I told you so: Mozilla working with Facebook to weaken Firefox’ privacy and anti-tracking features

I’ve long been warning about the dangers of relying on just one browser as the bullwark against the onslaught of Chrome, Chrome skins, and Safari. With Firefox’ user numbers rapidly declining, now stuck at a mere 2% or so – and even less on mobile – and regulatory pressure possibly ending the Google-Mozilla deal with makes up roughly 80% of Mozilla’s income, I’ve been warning that Mozilla will most likely have to start making Firefox worse to gain more temporary revenue. As the situation possibly grows even more dire, Firefox for Linux would be the first on the chopping block.

I’ve received quite a bit of backlash over expressing these worries, but over the course of the last year or so we’ve been seeing my fears slowly become reality before our very eyes, culminating in Mozilla recently acquiring an online advertising analytics company. Over the last few days, things have become even worse: with the release of Firefox 128, the enshitification of Firefox has now well and truly begun.

Less than a month after acquiring the AdTech company Anonym, Mozilla has added special software co-authored by Meta and built for the advertising industry directly to the latest release of Firefox, in an experimental trial you have to opt out of manually. This “Privacy-Preserving Attribution” (PPA) API adds another tool to the arsenal of tracking features that advertisers can use, which is thwarted by traditional content blocking extensions.

↫ Jonah Aragon

If you have already upgraded to Firefox 128, you have automatically been opted into using this new API, and for now, you can still opt-out by going to Settings > Privacy & Security > Website Advertising Preferences, and remove the checkmark “Allow websites to perform privacy-preserving ad measurement”. You were opted in without your consent, without any widespread announcement, and if it wasn’t for so many Firefox users being on edge about Mozilla’s recent behaviour, it might not have been snuffed out this quickly.

Over on GitHub, there’s a more in-depth description of this new API, and the first few words are something you never want to hear from an organisation that claims to fight tracking and protect your privacy: “Mozilla is working with Meta”. I’m not surprised by this at all – like I, perhaps gleefully, pointed out, I’ve been warning about this eventuality for a long time – but I’ve noted that on the wider internet, a lot of people were very much unpleasently surprised, feeling almost betrayed by this, the latest in a series of dubious moves by Mozilla.

It’s not even just the fact they’re “working with Meta”, which is entirely disqualifying in and of itself, but also the fact there’s zero transparency or accountability about this new API towards Firefox’ users. Sure, we’re all technologically inclined and follow technology news closely, but the vast majority of people don’t, and there’s bound to be countless people who perhaps only recently moved to Firefox from Chrome for privacy reasons, only to be stabbed in the back by Mozilla partnering up with Facebook, of all companies, if they even find out about this at all. It’s right out of Facebook’s playbook to secretly experiment on users.

This is what I wrote a year ago:

I’m genuinely worried about the state of browsers on Linux, and the future of Firefox on Linux in particular. I think it’s highly irresponsible of the various prominent players in the desktop Linux community, from GNOME to KDE, from Ubuntu to Fedora, to seemingly have absolutely zero contingency plans for when Firefox enshittifies or dies, despite everything we know about the current state of the browser market, the state of Mozilla’s finances, and the future prospects of both.

Desktop Linux has a Firefox problem, but nobody seems willing to acknowledge it.

↫ Thom Holwerda

It seems my warnings are turning into reality one by one, and if, at this point, you’re still not worried about where you’re going to go after Firefox starts integrating even more Facebook technologies or Firefox for Linux gets ever more resources pulled away from it until it eventually gets cancelled, you’re blind.

The AMD Zen 5 microarchitecture: powering Ryzen AI 300 series for mobile and Ryzen 9000 for desktop

Built around the new Zen 5 CPU microarchitecture with some fundamental improvements to both graphics and AI performance, the Ryzen AI 300 series, code-named Strix Point, is set to deliver improvements in several areas. The Ryzen AI 300 series looks set to add another footnote in the march towards the AI PC with its mobile SoC featuring a new XDNA 2 NPU, from which AMD promises 50 TOPS of performance. AMD has also upgraded the integrated graphics with the RDNA 3.5, which is designed to replace the last generation of RDNA 3 mobile graphics, for better performance in games than we’ve seen before.

