patches two critical security issues in Firefox and Thunderbird appeared first on gHacks Technology News.

    <p>Mozilla published updates for its Firefox and Firefox ESR web browsers on May 20, 2022. The Thunderbird development team released a patch for the email client as well. The security updates patch two critical security issues in the Firefox web browser and Thunderbird.</p> <p><img class="alignnone size-full wp-image-178693" src="https://www.ghacks.net/wp-content/uploads/2022/05/firefox-100.0.2-security-update.png" alt="firefox 100.0.2 security update" width="1562" height="856" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/firefox-100.0.2-security-update.png 1562w, https://www.ghacks.net/wp-content/uploads/2022/05/firefox-100.0.2-security-update-1536x842.png 1536w" sizes="(max-width: 1562px) 100vw, 1562px" /></p> <p>Here is the list of products with updates:</p> <ul> <li>Firefox 100.0.2</li> <li>Firefox ESR 91.9.1</li> <li>Firefox for Android 100.3</li> <li>Thunderbird 91.9.1</li> </ul> <p>The updates are available already, and most user installations will be updated automatically. Desktop users who don't want to wait until that happens may run a manual check for updates to speed up the installation.</p> <ul> <li><strong>Firefox</strong>: select Menu &gt; Help &gt; About Firefox. Firefox runs a manual check for updates. Any update that is found will be downloaded and installed.</li> <li><strong>Thunderbird</strong>: select Help &gt; About Thunderbird. Thunderbird will also check for updates and install any that it finds.</li> </ul> <p>Note: Firefox for Android is updated via Google Play. There is no option to speed up the delivery of updates on Android via Google Play.</p> <p>The <a href="https://www.mozilla.org/en-US/firefox/100.0.2/releasenotes/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">official release notes</a> list a single entry, that confirm the security nature of the update. Mozilla published a <a href="https://www.mozilla.org/en-US/security/advisories/mfsa2022-19/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">security advisory</a> for all affected versions of the web browser that provide additional details on the issues:</p> <p>There, users find out that two security issues have been patched in the update. Both issues have the severity rating of critical, the highest rating that is available. They were reported to Mozilla by Manfred Paul via Trend Micro's Zero Day Initiative.</p> <blockquote><p>CVE-2022-1802: Prototype pollution in Top-Level Await implementation</p> <p>If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context.</p> <p>CVE-2022-1529: Untrusted input used in JavaScript object indexing, leading to prototype pollution</p> <p>An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process.</p></blockquote> <p>The linked bug reports are restricted. Mozilla makes no mention of attacks in the wilds that target these vulnerabilities.</p> <p>Firefox and Thunderbird users may want to update their applications quickly to protect them against attacks targeting these issues.</p> <p><strong>Now You:</strong> when do you update your applications?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/21/mozilla-patches-two-critical-security-issues-in-firefox-and-thunderbird/" data-wpel-link="internal">Mozilla patches two critical security issues in Firefox and Thunderbird</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  16. Here is why Microsoft continues to add unpopular features to Windows

    2022-05-20 11:06:05 UTC

    Microsoft plans to release two feature updates for its Windows operating systems later this year. Work on future feature updates continues unhindered as well, and the first builds of the 2023 feature […]

    Thank you for being a Ghacks reader. The post Here is why Microsoft continues to add unpopular features to Windows appeared first on gHacks Technology News.

    <p>Microsoft plans to release two feature updates for its Windows operating systems later this year. Work on future feature updates continues unhindered as well, and the first builds of the 2023 feature update version are already available.</p> <p><img class="alignnone size-full wp-image-178685" src="https://www.ghacks.net/wp-content/uploads/2022/05/search-widget-in-Windows-11-build-25120.png" alt="search widget in Windows 11 build 25120" width="1200" height="609" /></p> <p>One of the <a href="https://www.ghacks.net/2022/05/19/windows-11-insider-preview-build-25120-brings-a-search-bar-widget-on-the-desktop/" data-wpel-link="internal">recent changes</a> to these 2023 feature update preview builds is a new desktop search widget. Enabled on a small number of test devices only, the search widget adds a search form field to the Windows desktop. Users may use it to run searches using Microsoft's Bing search engine.</p> <p>Web addresses may be entered directly to open sites, but any other input is redirected to Microsoft's Bing search engine. All requests are opened in Microsoft's Edge web browser when the search widget is used.</p> <p><img class="alignnone size-full wp-image-178684" src="https://www.ghacks.net/wp-content/uploads/2022/05/windows-11-search-widget-results.png" alt="windows 11 search widget results" width="844" height="395" /></p> <p>Microsoft Edge is used exclusively for the feature with no built-in option to change the browser. Since there is also no option to change the search engine, users are left with Bing search results when they use the search widget on the device.</p> <p>It is easy enough to disable the search widget. All it takes is to right-click on the desktop, select "Show More Options" and to click on the "Show Search" option toggle.</p> <h3>An influx of unpopular features</h3> <p><img class="alignnone size-full wp-image-178261" src="https://www.ghacks.net/wp-content/uploads/2022/04/windows-search-highlights-windows-10.png" alt="windows search highlights windows 10" width="1446" height="1175" /></p> <p>Microsoft added several features to its Windows operating system in recent time that are unpopular or even considered useless by part of the userbase.</p> <p>In March 2022, <a href="https://www.ghacks.net/2022/03/12/windows-11-search-highlights/" data-wpel-link="internal">Microsoft introduced the Search Highlight feature</a>, which added information about the current day to Windows Widgets and icons to the taskbar; the latter confused some users, who suddenly noticed changing icons on their taskbar that they did not put there.</p> <p>Windows Widgets is another controversial feature. It adds news, weather reports, stock market information and other bits to Windows. Currently, only first-party widgets are supported, including those powered by Microsoft MSN and Bing. Microsoft plans to extend <a href="https://www.ghacks.net/2022/01/17/third-party-windows-11-widgets-are-coming/" data-wpel-link="internal">Windows Widgets to support third-party additions in the future</a>.</p> <p>The Search widget is the latest addition that is controversial. Ashwin pointed out that it is not adding anything of use to the system, as searches may already be run using the built-in search functionality of the operating system.</p> <p>Why is Microsoft adding these features then to the operating system? Some users may find the functionality useful, especially if they have used more complicated means previously.</p> <p>One explanation for the influx of features associated with Bing and Microsoft Edge is that Microsoft wants to increase usage of Edge, Bing and other Microsoft properties. Increased usage increases Microsoft's revenue at the same time, as advertising revenue increases with usage. The features may also keep users in Microsoft's ecosystem of services and applications longer.</p> <p>The features are enabled by default, as this ensures that the majority of users are exposed to them. Disabling is just a few clicks away, but it may not always be apparent right away. For instance, a right-click on the Widgets icon does nothing; you have to right-click on the taskbar instead, select Taskbar Settings, and toggle the Widget icon there to hide it.</p> <p><strong>Now You:</strong> do you find any of the recent Bing/MSN/Search feature additions useful?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/20/here-is-why-microsoft-continues-to-add-unpopular-features-to-windows/" data-wpel-link="internal">Here is why Microsoft continues to add unpopular features to Windows</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  17. How to enable the search widget in Windows 11 Insider Preview Builds for testing

    2022-05-20 09:55:30 UTC

    Microsoft introduced a search bar on the desktop in Build 25120 that was released yesterday to the Dev Channel in the Insider Preview Program. The feature is being tested on a limited […]

    Thank you for being a Ghacks reader. The post How to enable the search widget in Windows 11 Insider Preview Builds for testing appeared first on gHacks Technology News.

    <p>Microsoft introduced a search bar on the desktop in <a href="https://www.ghacks.net/2022/05/19/windows-11-insider-preview-build-25120-brings-a-search-bar-widget-on-the-desktop/" target="_blank" rel="noopener" data-wpel-link="internal">Build 25120</a> that was released yesterday to the Dev Channel in the Insider Preview Program. The feature is being tested on a limited basis, so not everyone has access to it. But, if you can't want to try it, we show you how to enable the search widget in Windows 11 right now.</p> <p><img class="alignnone size-full wp-image-178685" src="https://www.ghacks.net/wp-content/uploads/2022/05/search-widget-in-Windows-11-build-25120.png" alt="search widget in Windows 11 build 25120" width="1200" height="609" /></p> <h3><strong>How to enable the search widget in Windows 11</strong></h3> <p>1. Download the ViveTool application from its <a href="https://github.com/thebookisclosed/ViVe/releases/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">GitHub page</a>.</p> <p>2. Extract the ZIP file's contents to any folder.</p> <p>3. Open a Terminal window as an administrator.</p> <p>4. Copy and paste the following code in the window.</p> <p>.\vivetool addconfig 37969115 2</p> <p>The command window should display a message that says "Successfully set feature configuration".</p> <p><img class="alignnone size-full wp-image-178687" src="https://www.ghacks.net/wp-content/uploads/2022/05/How-to-enable-the-search-widget-in-Windows-11-25120.png" alt="How to enable the search widget in Windows 11 25120" width="1113" height="626" /></p> <p>Credit: <a href="https://twitter.com/WithinRafael/status/1527155014522720256" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">WithinRafael</a></p> <h4><strong>Accessing the search bar</strong></h4> <p>Close the command window, and go to your desktop screen. The search bar won't be visible on it, even though you just enabled it. You can access it without rebooting the computer.</p> <p>1. Right-click anywhere on the desktop, and select Show More Options.</p> <p><img class="alignnone size-full wp-image-178682" src="https://www.ghacks.net/wp-content/uploads/2022/05/enabling-the-search-bar-in-windows-11.png" alt="enabling the search bar in windows 11" width="832" height="481" /></p> <p>2. This menu has a "Show Search" option, it will have a checkmark next to it.</p> <p><img class="alignnone size-full wp-image-178683" src="https://www.ghacks.net/wp-content/uploads/2022/05/enable-search-widget-in-windows-11.png" alt="enable search widget in windows 11" width="619" height="442" /></p> <p>3. Toggle the option to disable it.</p> <p>Repeat the above steps, and you should see the search widget on the desktop. Give it a try.</p> <p>Don't like it? Use the following command to remove the search bar.</p> <p>.\vivetool delconfig 37969115 2</p> <p>You will need to restart Explorer.exe from the Task Manager, or restart the computer to apply the changes.</p> <h4><strong>A few observations about the search widget in Windows 11</strong></h4> <p>When you type your query in it, the search bar will display some results in a pane, aka search suggestions. Click on it, or hit the Enter key and Windows 11 will open the results via Bing, in Microsoft Edge. Entering a URL such as ghacks.net will directly open the website in Edge.</p> <p><img class="alignnone size-full wp-image-178684" src="https://www.ghacks.net/wp-content/uploads/2022/05/windows-11-search-widget-results.png" alt="windows 11 search widget results" width="844" height="395" /></p> <p>There are no options to configure the widget's behavior. The biggest issue here is that all results from the widget are opened in Microsoft Edge, even if you have set a different program as your default web browser. There aren't any keyboard shortcuts to access the tool. The search widget's right-click menu has some basic options to edit the text.</p> <p><img class="alignnone size-full wp-image-178686" src="https://www.ghacks.net/wp-content/uploads/2022/05/windows-11-search-bar-on-desktop.png" alt="windows 11 search bar on desktop" width="812" height="387" /></p> <p>Having tried it out, I think the widget is sort of pointless, as you can do the same things (paste a URL, or perform web searches) directly from the Start Menu. The new search widget in Windows 11 is quite obtrusive, since it is not opaque it hides part of the wallpaper. It stays on the desktop permanently with no option to hide it, and you cannot move the widget or resize it either. The widget is still in an early phase, so hopefully we can expect some improvements to it in the future.</p> <p><img class="alignnone size-full wp-image-178681" src="https://www.ghacks.net/wp-content/uploads/2022/05/microsoft-powertoys-power-run.png" alt="microsoft powertoys power run" width="792" height="356" /></p> <p>If you really need a similar search tool/launcher app, try Microsoft <a href="https://github.com/microsoft/PowerToys/releases/" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">PowerToys</a>. It has a utility called PowerToys Run, which has more options than the new widget, as it can be used to search files on your computer, open applications, etc. The app is similar to the Spotlight tool in macOS. PowerToys Run tool hides automatically when not in use, and you can trigger it using Alt + Space. It also respects your default browser setting to handle web searches.</p> <p>The <a href="https://www.ghacks.net/2013/06/17/latest-everything-desktop-search-beta-build-introduces-64-bit-version/" target="_blank" rel="noopener" data-wpel-link="internal">Everything</a> desktop search engine is an excellent alternative as well, and you can use the <a href="https://www.ghacks.net/2020/10/09/add-everything-search-to-the-windows-taskbar-for-even-faster-searches/" target="_blank" rel="noopener" data-wpel-link="internal">Everything Toolbar</a> to access it quickly from the Taskbar.</p> <p>Have you tried the new search widget in Windows 11?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/20/how-to-enable-the-search-widget-in-windows-11/" data-wpel-link="internal">How to enable the search widget in Windows 11 Insider Preview Builds for testing</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  18. Windows Server out-of-band update addressing authentication issues released

    2022-05-20 04:44:23 UTC

    Microsoft released updates for various Windows Server versions that address issues that were experienced after installation of the May 2022 security updates. The updates address the authentication issues and the Microsoft Store […]

    Thank you for being a Ghacks reader. The post Windows Server out-of-band update addressing authentication issues released appeared first on gHacks Technology News.

