Thom Holwerda Archive

Ubuntu 20.04 LTS released

Ubuntu 20.04 LTS on the desktop is shipping with GNOME 3.36 and its plethora of improvements, improved OpenZFS support as an experimental option, the Linux 5.4 LTS kernel and the many improvements the new kernel brings, WireGuard VPN support, and a wealth of other package updates. I’ve been running it on my laptop since the beta, upgraded from 19.10, and it’s been smooth sailing.

Apple aims to sell Macs with its own chips starting in 2021

The Cupertino, California-based technology giant is working on three of its own Mac processors, known as systems-on-a-chip, based on the A14 processor in the next iPhone. The first of these will be much faster than the processors in the iPhone and iPad, the people said. Apple is preparing to release at least one Mac with its own chip next year, according to the people. But the initiative to develop multiple chips, codenamed Kalamata, suggests the company will transition more of its Mac lineup away from current supplier Intel Corp. I wonder just how locked-down these ARM Macs will be. Will it be App Store-only? Can you change default applications on ARM macOS? Can you install a browser engine other than WebKit? Do you have access to the file system? Will it ship with a terminal? I’m not so sure macOS users should be excited about ARM Macs.

ARM development for the office: unboxing an Ampere eMag workstation

One of the key elements I’ve always found frustrating with basic software development is that it can often be quite difficult to actually get the hardware in hand you want to optimize for, and get a physical interaction that isn’t delayed by networking or logging in or anything else. Having a development platform on the desk guarantees that direct access, and for the non-x86 vendors, I’ve been asking for these for some time. Thankfully we’re now starting to see some appear, and Avantek, one of the Arm server retailers, have built an Ampere eMag workstation out of a server board, with some interesting trickery to get it to fit. They sent us one to have a look at. This is only the unboxing and short first impressions, but I am unreasonably excited about what are effectively bog-standard PCs, but with an ARM processor. I can’t wait for these machines to come down in price, because this is the first time in a long, long time that we’ve seen what could become a serious challenge to x86 in its traditional space: desktops and laptops. Once AnandTech publishes its actual review, I’ll be on top of that, too.

Is MIPS dead? Lawsuit, bankruptcy, maintainers leaving and more

But in recent months, MIPS related news has not been so good. First, Wave Computing decided to end MIPS Open Initiative in November 2019, then Paul Burton and Ralf Baechle removed themselves from the Linux kernel MIPS maintainer list in February 2020, as their work with MIPS ended leaving Thomas Bogendoerfer as the only maintainer. But this month, things turned for the worse, with CIP United filing a lawsuit against MIPS LLC on April 6, before announcing the company had obtained exclusive MIPS license rights for mainland China, Hong Kong, and Macau on April 11, 2019 (Click on News in top menu of this link). In my mind, I had written off MIPS as a thing of the past anyway – but it’s still sad to see if tangled up in legal disputes and lack of attention.

The osFree project

We’re all aware of Haiku, the open source re-implementation of BeOS. This week, I found out a similar effort is underway to recreate OS/2 Warp 4 as an open source operating system. osFree is a Free Open Source software operating system development project, aiming to replace eventually all OS/2 subsystems with Open source analogues. It aims for OS/2 Warp 4 (Merlin) as a base compatibility system, which does not mean that we will not support features of newer (OS/2 Warp Server for e-business, eComStation and ArcaOS) OS/2 versions. This includes rewriting not only user-level code but the OS/2 kernel too. The project is very much in its early alpha stages, so don’t expect to boot into osFree any time soon. That being said, they have made progress over the years, and their current status explains how far along they are. osFree project is deep in the alpha stage. At the present time the osFree project work with low-level parts of operating system like loader and related tools. We also try to develop an experimental prototype of OS/2 personality for L4 microkernel. Also we have set of command line tools like CMD.EXE and file/disk maintenance utilities. I absolutely adore OS/2, and while I understand all too well a project like this won’t be finished overnight – look at Haiku – I do love that it’s being worked on.

