google Finally Killed Its Internet Explorer Plugin, 'google Toolbar' (arstechnica.com)

Ars Technica's reviews editor remembers how google Toolbar launched back when Internet Explorer "had a rock-solid monopoly" on December 11, 2000, and marked google's first foray into browser ownership. "Rather than idly sit by and live under Internet Explorer's rule, google's plan was to hijack Microsoft's browser with various plugins." Once upon a time, Toolbar.google.com offered to guide any wayward Internet Explorer users across the web with the power of google.... It also patched up long-neglected Internet Explorer with new features, like highlighted search terms in pages, pop-up blocking, spell check, autofill, and google Translate. Phase 2 of the hijack plan was google Gears, which augmented IE with new APIs for web developers. Eventually, google stopped fixing other companies' browsers and launched google Chrome in 2008, which would make all of this obsolete.
But it ended as google finally pulled the plug this week on "a dusty, forgotten server" that had spent nearly 21 years blurting out "Take the best of google everywhere on the web!" Now, it redirects to a support page saying "google Toolbar is no longer available for installation. Instead, you can download and install google Chrome." The good news is that we wrote most of this post at the end of November, so this might be the Internet's very last hands-on of the now-dead product....

To say the app had been neglected is an understatement. The about page read, "Copyright 2014 google," though google definitely stopped performing maintenance on Toolbar before that. You could still do a google Search, and you could still sign into google Toolbar, but so much there was broken or a time capsule from a bygone era....

The "share" settings were a bloodbath, listing options for google Reader (killed July 2013), Orkut (killed September 2014), google+ (killed April 2019), and google Bookmarks (killed September 2021). There were also search shortcuts for google Blog Search (killed May 2011) and Picasa Web Albums (dead May 2016)....

The spell-check servers didn't work anymore, and I couldn't translate anything. The baked-in-by-default connections to google+ and google Bookmarks would also let you know that those products have been shut down. Even some of the "working" integrations, like Gmail, didn't really work because Gmail no longer supports Internet Explorer....

One feature that really blew my mind was a button that said, "Turn off features that send information." google Toolbar apparently had a one-click privacy kill switch back in the day.


Ask slashdot: What Do You Remember About Windows ME? (computerworld.com) 133

"Windows Me was unstable, unloved and unusable," remembered Computerworld last year, on the 20th anniversary of its release, calling it "a stink bomb of an operating system." Windows Me was a ghastly, slapdash piece of work, incompatible with lots of hardware and software. It frequently failed during the installation process — which should have been the first sign for people that this was an operating system they shouldn't try.Often, when you tried to shut it down, it declined to do so, like a two-year-old throwing a temper tantrum over being forced to go to sleep. It was slow and insecure. Its web browser, Internet Explorer, frequently refused to load web pages.
But they ultimately argue that it wasn't as bad as Windows Vista, which "simply refused to run, or ran so badly it was useless on countless PCs. Not just old PCs, but even newly bought PCs, right out of the box, with Vista installed." And they conclude that the worst Microsoft OS of all is still Windows 8. ("You want bad? You want stupid? You want an operating system that not only was roundly reviled by consumers and businesses alike, but also set Microsoft's business plans back years?")

slashdot reader alaskana98 even remembers Windows ME semi-fondly as "the last Microsoft OS to use the Windows 95 codebase." While rightly being panned as a buggy and crash-prone OS — indeed it was labelled as the worst version of Windows ever released by Computer World — it did introduce a number of features that continue on to this very day. Those features include:

-A personalized start menu that would show your most recently accessed programs, today a common feature in the Windows landscape.
-Software support for DVD playback. Previously one needed a dedicated card to playback DVDs.
-Windows Movie Maker and Windows Media Player 7, allowing home users to create, edit and burn their own digital home movies. While seemingly pedestrian in today's times, these were groundbreaking features for home users in the year 2000.
-The first iteration of System Restore — imagine a modern version of Windows not having the ability to conveniently restore to a working configuration — before Windows ME, this was simply not a possibility for the average home user unless you had a rigorous backup routine.
-The removal of real-mode DOS. While very controversial at the time, this change arguably improved the speed and reliability of the boot process.

