The Met Office is working with Microsoft to build a weather forecasting supercomputer in the UK. From a report: They say it will provide more accurate weather forecasting and a better understanding of climate change. The UK government said in February 2020 it would invest $1.6bn in the project. It is expected to be one of the top 25 supercomputers in the world when it is up and running in the summer of 2022. Microsoft plans to update it over the next decade as computing improves. "This partnership is an impressive public investment in the basic and applied sciences of weather and climate," said Morgan O'Neill, assistant professor at Stanford University, who is independent of the project. "Such a major investment in a state-of-the-art weather and climate prediction system by the UK is great news globally, and I look forward to the scientific advances that will follow." The Met Office said the technology would increase their understanding of the weather -- and will allow people to better plan activities, prepare for inclement weather and get a better understanding of climate change.

Artem S. Tashkinov writes: Over the past ten years, Firefox market share has decreased substantially and the web browser has lost its appeal and coolness. Seeing that, someone at Mozilla probably decided that the best way to entice people back is by changing its UI, thus Firefox has already seen quite a huge number of changes despite other major web browsers staying relatively the same in terms of their visuals; i.e. Google Chrome and Apple Safari look almost the same as they did a decade ago. The most substantial redesign, which is being prepared for the next release, called Proton, promises to drive most power users away because it's broken on a number of levels and makes using the browser a very unpleasant experience.

So, what has changed:
- The compact density option for the address bar is now gone, and not only that, the title bar is now a lot taller than before. Overall, vertically, the title bar and address bar now take almost a dozen pixels more than previous Firefox releases, which steals very precious vertical space.
- The floating tabs. The active tab is now totally disconnected from the active web page and it looks out of place.
- The inactive tabs now completely lack a delimiter between them; and in the case of websites lacking a favicon, all inactive tabs look like one, which makes understanding what's open and what to click very difficult and time consuming.
- Mozilla has removed icons from menus, which makes navigating them slower and more difficult. Human beings can easily recognize and memorize icons, and now instead you have to read 20 menu items and try to understand what you actually need to click. Just to illustrate it, check how Firefox 88 looks and what is up and coming.

It surely looks like whatever UX studies Mozilla has done were either not run properly, or the data being collected was not properly understood. Mozilla has disabled feedback for Firefox, they've made it abundantly clear that you cannot leave comments in their Bugzilla, and considering they want to deprecate userChrome.css, it makes it impossible to restore the semblance of a good web browser experience. The Slashdot crowd loves free and open-source web browsers, so the question is, how can we make the company stop maiming and destroying their most important product?

theodp writes: Code.org on Wednesday announced that dozens of industry, education, and state leaders are supporting a new Code.org AP CS A Java-focused curriculum for high school students, which will be available at no charge to all schools starting in the 2022-23 school year. "We are proud to have the following companies on our Industry Advisory Panel: Adobe, Amazon, Atlassian, Disney, Epic Games, Goldman Sachs, Google, IBM, Instagram, Microsoft, Riot Games, Roblox, Snapchat, Spotify, Tesla, Unity, Vista Equity," Code.org tweeted. "A big thank you to the following colleges and universities on our Education Advisory Panel: @BowieState @UBuffalo @CarnegieMellon @Harvard @montgomerycoll @NCWIT @thisisUIC @Illinois_Alma @unlv @UNOmaha @SpelmanCollege @UT_Dallas @UW @westminsterpa." In an accompanying Medium post, Code.org explained: "This work is all made possible through a generous [$15 million] gift from Amazon Future Engineer."

Despite having the support of some of the world's richest corporations and individuals whose goals the nonprofit helps advance, recently-released SBA records show that Code.org applied for and was approved for its second forgivable Federal Paycheck Protection Program loan in the amount of $1.9 million dollars on March 25, a month after Amazon and Code.org issued a joint press release announcing their $15 million plan to work on a new AP CS A curriculum and other initiatives. Amazon certainly has ambitious plans for influencing K-12 CS education. Last week, the company announced a 2021 goal to "reach 1.6 million underrepresented students globally through Amazon Future Engineer with real world-inspired virtual and hands-on computer science project learning." And an Amazon Future Engineer job listing for a U.S. Country Senior Manager notes the job will require working "with national and local educational non-profits and governmental entities such as BootUp, Project STEM, Code.org, and the US and State Departments of Education," as well as positioning Amazon "as subject matter experts on US computer science education, as well as the local education systems of our headquarter regions."

jonesy16 writes: While users have long been able to run Linux GUI apps on Windows by installing a separate X Server, this marks the first time that native support is available through the Windows Subsystem for Linux (WSL). Audio support and hardware acceleration are also provided, seemingly enabling a limitless set of use cases for those wishing to live the dual OS life. The change is identified in the recent preview build release along with a more in-depth discussion of the graphical subsystem now called WSLg.

