Hawx

Summary
A recent presentation by David Weston, Director of OS Security at Microsoft, has managed to fly under the radar, but contains loads of information about the future security state of Windows along with upcoming features to support this state. There's quite a lot of information in the video that I'll attempt to summarize here, although I'd suggest giving it a watch if you're in the Development/Infosec/IT space.
 
Windows 11 has provided a hardware security baseline for Microsoft, with features that require hardware support (HVCI, TPM etc) to be enabled by default going forward, stating that Windows 10 strategy of off-by-default was a failure. Admin accounts are a continued security problem within the Windows ecosystem, so a future version of Windows will be adding a new "Adminless" account model with linux-like just-in-time escalation. This new model intends to provide a secure middle-ground between the frustrations of a standard user account and the security risks of an Admin account. "Adminless" accounts will run as a "less privileged" user by default and prompt users with Windows Hello when an application requires escalation for a given operation, rather than permanently running the account as a standard or admin user. Win32 Applications will be bundled under the new Win32 App Isolation model in an attempt to prevent privilege escalation if an application is compromised/exploited, meaning that: The application registry and file system will be virtualized, resulting in clean uninstalls. The application specifies what permissions it requires when packaged and said permissions will integrate within Windows (similar to UWP apps) Applications will still have full access to the system, but restricted by what permissions were declared with the manifest, ie a notepad app should not have permissions to access your webcam. The MSIX packager will automatically analyze the application behavior and work out a permissions baseline for the developer to make the move as easy as possible. A full demo of Notepad++ running with this sandbox enabled was shown to demonstrate that all existing win32 features are supported. Inspired by what third-party AVs already do, Smart App Control is going to be rolled out, working as a cloud-driven reputation system to only permit signed and/or well-known high-reputation software from running. SAC is intended to prevent zero-day exploits from spreading before Defender has received updated definitions. This will be rolled out by default depending on what software someone uses. For example, if you use IDEs or other technical tools it'll be disabled, whilst someone that only uses Chrome and Spotify will have it enabled. The system can be disabled in a single click if required. (Note: this feature is already available in some markets for fresh Windows 11 installs) TPMs within the ecosystem are not in a healthy state, with telemetry telling Microsoft that many are running vulnerable firmware due to manufactures not pushing out updates, and some being inoperable due to hardware failures or other issues. Microsoft is working on its Pluton security chip to replace/augment the existing TPM ecosystem and have the ability to push out firmware updates via Windows Update. Software/Hardware mitigations are reaching the end of the road in terms of viability. Microsoft is now focused on eliminating classes of security bugs with extensive R&D going into the use of Memory-safe languages (Rust) in areas of the system that exploits often appear in: To prove it out, the font analysis/rendering subsystem was rewritten over 6 months from 96k lines of C++ to 152k lines of Rust. This has also improved performance by 5%-15%. Parts of Win32k GDI have also been rewritten in Rust and will be shipping with an upcoming Insider build of Windows.  
Quotes
Slide dumping a bit here as they're more useful than anything I could quote from the talk.





 
My thoughts
I believe the adminless account model will be a massive improvement for ecosystem security without annoying users like with previous attempts. Smart access control also appears fine to enable for the vast majority of users that do nothing more than browse the internet with their computers and should be able to prevent a whole class of zero-day attacks.
 
Sources
Presentation slides: https://github.com/dwizzzle/Presentations/blob/master/David Weston - Windows 11 Security by-default - Bluehat IL 2023.pdf
 
 

Summary
A recent presentation by David Weston, Director of OS Security at Microsoft, has managed to fly under the radar, but contains loads of information about the future security state of Windows along with upcoming features to support this state. There's quite a lot of information in the video that I'll attempt to summarize here, although I'd suggest giving it a watch if you're in the Development/Infosec/IT space.
 
