An anonymous reader quotes a report from 404 Media: Google search really has been taken over by low-quality SEO spam, according to a new, year-long study by German researchers (PDF). The researchers, from Leipzig University, Bauhaus-University Weimar, and the Center for Scalable Data Analytics and Artificial Intelligence, set out to answer the question "Is Google Getting Worse?" by studying search results for 7,392 product-review terms across Google, Bing, and DuckDuckGo over the course of a year. They found that, overall, "higher-ranked pages are on average more optimized, more monetized with affiliate marketing, and they show signs of lower text quality ... we find that only a small portion of product reviews on the web uses affiliate marketing, but the majority of all search results do."

They also found that spam sites are in a constant war with Google over the rankings, and that spam sites will regularly find ways to game the system, rise to the top of Google's rankings, and then will be knocked down. "SEO is a constant battle and we see repeated patterns of review spam entering and leaving the results as search engines and SEO engineers take turns adjusting their parameters," they wrote. They note that Google, Bing, and DuckDuckGo are regularly tweaking their algorithms and taking down content that is outright spam, but that, overall, this leads only to "a temporary positive effect."

"Search engines seem to lose the cat-and-mouse game that is SEO spam," they write. Notably, Google, Bing, and DuckDuckGo all have the same problems, and in many cases, Google performed better than Bing and DuckDuckGo by the researchers' measures. The researchers warn that this rankings war is likely to get much worse with the advent of AI-generated spam, and that it genuinely threatens the future utility of search engines: "the line between benign content and spam in the form of content and link farms becomes increasingly blurry -- a situation that will surely worsen in the wake of generative AI. We conclude that dynamic adversarial spam in the form of low-quality, mass-produced commercial content deserves more attention."

Google Maps is about to get better at showing directions inside tunnels. A new feature spotted by SmartDroid allows the Android version of the app to use Bluetooth beacons to track your location in areas where GPS signals typically can't reach. The Verge: These beacons transmit Bluetooth signals that give location data to your phone, according to the Google-owned Waze, which already supports the feature. The app then uses this information along with the device's mobile connectivity to "provide real-time traffic data as it would with a typical GPS connection."

Android Authority combed through the code of Edge browser (for Android) to find what may be hints for things to come to Copilot: Microsoft has offered its Copilot AI service (formerly Bing Chat) on mobile devices for a while. The service has long been free to use, allowing you to speak to a chatbot, generate AI images, and more. Now, recent Edge browser updates for Android hint at a so-called Copilot Pro option. [...] But what should you expect from this Pro tier? Fortunately, a string also mentions Copilot Pro perks. This includes access to the latest AI models, priority access for quicker answers, and "high-quality" image generation. Update: Microsoft has officially launched Copilot Pro. The subscription provides access to AI-powered features inside Office apps like Word, Excel, and PowerPoint alongside priority access to the latest OpenAI models, and the ability to build your own Copilot GPT.

With subsidiaries like WebMD and CarsDirect, the digital media company "Internet Brands" has over 5,000 employees — and 20 offices in expensive locations like Seattle, San Francisco, Chicago, and New York City.

Their solution? Create a cheery corporate video on the company's Vimeo account announcing a new (non-negotiable) hybrid return-to-office policy.

SFGate.com calls it "the return-to-office fight's most bizarre corporate messaging yet." Executives from Internet Brands' internet brands are so wide-eyed and declarative, they appear to be at their breaking point in wanting more workers at the office. "Too big of a group hasn't returned," CEO Bob Brisco complains, near the video's opening. The vehicle to deliver that message has it all: rapid jump cuts, odd sound mixing and executives clearly reading their lines from teleprompters. There's plainly faked office b-roll and the obvious use of green screens. There's even some enthusiastic (and awkward) sashaying to the New Orleans classic "Iko Iko" — one wonders if participating employees received compensation.
Interestingly, "Iko Iko" is a song about a collision between two rival tribes, which opens with a threat to "set your flag on fire." But subtitles on the video translate the song's Creole patois word "Jockamo" into the corporate-positive phrase "we mean business." It's like the executives started their brainstorming session by watching 12 music videos, an iMovie editing tutorial and the entirety of "The Office" Season 1. Mixed in with the corporate b-roll of a copy machine spitting out paper and a too-loud video of a hand crushing a Dr. Pepper can, the company's executives sketch out the vibe of a return-to-office plan — though no specifics.
The video ends with CEO Bob Brisco thanking the team, before gently adding "I want to leave you with this. We aren't asking or negotiating at this point. We're informing, of how we need to work together going forward....

