How to write a QML effect for KWin

In order solve that problem, we started looking for some options and the most obvious one was QtQuick. It’s a quite powerful framework and it’s already used extensively in Plasma. So, in Plasma 5.24, we introduced basic support for implementing kwin effects written in QML and even added a new overview effect. Unfortunately, if you wanted to implement a QtQuick-based effect yourself, you would still have to write a bit of C++ glue yourself. This is not great because effects that use C++ are a distribution nightmare. They can’t be just uploaded to the KDE Store and then installed by clicking “Get New Effects…”. Furthermore, libkwin is a fast moving target with lots of ABI and API incompatible changes in every release. That’s not good if you’re an effect developer because it means you will need to invest a bit of time after every plasma release to port the effects to the new APIs or at least rebuild the effects to resolve ABI incompatibilities. This has been changed in Plasma 6.0. In Plasma 6, we’ve had the opportunity to address that pesky problem of requiring some C++ code and also improve the declarative effect API after learning some lessons while working on the overview and other effects. So, enough of history and let’s jump to the good stuff, shall we? ↫ Vlad Zahorodnii Making it easier to write things like Plasma widgets and Kwin effects is always desirable, and making them easier to distribute is only icing on the cake.

There is no EU cookie banner law

You know those modal screens that interrupt your groove when you are surfing? There are no laws forcing websites to use them. They use them because they choose to. ↫ Bite code! Cookie banners are not only not required, they’re not even needed, and most implementations you encounter today are illegal anyway. You can use session cookies and anonymous stats cookies without needing any user approval. Companies like to use these cookie banners because they want to make you mad at the law, not at them for tracking you up the wazzoo, and people who actually do know better trot out the cookie banners to enrage you at the government instead of at the corporations exploiting you. EU law only states that if a website wants to track you, they have to let you know. That’s it. Seems very reasonable to anyone who isn’t a corporatist.

TrueNAS CORE 13 is the end of the FreeBSD version

Bad news from BSD land – the oldest vendor of BSD systems is changing direction away from FreeBSD and toward Linux. NAS vendor iXsystems has been busy this year, but apart from some statements in online user communities, it hasn’t been talking about the big news. Back in 2022, we covered TrueNAS CORE 13, the new release of its FreeBSD-based turnkey OS for NAS servers, and in that article we mentioned its new product, the Debian-based TrueNAS SCALE, aimed at providing storage for Kubernetes users. Now it seems the company is betting its future on that Linux-based product, meaning the end is in sight for the FreeBSD offering. ↫ Liam Proven at The Register Very sad to read, as more monoculture is not exactly great, but at the same time, from a corporate perspective, it’s also not entirely unexpected to focus on the server operating system with by far the widest industry support. I hope the fork mentioned in the article gains some steam, because having competition in this space is crucially important.

Hackintosh is (almost) dead

It’s true that latest macOS 14 (Sonoma) still supports the latest generations of Intel Macs and it’s very likely that at least one or two major versions will still be compatible. But there’s one particular development that is de-facto killing off the Hackintosh scene. In Sonoma, Apple has completely removed all traces of driver support for their oldest WiFi/Bt cards, namely various Broadcom cards that they last used in 2012/13 iMac / MacBook models. Those Mac models are not supported by macOS for few years now thus it’s not surprising the drivers are being removed. Most likely reason is that Apple is moving drivers away from .kext (Kernel Extensions) to .dext (DriverKit) thus cleaning up obsolete and unused code from macOS. They did the same with Ethernet drivers in Ventura. ↫ Aleksandar Vacić Everybody, especially the small but active Hackintosh community itself, knew full well the writing was on the wall the day Apple switched to ARM, and we’re seeing the first signs of the impending end of the community. Sure, enough people will remain who are interested in building Hackintoshes using older, unsupported versions of macOS, kind of like retrocomputing, but the days of running the latest macOS release on non-Apple hardware are coming to an end. As a fun side note, this old OSNews article I wrote in 2009 is one of the most-visited articles on our site of all time. Hackintoshes were way, way more popular than people gave them credit for.

