Monthly Archive:: August 2023
I doubt there’s an operating system out there that we have more preconceived notions about than Chrome OS, and most of those notions will be quite negative. Since I had little to no experience with Chrome OS, I decided it was time to address that shortcoming, and install Chrome OS Flex on my Dell XPS 13 9370 (Core i7-8550U, 16GB of RAM, 4K display), and see if there’s any merit in running Google’s desktop operating system. Installing Chrome OS Flex is a breeze. While Google warns you to stick to explicitly supported hardware, my XPS 13 9370, although not listed as officially supported, had no issues installing the operating system. The only things not working are the same things that don’t work in other Linux distributions either – the Goodix fingerprint reader (screw Dell for choosing Goodix), and the Windows Hello-focused depth camera. The latter can be made to work in Linux, but clearly Google did not go through the trouble of making it work out of the box. Everything else just worked, as you would expect from any other Linux distribution. Using an operating system primarily designed around websites as applications is a bit weird at first, but I was surprised how quickly I got used to it. Now, it is important to note that I do not do many complicated or demanding tasks on my laptop – I write OSNews articles, watch YouTube, browse around the web, and perform similar light tasks – so I’m not exactly pushing the limits of what a website-focused operating system can do. In fact, to my utter surprise, I found myself enjoying using Chrome OS quite a bit. Running websites as applications – both PWAs and plain websites opened in their own chromeless windows – has come a long way, and in many cases I barely realised I wasn’t running “native” applications. I discovered that turning websites I use often, like the OSNews WordPress backend, Wikipedia, Google Maps, and so on, into standalone applications with entries in the applications menu and dock was actually quite pleasant. Chrome OS allows you to choose if an application should run in a browser tab, or in a separate window without any browser chrome, and you can choose to open links to those websites in either a new regular tab, or in the aforementioned separate window. It all works surprisingly well – much better than I expected. Chrome OS also has quite a few features you wouldn’t expect from something mostly aimed at budget computers. It has support for various trackpad gestures, and they are very smooth and nice to use. For instance, you can swipe up with three fingers to gain an Exposé-like overview of all your running applications, which also gives you access to the virtual desktops feature. Chrome OS also comes with a few true native applications, like a surprisingly capable file manager and text editor. Other modern staples like a night light feature to reduce late-night eye strain, system-wide search, system-wide spellcheck, and others are also present. You can go deeper, too. Chrome OS comes with a complete Linux environment to run standard Linux applications. Once turned on, you gain access to a standard terminal you can use to access it, and the Linux environment’s storage becomes available in the file manager. I used it to install the regular Linux version of Steam, as well as the Flatpak of the Steam Link remote play application. Both worked just fine, although the Steam application ran extremely slow, and the Steam Link application did not seem to have access to the network, so it couldn’t find my Steam PCs. I’m chalking that one up to odd interactions between Flatpak and Chrome OS’ Linux environment. You can also link your Android device to your Chrome OS machine, giving you access to your notifications, Chrome tabs, and various toggles on your phone, such as the hotspot toggle. Sadly, this feature seems quite limited – if I get a Discord or WhatsApp notification and click it, nothing happens – even though I have both Discord and WhatsApp installed and running on Chrome OS, the operating system doesn’t seem to be able to link the phone’s notifications to the relevant installed applications, rendering the feature kind of pointless. No follow-through Chrome OS being a Google product, I was not entirely surprised to see a serious lack of follow-through in the operating system. Take the user interface’s dark mode, for instance – it’s half-baked and grossly incomplete. Various applications running in dark mode will inexplicably have a bright white titlebar, including GMail, the quintessential and flagship Google web app. I have to use an unlisted extension to fix this, but said extension is Manifest version 2, which Chrome OS warns you is deprecated and will stop working “in 2023”. It gets worse, though. Many of the most prominent Google applications do not support dark mode at all. Google Docs, Sheets, and Slides are all only available in bright white. Google Photos, an application that would undoubtedly benefit from a dark mode, does not support it. Google Calendar, Google Drive, Google Translate, and countless others are all only available in eye-searing