An anonymous reader quotes a report from 9to5Google: Smartphones have already obviated single-purpose gadgets like point-and-shoot cameras and MP3 players. Google today announced the Android Ready SE Alliance to make sure new phones have the underlying hardware to eventually replace car/home keys and wallets. "Emerging user features" -- digital keys, mobile driver's license (mDL), national ID, ePassports, and eMoney solutions (wallets) -- require two things. The first is tamper-resistant hardware, like the Pixel's Titan M chip, which makes possible tamper-resistant key storage for Android apps (to store data) called StrongBox. "All these features need to run on tamper-resistant hardware to protect the integrity of the application executables and a user's data, keys, wallet, and more," writes Google in a blog post. "Most modern phones now include discrete tamper-resistant hardware called a Secure Element (SE)."

Google has determined that "SE offers the best path for introducing these new consumer use cases in Android." To "accelerate adoption," the company and partners (Giesecke+Devrient, Kigen, NXP, STMicroelectronics, and Thales) today announced the Android Ready SE Alliance. Besides phones, StrongBox is also available for Wear OS, Android Auto Embedded, and Android TV. Google says it's currently focusing on digital car keys, mobile driver's license, and other identity credentials, with unnamed "Android OEMs adopting Android Ready SE for their devices."

On March 24, 2001, Mac OS X first became available to users around the world. Ars Technica's Samuel Axon reflects on the OS and the many new features and technologies it brought that we now take for granted. From the report: Of course, Mac OS X (or macOS 10 as it was later known) didn't quite survive to its 20th birthday; last year's macOS Big Sur update brought the version number up to 11, ending the reign of X. But despite its double life on x86 and ARM processors and its increasingly close ties to iOS and iPadOS, today's macOS is still very much a direct descendant of that original Mac OS X release. Mac OS X, in turn, evolved in part from Steve Jobs' NeXT operating system -- which had recently been acquired by Apple -- and its launch was the harbinger of the second Jobs era at Apple.

[Mac OS X] enabled Apple's laptops to wake up from sleep immediately, and it introduced dynamic memory management, among other things. Mac OS X's greatest impact in retrospect may be in the role it had in inspiring and propping up iOS, which has far surpassed macOS as Apple's most widely used operating system. [...] Despite Apple's resounding success in the second Steve Jobs era, as well as in the recent Tim Cook era, the Mac is still a relatively niche platform -- beloved by some, but skipped by much of the mainstream. After 20 years, a lot has changed, but a whole lot has stayed the same.

Following reports that a recent update to Windows 10 was causing blue screens as well as problems with printing, Microsoft issued a new series of updates to address the issues. But it seems that the problems caused by this month's Patch Tuesday updates are actually worse than first thought. BetaNews reports: Users with certain brands of printer experienced APC_INDEX_MISMATCH errors and blue screens, but now Microsoft has issued a warning that there may be additional problems with elements missing from print outs, or even entirely blank pages being output. The problematic updates are KB5000802, KB5000808, KB5000809 and KB5000822. In the support documentation for these four updates, Microsoft acknowledges the APC_INDEX_MISMATCH error problems and BSoDs, and directs people to install the relevant patches for their system. But the company now also acknowledges that there are more problems with the original updates than first appeared to be the case.

For each of these four updates Microsoft issues the same warning: "After installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps..." There is currently no fix, and Microsoft is not even able to offer a workaround right now. Instead, the company simply says: "We are working on a resolution and estimate a solution will be available in the coming days."

An official version of the popular 7-zip archiving program has been released for Linux for the first time. Bleeping Computer reports: Linux already had support for the 7-zip archive file format through a POSIX port called p7zip but it was maintained by a different developer. As the p7zip developer has not maintained their project for 4-5 years, 7-Zip developer Igor Pavlov decided to create a new official Linux version based on the latest 7-Zip source code. Pavlov has released 7-Zip for Linux in AMD64, ARM64, x86, and armhf versions, which users can download [via their respective links].

"These new 7-Zip binaries for Linux were linked (compiled) by GCC without -static switch. And compiled 32-bit executables (x86 and armhf) didn't work on some arm64 and amd64 systems, probably because of missing of some required .so files." "Please write here, if you have some advices how to compile and link binaries that will work in most Linux systems," Pavlov stated on his release page.

