Keyhole: a highly effective Windows DRM bypass also present on the Xbox One

The MAS project, a group of people working on an open source Windows and Office activator featuring HWID, Ohook, KMS38, and Online KMS activation methods, discovered quite a neat and interesting bug in the code responsible for licensing in Windows.

In our ongoing work to bypass Windows licensing checks, we occasionally stumble upon bugs that we choose to keep secret. This decision allows us to preserve potential future activation methods by avoiding bug fixes, while also giving us valuable tools for testing or developing new methods.

One such discovery, which we’ve named “Keyhole”, turned out to be a highly effective DRM bypass. It gave users the ability to license any Microsoft Store app or any modern Windows edition with ease.

↫ The MAS project

There were quite a number of roadblocks to overcome here, such as Microsoft’s code obfuscation tool, called Warbird, which was already done by someone else, after which they could really start digging into the code responsible for handling Microsoft Store and Windows licenses. They then discovered that circumventing the license blocks that hold the actual license information was dead simple – every license block is followed by a signature block covering all the data that comes before it. It turns out that messing with the licensing system was as simple as… Adding data after that signature block.

That was it.

As it turns out, data after the signature block isnt checked at all… and it can even override data that came before it. Whenever two blocks of the same type are stored together, the last one overrides all the others before it. So, if we want to change any license data, we can just make a block for it and put it after the signature block!

This method lets us make licenses for anything sold on the Microsoft Store, including Windows, from any other Microsoft Store license. And since there are so many free apps with licenses, we now had the ability to make as many as we wanted for whatever we wanted. This bug essentially punched a hole straight through CLiP’s DRM, so we decided to name it “Keyhole”.

↫ The MAS project

This opened up a massive hole in Microsoft’s licensing tools and DRM, and allowed the MAS project to pretty much do whatever they wanted. They could even do things that used to be impossible, such as “activating Enterprise LTSC with a digital license, or even activating a legitimate KMS server with a generic key”. Sadly, the fun didn’t last long, as right around the same time, Cisco TALOS discovered this same bug, reported it to Microsoft, who then proceeded to fix it.

the MAS project also discovered something else incredibly interesting, something which further highlights the seemingly terrible lack of quality assurance and code quality inside Microsoft. They noted that the kernel driver responsible for licensing looked incredibly shoddy, full of what they call “odd choices and compromises”. In fact, they soon realised that they had seen this code before: it was a straight-up copy/paste job from the licensing DRM found on the Xbox One.

And there’s the same bug that’s in CLiP, but in Xbox code. In fact, we weren’t too surprised to find this, as we found that almost all of CLiP, from the XML format of the licenses to the TLV-based license blocks, is copy-pasted straight from the Xbox One’s DRM system.

↫ The MAS project

Code reuse obviously makes sense in some situations, but the fact Microsoft even copy/pasted entire sections of code from the Xbox One straight into the Windows kernel as a kernel driver seems rather irresponsible. Shouldn’t code added to the Windows kernel and installed on billions of devices be vetted a little better than this?

Xmem and FVWM

So given that, xmem can be useful as a monitoring tool. Fluffy (my main server) runs both squid and apache, and given that fluffy only has 64MB of RAM, things can get a little cramped. If I suddenly see that the whole of xmem turns blue (i.e. the swap file’s thrashing), then I know that something is odd, and I can easily find out which processes are eating up so much RAM.

I said earlier that xmem can brighten up one’s desktop. Indeed, as I use FVWM in a rather archaic fashion, it seems fitting I should like xmem. 🙂 Here’s a full screenshot showing xmem (plus other applications) in action.

↫ Thomas Adam

This is basically just an excuse to show off this awesome FVWM desktop shown off in this short little article about xmem, written by one of FVWM’s core developers. It just looks neat.

Windows App SDK 1.6 released

We are proud to announce that version 1.6 of the Windows App SDK is now available! Whether you’re looking for the incredible performance boost and footprint reduction of Native AOT support, enhancements for deploying your package, or quality of life improvements for controls like PipsPager and RatingControl, WinAppSDK 1.6 offers a raft of new features, performance boosts and structural changes that enable you to make your native Windows apps better than ever before. 