Love it or hate it (well, lets face it, if you were a computer user at that point you probably hated it) — Windows ME did make several important contributions to the modern OS landscape that are often overlooked to this day. Do you have any stories from the heady days of late 2000 when Windows ME was first released?

slashdot reader Z00L00K remembers in a comment that "The removal of real-mode DOS is what REALLY made ME impossible to use for most of us at the time. It broke backwards compatibility so hard that the only way out was to use any of the earlier versions of Windows instead!"

Is this re-awakening images of the year 2000 for anyone? Share your own memories and thoughts in the comments.

What do you remember about Windows ME?

The Linux Kernel's Second Language? Rust Gets Another Step Closer (phoronix.com) 113

"In 2022 we will very likely see the experimental Rust programming language support within the Linux kernel mainlined," writes Phoronix, citing patches sent out Monday "introducing the initial support and infrastructure around handling of Rust within the kernel."

This summer saw the earlier patch series posted for review and discussion around introducing Rust programming language support in the Linux kernel to complement its longstanding C focus. In the months since there has been more progress on enabling Rust for the Linux kernel development, Linus Torvalds is not opposed to it, and others getting onboard with the effort. Rust for the Linux kernel remains of increasing interest to developers over security concerns with Rust affording more memory safety protections, potentially lowering the barrier to contributing to the kernel, and other related benefits....

Miguel Ojeda sent out the "v2" patches for Rust support in the kernel. With these updated packages, the Rust code is now relying on stable Rust releases rather than the beta compiler state previously, new modularization options added, stricter code enforcements, extra Rust compiler diagnostics enabled, new abstractions for in-kernel use, and other low-level code improvements.

Red Hat is also now joining Arm, google, and Microsoft in voicing their support for Rust code within the Linux kernel.

ZDNet contributing editor Steven J. Vaughan-Nichols also expects the first Rust code in Linux's kernel sometime in 2022: As Ryan Levick, a Microsoft principal cloud developer advocate, explained, "Rust is completely memory safe." Since roughly two-thirds of security issues can be traced back to handling memory badly, this is a major improvement. In addition, "Rust prevents those issues usually without adding any runtime overhead," Levick said.

Android Games Are Coming To Windows PCs In 2022 (gizmodo.com) 18

google is bringing Android games from google Play to Windows laptops, PCs, and tablets, the company announced on Thursday. Gizmodo reports: google announced a standalone google Play Games launcher that lets gamers play mobile titles on Windows PCs at The Game Show Awards on Thursday. The upcoming app will allow players to close out of their game on one device and resume playing where they left off on another. This means you could switch between a Chromebook, Windows PC, and Android phone without losing saved data. The app, which is being built and distributed by google, runs games locally on your system, no cloud streaming required. So far, google has only teased the service in a brief video clip, so some important details haven't been revealed. We do, however, know it is set to arrive sometime in 2022.

Microsoft Quietly Told Apple It Was Willing To Turn Big Xbox-exclusive Games Into iPhone Apps (theverge.com) 7

Private emails show Microsoft wheeling and dealing to get into the App Store. From a report: Remember when Apple pretended like it would let cloud gaming services like Microsoft xCloud and google Stadia into the App Store, while effectively tearing their business models to shreds? Know how Microsoft replied that forcing gamers to download hundreds of individual apps to play a catalog of cloud games would be a bad experience? In reality, Microsoft was willing to play along with many of Apple's demands -- and it even offered to bring triple-A, Xbox-exclusive games to iPhone to help sweeten the deal. That's according to a new set of private emails that The Verge unearthed in the aftermath of the Epic v. Apple trial.

