Liam Proven reports via The Register: One of the best FOSS text editors for Windows, Notepad++, is turning 20, while cross platform Geany just hit version 2.0 as it turns 18 years old. Notepad++'s version 8.6 is the twentieth anniversary release of one of the go-to FOSS text editors for Windows. [...] If you use an Arm-powered Windows machine, such as the ThinkPad X13S, there is now a native Arm64 version. It still supports x86-32 as well, and there are portable versions which work without being installed locally -- handy if you don't have admin rights. There is even a usefully recent version for Windows XP if you are still using that geriatric OS. This release adds multi-select, allowing you to manipulate multiple instances of the same text at once, which looks confusing but very powerful.

It is a staple on all of the Reg FOSS desk's Windows partitions, thanks to its inclusion in the essential Windows post-install setup tool Ninite. Ninite will install -- and update -- a whole swath of FOSS and freeware tools for Windows, making setup of a new machine doable in just a couple of clicks. And if you keep the Ninite installer file around, you can re-run it later and it will update everything it installed first time around. Ninite does offer other programmers' editors, such as Eclipse and Microsoft Visual Studio Code -- but they are behemoths by comparison. VSCode is implemented as an Electron app, meaning that it's huge, embeds an entire copy of Chromium, and scoffs RAM like it's going out of fashion. Notepad++ is a native Win32 app, making it tiny and fast: the download is less than 5MB, one twentieth the size of VSCode.

Sluggish, bloated editors are not just a problem on Windows. Gargantuan Electron apps are distressingly prevalent on Linux and macOS as well. This vulture is guilty of using some, and even recommending them -- because some of them can do things that nothing else can. That's not true in the case of plain text editors, though. You don't have to put up with apps that take a good fraction of a gigabyte for this. Geany is a good example. It straddles the line between a text editor and an IDE: it can manage multi-project files, automatically call out to compilers and suchlike, and parse their output to highlight errors. We last mentioned it nearly a decade ago but the project recently reached voting age -- at least for humans -- and after this milestone in maturity its developers called the latest release version 2.0. It has better support for dark mode, a new tree view in its sidebar, adds a bunch of new supported file types, and can detect if the user changes the type of a file and re-do its syntax highlighting to match.

An anonymous reader quotes a report from Ars Technica: Valve Software's Steam gaming marketplace and app will drop support for macOS 10.13 (High Sierra) and 10.14 (Mojave), according to a support page post. The change will go into effect on February 15, 2024. What will happen exactly? Valve writes: "After that date, existing Steam Client installations on these operating systems will no longer receive updates of any kind including security updates. Steam Support will be unable to offer users technical support for issues related to the old operating systems, and Steam will be unable to guarantee continued functionality of Steam on the unsupported operating system versions."

"The Steam store will stop considering games that offer only 32-bit macOS binaries to be Mac compatible at the end of 2023," Valve writes. The post also notes that fewer than two percent of current Mac users on Steam are running macOS 10.14 or earlier, so this only affects the small number who are holding on to those older versions that supported 32-bit apps. To be clear, lack of support for macOS 10.14 doesn't necessarily mean Steam won't run at all on machines running that OS. It just means Valve won't guarantee it'll work, and won't lift a finger to help if something breaks in the passage of time. It also means users who continue to use the older software could become vulnerable to security risks, disincentivizing continued use.

An anonymous reader quotes a report from Hackaday: The BBC has a long history of teaching the world about computers. The broadcaster's name was proudly displayed on the BBC Micro, and BBC Basic was the programming language developed especially for that computer. Now, BBC Basic is back and running on a whole mess of modern platforms. BBC Basic for SDL 2.0 will run on Windows, MacOS, x86 Linux, and even Raspberry Pi OS, Android, and iOS. Desktop versions of the programming environment feature a BASIC editor that has syntax coloring for ease of use, along with luxury features like search and replace that weren't always available at the dawn of the microcomputer era. Meanwhile, the smartphone versions feature a simplified interface designed to work better in a touchscreen environment.

