Monthly Archive:: April 2020
Microsoft is working on a tool that will let you replace the Windows Run feature on Windows 10. The Spotlight-like launcher for Windows 10 will be released later this year, as part of the company’s effort to customize Win+R and give users numerous features but keep the handling as easy as possible at the same time. Microsoft’s Spotlight-like launcher for Windows 10 is said to be part of PowerToys upcoming update. According to Microsoft, PowerToys Run is designed to replace Win + R shortcut. I use Ulauncher on my computers, and I can’t imagine using them without it. It’s about time a similar feature came from Microsoft, but the fact it’s a separate PowerToy thing and not a default on Windows means it’ll remain a niche thing. This should be standard out of the box.
The lock screen work that we landed in 3.36 was the outcome of a long-running programme of UX work, which we first put together at the GNOME UX hackfest in London, back in 2017. There are still some outstanding pieces of the login/unlock experience that need to be filled in, and this is something that we hope to work on over the coming development cycle. However, we are also turning our attention to other aspects of the shell, which we have wanted to update for some time. In the rest of this post, I’ll describe some of the areas that we’re hoping to improve, before going on to talk about how we’re going to do it. An overview of what to expect from upcoming GNOME releases.
I am pleased to announce the KWinFT project and with it the first public release of its major open source offerings KWinFT and Wrapland, drop-in replacements for KDE’s window manager KWin and its accompanying KWayland library. The KWinFT project was founded by me at the beginning of this year with the goal to accelerate the development significantly in comparison to KWin. Classic KWin can only be moved with caution, since many people rely on it in their daily computing and there are just as many other stakeholders. In this respect, at least for some time, I anticipated to be able to push KWinFT forward in a much more dynamic way. This is a great concept, and will allow more experimentation and exciting new features in a place where this normally simply doesn’t make much sense.
We’ve just released SRU 20 for Oracle Solaris 11.4, the April 2020 CPU. It is available via ‘pkg update’ from the support repository or by downloading the SRU from My Oracle Support Doc ID 2433412.1. The administrator of my organisation needs to supply me with a Support Identifier before I can do something as simple as read the documentation about this new version, so I have no idea what to tell you. I guess Solaris technically isn’t dead yet?
Hercules is an open source software implementation of the mainframe System/370 and ESA/390 architectures, in addition to the new 64-bit z/Architecture. Hercules runs under Linux, Windows (98, NT, 2000, and XP), Solaris, FreeBSD, and Mac OS X (10.3 and later). The installation instructions will aid you in setting Hercules up.
If an application from a Chinese company installed a kernel driver onto your system with complete access to your computer, but they pinky-promised not to abuse this access and power, would you install the application? Well, if you’re interested in Riot Games’ new hit game Valorant, that’s exactly the question you’re going to have to answer. Riot Games, the company behind one of the most popular games in the world, League of Legends, recently starting publicly beta testing their new game, Valorant. Two months ago, the company penned a rather condescending blog post detailing their future anti-cheat technology, which would include a Windows kernel driver (running in ring 0, in x86 parlance). Valorant is their first game using this kernel driver, and as it turns out, this kernel driver starts at boot, and due to its very nature has full system access, even when you’re not running Valorant. According to Riot Games, we just have to trust them on their blue eyes that their kernel driver is fully secure and won’t be exploited by malicious third parties, and that the company won’t use it to spy on people or otherwise violate their privacy. Riot states on Reddit that “multiple external security research teams” have reviewed the driver, but as far as I can tell, these reviews have not been published for public vetting. What we’re dealing with here is a rootkit, a method more and more anti-cheat systems are employing in the fight against cheating. The argument is that game developers need full, complete, and total access to your system in order to prevent you from cheating, and a kernel driver is how they do it. There’s a long history of these sorts of things going horribly, horribly wrong. We all still remember the Sony rootkit debacle, where Sony CDs installed rootkits on users’ computers that ended up being exploited left, right, and centre by malicious parties. In 2016, Capcom installed a similar rootkit meant for anti-cheat with Street Fight V, which was an absolute security train wreck. And closer to home for Riot, the game client for their very own League of Legends installed crypto miners on users’ computers in the Philippines. Despite the inherent dangers in installing closed-source security-by-obscurity rootkits, Riot is dead-set on continuing to use them, and it’s only a matter of time before their rootkit will be