These games would have run on Microsoft's Xbox Cloud Gaming (xCloud) platform, streaming from remote server farms filled with Xbox One and Xbox Series X processors instead of relying on the local processing power of your phone. If the deal had been made, you could have theoretically bought a copy of a game like Halo Infinite in Apple's App Store itself and launched it like any other app -- instead of having to pay $14.99 a month for an Xbox Game Pass Ultimate subscription with a set catalog of games and then needing to use Microsoft's web-based App Store workaround. But primarily, Microsoft was negotiating to bring its Netflix-esque catalog of xCloud games to the App Store, at a time when Apple had gotten very touchy about cloud gaming in general.

The emails, between Microsoft Xbox head of business development Lori Wright and several key members of Apple's App Store teams, show that Microsoft did start with a wide array of concerns about stuffing an entire service worth of Xbox games into individual App Store apps as of February 2020. Wright mentioned the "Complexity & management of creating hundreds to thousands of apps," how they'd have to update every one of those apps to fix any bugs, and how all those app icons could lead to cluttered iOS homescreens, among other worries.


Microsoft Launches Center for Reporting Malicious Drivers (therecord.media) 27

Microsoft has launched this week a special web portal where users and researchers can report malicious drivers to the company's security team. From a report: The new Vulnerable and Malicious Driver Reporting Center is basically a web form that allows users to upload a copy of a malicious driver, which gets uploaded and analyzed by a Microsoft automated scanner. At a technical level, Microsoft says this automated scanner can identify techniques that are commonly abused by malicious drivers, such as:
Drivers with the ability to map arbitrary kernel, physical, or device memory to user mode.
Drivers with the ability to read or write arbitrary kernel, physical, or device memory, including Port I/O and central processing unit (CPU) registers from user mode.
Drivers that provide access to storage that bypass Windows access control.


Microsoft Tempts Software Pirates With 50 Percent Discount On Office (theverge.com) 71

In a bold bid to turn digital crooks away from a life of crime, Microsoft is offering a 50 percent discount on its Office suite to some people using pirated versions. The Verge reports: Ghacks reports that a new message in the Office ribbon bar is appearing on pirated Office apps, tempting people with a 50 percent discount on a genuine Microsoft 365 subscription. The message links to an official Microsoft website that claims "pirated software exposes your PC to security threats." Microsoft warns Office pirates that they run the risk of running into viruses, malware, data loss, identify theft, and the inability to receive critical updates. The discount brings the price of a Microsoft 365 Family subscription down to just $49.99 for the first year, or $34.99 for a year of Microsoft 365 Personal.

google Says Bug With Teams and Android Can Cause 911 Calls To Fail (msn.com) 44

JoeyRox writes: Last week, a Reddit user reported that they weren't able to call 911 using their Pixel 3 and later said they were working with google support to figure out the issue. Yesterday, google announced what was causing the issue in a reply to the post: an "unintended interaction between the Microsoft Teams app and the underlying Android operating system." In its comment, google says that the bug happens when someone is using Android 10 or later and has Teams installed but isn't logged into the app. The company says that Microsoft will be releasing an update to Teams "soon" to prevent the issue and that there's an update to Android coming January 4th.

DeepMind Tests the Limits of Large AI Language Systems With 280-Billion-Parameter Model (theverge.com) 22

An anonymous reader quotes a report from The Verge: Language generation is the hottest thing in AI right now, with a class of systems known as "large language models" (or LLMs) being used for everything from improving google's search engine to creating text-based fantasy games. But these programs also have serious problems, including regurgitating sexist and racist language and failing tests of logical reasoning. One big question is: can these weaknesses be improved by simply adding more data and computing power, or are we reaching the limits of this technological paradigm? This is one of the topics that Alphabet's AI lab DeepMind is tackling in a trio of research papers published today. The company's conclusion is that scaling up these systems further should deliver plenty of improvements. "One key finding of the paper is that the progress and capabilities of large language models is still increasing. This is not an area that has plateaued," DeepMind research scientist Jack Rae told reporters in a briefing call.