MojoKid writes: Some may think it strange to design and build an entire PC and custom enclosure, dedicated to running a 20-year-old screensaver, but retro computing fans and well-seasoned enthusiasts may remember the SereneScreen Marine Aquarium. This classic screensaver from the late 90s was created by the legendary artist of Defender of the Crown and more, Jim Sachs. SereneScreen's combination of beautiful fish and technology is still mesmerizing, so why not build a miniature, 3D-printed aquarium and power it with a single board computer like the Rock Pi X and a 1920X480 resolution IPS LCD display? That's just what product developer Colton Westrate did.

Searching for an x86 PC in a Raspberry Pi-sized form factor, Westrate chose the Rock Pi X that purportedly packs the perfunctory punch to push the Windows OS and aquarium screen saver's pulsating pixels. The Rock Pi X is based on a circa 2016 Intel x5-Z8350 processor, which is a 2-watt, quad-core Cherry Trail Atom chip. From there, with a little Fusion 360 parametric modeling, a clear acrylic napkin holder, and some serious skills, Westrate created this adorable pint-sized digital fish tank. There's a full parts list and how-to guide on HotHardware, along with links to the CAD files up on Thingiverse, so you can build yourself one too, if you're feeling inspired.

FastCompany has a feature story on Chrome OS, which has turned 10. The story talks about a new feature of Chrome OS: A new version of Chrome OS rolling out starting today will introduce a long-under-development Phone Hub feature that'll let you see and interact with notifications from your Android phone on your Chromebook, without any complex configuration or clunky software required. You'll also be able to silence your phone, adjust some of its settings, and see and access recent Chrome browser tabs you had open on the device right from your Chrome OS desktop.

Carefully examined clues in Google's open-source Chromium code suggest the system could eventually do even more -- with some indications that full-fledged phone-mirroring that would let you get access to all the apps and files on your phone from your Chromebook could be in the cards. I asked John Solomon's (VP and GM of Chrome OS at Google) colleague, Chrome OS Product Manager, Engineering, and UX Lead John Maletis, if and when such a capability might come online, and while he wouldn't outright confirm any future plans, he did allow that what we're seeing now is only scratching the surface. "You're just seeing the beginning," he says. "That little tiny Phone Hub real estate -- I would put a big 'Watch This Space' on it, because there's a lot of stuff we can and will do there." The publication also touched on Fuchsia, a new operating system that Google has been working on for several years: My final pressing question about the future of Chrome OS is simply how much of it there will be. In a familiar twist, the Android- and Chrome-OS-watching communities are once again filled with speculation that Google could be working to bring the two platforms together -- this time by way of a mysterious underdeveloped Google operating system known as Fuchsia.

Officially, Google says only that Fuchsia is an "open-source effort to create a production-grade operating system that prioritizes security, updatability, and performance" across a "broad range of devices." But the vague nature of its ultimate purpose along with some eyebrow-raising bits of progress in its development -- such as the recent move to allow the operating system to support both Android and Linux apps as native programs -- raise some interesting questions about what, exactly, Google is actually up to with the effort. Solomon declined to answer directly about if or how Fuchsia might one day replace or otherwise relate to Chrome OS (and there are certainly more nuanced, less black-and-white possibilities to consider), but he did offer up some broad thoughts on what Google hopes to accomplish as time wears on.

MIPS Technologies, the company that had been synonymous with the MIPS processor architecture, will now be developing processors based on RISC-V architecture. TuxPhones reports: The MIPS silicon manufacturer is one of the oldest RISC chip manufacturers, used in several systems since the late 80s. Characterized by clean and efficient designs, allowing adaption in varied applications, this company has been considered one of the most innovative in the market during its golden age - to the point that the Windows OS had a MIPS port in the early 90s. However, the company has been struggling with an increasingly lower market share and risked bankruptcy in recent years, ultimately leading to acquisition by start-up Wave Computing, which faced bankruptcy last year.

