Posted by Unknown
Monday, 2 January 2017
0 comments
Microsoft plans to add Cortana support to Windows 10 IoT Core devices with screens as part of its Windows 10 Creators Update release.
That's according to information Microsoft officials provided to the company's OEM partners at WinHEC 2016 in Shenzhen last week, in a session titled "Cortana and the Speech Platform,"
Microsoft Principal Program Manager May Ji outlined the ways that Microsoft wants its PC and device partners to make use of new "Wake on Voice from Modern Standby" and "Far-field Voice" support that's being added to Windows 10 with the Creators Update that's due out in the Spring of 2017.
Wake on Voice from Modern Standby is a feature that allows Cortana to turn on PCs from off to a full-powered state on devices with Windows 10 "Modern Standby" power-management support. Far-field voice is what will allow Cortana to work in rooms with ambient noise at a distance of up to 13 feet/4 meters away.
The Cortana on Windows 10 IoT Core rollout, which could lag by a few months the rollout of Windows 10 Creators Update for PCs and phones (if history is any indication) will begin with Cortana in English for the US and UK markets, she said, with additional language support coming over time.
With the Windows 10 Anniversary Update, which Microsoft released in early August 2016, Microsoft provided a first step toward making Cortana work better with PCs from afar. The "immersive Cortana experience" in Windows 10 Anniversary allowed Cortana to work above the lockscreen. With the Creators Update, Microsoft plans to make these kinds of capabilities more robust, as Windows Insiders running test build 14986 on PCs began seeing last week.
While some company watchers are expecting the addition of Far-field Voice to enable OEMs to build Windows-based devices similar to Amazon's Echo and Google's Home, Ji made it clear during her session that Microsoft's focus -- even with devices running the Internet of Things (IoT) Core version of Windows 10 -- will be to have Cortana work on devices with screens, not those without screens.
The IoT Core version of Windows 10 is Microsoft's Windows 10 variant for small, embedded Intel- and ARM-based devices that may or may not have screens, such as the Raspberry Pi 2 and MinnowBoard Max boards. Windows 10 IoT Core also is meant for running smaller, low-cost industry devices like IoT gateways, officials have said.
InfoWorld and Oracle White paper: A Database Appliance That is Simple, Optimized and Affordable
DBAs need help with tackling significant issues, including doing more with fewer resources, quickly responding to upgrade and patch needs, while reducing the time spent on cloning databases. Finally, they need help eliminating the time they spend integrating, testing, and deploying full-stack cloud solutions. How can DBAs reconcile these competing demands? Learn more about expanded offerings in a database appliance that are delivering numerous advantages. These new configurations have the potential to help IT derive new benefits in its efforts to serve the business.
White Papers provided by Oracle
In a slide presented during her WinHEC talk, which I've embedded above in this post, Ji showed images of Cortana running on screens on a refrigerator and a thermostat.
Microsoft officials continue to refer to Cortana as a "truly personal digital assistant" that can provide "proactive and personal assistance." At WinHEC, Ji said that there are currently more than 1,000 Cortana "skills" available to developers.
[This article has been updated several times since its initial publication to incorporate changes in Windows 10. Last updated: December 16, 2016]
Over the past year, I've read countless "privacy guides" for Windows 10. Most are well-intentioned, but they invariably take a simplistic approach to privacy: Just turn off every switch in the Privacy section of the Settings app.
If you do that, you're not understanding the privacy landscape, which encompasses far more than just those settings. You're also missing some important additional steps.
Windows 10 is a mix of software and services. With every session, a Windows 10 device exchanges a great deal of information with Microsoft's servers. That's neither unusual nor alarming. Microsoft's chief rivals, Google and Apple, are also blending services into their software, with the goal of making your life easier and making that software more reliable.
So are other tech companies that you don't think of as software companies: Amazon, with the Echo. Tesla, with its self-updating, software-driven cars. Your thermostat and your home security system.
There's something profoundly satisfying about a service that anticipates your every move, reminding you when to leave for an appointment to arrive on time, or to pick up flowers for your anniversary tomorrow. Your digital personal assistant, whether it's Siri or Cortana or Alexa or Google, needs to be able to see your calendar and contacts to make that magic happen.
But when that sort of personal attention goes too far, it "crosses the creepy line," to use a phrase that Eric Schmidt probably regrets uttering when he was Google's CEO.
The thing about that line is that it's drawn in a different place for everyone. I know people who are thrilled at the idea that their PC or mobile device is so familiar with their actions that it can anticipate what they'll do next. I know others who would like to build a virtual Faraday cage around their computing hardware so that none of their personal details can escape.
