Monthly Archive:: August 2023
Magnetic tape drives have long occupied the role that hard drives have shifted toward since the emergence of SSDs – cost-effective cold storage. Although they’re too slow for most users, recent developments allow magnetic drives to carry hundreds of gigabytes per square inch of tape. This week, IBM’s offerings in the space took another step forward. The company’s new TS1170 drive can store 50TB of uncompressed data per tape cartridge using the new JF media type. Employing 3:1 compression expands the capacity to 150TB. The technology represents a 250 percent increase over the TS1160 drive and JE media, which reached 20TB uncompressed and 60TB compressed. Additionally, the TS1170 manages a native data rate of 400 MB/s, increasing to 900 MB/s when handling compressed data. I’ve toyed with the idea of getting a used tape drive so I can use it to back up data – but mostly just to play with the technology. They’re not that expensive on eBay, but there’s quite a few different types and offerings, and it’s difficult to get a grasp on what would be a good option for a tinkerer to go for.
In a first for any OS/2-based distribution, ArcaOS 5.1 supports installation on the latest generation of UEFI-based systems, and includes the ability to install to GPT-based disk layouts. This enables ArcaOS 5.1 to install on a wide array of modern hardware. ArcaOS 5.1.0 can be used for new installs or to upgrade any prior version of ArcaOS 5. If installing from USB stick, the USB install stick may be created using any major operating system at hand (Windows, Linux, MacOS, and of course, OS/2, eComStation, and ArcaOS). Once built, the USB stick can be inserted into any USB port in the target system to boot into the ArcaOS installer/updater in either UEFI or traditional BIOS mode (alternatively, the DVD image may be burned to physical media and also booted to either UEFI or traditional BIOS systems). This release, and the support for UEFI and GPT-based drives in particular, is a massive achievement by the ArcaOS team. They’re most likely a rather small team, serving a small market, and I’m not even sure how much access they really have to the source code of the various parts that make up OS/2 – is anything known about the license between Arca Noae and IBM? – and this release has taken them quite a few years. However long it took, and however much work was involved, ArcaOS can now be used on modern hardware for a long time to come.
We have been in charge of maintaining one legacy Android app for our customer. It is an app, which is used by end-customers in production, but it does not have any active development going on because it’s been ready for years now. If it would be up to us, then we would not touch that app and would let it live its life happily ever after. Of course, there is no happily ever after when closed application stores are involved, so everything went south from here. It amazes me that a lot people only seem to be waking up now to the realities so many of us warned about when closed application stores took over from freely distributable applications over a decade ago. What do you get for that 30% cut of your revenue? Delays, nonsense rejections, no people to contact, and so much corporate bureaucracy it would turn Ayn Rand socialist. This is the reality of doing business with monopolists.
The EU Digital Services Act went into effect last Friday, and since there’s an insane amount of misinformation from big tech astroturfers about what the DSA means, it’s time to list what the DSA really does for people in the EU. People in the 27-nation European Union can alter some of what shows up when they search, scroll and share on the biggest social media platforms like TikTok, Instagram and Facebook and other tech giants like Google and Amazon. That’s because Big Tech companies, most headquartered in the U.S., are now subject to a pioneering new set of EU digital regulations. The Digital Services Act aims to protect European users when it comes to privacy, transparency and removal of harmful or illegal content. Here are five things that will change when you sign on. All of these are excellent improvements and gives us as consumers more sticks to fight with. The EU is far from perfect – just like any other government – but as far as consumer protection goes, they’re leading the charge. Never forget who would not want consumers to have more protections.
The mess I’m describing — end-to-end encryption but with certain exceptions — may be a healthy balance of your privacy and our safety. The problem is it’s confusing to know what is encrypted and secret in communications apps, what is not and why it might matter to you. To illuminate the nuances, I broke down five questions about end-to-end encryption for five communications apps. This is straightforward and good overview of what, exactly, is end-to-end encrypted in the various chat and IM applications we use today. There’s a lot of ifs and buts here.
“But does it run Linux?” can now be finally and affirmatively answered for the Commodore C64! There is a catch (rather: a couple) of course: It runs extremely slowly and it needs a RAM Expansion Unit (REU), as there is no chance to fit it all into just 64KiB. It even emulates virtual memory with an MMU. Insanity. A real C64 would take about a week (!) to boot Linux.
