Android applications can now block being sideloaded

It seems Google is hell-bent on removing anything from Android that makes the platform stand apart from iOS. One of the features of Android and the Play Store that users of rooted and/or de-Googled phones will be familiar with is SafetyNet Attestation, something that Android applications can use to check, among other things, if the device it’s running on is rooted or not, and take any action from there based on that information. Notoriously, some banking applications on Android will refuse to work on rooted and/or de-Googled devices because of this.

Earlier this year, at Google I/O, the company unveiled the successor of SafetyNet Attestation, called the Google Play Integrity API, and it comes with a whole lot more functionality for developers to control what their application can do on devices based on the status of the device and the application binary in question. Play Integrity will let the developer’s application know if its binary has been tampered with, if Google Play Protect is enabled, if the Android device it’s running on is “genuine”, and a whole lot more.

Based on that information, the application could decide to warn users when they’re about to do something sensitive that their device is rooted, or it could just throw up its hands entirely and refuse to function at all – and there’s really not much the user can do about this. A new capability of the Play Integrity API is that developers can now also determine where it came from – i.e., if it was sideloaded or installed through a non-Play application store – and then throw up a dialog allowing the user to switch to the version from the Play Store instead. Doing so will delete the original binary and all its data, and replace it with the Play Store version.

The problem here is that the only other option is to cancel, and not have the application load at all.

As you can see, the remediation dialog tells you to “get this app from Play” in order to continue using it. There’s an option to close the dialog, but there’s no way to bypass it entirely. If you close the dialog, a response is sent to the app that lets the developer know so they can decide whether to continue blocking access.

↫ Mishaal Rahman at Android Authority

Several applications appear to already be using this new capability, and while it won’t mean much for people running Google’s, Samsung’s, or any other “blessed by Google” version of Android on unrooted devices, people running, say, /e/OS, GrapheneOS, LineageOS, or any other de-Googled and/or rooted device is going to be having a very bad time if more and more applications adopt this capability. If you’re running a device without Play Services, relying solely on the vast and varied library of applications from F-Droid, for instance, while also sideloading a few applications only available in the Play Store, you could very well be running into problems.

We’ll have to see just how widespread this capability becomes, but I can already foresee this becoming yet another major headache for anyone trying to use a smartphone that isn’t from blessed by Apple or Google. Personally, I’m lucky in that Swedish banking and ID applications worked on de-Googled Android phones, but with the expanding reach of the Play Integrity API, as well as possible “let’s enable this by default” shenanigans by Google, I’m definitely worried about this remaining so in the future.

‘Holy smokes, I just released a MiniGolf game for Palm OS in 2024’

This summer, I embarked on a side project to create a brand-new Palm OS game, and after less than two months of intermittent coding, I’m excited to announce that it’s ready to be released to the public!

↫ Captain’s Quarters

The game in question is a top-down minigolf game, and works on devices running Palm OS 3.5 and higher, in both monochrome and colour, and there’s high-resolution support for devices running Palm OS 5.0 and higher. Sadly, my own Palm OS devices were all drained of battery so I couldn’t quickly load it up and play it on real hardware in time for this post (rest assured, my T|X is currently charging), but you can play it in your browser if you want to. Like any other top-down minigolf game, it’s simple and fun to play.

The game’s creator, whose real name I can’t find so I’ll just refer to them by their blog’s name Captain’s Quarters, also wrote a published a post about the process of developing a Palm OS game in 2024. Especially the section on what is needed to code for Palm OS today is important if you’re also interested in picking this up.

The best news is that developing a Palm OS game can be done on modern hardware, that saves me a lot of time not having to deal with virtual machines or having to set up an old PC running Linux.

For getting a working compiler, I used prc-tools-remix, which is the same old compiler as in the old days, but it’s updated to work on a modern day Linux or OS X system.

