How NSA access was built into Windows


Recommended Posts

HawkMan

then you turn on UPnP or IPv6 and your theory breaks :)

 

there's a few other targeted attacks that would break it to. granted an attack using UPnP would mostly need to be targeted anyway, or it would first need to bomb the router to find what ports are open which in many routers would block it anyway, and even if it finds an open port it would need an attack vector on that port. so UPnP isn't really a problem.

Link to post
Share on other sites
JonnyLH

then you turn on UPnP or IPv6 and your theory breaks :)

 

there's a few other targeted attacks that would break it to. granted an attack using UPnP would mostly need to be targeted anyway, or it would first need to bomb the router to find what ports are open which in many routers would block it anyway, and even if it finds an open port it would need an attack vector on that port. so UPnP isn't really a problem.

UPnP is initialized by the client which sends a packet to the router letting it know about its intentions. This lets the router know that if it receives traffic for a certain protocol, send it to this machine or that machine. Its just an automated port-forwarding protocol.

 

IPv6 gives everyone a public address. Completely different to the subject matter. IPv6 allows the internet be what it was designed to be, an all connected network. That invalidates all my statements regarding NAT because every client is directly reachable and NAT isn't existing on those networks. Although, there's very few ISP's which actually provide CPE's which are IPv6 and IPv4 supporting, let alone give them both an address. Your probably looking at 20~ years before IPv6 becomes the norm. Especially when more providers are investing in CG-NAT rather than a correct IPv6 deployment.

Link to post
Share on other sites
+DonC

You know, the original article was about the NSA and a supposed back door in Windows.  NAT is a side issue.  How about you consider the scenario of a Starbucks or Internet caf? with free WI-FI instead.

 

Even though I was taken for a ride by the purpose of NSAKEY in my post on page 1, the rest of my post stands IMHO.  You'd have to have no understanding of the technicalities of Windows to think that the details as posted would give secret remote access.

Link to post
Share on other sites
HawkMan

UPnP is initialized by the client which sends a packet to the router letting it know about its intentions. This lets the router know that if it receives traffic for a certain protocol, send it to this machine or that machine. Its just an automated port-forwarding protocol.

 

IPv6 gives everyone a public address. Completely different to the subject matter. IPv6 allows the internet be what it was designed to be, an all connected network. That invalidates all my statements regarding NAT because every client is directly reachable and NAT isn't existing on those networks. Although, there's very few ISP's which actually provide CPE's which are IPv6 and IPv4 supporting, let alone give them both an address. Your probably looking at 20~ years before IPv6 becomes the norm. Especially when more providers are investing in CG-NAT rather than a correct IPv6 deployment.

UPnP opens the port, it doesn't care about the data outside of UDP and TCP. 

 

Problem with IPv6, is while it restores the internet to what it's supposed to be, a lot of tech wannabes don't understand the implication of it, and the tech idiots don't understand it anyway and their ISP never tells them, granted that category of users will have their windows or internet security firewall on anyway. 

You know, the original article was about the NSA and a supposed back door in Windows.  NAT is a side issue.  How about you consider the scenario of a Starbucks or Internet caf? with free WI-FI instead.

 

Even though I was taken for a ride by the purpose of NSAKEY in my post on page 1, the rest of my post stands IMHO.  You'd have to have no understanding of the technicalities of Windows to think that the details as posted would give secret remote access.

 

 

You have to understand that these articles are made for two kinds of people. The techies who are also paranoid conspiracy theorists who will ignore all their tech knowledge if there's a conspiracy theory they can apply instead. and then there's the tech idiots, also known as regular people, who just don't know better and think tech conspiracy nut journalists who don't know anything about the tech they're writing about are more trustworthy than their actual tech specialists locally. 

Link to post
Share on other sites
thomastmc

Still haven't gave any evidence to prove me wrong. I never said your sources were wrong, just over explaining a simple fact.

