Today we start by looking at Windows 11. Microsoft is getting closer to its new major Windows version, expected at the end of the year. According to the marketing blurb it is focused on "simplified design and user experience" along with a few new key features, including Android support.
- In reality the changes are mostly minor as Microsoft will not want to break any Windows 10 compatibility. They have already made a marketing mistake by claiming you need better than 7th-gen CPU cores to run it. They had to back-pedal on this, basically stating we will wait and see.
- There are already some annoyances. Right click on your Windows 10 taskbar and you'll see a nice list of things to pick from. In Windows 11 there are only two items, Adjust Date and Time, and Notifications. Now you will need to remember the key combination Windows + X to see that old menu. By default, the Start Icon will be centred but you can personalise it back to the Left. The Start Menu will no longer have Live Tiles, named groups, and resizable panels, with most customisation removed. Room is given to a Recommended Panel that I suspect many will just find annoying.
- The Settings Menu has been updated and improved. Some of the more common Networking options have also been moved here so you won't have to drill down. There's a new Snap Navigator where if you hover over the maximise button a pop up appears that allows you to reposition and arrange open windows. Sadly, Windows Explorer has been redesigned, with a cascading menu structure, no ribbon menu and at first glance with less features until you hit the drop downs. Everything is still there so there is that.
- Windows 11 will be a free upgrade for an unspecified time, meaning eventually you will need to pay. You also have the option to stay with Windows 10 until Oct 14, 2025. If you want to try it for yourself then follow the instructions at insider.windows.com/en-us/getting-started.
- Some will have heard of a zero-day malware exploit, but for a while now the concept of zero-click malware has mostly been ignored as the attention was focused on not opening a link or an email. This changed recently with the exposure of the Pegasus spyware, that also happens to use a zero-day exploit. Pegasus gets into smartphones, both Android and iOS, and turns them into a remote surveillance device.
- A zero-click attack does not require any action by the phone user. It enters remotely via spyware. It does this by looking for any zero-day holes in the system that have not been patched or protected. So rather than a human problem, it relies on software and hardware issues to gain entry with no human click required. One approach is to initiate a WhatsApp call that gains access to the phone's operating system, then fixes the call log so that the user doesn't even know there was a call. For Apple users the process essentially jailbreaks the phone without the user knowing. A similar process occurs in Android using a rooting process known as framaroot. There are a number of other vectors used to gain entry apart from WhatsApp.
- Once Pegasus enters the device, it installs a module to track call logs, read messages, emails, calendars, internet history and gather location data to send information to the attacker. Interestingly, the spyware hides intelligently using built-in self-destruct capabilities. If Pegasus fails to connect with its command-and-control server for more than 60 days, it self-destructs and removes all traces. It can later reinfect and start again.
- I watched a short presentation recently, with Elon Musk talking about artificial intelligence. He was highlighting the dangers of uncontrolled AI. He mentioned the latest Chinese Go-playing AI that learned by playing itself. It did this in a short time, easily beating the previous AI, and started to come up with strategies never seen before. The same AI can be shown a list of rules and within a short time beat anyone at that game. With no input required other than the rules, it comes up with its own strategies. Musk described uncontrolled AI as more dangerous than a nuclear bomb. There is no controlling body to rein in future work in the area, but according to Musk we are not yet at "species-level risk" as the current AIs are narrow in scope. He's worried about the more general or broader versions.
- There is some misunderstanding around the terms used for artificial intelligence. Basic AI covers the rule engines and the chat bots you listen to when you make a phone call for help these days. These have no learning ability. The next level of AI is where there is a set of data used to train the engines and covers the game playing described earlier. Then there is Artificial General Intelligence where we have the simulation of human intelligence. Next is Super AI where we have Skynet and machines potentially thousands of times smarter than humans. Where or when we end up remains to be seen.
James Hein is an IT professional of over 30 years' standing. You can contact him at jclhein@gmail.com.
