Why I like NetBSD, or why portability matters

All that to say, I find that NetBSDs philosophy aligns with mine. The OS is small and cozy, and compared to many minimal Linux distributions, I found it faster to setup. Supported hardware is automatically picked up, for my Thinkpad T480s almost everything (except the trackpad issue I solved above) worked out of the box, and it comes with a minimal window manager and display manager to get you started. It is simple and minimal but with sane defaults. It is a hackable system that teaches you a ton. What more could you want?

↫ Marc Coquand

I spent quite some time using OpenBSD earlier this year, and I absolutely, positively loved it. I can’t quite put into words just how nice OpenBSD felt, how graspable the configuration files and commands were, how good and detailed the documentation, and how welcoming and warm the community was over on Mastodon, with even well-known OpenBSD developers taking time out of their day to help me out with dumb newbie questions.

The only reason I eventually went back to Fedora on my workstation was performance. OpenBSD as a desktop operating system has some performance issues, from a slow file system to user interface stutter to problematic Firefox performance, that really started to grind my gears while trying to get work done. Some of these issues stem from OpenBSD not being primarily focused on desktop use, and some of them simply stem from lack of manpower or popularity. Regardless, nobody in the OpenBSD community was at all surprised or offended by me going back to Fedora.

NetBSD seems to share a lot of the same qualities as OpenBSD, but, as the linked article notes, with a focus on different things. Like I said yesterday, I’m looking to building and testing a system entirely focused on tiled terminal emulators and TUI applications, and I’ve been pondering if OpenBSD or NetBSD would be a perfect starting point for that experiment.

Introduction to NanoBSD

This document provides information about the NanoBSD tools, which can be used to create FreeBSD system images for embedded applications, suitable for use on a USB key, memory card or other mass storage media.

[…]

It can be used to build specialized install images, designed for easy installation and maintenance of systems commonly called “computer appliances”. Computer appliances have their hardware and software bundled in the product, which means all applications are pre-installed. The appliance is plugged into an existing network and can begin working (almost) immediately.

↫ FreeBSD documentation

Some of the primary features of NanoBSD are exactly what you’d expect out of a tool like this, such as the system being entirely read-only at runtime, so you don’t have to worry about shutdowns or data loss, and of course, the entire creation process of NanoBSD images using a simple shell script with any arbitrary set of requirements. For the rest, it remains a FreeBSD system, so ports and packages work just as you’d expect, and assuming your specific settings for the NanoBSD image didn’t remove it, anything that works in FreeBSD, works in a NanoBSD image, too.

The documentation is, as is often the case in the BSD world, excellent, and very easy to follow, even for someone not at all specialised in things like this. Reading through it, I’m pretty sure even I could create a customised NanoBSD image and run it, since it very much looks like you’re just creating a custom installation script, adding just the things you need.

I don’t have a use for something like this, but I’m not sure how well-known NanoBSD is, and I feel like there’s definitely some among you who would appreciate this.

CrowdStrike issue is causing massive computer outages worldwide

Well, this sure is something to wake up to: a massive worldwide outage of computer systems due to a problem with CrowdStrike software. Payment systems, airlines, hospitals, governments, TV stations – pretty much anything or anyone using computers could be dealing with bluescreens, bootloops, and similar issues today. Open-heart surgeries had to be stopped mid-surgery, planes can’t take off, people can’t board trains, shoppers can’t pay for their groceries, and much, much more, all over the world.

The problem is caused by CrowdStrike, a sort-of enterprise AV/monitoring software that uses a Windows NT kernel driver to monitor everything people do on corporate machines and logs it for… Security purposes, I guess? I’ve never worked in a corporate setting so I have no experience with software like this. From what I hear, software like this is deeply loathed by workers the world over, as it gets in the way and slows systems down. And, as can happen with a kernel driver, a bug can cause massive worldwide outages which is costing people billions in damages and may even have killed people.

There is a workaround, posted by CrowdStrike:

  1. Boot Windows into Safe Mode or the Windows Recovery Environment
  2. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
  3. Locate the file matching “C-00000291*.sys”, and delete it. 
  4. Boot the host normally. 

