Microsoft has been working on allowing driver developers to write Windows drivers in Rust, and the company has published a progress report detailing this effort. In the windows-drivers-rs GitHub repository you’ll find a bunch of Rust crates for writing Windows drivers in Rust.
Using these crates, driver developers can create valid WDM, KMDF, and UMDF driver binaries that load and run on a Windows 11 machine.
[…]
Drivers written in this manner still need to make use of unsafe blocks for interacting with the Windows operating system, but can take advantage of Rust’s rich type system as well as its safety guarantees for business logic implemented in safe Rust. Though there is still significant work to be done on abstracting away these unsafe blocks (more on this below), these Rust drivers can load and run on Windows systems just like their C counterparts.
As mentioned above, there’s still work to be done with reducing the amount of unsafe Rust code in these drivers, and Microsoft is working on just that. The company is developing safe Rust bindings and abstractions, as well as additional safe structs and APIs beyond the Windows Driver Framework, but due to the complexity of Windows drivers, this will take a while.
Microsoft states that it believes memory-safe languages like Rust are the future of secure software development, but of course, in true Microsoft fashion, the company doesn’t want to alienate developers writing traditional drivers in C either.
In 9front, we host almost all parts of our development process on 9front — the git repositories, the mailing list, the ci/cd, the web site, and everything else. (The exception is #cat-v IRC) We use the system regularly, both when hacking on the system and in our personal use.
Personally, I write most of my code on Plan 9, read my emails there, and often drive Linux from there. I run my home network off of a 9front CPU server, and host my websites off it. I know other people around 9front do similar.
It clearly shows, too. If you dive into the 9front community, you’ll quickly realise everything runs on 9front, and that does create a sense that the operating system is capable, and that its developers have confidence and pride in their work. Exploring 9front myself, it feels awesome to see that all the documentation I’m reading is being hosted on 9front machines.
I’m going to relaunch the OSNews Gemini capsule, this time hosted on 9front, and since countless 9front users host their own Gemini capsules on 9front, I feel confident that I’ve got people to talk to when I need help. I just need the time to actually sit down and figure out the minutiae of 9front, because it truly is unique.
A little over a year ago, DC District Court Judge Amit Mehta ruled that Google is a monopolist and violated US antitrust law. Today, Mehta ruled that while Google violated the law, there won’t be any punishment for the search giant. They don’t have to divest Chrome or Android, they can keep paying third parties to preload their services and products, and they can keep paying Apple €20 billion a year to be the default search engine on iOS.
Mehta declined to grant some of the more ambitious proposals from the Justice Department to remedy Google’s behavior and restore competition to the market. Besides letting Google keep Chrome, he’ll also let the company continue to pay distribution partners for preloading or placement of its search or AI products. But he did order Google to share some valuable search information with rivals that could help jumpstart their ability to compete, and bar the search giant from making exclusive deals to distribute its search or AI assistant products in ways that might cut off distribution for rivals.
Mehta granted Google a massive win here, further underlining that as long as you’re wealthy, a corporation, or better yet, both, you are free to break the law and engage in criminal behaviour. The only thing you’ll get is some mild negative press and a gentle pat on the wrist, and you can be on your merry way to continue your illegal behaviour. None of it is surprising, except perhaps for the brazenness of the class justice on display here.
The events during and course of this antitrust case mirrors those of the antitrust case involving Microsoft, over 25 years ago. Microsoft, too, had a long, documented, and proven history of illegal behaviour, but like Google today, also got away with a similar gentle pat on the wrist. It’s likely that the antitrust cases currently running against Apple and Amazon will end in similar gentle pats on the wrist, further solidifying that you can break the law all you want, as long as you’re rich.
For an operating system that was once incredibly popular and expected to become a standard for a long time to come, it’s remarkable how little experience most people have with CP/M. In fact, many conventions and historical limitations you might be aware of – like the 8.3 filename convention of DOS – come straight from CP/M, as it influenced DOS considerably. It’s quite easy to emulate CP/M today, but it’s just old and different enough that getting into it might be a but confusing, but that’s where Eerie Linux’s introduction to CP/M comes into play.
