To support Zero Trust deployments trying to lock down devices to only access approved network destinations, we are announcing the development of Zero Trust DNS (ZTDNS) in a future version of Windows. ZTDNS was designed to be interoperable by using network protocols from open standards to satisfy Zero Trust requirements such as those found in OMB M-22-09 and NIST SP 800-207. ZTDNS will be helpful to any administrator trying to use domain names as a strong identifier of network traffic.

ZTDNS integrates the Windows DNS client and the Windows Filtering Platform (WFP) to enable this domain-name-based lockdown. First, Windows is provisioned with a set of DoH or DoT capable Protective DNS servers; these are expected to only resolve allowed domain names. This provisioning may also contain a list of IP address subnets that should always be allowed (for endpoints without domain names), expected Protective DNS server certificate identities to properly validate the connection is to the expected server, or certificates to be used for client authentication.

↫ Tommy Jensen on the Microsoft blog

If you think I know nothing about programming – wait until you hear me talk about networking. I consider it to basically be arcane magic, and my knowledge doesn’t extend much beyond “plug in cable to make light blinky” and “unplug from power to fix light no blinky”. Network administrators are the real heroes in my eyes.

Anyway, what I do get from painfully reading this announcement over and over again until my eyes started bleeding is that ZTDNS will give network administrators more finegrained control over which DNS servers and domains are accessible, and perhaps more importantly, it will encrypt traffic between clients and the DNS server. I have no idea if this is unique, or if it even makes any sense to do so, but it seems like a good idea, especially for corporate and government networks.

I’m struggling here, y’all. Please help me out.

The notice was filed on developer platform GitHub, which Nintendo claimed housed repositories that “offer and provide access to the Yuzu emulator or code based on [it]” which “illegally circumvents Nintendo’s technological protection measures and runs illegal copies of Switch games.”

GitHub said it contacted the owners of the repositories to provide an “opportunity to make changes” before taking down the repositories, in addition to providing legal resources and information on how to file counter notices.

↫ Sophie McEvoy at GamesIndustry.biz

The legal troubles around Yuzu are a little nebulous to deal with, as there’s a lot of chatter online that Yuzu contains, or at least used, code from leaked Switch SDKs. If that is indeed true – I haven’t seen any definitive proof yet – then it makes Nintendo’s aggressiveness a lot more understandable, even for someone like me who believes emulation should be 100% legal and accessible.

FreeBSD is working on a graphical installer. Finally.

The first hurdle to overcome when testing a new Operating System is to get it installed. What is more, the first impression new users gather from an Operating System is its installation process. The state of the art for Operating System installers nowadays definitely involves a graphical process. This is the case for mainstream systems but also for other UNIX systems comparable to FreeBSD: RedHat Enterprise Linux, Ubuntu, Debian GNU/Linux, or even Devuan GNU+Linux Regardless of the technical level of the actual user, this is how the platform will be compared in the public eye.

[…]

Instead, with knowledge of the current bsdinstall(8) and bsdconfig(8) utilities, I envisioned a BSD-licensed replacement for Xdialog(1). Just like when invoking bsdconfig with the -X switch for graphical mode, it could be dropped in instead of bsddialog(1) and allow graphical installation – while sharing the infrastructure of the current installer. To avoid confusion with the current implementation of Xdialog from the x11/xdialog port, I have named its replacement gbsddialog(1). It also has to be said that Xdialog is quite obsolete (latest release in 2006) and this shows visually too.

↫ Pierre Pronchery in the FreeBSD status report

I can’t believe it’s taken FreeBSD this long to both consider and build a graphical installer. Currently being enveloped in the world of OpenBSD, there’s clearly so much the BSD world has to offer to desktop users such as myself, but at the same time, there’s a lot of low-hanging fruit that the various BSDs can address to make the experience just that little bit more pleasant. They obviously don’t have to – not every project is aiming at desktop use – but it just makes onboarding so much nicer.

The next step – perhaps in 2037 – would be to offer a desktop-oriented installation image, with a default desktop environment and settings optimised for desktop use. Right now, a lot of fiddling and optimisation for this use case is left to the user, and for newcomers such as myself this means a lot of reading, making sense of contradictory advice and suggestions, wading through endless, often outdated, online guides, and so on. Now, I don’t particularly mind doing this, but I’m sure it’s chasing people away who could end up making meaningful contributions.

Meanwhile, after trying out FreeBSD for a while a few weeks ago but it not being a good fit for me, I’m now exploring and using OpenBSD and it’s been a great experience. Although unlikely, I hope OpenBSD, too, can perhaps consider making some minor affordances to desktop users – because as I’ve learnt, OpenBSD feels right at home on a desktop, more so than I ever expected.

COSMIC Desktop Environment (DE) is a new project by System76, the company behind the popular Linux distribution Pop!_OS. In this tutorial, we will give you an overview about COSMIC DE and its features, and then we will walk you through the steps to install COSMIC Desktop Environment in the latest Fedora 40 Linux system.

↫ Senthilkumar Palani at OSTechNix

A very easy way to try out the current pre-alpha state of COSMIC. I’ll definitely be waiting on a more official release later this year, but man, does COSMIC ever seem way more polished and complete than it has any right to be at this point in time.

Microsoft is making security its number one priority for every employee, following years of security issues and mounting criticisms. After a scathing report from the US Cyber Safety Review Board recently concluded that “Microsoft’s security culture was inadequate and requires an overhaul,” it’s doing just that by outlining a set of security principles and goals that are tied to compensation packages for Microsoft’s senior leadership team.

↫ Tom Warren at The Verge

The devil is in the details regarding tying executive pay to security performance, but it we take it at face value and assume good intent – which is a laughable assumption in our corporatist world, but alas – I would like to see more of this. It’s high time executives start paying – literally and figuratively – for the failings of the companies and teams they claim to run.

Sixty years ago, on May 1, 1964, at 4 am in the morning, a quiet revolution in computing began at Dartmouth College. That’s when mathematicians John G. Kemeny and Thomas E. Kurtz successfully ran the first program written in their newly developed BASIC (Beginner’s All-Purpose Symbolic Instruction Code) programming language on the college’s General Electric GE-225 mainframe.

Little did they know that their creation would go on to democratize computing and inspire generations of programmers over the next six decades.

↫ Benj Edwards at Ars Technica

Even I have used BASIC in the past, when I was a child and discovered QBasic (or possibly GW-BASIC, I’m a bit hazy on the details) and started messing around with it. My experiences with BASIC didn’t lead to a path of ever more complex programming languages, but for huge numbers of people, it did – it’s wild just how many people over a certain age got their programming start with BASIC in the 8 bit home computer era.

I mean, 30 GOTO 10 is such a widespread morsel of knowledge it made its way into all kinds of popular media, such as a few Easter egg jokes in Futurama. BASIC has effectively achieved immortality.

Qualcomm’s Adreno 6xx architecture has been superseded Adreno 7xx, but it’s still used in countless devices, including the current-gen Snapdragon 8cx Gen 3. Here, I’ll be looking at the Adreno 640 GPU in the Snapdragon 855. Zarif98 on Reddit kindly provided a OnePlus 7 Pro, and I’ll be using that to check out Adreno 640.

