The person doing that maintenance, as well as making sure that about 70 of the best known indie games from the same era keep running, is Ethan Lee. He’s not as well known as Fez’s developer Phil Fish, who was also the subject of the documentary Indie Game: The Movie, but this week Lee started publicly marketing the service he’s been quietly providing for over 11 years: maintenance of older games. Usually, when video game publishers talk about revisiting older games they talk about “remasters,” lavish reproductions that not only make them playable, but update their graphics or make them more modern in some way. Lee chose the word “maintenance” intentionally to describe what he does. Doing the lord’s work.
Enter the trustbusters, led by Senator John Sherman, author of the 1890 Sherman Act, America’s first antitrust law. In arguing for his bill, Sherman said to the Senate: “If we will not endure a King as a political power we should not endure a King over the production, transportation, and sale of the necessaries of life. If we would not submit to an emperor we should not submit to an autocrat of trade with power to prevent competition and to fix the price of any commodity.” In other words, when a company gained too much power, it became the same kind of kingly authority that the colonists overthrew in 1776. Government “by the people, of the people, and for the people” was incompatible with concentrated corporate power from companies so large that they were able to determine how people lived their lives, made their incomes, and structured their cities and towns. Break up big tech. Apple, Google, Amazon, Microsoft, Facebook – they need to be chopped up into smaller parts that need to compete with one another. The amount of life this will breathe into the economy, as well as the burst of innovation that it will cause, will do more for people’s lives than a trillion nonsense trickle-down policies that favour the rich and powerful.
We’ve got new merch! The first round of merch turned out to be more popular than I thought, so it’s time to shake things up a bit and get some fresh new stuff in the official OSNews merch store. Before we start, if you want the limited edition quote T-shirt or quote mug, you have to be quick – I’ll be removing them from the store somewhere in the coming days, and they’ll never come back. This is your last chance to show the world how awesome Eugenia is. The first new product is by popular demand – a mug with just the OSNews logo, no quote. There’s really nothing to add here – it’s a mug, it holds liquid. Go nuts. Second, I’ve added a few new colour options to the basic logo T-shirt: night sky navy, revolution red, and white sand. They look pretty great. And I saved the best for last: a brand new T-shirt and sweatshirt, with the ASCII OSNews logo I use for our Gemini capsule. Of course, it comes in the only valid colour combination: phosphor green on black. The Gemini T-shirt goes for the same price as the other T-shirts – $29.99 – and is also made of the same organic cotton as the others. The longsleeve Gemini Sweatshirt goes for $39.99, to maintain that roughly $8 of every product sold that goes to OSNews, and is made from an 80/20 ringspun cotton/polyester blend. If I may say so myself – I think these two terminal shirts look stunning, and I’m quite proud of how they turned out. And thanks to everyone who has already bought merch since we launched the store – it means the world to me!
SoftBank has been gearing up anchor investments in Arm Holdings among its clients and partners for months now (ahead of the upcoming IPO) and apparently Intel is among them. In a call for the Goldman Sachs Communacopia & Technology Conference, the head of the company’s foundry business unit confirmed that the chip giant has made an investment in Arm because its technology is strategically important for both Intel Foundry Services and Altera FPGA unit. This doesn’t seem to be an indicator Intel is interested in making ARM chips – it seems to have more to do with Intel becoming a fab for other companies’ ARM chips.
Do you need software and hardware accelerated graphics drivers for Windows 9x running inside a virtual machine? Well, here’s SoftGPU, which will give you just that in Bochs, VirtualBox, Qemu, or VMware, for Windows 95, 98, or ME. The Github page provides detailed instructions on setting up the optimal virtual machines, and information about what, exactly, each virtual machine and diver supports and doesn’t support. On top of that, there’s links to a number of YouTube videos showing the driver in action. Excellent work, and this will allow you to get the most out of your Windows 9x virtual machines.
What, you thought we were done with the operating systems written in Rust? Oh sweet summer child. rxv64 is a pedagogical operating system written in Rust that targets multiprocessor x86_64 machines. It is a reimplementation of the xv6 operating system from MIT. As a pedagogical system, it supports very little hardware other than the text-mode CGA device, serial port, PS/2 keyboard controller, and PCIe AHCI SATA storage devices. xv6, in turn, is a reimplementation of Sixth Edition UNIX in C for x86 and RISC-V, widely used in teaching operating systems courses at various universities.
