Android

North Koreans Are Jailbreaking Phones To Access Forbidden Media (wired.com) 23

An anonymous reader quotes a report from Wired: For most of the world, the common practice of "rooting" or "jailbreaking" a phone allows the device's owner to install apps and software tweaks that break the restrictions of Apple's or Google's operating systems. For a growing number of North Koreans, on the other hand, the same form of hacking allows them to break out of a far more expansive system of control -- one that seeks to extend to every aspect of their lives and minds. On Wednesday, the North Korea-focused human rights organization Lumen and Martyn Williams, a researcher at the Stimson Center think tank's North Korea -- focused 38 North project, together released a report on the state of smartphones and telecommunications in the Democratic People's Republic of Korea, a country that restricts its citizens' access to information and the internet more tightly than any other in the world. The report details how millions of government-approved, Android-based smartphones now permeate North Korean society, though with digital restrictions that prevent their users from downloading any app or even any file not officially sanctioned by the state. But within that regime of digital repression, the report also offers a glimpse of an unlikely new group: North Korean jailbreakers capable of hacking those smartphones to secretly regain control of them and unlock a world of forbidden foreign content.

Learning anything about the details of subversive activity in North Korea -- digital or otherwise -- is notoriously difficult, given the Hermit Kingdom's nearly airtight information controls. Lumen's findings on North Korean jailbreaking are based on interviews with just two defectors from the country. But Williams says the two escapees both independently described hacking their phones and those of other North Koreans, roughly corroborating each others' telling. Other North Korea -- focused researchers who have interviewed defectors say they've heard similar stories. Both jailbreakers interviewed by Lumen and Williams said they hacked their phones -- government-approved, Chinese-made, midrange Android phones known as the Pyongyang 2423 and 2413 -- primarily so that they could use the devices to watch foreign media and install apps that weren't approved by the government. Their hacking was designed to circumvent a government-created version of Android on those phones, which has for years included a certificate system that requires any file downloaded to the device to be "signed" with a cryptographic signature from government authorities, or else it's immediately and automatically deleted. Both jailbreakers say they were able to remove that certificate authentication scheme from phones, allowing them to install forbidden apps, such as games, as well as foreign media like South Korean films, TV shows, and ebooks that North Koreans have sought to access for decades despite draconian government bans.

In another Orwellian measure, Pyongyang phones' government-created operating system takes screenshots of the device at random intervals, the two defectors say -- a surveillance feature designed to instill a sense that the user is always being monitored. The images from those screenshots are then kept in an inaccessible portion of the phone's storage, where they can't be viewed or deleted. Jailbreaking the phones also allowed the two defectors to access and wipe those surveillance screenshots, they say. The two hackers told Lumen they used their jailbreaking skills to remove restrictions from friends' phones, as well. They said they also knew of people who would jailbreak phones as a commercial service, though often for purposes that had less to do with information freedom than more mundane motives. Some users wanted to install a certain screensaver on their phone, for instance, or wipe the phone's surveillance screenshots merely to free up storage before selling the phone secondhand.
As for how the jailbreaking was done, the report says both jailbreakers "described attaching phones to a Windows PC via a USB cable to install a jailbreaking tool."

"One mentioned that the Pyongyang 2423's software included a vulnerability that allowed programs to be installed in a hidden directory. The hacker says they exploited that quirk to install a jailbreaking program they'd downloaded while working abroad in China and then smuggled back into North Korea." The other hacker might've obtained his jailbreaking tool in a computer science group at Pyongyang's elite Kim Il Sung University where he attended.
Windows

Microsoft Fixes Point of Sale Bug That Delayed Windows 11 Startup For 40 Minutes (theregister.com) 46