Compared to the older Snapdragon 821’s Adreno 530, Adreno 640 dramatically increases compute throughput while still working within a very constrained power and thermal envelope. Process node improvements help, and TSMC’s 7 nm process should be far better than the 14 nm Samsung node used in the Snapdragon 821. But cell phone SoC constraints meant Qualcomm couldn’t go around copy-pasting basic GPU building blocks and call it a day.

↫ Chips and Cheese

Chips and Cheese with another deep dive.

Years of accumulated security debt at Microsoft are seemingly crashing down upon the company in a manner that many critics warned about, but few ever believed would actually come to light. 

Microsoft is an entrenched enterprise provider, owning nearly one-quarter of the global cloud infrastructure services market and, as of Q1 last year, nearly 20% of the worldwide SaaS application market, according to Synergy Research Group.

Though not immune to scandal, in the wake of two major nation-state breaches of its core enterprise platforms, Microsoft is facing one of its most serious reputational crises.

↫ David Jones at Cybersecurity Dive

It’s almost like having the entire US government dependent on a single vendor is a bad idea.

Just spitballing here.

With 14.9, Vanguard, Riot’s proprietary Anti-Cheat system will be deployed and active in League of Legends. This means that active enforcement of Vanguard will be in effect and working hard to make sure your queues are free from scripters, botters, and cheaters! We recently released a blog detailing the “why” behind bringing Vanguard to League that you can check out here. It’s a bit of a long read, but it does have some pictures.

↫ Lilu Cabreros in the League of Legends patch notes

The basic gist is that Vanguard is a closed-source, kernel-level rootkit for Windows that runs at all times, with the supposed goal of detecting and banning cheaters from playing League of Legends. This being a rootkit designed specifically to inject itself into the Windows kernel, it won’t work on Linux, and as such, the entire League on Linux community, which has been playing League for years now and even at times communicated with Riot employees to keep the game running, is now gone.

Interestingly enough, Riot is not implementing Vanguard on macOS, which League of Legends also supports – because Apple simply doesn’t allow it.

This is probably the most invasive, disturbing form of anticheat we’ve seen so far, especially since it involves such a hugely popular game. It’s doubly spicy because Riot Games is owned by Tencent, a Chinese company, which means a company owned and controlled by the Chinese government now has rootkits installed on the roughly 150 million players’ computers all over the world. While we’re all (rightly, in my opinion) worried about TikTok, China just slipped 150 million rootkits onto computers all over the world.

One really has to wonder where these increasingly invasive, anti-privacy and anti-user anticheat measures are going from here. Now that this rootkit can keep tabs on literally every single thing you do on your Windows computer, what’s going to be the next step? Anticheat might have to move towards using webcams to watch you play to prevent you from cheating, because guess what? The next level of cheating is already here, and it doesn’t even involve your computer.

Earlier this year, hardware maker MSI showed off a gaming monitor that uses “AI” to see what’s going on on your monitor, and then injects overlays onto your monitor to help you cheat. MSI showed off how the monitor will use the League of Legends minimap to follow enemy champions and other relevant content, and then show warnings on your screen when enemies approach from off-screen. All of this happens entirely on the monitor’s hardware, and never sends any data whatsoever to the computer it’s attached to. It’s cheating that literally cannot be detected by anything running on your computer, rootkit or not.

So, the only logical next step as such forms of cheating become more advanced and widespread is to force users to turn on their webcams, and point them at their displays.

I fired up League of Legends today on my gaming computer – which runs Linux, of course – and after the League client “installed” the rootkit, it just got stuck in an endless loop of asking me to restart the client. I’ve been playing League of Legends for close to 14 years, and while I know the game – and especially its community – has a deservedly so bad reputation, I’ve always enjoyed the game with friends, and especially with my wife, who’s been playing for years and years as well.

Speaking of my wife – even though she runs Windows and could easily install the rootkit if she wanted to, she has some serious doubts about this. When I explained what the Vanguard rootkit can do, her mouse pointer slowly moved away from the “Update” button, saying, “I’m not so sure about this…”

Anyone who has spent any time recently using non-GNOME GTK desktop environments, like Cinnamon, MATE, or Xfce, has had to deal with the unfortunate reality of a lot of GTK applications becoming GNOME applications instead, using GNOME’s own libadwaita. These applications are hard to theme, and do not integrate at all with the proper GTK applications non-GNOME desktop environments ship with. With how popular GNOME is, this has meant that the number of non-GNOME GTK applications has been dwindling.

Linux Mint, the popular Linux distribution that also develops the Cinnamon desktop environment, has long made a bundle of GTK applications called XApps – basically forks of various core GNOME 3.x applications to ensure they would have access to non-GNOME GTK applications. With GNOME effectively forking GTK into its own, unique, GNOME-specific style (like libaidwaita), other GTK environments have suffered, and XApps were intended to close that gap.

That hasn’t really happened though, as XApps remained mostly a Mint-only thing, managed by Mint, as part of the Mint/Cinnamon GitHub projects. Other distributions and GTK desktop environments, such as Xfce, MATE, Budgie, and so on, didn’t really pick them up. The Linux Mint project intends to change that, and will ‘spin off’ the XApps into its own, dedicated, independent project to facilitate cross-distribution and cross-DE collaboration, decision-making and development, all in an effort to ensure the long-term viability of non-GNOME GTK desktop environments.

They also intend to fork a lot more of the GNOME 3 applications, for the same reason I mentioned earlier: GNOME applications are no longer GTK applications, but GNOME applications – they look and feel horribly out of place in environments that don’t use the GNOME-specific libadwaita. As such, Celluloid, GNOME Calculator, Simple Scan, Baobab, System Monitor, GNOME Calendar, File Roller, and Zenity were recently downgraded in Linux Mint to their last GTK 3 versions, and will most likely be forked in the near future.

In addition, the Adwaita theme, the default GNOME/GTK theme, will be removed from the list of available themes in Cinnamon 6.2. Adwaita, too, has become increasingly GNOME-only, and thus, increasingly broken on non-GNOME desktop environments. Flat-our removing Adwaita altogether is not possible, since it’s a GTK dependency, but hiding it from the theme selector is not an issue, of course.

As project lead Clément Lefèbvre writes:

libAdwaita is for GNOME and GNOME only. We can’t blame GNOME for this, they’ve been very clear about it from the start. It was made specifically for GNOME to have more freedom and build its own ecosystem without impacting GTK.

We want to send a strong signal upstream and towards other projects. We cannot and will not support applications which do not support our users and environments.

We can’t promote applications to our users which don’t support our users. The software manager will be vigilant towards that going forward and list compatible software by default.

↫ Clément Lefèbvre

All of this is great news to hear. I’ve been making extensive use of Xfce on OpenBSD lately, and on the Fedora Xfce spin in the weeks before that, and the situation has become almost comical. If you install any GNOME application on Xfce, theming just breaks down completely, as most themes are either not made to support the massive headerbars GNOME uses, or they do support it but still look horribly out of place compared to the more sane titlebar plus menubar plus toolbar layout of traditional desktop environments like Xfce.