↫ Captain’s Quarters

People in general are often oblivious to just how advanced and capable both Palm OS and Windows PocketPC PDAs really were – most people never had one – and even more people are oblivious to just how vibrant the gaming scene on Palm OS was. My Palm OS devices were some of the best gaming handhelds I’ve ever had, and my love for jewel-matching games still goes strong today on Android, but it all started on Palm OS, the original mobile home of the original Bejeweled. Palm OS games got me through quite a few boring lectures and classes in university.

Chrome-based browsers highlight the risks of using third-party Firefox-based browsers

And the hits just keep on coming. After buying an ad tech company and working with Facebook to weaken Firefox’ privacy features, Mozilla is now integrating AI chatbots straight into Firefox with the recent release of Firefox 130. People are understandably big mad about this, and as such the calls for switching to alternatives is growing stronger. Considering the only true alternative to Firefox is Chrome and its various skins, those of us looking to send Mozilla a message are kind of relegated to trying out Firefox skins instead.

Switching to what are essentially “Firefox distros” to collectively try and nudge Mozilla back to making more sensible decisions instead of AI hype chasing is an eminently reasonable one. There’s more reasons than just that. Part of the reason I use Firefox-based browsers rather than Chromium browsers is because I want to preserve some choice and diversity in browser engines. The existence of a choice of different Firefox derived browsers may allow space for experimentation in designing better browsers. In Chromium land, Arc has shown that there’s an opportunity for quite radically rethinking how browsers work. Same for Orion in Mac/iOS-land.

This isn’t a detailed review of the different browsers, just a few comments and observations having tried them.

↫ Tom Morris

I have my reservations about using Firefox skins, mostly because no matter what you do, you’re still entirely dependent on the choices Mozilla makes during the development of the venerable browser. If Mozilla keeps deviating from the traditional goals more and more, the amount of work these Firefox skins need to perform to reign the browser back in will start to increase, and who knows if they have the manpower, experience, and skills to do so? More worryingly, will they be able to keep up with Mozilla’s release schedule, including important bugfixes and security patches?

My worries go beyond those basic things, though. Considerably fewer eyes will be going over any code changes these Firefox-based browsers make, and as recent history has shown us, infiltrating a small, understaffed open source project for nefarious purposes is a thing that happens. Another issue to consider is nebulous ownership of such Firefox versions, as are questions around who financially supports such efforts. Your browser is a massively important and crucial piece of software that holds and has access to a lot of your personal data, and you should be particularly careful about who owns your browser.

This is not to say each and every one of them is bad – just that you have to be careful about who you trust. Several Chrome skins, like Brave and Opera, have time and time again shown to be shady, untrustworthy companies pushing crypto bullshit, ripping off websites, have shady owners, and more – don’t use Brave, don’t use Opera – and there’s no guarantees the same won’t happen with Firefox skins riding the wave of unhappiness with Mozilla. Please be mindful.

I don’t have an answer for this issue, either – I just want to caution against throwing the browser out with the bath water and switching to a project you might not know a lot about.

Mozilla extends Firefox support on unsupported Windows versions to March 2025

Not too long ago, Mozilla announced it was going to extend its support for Windows 7, and was mulling over extending support for Windows 8.x as well, without providing any time frames or details. Well, we’ve got the details now.

According to the Firefox Release Calendar website, Firefox 115 ESR, the latest Firefox version with support for Windows 7, 8, and 8.1, will continue receiving updates until April 1, 2025. Firefox 115.21 ESR is expected on March 4, 2024, which means users with old Windows versions have at least seven more months of support from Firefox.

↫ Taras Buria at Neowin

The same extension to March 2025 for Firefox 115 ESR also covers macOS 10.12-10.14. The reasoning behind the extension is simple: there’s still enough users on these older operating system version for Mozilla to dedicate resources to it, despite how difficult backporting security fixes to 115 ESR has become. Firefox is pretty much the only mainstream browser still supporting Windows 7 and 8, and that’s definitely commendable.