This article is just what the headline promises: an introduction to the CP/M operating system. No previous knowledge of 1970s and early ’80s operating systems is required. However, some familiarity with Linux or a BSD-style operating system is assumed, as the setup process suggested here involves using a package manager and command-line tools. But why explore CP/M in the 2020s? There are (at least) two good reasons: 1) historical education 2) gaining a better understanding of how computers actually work.
This article is a great way to get up and running with CP/M fairly quickly, and I intend to do just that when I find some time to mess around with it. What are some of the core, crucial applications that one should try on CP/M? Things people would be using back when CP/M was properly in use?
My goal with this article is to share my perspectives on the web, as well as introduce many aspects of modern HTML/CSS you may not be familiar with. I’m not trying to make you give up JavaScript, I’m just trying to show you everything that’s possible, leaving it up to you to pick what works best for whatever you’re working on.
I think there’s a lot most web developers don’t know about CSS.
And I think JS is often used where better alternatives exist.
As someone who famously can’t program, the one thing I like about CSS is that I find it quite readable and generally easy to figure out how I can change things like colours, fonts, and so on. Of course, anything more complex will still break my brain, but even the more complex elements are still at least nominally readable, and it’s often quite easy to determine what a piece of CSS does, even if I don’t know how to manipulate it or how to get even close to any desired result. It’s like how the fact I learned Latin and French in high school makes it possible for me to nominally understand a text in Spanish, even if I have never spent a single second studying it.
JavaScript, on the other hand, is just a black box, incomprehensible gibberish I can’t make heads or tails of, which in my mind goes against what the web is supposed to be about. The web is supposed to be an open platform in more ways than one, and the ability to make a website should not be hidden behind complex programming languages or website builder gatekeepers. The fact JavaScript is a resource hog and misused all over the place sure doesn’t help, either.
If you want to know more about the current state of CSS, the linked article by Lyra Rebane is a great place to start. I wish I had the skills to finally give OSNews a full makeover, but alas, I don’t.
Jussi Pakkanen, creator of the Meson build system, has some words about modules in C++.
If C++ modules can not show a 5× compilation time speedup (preferably 10×) on multiple existing open source code base, modules should be killed and taken out of the standard. Without this speedup pouring any more resources into modules is just feeding the sunk cost fallacy.
That seems like a harsh thing to say for such a massive undertaking that promises to make things so much better. It is not something that you can just belt out and then mic drop yourself out. So let’s examine the whole thing in unnecessarily deep detail. You might want to grab a cup of $beverage before continuing, this is going to take a while.
The months keep slipping through our fingers, during this, our slow but relentless march towards the inevitability of certain death, so it’s time for another month of improvements to Redox, the general-purpose microkernel operating system written in Rust. This past month the work to bring various components of system76’s COSMIC desktop environment to Redox continues, with COSMIC Reader making its way to Redox. Jeremy Soller, creator of the Redox project and one of its primary engineers, will be using COSMIC Reader running on Redox to hold a presentation about Redox at RustConf.
Aside from that important port, this month – in the middle of Summer on in this hemisphere – seems to mostly consist of a ton of smaller bugfixes and improvements. Relibc, Redox’ C standard library, has seen a ton of work, as usual, a few ports were fixed and updated, like vim and OpenSSH, Orbital now has fullscreen support, and so, so much more.
DistroWatch’s Jesse Smith is bringing some attention to an issue I have never encountered and had never heard of, and it has to do with antivirus software on Windows. It seems it’s not uncommon for antivirus software on Windows to mark Linux ISOs as malware or otherwise dangerous, and it seems people are reporting these findings to DistroWatch, for some reason. DistroWatch makes it clear they don’t host any of the ISOs, and that close to all of these warnings from antivirus software are false positives.
