Monthly Archive:: December 2021
Today we are going to share the result of a bit of investigation that started a few months ago on STH. The short version, it appears as though the Dell EMC S5200-ON series switches, the company’s high-end 25GbE-200GbE switches, have license/ royalty stickers that have a different company name on them than they should have. Instead of saying “American Megatrends”, they instead said “American Megatrands”. To give some perspective, this looks strange because it would be like buying a Dell notebook and getting a “Macrosoft Wandows” license sticker on it. Through a fairly rough October, we validated that indeed these stickers are in the wild. Ultimately, after we brought their existence to American Megatrends (AMI) and Dell’s attention (HPE did not care enough to investigate), we now have an artifact that says that American Megatrends is honoring the license stickers and will not pursue legal action against Dell’s customers or those using them. This may seem like something insignificant and innocuous, but supply chain security is a big, big deal, and the fact these clearly misspelled license/royalty stickers made their way from printing down to the end-user of not just corporate hardware but supercomputers for the US military is… Concerning, to say the least. It shows that tampering with hardware anywhere between production of the individual chips and components down to delivery by the delivery person might be a lot easier to do than we think.
I read this article (“Open Source” is Broken by Xe) written in the aftermath of the unfortunate log4j2 fiasco. The author discusses a pertinent problem that has plagued the FOSS (Free and Open Source) world ever since large for-profit corporations started their widespread consumption of FOSS, ever since countless “unicorns” raised infinite amounts of funding on valuations built pretty much entirely on FOSS, ever since FOSS got co-opted into corporatisation and capitalisation. And yet, countless maintainers of critical and widely used FOSS struggle to make a living. Whose fault is this? I do not believe that this is FOSS’ fault as a conceptual framework or a system. If FOSS was broken, the internet as we know it today wouldn’t exist; the countless marvels of technology that we take for granted and techno-economies that thrive on them wouldn’t exist; millions of software developers (like me) who learnt to write code with FOSS and learnt to make a living with that knowledge wouldn’t exist. How is it that FOSS, a beautiful system that has uplifted and empowered massive swathes of human beings across the globe irrespective of their borders, race, creed, and economic backgrounds, is “broken”? To imply that FOSS is broken because it is abused by a certain category of users, is a form of victim blaming. Reading the various hot takes regarding the log4j2 problems has been an exercise in frustration. The fact that the maintainers of this small but important piece of software barely received any donations or other forms of financial support, despite their software being extensively used by some of the largest corporations in the world is not a fault of open source – it’s the fault of garbage corporations only taking, but rarely giving. The issue here is not open source – it’s unchecked capitalism. That being said, these maintainers, and other people who contribute to open source projects, know full well it’s most likely not going to make them rich, or even allow them to recoup any investments made. That’s the nature of open source, and it seems like the technology world has become so infested with venture capitalists that even the mere idea of someone working on something not for the money, but for other reasons seems entirely alien to a lot of people, meaning open source must, therefore, be broken. Money corrupts anything it touches. I’m insanely grateful for the almost endless number of people contributing to open source projects not because they expect to become rich, but because they enjoy doing it, to show off their skill, for the community of people they love interacting with, for the recognition it sometimes brings, or for the mere secret knowledge that their small project nobody’s ever heard of is a crucial cog in the massive machinery that keeps the technology world spinning. Open source isn’t broken. It’s working exactly as intended, and it’s by far the most powerful force in the technology world, and it will outlive any of the corporations so many people bend over backwards to please today.
So you want to play Adventure, but don’t know how to turn on the PDP-11? These instructions are for booting our dual rack machine from its RL01 drives, although booting the single cabinet machine from the RK05 is very similar. Detailed instructions for booting a PDP-11, including lots and lots of photos.
Today, the Commission has adopted new rules on Open Source Software that will enable its software solutions to be publicly accessible whenever there are potential benefits for citizens, companies or other public services. The recent Commission study on the impact of Open Source Software and Hardware on technological independence, competitiveness and innovation in the EU economy showed that investment in open source leads on average to four times higher returns. The Commission services will be able to publish the software source code they own in much shorter time and with less paperwork. Good. A small step, sure, but my hope remains that eventually, we come to realise that for our own safety and security, all code must be open source, no matter if it’s from Apple, Microsoft, or anyone else. We can’t continue down our current path where some of the most crucial, elemental parts of our society rely entirely on closed code of which we have no idea what it is – or isn’t – doing.