forced upon League of Legends players as well – which in my case means I won’t be able to play League of Legends anymore even if I wanted their rootkit on my computer, since I play on Linux through Wine/Lutris, which doesn’t support kernel drivers at all. Players of Riot’s games will have to ask themselves if they trust Riot to install a rootkit with complete and full access to their system – browsing history, chat logs, email, everything. You have to trust Riot when they say the rootkit is “secure” and won’t be exploited by malicious third parties, and that the company itself won’t use it to invade your privacy. Interesting sidenote: Riot Games is owned by the Chinese company Tencent, the company behind WeChat. Tencent is, for all intents and purposes, an arm of the Chinese government, so not only do you have to trust Riot Games, you also have to trust their owner, Tencent, as well as who Tencent literally answers to – the Chinese government. I’m not going to tell anyone what they should or should not do with their computers, and if you trust Riot, Tencent, and the Chinese government enough to let them install a rootkit on your computer, then that’s your right to do so. However, I do feel users need to be at least aware of the choice they’re making.
Colorado — like most states and territories across the country — is experiencing record unemployment numbers. But the state’s unemployment system is built on aging software running on a decades-old coding language known as COBOL. Over the years, COBOL programmers have aged out of the workforce, forcing states to scramble for fluent coders in times of national crisis. A survey by The Verge found that at least 12 states still use COBOL in some capacity in their unemployment systems. Alaska, Connecticut, California, Iowa, Kansas, and Rhode Island all run on the aging language. According to a spokesperson from the Colorado Department of Labor and Employment, the state was actually only a month or two away from “migrating into a new environment and away from COBOL,” before the COVID-19 pandemic hit. Are you one of the already 17 million people laid off in the US, losing what little health insurance you had in the process, and now you can’t even apply for unemployment assistance because some baby boomer coded the damn system in COBOL? Time to lift yourself up by the bootstraps and learn the wonders of COBOL!
Google has made significant progress toward developing its own processor to power future versions of its Pixel smartphone as soon as next year — and eventually Chromebooks as well, Axios has learned. The chip, code-named Whitechapel, was designed in cooperation with Samsung, whose state-of-the-art 5-nanometer technology would be used to manufacture the chips, according to a source familiar with Google’s effort. Samsung has also manufactured Apple’s iPhone chips, as well as its own Exynos processors. Apparently, Google has received the first batch in recent weeks. This development process has been one of the worst-kept secrets in the industry, since Google pretty much admitted it was developing its own mobile SoC years ago.
Google is replacing some Android apps for Chromebooks with Progressive Web Apps (PWAs). A PWA is essentially a webpage that looks and feels like a traditional app. This will certainly be good news for many Chromebook owners. In some cases, PWAs are faster and more functional than their Android counterparts. PWAs also take up less storage and require less juice to run. When PWAs are a better option than Android applications, you know you’re scraping the bottom of the barrel. I really don’t understand why Google doesn’t just turn Chrome OS into a more traditional desktop Linux distribution – they’ll get better applications, better tooling, and better performance than shoehorning Android applications into Chrome or pretending a website is an application.
Intel’s Dynamic Platform and Thermal Framework (DPTF) is a feature that’s becoming increasingly common on highly portable Intel-based devices. The adaptive policy it implements is based around the idea that thermal management of a system is becoming increasingly complicated – the appropriate set of cooling constraints to place on a system may differ based on a whole bunch of criteria (eg, if a tablet is being held vertically rather than lying on a table, it’s probably going to be able to dissipate heat more effectively, so you should impose different constraints). One way of providing these criteria to the OS is to embed them in the system firmware, allowing an OS-level agent to read that and then incorporate OS-level knowledge into a final policy decision. Unfortunately, while Intel have released some amount of support for DPTF on Linux, they haven’t included support for the adaptive policy. And even more annoyingly, many modern laptops run in a heavily conservative thermal state if the OS doesn’t support the adaptive policy, meaning that the CPU throttles down extremely quickly and the laptop runs excessively slowly. It’s been a while since I really got stuck into a laptop reverse engineering project, and I don’t have much else to do right now, so I’ve been working on this. It’s been a combination of examining what source Intel have released, reverse engineering the Windows code and staring hard at hex dumps until they made some sort of sense. Here’s where I am. Someone has to do the dirty work.