How this company was reborn just weeks ago, exiting the state of bankruptcy, is surprising, but not at all irrational: in its official statement, (the new) MIPS has become a member of RISC-V International, the non-profit organization managing the fully open-hardware ISA, substantially replacing their current architecture with the de facto open chip standard in its entirety. Licensing of the original MIPS architecture to third parties will probably be managed as before, so that the "old" architecture will remain available upon need. This is officially known as the "8th generation" of MIPS chips, indicating a total architectural gap from the previous seven iterations, essentially leaving the old architecture and fully embracing the new one. The Electronic Engineering Journal says it's likely that the new MIPS will continue to honor pre-existing licensing agreements, but it's unclear what level of support the company will offer for older MIPS-based chip designs.

David Plummer is a retired Microsoft operating systems engineer, "going back to the MS-DOS and Windows 95 days." (He adds that in the early '90s he'd fixed a few handle leaks in the early source code of Linux, "and sent my changes off to Linus at Rutgers.")

This weekend on YouTube he shared his thoughts on "the classic confrontation: Windows versus Linux," promising an "epic operating systems face-off." Some highlights: On Usability: "Linux's itself lacks a proper user interface beyond the command line. That command line can be incredibly powerful, particularly if you're adept with Bash or Zsh or similar, but you can't really describe it as particularly usable. Of course most distributions do come with a desktop user interface of some kind if you prefer, but as a bit of a shell designer myself, if I might be so bold, they're generally pretty terrible. At least the Mint distribution looks pretty nice.

"Windows, on the other hand, includes by default a desktop shell interface that, if you set aside the entirely subjective design aesthetics, is professionally designed, usability tested and takes into consideration the varying levels of accessibility required by people with different limitations. In terms of usability, particularly if you do include accessibility in that metric, Windows comes out ahead..."

On Updates: "Windows users are well served by a dedicated Windows Update team at Microsoft, but the process has occasionally had its hiccups and growing pains. It's very easy to update a Linux system, and while there's no professional team sitting by the big red phone ready to respond to Day Zero exploits, the updates do come out with reasonable alacrity, and in some cases you can even update the kernel without rebooting.

"Keep in mind, however, that Linux is a monolithic kernel, which means that it's all one big happy kernel. Almost everything is in there. If they hadn't started to add that ability a few years back, you'd be rebooting for every driver install. The reality is that some parts of the Linux kernel are just going to require a reboot, just as some parts of the Windows system are going to as well. I think we can likely all agree, however, that Windows software is hardly selective about rebooting the system, and you're asked to do it far too often.

"While we're on the topic of upgrades, we can't overlook the fact that upgrades are generally free in the Open Source world, unless you're using a pre-built distribution from a vendor. To it's credit, though, I don't remember the last time Microsoft actually charged for an operating system upgrade if you were just a normal end user or enthusiast. Still, this point goes to Linux."
Plummer also says he agrees with the argument that open source software is more open to security exploits, "simply because, all else equal, it's easy to figure out where the bugs are to exploit in the first place," while proprietary software has professional test organizations hunting for bugs. "I think it's a bit of a fallacy to rely on the 'many eyeballs' approach..."

Yet he still ultimately concludes Linux is more secure simply because the vast universe of Windows makes it a much more attractive target. Especially since most Windows users retain full administrator privileges...

Long-time Slashdot reader sproketboy shared a link to SvarDOS, "an open-source project that is meant to integrate the best out of the currently available DOS tools, drivers and games." From their site: DOS development has been abandoned by commercial players a very long time ago, mostly during early nineties. Nowadays, it survives solely through the efforts of hobbyists and retro-enthusiasts, but this is a highly sparse and unorganized ecosystem. SvarDOS aims to collect available DOS software, package it and make it easy to find and install applications using a network-enabled package manager (like apt-get, but for DOS and able to run even on a 8086 PC).

Once installed, SvarDOS is a minimalistic DOS system that offers only the FreeDOS kernel and the most basic tools for system administration. It is up to the user to install additional packages. Care is taken so SvarDOS remains 8086-compatible, at least in its most basic (core) configuration.

SvarDOS files are published under the terms of the MIT license. This applies only to SvarDOS-specific files, though - the packages supplied with SvarDOS may be subject to different licenses (GPL, BSD, Public Domain, Freeware...).