Windows 11 has provided a hardware security baseline for Microsoft, with features that require hardware support (HVCI, TPM etc) to be enabled by default going forward, stating that Windows 10 strategy of off-by-default was a failure. Admin accounts are a continued security problem within the Windows ecosystem, so a future version of Windows will be adding a new "Adminless" account model with linux-like just-in-time escalation. This new model intends to provide a secure middle-ground between the frustrations of a standard user account and the security risks of an Admin account. "Adminless" accounts will run as a "less privileged" user by default and prompt users with Windows Hello when an application requires escalation for a given operation, rather than permanently running the account as a standard or admin user. Win32 Applications will be bundled under the new Win32 App Isolation model in an attempt to prevent privilege escalation if an application is compromised/exploited, meaning that: The application registry and file system will be virtualized, resulting in clean uninstalls. The application specifies what permissions it requires when packaged and said permissions will integrate within Windows (similar to UWP apps) Applications will still have full access to the system, but restricted by what permissions were declared with the manifest, ie a notepad app should not have permissions to access your webcam. The MSIX packager will automatically analyze the application behavior and work out a permissions baseline for the developer to make the move as easy as possible. A full demo of Notepad++ running with this sandbox enabled was shown to demonstrate that all existing win32 features are supported. Inspired by what third-party AVs already do, Smart App Control is going to be rolled out, working as a cloud-driven reputation system to only permit signed and/or well-known high-reputation software from running. SAC is intended to prevent zero-day exploits from spreading before Defender has received updated definitions. This will be rolled out by default depending on what software someone uses. For example, if you use IDEs or other technical tools it'll be disabled, whilst someone that only uses Chrome and Spotify will have it enabled. The system can be disabled in a single click if required. (Note: this feature is already available in some markets for fresh Windows 11 installs) TPMs within the ecosystem are not in a healthy state, with telemetry telling Microsoft that many are running vulnerable firmware due to manufactures not pushing out updates, and some being inoperable due to hardware failures or other issues. Microsoft is working on its Pluton security chip to replace/augment the existing TPM ecosystem and have the ability to push out firmware updates via Windows Update. Software/Hardware mitigations are reaching the end of the road in terms of viability. Microsoft is now focused on eliminating classes of security bugs with extensive R&D going into the use of Memory-safe languages (Rust) in areas of the system that exploits often appear in: To prove it out, the font analysis/rendering subsystem was rewritten over 6 months from 96k lines of C++ to 152k lines of Rust. This has also improved performance by 5%-15%. Parts of Win32k GDI have also been rewritten in Rust and will be shipping with an upcoming Insider build of Windows.  
Quotes
Slide dumping a bit here as they're more useful than anything I could quote from the talk.





 
My thoughts
I believe the adminless account model will be a massive improvement for ecosystem security without annoying users like with previous attempts. Smart access control also appears fine to enable for the vast majority of users that do nothing more than browse the internet with their computers and should be able to prevent a whole class of zero-day attacks.
 
Sources
Presentation slides: https://github.com/dwizzzle/Presentations/blob/master/David Weston - Windows 11 Security by-default - Bluehat IL 2023.pdf
 
 

The only change is that when applications require admin escalation you will be asked instead of applications being given free rein by default. The goal here is to stop applications having unnecessary privileges and becoming an exploit/escalation risk, not to stop users doing what they like. 

FYI, There's a pretty good interview with David Weston, partner director of enterprise and OS security at Microsoft, that goes over the reasoning behind the requirements:
Windows 11: Understanding the system requirements and the security benefits - TechRepublic

FYI, There's a pretty good interview with David Weston, partner director of enterprise and OS security at Microsoft, that goes over the reasoning behind the requirements:
Windows 11: Understanding the system requirements and the security benefits - TechRepublic

FYI, There's a pretty good interview with David Weston, partner director of enterprise and OS security at Microsoft, that goes over the reasoning behind the requirements:
Windows 11: Understanding the system requirements and the security benefits - TechRepublic

Decided to see what happens if he plugged in a 6-pin without discharging his PSU. Then he proceeded to place the card in the fridge in an effort to fix it. Past that explanation, he decided to 'troll' everyone and excessively swear/insult forum members, blaming them, Americans, and Canadians for his own stupidity. Then he called someone an 'English c*nt' and I reported the thread.

My mum just called the computer a 'motor', I had to explain that the computer is in no way related to an internal combustion engine, or an electric motor. *sigh*

Your research clearly sucks then. Otherwise you would've quickly discovered that the triangle of "Microsoft's main revenue source", "Microsoft's product strategy", and "Microsoft's privacy policies" certainly doesn't equal some melodramatic grand conspiracy where Microsoft went out of their way to harvest your personal information. Microsoft is now a cloud services company, and Windows is nowhere near its main focus.
 
