Thom Holwerda Archive

Dutch digital identity system crisis

Dutch digital identity verification system DigiD has announced the phasing out SMS as second factor. That way they require citizens to install a smartphone app in order to use digital services from the government, municipalities, the health sector and others. These applications only work on iOS and Android phones, with reliance on third party services. Plenty of members of our community choose not to use a device that is tied to vendor-specific services. There is a threat our community will practically be locked out of the digital infrastructure the government has set up for us to use. Official alternatives are to ask a friend with the app for help or go back to snail mail and physical meetings. This is dreadfully bad, and illustrates just how badly we need rules and regulations in place to force governments to make access to its digital services completely platform-agnostic. The linked article references the German verification system, which published its code as open source, and allows anyone to make an application that uses it. The end result is a variety of open source alternatives, available on various platforms.

NVIDIA transitioning to official, open-source Linux GPU kernel driver

The day has finally come: NVIDIA IS PUBLISHING THEIR LINUX GPU KERNEL MODULES AS OPEN-SOURCE! To much excitement and a sign of the times, the embargo has just expired on this super-exciting milestone that many of us have been hoping to see for many years. Over the past two decades NVIDIA has offered great Linux driver support with their proprietary driver stack, but with the success of AMD’s open-source driver effort going on for more than a decade, many have been calling for NVIDIA to open up their drivers. Their user-space software is remaining closed-source but as of today they have formally opened up their Linux GPU kernel modules and will be maintaining it moving forward. Here’s the scoop on this landmark open-source decision at NVIDIA. I can’t believe this is happening. NVIDIA is open sourcing all of its kernel driver modules, for both enterprise stuff and desktop hardware, under both the GPL and MIT license, it will available on Github, and NVIDIA welcomes community contributions where they make sense. This isn’t just throwing the open source community a random bone – this looks and feels like the real deal. They’re even aiming to have their open source driver mainlined into the Linux kernel once API/ABI has stabalised. This is a massive win for the open source community, and I am incredibly excited about what this will mean for the future of the Linux desktop.

Apple discontinues iPod touch, ending 20 year run of iconic ‘iPod’ brand

It’s the end of an era: Apple is officially discontinuing the iPod touch. The company says that the device will be available only “while supplies last.” This also means that the “iPod” brand is officially retired, as the iPod touch was the last iPod in Apple’s lineup. It’s the end of an era for a product that was once one of the most popular gadgets in the world. The iPod was one of the most iconic product lines in recent history, and now, it’s something nobody ever even talks about anymore. Apple was willing to cannibalise its own iPod success with the iPhone, and it paid off.

Are alternative app stores worth it?

App Store Optimization is, for most people, synonymous with Apple’s App Store and Google’s Play Store. After all, they contribute to 90% of the total available apps in the market. But they’re not the only ones out there. These alternative app stores seem to lurk in the shadows but each of them has its slew of users. With the looming DMA and Open Markets Acts that aim to open the app markets to third-party stores,  their time to shine may be just around the corner. Are they worth looking into? We’re investigating the topic. I’m actually quite surprised by these numbers. Of course, China has a whole slew of China-only application stores that are incredibly popular, but even outside of China, there’s quite a few application stores that seem to have found their niche, and doing well. If you’re a developer of certain applications, it might be worth it to check some of these more specialised application stores. And with the EU on the brink of cracking Apple’s stranglehold on iOS applications, we’re going to see an explosion of tailored application stores,

Homemade TPM 2.0 Module

With the recent launch of Windows 11 Microsoft also made having a hardware TPM module mandatory. Although this technology is not new (it was introduced in Windows 10 and Windows Server 2016), now, that most people can’t upgrade to Windows 11, it will (slowly) become mainstream. (My personal opinion on it is that is probably a step in the right direction, but Microsoft could have handled mandating it better..) Several months ago, when I heard about this new requirement, I checked how much this upgrade for me would cost. At the time prices for a TPM2.0 module for my motherboard (Gigabyte AORUS GAMING 3) started at around €150, which is not much less then, but definitely comparable with, the price of the motherboard itself. Not prepared to pay that much for a “free” Windows 11 upgrade, I started to look into if and how I could create the same thing on my own. A cool and actually useful project – and the required code and schematics are available on GitHub.

Compiling an OpenBSD kernel 50% faster

This is approximately as wise as taking off from Mars in a ragtop rocket, but don’t worry, the math all checks out. My theory is that compiling less code will be faster than compiling more code, but first we must find the code so we know not to compile it. This is vital information to know in your day-to-day computing life.