"Thank you, in advance, for your help."

The video has since started going viral on Reddit's "Work Reform" subreddit, with a headline calling it a "bizarre and cringe video mocking working from home and threatening employees who continue to avoid the office." (This take drew 1,300 upvotes, and 241 comments, like " 'By the way this is a threat' is a nice way to end it.")

Footage of at least some of the executives was clearly just spliced in front of still photos showing what offices look like. But besides the wooden delivery, what really struck me is how generic all the words were:

• "Working together face-to-face helps us create ideas, faster, and better."

• "We're able to collaborate, and help each other to be better leaders."

• "We're better when we're together, and we need to be our best — to crush our competition." [Footage of the word "competition" being erased from a whiteboard. And then, of someone crushing a Dr. Pepper can...]

jd (Slashdot reader #1,658) shared this story from BleepingComputer. The article notes that "Multiple implementations of the Kyber key encapsulation mechanism for quantum-safe encryption, are vulnerable to a set of flaws collectively referred to as KyberSlash, which could allow the recovery of secret keys."

jd explains that Crystals-Kyber "was chosen to be the U.S. government's post-quantum cryptography system of choice last year, but a side-channel attack has been identified. But in the article, NIST says that this is an implementation-specific attack (the reference implementation) and not a vulnerability in Kyber itself."

From the article: CRYSTALS-Kyber is the official implementation of the Kyber key encapsulation mechanism (KEM) for quantum-safe algorithm (QSA) and part of the CRYSTALS (Cryptographic Suite for Algebraic Lattices) suite of algorithms. It is designed for general encryption... The KyberSlash flaws are timing-based attacks arising from how Kyber performs certain division operations in the decapsulation process, allowing attackers to analyze the execution time and derive secrets that could compromise the encryption. If a service implementing Kyber allows multiple operation requests towards the same key pair, an attacker can measure timing differences and gradually compute the secret key...

In a KyberSlash1 demo on a Raspberry Pi system, the researchers recovered Kyber's secret key from decryption timings in two out of three attempts...

On December 30, KyberSlash2 was patched following its discovery and responsible reporting by Prasanna Ravi, a researcher at the Nanyang Technological University in Singapore, and Matthias Kannwischer, who works at the Quantum Safe Migration Center.

Long-time Slashdot reader Geoffrey.landis writes: Hundreds of British postal workers wrongly convicted of theft due to faulty accounting software could have their convictions reversed, according to a story from the BBC. Between 1999 and 2015, the Post Office prosecuted 700 sub-postmasters and sub-postmistresses — an average of one a week — based on information from a computer system called Horizon, after faulty software wrongly made it look like money was missing. Some 283 more cases were brought by other bodies including the Crown Prosecution Service.
2024 began with a four-part dramatization of the scandal airing on British television, and the BBC reporting today that its reporters originally investigating the story confronted "lobbying, misinformation and outright lies."

Yet the Guardian notes that to this day in English and Welsh law, computers are still assumed to be "reliable" unless and until proven otherwise. But critics of this approach say this reverses the burden of proof normally applied in criminal cases. Stephen Mason, a barrister and expert on electronic evidence, said: "It says, for the person who's saying 'there's something wrong with this computer', that they have to prove it. Even if it's the person accusing them who has the information...."

He and colleagues had been expressing alarm about the presumption as far back as 2009. "My view is that the Post Office would never have got anywhere near as far as it did if this presumption wasn't in place," Mason said... [W]hen post office operators were accused of having stolen money, the hallucinatory evidence of the Horizon system was deemed sufficient proof. Without any evidence to the contrary, the defendants could not force the system to be tested in court and their loss was all but guaranteed.

The influence of English common law internationally means that the presumption of reliability is widespread. Mason cites cases from New Zealand, Singapore and the U.S. that upheld the standard and just one notable case where the opposite happened... The rise of AI systems made it even more pressing to reassess the law, said Noah Waisberg, the co-founder and CEO of the legal AI platform Zuva.
Thanks to Slashdot reader Bruce66423 for sharing the article.

