Linked by Thom Holwerda on Mon 15th Oct 2018 10:02 UTC
Apple

As Apple continues to update its iPhones with new security features, law enforcement and other investigators are constantly playing catch-up, trying to find the best way to circumvent the protections or to grab evidence. Last month, Forbes reported the first known instance of a search warrant being used to unlock a suspect's iPhone X with their own face, leveraging the iPhone X's Face ID feature.

But Face ID can of course also work against law enforcement - too many failed attempts with the 'wrong' face can force the iPhone to request a potentially harder to obtain passcode instead. Taking advantage of legal differences in how passcodes are protected, US law enforcement have forced people to unlock their devices with not just their face but their fingerprints too. But still, in a set of presentation slides obtained by Motherboard this week, one company specialising in mobile forensics is telling investigators not to even look at phones with Face ID, because they might accidentally trigger this mechanism.

The security mechanisms on modern phones are complex legal problems for law enforcement, and one example in the article highlights just how far law enforcement is willing to go: UK police enacted a fake mugging to steal a suspect's phone as he was using it, so it would be unlocked. The officers then proceeded to endlessly swipe so it wouldn't lock itself.

Crazy.

 

Linked by Thom Holwerda on Mon 15th Oct 2018 09:57 UTC
Intel

VT-x is name of CPU virtualisation technology by Intel. KVM is component of Linux kernel which makes use of VT-x. And QEMU is a user-space application which allows users to create virtual machines. QEMU makes use of KVM to achieve efficient virtualisation. In this article we will talk about how these three technologies work together. Don't expect an in-depth exposition about all aspects here, although in future, I might follow this up with more focused posts about some specific parts.

 



Linked by Thom Holwerda on Mon 15th Oct 2018 09:56 UTC
Apple

Early in the platform's life-long before the release of the Apple TV 4K - which has very attractive specifications for game development - Apple lifted the requirement that games support its controller. But the first impression had already been made. And even if developers could release games that required a controller, the lack of a controller bundle for games-minded Apple TV buyers meant that developers couldn't feel confident they'd find a large audience that could play their games.

But there's more going on here than just controller support. To find out more, we talked to the people who would have the most complete perspective on the Apple TV's video game credentials.

Apple doesn't understand games. It never has, and I doubt it ever will (at least, in the near future). People often like to point at iOS as a successful gaming platform, but I don't count the endless string of gambling apps designed to prey on children and other willing people to really be games. If your gaming platform isn't even popular enough for Minecraft, you don't have a gaming platform.

 

Linked by Thom Holwerda on Mon 15th Oct 2018 00:00 UTC
In the News

Ever since selling Handspring to Palm in the early 2000s, Jeff Hawkins, creator of the Palm Pilot and founder of Palm, has been working on his true passion: neuroscience and trying to understand how the brain works. Teaming up with several neuroscientists and some former Palm people, his company Numenta, entirely funded by Hawkins himself, is now ready to show its research to the world.

Mr. Hawkins says that before the world can build artificial intelligence, it must explain human intelligence so it can create machines that genuinely work like the brain. "You do not have to emulate the entire brain," he said. "But you do have to understand how the brain works and emulate the important parts."

[...]

Now, after more than a decade of quiet work at Numenta, he thinks he and a handful of researchers working with him are well on their way to cracking the problem. On Monday, at a conference in the Netherlands, he is expected to unveil their latest research, which he says explains the inner workings of cortical columns, a basic building block of brain function.

Numenta's research is apparently so complex that Alphabet's artificial intelligence research company, DeepMind, told him they simply didn't understand it. If this work, which I think is detailed in this scientific paper published over the weekend (but don't quote me on it - it might be another paper altogether), is indeed the breakthrough neuroscience has been waiting for, it could have enormous consequences, not just for neuroscience and biology, but also for artificial intelligence and its applications in the world of computing.

I'm very curious to see if this research holds up to scientific scrutiny and peer review, because even the smallest of steps towards understanding how the brain works would be a massive scientific breakthrough.

 

Linked by Thom Holwerda on Sat 13th Oct 2018 00:37 UTC
Mozilla & Gecko clones

After considering the maintenance, performance and security costs of the feed preview and subscription features in Firefox, we've concluded that it is no longer sustainable to keep feed support in the core of the product. While we still believe in RSS and support the goals of open, interoperable formats on the Web, we strongly believe that the best way to meet the needs of RSS and its users is via WebExtensions.