    <p>Microsoft released updates for various Windows Server versions that address issues that were experienced after installation of the <a href="https://www.ghacks.net/2022/05/10/microsoft-windows-security-updates-may-2022-overview/" data-wpel-link="internal">May 2022 security updates</a>.</p> <p><img class="alignnone size-full wp-image-178678" src="https://www.ghacks.net/wp-content/uploads/2022/05/windows-server-authentication-fix-update.png" alt="windows-server authentication fix update" width="1920" height="1012" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/windows-server-authentication-fix-update.png 1920w, https://www.ghacks.net/wp-content/uploads/2022/05/windows-server-authentication-fix-update-1536x810.png 1536w" sizes="(max-width: 1920px) 100vw, 1920px" /></p> <p>The updates address the authentication issues and the Microsoft Store app installation issues. The released updates are not distributed via Windows Update, but only available as manual downloads from the Microsoft Update Catalog website.</p> <p><strong>Authentication issues</strong></p> <p>The first issue was experienced after installing the May 2022 updates on domain controllers. Some administrators noted a rise in authentication failures on the server or client for services, including Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP).</p> <p>Microsoft discovered that the issue affected how domain controllers handled the mapping of certificates to machine accounts. The company published a workaround for the issue shortly after confirming it on its <a href="https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-20h2#2826msgdesc" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Docs website</a>. Administrators should map certificates manually to machine accounts in Active Directory to resolve the issue. While other mitigations were published, all "might lower or disable security hardening" and were therefore not recommended.</p> <p><strong>Microsoft Store apps installation failures</strong></p> <p>On some devices, installation of Microsoft Store applications might fail with the error code 0xC002001B after installation of the May 2022 updates. Some installed applications might fail to open as well.</p> <p>The issue happened on devices with Control-flow Enforcement Technology processors according to Microsoft.</p> <p>Additional details are available on <a href="https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-21h2#2830msgdesc" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Microsoft's Docs</a> website.</p> <p><strong>Out-of-band-updates are available</strong></p> <p>Microsoft has released out-of-band updates for affected Windows Server versions. Cumulative updates are available for the Windows Server versions 2016, 2019, 2022 and 20H2:</p> <ul> <li>Windows Server 2022: <a href="https://support.microsoft.com/help/5015013" target="_blank" rel="noopener noreferrer external" data-linktype="external" data-wpel-link="external">KB5015013</a> and <a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB5015013" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Update Catalog</a> download.</li> <li>Windows Server, version 20H2: <a href="https://support.microsoft.com/help/5015020" target="_blank" rel="noopener noreferrer external" data-linktype="external" data-wpel-link="external">KB5015020</a> and <a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB5015020" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Update Catalog</a> download.</li> <li>Windows Server 2019: <a href="https://support.microsoft.com/help/5015018" target="_blank" rel="noopener noreferrer external" data-linktype="external" data-wpel-link="external">KB5015018</a> and <a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB5015018" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Update Catalog</a> download.</li> <li>Windows Server 2016: <a href="https://support.microsoft.com/help/5015019" target="_blank" rel="noopener noreferrer external" data-linktype="external" data-wpel-link="external">KB5015019</a> and <a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB5015019" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Update Catalog</a> download.</li> </ul> <p>These can be installed directly as they are cumulative in nature and include previous updates that may not have been released yet.</p> <p>The Windows Server versions 2008 R2 SP1, 2008 SP2, 2012 and 2012 R2 may be updated using standalone updates instead:</p> <ul> <li>Windows Server 2012 R2: <a href="https://support.microsoft.com/help/5014986" target="_blank" rel="noopener noreferrer external" data-linktype="external" data-wpel-link="external">KB5014986</a> and <a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB5014986" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Update Catalog</a> download.</li> <li>Windows Server 2012: <a href="https://support.microsoft.com/help/5014991" target="_blank" rel="noopener noreferrer external" data-linktype="external" data-wpel-link="external">KB5014991</a> and <a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB5014991" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Update Catalog</a> download</li> <li>Windows Server 2008 R2 SP1: <a href="https://support.microsoft.com/help/5014987" target="_blank" rel="noopener noreferrer external" data-linktype="external" data-wpel-link="external">KB5014987</a> and <a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB5014987" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Update Catalog</a> download</li> <li>Windows Server 2008 SP2: <a href="https://support.microsoft.com/help/5014990" target="_blank" rel="noopener noreferrer external" data-linktype="external" data-wpel-link="external">KB5014990</a> and <a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB5014990" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Update Catalog</a> download</li> </ul> <p>Microsoft notes that installation of the standalone updates differs depending on whether monthly-rollup updates or security-only updates are installed on machines.</p> <p>On machines with security-only updates, the standalone updates can be installed directly. On monthly-rollup updates, it is required to install the standalone update and the monthly-rollup update released on May 10, 2022.</p> <p>A restart may be required to complete the update installation.</p> <p><strong>Now You</strong>: did you install the May 2022 updates already?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/20/windows-server-out-of-band-update-addressing-authentication-issues-released/" data-wpel-link="internal">Windows Server out-of-band update addressing authentication issues released</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  19. Windows 11 now available for all compatible devices according to Microsoft

    2022-05-19 11:13:41 UTC

    The release version of Microsoft's Windows 11 operating system is now available for all compatible devices according to Microsoft. The designation for broad deployment is an important milestone, as it is used […]

    Thank you for being a Ghacks reader. The post Windows 11 now available for all compatible devices according to Microsoft appeared first on gHacks Technology News.

    <p>The release version of Microsoft's Windows 11 operating system is now available for all compatible devices according to Microsoft. The designation for broad deployment is an important milestone, as it is used by organizations to determine the readiness of the operating system for broader deployment on devices.</p> <p><img class="alignnone size-full wp-image-175157" src="https://www.ghacks.net/wp-content/uploads/2021/11/Windows-11-pc-health-check-requirements.jpg" alt="Windows 11 pc health check requirements" width="918" height="653" /></p> <p>The Windows release health dashboard for Windows 11 version 21H2 <a href="https://docs.microsoft.com/en-us/windows/release-health/status-windows-11-21h2" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">reveals</a> the status change.</p> <blockquote><p>Current status as of May 17, 2022 (PT)</p> <p>Windows 11 is designated for broad deployment.</p></blockquote> <p>The original version of Windows 11,version 21H2, <a href="https://www.ghacks.net/2021/08/31/windows-11s-release-date-is-october-5-2021/" data-wpel-link="internal">was released on October 5, 2021</a> to the public.  The staged rollout used machine learning and algorithms to offer the upgrade to the Windows 10 devices that were considered the most compatible with the new version.</p> <p>Microsoft increased the roll out speed and announced in January 2022 that Windows 11 would be offered as an <a href="https://www.ghacks.net/2022/01/27/windows-11-will-be-offered-to-all-eligible-pcs-ahead-of-schedule/" data-wpel-link="internal">upgrade to all eligible devices ahead of schedule</a>.</p> <p>Windows 10 administrators may use Microsoft's PC Health Check App to find out if a machine is compatible with Windows 11. Another option is to open the Windows Update section of the Settings application to run a manual check for updates. Windows Update will either return that the PC is not compatible with Windows 11, or offer the upgrade instead.</p> <p><a href="https://www.ghacks.net/2021/07/08/no-direct-upgrade-path-from-windows-7-or-8-1-to-windows-11/" data-wpel-link="internal">There is no direct upgrade path from Windows 7 or Windows 8 devices</a>. It is possible to chain updates, first to Windows 10 and then to Windows 11.</p> <p>Windows 11's rollout appears to have slowed down a bit in recent months. While data from third-party tracking companies is not very accurate, it may highlight trends. Ad Duplex, for example, <a href="https://www.ghacks.net/2022/03/31/adduplex-windows-11s-usage-share-rise-slowed-down-to-a-crawl-in-march-2022/" data-wpel-link="internal">saw a slow down of adoption</a> from March 2022 on.</p> <p>Microsoft does not release specific market share information about Windows products, and it is unclear by how much the modified system requirements are <a href="https://www.ghacks.net/2022/01/30/what-happens-to-all-the-windows-10-devices-that-are-incompatible-with-windows-11-in-2025/" data-wpel-link="internal">limiting adoption of the Windows 11 operating system</a>.</p> <h2>Windows 11 version 22H2</h2> <p>Windows 11 version 22H2, the first feature update for Windows 11, is expected to reach RTM status in the coming week. The new feature update is several months away from being released via Windows Update and other update services. First devices with the new version are expected to be released at the end of 2022.</p> <p>Some administrators may prefer to wait for the release of Windows 11 version 22H2 before they run the upgrade. The initial version of Windows 11 is supported until 2024, as Microsoft extended the support range of future Windows 10 and 11 devices when it switched to a <a href="https://www.ghacks.net/2021/07/05/windows-11-one-feature-update-per-year-and-longer-support-cycles/" data-wpel-link="internal">one feature update per year release cycle</a>.</p> <p><strong>Now You:</strong> did you upgrade to Windows 11?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/19/windows-11-now-available-for-all-compatible-devices-according-to-microsoft/" data-wpel-link="internal">Windows 11 now available for all compatible devices according to Microsoft</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  20. Windows 11 Insider Preview Build 25120 introduces a search bar on the desktop

    2022-05-19 08:10:09 UTC

    Microsoft has released Windows 11 Insider Preview Build 25120 to users in the Dev Channel. It introduces a search bar on the desktop What's new in Windows 11 Insider Preview Build 25120 […]

    Thank you for being a Ghacks reader. The post Windows 11 Insider Preview Build 25120 introduces a search bar on the desktop appeared first on gHacks Technology News.

    <p>Microsoft has released Windows 11 Insider Preview Build 25120 to users in the Dev Channel. It introduces a search bar on the desktop</p> <p><img class="alignnone size-full wp-image-178668" src="https://www.ghacks.net/wp-content/uploads/2022/05/Windows-11-Insider-Preview-Build-25120-introduces-a-search-bar-on-the-desktop.jpg" alt="Windows 11 Insider Preview Build 25120 introduces a search bar on the desktop" width="1200" height="675" /></p> <h3><strong>What's new in Windows 11 Insider Preview Build 25120</strong></h3> <p>The Redmond company is calling it a "lightweight interactive content". Why not call it what it is, that is a desktop widget. You will need to reboot the computer after installing the update to trigger the search bar. Users can paste a URL in it, or type in their query to perform a web search via Bing (via Microsoft Edge?)</p> <p>Image credit: Microsoft.</p> <p>Microsoft says that the search bar isn't available for everyone just yet, as it is being A/B tested. The search widget may be rolled out on a wider scale if it receives positive feedback from users. I'm not a fan of the giant Bing search bar, but does this mean more desktop widgets are on the way? I miss the Windows 7 gadgets, they were really cool.</p> <h4><strong>How to disable the desktop search bar in Windows 11</strong></h4> <p>Not a fan of the new search bar on the desktop? You can remove the widget quite easily. Right-click on the desktop, select "Show more options", and click on the "Show Search" option to toggle it.</p> <p>Microsoft is offering Build 25120 for ARM64 devices.</p> <h4><strong>Fixes in Windows 11 Insider Preview Build 25120</strong></h4> <p>The <a href="https://www.ghacks.net/2022/05/12/we-take-a-closer-look-at-suggested-actions-in-windows-11-and-show-you-how-to-disable-it/" target="_blank" rel="noopener" data-wpel-link="internal">Suggested Actions</a> feature which debuted a week ago, in <a href="https://www.ghacks.net/2022/05/12/first-windows-11-version-23h2-build-released-with-suggested-actions-feature/" target="_blank" rel="noopener" data-wpel-link="internal">Build 25115</a>, has been updated to support more date and time formats. It should now work more reliably. Viewing the battery usage graph will no longer crash the Settings app. The Wi-Fi section in the Quick Settings panel is faster to display available wireless networks. Text on the Task Manager's performance page is now readable when a contrast theme is active. Windows Update will not stall or roll back updates for users who have WSA enabled on their computer.</p> <h4><strong>Known issues in Windows Insider Preview Build 25120</strong></h4> <p>Games that use Easy Anti-Cheat may crash or cause a blue screen of death on your PC, with a bug check. The issues related to Live Captions which were present in the previous build remain unfixed in the current build. You can read the <a href="https://blogs.windows.com/windows-insider/2022/05/18/announcing-windows-11-insider-preview-build-25120/" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">announcement</a> article at the Windows Insider Blog, for more details.</p> <p>My Windows Update got stuck at 99% downloaded, and wouldn't progress. I didn't have WSA enabled. A <a href="https://old.reddit.com/r/windowsinsiders/comments/uf657b/unable_to_update_to_the_latest_beta_insider_build/" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">few others</a> seem to have had this issue. I also had an Update Stack Package version 922.415.111.0 failing to install with an error code 0xc4800010. The issue is, this stack update had been installed successfully in the last week of April, but Windows 11 wanted to re-download it, and failed every time it tried to install it. I'm not sure about this, but the stack update bug may have corrupted the Windows Update files, which maybe why the Build update wouldn't get past 99%.</p> <p>This had been happening for the last few Insider Builds, but usually I got around it by restarting the VM and checking for updates again, running Disk Cleanup to delete the update files, or by resetting the Windows Update components. None of these steps fixed my issue in the last build, I even deleted the SoftwareDistribution and Catroot2 folders, but ended up upgrading the OS manually using an ISO that I downloaded from <a href="https://uupdump.net/" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">UUdump</a>.</p> <p>The same issue occurred today with Build 25120, so I clean installed it using the previous build's ISO, after which the VM was able to download the Build 25120 update and install it. If you're facing similar issues, you can download the current build's ISO directly from <a href="https://www.microsoft.com/en-us/software-download/windowsinsiderpreviewiso" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">Microsoft</a>, take a backup of your data, and clean install the operating system.</p> <p>Do you like the new search widget?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/19/windows-11-insider-preview-build-25120-brings-a-search-bar-widget-on-the-desktop/" data-wpel-link="internal">Windows 11 Insider Preview Build 25120 introduces a search bar on the desktop</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  21. Mozilla expects to launch extensions Manifest V3 support in Firefox in late 2022

    2022-05-19 06:06:55 UTC

    Mozilla plans to introduce support for the extensions Manifest V3 in the organization's Firefox web browser in late 2022. Preview versions are already available in development editions of the web browser. While […]

    Thank you for being a Ghacks reader. The post Mozilla expects to launch extensions Manifest V3 support in Firefox in late 2022 appeared first on gHacks Technology News.

