Slashdot reader Mirnotoriety shared this report from the Register: A proof-of-concept program has been released to demonstrate a so-called monitoring "blind spot" in how some Linux antivirus and other endpoint protection tools use the kernel's io_uring interface.

That interface allows applications to make IO requests without using traditional system calls [to enhance performance by enabling asynchronous I/O operations between user space and the Linux kernel through shared ring buffers]. That's a problem for security tools that rely on syscall monitoring to detect threats... [which] may miss changes that are instead going through the io_uring queues.

To demonstrate this, security shop ARMO built a proof-of-concept named Curing that lives entirely through io_uring. Because it avoids system calls, the program apparently went undetected by tools including Falco, Tetragon, and Microsoft Defender in their default configurations. ARMO claimed this is a "major blind spot" in the Linux security stack... "Not many companies are using it but you don't need to be using it for an attacker to use it as enabled by default in most Linux systems, potentially tens of thousands of servers," ARMO's CEO Shauli Rozen told The Register. "If you're not using io_uring then disable it, but that's not always easy with cloud vendors."

In 2016, an online "swarm intelligence" platform stunned horse-racing fans by making a correct prediction for the Kentucky Derby — naming all four top finishers in order. (But the next year its predictions weren't even close, with TechRepublic suggesting 2016's race just had an unusual cluster of obvious picks.)

Since then it's become almost a tradition — asking AI to predict the winning horses each year, then see how close it came. So before today's race, a horse named "Journalism" was given the best odds of winning by professional bookmakers — but could AI make a better prediction? USA Today reports: The USA TODAY Network asked Microsoft Copilot AI to simulate the order of finish for the 2025 Kentucky Derby field based on the latest, odds, predictions and race factors on Thursday, May 1. Journalism came out on top in its projection. The AI-generated response cited Journalism's favorable post position (No. 8), which has produced the second-most Kentucky Derby winners and a four-race winning streak that includes last month's Santa Anita Derby.
ChatGPT also picked the exact same horse, according to FanDuel. But in fact, the winning horse turned out to be "Sovereignty" (a horse Copilot predicted would finish second). Meanwhile Copilot's pick for first place ("Journalism") finished in second.

But after that Copilot's picks were way off...

• Copilot's pick for third place was a horse named Rodriguez — which hours later was scratched from the race altogether. (And the next day Copilot's pick for 10th place was also scratched.)

• Copilot's pick for fourth place was "Sandman" — who finished in 18th place.

• Copilot's pick for fifth place was "Burnham Square" — who finished in 11th place.

• Copilot's pick for sixth place was "Luxor Cafe" — who finished in 10th place

• Copilot's pick for seventh place was "Render Judgment" — who finished in 16th place...

An online racing publication also asked "a trained AI LLM tool" for their predictions, and received a wildly uneven prediction:

1. Burnham Square (finished 11th)
2. Journalism (finished 2nd)
3. Sandman (finished 18th)
4. Tiztastic (finished 15th)
5. Baeza (finished 3rd)

Microsoft has appointed a Deputy CISO for Europe to address growing regulatory pressure and reassure EU leaders about its cybersecurity commitment. "The move also highlights strong fears from European IT execs and government officials that the Trump administration may exert significant influence on cybersecurity companies," reports CSO Online. From the report: Who that Deputy CISO will ultimately be is unclear. Wednesday's statement simply said that Microsoft CISO Igor Tsyganskiy is "appointing a new Deputy CISO for Europe as part of the Microsoft Cybersecurity Governance Council," but the phrasing made it unclear when that would happen. However, Tsyganskiy made a separate announcement on LinkedIn that he has given the role to current Deputy CISO Ann Johnson. But he then said that Johnson, who is based at Microsoft's head office in Redmond, Washington, will hold that post "temporarily."

