Short takes and quick hits for the week of October 23-29, 2016.
Posted October 28, 2016 6:40 PDT
NBC News is reporting that a previously unknown hacker group has dumped more than a gigabyte of emails and other material from the office of one of Vladimir Putin's top aides, Vladislav Surkov:
While the Kremlin has denied the relationship between Moscow and the separatists, the emails show in great detail how Russia controlled virtually every detail of the separatist effort in the Russian-speaking regions of Ukraine, which has torn the country apart and led to a Russian takeover of Crimea.
And unlike the reported Russian hack of the Democratic National Committee, the Ukrainian hack reached deep into the office of the Russian president.
"This is a serious hack," said Maks Czuperski, head of the Digital Forensic Research Lab of the Atlantic Council (DFRL), which has searched through the email dump and placed selected emails on-line.
The report likens Surkov's role as akin to that of the deputy national security director of the U.S.
This sounds an awful lot like the "proportionate response" to the Russian hacks of U.S. political organizations that the White House promised two weeks ago. The NBC News report quoted "a senior U.S. intelligence official" saying the U.S. "had no role" in the hack.
The next question is whether these document dumps, like those from Wikileaks, become a steady, embarrassing drip for Putin's administration.
Posted October 27, 2016 1:45 PDT
Apple calls its new Touch Bar "revolutionary," one of several "groundbreaking ideas" in the new MacBook Pro.
Oh, really? Via Twitter, @bjorndori shares a fascinating article from the Microsoft Applied Sciences Group:
What concept could interest the Microsoft Applied Sciences Group for a decade? Adaptive hardware: input devices that can change visually, and even potentially physically, based upon the relevant context.
1999: The concept is born. A keyboard could be made that displays the active action keys and hides the irrelevant keys for a given application, application mode, and application state.
The article traces the development of the concept from from Steven Bathiche's idea book in 1999.through a series of prototypes, including one from 2009 with "a large, touch-sensitive display strip at the top with the display continuing underneath the keys."
That cross-licensing patent deal that Apple and Microsoft signed back in the 1990s continues to pay dividends for both companies.
Posted Oct. 26, 2016 1:40 PDT
Penny Arcade artist Mike Krahulik (aka Gabe) is a longtime fan of the Surface product line (well, except for that time when he quit the Surface Pro 3 in anger). So it's not surprising that he received one of the first Surface Studio units and has been using it for the past week.
His impressions are worth reading. A sample:
Moving the Studio from one position to the next is startlingly easy. You can adjust it to whatever angle is most comfortable for you with two fingers. Once there the Studio provides enough resistance to draw comfortably without worrying about pushing it out of position. When you are drawing on it, the screen is completely engrossing. At a distance the screen is beautiful but when you are on top of it drawing, it's absolutely stunning. Tycho asked me to compare it to my Cintiq, and I told him that drawing on the Cintiq now felt like drawing on a piece of dirty plexiglass hovering over a CRT monitor from 1997.
His conclusion? "[T]he Studio honestly feels like a generational leap forward."
Posted Oct. 26, 2016 11:30 PDT
Mary Jo Foley has a quick wrap-up of what to expect in the Windows 10 Creators Update:
Windows 10 "Redstone 2," as of today officially designated as the "Windows 10 Creators Update," will include a number of features aimed at users who've traditionally been part of Apple's core designer/creator customer base.
As she notes, nobody is calling this the March update, "even though sources and leaks have pointed to Microsoft's planned ship target for Redstone 2 as March 2017."
For what it's worth, I heard at least one onstage presenter refer to a target date of "spring 2017," and here in the Northern Hemisphere spring doesn't start unil very late in March. Given that language, I don't expect the 1703 release to be widely available until April 2017.
If so, that would be in keeping with this year's Anniversary Update, which is officially named 1607 (July 2016), but wasn't released until the following month.
And although it didn't get a shout-out onstage, an eagle-eyed colleague, Ciprian Rusen, spotted what appears to be a Universal Windows Platform version of Windows Defender in one of today's demos and grabbed this screenshot.
Given Microsoft's relentless march to convert core features of Windows to its "modern" app platform, this isn't surprising, but it's instructive to see how far along this app appears to be.
Posted Oct. 25, 2016 13:40 PDT
Is Apple losing its ability to keep a secret? Recent high-profile launch events have been characterized by rampant leaks in the days before the event, and this week's rumored debut of new MacBook Pros is following that same pattern.
MacRumors appears to have been first with pictures of the new design:
In addition to confirming that such a product is in the works, the images give us our first full look at the redesigned MacBook Pro ahead of its launch. An OLED touch panel is located on top of the keyboard, where the function keys would normally be placed, and it very clearly supports Touch ID, as it is seen used with Apple Pay.
The other big change is the elimination of the Escape key. Fortunately, the traditional headphone jack appears to be untouched.
Posted Oct. 24, 2016 8:25 PDT
When a massive DDoS attack brought a large DNS provider its client to its knees last week, the impact was felt worldwide. This picture made the rounds throughout the day:
It certainly looks dire. Unfortunately, as veteran technology journalist Glenn Fleishman explains, the story it told had nothing to do with what really happened.
It was a convenient picture, and one that I found compelling, too: a heatmap showing outages across the Internet due to an Internet of Things (IoT) botnet attack that was crippling a private Internet infrastructure company's ability to respond to requests. The map apparently showed Level 3's network; Level 3 is one of the largest network providers, transiting data among networks large and small. A congestion or outage would degrade everyone's ability to reach certain networks.
Except the map we all shared, including me, didn't show the status of Level 3's network at all--its network and others were not under attack. Sites weren't unreachable because the Internet was overloaded. I'll explain below what actually happened on Friday.
It's a great explainer. Read the whole thing.
Posted Oct. 24, 2016 6:20 AM PDT
The fake tech support call, typically from a boiler room in India, has become increasingly popular in recent years. Over the weekend, Microsoft Malware Protection Center researchers Tan Seng and Alden Pornasdoro disclosed a new variation on the familiar scam:
We recently discovered a threat detected as SupportScam:MSIL/Hicurdismos.A that pretends to be a Microsoft Security Essentials installer. Microsoft Security Essentials is our antimalware product for Windows 7 and earlier. In Windows 10 and Windows 8, Windows Defender provides antimalware protection and is installed and enabled by default when Windows is installed. However, some users may believe they also need to download and install Microsoft Security Essentials.
Hicurdismos uses a fake Windows error message (sometimes called a "blue screen of death", or BSoD) to launch a technical support scam. A real BSoD is a fatal error in which the screen turns blue and the computer crashes. Recovery from a BSoD error typically requires the user to reboot the computer.
The fake BSoD screen includes a note to contact technical support. Calling the indicated support number will not fix the BSoD, but may lead to users being encouraged to download more malware under the guise of support tools or software that is supposed to fix a problem that doesn't exist.
The fake software is digitally signed by Bluesquarez LLC rather than Microsoft. The dead giveaway in this scam BSOD screen is the support phone number. A real Windows error message doesn't include a U.S.-based 800 number. On a PC running Windows 10, it should be flagged by the SmartScreen Filter.