Ichido is a set of experimental search engines and software projects created by Anthony Mancini. The flagship project is the Ichido general purpose search engine, a classic search engine with its own independent index. Now, indexing the web is hard and this is in beta so the search results aren’t exactly what you’d call competitive, but I have to say – the user interface for this search engine is downright fantastic. It emulates that late ’90s look, and does a very interesting thing where it adds buttons for things like RSS feeds and social accounts for the pages it links to in the results. On top of that, it will list less desirable features of websites – trackers, ads, etc., as red warnings. No, this can’t replace DDG or Google – but I love the thought put into the UI.
At some point last year (shortly before I began writing this blog post!) I found reference to a hanafuda video game created in 1998 for the Casio CALEID XM-700 Mobile Navigator on a random old, Japanese website. It turns out this device is a long-forgotten handheld computer that was released in 1997, only in Japan. The device is what you might refer to as a PIM or PDA, roughly equivalent to Apple Newton or Palm Pilot, particularly as it featured handwriting recognition. Not what we would consider powerful in this day and age, but good at running database lookups and any undemanding software written specifically for it. The CPU was Intel 8086 compatible, like other period CASIO handheld personal computers, and an SDK was available. Cost of the device was 47800JPY, which was around 240GBP or 400USD at the time. The game file came with a reference bitmap showing hanafuda scoring, which was just the type of guarantee and encouragement I needed to start hunting. Nothing gets my blood flowing like a handheld device or PDA I’ve never heard of (my wife is okay with this).
It has been a little while since we shared our vision for Ubuntu Desktop, and explained how our current roadmap fits into our long term strategic thinking. Recently, we embarked on an internal exercise to consolidate and bring structure to our values and goals for how we plan to evolve the desktop experience over the next few years. This post is designed to share the output of those discussions and give insight into the direction we’re going. These values form the framework by which we determine our priorities and measure our progress, and hopefully inspire those that want to contribute to this experience to focus their energies in ways that are aligned with our longer term ambitions. I was hoping for more concrete ideas, plans, and ambitions from Canonical here, but this one is a bit of a nothingburger. There’s a lot happening in the desktop Linux world, especially around immutability, and I see nothing here about such long-term plans, or even relatively short-term meaningful desktop improvements.
Have you ever wanted a more lightweight version of OSNews? A version that loads more optimally inside a terminal? Well, I’ve got good news for you: OSNews is now available on Gemini: gemini://gemini.osnews.com. What is Gemini? This is how the project’s website describes it: Gemini is a new internet technology supporting an electronic library of interconnected text documents. That’s not a new idea, but it’s not old fashioned either. It’s timeless, and deserves tools which treat it as a first class concept, not a vestigial corner case. Gemini isn’t about innovation or disruption, it’s about providing some respite for those who feel the internet has been disrupted enough already. We’re not out to change the world or destroy other technologies. We are out to build a lightweight online space where documents are just documents, in the interests of every reader’s privacy, attention and bandwidth. Gemini is effectively a text-based alternative protocol to HTTP, reminiscent of protocols like Gopher. There’s some very basic markup available in the form of gemtext, but for all intents and purposes, when you load a Gemini capsule (the Gemini term for website), you’re effectively loading nothing more than plain a text file, which happens to also make Gemini capsules ideal for use in terminals. There are various ways to load Gemini capsules – from dedicated graphical clients for a wide variety of platforms, to very basic CLI-based clients. Personally, I use Buran on Android, Lagrange and Castor on Linux, GemiNaut on Windows, and Amfora in the CLI. There’s also various extensions for Firefox and Chrome if you want to load Gemini capsules right inside your regular browser. In addition, Gemini’s lightweight, simple nature also makes it a great candidate for alternative, classic, or basic operating systems. As far HTTP(S) links go, Gemini clients will generally offer to load these inside your default browser. Due to Gemini’s focus on simplicity, there’s a few workarounds the OSNews Gemini site had to implement to make it all work. First, you cannot have in-text links such as this – every link needs to be its own line. So, links inside stories are converted to numbered footnotes. Second, while gemtext supports