In his LinkedIn post, Tsyganskiy explained that the Cybersecurity Governance Council, which was created in 2024, consists of "our Global CISO and Deputy Chief Information Security Officers (Deputy CISOs) representing each of our technology services. This Council oversees the company's cyber risks, defenses, and compliance across regions and domains." "The Deputy CISO for Europe will be accountable for compliance with current and emerging cybersecurity regulations in Europe, including the Digital Operational Resilience Act (DORA), the NIS 2 Directive, and the Cyber Resilience Act (CRA)," Tsyganskiy wrote. "These laws will prove transformative not only in EU markets, but worldwide, and Microsoft is actively engaged in preparing for what lies ahead." Microsoft said in Wednesday's statement: "the appointment of a Deputy CISO for Europe reflects the importance and global influence of EU cybersecurity regulations and the company's commitment to meeting and exceeding those expectations to prioritize cybersecurity across the region. This new position will report directly to Microsoft's CISO."

Michela Menting, France-based digital security research director at ABI Research, said when she heard on Wednesday that Microsoft was creating such a role, "I was mostly surprised that they don't already have one."

"GDPR has been in place for quite some time now and the fact they are only now putting in a European deputy CISO is concerning," Menting added. "They are playing catch up."

Microsoft has taken its most significant step yet toward eliminating passwords by making new Microsoft accounts "passwordless by default." The change means new users will never need to create a password, instead using more secure authentication methods like biometrics, PINs, or security keys.

The move builds on Microsoft's decade-long push toward passwordless authentication that began with Windows Hello in 2015. According to company data, passkey sign-ins are eight times faster than password and multi-factor authentication combinations, with users achieving a 98% success rate compared to just 32% for password users. Microsoft also said it now registers nearly one million passkeys daily across its consumer services.

Microsoft is raising prices for Xbox consoles globally, with the flagship Series X jumping $100 to $599.99 in the US. The more affordable Series S will increase by $80 to $379.99, while game prices will reach $80 later this year.

The company cited "market conditions and the rising cost of development" in a statement, adding that it continues to focus on "offering more ways to play more games across any screen and ensuring value for Xbox players."

An anonymous reader quotes a report from PCWorld: Windows 7 came onto the market in 2009 and put Microsoft back on the road to success after Windows Vista's annoying failures. But Windows 7 was not without its faults, as this curious story proves. Some users apparently encountered a vexing problem at the time: if they set a single-color image as the background, their Windows 7 PC always took 30 seconds to start the operating system and switch from the welcome screen to the desktop.

In a recent blog post, Microsoft veteran Raymond Chen explains the exact reason for this. According to him, a simple programming error meant that users had to wait longer for the system to boot. After logging in, Windows 7 first set up the desktop piece by piece, i.e. the taskbar, the desktop window, icons for applications, and even the background image. The system waited patiently for all components to finish loading and received feedback from each individual component. Or, it switched from the welcome screen to the desktop after 30 seconds if it didn't receive any feedback.

The problem here: The code for the message that the background image is ready was located within the background image bitmap code, which means that the message never appeared if you did not have a real background image bitmap. And a single color is not such a bitmap. The result: the logon system waited in vain for the message that the background has finished loading, so Windows 7 never started until the 30 second fallback activated and sent users to the desktop. The problem could also occur if users had activated the "Hide desktop icons" group policy. This was due to the fact that such policies were only added after the main code had been written and called by an If statement. However, Windows 7 was also unable to recognize this at first and therefore took longer to load.

After 10 consecutive quarters of rising AI-related investment, Microsoft has put on the brakes, spending over $1 billion less than the previous quarter (source paywalled; alternative source). Despite the slight slowdown, Microsoft posted stronger-than-expected results with $70 billion in revenue and $25.8 billion in profit. The New York Times reports: In the first three months of 2025, Microsoft spent $21.4 billion on capital expenses, down more than $1 billion from the previous quarter. The company is still on track to spend more than $80 billion on capital expenses in the current fiscal year, which ends in June. But the pullback, though slight, is an indication that the tech industry's appetite for spending on A.I. is not limitless.

