Author: Martin Brinkmann

When I was young, I studied German, History and English at Essen University in Germany. I worked in computer support for several years at the time to help other computer users when they ran into issues. Writing started out as a passion project, as I wanted to help more users and not just the ones that I handled in support. This lead to the founding of Ghacks Technology News in 2005. First, as a side-project, but shortly thereafter as a full-time project as the site's popularity exploded. I sold Ghacks to Softonic some years ago, but stayed on as Editor. You can still read my articles on the site. I do publish on Betanews as well. In recent years, I started to write and publish technology books, including my latest book "Windows 11 From Beginner to Advanced", which is available on Amazon. I'm also a freelance writer for the German publisher Gamestar. Chipp.in is my newest project. I want to use it to talk about my book projects, sell my books directly, and write about technology, as this is what interests me.
Firefox

Firefox 127 point updates incoming – here is what we know

Posted on by Martin Brinkmann

Mozilla plans to release the first Firefox 127 point update later today. Firefox 127.0.1 will be released for all supported platforms. It is a non-security update that fixes four different issues in the browser.

The release won’t include the fix for YouTube playback issues mentioned earlier this week. It will be in Firefox 127.0.2, so expect this release shortly thereafter.

Concerning Firefox 127.0.1, here is what is fixed in this release:

  • Fixed an issue that could cause Firefox users to lose access to sessions of tabs during upgrades. This was caused by a bug that happened only when users would dismiss the primary password prompt.
  • Fixed a slow audio speed issue on Linux that started with Firefox 127.0. It only happened if the preference accessibility.monoaudio.enable was set to TRUE.
  • The loading of the full Windows installer failed “in some circumstances” when executing the stub installer.
  • Firefox has been incorrectly rejecting cookies for “certain websites” since Firefox 127. One affected website is Solarwinds Papertrail.

Mozilla plans to release the new version of Firefox to all supported channels later today.

Firefox 127.0 was released last week to the public. It introduced a number of important changes, including:

  • It is now possible to add another layer of protection to the passwords functionality. This is available on Windows and macOS, and adds the operating system’s authentication as the barrier.
  • Firefox will upgrade HTTP media on HTTPS pages automatically, or block the media from loading.
  • Improved screenshots tool, which now supports taking screenshots from certain file types.

What about you? Have you tried Firefox recently? Did you encounter any of these bugs? Feel free to leave a comment down below.

Microsoft divides Windows userbase for a second time

Posted on by Martin Brinkmann

The last couple of years have been a difficult ride for the majority of Windows users. It all began with the release of Windows 11. Microsoft released the new version of Windows back in October 2021 to the public.

Several months before that release, it made it abundantly clear that Windows 11 would ship with new hardware requirements.

These requirements, particularly the need for a TPM chip and a relatively modern processor, blocked part of the userbase from upgrading to Windows 11 officially.

Granted, enthusiasts found ways to bypass the requirements and upgrade devices to Windows 11, but the majority of users does not know about Rufus or ways to bypass the requirements.

This divided the Windows userbase for the first time ever since Windows came to be. Hundreds of million of devices with Windows 10 cannot be upgraded to Windows 11 according to estimates. Microsoft, at least, gives customers an option to extend support by up to three years, but this comes at a price.

The second divide: Copilot+ PCs

Microsoft is dividing the Windows userbase again, less than three years after the official launch of Windows 11. Now, it is affecting the Windows 11 userbase.

The new Copilot+ PC type has different hardware requirements again. This time, requirements include a neural processing unit for AI processing on the device among other things.

While Microsoft won’t prevent regular Windows 11 systems from upgrading to Windows 11 version 24H2, it will block certain features on these devices.

In other words, if you do not have a Copilot+ PC, you won’t get all the features of Windows 11 anymore. While that is been the case for smaller features, including Auto DRM or DirectStorage, Microsoft is introducing a new dimension here.

