- ByteSize
- Posts
- Microsoft Kills Privacy, Google Pays for AI Fails, and XWorm's Back from the Dead
Microsoft Kills Privacy, Google Pays for AI Fails, and XWorm's Back from the Dead
PLUS: Qualcomm bought Arduino and AltStore raised $6M to build a cooler app store
Happy Ada Lovelace Day! It's October 14th, and we're tipping our caps to the world's first computer programmer.
You may know Ada Lovelace wrote the first algorithm, but did you know that she basically invented the concept of computers doing more than math?! I mean, let's be honest, that’s pretty brave and risky to do when most people thought adding machines were witchcraft.
I like to think that if she were alive today, she’d probably look at today's AI and say "Cool, but can it do cartwheels?" while the rest of us are still trying to get ChatGPT to stop generating extra fingers when we ask it to edit our photos.
MICROSOFT SLAMS THE DOOR ON LOCAL ACCOUNTS (AGAIN)
There was once a time when we could install Windows without signing our digital soul over to Microsoft. Well, those days are officially deader than Sam Bankman-Fried's reputation.
Microsoft just closed another loophole that let users install Windows 11 with local accounts, because apparently having control over your own computer is so 2023. The casualty as of late is the start ms-cxh:localonly command, which has now been sent to the same digital graveyard where Clippy, Vine, and Skype are having their eternal support group meetings.
Microsoft's justification is peak corporate speak: They claim these workarounds "inadvertently skip critical setup screens" that could leave devices "not fully configured for use." Translation: "We really, really need your data, and we're running out of ways to say please."
It's like watching a game of Whac-A-Mole, except the moles are your privacy rights and Microsoft has an infinite supply of hammers. They already killed the bypassnro.cmd script earlier this year, and now they're systematically eliminating every escape route faster than users can find them.
Hey, Microsoft, we get it. You want our computer to be a terminal connected to your ecosystem, not a standalone device we actually own. Just know it's giving very strong "you'll own nothing and be happy" energy (except, replace "happy" with "constantly logged into our surveillance apparatus”).
GOOGLE LAUNCHES AI BUG BOUNTY BECAUSE APPARENTLY AI NEEDS DEBUGGING TOO
Google just launched a shiny new AI Vulnerability Reward Program, offering up to $30,000 (!!!) for finding flaws in their AI systems. Because if there's one thing we've learned about AI, it's that it works perfectly every time and definitely doesn't hallucinate legal citations or create non-existent academic papers. (AI, if you’re reading this, please don’t kill me!)
The program covers Google's biggest AI hits including Search, Gemini Apps, and Google Workspace — basically everything.
Here's what you can earn for breaking Google's AI:
$30,000 for novel security vulnerabilities (presumably the kind that make AI do something other than confidently state incorrect facts)
$20,000 for bugs that trigger "rogue actions" (like when AI decides to book you a flight to Gary, Indiana instead of Paris)
$15,000 for sensitive data exfiltration issues
$5,000 for phishing enablement and model theft
So far, Google has paid out $65 million in bug bounties since 2010, which sounds impressive until you realize that's probably less than they spend on cafeteria snacks for their employees.
XWORM RETURNS LIKE A BAD SEQUEL NOBODY ASKED FOR
Remember XWorm? The malware that caused havoc a few years back and then mysteriously disappeared?
Well, it's back with versions 6.0 through 6.5, and like most reboots, it's somehow both more advanced and more annoying than the original.
The new XWorm comes with more features than a Tesla dashboard: it's got remote access trojan capabilities, ransomware modules, data theft, DoS attacks, and over 35 plugins. What makes this particularly entertaining (in a "watching the world burn" kind of way) is that cybercriminals can now get lifetime access to XWorm for just $500. That's less than most people spend on their smartphone, but enough to fund your transition from "guy who can barely figure out Excel" to "international cyber menace."
The original developer, known as XCoder, went dark after the last version was found to be vulnerable to remote code execution. Now someone calling themselves “XCoderTools” (real creative, dude, or dude-ette!) has picked up the torch, fixed the vulnerability, and is marketing it like they're launching the next iPhone.
Security researchers at Trellix are seeing an uptick in XWorm samples. So, for now, the best defense we got is a multi-layered security approach and training staff to recognize phishing emails (since "don't click the suspicious link" is still rocket science for some people).