Overall, Microsoft's results showed unexpected strength in its business. Sales surpassed $70 billion, up 13 percent from the same period a year earlier. Profit rose to $25.8 billion, up 18 percent. The results far surpassed Wall Street's expectations. "Cloud and A.I. are the essential inputs for every business to expand output, reduce costs, and accelerate growth," Satya Nadella, Microsoft's chief executive, said in a statement.

Microsoft CEO Satya Nadella said that 20%-30% of code inside the company's repositories was "written by software" -- meaning AI -- during a fireside chat with Meta CEO Mark Zuckerberg at Meta's LlamaCon conference on Tuesday. From a report: Nadella gave the figure after Zuckerberg asked roughly how much of Microsoft's code is AI-generated today. The Microsoft CEO said the company was seeing mixed results in AI-generated code across different languages, with more progress in Python and less in C++.

Microsoft has pledged to take the US government to court if necessary [alternative source] to protect European customers' access to its cloud services, as concerns mount over potential technology disruptions under President Donald Trump. Brad Smith, Microsoft's president and vice-chair, announced five "digital commitments" to Europe on Wednesday, responding to regional anxieties following Trump's temporary suspension of military support to Ukraine.

"We as a company need to be a source of digital stability during a period of geopolitical volatility," Smith said. The commitments include contesting any government order to cease European cloud services through legal channels and establishing European oversight of its continental operations. Microsoft will increase its European data center capacity by 40% over the next two years, expanding in 16 countries with investments of "tens of billions of dollars" annually. The Seattle-based company, which derives more than a quarter of its business from Europe, becomes the first major American tech firm to proactively address European concerns amid escalating trade tensions.

An anonymous reader quotes a report from The Register: Instead of depressing wages or taking jobs, generative AI chatbots like ChatGPT, Claude, and Gemini have had almost no wage or labor impact so far -- a finding that calls into question the huge capital expenditures required to create and run AI models. In a working paper released earlier this month, economists Anders Humlum and Emilie Vestergaard looked at the labor market impact of AI chatbots on 11 occupations, covering 25,000 workers and 7,000 workplaces in Denmark in 2023 and 2024.

Many of these occupations have been described as being vulnerable to AI: accountants, customer support specialists, financial advisors, HR professionals, IT support specialists, journalists, legal professionals, marketing professionals, office clerks, software developers, and teachers. Yet after Humlum, assistant professor of economics at the Booth School of Business, University of Chicago, and Vestergaard, a PhD student at the University of Copenhagen, analyzed the data, they found the labor and wage impact of chatbots to be minimal. "AI chatbots have had no significant impact on earnings or recorded hours in any occupation," the authors state in their paper.

The report should concern the tech industry, which has hyped AI's economic potential while plowing billions into infrastructure meant to support it. Early this year, OpenAI admitted that it loses money per query even on its most expensive enterprise SKU, while companies like Microsoft and Amazon are starting to pull back on their AI infrastructure spending in light of low business adoption past a few pilots. The problem isn't that workers are avoiding generative AI chatbots -- quite the contrary. But they simply aren't yet equating to actual economic benefits. "The adoption of these chatbots has been remarkably fast," Humlum told The Register. "Most workers in the exposed occupations have now adopted these chatbots. Employers are also shifting gears and actively encouraging it. But then when we look at the economic outcomes, it really has not moved the needle."

Humlum said while there are gains and time savings to be had, "there's definitely a question of who they really accrue to. And some of it could be the firms -- we cannot directly look at firm profitability. Some of it could also just be that you save some time on existing tasks, but you're not really able to expand your output and therefore earn more. So it's like it saves you time writing emails. But if you cannot really take on more work or do something else that is really valuable, then that will put a damper on how much we should actually expect those time savings to affect your earning ability, your total hours, your wages."

"In terms of economic outcomes, when we're looking at hard metrics -- in the administrative labor market data on earnings, wages -- these tools have really not made a difference so far," said Humlum. "So I think that that puts in some sense an upper bound on what return we should expect from these tools, at least in the short run. My general conclusion is that any story that you want to tell about these tools being very transformative, needs to contend with the fact that at least two years after [the introduction of AI chatbots], they've not made a difference for economic outcomes."

