Keep OSNews alive by becoming a Patreon, by donating through Ko-Fi, or by buying merch!

Recent and not so recent changes in OpenBSD that make life better

Known to be “functional, free and secure by default”, the OpenBSD operating system has played an important role in open source for more than a quarter century. It has also been fairly central to what I have done for the last two decades and some. What follows is my personal view of what life with OpenBSD has been like, with an emphasis on moments and developments that I feel made life, or at least my life, better. Good article about an operating system that seems to just do its thing, and do it well.

The semiconductor heist of the century: Arm China has gone completely rogue

Arm is widely regarded as the most important semiconductor IP firm. Their IP ships in billions of new chips every year from phones, cars, microcontrollers, Amazon servers, and even Intel’s latest IPU. Originally it was a British owned and headquartered company, but SoftBank acquired the firm in 2016. They proceeded to plow money into Arm Holdings to develop deep pushes into the internet of things, automotive, and server. Part of their push was also to go hard into China and become the dominant CPU supplier in all segments of the market. As part of the emphasis on the Chinese market, SoftBank succumbed to pressure and formed a joint venture. In the new joint venture, Arm Holdings, the SoftBank subsidiary sold a 51% stake of the company to a consortium of Chinese investors for paltry $775M. This venture has the exclusive right to license Arm’s IP within China. Within 2 years, the venture went rogue. Recently, they gave a presentation to the industry about rebranding, developing their own IP, and striking their own independently operated path. This is not the first time the Chinese government – through its companies and investors – has gained access to a large amount of silicon IP (both VIA and AMD fell for this too). Not that I care much for Arm here – they were blinded by greed, and will pay the price – but hopefully this opens the eyes of other companies in similar positions.

Apple just declared war on your privacy

Edward Snowden: Having read thousands upon thousands of remarks on this growing scandal, it has become clear to me that many understand it doesn’t matter, but few if any have been willing to actually say it. Speaking candidly, if that’s still allowed, that’s the way it always goes when someone of institutional significance launches a campaign to defend an indefensible intrusion into our private spaces. They make a mad dash to the supposed high ground, from which they speak in low, solemn tones about their moral mission before fervently invoking the dread spectre of the Four Horsemen of the Infopocalypse, warning that only a dubious amulet—or suspicious software update—can save us from the most threatening members of our species. Suddenly, everybody with a principled objection is forced to preface their concern with apologetic throat-clearing and the establishment of bonafides: I lost a friend when the towers came down, however… As a parent, I understand this is a real problem, but… An excellent and scathing takedown of Apple’s planned backdoors.

Thousands of Debian packages updated from their upstream Git repository

Linux distributions like Debian fulfill an important function in the FOSS ecosystem – they are system integrators that take existing free and open source software projects and adapt them where necessary to work well together. They also make it possible for users to install more software in an easy and consistent way and with some degree of quality control and review. One of the consequences of this model is that the distribution package often lags behind upstream releases. This is especially true for distributions that have tighter integration and standardization (such as Debian), and often new upstream code is only imported irregularly because it is a manual process – both updating the package, but also making sure that it still works together well with the rest of the system. However, there have been developments over the last decade that make it easier to import new upstream releases into Debian packages. An interesting look at what the Debian project is doing to make it easier for upstream code to be packaged as proper .deb packages.

A decade and a half of instability: the history of Google messaging apps

Currently, you would probably rank Google’s offerings behind every other big-tech competitor. A lack of any kind of top-down messaging leadership at Google has led to a decade and a half of messaging purgatory, with Google both unable to leave the space altogether and unable to commit to a single product. While companies like Facebook and Salesforce invest tens of billions of dollars into a lone messaging app, Google seems content only to spin up an innumerable number of under-funded, unstable side projects led by job-hopping project managers. There have been periods when Google briefly produced a good messaging solution, but the constant shutdowns, focus-shifting, and sabotage of established products have stopped Google from carrying much of these user bases—or user goodwill—forward into the present day. Because no single company has ever failed at something this badly, for this long, with this many different products (and because it has barely been a month since the rollout of Google Chat), the time has come to outline the history of Google messaging. Prepare yourselves, dear readers, for a non-stop rollercoaster of new product launches, neglected established products, unexpected shut-downs, and legions of confused, frustrated, and exiled users. This is delightfully depressing.

