It turns out that the storm of criticism Microsoft’s recently unveiled Recall feature has actually pushed Microsoft to change its mind and make some very significant changes to the feature. Today, after over a week of sustained criticism and worries, Redmond announced it’s going to implement Recall very differently. First and foremost, instead of Recall being enabled by default and only configurable after installation and the out-of-box experience, it will not be disabled by default, and the user will be prompted during the OOBE if they want to enable the feature or not. This in and of itself should alleviate quite a few worries, since having this on by default without most users really realising it was a recipe for disaster and privacy issues. Second, Recall will not be taking advantage of Windows Hello, and using Window Hello will be a requirement before you can use Recall. On op of that, Recall will use Windows Hello presence detection, so that it will only show any collected and saved data if you’re the one sitting behind the computer. It’s wild to me that they didn’t think of this one sooner, but alas – I have a feeling a lot of this “AI” stuff has been implemented in a bit of a hurry. Last but definitely not least, the Recall database, where information extracted from the screenshots is stored as well as the search index will now be properly encrypted. They will only be decrypted once the user in question is authenticated. Here, too, one really has to wonder why it wasn’t implemented this way from the very beginning, and the fact that it wasn’t makes me think we’ll be finding more questionable security and implementation details as the feature becomes widely available in a few weeks.
I bought a Topton GM1 Industrial Mini PC for my HomeLab. It is aimed at running Slackware Linux but I wanted to have a quick look at how well BSD OSes support it out-of-the-box. ↫ Joel Carnat That’s really all there’s to this story. I just really, really love tiny industrial and office computers and thin clients, and every time I see another one for sale I really have to stop myself from buying one I have absolutely no use for. There’s just something about how these little guys are built that speaks to me – they’re different than regular PCs, but only marginally so, making them fun to play around with, getting drivers for everything, seeing if Linux and BSD have any issues with it, and so on. They’re also often fanless, which is a major boon. The Dell thin client I wrote about last week has been run through a gauntlet of operating systems to see just how capable it is, and I’m surprise by just how much you can do even with a pedestrian Pentium Silver. For now it’s running Fedora GNOME to get an idea how the most default of default Linux environments performs and feels – so I can include it in future articles about it – but I think I’m going to set it up as a retrogaming console using Batocera. Industrial, office, and thin client computers are just fun to play around with, and they’re incredibly cheap when buying used. If things like a Raspberry Pi are hard to get, backordered, or overpriced due to demand outstripping supply, it’s definitely a good idea to see if you can find some cast-off thin client or whatever for your project instead.
Before PC users can enjoy everything Windows 11 has on tap, they must first enter an e-mail address that’s linked to a Microsoft account. If you don’t have one, you’ll be asked to create one before you can start setting it up. A frequently used trick to circumvent this block is a small but ingenious step. By entering a random e-mail address and password, which doesn’t exist and causes the link to fail, you end up directly with the creation of a local account and can thus avoid creating an official account with Microsoft. ↫ Laura Pippig at PCWorld Microsoft has now “fixed” this trick, and it’s no longer possible to use it. The other popular method of circumventing the Microsoft account requirement, by opening the command prompt during installation and running OOBE\BYPASSNRO, still works, but one has to wonder how long it’s going to take before Microsoft plugs that method, too. It seems the company is hell-bent on getting every consumer onto the Microsoft Account train, come hell or high water, so I wouldn’t be surprised seeing local accounts eventually being positioned as a “pro” or even “enterprise” feature that will simply no longer be available on consumer PCs. I don’t think there’s anything inherently wrong with offering an online account option, but the keyword here is option. You should always be able to set up any computer to run with a regular old local account, even if only because internet access isn’t always a given in many places around the world. Add the obvious privacy concerns to that – an issue amplified by Recall – and I doubt users’ desire to run a local account and jump through hoops to do so will fade any time soon.