In the recent past I have discussed the Book 8088 and the Hand 386, which are newly made vintage computing systems. I concluded that those products, although not uninteresting were rather flawed. The Book 8088 was by far the more disappointing of the two devices. I have also been made aware of a project which tries to fulfill a similar niche, the NuXT motherboard. The NuXT is an 8088-based motherboard you can buy brand new and can really fill that IBM PC-clone hole in your vintage collection. While I do not own one of these, I have read and seen enough about it to give my thoughts on whether this product would be right for you. The NuXT 2.0 looks like an incredible motherboard for fans of the original IBM PC and its clones – especially with the prices of working original machines going through the roof as supply dwindles and demand skyrockets.
As best I can tell, there is no broad consensus on how large a kilobyte is. Some say that a kilobyte is 1000 bytes while others say it’s 1024 bytes. Others are ambiguous. This also means that the industry does not agree on the size of megabytes, gigabytes, terabytes, and so on. Not entirely new information to most of us, I would presume, but in my head canon a kilobyte is 1024 bytes, even though that technically doesn’t make any sense from a metric perspective. To make matters worse, as soon as we get into the gigabytes and terabytes, I tend to back to thinking in terms of thousands again since it just makes more sense. The kibibytes and cohorts are a way to properly distance the base 2 system from the base 10 one, but I’ve never heard anyone in day-to-day speech make that distinctions outside of really nerdy circles.
Don’t let Chrome’s big redesign distract you from the fact that Chrome’s invasive new ad platform, ridiculously branded the “Privacy Sandbox,” is also getting a widespread rollout in Chrome today. If you haven’t been following this, this feature will track the web pages you visit and generate a list of advertising topics that it will share with web pages whenever they ask, and it’s built directly into the Chrome browser. It’s been in the news previously as “FLoC” and then the “Topics API,” and despite widespread opposition from just about every non-advertiser in the world, Google owns Chrome and is one of the world’s biggest advertising companies, so this is being railroaded into the production builds. Google seemingly knows this won’t be popular. Unlike the glitzy front-page Google blog post that the redesign got, the big ad platform launch announcement is tucked away on the privacysandbox.com page. The blog post says the ad platform is hitting “general availability” today, meaning it has rolled out to most Chrome users. This has been a long time coming, with the APIs rolling out about a month ago and a million incremental steps in the beta and dev builds, but now the deed is finally done. Don’t use Chrome or any of its derivatives. If you care about privacy and the open web, use Firefox or one of its even more privacy-conscious alternatives, such as LibreWolf. Chrome has always been deeply problematic, but with this ridiculous “Privacy Sandbox”, the browser has effectively become a tool to show you ads first, and a browse second. Mark my words – the total gutting of adblocking in Chrome is up next.
Created by Mozilla Research in 2012, the Servo project was the first major Rust codebase other than the compiler itself, and has since been a hallmark for experimental web engine design. Major components of Servo have been incorporated into the Firefox web browser, and several of its parsers and other lower-level libraries have become foundational to the Rust ecosystem. As a promising, modern, and open web engine for building applications and immersive experiences using web technologies, stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020. In 2023, Servo experienced renewed activity led by Igalia, a Linux Foundation Europe member that now has a team of engineers working on the project. Today we are pleased to announce that the Servo project has officially joined Linux Foundation Europe. I’m very curious to see where Servo goes in the future.
A month has passed since the last Plasma 6 status update, so it’s time for another one! First, what you’ve all been waiting for: a release date! We’ve decided that Plasma 6 will be released in early February of 2024. We don’t have a specific day targeted yet, but it’ll be in that timeframe. I’m feeling quite confident that the release will be in excellent shape by then! It’s already in good shape right now. 5 months should provide enough of a runway for a solid final release. Following the development of Plasma 6 has been an interesting ride, and it seems it’s in a good state – and these five months will make it even better.