InfoWorld and Oracle White paper: A Database Appliance That is Simple, Optimized and Affordable
DBAs need help with tackling significant issues, including doing more with fewer resources, quickly responding to upgrade and patch needs, while reducing the time spent on cloning databases. Finally, they need help eliminating the time they spend integrating, testing, and deploying full-stack cloud solutions. How can DBAs reconcile these competing demands? Learn more about expanded offerings in a database appliance that are delivering numerous advantages. These new configurations have the potential to help IT derive new benefits in its efforts to serve the business.
White Papers provided by Oracle
Both of those viewpoints, and everything in between, are perfectly valid. That's why the software and services we use are loaded with switches and dials designed to help you take control of their potential privacy impact.
In this post, I'll walk you through the big privacy questions for Windows 10, with enough context to help you decide which settings are right for you.
Note that this guide assumes you are using Windows 10 on a personal PC or one in your small business. If you are in an enterprise setting, or if you are in a regulated industry, you should seek professional assistance to ensure that you're meeting proper standards.
Let's start with the part of your PC that has the biggest impact on your personal privacy.
THE NETWORK
No one knows more about your online identity than your Internet service provider. Every packet you send or receive from anywhere online goes through their servers. When you travel and connect to Wi-Fi networks that are under the control of others, the owners of those networks can see every connection you make and can intercept their contents.
Regardless of the platform you use, that's why it's important you use encrypted connections for any kind of sensitive communications. Using a virtual private network whenever possible is an excellent best practice.
In the initial release of Windows 10, the Wi-Fi Sense feature allowed Windows 10 to share a Wi-Fi password with some of your contacts. That controversial feature has been removed, and the Wi-Fi Sense feature now consists exclusively of an option to connect to open hotspots that have been marked as known and trusted by Microsoft. If you'd prefer never to make those automatic connections, to to Settings > Network & Internet > Wi-Fi and turn the Connect to suggested open hotspots slider to the Off position.
Windows 10 does offer one obscure option that can help protect third parties from tracking your movements based on your connections to Wi-Fi networks. (Note that this feature requires support from your Wi-Fi adapter, so if you don't see this option, the most likely explanation is that your hardware doesn't support it.) Under Settings > Network & Internet > Wi-Fi, turn the Use random hardware addresses setting to On.
That step keeps third parties from matching your Wi-Fi adapter's hardware address with your personal information, making it more difficult to track your location.
THE BROWSER
Countless third-party ad networks and analytics companies use cookies and other tracking technology to record your movements around the web and to correlate your online activities with your offline identity.
The result is a digital fingerprint that can be extraordinarily detailed and, unfortunately, outside of your ability to change.
To limit the amount of information that those ad and analytics companies know about you from your web browsing, consider third-party anti-tracking software such as Abine's Blur, which is available for every web browser except Microsoft Edge.
If you regularly use Microsoft Edge, the Windows 10 Anniversary Update includes support for a variety of add-ons designed to block ads and tracking. Adblock and AdBlock Plus have been available for several months. uBlock Origin and Ghostery are new to the Windows Store
It's worth noting that some privacy advocates are suspicious of Ghostery because of its uncomfortably close ties to the online advertising industry.
Ad-blocking software can also provide some privacy protection as a side-effect of performing its basic function. Here, too, watch out for close ties between some ad-blocking add-ins and the third-party trackers they supposedly protect you from.
Note that none of these steps is unique to Windows 10. Anti-tracking software is typically a browser add-in and works with most popular browsers.
THE OPERATING SYSTEM
With those two big, platform-independent factors out of the way, we can now turn to Windows 10 itself. When you use a Windows 10 device, it is capable of sharing the following types of information with Microsoft's servers:
Your location
Windows 10 can determine your location to help with actions like automatically setting your current time zone. It can also record a location history on a per-device basis. Go to Settings > Privacy > Location to control the following:
Location on/off Use the master switch at the top of this page to disable all location features for all users of the current device.
Location service on/off If location is on for Windows, you can still turn it off for your user account here.
General location This allows you to set a city, zip code, or region so that apps can deliver relevant content.
Default location Click Set default to open the Maps app and specify the location you want Windows to use when a more precise location is not available.
Location history Click Clear to erase the saved history for a Windows 10 device.
If location is on, a list at the bottom of the Settings > Privacy > Location page allows you to disable access to that data on a per-app basis.
Your input
If you enable Cortana, Windows 10 uploads some info from your devices, such as your calendar, contacts, and location and browsing history, so that Cortana can make personalized recommendations. If you don't want any accounts on your PC to use Cortana, follow the steps in this article to disable the feature completely: Turn off Cortana completely.