As some of you will know, I recently started working on OSNews as my full-time job, and that means I sometimes need to be annoying and remind you all that I need your help in keeping the website going. Ad income has been going down the drain for years and years now, so your support is crucial in keeping OSNews online. We’ve been providing you with the latest technology news for over 25 years now, and I’d really like to keep things going for another 25 years. So, how can you help? You can become an OSNews Patreon, which will remove ads from OSNews, and give you a little bit of flair on every comment you post to show off that you support us. We offer three pricing tiers with an increasing level of prominence for your flair, with the highest tier giving you the option of choosing your own flair to really show off to your fellow readers and commenters that you are just a little bit more equal than everyone else. You can also make individual donations through Ko-Fi. Since I really need to replace the monitor of my OSNews workstation – after eight years of loyal use, the cheap monitor is started to show ghosting and flickering, and I feel like it could give out at any moment – I’ve set a goal on Ko-Fi for this very purpose. I don’t expect this goal to be met any time soon, but it’s a nice target to aim for and look forward to. I intend to replace the old 4K display with the cheapest 4K/144Hz panel I can find here in Sweden, but since that will most likely be unrealistic price-wise, the goal is rooted more in aspiration than reality. There are other ways to support us too – you can make a donation through Liberapay, or go to our merch store and buy T-shirts, mugs, and other cool items. The ultimate goal that I’m working towards is to eventually be able to offer ad-free by default, fully supported by you, our generous readers. This is a long-term goal and not something we’ll achieve overnight, but I want to maintain OSNews’ independence at all costs. Virtually every other technology news site you visit is part of a major media empire, such as The Verge or Ars Technica, with huge amounts of staff and massive funds backing them – and all the questionable relationships between writers and the technology companies that entails. Add to it the rise of artificial intelligence and the negative consequences that’s going to have, and the need for independent, reader-funded technology websites is greater than ever. That being said, we will not be gating content behind paywalls, so even if you cannot or are unwilling to support us, you will still get all the same content as everyone else. As such, supporting OSNews financially is entirely optional, and will not degrade your experience in any way. Still, OSNews’ continued existence is entirely dependent on me being able to generate enough income through it, so while you do not have to support us, it’s definitely needed.
I’ve barely scratched the surface, but there’s enough here for me to seriously consider a switch to it as my primary Linux distro for testing and servers. I love that htop(1) and lsof(1) only shows a small list of recognisable processes, that it uses OpenRC, that package management seems straight forward, and that it’s so simple to configure. I’ve wondered what a modern, functional “Occam’s Linux” would look like. This is it. ↫ Ruben Schade Alpine is very popular among people inclined towards BSD, but who still want to run Linux as well – and it’s easy to see why when you try it out or read about it. This article is a good jumping-off point for those of you curious about Alpine.
You know what could really use a dose of “AI”? Your BIOS. aiBIOS leverages an LLM to integrate AI capabilities into Insyde Software’s flagship firmware solution, InsydeH2O® UEFI BIOS. It provides the ability to interpret the PC user’s request, analyze their specific hardware, and parse through the LLM’s extensive knowledge base of BIOS and computer terminology to make the appropriate changes to the BIOS Setup. This breakthrough technology helps address a major hurdle for PC users that require or desire changes to their BIOS Setup for their personal computers but do not fully understand the meaning of the settings available to them. ↫ Insyde press release Google told users to put glue on pizzas and eat rocks, so I’m sure the combined efforts of a BIOS maker will surely not pose any problems when automatically changing BIOS settings based on the requests of users who do not really understand what they’re doing. This surely is a recipe for success, and I can’t wait to tell my BIOS to enable XMP, only for it to disable hyperthreading, change the boot order to only allow booting from the non-existent floppy drive, and to force the use of the integrated GPU when I’m actually using a dedicated one. This is going to be just fine.
Starlark is a small programming language, designed as a simple dialect of Python and intended primarily for embedded use in applications. Some people might say it’s a bit like Lua with Python syntax, but I think there are many interesting bits to discuss. The language is now open-source and used in many other applications and companies. As I led the design and implementation of Starlark, I’d like to write a bit more about it. ↫ Laurent Le Brun I’m sure there’s a few among you will like this.