Microsoft actually goes to great lengths to scrub, anonymise and aggregate inbound data into non-identifiable sample points, and has internal teams dedicated to maintaining the privacy of its users. Again, it's not a magical black box where there's some bad actor at Microsoft going "yes please the data from Radium_Angel yum yum"
 
Legally you agreed when you installed the operating system.
 
Yeah sure mate, do you mind emailing me this data point: https://docs.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004#microsoftwindowsinventorycoreinventorydevicepnpadd
It ensures that the windows update you're about to install doesn't brick your system due to an incompatible driver. Oh yeah, just email me this for every single update.
 
When the next feature update is available, be sure to email me the these checksums:
https://docs.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004#microsoftwindowsappraisergeneralchecksumtotalpicturecount
They make sure the update you're about to install isn't corrupted or malicious. 
 
What? You lied in the last telemetry email you sent us because you were lazy??? Now all of our data is useless! If only there were some way to make sure you weren't trying to send us garbage data:
https://docs.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004#telclientsyntheticheartbeat_5
 
Whilst that firing sucked, QA/QC staff have their limits, especially with the billions of different hardware and software combinations out in the wild. You might remember there was a feature update (1809) a few years ago that resulted in data loss for a tiny percent of people. Microsoft used its migration telemetry that's designed to track data loss scenarios:
https://docs.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004#microsoftwindowsmigrationcoremigobjectcountdlusr
and combined it with the other telemetry points to figure out it was a problem with the Known Folder Redirection feature being enabled and old versions of OneDrive. It's unlikely this scenario would've been covered by manual internal testing, and diagnosing the problem would've been incredibly difficult without the ability to correlate system data.

After working in The Biz for a while, I have some knowledge of why.
Any organization inside a software development house will function like a bureaucracy, as any organization will eventually fall into this despite hopes for pseudoanarchy. In the case of QA, they're often left to their own devices. This "just... tell us what's wrong" approach means that there's a disconnect between developers and testers.
 
From my understanding, Microsoft started encouraging developers inside to test releases through some form of internal "insiders program". We know that this sort of thing exists because of folks like Jen Gentleman talking about, but also things like BuildFeed (RIP) where we saw a lot of internal branches; it's now well documented over on wikipedia. This also means that broader bugs in Windows are caught by the developers before more users see it.
What this means is that Microsoft has shifted how they test Windows. Why? Strangely, because having independent QA teams leads to a horrible pattern called Tester-Driven Development. Having a QA team that exists only for QA means that development focus shifts constantly to their beck and call. This also means that advancement within the QA team is almost entirely driven by your ability to spit out bugs for developers to fix... even if those bugs are meaningless or really caused by a deeper problem. This causes a lot of surface level problems to get patched over (we've seen some of those throughout Windows' development history) and doesn't give developers enough time to go back and find root causes.
 
Now, that's not to say that bugs don't happen, but here's what it takes for a bug to make it out:
it has to make it past the development team that is actively working on it (ballpark 20-30 people) It has to make it past the "canary" channel (nightly builds, probably 200-300 people) It has to make it past the "Selfhost" channel (builds that have been approved by those 200-300 people) It has to make it past the "Dev" channel, the first time it's seen outside of Microsoft. (likely 3-4k people) It has to make it past the "Microsoft" channel, where it's rolled out across workstations inside Micorosoft (50-100k at minimum) It has to make it past the "Beta" channel, the first time most consumer Insiders get to see it. This is the most unstable channel that is publicly available to users. (Ballpark 5 million people) It has to make it past the "Release Preview" channel, the last channel before it goes live to the rest of the world (ballpark 3-4 million people) If you're curious how many people it takes inside Microsoft to get a thing out the door, the blog posts How Many Microsoft Employees Does It Take to Change a Lightbulb by Eric Lippert, a developer on windows, and Thinking through a feature by Raymond Chen, one of the oldest developers in Windows. Both of these are probably some of the best looks into what it takes to get a change into Windows; change "Feature" to "Bugfix" and the logic still holds the same.
 