white. Then there’s the more esoteric issues that stem from the fact you’re effectively running web sites in browser windows. If you’re familiar with Google’s various web applications, you’ll know they have this grid icon in the top-right which opens a grid menu with the various other Google web applications. While such a menu might make sense while using a web browser on other operating systems, it’s entirely confusing on Chrome OS, and breaks the operating system’s UI in interesting ways. Aside from this menu taking up valuable real estate, it also doesn’t work in the way you expect it to, since it does not respect the window-or-tab setting from Chrome OS itself. Say I have Google Docs set to to open in a chromeless window, and I launch it from the grid menu inside Google Drive, Docs will
It’s 2023, and those who have Framework’s first generation of laptops, containing Intel’s 11th-generation Core processor) might be itching to upgrade, especially with an AMD model around the corner. Or maybe, like me, they find that system’s middling battery life and tricky-to-tame sleep draining (since improved, but not entirely fixed) make for a laptop that doesn’t feel all that portable. Or they’re just ready for something new. What can you do with these old internal organs? You can always list them for sale. Or, like me, you could buy a custom-printed Cooler Master case (or 3D-print your own), transfer your laptop’s mainboard, memory, and storage over, and create a desktop that easily fits on top of your actual desk. I can’t recommend it enough as a small weekend project, as a way to get more value out of your purchase, and as a thought experiment in what kind of job you can give to a thin little slab of Framework. Framework is one of the good ones. For now.
The UK’s elections watchdog has revealed it has been the victim of a “complex cyber-attack” potentially affecting millions of voters. The Electoral Commission said unspecified “hostile actors” had managed to gain access to copies of the electoral registers, from August 2021. Hackers also broke into its emails and “control systems” but the attack was not discovered until October last year. The watchdog has warned people to watch out for unauthorised use of their data. That seems like a state-level attack, and such data could easily be used for online influence campaigns during elections, something that is happening all over the western world right now. I wonder just how bad the hack actually was? “Millions of voters” sounds bad, but… The commission says it is difficult to predict exactly how many people could be affected, but it estimates the register for each year contains the details of around 40 million people. Holy cow.
To round out our options for supporting OSNews, we’re introducing support for Liberapay, an open source alternative to Patreon. OSNews is all about promoting choice – in operating systems, in devices, in software – so giving readers the option of donating through an open source platform, located in the European Union, fits within our values. If you want to donate this way, you can go to our Liberapay page. Liberapay joins the other ways you can support OSNews: our Patreon, our Ko-Fi, and our official merch store.
Android is the first mobile operating system to introduce advanced cellular security mitigations for both consumers and enterprises. Android 14 introduces support for IT administrators to disable 2G support in their managed device fleet. Android 14 also introduces a feature that disables support for null-ciphered cellular connectivity. 2G is not terribly secure, so being able to disable it is a welcome move.
The Brave web browser has carved out a niche over the past few years as an alternative to Google Chrome, Mozilla Firefox, and other mainstream web browsers. Some of that has come from its marketing as a privacy-preserving web browser, and it has also been repeatedly evangelized by cryptocurrency enthusiasts. If someone recommends Brave to you, you should ignore them, because they are wrong. Brave Browser is a mess of a software project, and the company building it is even worse. Do not use Brave. It’s a Chrome skin from a slimy company peddling crypto schemes, building an ad network, hijacking the URLS you type to get affiliate money, ran by a homophobe. There are so many better and less sleazy alternatives. Use those instead.
The GNU/Hurd is the Sagrada Família of the Software World: having started to develop in 1990, the GNU/Hurd has yet to reach version 1.0. The Linux kernel, on the other hand, began development in 1993 and was initially considered a “kludge” until the Hurd was completed. It is now matured and widely used. Like the Loch Ness Monster, many believe that GNU/Hurd is vaporware and does not exist. It does exist and continues to evolve, albeit at a slow pace. Just recently, the Debian GNU/Hurd 2023 has been released. You can use the GNU/Hurd right now. This article takes a look at what it’s like to use Debian GNU/Hurd in a virtual environment in the cloud, to sidestep the lack of driver support, and highlights some of the unique features of this platform.