"The Register reports Microsoft fixed a Point of Sale bug that delayed Windows 11 startup for 40 minutes," writes Slashdot reader ellithligraw. "So much for the express lane at check-out." From the report: A fresh Windows 11 patch slipped out overnight as an optional update, but contains an impressively long list of fixes for Microsoft's flagship operating system. One bug addressed in KB5012643 could leave Point of Sale terminals hanging for up to 40 minutes during startup. Microsoft stated, "We fixed an issue that delays OS startup by approximately 40 minutes." "Microsoft described the fixes as 'improvements' [and chose to highlight the fact that temperature would now be displayed on top of the weather icon on the taskbar]," added Slashdot reader ellithligraw. "[Y]eah, Windows 11 is great as a PoS."
Security

Microsoft Finds Linux Desktop Flaw That Gives Root To Untrusted Users (arstechnica.com) 75

An anonymous reader quotes a report from Ars Technica: Vulnerabilities recently discovered by Microsoft make it easy for people with a toehold on many Linux desktop systems to quickly gain root system rights -- the latest elevation of privileges flaw to come to light in the open source OS. [...] Nimbuspwn, as Microsoft has named the EoP threat, is two vulnerabilities that reside in the networkd-dispatcher, a component in many Linux distributions that dispatch network status changes and can run various scripts to respond to a new status. When a machine boots, networkd-dispatcher runs as root. [...] A hacker with minimal access to a vulnerable desktop can chain together exploits for these vulnerabilities that give full root access. [The step-by-step exploit flow can be found in the article. The researcher also was able to gain persistent root access using the exploit flow to create a backdoor.]

The proof-of-concept exploit works only when it can use the "org.freedesktop.network1" bus name. The researcher found several environments where this happens, including Linux Mint, in which the systemd-networkd by default doesn't own the org.freedodesktop.network1 bus name at boot. The researcher also found several processes that run as the systemd-network user, which is permitted to use the bus name required to run arbitrary code from world-writable locations. The vulnerable processes include several gpgv plugins, which are launched when apt-get installs or upgrades, and the Erlang Port Mapper Daemon, which allows running arbitrary code under some scenarios.
The vulnerability has been patched, although it's unclear which version of Linux the patch is in.
Android

Google Pixel Watch Leaks After Being Lost and Found At Restaurant (arstechnica.com) 25

Android Central was sent images of Google's upcoming Pixel Watch after it was reportedly left at a restaurant in the U.S. It's reminiscent of when an Apple iPhone 4 was lost and found at a bar in 2010. From the report: Android Central has reviewed the images of the watch that could be announced during Google I/O next month. It's possible that the watch itself could be released alongside the Pixel 7. The source, who we have left anonymous to protect their identity, said the watch, which could be "a testing model for the Internal Pixel team," was found at a restaurant. The source requested Android Central to not publish their name or the restaurant name, including location, in order to protect their job. After the reporting of this story, the source wrote a Reddit post about the alleged watch. The source indicated that the watch was left at the restaurant "for a few weeks expecting the people that left it to return, but that never happened."

The watch in our images looks almost identical to leaks of rumored rendered images. It has a minimalist design and follows what leaks have suggested a screen with hardly any bezels. The image also confirms one of the rumored colors that the watch will come in: black. Previous rumors have suggested the watch will have a rotating crown and potentially two hidden buttons. It is a bit hard to tell from the image above, but if this is the rumored watch then there is definitely at least one button next to the crown.

[I]t seems that the watch's band is a proprietary Google band and looks very similar to the jelly-like Apple Watch sport bands. This could mean that we might see many more colors to come. It also looks like it attaches directly to the watch case. This might make swapping out watch bands difficult, especially when most of the other top Android smartwatches give you more leeway with standard watch band types. No charger was left behind with the watch, but it is possible that the watch could be charged from the back of the watch case. This is also how Fitbit's Versa 3 and Sense smartwatches (Fitbit is owned by Google) and the Apple Watch are charged. The source indicated that the bottom "looks metallic but feels like it's coated with glass." [...] The source indicated that nothing happened past the boot logo when they tried to power it up [...]. This likely means that there is no OS yet installed on the watch.