It's weird to see, but BBC Basic can actually do some interesting stuff given the power of modern hardware. It can address up to 256 MB of memory, and work with far more advanced graphical assets than would ever have been possible on the original BBC Micro. If you honed your programming skills on that old metal, you might be impressed with what they can achieve with BBC Basic in a new, more powerful context.

Mononymous writes: FreeBSD 14 has been officially released. You can get it from FreeBSD.org, or via freebsd-update and source update methods for existing systems. Some highlights:
- OpenSSH version 9.5p1
- OpenSSL version 3.0.12, a major upgrade from OpenSSL 1.1.1t in FreeBSD 13.2
- OpenZFS release 2.2
- The bhyve hypervisor now supports TPM and GPU passthrough

This version will now create user home directories in /home by default, instead of the traditional /usr/home. More information on the release and changes can be found via the release announcement page.

Recently the Register pointed out that the new (Debian-based) Raspberry Pi OS 5.0 has "a completely new Wayland desktop environment replacing PIXEL, the older desktop based on LXDE and X.org, augmented with Mutter in its previous release."

And when elementary OS 8 finally arrives, "the development team plans to finally shift to the Wayland display server by default," reports Linux magazine (adding "If you'd like to get early access to daily builds, you can do so by becoming an elementary OS sponsor on GitHub.")

"This is a transition that we have been planning and working towards for several years," writes CEO/co-founder Danielle Foré, "and we're finally in the home stretch... Wayland will bring us improved performance, better app security, and opens the doors to support more complex display setups like mixed DPI multi-monitor setups." There are other things that we're experimenting with, like the possibility of an immutable OS, and there are more mundane things that will certainly happen like shipping Pipewire. You'll also see on the project board that we're looking to replace the onscreen keyboard and it's time to re-evaluate some things like SystemD Boot. You can expect lots more little features to be detailed over the coming months.
Meanwhile, Linux Mint is getting "experimental" Wayland support next month. And also in December, Firefox will let Wayland support be enabled by default.

And last month the Register noted a merge request for GNOME to remove the gnome-xorg.desktop file. "To put this in context, the Fedora project is considering a comparable change: removing or hiding the GNOME on X.org session from the login menu, which is already the plan for the Fedora KDE spin when it moves to KDE version 6, which is still in development."

According to Reuters, Meta's head of augmented reality software is stepping down from his role. From the report: VP of Engineering Don Box announced the end of his tenure at Meta internally this week, without elaborating on what he would do next, according to a source familiar with the matter. A Meta spokesperson confirmed Box would be leaving the company at the end of this week and said he was doing so for personal reasons. There would be no change in product roadmap as a result of his decision, she added.

The departure of Box, a veteran engineer with experience building major technology systems from their infancy, could be a setback to progress on the operating system, a key component of Meta's AR glasses project, the source told Reuters. Meta has been planning to deliver a first generation of its AR glasses by next year, although those are meant to be used only internally and by a select group of developers, the source said. It aims to ship its first AR glasses to consumers in 2027. The Meta spokesperson declined to address the roadmap or whether the OS that Box's team was building would be in the first generation AR glasses. [...]

Meta initially hired Box in 2021 to chart a path forward after the failure of its XROS project, which aimed to create a unified custom operating system for its virtual reality headsets, Ray-Ban Stories smart glasses and planned augmented reality glasses, the source said. Box broke up the 300-person XROS unit into dedicated teams for each device line early last year and personally took over the team focused on AR software, according to both the source and Box's LinkedIn profile. Prior to joining Meta, Box had worked at Microsoft since 2002. In his final role at Microsoft, he ran engineering for mixed reality, which involved developing software for the HoloLens2 headset and related AR/VR services. Box is known for having led the creation of the Xbox One operating system and later heading Microsoft's core operating system group, which works across all Windows products.