With that in mind, we have decided to remove the built-in feed preview feature, subscription UI, and the "live bookmarks" support from the core of Firefox, now that improved replacements for those features are available via add-ons.

I would assume most RSS users already use more capable RSS readers and/or browser extensions, so it makes perfect sense for Firefox developers to remove this functionality from the browser so they no longer have to maintain it.

 

Linked by Thom Holwerda on Sat 13th Oct 2018 00:35 UTC
OSNews, Generic OSes

Interim OS is a radical new operating system with a focus on minimalism. It steals conceptually from Lisp machines (language-based kernel) and Plan 9 (everything is a file system). It boots to a JITting Lisp-like REPL and offers the programmer/user the system's resources as filesystems.

You can run it on a Raspberry Pi 2, or as a hosted operating system on ARM Linux, x86 Linux, OS X, Windows, and even on AmigaOS 3.x.

 

Linked by Thom Holwerda on Fri 12th Oct 2018 17:51 UTC
OpenBSD

One of the key aspects of hardening the user-space side of an operating system is to provide mechanisms for restricting which parts of the filesystem hierarchy a given process can access. Linux has a number of mechanisms of varying capability and complexity for this purpose, but other kernels have taken a different approach. Over the last few months, OpenBSD has inaugurated a new system call named unveil() for this type of hardening that differs significantly from the mechanisms found in Linux.

 

Linked by Thom Holwerda on Fri 12th Oct 2018 11:05 UTC
Internet & Networking

Some nice momentum for privacy-focused search engine DuckDuckGo which has just announced it's hit 30 million daily searches a year after reaching 20M - a year-on-year increase of 50%.

Hitting the first 10M daily searches took the search engine a full seven years, and then it was another two to get to 20M. So as growth curves go it must have required patience and a little faith in the run up.

I switched from Google to DDG as well, and only use the !g command whenever I feel DDG isn't giving me the search result I'm looking for. These days, virtually every browser supports DDG as well, making it possible to search using the address bar and similar functionality like that. I don't really miss Google Search in my day-to-day use.

And as a multilingual person and translator, DDG has one feature that has made my life a lot easier. Sometimes I need to search in English, and sometimes I need to search in Dutch. Years and years ago, you could go to Google.nl for Dutch search results, and Google.com for English results. At some point in the recent past, Google decided to remove this functionality, forcing users into one language and making it incredibly cumbersome to search in other languages.

DDG, on the other hand, has this incredibly handy little toggle atop the search results that allows me to instantly switch between Dutch and English results, without even having to change the search query. Clicking on the downward triangle next to it allows me to pick other languages as well. This handy little feature is an absolute lifesaver, and I can't imagine using online search functionality without it.

 

Linked by Thom Holwerda on Thu 11th Oct 2018 23:58 UTC, submitted by garyd
Google

Unlike regular phone Android, Android Things is not customizable by third-parties. All Android Things devices use an OS image direct from Google, and Google centrally distributes updates to all Android Things devices for three years. Android Things doesn't really have an interface. It's designed to get a device up and running and show a single app, which on the smart displays is the Google Smart Display app. Qualcomm's "Home Hub" platform was purposely built to run Android Things and this Google Assistant software - the SD624 is for smart displays, while the less powerful SDA212 is for speakers.

When it came time to build the Google Home Hub, Google didn't use any of this. At the show, I had a quick chat with Diya Jolly, Google's VP of product management, and learned that Google's Home Hub doesn't run Android Things - it's actually built on Google's Cast platform, so it's closer to a souped-up Chromecast than a stripped-down Android phone. It also doesn't use Qualcomm's SD624 Home Hub Platform. Instead, Google opted for an Amlogic chip.

This is such an incredibly Google thing to do. Build an entire platform specifically for things like smart displays, and then build a smart display that does not use said entire platform. It's a nerdy little detail that virtually no user will care about, but it just makes me wonder - why?

 

Linked by Thom Holwerda on Thu 11th Oct 2018 23:54 UTC
Android

All the way back in 2012, Samsung created a new file system purpose-built for flash-based storage, called 'F2FS'. It's typically faster on smartphones than the ext4 file system that most Android devices use, but it has suffered from reliability issues over the years. Google apparently thinks it's ready for prime-time though, as the Pixel 3 and 3 XL both use F2FS for local storage.

The technical details of F2FS are a bit complicated - some of the features include multi-head logging, TRIM/FITRIM support, and an adaptive logging scheme. The main advantage compared to ext4 is improved performance, specifically with random write speeds. It's also less prone to slowing down when limited free storage space is available.

