Monthly Archive:: December 2024
EXiGY rolls up the all of the above experiences into a single package: make games the way they were made in the mid-90s, by dragging and dropping objects into a window, programming some behaviour into those objects, and clicking the Run button. It’s like ZZT with tile graphics instead of ASCII. Want to send your little game to some friends? Click the Gift button to package all of the files up, and send your friend the .XGY file. EXiGY is about making it fun to create games again. ↫ Chris on the Exigy website I fell in love with this the second I saw it come by on Mastodon. Chris – I don’t know the author’s full name so I’ll stick with Chris – has been working on this for the past year, and it’s not out quite yet. Still, the feature list is packed, and on the linked website, they intend to post development updates so we can keep up with the goings-on. This seems like an incredibly cool project and I’d love to play around with it when Chris deems it ready for release.
The content of a private message should only be known by the sender and recipient. Unfortunately, this rule can change when the message is sent online. A malicious person might intercept and read the message or change its content. End-to-end encryption (E2EE) is an emerging technology that protects content in transit. This technology ensures only the sender and recipient view the content. End-to-end security services are important in messaging. It is changing messaging communication in modern life and beyond. Image Source: Pexels What end-to-end encrypted messaging involves E2EE involves sending messages that only the targeted recipient can read. In the past, messages sent through messaging apps were not secured. Any person could intercept these messages and multiple people could read them before targeted recipients received them. This technology encrypts the message before it leaves the sender’s device. It lets the information travel securely online and decrypt once it reaches the recipient’s device. E2EE ensures no other person can read the message including service providers. Popular messaging apps such as Messenger and WhatsApp use this technology. Sometimes Messenger is hacked leading to data loss and exposure to the wrong people. When this happens, hackers might change your profile, deny you access, or begin sending scam messages to people. In these situations, you need information and for that https://moonlock.com/messenger-hacked is the best option. Knowing what to do if Messenger is hacked and acting timely on it can save you from unexpected and some of the uncontrollable situations. If you notice suspicious messages take action and log out of Messenger quickly. You may deny hackers access to your data once you sign out of Messenger. Next, change your password and make it harder for malicious people to guess it. How does end-to-end encryption work? Popular messaging apps contain prebuilt E2EE-enabled features ensuring messages travel safely online. They use application layer encryption ensuring messages sent through multiple devices are safe. This ensures data transferred retains integrity and securely identifies receiving devices. Application encryption such as Facetime end-to-end encryption has various roles. Once users begin typing a message, this feature is activated by generating a private key. Once the user taps the send button, this feature encrypts the message containing the encryption key. The information remains encrypted until it reaches the recipient’s device. The recipient’s app contains the encryption feature, which automatically uses the decryption key to open the message. Sometimes senders may use a third-party encryption app for this goal. In this case, recipients must use the key to decrypt the message. Image Source: Pexels How does E2EE benefit individuals and organizations? Messaging apps encrypt and send all types of data – from text to pictures, files, music, and videos. Data senders prepare the information they want to send and the app activates an encryption algorithm ready for safe transmission. This data only decrypts once it arrives on the recipient’s device. Users can apply other security measures to protect this data after decrypting. Application encryption or E2EE offers many advantages to individuals and organizations. Can encrypted data be hacked? Several challenges face E2EE although the benefits bypass these setbacks. As much as there is the good side of technology, the bad side exists too. Hackers use advanced resources to cheat encryption systems and penetrate them. Several complexities face E2EE systems and encryption key management tops them. E2EE can be hacked especially if the sender and recipient devices are vulnerable due to compromised security. This exposes the secured data to theft possibilities and hackers can use advanced systems to crack the keys. Although the data is secured, it can be intercepted if the transmission system has a low processing speed. Users may fail to comply with regulations leading to vulnerable devices. Advancing technology leads to safer online data transmission but also opens breach possibilities. This calls for message senders and recipients to take extra security measures and protect their devices. They should understand how to encrypt iPhone and other internet connection devices. The future of messaging Organizations and individuals are adopting end-to-end encryption in messaging due to the security benefits. They overlook the setbacks and embrace the benefits that overshadow them. 2024 data shows that more than 90% of organizations have started or completed