Microsoft's Store is not a safe haven

Symantec discovered eight application in the official Microsoft Store that ran cryptomining operations without informing the user about it in the background when installed.

One of the main arguments for integrating the Microsoft Store in Windows 8 and Windows 10, unveiled in 2011 by Microsoft, was that it protected users from installing malicious or problematic applications on their devices because of a review process and other safeguards.

While it is certainly the case that Windows Store offers a safer environment, it is far from the safe haven that Microsoft would like it to be.

We talked about deceiving apps, copycat apps, and deceptive apps in the past, and covered Microsoft’s attempts to improve quality by pruning low quality applications.

The introduction of PWA support appears to have opened the door for another type of unwanted software: cryptomining.

microsoft store apps

Symantec discovered eight applications in Microsoft Store that started cryptomining operations as soon as they were installed and launched by users from the Microsoft Store.

The applications were published by three developers but there is strong evidence that a single person or group is responsible for all of them. Evidence comes from the use of the same mining key and Google Tag Manager key, and that all applications used the same origin (but different domains).

The apps were fairly popular, judging from the 1900 ratings that they received between publication in April 2018 and December 2018. It is certainly possible that part of the ratings came from fake accounts or services that rate apps in return for payment.

Microsoft does not reveal installation counts for applications; it is unclear if the applications landed on thousands, hundred of thousands, or even more devices running Windows 10.

Windows 10 users were exposed to these applications in various ways: when they searched for apps in the Store, browsed the free listings, or were directed to the Store from websites that linked to these applications.

The applications fetched a JavaScript mining library using Google Tag Manager when they were launched for the first time after download and installation. All applications included privacy policies but mining operations were not mentioned in any of them or the descriptions.

The applications used the majority of the computer’s CPU cycles according to Symantec for mining operations.

Symantec informed Microsoft about the applications, and Microsoft has removed them in the meantime from the Store.

Closing Words

While it is certainly arguable that cryptocurrency mining is less harmful than a device’s infection with malicious software or ransomware, it is clear that Microsoft Store users need to be careful when it comes to the installation of apps from the Store.

I recommended that users verify app developers before they install apps in 2013. Microsoft’s Store is not the only Store that hosted cryptomining applications or extensions. The particular form of unwanted software was found in extension stores, e.g. in Mozilla’s or Google’s for the Firefox or Chrome browser, and on Google Play previously already.

Now You: do you use Store applications?

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Microsoft’s Store is not a safe haven appeared first on gHacks Technology News.

Benchmark refutes Google's claim that content blockers slow down Chrome

Google released a first draft of the new version of Google Chrome’s Extension Manifest in January 2019.

The company plans to limit the webRequest API that extensions, content blockers like uBlock Origin or Adblock Plus, use currently to block certain elements on webpages. It would introduce the declarativeNetRequest API instead designed to take over.

The change, if implemented as suggested, would limit content blockers and other extension types significantly in Google Chrome.

Google explained the decision in the following way:

This begins in the browser process, involves a process hop to the extension’s renderer process, where the extension then performs arbitrary (and potentially very slow) JavaScript, and returns the result back to the browser process. This can have a significant effect on every single network request, even those that are not modified, redirected, or blocked by the extension (since Chrome needs to dispatch the event to the extension to determine the result).

Basically, Google argues that extensions that use the webRequest may have a significant impact on performance. In other words, using extensions that make use of the API may slow down web browsing measurably.

content blockers performance chrome

Cliqz, a German startup that operates the Cliqz browser and owns the anti-tracking extension Ghostery, ran benchmarks recently to find out whether data would confirm Google’s claim.

The company used a large dataset of popular sites and measured the performance of the content blockers uBlock Origin, Adblock Plus, Ghostery, the adblocker of the Brave browser, and DuckDuckGo’s adblocker.