So why do multiple Windows virus scanners report that they find malware in Linux downloads? Putting aside the obvious conspiracy theories about anti-virus vendors not wanting to lose customers, what is probably happening is the scanners are detecting an archive file (the ISO) which contains executable code, and flagging it as suspicious. Some of the code is even able to change the disk layout, which is something that looks nasty from a security point of view. It’s entirely understandable that a malware scanner which sees an archive full of executable code that could change the way the system boots would flag it as dangerous.
I wonder how many people curious about Linux downloaded an ISO, only to delete is after their Windows antivirus marked it as dangerous. I can’t imagine the number to be particularly high – if you’re downloading a Linux ISO, you’re probably knowledgeable enough to figure out it’s a false positive – but apparently it’s a big enough issue that DistroWatch needs to inform its readers about it, which is absolutely wild to me.
Another small release for the IceWM window manager – one of the staples of the open source world. IceWM 3.9.0 seems focused mostly on cursor-related changes, as it adds libXcursor as an alternative to XPM cursors. This means IceWM is no longer dependent on libXpm, and gains the benefits that come with Xcursor. There’s the usual few bugfixes and translation updates as well.
I stumbled upon an LWN.net article from 2023, in which Lars Wirzenius, a long-time Debian developer and friend of Linus Torvalds, recalls the very early days of Linux – in fact, before it was even called Linux. There’s so many fun little stories in here, like how the Linux kernel started out as a multitasking demo written in x86 assembly, which did nothing more than write As and Bs on the screen, or the fact Linux was originally called Freax before Ari Lemmke, one of the administrators of ftp.funet.fi, opted for the name “Linux” when uploading the first release.
However, my favourite story is about what installing Linux was like during those early days.
During this time, people were interested in trying out this new thing, so Linus needed to provide an installation method and instructions. Since he only had one PC, he came to visit to install it on mine. Since his computer had been used to develop Linux, which had simply grown on top of his Minix installation, it had never actually been installed before. Thus, mine was the first PC where Linux was ever installed. While this was happening, I was taking a nap, and I recommend this method of installing Linux: napping, while Linus does the hard work.
The entire article is a joy to read, and since it’s from 2023, I’m sure I’m late to the party and none of it is news to many of you. On a more topical note, Wirzenius published a short article today detailing why he still uses Debian, after all these decades.
I am a huge fan of my Rock 5 ITX+. It wraps an ATX power connector, a 4-pin Molex, PoE support, 32 GB of eMMC, front-panel USB 2.0, and two Gen 3×2 M.2 slots around a Rockchip 3588 SoC that can slot into any Mini-ITX case. Thing is, I never put it in a case because the microSD slot lives on the side of the board, and pulling the case out and removing the side panel to install a new OS got old with a quickness.
I originally wanted to rackmount the critter, but adding a deracking difficulty multiplier to the microSD slot minigame seemed a bit souls-like for my taste. So what am I going to do? Grab a microSD extender and hang that out the back? Nay! I’m going to neuralyze the SPI flash and install some Kelvin Timeline firmware that will allow me to boot and install generic ARM Linux images from USB.
Using EDK2 to add UEFI to an ARM board is awesome, as it solves some of the most annoying problems of these ARM boards: they require custom images specifically prepared for the board in question. After flashing EDK2 to this board, you can just boot any ARM Linux distribution – or Windows, NetBSD, and so on – from USB and install it from there. There’s still a ton of catches, but it’s a clear improvement.
The funniest detail for sure, at least for this very specific board, is that the SPI flash is exposed as a block device, so you can just use, say the GNOME Disk Utility to flash any new firmware into it. The board in question is a Radxa ROCK 5 ITX+, and they’re not all that expensive, so I’m kind of tempted here. I’m not entirely sure what I’d need yet another computer for, honestly, but it’s not like that’s ever stopped any of us before.
