Thom Holwerda Archive

Meta now lets EU users unlink their Facebook, Messenger and Instagram accounts

In a major move addressing European regulations, Meta will soon give users in the EU, EEA, and Switzerland significantly more control over how their data is used across Facebook and Instagram. The changes, set to begin rolling out in the coming weeks, aim to comply with the Digital Markets Act (DMA). ↫ Omer Dursun at NeoWin You’ll be able to unlink Facebook’s various services – such as Instagram and Facebook’s main social network thing – and you’ll be able to use Facebook Messenger as a standalone service without needing to have a Facebook account. Sadly, there’s no word on WhatsApp. This only applies to people in the EU/EEA. Americans need not apply.

RubyWM: an X11 window manager in pure Ruby

It’s a minimalist (currently <1K lines) pure Ruby (including the X11 driver) X11 window manager. It is focused on tiling, but allows you to choose to assign a tiling layout to specific desktops or leave them floating. Currently whether or not you use tiling or floating layout there is no window decoration and windows are not draggable or resizable by pulling on borders (but you can do that with Windows key + left/right mouse button) Like bspwm, which was an inspiration, the wm supports no keyboard handling – all keyboard handling is deferred to separate tools like sxhkd. Unlike bspwm this WM has no dedicated IPC mechanism. Instead, so far, all communication happens via X11 ClientMessage events, which means any tool, like xdotool etc. that can produce those events can control the WM. ↫ Vidar Hokstad on RubyWM’s GitHub page In the blog post announcing RubyWM, the author makes it very clear that while he uses this WM full time, he is also willing to work around its bugs, and that certain tools will simply break if you use it. He considers it more of a tech demo, and that you really shouldn’t rely on this for any serious work.

Reversing the Web-@nywhere Watch: browse fragments of the web on your wrist

Smartwatches at the turn of the century were a more motley assortment than today’s, with an even wilder range of functionality. If you had a few hundred dollars or so, there were some interesting options, even back then. But if all you had was $85 (in 2024 dollars about $150), you still weren’t left out, because in 2001 you could get the Web-@nywhere (the “Worldwide Web Watch”). Load up the software on your PC and slap it in its little docking station, and you could slurp down about 93K of precious Web data to scroll on the 59×16 screen — 10 characters by 2 characters — to read any time you wanted! That is, of course, if the remote host the watch’s Windows 9x-based client accessed were still up, on which it depended for virtually anything to download and install. Well, I want 95,488 bytes of old smartwatch tiny screen Web on my wrist, darn it. We’re going to reverse-engineer this sucker and write our own system using real live modern Web data. So there! ↫ Old Vintage Computing Research Y’all know the drill by now – I’m a sucker for these kinds of stories. What a great, extremely detailed read, with code to boot.

Platform tilt: documenting the uneven playing field for an independent browser like Firefox

This tilt manifests in a variety of ways. For example: making it harder for a user to download and use a different browser, ignoring or resetting a user’s default browser preference, restricting capabilities to the first-party browser, or requiring the use of the first-party browser engine for third-party browsers. For years, Mozilla has engaged in dialog with platform vendors in an effort to address these issues. With renewed public attention and an evolving regulatory environment, we think it’s time to publish these concerns using the same transparent process and tools we use to develop positions on emerging technical standards. So today we’re publishing a new issue tracker where we intend to document the ways in which platforms put Firefox at a disadvantage and engage with the vendors of those platforms to resolve them. ↫ The official Mozilla blog Excellent initative.

Interview: Haiku developer Waddlesplash

Haiku developer and community member Waddlesplash shares his insights on the project’s current state, challenges ahead, and hopes for the future. Waddlesplash discusses Haiku’s transition from a niche project to a potential daily driver OS, emphasizing the importance of maintaining momentum and addressing data corruption bugs. ↫ Andrea at Desktop On Fire! Haiku is definitely in a good place at the moment, and there’s some real momentum from outside the project. Yes, it’s even possible to daily-drive Haiku – with caveats, of course – and I hope they can keep this going.

What’s that touchscreen in my room?

Roughly a year ago I moved into my new apartment. One of the reasons I picked this apartment was age of the building. The construction was finished in 2015, which ensured pretty good thermal isolation for winters as well as small nice things like Ethernet ports in each room. However, there was one part of my apartment that was too new and too smart for me. It is obviously a touchscreen of some sort, but there was zero indication as to what it controls. The landlord had no idea what this is. There are no buttons or labels on the thing, just a tiny yellow light to let you know it has the power. ↫ Nikita Lapkov What follows is an investigation into what it is, how to get it working, and, of course, how to hack it and make it more useful.

