Microsoft has intensified its push for OneDrive adoption in Windows 11, introducing a full-screen pop-up that prompts users to back up their files to the cloud service, according to a report from Windows Latest. The new promotional message, which appears after a recent Windows update, mirrors the out-of-box experience typically seen during initial system setup and highlights OneDrive's features, including file protection, collaboration capabilities, and automatic syncing.

"As free software activists, we ought to take the opportunity to look at the situation and see how things could have gone differently," writes FSF campaigns manager Greg Farough: Let's be clear: in principle, there is nothing ethically wrong with automatic updates so long as the user has made an informed choice to receive them... Although we can understand how the situation developed, one wonders how wise it is for so many critical services around the world to hedge their bets on a single distribution of a single operating system made by a single stupefyingly predatory monopoly in Redmond, Washington. Instead, we can imagine a more horizontal structure, where this airline and this public library are using different versions of GNU/Linux, each with their own security teams and on different versions of the Linux(-libre) kernel...

As of our writing, we've been unable to ascertain just how much access to the Windows kernel source code Microsoft granted to CrowdStrike engineers. (For another thing, the root cause of the problem appears to have been an error in a configuration file.) But this being the free software movement, we could guarantee that all security engineers and all stakeholders could have equal access to the source code, proving the old adage that "with enough eyes, all bugs are shallow." There is no good reason to withhold code from the public, especially code so integral to the daily functioning of so many public institutions and businesses. In a cunning PR spin, it appears that Microsoft has started blaming the incident on third-party firms' access to kernel source and documentation. Translated out of Redmond-ese, the point they are trying to make amounts to "if only we'd been allowed to be more secretive, this wouldn't have happened...!"

We also need to see that calling for a diversity of providers of nonfree software that are mere front ends for "cloud" software doesn't solve the problem. Correcting it fully requires switching to free software that runs on the user's own computer.The Free Software Foundation is often accused of being utopian, but we are well aware that moving airlines, libraries, and every other institution affected by the CrowdStrike outage to free software is a tremendous undertaking. Given free software's distinct ethical advantage, not to mention the embarrassing damage control underway from both Microsoft and CrowdStrike, we think the move is a necessary one. The more public an institution, the more vitally it needs to be running free software.

For what it's worth, it's also vital to check the syntax of your configuration files. CrowdStrike engineers would do well to remember that one, next time.

An anonymous reader quotes a report from The Register: Not long after Windows PCs and servers at the Australian limb of audit and tax advisory Grant Thornton started BSODing last Friday, senior systems engineer Rob Woltz remembered a small but important fact: When PCs boot, they consider barcode scanners no differently to keyboards. That knowledge nugget became important as the firm tried to figure out how to respond to the mess CrowdStrike created, which at Grant Thornton Australia threw hundreds of PCs and no fewer than 100 servers into the doomloop that CrowdStrike's shoddy testing software made possible. [...] The firm had the BitLocker keys for all its PCs, so Woltz and colleagues wrote a script that turned them into barcodes that were displayed on a locked-down management server's desktop. The script would be given a hostname and generate the necessary barcode and LAPS password to restore the machine.

Woltz went to an office supplies store and acquired an off-the-shelf barcode scanner for AU$55 ($36). At the point when rebooting PCs asked for a BitLocker key, pointing the scanner at the barcode on the server's screen made the machines treat the input exactly as if the key was being typed. That's a lot easier than typing it out every time, and the server's desktop could be accessed via a laptop for convenience. Woltz, Watson, and the team scaled the solution -- which meant buying more scanners at more office supplies stores around Australia. On Monday, remote staff were told to come to the office with their PCs and visit IT to connect to a barcode scanner. All PCs in the firm's Australian fleet were fixed by lunchtime -- taking only three to five minutes for each machine. Watson told us manually fixing servers needed about 20 minutes per machine.

Microsoft has started testing a new way to access your Android phone from directly within Windows 11's File Explorer. From a report: Windows Insiders are now able to test this new feature, which lets you wirelessly browse through folders and files on your Android phone. The integration in File Explorer means your Android device appears just like a regular USB device on the left-hand side, with the ability to copy or move files between a PC and Android phone, and rename or delete them. It's certainly a lot quicker than using the existing Phone Link app.

In the wake of a major incident that affected millions of Windows PCs, Microsoft is calling for significant changes to enhance the resilience of its operating system. John Cable, Microsoft's vice president of program management for Windows servicing and delivery, said there was a need for "end-to-end resilience" in a blog post, signaling a potential shift in Microsoft's approach to third-party access to the Windows kernel.