 

So, could you please explain how it is impossible to hijack a connection and/or relay a spoofed malicious packet to a member of the internal network relying on NAT alone?

Link to post
Share on other sites
HawkMan

So, could you please explain how it is impossible to hijack a connection and/or relay a spoofed malicious packet to a member of the internal network relying on NAT alone?

 

 

That would be what I referred to as a targeted attack earlier. it's "nearly" impossible to defend yourself against a targeted attack by a dedicated and skilled hacker with enough time, with consumer grade equipment. 

Link to post
Share on other sites
thomastmc

That would be what I referred to as a targeted attack earlier. it's "nearly" impossible to defend yourself against a targeted attack by a dedicated and skilled hacker with enough time, with consumer grade equipment. 

 

I absolutely agree. I've always heard from friends I trust on security that nothing is truly secure, it's just degrees of difficulty. I would also assume that the NSA is capable of the greatest degree of difficulty possible.

 

It's my contention as well that the operative mechanism in defending against any sophisticated attack would be the firewall, intrusion detection, etc., not the NAT.

Link to post
Share on other sites
+DonC

NAT is not a security measure. A good summary of why NAT is a bad idea, including the security issues, is given in RFC 4966: "Reasons to Move the Network Address Translator - Protocol Translator (NAT-PT) to Historic Status."

 

http://www.ietf.org/rfc/rfc4966.txt

Link to post
Share on other sites
primexx

This NSAKEY thing was all over the place when it was discovered. Turns out, it doesn't actually mean what OP says it means.

Link to post
Share on other sites
nullie

This NSAKEY thing was all over the place when it was discovered. Turns out, it doesn't actually mean what OP says it means.

there's only a few things that it could actually do. and plus, I am sure the NSA has access to the WIndows source code and kernel directly. knowing them, they have deals with Intel and AMD to have debug access on the CPUs which would allow them to bypass any protection mechasnism or code isolation on a computer, giving them super root access regardless of OS settings. there is no limit to how far the NSA goes with this, asking and getting backdoors into things.

 

but what proof do you have that the NSA key's don't give access to decryption and password cracking capabilities? if all the NSA wanted was to protect their own systems or network, they could install their own keys on the side like everyone else. this is definitely backdoor access type **** into how Windows handles encryption.

 

you know, it's possible that there can be more than one key that can decrypt a certain crypto; possible that Windows has built in backdoors like this for the NSA. like I said, they also think OpenSSL has backdoors like this. that no one knows if the code is secure or not because it's impossible to tell.

Link to post
Share on other sites
HawkMan

there's only a few things that it could actually do. and plus, I am sure the NSA has access to the WIndows source code and kernel directly. knowing them, they have deals with Intel and AMD to have debug access on the CPUs which would allow them to bypass any protection mechasnism or code isolation on a computer, giving them super root access regardless of OS settings. there is no limit to how far the NSA goes with this, asking and getting backdoors into things.

 

but what proof do you have that the NSA key's don't give access to decryption and password cracking capabilities? if all the NSA wanted was to protect their own systems or network, they could install their own keys on the side like everyone else. this is definitely backdoor access type **** into how Windows handles encryption.

 

you know, it's possible that there can be more than one key that can decrypt a certain crypto; possible that Windows has built in backdoors like this for the NSA. like I said, they also think OpenSSL has backdoors like this. that no one knows if the code is secure or not because it's impossible to tell.

 

There would be a lot less conspiracy theorists if they had some basic knowledge of how technology works. 

 

As for the next paragraph, read up on what te NSAKey actually is, please, and how useless an encryption key would be if it was stored like that. exactly what purpose do you think an encryption key would have stored in the registry ? 

Link to post
Share on other sites
nullie

There would be a lot less conspiracy theorists if they had some basic knowledge of how technology works. 

yeah did you see the AMD cpu that the hackers had cracked the debug password to a few years ago? the password was passed to the CPU and gave the hacker ability to execute any code they wanted above the operating system. these types of backdoors are built into every CPU..

