Thom Holwerda Archive

Hackers are spamming businesses’ receipt printers with ‘antiwork’ manifestos

Someone or multiple people are blasting “antiwork” manifestos to receipt printers at businesses around the world, according to people who claim to have seen the printed manifesto, dozens of posts on Reddit, and a cybersecurity company that is analyzing network traffic to insecure printers. An intersection between technology and social issues – and an inventive and effectively harmless one, too. Especially the United States, but a lot of other countries too, desperately needs a lot more strong unions, and if this plays even a small role in getting there, it’s worth it.

Booting Haiku’s RISC-V images

Thanks in large part to the hard work by X512 and everyone developing on Haiku, our nightly RISCV64 images are now functional. RISC-V marks Haiku’s first functional non-Intel/x86 port! This is still crazy to me. This port has taken relatively little time, yet it marks a major milestone in Haiku’s history.

KDE developer urges KDE to embrace simplicity by default, without removing features

This is what I think we should shoot for in KDE: software that is simple by default so it can work for 1-dot users, but powerful when needed via expansive customization, so that it can appeal all the way to the 4-dot users–which includes many KDE developers. This is currently a strength of KDE software, and it won’t be going away! Essentially we need to fully embrace Plasma’s motto of “Simple by default, powerful when needed” all KDE software, not just Plasma. Nate Graham, KDE developer, is arguing that KDE needs simpler defaults – without losing the customisability that makes KDE, well, KDE. I think this is a good goal – especially since many distributions can opt for different defaults anyway. KDE is an amazing collection of software, but there’s no denying its plethora of options and customisation can also be intimidating and a little bit overwhelming, even for experienced users such as myself. Of course, this can only really work if the option to tweak every individual pixel remains available for those of us that want it – we don’t need Knome.

FTC sues to block Nvidia acquiring ARM

The Federal Trade Commission today sued to block U.S. chip supplier Nvidia Corp.’s $40 billion acquisition of U.K. chip design provider Arm Ltd. Semiconductor chips power the computers and technologies that are essential to our modern economy and society. The proposed vertical deal would give one of the largest chip companies control over the computing technology and designs that rival firms rely on to develop their own competing chips. The FTC’s complaint alleges that the combined firm would have the means and incentive to stifle innovative next-generation technologies, including those used to run datacenters and driver-assistance systems in cars. It seems increasingly unlikely that this acquisition will go through. I think that’s a good thing – while I’d rather Nvidia purchase ARM than Apple, Google, Microsoft, or Amazon, an even better outcome would be a profitable, independent ARM.

Oxide Announces Hubris OS

Oxide announced Hubris, their microkernel OS for embedded systems, and Humility the debugger for it. As time went on in early 2020 and we found ourselves increasingly forcing existing systems out of the comfort of their design centers, we wondered: was our assumption of using an existing system wrong? Should we in fact be exploring our own de novo operating system? Instead of having an operating system that knows how to dynamically create tasks at run-time (itself a hallmark of multiprogrammed, general purpose systems), Cliff had designed Hubris to fully specify the tasks for a particular application at build time, with the build system then combining the kernel with the selected tasks to yield a single (attestable!) image. This is the best of both worlds: it is at once dynamic and general purpose with respect to what the system can run, but also entirely static in terms of the binary payload of a particular application — and broadly static in terms of its execution. Oxide is working on producing what is basically a rack sized blade server. It’s a rack pre-populated with hardware controlled by a single control plane. The rack is meant to be a single, sealed unit, and as such, they needed something which could be embedded into the various controllers in the rack. Hubris is written in Rust, it’s MPL licensed, and there is a GitHub repository.

Haiku gets initial 3D acceleration

I implemented RadeonGfx driver server mode and now it is possible to run multiple processes that use 3D acceleration. Because of GFX ring reset hack, command buffer scheduling is limited and only one command buffer can be executed at moment of time. That’s right – that’s X512, the amazing developer who ported Haiku to RISC-V, now working on bringing initial 3D acceleration to Haiku. There’s a long road ahead for this to become a default, working part of Haiku, but that doesn’t make these first steps any less impressive.

