Backdoor in upstream xz/liblzma leading to SSH server compromise

After observing a few odd symptoms around liblzma (part of the xz package) on Debian sid installations over the last weeks (logins with ssh taking a lot of CPU, valgrind errors) I figured out the answer:

The upstream xz repository and the xz tarballs have been backdoored.

At first I thought this was a compromise of debian’s package, but it turns out to be upstream.

↫ Andres Freund

I don’t normally report on security issues, but this is a big one not just because of the severity of the issue itself, but also because of its origins: it was created by and added to upstream xz/liblzma by a regular contributor of said project, and makes it possibly to bypass SSH encryption. It was discovered more or less by accident by Andres Freund.

I have not yet analyzed precisely what is being checked for in the injected code, to allow unauthorized access. Since this is running in a pre-authentication context, it seems likely to allow some form of access or other form of remote code execution.

↫ Andres Freund

The exploit was only added to the release tarballs, and not present when taking the code off GitHub manually. Luckily for all of us, the exploit has only made it way to the most bloodiest of bleeding edge distributions, such as Fedora Rawhide 41 and Debian testing, unstable and experimental, and as such has not been widely spread just yet. Nobody seems to know quite yet what the ultimate intent of the exploit seems to be.

Of note: the person who added the compromising code was recently added as a Linux kernel maintainer.

A used ThinkPad is a better deal than a new cheap laptop

Since the technology industry and associated media outlets tend to focus primarily on the latest and greatest technology and what’s right around the corner, it sometimes seems as if the only valid option when you need a new laptop, phone, desktop, or whatever is to spend top euro on the newest, most expensive incarnations of those. But what if you need, say, a new laptop, but you’re not swimming in excess disposable income? Or you just don’t want to spend 1000-2000 euro on a new laptop?

The tech media tends to have an answer for this: buy something like a cheap Chromebook or an e-waste €350 Windows laptop and call it a day – you don’t deserve a nice experience. However, there’s a far better option than spending money on a shackled Chromebook or an underpowered bottom-of-the-barrel Windows laptop: buy used. Recently, I decided to buy a used laptop, and I set it up how I would set up any new laptop, to get an idea of what’s out there. Here’s how it went.

For this little experiment, I first had to settle on a brand, and to be brutally honest, that was an easy choice. ThinkPads seems to be universally regarded as excellent choices for a used laptop for a variety of reasons which I’ll get to later. After weighing some of the various models, options, and my budget, I decided to go for a Lenovo ThinkPad T450s for about €150, and about a week later, the device arrived at my local supermarket for pickup.

Before I settled on this specific ThinkPad, I had a few demands and requirements. First and foremost, since I don’t like large laptops, I didn’t want anything bigger than roughly 14″, and since I’m a bit of a pixel count snob, 1920×1080 was non-negotiable. Since I already have a Dell XPS 13 with an 8th Gen Core i7, I figured going 3-4 generations older seemed like it would give me at least somewhat of a generational performance difference. An SSD was obviously a must, and as long as there were expansion options, RAM did not matter to me.

The T450s delivered on all of these. It’s got the 1920×1080 14″ IPS panel (there’s also a lower resolution panel, so be sure to check you’re getting the right one), a Core i5-5300U with 2 cores and 4 threads with a base frequency of 2.30GHz and a maximum boost frequency of 2.90GHz, Intel HD 5500 graphics, a 128GB SATA SSD, and 4GB of RAM. Since 4GB is a bit on the low side for me, I ordered an additional 8GB SO-DIMM right away for €35. This brought the total price for this machine to €185, which I considered acceptable. For that price, it also came with its Windows license, for whatever that’s worth.

I don’t want to turn this into a detailed review of a laptop from 2015, but let’s go over what it’s like to use this machine today. The display cover is made of carbon-reinforced plastic, and the rest of magnesium. You can clearly feel this laptop is of a slightly older vintage, as it feels a bit more dinkey than I’m used to from my XPS 13 9370 and my tiny Chuwi MiniBook X (2023). It doesn’t feel crappy or cheap or anything – just not as solid as you might expect from a modern machine.

It’s got a whole load of ports to work with, though, which is refreshing compared to the trend of today. On the left side, there’s a smartcard slot, USB 3.0, mini DisplayPort, another USB 3.0, and the power connector. On the right side, there’s a headphone jack, an SD card slot, another USB 3.0 port, an Ethernet jack, and a VGA port. On the bottom of the laptop is a docking port to plug it into various docking stations with additional ports and connectors. On the inside, there’s a free M.2 slot (a small 2242 one).