Ars Technica's Andrew Cunningham reports: Intel's oddball Core Ultra 200V laptop chips -- codenamed Lunar Lake -- will apparently be a one-off experiment, not to be replicated in future Intel laptop chips. They're Intel's only processors with memory integrated onto the CPU package; the only ones with a neural processing unit that meets Microsoft's Copilot+ performance requirements; and the only ones with Intel's best-performing integrated GPUs, the Intel Arc 130V and 140V.

Today, Intel announced some updates to its graphics driver that specifically benefit those integrated GPUs, welcome news for anyone who bought one and is trying to get by with it as an entry-level gaming system. Intel says that version 32.0.101.6734 of its graphics driver can speed up average frame rates in some games by around 10 percent, and can speed up "1 percent low FPS" (that is, for any given frames per second measurement, whatever your frame rate is the slowest 1 percent of the time) by as much as 25 percent. This should, in theory, make games run better in general and ease some of the stuttering you notice when your game's performance dips down to that 1 percent level.

An anonymous reader quotes a report from ZDNet: Today, open-source software powers the world. It didn't have to be that way. The Open Invention Network's (OIN) origins are rooted in a turbulent era for open source. In the mid-2000s, Linux faced existential threats from copyright and patent litigation. Besides, the infamous SCO lawsuit and Microsoft's claims that Linux infringed on hundreds of its patents cast a shadow over the ecosystem. Business leaders became worried. While SCO's attacks petered out, patent trolls -- formally known as Patent Assertion Entities (PAEs) -- were increasing their attacks. So, open-source friendly industry giants, including IBM, Novell, Philips, Red Hat, and Sony, formed the Open Invention Network (OIN) to create a bulwark against patent threats targeting Linux and open-source technologies. Founded in 2005, the Open Invention Network (OIN) has evolved into a global community comprising over 4,000 participants, ranging from startups to multinational corporations, collectively holding more than three million patents and patent applications.

At the heart of OIN's legal strategy is a royalty-free cross-license agreement. Members agree not to assert their patents against the Linux System, creating a powerful network effect that shields open-source projects from litigation. As OIN CEO Keith Bergelt explained, this model enables "broad-based participation by ensuring patent risk mitigation in key open-source technologies, thereby facilitating open-source adoption." This approach worked then, and it continues to work today. [...] Over the years, OIN's mission has expanded beyond Linux to cover a range of open-source technologies. Its Linux System Definition, which determines the scope of patent cross-licensing, has grown from a few core packages to over 4,500 software components and platforms, including Android, Apache, Kubernetes, and ChromeOS. This expansion has been critical, as open source has become foundational across industries such as finance, automotive, telecommunications, and artificial intelligence.

Mastercard is working with Microsoft and other leading AI companies to give AI agents the ability to shop online and make payments on behalf of consumers. From a report: Under the new program, a shopper could prompt an AI agent -- Microsoft's Copilot, for example -- to search for a pair of yellow running shoes in a particular size.

The agent would then search and offer the customer options, and then be able to make the purchase while also recommending the best way to pay, Mastercard said in a statement Tuesday.

Carbon removal technologies, potentially a $250 billion market, are failing to gain traction as buyers remain scarce. The Intergovernmental Panel on Climate Change projects a need for 10 billion metric tons of carbon removals annually by 2050, yet only 175 million tons have been sold to date -- less than 2% of requirements.

Microsoft dominates the market, accounting for 35% of all purchases and 76% of engineered removal solutions specifically. The market suffers from significant barriers: unproven technologies, vast price disparities ($80 per ton for forest projects versus $1,000 for direct air capture), and lack of standardization. Industry experts at a recent London gathering concluded that without more buyers willing to accept early adoption risks, the market cannot meaningfully grow.