DeepMind, which regularly feeds its work into google products, has probed the capabilities of this LLMs by building a language model with 280 billion parameters named Gopher. Parameters are a quick measure of a language's models size and complexity, meaning that Gopher is larger than OpenAI's GPT-3 (175 billion parameters) but not as big as some more experimental systems, like Microsoft and Nvidia's Megatron model (530 billion parameters). It's generally true in the AI world that bigger is better, with larger models usually offering higher performance. DeepMind's research confirms this trend and suggests that scaling up LLMs does offer improved performance on the most common benchmarks testing things like sentiment analysis and summarization. However, researchers also cautioned that some issues inherent to language models will need more than just data and compute to fix.
"I think right now it really looks like the model can fail in variety of ways," said Rae. "Some subset of those ways are because the model just doesn't have sufficiently good comprehension of what it's reading, and I feel like, for those class of problems, we are just going to see improved performance with more data and scale."

But, he added, there are "other categories of problems, like the model perpetuating stereotypical biases or the model being coaxed into giving mistruths, that [...] no one at DeepMind thinks scale will be the solution [to]." In these cases, language models will need "additional training routines" like feedback from human users, he noted.

Microsoft To Change Hiring Process After DOJ Finds Immigration-related Discrimination (nbcnews.com) 52

The U.S. Justice Department said on Tuesday it reached a settlement with Microsoft resolving allegations that the company discriminated against non-U.S. citizens in its hiring process. From a report: Microsoft asked job applicants for unnecessary immigration documents to prove they could work for the company without needing its sponsorship for work visas, the department said. It said an investigation found that Microsoft discriminated against at least six lawful permanent residents based on their immigration status by asking them to show a Permanent Resident Card to prove they had permission to work without employer sponsorship. Under the settlement, Microsoft will overhaul parts of its hiring process to ensure the company is following U.S. law, which prohibits employers from asking for documents when they are not required, the Justice Department said.

Microsoft Rolls Out Revamped Notepad App To Windows 11 Insiders (arstechnica.com) 123

Microsoft is continuing to update and refine Windows 11 two months after its public release, and the Notepad app is the latest bit of the operating system to get some attention. From a report: The updated version of the Notepad app is rolling out to Windows Insiders in the Dev channel, where the company is also testing tweaks to the taskbar and Start menu, a new-old button for setting the default web browser, an updated Media Player app, and other changes. The main changes appear pretty much as they did in the leaked Notepad screenshots from early October: the new unified title bar and menu bar pick up Windows 11's "mica" styling, as well as dark-mode support, support for switching between dark and light mode, and modernized font controls.

Biden's Cyber Leaders Go To Silicon Valley for More Help Fighting Hackers (politico.com) 25

Senior Biden administration officials met in Silicon Valley on Monday with key technology and cybersecurity companies as part of a push for more help from the private sector in fending off increasingly aggressive hackers working for adversarial regimes and criminal gangs. From a report: Homeland Security Secretary Alejandro Mayorkas, Cybersecurity and Infrastructure Security Agency Director Jen Easterly, National Cyber Director Chris Inglis and other officials met with executives from 13 companies, including google, networking vendor Juniper Networks and security firm Mandiant. Their aim was to deepen relationships between government and industry that security professionals see as vital for protecting the nation's critical infrastructure. The government already has strong relationships with some companies, such as Microsoft, that routinely warn officials about cyberattacks and help neutralize them. But Monday's meeting is part of a charm offensive aimed at growing the ranks of the government's industry allies and improving how efficiently they work together. These partnerships could offer the Biden administration a new weapon against ransomware -- one that doesn't rely on cooperation from Russian President Vladimir Putin, whose nation shelters many ransomware operators and with whom Biden is set to discuss cyber and other issues on Tuesday.

