Linked by Thom Holwerda on Sat 27th May 2017 09:33 UTC
Linux

It is 2017. Pick an average PC from 2007 and install a minimal GNU/Linux based operating system. You will be able to do basic computing tasks (eg. surfing the web, reading E-Mails, listening to music, chatting) just like on an expensive modern PC. You will even get security updates, so your old computer is protected, just like as a new one.

postmarketOS (I love the name) aims to do the same for smartphones. A small Linux distribution with a phone interface, designed to be easy to update and maintain to solve the problems Android poses in this area. The project is in its infancy, so it needs a lot of help to further realise its vision.

This is a great idea, and it could breathe life into devices not even LineageOS can keep alive.

 

Linked by Thom Holwerda on Sat 27th May 2017 09:26 UTC
Apple

Apple is working on a processor devoted specifically to AI-related tasks, according to a person familiar with the matter. The chip, known internally as the Apple Neural Engine, would improve the way the company's devices handle tasks that would otherwise require human intelligence - such as facial recognition and speech recognition, said the person, who requested anonymity discussing a product that hasn't been made public. Apple declined to comment.

It's interesting - and unsurprising - that while Google is investing in server-side AI by developing its own custom AI hardware, Apple is apparently investing in keeping AI local. It fits right into the different approaches to privacy by these two companies, which is why I find this entirely unsurprising.

As a sidenote - isn't it interesting how when new technologies come around, we try to offload it to a specific chip, only to then bring it back into the main processor later on?

 



Linked by Bjorn Stahl on Fri 26th May 2017 19:55 UTC
General Development OSNews covered the One night in Prio article, and now a new version of its umbrella project, Arcan, has been released (which only happens two or three times a year). The actual details are covered in the release post.

So, what is Arcan?

Arcan is a powerful development framework for creating virtually anything between user interfaces for specialised embedded applications all the way to full-blown standalone desktop environments.

At its heart lies a robust and portable multimedia engine, with a well-tested and well-documented interface, programmable in Lua. At every step of the way, the underlying development emphasises security, performance and debugability guided by a principle of least surprise in terms of API design.

 

Linked by Thom Holwerda on Wed 24th May 2017 23:08 UTC
Google

Google already monitors online shopping - but now it's also keeping an eye on what people buy in physical stores as it tries to sell more digital advertising.

The Internet giant said Tuesday that a new tool will track how much money people spend in merchants' bricks-and-mortar stores after clicking on their digital ads.

The analysis will be done by matching the combined ad clicks of people who are logged into Google services with their collective purchases on credit and debit cards. Google says it won't be able to examine the specific items bought or how much a specific individual spent.

Well, this seems like something our politicians should prevent. This is such a terrible idea.

 

Linked by Thom Holwerda on Wed 24th May 2017 23:03 UTC
Amiga & AROS

Ars reviews the Amiga X5000, and concludes:

The X5000 is different. It feels like an exotic car: expensive, beautifully engineered, and unique. If you bought one, you'd be one of a proud few, a collector and enthusiast. It practically begs for you to dig in and tinker with the internals - the system comes with an SDK, a C compiler, Python, and a huge amount of documentation for things like MUI, the innovative GUI library. On top of that, there is the mysterious XMOS chip, crying out for someone to create software that leverages its strengths. It feels like a developer’s machine.

Should you buy one? That depends very much on what your needs are. If you are simply after the best price-to-performance ratio for a desktop computer, this is not the machine for you. But if you are interested in something very different, something that is pleasant and fun to use, and yet can still be used for modern desktop workloads, then the X5000 is worth a look. I have had this review unit on my desktop for over a month now, and frankly I don’t want to give it back.

I reviewed the sam440ep with AmigaOS 4 way back in 2009, and came to a relatively similar conclusion - these machines are a ton of fun, but they're just prohibitively expensive, meaning only existing AmigaOS users will really get their hands on these. They really, really need a more accessible machine or board - a few hundred Euros, tops.

 

Linked by Thom Holwerda on Wed 24th May 2017 20:02 UTC
Windows

Over the past 3 months, we have largely completed the rollout of Git/GVFS to the Windows team at Microsoft.

As a refresher, the Windows code base is approximately 3.5M files and, when checked in to a Git repo, results in a repo of about 300GB. Further, the Windows team is about 4,000 engineers and the engineering system produces 1,760 daily "lab builds" across 440 branches in addition to thousands of pull request validation builds. All 3 of the dimensions (file count, repo size and activity), independently, provide daunting scaling challenges and taken together they make it unbelievably challenging to create a great experience. Before the move to Git, in Source Depot, it was spread across 40+ depots and we had a tool to manage operations that spanned them.