First, I eradicated Windows from the SSD because while I’m okay with an outdated laptop, I’m not okay with an outdated operating system (subscribe to our Patreon to ensure more of these top-quality jokes). After messing around with various operating systems and distributions for a while, I got back to business and installed my distribution of choice, Fedora, but I did opt for the Xfce version instead of my usual KDE one just for variety’s sake.

ThinkPads tend to be well-supported by Linux, and the T450s is no exception. Everything I could test – save for the smartcard reader, since I don’t have a smartcard to test it with – works out of the box, and nothing required any manual configuration or tweaking to work properly. Everything from trackpad gestures to the little ThinkLight on the lid worked perfectly, without having to deal with hunting for drivers and that sort of nonsense Windows users have to deal with. This is normal for most laptops and Linux now, but it’s nice to see it applies to this model as well.

Using the T450s was… Uneventful. Applications open fast, there’s no stutter or lag, and despite having just 2 cores and 4 threads, and a very outdated integrated GPU, I didn’t really feel like I was missing out when browsing, doing some writing and translating (before I quit and made OSNews my sole job), watching video, those sorts of tasks. This isn’t a powerhouse laptop for video editing, gaming, or compiling code or whatever, but for everything else, it works great.

After I had set everything up the way I like, software-wise, I did do some work to make the machine a bit more pleasant to use. First and foremost, as with any laptop or PC that’s a little older, I removed the heatsink assembly, cleaned off the crusty old thermal paste, and added some new, fresh paste. I then dove into the fan management, and installed zcfan, a Linux fan control daemon for ThinkPads, using its default settings, and created a systemd service to have it start automatically. Additionally, I checked which codecs the Intel HD 5500 supports, as well as what Firefox reported as working, and then used enhanced-h264ify to disable VP9 on YouTube, since the HD 5500 cannot hardware-accelerate decoding VP9.

The end result is a fan that pretty much never turns on. Which is the only fan I like.

Expand and repair

As happy as I am with the ThinkPad, though, it has some serious flaws stemming from it being a used laptop. The included battery holds very little charge, there’s a red splotch on the display, and the keyboard uses the Swedish layout instead of the US (International) we use in The Netherlands, and it’s also not backlit, which is a big problem if you live in the Arctic and it’s dark during daytime. Luckily, here we run into the true reason why I feel ThinkPads are the best option for used laptops: parts availability for ThinkPads is exceptional.

Let’s fix the flaws, shall we?

The T450s has an interesting battery configuration: there’s space for an internal battery, as well as a ‘junk in the trunk’-style external one. Replacements for these in various capacities are readily available in countless stores, with the small internal battery going for roughly €40, while the larger external batteries run anywhere from €60 to €8O. You can get some serious battery capacity this way, especially if you go nuts and buy two or even more external batteries. Lenovo claims you can reach 20.7 hours of battery life if you combine the internal battery with the largest external one, for whatever that means in reality.

On my model, the interior battery compartment is partially taken up by a smartcard reader, so in order to insert an internal battery, I’ll need to remove that and find some sort of way to cover up the smartcard slot. The external battery replacement is obviously a lot easier, as it slots right in without having to open the device up. Imagine that.

Another fun fact is that you can also install a second M.2 SSD using the connector freed-up by removing the smartcard reader, if you so desire. Note, however, that this requires an adapter board (FRU 04X3827) and ribbon cable (FRU 04X3987), which will set you back about €20 each, depending on where you buy them from. If storage space is more important to you than battery capacity, this might be a great choice for you.

Replacing the keyboard is also possible, and not exactly difficult either. As long as you get the right keyboard for the T450s, you can opt for any keyboard layout you want. In addition, if your model lacks the backlit keyboard – like mine – you can choose to buy a backlit keyboard instead. A new keyboard will set you back no more than €40 or so, and they’re widely available.

Lastly, I can also replace the display, and it seems this is a fairly easy affair. The reddish splotch on my display is only really visible when it’s on a very dark section of the screen, but it bothers me just enough that I want to fix it. A new 1080p display for the T450s costs about €60 or so, making it kind of a no-brainer if you’re experiencing display issues like I am.