 

http://news.techeye.net/security/hackable-debug-mode-found-in-amd-cpus

 

looks like there's also a whole bunch of hidden CPUs features there that the NSA can unlock - basically run software on AMD CPUs in stealth rootkit mode with god ability. No one ever linked it to the NSA, but you know why that's there. Intel's CPUs have not been cracked by the public, so the elusive features remain for top secret clearance users only, so far.

 

 

 

As for the next paragraph, read up on what te NSAKey actually is, please, and how useless an encryption key would be if it was stored like that. exactly what purpose do you think an encryption key would have stored in the registry ? 

I have already read up enough about that. thanks, and yeah it sounds like a backdoor into Windows giving them the ability to reverse engineer, decrypt things easier, and hide things that the user would have no control over.

Link to post
Share on other sites
Noir Angel

Backdoors into our computers would be useless anyway, unless they had a court order to place you under surveillance any data collected via such covert means would be completely inadmissible in law in most Western countries.

Link to post
Share on other sites
HawkMan

yeah did you see the AMD cpu that the hackers had cracked the debug password to a few years ago? the password was passed to the CPU and gave the hacker ability to execute any code they wanted above the operating system. these types of backdoors are built into every CPU..

 

http://news.techeye.net/security/hackable-debug-mode-found-in-amd-cpus

 

looks like there's also a whole bunch of hidden CPUs features there that the NSA can unlock - basically run software on AMD CPUs in stealth rootkit mode with god ability. No one ever linked it to the NSA, but you know why that's there. Intel's CPUs have not been cracked by the public, so the elusive features remain for top secret clearance users only, so far.

 

 

 

I have already read up enough about that. thanks, and yeah it sounds like a backdoor into Windows giving them the ability to reverse engineer, decrypt things easier, and hide things that the user would have no control over.

:rolleyes:

 

 

and really, a registry key is a bacdoor into windows ? would you PLEASE explain that one... if there was a backdoor it would be hidden in the code, and there wouldn't be a visible key in the registry where it serves absolutely no purpose. 

 

Also you obviously didn't understand a single thing that was said in the article you quoted, since NOTHING there had anything to do with your wild conspiracy claims. 

  • Like 1
Link to post
Share on other sites
nullie

Backdoors into our computers would be useless anyway, unless they had a court order to place you under surveillance any data collected via such covert means would be completely inadmissible in law in most Western countries.

lol. you think the NSA cares about what the court system says about this? they specialize in black ops dude, warrantless tapping and monitoring that is done without judicial involvement. the information being gathered is done in secret, without court consent most of the time. the CIA uses it, the NSA, DoD, FBI.. and you know, they get away with it because often times it leads to nothing big. it is sometimes used in courts, and the way they get by with that is by keeping it secret from the court and public defenders how they obtained the information. it's all done under the guise of "national security". you don't have any idea how hard it would be to prove how they really obtained information on you man, you have no protections court or constitutional provided that are actually honored by any government agents.

:rolleyes:

 

 

and really, a registry key is a bacdoor into windows ? would you PLEASE explain that one... if there was a backdoor it would be hidden in the code, and there wouldn't be a visible key in the registry where it serves absolutely no purpose. 

I was under the understanding this NSAKey was hidden in the DLL, only discoverable after a hacker reverse engineered and decompiled the code.

 

is this NSAKey in the registry of every system now? it would only be one component to crypto. one part of a key that allows them greater access to how the cryptography services in Windows worked. it could allow them to decrypt anything they wanted without effort. you know, at least Windows encrypted stuff. and the running of signed code with higher security clearances and methods to bypass Windows security. that's what it does. so what are you talking about? why are you dismissing this?

  • Like 1
Link to post
Share on other sites
Noir Angel

Even the worst lawyers in the world know about inadmissable evidence, I'd like to see how the hell you think they would sneak it into trials on such a massive scale with nobody noticing.