    <p>Mozilla plans to introduce support for the extensions Manifest V3 in the organization's Firefox web browser in late 2022. Preview versions are already available in development editions of the web browser.</p> <p><img class="alignnone size-full wp-image-178665" src="https://www.ghacks.net/wp-content/uploads/2022/05/firefox-enable-manifest-v3.png" alt="firefox enable manifest v3" width="1972" height="715" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/firefox-enable-manifest-v3.png 1972w, https://www.ghacks.net/wp-content/uploads/2022/05/firefox-enable-manifest-v3-1536x557.png 1536w" sizes="(max-width: 1972px) 100vw, 1972px" /></p> <p>While Mozilla plans to introduce support for Manifest V3 in Firefox, it won't remove support for APIs that are essential to privacy extensions. Content blockers and other privacy extensions will continue to function in Firefox as before, provided that developers continue to support them.</p> <p>Manifest V3 defines APIs and the capabilities of browser extensions. Google announced the new version of the manifest in early 2019 and revealed that Chrome extensions would have to be updated eventually to remain available for users of the Chrome browser.</p> <p>The initial version of the draft was discussed controversially. <a href="https://www.ghacks.net/2019/01/22/chrome-extension-manifest-v3-could-end-ublock-origin-for-chrome/" data-wpel-link="internal">Developers voiced concern</a> over some of the planned changes, as they would limit privacy-focused extensions such as content blockers from working properly. Google made some concessions to developers but continued its work on introducing the new capabilities and removing the old. The company landed Manifest V3 support in <a href="https://www.ghacks.net/2019/11/13/google-implements-controversial-manifest-v3-in-chrome-canary-80/" data-wpel-link="internal">Chrome Canary 80</a> and in <a href="https://www.ghacks.net/2020/12/11/google-enables-controversial-extension-manifest-v3-in-chrome-88-beta/" data-wpel-link="internal">Chrome Beta 88</a>.</p> <h2>Firefox extensions won't be limited by Manifest V3</h2> <p><a href="https://www.ghacks.net/2019/09/03/mozilla-wont-follow-google-in-limiting-apis-in-coming-extensions-manifest-v3/" data-wpel-link="internal">Mozilla announced in 2019</a> that it would implement support for Manifest V3 in Firefox but would make adjustments to certain limitations. A <a href="https://blog.mozilla.org/addons/2022/05/18/manifest-v3-in-firefox-recap-next-steps/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">new blog post</a> on the Mozilla Add-ons Community blog sheds light on the adoption and the differences between Mozilla's and Google's implementation.</p> <p>The decision to remove the blocking part of the WebRequest API and to replace it with the limiting declarativeNetRequest API was at the center of the controversy. Mozilla notes that the new API limits "capabilities of certain types of privacy extensions without adequate replacement".</p> <p>Mozilla will keep the WebRequest API in Firefox to make sure that privacy extensions are not limited in providing the functionality they are designed for. The organization will implement the declarativeNetRequest API for compatibility reasons according to the blog post.</p> <p>Mozilla will "continue to work with content blockers and other key consumers of this API to identify current and future alternatives where appropriate".</p> <p>Firefox will also support Event Pages in Manifest V3 and introduce support for Service Workers in future releases.</p> <p><strong>Developer </strong><b>Preview</b></p> <p>Developers may turn on the preview in the following way in current development editions of the browser:</p> <ol> <li>Load about:config in the web browser's address bar.</li> <li>Confirm that you will be careful.</li> <li>Search for extensions.manifestV3.enabled and set the preference to TRUE with a click on the toggle.</li> <li>Search for xpinstall.signatures.required and set the preference to FALSE.</li> <li>Restart Firefox.</li> </ol> <p>Extensions may then be installed via about:debugging. Permanent installation of Manifest V3 extensions is possible in Nightly and Developer editions of the Firefox web browser. The implementation is not complete at the time of writing.</p> <p><strong>Now You:</strong> what is your take on Mozilla's decision?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/19/mozilla-expects-to-launch-extensions-manifest-v3-support-in-firefox-in-late-2022/" data-wpel-link="internal">Mozilla expects to launch extensions Manifest V3 support in Firefox in late 2022</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  22. Google forces Total Commander developer to remove the ability to install APKs on Android devices

    2022-05-19 05:13:25 UTC

    Total Commander for Android no longer allows you to install APKs that you downloaded. The popular file manager boasts a cult following among the PC and Android users. Total Commander for Android […]

    Thank you for being a Ghacks reader. The post Google forces Total Commander developer to remove the ability to install APKs on Android devices appeared first on gHacks Technology News.

    <p>Total Commander for Android no longer allows you to install APKs that you downloaded. The popular file manager boasts a cult following among the PC and Android users.</p> <h3><img class="alignnone size-full wp-image-178659" src="https://www.ghacks.net/wp-content/uploads/2022/05/Total-Commander-for-Android-removes-option-to-install-APK-files.jpg" alt="Total Commander for Android removes option to install APK files" width="958" height="869" /><br /> <strong>Total Commander for Android removes the ability to install APKs</strong></h3> <p>Here's what happened. Christian Ghisler, the developer of Total Commander, has <a href="https://www.ghisler.ch/board/viewtopic.php?t=76643" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">revealed</a> that Google sent him a warning that his app would be removed from the Play Store within 7 days unless he modified his app. What was the offense? The app was reportedly not compliant with the Device and Network Abuse policy.</p> <p>The policy forbids apps from modifying, replacing or updating itself from any other source except the Play Store. It also restricts apps from downloading other apps from third-party sources. Google claimed that Total Commander was violating this policy. The developer blocked the installation of Total Commander, so it can't update itself via its own APK (when the user downloads it from elsewhere), but Google sent a second warning with the same wording. A third warning will remove the app from the Play Store altogether, as has happened to other developers.</p> <p>Ghisler tried reaching to Google to appeal the decision, but was unable to reach a real person at the company. The irony is that Android's stock Files app, Google Chrome allow installation of APKs, as do all third-party file manager apps and browsers. That's why the restriction posed on Total Commander feels unfair. It's just Google being Google.</p> <h4><strong>How is Total Commander responsible for what the user does?</strong></h4> <p>It is up to the user to choose what apps they download, where they download it from, and to install them on their devices. Total Commander plays a very small role in this scenario, particularly in the third step, it just enables the user to install the apps that they have downloaded. The file manager does not have the ability to browse the internet, let alone download APKs.</p> <p>One user suggested the issue could have been caused by the Plugins page in the app. Total Commander for Android supports plugins, which can be downloaded from the Play Store. The file manager app has an "add plugins" option that lists the plugins, with the word "Install" next to them. Tapping these leads to the plugin's Play Store page. It is possible that Google misunderstood these options, and perceived it as downloading third party apps, and issued the warning to the developer.</p> <p><img class="alignnone size-full wp-image-178658" src="https://www.ghacks.net/wp-content/uploads/2022/05/Google-forces-Total-Commander-developer-to-remove-the-ability-to-install-APKs-on-Android-devices.jpg" alt="Google forces Total Commander developer to remove the ability to install APKs on Android devices" width="1200" height="889" /></p> <h4><strong>Future of Total Commander for Android</strong></h4> <p>Ghisler has removed the options to download the plugins from the <a href="https://play.google.com/store/apps/details?id=com.ghisler.android.TotalCommander" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">Play Store version</a> of Total Commander, but it seems to be to no avail. The developer points out that removing the ability to install APKs could result in a lot of negative opinions, i.e., 1-star reviews, and that this could hurt the reputation of the app. As a result, he may be forced to remove the app from the Google Play Store entirely.</p> <p>All is not lost, as Ghisler has released a standalone version of Total Commander that allows installation of APK files. The unrestricted version of the app is <a href="https://www.ghisler.ch/board/viewtopic.php?t=76644" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">available</a> for download on the official website.</p> <p>The EU is set to enforce the Digital Markets Act (DMA) in 2023, which will force Apple to allow installation of iOS apps from third-party sources. Being able to customize the user experience is Android's strongest point, this includes the freedom to download and install apps from wherever we want, but Google seems to be heading in the opposite direction by banning APK installs in Total Commander.</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/19/google-forces-total-commander-removes-the-ability-to-install-apks/" data-wpel-link="internal">Google forces Total Commander developer to remove the ability to install APKs on Android devices</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  23. FairEmail developer calls it quits and pulls apps from Google Play

    2022-05-19 04:54:54 UTC

    The developer of the open source email client FairEmail pulled all of his applications from Google Play and announced that he would stop development. FairEmail was a popular email client for Google's […]

    Thank you for being a Ghacks reader. The post FairEmail developer calls it quits and pulls apps from Google Play appeared first on gHacks Technology News.

    <p>The developer of the open source email client FairEmail pulled all of his applications from Google Play and announced that he would stop development.</p> <p><img class="alignnone size-full wp-image-178661" src="https://www.ghacks.net/wp-content/uploads/2022/05/fairemail-google-android.png" alt="fairemail google android" width="2220" height="1140" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/fairemail-google-android.png 2220w, https://www.ghacks.net/wp-content/uploads/2022/05/fairemail-google-android-1536x789.png 1536w, https://www.ghacks.net/wp-content/uploads/2022/05/fairemail-google-android-2048x1052.png 2048w" sizes="(max-width: 2220px) 100vw, 2220px" /></p> <p>FairEmail was a popular email client for Google's Android operating system that was free to use. It was privacy-friendly, had no limitations in regards to email accounts that users could set up in the app, supported unified inbox, conversation threading, two-way synchronizing, support for OpenPGP, and a lot more.</p> <p>Marcel Bokhorst, the developer of the application, announced major changes to the project yesterday on <a href="https://forum.xda-developers.com/t/closed-app-5-0-fairemail-fully-featured-open-source-privacy-oriented-email-app.3824168/page-1087#post-86909365" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">XDA Developers</a>. According to the thread on the forum, Bokhorst pulled all of his applications from the Google Play store and announced that he would stop supporting and maintaining them.</p> <p>Earlier that week, Bokhorst received a policy violation email from Google stating that Google believed that the FairEmail application was spyware. The full statement has not been published, but Bokhorst believes that Google might have misinterpreted the use of favicons in the app. He resubmitted a new version of the application that had the use of favicons removed.</p> <p>The appeal he received as a response "resulted in a standard answer". While the content of the answer is unclear, it appears to have been a generic answer that Google Play Store developers have been frustrated with for a long time.</p> <p>Bokhorst decided to pull the application and all of his other applications from the Google Play Store. The apps won't be maintained and supported anymore according to the info.</p> <p>Other factors played a role in Bokhorst's decision, including the discrepancy between answering thousands of support questions per month and the application's revenue, and the inability to do something against unfair reviews in the Google Play Store.</p> <p>He considered keeping the applications on GitHub, but this would result in an 98% loss of audience.</p> <p>The GitHub repositories <a href="https://github.com/M66B/FairEmail" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">are still available</a> but archived. Users may still download the latest release from the repository and install it on their devices. The unsupported apps will continue to work but there won't be any future updates anymore. Eventually, the apps may stop working altogether.</p> <p>The application could get forked and another developer could take over development of the application. Whether that is a realistic scenario remains to be seen, considering that the Google Play Store policy violation is still looming over the app.</p> <h3>Closing Words</h3> <p>FairEmail users may continue using the application for the foreseeable future, even with it pulled from Google Play. FairEmail's developer is not the first who experienced the often unfriendly nature of the Google Play Store policy violation restoration process.</p> <p>If you're looking for an alternative email client, you can try <a href="https://k9mail.app/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">K-9 Mail</a>, it is also open source.</p> <p>It is not a good day for Android apps, <a href="https://www.ghacks.net/2022/05/19/google-forces-total-commander-removes-the-ability-to-install-apks/" data-wpel-link="internal">Total Commander's developer was forced by Google</a> to remove the ability to install APKs from the File Manager.</p> <p><strong>Now You:</strong> did you use FairEmail?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/19/fairemail-developer-calls-it-quits-and-pulls-apps-from-google-play/" data-wpel-link="internal">FairEmail developer calls it quits and pulls apps from Google Play</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  24. Thunderbird 102: support for multiple active spell checking dictionaries

    2022-05-18 17:15:05 UTC

    The open source email client Thunderbird will soon support multiple active spell checking dictionaries. Planned for Thunderbird 102, the feature enables users to have Thunderbird check for spelling mistakes using multiple dictionaries […]

    Thank you for being a Ghacks reader. The post Thunderbird 102: support for multiple active spell checking dictionaries appeared first on gHacks Technology News.

