Long-time Slashdot reader sandbagger writes: Have you ever wondered if it's true you can instantly get malware? In this video, a person connects an XP instance directly to the internet with no firewall to see just how fast it gets compromised by malware, rootkits, malicious services and new user accounts. The answer — fast!
Malwarebytes eventually finds eight different viruses/Trojan horses -- and a DNS changer. (One IP address leads back to the Russian federation.) Itâ(TM)s fun to watch -- within just a few hours a new Windows user has even added themself. And for good measure, he also opens up Internet Explorer...

âoeWindows XP -- very insecure,â they conclude at the end of the video. âoeVery easy for random software from the internet to get more privileges than you, and it is very hard to solve that.

âoeAlso, just out of curiosity I tried this on Windows 7. And even with all of the same settings, nothing happened. I let it run for 10 hours. So it seems like this may be a problem in historical Windows.â

Slashdot reader Seven Spirals brings news about the lossless compression algorithm LZ4: The already wonderful performance of the LZ4 compressor just got better with multi-threaded additions to it's codebase. In many cases, LZ4 can compress data faster than it can be written to disk giving this particular compressor some very special applications. The Linux kernel as well as filesystems like ZFS use LZ4 compression extensively. This makes LZ4 more comparable to the Zstd compression algorithm, which has had multi-threaded performance for a while, but cannot match the LZ4 compressor for speed, though it has some direct LZ4.
From Linuxiac.com: - On Windows 11, using an Intel 7840HS CPU, compression time has improved from 13.4 seconds to just 1.8 seconds — a 7.4 times speed increase.
- macOS users with the M1 Pro chip will see a reduction from 16.6 seconds to 2.55 seconds, a 6.5 times faster performance.
- For Linux users on an i7-9700k, the compression time has been reduced from 16.2 seconds to 3.05 seconds, achieving a 5.4 times speed boost...

The release supports lesser-known architectures such as LoongArch, RISC-V, and others, ensuring LZ4's portability across various platforms.

An anonymous reader quotes a report from The Register: Not long after Windows PCs and servers at the Australian limb of audit and tax advisory Grant Thornton started BSODing last Friday, senior systems engineer Rob Woltz remembered a small but important fact: When PCs boot, they consider barcode scanners no differently to keyboards. That knowledge nugget became important as the firm tried to figure out how to respond to the mess CrowdStrike created, which at Grant Thornton Australia threw hundreds of PCs and no fewer than 100 servers into the doomloop that CrowdStrike's shoddy testing software made possible. [...] The firm had the BitLocker keys for all its PCs, so Woltz and colleagues wrote a script that turned them into barcodes that were displayed on a locked-down management server's desktop. The script would be given a hostname and generate the necessary barcode and LAPS password to restore the machine.

Woltz went to an office supplies store and acquired an off-the-shelf barcode scanner for AU$55 ($36). At the point when rebooting PCs asked for a BitLocker key, pointing the scanner at the barcode on the server's screen made the machines treat the input exactly as if the key was being typed. That's a lot easier than typing it out every time, and the server's desktop could be accessed via a laptop for convenience. Woltz, Watson, and the team scaled the solution -- which meant buying more scanners at more office supplies stores around Australia. On Monday, remote staff were told to come to the office with their PCs and visit IT to connect to a barcode scanner. All PCs in the firm's Australian fleet were fixed by lunchtime -- taking only three to five minutes for each machine. Watson told us manually fixing servers needed about 20 minutes per machine.

Microsoft has started testing a new way to access your Android phone from directly within Windows 11's File Explorer. From a report: Windows Insiders are now able to test this new feature, which lets you wirelessly browse through folders and files on your Android phone. The integration in File Explorer means your Android device appears just like a regular USB device on the left-hand side, with the ability to copy or move files between a PC and Android phone, and rename or delete them. It's certainly a lot quicker than using the existing Phone Link app.

In the wake of a major incident that affected millions of Windows PCs, Microsoft is calling for significant changes to enhance the resilience of its operating system. John Cable, Microsoft's vice president of program management for Windows servicing and delivery, said there was a need for "end-to-end resilience" in a blog post, signaling a potential shift in Microsoft's approach to third-party access to the Windows kernel.

While not explicitly detailing planned improvements, Cable pointed to recent innovations like VBS enclaves and the Azure Attestation service as examples of security measures that don't rely on kernel access. This move towards a "Zero Trust" approach could have far-reaching implications for the cybersecurity industry and Windows users worldwide, as Microsoft seeks to balance system security with the needs of its partners in the broader security community.

The comment follows a Microsoft spokesman revealed last week that a 2009 European Commission agreement prevented the company from restricting third-party access to Windows' core functions.

