Linked by Thom Holwerda on Sun 3rd Sep 2017 17:56 UTC
Linux

We talked about postmarketOS back in late May, and this weekend the project published a summary of all the work they've done over the past 100 days.

What you see here is only the tip of the iceberg. So much work has gone into fixing bugs, and little improvements, that it would be ridiculous to go through the effort and list them all. The community has grown so fast in such a short time and we have people with all kinds of skills on board, ranging from Linux experts to kernel hackers to people who reverse engineer bootloaders (hi @McBitter!). We collaborate with people from other projects as well, such as @pavelmachek, who is close to using his N900 as a daily driver with his own distribution, recently just reached out to us.

So if you read through the whole post, you are probably interested in what we do. Consider contributing to the project, the entry barrier is really low. pmbootstrap automates everything for you and we are more than happy to help you through any issues you encounter in the chat. There are also a lot of opportunities to help with development, so there's plenty to do. And plenty of fun to have.

That's a lot of work for just 100 days.

 

Linked by Thom Holwerda on Sat 2nd Sep 2017 22:51 UTC
ReactOS

0.4.6 is a major step towards real hardware support. Several dual boot issues have been fixed and now partitions are managed in a safer way avoiding corruption of the partition list structures. ReactOS Loader can now load custom kernels and HALs.

Printing Subsystem is still greenish in 0.4.6, however Colin Finck has implemented a huge number of new APIs and fixed some of the bugs reported and detected by the ReactOS automated tests.

Regarding drivers, Pierre Schweitzer has added an NFS driver and started implementing RDBSS and RXCE, needed to enable SMB support in the future, Sylvain Petreolle has imported a Digital TV tuning device driver and the UDFS driver has been re-enabled in 0.4.6 after fixing several deadlocks and issues which was making it previously unusable. Critical bugs and leakages in CDFS, SCSI and HDAUDBUS have been also fixed.

That's some solid progress.

 



Linked by Thom Holwerda on Sat 2nd Sep 2017 00:43 UTC
OSNews, Generic OSes

The first ever commercial Asteroid OS smartwatch, Connect Watch, was revealed today by a French company going by the same name. A Wi-Fi only model and a 3G model were unveiled with prices 99€ and 129€ respectively. Sales for these watches will commence tomorrow. Connect watch aims to provide a free watch alternative to the Android Wear and Tizen watches. The watches are capable to function on their own without the need for a smartphone and the 3G model can perform calls as well.

Asteroid OS, for those of you who don't know, is a Nemo Mobile based open source smartwatch OS and thus shares a lot of blood with Sailfish OS. Spearheaded by a talented young programmer Florent Revest, The project has matured a lot in 2 years since it inception and garnered lot of interest around the world. Jolla's Sailfish OS for smartwatch demo displayed in Slush 2016 and MWC 2017 was also based on Asteroid OS. No Asteroid OS sync application for Sailfish OS is yet to be in development.

It's 2017, and I can post a news item about an alternative operating system shipping on a smartwatch.

Today was a good day.

 

Linked by Thom Holwerda on Sat 2nd Sep 2017 00:39 UTC
Windows

The Windows 10 Fall Creators Update now has a release date: October 17. Microsoft started finalizing the release last week, and we'd expect this release to follow the pattern seen in previous Windows updates: the final build will be done some time in September and roll out to members of the Windows Insider program's fast, slow, and release preview rings. Then it will hit Windows Update. From there, we'd expect a slow ramp up in availability.

Not the most substantial Windows update for regular users, but I do like the faster update cycle for Windows. I'm glad the monolithic releases of yore are gone for most users, while enterprise users are still able to opt for the Long Term Servicing Branch for the more monolithic approach.

 

Linked by Thom Holwerda on Sat 2nd Sep 2017 00:34 UTC
Android

The hardening of Android's userspace has increasingly made the underlying Linux kernel a more attractive target to attackers. As a result, more than a third of Android security bugs were found in the kernel last year. In Android 8.0 (Oreo), significant effort has gone into hardening the kernel to reduce the number and impact of security bugs.

