Linked by Thom Holwerda on Mon 8th Jan 2018 13:29 UTC
Games

The recent reveal of Meltdown and Spectre reminded me of the time I found a related design bug in the Xbox 360 CPU - a newly added instruction whose mere existence was dangerous.

Back in 2005 I was the Xbox 360 CPU guy. I lived and breathed that chip. I still have a 30-cm CPU wafer on my wall, and a four-foot poster of the CPU’s layout. I spent so much time understanding how that CPU's pipelines worked that when I was asked to investigate some impossible crashes I was able to intuit how a design bug must be their cause. But first, some background...

 

Linked by Thom Holwerda on Fri 5th Jan 2018 23:45 UTC
Linux

I'm travelling around the world and sometimes I don't have very good Internet. If all I have is a 3kbps connection tethered from my phone then it's good to SSH into my server and browse the web through elinks. That way my server downloads the web pages and uses the limited bandwidth of my SSH connection to display the result. But it lacks JS support and all that other modern HTML5 goodness. Texttop is simply a way to have the power of a remote server running a desktop, but interfaced through the simplicity of a terminal and very low bandwidth.

Why not VNC? Well VNC is certainly one solution but it doesn't quite have the same ability to deal with extremely bad Internet. Texttop uses MoSH to further reduce the bandwidth and stability requirements of the connection. Mosh offers features like automatic reconnection of dropped connections and diff-only screen updates. Also, other than SSH or MoSH, Texttop doesn't require a client like VNC. But of course another big reason for Texttop is that it's just very cool geekery.

 



Linked by Thom Holwerda on Thu 4th Jan 2018 21:54 UTC
Privacy, Security, Encryption

We've been archiving a bunch of old Xerox Alto disk packs from the 1970s. A few of them turned out to be password-protected, so I needed to figure out how to get around the password protection. I've developed a way to disable password protection, as well as a program to find the password instantly.

Xerox has failed to respond to this severe security hole in their computer, and every day they refuse to patch this vulnerability is a day their customers run a massive risk. Irresponsible.

 

Linked by Thom Holwerda on Thu 4th Jan 2018 21:51 UTC
Apple

The T2 processor isn't doing the heavy lifting in the iMac Pro - that's the Intel Xeon processor with between 8 and 14 processor cores. The T2 is the brain behind that brain, running the subsystems of the iMac Pro from a single piece of Apple-built silicon. The result is a simplified internal design that doesn’t require multiple components from multiple manufacturers.

On most Macs, there are discrete controllers for audio, system management and disk drives. But the T2 handles all these taks. The T2 is responsible for controlling the iMac Pro's stereo speakers, internal microphones, and dual cooling fans, all by itself.

It's a fascinating chip that certainly puts Apple ahead of its competitors, but at the same time, it's going to make installing non-approved operating systems on Macs ever harder. Sure, they're allowing it for now, but for how long?

 

Linked by Thom Holwerda on Wed 3rd Jan 2018 20:36 UTC
Intel

Update: Google's Project Zero disclosed details about the vulnerability a week ahead of schedule due to growing concerns, and they indeed confirm AMD and ARM processors are also affected:

The Project Zero researcher, Jann Horn, demonstrated that malicious actors could take advantage of speculative execution to read system memory that should have been inaccessible. For example, an unauthorized party may read sensitive information in the system’s memory such as passwords, encryption keys, or sensitive information open in applications. Testing also showed that an attack running on one virtual machine was able to access the physical memory of the host machine, and through that, gain read-access to the memory of a different virtual machine on the same host.

These vulnerabilities affect many CPUs, including those from AMD, ARM, and Intel, as well as the devices and operating systems running them.




Intel just published a PR statement about the processor flaw, and in it, it basically throws AMD and ARM under the bus. According to Intel, reports that only its own processors are affected are inaccurate, namedropping specifically AMD and ARM just to make it very clear who we're talking about here. From the statement:

Recent reports that these exploits are caused by a "bug" or a "flaw" and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices - with many different vendors' processors and operating systems - are susceptible to these exploits.

Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits. Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.