The search for a FLOSS mobile OS

For the last few weeks, I’ve been running CalyxOS. It is the latest in Free/Open Source mobile phone operating systems that I’ve used. This post is a summary of my experience using FLOSS mobile OSes and what my experience can tell us not only about phones, but Free/Open Source OSes in general. An excellent rundown of the various options in this space, and I’m tempted to see if I can make this step in the near future too. Cutting Google out of my mobile phone would be quite, quite welcome.

Google Fuchsia update is rolling out widely to 1st-gen Nest Hubs

More owners of the first-generation Nest Hub are Google Fuchsia update is rolling out widely to 1st-gen Nest Hubs as it expands beyond the Preview program. Back in May, Google formally released Fuchsia, its effort to develop a “not Linux” operating system from scratch, which has been years in the making. The first device to receive the new OS was Google’s 2018 smart display, the Nest Hub — not to be confused with the second generation Nest Hub with sleep tracking released earlier this year — taking it permanently off of the existing Linux based “Cast OS” without negatively affecting the UI or experience. The rollout continues.

Samsung confirms it’s removing ads from its stock apps later this year

Samsung has confirmed that it will stop showing ads in default apps including Samsung Weather, Samsung Pay, and Samsung Theme. It follows comments made by its mobile chief TM Roh in an internal town hall meeting reported by Yonhap. “Samsung has made a decision to cease the advertisement on proprietary apps including Samsung Weather, Samsung Pay, and Samsung Theme,” the company said in a statement given to The Verge. “The update will be ready by later this year.” I never got any of these ads on my Samsung Galaxy Note 10+, but I’d be absolutely livid if I did. I’m not going to commend Samsung for doing the absolutely bare minimum here and not show ads on €1000 devices. Dear lord.

20 years of Haiku

Dedication asks each of its adherents to have faith even as time and energy pass through from one year to the next. Dedication brings with it a variety of challenges, but also rewards. Dedication is something most people claim to have, but few readily exhibit it in the face of adversity. As of today, Aug. 18, 2021, the Haiku Project is celebrating two decades of dedication, marking the 20th anniversary of the founding of the Haiku operating system and the start of this ride to save, maintain, and expand upon the BeOS legacy it spawned from. Congratulations to the Haiku project and all of its contributors.

286 vs. 386SX

The Intel 386 SX CPU quickly replaced the 286 CPU in the early 1990s. For a time, it was a very popular CPU, especially for people who were wanting to run Microsoft Windows. Yet the two CPUs run at nearly identical speed. So what was the big deal? The 286 vs 386SX argument could be confusing in 1991, and it’s not much clearer today. Here at OSNews we pride ourselves in pointing you to the most relevant, up-to-date buying advice available on the internet.

We built a system like Apple’s to flag child sexual abuse material – and concluded the tech was dangerous

Earlier this month, Apple unveiled a system that would scan iPhone and iPad photos for child sexual abuse material (CSAM). The announcement sparked a civil liberties firestorm, and Apple’s own employees have been expressing alarm. The company insists reservations about the system are rooted in “misunderstandings.” We disagree. We wrote the only peer-reviewed publication on how to build a system like Apple’s — and we concluded the technology was dangerous. We’re not concerned because we misunderstand how Apple’s system works. The problem is, we understand exactly how it works. There’s now so much evidence from credible, trustworthy people and organisations that Apple’s system is bad and dangerous, that I find it hard to believe there are still people cheering Apple on.

Performance improvements in .NET 6

I at least peruse if not review in depth the vast majority of all those PRs, and every time I see a PR that is likely to impact performance, I make a note of it in a running log, giving me a long list of improvements I can revisit when it’s blog time. That made this August a little daunting, as I sat down to write this post and was faced with the list I’d curated of almost 550 PRs. Don’t worry, I don’t cover all of them here, but grab a large mug of your favorite hot beverage, and settle in: this post takes a rip-roarin’ tour through ~400 PRs that, all together, significantly improve .NET performance for .NET 6. You might want to get some coffee.

MATE 1.26 released

The theme for this release has been adding new functionality to the MATE Desktop while maintaining the look and feel that we all know and love. While all the added features are surely quite exciting we also did not forget to do tons of bugfixing, modernising the code base and optimizing the performance. MATE is one of the two great alternatives for people who find GNOME 3 and later unpleasant (the other being Cinnamon, my DE of choice).