After three years, there’s a new Window Maker release – version 0.96.0 – and it’s got some useful new features. First, the NeXTSTEP-inspired window manager now supports hot corners, so you can send your mouse to a corner of your display and have it execute a command. Second, you can now set keyboard shortcuts for various functions related to taking screenshots, which is a very welcome addition. On top of these, there’s a few smaller new features as well.
Which is precisely how it feels using using the Beepy from SQFMI. The handheld device, which was formerly known as the Beepberry before its creators received an all-to-predicable formal complaint, is unabashedly designed for Linux nerds. Over the last couple of weeks playing with this first-run hardware, I’ve been compiling kernel drivers, writing custom scripts, and trying (though not always successfully) to get new software installed on it. If you’re into hacking around on Linux, it’s an absolute blast. There’s a good chance that you already know if the Beepy is for you or not, but if you’re still on the fence, hopefully this in-depth look at the hardware and current state of the overall project can help you decide before SQFMI officially starts taking new orders for the $79 gadget. This isn’t for me, but it surely is one hell of a cool device. The pricing is low enough I might still nab one, though, as it’s almost in impulse buy territory.
The latest version of Intel Arc GPU Graphics Software introduced an interesting change that isn’t reflected in the Release Notes. The installer of the 101.4578 beta drivers add a “Compute Improvement Program” (CIP) component as part of the “typical” setup option that is enabled by default. Under the “custom” installer option that you have to activate manually, you get to select which components to install. The Compute Improvement Program can be unchecked here, to ensure data collection is disabled. The benignly named CIP is a data collection component that tracks your PC usage and performance in the background (not just that of the GPU), so Intel can use the data to improve its future products. Intel created a dedicated webpage that spells out what CIP is, and what its scope of data collection is; where is says that CIP “does not collect your name, email address, phone number, sensitive personal information, or physical location (except for country).” NVIDIA’s and AMD’s drivers also contain telemetry collection software, and only AMD tries to be as transparent as possible about it by offering a check box during installation, whereas Intel and NVIDIA hide it behind the “custom” option. Needless to say, Linux users don’t have to worry about this.
I’ve never used Zoom or similar tools, but I know it’s extraordinarily popular in the business world. You’d make a good one if you informed whomever is responsible for IT at your company that using Zoom puts your company’s data at risk.
Today, we’re announcing some important new features in Google Search to help you stay in control of your personal information, privacy and online safety. There’s improved tools to remove results about yourself, such as those containing phone numbers and such, as well as easier ways to remove explicit content about yourself, such as photos. Of course, tools such as these merely remove the results from Google Search – they don’t actually remove them from the web.
The DisplayPort altmode is semi-proprietary, but it can absolutely be picked apart if we try. Last time, we found a cool appnote describing the DisplayPort altmode in detail, switched the FUSB302 into packet sniffing mode and got packet captures, learned about PD VDMs (vendor-defined messages), and successfully replayed the captured messages to switch a USB-C port into the DisplayPort altmode. Today, we will go through the seven messages that summon the DisplayPort altmode, implement them, and tie them all into a library – then, figure out the hardware we need to have DisplayPort work in the wild. USB-C might have its problems, but it’s also incredibly cool and versatile.
In a well-intentioned yet dangerous move to fight online fraud, France is on the verge of forcing browsers to create a dystopian technical capability. Article 6 (para II and III) of the SREN Bill would force browser providers to create the means to mandatorily block websites present on a government provided list. Such a move will overturn decades of established content moderation norms and provide a playbook for authoritarian governments that will easily negate the existence of censorship circumvention tools. France wants to outdo everyone else for the worst tech policy ideas in history.