One of the core findings of the benchmark was that all content blockers, with the exception of DuckDuckGo’s adblocker, added “sub-millisecond median decision time” to each request. In other words, the performance impact of content blockers is negligible.

The test and dataset is available publicly. The selection of content blockers can certainly be criticized, especially since Ghostery is not a full-fledged content blocker like uBlock Origin or Adblock Plus. Gorhill, the developer of uBlock Origin re-ran the test and discovered that Adblock Plus did not perform as well as outlined by the original test results.

Google mentioned content blockers explicitly but other extensions use the webRequest API as well. It is possible that some introduce high cost when using it.

While it is somewhat understandable that Google wants to address performance issues caused by extensions, punishing all for the wrongdoings of some may not be the best course of actions.

To be fair, Google is still discussing changes and noted in a comment that the company does not want extensions to break because of changes made in the new manifest version.

Now You:  What is your take on all of this?

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Benchmark refutes Google’s claim that content blockers slow down Chrome appeared first on gHacks Technology News.

Microsoft changes Windows Update for Business options

Microsoft employee John Wilcox revealed yesterday that Microsoft will remove the Semi-Annual Channel (Targeted) option from Windows Update from Windows 10 version 1903 forward.

Business customers have two options right now to define when updates get released: they may set a deferral period for feature updates and select between the Semi-Annual Channel or Semi-Annual Channel (Targeted). The latter two options may sound confusing at first but are explained easily.

Semi-Annual Channel (Targeted) is identical to what consumers get. It is the only option and that just means that two feature updates of Windows 10 are delivered via Windows Update to consumer devices each year.

Businesses had the option to delay when feature updates become available by switching to the Semi-Annual Channel instead. All that this channel did was delay the update availability by about 4 months. Starting in Windows 10 version 1903, that option won’t be available anymore but the option to delay feature updates remains.

wufb branch readiness 1903

If you open the Advanced Options on a business version of Windows 10 version 1903 or later, you will notice that the option to switch channels has been removed.

While that may look like another attempt of Microsoft to give businesses less choice, it is not really that bad provided that administrators know about this and can react to it as it is easy enough to adjust the deferral period accordingly.

Wilcox notes that there was never a dedicated Semi-Annual Channel release but just a milestone release of the Semi-Annual Channel (Targeted).

What administrators need to do in Windows 10 version 1903 is to adjust the deferral period accordingly to add the removed Semi-Annual Channel delay period that way. Just add 120 days to the deferral period once Windows 10 version 1903 is installed to reflect the change.

Devices configured with a branch readiness of Semi-Annual Channel will get the upgrade to Windows 10 version 1903 with a delay of 60 days according to Microsoft for that release only. The change will be server-side and only active for that particular release; it won’t affect any release after Windows 10 version 1903.

Closing Words

The removal of Semi-Annual Channel may have an impact on devices after the release of Windows 10 version 1903 but only if the administrator does not modify the deferral period.

It could result in feature updates being delivered earlier than expected to Windows for Business devices; Woody Leonhard hopes that the change results in release quality improvements to take the possibility into account.

Microsoft did not state that and it is almost certain that the company would have pushed the narrative if that would be the case (hey, look, we don’t need Semi-Annual Channel (Targeted) anymore because feature update quality increased by this much). I think it is just a consolidation.

Now You: Do you defer or block Windows Updates?

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Microsoft changes Windows Update for Business options appeared first on gHacks Technology News.

Microsoft: help us test new gaming tech on Windows 10 1903 but we don't tell you anything about it

Microsoft released a new build to the Windows 10 Fast Ring Insider Channel yesterday evening. The new build, build number 18334, is a bug fix release mostly.

Microsoft does advertise one new feature on the Windows Experience blog though stating that it is “excited to bring technology tailor-made for gaming to Windows”.

The company wants users who run Insider builds of Windows 10 to help “validate these systems” to make sure they “work as expected”.