quotes, they, too, can only be on one line. As such, we had to choose between turning multi-paragraph quotes into multiple separate gemtext quotes, or combine quotes into one gemtext quote. We opted for the latter, as it looked the best on most clients I’ve tried. Third, for simplicity’s sake, comments are not available on our Gemini site. Not only would it be hard (impossible?) to let you post comments inside Gemini, it would also be needlessly complex to create multiple scripts to convert comments posted on the regular site into gemtext. As such, every story on the Gemini site will contain an outgoing “Comments” link, pointing towards the normal site. Fourth, there’s no images. As for how this all works – I’m running the Agate Gemini server from home (meaning the server will be down a few times a week as I install updates on my workstation), and Julien Blanchard (julienxx) did the actually hard work by writing a Ruby script that takes our RSS feed and converts it into a drop-in gemtext page. I simply run this script periodically, and it dumps the gemtext page in Agate’s /content directory. I want to deeply thank Julien for writing this script and working out a few small bugs with me – I never could’ve done this myself, and probably would’ve had to resort to manually posting the items on Gemini myself. As for the why – well, why not? When I ran across Gemini, I instantly felt it was a great fit for OSNews, and would give you as readers a different, far more optimised way of accessing the site. While I doubt it will see tons of use, I’m sure there’s still a few of you out there who would be happy with this version of OSNews.
After 18 months developing with the Zephyr RTOS, I’m starting to become a strong proponent. In my opinion, one of the key advantages of the Zephyr RTOS is the hardware abstraction. It allows applications to be written for Zephyr that are platform independent and can be moved between different boards including different manufacturers of microcontrollers. In a world still suffering from chip shortages, it has been a breath of fresh air. Zephyr is a small real-time operating system (RTOS) designed for embedded microcontrollers such as the ARM Cortex-M series devices. As a project of the Linux Foundation, it shares many similarities with Linux, including DeviceTree and more recently, Pin Control. This is at the heart of how Zephyr gets its platform independence. It’s an article from January of 2023, but with how little we usually hear of these embedded platforms, I’ll take everything I can get.
Last year the European Union enacted a new set of regulations known as the Digital Services Act (DSA), designed to harmonize content regulations across the EU and create specific processes for online content moderation. The DSA applies to many different online services – from marketplaces and app stores to online video sharing platforms and search engines. As a result, we have adapted many of our long-standing trust and safety processes and changed the operation of some of our services to comply with the DSA’s specific requirements. We look forward to continued engagement with the European Commission and other stakeholders, including technical and policy experts, as we progress this important work. This blog post lists some of the steps Google is taking to comply with the DSA, which mostly come down to more transparency and giving researchers more access to how Google’s products work. It seems a tad on the vague and light side, so we’ll see if these steps are enough to bring Google in line.
Google is further strengthening its protections around Gmail, and from now on, you’ll have to verify it’s you through whatever 2FA method you prefer. It covers changing settings related to filters, forwarding, and IMAP access. When these actions are taken, Google will evaluate the session attempting the action, and if it’s deemed risky, it will be challenged with a “Verify it’s you” prompt. Through a second and trusted factor, such as a 2-step verification code, users can confirm the validity of the action. If a verification challenge is failed or not completed, users are sent a “Critical security alert” notification on trusted devices. Seems like a good move.
The BitLocker partition is encrypted using the Full Volume Encryption Key (FVEK). The FVEK itself is encrypted using the Volume Master Key (VMK) and stored on the disk, next to the encrypted data. This permits key rotations without re-encrypting the whole disk. The VMK is stored in the TPM. Thus the disk can only be decrypted when booted from this computer (there is a recovery mechanism in Active Directory though). In order to decrypt the disk, the CPU will ask that the TPM sends the VMK over the SPI bus. The vulnerability should be obvious: at some point in the boot process, the VMK transits unencrypted between the TPM and the CPU. This means that it can be captured and used to decrypt the disk. This seems like such an obvious design flaw, and yet, that’s exactly how it works – and yes, as this article notes, you can indeed capture the VMK in-transit and decrypt the disk.