    <p>The open source email client Thunderbird will soon support multiple active spell checking dictionaries. Planned for Thunderbird 102, the feature enables users to have Thunderbird check for spelling mistakes using multiple dictionaries when composing messages.</p> <p><img class="alignnone size-full wp-image-178654" src="https://www.ghacks.net/wp-content/uploads/2022/05/thunderbird-email-spell-checking.png" alt="thunderbird email spell checking" width="1922" height="1082" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/thunderbird-email-spell-checking.png 1922w, https://www.ghacks.net/wp-content/uploads/2022/05/thunderbird-email-spell-checking-1536x865.png 1536w" sizes="(max-width: 1922px) 100vw, 1922px" /></p> <p>Thunderbird users who speak multiple languages may have had spell checking difficulties in the past. Current versions of the email client support one active language only at a time, and that meant that users either had to switch languages regularly or compose emails without spell checking.</p> <p>Switching required the selection of Options &gt; Check Spelling, or using the shortcut Ctrl-Shift-P, to open the spell checking window. The language menu listed all available spell checking languages, and the selection of a language switched the spell checker to that language.</p> <p>Thunderbird includes a single language by default, but users may install new language dictionaries as extensions. The Dictionaries &amp; Language Packs page on the <a href="https://addons.thunderbird.net/en-us/thunderbird/language-tools/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">official Thunderbird add-ons</a> website lists all available options. Once a dictionary is installed, it becomes available under language in the spell checking window of the email client.</p> <p>While the checking of multiple languages is the prime purpose of adding multi active dictionary support to Thunderbird, there are other use cases. Some users may want to add dictionaries with dialects to Thunderbird, or dictionaries that use a distinct vocabulary that may not be found in regular language dictionaries.</p> <p>Whatever the reason, starting in Thunderbird 102, users of the email client will have the option to use them all at the same time when using the email client.</p> <p>Thunderbird, which shares code with the Firefox web browser, follows the browser, which introduced support for multiple active spell checking dictionaries <a href="https://www.ghacks.net/2022/05/03/mozilla-releases-firefox-100-here-is-what-is-new/" data-wpel-link="internal">in the Firefox 100 release</a>.</p> <p>Thunderbird users may check out <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1761221" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">bug 1761221</a> to learn more about the implementation.</p> <p><a href="https://www.ghacks.net/2022/03/29/thunderbird-102-next-major-release-of-the-open-source-email-client/" data-wpel-link="internal">Thunderbird 102 is a major new release</a> that will include several new features and improvements,<a href="https://www.ghacks.net/2022/05/12/thunderbird-102-to-include-an-improved-import-tool/" data-wpel-link="internal"> including improved importing of data from select clients</a>.</p> <p>The stable version of Thunderbird 102 is expected to be released in late June or early July 2022. Users interested in testing the functionality may check out the Daily versions of the email client, which includes all the changes for testing purposes already.</p> <p><strong>Now You</strong>: have a favorite Thunderbird 102 feature or thing something is missing?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/18/thunderbird-102-support-for-multiple-active-spell-checking-dictionaries/" data-wpel-link="internal">Thunderbird 102: support for multiple active spell checking dictionaries</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  25. Skiff Mail is a new end-to-end encrypted email service, but should you use it?

    2022-05-18 15:55:17 UTC

    Skiff Mail has been launched to the public, it is a new end-to-end encrypted email service provider. The company says that it focuses on protecting the privacy of its users. The service […]

    Thank you for being a Ghacks reader. The post Skiff Mail is a new end-to-end encrypted email service, but should you use it? appeared first on gHacks Technology News.

    <p>Skiff Mail has been launched to the public, it is a new end-to-end encrypted email service provider. The company says that it focuses on protecting the privacy of its users.</p> <p><img class="alignnone size-full wp-image-178651" src="https://www.ghacks.net/wp-content/uploads/2022/05/Skiff-Mail-is-a-new-end-to-end-encrypted-email-service-but-should-you-use-it.jpg" alt="Skiff Mail is a new end-to-end encrypted email service, but should you use it" width="1200" height="606" /></p> <p>The service is Web3 native, you can visit <a href="https://app.skiff.com/signupMail" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">this page</a> to sign up for a free personal account.</p> <p>Though Skiff Mail's blog post says that users get 10GB of free cloud storage space for signing up for a personal account, the Pricing page which you can access from the settings shows that you only have 1GB of space. Email isn't the only thing that Skiff can do, you can save notes in Markdown format, code blocks, edit and create documents too. You can opt in to store your data on a decentralized server, add email aliases, import documents from Google Drive or directly upload them from your computer. Users have an upload cap of 30MB. One of the features that are highlighted in the <a href="https://skiff.com/blog/mail-launch" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">announcement</a> post, is Skiff's instant search, which can look up results in thousands of files instantly.</p> <p><img class="alignnone size-full wp-image-178649" src="https://www.ghacks.net/wp-content/uploads/2022/05/skiff-mail-free-vs-pro-plans.jpg" alt="skiff mail free vs pro plans" width="784" height="868" /></p> <p>The data associated with your account is synchronized across your devices. Skiff's apps are <a href="https://github.com/skiff-org/skiff-mail" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">open source</a>, you can access the web app from your browser, or install the mobile app on your <a href="https://apps.apple.com/us/app/skiff/id1599795319" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">iOS</a> or <a href="https://play.google.com/store/apps/details?id=com.skiffmobileapp" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">Android</a> device, or the Desktop app on your macOS machine.</p> <p><img class="alignnone size-full wp-image-178650" src="https://www.ghacks.net/wp-content/uploads/2022/05/skiff-mail-settings.jpg" alt="skiff mail settings" width="850" height="857" /></p> <p>While signing up for an account, Skiff Mail will prompt you to save a one-time use recovery key, that you can use to unlock your account if you forget your password. If you lose it, you can't access the account, because of the encryption that the service uses. You may enable 2FA (two-factor authentication) from the settings, to protect your account. New users can sign up for an account using their <a href="https://skiff.com/blog/log-in-with-metamask" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">MetaMask</a> Wallet, and the company says it will soon support Brave Wallet.</p> <p>Skiff Mail has paid plans that you can upgrade to, for more benefits.</p> <h3><strong>Should you use Skiff Mail?</strong></h3> <p>It's always good to see a new encrypted email service provider trying to provide some competition to the rest. But, should you use Skiff Mail? Let's take a look at the service's Privacy Policy, shall we? You may read it <a href="https://app.skiff.org/docs/db93c237-84c2-4b2b-9588-19a7cd2cd45a#tyGksN9rkqbo2uGYASxsA6HVLjUoly/wTYK8tncTto8=" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">here</a>.</p> <p><img class="alignnone size-full wp-image-178648" src="https://www.ghacks.net/wp-content/uploads/2022/05/Skiff-mail-privacy-policy.jpg" alt="Skiff mail privacy policy" width="976" height="860" /></p> <p>Scroll down to the section titled Automatic Data Collection, and you'll see that Skiff Mail's website collects the following information from the user.</p> <ul> <li>IP Address</li> <li>Mac Address</li> <li>Cookie Identifiers</li> <li>Mobile Carrier (Cell Phone Provider)</li> <li>User Settings</li> <li>Browser or Device Information</li> </ul> <p>Collecting the user's settings is perhaps acceptable as are the browser and device info, they are probably related to the cookies stored in the browser, and maybe for compatibility. In addition to the above personal data, Skiff Mail also collects the general location information and approximate location based on your IP address.</p> <p>Not convinced yet? Let's keep reading the privacy policy. Skiff Mail's privacy policy mentions that it will collect other information such as web pages that you visit before, during and after using its services. It will also track the links that you click, the content you interact with, and how often you are active and use the company's services. The company will not respect Do Not Track requests sent by the web browser.</p> <p><img class="alignnone size-full wp-image-178647" src="https://www.ghacks.net/wp-content/uploads/2022/05/Skiff-mail-privacy-policy-2.jpg" alt="Skiff mail privacy policy 2" width="929" height="824" /></p> <p>The Privacy Policy says that all data that Skiff Mail collects is used for providing its services, market and advertise its products to the user, and for its operational purposes. However, the next section in the privacy policy reads that the company will disclose user information to third parties for a variety of business purposes, and this includes sharing the data with their service providers, business partners, advertising partners. And if it were ever to be merged with, or acquired by another company or something like that, your information may be sold or transferred as part of the transaction.</p> <p><img class="alignnone size-full wp-image-178646" src="https://www.ghacks.net/wp-content/uploads/2022/05/Skiff-mail-privacy-policy-3.jpg" alt="Skiff mail privacy policy 3" width="931" height="848" /></p> <p>Though there is a delete account button in the settings, the only way to delete your user information, is to reach out to Skiff Mail via email. And then there are some third-party tools that are used by the company for analytical purposes, and these have their own privacy policies.</p> <p><img class="alignnone size-full wp-image-178645" src="https://www.ghacks.net/wp-content/uploads/2022/05/Skiff-mail-privacy-policy-4.jpg" alt="Skiff mail privacy policy 4" width="955" height="858" /></p> <p>The only thing that Skiff can't access seems to be the contents of your mails, because they are encrypted. But, what good is end-to-end encryption, if a service collects so much data from the user and tracks them? It learns your browsing habits, which is essentially profiling the user. This isn't different from what Facebook and Google do, is it?</p> <p>If you read the privacy policy of other end-to-end encrypted mail services like <a href="https://protonmail.com/privacy-policy" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">ProtonMail</a> and <a href="https://tutanota.com/privacy" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">Tutanota</a>, you won't find such data collection clauses there. And the data they collect are anonymously done, i.e., they don't profile users.</p> <p>What do you think about Skiff Mail's privacy policy?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/18/skiff-mail-end-to-end-encrypted-email-privacy-policy/" data-wpel-link="internal">Skiff Mail is a new end-to-end encrypted email service, but should you use it?</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  26. `Good News: non-business legacy Google G Suite customers may keep their accounts after all

    2022-05-18 04:53:41 UTC

    Google revealed plans to shut down the G Suite legacy free edition in January 2022. The company gave customers only two options at the time: sign-up for a paid plan to continue […]

    Thank you for being a Ghacks reader. The post `Good News: non-business legacy Google G Suite customers may keep their accounts after all appeared first on gHacks Technology News.

    <p><a href="https://www.ghacks.net/2022/01/20/google-ends-the-g-suite-legacy-free-edition-leaving-users-worried/" data-wpel-link="internal">Google revealed plans to shut down the G Suite legacy free edition in January 2022.</a> The company gave customers only two options at the time: sign-up for a paid plan to continue using Google services and their custom emails, or migrate to another service.</p> <p><img class="alignnone size-full wp-image-178637" src="https://www.ghacks.net/wp-content/uploads/2022/05/google-g-suite-legacy.png" alt="google g suite legacy" width="1362" height="1017" /></p> <p>Customers who used the account to make purchases using Google services, e.g., Android apps, music or media, would lose access to their purchases if they would not migrate to Google Workspaces.</p> <p>It appears that Google has had a change of heart so that many customers of the legacy service may continue using it after all. In short: non-business customers may opt-out of the migration to Google Workspaces to continue using the legacy account. Customers who did migrate already need to contact support to reverse the change.</p> <p>Google <a href="https://support.google.com/a/answer/60217?hl=en#zippy=%2Ccan-i-keep-my-g-suite-legacy-free-subscription" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">notes</a> on a support page:</p> <blockquote><p>If you’re using the G Suite legacy free edition for non-commercial purposes, you can opt out of the transition to Google Workspace by clicking here (requires a super administrator account) or going to the Google Admin console. You can continue using your custom domain with Gmail, retain access to no-cost Google services such as Google Drive and Google Meet, and keep your purchases and data.</p></blockquote> <p>There is one caveat: legacy customers need to become active to block Google from migrating the account or terminating it. The deadline for the opt-out is June 27, 2022.</p> <p>Customers who have not migrated to Google Workspaces yet may click <a href="https://admin.google.com/?action_id=SE_SELF_TRANSITION&amp;utm_source=helpcenter" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">on this link</a> to opt-out of the migration to Google Workspaces. A super admin account is required for the opting-out. The option is also available in the Google Admin Console.</p> <p>Customers who migrated already may also go back to the legacy G Suite version, but it is required to contact support in this case. Some users reported that they could only do so if they had a user limit of 5 or less, but this has not been confirmed by Google.</p> <p>Customers who opt-out or manage to restore the legacy account will keep their data and custom email addresses according to Google.</p> <p>G Suite legacy was a free offering from 2006 to 2012. Google did advertise it to individuals and families alike as a way to get use Google services with a custom email address and other perks.  During that time, Google never hinted at the chance that these accounts could become paid accounts in the future.</p> <p>The announcement in January 2022 shocked customers, as Google put them in a tough spot. Either pay business rates for Google Workspaces to keep the account and data, or export the data until August 1, 2022 or lose access to all the data.</p> <p>Google Workspaces plans start at $6 for a single user license, and while that does not sound like much, many G Suite customers did create accounts for their entire family using the service, which can quickly add to the overall expenses. Google offers a 50% discount on the price to customers coming from G Suite legacy.</p> <p>Google did not reveal why it changed its position on the migration. It is possible that the gain in paid subscribers was not as large as expected, that the negative publicity was not worth the monetary gain, or that a higher than expected percentage of customers migrated to other services.</p> <p><strong>Now You</strong>: are you a Google G Suite legacy customers? What is your take on the development?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/18/good-news-non-business-legacy-google-g-suite-customers-may-keep-their-accounts-after-all/" data-wpel-link="internal">`Good News: non-business legacy Google G Suite customers may keep their accounts after all</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  27. Vector Graphics Editor Inkscape 1.2 is now available

    2022-05-17 13:30:52 UTC

    Inkscape is an open source cross-platform vector graphics editor. Inkscape 1.2, released on May 16, 2022, is the first major release of 2022. It includes a large number of changes, including multi-page […]

    Thank you for being a Ghacks reader. The post Vector Graphics Editor Inkscape 1.2 is now available appeared first on gHacks Technology News.

