Raptor CS: fully owner-controlled computing using OpenPOWER

Peter Czanik did an interview with Timothy Pearson of Raptor Engineering, the company behind POWER9 systems like the Talos II and Blackbird, which I reviewed last year. There’s some good stuff in there, most importantly the reasoning as to why there isn’t any POWER10 hardware from Raptor yet.

At this time we do not have plans to create a POWER10 system. The reasoning behind this is that somehow, during the COVID19 shutdowns and subsequent Global Foundries issues, IBM ended up placing two binary blobs into the POWER10 system. One is loaded onto the Microsemi OMI to DDR4 memory bridge chip, and the other is loaded into what appears to be a Synopsis IP block located on the POWER10 die itself. Combined, they mean that all data flowing into and out of the POWER10 cores over any kind of high speed interface is subject to inspection and/or modfication by a binary firmware component that is completely unauditable – basically a worst-case scenario that is strangely reminiscent of the Intel Management Engine / AMD Platorm Security Processor (both have a similar level of access to all data on the system, and both are required to use the processor). Our general position is that if IBM considered these components potentially unstable enough to require future firmware updates, the firmware must be open source so that entities and owners outside of IBM can also modify those components to fit their specific needs.

Were IBM to either open source the firmware or produce a device that did not require / allow mutable firmware components in those locations, we would likely reconsider this decision.

This information isn’t new, but you had to read Twitter posts or forum messages to get at it, so it’s nice to see it all laid out like this. IBM really missed the mark here, and it’s incredibly sad we won’t be seeing any POWER10 workstations from Raptor any time soon. I do admire Raptor’s uncompromising stance here, though, since it’s rare to find a company with principles they’re willing to stand by.

And these principles matter – as the story about the problems getting Linux to run on the Rock64 showed. As Pearson puts it:

An owner-controlled device is best defined as a tool that answers only to its physical owner, i.e. its owner (and only its owner) has full control over every aspect of its operation. If something is mutable on that device, the owner must be able to make those changes to alter its operation without vendor approval or indeed any vendor involvement at all. This is in stark contrast with the standard PC model, where e.g. Intel or AMD are allowed to make changes on the device but the owner is expressly forbidden to change the device’s operation through various means (legal restrictions, lack of source code, vendor-locked cryptographic signing keys, etc.). In our opinion, such devices never really left the control of the vendor, yet somehow the owner is still legally responsible for the data stored on them – to me, this seems like a rather strange arrangement on which to build an entire modern digital economy and infrastructure.

He’s not wrong.

Apple promoting accessibility features for iOS users that anyone can take advantage of

Apple this week celebrated Global Accessibility Awareness Day by announcing new accessibility features that will be available later this year with iOS 16 and other software updates. However, while we wait for those updates, the company has been promoting accessibility tips that anyone can take advantage of.

[…]

One of the new accessibility features teased by Apple this week is called “Door Detection,” and it uses the LiDAR scanner on supported iPhone and iPad models to help users understand how far away they are from a door. It can also read signs and symbols around the door.

For Apple Watch users, a new option will mirror the watch’s screen on the iPhone so that people with physical and motor disabilities can interact with features such as ECG, Blood Oxygen, and Heart Rate. Also, live captions are finally coming to FaceTime on iPhone, iPad, and Mac.

Apple’s dedication to accessibility is second to none in the operating system market, and that’s the reason virtually every single visually impaired person I’ve ever seen uses an iPhone. This certainly isn’t something that makes them tons of money, and it also isn’t something that’s easy to design and implement, so hats off to Apple for placing accessibility high on the list.

Making sure everyone – regardless of ability – can use modern devices should be the norm, not the exception.

EU planning to force Apple to give developers access to all hardware and software features

The European Union is pressing ahead with legislation to heavily regulate companies like Apple, setting plans to force “gatekeepers” to open up access to hardware and software, and even set up an internal department to meet new rules, according to an endorsed agreement from the European Parliament’s Internal Market Committee.

[…]

The DMA could force Apple to make major changes to the App Store, Messages, FaceTime, third-party browsers, and Siri in Europe. For example, it could be forced to allow users to install third-party app stores and sideload apps, give developers the ability to closely interoperate with Apple’s own services and promote their offers outside the ‌App Store‌ and use third-party payment systems, and access data gathered by Apple.