A little-known spyware maker based in Minnesota has been hacked, TechCrunch reports, revealing thousands of devices around the world under its stealthy remote surveillance. From the report: A person with knowledge of the breach provided TechCrunch with a cache of files taken from the company's servers containing detailed device activity logs from the phones, tablets, and computers that Spytech monitors, with some of the files dated as recently as early June.

TechCrunch verified the data as authentic in part by analyzing some of the exfiltrated device activity logs that pertain to the company's chief executive, who installed the spyware on one of his own devices. The data shows that Spytech's spyware -- Realtime-Spy and SpyAgent, among others -- has been used to compromise more than 10,000 devices since the earliest-dated leaked records from 2013, including Android devices, Chromebooks, Macs, and Windows PCs worldwide. Spytech is the latest spyware maker in recent years to have itself been compromised, and the fourth spyware maker known to have been hacked this year alone, according to TechCrunch's running tally.

Researchers at Check Point have uncovered a clandestine network of approximately 3,000 "ghost" accounts on GitHub, manipulating the platform to promote malicious content. Since June 2023, a cybercriminal dubbed "Stargazer Goblin" has been exploiting GitHub's community features to boost malicious repositories, making them appear legitimate and popular.

Antonis Terefos, a malware reverse engineer at Check Point, discovered the network's activities, which include "starring," "forking," and "watching" malicious pages to increase their visibility and credibility. The network, named "Stargazers Ghost Network," primarily targets Windows users, offering downloads of seemingly legitimate software tools while spreading various types of ransomware and info-stealer malware.

In a response to the UK's Competition and Markets Authority's investigation into cloud services and licensing, Microsoft has defended its practices, asserting that its terms "do not meaningfully raise cloud rivals' costs." The Windows-maker emphasized Amazon's continued dominance in the UK hyperscale market and noted Google's quarter-on-quarter growth, while also highlighting the declining share of Windows Server relative to Linux in cloud operating systems and SQL Server's second-place position behind Oracle.

[...] The CMA's inquiry primarily focuses on the pricing disparity between using Microsoft products on Azure versus rival cloud platforms, with most surveyed customers perceiving Azure as the more cost-effective option for Microsoft software deployment. The Register adds: Microsoft's bullish take on this is that AWS and Google should be grateful that they even get to run its software. In its response, the company said: "This dispute on pricing terms only arises because Microsoft grants all rivals IP licenses in the first place to its software that is of most popularity for use in the cloud. It does this not because there is any legal obligation to share IP with closest rivals in cloud, but for commercial reasons."

According to the Washington Post (paywalled), the House Homeland Security Committee has called on the CrowdStrike CEO to testify over the major outage that brought flights, hospital procedures, and broadcasters to a halt on Friday. The outage was caused by a defective software update from the company that primarily affected computers runnings Windows, resulting in system crashes and "blue screen of death" errors. From the report: Republican leaders of the House Homeland Security Committee demanded that CrowdStrike CEO George Kurtz commit by Wednesday to appearing on Capitol Hill to explain how the outages occurred and what "mitigation steps" the company is taking to prevent future episodes. [...] Reps. Mark Green (R-Tenn.) and Andrew R. Garbarino (R-N.Y.), chairs of the Homeland Security Committee and its cybersecurity subcommittee, respectively, wrote in their letter that the outages "must serve as a broader warning about the national security risks associated with network dependency. Protecting our critical infrastructure requires us to learn from this incident and ensure that it does not happen again," the lawmakers wrote. CrowdStrike spokesperson Kirsten Speas said in an emailed statement Monday that the company is "actively in contact" with the relevant congressional committees and that "engagement timelines may be disclosed at Members' discretion," but declined to say whether Kurtz will testify.

The committee is one of several looking into the incident, with members of the House Oversight Committee and House Energy and Commerce Committee separately requesting briefings from CrowdStrike. But the effort by Homeland Security Committee leaders marks the first time the company is being publicly summoned to testify about its role in the disruptions. CrowdStrike has risen to prominence as a major security provider partly by identifying malicious online campaigns by foreign actors, but the outages have heightened concern in Washington that international adversaries could look to exploit future incidents. "Malicious cyber actors backed by nation-states, such as China and Russia, are watching our response to this incident closely," Green and Garbarino wrote. The outages, which disrupted agencies at the federal and state level, are also raising questions about how much businesses and government officials alike have come to rely on Microsoft products for their daily operations.