The case for Rust (in the FreeBSD base system)

FreeBSD is discussing adding Rust to the FreeBSD base system. In a recent thread on src-committers, we discussed the costs and benefits of including Rust code in the FreeBSD base system. To summarize, the cost is that it would double our build times. imp suggested adding an additional step after buildworld for stuff that requires an external toolchain. That would ease the build time pain. The benefit is that some tools would become easier to write, or even become possible. ↫ Warner Losh on the freebsd-hackers mailing list From everything I’ve read and what you, the readers, have told me, someone who isn’t a programmer, languages like Rust really are a big improvement over older languages, and it’s probably not a good idea for a major, important project like FreeBSD to isolate its base system from such progress. Now, I’m not at all qualified to say whether Rust, specifically, is the right choice, but a language like Rust should probably be part of the base system. A big issue is FreeBSD’s architecture support. Rust is not well-supported or even supported at all on all the various platforms FreeBSD supports, which might prove to be a road block for now. That being said, letting barely used ISAs hamper your progress too much might not be a good idea either. Rust has already become a supported language for the development of the Linux kernel.

In 2024, Genode to focus on multi-monitor, suspend/resume, touchpads, and much more

Without hesitation, our developer community quickly rallied behind the topic “Sculpt OS usability”, desiring to boost the user experience with respect to multi-monitor usage, convenient interactive UIs for common tasks, profound support for touchpads and touchscreens, tearing-free graphics, low-latency audio, casual on-target debugging, and suspend/resume. The focus on usability notwithstanding, we will steadily continue with the gardening of Genode’s driver landscape, fostering the consistent use of drivers ported from up-to-date Linux kernels, clear-cut ACPI support, and making drivers pluggable. In 2024, we will also promote Genode’s custom (base-hw) microkernel to become the default kernel for Sculpt OS, which is the culmination of a multi-year effort. ↫ Official Genode news post The updated roadmap for 2024 details the goals of the project for the coming current year.

BugCheck2Linux: run Linux in a tiny RISC-V emulator during a Windows BSOD

Running into a blue screen of death, but don’t want your journey to end? Well, how about dropping into a Linux shell when you hit a BSOD in Windows? We simply register a BugCheck callback. The callback function runs a tiny RISC V emulator running linux. For the video output we use bootvid.dll and for input we have a horrible simple polling based PS/2 keyboard driver. ↫ BugCheck2Linux GitHub page The gist here is that during a BSOD, drivers can reset a device to a known working state and gather diagnostic data, so what the BugCheck2Linux “driver” does is load up an incredibly small RISC-V emulator, boot a Linux kernel, and drop you in a shell. An incredibly limited shell that can barely do anything, but a shell nonetheless. And when I say “limited”, I really do mean “limited”: it only works on BIOS systems, runs at 640×480 in 16 colours, the shift key doesn’t work (you’ll need to use caps lock for that), and you can’t use backspace either. Still, this is an incredibly cool proof of concept, and I wonder if more is possible here. Who knows – this could become a valuable troubleshooting tool.

Google to restricts access to IMAP, SMTP, POP to OAuth this year

As part of our commitment to user safety, Google Workspace will no longer support the sign-in method for third-party apps or devices that require users to share their Google username and password. This antiquated sign-in method, known as Less Secure Apps (LSAs), puts users at an additional risk since it requires sharing Google Account credentials with third-party apps and devices that can make it easier for bad actors to gain unauthorized access to your account.  Instead, you’ll need to use the option to Sign-In with Google, which is a safer and more secure way to sync your email to other apps. Sign-in with Google leverages industry standard and more secure OAuth method of authentication already used by the vast majority of third-party apps and devices. ↫ Google Workspace Updates What this means is that “all third-party apps that require password-only access to Gmail, Google Calendar, Contacts via protocols such as CalDAV, CardDAV, IMAP, SMTP, and POP” will no longer work. Crucial to note, however, is that App Passwords will continue to work, which is good news, because without App Passwords, older IMAP email clients without OAuth support, such as the ones often used on legacy or minor operating systems, would cease to work with Gmail.

Mourning Google

On March 15, 2010, I started a new job at Google. The fourteen years since that day feel like a century. The title of my announcement was Now A No-Evil Zone and, OK, I can hear the laughing from ten timezones away. I tried, then, to be restrained, but there are hardly words to describe how happy and excited I was. I had escaped from the accretion disk the former Sun Microsystems was forming around Oracle, that blackest of holes. And Google, in 2010, was the coolest place in the world to work. Let me quote myself from a little bit further into that piece, on the subject of Google: “I’m sure that tendrils of stupidity and evil are even now finding interstitial breeding grounds whence they will emerge to cause grief.” Well, yeah. This is in my mind these days as I’m on a retired-Googlers mailing list where the current round of layoffs is under discussion and, well, it really seems like the joy has well and truly departed the Googleplex. ↫ Tim Bray The honeymoon phase with the technology sector is well and long over, and we’re deep into an unhappy, unpleasant, joyless marriage now – and the fault lies entirely with the big technology companies themselves. They promised they’d change the world for the better, but they lied – and still lie – about the price.