Google adds “real-time, privacy-preserving URL protection” to Chrome

For more than 15 years, Google Safe Browsing has been protecting users from phishing, malware, unwanted software and more, by identifying and warning users about potentially abusive sites on more than 5 billion devices around the world. As attackers grow more sophisticated, we’ve seen the need for protections that can adapt as quickly as the threats they defend against. That’s why we’re excited to announce a new version of Safe Browsing that will provide real-time, privacy-preserving URL protection for people using the Standard protection mode of Safe Browsing in Chrome. ↫ Jasika Bawa, Xinghui Lu, Jonathan Li, and Alex Wozniak on the Google blog Reading through the description of how this new feature works, it does indeed seem to respect one’s privacy, but there could be so many devils in so many details here that you’d really need to be a specialist in these matters to truly gauge if Google isn’t getting its hands on the URLs you visit through this feature. But even if all that is true, it doesn’t really matter because Google has tons of other ways to collect more than enough data on you to build an exact profile of you are, and what advertisements will work well no you. Any time Google goes out of its way to announce it’s not collecting some type of data – like here, the URLs you type into the Chrome URL bar – it’s not because they care so much about your privacy, but because they simply don’t need this data to begin with.

Fuzzing Ladybird with tools from Google Project Zero

While Ladybird does an okay job with well-formed web content, I thought it would be useful to throw some security research tools at it and see what kind of issues it might reveal. So today we’ll be using “Domato”, a DOM fuzzer from Google Project Zero, to stress test Ladybird and fix some issues found along the way. The way this works is that Domato generates randomized web pages with lots of mostly-valid but strange HTML, CSS and JavaScript. I then load these pages into a debug build of Ladybird and observe what happens. ↫ Andreas Kling I have high hopes for Ladybird.

An actual look at Microsoft OS/2 2.0

This release marks the last time that Microsoft would release an OS/2 beta to developers, instead with the runaway success of Windows 3.0, Microsoft would remove resources from the constrained OS/2, and refocus both on Windows 3.1, and Windows NT. Thanks to one of my Patrons – Brian Ledbetter, the much-sought Microsoft OS/2 2.0 Pre-Release 2 is now available! So obviously the first thing to do was to re-create the original magical screenshot. ↫ neozeed at VirtuallyFun We already talked about this rediscovered release, but this article contains even more detailed information, this time from the person who bought the copy off eBay.

Loongson 3A6000: a star among Chinese CPUs

Computing power has emerged as a vital resource for economies around the world. China is no exception, and the country has invested heavily into domestic CPU capabilities. Loongson is at the forefront of that effort. We previously covered the company’s 3A5000 CPU, a quad core processor that delivered reasonable performance per clock, but clocked too low to be competitive. Now, we’re going to look at Loongson’s newer 3A6000 CPU. The 3A6000 is also a quad core 2.5 GHz part, but uses the newer LA664 core. Compared to the 3A5000’s LA464 cores, LA664 is a major and ambitious evolution. While Loongson has kept the same general architecture, LA664 has a larger and deeper pipeline with more execution units. To sweeten the pie, LA664 gets SMT support. When properly implemented, SMT can increase multithreaded performance with minimal die area overhead. But SMT can be challenging to get right. ↫ Chips and Cheese I’m always fascinated by China’s attempts at catching up to Intel and AMD, but at the same time, there’s no chance in hell I’d ever use any of it.