The Pixel 3 isn't the first Android phone to use F2FS, as evidenced by its website.

 

Linked by Thom Holwerda on Thu 11th Oct 2018 20:12 UTC
Linux

It would be reasonable to expect doing nothing to be an easy, simple task for a kernel, but it isn't. At Kernel Recipes 2018, Rafael Wysocki discussed what CPUs do when they don't have anything to do, how the kernel handles this, problems inherent in the current strategy, and how his recent rework of the kernel's idle loop has improved power consumption on systems that aren't doing anything.

I had no idea doing nothing was this complex.

 

Linked by Thom Holwerda on Wed 10th Oct 2018 21:28 UTC, submitted by jonsmirl
Microsoft

I'm pleased to announce that Microsoft is joining the Open Invention Network ("OIN"), a community dedicated to protecting Linux and other open source software programs from patent risk.

We know Microsoft’s decision to join OIN may be viewed as surprising to some; it is no secret that there has been friction in the past between Microsoft and the open source community over the issue of patents. For others who have followed our evolution, we hope this announcement will be viewed as the next logical step for a company that is listening to customers and developers and is firmly committed to Linux and other open source programs.

Chalk this one up to the "good news, no ifs and buts about it" section.

 

Linked by Thom Holwerda on Tue 9th Oct 2018 23:46 UTC
Android

Not everything got leaked before Google's event today. One surprise announcement that wowed was Call Screen, a new feature that lets the Google Assistant answer your incoming calls and politely ask what the caller wants. A real-time transcript will appear on your screen, allowing you to decide whether or not you want to pick up.

When your Pixel rings, a "Screen call" button shows up alongside the usual controls. Tapping it will prompt the Google Assistant to tell your caller that the call is being screened and ask what it's about. Their explanation is transcribed on your screen, and you have options to mark the call as spam or tell the caller you'll get back to them, among others.

This is an amazing feature that will save a lot of people a lot of frustration. I want this feature on my phone now.

On a related note, Google Duplex, the feature whereby the Google Assistant will call restaurants and such on your behalf, will be rolled out to Pixel phones next month.

 

Linked by Thom Holwerda on Tue 9th Oct 2018 23:36 UTC, submitted by JRepin
KDE

KDE has released Plasma 5.14 desktop.

A lot of work has gone into improving Discover, Plasma's software manager, and, among other things, we have added a Firmware Update feature and many subtle user interface improvements to give it a smoother feel. We have also rewritten many effects in our window manager KWin and improved it for slicker animations in your work day. Other improvements we have made include a new Display Configuration widget which is useful when giving presentations.

The new release will find its way to your Linux distribution of choice soon enough.

 

Linked by Thom Holwerda on Tue 9th Oct 2018 22:57 UTC
IBM

So I learned something new today. Back in the early and mid-90s, IBM tried to build a PC-like platform and ecosystem around its PowerPC processor. They called it the PowerPC Reference Platform, or PReP, and with it, you could build what were effectively PC clones with PowerPC processors, ready to run a number of operating systems, including AIX, Windows NT, OS/2, and Apple's failed Taligent project. None of this is news to me.

What is news to me, however, is that aside from a number of desktop PReP machines, IBM also developed and sold a number of PReP laptops under the ThinkPad brand.

Sometime in 1994, IBM started working on a prototype mobile system named Woodfield and designated as type 6020. Very little is known about this system; it was never officially announced or sold. On June 19, 1995, IBM announced the ThinkPad 850 and 820 (announcement letters 195-178 and 195-179, respectively) with a planned availability date of July 24, 1995. The ThinkPad 820 designation was type 6040, code name Wiltwick; the 850 was type 6042, code name Woodfield Prime.

The ThinkPads 820/850 were to be available with no software or with preloaded Windows NT 3.51 or AIX 4.1.3. OS/2 was to come at some unspecified later date, and Solaris 2.5.1 support was announced in February 1996.

The ThinkPad 850 type 6042 came with 16 or 32 MB RAM, 540 or 810 MB hard disk, and 640×480 or 800×600 TFT display.

Definitely an interesting bit of computing history, and I'd love to get my hands on a working model - they pop up on eBay from time to time.

 

Linked by Thom Holwerda on Tue 9th Oct 2018 22:50 UTC
Privacy, Security, Encryption

A major U.S. telecommunications company discovered manipulated hardware from Super Micro Computer Inc. in its network and removed it in August, fresh evidence of tampering in China of critical technology components bound for the U.S., according to a security expert working for the telecom company.