Hans Reiser on ReiserFS deprecation from the Linux kernel

What follows is a letter from Hans Reiser to myself, which he wrote some two months back, and has asked me to publish, with his thoughts on the deprecation of ReiserFS from the Linux kernel. I have transcribed it to the best of my ability. Plaintext email may not be the best way to read it, as such, I have also made available PDF and HTML versions of the letter. ↫ Fredrick R. Brennan Hans Reiser is the creator of the ReiserFS file system, which used to be a serious contender for the Linux file system you’d use in the early 2000s. In 2006, Hans Reiser murdered his wife, and is currently serving a prison sentence for this crime. Hopefully, after he completes his prison sentence, he can become a contributing member of society once again, if the professionals and specialists involved in such matters deem him capable of doing so. The long letter mentioned here was actually quite a fascinating read, and details his abrasive behaviour in the Linux world, the design of ReiserFS and its place in the ecosystem at the time, and his thoughts on the removal of ReiserFS from the Linux kernel.

VMware is killing off 56 products amid “tectonic” infrastructure shift

Broadcom’s brutal assault on VMware’s product suite continues, with the company’s new owner this week confirming that it is sunsetting a massive 56 VMware products and platforms – as investors said this week that they anticipated a “tectonic shift” in the infrastructure market as a result.  In a January 15 advisory VMware confirmed tersely that it was taking a sweeping range of products to “End of Availability” and that “these products are no longer available for purchase” – although most remain advertised enthusiastically, for now, on slick corporate website pages. ↫ Ed Targett The list of products is a thing to behold, for sure. I don’t think I’ve ever seen that many enterprise products together in one list, and I once spent weeks scouring and dealing with HPE.

WebGPU comes to Chrome 121 for Android

The Chrome team is excited to announce that WebGPU is now enabled by default in Chrome 121 on devices running Android 12 and greater powered by Qualcomm and ARM GPUs. Support will gradually expand to encompass a wider range of Android devices, including those running on Android 11 in a near future. This expansion will be dependent on further testing and optimization to ensure a seamless experience across a broader range of hardware configurations. ↫ François Beaufort Mind you, this is about WebGPU, not WebGL.

Lichee Console 4A, RISC-V mini laptop: review, benchmarks and early issues

I always liked small laptops and phones – but for some reason they fell out of favor of manufacturers (“bigger is more better”). Now if one wanted to get tiny laptop – one of the few opportunities would have been to fight for old Sony UMPC’s on ebay which are somewhat expensive even today. Recently Raspberry Pi/CM4-based tiny laptops started to appear – especially clockwork products are neat, but they are not foldable like a laptop. When in summer of 2023 Sipeed announced Lichee Console 4A based on RISC-V SoC – I preordered it immediately and in early January I finally received it. Results of my testing, currently uncovered issues are below. ↫ Mikhail Svarichevsky I want one of these.

Do users write more insecure code with AI assistants?

AI code assistants have emerged as powerful tools that can aid in the software development life-cycle and can improve developer productivity. Unfortunately, such assistants have also been found to produce insecure code in lab environments, raising significant concerns about their usage in practice. In this paper, we conduct a user study to examine how users interact with AI code assistants to solve a variety of security related tasks. Overall, we find that participants who had access to an AI assistant wrote significantly less secure code than those without access to an assistant. Participants with access to an AI assistant were also more likely to believe they wrote secure code, suggesting that such tools may lead users to be overconfident about security flaws in their code. To better inform the design of future AI-based code assistants, we release our user-study apparatus and anonymized data to researchers seeking to build on our work at this link. ↫ Neil Perry, Megha Srivastava, Deepak Kumar, and Dan Boneh I’m surprised somewhat randomly copying other people’s code into your program – violating their licenses, to boot – leads to crappier code. Who knew!

From 0 to 1 MB in DOS

Since the last article on the text-based IDEs of old, I’ve been meaning to write about the GCC port to DOS, namely DJGPP. As I worked on the draft for that topic, I realized that there is a ton of ground to cover to set the stage so I took most of the content on memory management out and wrote this separate post. This article is a deep dive on how DOS had to pull out tricks maximize the use of the very limited 1 MB address space of the 8086. Those tricks could exist because of the features later introduced by the 80286 and the 80386, but these were just clutches to paper over the fact that DOS could not leverage the real improvements provided by protected mode. ↫ Julio Merino The DOS memory story is a string of hacks upon hacks that somehow managed to work – and that still work today.

Google introduces Google Takeout API

Google has detailed more of the changes it’s implementing to comply with the European Union’s Digital Markets Act. We already covered the changes to linked services, but Google is also changing how results related to shopping and booking results are displayed. We will introduce dedicated units that include a group of links to comparison sites from across the web, and query shortcuts at the top of the search page to help people refine their search, including by focusing results just on comparison sites. For categories like hotels, we will also start testing a dedicated space for comparison sites and direct suppliers to show more detailed individual results including images, star ratings and more. These changes will result in the removal of some features from the search page, such as the Google Flights unit. ↫ Oliver Bethell Google is also releasing its promised Google Takeout API, allowing developers to programmatically deal with users wanting to take their data out of Google to another service. This one in particular I’m interested in, since I’m curious if, say, a competing email service will make it easier and automatic to move away from Gmail.

Ruffle: an open source Flash Player emulator

Made to run natively on all modern operating systems and browsers, Ruffle brings Flash content back to life with no extra fuss. ↫ Ruffle website It’s using Rust and WASM, making it supposedly safer than the real Flash PLayer ever was, and of course, it’s open source too. Their most recent progress report details just how far along this project already is.