Bram Molenaar, the original author, maintainer, release manager, and benevolent dictator for life of vim has passed away today. His family announced his passing through a message using Molenaar’s account. :q
Pixel Binary Transparency responds to a new wave of attacks targeting the software supply chain—that is, attacks on software while in transit to users. These attacks are on the rise in recent years, likely in part because of the enormous impact they can have. In recent years, tens of thousands of software users from Fortune 500 companies to branches of the US government have been affected by supply chain attacks that targeted the systems that create software to install a backdoor into the code, allowing attackers to access and steal customer data. One way Google protects against these types of attacks is by auditing Pixel phone firmware (also called “factory images”) before release, during which the software is thoroughly checked for backdoors. Upon boot, Android Verified Boot runs a check on your device to be sure that it’s still running the audited code that was officially released by Google. Pixel Binary Transparency now expands on that function, allowing you to personally confirm that the image running on your device is the official factory image—meaning that attackers haven’t inserted themselves somewhere in the source code, build process, or release aspects of the software supply chain. Additionally, this means that even if a signing key were compromised, binary transparency would flag the unofficially signed images, deterring attackers by making their compromises more detectable. I’m sure thus greatly benefits the six people who have a Pixel phone.
Google resisted pleas to extend the lifetime of Chromebooks set to expire as of this June and throughout the summer. Thirteen Chromebook models have met their death date since June 1 and won’t receive security updates or new features from Google anymore. But that hasn’t stopped the Chromebooks from being listed for sale on sites like Amazon for the same prices as before. Take the Asus Chromebook Flip C302. It came out in 2018, and on June 1—about five years later—it reached its automatic update expiration (AUE) date. But right now, you can buy a “new,” unused Flip C302 for $550 from Amazon or $820 via Walmart’s Marketplace (providing links for illustrative purposes; please don’t buy these unsupported laptops). That’s just one of eight Chromebooks that expired since June while still being readily available on Amazon. The listings don’t notify shoppers that the devices won’t receive updates from Google. Completely and utterly unacceptable. Not only should these Chromebooks be supported for much longer than just a measly five years, they obviously should not be sold as new past their expiration date. I hope mandated long software/update support timelines are next on the European Union’s consumer protection shopping list, because the way these megacorporations treat the hardware they sell is absurd.
Arm is facing down its biggest competition ever, with the up-and-coming RISC-V architecture threatening to unseat it as the CPU at the center of almost every portable device. Now, one of Arm’s biggest customers is trying out RISC-V, as Qualcomm is getting involved in a joint venture dedicated to the architecture. The joint venture doesn’t have a name yet, but Qualcomm, NXP, Nordic Semiconductor, Bosch, and memory giant Infineon are all teaming up to form a new company that Qualcomm’s press release says is “aimed at advancing the adoption of RISC-V globally by enabling next-generation hardware development.” At first, the group will be focused on automotive uses, with an “eventual expansion” to IoT and mobile, Qualcomm’s biggest market. Statements of intent are easily written, so let’s hope this is more than a fart in the wind.
While casually looking for updates in the Microsoft Store, I noticed a new update for Cortana after a long time. But, instead of improving things, the latest update caused the app to stop working on Windows 11. This shouldn’t surprise anyone, considering that Microsoft’s assistant hasn’t received a single feature update in the past two years Microsoft has finally killed Cortana on Windows 11 – its Windows Phone-era assistant that debuted on desktop with Windows 10. Cortana app was the tech giant’s response to Siri in 2014, and Microsoft published a series of advertisements targeting Apple’s powerful assistant. Did anyone even use this feature? It always felt like an awful “me too!” feature trying to be edgy.
A chrultrabook is a modified Chromebook designed to run Windows, Linux, or even macOS by utilizing MrChromebox coreboot firmware. The purpose of this site is to provide comprehensive and user-friendly documentation on hardware, firmware, and operating systems. This is a cool project to make it easy to run Windows, regular desktop Linux, or even macOS on your Chromebook. Excellent documentation, too.
