An anonymous reader quotes a report from The Guardian: Air pollution from traffic can cause a significant rise in blood pressure that can last up to 24 hours, according to a study via the University of Washington. The spike is comparable to the effect of a high-sodium diet and can contribute to cardiovascular problems. Long-term exposure to vehicle exhaust has been widely linked with respiratory problems such as asthma, especially in children. "Traffic air pollution increases blood pressure within an hour of being in traffic and it stays elevated a day later," said author of the study Joel Kaufman, a physician and professor of environmental and occupational health sciences at the University of Washington.

Sixteen healthy people between the ages of 22 and 45 underwent three separate drives as passengers through Seattle rush hour. Two of those drives were "unfiltered," meaning the road air was allowed to enter the car, as is the case for many drivers on the road today. On the third drive, a Hepa (high efficiency particulate absorbing) filter was installed in the car, with participants unaware which drive had filtration. The researchers measured the blood pressure of the passengers before, during and after the two-hour drive. Breathing unfiltered air resulted in blood pressure increase of more than 4.5mm Hg (millimeters of mercury) compared to filtered air. Most of the pollution came from tailpipe exhaust or the fossil fuel combustion, as well as brake and tire wear. The filters were most effective in reducing ultrafine particles (86% decrease), black carbon, which is mostly from diesel (86%), and PM2.5 (60%) while gasses like carbon dioxide and nitrogen oxide were unaffected. "The clue here is that these tiniest particles are probably what's responsible for blood pressure difference," Kaufman said.

"If you live in an area that has heavy traffic-related air pollution, you want to keep your windows closed and have air filtration capability in your home."

An anonymous reader quotes a report from Hackaday: The BBC has a long history of teaching the world about computers. The broadcaster's name was proudly displayed on the BBC Micro, and BBC Basic was the programming language developed especially for that computer. Now, BBC Basic is back and running on a whole mess of modern platforms. BBC Basic for SDL 2.0 will run on Windows, MacOS, x86 Linux, and even Raspberry Pi OS, Android, and iOS. Desktop versions of the programming environment feature a BASIC editor that has syntax coloring for ease of use, along with luxury features like search and replace that weren't always available at the dawn of the microcomputer era. Meanwhile, the smartphone versions feature a simplified interface designed to work better in a touchscreen environment.

It's weird to see, but BBC Basic can actually do some interesting stuff given the power of modern hardware. It can address up to 256 MB of memory, and work with far more advanced graphical assets than would ever have been possible on the original BBC Micro. If you honed your programming skills on that old metal, you might be impressed with what they can achieve with BBC Basic in a new, more powerful context.

An anonymous reader shares a report: The biggest benefit Samsung Internet on a desktop operating system will provide is the syncing of browsing data between your phone and PC, the lack of which has prevented many users from using Samsung Internet as their primary browser app on their phones and tablets. Unfortunately, Samsung hasn't yet implemented full-fledged sync support on Samsung Internet for Windows. While you can log in with your Samsung account, only browsing history, bookmarks, saved pages and open tabs can be synced at this time. Password syncing is not available, which hopefully won't remain the case for long.

The first time you run Samsung Internet on Windows, you can import browsing history, bookmarks/favorites, and search engines from other browsers, including Google Chrome and Microsoft Edge. You can also import bookmarks using an HTML file. As for other features, Samsung Internet on Windows has ad blocker support, a secret (incognito) mode, extension support, light and dark mode themes, and a few others. Since Samsung Internet is based on the open-source Chromium project like Chrome and Microsoft Edge, it should support extensions and add-ons that work on those browsers.

Microsoft is returning to the Bliss hill once again with this year's entry in its now-traditional ugly retro-computing sweater series. From a report: Blue hemming at the bottom and on the sleeves evokes Windows XP's bright-blue taskbar, and in case people don't immediately recognize Bliss as "a computer thing," there's also a giant mouse pointer hovering over it. The sweater is available from size small up to a 3XL, and costs $70 regardless of which version you buy. All sizes are currently expected to arrive sometime between December 2 and 6.