Secure by design: Google’s perspective on memory safety

Google’s Project Zero reports that memory safety vulnerabilities—security defects caused by subtle coding errors related to how a program accesses memory—have been “the standard for attacking software for the last few decades and it’s still how attackers are having success”. Their analysis shows two thirds of 0-day exploits detected in the wild used memory corruption vulnerabilities. Despite substantial investments to improve memory-unsafe languages, those vulnerabilities continue to top the most commonly exploited vulnerability classes. In this post, we share our perspective on memory safety in a comprehensive whitepaper. This paper delves into the data, challenges of tackling memory unsafety, and discusses possible approaches for achieving memory safety and their tradeoffs. We’ll also highlight our commitments towards implementing several of the solutions outlined in the whitepaper, most recently with a $1,000,000 grant to the Rust Foundation, thereby advancing the development of a robust memory-safe ecosystem. ↫ Alex Rebert and Christoph Kern at Google’s blog Even as someone who isn’t a programmer, it’s impossible to escape the rising tide of memory-safe languages, with Rust leading the charge. If this makes the software we all use objectively better, I’ll take the programmers complaining they have to learn something new.

Nanos: a kernel designed to run one application in a virtualized environment

Nanos is a new kernel designed to run one and only one application in a virtualized environment. It has several constraints on it compared to a general purpose operating system such as Windows or Linux – namely it’s a single process system with no support for running multiple programs nor does it have the concept of users or remote administration via ssh. ↫ Nanos GitHub page The project has a website with more information and instructions, and the code’s on GitHub.

MNT Reform review: brutalist hardware, familiar software

There’s a channel on YouTube called The Proper People. It’s two guys who travel all over the United States (and in a few cases, elsewhere too) exploring abandoned buildings, and recording both the exteriors and interiors for posterity, since many of these buildings suffer from massive decay and are often slated for demolition. These buildings have histories and stories that otherwise would be lost to time. They are incredibly respectful of the buildings they explore, and they will not break open locked doors or windows, and only traverse open and unlocked doors or openings borne out of natural decay. They never take anything from the sites they visit, and abhor what urban explorers call “staging”, where you move furniture and objects around to invoke or imply stories and things that aren’t there. Their videos are also very calm, muted, quiet, and only occasionally use atmospheric music for some of the more artistic shots. As a sidenote, they also happen to have the absolute best intro music of all time. One of the things you quickly notice as you see these buildings, and explore their interiors, is just how solidly made and beautifully detailed they were. Whether they’re exploring an 19th century Kirkbride mental asylum, an early 19th century power plant, or a mid-20th century hospital – they all tend to be made not just to serve a function, but also to be beautiful and solid, both inside and out. Walls, ceilings, and doorways are beautifully detailed in masonry or woodwork, light fittings are solid and ornate, and even access corridors or storage basements have gorgeous vaulted ceilings, decorated walls, and ornate pillars. The contrast to modern buildings couldn’t be starker. Buildings and workplaces of today are littered with drop ceilings, flimsy dividers, open plans, endless amounts of glass, all in styles so minimalist it just makes spaces feel cold, uninviting, and lacking in human