Link to post
Share on other sites
HawkMan

I was under the understanding this NSAKey was hidden in the DLL, only discoverable after a hacker reverse engineered and decompiled the code.

 

is this NSAKey in the registry of every system now? it would only be one component to crypto. one part of a key that allows them greater access to how the cryptography services in Windows worked. it could allow them to decrypt anything they wanted without effort. you know, at least Windows encrypted stuff. and the running of signed code with higher security clearances and methods to bypass Windows security. that's what it does. so what are you talking about? why are you dismissing this?

 

It's in the registry of every windows after Windows95, and has nothing to do with the NSA, again, read up on what it ACTUALLY does instead of making up conspiracy theories in your head based on a variable name. 

 

the rest of your post again, shows a complete lack of understanding how cryptography works, just like your knowledge of how CPU's work. 

Even the worst lawyers in the world know about inadmissable evidence, I'd like to see how the hell you think they would sneak it into trials on such a massive scale with nobody noticing.

 

secret police, and black abduction teams and silent assasinations, and such of course. what did you think ? 

Link to post
Share on other sites
nullie

Even the worst lawyers in the world know about inadmissable evidence, I'd like to see how the hell you think they would sneak it into trials on such a massive scale with nobody noticing.

like the NSA and DA did recently. they falsified the information on how they obtained the evidence. there's a story about it right here:

 

http://yro.slashdot.org/story/13/06/19/0326244/nsas-role-in-terror-cases-concealed-from-defense-lawyers

 

they merely don't have to disclose the truth on how evidence was obtained, or who provided it. and they make up information to include it, fabricating information about the who, what, and where. they might use the information to generate false password and dictionary attacks for example, suddenly "breaking in" at the opportune time, when they really used other resources to crack and break in. they never have any obligation to disclose their real methods of operation.

 

and you might be right that most of the time the NSA has no reason to want to provide this information for use in the court systems. they wouldn't want to risk disclosing that they were actually in your system or spying on you in some way. this is being done all the time, and it's done just to invade your privacy and rights, they would rather keep tabs on you without risk of exposure and get you in other ways if they have to.

the rest of your post again, shows a complete lack of understanding how cryptography works, just like your knowledge of how CPU's work. 

well I have no examples to show anything else. I think you're the one who's clueless. this is pretty comprehensive. and it's you who has no clue on anything. you're stuck in a fantasy world here. the article on the AMD password thing is already out there; there are passwords and debug features on every CPU that grants backdoor super user access, for running additional code, above the operating system. this lets them modify code in execution, run rootkits, and more, all above detection of the operating system or user level applications. read up some more about it, follow the links to the other articles if you must.

Link to post
Share on other sites
Noir Angel

If evidence comes from a spotty source it will be ruled as inadmissible. I really don't think the NSA are as smart as you seem to think they are, the thing about IT geeks is that there are plenty about that are just as smart as the people the government employs and if they smell a rat they would say so.

Link to post
Share on other sites
nullie

If evidence comes from a spotty source it will be ruled as inadmissible. I really don't think the NSA are as smart as you seem to think they are, the thing about IT geeks is that there are plenty about that are just as smart as the people the government employs and if they smell a rat they would say so.

it didn't in that case man. and honestly, you have no idea how to tell or prove it came from a spotty source. the system isn't as clean as you think it is, and you gotta have proof man. it's not like you're the NSA or FBI agents or DA doing all this stuff. the court has faith in these people, and as a defendant, you can't just make a claim that this evidence was somehow discovered improperly or without a warrant, unless it's some easy case where they broke into your house or something obviously when no warrant was provided. these types of defenses to have evidence dismissed or found inadmissible only work when they don't cover their tracks man. they may very well use these covert spy techniques or illegal means to crack or gain access to something, and then use that to pursue a warrant, and include that information they gained illegally down the line without in fact saying how or where it was originally obtained. it might just be used to "legitimately" conduct the investigation afterwards. you're a fool to think this isn't how it gets done.