This is a solution for individually fixing affected machines, but I’ve seen responses like “great, how do I apply this to 70k endpoints?”, indicating that this may not be a practical solution for many affected customers. Then there’s the issue that this may require a BitLocker password, which not everyone has on hand either. To add insult to injury, CrowdStrike’s advisory about the issue is locked behind a login wall. A shitshow all around.

Do note that while the focus is on Windows, Linux machines can run CrowdStrike software too, and I’ve heard from Linux kernel engineers who happen to also administer large numbers of Linux servers that they’re seeing a huge spike in Linux kernel panics… Caused by CrowdStrike, which is installed on a lot more Linux servers than you might think. So while Windows is currently the focus of the story, the problems are far more widespread than just Windows.

I’m sure we’re going to see some major consequences here, and my – misplaced, I’m sure – hope is that this will make people think twice about one, using these invasive anti-worker monitoring tools, and two, employing kernel drivers for this nonsense.

NVIDIA transitions fully towards open-source GPU Linux kernel modules

It’s a bit of a Linux news day today – it happens – but this one is good news we can all be happy about. After earning a bad reputation for mishandling its Linux graphics drivers for years, almost decades, NVIDIA has been turning the ship around these past two years, and today they made a major announcement: from here on out, the open source NVIDIA kernel modules will be the default for all recent NVIDIA cards.

We’re now at a point where transitioning fully to the open-source GPU kernel modules is the right move, and we’re making that change in the upcoming R560 driver release.

↫ Rob Armstrong, Kevin Mittman and Fred Oh

There are some caveats regarding which generations, exactly, should be using the open source modules for optimal performance. For NVIDIA’s most cutting edge generations, Grace Hopper and Blackwell, you actually must use the open source modules, since the proprietary ones are not even supported. For GPUs from the Turing, Ampere, Ada Lovelace, or Hopper architectures, NVIDIA recommends the open source modules, but the proprietary ones are compatible as well. Anything older than that is restricted to the proprietary modules, as they’re not supported by the open source modules.

This is a huge milestone, and NVIDIA becoming a better team player in the Linux world is a big deal for those of us with NVIDIA GPUs – it’s already paying dividend in vastly improved Wayland support, which up until very recently was a huge problem. Do note, though, that this only covers the kernel module; the userspace parts of the NVIDIA driver are still closed-source, and there’s no indication that’s going to change.

Linux patch to disable Snapdragon X Elite GPU by default

Not too long ago it seemed like Linux support for the new ARM laptops running the Snapdragon X Pro and Elite processors was going to be pretty good – Qualcomm seemed to really be stepping up its game, and detailed in a blog post exactly what they were doing to make Linux a first-tier operating system on their new, fancy laptop chips. Now that the devices are in people’s hand, though, it seems all is not so rosy in this new Qualcomm garden.

A recent Linux kernel DeviceTree patch outright disables the GPU on the Snapdragon X Elite, and the issue is, as usual, vendor nonsense, as it needs something called a ZAP shader to be useful.

The ZAP shader is needed as by default the GPU will power on in a specialized “secure” mode and needs to be zapped out of it. With OEM key signing of the GPU ZAP shader it sounds like the Snapdragon X laptop GPU support will be even messier than typically encountered for laptop graphics.

↫ Michael Larabel

This is exactly the kind of nonsense you don’t want to be dealing with, whether you’re a user, developer, or OEM, so I hope this gets sorted out sooner rather than later. Qualcomm’s commitments and blog posts about ensuring Linux is a first-tier platform are meaningless if the company can’t even get the GPU to work properly. These enablement problems should’ve been handled well before the devices entered circulation, so this is very disheartening to see.

So, for now, hold off on X Elite laptops if you’re a Linux user.

Ly: a TUI display manager

Ly is a lightweight TUI (ncurses-like) display manager for Linux and BSD.

↫ Ly GitHub page

That’s it. That’s the description.