digital transformation processes. This demands more elaborate and proactive security measures in messaging data. This need is pushing organizations into innovation and creating advanced cybersecurity solutions. In the future, there will be wider E2EE adoption as part of safety measures. There is a rush to develop an encryption system that can withstand quantum technology. This technology is currently resistant to encryption which is posing a big threat to E2EE goals and advancements. One of the solutions that might counter this challenge is homomorphic encryption which is already in advanced development phases. The AI threat detection model is already in use and advancing, making it a key solution to future prevention of messaging interception, key decoding, and hacking. Security experts predict there will be a new generation of messaging apps soon. Several advanced messaging services have already emerged offering top security and privacy to users. Mac users for instance are already benefiting from Facetime end-to-end encryption. New technologies such as Telegram, WhatsApp Business, and Messenger are offering fresh hope in safe messaging. Privacy and security experts foresee a future where E2EE works the same on any device, operating system, or messaging service. Cryptographic compliance could be stricter to ensure the growing user base is protected. This will require providers to adopt a balanced model between security and compliance. There is a growing need for organizers and providers to spread user awareness more. This will not stop but will continually increase as the future approaches. More communication channels will be encrypted and user authentication will advance further. This approach will provide flawless integration with collaboration tools across the board. More organizations will adopt zero trust models and E2EE could become the security default soon. Strengthening messaging channels at the user level Messaging apps like WhatsApp encrypts files, texts, and calls, ensuring secure transmission.
Every time a new Redox monthly report comes out, I’m baffled by the fact we’ve apparently rounded another month. They just keep on coming and going, don’t they? And I even turned 40 this 1 December, so it hits even harder this time. I’m now as old as I remember my parents were in some of my oldest memories, and now I’ve got two kids of my own. Wild. Time isn’t supposed to move this fast, and I strongly advise the Redox team to stop this madness. Anyway, this month also saw the release of the 4th alpha of system76’s new COSMIC Linux desktop environment, and the parts of COSMIC available on Redox were updated to reflect that. This past months also saw a major milestone: the RISC-V version of Redox running in an emulator on the x86-64 version of Redox. That’s quite the feat, and highlights just how capable Redox has become in such a short time. There’s also the usual list of kernel, driver, and relibc improvements, as well as additional Rust programs ported to Redox. Also highlighted in this report: a video detailing how to build Redox under Windows Subsystem for Linux. This could be a great avenue for operating system developers who use Windows to get their feet wet at building Redox on their own systems.
Today, we are announcing the availability of Vanir, a new open-source security patch validation tool. Introduced at Android Bootcamp in April, Vanir gives Android platform developers the power to quickly and efficiently scan their custom platform code for missing security patches and identify applicable available patches. Vanir significantly accelerates patch validation by automating this process, allowing OEMs to ensure devices are protected with critical security updates much faster than traditional methods. This strengthens the security of the Android ecosystem, helping to keep Android users around the world safe. ↫ Google Security Blog Google makes it clear this tool can easily be adapted for other avenues too – it’s not locked into only working with Android and Java/C/C++. Since it’s now open source, anyone can contribute to it and make it compatible – for lack of a better term – with other platforms and programming languages as well.
Mozilla isn’t just another tech company — we’re a global crew of activists, technologists and builders, all working to keep the internet free, open and accessible. For over 25 years, we’ve championed the idea that the web should be for everyone, no matter who you are or where you’re from. Now, with a brand refresh, we’re looking ahead to the next 25 years (and beyond), building on our work and developing new tools to give more people the control to shape their online experiences. ↫ Lindsey Lionheart O’Brien at the Mozilla blog I have no clue about marketing and branding and what investments in those things cost, but all I could think about while reading this massive pile of marketing wank is that the name “Firefox” only occurs once. How many Firefox bugs could’ve been squashed with the money spent on this rebrand literally nobody is going to care about because nobody uses Firefox as it is? Is a new logo and accompanying verbal diarrea really what’s going to turn this sinking ship around? I’ve already made my choice, and I’ve left Firefox behind on all my machines, opting for an entirely different browser instead. I’m writing about that experience as we speak, so you’ll have to wait a bit longer to find out what choice I made, but rest assured I know I’m not the only one who is leaving Firefox behind after two decades of loyal service, and I doubt an expensive new logo is going to change anybody’s mind.