Unix

OpenBSD 7.1 Released with Support for Apple M1, Improvements for ARM64 and RISC-V (openbsd.org) 26

"Everyone's favorite security focused operating system, OpenBSD 7.1 has been released for a number of architectures," writes long-time Slashdot reader ArchieBunker, "including Apple M1 chips."

Phoronix calls it "the newest version of this popular, security-minded BSD operating system." With OpenBSD 7.1, the Apple Silicon support is now considered "ready for general use" with keypad/touchpad support for M1 laptops, a power management controller driver added, I2C and SPI controller drivers, and a variety of other driver additions for supporting the Apple Silicon hardware.

OpenBSD 7.1 also has a number of other improvements benefiting the 64-bit ARM (ARM64) and RISC-V architectures. OpenBSD 7.1 also brings SMP kernel improvements, support for futexes with shared anonymous memory, and more. On the graphics front there is updating the Linux DRM code against the state found in Linux 5.15.26 as well as now enabling Intel Elkhart Lake / Jasper Lake / Rocket Lake support.

The Register notes OpenBSD now "supports a surprisingly wide range of hardware: x86-32, x86-64, ARM7, Arm64, DEC Alpha, HP PA-RISC, Hitachi SH4, Motorola 88000, MIPS64, SPARC64, RISC-V 64, and both Apple PowerPC and IBM POWER." The Register's FOSS desk ran up a copy in VirtualBox, and we were honestly surprised how quick and easy it was. By saying "yes" to everything, it automatically partitioned the VM's disk into a rather complex array of nine slices, installed the OS, a boot loader, an X server and display manager, plus the FVWM window manager. After a reboot, we got a graphical login screen and then a rather late-1980s Motif-style desktop with an xterm.

It was easy to install XFCE, which let us set the screen resolution and other modern niceties, and there are also KDE, GNOME, and other pretty front-ends, plus plenty of familiar tools such as Mozilla apps, LibreOffice and so on....

We were expecting to have to do a lot more work. Yes, OpenBSD is a niche OS, but the project gave the world OpenSSH, LibreSSL, the PF firewall as used in macOS, much of Android's Bionic C library, and more besides.... In a world of multi-gigabyte OSes, it's quite refreshing. It felt like stepping back into the early 1990s, the era of Real Unix, when you had to put in some real effort and learn stuff in order to bend the OS to your will — but in return, you got something relatively bulletproof.

Android

Volla Phone 22 Runs Ubuntu Touch Or a Privacy-Focused Android Fork Or Both (liliputing.com) 22

The Volla Phone 22, a new smartphone available for preorder via a Kickstarter campaign, is unlike any other smartphone on the market today in that it ships with a choice of the Android-based Volla OS or the Ubuntu Touch mobile Linux distribution. "It also supports multi-boot functionality, allowing you to install more than one operating system and choose which to run at startup," writes Liliputing's Brad Linder. Some of the hardware specs include a 6.3-inch FHD+ display, a MediaTek Helio G85 processor, 4GB of RAM, 128GB storage, 3.5mm audio jack and a microSD card reader. There's also a 48-megapixel main camera sensor and replaceable 4,500mAh battery. From the report: While Volla works with the folks at UBPorts to ensure its phones are compatible with Ubuntu Touch, the company develops the Android-based Volla OS in-house. It's based on Google's Android Open Source Project code, but includes a custom launcher, user interface, and set of apps with an emphasis on privacy. The Google Play Store is not included, as this is a phone aimed at folks who want to minimize tracking from big tech companies. Other Google apps and services like the Chrome web browser, Google Maps, Google Drive, and Gmail are also omitted. The upshot is that no user data is collected or stored by Volla, Google, or other companies unless you decide to install apps that track your data. Of course, that could make using the phone a little less convenient if you've come to rely on those apps, so the Volla Phone might not be the best choice for everyone.