Further to this, during AMD’s recent Tech Day last week, AMD disclosed some of the technical details regarding Zen 5, which also covers a number of key elements under the hood on both the Ryzen AI 300 and the Ryzen 9000 series. On paper, the Zen 5 architecture looks quite a big step up compared to Zen 4, with the key component driving Zen 5 forward through higher instructions per cycle than its predecessor, which is something AMD has managed to do consistently from Zen to Zen 2, Zen 3, Zen 4, and now Zen 5.

↫ Gavin Bonshor at AnandTech

Not the review and deep analysis quite yet, but a first thorough look at what Zen 5 is going to bring us, straight from AnandTech.

Fusion OS: writing an OS in Nim

I decided to document my journey of writing an OS in Nim. Why Nim? It’s one of the few languages that allow low-level systems programming with deterministic memory management (garbage collector is optional) with destructors and move semantics. It’s also statically typed, which provides greater type safety. It also supports inline assembly, which is a must for OS development. Other options include C, C++, Rust, and Zig. They’re great languages, but I chose Nim for its simplicity, elegance, and performance.

↫ Fusion OS documentation website

I love it when a hobby operating system project not only uses a less common programming language, but the author also details the entire development process in great detail. It’s not a UNIX-like, and the goals are a single 64 bit address space, capability-based security model, and a lot more. It’s targeting UEFI machines, and the code is, of course, open source and available on GitHub.

Google can totally explain why Chromium browsers quietly tell only its websites about your CPU, GPU usage

It’s time for Google being Google, this time by using an undocumented APIs to track resource usage when using Chrome.

When visiting a *.google.com domain, the Google site can use the API to query the real-time CPU, GPU, and memory usage of your browser, as well as info about the processor you’re using, so that whatever service is being provided – such as video-conferencing with Google Meet – could, for instance, be optimized and tweaked so that it doesn’t overly tax your computer. The functionality is implemented as an API provided by an extension baked into Chromium – the browser brains primarily developed by Google and used in Chrome, Edge, Opera, Brave, and others.

↫ Brandon Vigliarolo at The Register

The original goal of the API was to give Google’s various video chat services – I’ve lost count – the ability to optimise themselves based on the available system resources. Crucially, though, this API is only available to Google’s domains, and other, competing services cannot make use of it. This is in clear violation of the European Union’s Digital Markets Act, and with Chrome being by far the most popular browser in the world, and thus a clear gatekeeper, the European Commission really should have something to say about this. For its part, Google told The Register it claims to comply with the DMA, so we might see a change to this API soon.

Aside from optimising video chat performance, the API, which is baked into a non-removable extension, also tracks performance issues and crashes and reports these back to Google. This second use, too, is at its core not a bad thing – especially if users are given the option to opt out of such crash analytics. Still, it seems odd to use an undocumented API for something like this, but I’m not a developer so what do I know. Mind you, other Chromium-based browsers also report this data back to Google, which is wild when you think about it.

Normally I would suggest people switch to Firefox, but I’ve got some choice words for Firefox and Mozilla, too, later today.

Pretty pictures, bootable floppy disks, and the first Canon Cat demo?

About a month ago, Cameron Kaiser first introduced us to the Canon Cat, a computer designed by Jeff Raskin, but abandoned within six months by Canon, who had no idea what to do with it. In his second article on the Cat, Kaiser dives much deeper into the software and operating system of the Cat, even going so far as to become the first person to write software for it. One of the most surprising aspects of the Cat is that it’s collaborative; other users can call into your Cat using a landline and edit the same document you’re working on remotely.

Selecting text has other functions too. When I say everything goes in the workspace, I do mean everything. The Cat is designed to be collabourative: you can hook up your Cat to a phone line, or at least you could when landlines were more ubiquitous, and someone could call in and literally type into your document remotely. If you dialed up a service, you would type into the document and mark and send text to the remote system, and the remote system’s response would also become part of your document. (That goes for the RS-232 port as well, by the way. In fact, we’ll deliberately exploit this capability for the projects in this article.)

↫ Cameron Kaiser

You can also do calculations right into the text, going so far as allowing the user to define variables and reuse those variables throughout the text to perform various equations and other mathematic operations. If you go back and change the value of a variable, all other equations using those variables are updated as well. That’s quite nifty, especially considering the age of the Cat, and since the Cat is fixed width, you can effectively create spreadsheets this way, too.