An anonymous reader quotes a report from Ars Technica: [L]ast week, researchers at Blackwing Intelligence published an extensive document showing how they had managed to work around some of the most popular fingerprint sensors used in Windows PCs. Security researchers Jesse D'Aguanno and Timo Teras write that, with varying degrees of reverse-engineering and using some external hardware, they were able to fool the Goodix fingerprint sensor in a Dell Inspiron 15, the Synaptic sensor in a Lenovo ThinkPad T14, and the ELAN sensor in one of Microsoft's own Surface Pro Type Covers. These are just three laptop models from the wide universe of PCs, but one of these three companies usually does make the fingerprint sensor in every laptop we've reviewed in the last few years. It's likely that most Windows PCs with fingerprint readers will be vulnerable to similar exploits.

Blackwing's post on the vulnerability is also a good overview of exactly how fingerprint sensors in a modern PC work. Most Windows Hello-compatible fingerprint readers use "match on chip" sensors, meaning that the sensor has its own processors and storage that perform all fingerprint scanning and matching independently without relying on the host PC's hardware. This ensures that fingerprint data can't be accessed or extracted if the host PC is compromised. If you're familiar with Apple's terminology, this is basically the way its Secure Enclave is set up. Communication between the fingerprint sensor and the rest of the system is supposed to be handled by the Secure Device Connection Protocol (SCDP). This is a Microsoft-developed protocol that is meant to verify that fingerprint sensors are trustworthy and uncompromised, and to encrypt traffic between the fingerprint sensor and the rest of the PC.

Each fingerprint sensor was ultimately defeated by a different weakness. The Dell laptop's Goodix fingerprint sensor implemented SCDP properly in Windows but used no such protections in Linux. Connecting the fingerprint sensor to a Raspberry Pi 4, the team was able to exploit the Linux support plus "poor code quality" to enroll a new fingerprint that would allow entry into a Windows account. As for the Synaptic and ELAN fingerprint readers used by Lenovo and Microsoft (respectively), the main issue is that both sensors supported SCDP but that it wasn't actually enabled. Synaptic's touchpad used a custom TLS implementation for communication that the Blackwing team was able to exploit, while the Surface fingerprint reader used cleartext communication over USB for communication. "In fact, any USB device can claim to be the ELAN sensor (by spoofing its VID/PID) and simply claim that an authorized user is logging in," wrote D'Aguanno and Teras."Though all of these exploits ultimately require physical access to a device and an attacker who is determined to break into your specific laptop, the wide variety of possible exploits means that there's no single fix that can address all of these issues, even if laptop manufacturers are motivated to implement them," concludes Ars.

Blackwing recommends all Windows Hello fingerprint sensors enable SCDP, the protocol Microsoft developed to try to prevent this exploit. PC makers should also "have a qualified expert third party audit [their] implementation" to improve code quality and security.

HP CEO Enrique Lores is betting a sprinkle of AI dust can regenerate the flagging PC market -- and with shipments still in decline across the industry, he can't afford to tease Wall Street. From a report: The world's second largest seller of desktop computing hardware has reported a 15 percent year-on-year decline in revenue to $53.7 billion for fiscal 2023 ended 31 October. Profit before tax was $2.93 billion versus $4.32 billion in the prior year.

[...] Orders picked up in recent months. Analyst data indicates the rate of decline is slowing after resellers began clearing inventory they'd amassed in the latter stage of the pandemic, when the frenzied buying patterns seen in prior years vanished. For Q4, HP reported revenue of $13.8 billion, down 6.5 percent year-on-year. Personal Systems was down 8 percent to $9.4 billion and Printing was down 3 percent to $4.4 billion. Profit before tax was $852 million, better than the $647 million brought in a year earlier, helped by a reduction in structural costs. HP expects business PC refresh cycles to kick in next year, with more corporate customers shifting their estate to Windows 11 -- yet it is the advent of the AI PC that Lores thinks signal better times.

Microsoft's Windows Hello fingerprint authentication has been bypassed on laptops from Dell, Lenovo, and even Microsoft. From a report: Security researchers at Blackwing Intelligence have discovered multiple vulnerabilities in the top three fingerprint sensors that are embedded into laptops and used widely by businesses to secure laptops with Windows Hello fingerprint authentication. Microsoft's Offensive Research and Security Engineering (MORSE) asked Blackwing Intelligence to evaluate the security of fingerprint sensors, and the researchers provided their findings in a presentation at Microsoft's BlueHat conference in October.