While not explicitly detailing planned improvements, Cable pointed to recent innovations like VBS enclaves and the Azure Attestation service as examples of security measures that don't rely on kernel access. This move towards a "Zero Trust" approach could have far-reaching implications for the cybersecurity industry and Windows users worldwide, as Microsoft seeks to balance system security with the needs of its partners in the broader security community.

The comment follows a Microsoft spokesman revealed last week that a 2009 European Commission agreement prevented the company from restricting third-party access to Windows' core functions.

Lindsay Clark reports via The Register: Only 14 percent of Oracle Java subscribers plan to stay on Big Red's runtime environment, according to a study following the introduction of an employee-based subscription model. At the same time, 36 percent of the 663 Java users questioned said they had already moved to the employee-based pricing model introduced in January 2023. Shortly after the new model was implemented, experts warned that it would create a significant price hike for users adopting it. By July, global tech research company Gartner was forecasting that those on the new subscription package would face between two and five times the costs compared with the previous usage-based model.

As such, among the 86 percent of respondents using Oracle Java SE who are currently moving or plan to move all or some of their Java applications off Oracle environments, 53 percent said the Oracle environment was too expensive, according to the study carried out by independent market research firm Dimensional Research. Forty-seven percent said the reason for moving was a preference for open source, and 38 percent said it was because of uncertainty created by ongoing changes in pricing, licensing, and support. [...]

To support OpenJDK applications in production, 46 percent chose a paid-for platform such as Belsoft Liberica, IBM Semeru, or Azul Platform Core; 45 percent chose a free supported platform such as Amazon Corretto or Microsoft Build of OpenJDK; and 37 percent chose a free, unsupported platform. Of the users who have already moved to OpenJDK, 25 percent said Oracle had been significantly more expensive, while 41 percent said Big Red's licensing had made it somewhat more expensive than the alternative. The survey found three-quarters of Java migrations were completed within a year, 23 percent within three months.

Ash Parrish reports via The Verge: More than 500 developers at Blizzard Entertainment who work on World of Warcraft have voted to form a union. The World of Warcraft GameMakers Guild, formed with the assistance of the Communication Workers of America (CWA), is composed of employees across every department, including designers, engineers, artists, producers, and more. Together, they have formed the largest wall-to-wall union -- or a union inclusive of multiple departments and disciplines -- at Microsoft. This news comes less than a week after the formation of the Bethesda Game Studios union, which, at the time of the announcement, was itself the largest wall-to-wall Microsoft union. [...]

The World of Warcraft GameMakers Guild is made up of over 500 members across Blizzard offices in California and Massachusetts. Despite its size -- it is the second largest union at Microsoft overall behind Activision's 600-member QA union -- [Paul Cox, senior quest designer and Blizzard veteran] said that Microsoft's labor neutrality agreement helped get the organization ball rolling. In a statement to The Verge, Microsoft spokesperson Delaney Simmons said, "We continue to support our employees' right to choose how they are represented in the workplace, and we will engage in good faith negotiations with the CWA as we work towards a collective bargaining agreement."

Malaysia's digital minister said today he has asked global tech firms Microsoft and CrowdStrike to consider compensating companies that suffered losses during last week's global tech outage. From a report: Five government agencies and nine companies operating in aviation, banking and healthcare were among those affected in Malaysia, minister Gobind Singh Deo told reporters. "If there are any damages or losses, where there have been any parties that have made such claims, I've asked them to consider those claims and see to what extent they are able to help resolve the issue," Gobind said, adding that the government would also assist on the claims where possible. The total amount of losses incurred has not yet been determined, he said. The outage will cost Fortune 500 companies $5.4 billion, according to estimates from insurers. The projected financial losses exclude Microsoft.

In a response to the UK's Competition and Markets Authority's investigation into cloud services and licensing, Microsoft has defended its practices, asserting that its terms "do not meaningfully raise cloud rivals' costs." The Windows-maker emphasized Amazon's continued dominance in the UK hyperscale market and noted Google's quarter-on-quarter growth, while also highlighting the declining share of Windows Server relative to Linux in cloud operating systems and SQL Server's second-place position behind Oracle.