I’ve long been saying that the non-GNOME GTK desktop environments need to work together to formulate an answer to the onslaught of libadwaita and the GNOME-ification of GTK, because each of them risks becoming entirely tied to whatever GNOME and libadwaita decides to do, for better or worse. It seems the Linux Mint team has finally realised this as well, and I really hope – and strongly suggest – Xfce, MATE, and others join them as well.

If they don’t, there won’t be an Xfce in a few years. What’s the point in developing Xfce if you’re at the mercy of whatever choices GNOME makes?

Another month, another detailed report about the progress made in Redox, the Rust-based operating system. A major improvements this month is support for USB HID, allowing USB keyboards and mice to work on Redox, but the project does note USB hubs are still problematic and might not work properly. Thanks to these USB improvements, Redox’ desktop environment Orbital now also ran on ARM64 in Qemu for the first time, which is a great step towards running it on real ARM64 hardware.

A massive documentation pass has also taken place, fixing various errors and improving and simplifying the writing. More programs have been ported, of course, and various lower-level improvements and fixes, along with a number of other fixes and changes across the operating system.

Humans speak countless different languages. Not only are these languages incompatible, but runtime transpilation is a real pain. Sadly, every standardisation initiative has failed.

At least there is someone to blame for this state-of-affairs: God. It was him, after-all, who cursed humanity to speak different languages, in an early dispute over a controversial property development.

However, mankind can only blame itself for the fact that computers struggle to talk to each other.

And one of the biggest problems is the most simple: computers do not agree on how to write letters in binary.

↫ Cal Paterson

For most users, character encoding issues are not something they have to deal with. Programmers and other people who deal with the lower levels of computing, however, deal with this way more often than they should.

Over 35 years ago, these problems with software portability led to the emergence of the first POSIX standard in 1988. The acronym was coined by Richard Stallman, who added “X” to the end of Portable Operating System Interface. It’s meant to provide a specification of the interface that different Unix operating systems should have in common, including programming languages and tools. It’s important to note that the interface is portable, and not the implementation.

↫ vorakl

While POSIX certainly isn’t perfect, and support for it in various operating systems claiming to support POSIX even less so, there’s no denying its success. Even if the dream of 100% source code portability isn’t possible under POSIX for applications that are a little more complex than basic CLI tools, there’s enough portability that platforms like Linux, the various BSDs, macOS, and others, can share quite a bit of code.

One of my favourite things about POSIX is that it shows up in the most unexpected of places. Windows, for instance, has had various options for POSIX compatibility, some of which straight from Microsoft itself, like the currently well-known Windows Subsystem for Linux, but also mostly forgotten options like the Microsoft POSIX subsystem that shipped with Windows NT until Windows 2000, or the very rudimentary POSIX compatibility in the Windows C Runtime Library and Windows Sockets API.

OS/2 had POSIX compatibility as well, through EMX (Eberhard Mattes eXtender). It gave OS/2 – and MS-DOS – a POSIX API, and even provided access to native OS/2 APIs as well, and could run 32bit applications. You’d be surprised by how many more operating systems offered forms of POSIX compatibility, either out of the box or through first or third party add-ons.

Although Google has shown significant progress in recent weeks in improving RISC-V support in Android, it seems that we’re still quite a bit away from seeing RISC-V hardware running certified builds of Android. Earlier today, a Senior Staff Software Engineer at Google who, according to their LinkedIn, leads the Android Systems Team and works on Android’s Linux kernel fork, submitted a series of patches to AOSP that “remove ACK’s support for riscv64.” The description of these patches states that “support for risc64 GKI kernels is discontinued.”

↫ Mishaal Rahman

Google provided Android Authority with a statement, claiming that Android will continue to support RISC-V. What these patches do, however, is remove support for the architecture from the Generic Kernel Image, which is the only type of kernel Google certifies for Android, which means that it is now no longer possible to ship a certified Android device that uses RISC-V. Any OEM shipping a RISC-V Android device will have to create and maintain its own kernel fork with the required patches. This doesn’t seem to align with Google’s statement.

So, unless Google intends to add RISC-V support back into GKI, there won’t be any officially certified Android devices running on RISC-V. Definitely an odd chain of events here.

JMP is a fully FOSS service providing a way to get a real phone number that operates over the internet using XMPP. They provide numbers in the USA and Canada with everything you need to access SMS/MMS/etc. and voice calls using your XMPP (or SIP) clients of choice across all your devices. They are committed to growing the use of open communications technology such as XMPP, ultimately working to help people move their communication off the unencrypted telephone network and onto the federated, encrypted, and diverse Jabber network.

We thank JMP for sponsoring OSNews this week, and they even offer a discount code for OSNews readers who sign up for the service. Use the code OSNEWS for one free month after paying for your account initially.

There’s a new 9front release! So, what exactly is 9front, you may ask? Well, after it became clear that Bell Labs wasn’t doing much with plan9, a group of developers took matters into their own hands and created 9front, a fork of plan9. Their latest release is called DO NOT INSTALL, and brings things like more USB audio support, DNS over TLS, WiFi support for the Raspberry Pi, I2C support, and much more.

I’m not particularly well-versed in the world of plan9, and more often than not it feels like a form of high-level programming performance art that I’m just not smart enough to understand. The whole community and its associated web sites have a very unique feel to it, and I always feel like I’m just not cool enough to be part of it. That’s not a dig at the plan9 community – it’s more of an indictment of my lack of coolness.

Which really shouldn’t come as a surprise.

Lennart Poettering, main developer of systemd, has announced run0, a systemd-based replacement for the well-known sudo command that fixes many of he inherent issues with the widely used tool to gain temporary elevated privileges. There are various problems with sudo, which basically come down to that it’s a large SUID binary, meaning it consists of privileged code that unprivileged users can run from their own context. This makes sudo a fairly large attack surface, and why OpenBSD uses doas instead; while doas suffers from the same main problem, it’s much smaller and reduces the attack surface considerably.

SUID processes are weird concepts: they are invoked by unprivileged code and inherit the execution context intended and controlled by unprivileged code. By execution context I mean the myriad of properties that a process has on Linux these days, from environment variables, process scheduling properties, cgroup assignments, security contexts, file descriptors passed, and so on and so on. A few of these settings the kernel is nice enough to clean up automatically when a SUID binary is invoked, but much of it has to be cleaned up by the invoked suid binary. This has to be done very very carefully, and history has shown that SUID binaries are generally pretty shit at that.

↫ Lennart Poettering

Poettering wants to address this problem, and has come up with run0, which behaves like sudo, but works entirely differently and is not SUID. Run0 asks the services manager to create a shell or command under the target user’s ID, creating a new PTY, sending data back and forth from the originating TTY and the new PTY.

Or in other words: the target command is invoked in an isolated exec context, freshly forked off PID 1, without inheriting any context from the client (well, admittedly, we *do* propagate $TERM, but that’s an explicit exception, i.e. allowlist rather than denylist).

One could say, “run0” is closer to behaviour of “ssh” than to “sudo”, in many ways. Except that it doesn’t bother with encryption or cryptographic authentication, key management and stuff, but instead relies on the kernel’s local identification mechanisms.

run0 doesn’t implement a configuration language of its own btw (i.e. no equivalent of /etc/sudoers). Instead, it just uses polkit for that, i.e. how we these days usually let unpriv local clients authenticate against priv servers.