Rust on illumos

With the recent Rust in Linux events in the last couple of days, it’s a good time to write up Rust in illumos. Both to spread the word a bit and also to set expectations for both sides (Rust and illumos/OpenIndiana devs) what is currently possible and what work would need to be invested to make things smooth. And also to let the Rust community know about what illumos people were talking about.

What most of the talk currently is about, are the technical details. But we must not leave the social aspects out of it. Software distributions are not made by lone walkers but by groups of people. Bringing in a new language means facilitating change. And that means there are more topics to discuss than just API design. We are talking about impacts on the whole software lifecycle.

↫ Till Wegmüller (Toasty)

I try to steer clear of all the Rust-related drama, mostly because it’s outside of my wheelhouse, but also because I don’t think anything I can highlight here will help anyone get anywhere or solve anything. In this particular case, there’s no drama, and it’s just a good ol’ discussion about what Rust as a programming language can contribute to the illumos community and code.

I can’t program so here my useful contributions end.

MNT unveils MNT Reform Next

Earlier this year, I reviewed the excellent and unique MNT Reform laptop, an (almost) fully open source, very hackable laptop. MNT has just unveiled the upcoming follow-up to the Reform, called the Reform Next.

Being highly performant, modular, and upgradeable, MNT Reform Next gives you more freedom than any other laptop. Swap modules, print your own case, customize your keyboard. Since we are committed to open hardware, all sources are public.

While Classic MNT Reform is a portable device, we felt like a sleeker, more lightweight design would increase portability and make for a more flexible laptop.

↫ MNT website

The focus seems to have been on both performance and size, and I think the latter is especially important for a lot of people who might not have been too enamored with the original Reform’s chunky, brutalist design. The device has been made thinner by splitting the motherboard up into several connected, separate boards, that also happen to improve the repairability and upgradeability of the device. The battery pack has been redesigned for a smaller physical size, too, and the trackball option is no longer available – it’s trackpad-only.

The Reform Next is compatible with MNT’s latest processor module, the RK3588, and as such, packs a bigger punch. This SoC has four ARM Cortex-A76 cores up to 2.4 Ghz, and four power-efficient ARM Cortex-A55 cores up to 1.5 Ghz. This SoC is also available as an upgrade for the MNT Reform and the MNT Pocket Reform, and ships with either 16 or 32 GB of RAM and an ARM Mali G610 MP4 GPU.

Of course, the Reform Next will be as open as humanly possible, both software as well as hardware-wise, and it’s looking like a worthy successor to the MNT Reform. I’m incredibly delighted that MNT seems to have found a niche that works for them, and enabling them to keep developing and releasing hardware that goes against every trend in the industry, giving us entirely unique devices nobody else is making.

Make your own read-only device with NetBSD

For certain use cases, it’s advisable to set up a read-only root file system, which ensures better reliability in case of system issues. Think of scenarios like a router (critical for network access) or a caching reverse-proxy, such as the one described in my series “Make your own CDN“.

While FreeBSD natively supports this configuration and some Linux distributions offer custom solutions (e.g., Alpine Linux), NetBSD stands out as an excellent choice for such devices. It supports nearly all embedded devices, is lightweight, and its stability minimizes the need for frequent updates.

↫ Stefano Marinelli

Exactly what it says on the tin. Friend of the website (a new term I just made up and will use from here on out for some people) Stefano Marinelli, fresh from his series about making your own CDN using the various BSDs, explains how to set up a NetBSD system with a read-only root filesystem for the special use cases where this makes sense.

AMD deprioritizing flagship gaming GPUs

I had a chance to speak to Jack Huynh, AMD’s senior vice president and general manager of the Computing and Graphics Business Group, during IFA 2024 in a question and answer session. Due to speculation that AMD won’t launch flagship GPUs for its next-gen lineup, I pressed Huynh for information regarding the company’s plans for the high-end GPU market with the RDNA 4-powered Radeon RX 8000-series. His comments sketch out a plan focused specifically on gaining market share in the GPU market above all else, and this strategy deprioritizes chasing Nvidia’s highest-end gaming cards — at least for now.