Lowpass: Amazon has been working on a new operating system to replace Android on Fire TVs, smart displays and other connected devices, I have learned from talking to multiple sources with knowledge of these plans, as well as job listings and other materials referencing these efforts. Development of the new operating system, which is internally known as Vega, appears fairly advanced. The system has already been tested on Fire TV streaming adapters, and Amazon has told select partners about its plans to transition to a new application framework in the near future. A source with knowledge of the company's plans suggested that it could start shipping Vega on select Fire TV devices as early as next year.

Next April a new LTS Ubuntu arrives, and alongside it will be a whole new immutable desktop edition. At this year's Ubuntu conference in Riga, Latvia, Canonical revealed more details about its forthcoming immutable desktop distro. From a report: Core Desktop is not the next version of Ubuntu itself. Ordinary desktop and server Ubuntu aren't going anywhere, and the next release, numbered 24.04 and codenamed Noble Numbat as we mentioned last month, will be the default and come with all the usual editions and flavors. Nor is this a whole new product: it is a graphical desktop edition of the existing Ubuntu Core distro, as we examined on its release in June last year, a couple of months after 22.04. Ubuntu Core is Canonical's Internet of Things (IoT) distro, intended to be embedded on edge devices, such as digital signs and smart displays. It is an immutable distro, meaning that the root filesystem is read-only and there's no conventional package manager.

Rather than being a basis for customization, like a conventional Linux, the idea is that immutable distros are rolled out and updated more like a phone or tablet OS: there's a single fixed and heavily tested OS image, and it's deployed onto the devices out in the field without modification. Updates are monolithic: a whole fresh image is pushed out, and all the OS components are upgraded in a single operation to the same combination. That isn't unique. Most of the major Linux vendors have immutable offerings, and The Reg has looked at several over the years, including MicroOS, the basis of SUSE's next-gen enterprise OS ALP. As well as the well-known ChromeOS, another immutable desktop is the educational distro Endless OS.

[...] Canonical believes it has some unique new angles. Core Desktop is constructed as additional layers on top of the existing Ubuntu Core distro, and like Core, it's entirely built with a single packaging system: Ubuntu's Snap. While Snap remains controversial, it does have some compelling advantages over both SUSE and Red Hat's tooling. SUSE's transactional_update tool, while simpler than its rivals in implementation, requires a snapshot-capable filesystem, meaning that its immutable distros must use Btrfs. While it has many admirers, the number and the contents of the orange and red cells in the feature tables here in its own documentation reflect the FOSS desk's serious reservations about Btrfs.

Windows Central: Microsoft began rolling out its new AI assistant for Windows earlier this year with the Windows 11 version 23H2 release, which adds a new Microsoft Copilot button directly to the Taskbar. Microsoft has been putting its Copilot in front of every user it can, but there's still a large chunk of PC users on the older Windows 10 OS which hasn't seen any of Microsoft's recent AI additions. That may soon be changing. According to my sources, Microsoft is planning to bring the same Microsoft Copilot to Windows 10 in an update coming soon. Just like Windows 11, this update to Windows 10 will place a Copilot button directly on the Windows 10 taskbar, which will open the exact same Copilot sidebar experience found on Windows 11.

Richard Speed reports via The Register: Asahi Linux, a project to port Linux to Apple Silicon Macs, has reported a combination of bugs in Apple's macOS that could leave users with hardware in a difficult-to-recover state. The issues revolve around how recent versions of macOS handle refresh rates, and MacBook Pro models with ProMotion displays (the 14 and 16-inch versions) are affected. According to the Asahi team, the bugs lurk in the upgrade and boot process and, when combined, can create a condition where a machine always boots to a black screen, and a Device Firmware Update (DFU) recovery is needed.

Asahi Linux's techies have looked into the issue, having first suspected it had something to do with either having an Asahi Linux installation on a Mac and then upgrading to macOS Sonoma or installing Asahi Linux after a Sonoma upgrade. However, the issue appears to be unconnected to the project. The team said: "As far as we can tell, ALL users who upgraded to Sonoma the normal way have an out-of-date or even broken System RecoveryOS, and in particular MacBook Pro 14" and 16" owners are vulnerable to ending up with a completely unbootable system." While this might sound alarming, the team was at pains to assure users that data was not at risk and only certain versions of macOS were affected -- Sonoma 14.0+ and Ventura 13.6+.