↫ Lennart Poettering

This approach addresses a whole slew of attack vectors on sudo, and it comes with fun additional features like being able to give your terminal a different background tint when using it, or displaying a little red dot in the terminal window title to further indicate you’re using elevated privileges. It will ship as part of the upcoming release of systemd 256.

Well, this was a wild goose chase of a read. J. B. Crawford dove into the history of something I’ve never heard of – Microsoft At Work – and came away with a story that’ while clearer thanks to his research, is still frustratingly nebulous. I’m still not entirely sure what Microsoft At Work really was, but I think it had the goal of running Windows on communications devices like faxes, to make it easier to share and work on documents across various devices. Crawford did a lot of digging, and eventually settles on what he thinks might be a description of what MAW really consisted of.

I am being a bit dismissive for effect. MAW was more ambitious than just installing Windows on a grape. The effort included a unified communications protocol for the control of office machines, including printers, for which a whole Microsoft stack was envisioned. This built on top of the Windows Printing System, a difficult-to-search-for project that apparently predated MAW by a short time, enough so that Windows Printing System products were actually on the market when MAW was announced—MAW products were, we will learn, very much not.

[…]

MAW devices like the Ricoh IFS77 ran 16-bit Windows 3.1 with a new GUI intended to appear more modern while reducing resource requirements. Some reporters at the time noted that Microsoft was cagey about the supported architectures, I suspect they were waiting on ports to be completed. The fax machine was probably x86, though, as there’s little evidence MAW actually ran on anything else.

↫ J. B. Crawford

The ’90s were a wild time, especially as Microsoft, and this MAW project seems to have ’90s written all over it, but I’d still love to learn a lot more about this. I hope this article will bring out some former Microsoft execs or employees who can give us more details, and possibly even some code. I want to know how this works and what it did.

This is a virtual DEC PDP-1 (emulated in HTML5/JavaScript) running the original code of “Spacewar!”, the earliest known digital video game. If available, use gamepads or joysticks for authentic gameplay — the game was originally played using custom “control boxes”.

Spacewar! was conceived in 1961 by Martin Graetz, Stephen Russell, and Wayne Wiitanen. It was first realized on the PDP-1 in 1962 by Stephen Russell, Peter Samson, Dan Edwards, and Martin Graetz, together with Alan Kotok, Steve Piner, and Robert A Saunders.

↫ Norbert Landsteiner

It’s wild to me that even for the very first video game, they already made what are effectively controllers anyone today could pick up and use. Note that this emulator can run more than just Spacewar!.

Back when I was working on my article about PA-RISC, HP-UX, and UNIX workstations in general, I made extensive use of OpenPA, Paul Weissmann’s invaluable and incredibly detailed resource about HP’s workstation efforts, HP-UX, and tons of related projects and products. Weissmann’s been doing some serious digging, and has unearthed details about a number of essentially forgotten operating system efforts.

First, it turns out HP was porting Windows NT to PA-RISC in the early ’90s.

Several magazine sources and USEnet posts around 1993 point to HP pursuing a PA-RISC port to NT, modified the PA-RISC architecture for bi-endianess and even conducted a back-room presention at the ’94 Comdex conference of a (modified HP 712?) PA-7100LC workstation running Windows NT. Mentions of NT on PA-RISC continued in 1994 with some customer interest but ended around 1995.

↫ Paul Weissmann at OpenPA

The port eventually fizzled out due to a lack of interest from both customers and application developers, and HP realised its time was better spent on the future of x86, Intel’s Itanium, instead. HP also planned to work together with Novell to port NetWare to PA-RISC, but the work took longer than expected and it, too, was cancelled.

The most recent secretive effort was the port of HP-UX to x86, an endeavour that took place during the final days of the UNIX workstation market.

Parts of the conversation in these documents mention a successful boot of HP-UX on x86 in December of 2009, with porting efforts projected to cost 100M+ between 2010 and 2016. The plan was for mission-critical x86 systems (ProLiant DL980 and Superdome with x86) and first releases projected in 2011 (developer) and 2012 (Superdome and Linux ABI).

↫ Paul Weissmann at OpenPA

I’m especially curious about that last one, as porting HP-UX to x86 seems like a massive effort during a time where it was already obvious Linux had completely obliterated the traditional UNIX market. It really feels like the last death saving throws of a platform everybody already knew wasn’t going to make it.

As you may be aware, the GNOME Foundation has operated at a deficit (nonprofit speak for a loss – ie spending more than we’ve been raising each year) for over three years, essentially running the Foundation on reserves from some substantial donations received 4-5 years ago. The Foundation has a reserves policy which specifies a minimum amount of money we have to keep in our accounts. This is so that if there is a significant interruption to our usual income, we can preserve our core operations while we work on new funding sources. We’ve now “hit the buffers” of this reserves policy, meaning the Board can’t approve any more deficit budgets – to keep spending at the same level we must increase our income.

↫ Robert McQueen

Learning that the GNOME Foundation can barely scrape by financially makes me irrationally angry. As much as I’ve grown to dislike using GNOME and thus switched all my machines over to KDE, GNOME is still the most popular desktop environment and used extensively by pretty much all the big corporate Linux distributions. How is it possible that this hugely popular and important open source project has to beg individual users for donations like they’re running an independent tech website or something?

Where’s all the financial support from Red Hat, IBM, Oracle, Canonical, and so on? If not even an insanely popular project like GNOME can be financially stable, what hope is there for the countless small, unknown open source projects that form the basis of our entire computing world?

In February last year I wrote about running a FreeBSD desktop, and concluded that sometimes you need to give yourself permission to tinker.

Well recently I’ve started tinkering with Alpine Linux! It’s been recommended to me for years, so I’m finally getting around to checking it out. There’s a lot to like if you come from BSD, which we’ll dig into here.

↫ Ruben Schade

Just a quick look at this unexpectedly popular Linux distribution that really has its own identity.

The Genode project has released Sculpt OS 24.04, the general purpose desktop operating system based on the Genode OS Framework. This release is absolutely jam-packed with new features, improvements, and changes, and it’s hard to know where to begin. One of the biggest new features is support for suspend/resume, an experimental feature for now, for which the developers also made starting and stopping drivers and related components easier straight from the user interface. In addition, NVMe, AHCI, and Intel GPU drivers will resume automatically after a resume.

Sculpt OS 24.04 also ships with a brand new audio framework, which brings support for “pluggable drivers, arbitrary sample rates, and the flexible routing and mixing of audio signals”, but the audio driver does need to be manually restarted after a resume. This release also adds support for 4K displays and I2C touchpads, underlining that yes, Sculpt and Genode developers dogfood their operating system on real hardware. Do note that at least for now, the I2C touchpad driver needs to be started manually, so an external mouse will initially be needed.

Various images are available for download from the download page.

Microsoft is about to go even more hog-wild with “AI” in Windows, as it intends to start recording everything you do on your Windows computer so “AI” features can find stuff for you.

According to my sources, AI Explorer will run in the background and capture everything you do on your computer. It will document and triage everything it sees, no matter what apps or interfaces you’re looking at, and turn them into memories that you can recall at a later point.