Linux kernel lockdown, integrity, and confidentiality

The Linux kernel lockdown patches were merged into the 5.4 kernel last year, which means they’re now part of multiple distributions. For me this was a 7-year journey, which means it’s easy to forget that others aren’t as invested in the code as I am. Here’s what these patches are intended to achieve, why they’re implemented in the current form and what people should take into account when deploying the feature. Root is a user – a privileged user, but nevertheless a user. Root is not identical to the kernel. Processes running as root still can’t dereference addresses that belong to the kernel, are still subject to the whims of the scheduler and so on. But historically that boundary has been very porous. Various interfaces make it straightforward for root to modify kernel code (such as loading modules or using /dev/mem), while others make it less straightforward (being able to load new ACPI tables that can cause the ACPI interpreter to overwrite the kernel, for instance). In the past that wasn’t seen as a significant issue, since there were no widely deployed mechanisms for verifying the integrity of the kernel in the first place. But once UEFI secure boot became widely deployed, this was a problem. If you verify your boot chain but allow root to modify that kernel, the benefits of the verified boot chain are significantly reduced. Even if root can’t modify the on-disk kernel, root can just hot-patch the kernel and then make this persistent by dropping a binary that repeats the process on system boot. These patches are intended to prevent that, and this blog post goes into detail about how it all works.

Inside the Am2901: AMD’s 1970s bit-slice processor

You’re probably familiar with modern processors made by Advanced Micro Devices. But AMD’s processors go back to 1975, when AMD introduced the Am2901. This chip was a type of processor called a bit-slice processor: each chip processed just 4 bits, but multiple chips were combined to produce a larger word size. This approach was used in the 1970s and 1980s to create a 16-bit, 36-bit, or 64-bit processor (for example), when the whole processor couldn’t fit on a single fast chip. The Am2901 chip became very popular, used in diverse systems ranging from the Battlezone video game to the VAX-11/730 minicomputer, from the Xerox Star workstation to the F-16 fighter’s Magic 372 computer. The fastest version of this processor, the Am2901C, used a logic family called emitter-coupled logic (ECL) for high performance. In this blog post, I open up an Am2901C chip, examine its die under a microscope, and explain the ECL circuits that made its arithmetic-logic unit work. A very detailed, technical look at this processor.

Proton has brought about 6000 games to Linux so far

Proton has done far more for Linux gaming than any porting company out there, by bringing about 6000 games to us in less than 2 years. There’s about 100 games every month that get a Platinum rating according to ProtonDB. (because of the recent changes on ProtonDB rating, this is now more accurate than it was before). Proton has become better over time: the percentage of games getting a Platinum rating is steadily increasing over time as well – it used to be about 40% of all unique games reported, and now we are closer to 50%. This is cumulative, so the range will vary month by month but the trend is very clear. Proton is one of the biggest contributions to desktop Linux in at least the past ten years. Thanks to Proton, I now play all my games on Linux, and could finally just remove Windows from my desktop altogether. All I do when I want to buy a game that doesn’t support Linux natively is check ProtonDB, and if the rating is platinum (works out of the box) or gold (might need to run a command, move a file around, or select a specific Proton version in Steam), I just buy it without further issues. If it’s rated silver, I’ll take a more detailed look and weigh the work vs. the benefit. It’s been amazing, and I pretty much forget which games in my Steam library use Proton, and which don’t. It’s so seamless and effortless that I don’t have to know – from big, triple-A titles, all the way down to small indie games.

Visopsys 0.9 released

Visopsys is a hobby OS for x86-compatible PCs, started in 1997.  Version 0.9 was released this morning, and there’s a change log. The summary: This major release offers a subtly updated look, enhanced networking capabilities and associated programs, Unicode support, a software packaging/download/install/uninstall infrastructure with an online ‘store’, a user space window shell, VMware mouse integration, HTTP, XML, and HTML libraries, some C++ and POSIX threads (pthreads) support, ‘pipes’ for interprocess communication, and additional hashing algorithms. Visopsys has a long history on OSNews – the oldest mention being from 2005. It’s been in relatively steady development ever since.

Bill Gates is now the leading target for coronavirus falsehoods, says report

Bill Gates is now the favorite target for coronavirus misinformation according to data compiled by the New York Times and Zignal Labs, a company that analyzes media sources. Conspiracy theories conflating Gates with the virus were mentioned 1.2 million times on TV and social media from February to April, 33 percent more often than the 2nd most popular conspiracy theory linking 5G with COVID-19, according to Zignal Labs, peaking at 18,000 mentions a day in April. It’s cheaper to be an idiot than to be responsible.