Effective with the Anniversary Update, Cortana has some additional options that might be relevant. Open Cortana & Search Settings (you can search for it or click in the search box to open Cortana and then click the gear icon).
If you don't want Cortana to respond to voice input, make sure the "Hey Cortana" option is set to Off. The two Lock Screen options allow you to disable voice control and suppress Cortana's access to email, calendar items, and Power BI data when the device is locked.
Windows 10 uses some feedback from the way you type, write, and speak to improve performance for you and as a way to improve the overall platform. This isn't keystroke logging; rather, the operating system uses a very small amount of information. A separate feature uses your speech and writing history to make better suggestions in Windows and Cortana.
You can control this collection with two sets of controls:
Under Settings > Privacy > General, slide the Send Microsoft info about how I write switch to Off so that your typos aren't used to improve things like the built-in spell checker.
Under Settings > Privacy > Speech, inking, & typing, under the Getting to know you heading, click Stop getting to know me to turn off personalization.
To clear previously saved information associated with your Microsoft account, click the first link under the Manage cloud info heading. That takes you to this Bing Personalization page, which includes this prominent button:
Click Clear to remove that saved information from the cloud.
Files and settings
When you sign in with a Microsoft account, you have the option to save files to the cloud using OneDrive. Windows 10 also syncs some settings to OneDrive, allowing you to have the same desktop background, saved passwords, and other personalized settings when you sign in with that account on multiple PCs.
If you use a local account, of course, none of your settings are synced. If you use a Microsoft account, you can turn off syncing completely or remove certain settings from the sync list by going to Settings > Accounts > Sync Your Settings.
OneDrive is an opt-in service. If you don't sign in, it does nothing. You can't save files to OneDrive accidentally, and no files are uploaded without your explicit permission, which you can revoke any time. To disable OneDrive for all users on your PC, follow these instructions: Shut down OneDrive completely.
Telemetry
Microsoft, like all modern software companies, uses feedback from its installed base to identify problems and improve performance. In Windows 10, this feedback mechanism produces diagnostics data (aka telemetry) that is uploaded to Microsoft at regular intervals. The data is anonymized and is not used to create a profile of you.
If you want more information about how telemetry works, see Windows 10 telemetry secrets: Where, when, and why Microsoft collects your data.
The default telemetry setting for all consumer and small business versions of Windows 10 is Full, which means that the uploaded data includes some details (also anonymized) about app usage. If you are concerned about possible inadvertent leakage of personal information, I recommend that you go to Settings > Privacy > Feedback & diagnostics and change the Diagnostic and usage data setting to Basic.
THE APPS
Although the number of subcategories under the Privacy heading in Settings seems daunting, most of them govern access to your information by Windows Store apps. That set of apps includes those that are preinstalled (Mail, Calendar, Groove Music, Photos, and so on) as well as those you acquire from the Store.
Most of the categories offer a single on-off switch at the top, which you can use to disable all access to that feature by all apps. If you leave the feature enabled, you can use a list of apps at the bottom of the page to enable or disable access on a per-app basis.
This capability works the same with the following categories: Camera, Microphone, Notifications, Account Info, Call History, and Radios. The Other Devices category lets apps automatically share and sync info with wireless devices that aren't explicitly paired with your PC. Use the Background Apps category to specify which apps are allowed to work in the background.
If Location is enabled, you have the option to disable location access on a per-app basis and to disable Geofencing.
The Contacts, Calendar, Email, and Messaging categories allow you to control which apps can have access to these features. If you want to share content from an app using email or messaging, this option has to be on for that app. Note that Mail and Calendar, People, and Phone always have access to your contacts; Mail and Calendar are always allowed to access and send email and always have access to your calendar.
Finally, one horribly misunderstood setting is available under Settings > Privacy > General. Advertising ID controls whether Microsoft serves personalized ads to ad-supported apps. If you turn this option off, you still get ads, but they're not personalized. Regardless of the setting, your information is not shared with advertisers.
Adobe Flash continues its long, slow fade from the mainstream. The latest step is today's announcement that the next release of Microsoft Edge will disable Flash by default, giving users control over whether and when Flash-based content runs.
The feature will appear in upcoming Insider Preview builds and will be released to the general public in the Windows 10 Creators Update, which is due to arrive in early 2017.
By enabling Click-to-Run functionality for Flash content in its built-in Windows 10 browser, Microsoft is matching announced plans from other browser makers, including Apple's Safari, Mozilla's Firefox, and Google's Chrome.