The Windows App SDK provides a rich set of APIs and tools to help you build beautiful and fast Windows desktop apps, including any C++ Win32 or C# .NET app. You can harness the modern controls and polish of WinUI 3, which ships as part of the WinAppSDK, or if you have an existing app that uses Win32 such as WPF, you can take advantage of only the parts of the SDK that you need. The WinAppSDK also stays up to date with frequent and OS-independent releases so your app can always access the latest innovations.

↫ Duncan MacMichael at the Windows Blogs

There’s actually quite a few nice and welcome updates in version 1.6, most prominently the aforementioned Native AOT. This stands for native Ahead-Of-Time (AOT) compilation, and, as the name suggests, compiles your application ahead of time for the architecture it’s going to run on. This reduces the size of the application package and greatly improves the startup time. Another welcome improvement is that the embedded Edge WebView2 SDK is no longer hard-coded, but a NuGet reference, so developers can choose to use any version of the webview they want, preferably the newest version.

There’s a lot more in here, so if you’re a Windows developer trying to use the latest set of tools from Microsoft – this one’s for you.

A Windows Control Panel retrospective amidst a concerning UX shift

Unsurprisingly, this change has not been met with a lot of enthusiasm by the average Windows user, and with Microsoft now officially recommending users migrate over to the Settings app, it seems that before long we may have to say farewell to what used to be an intrinsic part of the Windows operating system since its first iterations. Yet bizarrely, much of the Control Panel functionality doesn’t exist yet in the Settings app, and it remain an open question how much of it can be translated into the Settings app user experience (UX) paradigm at all.

Considering how unusual this kind of control panel used to be beyond quaint touch-centric platforms like Android and iOS, what is Microsoft’s goal here? Have discovered a UX secret that has eluded every other OS developer?

↫ Maya Posch

I like the Windows Control Panel, and approaches like it. They’re easy to use, they allow you to have multiple settings panels open at the same time, they can be easily extended by third parties – for better or worse – and they make it easy to find things with colourful, recognisable icons. The current Windows Settings application is a massive regression, as is the change from macOS’ iconic and incredibly user-friendly System Preferences to the new System Settings application. KDE also moved to a sidebar design I’m not a fan of, and GNOME has had a similar unpleasant, monochrome sidebar, too.

It’s not big enough of an issue to make a huge deal out of, and the KDE sidebar settings application is at least marginally usable, but I really do wish someone would have the guts to undo this general trend, because it’s getting harder and harder to find the settings I want at a glance, and not allowing you to open multiple settings panels at the same time is a huge loss.

And a small note: this article uses the Windows 3.x Control Panel as its starting point, but both Windows 1.x and 2.x had a Control Panel as well. It’s an old concept, for sure.

The Internet Archive just lost its appeal over ebook lending

The Internet Archive has lost its appeal in a fight to lend out scanned ebooks without the approval of publishers. In a decision on Wednesday, the Second Circuit Court of Appeals ruled that permitting the Internet Archive’s digital library would “allow for widescale copying that deprives creators of compensation and diminishes the incentive to produce new works.”

The decision is another blow to the nonprofit in the Hachette v. Internet Archive case. In 2020, four major publishers — Hachette, Penguin Random House, Wiley, and HarperCollins — sued the Internet Archive over claims its digital library constitutes “willful digital piracy on an industrial scale.”

↫ Emma Roth

If you’re a library and scan books and offer a lending service, you’re committing “willful digital piracy on an industrial scale”. If you scan the entire goddamn internet without any regard for licensing or copyright and regurgitate chunks of it on command, you’re a visionary, a revolutionary, a genius.

Make it make sense.

Porting systemd to musl libc-powered Linux

A. Wilcox, the original creator of Adélie Linux, has ported systemd to musl, the glibc alternative.

I have completed an initial new port of systemd to musl. This patch set does not share much in common with the existing OpenEmbedded patchset. I wanted to make a fully updated patch series targeting more current releases of systemd and musl, taking advantage of the latest features and updates in both. I also took a focus on writing patches that could be sent for consideration of inclusion upstream.

The final result is a system that appears to be surprisingly reliable considering the newness of the port, and very fast to boot.

↫ A. Wilcox

I absolutely adore Adélie Linux as a project, even if I don’t run it myself, since they have a very practical approach to software. Systemd is popular for a reason – it’s fast and capable – and it only makes sense for Adélie to offer it as a potential option, even when using musl. Choice is a core value of the open source and Linux world, and that includes the choice to use systemd, even for a distribution that has traditionally used something else.