As of my writing 3 months ago, we had all the code in one Git repo, a few hundred engineers using it and a small fraction (<10%) of the daily build load. Since then, we have rolled out in waves across the engineering team.

 

Linked by Thom Holwerda on Wed 24th May 2017 19:59 UTC
Microsoft

A week after introducing the Surface Laptop to the world, he's sitting in a room in Microsoft's Building 88 ready to show off his team's latest creation: the new Surface Pro. At first glance, it looks a lot like 2015's Surface Pro 4, but it's part of a bigger lineup of the entire Surface family that Microsoft is now ready to take worldwide.

For the first time in Surface history, Microsoft will start shipping two new products (Surface Pro and Surface Laptop) worldwide at launch. June 15th will see these new products launch, and a big expansion for the Surface Studio all-in-one PC, too. It's clearly a date that Microsoft has been working toward for quite some time, and as I walked around Microsoft's secretive Surface building located at its Redmond, Washington, campus, it's easy to see that the Surface family of devices is now coming to life.

Be honest with yourself: which line of devices feels more innovative and exciting: Surface or Mac?

Easy answer.

 

Linked by Thom Holwerda on Tue 23rd May 2017 22:27 UTC
Hardware, Embedded Systems

A dis-integrated circuit project to make a complete, working transistor-scale replica of the classic MOS 6502 microprocessor.

This is sorcery - and art.

 

Linked by Thom Holwerda on Tue 23rd May 2017 22:25 UTC
Google

At most companies, if you think you've witnessed sexual harassment, sexism, bigotry or racism, there s one way to get it addressed: going to human resources. At Google, there's another way to air your grievance: submitting your complaint to an employee-run message board that's curated into a weekly email.

The list, called "Yes, at Google," is a grassroots effort to collect anonymous submissions at Google and parent Alphabet Inc. and communicate them across the company, according to five current employees who receive the emails. "Yes, at Google" tracks allegations of unwelcome behavior at work in an attempt to make the company more inclusive, said the employees, who did not want to be named because they were not authorized to speak about internal company matters. Since starting in October, more than 15,000 employees - 20 percent of the company's workforce - have subscribed, according to two of those people.

Google management is aware of the list. "We work really hard to promote and preserve a culture of respect and inclusion," a Google spokesperson said in a statement. "Our employees have numerous ways to raise issues - both negative and positive - with us, including through grassroots transparency efforts like this one. We take concerns seriously and take appropriate measures to address them."

This is a great initiative, and adds a ton of accountability into the reporting process for these matters. I wonder if you could complain if your brand new headquarters has every amenity from a huge gym to a massive wellness centre (...what even?), but no daycare.

 

Linked by Thom Holwerda on Tue 23rd May 2017 22:18 UTC
Legal

The U.S. Supreme Court on Monday tightened rules for where patent lawsuits can be filed in a decision that may make it harder for so-called patent "trolls" to launch sometimes dodgy patent cases in friendly courts, a major irritant for high-tech giants like Apple and Alphabet Inc's Google.

In a decision that upends 27 years of law governing patent infringement cases, the justices sided with beverage flavoring company TC Heartland LLC in its legal battle with food and beverage company Kraft Heinz Co. The justices ruled 8-0 that patent suits can be filed only in courts located in the jurisdiction where the targeted company is incorporated.

Good. That district in Texas is screwed.

 

Written by Thom Holwerda on Mon 22nd May 2017 11:42 UTC
In the News

Like many other countries, The Netherlands uses a chip card for paying and using public transport, and while there's been a number of issues regarding its security, privacy, and stability, it won't be going anywhere any time soon. Just today, the various companies announced a new initiative where Android users can use their smartphones instead of their chip cards to pay for and use public transport.

The new initiative, jointly developed by the various companies operating our public transport system and our carriers, is Android-only, because Apple "does not allow it to work, on a technical level", and even then, it's only available on two of our three major carriers for now.

This got me thinking about something we rarely talk about: the increasing reliance on external platforms for vital societal infrastructure. While this is a test for now, it's easy to see how the eventual phasing out of the chip cards - already labelled as "outdated" by the companies involved - will mean we have to rely on platforms beyond society's control for vital societal infrastructure. Chip cards for public transport or banks or whatever are a major expense, and there's a clear economic incentive to eliminate them and rely on e.g. smartphones instead.

As we increasingly outsource access to vital societal infrastructure to foreign, external corporations, we have to start asking ourselves what this actually means. Things like public transport, payments, taxes, and so on, are absolutely critical to the functioning of our society, and to me, it seems like a terrible idea to restrict access to them to platforms beyond our own control.