The DMA is turning out much better than I could’ve ever hoped for, and contains more strict regulations than I ever imagined the European Union would go for. The DMA would significantly upset the market, and give smaller, competing companies many more legs to stand on – and its effects will find its way to other parts of the world, too.

This is long overdue, and I’m here for it. This is a tiny speck of good news in the hellstorm that has been the recent few years.

Developer pulls plug on popular open source Android email client FairEmail

And another great application falls victim to Google’s absolute disdain for Android developers. Marcel Bokhorst has announced that after yet another brick wall interaction with Google, he is ending development of his popular (in the right circles) open source email client FairEmail.

All my projects have been terminated after Google falsely flagged FairEmail as spyware without a reasonable opportunity to appeal. There will be no further development and no more support.

On XDA, he gives more background.

According to Google FairEmail is spyware because it uploads the contact list. My guess is this is because of the usage of favicons, which will use the domain name of email addresses to fetch info. This feature has been removed from the Play store version now.

Google has been violating EU regulation 2019/1150 on multiple occasions now by not being transparent about what exactly the problem is, but what can I do? Complain via the EU, wait five years for action while the app is being removed from the Play store?

FairEmail obviously isn’t as popular as the Gmail application or Outlook, but it does have more than 500.000 installs on Google Play (it’s als available on F-Droid), and if you care about open source and privacy, there’s very few other places to go for email on Android (whether Google-less or not). It’s incredibly full-featured and was regularly updated.

It’s sad to see rare applications like this fall victim to Google’s inscrutable bureaucracy, but I fully understand Bokhorst throwing in the towel.

Red Hat Enterprise Linux 9.0 released

Red Hat Enterprise Linux 9.0 is now officially available to Red Hat customers as stable, building off the RHEL9 beta available since the end of last year. Red Hat Enterprise Linux 9 ships with a wealth of updated software components and derived from CentOS Stream. On the versioning front, RHEL9 has GCC 11 as the default system compiler, Python 3.9, RPM 4.16, PHP 8.0, updated LLVM / Rust / Go compilers, a plethora of optimizations, OpenSSL 3, Ruby 3.0, and much more to enjoy with this major release for enterprise Linux users. Linux 5.14 is the kernel in use by RHEL 9.0 albeit with various kernel back-ports.

There will be several community alternatives based on RHEL 9.0 soon enough, too, so if you want to run something RHEL like without all the corporate support, there’s enough options, too.

My unholy battle with a Rock64

I’ve got this rock64, which is an aarch64 board comparable to a Raspberry Pi 3 B+ with 4 gigs of ram. For years I’ve wanted to put a distribution on here that doesn’t have a premade image available, mainly because out of all the options on that page I don’t actually like any of them. Well, except NetBSD, but NetBSD doesn’t have GPU drivers for it. Problem is, everything I do want to use provides rootfs tarballs and tells you to figure it out. To do that I’ve got to get a Linux kernel, track down the device trees so it knows what hardware it has, and then wrangle u-boot into actually booting the whole thing. I figured that would be the hard part; little did I know the depths that Single Board Computer Hell would reach.

Unlike x86, ARM is far, far from a standardised platform. The end result of this is that unless you can find tailor-made images specific for your particular ARM board, you’re gonna have to do a lot of manual labour to install an operating system that should work.

Restoring a Tadpole SPARCbook 3

Tadpole Technology was a small British computer company formed in 1983 and originally based out of Cambridge, who amongst other things manufactured VMEbus boards for industrial applications, along with military spec, small server and laptop computers. During the 1990s and perhaps most famously, Tadpole produced a range of high-end laptops that were based on the SPARC, PowerPC and Alpha RISC architectures, running Solaris, AIX and OpenVMS respectively.

A previous series of articles followed the restoration of a SPARCstation IPX, noting how Sun UNIX workstations were a much-coveted object of geek desire in the early 1990s. However, Tadpole laptops which boasted a RISC processor were a great deal rarer than such workstations, with an almost legendary status and you were lucky if you even got to see one in the flesh.

In this series of posts, we’ll take a look at restoring a third-generation Tadpole SPARCbook, which was introduced in 1994 at a starting cost of $10,950 — which with inflation would make the price tag equivalent to almost $20,000 or £15,000 in today’s money!

SPARC hardware in general has a special place in my heart, but the Tadpole SPARC laptops are in a whole league of their own – mythical beasts I know exist, but which are incredibly rare, and even more stupidly expensive when they come up for sale than even regular SPARC hardware.