The port is already quite capable, and Wilcox managed to replace OpenRC on her system with systemd in-place, and it booted up just fine, and it also happened to boot in about a third of the time OpenRC did. It’s not ready for prime time yet, though, and most services are not yet packaged for systemd, an effort for which Adélie Linux intends to rely on upstream and cooperation with systemd experts from Gentoo and Fedora. They’re also working together with systemd, musl, and others to make any switching a user might want to do as easy as possible.

A beta or anything like that is still a ways off, but it’s an impressive amount of progress already.

Android 15 is released to AOSP

Today we’re releasing Android 15 and making the source code available at the Android Open Source Project (AOSP). Android 15 will be available on supported Pixel devices in the coming weeks, as well as on select devices from Samsung, Honor, iQOO, Lenovo, Motorola, Nothing, OnePlus, Oppo, realme, Sharp, Sony, Tecno, vivo, and Xiaomi in the coming months.

We’re proud to continue our work in open source through the AOSP. Open source allows anyone to build upon and contribute to Android, resulting in devices that are more diverse and innovative. You can leverage your app development skills in Android Studio with Jetpack Compose to create applications that thrive across the entire ecosystem. You can even examine the source code for a deeper understanding of how Android works.

↫ Matthew McCullough at the Android Developers blog

While it’s great that we’re still getting open source Android releases, the reality of it is that Google has eroded so much away from the Android Open Source Project that AOSP has become effectively useless. Back in the olden days, AOSP was a complete mobile operating system, but those days are long behind us. Google has moved so much from AOSP over to proprietary frameworks, applications, and cloud services that running that it’s no longer a complete package, which is a huge shame.

Still, AOSP plays an important role for the custom ROM community and the various companies and communities making privacy-first, de-Googled Android versions, and for that reason alone it’s good that it still exists, even in its gutted state. Android 15’s AOSP release will surely find its way to LineageOS, /e/OS, GrapheneOS, and the countless other alternatives to butchered Android OEM versions and people seeking a more private smartphone experience.

As for when Android 15 will hit Pixels – that’s going to be a few weeks from now, later than usual after the source release.

Programming the Convergent WorkSlate’s spreadsheet microcassette future

That’s the 1983 Convergent WorkSlate, a one-of-a-kind handheld system from some misty alternate history where VisiCalc ruled the earth. Indeed, even the “software” packages Convergent shipped for it — on microcassette, which could store voice memos and data — were nothing more than cells and formulas in a worksheet. The built-in modem let you exchange data with other Workslates (or even speak over the phone to their users), and it came with a calculator desk accessory and a rudimentary terminal program, but apart from those creature comforts its built-in spreadsheet was the sole centre of your universe. And, unlike IAI and the Canon Cat, I’ve yet to find any backdoor (secret or otherwise) to enable anything else.

That means anything you want to program has to be somehow encoded in a spreadsheet too. Unfortunately, when it comes to actually programming the device it turns out the worst thing a spreadsheet on an 8-bit CPU can be is Turing-complete (so it’s not), and it has several obnoxious bugs to boot. But that doesn’t mean we can’t make it do more than balance an expense account. Along the way we’ll examine the hardware, wire into its peripheral bus, figure out how to exchange data with today’s future, create a simple game, draw rudimentary graphics and (with some help) even put it on the Internet with its very own Gopher client — after we tell of the WorkSlate’s brief and sorrowful commercial existence, as this blog always must.

↫ Cameron Kaiser

The amount of knowledge, skill, and sheer passion Cameron Kaiser displays in every one of these articles he writes is astonishing, and I’m incredibly grateful websites like OSNews can benefit from the work of people far, far smarter and more skillful than I’ll ever be. The code for the projects detailed in the article is available on GitHub, and more technical information can be found on Kaiser’s website.

Apple helped nix part of a child safety bill. More fights are expected.

Kim Carver, a legislator in the US state of Louisiana, added a provision to a child safety bill forcing Apple and Google to enforce age restrictions on downloads in their application stores. In other words, it would force Apple to make sure minors could not download gambling and casino applications – i.e., 99% of mobile games – that make up the vast majority of Apple’s services revenue. It would also make application stores play a role in enforcing age restrictions on social media applications, which makes sense because Apple and Google know the age of every one of their users.