OpenVMS E9.2 on x86 now available

We are excited to announce the availability of VSI OpenVMS E9.2 for x86-64, field test version of the upcoming V9.2 release. This is the next step in the journey to migrate OpenVMS to the x86-64 platform. The E9.2 release allows you to use the operating system with some of the most commonly-used hypervisors and includes a host of newly migrated applications. VSI has been porting OpenVMS to x86-64 for a while now, and it seems they’re getting quite close to general availability. E9.2 is focused on x86 hypervisors, and the porting effort as a whole should provide a future upgrade path for VMS users for a long time to come.

Android 13’s new sideloading restriction makes it harder for malware to abuse Accessibility APIs

Android’s Accessibility API is an incredibly powerful tool intended for developers to build apps for users with disabilities. The API lets apps read the contents of the screen and perform inputs on behalf of the user, which are essential functions for screen readers and alternative input systems. Unfortunately, these functions are also incredibly useful for malicious apps that want to steal data from users, which is why Google has been cracking down on which apps are allowed to use the Accessibility API. Google has already limited which apps on Google Play can use the Accessibility API, and in Android 13, they’re taking things one step further by heavily restricting API access for apps that the user has sideloaded from outside of an app store. And so, step by step, Google locks down more and more of Android. Some of the most fascinating and unique applications use the Accessiblity APIs, and making it harder for them to do their thing will have a chilling effect on the wild innovation we see in the Android world. For now, this restriction only applies to applications sideloaded outside of application stores (e.g, applications installed through F-Droid are not affected), but I have my doubt slippery slope is suddenly going to even out at this specific point. After all, we must be protected against ourselves at all costs.

Apple, Google, and Microsoft will soon implement passwordless sign-in on all major platforms

In a joint effort, tech giants Apple, Google, and Microsoft announced Thursday morning that they have committed to building support for passwordless sign-in across all of the mobile, desktop, and browser platforms that they control in the coming year. Effectively, this means that passwordless authentication will come to all major device platforms in the not too distant future: Android and iOS mobile operating systems; Chrome, Edge, and Safari browsers; and the Windows and macOS desktop environments. A passwordless login process will let users choose their phones as the main authentication device for apps, websites, and other digital services, as Google detailed in a blog post published Thursday. Unlocking the phone with whatever is set as the default action — entering a PIN, drawing a pattern, or using fingerprint unlock — will then be enough to sign in to web services without the need to ever enter a password, made possible through the use of a unique cryptographic token called a passkey that is shared between the phone and the website. Passwords are a terrible security practice, and while password managers make the whole ordeal slightly less frustrating, using my phone’s fingerprint reader to log into stuff seems like a very welcome improvement.

Microsoft open-sourced the code for 1995’s 3D Movie Maker because someone asked

Ars Technica writes: Back in 1995, the Microsoft Kids division of the company released a program called Microsoft 3D Movie Maker. The same year that the original Toy Story proved that feature-length 3D computer animation was feasible, people could install software on their home computers that could spit out crude-but-creative 3D animated movies at 6 to 8 frames per second. Aside from releasing Doraemon and Nickelodeon-specific versions of Movie Maker later on, Microsoft never really returned to this software… until now. Microsoft Developer Division Community Manager Scott Hanselman announced yesterday that Microsoft was open-sourcing the code for 3D Movie Maker, posting it to Github in a read-only repository under an MIT license. Microsoft made some seriously weird products back in the ’90s, and this is definitely one of them. It’s great to see things like this released as open source – these are not the products that set the world on fire, but the idea to get it to compile and run on modern systems will surely spark the imagination of quite a few developers.

Sculpt OS release 22.04 available

Sculpt OS version 22.04 introduces the concept of service-level sandboxing and features completely new drivers for wireless, graphics, and USB. On the user-visible surface, the new version of Sculpt OS looks and feels familiar to users of the previous version. Under the hood, however, at the nitty-gritty hardware-support level, it features completely revamped device drivers for Intel wireless, Intel graphics, and USB. Get Sculpt OS’ latest release from the download page, and be sure to read the documentation for more detailed information.