The team identified popular fingerprint sensors from Goodix, Synaptics, and ELAN as targets for their research, with a newly-published blog post detailing the in-depth process of building a USB device that can perform a man-in-the-middle (MitM) attack. Such an attack could provide access to a stolen laptop, or even an "evil maid" attack on an unattended device. A Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X all fell victim to fingerprint reader attacks, allowing the researchers to bypass the Windows Hello protection as long as someone was previously using fingerprint authentication on a device. Blackwing Intelligence researchers reverse engineered both software and hardware, and discovered cryptographic implementation flaws in a custom TLS on the Synaptics sensor. The complicated process to bypass Windows Hello also involved decoding and reimplementing proprietary protocols.

Firefox 120 will be available tomorrow, bringing support for the Global Privacy Control "Sec-GPC" request header to indicate whether a user consents to a website or service selling or sharing their personal information with third parties. It's also enabling the WebAssembly GC extension by default, opening up new languages like Dart and Kotlin to run in the browser. Phoronix's Michael Larabel highlights some of the other features included in this release: - Ubuntu Linux users now have the ability to import data from Chromium when both are installed as Snap packages. - Picture-in-Picture mode now supports corner snapping on Windows and Linux.
- Support for the light-dark() CSS color function that allows setting of colors for both light and dark without needing to use the prefers-color-scheme media feature. This allows conveniently specifying the preferred light color theme value followed by the dark color theme value.
- CSS support for the lh and rlh line height units.

This week the Microsoft Security Response Center celebrated the 20th anniversary of Patch Tuesday updates.

In a blog post they call the updates "an initiative that has become a cornerstone of the IT world's approach to cybersecurity." Originating from the Trustworthy Computing memo by Bill Gates in 2002, our unwavering commitment to protecting customers continues to this day and is reflected in Microsoft's Secure Future Initiative announced this month. Each month, we deliver security updates on the second Tuesday, underscoring our pledge to cyber defense. As we commemorate this milestone, it's worth exploring the inception of Patch Tuesday and its evolution through the years, demonstrating our adaptability to new technology and emerging cyber threats...

Before this unified approach, our security updates were sporadic, posing significant challenges for IT professionals and organizations in deploying critical patches in a timely manner. Senior leaders of the Microsoft Security Response Center (MSRC) at the time spearheaded the idea of a predictable schedule for patch releases, shifting from a "ship when ready" model to a regular weekly, and eventually, monthly cadence...

This led to a shift from a "ship when ready" model to a regular weekly, and eventually, monthly cadence. In addition to consolidating patch releases into a monthly schedule, we also organized the security update release notes into a consolidated location. Prior to this change, customers had to navigate through various Knowledge Base articles, making it difficult to find the information they needed to secure themselves. Recognizing the need for clarity and convenience, we provided a comprehensive overview of monthly releases. This change was pivotal at a time when not all updates were delivered through Windows Update, and customers needed a reliable source to find essential updates for various products.

Patch Tuesday has also influenced other vendors in the software and hardware spaces, leading to a broader industry-wide practice of synchronized security updates. This collaborative approach, especially with hardware vendors such as AMD and Intel, aims to provide a united front against vulnerabilities, enhancing the overall security posture of our ecosystems. While the volume and complexity of updates have increased, so has the collaboration with the security community. Patch Tuesday has fostered better relationships with security researchers, leading to more responsible vulnerability disclosures and quicker responses to emerging threats...

As the landscape of security threats evolves, so does our strategy, but our core mission of safeguarding our customers remains unchanged.

Bill Gates argues that when it comes to climate change, "there are more reasons to be hopeful than many people realize — and it's not just that renewable energy sources like wind and solar are getting cheaper.

"And it's not just because many of the steps already taken to reduce carbon emissions are working: Carbon emissions from fossil fuels will probably peak in 2025." The main thing that makes me optimistic is all the innovation I'm seeing. As someone who has been funding climate solutions for years, I get to learn from ingenious scientists who are working on ideas that will help the world solve climate change. And their work makes me confident that innovation will help the world get on track to meet its climate goals.

Some people are skeptical when a technology person like me says innovation is the answer. And it's true that new tools aren't the only thing we need. But we won't solve the climate problem without them.