Slashdot reader b-dayyy quotes the Linux Security blog: While all Linux 'distros' — or distributed versions of Linux software — are secure by design, certain distros go above and beyond when it comes to protecting users' privacy and security. We've put together a list of our favorite specialized secure Linux distros and spoken with some of their lead developers to find out first-hand what makes these distros so great.
This "favorites" list cites six "excellent specialized secure Linux distros." Some highlights from the article:

• In a conversation with the LinuxSecurity editors, Qubes OS Community Manager Andrew David Wong elaborated, "Rather than attempting to fix all of the security bugs in software, Qubes assumes that all software is buggy and compartmentalizes it accordingly, so that when flaws are inevitably exploited, the damage is contained and the user's most valuable data is protected."

• A Kali Linux contributor provides some insight into the distro's history and the benefits it offers users: "Named after a Hindu goddess, Kali has been around for a long time — but it's still updated weekly, can be run in live mode or installed to a drive, and can also be used on ARM devices like Raspberry Pi."

Obviously there's strong opinions among Slashdot readers. So share your own thoughts in the comments.

What's the best Linux distro for enhanced privacy and security?

Hackaday writes: In the early years of personal computing there were a slew of serious contenders. A PC, a Mac, an Atari ST, an Amiga, and several more that all demanded serious consideration on the general purpose desktop computer market. Of all these platforms, the Amiga somehow stubbornly refuses to die. The Amiga 1200+ from [Jeroen Vandezande] is the latest in a long procession of post-Commodore Amigas, and as its name suggests it provides an upgrade for the popular early-1990s all-in-one Amiga model.

It takes the form of a well-executed open-source printed circuit board that's a drop-in replacement for the original A1200 motherboard... The catch: it does require all the custom Amiga chips from a donor board...

It's fair to say that this is the Amiga upgrade we'd all have loved to see in about 1996 rather than waiting until 2019.
Mike Bouma (Slashdot reader #85,252) shares a recent video showing the latest update of AmigaOS 4 by Hyperion Entertainment, and reminds us of two "also active" Amiga OS clones — AROS and MorphOS.

Further reading: Little Things That Made Amiga Great.

An anonymous reader quotes a report from Ars Technica: Bitflips are events that cause individual bits stored in an electronic device to flip, turning a 0 to a 1 or vice versa. Cosmic radiation and fluctuations in power or temperature are the most common naturally occurring causes. Research from 2010 estimated that a computer with 4GB of commodity RAM has a 96 percent chance of experiencing a bitflip within three days. An independent researcher recently demonstrated how bitflips can come back to bite Windows users when their PCs reach out to Microsoft's windows.com domain. Windows devices do this regularly to perform actions like making sure the time shown in the computer clock is accurate, connecting to Microsoft's cloud-based services, and recovering from crashes.

Remy, as the researcher asked to be referred to, mapped the 32 valid domain names that were one bitflip away from windows.com. Of the 32 bit-flipped values that were valid domain names, Remy found that 14 of them were still available for purchase. This was surprising because Microsoft and other companies normally buy these types of one-off domains to protect customers against phishing attacks. He bought them for $126 and set out to see what would happen.

Over the course of two weeks, Remy's server received 199,180 connections from 626 unique IP addresses that were trying to contact ntp.windows.com. By default, Windows machines will connect to this domain once per week to check that the time shown on the device clock is correct. What the researcher found next was even more surprising. "The NTP client for windows OS has no inherent verification of authenticity, so there is nothing stopping a malicious person from telling all these computers that it's after 03:14:07 on Tuesday, 19 January 2038 and wreaking unknown havoc as the memory storing the signed 32-bit integer for time overflows," he wrote in a post summarizing his findings. "As it turns out though, for ~30% of these computers doing that would make little to no difference at all to those users because their clock is already broken."

An anonymous reader quotes a report from Ars Technica: /e/ OS, the "open-source, pro-privacy, and fully degoogled" fork of Android, is coming to Canada and the USA. Of course, you've always been able to download the software in any region, but now (as first spotted by It's Foss News) the e Foundation will start selling preloaded phones in North America. Previously, /e/ only did business in Europe. Like normal, the e Foundation's smartphone strategy is to sell refurbished Samsung devices with /e/ preloaded. In the US, there are only two phones right now: the Galaxy S9 for $379.99 or a Galaxy S9+ for $429.99. North Americans still have reason to be jealous of Europe, where you can get /e/ preloaded on a Fairphone, which is also Europe-exclusive. These Samsung phones are used devices, but the site says the devices have "been checked and reconditioned to be fully working at our partner's facilities." The phones have a one-year warranty and are described as "Good-as-New" with "no surprises." An /e/ device means you'll be getting a fork of Android 10, and for ongoing support, the e Foundation says, "We aim to support with at least 3 years of software updates and security patches."