Azure used to be a cloud platform dedicated to Windows. Now, it's the most widely used operating system on Microsoft Azure. The New Stack's Joab Jackson writes: These days, Microsoft expends considerable effort that Linux runs as smoothly as possible on Azure, according to a talk given earlier this year at the Linux Foundation Open Source Summit given by two Microsoft Azure Linux Platforms Group program managers, Jack Aboutboul, and Krum Kashan. "Linux is the #1 operating system in Azure today," Aboutoul said. And all must be supported in a way that Microsoft users have come to expects. Hence, the need for the Microsoft's Linux Platforms Group, which provides support Linux to both the internal customers and to Azure customers. These days, the duo of engineers explained, Microsoft knows about as much as anyone about how to operate Linux at hyperscale. [...]

As of today, there are hundreds of Azure and Azure-based services running on Linux, including the Azure Kubernetes Service (AKS), OpenAI, HDInsight, and many of the other database services. "A lot of the infrastructure powering everything else is running on Linux," Aboutoul said. "They're different flavors of Linux running all over the place," Aboutoul said. To run these services, Microsoft maintains its own kernel, Azure Linux, and in 2023 the company released its own version of Linux, Azure Linux. But Azure Linux is just a small portion of all the other flavors of Linux running on Azure, all of which Microsoft must work with to support.

Overall, there are about 20,000 third-party Software as a Service (SaaS) packages in the Azure marketplace that rely on some Linux distribution. And when things go wrong, it is the Azure service engineers who get the help tickets. The company keeps a set of endorsed Linux distributions, which include Red Hat Enterprise Linux, Debian, Flatcar, Suse, Canonical, and Oracle Linux and CentOS (as managed by OpenLogic, not Red Hat). [...] Overall, the company gets about 1,000 images a month from these endorsed partners alone. Many of the distributions have multiple images (Suse has a regular one, and another one for high-performance computing, for instance).

An anonymous reader writes: Windows users are being notified that their systems aren't backed up with the built-in Windows backup solution. A corresponding message appears with the advice that it's best to make backups so that all data is stored "in case something happens to the PC." It almost reads like an indirect threat, but Microsoft is actually just pointing out the option to store file backups on its own OneDrive cloud service. And it's also advertising more storage space.

A Microsoft spokesman says that a 2009 European Commission agreement prevents the company from restricting third-party access to Windows' core functions, shedding light on factors contributing to Friday's widespread outage that affected millions of computers globally. The disruption, which caused the infamous "blue screen of death" on Windows machines across various industries, originated from a faulty update by cybersecurity firm CrowdStrike. The incident highlighted the vulnerability of Microsoft's open ecosystem, mandated by the EU agreement, which requires the tech giant to provide external security software developers the same level of system access as its own products. This policy stands in stark contrast to more closed systems like Apple's.

8.5 million Windows devices were ultimately affected by the Crowdstrike outage, according to figures from Microsoft cited by CNN.

And now an anonymous Slashdot reader shares CNN's report on the ramifications: What one cybersecurity expert said appears to be the "largest IT outage in history" led to the cancellation of more than 5,000 commercial airline flights worldwide and disrupted businesses from retail sales to package deliveries to procedures at hospitals, costing revenue and staff time and productivity... While CrowdStrike has apologized, it has not mentioned whether or not it intends to provide compensation to affected customers. And when asked by CNN about whether it plans to provide compensation, its response did not address that question. Experts say they expect that there will be demands for remuneration and very possibly lawsuits.

"If you're a lawyer for CrowdStrike, you're probably not going to enjoy the rest of your summer," said Dan Ives, a tech analyst for Wedbush Securities....

But there could be legal protections for CrowdStrike in its customer contracts to shield it from liability, according to one expert. "I would guess that the contracts protect them," said James Lewis, researcher at the Center for Strategic and International Studies...

It's also not clear how many customers CrowdStrike might lose because of Friday. Wedbush Securities' Ives estimates less than 5% of its customers might go elsewhere. "They're such an entrenched player, to move away from CrowdStrike would be a gamble," he said. It will be difficult, and not without additional costs, for many customers to switch from CrowdStrike to a competitor. But the real hit to CrowdStrike could be reputational damage that will make it difficult to win new customers... [E]ven if customers are understanding, it's likely that CrowdStrike's rivals will be seeking to use Friday's events to try to lure them away.
One final note from CNN. Patrick Anderson, CEO of a Michigan research firm called the Anderson Economic Group, "added that the costs could be particularly significant for airlines, due to lost revenue from canceled flights and excess labor and fuel costs for the planes that did fly but faced significant delays."

See also: Third Day of 1,000+ Cancelled Flights, Just in the US, After Crowdstrike Outage .