Android Nougat worked to protect the kernel by isolating it from userspace processes with the addition of SELinux ioctl filtering and requiring seccomp-bpf support, which allows apps to filter access to available system calls when processing untrusted input. Android 8.0 focuses on kernel self-protection with four security-hardening features backported from upstream Linux to all Android kernels supported in devices that first ship with this release.

Is it common to have to backport security features of newer Linux versions to older ones? Or is this just a peculiarity of Android's Linux kernel being so far behind the times?

 

Linked by nfeske on Fri 1st Sep 2017 10:00 UTC
OSNews, Generic OSes

With version 17.08, the Genode OS project conquers the highly complex topic of hardware-accelerated graphics. In true microkernel fashion, Genode's new Intel-GPU multiplexer provides the bare minimum of functionality to enable (potentially untrusted) components to use the GPU without interfering with each other. Further highlights of the new release are the broadened support for the seL4 microkernel on ARM and 64-bit x86, the ability to boot via UEFI, and Genode's use as Xen DomU domain.

Seven years ago, the Genode developers took their first baby steps with the use of hardware-accelerated graphics. However, their original port of the Intel graphics execution manager along with Mesa/Gallium to the Genode user land never outgrew an experimental stage. One particular limitation was that the GPU could only be used by a single application exclusively. At that time, the secure sharing of GPUs among multiple - and potentially malicious - applications was an afterthought in the predominant driver architectures like Linux' DRI. A port of this driver architecture to Genode would not magically solve that.

In the meanwhile, hardware features like per-process graphics translation tables (PPGTT) and hardware contexts have proliferated and are now present in all modern Intel GPUs. What MMU-based virtual memory is to a CPU, these features are to a GPU. They in principle allow the sandboxed execution of GPU commands under the regime of a potentially very small GPU driver, analogously to how a microkernel facilitates an MMU to sandbox user-level components. However, with about 100K lines of code, Intel's official i915 driver stack as used in the Linux kernel is far from being small and simple. To put the number in perspective, modern microkernels like seL4 or NOVA consist of merely 10K lines of code. Inflating Genode's trusted computing base by on order of magnitude would be a tough decision. There had to be another way. Hence, one year ago, an experiment was started to develop a clean-slate GPU multiplexer as a Genode component. In contrast to the i915 driver stack that needs to accommodate a mind boggling number of legacy hardware that is still in broad use, Genode's custom GPU multiplexer could do a clear cut by only supporting very recent GPUs. The result is quite reassuring. At far less than 10K of code, Genode's new user-land GPU multiplexer is able to accommodate trusted and untrusted OpenGL applications side by side. The current release features the first version of this component along with several examples.

Besides the GPU topic, the new release comes with numerous other improvements. Most noteworthy is the ability to use Genode with the seL4 kernel on the ARM and 64-bit x86 architectures. The upgraded seL4 support also enables SMP on x86, priorities, and Genode's CPU-monitoring facilities. Following up on the big infrastructural changes of the previous releases, the current release comes with gradual refinements of the VFS infrastructure, the timing accuracy, and the package-management tools. The complete picture is presented in the official release documentation.

 

Linked by Thom Holwerda on Fri 1st Sep 2017 09:58 UTC
Apple

Apple finally has something to say about net neutrality. In its first comment to the FCC about proposed upcoming rollbacks to net neutrality rules, Apple writes:

Our deep respect for our customers' security, privacy, and control over personal information extends to our customers' broadband connectivity choices. We work hard to build great products, and what consumers do with those tools is up to them - not Apple, and not broadband providers. Apple therefore believes that the Federal Communications Commission should retain strong, enforceable open internet protections that advance the following key policy principles:

The comment's a good - albeit late - start, but it does leave some wiggle room, as it, for instance, doesn't advocate for keeping internet traffic under Title II. Apple is, at the very least, in good company, as a staggering 98.5% of all comments to the FCC were in favour of maintaining the United States' current strong net neutrality rules.