The decline of usability

Today, it seems we’re on another track completely. Despite being endlessly fawned over by an army of professionals, Usability, or as it used to be called, “User Friendliness”, is steadily declining. During the last ten years or so, adhering to basic standard concepts seems to have fallen out of fashion. On comparatively new platforms, I.E. smartphones, it’s inevitable: the input mechanisms and interactions with the display are so different from desktop computers that new paradigms are warranted. Worryingly, these paradigms have begun spreading to the desktop, where keyboards for fast typing and pixel-precision mice effectively render them pointless. Coupled with the flat design trend, UI elements are increasingly growing both bigger and yet somehow harder to locate and tell apart from non-interactive decorations and content. I doubt anyone here will disagree with the premise of this article, even if you might disagree with some of the examples. These past few weeks I’ve set up virtual machines of all the old Windows releases just to remind myself of just how good the graphical user interface introduced in Windows 95 was perfected over the years, culminating in the near-perfect Classic theme in Windows XP and Server 2003. Later iterations of the Classic theme, in Vista and onward, would sadly retain some of the Aero UI elements even when setting the Classic theme, ruining the aesthetic, and of course, the Classic theme is gone altogether now – you can’t set it in Windows 10. Similarly, Platinum in Mac OS 9 is still more coherent, more usable, and more intentful than whatever macOS brought to the table over the years. We can find solace in the fact that trends tend to be cyclical, so there’s a real chance the pendulum will eventually wing back.

Sculpt OS 20.02 released

With the release of Sculpt version 20.02, we follow our roadmap’s mission to make Sculpt OS easier to approach. In particular, we identified the reliance on a command-line interface as a potential barrier of entry. As Sculpt OS is not a Unix-like system, it should not require any Unix know-how from the user. To relieve users from this burden, Sculpt 20.02 introduces a custom graphical file browser and editor that can be used for interactively inspecting and tweaking the state of the system. The traditional command-line interface is still present as a fallback for advanced tasks though. The updated manual goes into detail about the use of the new system. Sculpt OS is related to the Genode project – a popular mainstay at OSNews – and basically ties a number of their technologies together into a general purpose desktop operating sytsem. Sculpt is an open-source general-purpose OS. It combines Genode’s microkernel architecture, capability-based security, sandboxed device drivers, and virtual machines in a novel operating system for commodity PC hardware. Sculpt is used as day-to-day OS by the Genode developers. The download page provides a ready-to-go VirtualBox image, so if you want to play with Sculpt OS – they couldn’t have made it any easier.

Windows 10 to get Spotlight-like launcher with PowerToys

Microsoft is working on a tool that will let you replace the Windows Run feature on Windows 10. The Spotlight-like launcher for Windows 10 will be released later this year, as part of the company’s effort to customize Win+R and give users numerous features but keep the handling as easy as possible at the same time. Microsoft’s Spotlight-like launcher for Windows 10 is said to be part of PowerToys upcoming update. According to Microsoft, PowerToys Run is designed to replace Win + R shortcut. I use Ulauncher on my computers, and I can’t imagine using them without it. It’s about time a similar feature came from Microsoft, but the fact it’s a separate PowerToy thing and not a default on Windows means it’ll remain a niche thing. This should be standard out of the box.

GNOME Shell UX plans

The lock screen work that we landed in 3.36 was the outcome of a long-running programme of UX work, which we first put together at the GNOME UX hackfest in London, back in 2017. There are still some outstanding pieces of the login/unlock experience that need to be filled in, and this is something that we hope to work on over the coming development cycle. However, we are also turning our attention to other aspects of the shell, which we have wanted to update for some time. In the rest of this post, I’ll describe some of the areas that we’re hoping to improve, before going on to talk about how we’re going to do it. An overview of what to expect from upcoming GNOME releases.

The KWinFT project

I am pleased to announce the KWinFT project and with it the first public release of its major open source offerings KWinFT and Wrapland, drop-in replacements for KDE’s window manager KWin and its accompanying KWayland library. The KWinFT project was founded by me at the beginning of this year with the goal to accelerate the development significantly in comparison to KWin. Classic KWin can only be moved with caution, since many people rely on it in their daily computing and there are just as many other stakeholders. In this respect, at least for some time, I anticipated to be able to push KWinFT forward in a much more dynamic way. This is a great concept, and will allow more experimentation and exciting new features in a place where this normally simply doesn’t make much sense.

Solaris 11.4 SRU20 released

We’ve just released SRU 20 for Oracle Solaris 11.4, the April 2020 CPU. It is available via ‘pkg update’ from the support repository or by downloading the SRU from My Oracle Support Doc ID 2433412.1. The administrator of my organisation needs to supply me with a Support Identifier before I can do something as simple as read the documentation about this new version, so I have no idea what to tell you. I guess Solaris technically isn’t dead yet?