Over the past few days, there have been a lot of reports in the media that the UK government was backing down from its requirement that every end-to-end encrypted messenger application inside the country had to give the government backdoor access to these messenger applications. However, after reading the actual words from the UK’s junior minister Stephen Parkinson, it seemed like all she did was give a “pinky promise!” not to enforce this requirement. The law itself did not change, is not changing, and will not change, and the requirement is still in there. Today, the UK’s technology minister Michelle Donelan made that even clearer than it already was. Donelan, however, denied on Thursday that the bill had been watered down in the final stages before it becomes law. “We haven’t changed the bill at all,” she told Times Radio. “If there was a situation where the mitigations that the social media providers are taking are not enough, and if after further work with the regulator they still can’t demonstrate that they can meet the requirements within the bill, then the conversation about technology around encryption takes place,” she said. This raises an interesting question – why was everyone so keen on pushing the narrative yesterday that the “technology sector” had won, and that the UK government had backed down? Well, Facebook and Apple have kind of talked themselves into a corner in response to the UK’s requirement for backdoor access to WhatsApp and iMessage. The two companies threatened they would pull these services out of the UK if the government didn’t remove this requirement. When it became clear that the UK government wasn’t going to back down, Facebook and Apple were going to lose a lot of face if they didn’t actually pull WhatsApp and iMessage out of the UK in response. They needed something to get them out of this. This vague pinky promise is all they needed. Now they can shit all over their supposed morals and values once again, completely abandon their grandstanding and promises about protecting end-to-end encryption in messaging, and continue to operate in the UK as if nothing has changed, despite them legally being obligated to break end-to-end encryption if the UK government asks them to – which they can now do whenever it pleases them. And entirely unsurprisingly, the general tech media, ever looking to please the corporations they are supposed to do the journalism stuff about, fell for it, hook, line, and sinker. The narrative that the UK backed down and Facebook and Google won is out there now, and that’s all the tech sector needed.
Based on Ubuntu Core’s FDE design, we have been working on bringing TPM-backed full disk encryption to classic Ubuntu Desktop systems as well, starting with Ubuntu 23.10 (Mantic Minotaur) – where it will be available as an experimental feature. This means that passphrases will no longer be needed on supported platforms, and that the secret used to decrypt the encrypted data will be protected by a TPM and recovered automatically only by early boot software that is authorised to access the data. Besides its usability improvements, TPM-backed FDE also protects its users from “evil maid” attacks that can take advantage of the lack of a way to authenticate the boot software, namely initrd, to end users. I’m not well-versed enough on this topic to make any meaningful comments, other than as long as it’s a choice presented to users, it seems like a good thing.
To address this customer concern, Microsoft is announcing our new Copilot Copyright Commitment. As customers ask whether they can use Microsoft’s Copilot services and the output they generate without worrying about copyright claims, we are providing a straightforward answer: yes, you can, and if you are challenged on copyright grounds, we will assume responsibility for the potential legal risks involved. This new commitment extends our existing intellectual property indemnity support to commercial Copilot services and builds on our previous AI Customer Commitments. Specifically, if a third party sues a commercial customer for copyright infringement for using Microsoft’s Copilots or the output they generate, we will defend the customer and pay the amount of any adverse judgments or settlements that result from the lawsuit, as long as the customer used the guardrails and content filters we have built into our products. Copilot is the biggest copyright infringement case in human history, but at the same time, it will be very difficult for the thousands and thousands of individual projects and developers on Github to fight Microsoft in court of this infringement. Microsoft knows nobody powerful enough to challenge them is going to sue them over this, so they can easily offer this indemnification.
ELKS is a project providing a Linux-like OS for systems based on the Intel IA16 architecture (16-bit processors: 8086, 8088, 80188, 80186, 80286, NEC V20, V30 and compatibles). Such systems are ancient computers (IBM-PC XT / AT and clones) as well as more recent SBCs, SoCs, and FPGAs. ELKS supports networking and installation to HDD using both MINIX and FAT file systems. Version 0.7.0 was recently released, and it includes support for several new systems, among which is the Book 8088, a recently released 8088 laptop from China that’s been making the rounds on YouTube. Of course, it also comes with a bunch of new commands and applications, like mail from MINIX, the visual file manager fm, and more, and the usual load of bug fixes.
Xcom is a crossplatform GUI system: a multi-windowed, multi-tasking environment. Xcom allows you to browse, copy, view and manage your files, start and stop programs, watch and listen basic media content and music. Unlike other windowing systems and protocols, it integrates the basic functionality as a monolithic, cohesive program. Xcom can run on top of various kernel, currently the DOS version is available publicly. Xcom is tiny in size, fast, doesn’t requires installation process. Xcom is hundreds of times faster and smaller than competitive systems – it requires only about 5 MBytes of disk space, and starts up within a few seconds. Xcom has a familiar appearance of classic operating system user interfaces. Xcom is a handy tool to keep it on your retro computer, it can work magnitudes faster than any other modern desktop environment, meanwhile the features are up-to date. Xcom has all the basic tools for browsing pictures, listening to music files, reading and writing text documents and drawing simple graphics. This is an interesting approach to developing a full… User interface? Operating environment? It currently is only available for DOS, but other systems should follow. It does have a few intrinsic limitations – since it’s entirely contained in one program, you can’t develop for this or create new applications, since it’s not a toolkit and doesn’t have a compiler or anything like that. It’s also not open source, and while that doesn’t mean it’s not good or not interesting, it does limit the interest this will gather in the wider community. Regardless, it looks great, and it’s clear a lot of work and love went into it.
