Migrating from VM to Hierarchical Jails in FreeBSD

FreeBSD has supported nesting of jails natively since version 8.0, which dates back to 2009. Looking at the jail(8) man page, there is an entire paragraph named Hierarchical Jails that explains the concept of jail hierarchy well. It’s one of the many gems of FreeBSD that, although not widely known or used, is, in my opinion, extremely useful.

BastilleBSD plays a central role in this article, and that’s a project I’ve been hearing a lot about recently. I feel like the various BSDs are currently hitting a stride, and there seems to be a lot of movement from Linux to BSD at the moment.

This company just put the air in Apple’s MacBook Air

Frore Systems is a startup with $116 million in funding, and I’ve shown you its first product before: the AirJet Mini is a piezoelectric cooling chip that weighs just nine grams and is thinner than two US quarters stacked together. Each nominally consumes one watt and can remove 4.25 additional watts of heat. Here’s the question: what would happen if Frore used those AirJets to cool a laptop that normally doesn’t have a fan at all?

What the company discovered — and I saw firsthand — is that Apple’s M2 chip can run faster, for longer, with Frore’s tech on board. Without it, a 15-inch M2 MacBook Air was like a runner that can’t sprint indefinitely without running out of breath. But with three AirJet Minis, the same laptop got a permanent second wind.

Frore’s AirJet coolers have been featured on YouTube channels like LTT as well, and there’s no doubt in my mind these will be the future of laptop cooling, especially in the thinner segment of the laptop market. At least in thin laptops, AirJets are better in virtually every way than fans, and provide far superior cooling compared to fanless designs without adding bulk or noise. The only thing that sucks as an enthusiast is that you can’t really modify an existing laptop yourself.

Either this company gets gobbled up by an OEM, or their products will make their way in almost every thin laptop.

Google Play keeps banning the same web browser due to vague DMCA notices

App developer Elias Saba has had some bad luck with Digital Millennium Copyright Act (DMCA) takedowns. His Android TV app Downloader, which combines a web browser with a file manager, was suspended by Google Play in May after several Israeli TV companies complained that the app could be used to load a pirate website.

Google reversed that suspension after three weeks. But Downloader has been suspended by Google Play again, and this time the reason is even harder to understand. Based on a vague DMCA notice, it appears that Downloader was suspended simply because it can load the Warner Bros. website.

Application stores are basically random number generators. The worst possible applications, from non-functional garbage to ad-ridden gambling games designed to prey on children, make up the bulk of what’s on offer, but functional, useful applications spiral into Kafkaesque bureaucratic dark holes. Being a mobile developer in 2023 is a nightmare.

Building a NetBSD ramdisk kernel

When I used OpenBSD, I was a big fan of bsd.rd: a kernel that includes a root file system with an installer and a few tools. When I invariably did something bad to my root file system, I could use that to repair things. bsd.rd is also helpful for OS updates. And there is only a single file involved.

On NetBSD however, there is usually no netbsd.rd kernel installed, or even available by default. The facility is there, it’s just not standard. To be fair, there are a number of architectures that use kernels with a ramdisk for installation.

Recently, I have been toying with NetBSD on an Orange Pi 5. This is a 64-bit ARM board, using the evbarm-aarch64 architecture. I am booting from an SD card (details in a followup post) but once booted, the kernel does not see the card any more, only the NVMe SSD. So my thoughts went back to bsd.rd and I decided that I want one!

Such a kernel seems like a very useful tool to have, so if you’re running NetBSD – this guide will help you add it to your toolbox.

Super tiny Windows 11 OS gets a big update: Tiny11 2311 shrinks 20% and allows cumulative updates

NTDEV, the developer behind Tiny11, has released a new update for its miniature Windows 11 operating system, called Tiny11 2311, that adds Microsoft’s latest feature update, 23H2, into the OS and introduces a plethora of bug fixes addressing issues in the outgoing version of Tiny11. On top of this, the new update also shrinks Tiny11’s install size by a whopping 20%, making Tiny11’s renowned footprint even smaller.

There is absolutely no need for Windows 11 to be as big and invasive as it is, and it feels like such a shame and missed opportunity to burden an otherwise good and capable operating system with such cruft and useless junk.

How Apple’s developers reflashed Mac ROMs in the ’90s

After I wrote about the possibility of programmable Mac ROM SIMMs in Quadras a couple of months ago, I suspected that there had been a way for developers at Apple in the 68k Mac era to reflash the ROM in their Macs during development, just like BIOS updates on PCs. The reason I believed this is because the ROM SIMM socket in the Quadras brought out pins for 12V (VPP) and write enable (/WE). I had verified that the write enable pin was going into the memory controller chip in several Mac models, so I was pretty confident that in-system programming was possible.