More to surely come.

 

Linked by Thom Holwerda on Wed 3rd Jan 2018 00:42 UTC
Intel

A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features - such as PCID - to reduce the performance hit.

That's one hell of a bug.

 

Linked by Thom Holwerda on Wed 3rd Jan 2018 00:37 UTC, submitted by theuserbl
Google

We've been talking about Google's mysterious Fuchsia operating system for a while now, and today, we have a new piece of the puzzle. It's a small piece, for sure, but with Google being so incredibly secretive about the whole thing, we take what we can get. As it turns out, Google has added support for its Pixelbook to Fuchsia, and added a page on how to prepare the Pixelbook for Fuchsia installation, and you can check the how-to commit for information about the installation itself.

Still a far cry from anything even remotely tangible about where Fuchsia is going, but even a slow drip can eventually fill a bucket.

 

Linked by Bjorn Stahl on Wed 3rd Jan 2018 00:24 UTC
Graphics, User Interfaces

Ending the year a new release of the "desktop engine" Arcan and its reference desktop environment, Durden.

Arcan is a different take on how to glue the user-experience side of operating systems together. It has been in development for well over a decade, with the modest goals of providing a more secure, faster, safer and flexible alternative to both Xorg and terminal emulators, as well as encouraging research.

The latest release improves on areas such as crash resilience, wayland client support, VR devices, OpenBSD support and visual goodies. You can read through the full release post, with some of the more technical bits in the related articles about crash-resilient Wayland compositing and "AWK" for multimedia.

 

Linked by Thom Holwerda on Tue 2nd Jan 2018 17:20 UTC, submitted by intric8
Amiga & AROS

First post of the new year - I hope y'all had a good one - and we're talking Amiga.

In October of 2017 I found a really nice accelerator card on Ebay for my stock Amiga 1000 - the Blizzard Turbo Memory Board. My original thought was I would install it into my 1000 and lose the side-car RAM expansions to regain some valuable desk space. Plus - 8MB? That’s gobs for the work I personally do on my Amigas. It was originally designed for the Amiga 500 or 2000 and additionally gave a modest speed boost of 14 Mhz. From my personal experience, 7 Mhz is plenty for the vast majority of Amiga games and software. However in some rare cases 14, 25 or even 40 Mhz can greatly improve the user experience with some math-intensive games and software. This little board seemed the perfect fit for my 1000’s needs.

I then got to talking to the seller on Ebay who was based in Australia. After a short amount of time I came to learn that he had in his possession an ultra-rare Phoenix board, too. Within a few days, money was exchanged and the Phoenix began its long journey from Australia to Seattle, Washington.

This is one of those stories where you just sit back, grab a warm drink, and just enjoy.

 

Linked by Thom Holwerda on Thu 28th Dec 2017 23:36 UTC
Google

Android applications, running on either Android itself or on Chrome OS, pause whenever they're not in focus. While this makes sense on a phone, this doesn't make a whole lot of sense on desktop machines such as Chromebooks. As such, Google is addressing this shortcoming with Parallel Tasks.

With that in mind, the expected behavior of an open app is that it would remain active and running even when the user clicks to another window. Coming from Windows, Linux, or Mac OS, this is what users expect and it is a bit confusing unless you understand what is happening.

Parallel tasks on Android allow the OS to keep everything running and open until you pause the activity or close the app down. Again, with Chrome OS, this is much easier to manage. Just click the "X" on the app and it is closed. Simple.

Nothing groundbreaking in and of itself, obviously, but a hugely important 'feature' to have on a laptop or desktop.

 

Linked by Thom Holwerda on Thu 28th Dec 2017 23:28 UTC
Apple

As soon as I saw iPhone X home indicator replacing the physical button, I got interested in its behavior: it has to be visible both on the lock screen with an arbitrary wallpaper as a background and in any 3rd-party app showing arbitrary content, which in case of videos or games can also change quite quickly.

Obviously, UIKit doesn't expose anything remotely similar, so let's figure out how it is built!

Cool look at how the home indicator on the iPhone X works.

