Deleting system32\curl.exe

I just want to emphasize that if you install and run Windows, your friendly provider is Microsoft. You need to contact Microsoft for support and help with Windows related issues. The curl.exe you have in System32 is only provided indirectly by the curl project and we cannot fix this problem for you. We in fact fixed the problem in the source code already back in December 2022. If you have removed curl.exe or otherwise tampered with your Windows installation, the curl project cannot help you. Both Windows and macOS have along history of shipping horribly outdated, insecure, and unsupported versions of open source software, and it seems that hasn’t changed.

Haiku’s (kernel) condition variables API: design and implementation

A few months after my contract with Haiku, Inc. began, I rewrote the implementation of the Haiku kernel’s condition variables (as opposed to our userspace condition variables, which are from POSIX.) As this new implementation has run in Haiku for over a year and shipped in the latest release with no sign of any remaining issues, I figured it is high time for a deep-dive on the API, its implementation history, and the design of the new implementation I wrote. I expect this article will be of broader interest than just to Haiku’s community, because Haiku’s condition variables API has some notable (and powerful) features not found in those of other operating systems, and its implementation is thus likewise unique (at least, as far as I have been able to figure out.) I’m currently working on a “state of Haiku” sort of article, and I’m incredibly impressed with just how stable, fast, full-featured, and usable Haiku has become on real hardware. I’ve always kept an eye on Haiku in virtual machines, but now I’m running it on real hard hardware – where it belongs – and it’s been an absolute joy. The fact that waddlesplash managed to pull off this switch basically without any issues and with few people noticing, is further illustration the project’s in a good place.

ARM is developing its own prototype chip, says report

British chip designer ARM is working on its own advanced semiconductor to showcase the power and capabilities of its design, Financial Times reports. According to people briefed on the move, ARM will work with manufacturing partners to bring the new chip to fruition. They’re not intending to get into the chip game, as this will only be a prototype chip to demonstrate what they can do.

Compromising Garmin’s sport watches: a deep dive into GarminOS and its MonkeyC virtual machine

I reversed the firmware of my Garmin Forerunner 245 Music back in 2022 and found a dozen or so vulnerabilities in their support for Connect IQ applications. They can be exploited to bypass permissions and compromise the watch. I have published various scripts and proof-of-concept apps to a GitHub repository. Coordinating disclosure with Garmin, some of the vulnerabilities have been around since 2015 and affect over a hundred models, including fitness watches, outdoor handhelds, and GPS for bikes. Raise your hands if you’re surprised. Any time someone takes even a cursory glance at internet of things devices or connected anythings that isn’t a well-studied platform from the likes of Apple, Google, or Microsoft, they find boatloads of security issues, dangerous bugs, stupid design decisions, and so much more.

Windows on btrfs

Using Quibble, an open source reimplementation of the Windows boot loader, a btrfs driver for Windows, and guest starring ntfs2btrfs, an in-place conversion tool, you can make Windows boot and run on btrfs, as Lily discovered and detailed. She took it a step further though, and decided to see if you could really redefine “cursed”. I decided to make a new btrfs partition and just copy over all the files and see if that would boot. I was shocked to see that it did and now that I had a clean and uncorrupted filesystem it was time for the incredibly dumb idea I had. There are no directories in the Windows and Linux roots that share the same name so you should be able to boot them both from the same partition without any file conflicts. After a reboot into Linux, installing Arch with pacstrap, and fucking with grub. This kinda just works. The btrfs driver for Windows is incredibly solid so once you get past the bootloader there really isn’t anything weird. It just does its thing. Yeah, but your scientists were so preoccupied with whether or not they could, they didn’t stop to think if they should. Good lord.

Microsoft’s GitHub Copilot is massive copyright infringement

Before you read this article – note that Codeium offers a competitor to GitHub Copilot. This means they have something to sell, and something to gain by making Copilot look bad. That being said – their findings are things we already kind of knew, and further illustrate that Copilot is quite possibly one of the largest, if not the largest, GPL violations in history. To prove that GitHub Copilot trains on non permissive licenses, we just disable any post-generation filters and see what GPL code we can generate with minimal context. We can very quickly generate the GPL license for a popular GPL-protected repo, such as ffmpeg, from a couple lines of a header comment. Codeium claims it does not use GPL code for its training data, but the fact it uses code licensed more permissively still raises questions. While the BSD and MIT-like licenses are more permissive and lack copyleft, they still require the inclusion of the terms of the license and a copyright notice to be included whenever the covered code is used. I’m not entirely sure if using just permissively licensed code as training data is any better, since unless you’re adding the licensing terms and copyright notice with every autocompleted piece of code, you’re still violating the license. If Microsoft or whoever else wants to train a coding “AI” or whatever, they should either be using code they own the copyright to, get explicit permission from the rightsholders for “AI” training use (difficult for code from larger projects), or properly comply with the terms of the licenses and automatically add the terms and copyright notices during autocomplete and/or properly apply copyleft to the newly generated code. Anything else is a massive copyright violation and a direct assault on open source. Let me put it this way – the code to various versions of Windows has leaked numerous times. What if we train an “AI” on that leaked code and let everyone use it? Do you honestly think Microsoft would not sue you into the stone age?