 

Linked by Thom Holwerda on Wed 30th Aug 2017 19:19 UTC
Apple

Mark Gurman has a major scoop about the next iPhone:

Apple Inc. plans to transform the way people use its next high-end iPhone by eliminating the concept of a home button and making other adjustments to a flagship device that's becoming almost all screen, according to images of the new device viewed by Bloomberg News and people familiar with the gadget.

The home button is the key to the iPhone and the design hasn't changed much since it launched in 2007. Currently, users click it to return to the starting app grid that greets them multiple times a day. They hold it down to talk to the Siri digital assistant. Double click it and you get multitasking where different apps screens can be swiped through like a carousel.

Apple is preparing three new iPhones for debut next month. One of the models, a new high-end device, packs in enough changes to make it one of the biggest iPhone updates in the product's decade-long history. With a crisper screen that takes up nearly the entire front, Apple has tested the complete removal of the home button - even a digital one - in favor of new gesture controls for tasks like going to the main app grid and opening multitasking, according to the people and the images.

I don't really dwell too much on iPhone rumours, but this one is an exception because one, it's about a major change to the core user interaction model of iOS and the iPhone, and two, I happen to know this rumour happens to be accurate.

The removal of the home button and replacing it with what is effectively a gesture area is probably the single-biggest user interface change in iOS since the day it was released, and it also happens to be yet another step in the enduring quest Android and iOS are on to become more like webOS. Steven-Troughton-Smith (go support his work!) showed a number of mockups to give a better idea of what it's going to look like.

Replacing the iconic home button with a gesture area is actually a pretty fundamental shift in the interaction model of iOS. It seems to indicate that Apple is confident enough that users are well-versed in touch interfaces enough to start "hiding" important, crucial interactions - like going back to the homescreen - behind gestures that are clearly less discoverable than that huge home button. Google did something similar - but far less consequential - by removing the "drawer" button in Android's dock with a swipe-up gesture.

If this trend persists, it would seem Apple's (and to a lesser extent, Google's) engineers think that the touch paradigm is old and established enough to be more abstract, which opens up a whole slew of other possibilities. Up until now, undiscoverable gestures were generally used for more power-user oriented interactions, but with this next iPhone, they will be used for basic, cornerstone iOS interactions.

 

Linked by Thom Holwerda on Wed 30th Aug 2017 19:01 UTC
Windows

The NYPD has to scrap the 36,000 smartphones it gave cops over the past two years because they're already obsolete and can't be upgraded, The Post has learned.

The city bought Microsoft-based Nokia smartphones as part of a $160 million NYPD Mobility Initiative that Mayor Bill de Blasio touted as "a huge step into the 21st century".

In 2014. They bought these in 2014.

In 2014.

 

Linked by Thom Holwerda on Tue 29th Aug 2017 21:43 UTC
PDAs, Cellphones, Wireless

Jämsänjoki update fixes dozens of bugs reported by our community, adds many improvements and new corporate features, like mobile device management (MDM), new Camera user interface with quick access from Lock Screen, smarter Calendar on Events, WPA2 Enterprise PEAP support, new VPN options (PPTP, L2TP), Bluez version 5 for Jolla C and much more.

At some point, I need to write a retrospective of some sort about Sailfish OS. My Jolla Phone and Tablet are collecting dust in a closet somewhere, so I might as well put them to good use.

In any event, Jolla also unveiled something called Sailfish X, which is a ROM image of Sailfish for the Sony Xperia X. Interestingly enough, the ROM image isn't free - it costs about €50 and requires a Linux PC to flash it onto the Xperia X you need to buy separately. Peculiar business model, but who knows - I've seen stranger things.

 

Linked by Thom Holwerda on Tue 29th Aug 2017 21:36 UTC
Android

With more than two billion active devices, Android is the largest mobile platform in the world. And for the past nine years, we've worked to create a rich set of tools, frameworks and APIs that deliver developers' creations to people everywhere. Today, we're releasing a preview of a new software development kit (SDK) called ARCore. It brings augmented reality capabilities to existing and future Android phones. Developers can start experimenting with it right now.