The security expert, Yossi Appleboum, provided documents, analysis and other evidence of the discovery following the publication of an investigative report in Bloomberg Businessweek that detailed how China’s intelligence services had ordered subcontractors to plant malicious chips in Supermicro server motherboards over a two-year period ending in 2015.

Fresh fuel for the fire.

 

Linked by Thom Holwerda on Tue 9th Oct 2018 22:47 UTC
Google

Google unveiled its new Pixel phones today, as well as the Pixel Slate, a ChromeOS tablet/laptop device that's basically a cross between an iPad Pro and a Surface Pro. Virtually everything from the event was leaked over the past few weeks, so there were few - if any - surprises. The new devices are certainly interesting, but Google continues its policy of not making these products available in most of the world, so there's little for me to say about them - I have never seen them, let alone used them.

One thing that stood out to me about the Pixel Slate are its specifications - it runs on Intel processors, and in order to get a processor that isn't a slow Celeron or m3, you need to shell out some big bucks. I don't have particularly good experiences with Celeron or m3 processors, and even Intel's mobile i5 chips have never really managed to impress me - hence why I opted for the i7 version of the latest Dell XPS 13 when I bought a new laptop a few weeks ago. In The Verge's video, you can clearly see the user interface lagging all over the place, which seems like a terrible user experience to me, especially considering the price of $599 for the base Celeron model without a keyboard.

Time will tell if this machine is any good, but I am quite skeptical.

 

Linked by Thom Holwerda on Tue 9th Oct 2018 00:38 UTC
Apple

Even though the Mac line has grown less repairable over time, fixers have still managed to develop techniques for performing essential screen and battery repairs - until now. According to an internal Apple service document, any Mac with an Apple T2 chip now requires the proprietary 'Apple Service Toolkit 2 (AST 2) System Configuration Suite' (whew, that's a mouthful!) to complete certain repairs. This issue has received extensive coverage, but we wanted to perform some lab testing before we took our shot. Let's break down what all this means first.

This is inevitable - Macs have becoming ever more closed and less repairable for years now. This sucks - but at the same time, nobody is forcing you to buy a Mac. There are countless premium Windows and Linux laptops out there that are just as good, and even many non-premium Windows laptops are more than good enough replacements.

 

Linked by Thom Holwerda on Mon 8th Oct 2018 23:51 UTC
OSNews, Generic OSes

This paper presents an evaluation of the use of a high-level language (HLL) with garbage collection to implement a monolithic POSIX-style kernel. The goal is to explore if it is reasonable to use an HLL instead of C for such kernels, by examining performance costs, implementation challenges, and programmability and safety benefits.

The paper contributes Biscuit, a kernel written in Go that implements enough of POSIX (virtual memory, mmap, TCP/IP sockets, a logging file system, poll, etc.) to execute significant applications. Biscuit makes liberal use of Go's HLL features (closures, channels, maps, interfaces, garbage collected heap allocation), which sub- jectively made programming easier. The most challenging puzzle was handling the possibility of running out of kernel heap memory; Biscuit benefited from the analyzability of Go source to address this challenge.

On a set of kernel-intensive benchmarks (including NGINX and Redis) the fraction of kernel CPU time Biscuit spends on HLL features (primarily garbage collection and thread stack expansion checks) ranges up to 13%. The longest single GC-related pause suffered by NGINX was 115 microseconds; the longest observed sum of GC delays to a complete NGINX client request was 600 microsec- onds. In experiments comparing nearly identical system call, page fault, and context switch code paths written in Go and C, the Go version was 5% to 15% slower.

Scientific papers about operating system experiments - who doesn't love them?

 

Linked by Thom Holwerda on Mon 8th Oct 2018 19:37 UTC
Intel

Among many of Intel's announcements today, a key one for a lot of users will be the launch of Intel's 9th Generation Core desktop processors, offering up to 8-cores on Intel's mainstream consumer platform. These processors are drop-in compatible with current Coffee Lake and Z370 platforms, but are accompanied by a new Z390 chipset and associated motherboards as well. The highlights from this launch is the 8-core Core i9 parts, which include a 5.0 GHz turbo Core i9-9900K, rated at a 95W TDP.

Biggest news for me is that Intel unveiled that these new processors will switch from a cheap paste as thermal interface material between the die and the IHS to a layer of solder. This should greatly aid in cooling.