Microsoft Seizes Domains Used By Chinese Cyber-Espionage Group 'Nickel' (therecord.media) 26

An anonymous reader quotes a report from The Record: Microsoft said today that its legal team has successfully obtained a court warrant that allowed it to seize 42 domains used by a Chinese cyber-espionage group in recent operations that targeted organizations in the US and 28 other countries. Tracked by Microsoft as Nickel, but also known under other names such as APT15, Mirage, or Vixen Panda, Ke3Chang, and others, the group has been active since 2012 and has conducted numerous operations against a broad set of targets. Tom Burt, Microsoft VP of Customer Security & Trust, said today that the recent domains had been used for "intelligence gathering" from government agencies, think tanks, and human rights organizations.

Burt said the seized domains were being used to gather information and data from the hacked organizations. "Obtaining control of the malicious websites and redirecting traffic from those sites to Microsoft's secure servers will help us protect existing and future victims while learning more about Nickel's activities," Burt said in a blog post today announcing the company's legal action against Nickel domains. "Our disruption will not prevent Nickel from continuing other hacking activities, but we do believe we have removed a key piece of the infrastructure the group has been relying on for this latest wave of attacks," he added. According to Burt, the group's victims had been hacked using compromised third-party virtual private network (VPN) suppliers or stolen credentials obtained from spear-phishing campaigns, which is in tune with similar industry reports detailing recent tactics used by Chinese espionage groups, in general.


SolarWinds Hackers Have a Whole Bag of New Tricks For Mass Compromise Attacks (arstechnica.com) 43

An anonymous reader quotes a report from Ars Technica: Almost exactly a year ago, security researchers uncovered one of the worst data breaches in modern history, if not ever: a Kremlin-backed hacking campaign that compromised the servers of network management provider SolarWinds and, from there, the networks of 100 of its highest-profile customers, including nine US federal agencies. Nobelium -- the name Microsoft gave to the intruders -- was eventually expelled, but the group never gave up and arguably has only become more brazen and adept at hacking large numbers of targets in a single stroke. The latest reminder of the group's proficiency comes from security firm Mandiant, which on Monday published research detailing Nobelium's numerous feats -- and a few mistakes -- as it continued to breach the networks of some of its highest-value targets.

Mandiant's report shows that Nobelium's ingenuity hasn't wavered. Since last year, company researchers say the two hacking groups linked to the SolarWinds hack -- one called UNC3004 and the other UNC2652 -- have continued to devise new ways to compromise large numbers of targets in an efficient manner. Instead of poisoning the supply chain of SolarWinds, the groups compromised the networks of cloud solution providers and managed service providers, or CSPs, which are outsourced third-party companies that many large companies rely on for a wide range of IT services. The hackers then found clever ways to use those compromised providers to intrude upon their customers.
The advanced tradecraft didn't stop there. According to Mandiant, other advanced tactics and ingenuities included:
  • Use of credentials stolen by financially motivated hackers using malware such as Cryptbot (PDF), an information stealer that harvests system and web browser credentials and cryptocurrency wallets. The assistance from these hackers allowed the UNC3004 and UNC2652 to compromise targets even when they didn't use a hacked service provider.
  • Once the hacker groups were inside a network, they compromised enterprise spam filters or other software with "application impersonation privileges," which have the ability to access email or other types of data from any other account in the compromised network. Hacking this single account saved the hassle of having to break into each account individually.
  • The abuse of legitimate residential proxy services or geo-located cloud providers such as Azure to connect to end targets. When admins of the hacked companies reviewed access logs, they saw connections coming from local ISPs with good reputations or cloud providers that were in the same geography as the companies. This helped disguise the intrusions, since nation-sponsored hackers frequently use dedicated IP addresses that arouse suspicions.
  • Clever ways to bypass security restrictions, such as extracting virtual machines to determine internal routing configurations of the networks they wanted to hack.
  • Gaining access to an active directory stored in a target's Azure account and using this all-powerful administration tool to steal cryptographic keys that would generate tokens that could bypass two-factor authentication protections. This technique gave the intruders what's known as a Golden SAML, which is akin to a skeleton key that unlocks every service that uses the Security Assertion Markup Language, which is the protocol that makes single sign-on, 2FA, and other security mechanisms work.
  • Use of a custom downloader dubbed Ceeloader.