And yet bugs still exist in Windows. So, how bad of a bug does it need to be in order to not get squashed?
Let's assume that a developer is worth, ballpark, $100/hr and it'll take 5-6 developers to get it fixed, tested, and reviewed before it goes to Canary. That's between $500-800 per hour of development time, give or take. with a typical bug fix taking between 100-200 hours worth of time to properly diagnose and triage. That's $500,000-$1,600,000 in developer time for a single bug. That's not including the time of the PM, god help you if there's localization problems, etc.
Now, how many users does that bug affect? Let's assume there are 800 million Windows users at any one given time (since that's the last number we've gotten out of Windows.) 100,000 people at a time is only shy of 0.125% of users. That's such a small fraction of people that it isn't worth time (shy of someone getting a real bug up their ass) to go fix it. it's spending $1million on a thing that affects 0.125% of the population when that same $1m (or, likely, $2-3million) could be spent dealing with a bug that affects 1,000,000 users (12.5%).
The other issue is that to fix a bug, they have to find out if it's any number of categories. These are all real situations that I know have caused intermittent bugs:
is it a bad version of the nVidia graphics driver that only gets shipped to users running older Quadro cards? is it a CPU instruction that isn't being interpreted correctly and as a result something gets shoved to an off-by-1 error? is it a race condition caused by high speed networks being just right that a coil of 100ft of cat5 sitting under someone's desk causes two threads to lose the race at the wrong time? Is it caused by a buggy USB3 controller that was only used by one vendor for one generation of machine before the controller was updated due to a bug in the actual silicon, and thus it only occurs on that one specific generation of HP Elitebooks? is it caused by lower quality HDMI cables getting interference during display EDID reading that causes the display to do something weird because windows trusted the EDID values a little too much? Is it a configuration that was otherwise uncommon but promoted on some blog as a "really cool trick" and now causes people to lose their data because someone tried to be clever? Lastly, the developers often go in blind trying to figure out what's going on. They get a vague "when I click the start button 1,000 times, the 1001th time it doesn't render right." There could be any NUMBER of things that happen between 1,000 clicks of the start menu: drivers can be updated, services stopped and restated, is this one single sitting, did the monitor turn off, is there actually a monitor or is this over RDP, etc. etc. etc.
 
Winding back, QA inside Microsoft was, likely, not actually all that useful and getting in the way of shipping actual fixes.

Your research clearly sucks then. Otherwise you would've quickly discovered that the triangle of "Microsoft's main revenue source", "Microsoft's product strategy", and "Microsoft's privacy policies" certainly doesn't equal some melodramatic grand conspiracy where Microsoft went out of their way to harvest your personal information. Microsoft is now a cloud services company, and Windows is nowhere near its main focus.
 
Microsoft actually goes to great lengths to scrub, anonymise and aggregate inbound data into non-identifiable sample points, and has internal teams dedicated to maintaining the privacy of its users. Again, it's not a magical black box where there's some bad actor at Microsoft going "yes please the data from Radium_Angel yum yum"
 
Legally you agreed when you installed the operating system.
 
Yeah sure mate, do you mind emailing me this data point: https://docs.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004#microsoftwindowsinventorycoreinventorydevicepnpadd
It ensures that the windows update you're about to install doesn't brick your system due to an incompatible driver. Oh yeah, just email me this for every single update.
 
When the next feature update is available, be sure to email me the these checksums:
https://docs.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004#microsoftwindowsappraisergeneralchecksumtotalpicturecount
They make sure the update you're about to install isn't corrupted or malicious. 
 
What? You lied in the last telemetry email you sent us because you were lazy??? Now all of our data is useless! If only there were some way to make sure you weren't trying to send us garbage data:
https://docs.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004#telclientsyntheticheartbeat_5
 
Whilst that firing sucked, QA/QC staff have their limits, especially with the billions of different hardware and software combinations out in the wild. You might remember there was a feature update (1809) a few years ago that resulted in data loss for a tiny percent of people. Microsoft used its migration telemetry that's designed to track data loss scenarios:
https://docs.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004#microsoftwindowsmigrationcoremigobjectcountdlusr
and combined it with the other telemetry points to figure out it was a problem with the Known Folder Redirection feature being enabled and old versions of OneDrive. It's unlikely this scenario would've been covered by manual internal testing, and diagnosing the problem would've been incredibly difficult without the ability to correlate system data.

This is honestly one of LTT's worst videos, as it really demonstrates the limits of Anthony's technical understanding of the underlying system he's trying to explain.
 