The ReactOS Team is pleased to announce the release of version 0.4.13. As with prior releases, keywords are noted representing the release itself and highlighting key improvements. In this particular case, the 0.4.13 version shows the results of significant hard work to bring improvements to the USB stack, further development on the Xbox port boot process, an Explorer File Search for the Shell module, as well as many other changes. There’s also new work on accessibility features, and the 64 bit version has seen considerable improvements, too.
The Verge reports: Apple and Google announced a system for tracking the spread of the new coronavirus, allowing users to share data through Bluetooth Low Energy (BLE) transmissions and approved apps from health organizations. The new system, which is laid out in a series of documents and white papers, would use short-range Bluetooth communications to establish a voluntary contact-tracing network, keeping extensive data on phones that have been in close proximity with each other. Official apps from public health authorities will get access to this data, and users who download them can report if they’ve been diagnosed with COVID-19. The system will also alert people who download them to whether they were in close contact with an infected person. This is a clever use of technology, but as always, what can be used for good, can also be used for evil. A technology like this certainly seems useful in our current worldwide predicament, but it’s not hard to imagine what can be done with it that might be more nefarious. That being said, it’s refreshing to see these companies working together for the good of their users for once, instead of the constant hostility towards users to create platform lock-in and shareholder value. In any event, the APIs for this new system will arrive in iOS and Android over the coming months – through a regular OS update on iOS, and through Google Play on Android.
With Android 7.0 Nougat, Google introduced a partition scheme designed to speed up software updates. In Nougat, Google added support for duplicating certain partitions so that inactive partitions can get updated in the background and then swapped to active with a quick reboot. This “A/B partition” setup allows for “seamless updates” to take place on supported Android devices, much like Google’s Chrome OS. However, Google has never mandated the use of A/B partitions, so many devices out there that don’t support seamless updates. That could change with Android 11, however, as Google is making it mandatory for newly launched devices to support virtual A/B partitions. Anything to make the update situation on Android smoother is welcome.
There’s a storm brewing in the world of Qt and KDE, as the parent company of Qt, The Qt Company, is contemplating restricting new Qt releases to paying customers (i.e., not releasing them as open source) for twelve months. This obviously affects the KDE project considerably, who have been negotiating with The Qt Company for years now. An announcement made by The Qt Company in January derailed said negotiations, however. As KDE’s Olaf Schmidt-Wischhöfer explains: They announced that LTS releases of Qt will only be available for paid license holders. It is still unclear what this implies for contributions to Qt and for the sharing of security fixes between the various parties (including The Qt Company, the many Qt experts contributing, the KDE community, and Linux distributions). It seemed the two parties were working on a path forward acceptable to all parties involved, but then came the announcement earlier today that The Qt Company was contemplating restricting all releases to paid customers for twelve months. It seems bad blood has been brewing for a while, as Schmidt-Wischhöfer states: The Qt Company says that they are willing to reconsider the approach only if we offer them concessions in other areas. I am reminded, however, of the situation half a year ago. We had discussed an approach for contract updates, which they suddenly threw away by restricting LTS releases of Qt instead. All software changes in Qt will still be available at as Open Source as required by our contract – maybe with a delay of 12 months if the company decides to part ways with the communities. We will continue to work on a contract update that helps all sides. But even if these negotiations were to be unilaterally stopped by The Qt Company, Qt will stay Open Source, and KDE will be able to use it. I am also absolutely sure that the Qt + KDE communities will continue cooperation on new features, bug fixes, and security fixes, even should The Qt Company decide to forgo the benefits of cooperation. Luckily for the future of KDE and Qt, there is an agreement in place between KDE and The Qt Company that states that “ should The Qt Company discontinue the development of the Qt Free Edition under the required licenses, then the Foundation has the right to release Qt under a BSD-style license or under other open source licenses.” This is a serious issue that I hope can be resolved, as nobody will benefit from a serious rift between The Qt Company and the KDE project.