Well, it turns out Apple was not happy. They sent out an absolute army of lobbyists – including a guy known for lobbying on behalf of truck-stop casinos, in case you were wondering about the type of people Apple uses for lobbying – to kill this specific provision. Carver’s provision would have breezed through the Louisiana senate, but it needed a key committee approval before being put up for a vote. And it’s this committee that Apple started heavily influencing and pressuring.

Carver began hearing rumblings that Apple was making inroads with the committee—his amended bill might be in trouble. Uncertain on how to proceed, he approached the chairwoman of the committee, Sen. Beth Mizell, for advice.

He declined to describe the substance of the conversation to The Wall Street Journal, but in the end, he promised not to object if she removed the app store provisions or support restoring them on the Senate floor.

“I made the choice to take the win that we could get,” Carver said.

↫ Jeff Horwitz and Aaron Tilley at The Wall Street Journal

This is not the first time Apple has pressured legislatures to drop bills it didn’t like. A famous case is the state if Georgia, which intended to pass a number of application store bills to open up the App Store in much the same way the European Union did with the DMA. Apple went absolutely mental in Georgia, including threatening to cancel “a $25 million investment in a historically Black college in Atlanta”. Apple won.

The way these sleazebag companies get away with such blatant corruption is by using third-party lobbyists, which technically are not employed by the companies in question, so no matter how low and sleazy these lobbyists go, the companies they lobby for can wash their hands in innocence and absolve themselves from any responsibility for the various financial and legal threats levied at underfunded, understaffed local legislatures. Spending a few millions on a local development project or whatever is peanuts for Apple, but a massive boon for a small community somewhere, so Apple pulling out means nothing to Apple, but would massively affect such a community. It’s not surprising local legislatures fold.

Circling back to the age restriction provision itself – telling stores what they can and cannot sell is an entirely normal thing to do, and happens all the time all over the world. It’s why in, say, The Netherlands, supermarkets are only allowed to sell “light” alcohol like beer and wine, with hard alcohol moved to separate liquor stores that have to be separate from the supermarket, so age restrictions are easier to enforce. There’s also just an infinite number of things you’re just not allowed to sell, period.

As always, Silicon Valley believes it’s a very special snowflake to whom regular, normal, widely accepted rules do not apply. Why shouldn’t a store selling gambling applications and similarly addictive and damaging applications have to do the absolute bare minimum to protect minors? Imagine the massive outcry if a Costco or Walmart was found to sell massive amounts of hard liquor to children – why should Silicon Valley companies be treated any differently?

Pitch deck gives new details on company’s plan to listen to your devices for ad targeting

For years now, people believe that their smartphones are listening to their conversations through their microphones, all the time, even when the microphone is clearly not activated. Targeted advertising lies at the root of this conviction; when you just had a conversation with a friend about buying a pink didgeridoo and a flanel ukelele, and you then get ads for pink didgeridoos and flanel ukeleles, it makes intuitive sense to assume your phone was listening to you. How else would Google, Amazon, Facebook, or whatever, know your deepest didgeridoo desires and untapped ukelele urges?

The truth is that targeted advertising using cross-site cookies and profile building is far more effective than people think, and on top of that, people often forget what they did on their phone or laptop ten minutes ago, let alone yesterday or last week. Smartphones are not secretly listening to you, and it’s not through covert microphone activation that it knows about your musical interests.

But then.

Media conglomerate Cox Media Group has been pitching tech companies on a new targeted advertising tool that uses audio recordings culled from smart home devices. The existence of this program was revealed late last year. Now, however, 404 Media has also gotten its hands on additional details about the program through a leaked pitch deck. The contents of the deck are creepy, to say the least.

Cox’s tool is creepily called “Active Listening” and the deck claims that it works by using smart devices, which can “capture real-time intent data by listening to our conversations.” After the data is captured, advertisers can “pair this voice-data with behavioral data to target in-market consumers,” the deck says. The vague use of artificial intelligence to collect data about consumers’ online behavior is also mentioned, with the deck noting that consumers “leave a data trail based on their conversations and online behavior” and that the AI-fueled tool can collect and analyze said “behavioral and voice data from 470+ sources.”

↫ Lucas Ropek at Gizmodo

Looking at the pitch deck in question, you can argue that it’s not even referring to smartphones, and that it is incredibly vague – probably on purpose – what “active listening” and “conversations” are really referring to. It might as well be simply referring to the various conversations on unencrypted messaging platforms, directly with companies, or stuff like that. “Smart devices” is also intentionally vague, and could be anything from one of those smart fridges to your smartphone.