Major features, including the controversial Recall feature, but also smaller features, such as features of the default image editor Paint, are Copilot+ PC exclusives. If you do not have one, you won’t be able to use these features, even if you wanted to.

Closing Words

Arguably, the second divide isn’t as major as the first. Windows 11 customers can continue to use their devices at least. Still, with a large number of Windows 10 customers left without any official options from Microsoft, and most current Windows 11 customers without access to many of the upcoming AI features, one has to wonder whether that is the best course of action.

If Microsoft would have known about the rise of AI in 2021, it could have waited with the release of Windows 11 until 2024. Or, it could have allowed Windows 10 devices to upgrade to Windows 11. All of these options were not really practicable from Microsoft’s point of view. It could have done that, but it wanted Windows 11 devices to be on modern hardware only. The rise of AI in 2023 came out of nowhere, practically.

Devices need enough processing power, using NPU chips, to compute certain AI tasks on the device. While it would still be possible to allow devices without AI chips to make use of these features, it would probably be unbearable slow.

In closing, Microsoft seems to have moved itself into a corner with the release of Windows 11 and the enforcement of new system requirements. The sudden rise of AI services and features require another round of adjustments to the system requirements.

Still, this is going to be a problem for Microsoft in the short run. What will all the Windows 10 customers do who cannot upgrade their devices to Windows 11?

Facebook Instagram

Meta gives Europeans a pass – won’t use data for AI training

Posted on by Martin Brinkmann

European Facebook and Instagram users may breathe a sigh of relief, as their public data won’t be used by Meta for AI training for the time being.

Meta published an update regarding the use of data from European users on Facebook.

Here are the highlights:

  • Meta will pause plans to train its large language models using publicly shared content from European users on Facebook or Instagram.
  • Data protection agencies from 11 countries from the EU have filed complaints against Meta.
  • Meta calls it a “step backwards for European innovation”.

The decision does not change the handling of data from users outside of the European Union. Meta will use public data from these users to train its AI systems.

Meta said that it hopes that the data protection authorities chance their stance on the issue. The company said previously that it would use public posts and comments from users over the age of 18 only for AI training. European users were the only ones to get an opt-out option.

While Meta said that it remains committed to bringing AI functionality to users from the European Union, it added that the lack of local information would make it a “second-rate experience”.

Here is an interesting idea: how about making the training opt-in? Giving Facebook and Instagram users the option to give Meta permission to use their data for AI training.

The main issue here, at least for Meta, is that it would gain access to a fraction of the data only. Opt-in systems are favored by users, as they give them full control over a feature. They are disliked by companies, as it limits the reach significantly.

Meta could counter this by giving users incentives to share their data. It will be interesting to see how this will turn out in the end. Meta said that it will “continue to work collaboratively” with the Irish Data Protection Commission.

Would you allow companies to use your public data for AI training?

YouTube Firefox Playback issue

Try these fixes if you have problems playing 1080p+ videos on YouTube in Firefox

Posted on by Martin Brinkmann

For approximately four months, some Firefox users have experienced video playback issues while playing videos on YouTube.

Affected users noted that certain videos would stop playing on the site all of a sudden. YouTube would show a loading animation and it appeared that buffering was the culprit in many cases.

When Mozilla started to analyze the issue, it quickly discovered that 1080p or higher quality videos were affected only.

In particular, Mozilla discovered that 1080p, 2k and 4k videos on YouTube were affected when played in Firefox. The issues did not occur on every video playback and not for every user.

The issue is linked to the VP9 protocol that Google uses on YouTube.

Mozilla is keeping track of the issue here, but there is no fix available yet. This has not stopped some of the affected users from trying different things to get the issue fixed on their end.

Here are three solutions that worked for some affected users, but not for all of them:

  • Reduce the video quality with a click on the settings icon in the video player and the selection of quality from the menu that opens.
  • Install the enhanced-h264ify extension for Firefox. The extension switches playback to H.264 by default, but you can experiment with different codecs to see if any work.
  • Try setting the value of network.http.http3.enable to False on about:config.

