MWC Barcelona 2019 is well underway, and among the big companies such as Samsung, Huawei, LG, and Xiaomi are smaller start-ups. One of those start-ups is the UK-based F(x)tec, a company which intends to bring back well-loved features from the smartphones of old. The F(x)tec Pro 1 is their first device, and it features a sliding QWERTY keyboard inspired by the Nokia E7 and N950. I got to meet the team and get hands-on time with the device to gather my thoughts on it. Meet the F(x)tec Pro 1, a slider phone with a QWERTY keyboard that will launch in July. This Android device ticks so many boxes, yet it’s the price that has me concerned. The starting price of $649 isn’t actually that steep when compared to the devices Samsung and Apple put on the market, but for lower prices you can get comparable and better-specced phones from OnePlus or PocoPhone. I’m not sure if I’m comfortable spending that much money on an unproven company with possible update issues.
Huawei’s rotating chairman Guo Ping has gone on the offensive this week at Mobile World Congress, following continued pressure on US allies to drop the Chinese telecoms giant over national security fears. In a strident on-stage speech and a Financial Times editorial, Guo is escalating Huawei’s side of the story by explicitly calling out the NSA, which Edward Snowden has shown to have hacked Huawei in the past, while presenting his company as a more secure option for the rest of the world. “If the NSA wants to modify routers or switches in order to eavesdrop, a Chinese company will be unlikely to co-operate,” Guo says in the FT, citing a leaked NSA document that said the agency wanted “to make sure that we know how to exploit these products.” Guo argues that his company “hampers US efforts to spy on whomever it wants,” reiterating its position that “Huawei has not and will never plant backdoors.” This war of words and boycotts will continue for a long time to come, but Guo makes an interesting point here by highlighting the fact the NSA hacked Huawei devices and email accounts of Huawai executives. I personally do not believe that devices made in China for other brands – Apple, Google, whatever – are any safer from tampering than devices from a Chinese brand. These all get made in the same factories, and I can hardly fault the Chinese government for doing what all our western governments have been doing for decades as well. It’s not a pretty game, and in an ideal world none of it would be necessary, but we should not let blind nationalism get in the way of making sound decisions.
HyperCard is a new kind of application-a unique information environment for your Apple Macintosh computer. Use it to look for and store information-words, charts, pictures, digitized photographs-about any subject that suits you. Any piece of information in HyperCard can connect to any other piece of information, so you can find out what you want to know in as much or as little detail as you need. The original, complete manual for Apple’s HyperCard.
The Federal Trade Commission’s Bureau of Competition announced the creation of a task force dedicated to monitoring competition in U.S. technology markets, investigating any potential anticompetitive conduct in those markets, and taking enforcement actions when warranted. This is music to my ears, but only time will tell if this new task force has any teeth. The current US administration is held together by string and spit and barely able to even stumble out the door in the morning, so one has to wonder how effective any FTC actions can even be.
The boot process, in computer hardware, forms the foundation for the security of the rest of the system. Security, in this context, means a “defense in depth” approach, where each layer not only provides an additional barrier to attack, but also builds on the strength of the previous one. Attackers do know that if they can compromise the boot process, they can hide malicious software that will not be detected by the rest of the system. Unfortunately, most of the existing approaches to protect the boot process also conveniently (conveniently for the vendor, of course) remove your control over your own system. How? By using software signing keys that only let you run the boot software that the vendor approves on your hardware. Your only practical choices, under these systems, are either to run OSes that get approval from the vendor, or to disable boot security altogether. In Purism, we believe that you deserve security without sacrificing control or convenience: today we are happy to announce PureBoot, our collection of software and security measures designed for you to protect the boot process, while still holding all the keys. Good initiative.
USB 3.2, which doubles the maximum speed of a USB connection to 20Gb/s, is likely to materialize in systems later this year. In preparation for this, the USB-IF—the industry group that together develops the various USB specifications—has announced the branding and naming that the new revision is going to use, and… It’s awful. I won’t spoil it for you. It’s really, really bad.
Security researchers at the Network and Distributed Systems Security Symposium in San Diego are announcing the results of some fascinating research they’ve been working on. They “built a fake network card that is capable of interacting with the operating system in the same way as a real one” and discovered that Such ports offer very privileged, low-level, direct memory access (DMA), which gives peripherals much more privilege than regular USB devices. If no defences are used on the host, an attacker has unrestricted memory access, and can completely take control of a target computer: they can steal passwords, banking logins, encryption keys, browser sessions and private files, and they can also inject malicious software that can run anywhere in the system. Vendors have been gradually improving firmware and taking other steps to mitigate these vulnerabilities, but the same features that make Thunderbolt so useful also make them a much more serious attack vector than USB ever was. You may want to consider ways to disable your Thunderbolt drivers unless you can be sure that you can prevent physical access to your machine.