The first bug is related to macOS Sonoma using the previously installed version as System Recovery, which can cause problems when an older RecoveryOS runs into newer firmware. The second occurs if a display is configured to a refresh rate other than ProMotion. According to the Asahi Linux team, the system will no longer be able to boot into old macOS installs or Asahi Linux. "This includes recovery mode when those systems are set as the default boot OS, and also System Recovery at least until the next subsequent OS upgrade." The team noted: "Even users with just 13.6 installed single-boot are affected by this issue (no Asahi Linux needed).

"We do not understand how Apple managed to release an OS update that, when upgraded to normally, leaves machines unbootable if their display refresh rate is not the default. This seems to have been a major QA oversight by Apple."

An anonymous reader quotes a report from Ars Technica: Android is slowly entering the RISC-V era. So far we've seen Google say it wants to give the up-and-coming CPU architecture "tier-1" support in Android, putting RISC-V on equal footing with Arm. Qualcomm has announced the first mass-market RISC-V Android chip, a still-untitled Snapdragon Wear chip for smartwatches. Now Google has announced a timeline for developer tools via the Google Open Source Blog. The last post is titled "Android and RISC-V: What you need to know to be ready."

Getting the Android OS and app ecosystem to support a new architecture is going to take an incredible amount of work from Google and developers, and these tools are laying the foundation for that work. First up, Google already has the "Cuttlefish" virtual device emulator running, including a gif of it booting up. This isn't the official "Android Emulator" -- which is targeted at app developers doing app development -- Cuttlefish is a hardware emulator for Android OS development. It's the same idea as the Android Emulator but for the bottom half of the tech stack -- the kernel, framework, and hardware bits. Cuttlefish lets Google and other Android OS contributors work on a RISC-V Android build without messing with an individual RISC-V device. Google says it's working well enough now that you can download and emulate a RISC-V device today, though the company warns that nothing is optimized yet.

The next step is getting the Android Emulator (for app developers) up and running, and Google says: "By 2024, the plan is to have emulators available publicly, with a full feature set to test applications for various device form factors!" The nice thing about Android is that most app code is written with no architecture in mind -- it's all just Java/Kotlin. So once the Android RunTime starts spitting out RISC-V code, a lot of app code should Just Work. That means most of the porting work will need to go into things written in the NDK, the native developer kit, like libraries and games. The emulator will still be great for testing, though.

Google says it'll issue a system update to fix a major storage bug in Android 14 that has caused some users to be locked out of their devices. Ars Technica reports: Apparently one more round of news reports was enough to get the gears moving at Google. Over the weekend the Issue tracker bug has been kicked up from a mid-level "P2" priority to "P0," the highest priority on the issue tracker. The bug has been assigned to someone now, and Googlers have jumped into the thread to make official statements that Google is looking into the matter. Here's the big post from Google on the bug tracker [...]. The highlights here are that Google says the bug affects devices with multiple Android users, not multiple Google accounts or (something we thought originally) users with work profiles. Setting up multiple users means going to the system settings, then "Multiple users," then "Allow multiple users," and you can add a user other than the default one. If you do this, you'll have a user switcher at the bottom of the quick settings. Multiple users all have separate data, separate apps, and separate Google accounts. Child users are probably the most popular reason to use this feature since you can lock kids out of things, like purchasing apps.