The short version is this: In its current form, Recall takes screenshots and uses OCR to grab the information on your screen; it then writes the contents of windows plus records of different user interactions in a locally stored SQLite database to track your activity. Data is stored on a per-app basis, presumably to make it easier for Microsoft’s app-exclusion feature to work. Beaumont says “several days” of data amounted to a database around 90KB in size. In our usage, screenshots taken by Recall on a PC with a 2560×1440 screen come in at 500KB or 600KB apiece (Recall saves screenshots at your PC’s native resolution, minus the taskbar area). Recall works locally thanks to Azure AI code that runs on your device, and it works without Internet connectivity and without a Microsoft account. Data is encrypted at rest, sort of, at least insofar as your entire drive is generally encrypted when your PC is either signed into a Microsoft account or has Bitlocker turned on. But in its current form, Beaumont says Recall has “gaps you can drive a plane through” that make it trivially easy to grab and scan through a user’s Recall database if you either (1) have local access to the machine and can log into any account (not just the account of the user whose database you’re trying to see), or (2) are using a PC infected with some kind of info-stealer virus that can quickly transfer the SQLite database to another system. ↫ Andrew Cunningham at Ars Technica It really does seem Recall is kind of a mess in the security department, and it has a certain rushed quality about it. All the screenshots are saved in an AppData folder, and data pulled from those screenshots is stored in a local SQLite database that happens to be entirely unencrypted. TotalRecall, a tool developed by Alexander Hagenah, will neatly pull the data from Recall for you without any hassle or issues. This truly is a security nightmare. Aside from all the obvious issues this presents, such as making it even easier for law enforcement to gain access to pretty much everything you do online, something especially troubling for minorities or in countries with less-than-stellar police departments, Recall also presents a whole host of other problems. Imagine being in an abusive relationship, and the abusive partner demanding Recall be left on at all times to exert even more control. Imagine an unscrupulous employee abusing Recall to steal sensitive information from a company for a competitor. Imagine living in some backwards part of a country with controlling religious parents, and you happen to be gay. The problems here are endless. The fact you can turn Recall off doesn’t mean much, since in the above examples, turning it off is not an option since there are controlling people involved who will demand you keep it on. Browser history and other forms of history in your computer exist as well, of course, but they’re not always as easy to parse, they’re easier to manipulate, sanitise, and temporarily hide. Recall just combines all of this and puts a neat little bow on it, ready to be abused by anyone with bad intentions. Recall is ill-conceived, badly implemented, and a solution looking for a problem, that in an of itself creates tons of other problems. I hope Microsoft reconsiders, but in a world where “AI” makes investors go nuts, I doubt we’ll see a sudden sense of clarity coming out of Redmond.
OpenAI’s efforts to produce less factually false output from its ChatGPT chatbot are not enough to ensure full compliance with European Union data rules, a task force at the EU’s privacy watchdog said. “Although the measures taken in order to comply with the transparency principle are beneficial to avoid misinterpretation of the output of ChatGPT, they are not sufficient to comply with the data accuracy principle,” the task force said in a report released on its website on Friday. ↫ Tassilo Hummel at Reuters I’m glad at least some authorities are taking the wildly inaccurate nonsense outputs of many “AI” tools seriously. I’m not entirely sure when a tool like ChatGPT can be considered “accurate”, but whatever it is now, is not it.
GNU Nano, by far my favourite text editor when using the command line, released version 8.0 recently – and by recently I mean a month ago – and in it, there’s a pretty interesting additional feature that should make using Nano a little bit more straightforward for those not used to its key combinations. Command-line option –modernbindings (-/) makes ^Q quit, ^X cut, ^C copy, ^V paste, ^Z undo, ^Y redo, ^O open a file, ^W write a file, ^R replace, ^G find again, ^D find again backwards, ^A set the mark, ^T jump to a line, ^P show the position, and ^E execute. ↫ GNU Nano’s news page Basically, this option makes Nano’s key bindings a bit more in line with what you might expect as someone coming from a graphical environment. Of course, Nano’s keybindings are listed at the bottom of its user interface, but it’s still nice to have the option of making them more in line with the wider computing world. Instead of using the command-line option, you can also change the name of Nano’s executable, or a symlink to it, to start with “e”.