My software setup has been surprisingly constant over the last decade, after a few years of experimentation since I initially switched to Linux in 2006. It might be interesting to look back in another 10 years and see what changed. A quick overview of what’s running as I’m writing this post. A detailed overview of a terminal-oriented Linux software setup. There’s obviously countless setups like this, but this post is quite detailed and possibly contains some ideas for others.
As expected, Microsoft today launched HoloLens 2, the company’s second-generation augmented reality (AR) headset. The new hardware addresses what were probably the two biggest issues with the first-generation device: the narrow field of view, and the comfort when wearing the device. I’d love to experience AR and VR devices like these, but for now, I just can’t justify the investment. The killer app for home use seems to not have been invented yet, and I’d just end up with a fun gimmick that serves to entertain the odd guest a few times a year. I understand my own personal enjoyment is not exactly high on the list for the makes of these devices – they’re obviously more interested in professional use – but in order to build a sutainable, long-term business around AR and VR, they really ought to start thinking about reasons for ordinary consumers to start buying these.
The Opportunity Rover, also known as the Mars Exploration Rover B (or MER-1), has finally been declared at end of mission today after 5,352 Mars solar days when NASA was not successfully able to re-establish contact. It had been apparently knocked off-line by a dust storm and was unable to restart either due to power loss or some other catastrophic failure. Originally intended for a 90 Mars solar day mission, its mission became almost 60 times longer than anticipated and it traveled nearly 30 miles on the surface in total. Spirit, or MER-2, its sister unit, had previously reached end of mission in 2010. And why would we report that here? Because Opportunity and Spirit were both in fact powered by the POWER1, or more accurately a 20MHz BAE RAD6000, a radiation-hardened version of the original IBM RISC Single Chip CPU and the indirect ancestor of the PowerPC 601. There are a lot of POWER chips in space, both with the original RAD6000 and its successor the RAD750, a radiation-hardened version of the PowerPC G3. What an awesome little tidbit of information about these Mars rovers, which I’m assuming everybody holds in high regard as excellent examples of human ingenuety and engineering.
On Monday, Google and the FIDO Alliance announced that Android has added certified support for the FIDO2 standard, meaning the vast majority of devices running Android 7 or later will now be able to handle password-less logins in mobile browsers like Chrome. Android already offered secure FIDO login options for mobile apps, where you authenticate using a phone’s fingerprint scanner or with a hardware dongle like a YubiKey. But FIDO2 support will make it possible to use these easy authentication steps for web services in a mobile browser, instead of having the tedious task of typing in your password every time you want to log in to an account. Web developers can now design their sites to interact with Android’s FIDO2 management infrastructure. Good move.
Huawei Technologies Co. would deny any Chinese government request to open up “back doors” in foreign telecommunications networks because they aren’t legally obliged to do so, the company’s chairman says. Liang Hua, speaking to reporters in Toronto on Thursday, said the company had received an independent legal opinion about its obligations under Chinese law and said there is nothing forcing companies to create what he called “back doors” in networks. He said they’d never received any such request, but would refuse it if they did. At this point, it seems silly to assume such backdoors do not already exist in one form or another – if not at the device level, then at the network level. This isn’t merely a Chinese thing either; western governments are doing the same thing, draped in a democratic, legal veneer through secret FISA-like courts and similar constructions.
Late last year, Linux OEM System76 unveiled the Thelio, its custom Linux-focused workstation. The computer is now shipping to consumers, meaning the first reviews are starting to roll in. Leonora Tindall wrote up her experience with System76’s latest workstation, concluding: System76’s new “open hardware” desktop, is a small, beautiful, and powerful desktop computer that hits every high point anyone could have expected, faltering only in the inherent limitations of its small size. It’s pretty, it’s tiny, it’s fast, it’s well cooled, and the software support is top-tier. Despite being somewhat noisy and lacking front I/O, it’s certainly a good machine for any Linux user who can swallow the 18% – 22% upcharge for assembly and custom engineering. It must be difficult to sell highly customisable Linux workstations like these, since virtually anyone using Linux is most likely more than capable and willing to build their own computer. Still, I commend the effort, and it can serve as a halo product for System76’s Linux laptops, which probably cover a wider net of possible consumers.