I’ve been wanting to take a stab at running a full CLI/TUI environment for a while, see just how far I can get in my computing life (excluding games) running nothing but a few tiled terminal emulators running various TUI apps for email, Mastodon, browsing, and so on. I’m not sure I’d be particularly happy with it – I’m a GUI user through and through – but lately I’ve seen quite a few really capable and just pleasantly usable TUI applications come by, and they’ve made me wonder.

It’d make a great article too.

Unified kernel image

UKIs can run on UEFI systems and simplify the distribution of small kernel images. For example, they simplify network booting with iPXE. UKIs make rootfs and kernels composable, making it possible to derive a rootfs for multiple kernel versions with one file for each pair.

A Unified Kernel Image (UKI) is a combination of a UEFI boot stub program, a Linux kernel image, an initramfs, and further resources in a single UEFI PE file (device tree, cpu µcode, splash screen, secure boot sig/key, …). This file can either be directly invoked by the UEFI firmware or through a boot loader.

↫ Hugues

If you’re still a bit unfamiliar with unified kernel images, this post contains a ton of detailed practical information. Unified kernel images might become a staple for forward-looking Linux distributions, and I know for a fact that my distribution of choice, Fedora, has been working on it for a while now. The goal is to eventually simplify the boot process as a whole, and make better, more optimal use of the advanced capabilities UEFI gives us over the old, limited, 1980s BIOS model.

Like I said a few posts ago, I really don’t want to be using traditional bootloaders anymore. UEFI is explicitly designed to just boot operating systems on its own, and modern PCs just don’t need bootloaders anymore. They’re points of failure users shouldn’t be dealing with anymore in 2024, and I’m glad to see the Linux world is seriously moving towards negating the need for their existence.

Safari already contains ad tracking technology, and they’re now adding it to Safari’s Private Browsing mode, too

We’ve been talking a lot about sleazy ways in which the online advertising industry is conspiring with browser makers – who also happen to be in the online advertising industry – to weaken privacy features so they can still track you and the ads they serve you, but with “privacy”. They’re trying really hard to make it seem as if they’re doing us a huge favour by making tracking slightly more private, and browser makers are falling over themselves to convince us that allowing some user and ad tracking is the only way to stop the kind of total everything, everywhere, all at once tracking we have now.

We’ve got Google and Chrome pushing something called “Privacy Sandbox“, and we’ve got Mozilla and Facebook pushing something called “Privacy-Preserving Attribution“, both of which are designed to give the advertising industry slightly more private tracking in the desperate hope they won’t still be doing a lot more tracking on the side. Safari users, meanwhile, have been feeling pretty good about all of this in the knowledge Apple cares about privacy, so surely Safari won’t be doing any of this.

You know where this is going, right?

Today, the WebKit project published a lengthy blog post detailing all the various additional measures it’s taking to make its Private Browsing mode more, well, private, and a lot of them are great moves, very welcome, and ensure that private browsing on Safari is a little bit more private than it is on Chrome, as the blog post gleefully points out. However, not long into the blog post, the shoe drops.

We also expanded Web AdAttributionKit (formerly Private Click Measurement) as a replacement for tracking parameters in URL to help developers understand the performance of their marketing campaigns even under Private Browsing.

↫ John Wilander, Charlie Wolfe, Matthew Finkel, Wenson Hsieh, and Keith Holleman

A little further down, they go into more detail:

Web AdAttributionKit (formerly Private Click Measurement) is a way for advertisers, websites, and apps to implement ad attribution and click measurement in a privacy-preserving way. You can read more about it here. Alongside the new suite of enhanced privacy protections in Private Browsing, Safari also brings a version of Web AdAttributionKit to Private Browsing. This allows click measurement and attribution to continue working in a privacy-preserving manner.

↫ John Wilander, Charlie Wolfe, Matthew Finkel, Wenson Hsieh, and Keith Holleman

So not only does Safari already include the kind of tracking technology everyone is – rightfully – attacking Mozilla over for adding it to Firefox, Apple and the Safari team are actually taking it a step further and making this ad tracking technology available in private browsing mode. The technology is limited a bit more in Private Browsing mode, but its intent is preserved: to track you and the ads you see online.