I have not yet decided on which of these upgrades and fixes I’m going to be performing. Even if I purchase the two batteries, a new keyboard, and a new display to bring this laptop back to an almost pristine state, I’ll have only spent an additional €180 or so, which isn’t a lot considering what you’ll be getting for it: a ton of battery life, a keyboard with backlighting and the right layout, and a display without a red splotch on it. Let me know in the comments if you’d be interested in an article detailing these upgrades, and if there’s enough interest, I’ll order the parts and detail the work I needed to do to perform the repairs and upgrades.

However, even without any of these upgrades and fixes, this T450s is an excellent laptop for an amazing price, and can serve the needs of casual and more serious users alike. It’s a great buy for any kids going off to high school or university, and even as a primary laptop for a more demanding user, it’ll do just great. You really don’t have to spend well over a thousand euros or dollars to get a capable, fast laptop – and the ThinkPad’s wide availability of upgrades and replacement parts means you’ll get even more value for your money than just the ‘base’ laptop itself.

By buying used, you’re not only preventing a laptop from becoming dangerous toxic e-waste for people in poor countries to get sick from, but you’re also saving a load of money you can spend on more important things. Especially if you’re a family with multiple kids going to school and a normal, average income, used laptops like this ThinkPad are a great value, further enhanced by excellent repairability and parts availability so that you can keep the machine afloat for many years to come.

Monogon OS: a new kind of Linux operating system

Monogon OS is an open-source, secure, API-driven and minimal operating system unlike any other. It is based on Linux and Kubernetes, but with a clean userland rebuilt entirely from scratch. It is written in pure Go and eliminates decades worth of legacy code and unnecessary complexity.

It runs on a fleet of bare metal or cloud machines and provides users with a hardened, production ready Kubernetes, without the overhead of traditional Linux distributions or configuration management systems. It does away with the scripting/YAML duct tape and configuration drift inherent to traditional deployments. Instead, it provides a stable API-driven platform free of vendor lock-in and with none of the drudgery.

↫ Monogon OS website

This not exactly in my wheelhouse, but I’m pretty sure some of you will be all over this concept.

Intel “Family 6” CPU era coming to an end soon

Since the mid-90’s with the P6 micro-architecture for the Pentium Pro as the sixth-generation x86 microarchitecture, Intel has relied on the “Family 6” CPU ID. From there Intel has just revved the Model number within Family 6 for each new microarchitecture/core. For example, Meteor Lake is Family 6 Model 170 and Emerald Rapids is Family 6 Model 207. This CPU ID identification is used within the Linux kernel and other operating systems for identifying CPU generations for correct handling, etc. But Intel Linux engineers today disclosed that Family 6 is coming to an end “soon-ish”.

↫ Michael Larabel

They should revive the ix86 family name, and call the next generation i786. It sounds so much cooler, even if these names have become rather irrelevant.

Ubuntu will manually review Snap Store after crypto wallet scams

The Snap Store, where containerized Snap apps are distributed for Ubuntu’s Linux distribution, has been attacked for months by fake crypto wallet uploads that seek to steal users’ currencies. As a result, engineers at Ubuntu’s parent firm are now manually reviewing apps uploaded to the store before they are available.

The move follows weeks of reporting by Alan Pope, a former Canonical/Ubuntu staffer on the Snapcraft team, who is still very active in the ecosystem. In February, Pope blogged about how one bitcoin investor lost nine bitcoins (about $490,000 at the time) by using an “Exodus Wallet” app from the Snap store. Exodus is a known cryptocurrency wallet, but this wallet was not from that entity. As detailed by one user wondering what happened on the Snapcraft forums, the wallet immediately transferred his entire balance to an unknown address after a 12-word recovery phrase was entered (which Exodus tells you on support pages never to do).

↫ Kevin Purdy at Ars Tecnhica

Cryptocurrency, or as I like to call it, MLMs for men, are a scammer’s goldmine. It’s a scam used to scam people. Add in a poorly maintained application store like Ubuntu’s Snap Store, and it’s dangerous mix of incompetence and scammers. I honestly thought Canonical already nominally checked the Snap Store – as one of its redeeming features, perhaps its only redeeming feature – but it turns out anyone could just upload whatever they wanted and have it appear in the store application on every Ubuntu installation. Excellent.

The Apple Jonathan: a very 1980s concept computer that never shipped

In the middle of the 1980s, Apple found itself with several options regarding the future of its computing platforms. The Apple II was the company’s bread and butter. The Apple III was pitched as an evolution of that platform, but was clearly doomed due to hardware and software issues. The Lisa was expensive and not selling well, and while the Macintosh aimed to bring Lisa technology to the masses, sales were slow after its initial release.

