 Microsoft issued a Windows update that broke a Chrome feature, making it harder to change your default browser and annoying Chrome users with popups, Gizmodo has learned. An April Windows update broke a new button in Chrome—the most popular browser in the world—that let you change your default browser with a single click, but the worst was reserved for users on the enterprise version of Windows. For weeks, every time an enterprise user opened Chrome, the Windows default settings page would pop up. There was no way to make it stop unless you uninstalled the operating system update. It forced Google to disable the setting, which had made Chrome more convenient. This petty chapter of the browser wars started in July 2022 when Google quietly rolled out a new button in Chrome for Windows. It would show up near the top of the screen and let you change your default browser in one click without pulling up your system settings. For eight months, it worked great. Then, in April, Microsoft issued Windows update KB5025221, and things got interesting. “Every time I open Chrome the default app settings of Windows will open. I’ve tried many ways to resolve this without luck,” one IT administrator said on a Microsoft forum. A Reddit user noticed that the settings page also popped up any and every time you clicked on a link, but only if Chrome was your default browser. “It doesn’t happen if we change the default browser to Edge,” the user said. Others made similar complaints on Google support forums, some saying that entire organizations were having the issue. Users quickly realized the culprit was the operating system update. For people on the regular consumer version of Windows, things weren’t quite as bad; the one-click “Make Default” button just stopped working. Gizmodo was able to replicate the problem. In fact, we were able to circumvent the issue just by changing the name of the Chrome app on a Windows desktop. It seems that Microsoft threw up the roadblock specifically for Chrome, the main competitor to its Edge browser. Microsoft didn’t answer questions on the subject, but shared a link published before it messed up Chrome.“For information on this, please see this blog post about Microsoft’s approach to app pinning and app defaults in Windows. Microsoft has nothing further to share,” a Microsoft spokesperson said. The post describes the company’s “long-standing approach to put people in control of their Windows PC experience.” Mozilla’s Firefox has its own one-click default button, which worked just fine throughout the ordeal. But according to Steve Teixeira, chief product officer at Mozilla, this isn’t the first anti-competitive move from Microsoft in recent years. “When using Windows machines, Firefox users routinely encounter these kinds of barriers, such as overriding their selection of default browser, or pop-ups and misleading warnings attempting to persuade them that Edge is somehow safer,” Teixeira said. “It’s past time for Microsoft to respect people’s preferences and allow them to use whatever browser they wish without interfering with their choice.” In response, Google had to disable its one-click default button; the issue stopped after it did. In other words, Microsoft seems to have gone out of its way to break a Chrome feature that made life easier for users. Google confirmed the details of this story, but declined to comment further. This is part of a pattern of behavior for Microsoft as it wages war on non-Windows web browsers and the people who use them. Chrome is, it bears repeating, the world’s preferred internet browser, with a reported 66% market share. Earlier this year, Microsoft started inserting full-size ads into the search results if you looked up Google Chrome, saying “There’s no need to change your default browser.” Microsoft went as far as sticking ads for Edge on the Chrome download website itself, stating “Microsoft Edge uses the same technology as Chrome, with the added trust of Microsoft.” There were other bizarre messages to would-be Chrome users as well, with some suggesting Chrome is worse for online shopping, or referring to Google’s browser as “so 2008.” For ore please visit OUR FORUM  The Hyena code is able to handle amounts of data that make GPT-style technology run out of memory and fail. For all the fervor over the chatbot AI program known as ChatGPT, from OpenAI, and its successor technology, GPT-4, the programs are, at the end of the day, just software applications. And like all applications, they have technical limitations that can make their performance sub-optimal. In a paper published in March, artificial intelligence (AI) scientists at Stanford University and Canada's MILA Institute for AI proposed a technology that could be far more efficient than GPT-4 -- or anything like it -- at gobbling vast amounts of data and transforming it into an answer. Known as Hyena, the technology is able to achieve equivalent accuracy on benchmark tests, such as question answering, while using a fraction of the computing power. In some instances, the Hyena code is able to handle amounts of text that make GPT-style technology simply run out of memory and fail. "Our promising results at the sub-billion parameter scale suggest that attention may not be all we need," write the authors. That remark refers to the title of a landmark AI report of 2017, 'Attention is all you need'. In that paper, Google scientist Ashish Vaswani and colleagues introduced the world to Google's Transformer AI