The weird world of Windows file paths

File system paths on Windows are stranger than you might think. On any Unix-derived system, a path is an admirably simple thing: if it starts with a /, it’s a path. Not so on Windows, which serves up a bewildering variety of schemes for composing a path. When I implemented the path autocompletion feature in Fileside 1.7, I needed to take a closer look at this to make sure I had all bases covered. This blog post shares my findings. You think you know everything about file system paths on Windows? Trust me – you don’t. What on earth.

A quick look back at Microsoft’s first PC hardware product back in 1980, the Z80 SoftCard

However, many people at the time didn’t realize was that Microsoft had actually sold a PC hardware product, well before it launched Windows, and even before it released MS-DOS. Then Microsoft CEO Steve Ballmer actually mentioned this fact at the first Surface press event in June 2012. It was called the Z80 SoftCard, and it was first released 43 years ago this month, on April 2, 1980. In an even more ironic twist, the product was made as an add-in card for the Apple II PC. I’ve always been fascinated by expansion cards that contain entire computers to make it possible to run one architecture inside another – Apple had a DOS card, for instance, and Sun sold the SunPCi line of cards that could run x86 operating systems on SPARC systems, and there were countless more. They’re not as needed today, and you’ll have a hard time finding, for instance, an ARM PCI-e card to stick in your PC.

Ubuntu 23.04, Fedora 38 released

Two major Linux distributions released major new versions this week. First, Ubuntu: There’s a big user experience uplift courtesy of GNOME 44 and enhancements, and a brand new Ubuntu installer helps improves the onboarding experience. Foundationally, Ubuntu 23.04 runs on the latest Linux kernel 6.2 release, ships Mesa 23.0 graphics drivers (with in-distro access to proprietary NVIDIA drivers for those who need them), plus updates all of the requisite tooling, toolchains, and programming packages developers need. I’m curious to try the new installer if someone else adopts it (I have no need for Ubuntu), but other than that, this is a fairly small release that won’t rock the boat too much. Second we have Fedora: Fedora Workstation focuses on the desktop experience. As usual, Fedora Workstation features the latest GNOME release. GNOME 44 includes a lot of great improvements, including a new lock screen, a “background apps” section on the quick menu, and improvements to accessibility settings. In addition, enabling third-party repositories now enables an unfiltered view of applications on Flathub.  With this release, we’ve shortened the default timeout when services shut down. This helps your system power off faster — important when you need to grab your laptop and go. Fedora is, in my view, the best desktop Linux distribution, and I use it myself on two of my three main PCs. So far, Fedora 38 doesn’t feel like a major new release either, but just more of what you already know.

Installing OpenVMS 9.2 for x86 on VirtualBox

OpenVMS on x86 is now available for hobbyists! Almost a year after the official release. This is a part 1 of my getting started guide, showing you how to install OpenVMS on VirtualBox on Windows 10/11. More parts will follow, documenting license installation, network setup, ssh, application installation etc. If you’ve been wanting to get your feet wet with the new OpenVMS x86 release – like I am – this series of articles is the one place to start.

Apple’s fight against iPhone sideloading was pointless at best, harmful at worst

If Apple had very quietly allowed sideloading a few years ago, that would have removed the antitrust threat – while the overwhelming majority of iPhone owners would have continued to get their apps from the App Store, just as they always have. The percentage of iPhone owners who will ever sideload an app is vanishingly small, so Apple has spent a lot of time and energy fighting a battle that is completely pointless Worse, by fighting the issue so loudly and for so long, Apple has actually given the issue way more publicity than it would ever have received otherwise. It has turned what would otherwise have been a boring technical detail covered only by the Apple press into a mass-media news story. Apple has effectively contributed to its portrayal as a bad guy, with zero benefit to the company. Right on the money – and I’m glad it has transpired this way. I doubt we’d ever have gotten this far without Apple continuously trying to stop it.

What app developers actually think about the EU vs Apple debate on third-party app stores

Under the European Union’s new Digital Markets Act (DMA), which aims to increase competition, large online platforms, including Apple, must open up their devices to third-party app stores. While the consensus is that this provision of the law is good for users and even Apple, it’s unclear how the regulation will affect application developers. The question is what do app developers think about these new regulations? Will they actually be beneficial to EU based developers and what will be the short and long term impact on the EU’s app market? We spoke with a few to find out. In short, they’re actually interested in the effects of this legislation, because sideloading and alternative application stores on iOS will give developers more options, and these options will in turn put pressure on Apple to lower its fees as well. Competition is a beautiful, beautiful thing.