For example, you can have a conversation with a friend in the WhatsApp app for Windows, and AI Explorer will record and remember the content that was on-screen and process it with AI for you to recall later. AI Explorer can also summarize conversations, emails, web pages, and general UI surfaces just by asking for it during or after the fact. 

I’m told that much of this experience is rendered on-device and does not reach out to the cloud to process information. This is important for privacy reasons, but also for performance reasons. To reduce latency, AI Explorer will rely on NPU silicon to process content that has been recorded. I also understand that users will be able to filter out specific apps from being recorded by the AI Explorer process, or disable AI Explorer entirely.

↫ Zac Bowden at Windows Central

Is this really something people wan to devote constant resources and thus battery life to?Setting aside the privacy implications of something like this, do people really want to have a permanent record of everything they’ve done on their machine? Maybe I’m just the odd one out here, but nothing about this appeals to me in any way, shape, or form. In fact, it’s quite the opposite – something like this would make make me run for the hills, looking for an alternative to the operating system I’m using.

And the weasel words “much of this experience is rendered on-device” definitely did not go by unnoticed. This wording makes it very clear at least some data will be sent to Microsoft for processing, and over time, that amount will only increase. No data company has ever reduced the amount of data it captures, after all.

Regarding the release of the MS-DOS 4.00 source code, Michal Necasek makes an excellent point about how just dumping the code in git is a terrible and destructive way to release older source code.

It’s terrific that the source code for DOS 4.00/4.01 was released! But don’t expect to build the source code mutilated by git without problems.

Historic source code should be released simply as an archive of files, ZIP or tar or 7z or whatever, with all timestamps preserved and every single byte kept the way it was. Git is simply not a suitable tool for this.

↫ Michal Necasek at OS/2 Museum

The problems caused by dumping the code in git are quite real. Timestamps are not preserved, and the conversion to UTF-8 is deeply destructive, turning some parts of the code to literal gibberish. It’s a bit of a mess, and the people responsible for these release should be more careful and considerate.

Today, in partnership with IBM and in the spirit of open innovation, we’re releasing the source code to MS-DOS 4.00 under the MIT license. There’s a somewhat complex and fascinating history behind the 4.0 versions of DOS, as Microsoft partnered with IBM for portions of the code but also created a branch of DOS called Multitasking DOS that did not see a wide release.

↫ Scott Hanselman

Not only did they release the source code to MS-DOS 4.00, they also released disk images of a very early version of Multitasking DOS, which did not see a wide release, as the article states. I’ve only vaguely heard of MT-DOS over the decades, so I had to do some minor reading and research to untangle what, exactly, MT-DOS really is. Much of this information is probably table stakes for the many older readers we have, but bear with me.

MT-DOS, which has the official name MS-DOS 4.0 (often further specified by adding “multitasking” in brackets after the version number) was a version of MS-DOS developed by Microsoft based on MS-DOS 2.0, whose headlining feature was pre-emptive multitasking, which allowed specifically written applications to continue to run in a special background mode. Interestingly enough, it had to perform this multitasking with the same 640k memory limitation as other versions of DOS. Very few OEMs ended up licensing it, and most notably IBM wasn’t interested, so after one or two more OEM-specific versions, it was quickly abandoned by Microsoft.

MS-DOS 4.0 (multitasking) is entirely unrelated to the “real” versions 4 of MS-DOS that followed later. The actual version 4 was called MS-DOS 4.00, and it’s the source code to this specific version that’s being released as open source today. MS-DOS 4.00 was quickly followed by 4.01 and 4.01a, but apparently OEMs would confusingly still label 4.01 disks as “MS-DOS 4.0”. The whole MS-DOS 4 saga is quite convoluted and messy, and I’m probably oversimplifying a great deal.

Regardless, this code joins the open source releases of MS-DOS 1.25 and 2.0 that Microsoft released years ago.

William Brown, developer of webauthn-rs, has written a scathing blog post detailing how corporate interests – namely, Apple and Google – have completely and utterly destroyed the concept of passkeys. The basic gist is that Apple and Google were more interested in control and locking in users than in providing a user-friendly passwordless future, and in doing so have made passkeys effectively a worse user experience than just using passwords in a password manager.

Since then Passkeys are now seen as a way to capture users and audiences into a platform. What better way to encourage long term entrapment of users then by locking all their credentials into your platform, and even better, credentials that can’t be extracted or exported in any capacity.

Both Chrome and Safari will try to force you into using either hybrid (caBLE) where you scan a QR code with your phone to authenticate – you have to click through menus to use a security key. caBLE is not even a good experience, taking more than 60 seconds work in most cases. The UI is beyond obnoxious at this point. Sometimes I think the password game has a better ux.

The more egregious offender is Android, which won’t even activate your security key if the website sends the set of options that are needed for Passkeys. This means the IDP gets to choose what device you enroll without your input. And of course, all the developer examples only show you the options to activate “Google Passkeys stored in Google Password Manager”. After all, why would you want to use anything else?

↫ William Brown

The whole post is a sobering read of how a dream of passwordless, and even usernameless, authentication was right within our grasp, usable by everyone, until Apple and Google got involved and enshittified the standards and tools to promote lock-in and their own interests above the user experience. If even someone as knowledgeable about this subject as Brown, who writes actual software to make these things work, is advising against using passkeys, you know something’s gone horribly wrong.

I also looked into possibly using passkeys, including using things like a Yubikey, but the process seems so complex and unpleasant that I, too, concluded just sticking to Bitwarden and my favourite open source TFA application was a far superior user experience.

Gentoo, the venerable Linux distribution which in my headcanon I describe as ‘classy’, has banned any use of “AI”. A proposal by Gentoo Council member Michał Górny from February of this year banning its use has been unanimously accepted by the Gentoo Council. The new policy reads:

It is expressly forbidden to contribute to Gentoo any content that has been created with the assistance of Natural Language Processing artificial intelligence tools. This motion can be revisited, should a case been made over such a tool that does not pose copyright, ethical and quality concerns.

↫ Michał Górny

We’ll have to see how this policy will be implemented, but I like that Gentoo is willing to take a stand.

It wasn’t too long ago that new Ubuntu releases were major happenings in the Linux world, as it was the default Linux distribution for many, both old and newcomers, in the desktop Linux space. These days, Ubuntu release hit a little different, with Canonical’s focus having shifted much more to the enterprise, and several aspects of the distribution being decidedly unpopular, like the snap package management system.

Still, Ubuntu is probably still one of the most popular, if not the most popular, distributions out there, so any new release, like today’s Ubuntu 24.0 LTS, is still a big deal.

Ubuntu Desktop brings the Subiquity installer to an LTS for the first time. In addition to a refreshed user experience and a minimal install by default, the installer now includes experimental support for ZFS and TPM-based full disk encryption and the ability to import auto-install configurations. Post install, users will be greeted with the latest GNOME 46 alongside a new App Center and firmware-updater. Netplan is now the default for networking configuration and supports bidirectionality with NetworkManager.