scale. Modern buildings and interiors are temporary, ephemeral, built not for humans, but to a bottom line and some designer’s fancy – these old hospitals, factories, and even power plants are permanent, enduring, and made to human scale. They served as much as a status symbol for whatever ruthless capitalist owned the building as they did as a place for that same ruthless capitalist to extract wealth from mistreated workers. This juxtaposition, of the minimalist, soulless, flimsy and cheap-looking exteriors and interiors of modern buildings on the one hand, and the beautifully detailed, skillfully crafted, and human-scale exteriors and interiors from these older buildings on the other, is something that kept creeping back into my mind during my use of the MNT Reform. This is a device built by people who deeply care, who are very opinionated, and know exactly what they want to make – very much the opposite of the cookie-cutter dime-a-dozen laptops that flood the market today. MNT was so kind as to send me a Reform, at some risk to them because I am definitely not the kind of customer the Reform is typically aimed at. Yet, after a few months of use, I can confidently say this is one of the most unique devices I’ve ever used, and one that’s worth every cent. Let’s explore why. Brutalist hardware Let’s first dive into what, exactly, the Reform is. At its core, it’s an ARM-based laptop designed to run Linux, developed and built by a small team of people in Berlin. The Reform is unique in that it is designed to be open hardware, fully repairable and highly modular and upgradeable. It consists of a mainboard with an mPCIe slot, an M.2 slot for NVME SSDs, 16GB eMMC storage, and uniquely, a slot for a System-on-Chip module roughly the size of an SO-DIMM module that contains the processor and RAM. The keyboard and pointing device are internally connected through USB 2.0 and easily replaceable, too. The Reform is defined as much by what it does not have as by what it does have. You won’t find any surveillance devices inside the Reform – no webcam, no microphones, nothing. There have been laptops with little privacy switches or sliding covers for the webcam, but I don’t think I’ve seen a modern laptop that eschews cameras and microphones since the late ’90s. It’s one of the many examples of the Reform’s opinionated design choices. The configuration MNT sent me consists of the aforementioned mainboard, coupled with one of the processor modules they offer – in my case, the RCM4 A311D, which sports four 2.2GHz Cortex-A73 cores and two 1.8GHz Cortex-A53 cores, 4GB of LP-DDR4 RAM, and an ARM Mali G52 MP4 GPU that supports OpenGL/ES 3.1 through Panfrost. This module also supports Wi-Fi 5 and Bluetooth 5.0 through the integrated RTL8822CS. The A311D is just one of many modules available for purchase for the Reform, and during the writing of this review, MNT also added a brand new SoC module to its lineup – the RK3588, the most powerful option available for the Reform. It packs 4 ARM Cortex-A76 cores (up to 2.4GHz) and 4 ARM Cortex-A55 cores (up to 2.2GHz), 16GB or 32GB of RAM, and 128GB or 256GB of eMMC storage. It also sports an ARM Mali-G610 MP4 4-core GPU. Like with all other modules, the drivers for the A311D in my model are completely open source. When it comes to firmware, however, the A311D is not fully open source; there’s closed-source code in the Wi-Fi firmware and the boot/TF-A firmware. The other modules all also have various bits of closed firmware, except for the RKX7 module that uses a Kintex-7 FPGA and hence comes with a hefty price tag. Using the RKX7 module, you can have a fully open source laptop, from operating system down to the firmware, which is, as far as I can tell, unique. However, the amount of closed firmware code for each of the other boards is relatively small, and in some cases – such as with the LS1028A – can be avoided, too. If you care about

