Maybe Wait on Fall Creator’s Update?

The new Windows 10 Fall Update is on the way! Maybe you should not be “cutting edge” and install it immediately! It might be worth waiting to let things shake out.

Windows 10 Fall Creators Update: New features to try, but don’t rush to install it

ZDNet – By: Ed Bott – “After a little more than two years, Microsoft has finally settled into a rhythm with its new, fast-paced development cadence for Windows 10.

What Microsoft’s marketers are calling the Fall Creators Update (officially version 1709) begins arriving on desktop PCs today via Windows Update and will soon be available for download at all the usual places.

The final build number for this release is 16299.

This is the fourth feature update to Windows 10 in a little over two years. And that pace will continue, with new feature updates (essentially full upgrades) due on a predictable twice-yearly cadence going forward.

As with previous feature updates, there are no last-minute surprises in this update. It’s been developed in the open, with dozens of preview releases to members of the Windows Insider Program. For those who haven’t been paying close attention, though, this article should get you up to speed quickly.

More importantly, it means you have to decide whether to allow the upgrade to happen on Microsoft’s schedule or to take charge of the upgrade timing yourself. IT pros responsible for managing a fleet of Windows 10 PCs can use group policy settings to temporarily delay the Fall Creators Update for up to 18 months; individual Windows 10 users have simpler options in the user interface. In either case, it’s crucial to act now.

In Microsoft’s arcane language, today’s release goes to the Semi-Annual Channel for deployment to targeted consumer devices; it will be declared ready for broad deployment to business PCs after several months of cumulative updates and feedback. (Those “targeted” and “broad deployment” milestones replace the previous Current Branch and Current Branch for Business concepts.)

For most business PCs, the correct option is to defer upgrades for at least a few months, while testing the new release on a limited number of pilot devices to identify compatibility issues with existing applications and hardware.

WHAT’S NEW
The new and changed features in this release encompass a wide array of user scenarios, including a healthy assortment aimed at IT pros and developers.

One of the most important benefits of the twice-annual feature update schedule is that it allows Windows developers to incrementally improve features that previously would have languished for years between major releases. In this feature update, for example, you’ll find the following small but meaningful usability tweaks:

Every Wi-Fi connection now has a prominent option to configure whether it’s part of a public or private network, as shown here. In previous versions, that option was difficult to locate.

Setting a wireless network connection as public or private is easier in this release.

Similarly, the venerable Task Manager has several small improvements, including options that allow you to track GPU activity on a per-application basis and more convenient grouping of related processes. This release also incorporates changes designed to improve the experience of running Windows on high-DPI displays; built-in utilities like Registry Editor and Snipping Tool are no longer blurry when moving between multiple displays running at different scaling factors..

The Power Throttling feature makes its debut in this release, offering a simple slider-based option that lets you tune Windows 10 for better battery life or better performance.

The built-in Windows 10 apps also include major improvements in this release. I’ll have a more detailed look at them in a follow-up post.

THE USER EXPERIENCE
After a few gyrations in the first year, the basic design of the Windows 10 Start experience has remained consistent. This build is the first to incorporate elements of Microsoft’s new Fluent Design, which adds subtle performance and usability improvements, including easier resizing and smoother transitions.

Action Center, which hosts notifications on the right side of the screen, also gets Fluent Design features (most noticeable when you have transparency turned on) and is redesigned to make it easier to deal with notifications.

Cortana’s settings, which used to be available only from within the Cortana app, are now integrated into Settings. And in a cool design change, Cortana now displays answers in a flyout from the Start menu. That also includes results from web searches (powered by Bing only), which means you don’t have to open a browser to do a search.

Cortana now makes full use of the space to the right of Start.

These advanced controls for peer-based updates are new in version 1709.

Windows Update has also evolved significantly in the two years since Windows 10’s initial release. When new updates are available, you’ll see an interactive toast notification that doesn’t interrupt whatever you’re doing now. In addition, the Windows Update display now offers detailed information about the status of individual updates, so you don’t have to wonder whether anything’s happening in the background.

The Delivery Optimization feature, which uses peer-to-peer networking to improve download performance of updates for Windows and Store apps, gets a much-needed set of advanced options that allow you to fine-tune the amount of bandwidth it’s allowed to use and also limit the total uploads on a monthly basis.