Executive at Swiss Tech Company Said to Operate Secret Surveillance Operation (bloomberg.com) 10

The co-founder of a company that has been trusted by technology giants including google and Twitter to deliver sensitive passwords to millions of their customers also operated a service that ultimately helped governments secretly surveil and track mobile phones, Bloomberg reported Monday, citing former employees and clients. From the report: Since it started in 2013, Mitto AG has established itself as a provider of automated text messages for such things as sales promotions, appointment reminders and security codes needed to log in to online accounts, telling customers that text messages are more likely to be read and engaged with than emails as part of their marketing efforts. Mitto, a closely held company with headquarters in Zug, Switzerland, has grown its business by establishing relationships with telecom operators in more than 100 countries. It has brokered deals that gave it the ability to deliver text messages to billions of phones in most corners of the world, including countries that are otherwise difficult for Western companies to penetrate, such as Iran and Afghanistan. Mitto has attracted major technology giants as customers, including google, Twitter, WhatsApp, Microsoft's LinkedIn and messaging app Telegram, in addition to China's TikTok, Tencent and Alibaba, according to Mitto documents and former employees.

But a Bloomberg News investigation, carried out in collaboration with the London-based Bureau of Investigative Journalism, indicates that the company's co-founder and chief operating officer, Ilja Gorelik, was also providing another service: selling access to Mitto's networks to secretly locate people via their mobile phones. That Mitto's networks were also being used for surveillance work wasn't shared with the company's technology clients or the mobile operators Mitto works with to spread its text messages and other communications, according to four former Mitto employees. The existence of the alternate service was known only to a small number of people within the company, these people said. Gorelik sold the service to surveillance-technology companies which in turn contracted with government agencies, according to the employees.

United States

America Tries to Fill 600,000 Vacant Cybersecurity Positions (axios.com) 75

Concerned about America's cybersecurity preparedness, the White House "is accelerating efforts to fill nearly 600,000 vacant cybersecurity positions in the public and private sectors bogging down efforts to protect digital infrastructure," reports Axios: Following a deluge of ransomware attacks targeting critical government and corporate infrastructure this year, clogs in the talent pipeline are leaving federal, cash-strapped local governments and Big Business even more susceptible to hacking. The issue has emerged repeatedly in Senate and House hearings but received little public attention until recently...

Microsoft...has pitched in by providing free cybersecurity curriculum to every public community college. A nonprofit, Public Infrastructure Security Cyber Education Systems, provides university students hands-on experience: monitoring real-time data on local government networks...

A job-tracking database funded by the Commerce Department shows there are nearly 600,000 U.S. cyber job openings nationwide.

The Department of Homeland Security recently launched a federal recruiting tool aimed at courting young, diverse talent. DHS currently has about 1,500 cybersecurity-related vacancies, affecting the agency's efforts to protect the homeland. A Senate audit found key agencies across the federal government continue to fail to meet basic cybersecurity standards, with eight of them earning a C- in the report.

Historically, local and federal government entities have struggled to compete with private sector companies, where bidding wars for talent are commonplace.


The Case for a Four-Day Work Week (forbes.com) 125

Recently a New York Times headlined asked "Is the four-day work week finally within our grasp?" Kickstarter, Shake Shack and Unilever's New Zealand unit are among those that have experimented with the four-day workweek, or have announced plans to. And after an experiment in Iceland supported the idea that the system improves worker well-being without reducing overall output, a majority of the country's workers have now moved to shorter workweeks, or will gain the right to... Roughly 1% of Iceland's working population was involved in its trials of shorter workweeks for equal pay, which ran for several years starting in 2015.