There’s really far too much to cover here, and I strongly suggest you head on over and read the entire thing.

Microsoft quietly updates official lightweight Windows 11 Validation OS ISOs for 24H2

Microsoft has again quietly updated its Validation OS ISOs. In case you are not familiar with it, Validation OS is an official lightweight variant of Windows and it is designed for hardware vendors to test, validate and repair hardware defects.

↫ Sayan Sen at Neowin

I had no idea this variant of Windows existed, but it kind of makes sense when you think about it. OEMs or other companies making devices that run or work with Windows may need to test, reboot, test, reboot, and so on, endlessly, and having a lightweight and fast version of Windows that doesn’t load any junk you don’t need – or just loads straight into your company’s hardware testing application – is incredibly valuable.

According to Microsoft, the Windows Validation OS boots to a command line that allows you to run Win32 applications. This has made me wonder if I can use it for the one thing I am forced to use Windows for: playing League of Legends (I cobbled together a spare parts machine solely for this purpose). My guess is that either the Validation OS will lack certain components or frameworks League of Legends requires, or is so different from regular Windows that it will trip Riot Games’ rootkit, or both.

Still, I’m curious. I might load this up on a spare hard drive and what’s possible.

GitHub is starting to feel like legacy software

The corporate branding, the new “AI-powered developer platform” slogan, makes it clear that what I think of as “GitHub”—the traditional website, what are to me the core features—simply isn’t Microsoft’s priority at this point in time. I know many talented people at GitHub who care, but the company’s priorities just don’t seem to value what I value about the service. This isn’t an anti-AI statement so much as a recognition that the tool I still need to use every day is past its prime. Copilot isn’t navigating the website for me, replacing my need to the website as it exists today. I’ve had tools hit this phase of decline and turn it around, but I’m not optimistic. It’s still plenty usable now, and probably will be for some years to come, but I’ll want to know what other options I have now rather than when things get worse than this.

↫ Misty De Meo

Apparently, GitHub is in the middle of a long, drawn-out process where it’s rewriting its frontend using React. De Meo was trying to use a particular feature of GitHub – the blame view, which also works through the command line but is apparently much harder to parse there – and realised the browser search feature just couldn’t find the line of code they absolutely knew for sure was there. After scrolling for a while, the browser search feature suddenly found the line of code.

I’d heard rumblings that GitHub’s in the middle of shipping a frontend rewrite in React, and I realized this must be it. The problem wasn’t that the line I wanted wasn’t on the page—it’s that the whole document wasn’t being rendered at once, so my browser’s builtin search bar just couldn’t find it. On a hunch, I tried disabling JavaScript entirely in the browser, and suddenly it started working again. GitHub is able to send a fully server-side rendered version of the page, which actually works like it should, but doesn’t do so unless JavaScript is completely unavailable.

↫ Misty De Meo

Seem like a classic case of people being told to develop something in too little time, with the wrong tools, while management is breathing down their necks and pulling engineers away to work on buzzwords like “AI”.

Windows NT 4.0 ported to run on certain Apple PowerPC Macs

The most fascinating time for Windows NT were its first few years on the market, when the brand new operating system supported a wide variety of architectures, from default x86, all the way down to stuff like Alpha, MIPS, and exotic things like Intel i860, and even weirder stuff like Clipper (even a SPARC port was planned, but never released). One of the more conventional architectures that saw a Windows NT port – one that was actually released to the public, no less – was PowerPC. The last version of Windows NT to support exotic architectures was 4.0, with Windows 2000 only supporting x86, dropping everything else, including PowerPC (although Windows 2000 for Alpha reached RC1 status).

The PowerPC version of Windows NT only supported IBM and Motorola systems using the PowerPC Reference Platform, and never the vastly more popular PowerPC systems from Apple. Well, it’s 2024, and that just changed: Windows NT 4.0 can now be installed and run on certain Apple New World Power Macintosh systems.

This repository currently contains the source code for the ARC firmware and its loader, targeting New World Power Macintosh systems using the Gossamer architecture (that is, MPC106 “Grackle” memory controller and PCI host, and “Heathrow” or “Paddington” super-I/O chip on the PCI bus).