Microsoft is making it harder to switch default browsers in Windows 11

In Windows 11, Microsoft has changed the way you set default apps. Like Windows 10, there’s a prompt that appears when you install a new browser and open a web link for the first time. It’s the only opportunity to easily switch browsers, though. Unless you tick “always use this app,” the default will never be changed. It’s incredibly easy to forget to toggle the “always use this app” option, and simply launch the browser you want from this prompt and never see this default choice again when you click web links. Microsoft has changed the way default apps are assigned in Windows 11, which means you now have to set defaults by file or link type instead of a single switch. In the case of Chrome, that means changing the default file type for HTM, HTML, PDF, SHTML, SVG, WEBP, XHT, XHTML, FTP, HTTP, and HTTPS. That’s what you get when you use proprietary operating systems. Windows and macOS are not designed for you; they’re designed for Microsoft and Apple, respectively.

Researchers produce collision in Apple’s child-abuse hashing system

Researchers have produced a collision in iOS’s built-in hash function, raising new concerns about the integrity of Apple’s CSAM-scanning system. The flaw affects the hashing system, called NeuralHash, which allows Apple to check for exact matches of known child-abuse imagery without possessing any of the images or gleaning any information about non-matching pictures. On Tuesday, a GitHub user called Asuhariet Ygvar posted code for a reconstructed Python version of NeuralHash, which he claimed to have reverse-engineered from previous versions of iOS. The GitHub post also includes instructions on how to extract the NeuralMatch files from a current macOS or iOS build. Once the code was public, more significant attacks were quickly discovered. A user called Cory Cornelius produced a collision in the algorithm: two images that generate the same hash. If the findings hold up, it will be a significant failure in the cryptography underlying Apple’s new system. American tech media and bloggers have been shoving the valid concerns aside ever since Apple announced this new backdoor into iOS, and it’s barely been a week and we already see major tentpoles come crashing down. I try not to swear on OSNews, but there’s no other way to describe this than as a giant clusterfuck of epic proportions.

Debian 11.0 released

Speaking of Debian, there’s even bigger news than a new Debian GNU/Hurd release – Debian 11.0 is out and about! This release contains over 11,294 new packages for a total count of 59,551 packages, along with a significant reduction of over 9,519 packages which were marked as obsolete and removed. 42,821 packages were updated and 5,434 packages remained unchanged. As always, Debian release are big, and they are hugely important as they serve as the base for some of the most popular Linux distributions out there.

Debian GNU/Hurd 2021 released

It is with huge pleasure that the Debian GNU/Hurd team announces the release of Debian GNU/Hurd 2021. This is a snapshot of Debian “sid” at the time of the stable Debian “bullseye” release (August 2021), so it is mostly based on the same sources. It is not an official Debian release, but it is an official Debian GNU/Hurd port release. In this release, the port of go has been completed, experimental support for APIC, SMP, and 64bit has been added, and more.

Build your own SPARC workstation with QEMU and Solaris

A great intro to a classic platform by way of emulation and optionally even adapting a real physical keyboard: Back in the late 80s and through the 90s, Unix workstations were super powerful, super cool, and super expensive. If you were making 3D graphics or developing applications, you wanted a high-performance workstation and Sun made some of the best ones. But unless you worked for a huge company, university, or government, they were probably too expensive. More than twenty years later, we have much more powerful and affordable computers, so let’s emulate the old systems and see what it was like to run some of the coolest computers you could buy in the 90s. This is another in the series from the same author as the recently linked virtual NeXT machine, that also includes an entry for a virtual BeBox to experience BeOS.

Apple’s child protection features spark concern within its own ranks

Apple employees have flooded an Apple internal Slack channel with more than 800 messages on the plan announced a week ago, workers who asked not to be identified told Reuters. Many expressed worries that the feature could be exploited by repressive governments looking to find other material for censorship or arrests, according to workers who saw the days-long thread. Past security changes at Apple have also prompted concern among employees, but the volume and duration of the new debate is surprising, the workers said. Some posters worried that Apple is damaging its leading reputation for protecting privacy. It’s a complete 180 from Apple’s behaviour and statements (in western markets) – of course employees are going to be worried. I’ve been warning for years that Apple’s position on privacy was nothing more than a marketing ploy, and now Apple employees, too, get a taste of their own medicine that they’ve been selling in China and various other totalitarian regimes.