Trinity Desktop Environment R14.0.12 released

The Trinity Desktop Environment, a fork of the KDE 3.x codebase, has released its latest version. This release comes with a new D-Bus based polkit authentication agent, new markdown document viewer, support for HTML5 in Quanta, support for Let’s Encrypt certificates, some improvements to GUI options, better cooperation between tdm and plymouth, fix for ICEAuthority ownership stealing when using sudo, various other bug fixes and improvements. It also adds support for Ubuntu Jammy while it drops support for Debian Jessie and Ubuntu Trusty. C++11 is now allowed in the code base. I doubt the audience for a KDE 3.x desktop is massive, but thanks to the wonders of open source – the people that want it, can have it.

Unity 7.6 released for testing

Unity 7.6 will be the first major release of Unity in 6 years (the last release was in May 2016). We have restarted the active development of Unity7 and will be releasing new versions with more features regularly. I was never a fan of Ubuntu’s Unity, but I’ve seen quite a few people over the years who miss it. Your call has been answered – this first release has a a lot of visual touch-ups and updates to make it look a bit more modern, and there’s bugfixes in here, too, of course.

Redox OS 0.7.0 released

A lot has changed since release 0.6.0! First thing, it is impossible to collect all the changes that happened since December 24, 2020 into one set of release notes, so this will focus on the highlights. It was very important to me that this be a release targeting the foundations of Redox OS. This includes, the bootloader, the filesystem, the package manager, the kernel, the drivers, and much more. The focus was on enabling Redox OS to boot on the widest set of hardware possible. Redox is a Rust-based operating system with a microkernel and a UNIX-like paradigm and an optional GUI. Its lead developer works for System76 as principal engineer.

Android 13 beta 1 released

It’s already April and we’ve been making steady progress refining the features and stability of Android 13, building around our core themes of privacy and security, developer productivity, as well as tablet and large screen support. Today we’re moving into the next phase of our cycle and releasing the first Beta of Android 13. Android 13 development seems to be ahead of the regular schedule.

The first developer preview of Privacy Sandbox on Android

Today, we’re releasing the first developer preview for the Privacy Sandbox on Android, which provides an early look at the SDK Runtime and Topics API. You’ll be able to do preliminary testing of these new technologies and evaluate how you might adopt them for your solutions. This is a preview, so some features may not be implemented just yet, and functionality is subject to change. See the release notes for more details on what’s included in the release. We’ll see if this initiative will have a material impact on user privacy on Android, but I have my sincerest doubt. Even if does make more applications respect your privacy, I have a feeling this is going to be a classic situation of “rules for thee but not for me” (a phrase far newer and more recent than I realised).

Celebrating 40 years of ZX Spectrum

Well color me old! The ZX Spectrum (affectionately known as “Speccy” or just “Spectrum” by its fans), one of the best-selling microcomputers of all time, was released 40 years ago today. Can you believe it still has a large and active community creating new content, archiving old content, and hacking on all sorts of hardware? I have never owned or used one, but the Spectrum is one of those machines everyone is familiar with – like the C64, the Apple II, TRS 80, and so on.

Apple Self Service Repair store now available

Apple today launched the Self Service Repair Store, allowing iPhone customers in the United States access to parts and manual that they can use to repair their own devices. The new store enables repairs of iPhone SE, iPhone 12 and iPhone 13 components, including display, battery and camera replacements. Apple also said it will launch Mac self-service repairs later this year. A good start.

Microsoft’s internal upgrade to Windows 11

Microsoft’s upgrade to Windows 11 is largely considered the smoothest we’ve ever had. The Microsoft Digital Employee Experience team was able to upgrade 190,000 employee devices in just five weeks. We learned a lot so, in this post, I’m sharing our learnings with you to help with your deployment journey. Our success was built around several factors: far fewer app compatibility challenges than in the past, not needing to build out a plethora of disk images, and delivery processes and tools already that were greatly improved during the rollout of Windows 10. We divided our upgrade into three stages: plan, prepare, and deploy. It would be pretty pathetic if not even Microsoft itself could smoothly update its employees’ machines to the latest version of Windows, but that being said – I do not envy the people tasked with doing so.

How macOS manages M1 CPU cores

CPUs in Apple Silicon chips are different, as they contain two different core types, one designed for high performance (Performance, P or Firestorm cores), the other for energy efficiency (Efficiency, E or Icestorm cores). For these to work well, threads need to be allocated by core type, a task which can be left to apps and processes, as it is in Asahi Linux, or managed by the operating system, as it is in macOS. This article explains how macOS manages core allocation in all Apple’s M1 series chips, in what it terms asymmetric multiprocessing (AMP, although others prefer to call this heterogeneous computing). This design has now also made its way to x86 with Intel’s 12th Gen processors.