↫ Utkarsh Gupta on ubuntu-announce

Of course, all the various other Ubuntu editions have also seen new releases: Edubuntu, Kubuntu, Lubuntu, Ubuntu Budgie, Ubuntu Cinnamon, Ubuntu Kylin, Ubuntu MATE, Ubuntu Studio, Ubuntu Unity, and Xubuntu. Yes, that’s a long list. They all mostly share the same improvements as Ubuntu’s main course, but paired with the latest versions of the respective desktop environments instead.

Except for Kubuntu. Unlike just about any other major distribution released over the last few months, such as Fedora 40 only a few days ago, Kubuntu does not ship with the new KDE Plasma 6, opting for Plasma 5.27.11 instead. There simply wasn’t enough time between the release of Plasma 6 and the Ubuntu feature freeze, so they made the – in my opinion – understandable call to stick to Plasma 5 for now, moving Plasma 6 to the next release later this year.

Huawei plans to expand its native HarmonyOS smartphone platform worldwide, despite coming under US-led sanctions that have deprived it of access to key technologies.

The Chinese tech megacorp released its own phone platform in 2019, the same year that US sanctions blocked Huawei from having further access to Google’s Android software to power its devices.

More recently, the company saw its Mate 60 Pro smartphone become the top selling device in China’s huge consumer market, displacing rivals such as Apple’s iPhone. It also has a newer device, the Pura 70, that could pose a bigger threat to Apple sales in the country.

↫ Dan Robinson at The Register

If there is one company that has the capabilities and will to truly offer a third alternative, it’s Huawei with HarmonyOS. This company has the full might of the Chinese state behind it, and it clearly has the drive to prove itself after the various sanctions levied against it in recent years that barred it from using Google’s Android. It’s obviously already experiencing major success in its home market, but now the company intends to go global, country by country, to positino HarmonyOS alongside iOS and Android.

Huawei basically takes a brute-force approach, explaining that they identify the 5000 most popular applications, which they claim cover 99% of users’ time with their smartphones, and port those over first. I’m not entirely sure how they convince developers to port over their applications, but I’m guessing money is involved. Fair play, I would say – it’s not like anything else is going to break the stranglehold Apple and Google have over the mobile application market.

We haven’t really spent much time talking about HarmonyOS in the west in general, and on OSNews in particular, which is a bit of a shame because it has some interesting characteristics. For instance, it has a multi-kernel design, where it uses the Linux kernel on more powerful devices like smartphones and tablets, and the RTOS LiteOS kernel on lower power IoT devices. DSoftBus is another interesting part of the operating system, which allows multiple devices to kind of join together and share data, applications, and control seamlessly.

HarmonyOS supports both Android and true HarmonyOS applications, the latter of which are marked with a little logo in the corner of the application icon, but the unique features of HarmonyOS, like DSoftBus, are only accessible to true HarmonyOS applications. Developing these native applications can be done in DevEco Studio, which is built atop IntelliJ IDEA, using ArkUI. Huawei even went so far as to develop its own browser engine for HarmonyOS, which it recently released as open source, called ArkWeb.

While HarmonyOS currently still supports running Android applications, this will soon no longer be the case as the company is working on HarmonyOS NEXT, which will remove Android compatibility to focus entirely on true HarmonyOS applications instead. NEXT also does away entirely with the multikernel approach, ditching both the Linux and LiteOS kernels for a new HarmonyOS microkernel, and uses Huawei’s own Cangjie programming language for application development. HarmonyOS NEXT is currently being tested on a variety of Huawei devices, with a beta and final release planned for later this year.

It’s just our luck that the only potentially viable competitor to Android and iOS is a party closed-source operating system from China, which will surely bring with it a whole host of security concerns in the west. It’s really difficult at the moment to ascertain just how much of HarmonyOS – and specifically, HarmonyOS NEXT – is available as open source, which is a major bummer. I don’t think I’d ever want to use a (partly) closed source Chinese operating system for anything major in my life, but if it’s open source we could at least see non-Chinese forks that I’d find easier to trust.

The road of iOS and Android competitors is littered with the bodies of failed attempts – Symbian, the various iterations of Windows Phone, BlackBerry, Sailfish, Ubuntu Touch, the GNOME/Plasma attempts that just can’t grow beyond proof of concepts – and there is no way to know if Huawei can pull off outside of China what it did with HarmonyOS inside China. Western markets are incredibly weary of anything related to Huawei, and for all we know, this operating system won’t ever even be allowed inside the US and the EU in the first place.

Regardless of international politics and the CCP’s brutal, totalitarian, genocidal regime, HarmonyOS NEXT seems like a very interesting platform with fresh ideas, and I’d love to at least try it out once it hits international markets with proper localisation into English. I’ll take a problematic Chinese smartphone operating system competitor over no competitor at all – even if I won’t use it myself, it’ll be at least some form of competition both Apple and Google desperately need.

But just as smartphones would do, PDAs offered a dizzying array of operating systems and applications, and a great many of them ran Palm OS. (I bought my first Palm, an m505, new in 2001, upgrading from an HP 95LX.) Naturally, there’s no way we could enumerate every single such device in this article. So in this Ars retrospective, we’ll look back at some notable examples of the technical evolution of the Palm operating system and the devices that ran it—and how they paved the way for what we use now.

↫ Cameron Kaiser at Ars Technica

This sure takes me back to my own in-depth Palm retrospective from – checks notes – 11 years ago (!). It turns out all the images from that article no longer load, so I should set aside some time to fix that up.

While Firefox and Safari phased out third party cookies years ago, it’s taking Chrome a bit longer because, well, daddy Google got ads to sell. As such, Google has been developing a complicated new alternative to third party cookies that it calls “Privacy sandbox”, a name in the vain of “Greenland”. This process has not exactly been going well, because Google has had to postpone phasing out third party cookies several times now, and today, they had to postpone it again. This time, however, it’s because the UK competition authority, the CMA, still has some questions.

We recognize that there are ongoing challenges related to reconciling divergent feedback from the industry, regulators and developers, and will continue to engage closely with the entire ecosystem. It’s also critical that the CMA has sufficient time to review all evidence including results from industry tests, which the CMA has asked market participants to provide by the end of June. Given both of these significant considerations, we will not complete third-party cookie deprecation during the second half of Q4.

We remain committed to engaging closely with the CMA and ICO and we hope to conclude that process this year. Assuming we can reach an agreement, we envision proceeding with third-party cookie deprecation starting early next year.

↫ Google’s Greenland blog

Making a browser good enough to take over almost the entire browser market was an absolute master stroke by Google. Now can you all please switch over to Firefox or like Lynx or something?

While it’s still yet to debut, Qualcomm’s Snapdragon X Elite is looking like a big deal for ARM-powered Windows machines and, now, it’s getting a more affordable cousin in the Snapdragon X Plus.

Announced today, Snapdragon X Plus is based on the same Oryon CPU as Snapdragon X Elite, just with a bit less power. The chip has 10 cores to the Elite’s 12, and is also clocked down from the Elite’s 3.8GHz to 3.4GHz.

↫ Ben Schoon at 9To5Google

It really seems like it’s finally happening – ARM computers for the general public (that aren’t from Apple). I really hope that Qualcomm can deliver on its promises, and that Microsoft’s involvement means these computers will be fairly standardised so it’s easier for non-Windows platforms to support them. I’ve seen quite a few rumblings from people invited to Qualcomm’s press events for these new ARM chips that the company is delivering Linux support alongside Windows support, so that’s at least a good start.