There are two reasons for this. First, we need to eliminate emissions from every sector of the economy. Although some behavior change will help, the world can't achieve its zero-emissions goals without inventing new ways of doing things. For example, the production of concrete and steel alone accounts for around 10 percent of the world's annual greenhouse gases, but right now, we don't have practical ways to make either one without releasing carbon dioxide.

The second reason is that, in a world with limited resources, innovations allow us to magnify the impact of our efforts... We couldn't solve the climate problem with existing technology even if we had unlimited resources — and, of course, we don't have unlimited resources. So we need to be as rigorous as possible about doing the most good with the funding that is available. In my view, that boils down to inventing and deploying new ways to cut emissions and to help people survive and thrive in a warming world.
Gates believes we're at "the beginning of a Clean Industrial Revolution" --pointing readers to Breakthrough Energy's recent State of the Transition Report for more details.

But Gates also provides some specific examples of optimism-fuleing breakthroughs"

• "To reduce emissions, we need to replace the synthetic fertilizers that release nitrous oxide, a greenhouse gas, when broken down by microbes in the soil; Pivot Bio has genetically modified microbes to provide plants with the nitrogen they need without the excess greenhouse gases that synthetic alternatives produce."

• "Cement and steel are two of the biggest sources of emissions in this category. Boston Metal is well on the way to making steel with electricity (which can be generated without emissions) instead of coal. CarbonCure and Ecocem have developed low-carbon processes for making cement, and Brimstone has a way to do it while actually removing carbon from the air."

• "Because of inefficient windows and gaps in what's known as the building envelope, as much as 40% of heated or cooled air leaks out of the typical building. If we can drive that number down, buildings will require less heating and cooling — which will substantially lower our emissions. Aeroseal has developed a polymer that can seal ducts and other crevices; more than a quarter of a million buildings in the U.S. and Canada are already using their product. Another company, Luxwall, has developed a window that's many times more efficient than the single-pane windows used in most buildings. And unlike double-paned windows, it's thin enough to replace single-paned glass without having to rebuild the frame."

According to Reuters, Meta's head of augmented reality software is stepping down from his role. From the report: VP of Engineering Don Box announced the end of his tenure at Meta internally this week, without elaborating on what he would do next, according to a source familiar with the matter. A Meta spokesperson confirmed Box would be leaving the company at the end of this week and said he was doing so for personal reasons. There would be no change in product roadmap as a result of his decision, she added.

The departure of Box, a veteran engineer with experience building major technology systems from their infancy, could be a setback to progress on the operating system, a key component of Meta's AR glasses project, the source told Reuters. Meta has been planning to deliver a first generation of its AR glasses by next year, although those are meant to be used only internally and by a select group of developers, the source said. It aims to ship its first AR glasses to consumers in 2027. The Meta spokesperson declined to address the roadmap or whether the OS that Box's team was building would be in the first generation AR glasses. [...]

Meta initially hired Box in 2021 to chart a path forward after the failure of its XROS project, which aimed to create a unified custom operating system for its virtual reality headsets, Ray-Ban Stories smart glasses and planned augmented reality glasses, the source said. Box broke up the 300-person XROS unit into dedicated teams for each device line early last year and personally took over the team focused on AR software, according to both the source and Box's LinkedIn profile. Prior to joining Meta, Box had worked at Microsoft since 2002. In his final role at Microsoft, he ran engineering for mixed reality, which involved developing software for the HoloLens2 headset and related AR/VR services. Box is known for having led the creation of the Xbox One operating system and later heading Microsoft's core operating system group, which works across all Windows products.

An anonymous reader quotes a report from The Verge: Microsoft will soon let Windows 11 users in the European Economic Area (EEA) disable its Bing web search, remove Microsoft Edge, and even add custom web search providers -- including Google if it's willing to build one -- into its Windows Search interface. All of these Windows 11 changes are part of key tweaks that Microsoft has to make to its operating system to comply with the European Commission's Digital Markets Act, which comes into effect in March 2024. Microsoft will be required to meet a slew of interoperability and competition rules, including allowing users "to easily un-install pre-installed apps or change default settings on operating systems, virtual assistants, or web browsers that steer them to the products and services of the gatekeeper and provide choice screens for key services."