[...] The CMA's inquiry primarily focuses on the pricing disparity between using Microsoft products on Azure versus rival cloud platforms, with most surveyed customers perceiving Azure as the more cost-effective option for Microsoft software deployment. The Register adds: Microsoft's bullish take on this is that AWS and Google should be grateful that they even get to run its software. In its response, the company said: "This dispute on pricing terms only arises because Microsoft grants all rivals IP licenses in the first place to its software that is of most popularity for use in the cloud. It does this not because there is any legal obligation to share IP with closest rivals in cloud, but for commercial reasons."

OpenAI has built one of the fastest-growing businesses in history. It may also be one of the costliest to run. The Information: The ChatGPT maker could lose as much as $5 billion this year [non-paywalled source], according to an analysis by The Information, based on previously undisclosed internal financial data and people involved in the business. [...] On the cost side, OpenAI as of March was on track to spend nearly $4 billion this year on renting Microsoft's servers to power ChatGPT and its underlying LLMs (otherwise known as inference costs), said a person with direct knowledge of the spending. In addition to running ChatGPT, OpenAI's training costs -- including paying for data -- could balloon to as much as $3 billion this year. Last year, OpenAI ramped up the training of new AI faster than it had originally planned, said a person with direct knowledge of the decision. So while the company earlier planned to spend about $800 million on such costs, it ended up spending considerably more, this person said.

Global enterprises are grappling with the complexities of AI adoption, according to hundreds of top industry executives at a recent private software conference hosted by UBS. UBS adds: We heard:
1. The data points from a private GPU cloud infrastructure provider were a very bullish readthrough to GPU demand, Microsoft's AI infra capabilities and the ramp of enterprise/software demand for training and inference compute.
2. One F500 customer was at 1% Office Copilot roll-out, moving to perhaps 2% in a year as they a) fine-tune internal best practices and b) negotiate to get Microsoft much lower on price.
3. One private flagged "copilot chaos," with customers having to choose between AI copilots from seemingly every tech firm (we wonder if this creates pricing pressure and/or an evaluation slowdown).
4. Popular use cases are AI apps for internal, domain-specific tasks (simple workflow automation).
5. Little evidence of AI resulting in customer headcount cuts, but headcount reduction with 3rd-party managed services providers and (India-based) SI firms.

According to the Washington Post (paywalled), the House Homeland Security Committee has called on the CrowdStrike CEO to testify over the major outage that brought flights, hospital procedures, and broadcasters to a halt on Friday. The outage was caused by a defective software update from the company that primarily affected computers runnings Windows, resulting in system crashes and "blue screen of death" errors. From the report: Republican leaders of the House Homeland Security Committee demanded that CrowdStrike CEO George Kurtz commit by Wednesday to appearing on Capitol Hill to explain how the outages occurred and what "mitigation steps" the company is taking to prevent future episodes. [...] Reps. Mark Green (R-Tenn.) and Andrew R. Garbarino (R-N.Y.), chairs of the Homeland Security Committee and its cybersecurity subcommittee, respectively, wrote in their letter that the outages "must serve as a broader warning about the national security risks associated with network dependency. Protecting our critical infrastructure requires us to learn from this incident and ensure that it does not happen again," the lawmakers wrote. CrowdStrike spokesperson Kirsten Speas said in an emailed statement Monday that the company is "actively in contact" with the relevant congressional committees and that "engagement timelines may be disclosed at Members' discretion," but declined to say whether Kurtz will testify.

The committee is one of several looking into the incident, with members of the House Oversight Committee and House Energy and Commerce Committee separately requesting briefings from CrowdStrike. But the effort by Homeland Security Committee leaders marks the first time the company is being publicly summoned to testify about its role in the disruptions. CrowdStrike has risen to prominence as a major security provider partly by identifying malicious online campaigns by foreign actors, but the outages have heightened concern in Washington that international adversaries could look to exploit future incidents. "Malicious cyber actors backed by nation-states, such as China and Russia, are watching our response to this incident closely," Green and Garbarino wrote. The outages, which disrupted agencies at the federal and state level, are also raising questions about how much businesses and government officials alike have come to rely on Microsoft products for their daily operations.

Developer and librarian Misty De Meo, writing about her frustrating experience using GitHub: To me, one of GitHub's killer power user features is its blame view. git blame on the commandline is useful but hard to read; it's not the interface I reach for every day. GitHub's web UI is not only convenient, but the ease by which I can click through to older versions of the blame view on a line by line basis is uniquely powerful. It's one of those features that anchors me to a product: I stopped using offline graphical git clients because it was just that much nicer.