Windows is getting support for browsing Linux file systems! Except, not really, since it only applies to WSL. We’ve had the ability to access your Linux files since Windows 1903, but now you can easily get to them from your left-hand navigation pane in File Explorer. Selecting the Linux icon will show you a view of all your distros, and selecting those will place you in the Linux root file system for that distro. As far as I can tell, this only applies to distributions installed through Windows Subsystems for Linux, not to actual distributions installed elsewhere on your computer (on other hard drives or partitions). Cool new feature, I guess, but properly sanctioned Windows support for Ext4 and other Linux-focused file systems would be so much more helpful.
Some very nice performance fixes landed this week, which should substantially boost move and copy speeds for local transfers and transfers to and from Samba shares in particular. But that’s not all, and there’s more on the menu… Every week, there’s a blog post highlighting the various changes, bugfixes, small new features, fixed paper cuts, and other small changes within KDE and its associated projects and programs. They’re a joy to read, and I would love it if more major software projects did this.
Hobbyist licenses for OpenVMS have been a notable option for users of the VAX, Alpha, and Integrity business servers. HP 3000 users tried for a similar license for MPE/iX, especially in the months following HP’s news it wouldn’t continue its 3000 business. HP declined to create the kind of license the users wanted to power the basement and in-garage 3000 servers they’d brought home. With the change in ownership of OpenVMS — HP Enterprise turned over the business to VMS Software Inc. — the hobbyist program is ending at HPE. VSI is considering one option to continue hobbyist-class licenses. That’s one hell of a bummer. I hope they can come to sort of solution or agreement.
One of my goals with GBE+ is to program an emulator that is as complete as I can possibly make it. That means emulating devices like the GB Printer. To tell the truth, I had my eye on GB Printer support for some time, but only recently have I done enough work on the DMG/GBC core to make that possible. A long time ago, I tried getting the GB Printer to work in VBA-M (1.8.0) but the Linux version didn’t seem to do anything. That is to say, VBA-M did emulate the printer as if it were connected, but it didn’t save the image anywhere I could find. The Windows version worked flawlessly and showed me the final print as I expected. Maybe that was just user-error on my part, but it inspired me to one day make an emulator that would properly emulate the GB Printer on Linux, my OS of choice. Digressing, let’s take a look at what the GB Printer is doing and how it interacts with a Game Boy system. The Game Boy Camera and Game Boy Printer were these almost mythical items I’d talk about with my friends and my brothers, and the idea of taking photos with a Game Boy was so wild and out there it sparked our imaginations. To this day, I’ve never seen or used one in real life, and that bums me out.
In February, KrebsOnSecurity told the story of a private citizen auctioning off the dangerous domain corp.com for the starting price of $1.7 million. Domain experts called corp.com dangerous because years of testing showed whoever wields it would have access to an unending stream of passwords, email and other sensitive data from hundreds of thousands of Microsoft Windows PCs at major companies around the globe. This week, Microsoft Corp. agreed to buy the domain in a bid to keep it out of the hands of those who might abuse its awesome power. I had no idea that a seemingly innocuous default chosen decades ago had this much of an impact.
Google has been ramping up the Linux environment on Chrome OS lately, with features like microphone support and USB connections. For those of you who spend a lot of time in the command-line Terminal, Chrome OS 83 (currently in the Dev channel) has updated the app with new themes and customization options. The Terminal app on Chrome OS has changed very little since the Linux container was originally released — it’s a single window with text. However, the new version shipping in Chrome OS 83 offers tabs, pre-made themes, customizable colors and fonts for text, and even cursor options. To be honest, I’d rather have a proper, traditional Linux distribution than Chrome OS, but I guess these are welcome additions for those among us using the terminal on Chrome OS.
