Why does trying to break into the NT 3.1 kernel reboot my 486DX4 machine?

While installing Windows NT 3.1 worked perfectly, I really like to tinker with my retro stuff. The Windows NT 3.1 CD comes with the full set of debugging symbols, I’m curious into investigating why NetDDE throws an error into the event log, and the system crashes with a specific EISA ethernet card (which might be due to faulty hardware), so I decided to dive into kernel debugging. Setting up kernel debugging is straight-forward, once you realize you should use the i386kd executable supplied with Windows NT 3.1 instead of kd/ntkd from the current Windows 10 develepmont kit. As soon as I want to break in (using Ctrl-C in i386kd), the target machine reboots instead of providing a kd> prompt. Such an obscure question and bug, and yet, there’s someone providing a detailed answer – and a fix.

University banned from contributing to Linux kernel after intentionally submitting vulnerable code

A statement from the University of Minnesota Department of Computer Science & Engineering: Leadership in the University of Minnesota Department of Computer Science & Engineering learned today about the details of research being conducted by one of its faculty members and graduate students into the security of the Linux Kernel. The research method used raised serious concerns in the Linux Kernel community and, as of today, this has resulted in the University being banned from contributing to the Linux Kernel. We take this situation extremely seriously. We have immediately suspended this line of research. We will investigate the research method and the process by which this research method was approved, determine appropriate remedial action, and safeguard against future issues, if needed. We will report our findings back to the community as soon as practical. This story is crazy. It turns out researchers from the University of Minnesota were intentionally trying to introduce vulnerabilities into the Linux kernel as part of some research study. This was, of course, discovered, and kernel maintainer Greg Kroah-Hartman immediately banned the entire university from submitting any code to the Linux kernel. Replying to the researcher in question, Kroah-Hartman wrote: You, and your group, have publicly admitted to sending known-buggy patches to see how the kernel community would react to them, and published a paper based on that work. Now you submit a new series of obviously-incorrect patches again, so what am I supposed to think of such a thing? They obviously were _NOT_ created by a static analysis tool that is of any intelligence, as they all are the result of totally different patterns, and all of which are obviously not even fixing anything at all. So what am I supposed to think here, other than that you and your group are continuing to experiment on the kernel community developers by sending such nonsense patches? Our community does not appreciate being experimented on, and being “tested” by submitting known patches that are either do nothing on purpose, or introduce bugs on purpose. If you wish to do work like this, I suggest you find a different community to run your experiments on, you are not welcome here. Because of this, I will now have to ban all future contributions from your University and rip out your previous contributions, as they were obviously submitted in bad-faith with the intent to cause problems. This is obviously the only correct course of action, and the swift response by the university is the right one.

GUI app support is now available for the Windows Subsystem for Linux

WSL lets you run a Linux environment, and up until this point has focused on enabling command line tools utilities and applications. GUI app support now lets you use your favorite Linux GUI applications as well. WSL is used in a wide variety of applications, workloads, and use cases, so ultimately, it’s up to you on what you’d like to use GUI app support for. Useful for developers who target multiple platforms.

WinGet is terrible. I want AppGet back.

It’s a year later and we can now safely conclude that WinGet is terrible. It calls itself a package manager, but it doesn’t really manage packages: it can only install them. With AppGet you could actually manage your software. If it got outdated, you could update it. If you no longer wanted it, you can uninstall it. WinGet doesn’t do that. It just downloads software and installs it. For months there’s been “experimental” support for the most important feature of a package manager: upgrades. It just doesn’t work. Sure, it will download the updates. It’ll even pretend to install them. And if you run it again, it will do it all over again for the same packages. It’s pointless. It just pretends to upgrade software, just like it pretends to be a package manager. One of the main reasons I use Linux is just how insanely superior installing and managing applications is on Linux compared to Windows and macOS. As a Linux Mint user, I’m part of the Debian ecosystem, meaning virtually every piece of Linux software comes packaged as a .deb (you’ll have a similar experience with e.g. RPM or Arch-based distributions), managed from one central place. I never have to think about how to install, update, or remove an application. Windows and macOS have various different methods of installing, updating, and removing applications, and many of these methods leave files all over the place. On both Windows and macOS, you have to deal with individual per-app update tools, application stores, downloading individual updates from the web, using tacked-on, always-breaking ports systems, and it’s up to you to remember how, exactly, each application handles its installation, update, and removal procedures. WinGet is just another mess to add to the giant pile of garbage that is managing applications on Windows.