Some time ago I stopped releasing EasyOS as an ISO file, from then onward as a drive image file only. This has been contentious, and I receive emails from people lamenting the demise of the ISO. So, I should post some thoughts why I made this decision. Not an exhaustive rationale, just some thoughts while I think of them right now… The ISO9660 file format is very old, going right back to 1988, and has since then had enhancements bolted on, see the Wikipedia ISO9660 page. In addition, there is the “hybrid ISO”, enabling booting from a USB-stick, and on top of that enhancements to enable booting from either or both legacy-BIOS and UEFI firmware computers, see here. I think I agree. ISO files have become a bit of a headache lately, and I’d much rather just use a straightforward image I can dd to a USB drive.
ArcaOS 5.0.7 includes refreshed driver content, updated kernel and included software, as well as installation boot fixes since 5.0.6 was released in 2020. If you have experienced difficulty installing previous releases of ArcaOS on your hardware, 5.0.7 may address your issue(s). If installing from USB stick, the image may be created using any major operating system at hand (Windows, Linux, MacOS, and of course, OS/2, eComStation, and ArcaOS). Once built, the USB stick can be inserted into any USB port in the target system to boot into the ArcaOS installer/updater. This is an important update, as boot issues during installation were a problem on all my machines. I’m hoping this release will address them, since running ArcaOS on real hardware, instead of in a virtual machine, makes me giddy with excitement – especially since an updated, modern browser is on its way, too.
In an extensive paywalled report based on interviews and purported internal Apple documents, The Information revealed that Tim Cook personally forged a five-year agreement with the Chinese government during a series of in-person visits to the country in 2016. The need to push for a closer alliance with the Chinese government reportedly came from a number of Apple executives who were concerned about bad publicity in China and the company’s poor relationship with Chinese officials, who believed that Apple was not contributing enough to the local economy. Alleged internal documents show that Cook “personally lobbied officials” in China over threats made against Apple Pay, iCloud, and the App Store. Cook set out to use a “memorandum of understanding” between Apple and a powerful Chinese government agency called the National Development and Reform Commission to formally agree to a number of concessions in return for regulatory exemptions. The 1,250-word agreement was written by Apple’s government affairs team in China and stewarded by Cook as he met with Chinese officials. It was already well-known that Tim Cook and Apple were closely cooperating with the Chinese regime, but it seems they even went as far as begging and groveling to work with the Chinese regime in incredibly close ways. Mind you, that same regime Apple is so keen to closely cooperate with and please is currently executing a genocide to ethnically cleanse China. I’ve heard all the spineless corporatist excuses a million times. “Apple is just following Chinese law!” No. “Vote with your wallet!” No. “It’s not illegal so who cares if they aid a genocidal regime!” No. We throw minorities in jail for carrying a few grams of drugs, but we let corporations and executives who plot and scheme with genocidal regimes run free. Is that justice? We have devolved into a society where we just accept this – and that worries me just as much as all the other existential threats we’re facing.
We are very excited to introduce to all of you the redesigned Notepad for Windows 11, which includes a number of changes we think the community will enjoy! First, you will notice a completely updated UI that aligns with the new visual design of Windows 11, including rounded corners, Mica, and more. We know how important Notepad is to so many of your daily workflows, so we designed this modern spin on the classic app to feel fresh, but familiar. I mean, it’s just a notepad application, but finally seeing a modern Notepad from Microsoft is quite something for a company that’s been so lazy with its first-party applications for such a long time. I wonder if word wrap is still turned off by default?
Another 6 months have passed and we are proud to announce the release of our 2021.10 snapshot. The images are available at the usual place. As usual we have automatically received all updates that have been integrated into illumos-gate. The new images are interesting for people with newer hardware that hasn’t been supported in the past. There is no necessity to re-install from newer images as OpenIndiana Hipster is a rolling release and will bring all updates with a simple call of “pfexec pkg update -v”. That’s all there’s to it, as there are no further details or release notes at this point, and I’m not well-versed enough in the world of Solaris and OpenIndiana and similar offshoots to provide more details myself.
I won’t bury the lede, by the end of this article you should be able to write your name in crazy diacritics like this: Ḡ͓̟̟r̬e̱̬͔͑g̰ͮ̃͛ ̇̅T̆a̐̑͢ṫ̀ǔ̓͟m̮̩̠̟. This article is part of the Unicode and i18n series motivated by my work with internationalization in Firefox and the Unicode ICU4X sub-committee. There are three motivations behind linking to this article. First, it’s an deep technical look at how Unicode handles complex diacritics, which in and of itself is interesting. Second, it’s related to language and writing, which sparks my person interest. And third and finally, I want to see if this will break OSNews. Sorry Adam.