The most egregious part is when he states that Explorer is more responsive because it usually has to "update some log in the background that's gotta go off to microsoft". Not only is this false, you basically just called Microsoft's engineers a bunch of morons who don't know how to implement a non-blocking, asynchronous background queue (hint: event logging is a non-blocking operation).
 
As usual, there's no actual explanation of Windows 10's telemetry subsystem and instead Linus just waves his hands around about the "phoning home" boogeyman.
 
You could, I don't know, actually inform your watchers that that just setting your telemetry settings to Basic or Required (v2004), will restrict all reporting to just the reliability & crash metrics explicitly outlined in:
https://docs.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004
 
You could even tell users to take a look at the Diagnostic Data Viewer to see what's being sent so they can discover for themselves that it's a bunch of uninteresting anonymous metrics and error reports.
 
Linus and Anthony continue the tech youtuber trend of fear mongering that Windows telemetry is some mysterious black box of unknown stuff that's trying to secretly harvest your PI, when in reality Microsoft has outlined everything they collect and why they collect it within the Windows 10 privacy documentation above. Maybe you could break the mold and actually read the Microsoft documentation for once? 
 
This is just copypasta at this point, I've definitely seen it more than once. It's written as if there's no possible reason Microsoft might want to know how your system is operating. Microsoft is made up of thousands of engineers across hundreds of different teams. Each team wants to see diagnostic metrics over the piece of the pie they happen to own. The metrics are aggregated, anonymised and most of the original data deleted after 90 days. Unlike the Linux community, the average windows 10 user does not have the technical skillset or motivation to report to microsoft that an audio driver is throwing some errors somewhere in the kernel. 

This is honestly one of LTT's worst videos, as it really demonstrates the limits of Anthony's technical understanding of the underlying system he's trying to explain.
 
The most egregious part is when he states that Explorer is more responsive because it usually has to "update some log in the background that's gotta go off to microsoft". Not only is this false, you basically just called Microsoft's engineers a bunch of morons who don't know how to implement a non-blocking, asynchronous background queue (hint: event logging is a non-blocking operation).
 
As usual, there's no actual explanation of Windows 10's telemetry subsystem and instead Linus just waves his hands around about the "phoning home" boogeyman.
 
You could, I don't know, actually inform your watchers that that just setting your telemetry settings to Basic or Required (v2004), will restrict all reporting to just the reliability & crash metrics explicitly outlined in:
https://docs.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004
 
You could even tell users to take a look at the Diagnostic Data Viewer to see what's being sent so they can discover for themselves that it's a bunch of uninteresting anonymous metrics and error reports.
 
Linus and Anthony continue the tech youtuber trend of fear mongering that Windows telemetry is some mysterious black box of unknown stuff that's trying to secretly harvest your PI, when in reality Microsoft has outlined everything they collect and why they collect it within the Windows 10 privacy documentation above. Maybe you could break the mold and actually read the Microsoft documentation for once? 
 
This is just copypasta at this point, I've definitely seen it more than once. It's written as if there's no possible reason Microsoft might want to know how your system is operating. Microsoft is made up of thousands of engineers across hundreds of different teams. Each team wants to see diagnostic metrics over the piece of the pie they happen to own. The metrics are aggregated, anonymised and most of the original data deleted after 90 days. Unlike the Linux community, the average windows 10 user does not have the technical skillset or motivation to report to microsoft that an audio driver is throwing some errors somewhere in the kernel. 

This is honestly one of LTT's worst videos, as it really demonstrates the limits of Anthony's technical understanding of the underlying system he's trying to explain.
 
The most egregious part is when he states that Explorer is more responsive because it usually has to "update some log in the background that's gotta go off to microsoft". Not only is this false, you basically just called Microsoft's engineers a bunch of morons who don't know how to implement a non-blocking, asynchronous background queue (hint: event logging is a non-blocking operation).
 
As usual, there's no actual explanation of Windows 10's telemetry subsystem and instead Linus just waves his hands around about the "phoning home" boogeyman.
 
You could, I don't know, actually inform your watchers that that just setting your telemetry settings to Basic or Required (v2004), will restrict all reporting to just the reliability & crash metrics explicitly outlined in:
https://docs.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004
 
You could even tell users to take a look at the Diagnostic Data Viewer to see what's being sent so they can discover for themselves that it's a bunch of uninteresting anonymous metrics and error reports.
 