↫ Paul Alcorn at Tom’s Hardware

Reading through the actual comments, it seems that AMD is not going to chase the very, extreme high-end that NVIDIA serves, like the 4090 level of GPUs. Honestly, I’m completely okay with that – those high-end GPUs are insanely expensive, and unlike what YouTube and tech websites might suggest, nobody buys these GPUs. Consistently, for more than a decade now, it’s the xx60-xx70 levels of cards that dominate the market, and it’s smart of AMD (and Intel) to focus on that segment if you want to sell as many GPUs as possible.

The very top of the GPU market just doesn’t make a lot price/performance sense. You pay considerably more for a 4090 compared to a 4080, but the price increase does not correspond to a similar increase in performance. It simply makes a lot more sense to save that money and spend it elsewhere, such as on a better CPU, more RAM, more storage, or a new display. I’d rather AMD not waste time and energy on making these high-end GPUs nobody buys, and instead focus on improving the GPUs people actually buy.

And of course, AMD just hasn’t been able to match NVIDIA at the top end, and that’s probably not going to change any time soon. Releasing a high-end, expensive GPU, only to be trounced by your one competitor every single time is not a good look, so why even try?

Redox 0.9.0 released

It’s been two years, but we finally have a proper new Redox release: the Redox team released version 0.9.0 today. Since we’ve been covering all the monthly progress reports from this Rust-based operating system for a long time now, we’ve already covered most of the improvements in this new release, so if you’ve been following along there shouldn’t be any major surprises in here, but let’s do a quick summary anyway just so we’re all up to speed.

I think the primary thing anyone moving from the previous release to the new one will be massive performance and stability improvements, as well as the arrival of the first few applications from System76’s new COSMIC Desktop. Redox is led by Jeremy Soller, a System76 engineer, and since COSMIC uses Rust as well, it only makes sense for the two projects to start benefiting from each other’s progress. Porting Linux and BSD programs has also become a lot easier, which is also evidenced by a whole slew of new ports from those operating systems.

Redox works in both virtual machines and on real hardware, but the former is definitely advised over the latter. In the latest monthly progress report, which was published only a few days ago, it’s mentioned that Redox performance in virtual machines has improved greatly. The team discovered that reading the system time was a huge bottleneck in the context switching code, which affects virtual machines particularly hard because it needs to be read from outside oft he VM. Redox now reads the TSC using KVM’s paravirtualized system time API to remove this bottleneck.

Running in a VM, Redox is now becoming slightly faster than Linux at certain synthetic benchmarks, for example the same-core context switch latency when using POSIX pipes (tested with mitigations=off). More exciting optimizations are coming, both to reduce context switch overhead further towards the hardware limit, and to reduce unnecessary context switches overall.

↫ Ribbon and Ron Williams

As time moves on and both Redox and COSMIC improve, my excitement for this operating system grows along with it. It seems the people working on both projects have their priorities quite straight, and while I’m obviously not going to make any idiotic grand statements about how Redox will replace anything, I wouldn’t be surprised to see it become a fairly solid option for those of us willing to deal with the issues that come with running something that isn’t Windows, Linux/BSD, or macOS.

AppSumo: this week’s sponsor

AppSumo is a marketplace where software developers and other entrepreneurs can launch their products, giving special offers to early adopters. Many AppSumo deals offer lifetime licenses, so you can throw in your support for an up-and-coming product and be rewarded with a deal-for-life that will save you up to 95% compared to paying monthly. If you’re a developer, AppSumo is a great way to get attention for your launch, and quickly find a cohort of savvy paying customers.

AppSumo deals are all limited-time offers, but this week they’re doing their “Last Call” event, where crowd favorite deals are brought back for a limited time (but only for members paying for the Plus tier).