Remember when I said the honeymoon with AMD’s consumer-friendly chipset and socket support policy would eventually end? Well, while this is not exactly that, it will make a lot of people very unhappy. While AMD, as does any other company, was boastful about its product touting the 16% IPC boost on Zen 5 and the big AI performance leap delivering up to 50 TOPS on the NPU side, an interesting drawback of the Ryzen AI 300 series that has managed to avoid getting media attention is the lack of support for Windows 10. While this was just an unconfirmed rumour last month even though it was suggested by a supposed Lenovo China manager, we have now got confirmation from AMD itself that the report, that Strix point and newer CPUs and APUs will not support Windows 10 is true. ↫ Sayan Sen at NeoWin Official support for Windows 10 is ending next year, so there is some reason to AMD’s madness, but at the same time, almost 70% of Windows users are currently using Windows 10, and leaving those users behind might not be the best idea AMD ever had. There is an argument to be made that at least a reasonable number of these people are still using Windows 10 not out of their own volition, but because of Microsoft’s strict hardware requirements, and as such, anyone buying a new AMD machine will just opt for the latest version of Windows out of habit, but I still think there’s a sizable contingent of people who actively choose Windows 10 over 11 for a whole host of reasons. On a strongly related note, despite 2025 marking the end of regular support for Windows 10, Microsoft yesterday announced it’s expanding the the number of Insider channels for new Windows 10 features from one to two, adding a Beta tier below the existing Release Preview tier. Microsoft, too, will have to come to terms with the fact that with 70% of Windows users using Windows 10, they might not even be able to drop support for the operating system as early as next year. While this 70% number will surely slowly decrease over the next 12 months, with many people simply being unable to upgrade due to hardware limitations, I have a suspicion we might see an extension on that 2025 date.
A new point release in the FreeBSD 14 series – the first one, in fact, not counting 14.0. FreeBSD 14.1 adds SIMD implementations of string and memory operations on amd64 in the C library to improve performance, improvements to the sound system, such as device hotplug support, and the latest versions of OpenZFS, clang/llvm, and OpenSSH. FreeBSD 14.0 users can just upgrade to FreeBSD 14.1, or you can do a fresh install, of course.
Hot on the heels of AMD, here’s Intel’s next-generation processor, this time for the laptop market. Overall, Lunar Lake represents their second generation of disaggregated SoC architecture for the mobile market, replacing the Meteor Lake architecture in the lower-end space. At this time, Intel has disclosed that it uses a 4P+4E (8 core) design, with hyper-threading/SMT disabled, so the total thread count supported by the processor is simply the number of CPU cores, e.g., 4P+4E/8T. ↫ Gavin Bonshor at AnandTech The most significant change in Lunar Lake, however, has nothing to do with IPC improvements, core counts, or power usage. No, the massive sea change here is that Lunar Lake will do away with separate memory sticks, instead opting for on-die memory at a maximum of 32GB LPDDR5X. This is very similar to how Apple packages its memory on the M dies, and yes, this also means that as far as thin Intel laptops go, you’ll no longer be able to upgrade your memory after purchase. You choose your desired amount of memory at purchase, and that’s what you’ll be stuck with. Buyer beware, I suppose. We can only hope Intel isn’t going to default to 8GB.
About a week ago, there has been a little addition to the 3dbrew wiki page about 3DS cartridges (carts) that outlines the technical details of how the 3DS cartridge controller and a 3DS cartridge talk to each other. I would like to take this opportunity to also include the 3DS itself in the conversation to illuminate which part of which device performs which step. I will then proceed to outline where I think the corresponding design decisions originate. Finally, I will conclude with some concrete ideas for improvement. ↫ Forbidden Tempura Everything you ever wanted to know about 3DS cartridges and how they interact with the 3DS.