/e/ OS was founded by Gael Duval, the creator of Mandrake Linux, and the project describes itself as a "non-profit project in the public interest." /e/ is built a lot like a Linux distribution, in that it takes a curated collection of other open source projects, merges them into a single product, and does its best to fill in the remaining gaps. In this case, /e/ is based on LineageOS, the Android community's open source, device-ready version of Google's Android source code. The primary contribution of /e/ is filling in all the gaps left by the lack of Google apps, so there's an /e/ app store, an /e/ cloud storage and account system, and various Google-replacement apps like a Chromium-based browser, a fork of K-9 Mail for email, contacts, search, photos, etc. The company is even trying to build a Google Assistant replacement. Actually getting regular Android apps to run on a forked version of Android is a challenge. Google Play Services is built into many apps for things like push notifications, and there's a good chance that functionality won't work on /e/ OS. These apps will at least run on /e/ OS instead of exiting outright, thanks to the inclusion of MicroG, an open source project that hijacks Google API calls.

Linux overlord Linus Torvalds has revealed that inclement weather in the USA meant he recently endured six electricity-free days in his Portland, Oregon, home during which he was unable to tend to the kernel. As a result he therefore pondered adding an extra week to the merge window for version 5.12 of the Linux kernel. The Register reports: "As you can tell, I didn't do that," he said in his State of The Kernel update that announced release candidate one of the new kernel cut. "To a large part because people were actually very good about sending in their pull requests, so by the time I finally got power back, everything was nicely lined up and I got things merged up ok." It wasn't just penguinistas behaving well that helped. Torvalds said this version of the kernel has received around 10,000 commits. That's rather fewer than the 12,000 or 13,000 he usually sees.

In case anyone was inconvenienced by blackout-induced inability to merge, Torvalds said he's open to help any kernel devs for whom his unavailability caused problems but is not open to all late pulls. Torvalds rated the new release as offering "a fair amount of historical cleanup" on account of "removing the legacy OPROFILE support (the user tools have been using the "perf" interface for years), and removing several legacy SoC platforms and various drivers that no longer make any sense." Among the big inclusions in 5.12 are Clang Link-Time Optimizations, which make for better compiler performance, and support for Intel's eASIC NX5 silicon that aims to offer an alternative to FPGAs in edge and cloud applications. Qualcomm's Snapdragon 888 5G SoC also gains support.

AmiMoJo shares a report: Last month, the Linux Mint team published a post on the organization's official blog about the importance of installing security updates on machines running the Linux distribution. The essence of the post was that a sizeable number of Linux Mint devices was running outdated applications, packages or even an outdated version of the operating system itself. A sizeable number of devices run on Linux Mint 17.x, according to the blog post, a version of Linux Mint that reached end of support in April 2019. A new blog post, published yesterday, provides information on how the team plans to reduce the update reluctance of Linux Mint users. Next to showing reminders to users, Linux Mint's Update Manager may enforce some of the updates according to the blog post.

"In some cases the Update Manager will be able to remind you to apply updates. In a few of them it might even insist." Upcoming versions will provide information on the implementation, how the "insisting" part may look like, and whether the installation of updates will be enforced. All of this boils down to a single question: how far should operating system developers go when it comes to updates? BetaNews adds: "And now, it seems the Linux Mint developers are taking a page out of Microsoft's playbook by planning to force some updates on its users. Yes, folks, Linux Mint is becoming more like Windows 10."

Catalin Cimpanu, reporting for The Record: A fully weaponized exploit for the Spectre CPU vulnerability was uploaded on the malware-scanning website VirusTotal last month, marking the first time a working exploit capable of doing actual damage has entered the public domain. The exploit was discovered by French security researcher Julien Voisin. It targets Spectre, a major vulnerability that was disclosed in January 2018. [...] The vulnerability, which won a Pwnie Award in 2018 for one of the best security bug discoveries of the year, was considered a milestone moment in the evolution and history of the modern CPU. Its discovery, along with the Meltdown bug, effectively forced CPU vendors to rethink their approach to designing processors, making it clear that they cannot focus on performance alone, to the detriment of data security. Software patches were released at the time, but the Meltdown and Spectre disclosures forced Intel to rethink its entire approach to CPU designs going forward.