In June 2022, I started work on porting FreeBSD to run on Firecracker. My interest was driven by a few factors. First, I had been doing a lot of work on speeding up the FreeBSD boot process and wanted to know the limits that could be reached with a minimal hypervisor. Second, porting FreeBSD to new platforms always helps to reveal bugs — both in FreeBSD and on those platforms. Third, AWS Lambda only supports Linux at present; I’m always eager to make FreeBSD more available in AWS (although adoption in Lambda is out of my control, Firecracker support would be a necessary precondition). The largest reason, however, was simply because it’s there. Firecracker is an interesting platform, and I wanted to see if I could make it work. Firecracker is Amazon’s virtual machine monitor. This article goes in great detail about the process of porting FreeBSD to run on Firecracker.
Microsoft Edge on Windows 10 and Windows 11 has again flagged ChromeSetup.exe – the installation file for Google’s famous Chrome browser – as potentially harmful. Microsoft Edge’s built-in security feature suggests users delete ChromeSetup.exe and try Edge via multiple pop-up messages. Windows Latest understands Microsoft Edge 116 has incorrectly flagged ChromeSetup.exe as potentially harmful. This appears to be a mistake, and only some users see it. In our tests, we observed the error in one out of five Microsoft Edge 116 stable installations. A “mistake”. I’m sure it was.
Python is one of the most popular programming languages today, loved by businesses and students alike and Excel is an essential tool to organize, manipulate and analyze all kinds of data. But, until now, there hasn’t been an easy way to make those two worlds work together. Today, we are excited to introduce the Public Preview of Python in Excel – making it possible to integrate Python and Excel analytics within the same Excel grid for uninterrupted workflow. Python in Excel combines Python’s powerful data analysis and visualization libraries with Excel’s features you know and love. You can manipulate and explore data in Excel using Python plots and libraries, and then use Excel’s formulas, charts and PivotTables to further refine your insights. The preview is available now.
Meanwhile, if you are on Windows 11 and wondering about its compatibility with your system, a document from Intel, spotted by Twitter (X) user Chi11eddog, seemingly confirms that Windows 11 is going to be supported. And although the document does not mention Windows 12, which is expected given that the product has not even been officially announced yet (Microsoft recently revealed the release date for Windows 11 23H2). While this is certainly expected, users who would have stuck to their Windows 10 PCs, either due to the hardware being not on the support list or simply because they prefer the older OS over the new ones, are likely going to be out of luck as the supported OS does not mention Windows 10. I mean, at the time Wi-Fi 7 comes out, Windows 10 will be almost a decade old. I’m all for a good Microsoft thrashing, but expecting them to go back and add support for Wi-Fi 7 to a decade-old operating system seems a bit unrealistic.
Four nonprofit groups seeking to protect kids’ privacy online asked the Federal Trade Commission (FTC) to investigate YouTube today, after back-to-back reports allegedly showed that YouTube is still targeting personalized ads on videos “made for kids”. Now it has become urgent that the FTC probe YouTube’s data and advertising practices, the groups’ letter said, and potentially intervene. Otherwise, it’s possible that YouTube could continue to allegedly harvest data on millions of kids, seemingly in violation of the Children’s Online Privacy Protection Act (COPPA) and the FTC Act. Targeted online advertising already oozes sleaziness, but targeting children is on a whole different level. There’s a reason you should keep a close eye on what your kids are watching on YouTube, and the various content rabbit holes YouTube’s algorithm can trap people in aren’t the only reason to do so. I’m not one of those extremists that believes YouTube is universally bad for kids – it all depends on what you watch, not that you watch – but that doesn’t mean I’m about to hand the remote control to my kids and leave the room.
The company raked in $13.5 billion in revenue since May, it revealed in its Q2 2024 earnings, with the unprecedented demand for its generative AI chips blowing past any difficulty it might have had selling desktop and laptop GPUs into a shrinking PC industry. Data center accounted for a record $10.32 billion of that revenue, more than doubling in just one quarter, and Nvidia made $6.188 billion in profit as a result — up 843 percent year over year. And while gaming is more than a billion dollars short of pandemic highs, it was actually up 22 percent year over year to $2.48 billion in revenue, too. I don’t really post about financial results anymore – the amounts of money “earned” by tech companies are obscene and utterly destructive – but I do want to highlight NVIDIA here, if only to be able to link back this a few years from now after the “AI” bubble has popped.