NT4 only, currently. NT 3.51 may become compatible if HAL and drivers get ported to it. NT 3.5 will never be compatible, as it only supports PowerPC 601. (The additional suspend/hibernation features in NT 3.51 PMZ could be made compatible in theory but in practise would require all of the additional drivers for that to be reimplemented.)

↫ maciNTosh GitHub page

This is absolutely wild, and one of the most interesting projects I’ve seen in a long, long time. The deeply experimental nature of this effort does mean that NT 4.0 is definitely not stable on any of the currently supported machines, and the number of drivers implemented is the absolute bare minimum to run NT 4.0 on these systems. It does, however, support dual-booting both NT 4.0 and Mac OS8, 9, and X, which would be quite something to set up.

I’m not definitely going to keep an eye on eBay for a supported machine, because running NT on anything other than x86 has always been a bit of a weird fascination for me. Sadly, period-correct PowerPC machines that support NT are extremely rare and thus insanely expensive, and will often require board-level repairs that I can’t perform. Getting a more recent Yikes PowerMac G4 should be easy, since those just materialise out of thin air randomly in the world.

I’m incredibly excited about this.

    Package AmigaOS software for Linux and Windows with AxRuntime

    This solution lets developers compile their Amiga API-based applications as Linux binaries. Once the features are implemented, tested and optimized using the runtime on Linux or Windows, developers re-compile their applications for their Amiga-like system of choice and perform final quality checking.

    Applications created with AxRuntime can be distributed to Linux or Windows communities, giving developers a much broader user base and a possibility to invite developers from outside general Amiga community to contribute to the application.

    ↫ AxRuntime website

    I had never considered this as an option, but with AmigaOS 3.x basically being frozen in time, it’s a relatively easy target for an effort such as this. It won’t surprise you to learnt hat AxRuntime is using code from AROS, which itself is fully compatible with AmigaOS 3.1. This should technically mean that any AmigaOS application that runs on AROS should be able to be made to run using this runtime, which is great news for Amiga developers.

    Why? Well, the cold, harsh truth is that the number of Amiga users is probably still dwindling as the sands of time cause people to, well, die, and the influx of new users, who also happen to possess the skillset to develop AmigaOS software, must be a very, very slow trickle, at best. This runtime will allow AmigaOS developer to package their software to run on Linux and Windows machines, getting a lot more eyes on the software in the process. Amiga devices are not exactly cheap or easy to come by, so this is a great alternative.

    Google is ending support for Lacros, the experimental version of Chrome for ChromeOS

    Back in August 2023, we previewed our work on an experimental version of Chrome browser for ChromeOS named Lacros. The original intention was to allow Chrome browser on Chromebooks to swiftly get the latest feature and security updates without needing a full OS update.

    As we refocus our efforts on achieving similar objectives with ChromeOS embracing portions of the Android stack, we have decided to end support for this experiment. We believe this will be a more effective way to help accelerate the pace of innovation on Chromebook.

    ↫ ChromeOS Beta Tester Community

    To refresh your memory, Lacros was an attempt by Google to decouple the Chrome browser from ChromeOS itself, so that the browser could be updated indepdnently from ChromeOS as a whole. This would obviously bring quite a few benefits with it, from faster and easier updates, to the ability to keep updating the Chrome browser after device support has ended. This was always an experimental feature, so the end of this experiment really won’t be affecting many people.

    The interesting part is the reference to the recent announcement that ChromeOS’ Linux kernel and various subsystems will be replaced by their Android counterparts. I’m not entirely sure what this means for the Chrome browser on ChromeOS, since it seems unlikely that they’re going to be using the Android version of Chrome on ChromeOS. It’s generally impossible to read the tea leaves when it comes to whatever Google does, so I’m not even going to try.

    Ubuntu security updates are a confusing mess

    I’ve read this article several times now, and I’m still not entirely sure how to properly summarise the main points without leaving important details out. If you really boil it down to the very bare essentials, which packages get updates on which Ubuntu release is a confusing mess that most normal users will never be able to understand, potentially leaving them vulnerable to security flaws that have already been widely patched and are available on Ubuntu – just not your specific Ubuntu version, your specific customer type, or the specific package type in question.