As luck would have it, multiple people pointed out to me that an Apple internal utility used for ROM flashing had been uploaded to the Macintosh Garden. It was recovered from a prototype PowerBook 520 purchased in 2020. Of course, I had to download this utility and figure out how it works.

I honestly cannot believe it’s taken this long for such a tool to become available one way or the other. Classic Macs are incredibly popular in the retro community, and being able to reflash the ROMs like this is incredibly useful. It took some work and disassembly, but Doug Brown got it working.

Debian’s MIPS64EL CPU port is at risk due to declining hardware access

Debian’s MIPS64EL that is a 64-bit little endian port using the N64 ABI is at risk due to declining access for building the Debian 64-bit MIPS packages. MIPS64EL is now being treated as an “out of sync” architecture due to lacking sufficient build daemon resources for timely building new packages and if the situation doesn’t improve, it may not be suitable as a release architecture for Debian 13 “Trixie”.

Not all architectures last forever, and as time goes on, more and more of these once promising architectures will simply no longer be part of the modern Linux world. It makes sense – but it’s still sad.

China’s new(ish) SW26010-Pro supercomputer at SC23

Sunway’s new supercomputer therefore feels like a system designed with the goal of landing high on some TOP500 lists. For that purpose, it’s perfect, providing a lot of throughput without wasting money on pesky things like cache, out-of-order execution, and high bandwidth memory. But from the perspective of solving a nation’s problems, I feel like Sunway is chasing a metric. A nation doing well in advanced technology might have a lot of supercomputer throughput, but more supercomputer throughput doesn’t necessarily mean you’ll solve technological problems faster.

A detailed look at China’s new supercomputer. The conclusion quoted above is very well supported by the data and research concerning this new supercomputer, and the article is a great read.

Microsoft brings ChatGPT AI to Windows 11’s command line

Windows Terminal is getting an optional feature – ChatGPT-powered “AI chat” on Windows 11. ChatGPT integration is now available in Terminal (Canary), a new development channel to test experimental features ahead of a wider rollout. With ChatGPT AI Chat in Terminal, you can use AI to generate commands, explain errors, and get recommendations.

Microsoft wants Terminal to use the natural language AI to explain commands, such as “DISM”, or errors you might get when running commands. Similarly, it can suggest actions, like an alternate command when the original one doesn’t work.

When Microsoft said it wants to shove “AI” into every aspect of Windows, they weren’t kidding.

Here is a “simple” method to uninstall Edge in Windows 10 and 11

Earlier this month, Microsoft released new preview updates with changes to make its operating systems compliant with European Union regulations. Those changes include the ability to uninstall Edge, decouple the OS from Bing, turn on third-party news feeds in Widgets, and more. Sadly, only EU citizens can enjoy those changes without messing with their PCs’ software intestines. Other people must tweak Windows Registry to spoof their location, which can lead to unnecessary complications.

Luckily, there is a much simpler method that does not require editing the registry or faking your location. As it turned out (via Deskmodder), Windows manages new region policies using a JSON file inside the system32 folder. Modifying that file allows force-enabling specific features in unsupported regions.

What follows is a 19 step process involving taking ownership of protected system files, dowloading additional tools, editing the registry, a few reboots, and more. A very simple process.

So anyway if you want to remove Firefox from Fedora or Ubuntu or whatever, just run sudo dnf remove firefox or sudo apt remove firefox respectively, because as we all know, Linux is very hard to use and just not ready for desktop use. Good for servers, though.

The tech world is a clown show.

What has changed in CPU cores in M3 chips?

If you read the initial reviews of Apple’s new M3-based Macs, you’d be forgiven for thinking little had changed in their CPU cores, apart from a rejigging of numbers and an increase in the maximum frequency of their P cores. As my MacBook Pro 16-inch M3 Pro arrived three days early, this article presents a tentative first look at what has changed in their CPU cores, and from that, how you might choose the right chip for your next Apple silicon Mac. Like Apple, I’m going to make comparison between M1 and M3 chips, as in most respects discussed here, M2 CPU cores didn’t change as much from those in the M1, and I’ve had and tested four different M1 models.

As the introduction suggests, there’s more here than many seem to think.

Building up networks of zones on Tribblix

With OpenSolaris and derivatives such as illumos, we gained the ability to build a whole IT infrastructure in a single box, using virtualized networking (crossbow) to build the underlying network and then attaching virtualized systems (zones) atop virtualized storage (zfs).

Some of this was present in Solaris 10, but it didn’t have crossbow so the networking piece was a bit tricky (although I did manage to get surprisingly far by abusing the loopback interface).