One of my favorite classic Windows features, Volume Mixer, has finally been updated to include Universal Windows Platform (UWP) apps, including Microsoft Edge and Groove Music. This option, accessible by right-clicking the speaker icon in the taskbar, lets you set the volume of each app independently without affecting the overall system volume.

UWP apps finally work with the Volume Mixer feature.

Another minor but welcome change is the addition of GPU performance information in Task Manager for systems with a discrete GPU.

The My People feature, which lets you pin icons for frequent correspondents to the taskbar, looks like a gimmick at first but in my experience has become incredibly useful. If you connect mail, calendar, and messaging accounts, it can show appointments, email messages, Skype conversations, and contact details in a scrolling window that’s available with a single click.

SETTINGS IMPROVEMENTS
The migration of Windows knobs and levers from Control Panel to the modern Settings app continues with this update. Here are a few noteworthy changes:

Settings > System > About has been reorganized and streamlined. Previously, the information displayed here was in a single long, scrolling list. The new arrangement organizes the information into three blocks, covering system health, device information, and Windows details.

Remote Desktop settings, which were scattered in several locations in earlier versions, now get a single home: Settings > System > Remote Desktop.

Remote Desktop options are now available in Windows 10 Settings.

The incredibly useful Magnifier tool, which eases eyestrain by allowing you to zoom in on text and objects, also gets its own top-level category in Settings > Ease Of Use.

SECURITY
The long list of improvements to the security architecture of Windows 10 starts with a momentous change. The horribly insecure SMBv1 protocol is being removed from clean installs of Windows 10. (The SMBv1 components will continue to be included on upgrades where they are already installed.)

Home and Professional editions have the SMBv1 server component uninstalled but keep the client software; Enterprise and Education editions have all SMBv1 components uninstalled.

As a side effect of that change, the legacy Computer Browser service is also being removed.

The Windows Defender Security Center, which was introduced in an earlier feature update, has two major additions. The first is Exploit Protection, which offers many of the mitigations that were previously part of the separate Enhanced Mitigation Experience Toolkit (EMET).

Most of the settings previously found in EMET are now here.

The Fall Creators Update also debuts an anti-ransomware feature called Controlled Folder Access, which is also available through the Windows Defender Security Center, under Virus & Threat Protection Settings. When this feature is enabled, only approved apps can access Windows system files and data folders. (You can customize the list of data folders and whitelist specific apps, using the instructions in this online documentation: Protect important folders with Controlled folder access.)

Finally, there’s Windows Defender Application Guard, a security feature that uses Hyper-V virtualization to create sandboxed browser sessions using Microsoft Edge. For now, this feature is available only in Windows 10 Enterprise edition.

HYPER-V
One of the single most useful features in the Professional and Enterprise editions of Windows 10 is Hyper-V. This extremely robust virtualization platform gets more than its share of attention in this release.

A new Virtual Machine Gallery should make it easier for task-focused users to create useful virtual machines without having to wade through a long series of technical settings. Currently, this gallery includes a preconfigured development environment running an evaluation version of Windows 10 Enterprise.

This one-click option to create a virtual machine is new in version 1709.

After you create a virtual machine, you can export it more easily as well, by clicking the new Share button and compressing its pieces into a .vmcz file that can be imported on another Hyper-V capable PC.

In a change of default settings, checkpoints are now on, allowing you to roll back any VM even if you forgot to create a checkpoint manually.

A new advanced feature worth noting is the addition of virtual battery support in Hyper-V. When this feature is enabled on a VM running on a battery-powered device, you can see your physical machine’s battery state inside a VM.

SMARTER STORAGE
It took much longer than it should have, but the OneDrive Files on Demand feature is now built into Windows. The settings take some getting used to (I’ll publish a tutorial later) but the results are worth it, with a much better way to work with large amounts of cloud storage on devices with minimal local storage.

fall-creators-update-onedrive-files-on-demand.jpg
Click the OneDrive icon to see whether File On Demand is enabled.

For those who use either the consumer version of OneDrive or the Office 365 OneDrive for Business feature, this is probably the single most important new feature in Windows 10.