Shipping a Google Play system update as a quick Band-Aid is an interesting solution, but as Google's post suggests, this doesn't mean the problem is fixed. Play system updates (these are alternatively called Project Mainline or APEX modules) allow Google to update core system components via the Play Store, but they are really not meant for critical fixes. The big problem is that the Play system updates don't aggressively apply themselves or even let you know they have been downloaded. They just passively, silently wait for a reboot to happen so they can apply. For Pixel users, it feels like the horse has already left the barn anyway -- like most Pixel phones have automatically applied the nearly 13-day-old update by now. Users can force Play system updates to happen themselves by going to the system settings, then "Security & Privacy," then "System & updates," then "Google Play system update." If you have an update, you'll be prompted to reboot the phone. Also note that this differs from the usual OS update checker location, which is in system settings, then "System," then "System update." The system update screen will happily tell you "Your system is up to date" even if you have a pending Google Play system update. It would be great to have a single location for OS updates, Google Play System/Mainline updates, and app updates, but they are scattered everywhere and give conflicting "up to date" messages.

"Windows 11's last major update, 22H2 introduced native support for managing RAR archives, eliminating the need for third-party software," writes Slashdot reader jjslash. "This enhancement is part of the OS's broader capability improvements for handling various archive file formats." TechSpot reports: Microsoft finally introduced native support for RAR archives earlier this year, just three decades after the format's official introduction in 1993. Windows 11 development is now progressing at an accelerated pace, therefore support for a whole lot of new (ancient) archive formats is coming soon.

Microsoft recently released KB5031455, an optional, feature-rich preview cumulative update for Windows 11, refreshing the list of archive formats natively supported in the OS. Windows 11 22H2 and later versions can now manage files compressed in the following archive types: .rar, .7z, .tar, .tar.gz, .tar.bz2, .tar.zst, .tar.xz, .tgz, .tbz2, .tzst, .txz. Support for password-encrypted archives is not available yet.

Redmond programmers added support for the aforementioned archive files thanks to the libarchive library, an open source project designed to develop a portable, efficient C library that can "read and write streaming archives" in a variety of formats. Libarchive supports additional archive types (Lzh, Xar) that could eventually come to Windows 11 as well.

Microsoft's dedicated OS for embedded and pocket devices, Windows CE, has reached the end of its support lifetime. From a report: Windows CE -- and there's never been an official explanation of what the WinCE-inducing name stood for -- debuted in November 1996, just a few months after Windows NT 4, the first version of NT with the Explorer desktop from Windows 95. Earlier this month, as reported by HPC Factor, the last ever version, CE 8, branded Compact Embedded 2013, reached its end of support.

In 2011, Microsoft said it would be replaced by a unified platform based on Windows 8, but we know how well that went down. By 2020, the official migration path was set -- to a container on top of Win10 IoT. Its fortunes have always fluctuated. In 1999, we asked does MS care about WinCE? By 2003, we reported that eTForecasts said it would outship PCs. Indirectly, the researchers were right -- smartphones did end up massively outselling PCs. They just weren't Microsoft ones.

Long-time Slashdot reader Noryungi writes: OpenBSD 7.4 has been officially released. The 55th release of this BSD operating system, known for being security oriented, brings a lot of new things, including dynamic tracer, pfsync improvements, loads of security goodies and virtualization improvements. Grab your copy today! As mentioned by Phoronix's Michael Larabel, some of the key highlights include:

- Dynamic Tracer (DT) and Utrace support on AMD64 and i386 OpenBSD
- Power savings for those running OpenBSD 7.4 on Apple Silicon M1/M2 CPUs by allowing deep idle states when available for the idle loop and suspend
- Support for the PCIe controller found on Apple M2 Pro/Max SoCs
- Allow updating AMD CPU Microcode updating when a newer patch is available
- A workaround for the AMD Zenbleed CPU bug
- Various SMP improvements
- Updating the Direct Rendering Manager (DRM) graphics driver support against the upstream Linux 6.1.55 state
- New drivers for supporting various Qualcomm SoC features
- Support for soft RAID disks was improved for the OpenBSD installer
- Enabling of Indirect Branch Tracking (IBT) on x86_64 and Branch Target Identifier (BTI) on ARM64 for capable processors

You can download and view all the new changes via OpenBSD.org.