I’d not give up my firstborn for one, but we can talk about a kidney. Or two.

The very weird Hewlett Packard FreeDOS option

In this installment: some strange things I discovered when purchasing a FreeDOS laptop from Hewlett Packard. I suspect that the audience for this will be somewhat limited but I had fun exploring this. Perhaps you, dear reader, will find a chuckle in here too.

Some background: I recently purchased a HP ZBook 17.8 G8 as I run Fedora Linux I decided to have a little fun with the OS selection and picked the FreeDOS option (Other options include Ubuntu, and various flavors of Windows 11).

I can guarantee you this will be a lot weirder than you think.

Fedora 36 released

Fedora 36 is releasing this morning as what is yet another release in recent times of being a very robust and bleeding-edge yet stable and reliable Linux distribution. I’ve already been running Fedora Workstation 36 and Fedora Server 36 snapshots on various systems in my benchmarking lab and this release has proven to be quite solid while adding new features and polish on top of the excellent Fedora 35.

I have no reservations about stating that Fedora is by far the best desktop Linux distribution you can get today (assuming you prefer GNOME, that is). It’s polished to an insane degree, not afraid to both develop and implement new technologies that bring the Linux desktop forward – kicking and screaming, lots of kicking and screaming – and sports excellent community support through things like RPM Fusion.

Linux Mint if you prefer less bleeding edge, Fedora if you want the best the Linux desktop has to offer.

Google releases Android 13 beta 2

At its Google I/O event on Wednesday, Google released the second beta of Android 13. The search giant highlighted several new aspects to Android 13 including better privacy controls that help users to limit what data apps have access to, an improved Material You theme system that works across more apps, a new Settings & Privacy page that can help you boost your security, swanky music controls that adjust their look based on the music you’re listening to, and the ability to change the language of each app – something that music be quite handy if you are bilingual and prefer certain apps in a particular language.

You can really tell we’ve hit a fairly stable feature ceiling for mobile operating systems. New releases don’t really rock the boat anymore, and there’s rarely any major, tent pole features that you’ll miss out on.

Still, updates are updates, and they come with more than just new features – security fixes are reason enough phone makers should be forced to support phones with full Android version updates for at least five years, preferably longer.

The Apple GPU and the impossible bug

In late 2020, Apple debuted the M1 with Apple’s GPU architecture, AGX, rumoured to be derived from Imagination’s PowerVR series. Since then, we’ve been reverse-engineering AGX and building open source graphics drivers. Last January, I rendered a triangle with my own code, but there has since been a heinous bug lurking:

The driver fails to render large amounts of geometry.

Spinning a cube is fine, low polygon geometry is okay, but detailed models won’t render. Instead, the GPU renders only part of the model and then faults.

A very deep dive into the cause and fix for this bug, and on top of that, some sleuthing to figure out where it comes from. A very fun and interesting read.

Dutch digital identity system crisis

Dutch digital identity verification system DigiD has announced the phasing out SMS as second factor. That way they require citizens to install a smartphone app in order to use digital services from the government, municipalities, the health sector and others. These applications only work on iOS and Android phones, with reliance on third party services.

Plenty of members of our community choose not to use a device that is tied to vendor-specific services. There is a threat our community will practically be locked out of the digital infrastructure the government has set up for us to use. Official alternatives are to ask a friend with the app for help or go back to snail mail and physical meetings.

This is dreadfully bad, and illustrates just how badly we need rules and regulations in place to force governments to make access to its digital services completely platform-agnostic. The linked article references the German verification system, which published its code as open source, and allows anyone to make an application that uses it. The end result is a variety of open source alternatives, available on various platforms.

NVIDIA transitioning to official, open-source Linux GPU kernel driver

The day has finally come: NVIDIA IS PUBLISHING THEIR LINUX GPU KERNEL MODULES AS OPEN-SOURCE! To much excitement and a sign of the times, the embargo has just expired on this super-exciting milestone that many of us have been hoping to see for many years. Over the past two decades NVIDIA has offered great Linux driver support with their proprietary driver stack, but with the success of AMD’s open-source driver effort going on for more than a decade, many have been calling for NVIDIA to open up their drivers. Their user-space software is remaining closed-source but as of today they have formally opened up their Linux GPU kernel modules and will be maintaining it moving forward. Here’s the scoop on this landmark open-source decision at NVIDIA.