These workarounds worked for some of the affected users, but not for everyone. Some lower the video quality, but they at least let affected users watch the videos that do not work otherwise.

Another option is to switch to a different browser for the time being, all Chromium-based browsers work, which should not surprise anyone, or third-party services such as Invidious or Freetube.

Did you experience issues on YouTube lately? Google has been cracking down on adblock users heavily in recent time.

Microsoft explains unintentionally why offline accounts are better in Windows

Posted on by Martin Brinkmann

The release of Windows 10 saw a fundamental shift towards Microsoft accounts. While users got to choose between local and Microsoft accounts in Windows 10, it was clear that Microsoft’s intention was to get customers to use online accounts.

It integrated new features into Windows that required an online account. From OneDrive over the synchronization of settings to the ability to restore an account password.

Microsoft shifted into a higher gear with the release of Windows 11. It enforces the creation of a Microsoft account on first setup now for Home and Pro systems.

Many workarounds do not work anymore, but there may still be options to deal with the user-unfriendly behavior. Still, most users may not know about these and that forces them to create the Microsoft account.

It is possible to create local accounts after the initial setup phase and delete the Microsoft account, but Microsoft has scattered warnings across the system in that case.

Microsoft highlights the advantages of local accounts

The support page “Change from a local account to a Microsoft account” on Microsoft’s official support website lists the advantages of both local and Microsoft accounts.

Here is what Microsoft has to say about local accounts (via WinFuture)

A local account is created on the device and doesn’t require Internet connectivity to sign in. It’s independent of other services, and it’s not connected to the cloud. Your settings, files, and applications are limited to that single device

While that is meant to be discouraging, may of the users who prefer local accounts may beg to differ.

The key here is that local accounts are not known to Microsoft. They work offline and files stay on the local system by default. Users may still sync files using first or third-party tools, but this is completely optional.

Wonder about the advantages of using a Microsoft account? Here are the key features of using a Microsoft account, according to Microsoft:

When you sign in to your PC with a Microsoft account, you’re connected to a Microsoft cloud service, and your settings and files can sync across various devices. You can also use it to access other Microsoft services

So, some settings and files sync when a Microsoft account is used. Using a Microsoft account may also give users access to services that require it.

Closing Words

To break it down: if you prefer privacy, you may want to consider using local accounts. If you prioritize convenience, or use multiple Windows devices, you may find that the advantages outweigh the disadvantages.

What about you? Do you prefer local or Microsoft accounts on Windows devices?

Bitwarden Extension causes websites to hang

Posted on by Martin Brinkmann

Just a quick note. Bitwarden’s latest client release seems to cause issues for some users. The update to version 2024.6.0 may cause issues in browsers.

According to reports. websites may hang or stall when loaded while the Bitwarden extension is active.

The issue is causing high CPU usage when some websites are opened. This causes the loading of the website to hang and the browser to freeze entirely in some cases. Crashes may also happen.

Several browsers, including Safari, Chrome, and Edge, and operating systems appear affected by the issue.

Deactivation of the extension restores the status quo. Users who downgraded the client version to the previous one reported that this fixed the issue as well. Desktop users may download previous releases from the official Bitwarden GitHub repository.

A third workaround is to change when Bitwarden’s extension becomes active in the browser. This may not be possible in all browsers. To check it out, right-click on the Bitwarden extension icon in the browser and hover over “This can read and change site data”.

There you switch from “on all sites” to “when you click the extension”.

Bitwarden confirmed that it is investigating the issue at the time. The issue is affecting other projects, including Home Assistant as well.

Closing Words

It is probably only a matter of time before a fixed version is released by Bitwarden. Try one of the workarounds in the meantime.

Google Chrome 126

Google Chrome 126 fixes 21 security issues

Posted on by Martin Brinkmann

Google released a new stable version of its Chrome web browser for all supported platforms. Chrome 126 is a security update first and foremost, but it makes non-security changes to the browser as well.