If you’re of a certain age (and not American), there’s a specific corporate font you’re most likely aware of. You may not know its exact name, and you may not actively remember it, but once you see it, you know exactly what you’re looking at. The font’s called Nokia Sans (and Nokia Serif), and it was used by pretty much every single Nokia device between roughly 2002 and 2013 or so, when it was replaced by a very bland font made by Bruno Maag (with help from the person who designed Comic Sans) that they used after that.
I can’t remember why, exactly, but I got majorly nostalgic for Nokia’s characteristic, recognisable font, and decided to see if it would work as a user interface font. Now, the font is still owned by Nokia and I couldn’t find a proper place to download it, but I eventually stumbled upon a site that had each individual variant listed for download. I downloaded each of them, installed them using KDE’s font installation method, and tried it out as my user interface font.
You’ll quickly discover you shouldn’t use the regular variant, but should instead opt for the Nokia Sans Wide variant. Back in 2011, when Nokia originally announced it was replacing Nokia Sans, the creator of the font, Erik Spiekermann, responded to the announcement on his blog. Apparently, one of the major reasons for Nokia to change fonts was that they claimed Nokia Sans wouldn’t work as a user interface font, but Spiekermann obviously disagrees, pointing specifically to the Wide variant. In fact, Spiekermann does not pull any punches.
After 10 years it was high time to look at Nokia’s typefaces as the dominant visual voice of the brand but whoever decided on a completely new direction was either not aware of what was available or was persuaded by Bruno Maag to start over. Bruno may not create the most memorable typefaces, but he certainly knows how to sell them. And technically, their fonts are excellent. Too bad they didn’t have the confidence to work with me on an update. Instead they’re throwing out ten years of brand recognition in favour of blandness.
I was pleasently surprised by just how nice the font looks when used as a general user interface font. It’s extremely legible at a variety of sizes, and has a ton of character without becoming gimmicky or overbearing. What originally started as mere curiosity has now become my UI font of choice on all my machines, finally displacing Inter after many years of uncontested service. Of course, all of this is deeply personal and 95% an issue of taste, but I wanted to write about it to see if I’m just entirely crazy, or if there’s some method to my madness.
Do note that I’m using high DPI displays, and KDE on Wayland, and that all of this may look different on Windows or macOS, or on displays with lower DPI. One of Inter’s strengths is that it renders great on both high and lower DPI displays, but since I don’t have any lower DPI displays anymore, I can’t test it in such an environment. I’m also not entirely sure about the legal status of downloading fonts like this, but I am fairly sure you’re at least allowed to use non-free fonts for personal, non-commercial use, but please don’t quote me on that. Since downloading each variant of these Nokia fonts is annoying, I’d love to create and upload a zip file containing all of them, but I’m sure that’s illegal.
I’m not a font connoisseur, so I may be committing a huge faux pas here? Not that I care, but reading about font nerds losing their minds over things I never even noticed is always highly entertaining.
Blocky Planet is a tech demo I created in the Unity game engine that attempts to map Minecraft’s cubic voxels onto a spherical planet. The planet is procedurally generated and fully destructible, allowing players to place or remove more than 20 different block types.
While much of the implementation relies on common techniques you’d expect from your average Kirkland brand Minecraft clone, the spherical structure introduces a number of unique design considerations. This post will focus on these more novel challenges.
What a great read. Turning a ‘flat earth’ game like Minecraft into something taking place on a spherical world seems impossible at first, but it seems Bowerbyte managed to do it. If you’ve ever wondered what it would be like to play a Minecraft-like game on an actual sphere, this is it.
Genode 25.08 is ripe with deeply technical topics that have been cooking since the beginning of the year or even longer. In particular our new kernel scheduler as the flagship feature of this release has been in the works since February 2024. Section Kernel scheduling for fairness and low latency tells its background story and explains the approach taken. Another culmination of a long-term endeavor is the introduction of an alternative to XML syntax, specifically designed for the usage patterns of Genode and Sculpt OS. Section Consideration of a lean alternative to XML kicks off the practical evaluation of an idea that gradually evolved over more than two years. Also the holistic storage optimizations presented in Section Block-storage stack renovations are the result of careful long-term analysis, planning, and execution.