    <p>Inkscape is an open source cross-platform vector graphics editor. Inkscape 1.2, released on May 16, 2022, is the first major release of 2022. It includes a large number of changes, including multi-page support, batch exports, performance improvements and more.</p> <p><img class="alignnone size-full wp-image-178634" src="https://www.ghacks.net/wp-content/uploads/2022/05/inkscape-1.2.png" alt="inkscape 1.2" width="1920" height="1012" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/inkscape-1.2.png 1920w, https://www.ghacks.net/wp-content/uploads/2022/05/inkscape-1.2-1536x810.png 1536w" sizes="(max-width: 1920px) 100vw, 1920px" /></p> <h2>Inkscape 1.2</h2> <p>Inkscape 1.2 is available for Windows, Linux and Mac OS devices. The program is free and open source. Windows users may run into SmartScreen warnings when they run the installer; this is a false positive, likely because the executable file is new.</p> <p>One of the main new features of Inkscape is support for multiple pages. Inkscape users may activate the "new page" icon after selecting the Page Tool in the interface to add pages to the current document.</p> <p>Each page may have different dimensions; the selected dimension is applied automatically to the new page when the button is activated.</p> <p>The application's interface has seen several improvements. Context menus display only items that are available at the time. Items that are not available are no longer grayed out, but removed to help users find actions quicker.</p> <p>The color palette and the Swatches dialog has been overhauled as well in the release. A preview line for the selected color palette is shown now when you switch palettes in the interface. It is now possible to display up to 5 palette rows in the interface.</p> <p>Tools can be hidden from the toolbar under Edit &gt; Preferences &gt; Interface &gt; Toolbars. Another change allows users to change the width of the toolbar.</p> <p>Here are other changes in the new Inkscape release:</p> <ul> <li>Extract images, a command to save images, supports multiple images in Inkscape 1.2.</li> <li>Dithering is used when exporting raster images and displaying gradients on canvas; this is done to reduce gradient banding. Inkscape users may turn Dithering off under Preferences &gt; Rendering &gt; Use dithering.</li> <li>Extensions installed via the Extensions Manager do not require a restart of Inkscape anymore.</li> <li>Panning and Zooming performance improvements, as well as general performance improvements on Mac devices.</li> <li>Page shadows look more realistic.</li> <li>Default color of pages is white, and the default desk color is light gray. This has been done to make the differentiation between what is on and outside of a page easier.</li> <li>Snap bar was replaced with a popover-dialog.</li> <li>Two new on-canvas snapping modes added. The new modes make "aligning and distributing objects a very easy drag-and-drop operation".</li> <li>Size of guide handles is adjustable.</li> <li>The tools pen, pencil, text and tweak tool use the last used style by default.</li> <li>Mass value of the Eraser tool has been increased.</li> <li>Default font unit for Text is pt.</li> <li>Lasso selection has two new features: node deselection and inverted node selection.</li> <li>The layers and objects dialog has been merged.</li> <li>New Tiling Live Path effect.</li> <li>Option to import SVG images from Open Clipart, Wikimedia Commons and other online sources added.</li> </ul> <p>You can check out the <a href="https://media.inkscape.org/media/doc/release_notes/1.2/Inkscape_1.2.html" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">entire release notes here</a>.</p> <p><strong>Closing Words</strong></p> <p>Inkscape 1.2 adds a massive list of features and improvements to the graphics editor.</p> <p><strong>Now You</strong>: which image editors do you use?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/17/vector-graphics-editor-inkscape-1-2-is-now-available/" data-wpel-link="internal">Vector Graphics Editor Inkscape 1.2 is now available</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  28. Apple's new rule allows app subscriptions to be auto-renewed at higher prices without informing the user

    2022-05-17 11:09:04 UTC

    Apple's new App Store rule may not be welcome amongst users. The company has decided to allow app subscriptions to be auto-renewed without requesting the user's permission. There are many apps that […]

    Thank you for being a Ghacks reader. The post Apple's new rule allows app subscriptions to be auto-renewed at higher prices without informing the user appeared first on gHacks Technology News.

    <p>Apple's new App Store rule may not be welcome amongst users. The company has decided to allow app subscriptions to be auto-renewed without requesting the user's permission.</p> <p><img class="alignnone size-full wp-image-178626" src="https://www.ghacks.net/wp-content/uploads/2022/05/Apple-auto-renewing-app-subscriptions.jpg" alt="Apple auto-renewing app subscriptions" width="860" height="861" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/Apple-auto-renewing-app-subscriptions.jpg 860w, https://www.ghacks.net/wp-content/uploads/2022/05/Apple-auto-renewing-app-subscriptions-300x300.jpg 300w" sizes="(max-width: 860px) 100vw, 860px" /></p> <p>There are many apps that require a subscription, Disney+, Amazon Prime, Netflix, Spotify, are just a few of the popular examples. Apple currently requires the user to opt in to any changes made to the subscriptions. When a user does not opt in to the new price, the subscription gets cancelled.</p> <p>Apple claims that this has led to unintentional interruptions of the services, and that the user had to resubscribe to it. That's why it wants to allow auto-renewals for subscriptions, even if the developers have increased the price for it. How hard is it to resubscribe to a service? Is this convenience worth it?</p> <p>For example, maybe you are using a VPN or a streaming service, and they decide to hike the prices. They tried to notify you about the change via email or an app notification banner, but if you ignored those or chose not to opt in to the new terms, the subscription would end after the current plan expires. That seems reasonable, and that's how it should be.</p> <h3><strong>Apple's new rule allows app subscriptions to be auto-renewed at higher prices</strong></h3> <p>Apple's controversial auto-renewal rules come with a couple of caveats. The <a href="https://developer.apple.com/news/?id=tpgp89cl&amp;1652741582" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">announcement</a> reveals that the subscription fee charged by developers cannot be increased more than once per year. If an app wants to raise its fee from $5 a month to $10, and wants to increase it further, it will not be allowed to do so until 12 months have passed since the previous hike.</p> <p>App developers cannot increase the price of auto-renewing subscriptions beyond $5 and 50% of the original fee. E.g. If a subscription that normally costs $20 gets a price creep, it would have to cost less than 50% of the base fee, i.e. &lt; $10. But regular subscriptions have a $5 cap, so the maximum price that it can charge the user would be $20 + $4.99. Technically, all apps with a non-annual subscription would have a $4.99 cap to comply with the new rule, but you'll see why I used the above example in just a bit.</p> <p>Annual subscriptions have a slightly higher ceiling, a price increase for these mustn't exceed $50 and 50% of the subscription fee. That is actually a lot worse, let's say an app's subscription fee is $50 a year. If the developer decides to change its price, they could charge users up to 50% extra (of the base fee). So, the new amount would be $75. That's a significant price increase.</p> <p><img class="alignnone size-full wp-image-178627" src="https://www.ghacks.net/wp-content/uploads/2022/05/Apples-new-rule-allows-app-subscriptions-to-be-auto-renewed-at-higher-prices-without-informing-the-user.jpg" alt="Apple's new rule allows app subscriptions to be auto-renewed at higher prices without informing the user" width="1200" height="898" /></p> <p>Let's take another look at the terms and conditions defined on Apple's <a href="https://help.apple.com/app-store-connect/#/devc9870599e" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">website</a>. It states that the user's content is required if,</p> <blockquote><p>The price increase is: More than 50% of the current price; and</p> <p>The difference in price exceeds approximately $5 United States Dollar (USD) per period for non-annual subscriptions, or $50 USD per year for annual subscriptions.</p></blockquote> <p>The first two clauses are, as <a href="https://www.theverge.com/2022/5/16/23078313/apple-app-store-subscription-price-increase-permission-rules" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">The Verge</a> points out, not very clear. It's the word "and" that's important here. Taking the rules at their face value, an app developer could just raise the prices up to $4.99 for regular subscriptions, or $49.99 for annual subscriptions. That would not violate either of those clauses, hence they don't have to inform you about it. You may not notice the change until you find out your credit card or bank account has been charged a higher fee than normal, and by then you may not be able to get a refund, though this largely depends on the service's terms and conditions, and refund policy.</p> <p>Apple mentions that these conditions would depend on local laws, and I'm pretty sure these would be considered as hidden fees and illegal in some Countries. There are plenty of scammy apps on the App Store that require in-app purchases for useless stuff, these apps could exploit the loopholes in the new rule to earn more money. And given that users may forget to cancel subscriptions, or may not know how to cancel them easily if the option is hidden under various menus or pages, this may prove to be a huge mistake by Apple.</p> <p>If you're using PayPal, you can manage your auto-pay settings, to pause any automatic charges made to your card. Even if you forget that a subscription is coming up, you won't be charged for it, because you blocked it. That can be very useful, but could disrupt services on a rolling payment plan. I also recommend you consult your bank or check the internet banking website, to see if there are ways to block automatic payments, or require additional authorizations for approving the transaction, like a virtual credit card service that can be customized with a maximum spending limit.</p> <p>What do you think about auto-renewals for subscriptions with increased prices? Should they be allowed?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/17/apple-allows-price-increae-for-auto-renewing-subscriptions/" data-wpel-link="internal">Apple&#039;s new rule allows app subscriptions to be auto-renewed at higher prices without informing the user</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  29. Trackers may collect data that you type even before hitting submit

    2022-05-17 09:39:39 UTC

    Many websites come with web forms, for example, to sign-in to an account, create a new account, leave a public comment or contact the website owner. What most Internet users may not […]

    Thank you for being a Ghacks reader. The post Trackers may collect data that you type even before hitting submit appeared first on gHacks Technology News.

    <p>Many websites come with web forms, for example, to sign-in to an account, create a new account, leave a public comment or contact the website owner. What most Internet users may not know is that data that is typed on sites may be collected by third-party trackers, even before the data is sent.</p> <figure id="attachment_178622" aria-describedby="caption-attachment-178622" style="width: 1309px" class="wp-caption alignnone"><img class="wp-image-178622 size-full" src="https://www.ghacks.net/wp-content/uploads/2022/05/form-data-leaks-organization.png" alt="form data leaks organization" width="1309" height="690" /><figcaption id="caption-attachment-178622" class="wp-caption-text">source <a href="https://homes.esat.kuleuven.be/~asenol/leaky-forms/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Leaky Forms</a></figcaption></figure> <p>A research team from KU Leuven, Radboud University and University of Lausanne, analyzed the data collecting of third-party trackers on the top 100K global websites. Results have been <a href="https://homes.esat.kuleuven.be/~asenol/leaky-forms/leaky-forms-usenix-sec22.pdf" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">published</a> in the research paper Leaky Forms: A Study of Email and Password Exfiltration Before Form Submission.</p> <p>Leaked data included personal information, such as the user's email address, names, usernames, messages that were typed into forms and also passwords in 52 occasions. Most users are unaware that third-party scripts, which includes trackers, may collect these kind of information when they type on sites. Even when submitting content, most may expect it to be confidential and not leaked to third-parties. Browsers do not reveal the activity to the user; there is no indication that data is collected by third party scripts.</p> <h2>Results differ based on location</h2> <p>Data collecting differs depending on the user's location. The researchers evaluated the effect of user location by running the tests from locations in the European Union and United States.</p> <p>The number of email leaks was 60% higher for the location in the United States than it was for the location in the European Union. In numbers, emails were leaked on 1844 sites when connecting to the top 100k websites from the European Union and on 2950 sites when connecting to the same set of sites from the United States.</p> <p>The majority of sites, 94.4%, that leaked emails when connecting from the EU location did leak emails when connecting from the US as well.</p> <p>Leakage when using mobile web browsers was slightly lower in both cases. 1745 sites leaked email addresses when using a mobile browser from a location in the European Union, and 2744 sites leaked email addresses from a location in the United States.</p> <p>More than 60% of leaks were identical on desktop and mobile versions according to the research.</p> <blockquote><p>The mobile and desktop websites where emails are leaked to tracker domains overlap substantially but not completely.</p></blockquote> <p>One explanation for the difference is that mobile and desktop crawls did not took place at the same time but with a time difference of one month. Some trackers were found to be active on mobile or desktop sites only.</p> <p>The researchers suggest that stricter privacy European privacy laws play a role in the difference. The GDPR, General Data Protection Regulation, applies when sites and services collect personal data. Organizations that process personal data are responsible for complying with the GDPR.</p> <p>The researchers believe that email exfiltration by third parties "can breach at least three GDPR requirements".</p> <blockquote><p>First, if such exfiltration happens surreptitiously, it violates the transparency principle.</p> <p>Second, if such exfiltration is used for purposes such as behavioral advertising, marketing and online tracking, it also breaches the purpose limitation principle.</p> <p>Third, if the email exfiltration is used for behavioral advertising or online tracking, the GDPR typically requires the website visitor’s prior consent.</p></blockquote> <p>Only 7720 sites in the EU and 5391 sites in the US did display consent popups during connects; that's 7.7% of all EU sites and 5.4% of all US sites.</p> <p>The researchers discovered that the number of sites with leaks decreased by 13% in the US and 0.05% in the EU when rejecting all data processing using consent popups. Most Internet users might expect a reduction by 100% when not giving consent, but this is apparently not the case.  The low decrease in the EU is likely caused by the low number of websites with detected cookie popups and observed leaks.</p> <h2>Site categories, trackers and leaks</h2> <figure id="attachment_178623" aria-describedby="caption-attachment-178623" style="width: 830px" class="wp-caption alignnone"><img class="size-full wp-image-178623" src="https://www.ghacks.net/wp-content/uploads/2022/05/site-categories-with-leaks.png" alt="site categories with leaks" width="830" height="487" /><figcaption id="caption-attachment-178623" class="wp-caption-text">source <a href="https://homes.esat.kuleuven.be/~asenol/leaky-forms/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Leaky Forms</a></figcaption></figure> <p>Sites were added to categories such as fashion/beauty, online shopping, games, public information and pornography by the researchers. Sites in all categories, with the exception of pornography, leaked email addresses according to the researchers.</p> <p>Fashion/Beauty sites leaked data in 11.1% (EU) and 19.0% (US) of all cases, followed by Online shopping with 9.4% (EU) and 15.1% (US), General News  with 6.6% (EU) and 10.2% (US), and Software/Hardware with 4.9% (EU) and Business with 6.1% (US).</p> <p>Many sites embed third-party scripts, usually for advertising purposes or website services. These scripts may track users, for example, to generate profiles to increase advertising revenue.</p> <p>The top sites that leaked email address information were different depending on the location. The top 3 sites for EU visitors were USA Today, Trello and The Independent. For US visitors, they were Issuu, Business Insider, and USA Today.</p> <p>Further analysis of the trackers revealed that a small number of organizations was responsible for the bulk of form data leaking. Values were once again different depending on location.</p> <p>The five organizations that operate the largest number of trackers on sites that leak form data were Taboola, Adobe, FullStory, Awin Inc. and Yandex in the European Union, and LiveRamp, Taboola, Bounce Exchange, Adobe and Awin in the United States.</p> <p>Taboola was found on 327 sites when visiting from the EU, LiveRamp on 524 sites when visiting from the US.</p> <h2>Protection against third-parties that leak form data</h2> <p>Web browsers do not reveal to users if third-party scripts collect data that users input on sites, even before submitting. While most, with the notable exception of Google Chrome, include anti-tracking functionality, it appears that they are not suitable for protecting user data against this form of tracking.</p> <p>The researchers ran a small test using Firefox and Safari to find out of the default anti-tracking functionality blocked data exfiltration on the sample. Both browsers failed to protect user data in the test.</p> <p>Browsers with built-in ad-blocking functionality, such as Brave or Vivaldi, and ad-blocking extensions such as uBlock Origin, offer better protection against data leaking. Users on mobile devices may use browsers that support extensions or include ad-blocking functionality by default.</p> <p>The researchers developed the browser extension LeakInspector. Designed to inform users about sniffing attacks and to block requests that contain personal information, LeakInspector protects users data while active.</p> <p>The extension's source is available on GitHub. The developers could not submit the extension to the Chrome Web Store, as it requires access to features that are only available in Manifest 2. Google accepts Manifest 3 extensions only in its Chrome Web Store. A Firefox extension is being published on the Mozilla Add-ons store for Firefox.</p> <p><strong>Now You</strong>: what is your take on this?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/17/trackers-may-collect-data-that-you-type-even-before-hitting-submit/" data-wpel-link="internal">Trackers may collect data that you type even before hitting submit</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  30. Nvidia releases security update for out-of-support GPUs