Linux’s bedtime routine

How does Linux move from an awake machine to a hibernating one? How does it then manage to restore all state? These questions led me to read way too much C in trying to figure out how this particular hardware/software boundary is navigated.

↫ Jacob Adams

So this is a lot deeper of a dive than I expected, and it blows my mind just how complex sleep, hibernating, and waking a computer really is. Instinctively you know this, but seeing it spelled out like this really drives that point home – and this only covers going into hibernation. It also highlights how hard it must be for the developers involved to keep this working at all, especially on the wide variety of machines and hardware combinations Linux runs on.

It wasn’t too log ago that pretty much the only platform where sleeping and waking worked reliably was Mac OS X with its controlled, small hardware selection, so it’s kind of remarkable this works at all on Linux now. I haven’t had to worry about sleeping and waking with Linux for quite a while now, and it’s one of those things that “just works” so I never have to think about it. This definitely wasn’t always the case, though, and on both Linux and Windows I would just turn the whole feature off since it rarely worked reliably, especially on desktops.

I’m sure it still breaks for people, but for me, it’s been rock solid, and reading through the linked article, I’m even more amazed about this than I already was.

KDE to focus on improving developer experience, input methods

The KDE project is currently having its yearly conference – Akademy – and at the conference, the project announced its goals for the coming years.

The KDE community has charted its course for the coming years, focusing on three interconnected paths that converge on a single point: community. These paths aim to improve user experience, support developers, and foster community growth.

↫ Farid Abdelnour on the KDE Blogs

First, the project intends to make it easier for developers to build KDE applications. They want to do this in various ways, but most notably they want to improve the developer experience for people writing KDE applications in languages other than C++, such as Rust or Python. This is a very welcome goal, as I feel there’s definitely a bit of a lack of new KDE applications, and as any other open source project, KDE can always use more developers.

Second, KDE is going to focus on improving the input experience, as in the various ways you interact with your computer. Accessibility, and the more complex input methods people with accessibility needs require, are also part of this goal, but it also covers simpler things like mice with tons of buttons, drawing tablets, 2-in-1 laptops, and so on. I’m assuming this also includes controlling the various RGB stuff found in every keyboard and mouse these days, as this is something KDE has already been making inroads into.

The third and final goal is one strongly related to the first goal, as it involves community outreach to attract new contributors. This covers not just individual contributors, but also support from institutions, organisations, and I’m guessing companies, too. With Valve opting for KDE for its Steam Deck, I wouldn’t be surprised to see some more involvement from that direction, too, which meshes well with the input goal mentioned above.

If you all keep becoming Patreons and donating to us, I might be able to actually go to Akademy next year and be a fly on the wall for some more in-depth reporting from such a conference. I can’t guarantee anything – especially since I have two small children, live far away from everything here in the Arctic, and have serious anxiety problems to take into account, but it’s definitely a goal for me for next year.

RISC Laptops of the 90s and early 2000s

Paul Weissmann’s OpenPA, the invaluable archive on anything related to the HP’s PA-RISC architecture, devices, and operating systems, has branched off for a bit and started collecting information on RISC laptops.

Technical computing in the 1990s was mostly done on RISC workstations with Unix operating systems and specialized applications. For mobile use cases, some of the popular RISC vendors built RISC Laptops for mobile Unix use in the 1990s.

Often based on contemporary Unix workstations, these RISC laptops were often marketed for government and military uses such as command, technical analysis and surveillance.

↫ Paul Weissmann at OpenPA

OpenPA has always had content beyond just PA-RISC (like HP’s Itanium machines), so this is not entirely surprising, and it also happens to be something that’s sorely needed – there’s remarkably little consolidated information to be found on these RISC laptops, and it’s usually scattered all over the place and difficult to find. They were expensive and rare when they were new, and they’re even rarer and often more expensive today.