    So, in the case of McPhail here, they needed a patched version of tomcat 9 for Ubuntu 22.04. This patched version was available for Ubuntu 18.04 users because not only is 18.04 an LTS release – meaning five years of support – Canonical also offers a commercial Extended Security Maintenance (ESM) subscription for 18.04, so if you’re paying for that, you get the patched tomcat9. On Ubuntu 20.04, another LTS release, the patched version of tomcat9 is available for everyone, but for the version McPhail is running, the newer LTS release 22.04, it’s only available for Ubuntu Pro subscribers (24.04 is not affected, so not relevant for this discussion). Intuitively, this doesn’t make any sense.

    The main cause of the weird discrepancy between 20.04 and 22.04 is that Canonical’s LTS support only covers the packages in main (about 10% of the total amount of packages), whereas tomcat9 lives in universe (90% of packages). LTS packages in universe are only supported on a “best effort” basis, and one of the ways a patched universe package can be made available to non-paying LTS users is if it is inhereted from Debian, which happens to be the case for tomcat9 in 20.04, while in 22.04, it’s considered part of an Ubuntu Pro subscription.

    So, there’s a fixed package, but 22.04 LTS users, who may expect LTS to truly mean LTS, don’t get the patched version that exists and is ready to go without issues. Wild.

    This is incredibly confusing, and would make me run for the Debian hills before my next reboot. I understand maintaining packages is a difficult, thankless task, but the nebulousness here is entirely of Canonical’s own making, and it’s without a doubt leaving users vulnerable who fully expect to be safe and all patched up because they’re using an LTS release.

    Qualcomm’s Oryon core: a long time in the making

    In 2019, a startup called Nuvia came out of stealth mode. Nuvia was notable because its leadership included several notable chip architects, including one who used to work for Apple. Apple chips like the M1 drew recognition for landing in the same performance neighborhood as AMD and Intel’s offerings while offering better power efficiency. Nuvia had similar goals, aiming to create a power efficient core that could could surpass designs from AMD, Apple, Arm, and Intel. Qualcomm acquired Nuvia in 2021, bringing its staff into Qualcomm’s internal CPU efforts.

    Bringing on Nuvia staff rejuvenated Qualcomm’s internal CPU efforts, which led to the Oryon core in Snapdragon X Elite. Oryon arrives nearly five years after Nuvia hit the news, and almost eight years after Qualcomm last released a smartphone SoC with internally designed cores. For people following Nuvia’s developments, it has been a long wait.

    ↫ Chips and Cheese

    Now that the Snapdragon X Elite and Pro chips are finally making their way to consumers, we’re also finally starting to see proper deep-dives into the brand new hardware. Considering this will set the standard for ARM laptops for a long time to come – including easy availability of powerful ARM Linux laptops – I really want to know every single quirk or performance statistic we can find.

    Iconography of the X Window System: the boot stipple

    For the uninitiated, what are we looking at? Could it be the Moiré Error from Doom? Well, no. You are looking at (part of) the boot up screen for the X Window System, specifically the pattern it uses as the background of the root window. This pattern is technically called a stipple.

    What you’re seeing is pretty important and came to symbolize a lot for me as a computer practitioner.

    ↫ Matt T. Proud

    The X bootup pattern is definitely burnt onto my retina, as it probably is for a lot of late ’90s, early 2000s Linux users. Setting up X correctly, and more importantly, not breaking it later, was almost an art at the time, so any time you loaded up your PC and this pattern didn’t greet you, you’d get this sinister feeling in the pit of your stomach. There was now a very real chance you were going to have to debug your X configuration file, and nobody – absolutely nobody – liked doing that, and if you did, you’re lying.

    Matt T. Proud dove into the history of the X stipple, and discovered it’s been part of X since pretty much the very beginning, and even more esoteric X implementations, like the ones used by Solaris or the various commercial versions, have the stipple. He also discovered several other variants of the stipple included in X, so there is a chance your memory might be just a tiny bit different.

    The stipple eventually disappeared at around 2008 or so, it disappeared as part of the various efforts to modernise, sanitise, and speed up the Linux boot process on desktops. On modern distributions still using X, you won’t encounter it anymore by default, but in true X fashion, the code is still there and you can easily bring it back using a flag specifically designed for it, -retro, that you can use with startx or your X init file.