Technology giants led by Apple and Microsoft disclosed more than $100 billion in profit outside the U.S. in their last fiscal years, making them prime targets of President Joe Biden's proposals to boost taxes on earnings stashed overseas. From a report: The tax proposals, unveiled this month to help foot the bill for massive infrastructure plans, target common tactics used by U.S. multinationals such as stashing income-generating assets in low-tax offshore jurisdictions. The tech industry is particularly adept at shifting profits to tax-friendly locales because its main assets -- software code, patents and other intellectual property -- are relatively easy to move around compared to factories and other physical assets.

Former President Donald Trump's 2017 Tax Cuts and Jobs Act was supposed to crack down on offshore tax maneuvering, but Republicans neutered the rules by adding extra deductions and other benefits, according to Andrew Silverman, a tax policy analyst at Bloomberg Intelligence. Big Tech will find it harder to dodge Biden's plan because, if turned into law, it would close most of the loopholes left by Trump's 2017 legislation. The move threatens to leave the industry further at odds with Washington, where lawmakers are already scrutinizing the spread of misinformation on online platforms and regulators are embarking on antitrust investigations into large tech companies.

China is behind a newly discovered series of hacks against key targets in the U.S. government, private companies and the country's critical infrastructure, cybersecurity firm Mandiant said Wednesday. From a report: The hack works by breaking into Pulse Secure, a program that businesses often use to let workers remotely connect to their offices. The company announced Tuesday how users can check to see if they were affected but said the software update to prevent the risk to users won't go out until May. The campaign is the third distinct and severe cyberespionage operation against the U.S. made public in recent months, stressing an already strained cybersecurity workforce.

The U.S. government accused Russia in January of hacking nine government agencies via SolarWinds, a Texas software company widely used by American businesses and government agencies. In March, Microsoft blamed China for starting a free-for-all where scores of different hackers broke into organizations around the world through the Microsoft Exchange email program. In all three campaigns, the hackers first used those programs to hack into victims' computer networks, then created backdoors to spy on them for months, if not longer. The U.S. Cybersecurity and Infrastructure Security Agency, or CISA, said in a warning Tuesday evening the latest hacking campaign is currently "affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations."

Canonical released Ubuntu 21.04 with native Microsoft Active Directory integration, Wayland graphics by default, and a Flutter application development SDK. Separately, Canonical and Microsoft have announced performance optimization and joint support for Microsoft SQL Server on Ubuntu. Canonical blog adds: "Native Active Directory integration and certified Microsoft SQL Server on Ubuntu are top priorities for our enterprise customers." said Mark Shuttleworth, CEO of Canonical. "For developers and innovators, Ubuntu 21.04 delivers Wayland and Flutter for smoother graphics and clean, beautiful, design-led cross-platform development." You can read the full list of new features and changelog here.

An anonymous reader quotes a report from The New York Times: The European Union unveiled strict regulations on Wednesday to govern the use of artificial intelligence, a first-of-its-kind policy that outlines how companies and governments can use a technology seen as one of the most significant, but ethically fraught, scientific breakthroughs in recent memory. The draft rules would set limits around the use of artificial intelligence in a range of activities, from self-driving cars to hiring decisions, bank lending, school enrollment selections and the scoring of exams. It would also cover the use of artificial intelligence by law enforcement and court systems -- areas considered "high risk" because they could threaten people's safety or fundamental rights.

Some uses would be banned altogether, including live facial recognition in public spaces, though there would be several exemptions for national security and other purposes. The108-page policy is an attempt to regulate an emerging technology before it becomes mainstream. The rules have far-reaching implications for major technology companies that have poured resources into developing artificial intelligence, including Amazon, Google, Facebook and Microsoft, but also scores of other companies that use the software to develop medicine, underwrite insurance policies and judge credit worthiness. Governments have used versions of the technology in criminal justice and the allocation of public services like income support. Companies that violate the new regulations, which could take several years to move through the European Union policymaking process, could face fines of up to 6 percent of global sales.