I would hazard a guess that when you enable a browser’s private browsing or incognito mode, you assume that means zero tracking. We already know that Chrome’s Incognito mode leaks data like a sieve with bullet holes in it, and now it seems Safari’s Private Browsing mode, too, is going to allow advertisers to track you and the ads you see – blog post full of fancy privacy features be damned.

Do you know those “Around the web” chumboxes? Even if you’re unfamiliar with the term, you’ve most definitely seen these things all over the web, and really hate them. A major player in the chumbox business is a company called Taboola, a name that’s quite despised and reviled online. Popular Apple blogger John Gruber called Taboola a “slumlord” and the “lowest common denominator clickbait property“. Do you want to know which major technology company just signed a massive deal with Taboola?

Ad tech giant Taboola has struck a deal with Apple to power native advertising within the Apple News and Apple Stocks apps, Taboola founder and CEO Adam Singolda told Axios.

↫ Sara Fischer at Axios

Apple needs to find new markets to keep growing, and clearly, pestering its users with upsells and subscriptions to its services isn’t enough. The online advertising industry is massive – just look at Google’s and Facebook’s financial disclosures – and Apple seems to be interested in taking a bigger slice of that fat pie. And as Google and now Mozilla are finding out, a browser that blocks ads and ad tracking kind of gets in the way of that.

Anyone who can make and sell plug-and-play Pi-Hole devices even normal people can use is going to make a killing.

I told you so: Mozilla working with Facebook to weaken Firefox’ privacy and anti-tracking features

I’ve long been warning about the dangers of relying on just one browser as the bullwark against the onslaught of Chrome, Chrome skins, and Safari. With Firefox’ user numbers rapidly declining, now stuck at a mere 2% or so – and even less on mobile – and regulatory pressure possibly ending the Google-Mozilla deal with makes up roughly 80% of Mozilla’s income, I’ve been warning that Mozilla will most likely have to start making Firefox worse to gain more temporary revenue. As the situation possibly grows even more dire, Firefox for Linux would be the first on the chopping block.

I’ve received quite a bit of backlash over expressing these worries, but over the course of the last year or so we’ve been seeing my fears slowly become reality before our very eyes, culminating in Mozilla recently acquiring an online advertising analytics company. Over the last few days, things have become even worse: with the release of Firefox 128, the enshitification of Firefox has now well and truly begun.

Less than a month after acquiring the AdTech company Anonym, Mozilla has added special software co-authored by Meta and built for the advertising industry directly to the latest release of Firefox, in an experimental trial you have to opt out of manually. This “Privacy-Preserving Attribution” (PPA) API adds another tool to the arsenal of tracking features that advertisers can use, which is thwarted by traditional content blocking extensions.

↫ Jonah Aragon

If you have already upgraded to Firefox 128, you have automatically been opted into using this new API, and for now, you can still opt-out by going to Settings > Privacy & Security > Website Advertising Preferences, and remove the checkmark “Allow websites to perform privacy-preserving ad measurement”. You were opted in without your consent, without any widespread announcement, and if it wasn’t for so many Firefox users being on edge about Mozilla’s recent behaviour, it might not have been snuffed out this quickly.

Over on GitHub, there’s a more in-depth description of this new API, and the first few words are something you never want to hear from an organisation that claims to fight tracking and protect your privacy: “Mozilla is working with Meta”. I’m not surprised by this at all – like I, perhaps gleefully, pointed out, I’ve been warning about this eventuality for a long time – but I’ve noted that on the wider internet, a lot of people were very much unpleasently surprised, feeling almost betrayed by this, the latest in a series of dubious moves by Mozilla.