This is my hobby operating system written in C++. Currently supports x86_64 and i686 architectures. ↫ Banan-OS git page A hobby operating system as a learning experience, but for once not written in Rust, which in and of itself makes it more unique than you’d think. Despite being mostly a one-person hobby project, it’s ticked quite a few boxes already: SMP, network stack, copy-on-write memory, ELF loading, NVME and ATA support, PS/2 and USB peripheral support, a basic GUI, and a lot more. Contributions are welcomed, too.
VEKOS is an experimental operating system written in Rust that focuses on verification and security at its core. This is the first alpha release (v0.0.1) that demonstrates the basic architecture and key features of the system. ↫ VEKOS GitHub page Hobby and experimental operating systems written in Rust are not exactly a novel concept, but that doesn’t mean each new one that comes up isn’t cool. This one is still in its very early stages, but focuses on something quite interesting: every filesystem and memory operation is cryptographically verified using a proof system. It’s already got basic file system operations, signal handling and a scheduler, a shell, and more. Contributions are welcomed.
HarmonyOS Next, the new version of Huawei’s mobile operating system, runs on a brand new microkernel, uses a new, homegrown programming language, and most notably in this duopolistic world, does not run Android applications. This won’t be much of an issue inside China, where Huawei can more easily make sure the most important Chinese applications are supported and ported over, but outside of China that might pose some problems, especially for Chinese tourists visiting other countries. It turns out there’s a solution for this, called 出境易 (as Android Authority notes, this seems to translate to something like “Easy Abroad”), which is basically a containerised Android runtime using microG. It comes with its own built-in application store filled with a number of popular Android applications, and runs them on HarmonyOS Next. The tool is called 出境易, which roughly translates to “Easy Abroad.” It’s apparently designed to aid Chinese tourists who travel abroad. The tool seems to create a container for Android apps to run in, which is not a new concept but is surprising to see pop up so quickly for the new operating system. When installed, the tool lets you install a number of Android apps from its self-contained app store, including Facebook, Instagram, Discord, Reddit, YouTube, Google Search, Google Maps, Uber, Chrome, Gmail, Spotify, Disney Plus, Netflix, Steam, and more. These Android apps show up in a folder in the home screen but they cannot be dragged out of the folder. An early hands-on of the tool from YouTuber LL Techview shows that it works surprisingly well. Android apps launch quickly, run pretty smoothly, and even appear in the recents menu. It’s even possible to sign into your Google Account to use apps like Google Search and Gmail. ↫ Mishaal Rahman at Android Authority There are limitations, of course, and they’re roughly the same as the ones found on any device running microG instead of Google Play Services – something I just wrote about in my review of /e/OS on a FairPhone 5: certain banking applications won’t work, anything that hooks too deeply into Play Services won’t run, that sort of stuff. On top of that, this tool also brings in some limitations of its own, like only whitelisted application being supported, notifications not working properly, and a few other issues. This all feels very similar to what Jolla and Sailfish tried to do way back in 2014. Running Android applications as a side hustle was jank back then and I feel like it’s probably going to be jank today. Even just running Play Services in a restrictive sandbox – like I do with GrapheneOS on my daily driver, a Pixel 8 Pro – presents some issues, and microG adds even more compatibility issues on top. Putting all of this in a container will surely add an additional layer of jank, like it did on Sailfish OS. Regardless, I’m 100% down with trying to get my hands on a HarmonyOS Next device if they ever become available in some form here in Sweden, as I feel like a review of what is the most serious attempt at breaking the Android-iOS duopoly in over a decade is something that belongs here on OSNews. If that time ever comes, I might set up another fundraiser to get it done.
14.2-RELEASE now includes OCI-compatible images, and the Podman toolkit on FreeBSD is ready to use them, on both amd64 and arm64 systems. ↫ Dave Cottlehuber This article from Dave Cottlehuber goes into more detail about the OCI-compatible FreeBSD images and how to use them.