 

face it, you have no legitimate protection out there.

Link to post
Share on other sites
Noir Angel

You don't have to prove that it came from a spotty source, the legal system has to provide a chain of information that proves it's legitimate. Juries are made up of normal people not government spies so the argument that illegally obtained evidence would just slip by en masse just doesn't hold any water.

  • Like 1
Link to post
Share on other sites
HawkMan

well I have no examples to show anything else. I think you're the one who's clueless. this is pretty comprehensive. and it's you who has no clue on anything. you're stuck in a fantasy world here. the article on the AMD password thing is already out there; there are passwords and debug features on every CPU that grants backdoor super user access, for running additional code, above the operating system. this lets them modify code in execution, run rootkits, and more, all above detection of the operating system or user level applications. read up some more about it, follow the links to the other articles if you must.

 

Would you please read that article and understan it and see that it has NOTHING in relation to your wild claims, and it has nothing to do with backdoor access or anything. seriously, it's like you read it but something completely else that what it actually says is what you actually read. 

 

it's a maintenance mode, and you have to hack the damn cpu to activate it, and it doesn't run in normal mode bu allows you to modify the cpu to oveclock it and such. It's not a backdoor tool.

 

but this is pointless, I can see arguing common sense and that the man isn't out to get you with you is as pointless as arguing religion with a christian evangelist. 

Link to post
Share on other sites
nullie

You don't have to prove that it came from a spotty source, the legal system has to provide a chain of information that proves it's legitimate. Juries are made up of normal people not government spies so the argument that illegally obtained evidence would just slip by en masse just doesn't hold any water.

tell me when that works for you. juries are clueless noobs who believe like 73% of them that the government is doing them a favor by spying on everybody. so if their opinion is different from yours, your screwed man. you would have to have some extremely overwhelming evidence in your favor to support any illegal activity occurred in your case. there's also a good chance that most courts wouldn't even let you make the argument to the juries about this type of crap. they would sensor you and restrict your argument to directly talking about the alleged acts you committed. sure you could deny it, and say it happened another way, but the jury is free to not care, the judge can say you can't introduce evidence to support yourself, and in the end, even when everything is legit, nothing gets proven and the jury and judge doesn't care about any of your crazy claims that this was done illegitimately. no. most defense attorney's also aren't looking to expose government corruption or abuse, so you're likely to just get ****ed. our system is garbage dude, no protection at all, and no extensive review to determine how evidence was obtained, or to investigate any of your claims is usually ever made, and it doesn't just happen automatically.

Link to post
Share on other sites
nullie

Would you please read that article and understan it and see that it has NOTHING in relation to your wild claims, and it has nothing to do with backdoor access or anything. seriously, it's like you read it but something completely else that what it actually says is what you actually read. 

 

it's a maintenance mode, and you have to hack the damn cpu to activate it, and it doesn't run in normal mode bu allows you to modify the cpu to oveclock it and such. It's not a backdoor tool.

 

but this is pointless, I can see arguing common sense and that the man isn't out to get you with you is as pointless as arguing religion with a christian evangelist. 

I read the article years ago. it allows them to fully bypass any of the normal security features in the CPU. for example, memory isolation, which is a protection the OS provides to prevent "limited users" from accessing certain parts of memory and hardware. they can modify anything in memory in debug mode, access additional registers, and basically run anything they want on your system.

 

it has nothing to do with overclocking or anything else. you're pretty much unknowledgeable about anything like this. if you were a programmer you'd also understand what this could be used for, but right now you're completely talking out your ass.

 

http://hardware.slashdot.org/story/10/11/12/047243/hidden-debug-mode-found-in-amd-processors

 

here's an example of it's use:

 

limited mode software sets a register with a certain password

limited mode software suddenly can execute code in debug mode, without hardware or software level security restrictions.

limited mode software can read/write to any part of memory, giving it access to sensitive data in the operating system and has admin access without the operating systems knowledge

limited mode software has complete stealth ability if it decides to do something it wants

 

boom. whatever the software is designed to do at this point, it has admin access without having admin access. there are other articles about this out there.