"The trials were successful," concluded a recent research report on the experiment. "Participating workers took on fewer hours and enjoyed greater well-being, improved work-life balance and a better cooperative spirit in the workplace — all while maintaining existing standards of performance and productivity...." And the extra day off means fewer commuting days, which saves time and reduces environmental impact....

Proponents of four-day weeks say the key is to rein in meetings. "You have better discipline around meetings. You're a lot more thoughtful in how you use technology," said Alex Soojung-Kim Pang, author of "Shorter," a book about the four-day workweek. He also said that a shorter week requires workers to set aside time for focused work and refrain from email or other communications during that time.

"To paraphrase William Gibson, the four-day week is already here for most companies," said Pang, an organizational strategy consultant in Menlo Park, California. "It's buried under a whole bunch of rubble of outmoded practices and bad meetings. Once you clear that stuff away, then it turns out the four-day week is well within your grasp."

And now one commentator in Newsweek reports that 83% of U.S. workers favor a shorter work week. But there's also a business case for the change, since a Microsoft experiment with a four-day work week in Japan "led to a 40 percent improvement in productivity, as measured by sales per employee...." The strongest argument for a shorter work week is that it doesn't actually require a sacrifice. Although the average American works 8.8 hours a day, not much of this time is actually spent working. If a worker is in the office but isn't working, what is the purpose of them being there? Minutes spent chatting by the water cooler, checking social media and making snacks compound into hours that could be better spent elsewhere. As noted by the historian C. Northcote Parkinson, famous for "Parkinson's Law," work "expands so as to fill the time available for its completion." I think he's right.

Deadlines focus work, and focused work is better work. It's the quality, and not the quantity, of our work that matters.... As we near the post-COVID juncture, I believe it's time to refocus our sights on the forgotten promise of the industrial revolution — to finally help employees find a better work-life balance and actually increase business' productivity and bottom line at the same time. Four great work days are always better than five average days.

It's happening. "The coronavirus pandemic has sped up a transition into more flexible and diverse working hours around the world, opening up ways of working that were unthinkable just a few years ago," reports Reuters. (The traditional model of how we work has been broken," Meghana Reddy, vice president of video messaging service Loom, told the Reuters Next conference.")

And an article in Forbes reminds us that last month Britain's Atom Bank adopted a four-day week for most of its 430 employees, reducing working hours to 34 hours per week from 37.5 hours without reducing pay. "There's even talk at the congressional level: U.S. Rep. Mark Takano, a Democrat from California, introduced a bill in July to reduce the standard work week from 40 hours to 32. The bill has 13 co-sponsors...." The four-day work week will take hold because it embodies the spirit of our times, because workers demand it, and because businesses that implement it will thrive...

Years from now we will look back on our pre-pandemic work habits and lifestyles and wonder why we worked the way we did. We will cringe to recall how we sacrificed evenings and weekends and friendships and family to work all the time. We will ponder how we allowed ourselves to sink beneath relentless professional demands and digital distractions without even noticing we were drowning.

The four-day work week is just one of the corporate experiments that will define the life-work revolution and ultimately the future of work.


JetBrains Announces 'Fleet' IDE to Compete with Microsoft's Visual Studio Code (jetbrains.com) 98

On Monday JetBrains (creators of the Kotlin programming language and makers of the integrated development environment IntelliJ IDEA) made an announcement: a preview for a lightweight new multi-language IDE called Fleet using IntelliJ's code-processing engine with a distributed IDE architecture and a reimagined UI.

By Friday they'd received an "overwhelming" number of requests, and announced the preview program had stopped accepting new requests. ("To subscribe for updates and the public preview announcement at jetbrains.com/fleet or follow @JetBrains_Fleet on Twitter.")