    There’s a ton more information in Proud’s excellent article, but this one paragraph made me smile:

    I will remark that in spite of my job being a software engineer, I had never spent a lot of time looking at the source code for the X Server (XFree86 or X.Org) before. It’s really nuts to see that a lot of the architecture from X10R3 and X11R1 still persists in the code today, which is a statement that can be said in deep admiration for legacy code but also disturbance from the power of old decisions. Without having looked at the internals of any Wayland implementation, I can sympathize sight unseen with the sentiments that some developers have toward the X Window System: the code is a dead end. I say that with the utmost respect to the X Window System as a technology and an ecosystem. I’ll keep using X, and I will be really sad when it’s no longer possible for me to do so for one reason or another, as I’m extremely attached to it quirks. But it’s clear the future is limited.

    ↫ Matt T. Proud

    We all have great – and not so great – memories of X, but I am really, really happy I no longer have to use it.

    Palestinians say Microsoft unfairly closing their accounts

    Palestinians living abroad have accused Microsoft of closing their email accounts without warning – cutting them off from crucial online services.

    They say it has left them unable to access bank accounts and job offers – and stopped them using Skype, which Microsoft owns, to contact relatives in war-torn Gaza.

    Microsoft says they violated its terms of service – a claim they dispute.

    ↫ Mohamed Shalaby and Joe Tidy at the BBC

    Checking up on your family members to see if they survived another day of an ongoing genocide doesn’t seem like something that should be violating any terms of any services, but that’s just me.

    “Majority of websites and mobile apps use dark patterns”

    A global internet sweep that examined the websites and mobile apps of 642 traders has found that 75,7% of them employed at least one dark pattern, and 66,8% of them employed two or more dark patterns.

    Dark patterns are defined as practices commonly found in online user interfaces and that steer, deceive, coerce, or manipulate consumers into making choices that often are not in their best interests.

    ↫ International Consumer Protection and Enforcement Network

    Dark patterns are everywhere, and it’s virtually impossible to browse the web, use certain types of services, or install mobile applications, without having to dodge and roll just to avoid all kinds of nonsense being thrown at you. It’s often not even ads that make the web unusable – it’s all the dark patterns tricking you into viewing ads, entering into a subscription, enabling notifications, sharing your email address or whatever, that’s the real reason.

    This is why one of the absolute primary demands I have for the next version of OSNews is zero dark patterns. I don’t want any dialogs begging you to enable ads, no modal windows demanding you sign up for a newsletter, no popups asking you to enable notifications, and so on – none of that stuff. My golden standard is “your computer, your rules”, and that includes your right to use ad blockers or anything else to change the appearance or functioning of our website on your computer.

    It’d be great if dark patterns became illegal somehow, but it would be incredibly difficult to write any legislation that would properly cover these practices.

    AmigaKit launches a new Amiga that’s not an Amiga at all

    I try to keep tabs on a huge number of operating system projects out there – for obvious reasons – but long ago I learned that when it comes to the world of Amiga, it’s best to maintain distance and let any important news find its way out of the Amiga bubble, lest one loses their sanity. Keeping up with the Amiga world requires following every nook and cranny of various forums and websites with different allegiances to different (shell) companies, with often barely coherent screeching and arguments literally nobody cares about.

    It’s a mess is what I’m trying to say.

    Anyway, it seems one of the many small companies still somehow making a living in the Amiga world, AmigaKit, has recently released a new device, the A600GS. It’s a retrogaming-oriented Amiga computer, but it does come with something called AmiBench, that’s apparently a weird hybrid between bits of Amiga OS 4 and AROS, so it does also support running a proper desktop and associated applications, but only AmigaOS 3.x applications (I think? It’s a bit unclear). It has HDMI at up to 1080p, and even WiFi and Bluetooth support, which is pretty neat.

    Wait, Wifi and Bluetooth support? What are we really dealing with here? Once again the information is hard to find because AmigaKit is incredibly stingy with specifications – I had to read goddamn YouTube comments to get some hints – but it seems to be a custom board with an Orange Pi Zero 3 stuck on top doing most of the work. In other words, the meat of this thing is just an emulator, which in and of itself isn’t a bad thing, it’s just weird to me that they’re not upfront and direct about this.