If you were secretly hoping Microsoft would lower the system requirements for Windows 11 so you could upgrade your or your family’s Windows 10 machines to Windows 11, you’re going to be in for some bad news. In a blog post, Microsoft detailed that its most stringent Windows 11 requirement – the Trusted Platform Module (TPM) 2.0 – is here to stay and crucial to the future of Windows. By instituting TPM 2.0 as a non-negotiable standard for the future of Windows, we elevate the security benchmark. It allows you and us to better align with the growing need for formidable data protection in the modern digital sphere. In conclusion, TPM 2.0 is not just a recommendation—it’s a necessity for maintaining a secure and future-proof IT environment with Windows 11. And it’s an important part of the larger Zero Trust strategy, alongside Secure Boot, Credential Guard, and Windows Hello for Business. ↫ Steven Hosking at the Windows IT Pro Blog So no, if you had the hope Microsoft would lower Windows 11’s system requirements in the face of the oncoming end of support deadline for the 60% of Windows users still using Windows 10, your hope has just been dashed. A more likely outcome here is that as the deadline grows closer, Microsoft will extend the deadline by another year, and if needed another, because leaving 60% of users without security updates and little to no path to upgrade is not going to be a good look for the marketing and legal departments. If you really do want to upgrade to Windows 11, there’s a few options. There’s the enterprise-focused Windows 11 LTSC 2024 release, which does not require a TPM 2.0, regarding it as an optional feature instead. On top of that, LTSC is much more bare-bones, shipping without much of the stuff many of us more nerdy users aren’t interested in anyway. The big downside is that getting your hands on a legal copy of LTSC will be difficult, as it’s only available to volume licensing customers, which you most likely are not. Of course, you shouldn’t give a shit about Microsoft’s rules, so you can always use unapproved methods of getting a license. Another option is the one I took for my parts-bin Windows 11 PC which I only use for League of Legends: I bought a cheap TPM 2.0 module from eBay, slotted it into my motherboard, and was on my merry way. Due to League of Legends’ required rootkit, a TPM 2.0 module is needed, so a few euros and days waiting later, I was ready to go. Do make sure you get the right type of TPM 2.0 module for your motherboard, as they’re not universally compatible. The final option is to use one of the few remaining ways to circumvent Windows 11’s system requirements, which are sadly dwindling with every major update. Right now that means using a tool like Flyby11, which uses the Windows Server installer to bypass Windows 11’s system requirements. We’ll have to wait and see for how long that trick remains possible.
Ntfs2btrfs is a tool which does in-place conversion of Microsoft’s NTFS filesystem to the open-source filesystem Btrfs, much as btrfs-convert does for ext2. The original image is saved as a reflink copy at image/ntfs.img, and if you want to keep the conversion you can delete this to free up space. ↫ Mark Harmstone An amazing piece of software that works on both Linux and Windows, and even, as described above, comes with the option of undoing the conversion if you so desire and haven’t removed the original image yet. Its developer, Mark Harmstone, of course stresses that while he thinks the tool is quite stable, he obviously makes no guarantees or claims about its stability. In other words, please don’t use this on sensitive data or in a production environment. What makes this tool even more amazing is that you can combine it with two of Harmstone’s other tools to really pull some rabbits out of your hat. First, there’s his Btrfs driver for Windows, which, as the name implies, allows Windows to work with Btrfs-formatted drives. Second, and here’s where things get really spicy, there’s Quibble, his custom bootloader consisting of open source reimplementations of Windows’ own bootloader. Using these three tools together you can, if you’re lucky, boot and run Windows off a Btrfs drive. That’s quite cool, and while perhaps not particularly useful due to its experimental nature, it’s still an awesome weekend project.