 

there are many features on the CPU which are locked down but made available in debug mode. it is backdoor access to your hardware and software, or allows a lot of special things to happen and be done that cannot normally be done on an x86 CPU.

Link to post
Share on other sites
JonnyLH

So, could you please explain how it is impossible to hijack a connection and/or relay a spoofed malicious packet to a member of the internal network relying on NAT alone?

 

By the attacks you've been posting about here. I've never said the NAT attacks which you've posted aren't possible or hard even, they're easy attacks. I could upload malicious code on a website and be able to open ports to an internal machine quite easily.

 

There's the NAT Pinning attack which you described. It's essentially some Javascript which just literally calls a URL with a port defined. Once this has been done, the router knows that, that port means that machine so you can send packets against that port and that public IP address and you know it's hitting that internal machine which sent the request.

 

Another way would be to exploit UPnP using a virus or some other malicious code. This would be way more dangerous. You could build software that would periodically make calls out, so you can call it. You could push UPnP requests to open any port and exploit any protocol. There's some very scarey things you can do with some protocols. For example, I'm pretty sure its RDP or another remote desktop protocol which allows a reverse calls. For example, I tell you to connect to me. So control can be gained without your knowledge.

 

Those attacks to be honest, are quite easy to do, especially if you own a website. In the terms of this post and the way NSA would need the backdoor, NAT makes it completely unfeasible because the backdoor is waiting for the connection. The back door isn't prompting for a connection. Without this there is no way to talk to an internal host. Every consumer CPE or even big routers (I've tested this on a Juniper MX960, they're the bees knees of routers) drop packets incoming with a NAT when it hasn't got an entry on the NAT translation table. If a packet is dropped, there's nothing you can do about it.

 

That would be what I referred to as a targeted attack earlier. it's "nearly" impossible to defend yourself against a targeted attack by a dedicated and skilled hacker with enough time, with consumer grade equipment. 

 

You're right, there's attacks for most things. Look at ARP attacks for large networks, they're scary. For example inside my University network I could point the whole network to use a server I setup with just a clone facebook login page to get everyone's details but when you log-in it restores to the original site. I wouldn't have a clue myself if I was generally browsing. You even can do it without breaking SSL, scary or what?

 

I absolutely agree. I've always heard from friends I trust on security that nothing is truly secure, it's just degrees of difficulty. I would also assume that the NSA is capable of the greatest degree of difficulty possible.

 

It's my contention as well that the operative mechanism in defending against any sophisticated attack would be the firewall, intrusion detection, etc., not the NAT.

 

Hardly anything is secure, but it the terms of what the NSA would need its not feasible unless the backdoor made the connection first.

 

NAT is not a security measure. A good summary of why NAT is a bad idea, including the security issues, is given in RFC 4966: "Reasons to Move the Network Address Translator - Protocol Translator (NAT-PT) to Historic Status."

 

http://www.ietf.org/rfc/rfc4966.txt

 

Thats 100% right, its a common misconception that NAT was designed as a security feature as well as a IP saving mechanism. Although with how NAT technically works, it provides some security features which are quite good to the average consumer. 

Link to post
Share on other sites
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Abhay V
      Google brings Flutter to Windows in Alpha form, aims to add UWP support soon
      by Abhay Venkatesh



      Just a day after popular Apple-developed programming language Swift made it to Windows, Google has announced that it is bringing Flutter – its open-source, cross-platform framework – to Windows in Alpha form. The search giant has been working to bring the development platform to Windows for some time and there has even been a technical preview since June. The Alpha is supported on Windows 7 and newer.