The Verge reports that for machines that aren't automatically receiving Crowdstrike's newly-released software fix, Microsoft has released a recovery tool that creates a bootable USB drive. Some IT admins have reported rebooting PCs multiple times will get the necessary update, but for others the only route is having to manually boot into Safe Mode and deleting the problematic CrowdStrike update file. Microsoft's recovery tool now makes this recovery process less manual, by booting into its Windows PE environment via USB, accessing the disk of the affected machine, and automatically deleting the problematic CrowdStrike file to allow the machine to boot properly. This avoids having to boot into Safe Mode or a requirement of admin rights on the machine, because the tool is simply accessing the disk without booting into the local copy of Windows. If a disk is protected by BitLocker encryption, the tool will prompt for the BitLocker recovery key and then continue to fix the CrowdStrike update.

Who wrote the code for Windows' notorious "Blue Screen of Death? It's "been a source of some contention," writes SFGate: A Microsoft developer blog post from Raymond Chen in 2014 said that former Microsoft CEO Steve Ballmer wrote the text for the Ctrl+Alt+Del dialog in Windows 3.1. That very benign post led to countless stories from tech media claiming Ballmer was the inventor of the "Blue Screen of Death." That, in turn, prompted a follow-up developer blog post from Chen titled "Steve Ballmer did not write the text for the blue screen of death...."

Chen then later tried to claim he was responsible for the "Blue Screen of Death," saying he coded it into Windows 95. Problem is, it already existed in previous iterations of Windows, and 95 simply removed it. Chen added it back in, which he sort of cops to, saying: "And I'm the one who wrote it. Or at least modified it last." No one challenged Chen's 2014 self-attribution, until 2021, when former Microsoft developer Dave Plummer stepped in. According to Plummer, the "Blue Screen of Death" was actually the work of Microsoft developer John Vert, whom logs revealed to be the father of the modern Windows blue screen way back in version 3.1.
Plummer spoke directly with Vert, according to Vert, who'd remembered that he got the idea because there was already a blue screen with white text in both his machine at the time (a MIPS RISC box) and this text editor (SlickEdit)...

The pace of China's clean energy transition "is roughly the equivalent of installing five large-scale nuclear power plants worth of renewables every week," according to a report from Australia's national public broadcaster ABC (shared by long-time Slashdot reader AmiMoJo): A report by Sydney-based think tank Climate Energy Finance (CEF) said China was installing renewables so rapidly it would meet its end-of-2030 target by the end of this month — or 6.5 years early.

It's installing at least 10 gigawatts of wind and solar generation capacity every fortnight...

China accounts for about a third of the world's greenhouse gas emissions. A recent drop in emissions (the first since relaxing COVID-19 restrictions), combined with the decarbonisation of the power grid, may mean the country's emissions have peaked. "With the power sector going green, emissions are set to plateau and then progressively fall towards 2030 and beyond," CEF China energy policy analyst Xuyang Dong said... [In China] the world's largest solar and wind farms are being built on the western edge of the country and connected to the east via the world's longest high-voltage transmission lines...

Somewhat counterintuitively, China has built dozens of coal-fired power stations alongside its renewable energy zones, to maintain the pace of its clean energy transition. China was responsible for 95 per cent of the world's new coal power construction activity last year. The new plants are partly needed to meet demand for electricity, which has gone up as more energy-hungry sectors of the economy, like transport, are electrified. The coal-fired plants are also being used, like the batteries and pumped hydro, to provide a stable supply of power down the transmission lines from renewable energy zones, balancing out the intermittent solar and wind.

Despite these new coal plants, coal's share of total electricity generation in the country is falling. The China Energy Council estimated renewables generation would overtake coal by the end of this year.
CEF director Tim Buckley tells the site that China installed just 1GW of nuclear power last year — compared to 300GW of solar and wind. "They had grand plans for nuclear to be massive but they're behind on nuclear by a decade and five years ahead of schedule on solar and wind." Last year China accounted for 16% of the world's nuclear-generated power — but also more than half the world's coal-fired power generation, according to this year's analysis from the long-running International Energy Agency. The IEA estimated that in 2023, China's electricity demand rose by 6.4%, and they're predicting that by 2026 the country will see an increase "more than half of the EU's current annual electricity consumption."

And yet in China "the rapid expansion of renewable energy sources is expected to meet all additional electricity demand..." according to the IEA analysis. "Coal-fired generation in China is currently on course to experience a slow structural decline, driven by the strong expansion of renewables and growing nuclear generation, as well as moderating economic growth."

There's also some interesting stats on the "CO2 intensity" of power generation around the world. "The EU is expected to record the highest rate of progress in reducing emissions intensity, averaging an improvement of 13% per year. This is followed by China, with annual improvements forecast at 6%, and the United States at 5%."