Longtime Slashdot reader Plugh shares a report from Daily Security Review: A Ukrainian hacker group [...] carried out a destructive attack on the servers of a Moscow-based internet provider to take revenge for Kyivstar cyberattack. The group, known as Blackjack, successfully hacked into the systems of M9com, causing extensive damage by deleting terabytes of data. Numerous residents in Moscow experienced disruptions in their internet and television services. Additionally, the Blackjack hacker group has issued a warning of a potentially larger attack in the near future.

Based on the information provided by Ukrinform, the cyber attack on M9com deleted approximately 20 terabytes of data. The attack targeted various critical services of the company, including its official website, mail server, and cyber protection services. Furthermore, the hackers managed to access and download over 10 gigabytes of data from M9com's mail server and client databases. To make matters worse, they made this stolen information publicly accessible via the Tor browser. [...]

Based on the nature of the attack on M9com, it appears that when the hackers hit Moscow, they were able to gain access to the back-end operations of the company. This allowed them to effectively delete data from the servers, similar to what occurred in the Kyivstar incident. It is worth noting that this type of attack, which involves directly targeting and compromising the servers, is less common compared to the more frequently observed distributed denial-of-service (DDoS) attacks. DDoS attacks overwhelm a system by inundating it with automated requests, causing the service to become inaccessible.

Ubisoft's Prince of Persia: The Lost Crown launches next week, but players are likely to encounter an amusing bug as they make their way through the game. Engadget: One of the game's NPCs is voiced by a text-to-speech program, complete with the slightly robotic tones we've come to associate with these services. It's not quite Siri or Alexa, but it's close and certainly doesn't fit the game's Persian-inspired setting. The NPC-in-question is a tree spirit named Kalux and seems to be voiced by a TTS program that's available online for free and typically used by streamers.

This isn't an "AI is coming for your jobs" type thing, but rather a mistake on Ubisoft's part, as each and every other NPC is attached to a voice actor. IGN notes that Kalux doesn't have a voice actor in the credits. Additionally, Kalux only has a few lines, so it likely won't be a tough fix to assign an actor to deliver that dialogue. Ubisoft has readied a day-one patch, but it won't handle the Kalux issue. Look for another patch in late January or early February that replaces the bot with a human.

An anonymous reader quotes a report from SecurityWeek.com: A Dutch engineer recruited by the country's intelligence services used a water pump to deploy the now-infamous Stuxnet malware in an Iranian nuclear facility, according to a two-year investigation conducted by Dutch newspaper De Volkskrant. Stuxnet, whose existence came to light in 2010, is widely believed to be the work of the United States and Israel, its goal being to sabotage Iran's nuclear program by compromising industrial control systems (ICS) associated with nuclear centrifuges. The malware, which had worm capabilities, is said to have infected hundreds of thousands of devices and caused physical damage to hundreds of machines.

De Volkskrant's investigation, which involved interviews with dozens of people, found that the AIVD, the general intelligence and security service of the Netherlands, the Dutch equivalent of the CIA, recruited Erik van Sabben, a then 36-year-old Dutch national working at a heavy transport company in Dubai. Van Sabben was allegedly recruited in 2005 -- a couple of years before the Stuxnet malware was triggered -- after American and Israeli intelligence agencies asked their Dutch counterpart for help. However, the Dutch agency reportedly did not inform its country's government and it was not aware of the full extent of the operation. Van Sabben was described as perfect for the job as he had a technical background, he was doing business in Iran and was married to an Iranian woman.

It's believed that the Stuxnet malware was planted on a water pump that the Dutch national installed in the nuclear complex in Natanz, which he had infiltrated. It's unclear if Van Sabben knew exactly what he was doing, but his family said he appeared to have panicked at around the time of the Stuxnet attack. [...] Michael Hayden, who at the time was the chief of the CIA, did agree to talk to De Volkskrant, but could not confirm whether Stuxnet was indeed delivered via water pumps due to it still being classified information. One interesting piece of information that has come to light in De Volkskrant's investigation is that Hayden reportedly told one of the newspaper's sources that it cost between $1 and $2 billion to develop Stuxnet.