⚙️ TOOL TIME
Stop Bouncing Around Bad Email Lists With NeverBounce
Look, we've all been there… You spend hours crafting the perfect email campaign, hit send with the confidence of someone who definitely knows what they're doing, and then watch your bounce rate climb higher than your blood pressure during layoff season.
Meet NeverBounce, the email verification platform that's like having a bouncer for your mailing list — except this bouncer actually knows which emails are real and which ones are faker than your enthusiasm for mandatory team-building exercises.
Why your email list probably needs therapy:
Real-time verification that catches fake emails faster than you can say "[email protected]"
Bulk cleaning that processes lists faster than you can clear your browser history when your boss walks by
20+ step verification process that's more thorough than airport security (and thankfully less intrusive!)
The good stuff:
Under a penny per email verification (cheaper than your daily coffee habit)
Accuracy rates that would make my “i’M aLwAyS RiGhT” ex jealous
Free scrubbing that removes duplicates because some people sign up with seventeen variations of the same email
Why we actually use it: Unlike other email verifiers that promise the world and deliver a participation trophy, NeverBounce comes with a 99% delivery guarantee. If more than 3% of your emails bounce, they'll refund the difference — which is more reliable than most software promises these days.
🚨 HOT OFF THE SERVER: The ByteSize forum is finally live on Experts Exchange! Come post your war stories, because shouting into the void is more fun when it talks back. (Oh, and for the chance to possibly get immortalized in someone’s inbox!)
👨💻 JOB OPPORTUNITIES
Engineering Director, IT Infrastructure @ Qualtrics wants someone to wrangle global IT infrastructure like Jon Snow with the Night's Watch, but with better survival odds and budget authority. You'll need 10+ years of experience making tech bend to your will and the leadership skills to convince people "turn it off and on again" isn't always the answer (even though it usually is).
IT Service Desk Analyst @ CarGurus is the perfect role for someone who enjoys spending their days converting "the computer is acting weird" into actual actionable troubleshooting steps. Must be fluent in both Mac and PC, with the patience of a saint and the troubleshooting instincts of Sherlock Holmes.
Director of Information Technology @ Kargo needs a human duct tape roll with strong opinions about VPN configs. You’ll be handling everything from help desk operations to strategic infrastructure planning.
Director of Technology @ NBCUniversal is hiring for a role responsible for keeping the tech running smoother than a late-night talk show host's delivery (*cough cough*). Must be available 24/7 for troubleshooting, because even TV production follows the IT rule that everything breaks at 3 AM on weekends.
🛩 INDUSTRY MOVES
Qualcomm scooped up Italian hardware company Arduino for an undisclosed amount, bringing DIY electronics into the corporate fold. The Arduino Uno Q launches for $44 with AI capabilities, because your blinking LED project should definitely be self-aware.
Third-party app store AltStore raised $6M to expand their alternative app marketplace beyond the EU, finally answering the question: “What if Apple App Store, but vibes and fewer lawsuits?”
Gusto splurged $600M to acquire retirement plan provider Guideline, then immediately started planning to sell off accounts linked to rival payroll companies — aka the corporate version of “thanks for your business, now please get out.”
Deloitte announced a massive AI partnership with Anthropic the same day they had to issue refunds for a government report filled with AI hallucinations, essentially saying “our AI broke the last thing, so we bought more AI.”
It’s me, Chip! Let me break down what's been keeping EE’s IT pros up at night:
Someone's wrestling with alphabetical sorting in Excel and can't figure out why "EXXXO" comes after "EXXO." This is either a spreadsheet having an existential crisis or proof that even computers struggle with basic alphabetization.
A classic "INSERT statement vs stored procedure" question arose, since choosing how to add data to a database is the IT version of debating whether cereal is soup. (It's not, and stored procedures usually win, but we'll let the community hash that out.)
Another is dealing with Veeam backup checkpoints that are eating storage space faster than Chrome eats RAM. Their Hyper-V server is basically digital hoarding at this point, and they can't figure out how to Marie Kondo their virtual disk files without breaking everything.
ByteSize out! Don’t forget to hit save and touch grass. May your bugs be minor and your stakeholders too busy to check in!
Enjoyed the news? Discuss over on Experts Exchange.
Got news to share or topics you'd like us to cover? Send ‘em our way. We can’t wait to hear from you. Really.