It’s not even just the fact they’re “working with Meta”, which is entirely disqualifying in and of itself, but also the fact there’s zero transparency or accountability about this new API towards Firefox’ users. Sure, we’re all technologically inclined and follow technology news closely, but the vast majority of people don’t, and there’s bound to be countless people who perhaps only recently moved to Firefox from Chrome for privacy reasons, only to be stabbed in the back by Mozilla partnering up with Facebook, of all companies, if they even find out about this at all. It’s right out of Facebook’s playbook to secretly experiment on users.

This is what I wrote a year ago:

I’m genuinely worried about the state of browsers on Linux, and the future of Firefox on Linux in particular. I think it’s highly irresponsible of the various prominent players in the desktop Linux community, from GNOME to KDE, from Ubuntu to Fedora, to seemingly have absolutely zero contingency plans for when Firefox enshittifies or dies, despite everything we know about the current state of the browser market, the state of Mozilla’s finances, and the future prospects of both.

Desktop Linux has a Firefox problem, but nobody seems willing to acknowledge it.

↫ Thom Holwerda

It seems my warnings are turning into reality one by one, and if, at this point, you’re still not worried about where you’re going to go after Firefox starts integrating even more Facebook technologies or Firefox for Linux gets ever more resources pulled away from it until it eventually gets cancelled, you’re blind.

The AMD Zen 5 microarchitecture: powering Ryzen AI 300 series for mobile and Ryzen 9000 for desktop

Built around the new Zen 5 CPU microarchitecture with some fundamental improvements to both graphics and AI performance, the Ryzen AI 300 series, code-named Strix Point, is set to deliver improvements in several areas. The Ryzen AI 300 series looks set to add another footnote in the march towards the AI PC with its mobile SoC featuring a new XDNA 2 NPU, from which AMD promises 50 TOPS of performance. AMD has also upgraded the integrated graphics with the RDNA 3.5, which is designed to replace the last generation of RDNA 3 mobile graphics, for better performance in games than we’ve seen before.

Further to this, during AMD’s recent Tech Day last week, AMD disclosed some of the technical details regarding Zen 5, which also covers a number of key elements under the hood on both the Ryzen AI 300 and the Ryzen 9000 series. On paper, the Zen 5 architecture looks quite a big step up compared to Zen 4, with the key component driving Zen 5 forward through higher instructions per cycle than its predecessor, which is something AMD has managed to do consistently from Zen to Zen 2, Zen 3, Zen 4, and now Zen 5.

↫ Gavin Bonshor at AnandTech

Not the review and deep analysis quite yet, but a first thorough look at what Zen 5 is going to bring us, straight from AnandTech.

Fusion OS: writing an OS in Nim

I decided to document my journey of writing an OS in Nim. Why Nim? It’s one of the few languages that allow low-level systems programming with deterministic memory management (garbage collector is optional) with destructors and move semantics. It’s also statically typed, which provides greater type safety. It also supports inline assembly, which is a must for OS development. Other options include C, C++, Rust, and Zig. They’re great languages, but I chose Nim for its simplicity, elegance, and performance.

↫ Fusion OS documentation website

I love it when a hobby operating system project not only uses a less common programming language, but the author also details the entire development process in great detail. It’s not a UNIX-like, and the goals are a single 64 bit address space, capability-based security model, and a lot more. It’s targeting UEFI machines, and the code is, of course, open source and available on GitHub.

Google can totally explain why Chromium browsers quietly tell only its websites about your CPU, GPU usage

It’s time for Google being Google, this time by using an undocumented APIs to track resource usage when using Chrome.

When visiting a *.google.com domain, the Google site can use the API to query the real-time CPU, GPU, and memory usage of your browser, as well as info about the processor you’re using, so that whatever service is being provided – such as video-conferencing with Google Meet – could, for instance, be optimized and tweaked so that it doesn’t overly tax your computer. The functionality is implemented as an API provided by an extension baked into Chromium – the browser brains primarily developed by Google and used in Chrome, Edge, Opera, Brave, and others.