We’ve come a long way since then, steadily retreating from openness & user control of devices, and shifting towards a far more locked-down vendor-controlled world. The next step of Android’s evolution is Android 14 (API v34, codename Upside-Down Cake) and it takes more steps down that path. In this new release, the restrictions around certificate authority (CA) certificates become significantly tighter, and appear to make it impossible to modify the set of trusted certificates at all, even on fully rooted devices. If you’re an Android developer, tester, reverse engineer, or anybody else interested in directly controlling who your device trusts, this is going to create some new challenges. The walls are slowly but surely closing in on Android.
On July 11, 2023, Microsoft published a blog post which details how the China-Based threat actor, Storm-0558, used an acquired Microsoft account (MSA) consumer key to forge tokens to access OWA and Outlook.com. Upon identifying that the threat actor had acquired the consumer key, Microsoft performed a comprehensive technical investigation into the acquisition of the Microsoft account consumer signing key, including how it was used to access enterprise email. Our technical investigation has concluded. As part of our commitment to transparency and trust, we are releasing our investigation findings. Our investigation found that a consumer signing system crash in April of 2021 resulted in a snapshot of the crashed process (“crash dump”). The crash dumps, which redact sensitive information, should not include the signing key. In this case, a race condition allowed the key to be present in the crash dump (this issue has been corrected). The key material’s presence in the crash dump was not detected by our systems (this issue has been corrected). We found that this crash dump, believed at the time not to contain key material, was subsequently moved from the isolated production network into our debugging environment on the internet connected corporate network. This is consistent with our standard debugging processes. Our credential scanning methods did not detect its presence (this issue has been corrected). After April 2021, when the key was leaked to the corporate environment in the crash dump, the Storm-0558 actor was able to successfully compromise a Microsoft engineer’s corporate account. This account had access to the debugging environment containing the crash dump which incorrectly contained the key. Due to log retention policies, we don’t have logs with specific evidence of this exfiltration by this actor, but this was the most probable mechanism by which the actor acquired the key. That is one hell of a unique string of unfortunate events.
Car makers have been bragging about their cars being “computers on wheels” for years to promote their advanced features. However, the conversation about what driving a computer means for its occupants’ privacy hasn’t really caught up. While we worried that our doorbells and watches that connect to the internet might be spying on us, car brands quietly entered the data business by turning their vehicles into powerful data-gobbling machines. Machines that, because of their all those brag-worthy bells and whistles, have an unmatched power to watch, listen, and collect information about what you do and where you go in your car. All 25 car brands we researched earned our *Privacy Not Included warning label — making cars the official worst category of products for privacy that we have ever reviewed. Much to the surprise of nobody.
While the Pixel 6 ushered in three years of major Android OS version updates and an additional two for security patches, that’s still nowhere near the longevity of the iPhone. Google hopes to change that on the Pixel 8 and 8 Pro with noticeably more OS updates. Looking at the mobile Android landscape, three years of OS updates – which was also the case on Qualcomm-powered Pixel phones from 2017-2021 – is less than Samsung’s promise of four, which started last year with the Galaxy S21, S22, Flip 3, and Fold 3 and continued through devices released this year, including some of the company’s more affordable releases. From what we’re hearing, Pixel 8’s update promise should surpass Samsung’s current policy on flagships and meaningfully match the iPhone. Of course, the devil is in the details, especially in those later years. For example, the Galaxy line has, in the past, adopted a quarterly approach towards the end. Even a bump to just five years of OS updates for Pixel would be enough and let the Google phone be at the top of the ecosystem, with anything beyond that squarely going after the iPhone’s record. The situation has definitely been improving – finally – but I’d still like this to be platform-wide, and not just individual manufacturers making promises. To reduce e-waste, make devices more secure and ensure longer lifespans, I’d like to see 10 years of full software support. The tech industry has a long history of garbage support and low quality – especially when it comes to software – that we would not tolerate from any other industry. It’s time the tech industry grew up and joined other industries that offer far longer and more comprehensive support.