Volla OS also has a built-in user-customizable firewall, an App Locker feature for disabling and hiding apps, and optional support for using the Hide.me VPN for anonymous internet usage. The source code for Volla OS is also available for anyone that wants to inspect the code. The operating system also has a custom user interface including a Springboard that allows you to quickly launch frequently-used apps by pressing a red dot for a list, or by starting to type in a search box for automatic suggestions such as placing a phone call, sending a text message, or opening a web page. You can also create notes or calendar events from the Springboard or send an encrypted message with Signal.
The phone is expected to ship in June at an early bird price of about $408.
Android

The Nord N20 Is OnePlus' Budget Offering For 2022 (androidpolice.com) 12

For 2022, OnePlus has announced the Nord N20 5G as its budget offering for the US and Canadian markets, free when you add a line or $282. Android Police reports: Compared to the previous models, this year's phone sure seems to be a mid-range device rather than a budget one. The phone features a 6.43-inch AMOLED display with an in-display fingerprint scanner, a Snapdragon 695 chip, 6GB RAM, and 128GB storage. There's a microSD card slot, too, so you can expand the storage by up to 512GB if needed. A 4,500mAh battery powers the device, coming with 33W fast charging support that's enough to top up the cell to 50% in just 30 minutes. The phone's rear houses a triple-camera setup consisting of a 64MP primary sensor, a 2MP macro, and a monochrome lens -- there's no ultra-wide sensor here.

Judging from the specs, it is clear that the Nord N20 is a sister variant of the Nord CE 2 Lite with some minor downgrades. The latter is due to launch in India later this month. The Nord N20 runs the Android 11-based OxygenOS 11 and not Android 12. There's no word on when an update to Android 12 will arrive, either. Previous Nord phones in the US received only one OS update, so it is possible Android 12 could be the first and last OS update for the N20.

Windows

Is Windows 11 Less Popular Than Windows XP? (pcmag.com) 133

"A new survey claims Windows 11 adoption is so low it's actually less popular than the 20-year-old Windows XP," reports PC Magazine: The survey comes from an IT management provider called Lansweeper. Through its own software products, the company scanned 10 million Windows devices this month to determine which OS they were using. The results found that only 1.44% of the devices had Windows 11 installed, which is lower than the 1.71% for Windows XP. In contrast, Windows 10 maintains a dominant share at 80.34%. Although Windows 11's adoption is low at 1.44%, the number actually went up almost three times from 0.52% back in January.

It's also important to note that other surveys have found much higher Windows 11 adoption numbers. Last month, the app advertising platform AdDuplex found Windows 11 usage was at 19.4%, although this represented a mere 0.1% growth from the previous month. Meanwhile, the Steam hardware survey from Valve estimates Windows 11 usage has reached 16.8%.

Windows

Why Gamers Are Adopting Windows 11 More Slowly Than Windows 10 (arstechnica.com) 150

Ars Technica's Andrew Cunningham combed through Steam Hardware & Software Survey data "to see how Windows 11 is fairing with enthusiasts." An anonymous reader shares an excerpt from the report: Steam users are migrating to Windows 11 about half as quickly as they moved to Windows 10. Six months after its release, Windows 10 ran on 31 percent of all Steam computers -- nearly one in three. As of March 2022, Windows 11 runs on just under 17 percent of Steam computers -- about one in six. Three-quarters of all Steam computers in 2022 are still running Windows 10. It's easy to interpret these results as an indictment of Windows 11, which generated some controversy with its relatively stringent (and often poorly explained) security-oriented system requirements. At least some of this slow adoption is caused by those system requirements -- many of the PCs surveyed by Steam probably can't install Windows 11. That could be because users have an older unsupported CPU or have one or more of the required security features disabled; Secure Boot and the firmware TPM module were often turned off by default on new motherboards for many years. But there are other compelling explanations. Windows 11's adoption looks slow compared to Windows 10, but Windows 10's adoption was also exceptionally good.