      Flutter provides developers the ability to reuse code when building apps for multiple platforms while also leveraging the native capabilities of each platform. The Mountain View giant says that as per its own statistics, more than half of Flutter developers use Windows and that the addition of support for native desktop elements and APIs further expands the reach of the cross-platform framework.

      While the platform began with touch-based OSes like iOS and Android, it has added support for other input methods such as keyboards, mice, and more, while also adapting for larger screen sizes. This also includes support for plugins that work in unison with native code, bringing more capabilities to apps developed using the framework. The list of added components for the alpha version includes:

      The company has also created sample apps for developers to reference, which can be downloaded from GitHub here. Interested users can also head here to read more about how the app was built. The firm has also updated the Flutter Gallery app with support for desktop platforms to exhibit the prowess of the framework. The Flutter SDK can be downloaded from here. Google also recommends that developers read the additional requirements here and has provided a detailed document on getting started in its blog post.

      The firm has also created a few plugins, such as the URL launcher for launching URLs in the browser from Flutter apps, and more. Developers can also build their own plugins for Windows. There are various other resources that have been listed in the document here.

      With the Alpha release now out, Google says that it is working towards “completing the feature set and stabilizing the product for release”. It is working to improve “accessibility, globalization and localization, enhanced keyboard and text handling, support for command line arguments, and more”.

      In addition to supporting Win32 APIs, the company said that it is also working to bring a UWP version of the Flutter shell to add support for platforms such as Xbox and Windows 10X. It has also released a UWP version of the Flutter Gallery app in the Microsoft Store as a proof of concept.



    • By Usama Jawad96
      Swift makes its way to Windows 10, toolchain images now available
      by Usama Jawad

      Swift is a general-purpose programming language that is developed by Apple and was launched back in 2014. Although initially a proprietary language, Swift went open source for Apple platforms and Linux in 2015.

      Today, the Swift team has announced that support for the language has arrived on Windows 10, with new toolchain images now available to download for the operating system.

      In a blog post, Saleem Abdulrasool who is a member of the Swift Core Team and a software engineer at Google Brain, has stated that the process of porting Swift to Windows does not only include shipping the compiler but also standard and core libraries since these reduce the coding complexity for developers. With version 5.3 of Swift, development on Windows purely in Swift is now possible, and is at a point "where early adopters can start using Swift to build real experiences". It also allows developers to take advantage of existing Windows libraries.

      Abdulrasool has demoed a Calculator app written in Swift that utilizes application code as well as Windows system libraries. Early adopters such as Readdle have also been testing the development of cross-platform applications and have been fairly successful in their endeavors as well.

      Swift Package Manager is currently not supported on Windows, but Abdulrasool says that it is coming soon as well. He goes on to say that:

      Those interested in trying out Swift on Windows can refer to the "Getting Started" page here. People interested in working on core tooling can check out the Swift Bug Tracker here.

    • By Rich Woods
      Microsoft announces new platform features coming to Windows
      by Rich Woods



      Today at its Ignite 2020 conference, Microsoft actually has some Windows news to share, and it's all about developers. New versions of products are coming, such as WinUI 3 Preview 3, which lets you make apps for ARM64 now.

      First up is MSIX. Developers can now deploy files to a shared container instead of a standalone single MSIX container. This is a big deal for apps that rely on shared files or registry settings. MSIX apps will also be able to automatically update; devs will just have to add metadata with update settings to the app package. There's also a new Azure DevOps extension that automates the process of creating an MSIX package.

      For C# .NET 5 developers, you'll now be able to create Windows Runtime components with a new CsWinRT tool, coming to public preview this month. Also, the Windows SDK team is going to be releasing NuGet packages that help you to build Windows apps in "a more cloud-friendly way". The idea is that it will not require a full SDK install, using CI/CD pipelines instead.

      There's a new version of React Native for Windows, bringing it to version 0.63. It adds navigation support, better theming support, automatic linking of native modules, and more. WSL is getting new features, with users of Windows 10 versions 1903 and higher getting support for WSL 2. GUI apps in WSL are in testing in the Windows Insider Program, and you can now install WSL by running 'wsl --install'.