    2022-05-17 06:17:40 UTC

    Nvidia published a security bulletin on May 16, 2022 in which it informs customers about a new software security update for the Nvidia GPU display driver. The update patches security issues in […]

    Thank you for being a Ghacks reader. The post Nvidia releases security update for out-of-support GPUs appeared first on gHacks Technology News.

    <p>Nvidia <a href="https://nvidia.custhelp.com/app/answers/detail/a_id/5353#security-updates-for-nvidia-gpu-display-driver" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">published</a> a security bulletin on May 16, 2022 in which it informs customers about a new software security update for the Nvidia GPU display driver. The update patches security issues in earlier driver versions that can lead to "denial of service, information disclosure, or data tampering".</p> <p><img class="alignnone size-full wp-image-178616" src="https://www.ghacks.net/wp-content/uploads/2022/05/nvidia-security-update-kepler.png" alt="nvidia security update kepler" width="1247" height="697" /></p> <p>While it is common for companies to release security updates for their software applications and drivers, it is uncommon to receive updates for products that are not supported anymore.</p> <p>In this particular case, Nvidia released security updates for Kepler-series graphics adapters that it no longer supports officially with Game Ready Drivers.</p> <p>The company retired most products <a href="https://nvidia.custhelp.com/app/answers/detail/a_id/5202" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">belonging</a> to the GTX 600 and GTX 700 Kepler series in 2021. The first Kepler-based video cards were released in 2012 by Nvidia. The full list of</p> <p>Retired products are still usable, but Nvidia won't release Game Ready drivers for these products anymore once they retire. Nvidia did promise to release security updates for the products until 2024 to address security issues in drivers.</p> <p><img class="alignnone size-full wp-image-178617" src="https://www.ghacks.net/wp-content/uploads/2022/05/nvidia-security-update.png" alt="nvidia security update" width="1258" height="719" /></p> <p>The Windows release notes <a href="https://www.nvidia.com/download/driverResults.aspx/189363/en-us" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">highlight</a> that the update has been released for Nvidia products that are no longer supported by Game Ready Drivers.</p> <blockquote><p>NVIDIA has released a software security update display driver for desktop Kepler-series GeForce GPUs which are no longer supported by Game Ready Drivers. This update addresses issues that may lead to multiple security impacts.</p></blockquote> <p>Windows and Linux versions of the drivers are affected according to the security bulletin.</p> <p>The updates can be downloaded from <a href="https://www.nvidia.com/Download/index.aspx" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Nvidia's downloads website</a>. All it takes is to use the drop down menus at the top to display available drivers for the selected product.</p> <p>The security bulletin lists a total of ten vulnerabilities in Nvidia GPU display drivers. Most are vulnerabilities in the kernel mode layer on Windows and Linux devices, while some address security issues in the DirectX11 user mode driver on Windows, or a vulnerability in the ECC layer.</p> <p>Nvidia released driver updates for most supported products as well. Nvidia Studio and Tesla R510 updates are expected in the week of May 23, 2022. All other supported products have received security updates already.</p> <p><strong>Now You</strong>: how frequently do you update drivers on your systems?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/17/nvidia-releases-security-update-for-out-of-support-gpus/" data-wpel-link="internal">Nvidia releases security update for out-of-support GPUs</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  31. 1.5 million apps on Google and Apple's app stores may be removed for not being updated in 2 years

    2022-05-16 15:34:08 UTC

    A few weeks ago, Apple began warning developers that they would be removing apps that haven't been updated in a long time, from the App Store. The Cupertino company is not alone […]

    Thank you for being a Ghacks reader. The post 1.5 million apps on Google and Apple's app stores may be removed for not being updated in 2 years appeared first on gHacks Technology News.

    <p>A few weeks ago, Apple began warning developers that they would be <a href="https://www.ghacks.net/2022/04/25/apple-to-removed-outdated-apps-from-its-app-store/" target="_blank" rel="noopener" data-wpel-link="internal">removing apps</a> that haven't been updated in a long time, from the App Store. The Cupertino company is not alone in doing this, Google does the same for outdated apps on its Play Store.</p> <p><img class="alignnone size-full wp-image-178610" src="https://www.ghacks.net/wp-content/uploads/2022/05/1.5-million-apps-on-Google-and-Apples-app-stores-may-be-removed-for-not-being-updated-in-2-years.jpg" alt="1.5 million apps on Google and Apple's app stores may be removed for not being updated in 2 years" width="868" height="488" /></p> <p>A report by an analyst firm, Pixalate (via <a href="https://www.cnet.com/tech/mobile/one-third-of-apple-and-google-apps-are-so-outdated-they-could-get-removed/" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">CNET</a>), reveals that 84% of the apps which were downloaded over 100 million times from the stores, were those that had received updates in the past six months.</p> <p>So, this raises the question. There are over 5 million apps in total on both storefronts, just how many of these apps could be removed? According to the chart, around 28% of apps on the Google Play Store and Apple App Store are outdated. The term outdated here refers to apps that have not been updated in the last six months, and these number over 1 Million apps.</p> <h3><strong>1.5 million apps on Google and Apple's app stores maybe removed</strong></h3> <p>If you think that is bad, wait till you hear this. The report tells us that there are over 1.5 Million apps on the two app stores, that have not received an update in the past 2 years. These are classified as abandoned apps, i.e, no longer supported by the developer. 31% is no small number, that is nearly one-third of the entire app stores' offerings.</p> <p>Is removing the apps the only solution to this problem? How do they affect the app stores anyway? The problem with outdated apps is they show up on the app stores when users search for them, especially if they were popular at one time. But when a user comes to realize that the app has not been updated in a while, they may choose not to download it. This will result in another search query, possibly for a more up-to-date alternative app. So the outdated apps clutter the store, and the search results without serving any purpose. This explains why both Google and Apple view outdated apps as a nuisance. There are of course other factors that may have contributed to the decision to remove such apps, since they are no longer being worked upon, they could potentially be vulnerable to security issues, or cause other adverse effects.</p> <p>Google's guidelines are clear, it will delist apps that have not been updated over 2 years. If they are hidden from the Play Store's search, new users won't be able to download them. However, the apps may still be accessible from the Library, whether the app would work or not is a different story. Apple's rules concerning outdated apps are slightly harsher. When an app is found to have few downloads in the past 12 months, and hasn't been updated recently, the developer will be warned that their app will be delisted from the App Store. The company will give them a second chance, i.e., to submit an update adhering to the latest standards, <a href="https://www.ghacks.net/2022/05/02/apple-explains-its-app-store-removal-rules-and-update-deadlines/" target="_blank" rel="noopener" data-wpel-link="internal">within 90 days</a>. Failure to comply with this deadline, will result in the app's removal from the app store.</p> <p>Android users have an advantage in that they can sideload an APK quite easily, so if someone really needed an outdated app, there are other ways to obtain it. Apple users don't have that freedom, but things could change when the European Union enforces the <a href="https://www.ghacks.net/2022/05/09/eu-says-digital-markets-act-is-coming-in-spring-2023/" target="_blank" rel="noopener" data-wpel-link="internal">Digital Markets Act</a> (DMA) next year, to allow installation of apps from third-party sources.</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/16/1-5-million-apps-on-google-and-apples-app-stores-may-be-removed-for-not-being-updated-in-2-years/" data-wpel-link="internal">1.5 million apps on Google and Apple&#039;s app stores may be removed for not being updated in 2 years</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  32. DottedSign is a powerful E-Signature solution for individuals and organizations

    2022-05-16 11:52:51 UTC

    DottedSign is a versatile E-Signature solution for the web and mobile devices that is available for individuals and organizations alike.  It is a comprehensive E-Signature solution that enables home users and professionals […]

    Thank you for being a Ghacks reader. The post DottedSign is a powerful E-Signature solution for individuals and organizations appeared first on gHacks Technology News.