Can you imagine what happens if an update to an application required to access public transport gets denied by Apple? What if the tool for paying your taxes gets banned from the Play Store days before the tax deadline? What if a crucial payment application is removed from the App Store? Imagine the immense, irreparable damage this could do to a society in mere hours.

If these systems - for whatever reason - break down today, we can hold our politicians accountable, because they bear the responsibility for these systems. During the introduction of our current public transport chip card and its early growing pains, our parliament demanded swift action from the responsible minister (secretary in American parlance). Since the private companies responsible for the chip card system took part in a tender process with strict demands, guidelines, rules, and possible consequences for failure to deliver, said companies could and can be held accountable by the government. This covers the entire technological stack, from the cards themselves up to the control systems that run everything.

If we move to a world where applications for iOS and Android are the only way to access crucial government-provided services, this system of accountability breaks down, because while the application itself would be part of the tender process, meaning its creator would be accountable, the platforms it runs on would not - i.e., only a part of the stack is covered. In other words, if Google or Apple decides to reject an update or remove an application - they are not accountable for the consequences in the same way a party to a government tender would be. The system of accountability breaks down.

Of course, even today this system of accountability isn't perfect, but it is a vital path for recourse in case private companies fail to deliver. I'm sure not every one of you even agrees the above is a problem at all - especially Americans have a more positive view of corporate services compared to government services (not entirely unreasonable if you look at the state of US government services today). In countries like The Netherlands, though, despite our constant whining about every one of these services, they actually rank among the very best in the world.

I am genuinely worried about the increasing reliance on - especially - technology companies without them actually being part of the system of accountability. The fact that we might, one day, be required to rely on black boxes like iOS devices, Microsoft computers, or Google Play Services-enabled Android phones to access vital government services is a threat to our society and the functioning of our democracy. With access to things like public transport, money, and all that come with those, locked to closed-source platforms, we, the people, will have zero control over the pillars of our own societies.

What can we do to address this? I believe we need to take aggressive steps - at the EU-level - to demand full public access to the source code that underpins the platforms that are vital to the functioning of our society. We, the people, have the right to know how these systems work, what they do, and how secure they really are. As computers and phones become the only way to access and use crucial government services, they must be fully 100% open source.

We as The Netherlands are irrelevant and would never be able to make such demands stick, but the EU is one of the most powerful economic blocks in the world. If you want access to the wealthy 450 million customers in the European Union (figure excludes the UK), your software must be open source so that we can ensure the security and stability of our infrastructure. If you do not comply, you will be denied access to this huge economic block. Most of you will probably balk at this suggestion, but I truly believe it is the only way to guarantee the security and stability of vital government services we rely on every single day.

We should not rely on closed-source, foreign code for our government services. It's time the European Union starts thinking about how to address this threat.

 

Linked by Thom Holwerda on Sun 21st May 2017 10:36 UTC
Google

These, in my view, don't go far enough in stating the problem and I feel this needs to be said very clearly: Google's AMP is bad - bad in a potentially web-destroying way. Google AMP is bad news for how the web is built, it's bad news for publishers of credible online content, and it's bad news for consumers of that content. Google AMP is only good for one party: Google. Google, and possibly, purveyors of fake news.

I haven't encountered enough AMP pages in my browsing time to really form an informed opinion on it, but as a matter of principle, I'm against it. At the same time, however, all of us know that modern websites are really, really terrible. It's why so many of us use ad blockers (on top of privacy concerns, of course) - to make the modern web browsing experience bearable. In that sense, AMP serves a similar role.

Simply put: if everyone created news websites and blogs as fast and light as, say, OSNews, we wouldn't need AMP or ad blockers for speed purposes (you might still want an ad blocker for privacy reasons, of course).

On a related note, something funny happened regarding this specific article. Yesterday, John Gruber wrote:

But other than loading fast, AMP sucks. It implements its own scrolling behavior on iOS, which feels unnatural, and even worse, it breaks the decade-old system-wide iOS behavior of being able to tap the status bar to scroll to the top of any scrollable view.

Setting aside the sulphuric irony of a fervent Apple fan crusading for openness, it turns out that AMP is not implementing its own scrolling at all - the AMP team actually found a bug in Safari, reported it to Apple, and then Apple replied with stating they are switching the whole of Safari over to what Gruber perceived as AMP's own scrolling behaviour:

With respect to scrolling: We (AMP team) filed a bug with Apple about that (we didn't implement scrolling ourselves, just use a div with overflow). We asked to make the scroll inertia for that case the same as the normal scrolling.