AlmaLinux is creating a Red Hat Enterprise Linux (RHEL) without any Red Hat code. Instead, AlmaLinux OS will aim to be Application Binary Interface (ABI) compatible and use the CentOS Stream source code that Red Hat continues to offer. Additional code is pulled from Red Hat Universal Base Images, and upstream Linux code. Benny Vasquez, chairperson of the AlmaLinux OF Foundation, explained how all this works at the open-source community convention All Things Open. ZDNet's Steven Vaughan-Nichols reports: The hardest part is Red Hat's Linux kernel updates because, added Vasquez, "you can't get those kernel updates without violating Red Hat's licensing agreements." Therefore, she continued, "What we do is we pull the security patches from various other sources, and, if nothing else, we can find them when Oracle releases them." Vasquez did note one blessing from this change in production: "AlmaLinux, no longer bound to Red Hat's releases, has been able to release upstream security fixes faster than Red Hat. "For example, the AMD microcode exploits were patched before Red Hat because they took a little bit of extra time to get out the door. We then pulled in, tested, and out the door about a week ahead of them." The overall goal remains to maintain RHEL compatibility. "Any breaking changes between RHEL and AlmaLinux, any application that stops working, is a bug and must be fixed."

That's not to say AlmaLinux will be simply an excellent RHEL clone going forward. It plans to add features of its own. For instance, Red Hat users who want programs not bundled in RHEL often turn to Extra Packages for Enterprise Linux (EPEL). These typically are programs included in Fedora Linux. Besides supporting EPEL software, AlmaLinux has its own extra software package -- called Synergy -- which holds programs that the AlmaLinux community wants but are not available in either EPEL or RHEL. If one such program is subsequently added to EPEL or RHEL, AlmaLinux drops it from Synergy to prevent confusion and duplication of effort.

This has not been an easy road for AlmaLinux. Even a 1% code difference is a lot to write and maintain. For example, when AlmaLinux tried to patch CentOS Stream code to fix a problem, Red Hat was downright grumpy about AlmaLinux's attempt to fix a security hole. Vasquez acknowledged it was tough sledding at first, but noted: "The good news is that they have been improving the process, and things will look a little bit smoother." AlmaLinux, she noted, is also not so much worried as aware that Red Hat may throw a monkey wrench into their efforts. Vasquez added: "Internally, we're working on stopgap things we'd need to do to anticipate Red Hat changing everything terribly." She doesn't think Red Hat will do it, but "we want to be as prepared as possible."

The Android ecosystem is hurtling toward a RISC-V future. From a report: The puzzle pieces for the up-and-coming CPU architecture started falling into place this past year when Google announced official RISC-V support in Android and plans to make it a "tier 1 platform" on equal footing with Arm. With the OS support underway, what we need now is hardware, and Qualcomm is stepping up to announce the first-ever mass-market RISC-V Android SoC. It doesn't have a name yet, but Qualcomm says it's developing a "RISC-V Snapdragon Wear" chip in collaboration with Google. The company says it plans to "commercialize the RISC-V based wearables solution globally including the US." For Google and Qualcomm, this chip represents everyone's first swing at a commercial RISC-V Android project, and as far as we can tell, it's the first announced mass-market RISC-V Android chip ever. Qualcomm says the groundwork it and Google lay out "will help pave the way for more products within the Android ecosystem to take advantage of custom CPUs that are low power and high performance."

RISC-V represents a big threat to the Arm CPU architecture that currently dominates all mobile devices. RISC-V architecture is open source, which can make it cheaper and more flexible than Arm. If companies want to design their own chips, they can do that without paying a licensing fee to Arm. Since the architecture is open source, it's possible to create a fully open source chip. If you're a chip-design firm, you can make your own proprietary chip designs and license them, making you a competitor to Arm's chip-design business. RISC-V is also a way to sidestep all of the various problems with Arm.

