by

Microsoft Restricts Cortana to Edge and Bing to Protect Windows 10
DAILY VIDEO: Microsoft limits Cortana to Edge and Bing on Windows 10; U.S. risks losing edge in HPC, supercomputing, report says; Pentagon bug bounty program attracts strong hacker interest; and there’s more.

Read more about the stories in today’s news:

Today’s topics include Microsoft’s limitation of its Cortana virtual assistant technology to Edge and Bing on Windows 10, the United States’ plan to accelerate its high-performance computing efforts, the success of the Pentagon’s bug bounty program and PhishLabs’ discovery of malware posing as legitimate apps on Google Play.

Cortana, Microsoft’s virtual assistant technology included with the Windows 10 operating system, is being reined in, the company announced April 28. As the Windows 10 user base has grown—270 million devices are running the OS at last count—Microsoft has discovered that Cortana has been taken in unintended directions, resulting in what the company claims is an unreliable user experience.

“Some software programs circumvent the design of Windows 10 and redirect you to search providers that were not designed to work with Cortana,” said Ryan Gavin, general manager of Microsoft Search and Cortana. In particular, they can interrupt some of Cortana’s task completion and personalized search capabilities, he said. In response, Microsoft is locking down the Cortana search experience. Now, Cortana will only display Bing search results in the Microsoft Edge browser.

Last year, President Obama issued an executive order aimed at accelerating the development of high-performance computing systems in the United States. The executive order created the National Strategic Computing Initiative to coordinate federal government efforts and those of public research institutions and the private sector to create a comprehensive, long-term strategy for ensuring that the United States retains its six-decade lead in research and development of HPC systems.

However, according to a recent report, the United States’ lead in the space is not assured, and other regions and countries—in particular, China—are making concerted efforts to expand their capabilities in the design, development and manufacturing of supercomputers and the components that make up the systems.

“The United States currently leads in HPC adoption, deployment, and development, but its future leadership position is not guaranteed unless it makes sustained efforts and commitments to maintain a robust HPC ecosystem,” the Information Technology and Innovation Foundation reported.

The Pentagon’s bug bounty program hit its midway point this past week, and already the initiative is, in some ways, a success. More than 500 security researchers and hackers have undergone background checks and begun to take part in the search for security flaws, according to HackerOne, the company managing the $150,000 program.

The “Hack the Pentagon” pilot, announced in March, is the first federal government program to use a private-sector crowdsourcing service to facilitate the search for security flaws in government systems. While neither the Pentagon nor HackerOne has disclosed any of the results so far, Alex Rice, chief technology officer and co-founder of vulnerability-program management service HackerOne, stressed that it would be “an extreme statistical outlier” if none of the researchers found a significant vulnerability.

PhishLabs, a company that provides anti-phishing services, said it has discovered 11 malicious applications disguised as mobile apps for popular online payment services on Google’s official Google Play store since the beginning of this year. The applications purport to give users access to their online payment accounts from their mobile devices, PhishLabs security analyst Joshua Shilko said in a blog post.

However, in reality, the only functionality the apps have is to collect the user’s log-on credentials and personal data and to send that to a remote command and control server belonging to the malware authors, Shilko said. PhishLabs did not identify the 11 payment brands whose apps were spoofed and uploaded to Google Play.

Source: eWeek