The once-celebrated partnership between OpenAI's Sam Altman and Microsoft's Satya Nadella is deteriorating amid fundamental disagreements over computing resources, model access, and AI capabilities, according to WSJ. The relationship that Altman once called "the best partnership in tech" has grown strained as both companies prepare for independent futures.

Tensions center on several critical areas: Microsoft's provision of computing power, OpenAI's willingness to share model access, and conflicting views on achieving humanlike intelligence. Altman has expressed confidence OpenAI can build models with humanlike intelligence soon -- a milestone Nadella publicly dismissed as "nonsensical benchmark hacking" during a February podcast.

The companies retain significant leverage over each other. Microsoft can block OpenAI's conversion to a for-profit entity, potentially costing the startup billions if not completed this year. Meanwhile, OpenAI's board can trigger contract clauses preventing Microsoft from accessing its most advanced technology.

After Altman's brief ouster in 2023 -- dubbed "the blip" within OpenAI -- Nadella pursued an "insurance policy" by hiring DeepMind co-founder Mustafa Suleyman for $650 million to develop competing models. The personal relationship has also cooled, with the executives now communicating primarily through scheduled weekly calls rather than frequent text exchanges.

Ruby on Rails creator and Basecamp CTO David Heinemeier Hansson, makes a case for why Google shouldn't be forced to sell Chrome: First, Chrome won the browser war fair and square by building a better surfboard for the internet. This wasn't some opportune acquisition. This was the result of grand investments, great technical prowess, and markets doing what they're supposed to do: rewarding the best. Besides, we have a million alternatives. Firefox still exists, so does Safari, so does the billion Chromium-based browsers like Brave and Edge. And we finally even have new engines on the way with the Ladybird browser.

Look, Google's trillion-dollar business depends on a thriving web that can be searched by Google.com, that can be plastered in AdSense, and that now can feed the wisdom of AI. Thus, Google's incredible work to further the web isn't an act of charity, it's of economic self-interest, and that's why it works. Capitalism doesn't run on benevolence, but incentives.

We want an 800-pound gorilla in the web's corner! Because Apple would love nothing better (despite the admirable work to keep up with Chrome by Team Safari) to see the web's capacity as an application platform diminished. As would every other owner of a proprietary application platform. Microsoft fought the web tooth and nail back in the 90s because they knew that a free, open application platform would undermine lock-in -- and it did!

Microsoft Copilot "isn't doing as well as the company would like," reports XDA-Developers.com (citing a report from startup/VC industry site Newcomer). The Redmond giant has invested billions of dollars and a lot of manpower into making it happen, but as a recent report claims, people just don't care. In fact, if the report is to be believed, Microsoft's rise in the AI scene has already come to a screeching halt:

At Microsoft's annual executive huddle last month, the company's chief financial officer, Amy Hood, put up a slide that charted the number of users for its Copilot consumer AI tool over the past year. It was essentially a flat line, showing around 20 million weekly users. On the same slide was another line showing ChatGPT's growth over the same period, arching ever upward toward 400 million weekly users. OpenAI's iconic chatbot was soaring, while Microsoft's best hope for a mass-adoption AI tool was idling. It was a sobering chart for Microsoft's consumer AI team...

That's right; Microsoft Copilot's weekly user base is only 5% of the number of people who use ChatGPT, and it's not increasing. It's also worth noting that there are approximately 1.5 billion Windows users worldwide, which means just over 1% of them are using Copilot, a tool that's now a Windows default app....

It's not a huge surprise that Copilot is faltering. Despite Microsoft's CEO claiming that Copilot will become "the next Start button", the company has had to backtrack on the Copilot key and allow people to customise it to do something else, including giving back its original feature of the Menu key.
They also note earlier reports that Intel's AI PC chips aren't selling well.

"A group of researchers says it has identified a hidden reason we use Google for nearly all web searches," reports the Washington Post. "We've never given other options a real shot." Their research experiment suggests that Google is overwhelmingly popular partly because we believe it's the best, whether that's true or not. It's like a preference for your favorite soda. And their research suggested that our mass devotion to googling can be altered with habit-changing techniques, including by bribing people to try search alternatives to see what they are like...