At the time, the teams behind the Meltdown and Spectre bugs published their work in the form of research papers and some trivial proof-of-concept code to prove their attacks. Shortly after the Meltdown and Spectre publications, experts at AV-TEST, Fortinet, and Minerva Labs spotted a spike in VirusTotal uploads for both CPU bugs. While initially there was a fear that malware authors might be experimenting with the two bugs as a way to steal data from targeted systems, the exploits were classified as harmless variations of the public PoC code published by the Meltdown and Spectre researchers and no evidence was found of in-the-wild attacks. But today, Voisin said he discovered new Spectre exploits -- one for Windows and one for Linux -- different from the ones before. In particular, Voisin said he found a Linux Spectre exploit capable of dumping the contents of /etc/shadow, a Linux file that stores details on OS user accounts.

Bill Gates "prefers the more open nature of the Android ecosystem, as it's more 'flexible' about how software interfaces with the OS," reports PC Magazine, citing remarks Gates made on Clubhouse to CNBC's Andrew Ross Sorkin: "I actually use an Android phone," Gates told Sorkin. "Because I want to keep track of everything, I'll often play around with iPhones, but the one I carry around happens to be Android. Some of the Android manufacturers pre-install Microsoft software in a way that makes it easy for me. They're more flexible about how the software connects up with the operating system. So that's what I ended up getting used to. You know, a lot of my friends have iPhone so there's no purity."

In 2019, Gates admitted the way he handled Microsoft's own mobile phone division was his "greatest mistake." Microsoft ended up letting Google transform Android into the only true rival for iPhone. Microsoft missed out on a $400 billion market at the time, something Gates deeply regrets. In 2017, however, he went ahead and adopted an Android phone.

During the interview, Davidson indicated that an Android version of Clubhouse could be on its way. He called it a "top feature," which could mean the iPhone Clubhouse could soon dissipate.

LG will make its webOS software available to other companies. From a report: The proprietary software on LG's own sets will be able to be licensed by outside TV brands, the company announced Wednesday. Notably, TV brands that choose to bring LG's software to their televisions will also get its Magic Motion remote, LG's very good cursor-like wand. It would also see the same voice control tools, algorithms, and apps -- including LG Channels -- included on those displays as well, the company said. "By welcoming other manufacturers to join the webOS TV ecosystem, we are embarking on a new path that allows many new TV owners to experience the same great UX and features that are available on LG TVs. We look forward to bringing these new customers into the incredible world of webOS TV," Park Hyoung-sei, president of the LG Home Entertainment Company, said in a statement.

Android users can now take advantage of the Password Checkup feature that Google first introduced in its Chrome web browser in late 2019, the OS maker announced today. From a report: On Android, the Password Checkup feature is now part of the "Autofill with Google" mechanism, which the OS uses to select text from a cache and fill in forms. The idea is that the Password Checkup feature will take passwords stored in the Android OS password manager and check them against a database containing billions of records from public data breaches and see if the password has been previously leaked online. If it has, a warning is shown to the user.

Samsung is upping the ante on Android updates and offering four years of security updates on many of its Android devices. The company's full update package is now three years of major OS updates and four years of security updates, besting even what Google offers on the Pixel line. From a report: In the announcement, Samsung says, "Over the past decade, Samsung has made significant progress in streamlining and speeding up its regular security updates. Samsung worked closely with its OS and chipset partners, as well as over 200 carriers around the world, to ensure that billions of Galaxy devices receive timely security patches." Samsung has experimented with bringing four years of updates to its own Exynos SoC devices, but now it looks like the company is getting Qualcomm models on board as well. Keep in mind that these are not necessarily monthly security updates. Samsung says it's delivering four years of "monthly or quarterly" updates, depending on the age of the device. Samsung's current security bulletin page has the Galaxy S9 (2018) on the monthly update plan, while the Galaxy S8 is on the quarterly plan. So it sounds like three years of monthly security updates and one more year of quarterly updates.