With Click-to-Run enabled, Microsoft Edge will default to HTML5 content when it's available. Here's how Microsoft describes the new feature:
Sites that support HTML5 will default to a clean HTML5 experience. In these cases, Flash will not even be loaded, improving performance, battery life, and security. For sites that still depend on Flash, users will have the opportunity to decide whether they want Flash to load and run, and this preference can be remembered for subsequent visits.
The new move is a continuation of a feature released in the July 2016 Anniversary Update, in which Microsoft Edge selectively pauses "certain Flash content, like ads," if that content is not central to the page.
Both Google and Microsoft have opted to whitelist a set of popular sites that rely on Flash. Microsoft says it plans to "actively monitor Flash consumption in Microsoft Edge and will gradually shorten the list of automatic exceptions."
When Flash is the only option for playing content on a page opened in Microsoft Edge, the user will see a click-to-run prompt like this one:
The decline of Flash began in earnest in 2010, when Apple chose to ignore Flash-based content in its iPad. CEO Steve Jobs outlined the reasons in a public letter that focused on reliability, performance, and especially security problems with Flash. At the time, Flash was a major vector for malware, and Adobe was not taking the problem seriously.
In recent years, Flash has improved on that record through a more aggressive update policy. In Chrome and Microsoft Edge, the Flash plug-in is included by default and updated as part of the operating system.
Microsoft's advice to web developers is to leave Flash behind and instead "migrate to standardized content delivery mechanisms, such as HTML5 Encrypted Media Extensions, Media Source Extensions, Canvas, and Web Audio.
YubiKey for Windows Hello brings hardware-based 2FA to Windows 10
Yubico announced its plans to support Microsoft's Windows Hello platform back in
September at the Ignite conference, with the goal of bringing strong, hardware-based authentication to Windows 10.
Finally, after nearly two months of waiting, the YubiKey for Windows Hello app has landed in the Windows Store. It's a strong solution for retrofitting the additional protection of Windows Hello on systems that don't have built-in support for facial recognition or fingerprint-based sign-in.
The new app requires a YubiKey, Yubico's USB-based device that generates an encrypted, one-time password. Enterprise admins have been using hardware-based authentication for years, making it impossible for phishing attacks and password database breaches to succeed. Even if someone successfully steals your credentials, they can't sign in without proving that they also have the physical device as a second form of identification.
YubiKey support is also available on other services, including Dropbox, GitHub, WordPress, Google accounts, and a gaggle of password managers. That latter category includes LastPass Premium, which has an extension for Microsoft Edge (as well as every other modern browser), meaning you can use hardware-based authentication on Windows and the Web.
On the PC side, the YubiKey solution requires the Windows 10 Anniversary Update (specifically version 1607, build 14393.321 or later) and a Windows user account set up with a PIN.
I tested the authentication support on a Dell laptop using the YubiKey 4, a $40 device that's roughly the same size as a slim flash drive, and a $50 YubiKey 4 Nano, which fits in a USB slot with only a tiny metal protrusion you tap to authenticate. A bundle with a USB Type-C adapter is also available. (Older YubiKey devices might also work, but the newer designs are preferred.)
Setting up a YubiKey to work with Windows Hello takes literally a few seconds. (The device itself doesn't require any drivers or power.) After installing the app, follow the prompts to associate it with your Windows account, a task that requires inserting the key into a free USB slot and tapping it with a finger.
If you own a laptop, you might have experienced "hot bag" syndrome. You put the sleeping laptop into your travel bag and then hours later, discover that it woke up at some point and has been madly using up your battery (and heating up your bag) as it tries to do whatever task it woke up for.
On a PC running Windows 10, one simple solution is to change the behavior of the system so that closing the lid causes the system to hibernate instead of sleeping, saving the system's state to a hibernation file. A hibernating system won't wake up until you tell it to, which means you can count on your bag staying cool and your battery fully charged.
The trade-off, of course, is that getting back to work takes a bit longer as the system loads the contents of the hibernation file instead of resuming from sleep. But on a modern laptop with an SSD, that difference is typically only 10 seconds or so.
To make the change, open the Control Panel (or use the search box on the taskbar) and search for Power Options. That opens the dialog box shown in the upper right of this article. From the list of links on the left, click Choose what closing the lid does.
The options available under the Power Button And Lid Settings section might look a little different depending on how your PC maker implemented this feature, but every modern laptop has the option to define settings for When I close the lid.
Change the behavior under On Battery to Hibernate and then save your changes. The next time you close the PC's lid (or, in the case of a Surface Pro, fold the Type Cover up over the screen), your PC will be guaranteed to keep its cool.
Previous tip: Create a full image backup using this hidden tool