But you could also argue that yes, this seems to be pretty much referring to “listening to our conversations” in the most literal sense, by somehow – we have no idea how – turning on our smartphone microphones, in secret, without iOS or Android, or Apple or Google, knowing about it? It seems far-fetched, but at the same time, a lot of corporate and government programs and efforts seemed far-fetched until some whisteblower spilled the beans.

The feeling that your phones are listening to you without your consent, in secret, will never go away. Even if some irrefutable evidence came up that it isn’t possible, it’s just too plausible to be cast aside.

You have installed OpenBSD, now for the daily tasks

Since we’re on the topic of BSD, what about yet another helpful guide on what to do after first installing OpenBSD? We’ve covered a few of these already, but more can never hurt, and OpenBSD is a great platform that would suit a lot more of us than you might think.

Despite some persistent rumors, installing OpenBSD is both quick and easy on most not too exotic hardware. But once the thing is installed, what is daily life with the most secure free operating system like?

↫ Peter N. M. Hansteen

This guide by Hansteen focuses primarily on the various basic system management tools you’ll be needing to keep OpenBSD up to date after initial installation, and how to install anything else you might need.

Make your own CDN with NetBSD

After covering setting up your own CDN with both FreeBSD and OpenBSD, it’s now time to learn how to set up your own CDN wit NetBSD.

This article is a spin-off from a previous post on how to create a self-hosted CDN, but this time we’ll focus on using NetBSD. NetBSD is a lightweight, stable, and secure operating system that supports a wide range of hardware, making it an excellent choice for a caching reverse proxy. Devices that other operating systems may soon abandon, such as early Raspberry Pi models or i386 architecture, are still fully supported by NetBSD and will continue to be so. Additionally, NetBSD is an outstanding platform for virtualization (using Xen or qemu/nvmm) and deserves more attention than it currently receives.

↫ Stefano Marinelli

All the same from my previous post still applies, and it’s a great thing that Marinelli covers all three of the major BSDs (so far). If you want to run your own CDN on BSD, you can now make a pretty informed decision on which BSD best suits your needs.

What we can learn from vintage computing

Thanks to open source, no technology ever has to become obsolete, so long as a community remains to support it. You can sync Newtons and Palm Pilots with modern desktops, download web browsers for long-discontinued operating systems, or connect vintage computers like the Apple IIe to the modern internet via WiFi. Every year, new cartridges are released for old-school video game consoles like the Nintendo Entertainment System and Game Boy.

People keep old software and online platforms alive as well. The Dreamwidth team forked an old version of the early social network LiveJournal’s source code and built a community around it. The dial-up bulletin board system software WWIV is still maintained and there are plenty of BBSes still around. Teams are working to restore aspects of early online services like AOL and Prodigy. And you can still use Gopher, the hypertext protocol that was — for a brief period in the early 1990s — bigger than the web.

↫ Klint Finley

Retrocomputing is about a lot of things, and I feel like it differs per person. For me, it’s a little bit of nostalgia, but primarily it’s about learning, and experiencing hardware and software I was unable to experience when they were new, either due to high cost or just general unavailability. There’s a lot to learn from platforms that are no longer among us, and often it helps you improve your skills with the modern platforms you do still use.

The linked article is right: open source is playing such a massive role in the retrocomputing community. The number of open source projects allowing you to somehow use decades-old platforms in conjunction with modern technologies is massive, and it goes far beyond just software – projects like BlueSCSI or very niche things like usb3sun highlights there’s also hardware-based solutions for just about anything retro you want to accomplish.

And we really can’t forget NetBSD, which seems to be the go-to modern operating system for bringing new life to old and retro hardware, as it often runs on just about anything. When I got my PA-RISC workstation, the HP Visualize c3750, I couldn’t find working copies of HP-UX, so I, too, opted for NetBSD to at least be able to see if the computer was fully functional. NetBSD is now a tool in my toolbox when I’m dealing with older, unique hardware.

Retrocomputing is in a great place right now, with the exception of the ballooning prices we’re all suffering from, with even successful mainstay YouTubers like LGR lamenting the state of the market. Still, if you do get your hands on something retro – odds are there’s a whole bunch of tools ready for you to make the most of it, even today.

