OSnews

Windows 7, released in July of 2009, was a gigantic leap forward in the evolution of the desktop OS. Good enough, it turns out, that a huge number of people and organizations are still using it, despite it being nearly ten years since its release. Back in February, Statscounter proclaimed that according to its analytics, Windows 10 had finally overtaken 7 in marketshare. But these kinds of measurements are never exact. They’re based on counting users that connect to various constellations of sites and services, so there’s going to be some variation depending on who’s counting. In December, though, rival analytics firm Netmarketshare revealed that it’s now also showing Windows 10 overtaking Windows 7 for the first time, with 39.22% share of the total OS market, with Windows 7 at 36.9% and Mac OS 10.14 at 4.73%. A surprising number of die hards (4.5%) are still on Windows XP. When you include mobile OSes into the mix, Windows 10 is still on top, followed by Windows 7, then iOS 12.1

We’ve long suspected that Google’s upcoming operating system, Fuchsia, would join the ranks of Chrome OS (and Android) in its support for Android apps. Today, that suspicion has been confirmed by a new change found in the Android Open Source Project, and we can say with confidence that Fuchsia will be capable of running Android apps using the Android Runtime. This just adds more fuel to the fire for Fuchsia’s future.

Regular readers will have noticed that we’ve been offline for several days. As you can see, during that time, we’ve made some major changes to the site, and though the design has changed substantially, we’ve made even more dramatic changes in the back-end. We are now running our 6th major iteration of OSNews. It all was precipitated by messages from readers we’ve received over the past few weeks alerting us that they’ve been getting spam, phishing attempts, and some weak-sauce cyber-extortion emails at addresses that were unique to their OSNews accounts. Read on for more. It certainly seems like we’ve had a breach. Our best guess is that someone was able to exploit a vulnerability in old, unmaintained code in the site’s content management system, and made off with at least some user data, which may be as little as a few user records or, at worst, our entire database. Your email addresses were in there, and the encryption on the passwords wasn’t up to modern standards (unsalted SHA1). The truth is that once we concluded it was likely that we were breached, our small volunteer team decided it was better to go offline than it was to learn the avenue of exploit, given that we had no interest in continuing to rely on the aged codebase. Other than potential spam, though, we’re not aware of any other nefarious use of your data, we don’t store much beyond email addresses and passwords, but nonetheless, we’ve very sorry that we weren’t more diligent over the years with keeping in lockstep with best practices with respect to site security. Upgrading the site has been long overdue. In fact, we’d made a serious attempt at discontinuing the old CMS a few years ago, and a few years before that, and it got bogged down both times by the fact that we depend on volunteer help and we all have real lives. The OSNews system is old. The last meaningful update to the codebase was in 2008, with much of the logic based on the 2005 “version 3” rewrite of OSNews. File modification times of 2014 or older were almost always small tweaks or bug fixes. The site was largely written for PHP 4 and it never had a proper maintenance plan. We’ve now migrated the site to WordPress. For all its faults, WP is at least a known quantity. Many thanks to Adam Scheinberg for spending so many hours over his winter break migrating the data from the old CMS to WordPress. To be perfectly honest, when contemplating what needed to be done to properly move the site to a new platform, I considered just throwing in the towel and going offline permanently. Revenues from advertising don’t cover expenses, and though this could probably be rectified by exploring more creative sponsorship approaches, I don’t have the time. I’m currently trying to get a startup off the ground. I love being a part of this community, and I’m willing to continue to invest in it, but I only want to keep it going if it’s going to remain vibrant and meaningful. In order to keep your history from the old site, and to make that re-association process as painless as possible, we’ve written a very simple account migration tool. The tool checks your login against a very stripped down version of our old user table and then re-encrypts your password. When you login to the new OSNews site, your password will be encrypted using a modern secure algorithm, which is currently PHP’s password_hash function, which uses Blowfish or Extended DES and can change over time so we don’t repeat any past mistakes. I’d like to conclude this update with a cry for help. The only way to achieve this dream of vibrancy and meaningfulness is with your help. One of the advantages of the new platform is that it will make it easier for us to include new contributors and do experiments. What can you do? Read and comment every day Submit news Share interesting stuff on the site with your friends Write an original article Suggest someone interesting for us to interview, and recommend some questions we can ask Suggest new topics you think we should cover with more regularity Volunteer to be an editor and post news everyday Help us with ideas on how we can make money. (sponsorships, ads, partnerships, whatever) Need a part time job? I’ll hire you to promote the site and manage our sponsorship and advertising relationships.