Another unheralded feature in Windows 10 also gets some improvements in the Fall Creators Update. Storage Sense, which is designed to manage storage intelligently, has a new design and a few new settings.

You can now delete previous versions of Windows directly from Storage Sense instead of having to go to the legacy Disk Cleanup Manager utility.

In addition, you can now opt to automatically delete files that have been in your Downloads folder for 30 days without changes. This and other options are available in Settings > System > Storage > Change how we free up space.

EDGE’S INCREMENTAL EVOLUTION
Microsoft Edge, the default browser in Windows 10, is still unlikely to win over most Chrome users, but it’s steadily improving.

WINDOWS 10

With Surface Book 2, Microsoft shows off its vision of the PC’s future
New features galore, but don’t rush to install it
Five promised features that are missing (TechRepublic)
How Microsoft is thinking differently about hardware and software
How to download Fall Creators Update right now (CNET)
Setup and configuration tips: Don’t settle for default settings
Surface Book 2: Specs, pricing, availability
The biggest change in this update is a vastly improved interface for managing saved Favorites. You can now rename Favorites, edit their URLs, and work with folders directly without having to switch to a special editing mode. (The Edge design team must have been reading the comments on the Creators Update installment in this series.)

The ability to pin sites to the Windows taskbar, previously available in Windows 8, is back, but the implementation is frustratingly incomplete and will disappoint anyone who previously relied on this feature.

Microsoft is also determined to turn Edge into something more than just a web browser, as it’s beefed up PDF reading capabilities and added annotations form filling for PDF files. In addition, you can now add notes and annotations for digital books that you read in Edge.

ALTERNATIVE INPUT METHODS
One of the major selling points of Windows 10 devices (led by Microsoft’s own Surface line) is support for input from sources other than traditional keyboards and pointing devices.

Windows 10 already had some of the best handwriting input tools available on any platform, and this update adds some noteworthy improvements that are worth experimenting with if your PC includes a pen. In addition, Microsoft has improved the design of the touch keyboard to make it easier to use.

But the real news, and probably the single most important feature of this update, is the ability to enter emoji directly into a text box.

OK, I was kidding about this being the most important feature, but it certainly makes using Windows more fun. Press Windows key + period (or semicolon) to pop up an emoji box like the one shown here. Although it’s not immediately obvious, you can also begin typing a word to search for a particular emoji based on that term.

This pop-up emoji picker is available with a press of Windows key semicolon.

For those who’ve been part of the Windows Insider Program and have been following these builds, what are you looking forward to most?

PREVIOUS AND RELATED COVERAGE
Microsoft turns Windows 10 Fall Creators Update focus to ‘stabilization’ as of Build 16273

Microsoft’s latest Windows 10 Fall Creators Update Update test build, No. 16273, is almost entirely about bug fixes, as it closes in on ‘release to the world’ (RTW).

Here’s what you need to know before you repair, reinstall, or upgrade Windows 10, including details about activation and product keys.

Two years after its splashy debut, Windows 10 is now running on more than 500 million PCs worldwide. Was the upgrade worth it? Here’s my report card.

The Creators Update is heading to pretty much every PC, and many mobiles, that run Windows 10. However, the extent to which it matters depends on your priorities.”

Botnet Network Can Now Grab Your Desktop Screen

The security issues just keep coming!

This ransomware-spreading botnet will now screengrab your desktop too

ZDNet – Danny Palmer – “Attackers behind one of the world’s most notorious botnets have added another string to their bow, allowing them to take screenshots of the desktops of victims infected with malware.

Having previously been inactive for much of the first half of the year, the Necurs botnet has recently undergone a resurgence, distributing millions of malicious emails – large swathes of which have most recently been spreading Locky ransomware.

It’s also been known to deliver the Trickbot banking trojan, indicating the attackers behind it have their fingers in many pies.

But not happy with just that, wow those behind Necurs – a zombie army of over five million hacked devices – are also attaching a downloader with the functionality to gather telemetery from infected victims.

Uncovered by researchers at Symantec, the Necurs downloader can take screengrabs of infected machines and send them back to a remote server. It also contains an error-reporting feature which sends information back to the attackers on any issues the downloader encounters when performing its activities.