Alongside clearly marking which apps are system components in Windows 11, Microsoft is also responding by adding the ability to uninstall the following apps: Camera, Cortana, Web Search from Microsoft Bing in the EEA, Microsoft Edge in the EEA, and Photos. Only Windows 11 users in the EEA will be able to fully remove Microsoft Edge and the Bing-powered web search from Windows Search. Microsoft could easily extend this to all Windows 11 users, but it's limiting this extra functionality to EEA markets to comply with the rules.

In EEA markets -- which includes EU countries and also Iceland, Liechtenstein, and Norway -- Windows 11 users will also get access to new interoperability features for feeds in the Windows Widgets board and web search in Windows Search. This will allow search providers like Google to extend the main Windows Search interface with their own custom web searches. Microsoft will allow EEA machines to remove the Bing results, so Google could provide its own search results here and effectively become the default if a user has uninstalled Bing. "If the user has more than one search provider installed, Windows Search will show the last one used when opened," explains Aaron Grady, partner group product manager for Windows, in a statement to The Verge.

Amazon is the driving force behind a trio of advocacy groups working to thwart Microsoft's growing ambition to become a major cloud computing contractor for governments, a Bloomberg analysis shows. From the report: The groups -- the Cloud Infrastructure Services Providers in Europe (CISPE), the Coalition for Fair Software Licensing and the Alliance for Digital Innovation -- want to convince policymakers that Microsoft has improperly locked customers into Azure, its cloud computing service, choking off its rivals and hindering the advancement of technology within the government and beyond. These groups have dozens of members. But Amazon is the biggest funder for two of them and the largest company, measured by revenue, that funds another.

Spokespeople for the groups say no single company determines their agendas. But according to a Bloomberg News review of tax filings, documents and interviews with people familiar with the three groups' operations, Amazon Web Services plays a direct role in shaping their efforts in ways that would boost the cloud giant. Through aggressive lobbying of policymakers, these groups want to ensure that customers can use popular Microsoft products like Office Suite or Windows on any cloud computing system -- and, in particular, on Amazon Web Services, the world's number one cloud infrastructure provider and the retail giant's top profit driver.

To hammer that message, they've filed complaints, lobbied regulators and sought to shape the views of policymakers probing the cloud market. In one case, an Amazon executive is listed as the author of a public comment to the Federal Trade Commission, as well as testimony and letters to Congress on behalf of the group, according to an analysis of the documents' metadata, revealing the tech giant's role in the lobbying campaign. (The group says the documents reflect the consensus position of its members.) Amazon denied it authored statements for the group.

Microsoft has created a Windows App for iOS, iPadOS, macOS, Windows, and web browsers. From a report: The app essentially takes the previous Windows 365 app and turns it into a central hub for streaming a copy of Windows from a remote PC, Azure Virtual Desktop, Windows 365, Microsoft Dev Box, and Microsoft's Remote Desktop Services.

Microsoft supports multiple monitors through its Windows App, custom display resolutions and scaling, and device redirection for peripherals like webcams, storage devices, and printers. The preview version of the Windows App isn't currently available for Android, though. The Windows App is also limited to Microsoft's range of business accounts, but there are signs it will be available to consumers, too. The sign-in prompt on the Windows App on Windows (yes that's a mouthful) suggests you can access the app using a personal Microsoft Account, but this functionality doesn't work right now.

In what may be a potentially confusing rebranding move, Microsoft today has rebranded Bing Chat to Copilot, sharing the same brand name as multiple other Microsoft AI products. Search Engine Land reports: Bing is no longer "your AI-powered copilot for the web." However, Microsoft Bing will still provide a combined Search and chat experience. It will just be called CoPilot heading forward. For people who may not want that combined experience, CoPilot will have its own standalone ChatGPT-style experience at https://copilot.microsoft.com/.

Microsoft said the rebrand is to unify the Copilot experience: "Our efforts to simplify the user experience and make Copilot more accessible to everyone starts with Bing, our leading experience for the web. Beginning today, Bing Chat and Bing Chat Enterprise are becoming Copilot, with commercial data protection enforced when any eligible user is signed in with Microsoft Entra ID."

While it's definitely a more unified experience, it also seems a bit confusing because Microsoft's chatbot "companion" is used across multiple apps, including Microsoft 365, Edge, Windows and more -- some free, some not. In addition to Bing Chat, Bing Chat Enterprise is also rebranded as Copilot Pro. It offers the same chat functionality with greater commercial data protection for Microsoft 365 subscribers.