A former Microsoft intern has revealed details of a YouTube incident that has convinced some Edge browser engineers that Google added code to purposely break compatibility. In a post on Hacker News, Joshua Bakita, a former software engineering intern at Microsoft, lays out details and claims about an incident earlier this year. Microsoft has since announced the company is moving from the EdgeHTML rendering engine to the open source Chromium project for its Edge browser.Google disputes Bakita's claims, and says the YouTube blank div was merely a bug that was fixed after it was reported. "YouTube does not add code designed to defeat optimizations in other browsers, and works quickly to fix bugs when they're discovered," says a YouTube spokesperson in a statement to The Verge. "We regularly engage with other browser vendors through standards bodies, the Web Platform Tests project, the open-source Chromium project and more to improve browser interoperability."While we're unlikely to ever know the real story behind this particular incident, I don't doubt for a second that Google would do something like this.

It took about 30 minutes for Williamson County commissioners to unanimously approve a roughly $16 million incentive package for Apple Tuesday morning, bringing the total amount the tech giant is likely to receive in exchange for choosing Austin as the site for its newest campus to a cool $41 million. The new addition is set to be Apple's second campus in the Austin, Texas, area - located less than a mile from the company's existing facility, established five years ago. It comes with the promise of a $1 billion dollar investment from Apple in the area and the addition of up to 15,000 new jobs.But the details of the incentive package Williamson County whipped up to woo Apple tell a slightly different story. In the contract approved by county officials, Apple committed to spending at least $400 million on the new campus and creating 4,000 jobs over 12 years. The contract says the jobs don’t necessarily have to be on the new campus in order for Apple to receive the promised incentives, but rather can be anywhere within Williamson County.Shady and shoddy deals like these are only the tip of the iceberg - and don't think this is merely an American thing. This entire past year in The Netherlands has been dominated by our newly elected government wanting to shove through an incredibly unpopular tax cut specifically designed to appease major (partly) Dutch multinationals like Shell and Unilever - a 2 billion euro tax cut while various important social services like police, education, and healthcare desperately need better pay and working conditions.In the end, under immense public and political pressure, the tax cut was cancelled, but it goes to show that these things happen everywhere - in large, powerful nations like the US, but also in small, insignificant welfare states like The Netherlands.

With the significant news this week that the Fuchsia SDK and a Fuchsia "device" are being added to the Android Open Source Project, now seems like a good time to learn more about the Fuchsia SDK. Today on Fuchsia Friday, we dive into the Fuchsia SDK and see what it has to offer developers who might want to get a head start on Fuchsia.Fuchsia is the only publicly known truly new operating system designed and built by one of the major technology companies. It's strange to think this may one day power Chromebooks and "Android" devices alike.

Without question, 2018 was the year RISC-V genuinely began to build momentum among chip architects hungry for open-source instruction sets. That was then.By 2019, RISC-V won't be the only game in town.Wave Computing announced Monday that it is putting MIPS on open source, with MIPS Instruction Set Architecture (ISA) and MIPS' latest core R6 available in the first quarter of 2019.Good news, and it makes me wonder - will we ever see a time where x86 and x86-64 are open source? I am definitely not well-versed enough in these matters to judge just how important the closed-source nature of the x86 ISA really is to Intel and AMD, but it seems like something that will never happen.