We’re very grateful to this week’s (and our inaugural) sponsor: OPS is a new free open source tool that allows anyone including non-developers to run existing Linux applications as unikernels. Long predicted to be the next generation of cloud infrastructure, unikernels have remained inaccessible to developers because of their low level nature. OPS fixes that. Please visit their website to learn more: https://ops.city
Many years ago (in 2015), I told you about my Xbox 360 development kit, based on a Power Mac G5. And I finally managed to make it work. Let’s summarize the story. We are in 2003 and Microsoft plans to release its Xbox 360 console in 2005. It is based on a new PowerPC processor (the Xenon, derived from the Cell but that’s another story) and an AMD graphics card. And initially, to provide test machines to the developers, Microsoft has an issue: the processor does not exist yet. The solution, quite pragmatic, to solve the problem while waiting for the first prototypes of consoles consists in using the most common mainstream PowerPC platform: a Macintosh. These PowerMac G5s used by Microsoft for Xbos 360 development couldn’t really be used for anything but running Mac OS X, since the Xbox 360 development software and operating system had all been wiped. As luck would have it, though, this software was released on the internet last year, including the Xenon OS. It also includes an early version of the Xbox 360 dashboard. An absolutely fascinating piece of history.
Millions of smartphone users confess their most intimate secrets to apps, including when they want to work on their belly fat or the price of the house they checked out last weekend. Other apps know users’ body weight, blood pressure, menstrual cycles or pregnancy status. Unbeknown to most people, in many cases that data is being shared with someone else: Facebook. The social-media giant collects intensely personal information from many popular smartphone apps just seconds after users enter it, even if the user has no connection to Facebook, according to testing done by The Wall Street Journal. The apps often send the data without any prominent or specific disclosure, the testing showed. At this point, none of this should surprise anyone anymore. Still, this particular case involves applications without any Facebook logins or similar mechanisms, giving users zero indiciation that their data is being shared with Facebook. These developers are using Facebook analytics code inside their applications, which in turn collect and send the sensitive information to Facebook. Other than retreat to a deserted island – what can we even do?
Responding to a forum post on upcoming ARM server offerings, Linus Torvalds makes a compelling case for why Linux and x86 completely overwhelmed commercial Unix and RISC: Guys, do you really not understand why x86 took over the server market? It wasn’t just all price. It was literally this “develop at home” issue. Thousands of small companies ended up having random small internal workloads where it was easy to just get a random whitebox PC and run some silly small thing on it yourself. Then as the workload expanded, it became a “real server”. And then once that thing expanded, suddenly it made a whole lot of sense to let somebody else manage the hardware and hosting, and the cloud took over.
When we re-launched the site at the beginning of the year, I mentioned that I’d considered shuttering OSNews as a response to needing such a major overhaul, since conventional advertising was no longer sufficient for covering expenses. A few weeks ago, I decided to experiment with offering a sponsorship, wherein a patron pays a fee to be the exclusive sponsor of the site for a week. It was all just a pipe dream until someone agreed last week to be our first sponsor. So we’re cautiously optimistic that this may be a viable way to keep the site running and maybe even expand. It won’t work, though, unless we can fill our pipeline with sponsors. I doubt we’ll be able to do that just by putting up a shingle and hoping people contact us. So I wanted to reach out to you, beloved readers, to see if you could help. If you know someone, maybe your employer, who offers a product or service that might be interesting to OSNews readers, see if they’ll be willing to sponsor the site. We’re open to ideas on how to structure the sponsorship program. If you were to sponsor the site, what would you want to get in exchange for your money? We’d love feedback on the terms of the sponsorship. Do you know of any ways that we might be able to publicize the availability of sponsorships? Would you be interested in acting as a salesperson and reaching out to firms to solicit sponsorships? Let me know. And finally, sponsorships will be desirable if OSNews itself is popular and vibrant. You can do your part by reading the site, commenting, submitting news, and contacting us if you’re interested in writing a feature.
The Nintendo Switch is Nintendo’s latest console/handheld, and it’s doing really well for itself in terms of sales and appeal. It also marks a change in attitude from Nintendo as well, as the device is not only powered by an Nvidia Tegra system-on-chip, but the company even reportedly wanted to employ the now-defunct Cyanogen Inc. to develop their operating system. Since the discovery of the Fusée Gelée vulnerability, Switch modding has really taken off in the community. Users have theorized for a long time now whether it would be possible to port Android to the Switch. After all, Linux has been ported to it and the device uses the Tegra X1 SoC for which there is documentation to refer to. All that’s left is the blood, sweat, and tears of developers interested enough in porting Android. One developer by the name of ByLaws is taking the challenge of turning a Nintendo Switch into an Android tablet. The Switch is such a perfect formfactor and device for retro gaming. It’s really too bad that such things break warranties and/or block device and game updates, because otherwise I’d get emulators running on my Switch in a heartbeat.
Google is finally ending forced arbitration for its employees. These changes will go into effect for both current and future Google employees on March 21. While Google won’t reopen settled claims, current employees can litigate past claims starting March 21. While it’s nice of Google to end this policy, forced arbitration for employees should clearly be illegal in the first place.