The security update is available already. Google rolls out these updates over the course of days and weeks. Most Chrome installations are updated automatically, thanks to the built-in updating system.

Desktop users may install the update quicker by opening Menu > Help > About Google Chrome. Chrome displays the installed version on the page that opens and runs a check for updates. The browser will download any new version it finds.

Chrome 126: the security fixes

Google mentions that it has fixed 21 unique security issues in Chrome 126. It lists only externally reported issues on the page. All of these are rated high or lower, and there does not seem to be a(nother) 0-day issue that is affecting the browser at this time.

The security issues rated high type confusion, use after free, heap buffer overflow, and inappropriate implementation issues.

The non-security changes of Chrome 126

Here is an overview of important non-security changes in the new Chrome release:

  • OCR-AI Reader for inaccessible PDF documents that creates a “built-in PDF screen reader”.
  • Beginning to switch to an out-of-process iframe architecture for the PDF viewer. This makes it simpler to add new features to it according to Google.
  • Reactive prefetch on desktop. The feature speeds up navigations and the loading of pages by using a Google-owned service to predict resources that should be prefetched.
  • Tab Group support on iPad.
  • Starting in Chrome 126, Chrome starts to directly support accessibility client software that uses Microsoft Windows’s UI Automation accessibility framework.
  • Search any text or image using Google Lens.

Developers may want to check out the Chrome Status website for development related changes.

Have you tried Google Chrome recently?

DoNotSpy11 Update

DoNotSpy11 update adds option to disable Windows AI features

Posted on by Martin Brinkmann

DoNotspy11 is a long-standing privacy and tweaking application for Windows. The first update of 2024 introduces new features and compatibility with recent Windows releases.

It is a small tool that you may use to modify Windows settings with ease. It addresses one of the main issues that privacy-conscious users have with Windows: the scattering of privacy-related preferences and policies.

Instead of having to use the Control Panel, Settings app, Registry, Group Policy Editor, and some other tools to improve privacy, it delivers everything in a single easy-to-use interface.

Word of Advice: Windows may throw a SmartScreen error when you try to run the program on your device. This is not because it is malicious or faulty. SmartScreen displays also when a program is new.

Another great privacy tool is O&O ShutUp10++, which I reviewed some time ago.

A short DoNotspy11 Intro

DoNotSpy11 displays all applicable privacy tweaks in the interface. It uses color codes to highlight the safety of tweaks. The following colors are used:

  • Blue — These are safe settings that should not have any ill-effects.
  • Orange — It is necessary to read the description, as they may impact other features among other things.
  • Red — Usually not recommended to change.
  • Gray — These settings have not changed since the last use of the application.

The program suggests to create a System Restore point whenever changes are made. This allows you to go back to the previous state in case something does not work anymore. I never ran into this problem while using the app, but a backup option is always welcome.

Just check or uncheck the available options and hit the apply button in the end to make the change. It is easy to undo changes manually or through System Restore points.

DoNotSpy11 1.2.1.0 Changelog

The update introduces ten new tweaks, including a new Windows AI category. It also adds general compatibility with Windows 11 version 23H2 Moment 5 and Windows 11 version 24H2, which will be released later this year.

The final change adds high DPI support, which should improve visuals on high DPI displays.

As for the tweaks, here is what is new:

  1. AI: Disable Recall (Snapshots) (from build 26100)
  2. Apps: Disable Access to Cellular Data
  3. Apps: Disable Access to Eye Tracking
  4. Apps: Disable Access to Motion / Activity
  5. Edge: Disable Control Copilot Access to Browser Context
  6. Edge: Disable Spell Checking Provided by Microsoft Editor
  7. Edge: Disable Website Typo Protection
  8. Edge: Hide App Launcher on Microsoft Edge New Tab Page
  9. Start: Disable Recommended Section
  10. Start: Disable Website Recommendations in Recommended Section

Three tweaks have been updated. The first two add options to disable Copilot and the Copilot taskbar button on Windows 10 devices. The third changes the disable background applications recommendation from blue (safe) to yellow (read comment).