The Mouse programming language on CP/M

Mouse is an interpreted stack orientated language designed by Peter Grogono around 1975. It was designed to be a small but powerful language for microcomputers, similar to Forth, but much simpler. One obvious difference to Forth is that Mouse interprets a stream of characters most of which are only a single character and it relies more on variables rather than rearranging the stack as much. The version for CP/M on the Walnut Creek CD is quite small at only 2k.

↫ Lawrence Woodman (2020)

Even with very little to no programming experience I can tell that this language looks a lot smaller and more compact than other code I’ve seen. I’ll have to leave it to the actual programmers and developers among the OSNews audience to provide more valuable insight, but I feel like there’s definitely something here that’ll interest some of you.

Microsoft says its Recall uninstall option in Windows 11 is just a bug

Despite reports to the contrary, Microsoft has stated that Recall will not be uninstallable after all. The feature did show up in the Windows Features dialog, but apparently, that was a bug.

“We are aware of an issue where Recall is incorrectly listed as an option under the ‘Turn Windows features on or off’ dialog in Control Panel,” says Windows senior product manager Brandon LeBlanc in a statement to The Verge. “This will be fixed in an upcoming update.”

↫ Tom Warren at The Verge

The company is not committing to saying it will not ever be uninstallable, probably because the European Union might have something to say about that. At the very least you’ll be able to turn Recall off, but it seems actually removing it might not be possible for a while.

Heliography in darkness

Telegram doesn’t hold up to the promise of being private, nor secure. The end-to-end encryption is opt-in, only applies to one-on-one conversations and uses a controversial ‘homebrewn’ encryption algorithm. The rest of this article outlines some of the fundamentally broken aspects of Telegram.

↫ h3artbl33d

Telegram is not a secure messenger, nor is it a platform you should want to be on. Chats are not encrypted by default, and are stored in plain text on Telegram’s server. Only chats between two (not more!) people who also happen to both be online at that time can be “encrypted”. In addition, the quotation marks highlight another massive issue with Telegram: its “encryption” is non-standard, home-grown, and countless security researchers have warned against relying on it.

Telegram’s issues go even further than this, though. The application also copies your contacts to its servers and keeps them there, they’ve got a “People nearby” feature that shares location data, and so much more. The linked article does a great job of listing the litany of problems Telegram has, backed up by sources and studies, and these alone should convince anyone to not use Telegram for anything serious.

And that’s even before we talk about Telegram’s utter disinterest in stopping the highly illegal activities that openly take place on its platform, from selling drugs, down to far more shocking and dangerous activities like sharing revenge pron, CSAM, and more. Telegram has a long history of not giving a single iota about shuttering groups that share and promote such material, leaving victims of such heinous crimes out in the cold.

Don’t use Telegram. A much better alternative is Signal, and hell, even WhatsApp, of all things, is a better choice.

Servo gets tabbed browsing, Windows improvements, and more

If you’re reading this, you did a good job surviving another month, and that means we’ve got another monthly update from the Servo project, the Rust-based browser engine originally started by Mozilla. The major new feature this month is tabbed browsing in the Servo example browser, as well as extensive improvements for Servo on Windows.

Servo-the-browser now has a redesigned toolbar and tabbed browsing! This includes a slick new tab page, taking advantage of a new API that lets Servo embedders register custom protocol handlers.

↫ Servo’s blog

Servo now runs better on Windows, with keyboard navigation now fixed, --output to PNG also fixed, and fixes for some font- and GPU-related bugs, which were causing misaligned glyphs with incorrect colors on servo.org and duckduckgo.com, and corrupted images on wikipedia.org.

Of course, that’s not at all, as there’s also the usual massive list of improved standards support, new APIs, improvements to some of the developer tools (including massive improvements in Windows build times), and a huge number of fixed bugs.

Here’s 22 examples of Google employees trying to avoid creating evidence for court

In its antitrust case against Google, the Federal Government filed a list of chats it had obtained that show Google employees explicitly asking each other to turn off a chat history feature to discuss sensitive subjects, showing repeatedly that Google workers understood they should try to avoid creating a paper trail of some of their activities. 

The filing came following a hearing in which judge Leonie Brinkema ripped Google for “destroyed” evidence while considering a filing from the Department of Justice asking the court to find “adverse interference” against Google, which would allow the court to assume it purposefully destroyed evidence. Previous filings, including in the Epic Games v Google lawsuit and this current antitrust case, have also shown Google employees purposefully turning history off.