An anonymous reader writes: Millions of dollars have gone down the drain right when the Chicago Public Schools face a looming budget deficit -- as a brand-new CPS Inspector General report revealed the district lost thousands of computers and devices in a school year. In all, more than $20 million were lost -- as about students failed to return 77,505 laptops and other electronic devices within a year. This is even though the district spends millions to track such devices. The underlying concern is that taxpayer dollars will be used to replace them.

prisoninmate shares a report: Originally released on November 12th, 2017, the long-term supported (LTS) Linux 4.14 kernel series has now reached its end of supported life after being maintained for more than six years. Renowned kernel developer Greg Kroah-Hartman announced today on the Linux kernel mailing list the release of Linux 4.14.336 as what appears to be the last maintenance update to the long-term supported Linux 4.14 kernel series, which is now marked as EOL (End of Life) on the kernel.org website. "This is the LAST 4.14.y kernel to be released. It is now officially end-of-life. Do NOT use this kernel version anymore, please move to a newer one, as shown on the kernel.org releases page," said Greg Kroah-Hartman. "If you are stuck at this version due to a vendor requiring it, go get support from that vendor for this obsolete kernel tree, as that is what you are paying them for."

Previously unknown self-replicating malware has been infecting Linux devices worldwide, installing cryptomining malware using unusual concealment methods. The worm is a customized version of Mirai botnet malware, which takes control of Linux-based internet-connected devices to infect others. Mirai first emerged in 2016, delivering record-setting distributed denial-of-service attacks by compromising vulnerable devices. Once compromised, the worm self-replicates by scanning for and guessing credentials of additional vulnerable devices. While traditionally used for DDoS attacks, this latest variant focuses on covert cryptomining. ArsTechnica adds: On Wednesday, researchers from network security and reliability firm Akamai revealed that a previously unknown Mirai-based network they dubbed NoaBot has been targeting Linux devices since at least last January. Instead of targeting weak telnet passwords, the NoaBot targets weak passwords connecting SSH connections. Another twist: Rather than performing DDoSes, the new botnet installs cryptocurrency mining software, which allows the attackers to generate digital coins using victims' computing resources, electricity, and bandwidth. The cryptominer is a modified version of XMRig, another piece of open source malware. More recently, NoaBot has been used to also deliver P2PInfect, a separate worm researchers from Palo Alto Networks revealed last July.

Akamai has been monitoring NoaBot for the past 12 months in a honeypot that mimics real Linux devices to track various attacks circulating in the wild. To date, attacks have originated from 849 distinct IP addresses, almost all of which are likely hosting a device that's already infected. The following figure tracks the number of attacks delivered to the honeypot over the past year.

According to Bloomberg, Apple's AirDrop feature has been cracked by a Chinese state-backed institution to identify senders who share "undesirable content". MacRumors reports: AirDrop is Apple's ad-hoc service that lets users discover nearby Macs and iOS devices and securely transfer files between them over Wi-Fi and Bluetooth. Users can send and receive photos, videos, documents, contacts, passwords and anything else that can be transferred from a Share Sheet. Apple advertises the protocol as secure because the wireless connection uses Transport Layer Security (TLS) encryption, but the Beijing Municipal Bureau of Justice (BMBJ) says it has devised a way to bypass the protocol's encryption and reveal identifying information.

According to the BMBJ's website, iPhone device logs were analyzed to create a "rainbow table" which allowed investigators to convert hidden hash values into the original text and correlate the phone numbers and email accounts of AirDrop content senders. The "technological breakthrough" has successfully helped the public security authorities identify a number of criminal suspects, who use the AirDrop function to spread illegal content, the BMBJ added. "It improves the efficiency and accuracy of case-solving and prevents the spread of inappropriate remarks as well as potential bad influences," the bureau added.

It is not known if the security flaw in the AirDrop protocol has been exploited by a government agency before now, but it is not the first time a flaw has been discovered. In April 2021, German researchers found that the mutual authentication mechanism that confirms both the receiver and sender are on each other's address book could be used to expose private information. According to the researchers, Apple was informed of the flaw in May of 2019, but did not fix it.

Asus is back with another Zenbook Duo, the latest $2,161 device in its range of dual-screened laptops. But rather than including a small secondary display above this laptop's keyboard like previous Duos, the revamped version for 2024 has two equally sized 14-inch screens. The Verge has more: They're both OLED, with resolutions of up to 2880 x 1800, aspect ratios of 16:10, and a maximum refresh rate of 120Hz. Between them, they offer a total of 19.8 inches of usable screen real estate. It's a similar approach to the one Lenovo took with last year's dual-screen Yoga Book 9i, albeit with a couple of tweaks. Like Lenovo, Asus gives you a choice of typing on the lower touchscreen via a virtual keyboard or by using a detachable physical Bluetooth keyboard. But what's different here is that Asus' keyboard has a trackpad built in, so you don't have to use it in combination with an on-screen trackpad.