This functionality suggests the attackers are actively attempting to gather operational intelligence about the performance of their campaigns in much the same way legitimate software vendors collect crash reports in order to improve their products. However, in this case, the reports are designed to help the attackers spot problems and improve the chances of the malicious payload doing its job.

‘After all, you can’t count on the victims to report back errors and issues,’ note the researchers.

See also: What is phishing? How to protect yourself from scam emails and more

Like other Necurs campaigns, these attacks begin with a phishing email – this time using the lure of a phony invoice. If this attachment is opened, it’ll download a JavaScript which will in turn download a Locky or Trickbot payload, depending on the particular campaign.

Once loaded onto the system, the downloader also runs a PowerShell script that takes a screen grab and saves it to a file named ‘generalpd.jpg’ which is saved and uploaded to a remote server for further analysis by the attackers.

The last month or so has seen Necurs more active than at any point this year, with a high focus on distributing Locky, to such an extent that it’s almost reclaimed its crown as the king of ransomware.

In order to remain as protected as possible against threats distributed by the Necurs botnet, Symantec recommends security software, operating systems and other applications are always kept up to date and to be extremely suspicious of unsolicited emails – especially if they contain links or attachments.”

Dr. Bill.TV #419 – Video – “The Sad, Sorry (Sideways) Security Edition!”

Cryptocurrency miners infect Dr. Bill’s PC, Dr. Bill orders a Google Pixel 2 XL, Star Wars: The Last Jedi trailer, Nintendo NES Classic, Amazon’s waterproof Kindle, Severe flaw in WPA2, PIA VPN, Google adds antivirus to Chrome, Securi Firewall hacked.

Links that pertain to this Netcast:

TechPodcasts Network

International Association of Internet Broadcasters

Blubrry Network

Dr. Bill Bailey.NET

ChuckieDaniel.com and The Lifetrain Internet Radio Station

WOFR.org – Word of Faith Internet Radio


Start the Video Netcast in the Blubrry Video Player above by
clicking on the “Play” Button in the center of the screen.

(Click on the buttons below to Stream the Netcast in your “format of choice”)
Streaming M4V Audio





Streaming MP3 Audio

Streaming Ogg Audio

Download M4V Download WebM Download MP3 Download Ogg
(Right-Click on any link above, and select “Save As…” to save the Netcast on your PC.)

You may also watch the Dr. Bill.TV Show on these services!

 

Dr. Bill.TV on YouTube Dr. Bill.TV on Vimeo

 


Dr. Bill.TV #419 – Audio – “The Sad, Sorry (Sideways) Security Edition!”

Cryptocurrency miners infect Dr. Bill’s PC, Dr. Bill orders a Google Pixel 2 XL, Star Wars: The Last Jedi trailer, Nintendo NES Classic, Amazon’s waterproof Kindle, Severe flaw in WPA2, PIA VPN, Google adds antivirus to Chrome, Securi Firewall hacked.

Links that pertain to this Netcast:

TechPodcasts Network

International Association of Internet Broadcasters

Blubrry Network

Dr. Bill Bailey.NET

ChuckieDaniel.com and The Lifetrain Internet Radio Station

WOFR.org – Word of Faith Internet Radio


Start the Video Netcast in the Blubrry Video Player above by
clicking on the “Play” Button in the center of the screen.

(Click on the buttons below to Stream the Netcast in your “format of choice”)
Streaming M4V Audio





Streaming MP3 Audio

Streaming Ogg Audio

Download M4V Download WebM Download MP3 Download Ogg
(Right-Click on any link above, and select “Save As…” to save the Netcast on your PC.)

You may also watch the Dr. Bill.TV Show on these services!

 

Dr. Bill.TV on YouTube Dr. Bill.TV on Vimeo

 


GoDaddy Securi Web Firewall Hacked!

Man! I use Securi on my sites too! Ack!

This bug let a researcher bypass GoDaddy’s site security tool

ZDNet – By: Zack Whittaker – “A widely used security tool owned by web hosting provider GoDaddy, designed to prevent websites from being hacked, was easily bypassed, putting websites at risk of data theft.

The company’s website application firewall (WAF), provided by Sucuri and acquired by GoDaddy earlier this year, protects websites against a range of attacks by adding an extra layer of security to a website to protect against cross-site scripting and SQL injection techniques.