While these are the three tentpole features for this release, there’s a whole lot more here, as well. Genode’s Linux-based PC device drivers have all been updated to Linux 6.12, there are a ton of fixes related to USB, optional EFI boot support in VirtualBox 6, and tons more.
Open source, the thing that drives the world, the thing Harvard says has an economic value of 8.8 trillion dollars (also a big number). Most of it is one person. And I can promise you not one of those single person projects have the proper amount of resources they need. If you want to talk about possible risks to your supply chain, a single maintainer that’s grossly underpaid and overworked. That’s the risk. The country they are from is irrelevant.
If the massive corporations that exploit the open source world for massive personal profit don’t want to contribute back, perhaps it’s time we start making them.
I envision an European Economic Area-wide “open source contribution tax”, levied against any technology corporation operating within the European Economic Area, whether they actually make use of open source code or not, not entirely unlike how insurance works – you pay into it even if you don’t make any claims. Such tax could be based on revenue, number of users, or any combination thereof or other factors. The revenue from this open source contribution tax is put into an EEA-wide fund and redistributed to EEA-based open source maintainers in the form of a monetary subsidy.
Such types of taxes and money redistribution frameworks already exist in virtually every country for a whole wide variety of purposes and in a wide variety of forms, both in non-commercial and commercial settings. While it may seem complicated at first, it really isn’t. The most difficult aspect is definitely figuring out who, exactly, would be eligible to receive the subsidy and how much, but that, too, is a question both governments and commercial entities answer every single day. No, it will never be perfect, and some people will receive a subsidy who shouldn’t, and some who should receive it will not, but if that’s a valid reason not to implement a tax like this, no tax or insurance should be implemented.
The benefits are legion. Of course, there is the primary benefit of alleviating the thousands of open source maintainers who form the backbone of pretty much out entire digital infrastructure, which in and of itself should be reason enough. On top of that, it would also strengthen the open source world – on which, I wish to reiterate, our entire digital infrastructure is built – against the kind of infiltration we saw with XZ Utils. And to put another top on top of that, it would cement Europe, or the EEA more specifically, as the hub for open source development, innovation, and leadership, and would surely attract countless open source maintainers to relocate to Europe. In other words, it would serve the grander European ambition to become less dependent on the criminal behaviour US tech giants and the erratic behaviour of the US government.
We can either wait indefinitely for those who exploit the free labour of open source maintainers to contribute, or we make them.
A long, long time ago, Android treated browser tabs in a very unique way. Individual tabs were were seen as ‘applications’, and would appear interspersed with the recent applications list as if they were, indeed, applications. This used to be one of my favourite Android features, as it made websites feel very well integrated into the overall user experience, and gave them a sense of place within your workflows.
Eventually, though, Google decided to remove this unique approach, as we can’t have nice things and everything must be bland, boring, and the same, and now finding a website you have open requires going to your browser and finding the correct tab. More approachable to most people, I’d wager, but a reduction in usability, for me. I still mourn this loss.
Similarly, we’ve seen a huge increase in the use of in-application browsers, a feature designed to trap users inside applications, instead of letting them freely explore the web the moment they click on a link inside an application. Application developers don’t want you leaving their application, so almost all of them, by default, will now open a webview inside the application when you click on an outbound link. For advertising companies, like Google and Facebook, this has the additional benefit of circumventing any and all privacy protections you may have set up in your browser, since those won’t apply to the webview the application opens.
This sucks. I hate in-application browsers with a passion. Decades of internet use have taught me that clicking on a link means I’m opening a website in my browser. That’s what I want, that’s what I expect, and that’s how it should be. In-application webviews entirely break this normal chain of events; not because it improves the user experience, but because it benefits the bottom line of others.
It’s also a massive security risk.