Your phone was built with child labor

The consumer-facing tech and EV companies all proclaim there’s no artisanally mined cobalt or child cobalt in their supply chains. So don’t fret, consumer. Don’t fret, shareholder. If that’s true, where’s all the cobalt going? Last year, almost 75 percent of global cobalt production was from Congo. It’s impossible for these companies to say they don’t have Congolese cobalt. And if it’s impossible to say they don’t have Congolese cobalt, it’s impossible to say they don’t have cobalt that’s not been tainted by child labor, forced labor, environmental destruction, public health catastrophes from mining pollution. Full stop. Rarely in history has the practice of preying on the weak been so severe, generated such profit, and touched the lives of so many. Every level of the chain is preying on some of the poorest and most heavily exploited people in the world. The world pays a hefty price for our way of life. And yes, I modified the title slightly.

Microsoft is experimenting with a Steam Deck-friendly “handheld mode” for Windows

But Windows isn’t an ideal operating system for the Steam Deck, at least not out of the box. Its mouse-and-keyboard-oriented user interface isn’t comfortable or convenient to use on a small handheld system like the Steam Deck. Windows 11 makes some allowances for touchscreens, but its buttons and menus can still be hard to tap on such a small screen. The controller doesn’t work outside of Steam, including on Windows’ touchscreen keyboard, and installing drivers and launching games for the first time can be a pain. Microsoft is aware of the problems running Windows on the Steam Deck and other similar handheld Windows PCs, and at least some developers inside the company have spent time thinking of ways to address them. That’s the thrust of a leaked presentation (posted in two parts by Twitter user _h0x0d_) about a new “Handheld Mode” for Windows, developed as part of an internal Microsoft hackathon in September 2022. Windows just isn’t a great operating system choice for these handheld PC gaming devices, and slapping a skin on it is not going to change that. Valve can integrate Linux and Proton with the hardware of the Steam Deck, and fine tune both down to the very source code – and considering Valve’s many contributions to open source, that’s exactly what it’s doing. Meanwhile, if you’re one of those companies making Steam Deck competitors running Windows – you’re shit out of luck. All you can do is add crapware left and right to hide the Windows of it all, but in the end, you just can’t optimise the software for the hardware in the same way Valve can.

Size matters: an exploration of virtual memory on iOS

I ran into an odd out-of-memory problem the other day when attempting to debug an iOS app on device. The app consistently crashed shortly after launch, preventing me from investigating the bug. To unblock myself, I learned a lot about the iOS virtual memory implementation and journaled my findings (including a fix!) here. Nothing to add – exactly what it says on the tin.

FreeBSD 13.2 released

The FreeBSD team has released the latest point release for FreeBSD 13.x, version 13.2. It comes with updated versions of OpenSSH and OpenSSL, improvements to bhyve to allow more than 16 virtual processors, an updated version of OpenZFS, the inclusion of the WireGuard kernel driver, and much more.

Windows 11 KB5025310 changes how the Print Screen key works

If your laptop has a dedicated Print Screen key, you can press it to instantly take a screenshot of the screen and save it to the clipboard. You can paste the screenshot into any app like Paint and do whatever you want to. This has always been the default behaviour of the Print Screen key (PrtSc). KB5025310 is changing the default behaviour for everyone. After installing this or a newer update, your Print Screen key will open the new Snipping Tool. For those unaware, Windows 11’s new Snipping Tool replaces the legacy Snipping Tool and Snip & Sketch app and combines the best features. It’s always strange how even the smallest of changes to Windows can make people upset, so considering the Print Screen key has worked the same way since Windows 95, changing its behaviour is going to make a lot of people unhappy. I honestly think it’s the right move – but if this really upsets you, you can change the behaviour back to the old way. Fun side note: the name of the key comes from the fact that under e.g. MS-DOS, the Print Screen key would literally print the contents of the screen by sending it the default printer port.

Loongson’s 3A5000: China’s best shot?

Loongson’s 3A5000 is the most promising domestic Chinese CPU we’ve seen so far. Compared to the Zhaoxin KX-6640MA and Phytium D2000, Loongson’s 3A5000 is a wide core with a better balanced backend and a better cache hierarchy. But it suffers the same fundamental issues as the other two in its quest to be a general purpose CPU. Loongson’s LA464 simply cannot deliver performance in the same class as any recent Intel or AMD architecture. Compared to its western counterparts, LA464’s architecture is smaller, the L2 and L3 caches are worse, and the DDR4 memory controller is embarrassingly bad. Even though Loongson has gotten their cores up from 1 GHz to 2.5 GHz, no one runs desktop or even laptop CPUs at clocks that low. Because of its massive clock speed deficiency, Loongson can’t even get in to the same performance ballpark as recent desktop CPUs. It even struggles against Neoverse N1 running at 3 GHz. This is a far more detailed looking at these processors than we posted a few days ago.

Microsoft is slowly rolling out ads in the Windows 11 Start menu

Microsoft’s latest Windows 11 update, released Tuesday, offers a few small bug and compatibility fixes as well as a lighter taskbar. Oh, and there’s one small, tiny extra detail. A “small” number of Windows 11 users will now see “notifications” encouraging them to use other Microsoft products when clicking on the Windows Start Menu. Many Windows users are already decrying the change as just another way Microsoft is trying to shove more native ads into its operating system. Asinine.