Apple announces new iMac with M1 chip and seven color options

Apple has announced a new, redesigned 24-inch iMac, featuring an M1 chip, a 4.5K display, and a range of color options, as well as an improved cooling system, front-facing camera, speaker system, microphones, power connector, and peripherals. These look pretty good, but they come with the same limitations as all the other identical M1 Macs – 8 GB of RAM standard with a maximum of a mere 16 GB, lacklustre graphics chip, no high refresh rate displays (in 2021!), barely any ports, zero expandability, and Linux/BSD support will always remain problematic and years behind the curve. Good processor, but at what cost?

Power consumption of Game Boy flash cartridges

In order to research the topic, I tested the power consumption of several commonly available flash carts and some of my own designs. In this blog post I intend to show that there is more variation in flash cart power consumption than people might think, and a flash cart can even be more power efficient than a genuine cart! Everything you ever wanted to know about the power consumption of Game Boy cartridges.

Discord will block NSFW servers on iOS

Entire servers can now be marked as NSFW if their community “is organized around NSFW themes or if the majority of the server’s content is 18+.” This label will be a requirement going forward, and Discord will proactively mark servers as NSFW if they fail to self-identify. Discord previously allowed individual channels to be marked as NSFW and age-gated. The NSFW marker does two things. First, it prevents anyone under the age of 18 from joining. But the bigger limitation is that it prevents NSFW servers from being accessed on iOS devices — a significant restriction that’s almost certainly meant to cater to Apple’s strict and often prudish rules around nudity in services distributed through the App Store. Tumblr infamously wiped porn from its entire platform in order to come into compliance with Apple’s rules. There’s two things happening here. There’s the tighter restrictions by Discord, which I think are reasonable – you don’t want minors or adults who simply aren’t interested in rowdier conversations to accidentally walk into channels where people are discussing sex, nudity, or porn. Labeling these channels as such is, while not a panacea, an understandable move, also from a legal standpoint. I still think sex and nudity are far, far, far less damaging or worrisome than the insane amounts of brutal violence children get exposed to in movies, TV series, games, and the evening news, but I understand American culture sees these things differently. Then there’s Apple’s demands placed on Discord. This is an absolutely bizarre move by Apple on so many levels. First, the line between porn and mere nudity is often vague and nebulous, such as in paintings or others forms of art. This could be hugely impactful to art communities sharing the things they work on. Second, Discord is primarily a platform for close-knit groups of friends, and if everyone in your friend group is over 18, there’s going to be discussions and talk about sex, nudity, porn, and other things adults tend to talk about from time to time, just as there are in real life. None of these two – art and casual conversation – are criminal, bad, or negative in any way. And third, and this is the big one, these restrictions Apple is placing on Discord do not apply to Apple’s own applications. iMessage serves much the same function as Discord does, yet there’s no NSFW markers, 18+ warnings, or bans on such content on iMessage. Other platforms, such as Facebook, Twitter, and the damn web through Safari, provide access to far vaster collections of the most degenerate pornography mankind ever wrought, and yet, Apple isn’t banning them either. This just goes to show that, once again, that iPhone isn’t really yours. Apple decides how you get to use it, and you’re merely along for the $1000 ride. Android may have its problems, but at least I don’t have Tim Cook peeping over my shoulder to see if I’m looking at something he deems lewd.

US House committee approves blueprint for big tech crackdown

The U.S. House of Representatives Judiciary Committee formally approved a report accusing Big Tech companies of buying or crushing smaller firms, Representative David Cicilline’s office said in a statement on Thursday. With the approval during a marathon, partisan hearing, the more than 400-page staff report will become an official committee report, and the blueprint for legislation to rein in the market power of the likes of Alphabet Inc’s Google, Apple Inc, Amazon.com Inc and Facebook Inc. This could be potentially really good news, but let’s just say that US Congress hasn’t exactly been the most reliable governmental body, so I won’t cheer until Biden signs a dotted line.