I can’t believe this is happening.

NVIDIA is open sourcing all of its kernel driver modules, for both enterprise stuff and desktop hardware, under both the GPL and MIT license, it will available on Github, and NVIDIA welcomes community contributions where they make sense. This isn’t just throwing the open source community a random bone – this looks and feels like the real deal. They’re even aiming to have their open source driver mainlined into the Linux kernel once API/ABI has stabalised.

This is a massive win for the open source community, and I am incredibly excited about what this will mean for the future of the Linux desktop.

Apple discontinues iPod touch, ending 20 year run of iconic ‘iPod’ brand

It’s the end of an era: Apple is officially discontinuing the iPod touch. The company says that the device will be available only “while supplies last.” This also means that the “iPod” brand is officially retired, as the iPod touch was the last iPod in Apple’s lineup.

It’s the end of an era for a product that was once one of the most popular gadgets in the world.

The iPod was one of the most iconic product lines in recent history, and now, it’s something nobody ever even talks about anymore. Apple was willing to cannibalise its own iPod success with the iPhone, and it paid off.

Are alternative app stores worth it?

App Store Optimization is, for most people, synonymous with Apple’s App Store and Google’s Play Store. After all, they contribute to 90% of the total available apps in the market. But they’re not the only ones out there. These alternative app stores seem to lurk in the shadows but each of them has its slew of users. With the looming DMA and Open Markets Acts that aim to open the app markets to third-party stores,  their time to shine may be just around the corner. Are they worth looking into? We’re investigating the topic.

I’m actually quite surprised by these numbers. Of course, China has a whole slew of China-only application stores that are incredibly popular, but even outside of China, there’s quite a few application stores that seem to have found their niche, and doing well. If you’re a developer of certain applications, it might be worth it to check some of these more specialised application stores.

And with the EU on the brink of cracking Apple’s stranglehold on iOS applications, we’re going to see an explosion of tailored application stores,

Homemade TPM 2.0 Module

With the recent launch of Windows 11 Microsoft also made having a hardware TPM module mandatory. Although this technology is not new (it was introduced in Windows 10 and Windows Server 2016), now, that most people can’t upgrade to Windows 11, it will (slowly) become mainstream. (My personal opinion on it is that is probably a step in the right direction, but Microsoft could have handled mandating it better..)

Several months ago, when I heard about this new requirement, I checked how much this upgrade for me would cost. At the time prices for a TPM2.0 module for my motherboard (Gigabyte AORUS GAMING 3) started at around €150, which is not much less then, but definitely comparable with, the price of the motherboard itself. Not prepared to pay that much for a “free” Windows 11 upgrade, I started to look into if and how I could create the same thing on my own.

A cool and actually useful project – and the required code and schematics are available on GitHub.

OpenVMS E9.2 on x86 now available

We are excited to announce the availability of VSI OpenVMS E9.2 for x86-64, field test version of the upcoming V9.2 release. This is the next step in the journey to migrate OpenVMS to the x86-64 platform. The E9.2 release allows you to use the operating system with some of the most commonly-used hypervisors and includes a host of newly migrated applications.

VSI has been porting OpenVMS to x86-64 for a while now, and it seems they’re getting quite close to general availability. E9.2 is focused on x86 hypervisors, and the porting effort as a whole should provide a future upgrade path for VMS users for a long time to come.

Android 13’s new sideloading restriction makes it harder for malware to abuse Accessibility APIs

Android’s Accessibility API is an incredibly powerful tool intended for developers to build apps for users with disabilities. The API lets apps read the contents of the screen and perform inputs on behalf of the user, which are essential functions for screen readers and alternative input systems. Unfortunately, these functions are also incredibly useful for malicious apps that want to steal data from users, which is why Google has been cracking down on which apps are allowed to use the Accessibility API. Google has already limited which apps on Google Play can use the Accessibility API, and in Android 13, they’re taking things one step further by heavily restricting API access for apps that the user has sideloaded from outside of an app store.

And so, step by step, Google locks down more and more of Android. Some of the most fascinating and unique applications use the Accessiblity APIs, and making it harder for them to do their thing will have a chilling effect on the wild innovation we see in the Android world. For now, this restriction only applies to applications sideloaded outside of application stores (e.g, applications installed through F-Droid are not affected), but I have my doubt slippery slope is suddenly going to even out at this specific point.

After all, we must be protected against ourselves at all costs.