Linus and Anthony continue the tech youtuber trend of fear mongering that Windows telemetry is some mysterious black box of unknown stuff that's trying to secretly harvest your PI, when in reality Microsoft has outlined everything they collect and why they collect it within the Windows 10 privacy documentation above. Maybe you could break the mold and actually read the Microsoft documentation for once? 
 
This is just copypasta at this point, I've definitely seen it more than once. It's written as if there's no possible reason Microsoft might want to know how your system is operating. Microsoft is made up of thousands of engineers across hundreds of different teams. Each team wants to see diagnostic metrics over the piece of the pie they happen to own. The metrics are aggregated, anonymised and most of the original data deleted after 90 days. Unlike the Linux community, the average windows 10 user does not have the technical skillset or motivation to report to microsoft that an audio driver is throwing some errors somewhere in the kernel. 

This is honestly one of LTT's worst videos, as it really demonstrates the limits of Anthony's technical understanding of the underlying system he's trying to explain.
 
The most egregious part is when he states that Explorer is more responsive because it usually has to "update some log in the background that's gotta go off to microsoft". Not only is this false, you basically just called Microsoft's engineers a bunch of morons who don't know how to implement a non-blocking, asynchronous background queue (hint: event logging is a non-blocking operation).
 
As usual, there's no actual explanation of Windows 10's telemetry subsystem and instead Linus just waves his hands around about the "phoning home" boogeyman.
 
You could, I don't know, actually inform your watchers that that just setting your telemetry settings to Basic or Required (v2004), will restrict all reporting to just the reliability & crash metrics explicitly outlined in:
https://docs.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004
 
You could even tell users to take a look at the Diagnostic Data Viewer to see what's being sent so they can discover for themselves that it's a bunch of uninteresting anonymous metrics and error reports.
 
Linus and Anthony continue the tech youtuber trend of fear mongering that Windows telemetry is some mysterious black box of unknown stuff that's trying to secretly harvest your PI, when in reality Microsoft has outlined everything they collect and why they collect it within the Windows 10 privacy documentation above. Maybe you could break the mold and actually read the Microsoft documentation for once? 
 
This is just copypasta at this point, I've definitely seen it more than once. It's written as if there's no possible reason Microsoft might want to know how your system is operating. Microsoft is made up of thousands of engineers across hundreds of different teams. Each team wants to see diagnostic metrics over the piece of the pie they happen to own. The metrics are aggregated, anonymised and most of the original data deleted after 90 days. Unlike the Linux community, the average windows 10 user does not have the technical skillset or motivation to report to microsoft that an audio driver is throwing some errors somewhere in the kernel. 

This is honestly one of LTT's worst videos, as it really demonstrates the limits of Anthony's technical understanding of the underlying system he's trying to explain.
 
The most egregious part is when he states that Explorer is more responsive because it usually has to "update some log in the background that's gotta go off to microsoft". Not only is this false, you basically just called Microsoft's engineers a bunch of morons who don't know how to implement a non-blocking, asynchronous background queue (hint: event logging is a non-blocking operation).
 
As usual, there's no actual explanation of Windows 10's telemetry subsystem and instead Linus just waves his hands around about the "phoning home" boogeyman.
 
You could, I don't know, actually inform your watchers that that just setting your telemetry settings to Basic or Required (v2004), will restrict all reporting to just the reliability & crash metrics explicitly outlined in:
https://docs.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004
 
You could even tell users to take a look at the Diagnostic Data Viewer to see what's being sent so they can discover for themselves that it's a bunch of uninteresting anonymous metrics and error reports.
 
Linus and Anthony continue the tech youtuber trend of fear mongering that Windows telemetry is some mysterious black box of unknown stuff that's trying to secretly harvest your PI, when in reality Microsoft has outlined everything they collect and why they collect it within the Windows 10 privacy documentation above. Maybe you could break the mold and actually read the Microsoft documentation for once? 
 
This is just copypasta at this point, I've definitely seen it more than once. It's written as if there's no possible reason Microsoft might want to know how your system is operating. Microsoft is made up of thousands of engineers across hundreds of different teams. Each team wants to see diagnostic metrics over the piece of the pie they happen to own. The metrics are aggregated, anonymised and most of the original data deleted after 90 days. Unlike the Linux community, the average windows 10 user does not have the technical skillset or motivation to report to microsoft that an audio driver is throwing some errors somewhere in the kernel. 