FrogFind: the search engine for vintage computers

The search functionality of FrogFind is basically a custom wrapper for DuckDuckGo search, converting the results to extremely basic HTML that old browsers can read. When clicking through to pages from search results, those pages are processed through a PHP port of Mozilla’s Readability, which is what powers Firefox’s reader mode. I then further strip down the results to be as basic HTML as possible. FrogFind is a clever and incredibly useful search engine if you like to play around with old, outdated hardware with terrible browsers. It makes a lot of the web accessible, fast, and usable on my old Palm devices, for instance, but truly anything that at least has a browser should work just fine. There are quite a few old and unmaintained platforms out there that cannot access the current web anymore, but tools like FrogFind address this problem in a very usable way. It’s the creation of YouTuber ActionRetro, an excellent YouTube channel with tons of awesome vintage Mac (and other platforms) content.

System76 and Pop!_OS to build GNOME-based desktop environment

We’re providing a honed desktop user experience in Pop!_OS through our GNOME-based desktop environment: COSMIC. It’s a refined solution that makes the desktop easier to use, yet more powerful and efficient for our users through customization. The new designs are developed from extensive testing and user feedback since the Pop!_OS 20.04 release, and are currently being further refined in their testing phase. As we finalize these new designs, read on for some preliminary info on a few of the major changes COSMIC brings to Pop!_OS. With some users deeply unsatisfied with GNOME 40, it makes sense for System76 to make this move now. One of the most basic changes in COSMIC compared to regular GNOME is that it will come with a dock – one of the most popular GNOME extensions. The fact you have to go into a special overview mode just to deal with running applications has always been a headscratcher to me and many others, and if System76 can do a good job listening to community input, this could be a real winner.

The simplicity of making Librem 5 apps

Getting started with developing applications for a mobile platform can be a challenging task, especially when it comes to building and testing the application on the mobile device itself. The Librem 5 makes its application development workflow extremely simple. Among other things, you can develop applications on-device, which is something sorely missing from other platforms.

Was the NE2000 really that bad?

Over the last few months I have been on and off digging into the history of early PC networking products, especially Ethernet-based ones. In that context, it is impossible to miss the classic NE2000 adapter with all its offshoots and clones. Especially in the Linux community, the NE2000 seems to have had rather bad reputation that was in part understandable but in part based on claims that simply make no sense upon closer examination. A deep dive into this very popular and widespread NE2000 adapter.

FreeBSD/arm64 becoming Tier 1 in FreeBSD 13

FreeBSD will promote arm64 to a Tier 1 architecture in FreeBSD 13. This means we will provide release images, binary packages, and security and errata updates. While we anticipate there will be minor issues with this first release, we believe the port is mature enough that they can be resolved during the life of FreeBSD 13. Maybe not massively relevant right now, but with Arm making its way into both servers and desktops, this is some good future-proofing for FreeBSD.

X.Org Server Git lands support for hardware-accelerated XWayland with NVIDIA

The NVIDIA-led work to allow XWayland OpenGL and Vulkan acceleration with their proprietary driver has just been merged into X.Org Server Git. The XWayland changes needed to allow the NVIDIA proprietary driver to work in an accelerated manner have landed in X.Org Server 1.21 Git. The main change is xwayland: implement pixmap_from_buffers for the eglstream backend that was merged just a few minutes ago. NVIDIA is a big blocker for Wayland, so any steps forward are good steps – even if it takes a while before this code ends up on our desktops.

IBM COBOL for Linux on x86 1.1 brings COBOL capabilities to Linux

COBOL for Linux on x86 1.1 is the latest addition to the IBM COBOL compiler family, which includes Enterprise COBOL for z/OS and COBOL for AIX. COBOL for Linux on x86 is a productive and powerful development environment for building and modernizing COBOL applications. It includes an optimizing COBOL compiler and a COBOL runtime library. COBOL for Linux on x86 is based on the same advanced optimization technology as Enterprise COBOL for z/OS. It offers both performance and programming capabilities for developing business critical COBOL applications for Linux on x86 systems. COBOL for Linux on x86 is designed to support clients on their journey to the cloud. It enables clients to strategically deploy business-critical applications written in COBOL to a hybrid cloud environment or best-fit platforms, which includes IBM Z (z/OS), IBM Power Systems (AIX), and x86 (Linux) platforms. As I understand it, there’s still a lot of COBOL code all over the industry, so it makes sense for IBM to make its COBOL technologies available to more people.