Apple's response was (surprisingly) to make the default scrolling like the overflow scrolling. So, with the next Safari release all pages will scroll like AMP pages. Hope Gruber is happy then :)

Well, I thought this was entertaining.

 

Linked by Thom Holwerda on Thu 18th May 2017 21:50 UTC, submitted by AmineKhaldi
ReactOS

ReactOS 0.4.5 has been released.

Thanks to the work of Katayama Hirofumi and Mark Jansen, ReactOS now better serves requests for fonts and font metrics, leading to an improved rendering of applications and a more pleasant user experience. Your continued donations have also funded a contract for Giannis Adamopoulos to fix every last quirk in our theming components. The merits of this work can be seen in ReactOS 0.4.5, which comes with a smoother themed user interface and the future promises to bring even more improvements. In another funded effort, Hermès Bélusca-Maïto has got MS Office 2010 to run under ReactOS, another application from the list of most voted apps. Don’t forget to install our custom Samba package from the Application Manager if you want to try it out for yourself.

 

Linked by Thom Holwerda on Thu 18th May 2017 21:46 UTC
Android

Over the weekend, it was discovered that the Android Netflix application could no longer be installed on rooted Android devices - in fact, it vanished from the Play Store on rooted devices completely. Netflix then confirmed it started blocking rooted devices from installing the Netflix application.

Well, it turns out we'll only be going downhill from here, as Google explained at I/O that from now on, developers will be able to block their applications from being installed on rooted Android devices.

Developers will be able to choose from 3 states shown in the top image: not excluding devices based on SafetyNet, excluding those that don't pass integrity, or excluding the latter plus those that aren't certified by Google. That means any dev could potentially block their apps from showing and being directly installable in the Play Store on devices that are rooted and/or running a custom ROM, as well as on emulators and uncertified devices (think Meizu and its not-so-legal way of getting Play Services and the Play Store on its phones). This is exactly what many of you were afraid would happen after the Play Store app started surfacing a Device certification status.

This is bad news for the custom ROM community. If I can no longer install Netflix (and possibly more applications) on custom ROMs, there's no way I'll be using custom ROMs on my devices. For now, this is a Play function and we can still sideload the applications in question, but with Google Play Services installed on virtually every Android device, one has to wonder - and worry - how long it'll be before such checks happen on-device instead of in-Play.

 

Linked by Thom Holwerda on Thu 18th May 2017 21:31 UTC
Android

During I/O, Google also announced Android Go, a version of the mobile operating system optimised for lower-end devices. From Google's announcement:

  • OS: We're optimizing Android O to run smoothly and efficiently on entry-level devices.
  • Apps: We're also designing Google apps to use less memory, storage space, and mobile data, including apps such as YouTube Go, Chrome, and Gboard.
  • Play: On entry-level devices, Play store will promote a better user experience by highlighting apps that are specifically designed for these devices -- such as apps that use less memory, storage space, and mobile data -- while still giving users access to the entire app catalog.

If a device has less than 1 GB of RAM, it will automatically use the Android Go version of Android. In addition, Google has set up a set of guidelines applications must adhere to in order to qualify for the special highlighting mentioned above.

The first question that popped into my mind was - why isn't every device getting this supposedly faster, and more lightweight version of Android? Will we be able to 'force' our devices to use Android Go, even if they don't officially qualify? The second question is - why would a developer go the lengths of creating additional versions of their application, instead of what they ought to do, which is slim down their existing application?

 

Linked by Thom Holwerda on Thu 18th May 2017 15:57 UTC
Android

I'm a little late with all the stuff from Google I/O last night due to personal issues keeping me from my PC, so let's catch up. There's a ton of interesting stuff, but I think what OSNews readers will be interested in the most is the Android project officially adding support for Kotlin.

Today the Android team is excited to announce that we are officially adding support for the Kotlin programming language. Kotlin is a brilliantly designed, mature language that we believe will make Android development faster and more fun. It has already been adopted by several major developers - Expedia, Flipboard, Pinterest, Square, and others - for their production apps. Kotlin also plays well with the Java programming language; the effortless interoperation between the two languages has been a large part of Kotlin's appeal.

The Kotlin plug-in is now bundled with Android Studio 3.0 and is available for immediate download. Kotlin was developed by JetBrains, the same people who created IntelliJ, so it is not surprising that the IDE support for Kotlin is outstanding.

And the announcement from the Kotlin project itself:

For Android developers, Kotlin support is a chance to use a modern and powerful language, helping solve common headaches such as runtime exceptions and source code verbosity. Kotlin is easy to get started with and can be gradually introduced into existing projects, which means that your existing skills and technology investments are preserved.