Asus envisages you using the new Zenbook Duo in a few different configurations. There's a standard laptop mode, where the bottom screen is entirely covered by a traditional keyboard and trackpad. Or you can rest the keyboard on your desk and have the two screens arranged vertically for "Dual Screen" mode or horizontally for "Desktop" mode. Finally, there's "Sharing" mode, which has you ditch the keyboard entirely and lay the laptop down on a flat surface with both its screens facing up and away from each other, presumably so you can share your work with a colleague sitting across the desk from you. Naturally, having launched a year later than its competitor, the Asus Zenbook Duo is also packed with more modern hardware. It can be specced with up to an Intel Core Ultra 9 185H processor and 32GB of RAM, up to 2TB of storage, and a 75Wh battery. Connectivity includes two Thunderbolt 4 ports, a USB-A port, HDMI out, and a 3.5mm jack, and the laptop can be used with Asus' stylus.

Amazon introduced a new feature that mimics Apple's AirPlay while working across different platforms, setting the stage for iPhone and Android users to wirelessly stream video to its TV hardware. From a report: The feature, called Matter Casting, is part of a push by Amazon to create interoperable services -- an alternative to the propriety technology developed by Apple and Google. It will make it easier for iOS and Android phones to send video to Amazon devices, such as its Fire TV boxes and sticks, as well as the Echo Show 15 smart display. [...] The feature will work with a range of other video services, including Plex, Pluto TV, Sling TV, Starz and ZDF, Amazon said.

With Apple's Vision Pro VR/AR headset set to go on sale on February 2, we're starting to see more details about the app requirements. From a report: The company has released guidelines for visionOS developers planning to release apps and there's one strange caveat. It would rather developers don't use the terms AR and VR when referring to Vision Pro apps, but rather call them "spatial computing apps," according to the developer page.

"Spatial computing: Refer to your app as a spatial computing app. Don't describe your app experience as augmented reality (AR), virtual reality (VR), extended reality (XR), or mixed reality (MR)," the company states. The headset itself should be called "Apple Vision Pro" with three uppercase words, while "visionOS begins with a lowercase v, even when it's the first word in a sentence." The terms should never be translated or transliterated, Apple added.

According to an analysis of U.S. Bureau of Labor Statistics data, the U.S. added a mere 700 IT jobs compared to 267,000 the year prior. The Register reports: Yet while layoffs have generally kept IT job growth flat for the past year (2023's net 700 comes despite more than 21,000 IT jobs being created in Q4), there's still a surplus of vacant roles, with [tech consultancy Janco Associates] finding some 88,000 remain open. "Based on our analysis, the IT job market and opportunities for IT professionals are poor at best," said Janco CEO M Victor Janulaitis. "Currently, there are almost 100K unfilled jobs with over 101K unemployed IT Pros -- a skills mismatch."

In other words, while we're definitely dealing with correction from pandemic overhiring, we're also wading into a new paradigm where a lot of tech talent is going to have to retrain because AI is being crammed wherever C-level employees can stick it. Much of the layoff debt to hit IT jobs have come to entry-level positions, especially those in the customer service telecommunications and hosting automation areas. In turn, some of the responsibilities of those jobs are being reassigned to the latest and greatest AIs, says Janco.

According to the tech consultancy, entry-level IT demand is shrinking, though demand for those with AI, security, development, and blockchain skills remain desired. "Artificial Intelligence and Machine Learning IT Professionals remain in high demand," said Janulaitis. Still, plans to further replace humans with AI workers at the entry level are hardly far-fetched, with multiple reports finding much the same. [...] Those caught up by this year's tech layoffs seem to have a simple solution on their hands, as far as Janco's data suggests: Retrain for AI. Problem solved ... until the next big thing comes along.

An anonymous reader quotes a report from Reuters: Russian hackers were inside Ukrainian telecoms giant Kyivstar's system from at least May last year in a cyberattack that should serve as a "big warning" to the West, Ukraine's cyber spy chief told Reuters. The hack, one of the most dramatic since Russia's full-scale invasion nearly two years ago, knocked out services provided by Ukraine's biggest telecoms operator for some 24 million users for days from Dec. 12. In an interview, Illia Vitiuk, head of the Security Service of Ukraine's (SBU) cybersecurity department, disclosed exclusive details about the hack, which he said caused "disastrous" destruction and aimed to land a psychological blow and gather intelligence. "This attack is a big message, a big warning, not only to Ukraine, but for the whole Western world to understand that no one is actually untouchable," he said. He noted Kyivstar was a wealthy, private company that invested a lot in cybersecurity.