↫ Brandon Vigliarolo at The Register

The original goal of the API was to give Google’s various video chat services – I’ve lost count – the ability to optimise themselves based on the available system resources. Crucially, though, this API is only available to Google’s domains, and other, competing services cannot make use of it. This is in clear violation of the European Union’s Digital Markets Act, and with Chrome being by far the most popular browser in the world, and thus a clear gatekeeper, the European Commission really should have something to say about this. For its part, Google told The Register it claims to comply with the DMA, so we might see a change to this API soon.

Aside from optimising video chat performance, the API, which is baked into a non-removable extension, also tracks performance issues and crashes and reports these back to Google. This second use, too, is at its core not a bad thing – especially if users are given the option to opt out of such crash analytics. Still, it seems odd to use an undocumented API for something like this, but I’m not a developer so what do I know. Mind you, other Chromium-based browsers also report this data back to Google, which is wild when you think about it.

Normally I would suggest people switch to Firefox, but I’ve got some choice words for Firefox and Mozilla, too, later today.

Pretty pictures, bootable floppy disks, and the first Canon Cat demo?

About a month ago, Cameron Kaiser first introduced us to the Canon Cat, a computer designed by Jeff Raskin, but abandoned within six months by Canon, who had no idea what to do with it. In his second article on the Cat, Kaiser dives much deeper into the software and operating system of the Cat, even going so far as to become the first person to write software for it. One of the most surprising aspects of the Cat is that it’s collaborative; other users can call into your Cat using a landline and edit the same document you’re working on remotely.

Selecting text has other functions too. When I say everything goes in the workspace, I do mean everything. The Cat is designed to be collabourative: you can hook up your Cat to a phone line, or at least you could when landlines were more ubiquitous, and someone could call in and literally type into your document remotely. If you dialed up a service, you would type into the document and mark and send text to the remote system, and the remote system’s response would also become part of your document. (That goes for the RS-232 port as well, by the way. In fact, we’ll deliberately exploit this capability for the projects in this article.)

↫ Cameron Kaiser

You can also do calculations right into the text, going so far as allowing the user to define variables and reuse those variables throughout the text to perform various equations and other mathematic operations. If you go back and change the value of a variable, all other equations using those variables are updated as well. That’s quite nifty, especially considering the age of the Cat, and since the Cat is fixed width, you can effectively create spreadsheets this way, too.

There’s really far too much to cover here, and I strongly suggest you head on over and read the entire thing.

Microsoft quietly updates official lightweight Windows 11 Validation OS ISOs for 24H2

Microsoft has again quietly updated its Validation OS ISOs. In case you are not familiar with it, Validation OS is an official lightweight variant of Windows and it is designed for hardware vendors to test, validate and repair hardware defects.

↫ Sayan Sen at Neowin

I had no idea this variant of Windows existed, but it kind of makes sense when you think about it. OEMs or other companies making devices that run or work with Windows may need to test, reboot, test, reboot, and so on, endlessly, and having a lightweight and fast version of Windows that doesn’t load any junk you don’t need – or just loads straight into your company’s hardware testing application – is incredibly valuable.

According to Microsoft, the Windows Validation OS boots to a command line that allows you to run Win32 applications. This has made me wonder if I can use it for the one thing I am forced to use Windows for: playing League of Legends (I cobbled together a spare parts machine solely for this purpose). My guess is that either the Validation OS will lack certain components or frameworks League of Legends requires, or is so different from regular Windows that it will trip Riot Games’ rootkit, or both.

Still, I’m curious. I might load this up on a spare hard drive and what’s possible.

GitHub is starting to feel like legacy software

The corporate branding, the new “AI-powered developer platform” slogan, makes it clear that what I think of as “GitHub”—the traditional website, what are to me the core features—simply isn’t Microsoft’s priority at this point in time. I know many talented people at GitHub who care, but the company’s priorities just don’t seem to value what I value about the service. This isn’t an anti-AI statement so much as a recognition that the tool I still need to use every day is past its prime. Copilot isn’t navigating the website for me, replacing my need to the website as it exists today. I’ve had tools hit this phase of decline and turn it around, but I’m not optimistic. It’s still plenty usable now, and probably will be for some years to come, but I’ll want to know what other options I have now rather than when things get worse than this.