Windows Central: According to my sources who are familiar with the matter, Windows 11 is now in use on over 400 million monthly active devices. Internal Microsoft data seen by Windows Central reveals that Windows 11's active device usage just recently surpassed 400 million and is steadily climbing to reach half a billion by early 2024. As noted in our Windows 11 review, the OS has been on the market since October 2021, meaning it's taken Microsoft around two years to reach 400 million monthly active devices with Windows 11. This is a significantly slower rate than Windows 10, which reached the same number in just over a year (and eventually 1 billion users by early 2020). Still, factoring in both platforms' very different launch parameters is essential.

An anonymous reader shared this report from Neowin: The various versions of Windows have used Kerberos as its main authentication protocol for over 20 years. However, in certain circumstances, the OS has to use another method, NTLM (NT LAN Manager). Today, Microsoft announced that it is expanding the use of Kerberos, with the plan to eventually ditch the use of NTLM altogether.

In a blog post, Microsoft stated that NTLM continues to be used by some businesses and organizations for Windows authentication because it "doesn't require local network connection to a Domain Controller." It also is "the only protocol supported when using local accounts" and it "works when you don't know who the target server is." Microsoft states:

These benefits have led to some applications and services hardcoding the use of NTLM instead of trying to use other, more modern authentication protocols like Kerberos. Kerberos provides better security guarantees and is more extensible than NTLM, which is why it is now a preferred default protocol in Windows. The problem is that while businesses can turn off NTLM for authentication, those hardwired apps and services could experience issues. That's why Microsoft has added two new authentication features to Kerberos.
Microsoft's blog post calls it "the evolution of Windows authentication," arguing that "As Windows evolves to meet the needs of our ever-changing world, the way we protect users must also evolve to address modern security challenges..." So, "our team is building new features for Windows 11."

• Initial and Pass Through Authentication Using Kerberos, or IAKerb, "a public extension to the industry standard Kerberos protocol that allows a client without line-of-sight to a Domain Controller to authenticate through a server that does have line-of-sight."

• A local Key Distribution Center (KDC) for Kerberos, "built on top of the local machine's Security Account Manager so remote authentication of local user accounts can be done using Kerberos."

• "We are also fixing hard-coded instances of NTLM built into existing Windows components... shifting these components to use the Negotiate protocol so that Kerberos can be used instead of NTLM... NTLM will continue to be available as a fallback to maintain existing compatibility."

• "We are also introducing improved NTLM auditing and management functionality to give your organization more insight into your NTLM usage and better control for removing it."

"Reducing the use of NTLM will ultimately culminate in it being disabled in Windows 11. We are taking a data-driven approach and monitoring reductions in NTLM usage to determine when it will be safe to disable."

Keumars Afifi-sabet reports via TechRadar: Lenovo has the green light to see a portfolio of new enterprise-focused devices powered by Esper Foundation -- a custom Android operating system -- and bundled with a complementary mobile device management (MDM) platform. The firm's first device running Esper Foundation is the Lenovo ThinkCentre M70a, an all-in-one desktop PC fitted with an up to 12th-Gen Intel Core i9 CPU, alongside 16GB DDR4 RAM and up to 512GB SSD. It'll be followed by the Lenovo ThinkCentre M70q, M90n-1 IoT, and the ThinkEdge SE30 v2 machines by the end of 2023. Esper Foundation is based on Android 11 and has customizable branding, peripheral compatibility, quarterly security patches, and three years of support. The MDM system, meanwhile, remotely deploys, manages, and updates devices from a single view.

By integrating a custom version of Android in its PCs, Lenovo is banking on the Esper Foundation OS appealing to businesses as an alternative to Windows, as well as Google's own ChromeOS. With platforms like Esper's, there may well be a means to find a rival to compete with Windows in the enterprise, particularly in highly niche industries such as the retail, hospitality, and healthcare industries -- at which Esper Foundation is directed. "This collaboration is another step forward in Lenovo's drive to meet changing customer demand across retail, hospitality, healthcare, and other industries," said Johanny Payero, Lenovo's director of global advanced solutions marketing and strategy. "Dedicated devices are proliferating across several key industries, and our new joint solution with Esper allows us to deliver the best of Android with the consistency and predictability of Lenovo's x86 devices."