We've been developing the fundamental technologies that power mobile AR over the last three years with Tango, and ARCore is built on that work. But, it works without any additional hardware, which means it can scale across the Android ecosystem. ARCore will run on millions of devices, starting today with the Pixel and Samsung's S8, running 7.0 Nougat and above. We're targeting 100 million devices at the end of the preview. We're working with manufacturers like Samsung, Huawei, LG, ASUS and others to make this possible with a consistent bar for quality and high performance.

Essentially Google's answer to Apple's ARKit, and definitely a rebranding (at least partially) of Project Tango.

 

Linked by Thom Holwerda on Tue 29th Aug 2017 20:29 UTC
Gnome

Daniel Aleksandersen writes:

Jonas Ådahl from Red Hat has been busy adding new D-Bus APIs to libmutter. Mutter is the GNOME window manager and Wayland compositor. The two new APIs, org.gnome.Mutter.RemoteDesktop and org.gnome.Mutter.ScreenCast, expose a PipeWire stream containing the contents of the system's screens. The new APIs can create full-screen streams, or streams for individual windows. Only the former has been implemented.

These new APIs finally allows for services such as RDP and VNC servers and screen recording under Wayland. Once again, Mr. Åhdahl delivers! He has also created GNOME Remote Desktop, a new user-level systemd service daemon that is built on the new RemoteDesktop API in libmutter, plus VNC support from libvncserver. The new service can be used to connect up a remote VNC client to your local screen’s session. GNOME Remote Desktop appears to be a drop-in replacement for Vino server.

GNOME has been without its own Remote Desktop option since the switch to Wayland, and this work fills that gap.

 

Written by Thom Holwerda on Sat 26th Aug 2017 19:08 UTC
Games

So this happened, and half the internet is in a frenzy. Now, admittedly, it doesn't take much to frenzy the internet, but this is truly a doozy:

The lesson here is "never go to sleep". All sorts of things happen while people sleep. Cats go on adventures, presidents threaten nuclear war and, well, ex-Valve writers post thinly-disguised plot summaries of the unreleased and, so far as best guesses go, long-cancelled Half-Life 2: Episode 3. Long time Half-Life scribe, the excellent Marc Laidlaw (who left Valve last year), casually tossed out a link to his website last night, which led to a short story about Gertie Fremont, Alex Vaunt and their climactic battle against evil alien invaders the Disparate (the site's having a wobble, but the page is archived right here).

While that might sound like satirical tomfoolery, the actual story very much sounds like how the final chapter of Half-Life 3 could have played out. It involves time-travelling cruise liners, resurrected overlords, the heart of the Combine and the fate of one Doctor Gordon Freeman.

This is really happening.

Everything points to this being a thinly-veiled act of rebellion against Half-Life's creators never getting the chance to finish the story they were telling. Half-Life 2: Episode 2 ended on probably the biggest unfulfilled cliffhanger in gaming history, and for almost ten years now, we've been waiting for a continuation or a conclusion. This must be incredibly frustrating for the original creators of the Half-Life series, and honestly, I'm surprised it's taken them this long to start breaking rank.

From everything we've heard over the years, we can conclude that there will never be a Half-Life 3 or even an Episode 3. Many - if not most - of the original creators of Half-Life 1 and 2 have left Valve, and the company has little to no incentive to create a game that, like Duke Nukem Forever, will never live up to the hype they themselves created.

The established theory regarding why there's no Half-Life 3 or Episode 3 is that Valve wanted the game to be as defining and revolutionary as Half-Life 1 and Half-Life 2, but I think that's the wrong mindset to have. Gaming has come a long, long way since the late 90s and early 2000s, and over roughly the past decade or so there simply haven't been any games that rebooted or revolutionised entire genres, or established new ones. The only game I can think of in the past ten years that created a new genre of games and had an everlasting impact on the industry is Minecraft, and that was a fluke.

The industry is more mature, more settled now, and it's much harder to be revolutionary today than it was 20 years ago. The great games of today aren't revolutionary; they are evolutionary, perfecting and polishing established genres, taking them to new heights. Games like The Witcher 3 and Horizon: Zero Dawn aren't loved because they changed the industry; they're loved because they took existing genres and executed them in the very best ways the current generation of technologies allows us to do.