Windows 8 and 8.1 were not well-loved, to put it mildly, and Windows 10 was framed as a response to (and a fix for) most of Windows 8's user interface changes. And people who were still on Windows 7 were missing out on some of the nice quality-of-life additions and under-the-hood improvements that Windows 8 added. You can see that pent-up demand in the jump between July 2015 and September 2015. In the first two months of Windows 10's availability, Windows 8 hemorrhaged users, falling from around 35 percent usage to 19 percent. Virtually all of those users -- and a smaller but still notable chunk of Windows 7 users -- were moving to Windows 10. Windows 11 also got a decent early adopter bump in November 2021, but its gains every other month were much smaller.

In contrast, Windows 11 was announced with little run-up, and it was replacing what users had been told was the "last version of Windows." Where Windows 10 replaced one new, unloved OS and one well-liked but aging OS, Windows 11 replaced a modern OS that nobody really complained about (Windows 10 ran on over 90 percent of all Steam computers in September 2021 -- even Windows 7 in its heyday couldn't boast that kind of adoption). It's also worth noting that Microsoft didn't try to re-create that initial burst of adoption for Windows 11. Following some turbulence after early Windows 10 servicing updates, Microsoft began rolling updates out more methodically, starting with small numbers of PCs and then expanding availability gradually as problems were discovered and ironed out. Windows 11 only entered "its final phase of availability" in February, ensuring that anyone with a compatible PC could get Windows 11 through Windows Update if they wanted it.

Windows

Microsoft: Moving Windows 11 Taskbar May Never Be An Option Again (bleepingcomputer.com) 210

If you are waiting for Windows 11 side-taskbar support before upgrading to the latest operating system, you may be waiting for a long time, according to a recent Microsoft Ask Me Anything (AMA) session. BleepingComputer reports: As first reported by Neowin, in a recent Microsoft Ask Me Anything (AMA) session, a user asked whether Microsoft would be bringing back the ability to move the sidebar to the sides. The response was not very promising, with Tali Roth, Microsoft's Head of Product, explaining that a small amount of Windows users use the feature and that it is unsure whether the feature will ever be brought back:

"When it comes to something like actually being able to move the taskbar to different locations on the screen, there's a number of challenges with that. When you think about having the taskbar on the right or the left, all of a sudden the reflow and the work that all of the apps have to do to be able to understand the environment is just huge. And when you look at the data, while we know there is a set of people that love it that way and, like, really appreciate it, we also recognize that this set of users is really small compared to the set of other folks that are asking for other features. So at the moment we are continuing to focus on things that I hear more pain around. It is one of those things that we are still continuing to look at, and we will keep looking to feedback, but at the moment we do not have a plan or a set date for when we would, or if we would, actually build the side taskbar."
You can watch the entire discussion about this feature on YouTube.
Operating Systems

Raspberry Pi OS Ditches Longtime User Account For Security Reasons (arstechnica.com) 21

An anonymous reader quotes a report from Ars Technica: Since its launch, the Raspberry Pi OS (and most operating systems based on it) has shipped with a default "pi" user account, making it simpler to boot up a Pi and start working without needing to hook up the device to a monitor or go through a multi-step setup process. But as of today, that's changing -- new installs of the Raspberry Pi OS are shedding that default user account for both security and regulatory reasons.

Raspberry Pi Foundation software engineer Simon Long explains the thinking in this blog post. "[The "pi" user account] could potentially make a brute-force attack slightly easier, and in response to this, some countries are now introducing legislation to forbid any Internet-connected device from having default login credentials," he writes. This move will improve the Pi operating system's security.