 

Linked by Thom Holwerda on Sun 24th Dec 2017 23:56 UTC
Apple

Apple will be releasing the code of the operating system and applications of the Apple Lisa.

Just wanted to let everyone know the sources to the OS and applications were recovered, I converted them to Unix end of line conventions and space for Pascal tabs after the files using Disk Image Chef, and they are with Apple for review. After that's done, the Computer History Museum will do a CHM blog post about the historical significance of the software and the code that is cleared for release by Apple will be made available in 2018. The only thing I saw that probably won't be able to be released is the American Heritage dictionary for the spell checker in LisaWrite.

Merry Christmas everybody.

 

Linked by Thom Holwerda on Wed 20th Dec 2017 23:04 UTC
Apple

Mark Gurman:

Starting as early as next year, software developers will be able to design a single application that works with a touchscreen or mouse and trackpad depending on whether it's running on the iPhone and iPad operating system or on Mac hardware, according to people familiar with the matter.

Developers currently must design two different apps - one for iOS, the operating system of Apple's mobile devices, and one for macOS, the system that runs Macs. That's a lot more work. What's more, Apple customers have long complained that some Mac apps get short shrift. For example, while the iPhone and iPad Twitter app is regularly updated with the social network's latest features, the Mac version hasn't been refreshed recently and is widely considered substandard. With a single app for all machines, Mac, iPad and iPhone users will get new features and updates at the same time.

Apple currently plans to begin rolling out the change as part of next fall's major iOS and macOS updates, said the people, who requested anonymity to discuss an internal matter. The secret project, codenamed "Marzipan", is one of the tentpole additions for next year's Apple software road map. Theoretically, the plan could be announced as early as the summer at the company's annual developers conference if the late 2018 release plan remains on track. Apple's plans are still fluid, the people said, so the implementation could change or the project could still be canceled.

This is a massive change in Apple's direction. The company and its supporters have always held fast to the concept that there should be two distinct and different operating systems with two distinct and different user interfaces, very much the opposite of what Microsoft is still trying to do with Windows Metro applications and their Surface line-up. This change is basically a complete embrace of Microsoft's vision for the future of computing.

This will have tremendous consequences for both iOS and macOS. For iOS, it probably means we get more advanced, fuller-featured applications, and I think this also pretty much confirms we're going to see a mouse pointer and trackpad/mouse support on iOS in the very near future - just as I predicted earlier this year. For macOS, it might mean a broader base of applications to choose from, but also possibly a dumbing-down of existing applications. A number of Apple applications already work very much like the article states, and they certainly lost functionality on the macOS side of things.

On the more speculative side, this could be the next step in deprecating macOS, which is, in my unfounded opinion, still Apple's ultimate goal here. Note how Apple isn't bringing macOS applications to iOS, but vice versa. Make of that what you will, but I wouldn't have too much faith in the long term viability of macOS as a platform distinct and separate from iOS.

 

Linked by Thom Holwerda on Wed 20th Dec 2017 17:39 UTC, submitted by Henrik Hellerstedt
OpenBSD

If you've noticed a disruption in the time-space continuum recently, it is likely because I have finally been able to compile and install the Common Desktop Environment (CDE) in a current and actively-developed operating system (OpenBSD 6.2 in this case).

Since it's been a while - I love CDE.

 

Linked by Thom Holwerda on Wed 20th Dec 2017 17:36 UTC
Apple

A Reddit post from last week has sparked a discussion regarding iPhone performance as a function of battery age. While we expect battery capacity to decrease as batteries age, we expect processor performance to stay the same. However, users with older iPhones with lower-than-expected Geekbench 4 scores have reported that replacing the battery increases their score (as well as the performance of the phone). What's going on here? How many phones are experiencing decreased Geekbench 4 score?

To answer these questions I've plotted the kernel density of Geekbench 4 single-core scores for the iPhone 6s and the iPhone 7 running different versions of iOS. Scores obtained in low-power mode are not included in the distribution.

Evidence seems to be mounting that Apple is decreasing the clock speed of iPhones with decreased battery capacity to maintain the advertised battery life.