↫ Misty De Meo

Apparently, GitHub is in the middle of a long, drawn-out process where it’s rewriting its frontend using React. De Meo was trying to use a particular feature of GitHub – the blame view, which also works through the command line but is apparently much harder to parse there – and realised the browser search feature just couldn’t find the line of code they absolutely knew for sure was there. After scrolling for a while, the browser search feature suddenly found the line of code.

I’d heard rumblings that GitHub’s in the middle of shipping a frontend rewrite in React, and I realized this must be it. The problem wasn’t that the line I wanted wasn’t on the page—it’s that the whole document wasn’t being rendered at once, so my browser’s builtin search bar just couldn’t find it. On a hunch, I tried disabling JavaScript entirely in the browser, and suddenly it started working again. GitHub is able to send a fully server-side rendered version of the page, which actually works like it should, but doesn’t do so unless JavaScript is completely unavailable.

↫ Misty De Meo

Seem like a classic case of people being told to develop something in too little time, with the wrong tools, while management is breathing down their necks and pulling engineers away to work on buzzwords like “AI”.

Windows NT 4.0 ported to run on certain Apple PowerPC Macs

The most fascinating time for Windows NT were its first few years on the market, when the brand new operating system supported a wide variety of architectures, from default x86, all the way down to stuff like Alpha, MIPS, and exotic things like Intel i860, and even weirder stuff like Clipper (even a SPARC port was planned, but never released). One of the more conventional architectures that saw a Windows NT port – one that was actually released to the public, no less – was PowerPC. The last version of Windows NT to support exotic architectures was 4.0, with Windows 2000 only supporting x86, dropping everything else, including PowerPC (although Windows 2000 for Alpha reached RC1 status).

The PowerPC version of Windows NT only supported IBM and Motorola systems using the PowerPC Reference Platform, and never the vastly more popular PowerPC systems from Apple. Well, it’s 2024, and that just changed: Windows NT 4.0 can now be installed and run on certain Apple New World Power Macintosh systems.

This repository currently contains the source code for the ARC firmware and its loader, targeting New World Power Macintosh systems using the Gossamer architecture (that is, MPC106 “Grackle” memory controller and PCI host, and “Heathrow” or “Paddington” super-I/O chip on the PCI bus).

[…]

NT4 only, currently. NT 3.51 may become compatible if HAL and drivers get ported to it. NT 3.5 will never be compatible, as it only supports PowerPC 601. (The additional suspend/hibernation features in NT 3.51 PMZ could be made compatible in theory but in practise would require all of the additional drivers for that to be reimplemented.)

↫ maciNTosh GitHub page

This is absolutely wild, and one of the most interesting projects I’ve seen in a long, long time. The deeply experimental nature of this effort does mean that NT 4.0 is definitely not stable on any of the currently supported machines, and the number of drivers implemented is the absolute bare minimum to run NT 4.0 on these systems. It does, however, support dual-booting both NT 4.0 and Mac OS8, 9, and X, which would be quite something to set up.

I’m not definitely going to keep an eye on eBay for a supported machine, because running NT on anything other than x86 has always been a bit of a weird fascination for me. Sadly, period-correct PowerPC machines that support NT are extremely rare and thus insanely expensive, and will often require board-level repairs that I can’t perform. Getting a more recent Yikes PowerMac G4 should be easy, since those just materialise out of thin air randomly in the world.

I’m incredibly excited about this.

    Package AmigaOS software for Linux and Windows with AxRuntime

    This solution lets developers compile their Amiga API-based applications as Linux binaries. Once the features are implemented, tested and optimized using the runtime on Linux or Windows, developers re-compile their applications for their Amiga-like system of choice and perform final quality checking.

    Applications created with AxRuntime can be distributed to Linux or Windows communities, giving developers a much broader user base and a possibility to invite developers from outside general Amiga community to contribute to the application.