Probably the biggest thing is the introduction of Henry Cavill (Superman) as a pilot.
 
Oh, and it was announced today that SQ42 is tech-complete, with a release roadmap to be published in december.
Object Container Streaming was the last piece in the technology puzzle as it's required for good performance within a large play area. Said technology was released for testing today with Alpha 3.3, massively improving general performance.
 
In other news, with Alpha 3.3 they're releasing a public portal that'll allow you to see performance data CIG is receiving from client telemetry, showing an FPS spread based on CPU/GPU specifications.

It's a pretty interesting case. Crytek's complaint of course is designed to bolster their position as much as possible. CIG's response to the claims will be important but has yet to happen.
Wouldn't really take months, CIG would just do the same thing they did for the Lumberyard move, as in rebase their years of changes on to CE 3.7. The only item to be cut would be the proprietary fog tech they took from lumberyard. 
 
The game isn't out so therefore it's a money laundering scheme? lmao. CIG is paying for the operations of 5 studios and over 400 personnel. They also get extensively audited by both the UK and US governments for their tax credits each year, and the co-founder is a well respected entertainment lawyer. What a ridiculous statement.
 
Amazon did a full buyout of CryEngine at the time, to the tune of $75 million. Amazon has full rights to the engine and isn't bound by anything to do with Crytek, nor has to pay Crytek any continuous fees.

It's a pretty interesting case. Crytek's complaint of course is designed to bolster their position as much as possible. CIG's response to the claims will be important but has yet to happen.
Wouldn't really take months, CIG would just do the same thing they did for the Lumberyard move, as in rebase their years of changes on to CE 3.7. The only item to be cut would be the proprietary fog tech they took from lumberyard. 
 
The game isn't out so therefore it's a money laundering scheme? lmao. CIG is paying for the operations of 5 studios and over 400 personnel. They also get extensively audited by both the UK and US governments for their tax credits each year, and the co-founder is a well respected entertainment lawyer. What a ridiculous statement.
 
Amazon did a full buyout of CryEngine at the time, to the tune of $75 million. Amazon has full rights to the engine and isn't bound by anything to do with Crytek, nor has to pay Crytek any continuous fees.

It's a pretty interesting case. Crytek's complaint of course is designed to bolster their position as much as possible. CIG's response to the claims will be important but has yet to happen.
Wouldn't really take months, CIG would just do the same thing they did for the Lumberyard move, as in rebase their years of changes on to CE 3.7. The only item to be cut would be the proprietary fog tech they took from lumberyard. 
 
The game isn't out so therefore it's a money laundering scheme? lmao. CIG is paying for the operations of 5 studios and over 400 personnel. They also get extensively audited by both the UK and US governments for their tax credits each year, and the co-founder is a well respected entertainment lawyer. What a ridiculous statement.
 
Amazon did a full buyout of CryEngine at the time, to the tune of $75 million. Amazon has full rights to the engine and isn't bound by anything to do with Crytek, nor has to pay Crytek any continuous fees.

Source: https://www.tweaktown.com/news/59654/intel-launches-next-gen-optane-ssd-900p/index.html
 

 

 
Well, it's certainly fast. The latency is apparently what makes all the difference in general usage though.
 
A Star Citizen game package & ship, the Intel-exclusive Sabre Raven (which will be available to fly in SC's next major patch) is also bundled with the drive, which could potentially be a $170+ cashback if you aren't interested in holding on to it.

(this packaging looks really neat!)

 
EDIT: Review is now up:
https://www.anandtech.com/show/11953/the-intel-optane-ssd-900p-review
 

Jesus christ this drive is fast

 
 
EDIT 3: And another good review: https://www.pcper.com/reviews/Storage/Intel-Optane-SSD-900P-480GB-and-280GB-NVMe-HHHL-SSD-Review-Lots-3D-XPoint
 

Source: https://www.tweaktown.com/news/59654/intel-launches-next-gen-optane-ssd-900p/index.html
 

 

 
Well, it's certainly fast. The latency is apparently what makes all the difference in general usage though.
 