But a security researcher told ZDNet that the firewall would let through some commands, allowing him to gain access to vulnerable databases behind the scenes. That, he said, put sites at risk of data theft.

Touseef Gul was able to bypass the firewall with a relatively simple SQL injection string, which he showed to ZDNet but we’re not publishing. SQL injection attacks can be launched from the web browser’s address bar. If the attack is successful it will display a list of database tables on the website itself. Where he was expecting to receive an ‘access denied’ message, the firewall let the command through and returned a list of tables from the target website’s database. He was also able to obtain the database’s admin account and MD5 hashed password, which nowadays is easily crackable.

What surprised the researcher, he said, was how easy the firewall was to bypass.

He gave an example of part of the code he used. He said that while the firewall would block a common command used in SQL injections, such as ‘UNION SELECT,’ a modified, encoded version of the same command — such as ‘UNION SELE%63T’ (where %63 is an encoded ‘C’) — was not blocked by the filter.

For its part, GoDaddy said it patched the bug within a day of the security researcher’s private disclosure to the company.

‘In reviewing this situation, it appears someone was able to find a vulnerable website and manipulate their requests to temporarily bypass our WAF,’ said Daniel Cid, GoDaddy’s vice-president of engineering.

‘Within less than a day, our systems were able to pick up this attempt and put a stop to it,’ he said.

Cid said the company is ‘not aware of other customers’ impacted by the bypass, but wouldn’t say how many websites were at risk of the bypass technique.

Lesley Carhart, a digital forensics and incident response specialist, explained that web application firewalls mimic the behavior of antivirus products rather than a traditional firewall.

‘In a lot of ways web attacks are way harder to firewall than traffic in and out of a network,’ said Carhart. ‘You can deny almost everything at a network firewall or host firewall.’

‘Web traffic filtering relies more on blacklisting bad stuff using signatures than whitelisting slews of unneeded ports and protocols like traditional firewalls,’ she added.

Web application firewalls block attacks on sites running web applications that are already vulnerable to attacks, like out-of-date content management systems, like WordPress or Joomla, she explained.”

‘In principle, it’s a great move to add another layer of defense to sites, but it should never be mistaken for or implied to be a replacement for secure coding,’ she said.”

Google Further Secures Chrome on Windows!

This is GREAT NEWS!

Google just added these antivirus features to Chrome for Windows

ZDNet – By: Liam Tung – “Google has introduced three changes to Chrome for Windows to improve the browser’s malware detection and removal capabilities.

The company is targeting malware and malicious extensions that modify search results to redirect users to unintended pages, inject ads, and lock users on ad-filled sites.

The new security features for Chrome on Windows are an addition to existing defenses, such as Safe Browsing warnings for pages known to deliver malware.

Google is now clamping down on Chrome extensions that change user settings, such as the default search engine. The browser will automatically detect when an unauthorized change is made and offers to restore the original settings.

It has also redesigned Chrome’s Cleanup feature which offers a shortcut to restoring the browser’s default settings after an infection. It shows an alert when the browser detects unwanted software and offers a way to remove it. Chrome users have previously been able to use the standalone Chrome Cleanup Tool to remove harmful software. Google says it redesigned the alerts to make it easier to see what software will be removed.

Chrome Cleanup has also gained a malware detection engine from antivirus firm ESET, which works in tandem with Chrome’s sandbox technology.

This integration of the new ‘sandboxed engine’ doesn’t replace antivirus on Windows as it only targets and removes software that violates Google’s unwanted software policy. However the policy covers a variety of bad behaviors, from deceptive installs to spyware. It also mean that Chrome can detect and remove more unwanted software than previously.

Google estimates the new security features will help ‘tens of millions’ of Chrome users clear up security problems in the next few days.”

This is Bad! Wifi Has Been Compromised!

Stay tuned on this one!

Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Ars Technica – Dan Gooden = “An air of unease set into the security circles on Sunday as they prepared for the disclosure of high-severity vulnerabilities in the Wi-Fi Protected Access II protocol that make it possible for attackers to eavesdrop Wi-Fi traffic passing between computers and access points.