This is a bit of an odd few days for Intel. Mere days after the board ousted its CEO Pat Gelsinger, once heralded as the chip giant’s messiah, they’re today launching two brand new desktop graphics cards. They’re aimed at the more budget-oriented consumer, and might very well be the last discrete graphics cards Intel makes, since this is one of the product lines on the chopping block. Intel’s next — and possibly last — desktop graphics cards will begin arriving in just 10 days. Right on cue, the company has announced the budget $249 Arc B580 and $219 Arc B570, shipping December 13th and January 16th, respectively, as the “best-in-class performance per dollar” options in the GPU market. They’re based on the same Xe2 “Battlemage” GPU architecture you’ll find in Intel’s Lunar Lake laptop chips but with more than double the graphics cores, up to 12GB of dedicated video memory, and up to 190W of power compared to their limited laptop forms — enough power to see the B580 slightly beat Nvidia’s $299 RTX 4060 and AMD’s $269 RX 7600, according to Intel’s benchmarks, but sometimes still trading blows. ↫ Sean Hollister at The Verge As for Gelsinger’s dismissal, it seems the board forced him out after being frustrated with the slow progress the company was making in its turnaround. The fact that a finance person and a marketing person will together be interim CEOs seems to indicate the board is more interested in quick profit than a long-term turnaround, and with companies like Qualcomm being interested in acquiring Intel, the board’s short-term mentality might be winning out, and ousting Gelsinger is just paving the way for selling off parts of Intel until there’s nothing left. Who knows, I might be reading way too much into all of this, but it feels like expecting an organisation as complex as a high-end processor makers to turn itself around in just a few years is incredibly shortsighted, and you’d think board members at Intel would understand that. If the goal is to maintain Intel as a separate, profitable entity making some of the world’s fastest processors, you’re going to need to give a CEO and leadership team more than just a few years to turn the ship around. Within a few years we’ll know the board’s true intentions, but I wouldn’t be surprised to see Intel being sold for parts over the coming years.
FreeBSD 14.2 has been released, and as the version number suggests, this isn’t a major release with huge changes. Still, it does bring support for downloading and installing necessary firmware packages after installation, the latest versions of OpenZFS and OpenSSL, and much more. FreeBSD 14.2 is available for the main architectures it supports – x86, PowerPC/POWER, ARM, and RISC-V, and can be downloaded from the usual location.
Are you managing heavy workloads and seeking ways to optimize your data processes? Query bottlenecks often disrupt operations, causing delays and inefficiencies in retrieving and processing valuable insights. Automation and advanced software solutions play a crucial role in minimizing errors and enhancing performance. Boosting query performance is essential for maintaining efficiency and achieving fast, reliable outcomes in analytics. Understanding how to improve Snowflake query performance helps organizations streamline operations and maximize resource utilization. Identifying bottlenecks and implementing solutions ensures seamless query execution and improved data-driven decision-making capabilities. Here, we focus on common query bottlenecks and strategies for resolving them with practical, actionable solutions. Discover how these improvements can save time, reduce costs, and drive better results in your business. 1. Inefficient Query Design Poorly structured commands often cause delays and unnecessary consumption of system resources during processing. Optimizing these searches involves selecting necessary columns, avoiding unnecessary computations, and applying appropriate filtering techniques. Regularly analyzing query performance can help refine logic and enhance overall execution efficiency. Trusted tech service providers can assist in identifying inefficiencies and improving query performance with tailored solutions. Leveraging automation tools helps pinpoint bottlenecks and optimize processes. 2. Lack of Proper Indexing Efficient data retrieval often depends on organizing and clustering information for commonly queried attributes. Although traditional indexes are absent, using clustered keys can significantly reduce data scan requirements. Periodic analysis of search patterns helps determine optimal data organization strategies for maximum performance. Expert tech advisors can guide the implementation of effective clustering techniques to achieve faster retrievals. Thoughtful fact arrangement minimizes redundant scans and ensures queries run efficiently under various conditions. 3. Suboptimal Warehouse Sizing Allocating the right computational resources is critical to balancing costs and command performance. Monitoring workloads helps determine appropriate virtual warehouse sizes tailored to varying data processing demands. Over-provisioning or under-sizing resources may result in inefficiencies and unnecessary delays. Trusted tech agencies specialize in designing scalable systems to adapt dynamically to workload changes. Auto-scaling features ensure optimal warehouse sizes based on fluctuating commands and resource requirements. 4. Concurrent Command Overload High concurrency can lead to slower processing as resources get overburdened with multiple simultaneous commands. Implementing queuing mechanisms and prioritizing critical workloads can mitigate strain on computing resources. Monitoring workloads and distributing them across virtual warehouses ensures balanced request execution during peak periods. Reputed service providers offer expertise in designing effective workload management strategies tailored to unique business needs. Smart distribution methods prevent overloads and maintain system stability under high concurrency conditions. 5. Inefficient Data Modeling Effective data modeling reduces redundancy and creates clear relationships for faster and more efficient requests. Adopting simplified schema designs, such as star or snowflake schemas, helps optimize data organization for performance. Reviewing and updating information structures regularly ensures they align with evolving analytical requirements and goals. Trusted service providers provide expertise in designing optimal schemas that improve query response times and efficiency. Thoughtful data relationships minimize complexity and streamline command operations across systems. 6. Inadequate Data Partitioning Partitioning data by meaningful attributes, like dates or regions, minimizes unnecessary data scans during queries. Proper partitioning strategies ensure that only relevant fact is retrieved, improving performance. Regularly analyzing request patterns helps in identifying the best partitioning keys for various use cases. Expert advisors can offer tailored guidance on partitioning to align with specific command requirements and goals. Efficient partitioning not only reduces computational overhead but also accelerates query execution times. Optimizing query performance requires expertise, precision, and guidance from trusted tech advisors with proven experience. They provide insights into ‘how to improve Snowflake query performance’ with effective strategies. Businesses can achieve faster requests, reduced costs, and greater efficiency through guided implementations. Partnering with knowledgeable tech experts empowers companies to maximize their potential and maintain competitive advantages.