[A] group of academics — from Stanford University, the University of Pennsylvania and MIT — designed a novel experiment to try to figure out what might shake up Google's popularity. They recruited nearly 2,500 participants and remotely monitored their web searches on computers for months. The core of the experiment was paying some participants — most received $10 — to use Bing rather than Google for two weeks. After that period, the money stopped, and the participants had to pick either Bing or Google. The vast majority in the group of people who were paid to use Bing for 14 days chose to go back to Google once the payments stopped, suggesting a strong preference for Google even after trying an alternative. But a healthy number in that group — about 22 percent — chose Bing and were still using it many weeks later.
"I realized Bing was not as bad as I thought it was...." one study participant said — which an assistant professor in business economics and public policy at the University of Pennsylvania says is a nice summation of the study's findings.

"The researchers did not test other search engines," the article notes. But it also points out that more importantly: the research caught the attention of some government officials: Colorado Attorney General Phil Weiser (D), who is leading the group of states that sued Google alongside the Justice Department, said the research helped inspire a demand by the states to fix Google's search monopoly. They asked a judge to require Google to bankroll a consumer information campaign about web search alternatives, including "short-term incentive payments."
On the basis of that, the article suggests "you could soon be paid to try Microsoft Bing or another alternative."

And in the meantime, the reporter writes, "I encourage you to join me in a two-week (unpaid) experiment mirroring the research: Change your standard search engine to something other than Google and see whether you like it. (And drop me a line to let me know how it went.) I'm going with DuckDuckGo, a privacy-focused web search engine that uses Bing's technology."

Some developers are "crying foul" after Microsoft's C/C++ extension for Visual Studio Code stopped working with VS Code derivatives like VS Codium and Cursor, reports The Register. The move has prompted Cursor to transition to open-source alternatives, while some developers are calling for a regulatory investigation into Microsoft's alleged anti-competitive behavior. From the report: In early April, programmers using VS Codium, an open-source fork of Microsoft's MIT-licensed VS Code, and Cursor, a commercial AI code assistant built from the VS Code codebase, noticed that the C/C++ extension stopped working. The extension adds C/C++ language support, such as Intellisense code completion and debugging, to VS Code. The removal of these capabilities from competing tools breaks developer workflows, hobbles the editor, and arguably hinders competition. The breaking change appears to have occurred with the release of v1.24.5 on April 3, 2025.

Following the April update, attempts to install the C/C++ extension outside of VS Code generate this error message: "The C/C++ extension may be used only with Microsoft Visual Studio, Visual Studio for Mac, Visual Studio Code, Azure DevOps, Team Foundation Server, and successor Microsoft products and services to develop and test your applications." Microsoft has forbidden the use of its extensions outside of its own software products since at least September 2020, when the current licensing terms were published. But it hasn't enforced those terms in its C/C++ extension with an environment check in its binaries until now. [...]

Developers discussing the issue in Cursor's GitHub repo have noted that Microsoft recently rolled out a competing AI software agent capability, dubbed Agent Mode, within its Copilot software. One such developer who contacted us anonymously told The Register they sent a letter about the situation to the US Federal Trade Commission, asking them to probe Microsoft for unfair competition -- alleging self-preferencing, bundling Copilot without a removal option, and blocking rivals like Cursor to lock users into its AI ecosystem.

Microsoft has finally released Windows Recall to the general public, nearly a year after first announcing the controversial feature. Available exclusively on Copilot+ PCs, Recall continuously captures screenshots of user activity, storing them in a searchable database with extracted text. The feature's original launch was derailed by significant security concerns, as critics noted anyone with access to a Recall database could potentially view nearly everything done on the device.

Microsoft's revamped version addresses these issues with improved security protections, better content filtering for sensitive information, and crucially, making Recall opt-in rather than opt-out. The rollout includes two additional Copilot+ features: an improved Search function with natural language understanding, and "Click to Do," which enables text copying from images and quick summarization of on-screen content.