 

Linked by Thom Holwerda on Wed 20th Dec 2017 17:34 UTC
Windows

Support for the unix socket has existed both in BSD and Linux for the longest time, but, not on Windows. On Windows, there were some alternatives for local IPC, such as named pipes. But, calling conventions are different between the named pipes and sockets, making writing low-maintenance cross-platform applications difficult. For example, one such place where these two constructs differ (other than the API) is terminating the connection. BSD Socket API provides a bidirectional close semantics using 'shutdown'. There is no direct equivalent of that in named pipes. Such differences make it difficult to port unix socket applications from Linux to Windows and vice versa; up until now!

Build 17063 brings native support for the unix socket to Windows. Starting this build, two Win32 processes can use the AF_UNIX address family over Winsock API (which is very similar to the BSD socket API) to communicate with each other. Currently, the support only exists for the stream (SOCK_STREAM) socket type, which is a connection-oriented protocol for one-to-one communication. Support for the datagram (SOCK_DGRAM) can be considered in future depending on the adoption, feedback and scenarios.

Another step to make Windows friendlier to UNIX/Linux users and developers.

 

Linked by Thom Holwerda on Tue 19th Dec 2017 19:22 UTC
Android

Today, we are excited to announce Quick Boot for the Android Emulator. With Quick Boot, you can launch the Android Emulator in under 6 seconds. Quick Boot works by snapshotting an emulator session so you can reload in seconds. Quick Boot was first released with Android Studio 3.0 in the canary update channel and we are excited to release the feature as a stable update today.

There's a quite a few other improvements and new features, as well.

 

Linked by Thom Holwerda on Tue 19th Dec 2017 19:18 UTC
Internet & Networking

Facebook just loosened the leash a little on its facial-recognition algorithms. Starting Tuesday, any time someone uploads a photo that includes what Facebook thinks is your face, you’ll be notified even if you weren't tagged.

The new feature rolled out to most of Facebook's more than 2 billion global users this morning. It applies only to newly posted photos, and only those with privacy settings that make an image visible to you. Facebook users in Canada and the European Union are excluded. The social network doesn't use facial-recognition technology in those regions, due to wariness from privacy regulators.

Just a heads up.

 

Linked by Thom Holwerda on Sun 17th Dec 2017 19:39 UTC
Mozilla & Gecko clones

For a long time, it was just setting the default search provider to Google in exchange for a beefy stipend. Later, paid links in your new tab page were added. Then, a proprietary service, Pocket, was bundled into the browser - not as an addon, but a hardcoded feature. In the past few days, we’ve discovered an advertisement in the form of browser extension was sideloaded into user browsers. Whoever is leading these decisions at Mozilla needs to be stopped.

Mozilla garnered a lot of fully deserved goodwill with the most recent Firefox release, and here they are, jeopardising all that hard work. People expect this kind of nonsense from Google, Apple, or Microsoft - not Mozilla. Is it unfair to judge Mozilla much more harshly than those others? Perhaps, but that's a consequence of appealing to more demanding users when it comes to privacy and open source.

 

Linked by Thom Holwerda on Sun 17th Dec 2017 19:30 UTC
PDAs, Cellphones, Wireless

While we are pleased to announce continuing support for BB10 and BBOS users for at least another two years, current device owners should be aware that we will be closing some ancillary services such as the BlackBerry World app store (12/31/2019), the BlackBerry Travel site (February 2018), and the Playbook video calling service (March 2018). Customers who upgrade to a new KeyOne or Motion won't miss a beat as they'll have immediate access to the rich universe of apps in the Google Play store without compromising on either security or their desire for a physical keyboard.

The platform was clearly winding down for a number of years now, ever since BlackBerry moved to Android, but it's still yet another casualty on the road towards the iOS-Android duopoly. I know a surprising number of people here on OSNews absolutely adored their BB10 devices, and I'm sad I never managed to purchase a Passport, the most enticing BB10 device to me.

I'm still keeping an eye out for an affordable used Passport, because I definitely want to write about BB10 in more detail in the near future.