It hands out limited copies of State of Decay for that, and published instructions for Insider build users on how to get access to the game and play it. Microsoft promises that it will increase the number of available slots in the coming weeks.

windows 10 gaming

Users who participate in the testing are asked to report any install or game launch issues using the Feedback Hub.

Microsoft does not reveal anything about the “technology tailor-made for gaming” on Windows 10 devices. The entire article, and the linked copy on the Xbox site, offer no information so that users are left in the dark.

Is it related to how games are installed and started? The request to provide feedback if install or start issues are experienced suggests that this could be the case.

We don’t know, however, and it could be something unrelated or something else (or an addition) entirely.  It could be the test of a streaming gaming service on Windows 10 as well, as it is also related to installing and running games.

Lack of information

It is possible that Microsoft does not want to reveal the gaming technology yet that it plans to implement in Windows. It could have said so in the article, however if that is the case.

Whatever the reason may be, the lack of information will surely turn away some users who might be interested if Microsoft would have revealed anything about the new gaming technology that it wants tested in the new build.

The request to test is not the first time Microsoft failed to provide essential information. Update information, known issues for instance, often lack vital information as well.

The company could improve its relationship with administrators and customers by providing essential information; it would drop support requests and questions, and help everyone involved including Microsoft itself.

Now You: What is Microsoft’s secret gaming tech that it tests in the new build?

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Microsoft: help us test new gaming tech on Windows 10 1903 but we don’t tell you anything about it appeared first on gHacks Technology News.

Firefox gets native Windows 10 notifications support

Mozilla plans to switch the notification system that Firefox uses on Windows 10 devices to the operating system’s native notification system soon.

Firefox users who run a Nightly version of the web browser on a Windows 10 device may have noticed that the browser uses the operating system’s notification system to display notifications to the user.

The browser’s old notification system is a custom designed on that remains the default on some versions of Windows.

The two screenshots below show the new notification prompt and the old notification prompt of the Firefox browser.

firefox old new notifications windows 10

I used the HTML5 Web Notifications Test to display these on a machine running the latest Insider build of Windows 10.

The switch changes some things around quite a bit. You may notice the settings icon that the old notification displays in its lower right corner. Firefox users could use it to pause notifications until the next restart of the browser, disable notifications for the site that pushed it to the desktop, or open the notification settings (in Firefox).

The new prompt comes without these options as notifications are handled by the operating system and not Firefox anymore.

The change has a number of consequences for Firefox users on Windows 10. Notifications need to be enabled on the Windows 10 device so that Firefox can push notifications to the desktop.

Here is how that is done (default is on):

  1. Use the keyboard shortcut Windows-I to open the Settings app.
  2. Go to System > Notifications & actions.
  3. Make sure that “get notifications from apps and other senders” is enabled.
  4. Scroll down to “Get notifications from these senders” and make sure Firefox is listed there with the status on.

Control notifications in Firefox

You can turn off notifications entirely for Firefox by setting this to off. It is still necessary to allow sites to use the notifications feature to display them on the desktop.

firefox notifications

Firefox users can manage permissions for individual sites in the following way:

  1. Load about:preferences#privacy in the browser’s address bar.
  2. Scroll down to the Permissions section and select Settings next to Notifications.
  3. There you find listed all sites that you allowed or blocked.
  4. An option to block any new request to allow notifications can be blocked there as well.

Note that you cannot add a site manually to the listing. You need to visit it and accept or block the prompt that it displays in regards to notifications.

Closing Words

Firefox users have two options to block notifications on Windows 10 going forward. They can block notifications in the browser for any new site they encounter or use the Windows 10 notifications settings instead to block Firefox or all notifications.

Mozilla plans to launch the same in Firefox 64 Stable. Firefox 64’s planned release date is December 11, 2018.

Google rolled out native notifications support for Chrome on Windows 10 in August 2018.

Now You: Do you make use of notifications in your browser?

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Firefox gets native Windows 10 notifications support appeared first on gHacks Technology News.