Long-time Slashdot reader Uncle_Meataxe shares a related article from Electrek ...

Slashdot reader Thelasko shared Friday's article from Digital Trends: Nearly every flight in the U.S. is grounded right now following a CrowdStrike system update error that's affecting everything from travel to mobile ordering at Starbucks — but not Southwest Airlines flights. Southwest is still flying high, unaffected by the outage that's plaguing the world today, and that's apparently because it's using Windows 3.1.

Yes, Windows 3.1 — an operating system that is 32 years old. Southwest, along with UPS and FedEx, haven't had any issues with the CrowdStrike outage. In responses to CNN, Delta, American, Spirit, Frontier, United, and Allegiant all said they were having issues, but Southwest told the outlet that its operations are going off without a hitch. Some are attributing that to Windows 3.1. Major portions of Southwest's systems are reportedly built on Windows 95 and Windows 3.1...
UPDATE: Reached for comment, Southwest "would not confirm" that's it's using Windows 3.1, reports SFGate. But they did get this quote from an airline analyst:

âoeWe believe that Southwestâ(TM)s older technology kept it somewhat immune from the issues affecting other airlines today."

Shares of cybersecurity company CrowdStrike Holdings dropped 15% on Friday after the company's software update resulted in what may turn out to be the largest IT outage ever. CrowdStrike stock "is on pace for its steepest daily loss since November 2022 and its $290 low share price is the lowest intraday mark since April 25," reports Forbes. "CrowdStrike is on track for the third-worst day in its five-year history as a publicly traded company." From the report: Microsoft, which was swept up in the outage as the downed systems are those running CrowdStrike's cybersecurity applications and Microsoft's Windows software, also slumped, with its shares down about 1% to the $3.2 trillion behemoth's lowest share price since June 11. CrowdStrike competitor Palo Alto Networks enjoyed a 4% rally Friday, while the tech-heavy Nasdaq Composite stock index gained about 0.2%, held up by the likes of Microsoft rival Apple's 1% stock gain and a 1% rise for shares of Alphabet, which is reportedly in talks to buy cybersecurity firm Wiz for $23 billion.

The CrowdStrike selloff is "an overreaction to a temporary setback," Rosenblatt analyst Catharine Trebnick wrote in a note to clients Friday. It's a "compelling buying opportunity" as it "creates a window for investors to buy into a high-quality, growth-oriented cybersecurity company at a discounted valuation," Trebnick continued. To her point, CrowdStrike stock's relative valuation, according to its price-to-earnings ratio (P/E), which compares its market value to its projected profits over the next four quarters, fell Friday to its lowest number since April. Still, CrowdStrike's P/E of about 70 is very high for a company of its size, meaning investors will need to express significant confidence in the business' ability to grow earnings, a challenge if Friday's incident were to impact CrowdStrike's client base.

A widespread IT outage, caused by a defective software update from cybersecurity firm CrowdStrike, is affecting businesses worldwide, causing significant disruptions across various sectors. The issue has primarily impacted computers running Windows, resulting in system crashes and "blue screen of death" errors. The travel industry appears to be among the hardest hit, with airlines and airports in multiple countries reporting problems with check-in and ticketing systems, leading to flight delays. Other affected sectors include banking, retail, and healthcare.

CrowdStrike CEO George Kurtz confirmed the outage was due to a "defect" in a content update for Windows hosts, ruling out a cyberattack. The company is working on a fix. CrowdStrike said the crash reports were "related to the Falcon Sensor" -- its cloud-based security service that it describes as "real-time threat detection, simplified management, and proactive threat hunting."

A Microsoft spokesperson told TechCrunch that the previous Microsoft 365 service disruption overnight July 18-19 was unrelated to the widespread outage triggered by the CrowdStrike update.

Editor's note: The story has been updated throughout the day and moved higher on the front page.

Cybercriminals are using Facebook business pages and advertisements to promote fake Windows themes that infect unsuspecting users with the SYS01 password-stealing malware. From a report: Trustwave researchers who observed the campaigns said the threat actors also promote fake downloads for pirated games and software, Sora AI, 3D image creator, and One Click Active. While using Facebook advertisements to push information-stealing malware is not new, the social media platform's massive reach makes these campaigns a significant threat.

The threat actors take out advertisements that promote Windows themes, free game downloads, and software activation cracks for popular applications, like Photoshop, Microsoft Office, and Windows. These advertisements are promoted through newly created Facebook business pages or by hijacking existing ones. When using hijacked Facebook pages, the threat actors rename them to suit the theme of their advertisement and to promote the downloads to the existing page members.