DESQview/X : the forgotten mid-1990s OS from the future

So. What is DESQview/X? Many people, in the current day and age, may have never even heard of this system from the mid-1990s. Its predecessor, DESQview (without the “/X”) which was first released in 1985, was a multi-tasking, windowing system for DOS. It allowed someone, with very modest PC hardware, to run multiple text-mode DOS applications at the same time. With overlapping, resizable windows. Pretty darned cool. This multitasking wasn’t the cooperative multi-tasking that we saw in early Windows (through 3.11) and MacOS up through version 9. No sir-ee bob. DESQview had true, preemptive multi-tasking. Fast. Stable. Lightweight. It was downright impressive. But it was all text-mode. Then DESQview/X came along, in the 1990s, bringing a complete X11 (aka X Windows) graphical interface with it. Impressive, for sure. I have heard of it, but never actually used it or even tried it. This article has piqued my interest, and I’m definitely going to fire up a VM and play around with this. For more in-depth information, there’s a book called DESQview/X: A Technical Perspective from 1990 on

ungoogled-chromium: Google Chromium, sans integration with Google

ungoogled-chromium is Google Chromium, sans dependency on Google web services. It also features some tweaks to enhance privacy, control, and transparency (almost all of which require manual activation or enabling). ungoogled-chromium retains the default Chromium experience as closely as possible. Unlike other Chromium forks that have their own visions of a web browser, ungoogled-chromium is essentially a drop-in replacement for Chromium. In light of the previous post, if you really do need to use Chromium for whatever reason, forego Microsoft ‘coupon clipper‘ Edge, the closed-source Vivaldi, or the cryptoscammy Brave – and opt for ungoogled-chromium instead.

Firefox is the only alternative

Supposedly today we have a lot of browsers to choose from – Google Chrome, Safari, Microsoft Edge, Firefox, Brave, Opera, Vivaldi, etc. Having choices is a good thing, right? Nobody wants to relive the time of almost complete Internet Explorer domination again. Unfortunately our choices are significantly fewer than they seem to be at first glance, as Chrome and Safari (thanks to the iPhone) totally dominate the browser landscape in terms of usage and almost all browsers these days are built on top of Chromium, Chrome’s open-source version. Funny enough even Edge is built on top of Chromium today, despite the bitter rivalry between Google and Microsoft. What’s also funny is that Chrome and Safari control about 85% of the browser market share today, and Microsoft’s Edge commands only about 4%. Firefox all the way for me. We need more than one browser engine to succeed, and Firefox is the only viable alternative to Chrome’s dominance. Safari is tied to Apple so far too limiting, but at least it’s not Chromium-based, so that’s a plus. I’ve been starting to see websites that simply do not work in Firefox, which has me deeply worried about just how long I can keep up using my browser of choice.

VMware mouse driver for Windows 3.x

Running Windows 3.1 in VMware (or seemingly, QEMU, but it’s not yet tested), but annoyed by having to grab and ungrab the cursor manually? Wish you could just move the cursor in and out like a modern OS (one with USB tablet support or VMware Tools drivers), with no Ctrl+Alt dancing? Or want to control your cursor at all under the ESXi web UI? (It doesn’t do relative input.) With this driver, now you can. It implements the interface that VMware uses (the backdoor), replacing the existing PS/2 mouse driver. Vital for anyone who runs Windows 3.x virtual machines.

Why V7 Unix matters so much

When I talk about things involving the history of Unix, I often wind up mentioning V7, also known as Seventh Edition of Research Unix from Bell Labs (for a recent example, in my entry on when Unix got stack size limits). If you’re relatively new to the history of Unix, you might wonder why V7 keeps coming up so often. There are a number of reasons that V7 matters so much both for the history of Unix and for what is what we think of as being ‘Unix’ and the Unix way. The history of Unix is… Complicated.

Microsoft pushes ahead with controversial ‘buy now, pay later’ feature for Edge browser

Microsoft is introducing a new feature in Edge allowing customers to pay for e-commerce transactions in installments – and not everybody is happy. The ‘buy now, pay later’ (BNPL) feature is, controversially, integrated at the browser level, thanks to a partnership with third-party payments provider Zip, formerly QuadPay. The option is similar to those already offered by many e-commerce sites and web payment providers such as PayPal. Tacky and tasteless feature.