Before, even if you assigned a good password to the "pi" account, attackers could still assume with a reasonable degree of certainty that most Raspberry Pi boards were using the "pi" username. Many Pi OS-based operating systems also ship with the default "pi" user account enabled and are completely passwordless, requiring extra steps to assign the account a password in the first place. The flip side is that the change could break some software and scripts, particularly those that are hard-coded to use the "pi" user account and home folder.
"[T]he Raspberry Pi OS now boots into a dedicated setup mode the first time you start it up instead of running the setup wizard as an app in the normal desktop environment," adds Ars. "And that setup wizard now prompts you to create a username and password rather than simply assigning a password to the default 'pi' user account. To aid with setup, the wizard can now pair Bluetooth keyboards and mice without requiring you to plug in a USB accessory first."

The new version of the Pi OS also includes experimental support for the Wayland display server protocol, but Long says most people should ignore it for now since it's explicitly labeled as "experimental."
Windows

The Full Windows 95 Launch Event Video Is Finally Online (gizmodo.com) 26

The full 90-minute keynote of the Windows 95 launch was uploaded this week by the Blue OS Museum YouTube account. As Gizmodo's Florence Ion notes, "clips from the presentation have floated around online for decades," but the full keynote "has been harder to track down." From the report: [T]he complete presentation is an absolute time capsule of technology culture as it existed on Aug. 24, 1995. It also features some incredibly cringe moments, most of which stem from Jay Leno's cheesy and problematic joke-telling. My face felt flush the entire time I watched this presentation from all the nostalgia pulsating throughout it. There are all the requisite hairstyles, khaki pants, and overly-used Bill Clinton jokes that make this a quintessential event of the '90s. In a slideshow, Gizmodo highlights the "best and worst parts" of the event, adding that if you do watch the entire presentation, "you will have The Rolling Stones' 'Start Me Up' stuck in your head for the rest of the day."
Windows

New Windows 11 Security Feature Will Require a PC Reset (thurrott.com) 130

Microsoft has rolled out a new security feature called Smart App Control with Windows 11. From a report: "Smart App Control is a major enhancement to the Windows 11 security model that prevents users from running malicious applications on Windows devices that default blocks untrusted or unsigned applications," Microsoft vice president David Weston explains. "It goes beyond previous built-in browser protections and is woven directly into the core of the OS at the process level. Using code signing along with AI, our new Smart App Control only allows processes to run that are predicted to be safe based on either code certificates or an AI model for application trust within the Microsoft cloud. Model inference occurs 24 hours a day on the latest threat intelligence that provides trillions of signals." Smart App Control is interesting because it will be enabled by default on new Windows PCs in the future. But if you upgrade to whatever version of Windows 11 that enables this feature on an existing install, you will have to use Reset this PC to reset Windows 11 and clean install it. That is, I believe, unprecedented.
Windows

Windows 3.1 Is Officially 30 Years Old (windowscentral.com) 142

An anonymous reader quotes a report from Windows Central: Windows 11 may be the latest operating system from Microsoft, but [Wednesday was] about Windows 3.1. It's the birthday of the classic OS, marking 30 years since its launch on April 6, 1992. Windows 3.1 introduced several key components, many of which have digital descendants on Windows 11 and imitators on other operating systems. Windows 3.1 brought PCs the CTRL+C and CTRL+V shortcuts for copy and paste. It added TrueType fonts and came with screensavers and a media player as well. Gamers had two options for games that preinstalled games: Solitaire and Minesweeper.

Selling over 3 million copies in the first three months it was on the market, Windows 3.1 was considered a success. It was more user-friendly than Windows 3.0 and introduced many people to the idea of a personal computer in their home. Sadly for those that miss the days of the MS-DOS and command line being king, Windows 3.1 reached its end of support in 2001.
Further reading: Windows 3.1 Turns 30: Here's How It Made Windows Essential (How To Geek)
Operating Systems