They'd received 80,000 requests in just the first 30 hours, reports Visual Studio magazine: Although JetBrains didn't even mention VS Code in its Nov. 28 announcement, many media pundits immediately characterized it along the lines of an "answer to Visual Studio Code," a "response to Visual Studio Code," a "competitor to Visual Studio Code" and so on...

"When you first launch Fleet, it starts up as a full-fledged editor that provides syntax highlighting, simple code completion, and all the things you'd expect from an editor," JetBrains said. "But wait, there's more! Fleet is also a fully functional IDE bringing smart completion, refactorings, navigation, debugging, and everything else that you're used to having in an IDE — all with a single button click."

"It starts up in an instant so you can begin working immediately..." boasts the Fleet web page, adding that Fleet "is designed to automatically detect your project configuration from the source code, maximizing the value you get from its smart code-processing engine while minimizing the need to configure the project in the IDE." And it also offers "project and context aware code completion, navigation to definitions and usages, on-the-fly code quality checks, and quick-fixes..."

Fleet also offers a collaborative environment allowing developers to work together — not just sharing the editor, but also terminals and debugging sessions. (There's even a diff view for reviewing changes.) "Others can connect to a collaboration session you initiate on your machine, or everyone can connect to a shared remote dev environment," explains Fleet's web page. "It supports a number of remote work scenarios and can be run locally on the developer's computer, in the cloud, or on a remote server," reports SD Times. (And Fleet's home page says soon it will even run in Docker containers configured with an appropriate environment for your project.)

SD Times adds that Fleet "currently supports Java, Kotlin, Go, Python, Rust, and JavaScript. The company plans to extend support to cover PHP, C++, C#, and HTML, which are the remaining languages that have IntelliJ IDEs." It's multi-platform — running on Linux, MacOS, or Windows — and Fleet's web page promises "a familiar and consistent user experience" offering one IDE for the many different technologies you might end up using.

And yes, there's a dark theme.

FBI Says the Cuba Ransomware Gang Made $43.9 Million from Ransom Payments (therecord.media) 14

The US Federal Bureau of Investigations said today that the operators of the Cuba ransomware have earned at least $43.9 million from ransom payments following attacks carried out this year. From a report: In a flash alert sent out on Friday, the Bureau said the Cuba gang has "compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors." The FBI said it traced attacks with the Cuba ransomware to systems infected with Hancitor, a malware operation that uses phishing emails, Microsoft Exchange vulnerabilities, compromised credentials, or RDP brute-forcing tools to gain access to vulnerable Windows systems. Once systems are added to their botnet, Hancitor operators rent access to these systems to other criminal gangs in a classic Malware-as-a-Service model. While an April 2021 McAfee report on the Cuba ransomware found no connection between the two groups, the FBI report highlights what appears to be a new partnership between MaaS providers and ransomware gangs after other ransomware operations struck similar partnerships throughout 2020.

PlayStation Plans New Service To Take On Xbox Game Pass (bloomberg.com) 14

Sony Group's PlayStation division is planning a new subscription service to compete with rival Microsoft's popular Xbox Game Pass, according to people familiar with Sony's plans and documents reviewed. Blooomberg: The service, code-named Spartacus, will allow PlayStation owners to pay a monthly fee for access to a catalog of modern and classic games, said the people, who asked not to be identified because they weren't authorized to speak to the press about the plans. The offering will likely be available on the smash hit PlayStation 4, which has sold more than 116 million units, and its elusive successor, the PlayStation 5, which launched more than a year ago but is still difficult to buy due to supply chain issues.

When it launches, expected in the spring, the service will merge Sony's two existing subscription plans, PlayStation Plus and PlayStation Now. Currently, PlayStation Plus is required for most online multiplayer games and offers free monthly titles, while PlayStation Now allows users to stream or download older games. Documents reviewed by Bloomberg suggest that Sony plans to retain the PlayStation Plus branding but phase out PlayStation Now.

slashdot Top Deals