We’d like to thank our outgoing sponsor, Nova Custom, for sponsoring OSNews!

Nova Custom, based in The Netherlands, makes laptops focused on privacy, customisation, and freedom. Nova Custom laptops ship with either Linux, Windows, or no operating system, and they’re uniquely certified for Qubes OS (the V54 model will be certified soon), the ultra-secure and private operating system. On top of that, Nova Custom laptops come with Dasharo coreboot firmware preinstalled, which is completely open source, instead of a proprietary BIOS. Nova Custom can also disable the Intel Management Engine for you, and you can opt for Dasharo coreboot+Heads for the ultimate in boot security.

Nova Custom offers visual customisations, too, including engraving a logo or text of your choice on the metal screen lid and/or palmrest and adding your own boot logo. They also offer privacy customisations like removing the microphone and webcam, installing a privacy screen, and more. A small touch I personally appreciate: Nova Custom offers a long, long list of keyboard layouts, as well as the option to customise the super key. Nova Custom products enjoy 3 years of warranty, as well as updates and spare parts for at least seven years after the launch of a product, which includes everything from motherboard replacements down to sets of screws.

Nova Custom laptops can be configured with a wide variety of Intel processor options, as well as a choice between integrated Intel GPUs or Nvidia laptop GPUs. Thanks once again to Nova Custom for sponsoring OSNews – for a little longer than anticipated due to our weird RSS/captcha issues.

Only a few weeks ago, I linked to Cameron Kaiser’s excellent deep dive into the DEC Professional 380 running PRO/VENIX, and now we have a follow-up.

Fortunately, today we have AI we have many more excellent and comprehensive documents on the subject, and more importantly, we’ve recently brought back up an oddball platform that doesn’t have networking either: our DEC Professional 380 running the System V-based PRO/VENIX V2.0, which you met a couple articles back. The DEC Professionals are a notoriously incompatible member of the PDP-11 family and, short of DECnet (DECNA) support in its unique Professional Operating System, there’s officially no other way you can get one on a network — let alone the modern Internet. Are we going to let that stop us?

↫ Cameron Kaiser

No. The answer is always no. If you’ve ever wanted to know what’s involved in setting up a custom TCP/IP stack using serial on a 40 year old UNIX workstation, your very specific desires are hereby met.

“Synology-branded drives will be needed for use in the newly announced Plus series, with plans to update the Product Compatibility List as additional drives can be thoroughly vetted in Synology systems,” a Synology representative told Ars by email. “Extensive internal testing has shown that drives that follow a rigorous validation process when paired with Synology systems are at less risk of drive failure and ongoing compatibility issues.”

Without a Synology-branded or approved drive in a device that requires it, NAS devices could fail to create storage pools and lose volume-wide deduplication and lifespan analysis, Synology’s German press release stated. Similar drive restrictions are already in place for XS Plus and rack-mounted Synology models, though work-arounds exist.

↫ Kevin Purdy at Ars Technica

I’m honestly surprised it’s taken Synology this long to start nickle-and-diming its users. I’m sure the “Synology-branded” drives will carry substantial markups over regular drives, despite the drives being otherwise identical. Charging insane markups for expansion options is a tried-and-true way to increase your margins, with Apple being the classic example of charging insane prices for basic RAM or SSD upgrades.

I think most of us here on OSNews could easily build our own NAS, as it’s not a particularly complex project. The various software options could be a bit more complicated to navigate, but I don’t think it’s insurmountable for most of us. Normal, average people, though, would most likely do best to just buy an off-the-shelf NAS for their storage and local back-up needs, and it’s those kind of people who Synology is aiming this policy at. They’ll be easily fooled into thinking Synology-branded drives are somehow special, and not just a generic drive with a fancy sticker.

This is how the world works, but that doesn’t make it any less unpleasant.

Only a few weeks ago we talked about Blue95, a Fedora-based distribution focused on bringing the Windows 95 look to the Linux world by integrating a set of existing Windows 95 Xfce themes. Since Fedora 42 has just been released, the Blue95 project also pushed out a new release, called Blue95 Topanga. It brings with it all the improvements from Fedora 42, but also goes a step further be integrating new applications to further add to the Windows 95 vibe.

First, there’s Winblues Paint, a faithful recreation of Windows 95’s Paint, using jspaint.app. Second, they’ve recreated the classic Plus! experience with Chicago95 Plus!, a tool that allows you to take any existing Windows 95/98/ME/XP theme and apply it as-is on Xfce. Topanga also further improves the theming experience with custom Windows 95 icons for LibreOffice as well as custom themes for Audacious and Flatpost, a desktop-agnostic Flatpak client.