We’ve got some possibly sad, possibly great news. Today, Andreas Kling, the amazing developer who started SerenityOS as a way to regain a sense or normalcy after completing his drug rehab program, has announced he’s stepping down as the ‘big dictator for life’ of the SerenityOS project, handing leadership over the maintainer group. The other half of the coin, however, is that Kling will officially fork Ladybird, the cross-platform web browser that originated as part of SerenityOS, turning it into a proper, separate project. Personally, for the past two years, I’ve been almost entirely focused on Ladybird, a new web browser that started as a simple HTML viewer for SerenityOS. When Ladybird became a cross-platform project in 2022, I switched all my attention to the Linux version, as testing on Linux was much easier and didn’t require booting into SerenityOS. Time flew by, and now I can’t remember the last time I worked on something in SerenityOS that wasn’t related to Ladybird. ↫ Andreas Kling If you know a little bit about Kling’s career, it’s not entirely surprising that his heart lies with working on a browser engine. He originally worked at Nokia, and then at Apple in San Francisco on WebKit, and there’s most likely some code that he’s written in the browser you’re using right now (except, perhaps, for us Firefox users). As such, it makes sense that once Ladybird grew into something more than just a simple HTML viewer, he’d be focusing on it a lot. As part of the fork, Ladybird will focus entirely on Linux and macOS, and drop SerenityOS as a target. This may seem weird at first, but this is an entirely amicable and planned step, as this allows Ladybird to adopt, use, and integrate third party code, something SerenityOS does not allow. In addition, many of these open source projects Ladybird couldn’t really use anyway because they simply didn’t exist for SerenityOS in the first place. This decision creates a lot of breathing room and flexibility for both projects. Ladybird was getting a lot of attention from outside of SerenityOS circles, from large donations to code contributions. I’m not entirely surprised by this step, and I really hope it’s going to be the beginning of something great. We really need new and competitive browser engines to push the web forward, and alongside Servo, it now seems Ladybird has also picked up the baton. What this will mean for SerenityOS remains to be seen. As Kling said, he hasn’t really been involved with SerenityOS outside of Ladybird work for two years now, so it seems the rest of the contributors were already doing a lot of the heavy lifting. I hope this doesn’t mean the project will peter out, since it has a certain flair few other operating systems have.
Another month, another Redox progress report. The Rust-based operating system, headed by system76 engineer Jeremy Soller, has made a big move by replacing Redox’ Orbital file manager, text editor and terminal by their COSMIC counterparts, COSMIC Files, COSMIC Editor and COSMIC Terminal, in the default Redox installation. COSMIC is the Rust-based desktop environment system76 is currently developing for their Linux distribution, Pop!_OS. You really have to start wondering what the long-term goals for Redox really are here. I’m not saying they’re intending to replace Linux with it – that’d be suicide – but the steady progress towards a general purpose operating system is undeniable.
There’s no denying that not everyone is happy with the state of the GTK world, and I, too, have argued that GNOME’s massive presence and seeming unwillingness to cooperate with or even consider the existence of other GTK-based desktop environments is doing real, measurable harm to the likes of Xfce, Cinnamon, and others. A major root cause is a feeling that GTK is nothing but a vessel for GNOME, and that the project doesn’t really seem to care much about anyone else. GNOME Foundation member and all-round very kind person Hari Rana, also known as TheEvilSkeleton, penned a blog post highlighting the other side of the story. In essence, what it comes down to, according to Rana, is that it’s better for everyone if GNOME-specific widgets are moved out of GTK, and into something else – first libhandy, and now its succesor libadwaita, splitting the toolkit (GTK) from the design language (libadwaita). This allows GNOME developers to focus on, well, GNOME, and frees up time for GTK developers to focus on generic widgets that aren’t specific to GNOME. Thanks to the removal of GNOME widgets from GTK 4, GTK developers can continue to work on general-purpose widgets, without being influenced or restricted in any way by the GNOME HIG. Developers of cross-platform GTK 3 apps that rely exclusively on general-purpose widgets can be more confident that GTK 4 won’t remove these widgets, and hopefully enjoy the benefits that GTK 4 offers. ↫ Hari Rana From a GNOME standpoint, this makes perfect sense, and I can obviously see the benefits for them. However, what this entire post seems to ignore is that the main effect of the split between GTK 4 and libadwaita is that various GTK applications, now targeting libadwaita because of GNOME’s immense popularity, simply no longer integrate very well with other desktops, like Xfce or Cinnamon. GNOME is, of course, under no obligation to remedy this situation, but at the very least they could acknowledge this is a very real problem that their fellow developers working on Xfce, Cinnamon, MATE, and others, have to deal with. It works the other way around too. Developers targeting the Linux desktop, where GNOME is more or less the default, have to choose between making a GTK application that integrates well with GNOME by opting for libadwaita and leaving non-GNOME users with a crappy experience, or opting for ‘pure’ GTK 4 and leaving GNOME users with a worse experience. Neither option is good for the Linux desktop as a whole. The very real ripple effects of GNOME’s choices regarding GTK and libadwaita are seemingly being stubbornly ignored, neglected, and often not even acknowledged at all, and it’s no surprise this creates an immense amount of friction in the wider desktop Linux community. It just feels smug and careless, and of course that’s going to rub people the wrong way- regardless of the purity of your intentions.