Fedora Plans To Drop Support For Legacy BIOS Systems (linuxiac.com) 122

The Fedora 37 development team is considering dropping support for non-UEFI BIOS. Linuxiac reports: The Unified Extensible Firmware Interface, or UEFI, is a modern method of handling the boot process. UEFI is similar to Legacy; however, the boot data is stored in a .efi file rather than the firmware. In the case of Fedora, while the change may take some time, the new Fedora x86_64 installations will no longer work on non-UEFI platforms. On x86_64 architectures, Fedora 37 will mark legacy BIOS installation as deprecated in favor of UEFI. While systems already using Legacy BIOS to boot will continue to be supported, new Legacy BIOS installations on these architectures will be impossible.
Google

Google Play Store Cracks Down on Outdated Apps (theverge.com) 40

Google is preparing to limit the availability of outdated apps on the Play Store, the company has announced. The Verge reports: From November 1st, all existing apps in the store should aim to target an API level within two years of the latest major Android OS release. If they don't, Google says it'll place limits on which users are able to discover or install them. The changes are meant to ensure that software available from the Play Store makes use of Android's latest privacy and security features. Device owners "expect to realize the full potential of all the privacy and security protections Android has to offer," Google product management director Krish Vitaldevara writes in a blog post. "Expanding our target level API requirements will protect users from installing older apps that may not have these protections in place."
AI

The First IBM Mainframe For AI Arrives (zdnet.com) 24

An anonymous reader quotes a report from ZDNet, written by Steven Vaughan-Nichols: Mainframes and AI? Isn't that something like a Model-T Ford with a Tesla motor? Actually, no. Mainframes are as relevant in 2022 as they were in the 1960s. IBM's new IBM z16, with its integrated on-chip Telum AI accelerator, is ready to analyze real-time transactions, at scale. This makes it perfect for mainframe mission-critical workloads such as healthcare and financial transactions. This 21st century Big Iron AI accelerator is built onto its core Telum processor. With this new dual-processor 5.2 GHz chip and its 16 cores, it can perform 300 billion deep-learning inferences per day with one-millisecond latency. Can you say fast? IBM can.

Anthony Saporito, a senior technical staff member for IBM Z hardware development, said "One of the Telum design's key innovations is we built an AI accelerator right onto the silicon of the chip and we directly connected all of the cores and built an ecosystem up the stack. Through the hardware design, firmware, the operating systems, and the software, deep learning is built into all of the transactions." According to Patrick Moorhead, Moor Insights & Strategy's chief analyst, "The AI accelerator is a game-changer. The z16 with z/OS has a 20x response time with 19x higher throughput when inferencing compared to a comparable x86 cloud server with 60ms average network latency."

The new model z16 also includes a so-called quantum-safe system to protect organizations from near-future threats that might crack today's encrypted files. This is done with the z16's support of the Crypto Express8S adapter. Built around a CCA cryptographic coprocessor and a PKCS #11 cryptographic coprocessor, it enables users to develop quantum-safe cryptography. It also works with classical cryptography. If you want your data and transactions to be safe both today and tomorrow, this deserves your attention.

Microsoft

Microsoft Brings Arm Support To Azure Virtual Machines (zdnet.com) 16

It's been a long road, but Microsoft announced on April 4 a preview of Arm support on Azure virtual machines via its work with Ampere Computing. ZDNet reports: Ampere is a startup that makes server chips. Ampere announced last year it had signed up Microsoft and Tencent Holdings as major customers. "We are now supporting Arm on Azure as well. This has been a long journey to bring up Ampere on Azure with Windows as the Root Host OS! we are also supporting Windows 11 Arm VMs in preview for developers!" tweeted Hari Pulapaka, the director of PM for Azure Host OS and the Windows OS platform. "FYI all Windows developers who have been asking for VM support in Azure, it's here now."

Azure VMs with Ampere Altra Arm-based processors will offer up to 50 percent better price-performance than comparable x86-based VMs for scale-out workloads, Microsoft officials said. These new VMs are also for Web servers, application servers, open-source databases, gaming servers, media servers, and more, they added. The preview is initially available in the West US 2, West Central US, and West Europe Azure regions. Ampere's announcement of the Azure VM preview is here.