The attack wiped "almost everything", including thousands of virtual servers and PCs, he said, describing it as probably the first example of a destructive cyberattack that "completely destroyed the core of a telecoms operator." During its investigation, the SBU found the hackers probably attempted to penetrate Kyivstar in March or earlier, he said in a Zoom interview on Dec. 27. "For now, we can say securely, that they were in the system at least since May 2023," he said. "I cannot say right now, since what time they had ... full access: probably at least since November." The SBU assessed the hackers would have been able to steal personal information, understand the locations of phones, intercept SMS-messages and perhaps steal Telegram accounts with the level of access they gained, he said. A Kyivstar spokesperson said the company was working closely with the SBU to investigate the attack and would take all necessary steps to eliminate future risks, adding: "No facts of leakage of personal and subscriber data have been revealed."

Investigating the attack is harder because of the wiping of Kyivstar's infrastructure. Vitiuk said he was "pretty sure" it was carried out by Sandworm, a Russian military intelligence cyberwarfare unit that has been linked to cyberattacks in Ukraine and elsewhere. A year ago, Sandworm penetrated a Ukrainian telecoms operator, but was detected by Kyiv because the SBU had itself been inside Russian systems, Vitiuk said, declining to identify the company. The earlier hack has not been previously reported. Vitiuk said SBU investigators were still working to establish how Kyivstar was penetrated or what type of trojan horse malware could have been used to break in, adding that it could have been phishing, someone helping on the inside or something else. If it was an inside job, the insider who helped the hackers did not have a high level of clearance in the company, as the hackers made use of malware used to steal hashes of passwords, he said. Samples of that malware have been recovered and are being analysed, he added.

Dan Goodin reports via Ars Technica: Software maker Ivanti is urging users of its end-point security product to patch a critical vulnerability that makes it possible for unauthenticated attackers to execute malicious code inside affected networks. The vulnerability, in a class known as a SQL injection, resides in all supported versions of the Ivanti Endpoint Manager. Also known as the Ivanti EPM, the software runs on a variety of platforms, including Windows, macOS, Linux, Chrome OS, and Internet of Things devices such as routers. SQL injection vulnerabilities stem from faulty code that interprets user input as database commands or, in more technical terms, from concatenating data with SQL code without quoting the data in accordance with the SQL syntax. CVE-2023-39336, as the Ivanti vulnerability is tracked, carries a severity rating of 9.6 out of a possible 10.

"If exploited, an attacker with access to the internal network can leverage an unspecified SQL injection to execute arbitrary SQL queries and retrieve output without the need for authentication," Ivanti officials wrote Friday in a post announcing the patch availability. "This can then allow the attacker control over machines running the EPM agent. When the core server is configured to use SQL express, this might lead to RCE on the core server." RCE is short for remote code execution, or the ability for off-premises attackers to run code of their choice. Currently, there's no known evidence the vulnerability is under active exploitation. Ivanti has also published a disclosure that is restricted only to registered users. A copy obtained by Ars said Ivanti learned of the vulnerability in October. [...]

Putting devices running Ivanti EDM behind a firewall is a best practice and will go a long way to mitigating the severity of CVE-2023-39336, but it would likely do nothing to prevent an attacker who has gained limited access to an employee workstation from exploiting the critical vulnerability. It's unclear if the vulnerability will come under active exploitation, but the best course of action is for all Ivanti EDM users to install the patch as soon as possible.

Microsoft has begun ditching WordPad from Windows and removed the editor from the first Canary Channel build of 2024. From a report: We knew it was coming, but the reality has arrived in the Canary Channel. A clean install will omit WordPad as of build 26020 of Windows 11. At an undisclosed point, the application will be removed on upgrade.

The People app is also being axed, as expected, and the Steps Recorder won't be getting any more updates and will instead show a banner encouraging users to try something else. Perhaps ClipChamp? WordPad was always an odd tool. Certainly not something one would want to edit text with, but not much of a word processor either. It feels like a throwback to a previous era. However, it was also free, came with Windows, and didn't insist on having a connection to the internet for it to work.