It started during yoga class. She felt a strange pull on her neck, a sensation completely foreign to her. Her friend suggested she rush to the emergency room. It turned out that she was having a heart attack.She didn’t fit the stereotype of someone likely to have a heart attack. She exercised, did not smoke, watched her plate. But on reviewing her medical history, I found that her cholesterol level was sky high. She had been prescribed a cholesterol-lowering statin medication, but she never picked up the prescription because of the scary things she had read about statins on the internet. She was the victim of a malady fast gearing up to be a modern pandemic - fake medical news.While misinformation has been the object of great attention in politics, medical misinformation might have an even greater body count. As is true with fake news in general, medical lies tend to spread further than truths on the internet - and they have very real repercussions.We already see the consequences of this with abusive parents not vaccinating their children based on clearly disproven lies and nonsense, but it also extends to other medical issues. What's especially interesting is that this affects people with higher educations a lot more than people with lower educations - might overconfidence be a slow and insidious killer (have a cookie if you catch that reference without Googling/DDG'ing)?In any event, while people not vaccinating their children should obviously be tried for child abuse, I can't say I can really care about what people do to their own bodies. If a grown adult wants to trust some baseless Facebook nonsense or whatever over qualified medical personnel, then she or he should be free to do so - and suffer the consequences.

Today's global cybersecurity threats are both dynamic and sophisticated, and new vulnerabilities are discovered almost every day. We focus on protecting customers from these security threats by providing security updates on a timely basis and with high quality. We strive to help you keep your Windows devices, regardless of which version of Windows they are running, up to date with the latest monthly quality updates to help mitigate the evolving threat landscape.That is why, today, as part of our series of blogs on the Windows approach to quality, I'll share an overview of how we deliver these critical updates on a massive scale as a key component of our ongoing Windows as a service effort.After Microsoft's recent stumbles with Windows updates, the company has been putting out a number of blog posts about how it approaches updates. This particular blog post explains some of the inside baseball on the various categories updates get placed in, as well as the various tests the company runs to ensure updates are safe and reliable - exactly the area where Microsoft has been failing lately.

Compiz can quickly get you the desktop you deserve: a desktop with a very high degree of customizability, on top of being faster than the default GNOME Shell, and (as far as I can tell) faster than Mac or Windows.The best part is that it takes no time at all to get up and running! I’ll show you how to transform Ubuntu into a desktop that is functionally similar to Mac.I doubt any of this is news to many OSNews readers, but it's still a nice introduction into the functionality offered by Compiz.

The OpenSSH client and server are now available as a supported Feature-on-Demand in Windows Server 2019 and Windows 10 1809! The Win32 port of OpenSSH was first included in the Windows 10 Fall Creators Update and Windows Server 1709 as a pre-release feature. In the Windows 10 1803 release, OpenSSH was released as a supported feature on-demand component, but there was not a supported release on Windows Server until now.

Mozilla's response to Microsoft adopting Chromium.

It's official.

Well, I sure didn't expect this kind of news to land in the middle of the night.

Blueway Software Works (who purchased the intellectual property rights to PC/GEOS from the estate of Frank Fischer of Breadbox when he passed away) seems to have published the source code for PC/GEOS on their GitHub repository.

A great article about a number of things that make Haiku (and BeOS) unique. There's a lot to cover here, so I'll just take a random sample to quote here:

Internal Facebook documents seized by British lawmakers suggest that the social media giant once considered selling access to user data, according to extracts obtained by the Wall Street Journal. Back in April, Facebook CEO Mark Zuckerberg told congress unequivocally that, "We do not sell data." But these documents suggest that it was something that the company internally considered doing between 2012 and 2014, while the company struggled to generate revenue after its IPO.This just goes to show that no matter what promises a company makes, once the shareholders come knocking, they'll disregard all promises, morals, and values they claim to have.

On Halloween this year I learned two scary things. The first is that a young toddler can go trick-or-treating in your apartment building and acquire a huge amount of candy. When they are this young they have no interest in the candy itself, so you are left having to eat it all yourself.The second scary thing is that in the heart of the ubiquitous IMAP protocol lingers a ghost of the time before UTF-8. Its name is Modified UTF-7.