Whenever we talk about ARM coming to the generic PC market, people rightfully point out the lack of standardisation in the ARM space, so that really is the deciding factor here for people like us, who tend to not be all too interested in locked-down platforms. If every one of these machines is different enough that supporting them is a nightmare – like the world of smartphones – ARM for PCs will be dead on arrival for me because I have zero interest in buying Windows-only hardware.

One thing Microsoft tends to be good at is getting at least some standardisation to stick in the PC market, and I hope they’re going to that here, too – Microsoft probably isn’t relishing supporting each individual ARM machine in Windows ‘by hand’ either. Let’s keep our fingers crossed.

A bill that would force China-based company ByteDance to sell TikTok — or else face a US ban of the platform — is all but certain to become law after the Senate passed a foreign aid package including the measure.

It now heads to President Joe Biden, who already committed to signing the TikTok legislation should it make it through both chambers of Congress. The House passed the foreign aid package that includes the TikTok bill on Saturday.

↫ Lauren Feiner at The Verge

I hope the EU follows.

In iOS 17.4, Apple introduced a new system called eligibilityd. This works with countryd (which you might have heard about when it first appeared in iOS 16.2) and the Apple ID system to decide where you physically are. The idea is that multiple sources need to agree on where you are, before giving you access to features such as those mandated by the Digital Markets Act.

↫ Adam Demasi

The way Adam Demasi managed to convince Apple his very much Australian iPhone in Australia was, in fact, a European Union iPhone in the European Union was by making sure not a single wireless signal managed to escape the device. He had to disable location services, insert an Italian SIM, set up a pfSense Wi-Fi router using the regulatory country of Italy, and go into his basement where there’s no mobile signal. Between all these steps, the phone was reset multiple times.

And then, and only then, did the iPhone think it was in the European Union, with all the benefits that entails. Demasi has no idea which of these steps are actually needed, but the process of figuring this all out is ongoing, and more information is sure to be discovered as smart people sink their teeth into the process by which Apple determines where an iPhone is from.

I always like it when I can link to an article written by an OSNews, and this time it’s even relevant to me as I’m exploring OpenBSD myself. OSNews reader and silver Patreon supporter Morgan has written an article about using OpenBSD as a daily driver.

OpenBSD is forever tied in first place with Void Linux as my favorite desktop OS. This is particularly funny because OpenBSD isn’t “just a desktop OS”; in its purest form, the base installation without any installed packages, it makes for an excellent Ethernet router, firewall, or web server. It even ships with its own fork of X11 called Xenocara, along with fvwm2 and its own calm window manager, so there’s a rudimentary desktop OS in there too. With that said, in 2024 there is no such thing as a fully functioning desktop computer or workstation without at least a web browser of some kind, and if you’re adding packages you may as well build a full desktop system to suit your needs.

So how do you go from the amazing but unfortunately limited base install to a “daily driver” workstation operating system? There are many ways to do this, and I will present a couple of paths I take depending on the hardware and use case involved. Before I do that, a bit of prep is necessary to get OpenBSD into more of a desktop OS mode.

↫ Morgan

I’ll be using this guide over the coming days to make sure I end up with something usable. I still haven’t decided on what desktop environment I want to go for – I’m not interested in running GNOME or KDE, so Xfce is probably the most likely option. I’d also love to try out LXQt, but it seems the version OpenBSD has in its repositories is very, very outdated (1.0.0 from years ago, when 2.0.0 was just released). There’s a small chance I might suck it up and use one of those “build your own desktop environment” options, but I have no idea which one I should go for.

Did you know there’s one surefire way to know when a technology has truly jumped the shark? When they start adding it to computer mice.

In today’s fast-paced, technology-enabled world, everyone is learning to work differently with breakthroughs in Generative AI.

Mastering prompt building enhances your efficiency and creativity. That’s why we developed the Logi AI Prompt Builder, a time and click-saving solution. Rephrase, summarize, and create custom-made prompt recipes with ChatGPT faster, with virtually no disruption to your workflow.

↫ Logitech’s “AI” thing page

Logitech mice users were surprised to find out that after the latest mouse software update, it now contains an “AI” prompt builder tool, so that you can click anywhere and have a little pop-up appear that taps into ChatGPT.

I’m done.

These emails — which I encourage you to look up — tell a dramatic story about how Google’s finance and advertising teams, led by Raghavan with the blessing of CEO Sundar Pichai, actively worked to make Google worse to make the company more money. This is what I mean when I talk about the Rot Economy — the illogical, product-destroying mindset that turns the products you love into torturous, frustrating quasi-tools that require you to fight the company’s intentions to get the service you want.

↫ Edward Zitron

Quite the read.

It’s a big day for Fedora users such as myself – and especially for Fedora KDE users, also such as myself. Fedora 40 has been released today, and while the main focus is always on the GNOME release – although not everyone is happy about that – the various other spins, in Fedora parlance, have also seen major updates. Most prominently among them is the KDE spin, which ships with KDE’s recent megarelease, KDE Plasma 6.

Starting at the top, Fedora 40 Workstation comes with the latest GNOME release, 46, which we covered when it was released earlier this year. It also comes with IPV4 Address Conflict Detection to resolve duplicate IPV4 addresses in the same physical network, and the PyTorch machine learning framework is now in the Fedora software repositories for easier installation and implementation by developers – a harbinger of what’s to come.

The KDE spin comes, as already mentioned, with KDE Plasma 6, and inherits the non-GNOME improvements and fixes as well, of course. There’s also countless other spins covering pretty much every desktop environment and window manager under the sun, and Fedora 40 is also the first release to implement the new naming scheme for Fedora’s various immutable editions – the Atomic Desktops.

Hot on the heels of NetBSD 10.0 comes NetBSD 9.4, a minor release in the previous release branch.

NetBSD 9.4 is primarily a bug and security fix release, however, there are some new features, such as support for more MegaRAID controllers, ZTE MF112 and D-Link DWM222 USB 3G modems, and improved CPU feature detection for newer AMD/Intel devices. All users of netbsd-9 should upgrade if they are not following the stable branch.

↫ NetBSD 9.4 release announcement

A very important note here is that the version of OpenSSL in NetBSD 9.4 is no longer supported unless you have a support contract with OpenSSL. They suggest upgrading to NetBSD 10.0, or to use OpenSSL from pkgsrc.

Tribblix, the unique ilumos distribution – think Solaris – has a new SPARC milestone. It’s one of the few platforms still actively supporting SPARC, so even if the amount of users might be slim, I think it’s an important contribution to the ecosystem.

The application software here roughly corresponds to m34 on x86 systems, although the underlying illumos is still closer to m25/m26. Note that there are no functional illumos changes from the m28 sparc release – if that release didn’t work on your system, this one won’t either.

↫ Peter Tribble

I’m still looking for my mythical, unobtanium Sun Ultra 45, a goal farther away now than it’s ever been (Patreon maybe? One-time donation? Help me out after I took OSNews full-time?), and the SPARC version of Tribblix would be my first go-to.

