The BitLocker partition is encrypted using the Full Volume Encryption Key (FVEK). The FVEK itself is encrypted using the Volume Master Key (VMK) and stored on the disk, next to the encrypted data. This permits key rotations without re-encrypting the whole disk. The VMK is stored in the TPM. Thus the disk can only be decrypted when booted from this computer (there is a recovery mechanism in Active Directory though). In order to decrypt the disk, the CPU will ask that the TPM sends the VMK over the SPI bus. The vulnerability should be obvious: at some point in the boot process, the VMK transits unencrypted between the TPM and the CPU. This means that it can be captured and used to decrypt the disk. This seems like such an obvious design flaw, and yet, that’s exactly how it works – and yes, as this article notes, you can indeed capture the VMK in-transit and decrypt the disk.
In June 2022, I started work on porting FreeBSD to run on Firecracker. My interest was driven by a few factors. First, I had been doing a lot of work on speeding up the FreeBSD boot process and wanted to know the limits that could be reached with a minimal hypervisor. Second, porting FreeBSD to new platforms always helps to reveal bugs — both in FreeBSD and on those platforms. Third, AWS Lambda only supports Linux at present; I’m always eager to make FreeBSD more available in AWS (although adoption in Lambda is out of my control, Firecracker support would be a necessary precondition). The largest reason, however, was simply because it’s there. Firecracker is an interesting platform, and I wanted to see if I could make it work. Firecracker is Amazon’s virtual machine monitor. This article goes in great detail about the process of porting FreeBSD to run on Firecracker.
Microsoft Edge on Windows 10 and Windows 11 has again flagged ChromeSetup.exe – the installation file for Google’s famous Chrome browser – as potentially harmful. Microsoft Edge’s built-in security feature suggests users delete ChromeSetup.exe and try Edge via multiple pop-up messages. Windows Latest understands Microsoft Edge 116 has incorrectly flagged ChromeSetup.exe as potentially harmful. This appears to be a mistake, and only some users see it. In our tests, we observed the error in one out of five Microsoft Edge 116 stable installations. A “mistake”. I’m sure it was.
Python is one of the most popular programming languages today, loved by businesses and students alike and Excel is an essential tool to organize, manipulate and analyze all kinds of data. But, until now, there hasn’t been an easy way to make those two worlds work together. Today, we are excited to introduce the Public Preview of Python in Excel – making it possible to integrate Python and Excel analytics within the same Excel grid for uninterrupted workflow. Python in Excel combines Python’s powerful data analysis and visualization libraries with Excel’s features you know and love. You can manipulate and explore data in Excel using Python plots and libraries, and then use Excel’s formulas, charts and PivotTables to further refine your insights. The preview is available now.
Meanwhile, if you are on Windows 11 and wondering about its compatibility with your system, a document from Intel, spotted by Twitter (X) user Chi11eddog, seemingly confirms that Windows 11 is going to be supported. And although the document does not mention Windows 12, which is expected given that the product has not even been officially announced yet (Microsoft recently revealed the release date for Windows 11 23H2). While this is certainly expected, users who would have stuck to their Windows 10 PCs, either due to the hardware being not on the support list or simply because they prefer the older OS over the new ones, are likely going to be out of luck as the supported OS does not mention Windows 10. I mean, at the time Wi-Fi 7 comes out, Windows 10 will be almost a decade old. I’m all for a good Microsoft thrashing, but expecting them to go back and add support for Wi-Fi 7 to a decade-old operating system seems a bit unrealistic.
Four nonprofit groups seeking to protect kids’ privacy online asked the Federal Trade Commission (FTC) to investigate YouTube today, after back-to-back reports allegedly showed that YouTube is still targeting personalized ads on videos “made for kids”. Now it has become urgent that the FTC probe YouTube’s data and advertising practices, the groups’ letter said, and potentially intervene. Otherwise, it’s possible that YouTube could continue to allegedly harvest data on millions of kids, seemingly in violation of the Children’s Online Privacy Protection Act (COPPA) and the FTC Act. Targeted online advertising already oozes sleaziness, but targeting children is on a whole different level. There’s a reason you should keep a close eye on what your kids are watching on YouTube, and the various content rabbit holes YouTube’s algorithm can trap people in aren’t the only reason to do so. I’m not one of those extremists that believes YouTube is universally bad for kids – it all depends on what you watch, not that you watch – but that doesn’t mean I’m about to hand the remote control to my kids and leave the room.