A bit of XENIX history

An old post from 2014. From 1986 to 1989, I worked in the Xenix group at Microsoft. It was my first job out of school, and I was the most junior person on the team. I was hopelessly naive, inexperienced, generally clueless, and borderline incompetent, but my coworkers were kind, supportive and enormously forgiving – just a lovely bunch of folks. Microsoft decided to exit the Xenix business in 1989, but before the group was dispersed to the winds, we held a wake. Many of the old hands at MS had worked on Xenix at some point, so the party was filled with much of the senior development staff from across the company. There was cake, beer, and nostalgia; stories were told, most of which I can’t repeat. Some of the longer-serving folks dug through their files to find particularly amusing Xenix-related documents, and they were copied and distributed to the attendees. These are kinds of stories that need to be written down for posterity, of we risk losing a lot of valuable information and backstories to some of the less successful technology products of our time.

Rust in the Android platform

Correctness of code in the Android platform is a top priority for the security, stability, and quality of each Android release. Memory safety bugs in C and C++ continue to be the most-difficult-to-address source of incorrectness. We invest a great deal of effort and resources into detecting, fixing, and mitigating this class of bugs, and these efforts are effective in preventing a large number of bugs from making it into Android releases. Yet in spite of these efforts, memory safety bugs continue to be a top contributor of stability issues, and consistently represent ~70% of Android’s high severity security vulnerabilities. In addition to ongoing and upcoming efforts to improve detection of memory bugs, we are ramping up efforts to prevent them in the first place. Memory-safe languages are the most cost-effective means for preventing memory bugs. In addition to memory-safe languages like Kotlin and Java, we’re excited to announce that the Android Open Source Project (AOSP) now supports the Rust programming language for developing the OS itself. Rust is popping up everywhere.

Signal embeds shady cryptocurrency in its service

Many technologists viscerally felt yesterday’s announcement as a punch to the gut when we heard that the Signal messaging app was bundling an embedded cryptocurrency. This news really cut to heart of what many technologists have felt before when we as loyal users have been exploited and betrayed by corporations, but this time it felt much deeper because it introduced a conflict of interest from our fellow technologists that we truly believed were advancing a cause many of us also believed in. So many of us have spent significant time and social capital moving our friends and family away from the exploitative data siphon platforms that Facebook et al offer, and on to Signal in the hopes of breaking the cycle of commercial exploitation of our online relationships. And some of us feel used. Signal users are overwhelmingly tech savvy consumers and we’re not idiots. Do they think we don’t see through the thinly veiled pump and dump scheme that’s proposed? It’s an old scam with a new face. Allegedly the controlling entity prints 250 million units of some artificially scarce trashcoin called MOB (coincidence?) of which the issuing organization controls 85% of the supply. This token then floats on a shady offshore cryptocurrency exchange hiding in the Cayman Islands or the Bahamas, where users can buy and exchange the token. The token is wash traded back and forth by insiders and the exchange itself to artificially pump up the price before it’s dumped on users in the UK to buy to allegedly use as “payments”. All of this while insiders are free to silently use information asymmetry to cash out on the influx of pumped hype-driven buys before the token crashes in value. Did I mention that the exchange that floats the token is the primary investor in the company itself, does anyone else see a major conflict of interest here? And there goes Signal, down the drain, throwing away all the goodwill it has managed to build up. Apparently, the donations they received from users weren’t enough, and it has to resort to shady schemes like these to keep the service running. I wasn’t using Signal to begin with, but this ensures I’m not touch it with a ten foot pole. As for cryptocurrency, a topic we effectively do not cover on OSNews – I’m not saying cryptocurrency is by definition shady, but let’s just say I don’t read many stories about cryptocurrency that instill me with any confidence in its trustworthiness and stability in any way, shape, or form. The technology in and of itself is cool, but what people are doing with it is, well, not.