There is something about surprising interfaces: clapping to switch on lights is more fun than a flipping a switch. Pressing a panic-button to order a pizza is more fun than ordering via an app. Recently I came across this surprising interface: a flute controlled mouse cursor for a first person shooter. I recognize a good idea when I see one, and immediately wanted replicate the idea and make it freely available. So I got to work.

↫ Joren Six

I don’t think I have ever seen something quite so unique.

A misconfigured North Korean Internet cloud server has provided a fascinating glance into the world of North Korean animation outsourcing and how foreign companies might be inadvertently employing North Korean companies on information technology (IT) projects. The incident also underlines how difficult it is for foreign companies to verify their outsourced work is not potentially breaking sanctions and ending up on computers in Pyongyang.

↫ Martyn Williams at 38 North

What an absolutely wild story.

Cory Doctorow, nailing it as usual.

If you care about how people are treated by platforms, you can’t just tell them to pay for services instead of using ad-supported media. The most important factor in getting decent treatment out of a tech company isn’t whether you pay with cash instead of attention – it’s whether you’re locked in, and thus a flight risk whom the platform must cater to.

↫ Cory Doctorow

I’m sick and tired of the phrase “if you’re not paying for the product, you’re the product”, because it implies that if just you pay for a product or service, you’re not going to be treated like ass. The problem is, as Doctorow points out, that this simply is not supported by the evidence, and that it isn’t whether or not you’re paying that makes you have a good or bad experience – it’s whether or not you’re locked in.

If you’ve got nowhere else to go, then corporations can treat you like ass.

There are so, so many free services and products I use where I’m anything but a “product”. My Linux distribution of choice, Fedora. My web browser, Firefox. The countless open source applications I use on my desktops, laptops, and smartphone. Those are all cases where even though I’m not paying, I know I’m being treated with respect, and I feel entirely comfortable with all of those. And no, you don’t get to exclude the open source world just because it’s inconvenient for the “you’re the product” argument.

There are also countless services and products where the opposite is true; I’m a paying customer, but I still feel like I’m the product. I pay for additional Google Drive storage. I pay for an Office 364 subscription because I needed it as a translator (I’m working on OSNews full-time now, and could use your help keeping the site going), but I can’t cancel it because my wife, my parents, and my parents-in-law use that same subscription. We pay for Netflix and one or two other video services. I don’t know if our ISP or wireless provider do anything malicious, but it wouldn’t surprise me. And so on.

Being a paying customer means nothing. It’s how easy it is for you to stop being a customer that matters.

Today we’re taking the next step toward our vision for a more open computing platform for the metaverse. We’re opening up the operating system powering our Meta Quest devices to third-party hardware makers, giving more choice to consumers and a larger ecosystem for developers to build for. We’re working with leading global technology companies to bring this new ecosystem to life and making it even easier for developers to build apps and reach their audiences on the platform.

[…]

Meta Horizon OS is the result of a decade of work by Meta to build a next-generation computing platform. To pioneer standalone headsets, we developed technologies like inside-out tracking, and for more natural interaction systems and social presence, we developed eye, face, hand, and body tracking. For mixed reality, we built a full stack of technologies for blending the digital and physical worlds, including high-resolution Passthrough, Scene Understanding, and Spatial Anchors. This long-term investment that began on the mobile-first foundations of the Android Open Source Project has produced a full mixed reality operating system used by millions of people.

↫ Facebook’s blog

In summary, Facebook wants the operating system of their Quest series of virtual reality devices – an Android Open Source Project fork optimised for this use – to become the default platform for virtual reality devices from all kinds of OEMs. Today, they’re announcing that both Asus and Lenovo will be releasing devices running this Meta Horizon OS, with the former focusing on high-end VR gaming, and the latter on more general use cases of work, entertainment, and so on. Facebook will also be working together with Microsoft to create a Quest “inspired by Xbox”.

The Meta Quest Store, the on-device marketplace for applications and games, will be renamed to the Meta Horizon Store, and the App Lab, where developers can more easily get their applications and games on devices and in the hands of consumers as long as they meet basic technical and content guidelines, will be integrated into the Meta Horizon Store for easier access than before. In addition, in a mildly spicy move, Facebook is openly inviting Google to bring the Google Play Store to the VR Android fork, “where it can operate with the same economic model it does on other platforms”.

The odds of me buying anything from Facebook are slim, so I really hope this new move won’t corner the market for VR headsets right out of the gate; I don’t want another Android/iOS duopoly. I’m not particularly interested in VR quite yet – but give it a few more years, and I certainly won’t pass up on a capable device that allows me to play Beat Saber and other exercise-focused applications and games.

I just don’t want it to be a Facebook device or operating system.

The maker of Tiny11, a third-party project that aims to make Windows 11 less bloated with unnecessary parts, released a new version of Tiny11 Builder, a special tool that lets you create a custom Windows 11 image tailored to your needs and preferences. The latest release makes it much easier to create a lightweight Windows 11 ISO without worrying about installing a system modified by unknown third parties.

↫ Taras Buria at Neowin

Perhaps you can make Windows 11 slightly more bearable with this. If there’s any interest from y’all, I could build my own debloated Windows 11 install and see if I can make this platform bearable for myself? Let me know in the comments.

One of the remarkable characteristics of the Super Nintendo was the ability for game cartridges (cart) to pack more than instructions and assets into ROM chips. If we open and look at the PCBs, we can find inside things like the CIC copy protection chip, SRAM, and even “enhancement processors”.

↫ Fabien Sanglard

When I was a child and teenager in the ’90s, the capabilities of the SNES cartridge were a bit of a legend. We’d talk about what certain games would use which additional processors and chips in the cartridge, right or wrong, often boasting about the games we owned, and talking down the games we didn’t. Much of it was probably nonsense, but there’s some good memories there.

We’re decades deep into the internet age now, and all the mysteries of the SNES cartridge can just be looked up on Wikipedia and endless numbers of other websites. The mystery’s all gone, but at least now we can accurately marvel at just how versatile the SNES really was.

Earlier this year, we talked about Niri, a very unique tiling window manager for Wayland that scrolls infinitely to the right. I’ve never seen anything quite like it, and while it seems polarising, I think it’s absolutely worthy of a dedicated niche. The project’s got a major new release out, and there’s a lot of improvements here.

First and foremost, virtually all animations have been overhauled, and new ones have been added for almost every kind of interaction. The videos on the release page do a really good job of highlighting what they’re going for, and I think it looks great, and for the animation-averse, every individual animation can be turned off. Niri now also supports variable refresh rate, and the IPC mechanism has been improved. Among the smaller improvements is a welcome one: when using the touchscreen, the mouse cursor disappears.

I really think this one has to be tried before judged, and I’m seriously contemplating setting up a Wayland environment just for this one, to see if it works for me. My window “flow”, if that makes sense, is already left-to-right, so the idea of having that effectively automated with an infinite canvas sounds very appealing to me, especially on smaller displays. I just need to figure out if it works in reality.

Microsoft is on a roll with updating its app store on Windows 10 and 11. Following the recent release of performance upgrades and improved algorithms, the company announced big changes in how the web version of the Microsoft Store works. Now, every user can download app executables directly from the website using new “installers for web.”

↫ Taras Buria at Neowin

Neat.