I adore that this project aims to be more than just a vessel for the existing Chicago95 theme, and in fact goes so far as to create its own applications. I hope this continues from here on out and doesn’t fizzle out.

Google acted illegally to maintain a monopoly in some online advertising technology, a federal judge ruled on Thursday, adding to legal troubles that could reshape the $1.86 trillion company and alter its power over the internet.

Judge Leonie Brinkema of the U.S. District Court for the Eastern District of Virginia said in a 115-page ruling that Google had broken the law to build its dominance over the largely invisible system of technology that places advertisements on pages across the web. The Justice Department and a group of states had sued Google, arguing that its monopoly in ad technology allowed the company to charge higher prices and take a bigger portion of each sale.

↫ David McCabe at The New York Times

Google has come under fire from all sides in the United States, being declared an abusive monopoly in two different court cases covering search and now online advertising. In this case, Google controls 87% of the online advertising market in the US, which clearly confers monopoly power onto the company. No actual remedies have been proposed yet in this case, though, but breaking up the company is on the table.

Google isn’t the only company facing antitrust court cases in the US, as Amazon and Apple, too, have the US government breathing down their necks. All three of these companies have overtly been trying to buy the favour of the new regime in Washington, but so far, without any success. I doubt we’ll get as far as a breakup, but I definitely think that’s the only real way we’ll ever get proper market forces at work again in the technology market.

Not that any of us are really “consumers” in this online ad business, but of course, monopoly pricing still affects us through higher prices for the goods being advertised. If companies are forced to accept Google’s higher pricing for online ads, those costs will definitely be offloaded to consumers. As such, even breaking up a monopoly that doesn’t seem to affect us personally can still improve our lives by lowering prices.

ActiveX is a powerful technology that enables rich interactions within Microsoft 365 applications, but its deep access to system resources also increases security risks.

Starting this month, the Windows versions of Microsoft Word, Microsoft Excel, Microsoft PowerPoint, and Microsoft Visio will have a new default configuration for ActiveX controls: Disable all controls without notification.

↫ Zaeem Patel at the Microsoft 365 Insider Blog

Be honest: did any of you know ActiveX was still a thing? Heck, when was the last time you even thought of ActiveX? This technology acted a replacement for Windows’ COM and OLE 2.0, and was used to make controls in a whole slew of Microsoft applications. ActiveX controls from one application could also be embedded into another, like showing a toolbar from Word inside an image editor.

ActiveX has several major downsides, the two biggest of which are its relative lack of portability, and most of all, its atrocious security record. I’m genuinely surprised it’s taken them this long to actively, fully disable the technology by default.

I’m not entirely sure how to link to this properly, but what we have here is a simple, to-the-point text file describing some of the benefits of Slackware, the oldest still maintained Linux distribution. It’s still run by Patrick Volkerding, and focuses on conservative choices and simplicity over ease. I doubt I have to explain the benefits of Slackware to the average OSNews reader, but this simple little text file does serve as a great marketing tool.

The fact it’s a simple little text file is so very Slackware. I love it.

CISA says the U.S. government has extended MITRE’s funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program.

[…]

The announcement follows a warning from MITRE Vice President Yosry Barsoum that government funding for the CVE and CWE programs was set to expire today, April 16, potentially leading to widespread disruption across the cybersecurity industry.

↫ Sergiu Gatlan at BleepingComputer

Elect clowns, live in a circus.

Fedora 42 has been released, bringing with it a major policy change: the Fedora KDE version now has the same status as the GNOME version. This means that Fedora KDE will be getting the same promotion, website space, and potential blocker status as the GNOME version. For now, the naming is a bit weird – Fedora Workstation for GNOME, Fedora KDE Plasma Desktop for KDE – but they intend to fix this down the line.

Feodra 42 also brings with it a brand new installation interface, which replaces the old one with a newer, step-by-step wizard-style interface. Anaconda is now also a native Wayland application, instead of running in Xorg. This release also marks the official availability of the Fedora COSMIC spin, bringing System76’s Rust-based COSMIC desktop on the same footing as Xfce, LXQt, and others.

Another cool addition is FEX for those of us running Fedora on ARM.

Fedora now provides FEX, a fast emulator that allows one to run x86 and x86-64 binaries on an AArch64 Linux host. FEX requires a number of supporting components, including a RootFS image, and integration with muvm to support 16k page-size hosts. The purpose of this Change is to integrate FEX itself and its supporting components into Fedora Linux, to provide a delightful out-of-box experience for users that want to run x86 and x86-64 binaries on their aarch64 systems. This also includes integration into the AArch64 Fedora KDE spin as a non-blocking component of the spin.