I see no reason why Half-Life 3 or Episode 3 should change the world or revolutionise what we think of as games. Just let it tell a great story with the characters we love, polish its chosen genre to perfection, and people will love it just as much 20 years from now as we love Half-Life 1 and 2 today.

 

Linked by Thom Holwerda on Sat 26th Aug 2017 19:08 UTC
In the News

Some light weekend reading: ethical guidelines for self-driving cars, as proposed by an ethics commission of the German government.

The technological developments are forcing government and society to reflect on the emerging changes. The decision that has to be taken is whether the licensing of automated driving systems is ethically justifiable or possibly even imperative. If these systems are licensed - and it is already apparent that this is happening at international level - everything hinges on the conditions in which they are used and the way in which they are designed. At the fundamental level, it all comes down to the following question. How much dependence on technologically complex systems - which in the future will be based on artificial intelligence, possibly with machine learning capabilities - are we willing to accept in order to achieve, in return, more safety, mobility and convenience? What precautions need to be taken to ensure controllability, transparency and data autonomy? What technological development guidelines are required to ensure that we do not blur the contours of a human society that places individuals, their freedom of development, their physical and intellectual integrity and their entitlement to social respect at the heart of its legal regime?

Cars are legalised murder weapons, and the car is probably one of the deadliest inventions of mankind. Self-driving cars, therefore, open up a whole Pandora's box oef ethical dilemmas, and it only makes sense for governments and lawmakers to start addressing these.

Beyond the ethics related to life and death, though, there are also simpler, more banal ethical considerations. What if, in the hunger for more profits, a car maker makes a deal with McDonalds, and tweaks its self-driving car software just a tad bit so that it drives customers past McDonalds more often, even if it increases total travel time? What if a car maker makes similar deals with major chains like Target, Walmart, and Whole Foods, so that smaller chains or independent stores don't even show up when you say "take me to the nearest place that sells X"? Is that something we should allow?

Should we even allow self-driving car software to be closed-source to begin with? Again - cars are legal murder weapons, and do we really trust car manufacturers enough not to cut corners when developing self-driving car software to meet deadlines or due to bad management or underpaid developers? Shouldn't all this development and all this code be out there for the world to see?

Interesting times ahead.

 

Linked by Thom Holwerda on Thu 24th Aug 2017 21:27 UTC
PDAs, Cellphones, Wireless Purism, maker of Linux laptops with Coreboot, have started started a crowdfunding campaign for their smartphone. Now, I rarely - if ever - link to crowdfunding campaigns (for obvious reasons), but I feel this one might just be quite, quite desirable for many OSNews readers.

Librem 5, the phone that focuses on security by design and privacy protection by default. Running Free/Libre and Open Source software and a GNU+Linux Operating System designed to create an open development utopia, rather than the walled gardens from all other phone providers.

A fully standards-based freedom-oriented system, based on Debian and many other upstream projects, has never been done before - we will be the first to seriously attempt this.

The Librem 5 phone will be the world's first ever IP-native mobile handset, using end-to-end encrypted decentralized communication.

It'll have hardware killswitches for the camera, microphone, WiFi, and the baseband. I wish the team a lot of luck - they'll need it, because making a phone is hard.

 

Linked by Thom Holwerda on Wed 23rd Aug 2017 23:11 UTC
Android

This is a pretty big change, detailed only a few days ago.

Eagle-eyed users of Android O will have noticed the absence of the 'Allow unknown sources' setting, which has existed since the earliest days of Android to facilitate the installation of apps from outside of Google Play and other preloaded stores. In this post we'll talk about the new Install unknown apps permission and the security benefits it brings for both Android users and developers.

Google goes into more detail a few paragraphs down:

In Android O, the Install unknown apps permission makes it safer to install apps from unknown sources. This permission is tied to the app that prompts the install - just like other runtime permissions - and ensures that the user grants permission to use the install source before it can prompt the user to install an app. When used on a device running Android O and higher, hostile downloaders cannot trick the user into installing an app without having first been given the go-ahead.