↫ Seamus Hughes

The fact that corporations break the law, and lie, cheat, and scam their way to the top is not something particularly shocking, nor will it surprise anyone. I can barely even get angry about it anymore – birds gotta eat, fish gotta swim, corpos gotta break the law, that sort of thing. It’s just an inevitability of reality, a law of nature. You know it, I know it, the whole world knows it.

No, what really upsets me is just how easily they get away with it, and even if they do get punished, any fines or other forms of punishment are so utterly disproportionately mild compared to the crimes committed. It’s incredibly rare for anyone responsible for corporate crime to ever face any serious punishment, let alone jail time, and even in the rare cases where they do, they usually have some stock options or whatever left over from their employment contract that will ensure a lavishly wealthy lifestyle. Fines levied against corporations as a whole are usually so low they’re just a minor cost of doing business, to the point where one has to wonder why they’re even being levied at all.

Compare this to us normal folks, and the differences couldn’t be more stark. Whenever we’re accidentally late on some small bill, we get fined automatically, with very little recourse. We get a speeding ticket automatically in the mail because we drove 5 km/h over the speed limit. Our tax agencies are stupidly effective and efficient at screwing you over for that small side hustle selling crap on eBay. And rarely do we have any effective, efficient recourse.

And these things can quickly spiral out of control when you’re already living paycheck to paycheck – being poor is really, really expensive. And let’s not even get into how much worse any of this is if you’re part of a minority, like being black in the US, or of North-African descent in Europe.

In this case, the illegal activities of Google and its executies and employees is on such clear display, and yet, few, if any, will suffer any consequences for them. If you ever wonder why so many regular people flock to political extremes, it’s exactly this kind of deep unfairness and inequality that lies at its roots. It’s dispiriting, demoralising, and disheartening, and primes the pumps for disenfranchisement with society, and thus the search for alternatives, upon which extremists pray.

We either stop our continual slide into corporatism, or our societies will fall.

Microsoft quietly makes controversial Recall feature uninstallable

After spending a few months in complete radio silence about Recall, Microsoft finally emerged with a statement that its controversial feature will make a comeback later this year, in October, to be more precise. In preparation for the release, Microsoft quietly made a big change in Windows 11 version 24H2 on Copilot+ PCs, namely, adding the ability to uninstall Recall (via Deskmodder).

↫ Taras Buria

Recall, a half-baked security nightmare of a feature trying to catch the AI hype train, uninstallable using a Windows 95-era Windows Features dialog, is a better summary of the current state of Windows than anything anyone could put into words. Nobody cares about Windows, least of all Microsoft, and I have the sneaking suspicion that could Microsoft get away with it, they would put the source code to large parts of the Windows platform on GitHub to “outsource” its development to the community and fire even more employees.

Is anyone excited about new Windows releases? Is anyone looking forward to new features? Because it feels like every new releases, every new feature, just causes more dread, more exasperation, more what is it this time? than genuine excitement and happiness. Everything coming out of Microsoft when it comes to Windows ever since the release of Windows 11 is just… Sadness.

NSA releases copy of internal lecture delivered by computing giant Rear Adm. Grace Hopper

In one of the more unique public proactive transparency record releases for the National Security Agency (NSA) to date, NSA has released a digital copy of a lecture that then-Capt. Grace Hopper gave agency employees on August 19, 1982.

The lecture, “Future Possibilities: Data, Hardware, Software, and People,” features Capt. Hopper discussing some of the potential future challenges of protecting information. She also provided valuable insight on leadership and her experiences breaking barriers in the fields of computer science and mathematics.

↫ NSA press release

Digital preservation is about more than just code – it’s also about invaluable content like this. It seems rather uncouth to spend only a few lines on who Grace Hopper really is, since it’s your duty to know already, and she deserves a hell of a lot more than a few lines. If you don’t yet know who she is, her Wikipedia page is a good place to start.

The speech in question has an interesting history, in that the only medium on which it was stored were 1-inch AMPEX tapes. The speech was originally given to NSA employees, but not even the damn NSA had the ability to access the recordings of the speech, and had to call in the National Archives and Records Administration’s help. The NARA managed to retrieve the footage from the tapes, and now here we are.

This will make for some great weekend viewing.