The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks. The research has been a closely guarded secret for weeks ahead of a coordinated disclosure that’s scheduled for 8 a.m. Monday, east coast time. An advisory the US CERT recently distributed to about 100 organizations described the research this way:

US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.

According to a researcher who has been briefed on the vulnerability, it works by exploiting a four-way handshake that’s used to establish a key for encrypting traffic. During the third step, the key can be resent multiple times. When it’s resent in certain ways, a cryptographic nonce can be reused in a way that completely undermines the encryption.

A Github page belonging to one of the researchers and a separate placeholder website for the vulnerability used the following tags:

WPA2
KRACK
key reinstallation
security protocols
network security, attacks
nonce reuse
handshake
packet number
initialization vector

Researchers briefed on the vulnerabilities said they are indexed as: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088. One researcher told Ars that Aruba and Ubiquiti, which sell wireless access points to large corporations and government organizations, already have updates available to patch or mitigate the vulnerabilities.

The vulnerabilities are scheduled to be formally presented in a talk titled Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 scheduled for November 1 at the ACM Conference on Computer and Communications Security in Dallas. It’s believed that Monday’s disclosure will be made through the site krackattacks.com. The researchers presenting the talk are Mathy Vanhoef and Frank Piessens of KU Leuven and imec-DistriNet, Maliheh Shirvanian and Nitesh Saxena of the University of Alabama at Birmingham, Yong Li of Huawei Technologies in Düsseldorf, Germany, and Sven Schäge of Ruhr-Universität Bochum in Germany. The researchers presented this related research in August at the Black Hat Security Conference in Las Vegas.

The vast majority of existing access points aren’t likely to be patched quickly, and some may not be patched at all. If initial reports are accurate that encryption bypass exploits are easy and reliable in the WPA2 protocol, it’s likely attackers will be able to eavesdrop on nearby Wi-Fi traffic as it passes between computers and access points. It might also mean it’s possible to forge Dynamic Host Configuration Protocol settings, opening the door to hacks involving users’ domain name service.

It wasn’t possible to confirm the details reported in the CERT advisory or to assess the severity at the time this post was going live. If eavesdropping or hijacking scenarios turn out to be easy to pull off, people should avoid using Wi-Fi whenever possible until a patch or mitigation is in place. When Wi-Fi is the only connection option, people should use HTTPS, STARTTLS, Secure Shell and other reliable protocols to encrypt Web and e-mail traffic as it passes between computers and access points. As a fall-back users should consider using a virtual private network as an added safety measure, but users are reminded to choose their VPN providers carefully, since many services can’t be trusted to make users more secure. This post will be updated as more information becomes available.”

Now You Can Read a Kindle in the Tub?

If you want to…

Amazon finally makes a waterproof Kindle, after 10 years of Kindles

The Verge – By: Lauren Goode – “Amazon has been selling Kindles for 10 years now, but “waterproof” hasn’t appear on its list of incremental technological advancements until now. The company just announced a new version of its popular e-reader that builds on last year’s Kindle design and now has an IPX8 waterproof rating.

The new Kindle Oasis — the same name as last year’s premium Kindle — has jumped up in size, moving from a 6-inch screen to a 7-inch screen. It has an aluminum back, which gives it a more premium look and feel than the Kindles with soft-touch plastic.

Unlike last year’s Kindle Oasis, which used a magnetic case you attached to the e-reader to extend its battery life, the new Oasis relies entirely on its built-in battery. It has a similar physical design, with one thicker side that tapers down on the other side, for one-handed reading. But Amazon has made a point of saying that it managed to fit in a bigger battery, while keeping the tapered side of the device at 3.4 millimeters.

The resolution of the e-paper display is the same at 300 ppi, but it has a couple extra LED lights now for a brighter, more even-looking display. And it also has ambient light sensors that adjust the brightness as you move from room to room, or from outdoors to indoors. (The earlier Voyage Kindle does this, too.)

There are physical page-turn buttons, plus the touchscreen page-turn option; Amazon says it’s worked on both the hardware and software side of things to make page-turning feel faster.

But the big news with the upgraded Oasis is its waterproofing, a long-requested feature from some Kindle fans. (Yes, last year’s model was called Oasis and wasn’t waterproofed.) The new e-reader has been tested in two meters of water for up to 60 minutes. It’s also been tested in different water environments, like hot tubs, pools, and bubble baths. Amazon declined to say how it waterproofed the Kindle, but since it still has an open USB port for charging, it’s recommending that people stand the Kindle upright after it’s been submerged.