The company raked in $13.5 billion in revenue since May, it revealed in its Q2 2024 earnings, with the unprecedented demand for its generative AI chips blowing past any difficulty it might have had selling desktop and laptop GPUs into a shrinking PC industry. Data center accounted for a record $10.32 billion of that revenue, more than doubling in just one quarter, and Nvidia made $6.188 billion in profit as a result — up 843 percent year over year. And while gaming is more than a billion dollars short of pandemic highs, it was actually up 22 percent year over year to $2.48 billion in revenue, too. I don’t really post about financial results anymore – the amounts of money “earned” by tech companies are obscene and utterly destructive – but I do want to highlight NVIDIA here, if only to be able to link back this a few years from now after the “AI” bubble has popped.
Over the past year or so, I’ve been working with other BlueSCSI developers to add Wi-Fi functionality to their open-hardware SCSI device, enabling Wi-Fi support for old Macs and other vintage computers going back some 36 years. This is my Macintosh Portable M5126. It’s very Macintosh and hardly portable. For some reason I’m using it on my lawn reading the Wi-Fi Wikipedia article over Wi-Fi through my Wikipedia application for System 6, with my Wi-Fi Desk Accessory showing it connected to my “!” network with meager signal strength. With PCB production having become relatively commoditised, we’re seeing so many pieces of hardware designed specifically for retro computing, and it’s great. Small audiences is no longer a limiting factor in making things like this available, and I’m here for it.
Ars Technica writes: There are hundreds of billions of lines of COBOL code running on production systems worldwide. That’s not ideal for a language over 60 years old and whose primary architects are mostly retired or dead. IBM, eager to keep those legacy functions on its Z mainframe systems, wants that code rewritten in Java. It tried getting humans to do it a few years back, but now it has another idea. Yes, you guessed it: It’s putting AI on the job. The IBM watsonx Code Assistant, slated to be available in Q4 this year, intends to keep humans in the mix, but with a push from generative AI in analyzing, refactoring, and testing the new object-oriented code. It’s not an all-or-nothing process, either, as IBM claims that watsonx-generated code should be interoperable with COBOL and certain Z mainframe functions. This might be one of those cases where using “AI” actually makes sense and can be a meaningful tool for the relatively few COBOL programmers left trying to modernise COBOL codebases. I’m obviously not well-versed enough in any of this to make any objective statements, but it seems to make sense.
The computer on Keegan McNamara’s desk is like nothing I’ve ever seen before. The machine sits on a light wood table, bathed in the sunlight coming into the second floor of McNamara’s Los Angeles house. McNamara, tall and blonde in jeans and a light khaki Carhartt jacket, walks over to the desk, sits down, and reaches over to hit the power button. Then he pauses. He forgot something. He digs into his pants pocket, pulls out his keys, picks a silver one, sticks it into a cylinder just to the right of the computer’s 8-inch screen, and turns. A light on the left side of the device turns red. Then McNamara reaches up and flips a silver switch just above the keyhole, the lights on the left turn to yellow and then green, and his computer comes to life. Like I said, this is not your average computer. This sure is interesting.
Google introduced Project Mainline in Android 10, modularizing OS components so feature and security updates could be delivered through Google Play instead of regular OTA updates. Android 10 launched with 12 supported Mainline modules, but in the latest release, that number has ballooned to 37 updatable modules. Here’s a look at how Project Mainline is changing in Android 14 and beyond. If you can’t get OEMs to do their job – you have to do it yourself, it seems. The downside to this is that Android is getting less and less open by the year.
You can still do a clean install of Windows, and it’s arguably easier than ever, with official Microsoft-sanctioned install media easily accessible and Windows Update capable of grabbing most of the drivers that most computers need for basic functionality. The problem is that a “clean install” doesn’t feel as clean as it used to, and unfortunately for us, it’s an inside job—it’s Microsoft, not third parties, that is primarily responsible for the pile of unwanted software and services you need to decline or clear away every time you do a new Windows install. You mean you don’t want Candy Crush Saga and Instagram ads on your freshly installed PC?
Despite all of the litigation, Windows 2 made it to market, gained 3rd party support, and signaled a massive transition in computing that all of the competition had failed to do. With Windows 2, millions of people were using a graphical desktop with graphical applications. The mouse was made a standard tool. PCs were now being urged to adopt powerful graphics adapters. Many people claim Windows 2 to be a failure, but this is not an accurate assessment. While it didn’t sell to the level of later releases, the market hadn’t really become accustomed to buying an operating system on a store shelf. People typically received an OS as part of a computer purchase. That Microsoft was able to sell over 2 million copies of Windows 2 shows a serious change; MS-DOS’s days were now numbered. I’ve always considered Windows 1.0 and 2.0 to be false starts, failed attempts at what would become Windows 3.x. This article makes the case that Windows 2.0 was more important and successful than we give it credit for today.