Those four machines are well known, but there was a fifth possibility in the mix, named the Jonathan. In his book Inventing the Future, John Buck writes about the concept, which was led by Apple engineer Jonathan Fitch starting in the fall of 1984.

↫ Stephen Hackett

So apparently, the Jonathan was supposed to be a modular computer, with a backbone you could slot all kinds of upgrades in, from either Apple or third parties. These modules would add the hardware needed to run Mac OS, Apple II, UNIX, and DOS software, all on the same machine. This is an incredibly cool concept, but as we all know, it didn’t pan out.

The reasons are simple: this is incredibly hard to make work, especially when it comes to the software glue that would have to make it all work seamlessly. On top of that, it just doesn’t sound very Apple-like to make a computer designed to run anything that isn’t from Apple itself. Remember, this is still the time of Steve Jobs, before he got kicked out of the company and founded NeXT instead.

According to Stephen Hackett, the project never made it beyond the mockup phase, so we don’t have many details on how it was supposed to work. It does look stunning, though.

Proxmox gives VMware ESXi users a place to go after Broadcom kills free version

One alternative to ESXi for home users and small organizations is Proxmox Virtual Environment, a Debian-based Linux operating system that provides broadly similar functionality and has the benefit of still being an actively developed product. To help jilted ESXi users, the Proxmox team has just added a new “integrated import wizard” to Proxmox that supports importing of ESXi VMs, easing the pain of migrating between platforms.

↫ Andrew Cunningham at Ars Technica

It’s of course entirely unsurprising other projects and companies were going to try and capitalise on Broadcom’s horrible management of its acquisition of VMware.

Copilot is finally gone from Windows Server 2025 and admins rejoice

After the Windows Server 2025’s launch, a Windows insider posted a screenshot on X showing Copilot running on Windows Server 2025, Build 26063.1.

The admins discovered the feature in shock and wondered if it was a mistake from Microsoft’s part.

A month later, the same Bob Pony broke the news that most admins wanted to see: Copilot is gone in Windows Server 2025’s Build 26085.

↫ Claudiu Andone

This reminds of Windows Server 2012, which was based on Windows 8 and launched with a Metro user interface.

How Apple plans to update new iPhones without opening them

Unboxing a new gadget is always a fun experience, but it’s usually marred somewhat by the setup process. Either your device has been in a box for months, or it’s just now launching and ships in the box with pre-release software. Either way, the first thing you have to do is connect to Wi-Fi and wait several minutes for an OS update to download and install. The issue is so common that going through a lengthy download is an expected part of buying anything that connects to the Internet.

But what if you could update the device while it’s still in the box? That’s the latest plan cooked up by Apple, which is close to rolling out a system that will let Apple Stores wirelessly update new iPhones while they’re still in their boxes. The new system is called “Presto.”

↫ Ron Amadeo at Ars Technica

That’s a lot of engineering for a small inconvenience. Just the way I like my engineering.

Oregon’s governor signs right-to-repair law that bans ‘parts pairing’

Oregon Governor Tina Kotek has now signed one of the strongest US right-to-repair bills into law after it passed the state legislature several weeks ago by an almost 3-to-1 margin. Oregon’s SB 1596 will take effect next year, and, like similar laws introduced in Minnesota and California, it requires device manufacturers to allow consumers and independent electronics businesses to purchase the necessary parts and equipment required to make their own device repairs.

Oregon’s rules, however, are the first to ban “parts pairing” — a practice manufacturers use to prevent replacement components from working unless the company’s software approves them. These protections also prevent manufacturers from using parts pairing to reduce device functionality or performance or display any misleading warning messages about unofficial components installed within a device. Current devices are excluded from the ban, which only applies to gadgets manufactured after January 1st, 2025.

↫ Jess Weatherbed at The Verge

Excellent news, and it wouldn’t be the first time that one US state’s strict (positive) laws end up benefiting all the other states since it’s easier for corporations to just develop to the strictest state’s standards and use that everywhere else (see California’s car safety and emissions regulations for instance).

As a European, I hope this will make it way to the European Union, as well.

lEEt/OS: graphical shell and multitasking environment for DOS

lEEt/OS is a graphical shell and partially posix-compliant multitasking operating environment that runs on top of a DOS kernel. The latest version can be downloaded from this site. lEEt/OS is tested with FreeDOS 1.2 and ST-DOS, but it may also work with other DOS implementations. It can be compiled with Open Watcom compiler. 8086 binaries are also available from this site.