This new permission provides users with transparency, control, and a streamlined process to enable installs from trusted sources. The Settings app shows the list of apps that the user has approved for installing unknown apps. Users can revoke the permission for a particular app at any time.

Good move.

 

Linked by Thom Holwerda on Wed 23rd Aug 2017 23:03 UTC
Android

Samsung has finally unveiled the Galaxy Note8, revealing the (rather heavily-leaked) device at its Unpacked event in New York City today. You won't be surprised to know that it comes with little in the way of surprises. It's basically a bigger Galaxy S8+ with a stylus and dual cameras.

The Note8 is something of a chance for Samsung to make things up to fans of the Note series, after the Note7 was forced off shelves because of defective batteries that led to the smartphone catching fire. Knowing that Note fans were deprived of a generation of hardware, Samsung is likely eager to capitalize on the eagerness of said fanatics to finally upgrade.

I'm not the target market for a Note, but you have to admit - these recent Samsung flagships are a far, far cry from the ugly, plasticky crap they used to make. There's no accounting for tastes - or practicality - but this Note 8 is a beautiful piece of engineering.

 

Linked by Thom Holwerda on Wed 23rd Aug 2017 22:59 UTC
General Development

David Hermann writes:

Later this year, on November 21, 2017, D-Bus will see its 15th birthday. An impressive age, only shy of the KDE and GNOME projects, whose collaboration inspired the creation of this independent IPC system. While still relied upon by the most recent KDE and GNOME releases, D-Bus is not free of criticism. Despite its age and mighty advocates, it never gained traction outside of its origins. On the contrary, it has long been criticized as bloated, over-engineered, and orphaned. Though, when looking into those claims, you’re often left with unsubstantiated ranting about the environment D-Bus is used in. If you rather want a glimpse into the deeper issues, the best place to look is the D-Bus bug-tracker, including the assessments of the D-Bus developers themselves. The bugs range from uncontrolled memory usage, over silent dropping of messages, to dead-locks by design, unsolved for up to 7 years. Looking closer, most of them simply cannot be solved without breaking guarantees long given by dbus-daemon(1), the reference implementation. Hence, workarounds have been put in place to keep them under control.

Nevertheless, these issues still bugged us! Which is, why we rethought some of the fundamental concepts behind the shared Message Buses defined by the D-Bus Specification. We developed a new architecture that is designed particularly for the use-cases of modern D-Bus, and it allows us to solve several long standing issues with dbus-daemon(1). With this in mind, we set out to implement an alternative D-Bus Message Bus. Half a year later, we hereby announce the dbus-broker project!

 

Linked by Thom Holwerda on Tue 22nd Aug 2017 22:09 UTC
Apple

Just a scanned PDF version of the Apple IIe design guidelines.

This guide is divided into two parts. Part I contains recommendations to softqare, firmware and hardware designers who want their products to work smoothly with the Apple IIe, as well as the Apple II and II Plus. These recommendations pertain to the interface between Apple II Series computers and the products that are to work with them.

Part II pertains to the interface between software products and their human users. The recommendations in this section of the guide apply to designers of software for Apple IIIs as well as Apple IIs. The user interface guidelines derive from the experience of countless Apple II and III users, as observed by more than a dozen computer and teaching professionals. These guidelines should make it easier for both programmers and users to create and benefit from the tools that Apple computers put at their disposal.

An awesome read.

 

Linked by Thom Holwerda on Tue 22nd Aug 2017 19:19 UTC
Google

Since we launched Chrome OS in 2009, our goal has been to build the simplest, fastest, and most secure operating system possible. And we've been inspired by all the ways we've seen businesses embrace Chrome, from Chromebooks in the office, to shared Chrome devices in the field, to signage and kiosks for customer engagement in retail. But with so many different business needs - not to mention so many different devices - companies have also told us they want a single, cost-effective solution that gives them the flexibility and control to keep their employees connected. That's why today we're announcing Chrome Enterprise.

Chrome Enterprise offers a host of features, including access to enterprise app storefronts,  deep security controls, 24/7 support, as well as integration with cloud and on-premise management tools, VMware Workspace ONE and Microsoft Active Directory.

Chrome OS keeps marching on.