FreeBSD developers are looking at using the open-source NVIDIA kernel driver being developed by NVIDIA as an open-source Direct Rendering Manager driver that is out-of-tree, but not to be confused with Nouveau. With that kernel driver they are able to provide this nvidia-drm-kmod driver on their own and within the ports collection for better integration with the kernel and those wanting one less kernel binary blob. Excellent news for FreeBSD users with NVIDIA cards.
I’ve been working off and on doing further Mac-ification to my updated fork of MacLynx, the System 7-compatible port of the venerable text browser Lynx for classic 68K Macintoshes (and Power Macs) running A/UX 3.x or System 7.x and later. There’s still more to do, but a lot has been worked in since I last dropped beta 4, so it’s time for another save point. Meet MacLynx “beta 5”. Extraordinary work, and a great way to keep an old Mac connected to the web.
ART is the engine behind the Android operating system (OS). It provides the runtime and core APIs that all apps and most OS services rely on. Both Java and Kotlin are compiled down to bytecode executed by ART. Improvements in the runtime, compiler and core API benefit all developers making app execution faster and bytecode compilation more efficient. While parts of Android are customizable by device manufacturers, ART is the same for all devices and Google Play system updates enable a path to modular updates. Google’s been working hard to make ART more modular, and untangling it from the rest of Android for easier updates. This has led to some drastic improvements in application startup times – ART 13 cut them by 30%, Google claims – and since ART updates hit every single Android device, there’s no fragmentation. As for the future, ART 14 is on its way. In the coming months, we’ll be releasing ART 14 to all compatible devices. ART 14 includes OpenJDK 17 support along with new compiler and runtime optimizations that improve performance while reducing code size. It’s good to see that some Android improvements are not held back by Android’s update woes.
Liam Dawe at GamingOnLinux looks back at the release of Valve’s Proton, five years ago today. Proton just makes a lot of sense. It didn’t take long for Valve to expand Proton to go initially from a few select Valve-approved titles, to being able to run anything we choose to try with it. From there, Linux gaming just seemingly exploded. And then eventually we saw why Valve made Proton with the Steam Deck announcement coming less than three years later in July 2021. Proton is one of the biggest things to happen to desktop Linux and PC gaming in general. It cannot be overstated just what it has done to the gaming market – people expect new games to just work on Linux now, and developers have to answer questions about it and promise support sooner rather than later. From big, defining titles like Elden Ring and Baldur’s Gate 3, down to the countless small indie titles – Proton and thus Linux support for games has been normalised. PC gaming is no longer a Windows-only thing, and that benefits all of us.
You can now play with NVIDIA GeForce graphics card BIOS like it’s 2013! Over the last decade, NVIDIA had effectively killed video BIOS modding by introducing BIOS signature checks. With GeForce 900-series “Maxwell,” the company added an on-die security processor on all its GPUs, codenamed “Falcon,” which among other things, prevents the GPU from booting with unauthorized firmware. OMGVflash by Veii; and NVflashk by Kefinator (forum names), are two independently developed new tools that let you flash almost any video BIOS onto almost any NVIDIA GeForce graphics card, bypassing “unbreakable” barriers NVIDIA put in place, such as BIOS signature checks; and vendor/device checks (cross-flashing). vBIOS signature check bypass works up to RTX 20-series “Turing” based GPUs, letting you modify the BIOS the way you want, while cross-flashing (sub-vendor ID check bypass) works even on the latest RTX 4090 “Ada.” No security is unbreakable. This will hopefully enable a lot of unlocking and safe performance boosts for artificially stunted cards.
As an undergraduate student in the early 1990s, I wrote all my class papers using WordPerfect for DOS. WordPerfect was a powerful desktop word processor that was used in offices all over the world. But WordPerfect was quite expensive; my student edition of WordPerfect cost around $300. When the new version of WordPerfect came out, I just couldn’t afford to buy it. Fortunately, the shareware market was starting to take off around this time. “Shareware” was a new model where software publishers released a program for free so you could try it out – usually for a limited time. If you liked it, you sent them a check and they mailed back a registered copy of the software. Shareware often had the same or similar features as the commercial software it aimed to displace, usually at a lower price. And that’s how I discovered the Galaxy word processor. Galaxy had all the features that I needed in a desktop word processor, but at about one-third the price. The registration fee for Galaxy was $99. There’s so many pieces of software that lost out in the market, and the further back in time we go, the more obscure these tend to get. I had never heard of Galaxy, but I’m glad someone took the time to write this article, ensuring – hopefully – it’ll be saved from obscurity for a long time to come.
Budgie 10.8 is a brand new release series for Budgie Desktop, featuring improvements to Budgie Menu, adoption of StatusNotifier support in System Tray, Magpie v0.x support, and more! I’m quite happy Budgie is back on track after a few leaner years. Development has picked up, there’s a clear roadmap, and it’s fun to follow along with the changes and improvements.