The proof is in the pouring: the Oasis’ waterproofing gets a quick test. Audible fans will be happy, as well: the new Oasis has a built-in Audible app. This doesn’t mean you can listen to Audible from the Kindle itself — it still doesn’t have any speakers — but you can start an audio book from the device and stream it over Bluetooth to a set of headphones or a speaker.

The new Oasis ships at the end of October and is replacing last year’s Oasis, leaving four Kindles total in Amazon’s lineup: the original Kindle ($80), the Kindle Paperwhite ($120), Kindle Voyage ($200), and the Oasis, which starts at $250 for an 8GB model. That’s double the base storage of previous Kindles, which Amazon says is to accommodate the storage of audio books. It also connects over both Wi-Fi and 4G LTE.

Amazon has been notoriously coy when it comes to saying how many units of Kindle it has sold — which was the first piece of hardware Amazon ever made and sold — but Kevin Keith, Amazon’s general manager of devices, said in an interview that sales are still “quite good,” with “tens of millions” sold. He also noted that Kindle is in more countries than any other Amazon device.

‘Kindle’ has indeed become synonymous with ‘e-reader’ over the past decade, but that doesn’t necessarily mean Amazon will enjoy the same kind of Kindle success over the next 10 years. In 2016, data showed that ebook sales were down, while sales of physical books surged. And in 2015, a Pew research report on American device ownership showed that e-reader ownership was down significantly from the year prior. According to non-Amazon data, it seems to have reached its peak in 2011.

But a spokesperson for Amazon said that Kindle is still as ‘relevant as ever,’ pointing out that Kindle sales are up year-over-year globally and that it had its best-selling day ever on Prime Day of this year.

For now, at least, there’s a new Kindle you can drop in the bath, the hot tub, or wherever else you enjoy your ebooks when you need a break from the internet.

Update: This article has been updated to include more context on Kindle sales from Amazon. Also, the price of the new Kindle was reported incorrectly in an earlier version of this article. The story has been updated to reflect that it is listed as $249.99 ($250), not $248.”

A Good Deal for Classic Gamers!

Nintendo Classic NES

It’s baaack!

Nintendo bringing back NES Classic Edition in 2018

Polygon – by: Michael McWhertor – “Nintendo’s NES Classic Edition mini console is coming back. Nintendo said in a release today that last year’s popular but hard to find miniature version of the Nintendo Entertainment System will return to store shelves next summer.

New shipments of the NES Classic Edition will be welcome news for fans, as Nintendo released the console in limited supply for a very short window. That was always the plan, Nintendo said, but clearly continued demand for the 8-bit system has changed the company’s mind.

Nintendo also said, officially, that it plans to release more Super NES Classic Edition consoles, its miniaturized version of the Super Nintendo Entertainment System, than originally planned. “Fans have shown their unbridled enthusiasm for these Classic Edition systems, so Nintendo is working to put many more of them on store shelves,” Nintendo said in a release.

Earlier this week, Nintendo of America president Reggie Fils-Aime said in an interview that the Super NES Classic Edition will be more readily available than its 8-bit predecessor.

“I would strongly urge you not to over-bid on an SNES Classic on any of the auction sites,” he told the Financial Times, adding that Nintendo had “dramatically increased” production of the SNES Classic.

Nintendo has promised since it announced the Super NES Classic Edition that it intends to make “significantly more” retro consoles than it did during the NES Classic Edition’s lifespan. But actually pre-ordering and guaranteeing one of the systems has been a headache for consumers, and Nintendo had only committed to manufacturing the Super NES Classic Edition through the end of 2017, leading to worries that the retro system would be hard to find.

The Super NES Classic Edition will include 21 games for Nintendo’s 16-bit console, including Super Mario World, The Legend of Zelda: A Link to the Past, Star Fox 2 and Super Metroid. The system will launch Sept. 29 for $79.99.

The NES Classic Edition, which was originally released in November 2016, included 30 classic 8-bit games. The system originally retailed for $59.99.”

1 2