Apple, Google and Facebook may be forced into cross-platform messaging

Apple, Google, Facebook and other tech companies may be forced into finding a solution that allows users to connect across the various messaging platforms. Currently, each service has its own way of handling communication that is not compatible with others, placing a burden upon the user when there is a need to reach someone using a different platform or service. A universal communication method would benefit the end-user, whether using an iPhone or Android phone, with Facebook, iMessage, or other social media apps. A cross-platform solution works against the existing model that social media and tech companies have accepted as standard, keeping their customers or users circling back to the same company rather than moving between different services. It’s the same reason for members’ rewards cards at grocery stores and punch cards for a free sandwich at the deli. Keeping the existing customer is much easier than recruiting a new one. This is such an obvious and popular requirement, I’m baffled it’s taking governments around the world this long to get to implementing it. So much of our communication infrastructure is owned by 3-4 giant technology companies, all incompatible with each other, with absolutely zero control over what happens to your messages and your data. Forcing them to be interoperable – preferably via forcing the publication of open APIs third party developers can tap into – is not only the bare minimum we should expect from our online communication channels, it’s probably also a highly popular requirement that would simplify the the lives of people all across the European Union, where different countries favour different messaging protocols. How could anybody without a financial stake in Apple, Google, or Facebook be against this? Of course, the very, very sour note here is that at the same time, the European Commission is also toying with the idea of weakening or outright eliminating end-to-end encryption in messaging applications, so it might well turn out to be all for naught.

Go does not need a Java-style GC

Modern languages such as Go, Julia and Rust don’t need complex garbage collectors like the ones use by Java C#. But why? To explain why, we need to get into how garbage collectors work and how different languages allocate memory in different ways. However, we will start by looking at why Java in particular needs such a complex garbage collector. Good info on how Go deals with memory versus how Java, mainly, handles memory. The most interesting start of a rabbit hole is the mention of research work around memory allocators.

The secret history of ATAPI

The other day I asked myself a seemingly trivial question: What was the first ATAPI CD-ROM drive and when was it available? Given that ATAPI was a major technology which instantly obsoleted all proprietary CD-ROM interfaces and made SCSI much less desirable, one might expect that there would have been some press releases touting the advantages of the new technology, articles describing the whys and wherefores, but… nope. There is nothing. And so begins a deep dive into the origins of ATAPI, through examining early drivers and their code.

airyxOS Tanuki v0.3.0 released

Airyx OS has seen its first beta release, with a quite a few big improvements. • Default application bundles: Firefox, Terminal, and Kate• A new AppKit-based ObjectiveC installer (Install• Java SDK 17.0.1+12• Updated to FreeBSD 12.3RC base OS and kernel• Improvements to AppKit including better support of color catalogs and color lists, more Mac-like default colors, support for pop-up menus, fixed scrollbar icons, improved font handling, system key bindings, improved NIB support, fixed glitches in window resizing and moving, and more.• Updated many packages You can read more about Airyx on its website, and be sure to follow the project’s account on Twitter for more updates.

Apple sues NSO Group for abuse of state-sponsored spyware, yet continues to aid China in the abuse of state-sponsored spyware

Apple today filed a lawsuit against NSO Group and its parent company to hold it accountable for the surveillance and targeting of Apple users. The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices. I wonder if this means Apple will sue itself next, because what the NSO Group does is not that different from what Apple itself does in, for instance, China. Apple has given the Chinese government full access to the iCloud data of all Chinese Apple users, so much so that even Apple itself cannot enter the date centres where Chinese iCloud data is stored. If Apple is suing the NSO Group for the “surveillance and targeting of Apple users”, why isn’t Apple saying anything about how it is aiding China to do the exact same thing? Don’t get me wrong – the NSO Group is terrible and if they get sued out of existence that’s a major win, but the blatant hypocrisy here is so obvious I almost feel like Apple is doing this just to see how far its supporters are willing to go to defend them. It’s easy to stick to your morals in countries with fair and open judicial systems. It’s how you act in those that don’t that show who you really are.

Arcan 0.6.1 released

The “desktop-engine” Arcan has put out a new release after close to a year of development, continuing its current focus on improving network transparency. A recent and long post on Arcan as OS Design is also a worthwhile and interesting view into this fascinating project.

Flatpak is not the future

The current solutions involve packaging entire alternate runtimes in containerized environments. Flatpak, Snap, AppImage, Docker, and Steam: these all provide an app packaging mechanism that replaces most or all of the system’s runtime libraries, and they now all use containerization to accomplish this. Flatpak calls itself “the future of application distribution”. I am not a fan. I’m going to outline here some of the technical, security and usability problems with Flatpak and others. I’ll try to avoid addressing “fixable” problems (like theming) and instead focus on fundamental problems inherent in their design. I aim to convince you that these are not the future of desktop Linux apps. I fully agree. If you’re a Linux application developer, packaging your application up as an RPM and DEB is really all you need to do; you’ll cover by far the most desktop Linux users, and your code will most likely be packaged up by package maintainers of smaller package management systems as well. All these “solutions” just add additional layers of confusion, bloat, issues, and bugs that can be easily avoided by sticking to your distribution’s own package manager. I simply avoid any application packaged up in any of these formats – with the exception of Steam – and move on to something from a developer who does understand and care about desktop Linux.