    ↫ AxRuntime website

    I had never considered this as an option, but with AmigaOS 3.x basically being frozen in time, it’s a relatively easy target for an effort such as this. It won’t surprise you to learnt hat AxRuntime is using code from AROS, which itself is fully compatible with AmigaOS 3.1. This should technically mean that any AmigaOS application that runs on AROS should be able to be made to run using this runtime, which is great news for Amiga developers.

    Why? Well, the cold, harsh truth is that the number of Amiga users is probably still dwindling as the sands of time cause people to, well, die, and the influx of new users, who also happen to possess the skillset to develop AmigaOS software, must be a very, very slow trickle, at best. This runtime will allow AmigaOS developer to package their software to run on Linux and Windows machines, getting a lot more eyes on the software in the process. Amiga devices are not exactly cheap or easy to come by, so this is a great alternative.

    Google is ending support for Lacros, the experimental version of Chrome for ChromeOS

    Back in August 2023, we previewed our work on an experimental version of Chrome browser for ChromeOS named Lacros. The original intention was to allow Chrome browser on Chromebooks to swiftly get the latest feature and security updates without needing a full OS update.

    As we refocus our efforts on achieving similar objectives with ChromeOS embracing portions of the Android stack, we have decided to end support for this experiment. We believe this will be a more effective way to help accelerate the pace of innovation on Chromebook.

    ↫ ChromeOS Beta Tester Community

    To refresh your memory, Lacros was an attempt by Google to decouple the Chrome browser from ChromeOS itself, so that the browser could be updated indepdnently from ChromeOS as a whole. This would obviously bring quite a few benefits with it, from faster and easier updates, to the ability to keep updating the Chrome browser after device support has ended. This was always an experimental feature, so the end of this experiment really won’t be affecting many people.

    The interesting part is the reference to the recent announcement that ChromeOS’ Linux kernel and various subsystems will be replaced by their Android counterparts. I’m not entirely sure what this means for the Chrome browser on ChromeOS, since it seems unlikely that they’re going to be using the Android version of Chrome on ChromeOS. It’s generally impossible to read the tea leaves when it comes to whatever Google does, so I’m not even going to try.

    Ubuntu security updates are a confusing mess

    I’ve read this article several times now, and I’m still not entirely sure how to properly summarise the main points without leaving important details out. If you really boil it down to the very bare essentials, which packages get updates on which Ubuntu release is a confusing mess that most normal users will never be able to understand, potentially leaving them vulnerable to security flaws that have already been widely patched and are available on Ubuntu – just not your specific Ubuntu version, your specific customer type, or the specific package type in question.

    So, in the case of McPhail here, they needed a patched version of tomcat 9 for Ubuntu 22.04. This patched version was available for Ubuntu 18.04 users because not only is 18.04 an LTS release – meaning five years of support – Canonical also offers a commercial Extended Security Maintenance (ESM) subscription for 18.04, so if you’re paying for that, you get the patched tomcat9. On Ubuntu 20.04, another LTS release, the patched version of tomcat9 is available for everyone, but for the version McPhail is running, the newer LTS release 22.04, it’s only available for Ubuntu Pro subscribers (24.04 is not affected, so not relevant for this discussion). Intuitively, this doesn’t make any sense.

    The main cause of the weird discrepancy between 20.04 and 22.04 is that Canonical’s LTS support only covers the packages in main (about 10% of the total amount of packages), whereas tomcat9 lives in universe (90% of packages). LTS packages in universe are only supported on a “best effort” basis, and one of the ways a patched universe package can be made available to non-paying LTS users is if it is inhereted from Debian, which happens to be the case for tomcat9 in 20.04, while in 22.04, it’s considered part of an Ubuntu Pro subscription.

    So, there’s a fixed package, but 22.04 LTS users, who may expect LTS to truly mean LTS, don’t get the patched version that exists and is ready to go without issues. Wild.

    This is incredibly confusing, and would make me run for the Debian hills before my next reboot. I understand maintaining packages is a difficult, thankless task, but the nebulousness here is entirely of Canonical’s own making, and it’s without a doubt leaving users vulnerable who fully expect to be safe and all patched up because they’re using an LTS release.