OS X

'Infinite Mac' Project Lets You Boot Up Mac OS In Your Browser (arstechnica.com) 10

An anonymous reader quotes a report from Ars Technica: What makes the ["Infinite Mac"] project unique isn't necessarily the fact that it's browser-based; it has been possible to run old DOS, Windows, and Mac OS versions in browser windows for quite a while now. Instead, it's the creative solutions that developer Mihai Parparita has come up with to enable persistent storage, fast download speeds, reduced processor usage, and file transfers between the classic Mac and whatever host system you're running it on. Parparita details some of his work in this blog post.

Beginning with a late 2017 browser-based port of the Basilisk II emulator, Parparita wanted to install old apps to more faithfully re-create the experience of using an old Mac, but he wanted to do it without requiring huge downloads or running as a separate program as the Macintosh.js project does. To solve the download problem, Parparita compressed the disk image and broke it up into 256K chunks that are downloaded on demand rather than up front. "Along with some old fashioned web optimizations, this makes the emulator show the Mac's boot screen in a second and be fully booted in 3 seconds, even with a cold HTTP cache," Parparita wrote.

CPU usage was another issue. Old operating systems and processors didn't really distinguish between active and idle processor states -- your computer was either on or off. So when you emulate these old systems, they'll ramp one of your CPU cores to 100% whether you're actually using the emulator or not. Parparita used existing Basilisk II features to reduce CPU usage, only requiring full performance when "there was user input or a screen refresh was required." Infinite Mac won't run later releases of classic Mac OS (including 8.5, 8.6, and 9) because those releases ran exclusively on PowerPC Macs, dropping support for the old Motorola 68000-based processors. Emulators like QEMU are capable of emulating PowerPC Macs, but (at least as far as I am aware) there are no easy browser-based implementations that exist. Not yet, anyway.

Linux

Asahi Linux Is Reverse-Engineering Support For Apple Silicon, Including M1 Ultra (arstechnica.com) 46

An anonymous reader quotes a report from Ars Technica: For months, a small group of volunteers has worked to get this Arch Linux-based distribution up and running on Apple Silicon Macs, adapting existing drivers and (in the case of the GPU) painstakingly writing their own. And that work is paying off -- last week, the team released its first alpha installer to the general public, and as of yesterday, the software supports the new M1 Ultra in the Mac Studio. In the current alpha, an impressive list of hardware already works, including Wi-Fi, USB 2.0 over the Thunderbolt ports (USB 3.0 only works on Macs with USB-A ports, but USB 3.0 over Thunderbolt is "coming soon"), and the built-in display. But there are still big features missing, including DisplayPort and Thunderbolt, the webcam, Bluetooth, sleep mode, and GPU acceleration. That said, regarding GPU acceleration, the developers say that the M1 is fast enough that a software-rendered Linux desktop feels faster on the M1 than a GPU-accelerated desktop feels on many other ARM chips.

Asahi's developers don't think the software will be "done," with all basic M1-series hardware and functionality supported and working out of the box, "for another year, maybe two." By then, Apple will probably have introduced another generation or two of M-series chips. But the developers are optimistic that much of the work they're doing now will continue to work on future generations of Apple hardware with relatively minimal effort. [...] If you want to try Asahi Linux on an M1 Mac, the current installer is run from the command line and requires "at least 53GB of free space" for an install with a KDE Plasma desktop. Asahi only needs about 15GB, but the installer requires you to leave at least 38GB of free space to the macOS install so that macOS system updates don't break. From there, dual-booting should work similarly to the process on Intel Macs, with the alternate OS visible from within Startup Disk or the boot picker you can launch when your start your Mac. Future updates should be installable from within your new Asahi Linux installation and shouldn't require you to reinstall from scratch.

Slashdot Top Deals