    <p><a href="https://www.dottedsign.com?utm_source=PR&amp;utm_campaign=PR_202205_gHacks_review_website&amp;utm_medium=gHacks" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">DottedSign</a> is a versatile E-Signature solution for the web and mobile devices that is available for individuals and organizations alike.  It is a comprehensive E-Signature solution that enables home users and professionals to sign documents, collect signatures from others, and manage the signing process across different platforms.</p> <p><img class="alignnone size-full wp-image-178588" src="https://www.ghacks.net/wp-content/uploads/2022/05/1-scaled.jpg" alt="" width="1200" height="675" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/1-scaled.jpg 1200w, https://www.ghacks.net/wp-content/uploads/2022/05/1-1536x864.jpg 1536w, https://www.ghacks.net/wp-content/uploads/2022/05/1-2048x1152.jpg 2048w" sizes="(max-width: 1200px) 100vw, 1200px" /></p> <p>Signing documents electronically should not be more complicated than signing documents with pen and paper. In fact, E-Signatures offer several advantages over their paper and pen counterparts, including that they are cost-effective, faster and easier to manage. DottedSign offers all these advantages and more to home and business customers.</p> <p><img class="alignnone size-full wp-image-178589" src="https://www.ghacks.net/wp-content/uploads/2022/05/2-scaled.jpg" alt="" width="1200" height="675" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/2-scaled.jpg 1200w, https://www.ghacks.net/wp-content/uploads/2022/05/2-1536x864.jpg 1536w, https://www.ghacks.net/wp-content/uploads/2022/05/2-2048x1152.jpg 2048w" sizes="(max-width: 1200px) 100vw, 1200px" /></p> <p>DottedSign published a whitepaper <a href="https://www.dottedsign.com/resources/paperless-revolution-through-e-signatures?utm_source=PR&amp;utm_campaign=PR_202205_gHacks_review_whitepaper&amp;utm_medium=gHacks”" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">The Paperless Revolution: Cutting Costs, Churn and Effort through E-Signatures</a>, which is available for free. It highlights the advantages of E-Signature solutions and their best practices.</p> <p>Remote work has seen a surge in recent years and digital solutions that make the remote workforce more productive are high in demand. Covid-19 has accelerated the transformation toward paperless remote offices, and E-Signature solutions play a large part in the transformation as they speed up the signing process significantly and improve manageability.</p> <p><span style="font-weight: 400;">DottedSign allows users to sign across mobile devices and desktop remotely, anytime and anywhere.</span><span style="font-weight: 400;"> This strong advantage has given DottedSign the edge over other free signing tools that are restricted to a single platform. Moreover, DottedSign supports in-person signing when meeting clients or business partners face-to-face. In a nutshell, DottedSign simplifies the process of signing documents, reducing the wait time and operational costs such as printing and delivery. </span></p> <p>You can start with the <a href="https://www.dottedsign.com/pricing?utm_source=PR&amp;utm_campaign=PR_202205_gHacks_review_PricingPage&amp;utm_medium=gHacks" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">free plan</a> right away. Or you can get a free trial to any DottedSign advanced subscription and fully experience DottedSign before committing.</p> <h2><b>E-Signature Management with DottedSign</b></h2> <p><img class="alignnone size-full wp-image-178603" src="https://www.ghacks.net/wp-content/uploads/2022/05/3-scaled.jpg" alt="" width="1200" height="675" /></p> <h3>The EASIEST way to complete your E-Signing process!</h3> <p>One of the many strong suites of DottedSign is its streamlined and efficient signing process. In fact, it only takes a few steps to create a new signing task: upload the document that you want to sign, assign input fields to one or multiple signers, and send the information to the signers. Additional options, such as the ability to create custom messages to recipients, and options to set expiry dates and auto-reminders are also available comfortably.<img class="alignnone size-full wp-image-178590" src="https://www.ghacks.net/wp-content/uploads/2022/05/4-scaled.jpg" alt="" width="1200" height="675" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/4-scaled.jpg 1200w, https://www.ghacks.net/wp-content/uploads/2022/05/4-1536x864.jpg 1536w, https://www.ghacks.net/wp-content/uploads/2022/05/4-2048x1152.jpg 2048w" sizes="(max-width: 1200px) 100vw, 1200px" /></p> <p>Registration of an account is free and is used to validate the identity. DottedSign supports several single sign-on solutions, including those by Kdan, Facebook, Google and Microsoft.</p> <p>You can upload the documents in various ways, from local devices to third-party cloud storage spaces, including OneDrive, Google Drive, Dropbox and Kdan Cloud.</p> <p>As the sender, you can easily track the current status of each document with its visualized progress bar. It updates the information in real-time; for example, you can see who has signed already and who has not. You can also use its dashboard to get an overview of all documents status, making it easy to distinguish completed documents from those that are still in the process of being signed by all signees.</p> <p>When it comes to a large amount of documents, it can be a nightmare for many to search for a specific contract in a short notice. DottedSign’s built-in search functionality is a boost to efficiency, cutting much time and effort for employees.</p> <h2>Secure, Legal &amp; Reliable - All in One</h2> <p>Electronic signatures are legally-binding. <span style="font-weight: 400;">All signed documents include digital certificates that authenticate the document integrity and that no one has tampered with the process. The digital certificates</span><span style="font-weight: 400;"> are issued by an Adobe Approved Trust List (AATL) certificate authority. Furthermore, </span>DottedSign provides a digital audit trail that records all signers' actions to the documents to ensure its non-repudiation and the legal evidence. Additional security features are available, including support for two-factor signer authentication and one-time passwords.</p> <p><img class="alignnone size-full wp-image-178604" src="https://www.ghacks.net/wp-content/uploads/2022/05/5-scaled.jpg" alt="" width="1200" height="675" /></p> <h2>Best E-Signature solution for organizations!</h2> <p>As the organization grows, so does the time and effort spent in the communication process. With DottedSign, managers are empowered to lead the team in a streamlined way. You can efficiently manage your members and review the team performance all in one place. When it comes to delivering a large amount of signature requests, DottedSign offers templates and bulk send that will definitely make your life much easier (and happier).</p> <p>Moreover, DottedSign takes care of your organization branding as well; you can customize the logo, profile and the sender’s name in the signature requests. This helps to strengthen your connection with clients in a professional manner.</p> <p><img class="alignnone size-full wp-image-178605" src="https://www.ghacks.net/wp-content/uploads/2022/05/6-scaled.jpg" alt="" width="1200" height="675" srcset="https://www.ghacks.net/wp-content/uploads/2022/05/6-scaled.jpg 1200w, https://www.ghacks.net/wp-content/uploads/2022/05/6-1536x864.jpg 1536w, https://www.ghacks.net/wp-content/uploads/2022/05/6-2048x1152.jpg 2048w" sizes="(max-width: 1200px) 100vw, 1200px" /></p> <p><b>Simple and Fast Integration with DottedSign</b></p> <p><span style="font-weight: 400;">Additionally</span><span style="font-weight: 400;">, DottedSign </span><span style="font-weight: 400;">extends</span><span style="font-weight: 400;"> its diversity to make the signing process more </span><span style="font-weight: 400;">flexible</span><span style="font-weight: 400;">. Users can e</span><span style="font-weight: 400;">njoy greater convenience by connecting third-party Integrations, including </span><a href="https://zapier.com/apps/dottedsign/integrations" target="_blank" rel="noopener external noreferrer" data-wpel-link="external"><span style="font-weight: 400;">Zapier</span></a><span style="font-weight: 400;">, </span><a href="https://workspace.google.com/marketplace/app/dottedsign/282493255003" target="_blank" rel="noopener external noreferrer" data-wpel-link="external"><span style="font-weight: 400;">Google Workspace</span></a><span style="font-weight: 400;"> and </span><a href="https://appsource.microsoft.com/en-us/product/web-apps/kdanmobilesoftware1640055359628.dottedsign?tab=Overview" target="_blank" rel="noopener external noreferrer" data-wpel-link="external"><span style="font-weight: 400;">Microsoft Teams</span></a><span style="font-weight: 400;">. Also, </span><span style="font-weight: 400;">users can complete their signing process via </span><a href="https://www.kdanmobile.com/en/esignature-api" target="_blank" rel="noopener external noreferrer" data-wpel-link="external"><span style="font-weight: 400;">DottedSign API</span></a><span style="font-weight: 400;"> without leaving their company system.</span></p> <h3>Closing Words</h3> <p>DottedSign is an easy-to-use and powerful E-Signature service that is available for mobiles and as a web version. It is the ideal solution for businesses of all sizes, and professionals who want contracts to be signed quickly and efficiently. <a href="https://www.dottedsign.com?utm_source=PR&amp;utm_campaign=PR_202205_gHacks_review_website&amp;utm_medium=gHacks" target="_blank" rel="noopener external noreferrer" data-wpel-link="external">Check DottedSign to digitize your signing process!</a></p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/16/dottedsign-powerful-e-signature-solution-for-individuals-organizations/" data-wpel-link="internal">DottedSign is a powerful E-Signature solution for individuals and organizations</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  33. Microsoft's replaces bundled Quick Assist app with Microsoft Store version

    2022-05-16 11:08:54 UTC

    Quick Assist is a remote assistance application that is part of Microsoft's Windows 10 and 11 operating systems. Up until now, Quick Assist was available to all users to get remote assistance, […]

    Thank you for being a Ghacks reader. The post Microsoft's replaces bundled Quick Assist app with Microsoft Store version appeared first on gHacks Technology News.

    <p>Quick Assist is a remote assistance application that is part of Microsoft's Windows 10 and 11 operating systems. Up until now, Quick Assist was available to all users to get remote assistance, e.g., to resolve issues that users experience while working on Windows machines.</p> <p><img class="alignnone size-full wp-image-178599" src="https://www.ghacks.net/wp-content/uploads/2022/05/windows-new-quick-assist.png" alt="windows new quick assist" width="1301" height="746" /></p> <p>Users may launch the interface by searching for Quick Assist or by using the keyboard shortcut Ctrl+Win+Q; the new app supports the keyboard shortcut just like the old version of Quick Assist.</p> <p>Starting on May 23, 2022, that version of Quick Assist will stop functioning. Announced on April 27, 2022, Microsoft informed Windows Insiders about the upcoming changes to Quick Assist. The company delayed the change by a week, which was originally scheduled to take place on May 16, 2022.</p> <p>The announcement explains how the new version of Quick Assist can be installed, but it does not highlight the challenges that administrators face.</p> <p>The old version of Quick Assist can't be used anymore after May 23, 2022 according to Microsoft.</p> <p><img class="alignnone size-full wp-image-178598" src="https://www.ghacks.net/wp-content/uploads/2022/05/quick-assist-notification.png" alt="quick assist notification" width="362" height="541" /></p> <p>Users receive a prompt that a new version is available, and that it needs to be downloaded and installed from the Microsoft Store. The "not yet" option will be removed from the application window. It loads the Quick Assist interface when selected.</p> <p>The change introduces several usability issues for administrators and users alike, which Microsoft failed to mention in the announcement.</p> <p>Administrators who <a href="https://twitter.com/OfficeInsider/status/1519413576926175232" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">replied</a> to the official Twitter announcement by Microsoft's Office Insider account highlighted, that the installation of the application required administrative privileges, and that the user that required assistance, needed to install the new Quick Assist app from the Store to get help using the tool.</p> <p>Previously, administrators could be sure that Quick Assist was available if the device used Windows 10 or 11 as the operating system. The change may require support to walk each user through the installation of the new Quick Assist application before it can be used to provide remote assistance.</p> <p>Additionally, the new Quick Assist installs next to the old Quick Assist application on the Windows machine, making it difficult for users to pick the right one during searches or selecting the right one for uninstallation.</p> <p>At least the last issue appears to have been fixed. Installation of the new version appears to remove the old version from the device. A search lists the newly installed application only and the apps listing in the Settings application lists it as the sole app as well.</p> <h2>Microsoft explains the reason behind the change</h2> <p>Kapil Tundwal, the engineering manager for the Quick Assist application <a href="https://twitter.com/ktundwal/status/1524509913401110533?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1524509913401110533%7Ctwgr%5E%7Ctwcon%5Es1_&amp;ref_url=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fwindows-admins-are-so-annoyed-by-quick-assist-moving-to-microsoft-store%2F" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">explained</a> on Twitter that the Microsoft Store version enables Microsoft to send security updates faster to the userbase.</p> <p>Regarding the Microsoft Store requirement, Microsoft <a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-store%2Fdistribute-offline-apps&amp;data=05%7C01%7Cv-npfeifer%40microsoft.com%7Cce77e161ab824f3dbcb908da2fa89ca2%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637874698537097842%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=j2S%2BAZ4A63iPaGbgokoiiMVBArXoKI9zQQVqJbof1cM%3D&amp;reserved=0" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">notes</a> that it is possible to distribute the offline app version of Quick Assist. Administrators pointed out, that this won't work in all environments.</p> <h3>Closing Words</h3> <p>Microsoft's decision to replace the native Quick Assist application with a Store version has caught many administrators off guard. Microsoft could have replaced the original version with the new version gradually, by integrating the new version in new Windows releases. It could also have kept the old version functional for the time being to give organizations time to adjust to the change.</p> <p><strong>Now You</strong>: have you used Quick Assist in the past? (via <a href="https://www.bleepingcomputer.com/news/microsoft/windows-admins-frustrated-by-quick-assist-moving-to-microsoft-store/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Bleeping Computer</a>)</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/16/microsofts-replaces-bundled-quick-assist-app-with-microsoft-store-version/" data-wpel-link="internal">Microsoft&#039;s replaces bundled Quick Assist app with Microsoft Store version</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  34. First look at Portmaster, an open source cross-platform network monitor

    2022-05-16 06:57:15 UTC

    Portmaster is a free open source cross-platform network activity monitor that is available in an early version for Windows and the Linux distributions Ubuntu and Fedora. Portmaster combines traditional network activity monitoring […]

    Thank you for being a Ghacks reader. The post First look at Portmaster, an open source cross-platform network monitor appeared first on gHacks Technology News.

    <p><a href="https://safing.io/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Portmaster</a> is a free open source cross-platform network activity monitor that is available in an early version for Windows and the Linux distributions Ubuntu and Fedora.</p> <p><img class="alignnone size-full wp-image-178594" src="https://www.ghacks.net/wp-content/uploads/2022/05/portmaster-interface.png" alt="portmaster interface" width="1442" height="768" /></p> <p>Portmaster combines traditional network activity monitoring with additional features, such as the option to enforce the use of secure DNS or the automatic blocking of advertisement, trackers and malicious hosts using filter lists, which are commonly used by ad-blockers.</p> <p>Portmaster is free to use, which usually leads to the question of how development is financed. The developers behind Portmaster reveal information on that on the official project website. Basically, what they plan to do is use a freemium model. Portmaster will be free for all users but extra services, a VPN is mentioned specifically, is available for users who sign-up for it. Money is earned through that, which is used to finance development.</p> <h2>Portmaster: first look</h2> <p><img class="alignnone size-full wp-image-178595" src="https://www.ghacks.net/wp-content/uploads/2022/05/portmaster-connection-details.png" alt="portmaster connection details" width="1442" height="768" /></p> <p>An alpha version of Portmaster is available for Windows and Linux. It is released for testing and development purposes at the time. Alpha software may include bugs and issues, and should not be installed on production machines.</p> <p>The development team notes that the alpha tag is "more about missing features than instability" of the application. Planned features for the first beta release include importing and exporting options, support for custom filter lists, cryptographically signed updates, and a full-device network monitor.</p> <p>Installation is straightforward on Windows; a reboot is required to complete the installation process. The interface is well-designed and modern. The main page lists recent network activity, including the total number of connections, and the percentage of allowed and blocked connections.</p> <p>A click on an application or service in the network activity listing displays details, including name and path, and information about each connection that was made in the past.</p> <p>Each connection is listed with the target, whether the data was encrypted, the IP addresses and countries of the IP addresses.</p> <p>Settings can be defined for each individual application. Besides blocking all network activity, users may modify several connection specific options. To name a few:</p> <ul> <li>Switch between default network actions: allow, block, prompt.</li> <li>Block Internet or LAN connectivity.</li> <li>Block P2P/Direct Connections</li> <li>Block incoming connections.</li> <li>Configure outgoing rules.</li> <li>Apply filter lists, e.g. ad and tracker blocking, malware hosts</li> </ul> <p>All of these can be defined globally, so that the preferences apply to all applications and services by default. Override options are available for individual apps.</p> <p>The All Apps section lists all applications with current and past network activity. A search feature is available to find apps quickly in the listing. You may select any application or service to modify the default networking behavior.</p> <p>The premium feature SPN, Safing Privacy Network, is also included as an alpha version. The service is inspired by Tor, as it routes connections through several network hops for improved privacy. The core difference to VPNs is the multi-hop architecture. Some VPNs, NordVPN for instance, support multiple connections as well, but these are usually not designed to hide information such as the destination from each other.</p> <h3>Closing Words</h3> <p>Portmaster is a promising network monitor: it is free, open source and available for different platforms. Windows and Linux versions are available, and a Mac version is planned for the future. The interface is well-designed, and while some features are missing, it is functional already.</p> <p>It is too early to tell how it will stack up against other network monitors and firewalls such as <a href="https://www.ghacks.net/2020/07/01/glasswire-elite-review/" data-wpel-link="internal">Glasswire</a>, <a href="https://www.ghacks.net/2019/02/27/windows-firewall-control-6-0-is-out/" data-wpel-link="internal">Windows Firewall Control</a>, or <a href="https://www.ghacks.net/2017/05/08/simplewall-simple-firewall-for-windows/" data-wpel-link="internal">SimpleWall</a>.</p> <p><strong>Now You:</strong> do you use a third-party network monitor or firewall?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/16/first-look-at-portmaster-an-open-source-cross-platform-network-monitor/" data-wpel-link="internal">First look at Portmaster, an open source cross-platform network monitor</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  35. Thunderbird's donation-driven revenue rose 21% in 2021