The other day though, I tried to use the blame view on a large file and ran into an issue I don't remember seeing before: I just couldn't find the line of code I was searching for. I threw various keywords from that line into the browser's command+F search box, and nothing came up. I was stumped until a moment later, while I was idly scrolling the page while doing the search again, and it finally found the line I was looking for. I realized what must have happened. I'd heard rumblings that GitHub's in the middle of shipping a frontend rewrite in React, and I realized this must be it. The problem wasn't that the line I wanted wasn't on the page -- it's that the whole document wasn't being rendered at once, so my browser's builtin search bar just couldn't find it. On a hunch, I tried disabling JavaScript entirely in the browser, and suddenly it started working again. GitHub is able to send a fully server-side rendered version of the page, which actually works like it should, but doesn't do so unless JavaScript is completely unavailable.

[...] The corporate branding, the new "AI-powered developer platform" slogan, makes it clear that what I think of as "GitHub" -- the traditional website, what are to me the core features -- simply isn't Microsoft's priority at this point in time. I know many talented people at GitHub who care, but the company's priorities just don't seem to value what I value about the service. This isn't an anti-AI statement so much as a recognition that the tool I still need to use every day is past its prime. Copilot isn't navigating the website for me, replacing my need to the website as it exists today. I've had tools hit this phase of decline and turn it around, but I'm not optimistic. It's still plenty usable now, and probably will be for some years to come, but I'll want to know what other options I have now rather than when things get worse than this.

merbs writes: Video games -- and the people who make them -- are in trouble. An estimated 10,500 people in the industry were laid off in 2023 alone. This year, layoffs in the nearly $200 billion sector have only gotten worse, with studios axing what is believed to be 11,000 more, and counting. Microsoft, home of the Xbox and parent company to several studios, including Activision Blizzard, shuttered Tango Gameworks and Alpha Dog Games in May. All the while, generative AI systems built by OpenAI and its competitors have been seeping into nearly every industry, dismantling whole careers along the way.

But gaming might be the biggest industry AI stands poised to conquer. Its economic might has long since eclipsed Hollywood's, while its workforce remains mostly nonunion. A recent survey from the organizers of the Game Developers Conference found that 49 percent of the survey's more than 3,000 respondents said their workplace used AI, and four out of five said they had ethical concerns about its use. "It's here. It's definitely here, right now," says Violet, a game developer, technical artist, and a veteran of the industry who has worked on AAA games for over a decade. "I think everyone's seen it get used, and it's a matter of how and to what degree. The genie is out of the bottle, Pandora's box is opened." The story adds: "At Activision, it was the same. 'A lot of 2D artists were laid off,' Noah says. The department was slashed. 'Remaining concept artists,' he claims, 'were then forced to use AI to aid in their work.' Employees, according to Noah, have been made to sign up for AI trainings, and its use is being promoted throughout the org."

smooth wombat writes: The FTC has sent mandatory notices for information to eight companies it says engages in "surveillance pricing", the process by which prices are rapidly changed using AI based on data about customer behavior and characteristics. This process, the FTC claims, allows companies to charge different customers different prices for the same product.

The list includes Mastercard, JPMorgan Chase, Accenture and consulting giant McKinsey. It also includes software firm Task, which counts McDonald's and Starbucks as clients; Revionics, which works with Home Depot, Tractor Supply and grocery chain Hannaford; Bloomreach, which services FreshDirect, Total Wine and Puma; and Pros, which was named Microsoft's internet service vendor of the year this year. "Firms that harvest Americans' personal data can put people's privacy at risk," FTC Chair Lina Khan said in a news release. "Now firms could be exploiting this vast trove of personal information to charge people higher prices."

Meta has released Llama 3.1, its largest open-source AI model to date, in a move that challenges the closed approaches of competitors like OpenAI and Google. The new model, boasting 405 billion parameters, is claimed by Meta to outperform GPT-4o and Claude 3.5 Sonnet on several benchmarks, with CEO Mark Zuckerberg predicting that Meta AI will become the most widely used assistant by year-end.

Llama 3.1, which Meta says was trained using over 16,000 Nvidia H100 GPUs, is being made available to developers through partnerships with major tech companies including Microsoft, Amazon, and Google, potentially reducing deployment costs compared to proprietary alternatives. The release includes smaller versions with 70 billion and 8 billion parameters, and Meta is introducing new safety tools to help developers moderate the model's output. While Meta isn't disclosing what all data it used to train its models, the company confirmed it used synthetic data to enhance the model's capabilities. The company is also expanding its Meta AI assistant, powered by Llama 3.1, to support additional languages and integrate with its various platforms, including WhatsApp, Instagram, and Facebook, as well as its Quest virtual reality headset.