    While this answers some questions, it also raises a whole bunch more. If this is running on low-end Allwinner ARM hardware from 2022, how is this AmiBench desktop environment (or operating system?) a “fork of OS4 with AROS code in it“? AmigaOS 4 is PowerPC-only, which may explain why AmigaKit only mentions AmigaOS 3.x and 68K compatibility, and not AmigaOS 4 compatibility. And what’s AROS doing in there?

    I mean, this is an interesting product in the sense that it’s a relatively cheap turnkey solution for classic Amiga enthusiasts, but a new Amiga this is definitely not. At about €130, this is not a bad deal, but other than hardcore fans of the classic 68K Amiga, I don’t see many people being interested in this. The Apollo Standalone V4+ piques my interest way more, but at €700-800, it’s also a lot more expensive, but at least they’re much clearer about what the Apollo is, what software it’s running, and that they’re giving back their work to AROS.

    “I fixed a 6-year-old .deb installation bug in Ubuntu MATE and Xubuntu”

    I love a good bug hunting story, and this one is right up there as a great one. Way back in 2018, Doug Brown discovered that after installing Ubuntu MATE 18.04, if he launched Firefox from the icon in the default panel arrangement to install Chrome from the official Chrome website, the process was broken. After downloading the .deb and double-clicking it, GDebi would appear, but after clicking “Install”, nothing happened.

    What was supposed to happen is that after clicking “Install”, an authentication dialog should appear where you enter your root password, courtesy of gksu. However, this dialog did not appear, and without thinking too much of it, Brown shrugged and just installed the downloaded Chrome .deb through the terminal, which worked just fine. While he didn’t look any deeper into the cause of the issue, he did note that as the years and new Ubuntu releases progressed, the bug would still be there, all the way up until the most recent release.

    Finally, 2.5 years ago, he decided to dive into the bug. It turned out there were lots of reports about this issue, but nobody stepped up to fix it. While workarounds were made available through wrapper scripts, and deeper investigations into the cause revealed helpful information. The actual error message was a doozy: “Refusing to render service to dead parents”, which is quite metal and a little disturbing.

    In summary, the problem was that GDebi was using execv() to replace itself with an instance of pkexec, which was intended to bring up an authentication dialog and then allow GDebi to run as a superuser. pkexec didn’t like this arrangement, because it wants to have a parent process other than init. Alkis mentioned that you could recreate the problematic scenario in a terminal window by running gdebi-gtk with setsid to run it in a new session.

    ↫ Doug Brown

    Backing up a few steps, if the name “gksu” rings a bell for you, you might have already figured out where the problem most likely originated from. Right around that time, 2018, Ubuntu switched to using PolicyKit instead, and gksu was removed from Ubuntu. GDebi was patched to work with PolicyKit instead, and this was what introduced the actual bug.

    Sadly, despite having a clear idea of the origin of the bug, as well as where to look to actually fix it, nobody picked it up. It sat there for years, causing problems for users, without a fix in sight. Brown was motivated enough to fix it, submitted the patch, but after receiving word it would be looked at within a few days, he never heard anything back for years, not helped by the fact that GDebi has long been unmaintained. It wasn’t until very recently that he decided to go back again, and this time, after filling out additional information required for a patch for an unmaintained package, it was picked up, and will become available in the next Ubuntu release (and will most likely be backported, too).

    Brown further explains why it took so long for the bug to be definitely fixed. Not only is GDebi unmaintained, the bug also only manifested itself when launching Firefox from the panel icon – it did not manifest when launching Firefox from the MATE menu, so a lot of people never experienced it. On top of that, as we all sadly know, Ubuntu replaced the Firefox .deb package with the SNAP version, which also doesn’t trigger the bug.

    It’s a long story for sure, but a very interesting one. It shows how sometimes, the stars just align to make sure a bug does not get fixed, even if everyone involved knows how to fix it, and even if fixes have been submitted. Sometimes, things just compound to cause a bug to fall through the cracks.

    Google extends Linux kernel support to keep Android devices secure for longer

    Android, like many other operating systems, uses the open-source Linux kernel. There are several different types of Linux kernel releases, but the type that’s most important to Android is the long-term support (LTS) one, as they’re updated regularly with important bug fixes and security patches. Starting in 2017, the support lifetime of LTS releases of Linux was extended from two years to six years, but early last year, this extension was reversed. Fortunately, Google has announced that moving forward, they’ll support their own LTS kernel releases for four years. Here’s why that’s important for the security of Android devices.