As for user-facing features in Android O, it's definitely a more low-key affair than earlier releases, with most new features fitting neatly in the "huh, neat" category. With a massive low-level project like Treble underway, it makes sense for Android to not rock the boat too much with this year's release. There's Notification Dots, smarter text selection, completely redesigned emoji, and more. There's also Android Go, but I'm saving that for a later item.

 

Linked by Thom Holwerda on Thu 18th May 2017 15:41 UTC
AMD

So for today's AMD Financial Analyst Day, AMD has released a little bit more information as part of the next step of their campaign. The first Vega product to be released has a name, it has a design, and it has performance figures. Critically, it even has a release date. I hesitate to call this a full announcement in the typical sense - AMD is still holding some information back until closer to the launch - but we now finally have a clear picture of where the Vega generation kicks off for AMD.

Say hello to the Radeon Vega Frontier Edition.

First Ryzen, now Vega, with Ryzen 9 on the way. AMD is on a roll, and Intel is scrambling. Competition!

 

Linked by martini on Tue 16th May 2017 18:59 UTC
OS/2 and eComStation

ArcaOS 5.0 has been released and it is available to be bought at the Arca Noae shop page. It is based on OS/2 Warp 4.52 binaries, and contains newer drivers for ACPI, USB, and networking, a new installer and several open source software projects such as Firefox, Qt, Libc, and OpenOffice.

The OS2World Community also posted a statement with important OS/2 community links and some remarks on the important role open source software has in the OS/2 community.

 

Linked by Thom Holwerda on Mon 15th May 2017 23:08 UTC
Windows

Troy Hunt hits some nails on their heads:

If you had any version of Windows since Vista running the default Windows Update, you would have had the critical Microsoft Security Bulletin known as "MS17-010" pushed down to your PC and automatically installed. Without doing a thing, when WannaCry came along almost 2 months later, the machine was protected because the exploit it targeted had already been patched. It's because of this essential protection provided by automatic updates that those advocating for disabling the process are being labelled the IT equivalents of anti-vaxxers and whilst I don't fully agree with real world analogies like this, you can certainly see where they're coming from. As with vaccinations, patches protect the host from nasty things that the vast majority of people simply don't understand.

Great article, which also goes into Windows Update itself for a bit.

 

Written by Thom Holwerda on Mon 15th May 2017 16:18 UTC
Windows

Friday saw the largest global ransomware attack in internet history, and the world did not handle it well. We're only beginning to calculate the damage inflicted by the WannaCry program - in both dollars and lives lost from hospital downtime - but at the same time, we're also calculating blame.

There's a long list of parties responsible, including the criminals, the NSA, and the victims themselves - but the most controversial has been Microsoft itself. The attack exploited a Windows networking protocol to spread within networks, and while Microsoft released a patch nearly two months ago, it’s become painfully clear that patch didn’t reach all users. Microsoft was following the best practices for security and still left hundreds of thousands of computers vulnerable, with dire consequences. Was it good enough?

If you're still running Windows XP today and you do not pay for Microsoft's extended support, the blame for this whole thing rests solely on your shoulders - whether that be an individual still running a Windows XP production machine at home, the IT manager of a company cutting costs, or the Conservative British government purposefully underfunding the NHS with the end goal of having it collapse in on itself because they think the American healthcare model is something to aspire to.

You can pay Microsoft for support, upgrade to a secure version of Windows, or switch to a supported Linux distribution. If any one of those mean you have to fix, upgrade, or rewrite your internal software - well, deal with it, that's an investment you have to make that is part of running your business in a responsible, long-term manner. Let this attack be a lesson.

Nobody bats an eye at the idea of taking maintenance costs into account when you plan on buying a car. Tyres, oil, cleaning, scheduled check-ups, malfunctions - they're all accepted yearly expenses we all take into consideration when we visit the car dealer for either a new or a used car.

Computers are no different - they're not perfect magic boxes that never need any maintenance. Like cars, they must be cared for, maintained, upgraded, and fixed. Sometimes, such expenses are low - an oil change, new windscreen wiper rubbers. Sometimes, they are pretty expensive, such as a full tyre change and wheel alignment. And yes, after a number of years, it will be time to replace that car with a different one because the yearly maintenance costs are too high.

Computers are no different.

So no, Microsoft is not to blame for this attack. They patched this security issue two months ago, and had you been running Windows 7 (later versions were not affected) with automatic updates (as you damn well should) you would've been completely safe. Everyone else still on Windows XP without paying for extended support, or even worse, people who turn automatic updates off who was affected by this attack?

I shed no tears for you. It's your own fault.