The European Union regulations would require companies providing artificial intelligence in high-risk areas to provide regulators with proof of its safety, including risk assessments and documentation explaining how the technology is making decisions. The companies must also guarantee human oversight in how the systems are created and used. Some applications, like chatbots that provide humanlike conversation in customer service situations, and software that creates hard-to-detect manipulated images like "deepfakes," would have to make clear to users that what they were seeing was computer generated. [...] Release of the draft law by the European Commission, the bloc's executive body, drew a mixed reaction. Many industry groups expressed relief that the regulations were not more stringent, while civil society groups said they should have gone further.

Microsoft is updating Outlook to give companies the option to automatically start or end all meetings early to ensure employees have a break between back-to-backs. New settings in Outlook are rolling out to help reduce the digital overload of working remotely. From a report: Companies can set their own scheduling defaults, and they're fully customizable. That means you could have five minutes blocked off before or after a 30-minute meeting, or 10-15 minutes after hourlong meetings. Individuals can also set their own scheduling defaults, but the company-wide option is the significant change here. The inclusion of the new change comes after Microsoft's own research confirmed that back-to-back virtual meetings are stressful. CNBC adds: For the research, 14 individuals took part in video meetings while wearing electroencephalogram (EEG) equipment to measure brain activity, one day attending stretches of four half-hour meetings back-to-back, while on another day four half-hour meetings interspersed with 10-minute breaks. Lack of breaks resulted in spikes in the beta waves associated with stress building up near the transition periods between meetings, while breaks allowed brains to reset and better engage. Pictures of what the human brain actually looks like "on meeting" are in the full report.

According to the United Kingdom's Security Service, known as MI5, hostile states are creating fake LinkedIn profiles to trick users into spilling secrets. The BBC reports: At least 10,000 UK nationals have been approached by fake profiles linked to hostile states, on the professional social network LinkedIn, over the past five years, according to MI5. "Malicious profiles" are being used on "an industrial scale," the security agency's chief, Ken McCallum, said. A campaign has been launched to educate government workers about the threat. The effort -- Think Before You Link -- warns foreign spies are targeting those with access to sensitive information. One concern is the victims' colleagues, in turn, become more willing to accept follow-up requests - because it looks as if they share a mutual acquaintance.

MI5 did not specifically name LinkedIn but BBC News has learned the Microsoft-owned service is indeed the platform involved. The 10,000-plus figure includes staff in virtually every government departments as well as key industries, who might be offered speaking or business and travel opportunities that could lead to attempts to recruit them to provide confidential information. And it is thought a large number of those approached engaged initially with the profiles that contacted them online.

Microsoft and video-game chat company Discord have ended takeover talks after Discord rejected a $12 billion bid, Bloomberg reported Tuesday, citing a people familiar with the matter. From the report: Discord is now focused on a potential public listing in the long term, the people said, asking not to be identified because the matter is private. Several other companies also tried to buy Discord in recent weeks, the people said. The identity of these companies couldn't immediately be learned. San Francisco-based Discord is best known for its free service that lets gamers communicate by video, voice and text. People stuck at home during the pandemic have increasingly used its technology for study groups, dance classes, book clubs and other virtual gatherings.

Dave Knott writes: Microsoft has announced Visual Studio 2022, the next major revision of their flagship development IDE. A public beta will be arriving this summer. The most significant change, which has long been rumored, is that the entire application suite will now be 64-bit. Other major changes include:

* Performance improvements in the core debugger
* Support for .NET 6, which can be used to build web, client and mobile apps by both Windows and Mac developers, as well as improved support for developing Azure apps
* An update UI meant to reduce complexity and which will add integration with Accessibility Insights. Microsoft plans to update the icons and add support for Cascadia Code, a new fixed-width font for better readability
* Support for C++ 20 tooling. language standardization and Intellisense
* Integration of text chat into the Live Share collaboration feature
* Additional support for Git and GitHub
* Improved code search

An anonymous reader quotes a report from 9to5Google: The latest addition coming to Microsoft Edge is "performance mode." Rolling out first to the Canary channel, "performance mode" in Microsoft Edge is designed to improve how the browser uses the resources available to it. In practice, Microsoft says the new mode will improve speed and responsiveness overall while "optimizing" the use of battery, CPU, and RAM. Apparently, the mode may adjust based on your browsing habits too. "Performance mode helps you optimize speed, responsiveness, memory, CPU and battery usage," says Microsoft. "Performance improvements might vary depending on your individual specifications and browser habits."