Worst of all, this switch grants these apps the ability to spy and manipulate third-party websites. Popular apps like Instagram, Facebook Messenger and Facebook have all been caught injecting JavaScript via their in-app browsers into third party websites. TikTok was running commands that were essentially a keylogger. While we have no proof that this data was used or exfiltrated from the device, the mere presence of JavaScript code collecting this data combined with no plausible explanation is extremely concerning.
Open Web Advocacy has submitted a detailed and expansive report to the European Commission detailing the various issues with these in-application browsers, and suggests a number of remedies to strengthen security, improve privacy, and preserve browser choice. I hope this gets picked up, because in-application browsers are just another way in which we’re losing control over our devices.
You already need custom scripts and third-party applications that make custom Windows ISOs to make installing Windows somewhat bearable – unless you enjoy spending hours manually disabling all the anti-user settings in Windows – and now there’s another setting to add to the massive, growing list of stuff you have to fix after setting up a new Windows installation. Microsoft has announced that Word will start saving every new file to OneDrive (or another provider if you’ve installed one) by default.
We are modernizing the way files are created and stored in Word for Windows! Now you don’t have to worry about saving your documents: Anything new you create will be saved automatically to OneDrive or your preferred cloud destination.
There’s the usual spiel of how this is safer and supposedly more convenient, but I suspect the real reason Microsoft is doing this is listed right there at the end of the list of supposed benefits: this enables the use of Copilot’s “AI” features right from the beginning. In other words, by automatically saving your new Word documents to OneDrive by default, you’re giving Microsoft access to whatever you write for “AI” training purposes.
The setting can be changed, but defaults matter and few people change them. It’s also possible to set another provider than OneDrive as your online storage, but again – defaults matter. In fact, I wouldn’t be surprised if few people will even realise their Word documents will be stored not on their local PC, but on Microsoft’s servers.
We usually at least recognize old computer hardware and software names. But Asianmoetry taught us a new one: Pick OS. This 1960s-era system was sort of a database and sort of an operating system for big iron used by the Army. The request was for an English-like query language, and TRW assigned two guys, Don Nelson and Dick Pick, to the job.
The planned query language would allow for things like “list the title, author, and abstract of every transportation system reference with the principal city ‘Los Angeles’.” This was GIM or generalized information management, and, in a forward-looking choice, it ran in a virtual machine.
The linked article is a short summary of a YouTube video by the YouTube channel Asianometry, which goes into a lot more detail about Pick OS, where it came from, what it can do, who the people involved were, and where Pick OS eventually ended up. I had never heard of this system before, and it’s easy to see why – not only was it used almost exclusively in vertically integrated complete solutions, it was also whitelabeled, so it existed under countless different names.
Regardless, it seems the people who actually had to use it were incredibly enthusiastic about it, and to this day you can read new comments from people fondly remembering how easy to use it was. It has always been proprietary, and still is to this day, apparently owned by a company called Rocket Software, who don’t seem to actually be doing anything with it.
While Nix and NixOS get all the attention when it comes to declarative package management, there are other, competing implementations of the same general idea. Guix, developed as part of the GNU Project, was originally based on Nix, but grew into its own thing. The project recently announced a major change to how it packages Rust and its countless dependencies and optional ‘crates’.
We have changed to a simplified Rust packaging model that is easier to automate and allows for modification, replacement and deletion of dependencies at the same time. The new model will significantly reduce our Rust packaging time and will help us to improve both package availability and quality.
I hear people talk about Nix and NixOS all the time – I tried it myself, too, but I felt I was using an IBM z17 mainframe to watch a YouTube video – and in fact, Nix has kind of become a meme in and of itself, but you never hear people talk about Guix. With this being OSNews, I’m assuming there’s going to be people here using it, and I’m incredibly curious about your experiences. What are the features and benefits that make you use it?
If you’re curious – the best way to try Guix is probably to install the GNU Guix System, the Linux distribution built around Guix and Shepard, GNU’s alternative init system. It’s available for i686, x86_64, ARMv7, and AArch64, and can be virtualised too, of course.