Riot Games, maker of League of Legends, installs rootkit with their new hit game Valorant

If an application from a Chinese company installed a kernel driver onto your system with complete access to your computer, but they pinky-promised not to abuse this access and power, would you install the application? Well, if you’re interested in Riot Games’ new hit game Valorant, that’s exactly the question you’re going to have to answer. Riot Games, the company behind one of the most popular games in the world, League of Legends, recently starting publicly beta testing their new game, Valorant. Two months ago, the company penned a rather condescending blog post detailing their future anti-cheat technology, which would include a Windows kernel driver (running in ring 0, in x86 parlance). Valorant is their first game using this kernel driver, and as it turns out, this kernel driver starts at boot, and due to its very nature has full system access, even when you’re not running Valorant. According to Riot Games, we just have to trust them on their blue eyes that their kernel driver is fully secure and won’t be exploited by malicious third parties, and that the company won’t use it to spy on people or otherwise violate their privacy. Riot states on Reddit that “multiple external security research teams” have reviewed the driver, but as far as I can tell, these reviews have not been published for public vetting. What we’re dealing with here is a rootkit, a method more and more anti-cheat systems are employing in the fight against cheating. The argument is that game developers need full, complete, and total access to your system in order to prevent you from cheating, and a kernel driver is how they do it. There’s a long history of these sorts of things going horribly, horribly wrong. We all still remember the Sony rootkit debacle, where Sony CDs installed rootkits on users’ computers that ended up being exploited left, right, and centre by malicious parties. In 2016, Capcom installed a similar rootkit meant for anti-cheat with Street Fight V, which was an absolute security train wreck. And closer to home for Riot, the game client for their very own League of Legends installed crypto miners on users’ computers in the Philippines. Despite the inherent dangers in installing closed-source security-by-obscurity rootkits, Riot is dead-set on continuing to use them, and it’s only a matter of time before their rootkit will be forced upon League of Legends players as well – which in my case means I won’t be able to play League of Legends anymore even if I wanted their rootkit on my computer, since I play on Linux through Wine/Lutris, which doesn’t support kernel drivers at all. Players of Riot’s games will have to ask themselves if they trust Riot to install a rootkit with complete and full access to their system – browsing history, chat logs, email, everything. You have to trust Riot when they say the rootkit is “secure” and won’t be exploited by malicious third parties, and that the company itself won’t use it to invade your privacy. Interesting sidenote: Riot Games is owned by the Chinese company Tencent, the company behind WeChat. Tencent is, for all intents and purposes, an arm of the Chinese government, so not only do you have to trust Riot Games, you also have to trust their owner, Tencent, as well as who Tencent literally answers to – the Chinese government. I’m not going to tell anyone what they should or should not do with their computers, and if you trust Riot, Tencent, and the Chinese government enough to let them install a rootkit on your computer, then that’s your right to do so. However, I do feel users need to be at least aware of the choice they’re making.

Unemployment checks are being held up by a coding language almost nobody knows

Colorado — like most states and territories across the country — is experiencing record unemployment numbers. But the state’s unemployment system is built on aging software running on a decades-old coding language known as COBOL. Over the years, COBOL programmers have aged out of the workforce, forcing states to scramble for fluent coders in times of national crisis. A survey by The Verge found that at least 12 states still use COBOL in some capacity in their unemployment systems. Alaska, Connecticut, California, Iowa, Kansas, and Rhode Island all run on the aging language. According to a spokesperson from the Colorado Department of Labor and Employment, the state was actually only a month or two away from “migrating into a new environment and away from COBOL,” before the COVID-19 pandemic hit. Are you one of the already 17 million people laid off in the US, losing what little health insurance you had in the process, and now you can’t even apply for unemployment assistance because some baby boomer coded the damn system in COBOL? Time to lift yourself up by the bootstraps and learn the wonders of COBOL!

Google readies its own chip for future Pixels, Chromebooks

Google has made significant progress toward developing its own processor to power future versions of its Pixel smartphone as soon as next year — and eventually Chromebooks as well, Axios has learned. The chip, code-named Whitechapel, was designed in cooperation with Samsung, whose state-of-the-art 5-nanometer technology would be used to manufacture the chips, according to a source familiar with Google’s effort. Samsung has also manufactured Apple’s iPhone chips, as well as its own Exynos processors. Apparently, Google has received the first batch in recent weeks. This development process has been one of the worst-kept secrets in the industry, since Google pretty much admitted it was developing its own mobile SoC years ago.