program. The transformer became the basis for every one of the recent large language models. But the Transformer has a big flaw. It uses something called "attention," where the computer program takes the information in one group of symbols, such as words, and moves that information to a new group of symbols, such as the answer you see from ChatGPT, which is the output. That attention operation -- the essential tool of all large language programs, including ChatGPT and GPT-4 -- has "quadratic" computational complexity (Wiki "time complexity" of computing). That complexity means the amount of time it takes for ChatGPT to produce an answer increases as the square of the amount of data it is fed as input. At some point, if there is too much data -- too many words in the prompt, or too many strings of conversations over hours and hours of chatting with the program -- then either the program gets bogged down providing an answer, or it must be given more and more GPU chips to run faster and faster, leading to a surge in computing requirements. In the new paper, 'Hyena Hierarchy: Towards Larger Convolutional Language Models', posted on the arXiv pre-print server, lead author Michael Poli of Stanford and his colleagues propose to replace the Transformer's attention function with something sub-quadratic, namely Hyena. The authors don't explain the name, but one can imagine several reasons for a "Hyena" program. Hyenas live in Africa and can hunt for miles and miles. In a sense, a very powerful language model could be like a hyena, which is picking over carrion for miles and miles to find something useful. But the authors are really concerned with "hierarchy", as the title suggests, and families of hyenas have a strict hierarchy by which members of a local hyena clan have varying levels of rank that establish dominance. In some analogous fashion, the Hyena program applies a bunch of very simple operations, as you'll see, over and over again, so that they combine to form a kind of hierarchy of data processing. It's that combination element that gives the program its Hyena name. More in depth reading can be found on OUR FORUM.  Microsoft’s Digital Crimes Unit (DCU), cybersecurity software company Fortra™ and Health Information Sharing and Analysis Center (Health-ISAC) are taking technical and legal action to disrupt cracked, legacy copies of Cobalt Strike and abused Microsoft software, which have been used by cybercriminals to distribute malware, including ransomware. This is a change in the way DCU has worked in the past – the scope is greater, and the operation is more complex. Instead of disrupting the command and control of a malware family, this time, we are working with Fortra to remove illegal, legacy copies of Cobalt Strike so they can no longer be used by cybercriminals. We will need to be persistent as we work to take down the cracked, legacy copies of Cobalt Strike hosted around the world. This is an important action by Fortra to protect the legitimate use of its security tools. Microsoft is similarly committed to the legitimate use of its products and services. We also believe that Fortra choosing to partner with us for this action is recognition of DCU’s work fighting cybercrime over the last decade. Together, we are committed to going after the cybercriminal’s illegal distribution methods. Cobalt Strike is a legitimate and popular post-exploitation tool used for adversary simulation provided by Fortra. Sometimes, older versions of the software have been abused and altered by criminals. These illegal copies are referred to as “cracked” and have been used to launch destructive attacks, such as those against the Government of Costa Rica and the Irish Health Service Executive. Microsoft software development kits and APIs are abused as part of the coding of the malware as well as the criminal malware distribution infrastructure to target and mislead victims. The ransomware families associated with or deployed by cracked copies of Cobalt Strike have been linked to more than 68 ransomware attacks impacting healthcare organizations in more than 19 countries around the world. These attacks have cost hospital systems millions of dollars in recovery and repair costs, plus interruptions to critical patient care services including delayed diagnostic, imaging, and laboratory results, canceled medical procedures, and delays in delivery of chemotherapy treatments, just to name a few. Fortra and Microsoft’s investigation efforts included detection, analysis, telemetry, and reverse engineering, with additional data and insights to strengthen our legal case from a global network of partners, including Health-ISAC, the Fortra Cyber Intelligence Team, and Microsoft Threat Intelligence team data and insights. Our action focuses solely on disrupting cracked, legacy copies of Cobalt Strike and compromised Microsoft software. Microsoft is also expanding a legal method used successfully to disrupt malware and nation-state operations to target the abuse of security tools used by a broad spectrum of cyber criminals. Disrupting cracked legacy copies of Cobalt Strike will significantly hinder the monetization of these illegal copies and slow their use in cyberattacks, forcing criminals to re-evaluate and change their tactics. Today’s action also includes copyright claims against the malicious use of Microsoft and Fortra’s software code which are altered and abused for harm. More detailed information can be found on OUR FORUM. |
Latest Articles
|