↫ Fedora 42 release notes

You can download and install Fedora 42, or if you’re already a Fedora user, you can upgrade through your graphical update utility or the command line using DNF.

EXWM (Emacs X Window Manager) is a full-featured tiling X window manager for Emacs built on top of XELB.

↫ exwm GitHub page

It supports both tiling and stacking windows, dynamic workspaces, RandR, a system tray, and a lot more. XELB stands for X protocol Emacs Lisp Binding, and it’s a “pure Elisp implementation of X11 protocol based on the XML description files from XCB project”.

There’s a small house ( ⌂ ) in the middle of IBM’s infamous character set Code Page 437. “Small house”—that’s the official IBM name given to the glyph at code position 0x7F, where a control character for “Delete” (DEL) should logically exist. It’s cute, but a little strange. I wonder, how did it get there? Why did IBM represent DEL as a house, of all things?

↫ Heikki Lotvonen

Don’t waste any time here, and go read the article. It’s immediately become one of my favourite reads of all time.

The effort to ensure that open-source software is reproducible has been gathering steam over the years, and gaining traction with major Linux distributions. Debian, for example, has been working toward reproducible builds for more than a decade; it can now produce official live CDs of the current stable release that are reproducible. Fedora started on the path much later, but it has progressed far enough that the project is now considering a change proposal for the Fedora 43 development cycle, expected to be released in October, with a goal of making 99% of Fedora’s package builds reproducible. So far, reaction to the proposal seems favorable and focused primarily on how to achieve the goal—with minimal pain for packagers—rather than whether to attempt it.

↫ Joe Brockmeier at LWN.net

In the case of individual packages, reproducibility means that if you set up a build environment at home according to Fedora’s specifications, you can create an exact, bit-by-bit identical copy of a package. This is important because it can help detect and guard against supply chain attacks like the infamous xz backdoor attempt that was thwarted only by mere luck.

As the LWN article notes, however, it’s impossible for Fedora to achieve the original “bit-by-bit” part of the definition because of how RPMs are built. RPMs include the signature inside the RPM, and a few other metadata bits are problematic as well. The actual contents of an RPM – the thing you actually install, run, and use – meet the definition of “bit-by-bit”, though. By this point, Fedora has pretty much done all it can through its own infrastructure when it comes to reproducibility, which has brought the project to 90% of packages being reproducible.

It’s going to be up to the individual package maintainers and software developers to get to the desired goal of 99% by Fedora 43, though. To ensure package maintainers take this issue seriously, a change proposal has been proposed to treat reproducibility issues as bugs, with a degree of wiggle room for now (think should instead of must). It’s only a proposal for now, but it’s looking like it will make it.

The excellent – as always – LWN article has a lot more detail about both the proposes changes as well as the various points of view.

To argue that Objective-C resembles a metaphysically divine language, or even a good language, is like saying Shakespeare is best appreciated in pig latin. Objective-C is, at best, polarizing. Ridiculed for its unrelenting verbosity and peculiar square brackets, it is used only for building Mac and iPhone apps and would have faded into obscurity in the early 1990s had it not been for an unlikely quirk of history. Nevertheless, in my time working as a software engineer in San Francisco in the early 2010s, I repeatedly found myself at dive bars in SoMa or in the comments of HackerNews defending its most cumbersome design choices.

↫ Gabriel Nicholas at Wired

I’ll just step back and let y’all handle this one.

Over 15 years ago, I wrote about the launch of a Paint.NET clone for Linux, called Pinta, written in GTK. That was merely version 0.1, and over time, it’s become somewhat of a staple for many Linux users. The project just released version 3, which is a major revision, moving the application over to GTK4 and Libadwaita.

Built on the robust GTK 4 toolkit and the sleek Libadwaita, Pinta 3.0 brings a redesigned user interface that’s faster, more responsive, and more efficient than ever. Linux users will also benefit from improved system utility integration. On top of all this, new effects and the return of add-ins—previously disabled due to technical constraints—promise to bring even more creative possibilities.

↫ Pinta 3.0 release announcement

Aside from the new user interface and return of add-ins, virtually every aspect of the application seems to have been touched in one way or another. We’ve got improved performance for both the UI and the application’s functionality, better gesture and touch support, redesigned and adaptive toolboxes, improved keyboard support, new effects, and much, much more. Like its original inspiration Paint.NET, Pinta sits between a basic image editor like Microsoft Paint and much more advanced tools like Photoshop and GIMP, and it seems this new release sticks to that position in the market.

You can download Pinta 3.0 for Linux, Windows, and macOS, and it will surely find its way to your distribution’s repository soon enough.