You can check out the full changelog here.

Do you use tweaking tools to improve privacy or other features of Windows devices?

AI

AI is now capable of exploiting 0-Day vulnerabilities without description

Posted on by Martin Brinkmann

A team of security researchers at the University of Illinois published a study back in April 2024 that demonstrated the hacking capabilities of AI.

Using OpenAI’s GPT-4 model, they discovered that exploit code could be generated for 87% of the tested 0-day vulnerabilities.

This figure dropped to 7% if the CVE description was not provided.

Good to known: 0-day vulnerabilities refer to security issues that are very recent. Patches may not be available in all cases, and systems that are not updated are vulnerable to attacks that target these vulnerabilities.

The same research team has now published a new research document: Teams of LLM Agents can Exploit Zero-Day Vulnerabilities

It builds on the previous research. This time, the researchers wanted to find a way to improve the exploiting capabilities of AI if no description of 0-day vulnerabilities was provided.

They managed to create a system that bumped the success rate to 53% using real-world 0-day vulnerabilities that were discovered after the AI model’s data cut-off date.

Using GPT-4, the researchers switched to a team-based approach to compartmentalize attacks. Instead of relying on a single GPT-4 instance for attacks, they developed an architecture that assigned AI agents with different tasks.

The tasks are assigned by a planner AI and controlled by a manager AI. The planner AI launches other AI instances, including the manager AI and AIs for specific tasks.

This approach worked well, as it improved the the capabilities of the AI attacker. The chance of success rose from 7% when using a single AI instance to 53% under the new team-based approach.

Closing Words

AI research that focuses on security is important. Besides demonstrating the capabilities of different AI models, it may also highlight future dangers. Well-funded hackers and criminals may use AI models for illegal activities. These may range from finding new exploits to creating exploits for existing vulnerabilities.

Web-based and App-based AI interactions prevent certain activities, including hacking. This is not the case, however, for self-hosted or created AI models.

What is your take on this? Will we see more exploits that are more widely used in attacks in the future? Or will we see the rise of AI-based Anti-hacking solutions that try to counter their breathren?

VLC Media Player 3.0.21

VLC Media Player 3.0.21 launches with AMD improvements

Posted on by Martin Brinkmann

VideoLAN has released a new version of its cross-platform open source VLC Media Player application. VLC Media Player 3.0.21 is already available on the official distribution server. No official announcement at this point, but this is only a matter of time.

The new version of VLC Media Player comes with a number of improvements and fixes. Notable is improved support for devices with AMD hardware.

The release notes state the following in this regard:

  • Super Resolution scaling with AMD GPUs
  • New AMD VQ Enhancer filter

Super Resolution scaling is an upscaling technology that aims to improve the visual quality and sharpness of videos. It works best on low-quality videos and videos that are badly compressed.

The upscaling feature was available only for NVIDIA and Intel GPUs in previous versions of VLC Media Player. This changes with the new release and levels the playing field in this regard.

As far as other features are concerned, the following ones stick out:

  • The D3D11 HDR option can also turn on/off HDR for all sources regardless of the display
  • Improve subtitles rendering on Apple platforms of notably Asian languages by correcting font fallback lookups
  • Add D3D11 option to use NVIDIA TrueHDR to generate HDR from SDR sources
  • Improve Opus ambisonic support
  • Add support for HTTP content range handling according to RFC 9110

The new release includes a few fixes and updates to libraries next to that:

  • Fix some ASS subtitle rendering issues
  • Fix Opus in MP4 behaviour
  • Fix VAAPI hw decoding with some drivers
  • Fix some HLS Adaptive Streaming not working in audio-only mode
  • Fix regression on macOS causing crashes when using audio devices
  • Fix exposed UPnP directory URL schemes to be compliant with RFC 3986
  • Fix various warnings, leaks and potential crashes
  • Fix security integer overflow in MMS module

You can check out the full release notes here.

Which media player do you use primarily and why?