What we’re talking about here are laptops with PA-RISC, SPARC, (non-Apple) PowerPC, and Alpha processors, running some variant of UNIX, like HP-UX, SunOS/Solaris, AIX, and even Windows NT. A particularly interesting listing at the moment is the Hitachi 3050RX/100C, a laptop based on the Hitachi PA/50L PA-RISC processor that ran something called HI-UX/WE2, a UNIX from Hitachi I can’t find much information about.

The most desirable laptop listed is the amazing Tadpole Viper, which was the most powerful SPARC laptop Tadpole ever made, and I’m pretty sure it’s the most powerful SPARC laptop, period. It was powered by a 1.2Ghz UltraSPARC IIIi processor, and was also sold as the Sun Ultra 3, in 2005. I would perform some seriously questionable acts to get my hands on one of these, but they’re most likely virtually impossible to find.

Anyone who can help Weissmann find more information – feel free to do so.

Keyhole: a highly effective Windows DRM bypass also present on the Xbox One

The MAS project, a group of people working on an open source Windows and Office activator featuring HWID, Ohook, KMS38, and Online KMS activation methods, discovered quite a neat and interesting bug in the code responsible for licensing in Windows.

In our ongoing work to bypass Windows licensing checks, we occasionally stumble upon bugs that we choose to keep secret. This decision allows us to preserve potential future activation methods by avoiding bug fixes, while also giving us valuable tools for testing or developing new methods.

One such discovery, which we’ve named “Keyhole”, turned out to be a highly effective DRM bypass. It gave users the ability to license any Microsoft Store app or any modern Windows edition with ease.

↫ The MAS project

There were quite a number of roadblocks to overcome here, such as Microsoft’s code obfuscation tool, called Warbird, which was already done by someone else, after which they could really start digging into the code responsible for handling Microsoft Store and Windows licenses. They then discovered that circumventing the license blocks that hold the actual license information was dead simple – every license block is followed by a signature block covering all the data that comes before it. It turns out that messing with the licensing system was as simple as… Adding data after that signature block.

That was it.

As it turns out, data after the signature block isnt checked at all… and it can even override data that came before it. Whenever two blocks of the same type are stored together, the last one overrides all the others before it. So, if we want to change any license data, we can just make a block for it and put it after the signature block!

This method lets us make licenses for anything sold on the Microsoft Store, including Windows, from any other Microsoft Store license. And since there are so many free apps with licenses, we now had the ability to make as many as we wanted for whatever we wanted. This bug essentially punched a hole straight through CLiP’s DRM, so we decided to name it “Keyhole”.

↫ The MAS project

This opened up a massive hole in Microsoft’s licensing tools and DRM, and allowed the MAS project to pretty much do whatever they wanted. They could even do things that used to be impossible, such as “activating Enterprise LTSC with a digital license, or even activating a legitimate KMS server with a generic key”. Sadly, the fun didn’t last long, as right around the same time, Cisco TALOS discovered this same bug, reported it to Microsoft, who then proceeded to fix it.

the MAS project also discovered something else incredibly interesting, something which further highlights the seemingly terrible lack of quality assurance and code quality inside Microsoft. They noted that the kernel driver responsible for licensing looked incredibly shoddy, full of what they call “odd choices and compromises”. In fact, they soon realised that they had seen this code before: it was a straight-up copy/paste job from the licensing DRM found on the Xbox One.

And there’s the same bug that’s in CLiP, but in Xbox code. In fact, we weren’t too surprised to find this, as we found that almost all of CLiP, from the XML format of the licenses to the TLV-based license blocks, is copy-pasted straight from the Xbox One’s DRM system.

↫ The MAS project

Code reuse obviously makes sense in some situations, but the fact Microsoft even copy/pasted entire sections of code from the Xbox One straight into the Windows kernel as a kernel driver seems rather irresponsible. Shouldn’t code added to the Windows kernel and installed on billions of devices be vetted a little better than this?