In regards to performance, AMD is touting an average (geomean) IPC increase in desktop workloads for Zen 5 of 16%. And with the new desktop Ryzen chips’ turbo clockspeeds remaining largely identical to their Ryzen 7000 predecessors, this should translate into similar performance expectations for the new chips. The AMD Ryzen 9000 series will also launch on the AM5 socket, which debuted with AMD’s Ryzen 7000 series and marks AMD’s commitment to socket/platform longevity. Along with the Ryzen 9000 series will come a pair of new high-performance chipsets: the X870E (Extreme) and the regular X870 chipsets. The fundamental features that vendors will integrate into their specific motherboards remain tight-lipped. Still, we do know that USB 4.0 ports are standard on the X870E/X870 boards, along with PCIe 5.0 for both PCIe graphics and NVMe storage, with higher AMD EXPO memory profile support expected than previous generations. ↫ Gavin Bonshor at AnandTech I absolutely love that AMD maintains compatibility with its chipset and socket generations as well as it does. I’m currently running a Ryzen 9 7900X, and I see no reason to upgrade any time soon, but it’s good to know I’ll at least have otions once the time comes. Compare this to Intel, which broke compatibility pretty much intentionally almost every generation for years now, and this is a huge win for consumers. Of course, as AMD regains more and more of its foothold across the market, it will eventually also resort to the kind of tactics Intel has been using while it pretty much had the market to itself. It’s only a matter of time before we’ll see the first new Ryzen generation that mysteriously requires a new socket or chipset out of the blue.
Tock is an embedded operating system designed for running multiple concurrent, mutually distrustful applications on Cortex-M and RISC-V based embedded platforms. Tock’s design centers around protection, both from potentially malicious applications and from device drivers. Tock uses two mechanisms to protect different components of the operating system. First, the kernel and device drivers are written in Rust, a systems programming language that provides compile-time memory safety and type safety. Tock uses Rust to protect the kernel (e.g. the scheduler and hardware abstraction layer) from platform specific device drivers as well as isolate device drivers from each other. Second, Tock uses memory protection units to isolate applications from each other and the kernel. ↫ Tock GitHub page We’ve never featured Tock on OSNews before, as far as I can tell, which seems odd considering it’s been around for a while. The most recent release stems from January 2023, so a short while ago, but that’s not too surprising considering the target audience of this embedded operating system. It’s licensed under either Apache or MIT.
The act of discarding a message that does not exist must therefore do one of two things. It may cause the message contents to also cease to exist. Alternately, it might not affect the existence but only the accessibility of message contents. Perhaps they continue to exist, but discarding the message (which already did not exist) causes the copy operation to cease being invokable on the message contents (even though they do continue to exist). The story of existence has many mysteries. ↫ Mark J. Nelson The one question that can really break my brain in a way that is feels like it’s physically hurting – which it can’t, because, fun fact, there’s no pain receptors in the brain – is the question what exists outside of the universe? Any answer you can come up with just leads to more questions which just lead to more questions, in an infinite loop of possible answers and questions that the human mind is not equipped to grasp. Anyway, it turns out using Outook can lead to the same existential crises.