One specific change Microsoft notes is that the "Sleeping Tabs" feature in Edge will be locked to five minutes when performance mode is turned on. "Sleeping Tabs" essentially freezes a tab that's left open in the background, saving resources when it's not actively being used. Performance Mode is rolling out now in version 91.0.856.0, available in the Canary channel. The toggle is available in the "System" section of the settings menu.

Microsoft's Xbox Cloud Gaming service, previously known as xCloud, will begin rolling out in beta to iPhones, iPads and PCs this week. The service will be invite-only to start, Microsoft said in a blog post on Monday. From a report: Xbox Cloud Gaming was on track to launch for iPhones and iPads earlier, but Apple updated its App Store rules in September that impacted services like Xbox Gaming and Google Stadia. Apple's move forced the companies to use web browsers to redesign their services so that they could circumvent the App Store rules. Under the rules, Microsoft, Google and other companies with similar services would have had to offer each game as an individual download instead of offering a complete library the way Netflix does for movies.

Xbox Cloud Gaming is sort of like Netflix for games. People who subscribe to Microsoft's $14.99/month Xbox Game Pass Ultimate plan can access more than 100 titles. The cloud gaming aspect lets you stream the games without having to download them, provided you have a fast enough internet connection. The streaming option is already available for Android phones.

"In Microsoft's ongoing endeavor to convert people to its rebooted Edge web browser, it's launching a new Kids Mode that makes it easy for parents to control how their children surf the web," reports Gizmodo: Parents have the choice between two versions, one for ages five to eight years and one for ages nine to 12 years. Both enable the strictest level of tracking prevention in Edge and Bing SafeSearch by default to filter out adult text, images, and videos from search results. The only difference between the two age ranges is that the older one includes a newsfeed with curated articles from MSN for Kids. Don't worry though: It focuses on more kid-friendly topics like fun science and animal facts rather than breaking news and politics, Microsoft said.

Kids Mode also restricts what sites kids have access to, with roughly 70 popular kids sites allowed from the get-go (any additional allowable sites have to be added to the list individually). If a child tries to view a site that's not on that list, they're met with a cutesy block page, pictured below, that prompts them to ask an adult for permission.

America's top law enforcement agency "obtained a court order that allowed it to remove a backdoor program from hundreds of private Microsoft Exchange servers that were hacked through zero-day vulnerabilities earlier this year," reports CSO. (Thanks to detritus. (Slashdot reader #46,421) for sharing the news...) Earlier this week, the Department of Justice announced that the FBI was granted a search and seizure warrant by a Texas court that allows the agency to copy and remove web shells from hundreds of on-premise Microsoft Exchange servers owned by private organizations. A web shell is a type of program that hackers install on hacked web servers to grant them backdoor access and remote command execution capabilities on those servers through a web-based interface.

In this case, the warrant targeted web shells installed by a cyberespionage group dubbed Hafnium that is believed to have ties to the Chinese government. In early March, Microsoft reported that Hafnium has been exploiting previously unpatched vulnerabilities in Microsoft Exchange to compromise servers. At the same time, the company released patches for those vulnerabilities, as well as indicators of compromise and other detection tools, but this didn't prevent other groups of attackers from exploiting the vulnerabilities after they became public. In its warrant application, dated April 13, the FBI argues that despite the public awareness campaigns by Microsoft, CISA and the FBI itself, many servers remained infected with the web shell deployed by Hafnium. While the exact number has been redacted from the unsealed warrant, the DOJ said in a press release that it was "hundreds."

The FBI asked for, and received court approval, to access the malicious web shells through the passwords set by the original attackers and then use that access against the malware itself by executing a command that will delete the web shell, which is essentially an .aspx script deployed on the server. The FBI was also allowed to make a copy of the web shells first because they could constitute evidence.

The warrant states that it "does not authorize the seizure of any tangible property" or the copying or alteration of any content from the servers aside from the web shell themselves, which are identified in the warrant by their unique file paths. This means the FBI was not granted permission to patch the vulnerabilities to protect the servers from future exploitation or to remove any additional malware or tools that hackers might have already deployed...