A Star Citizen game package & ship, the Intel-exclusive Sabre Raven (which will be available to fly in SC's next major patch) is also bundled with the drive, which could potentially be a $170+ cashback if you aren't interested in holding on to it.

(this packaging looks really neat!)

 
EDIT: Review is now up:
https://www.anandtech.com/show/11953/the-intel-optane-ssd-900p-review
 

Jesus christ this drive is fast

 
 
EDIT 3: And another good review: https://www.pcper.com/reviews/Storage/Intel-Optane-SSD-900P-480GB-and-280GB-NVMe-HHHL-SSD-Review-Lots-3D-XPoint
 

(if you're instantly confused by this post, check what subforum you're in lol)
 
Since I did last year's megathread on these forums, I might as well do this year's as well (it actually serves as a helpful personal reference when I need to find something). CitizenCon is Star Citizen's annual convention. You can see this year's schedule below:

https://go.twitch.tv/starcitizen
 
Pre-Show Info Releases:
 
10 articles regarding ship loadouts and stats were releases over the past 2 weeks in a run-up to the launch of the new ship matrix, part 1 is here: https://robertsspaceindustries.com/comm-link/engineering/16163-The-Shipyard-Careers-And-Roles
 
The updated ship matrix is available here: https://robertsspaceindustries.com/ship-matrix
 
A website redesign was also teased: https://robertsspaceindustries.com/media/uwcb22pgvemcbr/source/Website_SneakPeek_Oct24.png
 
The Sabre Raven is an Intel Optane 900p Exclusive, and will be flyable in 3.0: 
https://robertsspaceindustries.com/pledge/ships/sabre/Sabre-Raven
https://www.tweaktown.com/news/59654/intel-launches-next-gen-optane-ssd-900p/index.html
 
The CNOU Mustang's redesign is present in the CitizenCon brochure given to attendees and will likely be discussed during the presentations:
https://i.redd.it/rijrsfb35duz.png
 
The CNOU Pioneer was revealed as a Outpost builder: https://robertsspaceindustries.com/media/of1es6gu4pa4ir/source/Alderin-Landed-Snow-Shot.jpg
 
The Weather app MyRadar was updated to with a Star Citizen tie-in, showing off Stanton's moons:
https://i.redd.it/fhevu74r8duz.jpg
 
During-Show Info Releases:

 

 
You can now learn the Xi'an language: https://robertsspaceindustries.com/spectrum/community/SC/forum/88013?page=1&sort=hot
CNOU Pioneer info dump/images/sale: https://robertsspaceindustries.com/comm-link/transmission/16200-Consolidated-Outland-Pioneer
 
PG Cities Demo was performed! Video here: 
 

 
 

Source: https://www.tweaktown.com/news/59654/intel-launches-next-gen-optane-ssd-900p/index.html
 

 

 
Well, it's certainly fast. The latency is apparently what makes all the difference in general usage though.
 
A Star Citizen game package & ship, the Intel-exclusive Sabre Raven (which will be available to fly in SC's next major patch) is also bundled with the drive, which could potentially be a $170+ cashback if you aren't interested in holding on to it.

(this packaging looks really neat!)

 
EDIT: Review is now up:
https://www.anandtech.com/show/11953/the-intel-optane-ssd-900p-review
 

Jesus christ this drive is fast

 
 
EDIT 3: And another good review: https://www.pcper.com/reviews/Storage/Intel-Optane-SSD-900P-480GB-and-280GB-NVMe-HHHL-SSD-Review-Lots-3D-XPoint
 

Source: https://www.tweaktown.com/news/59654/intel-launches-next-gen-optane-ssd-900p/index.html
 

 

 
Well, it's certainly fast. The latency is apparently what makes all the difference in general usage though.
 
A Star Citizen game package & ship, the Intel-exclusive Sabre Raven (which will be available to fly in SC's next major patch) is also bundled with the drive, which could potentially be a $170+ cashback if you aren't interested in holding on to it.

(this packaging looks really neat!)

 
EDIT: Review is now up:
https://www.anandtech.com/show/11953/the-intel-optane-ssd-900p-review
 

Jesus christ this drive is fast

 
 
EDIT 3: And another good review: https://www.pcper.com/reviews/Storage/Intel-Optane-SSD-900P-480GB-and-280GB-NVMe-HHHL-SSD-Review-Lots-3D-XPoint