↫ lEEt/OS website

I had never heard of lEEt/OS before, but it looks quite interesting – and the new ST-DOS kernel the developer is making further adds to its uniqueness. A very cool project I’m putting on my list of operating systems to write short ‘first look’ article about for y’all.

ARM64EC (and ARM64X) explained


Probably the most confused looks I get from other developers when I discuss Windows and ARM64 is when I used the term “ARM64EC”.  They ask is the same thing as ARM64?  Is it a different instruction set than ARM64?  How can you tell if an application is or ARM64 ARM64EC?

This tutorial will answer those questions by de-mystifying and explaining the difference between what can be called “classic ARM64” as it existed since Windows 10, and this new “ARM64EC” which was introduced in Windows 11 in 2021.

↫ Darek Mihocka

I’m not going to steal the article’s thunder, but the short of it is that the ‘EC’ stands for ‘Emulation Compatible’, meaning it can call unmodified x86-64 code. ARM64X, meanwhile, is an extended version of Windows PE that allows both ARM64 and emulated x86-64 code to coexist in the same binary (which is not the same as a fat binary, which is an either/or situation). There is a whole lot more to this subject – and I truly mean a lot, this a monster of an in-depth article – so be sure to head on over and read it in full. You’ll be busy for a while.

Writing GNOME applications with Swift

Swift is well-suited for creating user interfaces thanks to the clean syntax, static typing, and special features making code easier to write. Result builders, combined with Swift’s closure expression syntax, can significantly enhance code readability.

Adwaita for Swift leverages these Swift features to provide an intuitive interface for developing applications for the GNOME platform.

↫ The Swift blog

It seems the Swift project is actively trying to move beyond being the ‘Apple programming language’.

Microsoft’s new era of AI PCs will need a Copilot key, says Intel

Intel, Microsoft, Qualcomm, and AMD have all been pushing the idea of an “AI PC” for months now as we head toward more AI-powered features in Windows. While we’re still waiting to hear the finer details from Microsoft on its big plans for AI in Windows, Intel has started sharing Microsoft’s requirements for OEMs to build an AI PC — and one of the main ones is that an AI PC must have Microsoft’s Copilot key.

↫ Tom Warren at The Verge

I lack the words in any of the languages I know to describe the utter disdain I have for this.

Phil Spencer wants Epic Games Store and others on Xbox consoles

In an interview with Microsoft’s CEO of Gaming during the annual Game Developers Conference, Spencer told Polygon about the ways he’d like to break down the walled gardens that have historically limited players to making purchases through the first-party stores tied to each console. Or, in layperson terms, why you should be able to buy games from other stores on Xbox — not just the official storefront.

Spencer mentioned his frustrations with closed ecosystems, so we asked for clarity. Could he really see a future where stores like Itch.io and Epic Games Store existed on Xbox? Was it just a matter of figuring out mountains of paperwork to get there?

↫ Chris Plante at Polygon

The answer is yes, Spencer claims. I don’t know how realistic any of this is, but to me it makes perfect sense, and the gaming world has been moving towards it for a while now. At the moment, I’m doing something thought unthinkable until very recently: I’m playing a major Sony PlayStation exclusive, Horizon: Forbidden West, on PC, through Steam on Linux. Sony has been making its major exclusives available on Steam in recent years, and while seeing these games on Xbox might be a bit too much to ask, I wouldn’t be surprised to see storefronts from companies who don’t make game consoles pop up on the Xbox and PlayStation.

Games have become so expensive to make that limiting them to a single console just doesn’t make any commercial sense. Why limit your audience?

Qualcomm quietly demos Baldur’s Gate 3 and Control on Snapdragon X Elite laptops

If you read my scoop last week, I bet you’ve been wondering — how well could a Snapdragon chip actually run Windows games? At the 2024 Game Developers Conference, the company claimed Arm could run those titles at close to x86/64 speed, but how fast is fast?

With medium-weight games like Control and Baldur’s Gate 3, it looks like the target might be: 30 frames per second at 1080p screen resolution, medium settings, possibly with AMD’s FSR 1.0 spatial upscaling enabled.

↫ Sean Hollister at The Verge

Those are some rough numbers for machines Qualcomm claims can run x86 games at “close to full speed“.