The FBI sent an email message from an official email account, including a copy of the warrant, to the email addresses associated with the domain names of the infected servers.
An official statement from the Department of Justice is already using the past tense, announcing that U.S. authorities "have executed a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable computers in the United States. They were running on-premises versions of Microsoft Exchange Server software used to provide enterprise-level email service."

Facebook has reached a key environmental goal early: The social media company now purchases enough renewable energy to run all of its operations around the world, it announced this week. CBS News reports: Facebook joins a handful of tech companies that have committed to ambitious green energy goals, including Microsoft, Apple and Alphabet, the parent company of Google. Over the past few years, Facebook has cut its greenhouse gas emissions significantly. Since 2017, carbon emissions from the company's operations have fallen by 94%, surpassing its goals of reducing emissions by three-quarters, according to its sustainability report. Emissions were cut primarily by focusing on the massive data centers that power the servers running Facebook's services, as well as its office locations.

"Data centers for us are the primary sources of electricity consumption and the primary footprint we've been thinking about," said Urvi Parekh, the company's director of renewable energy. Cutting down emissions meant "making our data centers as efficient as possible and reducing the amount of electricity that's consumed" as well as purchasing enormous amounts of wind and solar power to run those centers. Last year, when most of its employees started working remotely, Facebook said it purchased enough clean energy to match the amount used by employees working at home. The company still emits some carbon from its construction activity and natural-gas use in some locations where it has no other energy options, Parekh said. Last year, that was the equivalent of 38,000 metric tons of carbon dioxide (or about as much carbon as is emitted from 8,900 cars driving for one year). Facebook is offsetting those emissions by investing in reforestation and other carbon-removal projects, Parekh said. The company has set a new goal of reaching net-zero emissions across its entire supply chain by 2030.

Google is all alone with its proposed advertising technology -- FLoC-- to replace third-party cookies. Every major browser that uses the open source Chromium project has declined to use it, and it's unclear what that will mean for the future of advertising on the web. Firefox, Safari, Microsoft Edge, Vivaldi, and Brave have said they are not implementing Google's FLoC into their browsers.

Parallels today announced the release of Parallels Desktop 16.5 for Mac with full support for M1 Macs, allowing for the Windows 10 ARM Insider Preview and ARM-based Linux distributions to be run in a virtual machine at native speeds on M1 Macs. From a report: Parallels says running a Windows 10 ARM Insider Preview virtual machine natively on an M1 Mac results in up to 30 percent better performance compared to a 2019 model 15-inch MacBook Pro with an Intel Core i9 processor, 32GB of RAM, and Radeon Pro Vega 20 graphics. Parallels also indicates that on an M1 Mac, Parallels Desktop 16.5 uses 2.5x less energy than on the latest Intel-based MacBook Air. Microsoft does not yet offer a retail version of ARM-based Windows, with the Windows 10 ARM Insider Preview available on Microsoft's website for Windows Insider program members. The ability to run macOS Big Sur in a virtual machine is a feature that Parallels hopes to add support for in Parallels Desktop later this year as well.

April showers bring hours of patches as Microsoft delivers its Patch Tuesday fun-fest consisting of over a hundred CVEs, including four Exchange Server vulnerabilities reported to the company by the US National Security Agency (NSA). The Register reports: Forty-four different products and services are affected, mainly having to do with Azure, Exchange Server, Office, Visual Studio Code, and Windows. Among the vulnerabilities, four have been publicly disclosed and a fifth is being actively exploited. Nineteen of the CVEs have been designated critical. "This month's release includes a number of critical vulnerabilities that we recommend you prioritize, including updates to protect against new vulnerabilities in on-premise Exchange Servers," Microsoft said in its blog post. "These new vulnerabilities were reported by a security partner through standard coordinated vulnerability disclosure and found internally by Microsoft. We have not seen the vulnerabilities used in attacks against our customers.

Clicking through Microsoft's coy links to CVE-2021-28480 (9.8 severity), CVE-2021-28481 (9.8 severity), CVE-2021-28482 (8.8 severity), and CVE-2021-28483 (9.0 severity), you'll find the unspecified security partner is the NSA. Exchange Server 2013 CU23, Exchange Server 2016 CU19 and CU20, and Exchange Server 2019 CU8 and CU9 are affected by this set of problems. "NSA urges applying critical Microsoft patches released today, as exploitation of these #vulnerabilities could allow persistent access and control of enterprise networks," the signals intelligence agency said via Twitter.