The Japan Newspaper Publishers and Editors Association claims that AI-powered search engines by U.S. tech giants like Google and Microsoft likely infringe on copyright by using news articles without permission. Therefore, they're urging the Japanese government to quickly review and revise intellectual property laws to address these issues. Kyodo News reports (translated in English): The association argued in the statement that while traditional search engines direct users to various copyrighted material available online, AI search engines disclose the content, making them a completely different type of service. While stressing that in many instances, the essential content of the referenced article is reprinted in its entirety and therefore constitutes copyright infringement, the association also highlighted the issue of "zero-click searches," where users do not visit the source site. It warned that the lack of traffic could lead to the diminution of news organizations' reporting activities, which would then have a negative impact on democracy and culture.

The statement also expressed concern over potential inaccuracies in responses generated by AI search engines, which could give the impression that the source articles themselves were erroneous and damage the credibility of news organizations. The association added that providing AI search engine services without obtaining permission to use the source articles could violate the antimonopoly law. "There are many reasons AI companies are attracted to Japan, including the need for its companies to rapidly develop their digital capabilities and the country's declining population, which is very open to AI," said Yutaka Matsuo, a professor at Tokyo University and chair of the government's AI council, in a statement to the Financial Times. "One other attraction is that AI companies are permitted to learn from information without infringing copyright laws," he added.

The Financial Times says the push to bring AI companies to Japan has raised alarm for some content creators who worry their work isn't being protected. "As it relates to generative AI, Japan's existing Copyright Act does not contribute to protecting creators. In fact, it is focused on restricting the rights of creators," the Japanese Society for Rights of Authors, Composers and Publishers said in a statement.

Azure used to be a cloud platform dedicated to Windows. Now, it's the most widely used operating system on Microsoft Azure. The New Stack's Joab Jackson writes: These days, Microsoft expends considerable effort that Linux runs as smoothly as possible on Azure, according to a talk given earlier this year at the Linux Foundation Open Source Summit given by two Microsoft Azure Linux Platforms Group program managers, Jack Aboutboul, and Krum Kashan. "Linux is the #1 operating system in Azure today," Aboutoul said. And all must be supported in a way that Microsoft users have come to expects. Hence, the need for the Microsoft's Linux Platforms Group, which provides support Linux to both the internal customers and to Azure customers. These days, the duo of engineers explained, Microsoft knows about as much as anyone about how to operate Linux at hyperscale. [...]

As of today, there are hundreds of Azure and Azure-based services running on Linux, including the Azure Kubernetes Service (AKS), OpenAI, HDInsight, and many of the other database services. "A lot of the infrastructure powering everything else is running on Linux," Aboutoul said. "They're different flavors of Linux running all over the place," Aboutoul said. To run these services, Microsoft maintains its own kernel, Azure Linux, and in 2023 the company released its own version of Linux, Azure Linux. But Azure Linux is just a small portion of all the other flavors of Linux running on Azure, all of which Microsoft must work with to support.

Overall, there are about 20,000 third-party Software as a Service (SaaS) packages in the Azure marketplace that rely on some Linux distribution. And when things go wrong, it is the Azure service engineers who get the help tickets. The company keeps a set of endorsed Linux distributions, which include Red Hat Enterprise Linux, Debian, Flatcar, Suse, Canonical, and Oracle Linux and CentOS (as managed by OpenLogic, not Red Hat). [...] Overall, the company gets about 1,000 images a month from these endorsed partners alone. Many of the distributions have multiple images (Suse has a regular one, and another one for high-performance computing, for instance).

An anonymous reader writes: Windows users are being notified that their systems aren't backed up with the built-in Windows backup solution. A corresponding message appears with the advice that it's best to make backups so that all data is stored "in case something happens to the PC." It almost reads like an indirect threat, but Microsoft is actually just pointing out the option to store file backups on its own OneDrive cloud service. And it's also advertising more storage space.

A Microsoft spokesman says that a 2009 European Commission agreement prevents the company from restricting third-party access to Windows' core functions, shedding light on factors contributing to Friday's widespread outage that affected millions of computers globally. The disruption, which caused the infamous "blue screen of death" on Windows machines across various industries, originated from a faulty update by cybersecurity firm CrowdStrike. The incident highlighted the vulnerability of Microsoft's open ecosystem, mandated by the EU agreement, which requires the tech giant to provide external security software developers the same level of system access as its own products. This policy stands in stark contrast to more closed systems like Apple's.