Microsoft and Nvidia want to help developers run and configure AI models on their Windows PCs. During the Microsoft Ignite event on Wednesday, Microsoft announced Windows AI Studio: a new hub where developers can access AI models and tweak them to suit their needs. From a report: Windows AI Studio allows developers to access development tools and models from the existing Azure AI Studio and other services like Hugging Face. It also offers an end-to-end "guided workspace setup" with model configuration UI and walkthroughs to fine-tune various small language models (SLMs), such as Microsoft's Phi, Meta's Llama 2, and Mistral.

Windows AI Studio lets developers test the performance of their models using Prompt Flow and Gradio templates as well. Microsoft says it's going to roll out Windows AI Studio as a Visual Studio Code extension in the "coming weeks." Nvidia, similarly, revealed updates to TensorRT-LLM, which the company initially launched for Windows as a way to run large language models (LLMs) more efficiently on H100 GPUs. However, this latest update brings TensorRT-LLM to PCs powered by GeForce RTX 30 and 40 Series GPUs with 8GB of RAM or more.

Rick Lane reports via PC Gamer: KeeperFX has been in the process of rescuing Dungeon Keeper for a decade and a half. The project originally started in 2008, and experienced something of a bumpy road up until 2016. Since then, though, it has gradually added support for Windows 7, 10, and 11, support for hi-res and 4k screens, modernized controls, and even additional campaigns. With this latest version, KeeperFX's developers say "all original Dungeon Keeper code has been rewritten, establishing KeeperFX as a true open-source standalone game." 1.0 also introduces some new features, such as higher framerates, AI that is better at digging and less likely to "instantly" throw its entire army at you, and "higher quality landview speeches" for the additional campaigns. That refers to the introductions and epilogues to missions which, in the game's original campaign, were voiced by Richard Ridings, aka Daddy Pig.

Perhaps most intriguing of all, KeeperFX's 1.0 adds a couple of new units to play with. First up is the Druid, a sort-of color-flipped version of the Warlock who uses ice spells rather than fire. The other unit is the excitingly named Time Mage, a recolor of the Wizard who can cast teleport and speed spells, and also turn enemy units into chickens (presumably through rapid devolution). You won't find these units in the original campaign, but you will encounter them in the custom campaigns bundled with the 1.0 version. You can download KeeperFX here, although it still requires you to own Dungeon Keeper "for copyright reasons."

The senior security editor at Ars Technica writes: Highly invasive malware targeting software developers is once again circulating in Trojanized code libraries, with the latest ones downloaded thousands of times in the last eight months, researchers said Wednesday.

Since January, eight separate developer tools have contained hidden payloads with various nefarious capabilities, security firm Checkmarx reported. The most recent one was released last month under the name "pyobfgood." Like the seven packages that preceded it, pyobfgood posed as a legitimate obfuscation tool that developers could use to deter reverse engineering and tampering with their code. Once executed, it installed a payload, giving the attacker almost complete control of the developerâ(TM)s machine. Capabilities include:


- Exfiltrate detailed host information
- Steal passwords from the Chrome web browser
- Set up a keylogger
- Download files from the victim's system
- Capture screenshots and record both screen and audio
- Render the computer inoperative by ramping up CPU usage, inserting a batch script in the startup directory to shut down the PC, or forcing a BSOD error with a Python script
- Encrypt files, potentially for ransom
- Deactivate Windows Defender and Task Manager
- Execute any command on the compromised host


In all, pyobfgood and the previous seven tools were installed 2,348 times. They targeted developers using the Python programming language... Downloads of the package came primarily from the US (62%), followed by China (12%) and Russia (6%)
Ars Technica concludes that "The never-ending stream of attacks should serve as a cautionary tale underscoring the importance of carefully scrutinizing a package before allowing it to run."

This week GitHub announced the approaching general availability of the GPT-4-powered GitHub Copilot Chat in December "as part of your existing GitHub Copilot subscription" (and "available at no cost to verified teachers, students, and maintainers of popular open source projects.")