Rejecting an engrained practice of bullshitting does not come easily. Frameworkism preaches that the way to improve user experiences is to adopt more (or different) tooling from the framework’s ecosystem. This provides adherents with something to do that looks plausibly like engineering, except it isn’t. It can even become a totalising commitment; solutions to user problems outside the framework’s expanded cinematic universe are unavailable to the frameworkist. Non-idiomatic patterns that unlock significant wins for users are bugs to be squashed. And without data or evidence to counterbalance bullshit artists’s assertions, who’s to say they’re wrong? Orthodoxy unmoored from measurements of user outcomes predictably spins into abstruse absurdities. Heresy, eventually, is perceived to carry heavy sanctions. It’s all nonsense. ↫ Alex Russell I’m not a developer, but any application that uses frameworks like React that I’ve ever used tend to be absolute trainwrecks when it comes to performance, usability, consistency, and platform integration. When someone claims to have an application available for a platform I use, but it’s using React or Electron or whatever, they’re lying in my eyes – what they really have is a website running in a window frame, which may or may not even be a native window frame. Developing using these tools indicates to me a lack of care, a lack of respect for the users of your product. I am militantly native. I’d rather use a less functional application than a Chrome web application cosplaying as a real application, and I will most likely not even consider using your service if all you have is a website-in-a-box. If you don’t respect me, I see no need to respect you. If you want an application on a specific platform, use that platform’s native tools and APIs to build it. Anything else tells me all I need to know about how much you truly care about the product you’re building.
This is the Hall Research Technologies SC-VGA-2, sold as a “VGA/HDTV Video Processor.” In addition to slicing, dicing and pureeing, apparently, it will take any of a bundle of input formats and both rescale and resample them on the fly into the VGA or HDTV signal you desire, including 60Hz rates. This came from a seller specializing in teleprompter equipment and Hall still sells an HDMI version with additional resolutions … for around US$500. However, this or the slightly newer SC-VGA-2A and SC-VGA-2B are all relatively common devices and found substantially cheaper used. Let’s try it out and show some sample output, including those delicious NeXTSTEP system messages and some ST grabs. ↫ Cameron Kaiser With the obscurity of some of the hardware Cameron Kaiser details on his website, I’m not surprised he has some seriously unique needs when it comes to taking screengrabs. He couldn’t very well not take the device apart, and inside it appears to be a system with two small processors, at least one of which is an Intel 8051 8bit microcontroller. Kaiser goes into his usual great detail explaining and showing how the device works. If you’ve got unique screengrabbing needs, this might be of interest to you.
Within in the last release cycle we worked on adding and extending the support for the i.MX8MP SoC as also found in one of the SoM options for the MNT Pocket Reform and are happy to show-case a first preview version of Sculpt running on this handy computing device. ↫ Josef Söntgen If you have a Pocket Reform – I reviewed its bigger sibling earlier this year – you can now run Genode on it. Not everything is working flawlessly yet – most notably audio and NVMe need work – but networking is operational, so you can actually browse the web. I’m not sure how much overlap there is between Genode users and Pocket Reform owners, but at least both groups now know it’s an option.