    2022-05-15 05:18:22 UTC

    The Thunderbird team published the financial report of 2021 for the Thunderbird project last month. Revenue rose by 21% in 2021 to $2.796 million when compared to the $2.3 million the project […]

    Thank you for being a Ghacks reader. The post Thunderbird's donation-driven revenue rose 21% in 2021 appeared first on gHacks Technology News.

    <p>The Thunderbird team published the financial report of 2021 for the Thunderbird project last month. Revenue rose by 21% in 2021 to $2.796 million when compared to the $2.3 million the <a href="https://www.ghacks.net/2021/03/22/thunderbird-financial-report-2020-shows-strong-year-to-year-growth/" data-wpel-link="internal">project earned in 2020</a>.</p> <figure id="attachment_178585" aria-describedby="caption-attachment-178585" style="width: 1200px" class="wp-caption alignnone"><img class="wp-image-178585 size-full" src="https://www.ghacks.net/wp-content/uploads/2022/05/thunderbird-financials-2021.png" alt="thunderbird financials 2021" width="1200" height="683" /><figcaption id="caption-attachment-178585" class="wp-caption-text">source: <a href="https://thunderbird.topicbox.com/groups/planning/Te67057a0f5f8a01e/thunderbird-2021-financial-report" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Thunderbird</a></figcaption></figure> <p>Thunderbird is part of <a href="https://www.ghacks.net/2020/01/29/thunderbird-new-owner/" data-wpel-link="internal">MZLA Technologies Corporation</a>, a wholly owned subsidiary of Mozilla Foundation. The entire project receives its funding almost entirely from donations.</p> <p>Donations rose from $700K in 2017 to now $2.7 million in 2021. In 2021 alone, donations rose by around $500k to the new all time high.</p> <p>Improved engagement with donors and an updated What's New page with "an improved donation appeal" were the primary drivers for the increased donations in the year. The team plans to increase the engagement with the entire community in the future. Increased activity on social media sites such as Twitter is already noticeable.</p> <p>Non-donation income makes up less than one percent of the overall revenue. Thunderbird receives payments when users sign up for the email providers Gandi and Mailfence. The team is open to exploring new revenue opportunities, provided that they align with the mission and values of the project.</p> <p>As far as spending is concerned, the bulk is spend as payment for employees. A total of 78.1% is spend on personnel. Professional services, including HR, tax services, and "agreements with other Mozilla entities, make up 10.5% of the spending. 5.5% are spend on general &amp; administrative services, and 4.7% on donation transaction fees.</p> <p>The Thunderbird project spend a total of $1,984 million in 2021, increasing money in the bank to $3.616 million.</p> <p>The Thunderbird project has a total of 18 employees. The team wants to hire several engineers without spending more money than what is coming in.</p> <p>The Thunderbird team has big plans for 2022 and beyond. <a href="https://www.ghacks.net/2022/03/29/thunderbird-102-next-major-release-of-the-open-source-email-client/" data-wpel-link="internal">The next major release is Thunderbird 102</a>, which includes major feature improvements and new features, such as an <a href="https://www.ghacks.net/2022/05/12/thunderbird-102-to-include-an-improved-import-tool/" data-wpel-link="internal">improved import module</a>, new address book, support for Matrix, and more.</p> <p>The developers are working on the first mobile app for the open source email client next to that. Plans are underway to release Thunderbird mobile for Android. No release date for the first preview version has been mentioned, but many expect it to be released later in 2022.</p> <p><strong>Closing Words</strong></p> <p>The financial outlook is good for the entire project. Donation revenue increased in 2021 by 21% over 2020. Almost $800k were added to the project's account as a consequence. The year 2022 is an important one for the project. The next major release is just months away, and the planned Android release will address the limitation to running Thunderbird on desktop systems. A version for iOS is also planned.</p> <p>Thunderbird users who want to donate to the project can <a href="https://give.thunderbird.net/en-GB/?utm_source=thunderbird.net&amp;utm_medium=referral&amp;utm_content=pre_footer" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">do so here</a>.</p> <p><strong>Now You</strong>: do you use Thunderbird? Are you looking forward to the release of version 102 and the first Android version? (via <a href="https://www.soeren-hentzschel.at/thunderbird/mzla-finanzbericht-2021/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Sören Hentzschel</a>)</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/15/thunderbirds-donation-drive-revenue-rose-21-in-2021/" data-wpel-link="internal">Thunderbird&#039;s donation-driven revenue rose 21% in 2021</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  36. Firefox 100.0.1 released with improved Windows process isolation

    2022-05-14 11:17:28 UTC

    Mozilla Firefox 100.0.1 is a small bug fix release that addresses issues in the browser's Picture-in-Picture mode and improves process isolation on Windows devices. Mozilla planned to release the new version on […]

    Thank you for being a Ghacks reader. The post Firefox 100.0.1 released with improved Windows process isolation appeared first on gHacks Technology News.

    <p>Mozilla Firefox 100.0.1 is a small bug fix release that addresses issues in the browser's Picture-in-Picture mode and improves process isolation on Windows devices.</p> <p><img class="alignnone size-full wp-image-178581" src="https://www.ghacks.net/wp-content/uploads/2022/05/firefox-100.0.1.png" alt="firefox 100.0.1" width="1260" height="695" /></p> <p>Mozilla planned to release the new version on May 11, 2022 initially but the release has been delayed. It is unclear why it was delayed at this point, but it is expected soon.</p> <h2>Mozilla Firefox 100.0.1</h2> <p>The main change in Firefox 100.0.1 improves Firefox's security sandbox on Windows devices. Mozilla notes that the sandbox is blocking access to Win32k APIs for content processes on Windows now.</p> <p>Linux and Mac versions of Firefox have seen security improvements in previous releases already. Firefox for Mac included changes in version 95 that block access to the WindowServer, which improved security and the process startup performance on Mac devices.</p> <p>Firefox 99 for Linux included a change that removed the connection from content process to the X11 server, which "stops attackers from exploiting the unsecured X11 protocol".</p> <p>The improvement in Firefox for Windows improves the browser's security significantly by blocking access to Win32k APIs for content processes. Mozilla notes that Win32k APIs are often targeted by exploits and that the limitation puts an end to these.</p> <p>The change is being rolled out to Windows 10 Creators Update and newer versions of Windows at the time of writing, meaning any supported Windows 10 and Windows 11 installation with Firefox running on it is supported already.</p> <p>Mozilla is still working on the Windows 8 implementation of the feature, and to support the security sandbox feature on older versions of Windows 10.</p> <p>The organization published a technical overview of the feature and implementation on its <a href="https://hacks.mozilla.org/2022/05/improved-process-isolation-in-firefox-100/" data-wpel-link="external" target="_blank" rel="external noopener noreferrer">Mozilla Hacks website</a>.</p> <p><a href="https://www.ghacks.net/2022/05/03/mozilla-releases-firefox-100-here-is-what-is-new/" data-wpel-link="internal">Picture-in-Picture mode saw several improvements in the Firefox 100 release</a>. One of the main changes added support for video captions and subtitles to many video streaming sites on the Internet.</p> <p>Firefox 100.0.1 fixes two bugs, one related to the display of subtitles:</p> <ul> <li>Fixed an issue with subtitles in Picture-in-Picture mode while using Netflix</li> <li>Fixed an issue where some commands were unavailable in the Picture-in-Picture window</li> </ul> <p><strong>Now You:</strong> have you used Firefox's Picture-in-Picture feature? What is your take on the security sandbox improvement?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/14/firefox-100-0-1-released-with-improved-windows-process-isolation/" data-wpel-link="internal">Firefox 100.0.1 released with improved Windows process isolation</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>
  37. How to use compact.exe to free up disk space on Windows

    2022-05-14 05:17:13 UTC

    Microsoft introduced new options for the command line tool compact.exe in the Windows 10 operating system. It allows users to compress folders on the system using new algorithms to free up disk […]

    Thank you for being a Ghacks reader. The post How to use compact.exe to free up disk space on Windows appeared first on gHacks Technology News.

    <p>Microsoft introduced new options for the command line tool compact.exe in the Windows 10 operating system. It allows users to compress folders on the system using new algorithms to free up disk space.</p> <p>Unlike many other compression solutions, compact promises to have little impact on performance when the files need to be loaded by the system. Files are compressed without changing the file extension or location. Decompression happens during runtime, and most modern systems should not break a sweat doing so. The tool is included in Windows 11 as well.</p> <p>Compact.exe compresses files and folders on Windows without changing filenames or making other modifications to the files. Depending on the type of files, compression may save Gigabytes of disk space or very little. Files that are compressed already, e.g., JPG image files, will show little gains when compress is run on them. Uncompressed files on the other hand may show large gains. You can check out this <strong>GitHub page</strong>, which lists hundreds of games and programs, and the savings when using compress.exe on them.</p> <p>A few applications and games may react badly to compression. If that is the case, uncompressing will resolve the issue.</p> <p><strong>Tip</strong>: if you prefer a graphical user interface, <a href="https://www.ghacks.net/2017/10/12/compactgui-use-windows-compact-tool-with-a-gui/" data-wpel-link="internal">check out CompactGUI</a>. Windows includes an option to compress the entire drive. Right-click on any drive in explorer and select Properties to open the option. You find "Compress this drive to save disk space" under General in the properties window.</p> <h2>Using compact.exe on Windows</h2> <p><img class="alignnone size-full wp-image-178576" src="https://www.ghacks.net/wp-content/uploads/2022/05/compact-output.png" alt="compact output" width="1267" height="498" /></p> <p>You may run the program from any command prompt window. Open a new command prompt window, e.g., by using Windows-R to open the run box, typing cmd.exe and hitting the Enter-key on the keyboard.</p> <p>Running compact on its own displays the compression status of all folders and files of the current directory.</p> <p>The command line tool support several parameters, some of which may be confusing at first.</p> <p>The core commands compact.exe /c and compact.exe /u mark the current or specified directories so that future changes to the folder, e.g., modified files or newly added files, are compressed or uncompressed.</p> <p>It is necessary to supply the /s parameter to the command to perform the selected operation on all files in the specified directory and all of its subdirectories.</p> <p>By default, the current directory is used, but a directory may be supplied to perform the operation on a different directory instead. To do that, add path information to the command.</p> <p>The command compact.exe /c /s:c:\users\test\downloads\ runs the compression on the downloads directory.</p> <p>You may specify the compression algorithm by supplying the /EXE parameter. The parameter /EXE:XPRESS8K uses that algorithm. The following algorithms are supported:</p> <ul> <li>XPRESS4K (fastest and default value)</li> <li>XPRESS8K</li> <li>XPRESS16K</li> <li>LZX (most compact)</li> </ul> <p>The default algorithm is designed to make the performance impact as minimal as possible, even on older systems. Most devices should not have issues using the 8k or even 16k algorithm instead.</p> <p>Other useful parameters of compact.exe:</p> <ul> <li>/f forces the compression or uncompression. Already compressed or uncompressed files are skipped. Should be used if the process was interrupted, e.g., by a crash.</li> <li>/i ignores errors and continues the operation without stopping.</li> <li>/? displays help information.</li> </ul> <h3>Closing Words</h3> <p>Large program and game folders, and folders with large uncompressed files, benefit the most from the compression. Gigabytes of disk space may be recovered with the help of the command. Most Windows users may use the CompactGUI program instead, as it is easier to use and handle.</p> <p><strong>Now You:</strong> have you used compact.exe in the past?</p> <p>Thank you for being a Ghacks reader. The post <a rel="nofollow" href="https://www.ghacks.net/2022/05/14/compact-exe-free-disk-space-windows/" data-wpel-link="internal">How to use compact.exe to free up disk space on Windows</a> appeared first on <a rel="nofollow" href="https://www.ghacks.net" data-wpel-link="internal">gHacks Technology News</a>.</p>