And this "code-aware guidance and code generation" will also be integrated directly into github.com, "so developers can dig into code, pull requests, documentation, and general coding questions with Copilot Chat providing suggestions, summaries, analysis, and answers." With GitHub Copilot Chat we're enabling the rise of natural language as the new universal programming language for every developer on the planet. Whether it's finding an error, writing unit tests, or helping debug code, Copilot Chat is your AI companion through it all, allowing you to write and understand code using whatever language you speak...

Copilot Chat uses your code as context, and is able to explain complex concepts, suggest code based on your open files and windows, help detect security vulnerabilities, and help with finding and fixing errors in code, terminal, and debugger...

With the new inline Copilot Chat, developers can chat about specific lines of code, directly within the flow of their code and editor.
InfoWorld notes it will chat in "whatever language a developer speaks." (And that Copilot Chat will also be available in GitHub's mobile app.) But why wait until December? GitHub's blog post says that Copilot Chat "will come to the JetBrains suite of IDEs, available in preview today."

GitHub also plans to introduce "slash commands and context variables" for GitHub Copilot, "so fixing or improving code is as simple as entering /fix and generating tests now starts with /tests."

"With Copilot in the code editor, in the CLI, and now Copilot Chat on github.com and in our mobile app, we are making Copilot ubiquitous throughout the software development lifecycle and always available in all of GitHub's surface areas..."

CNBC adds that "Microsoft-owned GitHub" also plans to introduce "a more expensive Copilot assistant" in February "for developers inside companies that can explain and provide recommendations about internal source code."

Wednesday's blog post announcing these updates was written by GitHub's CEO, who seemed to be predicting an evolutionary leap into a new future. "Just as GitHub was founded on Git, today we are re-founded on Copilot." He promised they'd built on their vision of a future "where AI infuses every step of the developer lifecycle." Open source and Git have fundamentally transformed how we build software. It is now evident that AI is ushering in the same sweeping change, and at an exponential pace... We are certain this foundational transformation of the GitHub platform, and categorically new way of software development, is necessary in a world dependent on software. Every day, the world's developers balance an unsustainable demand to both modernize the legacy code of yesterday and build our digital tomorrow. It is our guiding conviction to make it easier for developers to do it all, from the creative spark to the commit, pull request, code review, and deploy — and to do it all with GitHub Copilot deeply integrated into the developer experience.
And if you're worried about the security of AI-generated code... Today, GitHub Copilot applies an LLM-based vulnerability prevention system that blocks insecure coding patterns in real-time to make GitHub Copilot's suggestions more secure. Our model targets the most common vulnerable coding patterns, including hardcoded credentials, SQL injections, and path injections. GitHub Copilot Chat can also help identify security vulnerabilities in the IDE, explain the mechanics of a vulnerability with its natural language capabilities, and suggest a specific fix for the highlighted code.
But for Enterprise accounts paying for GitHub Advanced Security, there's also an upgrade coming: "new AI-powered application security testing features designed to detect and remediate vulnerabilities and secrets in your code." (It's already available in preview mode.)

GitHub even announced plans for a new AI assistant in 2024 that generates a step-by-step plan for responding to GitHub issues. (GitHub describes it as "like a pair programming session with a partner that knows about every inch of the project, and can follow your lead to make repository-wide changes from the issue to the pull request with the power of AI.")

CNBC notes that AI-powered coding assistants "are still nascent, though, with less than 10% enterprise adoption, according to Gartner, a technology industry research firm."

But last month Microsoft CEO Satya Nadella told analysts GitHub Copilot already had one million paying users...

And GitHub's blog post concludes, "And we're just getting started."

A a report from TechSpot says AMD has recently increased its market share in the CPU sector for desktops, laptops, and servers: According to Mercury Research (via Tom's Hardware), AMD gained 5.8% unit share in desktops, 3.8% in laptops, and 5.8% in servers. In terms of revenue share, Team Red gained 4.1% in desktops, 5.1% in laptops, and 1.7% in servers. The report does not mention competitors by name, but the global PC industry only has one other major CPU supplier, Intel, which has a major stake in all the market segments.

While Intel and AMD make x86 processors for PCs, Qualcomm offers Arm-based SoCs for Windows notebooks, but its market share is minuscule by comparison. So, while the report doesn't say anything about the market share of Intel or Qualcomm, it is fair to assume that most of AMD's gains came at Intel's expense.
Thanks to Slashdot reader jjslash for sharing the news.