    ↫ Mishaal Rahman at Android Authority

    I fully support the Linux kernel maintainers dropping the LTS window from six to two years. The only places where such old kernels were being used were embedded devices and things like smartphones vendors refused to update to newer Android releases, and it makes no sense for kernel maintainers to be worrying about that sort of stuff. If an OEM wants to keep using such outdated kernels, the burden should be on that OEM to support that kernel, or to update affected devices to a newer, supported kernel.

    It seems Google, probably wisely, realised that most OEMs weren’t going to properly upgrade their devices and the kernels that run on them, and as such, the search giant decided to simply create their own LTS releases instead, which will be supported for four years. Google already maintains various Android-specific Linux kernel branches anyway, so it fits right into their existing development model for the Android Linux kernel.

    Some of the more popular OEMs, like Google itself or Samsung, have promised longer support life cycles for new Android versions on their devices, so even with this new Android-specific LTS policy, there’s still going to be cases where an OEM will have to perform a kernel upgrade where they didn’t have to before with the six year LTS policy. I wonder if this is going to impact any support promises made in recent years.

    Mozilla opts to extended Windows 7/8/8.1 support

    Among them, Byron Jourdan, Senior Director, Product Management of Mozilla, under the Reddit username ComprehensiveDoor643 revealed that Mozilla plans to support Firefox on Windows 7 for longer. When asked separately about whether it also included Windows 8 and 8.1 too, Jourdan added that it was certainly the plan, though for how long the extended support would last was still undecided.

    ↫ Sayan Sen at Neowin

    Excellent move by Mozilla. I doubt there’s that many new features and frameworks in Windows 10 or 11 that are absolutely essential to Firefox working properly, so assuming it can gracefully disable any possible Windows 10/11-exclusive features, it should be entirely possible to use Firefox as an up-to-date, secure, and capable browser on Windows 7/8.x.

    Windows 7 and 8.x users still make up about 2.7% of Windows users worldwide, and with Windows’ popularity, that probably still translates to millions and millions of people. Making sure these people have access to a safe and secure browser is a huge boon, and I’m very happy Mozilla is going to keep supporting these platforms as best they can, at least for now.

    For those of us who already consider especially Windows 7 a retrocomputing platform – I sure do – this is also great news, as any retro box or VM we load up with it will also get a modern browser. Just excellent news all around.

    No more boot loader: please use the kernel instead

    Most people are familiar with GRUB, a powerful, flexible, fully-featured bootloader that is used on multiple architectures (x86_64, aarch64, ppc64le OpenFirmware). Although GRUB is quite versatile and capable, its features create complexity that is difficult to maintain, and that both duplicate and lag behind the Linux kernel while also creating numerous security holes. On the other hand, the Linux kernel, which has a large developer base, benefits from fast feature development, quick responses to vulnerabilities and greater overall scrutiny.

    We (Red Hat boot loader engineering) will present our solution to this problem, which is to use the Linux kernel as its own bootloader. Loaded by the EFI stub on UEFI, and packed into a unified kernel image (UKI), the kernel, initramfs, and kernel command line, contain everything they need to reach the final boot target. All necessary drivers, filesystem support, and networking are already built in and code duplication is avoided.

    ↫ Marta Lewandowska

    I’m not a fan of GRUB. It’s too much of a single point of failure, and since I’m not going to be dual-booting anything anyway I’d much rather use something that isn’t as complex as GRUB. Systemd-boot is an option, but switching over from GRUB to systemd-boot, while possible on my distribution of choice, Fedora, is not officially supported and there’s no guarantee it will keep working from one release to the next.

    The proposed solution here seems like another option, and it may even be a better option – I’ll leave that to the experts to discuss. It seems like to me that the ideal we should be striving for is to have booting the operating system become the sole responsibility of the EUFI firmware, which usually already contains the ability to load any operating system that supports UEFI without explicitly installing a bootloader. It’d be great if you could set your UEFI firmware to just always load its boot menu, instead of hiding it behind a function key or whatever.

    We made UEFI more capable to address the various problems and limitations inherent in BIOS. Why are we still forcing UEFI to pretend it still has the same limitations?