      Finally, Windows Terminal is getting improvements. It now has hyperlink support, letting you click on things in Terminal and having them open in the browser. It's also adding a jump list to you can launch right into a specific profile, and there's a new command palette to easily navigate your terminal.

    • By Abhay V
      Samsung might expand Galaxy Tab S7's Second screen feature to more Windows PCs
      by Abhay Venkatesh

      Apple debuted a feature in macOS Catalina called Sidecar back in 2019 that let Mac users extend their computer displays to iPads and other touchscreens. This allowed for users to use the secondary touch and stylus enabled displays – like the iPad Pro – as an input device for the Mac, making it easy to run touch-supported apps on devices without support for such input devices.

      Now, a new report suggests that Samsung is working to bring a similar feature to its flagship Galaxy Tab S7 tablets. The feature, internally codenamed ‘Sidekick’, aims to let users extend their Windows PC screens to the tablets and enable the S Pen to work as an active stylus for the devices. The feature is expected to also support different pressure levels from the S Pen.

      Interestingly, the South Korean giant detailed this very feature – called Second Screen – during the launch of its Galaxy Tab S7 devices. However, at the time, the firm claimed that the feature would work with Samsung PCs and that it will be available later this year. It is not clear if project Sidekick refers to the same feature, or if it is part of an effort to bring support to all Windows PCs.

      While the original announcement suggests that the tablets will connect wirelessly to Windows PCs, it is also not known if the capability will extend to support wired connections. This could greatly improve adoption owing to the addition of support for desktop PCs. Many Windows laptops already offer touchscreen and stylus support. Another advantage for PCs is that users can leverage the tablet’s hardware for input while running resource-heavy creative applications on the desktop.

      Second screen will be enabled for the Galaxy Tab S7 and Galaxy Tab S7+ via a firmware update “later this year”. It will be interesting to see how the company pegs this offering, and if ‘Sidekick’ happens to be more than what the company has already revealed.

      Source: Android Police

    • By Abhay V
      Recent Windows 10 version 2004 Patch Tuesday updates are reportedly breaking WSL 2
      by Abhay Venkatesh



      Microsoft released its regular suite of Patch Tuesday updates to all supported versions of Windows 10, Windows 8.1, and Windows 7 ESU customers yesterday. However, users of Windows Subsystem for Linux 2 (WSL 2) have begun reporting that the updates are causing issues with the environment. The troublesome update seems to be the one released for the May 2020 Update (version 2004), filed under KB4571756.

      Installing the cumulative update that bumps up the build to 19041.508 supposedly causes WSL2 to not load and display an “Element not found error”. It is not clear how widespread the issue is, and if there are any specific configurations that are causing the issue. Users on GitHub report that the problems began surfacing after installing the update, and that uninstalling the quality update fixed the problem.

      Interestingly, though users claim to be able to get WSL 2 working post uninstalling KB4571756, the problem with WSL prompting an error has existed since late July and also plagues users when they try to upgrade from WSL 1 to WSL 2. Another thread suggests that the errors are being served in Insider Preview builds, suggesting that the problem is not specific just to current production versions of the OS.

      It is not clear what exactly causes the issue since it affects multiple versions of the OS. It is also not clear if it was fixed with a previous patch for the production versions that reappeared with the latest round of updates. There are no reports on whether the error is seen on Windows 10 versions 1903 and 1909 since WSL 2 was backported to those versions last month.

      While the known issues on the KB article does not list the WSL 2 problems, a response on GitHub suggests that the company is working on a fix. For those running production builds that rely on WSL 2, it is best to pause the latest updates from installing. The only workaround for those that are facing issues after the update is to uninstall the cumulative patch by heading to Settings > Update & Security > Windows Update > View update history > Uninstall updates and uninstalling KB4571756..

      Source: GitHub via Techdows