Intel continues prepping the Linux kernel for X86S

Nearly one year ago Intel published the X86S specification (formerly stylized as “X86-S”) for simplifying the Intel architecture by removing support for 16-bit and 32-bit operating systems. X86S is a big step forward with dropping legacy mode, 5-level paging improvements, and other modernization improvements for x86_64. With the Linux 6.9 kernel more x86S bits are in place for this ongoing effort. ↫ Michael Larabel I doubt we’ll see much fallout from these changes.

European Commission’s use of Microsoft 365 infringes data protection law for EU institutions and bodies

Following its investigation, the EDPS has found that the European Commission (Commission) has infringed several key data protection rules when using Microsoft 365. In its decision, the EDPS imposes corrective measures on the Commission. ↫ European Data Protection Supervisor You often hear people state that EU rules and regulations are designed exclusively to harm non-EU companies. The massive amounts of fines and corrective actions handed out to EU companies in all kinds of sectors already disprove this notion, and here’s a case where even the European Commission itself gets a slap on the wrist for violating its own rules and regulations – rules and regulations, we’re often told by especially American corporatists, are designed specifically to target poor American businesses. Not that corporatists have any use for reality and facts, but still.

Oracle Solaris 11.4 SRU66 released

Oracle Solaris 11.4 SRU 66 is now available via ‘pkg update’ from the support repository or by downloading the SRU from My Oracle Support Doc ID 2433412.1. Highlights of the changes in this release are given in the release announcement and important information to read before installing it is provided in the Readme linked from the above support document. This blog post provides more details about selected new features and interface changes in this SRU, as well as some preparation work for changes coming in future SRUs. ↫ Alan Coopersmith and Jan Pechanec Oracle is still developing Solaris. I still find it very difficult to care after Oracle’s bullshittery.

Messy ToS update allegedly locks Roku devices until users give in

Roku customers are threatening to stop using, or to even dispose of, their low-priced TVs and streaming gadgets after the company appears to be locking devices for people who don’t conform to the recently updated terms of service (ToS). This month, users on Roku’s support forums reported suddenly seeing a message when turning on their Roku TV or streaming device reading: “We’ve made an important update: We’ve updated our Dispute Resolution Terms. Select ‘Agree’ to agree to these updated Terms and to continue enjoying our products and services. Press * to view these updated Terms.” A large button reading “Agree” follows. The pop-up doesn’t offer a way to disagree, and users are unable to use their device unless they hit agree. ↫ Scharon Harding at Ars Technica The best part of this story? And by best I mean worst? You have to send a letter – a paper one, with stamps and everything, like in the before times – to Roku’s lawyer in California containing the names of all the people opting out, the devices and services in question, and a damn purchase receipt. They’re one step away from wanting your passport and your firstborn child.

Image-scraping Midjourney bans rival “AI” firm for scraping images

On Wednesday, Midjourney banned all employees from image synthesis rival Stability AI from its service indefinitely after it detected “botnet-like” activity suspected to be a Stability employee attempting to scrape prompt and image pairs in bulk. Midjourney advocate Nick St. Pierre tweeted about the announcement, which came via Midjourney’s official Discord channel. ↫ Benj Edwards So “AI” companies are allowed to ingest whatever data they want, but as soon as someone ingests their data, it’s suddenly a problem? Seems like a sound business model.

Linux Kernel 6.8 released

Highlights of Linux kernel 6.8 include LAM (Linear Address Masking) virtualization and guest-first memory support for KVM, a basic online filesystem check and repair mechanism for the Bcachefs file system introduced in Linux kernel 6.7, support for the Broadcom BCM2712 processor in Raspberry Pi 5, AMD ACPI-based Wi-Fi band RFI mitigation feature (WBRF), zswap writeback disabling, fscrypt support for CephFS, a new Intel Xe DRM driver, and a multi-size THP (Transparent Huge Pages) sysfs interface. ↫ Marius Nestor at 9to5Linux There’s way more going on in this new release, of course, such as further Rust support, for instance in the Loongson architecture, additional support for tons of newer Intel processors , specific support patches for various laptops, and so, so much more.

Better, faster, stronger time zone updates on Android

From the beginning, time zone rules were a component in Mainline, called Time Zone Data or tzdata module. This integration allowed us to react more quickly to government-mandated time zone changes than before. However until 2023 tzdata updates were still bundled with other Mainline changes, sometimes leading to testing complexities and slower deployment. In 2023, we made further investments in Mainline’s infrastructure and decoupled the tzdata module from the other components. With this isolation, we gained the ability to respond rapidly to time zone legislation changes — often releasing updates to Android users outside of the established release cadence. Additionally, this change means time zone updates can reach a far greater number of Android devices, ensuring you as Android users always see the correct time. ↫ Almaz Mingaleev and Masha Khokhlova This is equal parts boring and equal parts amazing. The amount of work developers have to put into making sure timezones work is astonishing, and the fact that a large chunk of it is done by volunteers is even more impressive.

Accessibility improvements in GTK 4.14

GTK 4.14 brings various improvements on the accessibility front, especially for applications showing complex, formatted text; for WebKitGTK; and for notifications. ↫ Emmanuele Bassi Excellent improvements that, if you listen to those that need these improvements, are sorely needed in GTK 4.