Why x86 doesn’t need to die

Hackaday recently published an article titled “Why x86 Needs to Die” – the latest addition in a long-running RISC vs CISC debate. Rather than x86 needing to die, I believe the RISC vs CISC debate needs to die. It should’ve died a long time ago. And by long, I mean really long.

About a decade ago, a college professor asked if I knew about the RISC vs CISC debate. I did not. When I asked further, he said RISC aimed for simpler instructions in the hope that simpler hardware implementations would run faster. While my memory of this short, ancient conversation is not perfect, I do recall that he also mentioned the whole debate had already become irrelevant by then: ISA differences were swept aside by the resources a company could put behind designing a chip. This is the fundamental reason why the RISC vs CISC debate remains irrelevant today. Architecture design and implementation matter so much more than the instruction set in play.

↫ Chips and Cheese

The number of instruction sets killed by x86 is high, and the number of times people have wrongly predicted the death of x86 – most recently, after Apple announced its first ARM processors – is even higher. It seems people are still holding on to what x86 was like in the ’80s and early ’90s, completely forgetting that the x86 we have today is a very, very different beast. As Chips and Cheese details in this article, the differences between x86 and, say, ARM, aren’t nearly as big and fundamental as people think they are.

I’m a huge fan of computers running anything other than x86, not because I hate or dislike the architecture, but because I like things that are different, and the competition they bring. That’s why I love POWER9 machines, and can’t wait for competitive non-Apple ARM machines to come along. If you try to promote non-x86 ISAs out of hatred or dislike of x86, history shows you’ll eventually lose.

FuryGpu: a hardware GPU implemented on an FPGA

FuryGpu is a real hardware GPU implemented on a Xilinx Zynq UltraScale+ FPGA, built on a custom PCB and connected to the host computer using PCIe. Supporting hardware features equivalent to a high-end graphics card of the mid 1990s and a full modern Windows software driver stack, it can render real games of that era at beyond real-time frame rates.

↫ FuryGpu

A really cool project, undertaking by a single person – who also wrote the Windows drivers for it, which was apparently the hardest part of the project, as the announcement blog post details. Another blog post explains how the texture units work.

Infinite Mac: turning to the dark side

About a year ago I came across the Previous emulator – it appeared to be a faithful simulation of the NeXT hardware and thus capable of running NeXTStep. While including it in Infinite Mac would be scope-creep, NeXT’s legacy is in many ways more relevant to today’s macOS than classic Mac OS. It also helped that it’s under active development by its original creator (see the epic thread in the NeXT Computers forums), and thus a modern, living codebase.

Previous is the fifth emulator that I’ve ported to WebAssembly/Emscripten and the Infinite Mac runtime, and it’s gotten easier. As I’m doing this work, I’m developing more and more empathy for those doing Mac game ports – some things are really easy and others become yak shaves due to the unintended consequences of choices made by the original developers. Previous is available on multiple platforms and has good abstractions, so overall it was a pretty pleasant experience.

↫ Mihai Parparita

By porting previous to WebAssembly/Emscripten, Infinite Mac now offers access to a whole slew of NeXTSTEP releases, from the earliest known release to the last one from 1997. There’s also a ton of applications added to make the experience feel more realistic. This makes Infinite Mac even more useful than it already was, ensuring it’s one of the best and easiest ways to experience old macOS and now NeXTSTEP releases through virtual machines (real ones, this time), available in your browser.

I’ll be spending some time with these new additions for sure, since I’ve very little experience with NeXTSTEP other than whatever I vicariously gleamed through Steven Troughton-Smith‘s toots on the subject over the years. Mihai Parparita is doing incredibly important work through Infinite Mac, and he deserves credit and praise for all he’s doing here.

Happy birthday APFS, 7 years old today

Seven years ago, on 27 March 2017, Apple introduced one of the most fundamental changes in its operating systems since Mac OS X 10.0 Cheetah was released 16 years earlier. On that day, those who updated iOS to version 10.3 had their iPhone’s storage silently converted to the first release of Apple File System, APFS. Six months later, with the release of macOS 10.13 High Sierra on 25 September, Mac users followed suit.

↫ Howard Oakley

The migration from HFS+ to APFS is still an amazing feat for Apple to have pulled off. Hundreds of millions devices converted from one filesystem to another, and barely anyone noticed – no matter how you look at it, that’s an impressive achievement, and the engineers who made it possible deserve all the praise they’re getting.