Xmem and FVWM

So given that, xmem can be useful as a monitoring tool. Fluffy (my main server) runs both squid and apache, and given that fluffy only has 64MB of RAM, things can get a little cramped. If I suddenly see that the whole of xmem turns blue (i.e. the swap file’s thrashing), then I know that something is odd, and I can easily find out which processes are eating up so much RAM.

I said earlier that xmem can brighten up one’s desktop. Indeed, as I use FVWM in a rather archaic fashion, it seems fitting I should like xmem. 🙂 Here’s a full screenshot showing xmem (plus other applications) in action.

↫ Thomas Adam

This is basically just an excuse to show off this awesome FVWM desktop shown off in this short little article about xmem, written by one of FVWM’s core developers. It just looks neat.

Windows App SDK 1.6 released

We are proud to announce that version 1.6 of the Windows App SDK is now available! Whether you’re looking for the incredible performance boost and footprint reduction of Native AOT support, enhancements for deploying your package, or quality of life improvements for controls like PipsPager and RatingControl, WinAppSDK 1.6 offers a raft of new features, performance boosts and structural changes that enable you to make your native Windows apps better than ever before. 

The Windows App SDK provides a rich set of APIs and tools to help you build beautiful and fast Windows desktop apps, including any C++ Win32 or C# .NET app. You can harness the modern controls and polish of WinUI 3, which ships as part of the WinAppSDK, or if you have an existing app that uses Win32 such as WPF, you can take advantage of only the parts of the SDK that you need. The WinAppSDK also stays up to date with frequent and OS-independent releases so your app can always access the latest innovations.

↫ Duncan MacMichael at the Windows Blogs

There’s actually quite a few nice and welcome updates in version 1.6, most prominently the aforementioned Native AOT. This stands for native Ahead-Of-Time (AOT) compilation, and, as the name suggests, compiles your application ahead of time for the architecture it’s going to run on. This reduces the size of the application package and greatly improves the startup time. Another welcome improvement is that the embedded Edge WebView2 SDK is no longer hard-coded, but a NuGet reference, so developers can choose to use any version of the webview they want, preferably the newest version.

There’s a lot more in here, so if you’re a Windows developer trying to use the latest set of tools from Microsoft – this one’s for you.

A Windows Control Panel retrospective amidst a concerning UX shift

Unsurprisingly, this change has not been met with a lot of enthusiasm by the average Windows user, and with Microsoft now officially recommending users migrate over to the Settings app, it seems that before long we may have to say farewell to what used to be an intrinsic part of the Windows operating system since its first iterations. Yet bizarrely, much of the Control Panel functionality doesn’t exist yet in the Settings app, and it remain an open question how much of it can be translated into the Settings app user experience (UX) paradigm at all.

Considering how unusual this kind of control panel used to be beyond quaint touch-centric platforms like Android and iOS, what is Microsoft’s goal here? Have discovered a UX secret that has eluded every other OS developer?

↫ Maya Posch

I like the Windows Control Panel, and approaches like it. They’re easy to use, they allow you to have multiple settings panels open at the same time, they can be easily extended by third parties – for better or worse – and they make it easy to find things with colourful, recognisable icons. The current Windows Settings application is a massive regression, as is the change from macOS’ iconic and incredibly user-friendly System Preferences to the new System Settings application. KDE also moved to a sidebar design I’m not a fan of, and GNOME has had a similar unpleasant, monochrome sidebar, too.

It’s not big enough of an issue to make a huge deal out of, and the KDE sidebar settings application is at least marginally usable, but I really do wish someone would have the guts to undo this general trend, because it’s getting harder and harder to find the settings I want at a glance, and not allowing you to open multiple settings panels at the same time is a huge loss.

And a small note: this article uses the Windows 3.x Control Panel as its starting point, but both Windows 1.x and 2.x had a Control Panel as well. It’s an old concept, for sure.