FreeBSD 12.3 has been released. As a true point release, there’s no major new features or massive updates in here – there’s updated network drivers, kernel bug fixes, and so on. The full release notes have all the details.
Microsoft has been courting much controversy in Windows 11 by making it difficult to set your default browser to anything but Edge. After much outcry and a seeming change in strategy, Microsoft appears to have come round in the latest Windows 11 Insider Builds, and are now making it relatively easier to set the default browser to your own preference. This was an untenable situation, and I’m glad for Windows users Microsoft has relented. However, as always, this once again goes to show that with platforms like Windows, you are entirely at the mercy of corporate control and manipulation – down to your individual application choices. Not a good place to be.
Genode 21.11 puts the spotlight on device drivers. Interactive Genode scenarios come to the Pinephone, hardware-accelerated graphics becomes available on Intel Gen9+ and Vivante GPUs, and Xilnx Zynq receives new love. Excellent progress, as always from the Genode team.
Someone or multiple people are blasting “antiwork” manifestos to receipt printers at businesses around the world, according to people who claim to have seen the printed manifesto, dozens of posts on Reddit, and a cybersecurity company that is analyzing network traffic to insecure printers. An intersection between technology and social issues – and an inventive and effectively harmless one, too. Especially the United States, but a lot of other countries too, desperately needs a lot more strong unions, and if this plays even a small role in getting there, it’s worth it.
Thanks in large part to the hard work by X512 and everyone developing on Haiku, our nightly RISCV64 images are now functional. RISC-V marks Haiku’s first functional non-Intel/x86 port! This is still crazy to me. This port has taken relatively little time, yet it marks a major milestone in Haiku’s history.
This is what I think we should shoot for in KDE: software that is simple by default so it can work for 1-dot users, but powerful when needed via expansive customization, so that it can appeal all the way to the 4-dot users–which includes many KDE developers. This is currently a strength of KDE software, and it won’t be going away! Essentially we need to fully embrace Plasma’s motto of “Simple by default, powerful when needed” all KDE software, not just Plasma. Nate Graham, KDE developer, is arguing that KDE needs simpler defaults – without losing the customisability that makes KDE, well, KDE. I think this is a good goal – especially since many distributions can opt for different defaults anyway. KDE is an amazing collection of software, but there’s no denying its plethora of options and customisation can also be intimidating and a little bit overwhelming, even for experienced users such as myself. Of course, this can only really work if the option to tweak every individual pixel remains available for those of us that want it – we don’t need Knome.
The Federal Trade Commission today sued to block U.S. chip supplier Nvidia Corp.’s $40 billion acquisition of U.K. chip design provider Arm Ltd. Semiconductor chips power the computers and technologies that are essential to our modern economy and society. The proposed vertical deal would give one of the largest chip companies control over the computing technology and designs that rival firms rely on to develop their own competing chips. The FTC’s complaint alleges that the combined firm would have the means and incentive to stifle innovative next-generation technologies, including those used to run datacenters and driver-assistance systems in cars. It seems increasingly unlikely that this acquisition will go through. I think that’s a good thing – while I’d rather Nvidia purchase ARM than Apple, Google, Microsoft, or Amazon, an even better outcome would be a profitable, independent ARM.
Oxide announced Hubris, their microkernel OS for embedded systems, and Humility the debugger for it. As time went on in early 2020 and we found ourselves increasingly forcing existing systems out of the comfort of their design centers, we wondered: was our assumption of using an existing system wrong? Should we in fact be exploring our own de novo operating system? Instead of having an operating system that knows how to dynamically create tasks at run-time (itself a hallmark of multiprogrammed, general purpose systems), Cliff had designed Hubris to fully specify the tasks for a particular application at build time, with the build system then combining the kernel with the selected tasks to yield a single (attestable!) image. This is the best of both worlds: it is at once dynamic and general purpose with respect to what the system can run, but also entirely static in terms of the binary payload of a particular application — and broadly static in terms of its execution. Oxide is working on producing what is basically a rack sized blade server. It’s a rack pre-populated with hardware controlled by a single control plane. The rack is meant to be a single, sealed unit, and as such, they needed something which could be embedded into the various controllers in the rack. Hubris is written in Rust, it’s MPL licensed, and there is a GitHub repository.
Guest post by