In Tribblix, I’ve long had the notion of a router or proxy zone, which acts as a bridge between the outside world and a local virtual subnet. For the next release I’ve been expanding that into something much more flexible and capable.

I’m continuously impressed by the work Peter Tribble is putting into Tribblix. Maintaining a distribution of something like OpenSolaris is hard enough as it is, but to then also add various unique functions and capabilities, while also maintaining support for SPARC, is just amazing.

Zork for the PDP-11/RT-11 recreated

We talked about Zork yesterday, and how the code for interpreters for the game was found and published on Github. Today we have a blog post detailing how to actually use one of these interpreters, the one for the PDP-11.

Ok so what or where to do this?! First you need SIMH or any other good PDP-11 emulator, a copy of RT-11, and of course the source to the interpreter oddly enough named PDP11.ZIP. Just keep in mind that this is NOT a pk-zip file, it’s a text file. It’s Macro-11 assembler source.

And it goes on from there. This is using an emulator, but if you’re lucky enough to have a real PDP-11 you can probably get all of this running, too.

All that Infocom interpreter code

Jason Scott posted the source code for all the Infocom games in 2019. This was pretty awesome. Everybody who is interested in that stuff cheered, and now it’s part of the common knowledge of Infocom. If you’re researching the history of those games, or want to study their design, you can dig in.

[…]

So the game source was big news. Infocom’s interpreter source, however, remained obscure. This was the game-playing software for each platform: the Apple 2 interpreter, the Commodore 64 interpreter, and so on. A particular Infocom game release (“Zork 3 for the C64”, say) was a floppy containing the C64 interpreter and the Zork-3 game file. Boot the floppy, the interpreter starts up; it loads the game data and the game begins.

The code for the interpreter, however, was never released as open source – until now. Andrew Plotkin posted all of the code on Github, followed later by an additional code dump by David Fillmore.

Hacking the Canon imageCLASS MF742Cdw/MF743Cdw (again)

There has been quite a bit of documentation about exploiting the CANON Printer firmware in the past. For some more background information I suggest reading these posts by SYNACKTIV, doar-e and DEVCORE. I highly recommend reading all of it if you want to learn more about hacking (CANON) Printers.

The TL;DR is: We’re dealing with a Custom RTOS called DRYOS engineered by CANON that doesn’t ship with any modern mitigations like W^X or ASLR. That means that after getting a bit acquainted with this alien RTOS it is relatively easy to write (reliable) exploits for it.

Having a custom operating system doesn’t mean it’s more secure than popular solutions.

National Instruments to Apple Mac: buh-Bye

EE Journal reports:

National Instruments (NI) recently released a new version of its LabView test automation programming environment for the latest Apple Macintosh computers based on the Arm-based Apple M1 CPU/GPU SoC. At the same time, NI let its customers know that this release would be the last one for Apple Macintosh computers, sending a shock through some portion of the company’s customer base.

[…]

LabView’s importance to test and measurement cannot be overstated. It was the first graphical programming language designed exclusively for test systems. The language has been continually expanded and improved for nearly 40 years and features more than 7000 software drivers for instruments from many vendors as well as support for custom, FPGA-based instruments. LabView supports many instrument interfaces starting with IEEE-488 and extending to MXI, PXI, USB, Ethernet, and probably a few more interfaces that don’t immediately come to mind.

It’s a shock to many and will likely punish higher education students and a chunk of the scientific and research segment which is still Mac dominant.

FreeBSD 14.0 released

After a few minor delays, FreeBSD 14.0 has officially been released. The highlights according to the FreeBSD team itself:

  • OpenSSH has been updated to version 9.5p1.
  • OpenSSL has been updated to version 3.0.12, a major upgrade from OpenSSL 1.1.1t in FreeBSD 13.2-RELEASE.
  • The bhyve hypervisor now supports TPM and GPU passthrough.
  • FreeBSD supports up to 1024 cores on the amd64 and arm64 platforms.
  • ZFS has been upgraded to OpenZFS release 2.2, providing significant performance improvements.
  • It is now possible to perform background filesystem checks on UFS file systems running with journaled soft updates.
  • Experimental ZFS images are now available for AWS and Azure.
  • The default congestion control mechanism for TCP is now CUBIC.

For more details, you can dive into the release notes, and if you’re already using FreeBSD you know exactly how to upgrade.

YouTube says new 5-second video load delay is supposed to punish ad blockers, not Firefox users

Firefox users across the internet say that they are encountering an “artificial” five-second load time when they try to watch YouTube videos that exists on Firefox, but not Chrome. Google, meanwhile, told 404 Media that this is all part of its larger effort against ad blockers, and that it doesn’t have anything to do with Firefox at all.

I’m sure it doesn’t, Google.