The Internet Archive just lost its appeal over ebook lending

The Internet Archive has lost its appeal in a fight to lend out scanned ebooks without the approval of publishers. In a decision on Wednesday, the Second Circuit Court of Appeals ruled that permitting the Internet Archive’s digital library would “allow for widescale copying that deprives creators of compensation and diminishes the incentive to produce new works.”

The decision is another blow to the nonprofit in the Hachette v. Internet Archive case. In 2020, four major publishers — Hachette, Penguin Random House, Wiley, and HarperCollins — sued the Internet Archive over claims its digital library constitutes “willful digital piracy on an industrial scale.”

↫ Emma Roth

If you’re a library and scan books and offer a lending service, you’re committing “willful digital piracy on an industrial scale”. If you scan the entire goddamn internet without any regard for licensing or copyright and regurgitate chunks of it on command, you’re a visionary, a revolutionary, a genius.

Make it make sense.

Porting systemd to musl libc-powered Linux

A. Wilcox, the original creator of Adélie Linux, has ported systemd to musl, the glibc alternative.

I have completed an initial new port of systemd to musl. This patch set does not share much in common with the existing OpenEmbedded patchset. I wanted to make a fully updated patch series targeting more current releases of systemd and musl, taking advantage of the latest features and updates in both. I also took a focus on writing patches that could be sent for consideration of inclusion upstream.

The final result is a system that appears to be surprisingly reliable considering the newness of the port, and very fast to boot.

↫ A. Wilcox

I absolutely adore Adélie Linux as a project, even if I don’t run it myself, since they have a very practical approach to software. Systemd is popular for a reason – it’s fast and capable – and it only makes sense for Adélie to offer it as a potential option, even when using musl. Choice is a core value of the open source and Linux world, and that includes the choice to use systemd, even for a distribution that has traditionally used something else.

The port is already quite capable, and Wilcox managed to replace OpenRC on her system with systemd in-place, and it booted up just fine, and it also happened to boot in about a third of the time OpenRC did. It’s not ready for prime time yet, though, and most services are not yet packaged for systemd, an effort for which Adélie Linux intends to rely on upstream and cooperation with systemd experts from Gentoo and Fedora. They’re also working together with systemd, musl, and others to make any switching a user might want to do as easy as possible.

A beta or anything like that is still a ways off, but it’s an impressive amount of progress already.

Android 15 is released to AOSP

Today we’re releasing Android 15 and making the source code available at the Android Open Source Project (AOSP). Android 15 will be available on supported Pixel devices in the coming weeks, as well as on select devices from Samsung, Honor, iQOO, Lenovo, Motorola, Nothing, OnePlus, Oppo, realme, Sharp, Sony, Tecno, vivo, and Xiaomi in the coming months.

We’re proud to continue our work in open source through the AOSP. Open source allows anyone to build upon and contribute to Android, resulting in devices that are more diverse and innovative. You can leverage your app development skills in Android Studio with Jetpack Compose to create applications that thrive across the entire ecosystem. You can even examine the source code for a deeper understanding of how Android works.

↫ Matthew McCullough at the Android Developers blog

While it’s great that we’re still getting open source Android releases, the reality of it is that Google has eroded so much away from the Android Open Source Project that AOSP has become effectively useless. Back in the olden days, AOSP was a complete mobile operating system, but those days are long behind us. Google has moved so much from AOSP over to proprietary frameworks, applications, and cloud services that running that it’s no longer a complete package, which is a huge shame.

Still, AOSP plays an important role for the custom ROM community and the various companies and communities making privacy-first, de-Googled Android versions, and for that reason alone it’s good that it still exists, even in its gutted state. Android 15’s AOSP release will surely find its way to LineageOS, /e/OS, GrapheneOS, and the countless other alternatives to butchered Android OEM versions and people seeking a more private smartphone experience.

As for when Android 15 will hit Pixels – that’s going to be a few weeks from now, later than usual after the source release.