In the News Archive
Andrew S. Tanenbaum, professor emeritus of Computer Science at VU Amsterdam, receives the ACM Software System Award for MINIX, which influenced the teaching of Operating Systems principles to multiple generations of students and contributed to the design of widely used operating systems, including Linux. Tanenbaum created MINIX 1.0 in 1987 to accompany his textbook, Operating Systems: Design and Implementation. MINIX was a small microkernel-based UNIX operating system for the IBM PC, which was popular at the time. It was roughly 12,000 lines of code, and in addition to the microkernel, included a memory manager, file system and core UNIX utility programs. It became free open-source software in 2000. VU Amsterdam website Definitely a deserved award for Tanenbaum, and it’s a minuscule bit of pride that VU Amsterdam happens to be my Alma mater. He also wrote an article for OSAlert way back in 2006, detailing MINIX 3, which is definitely a cool notch to have on our belt.
GNU Nano, by far my favourite text editor when using the command line, released version 8.0 recently – and by recently I mean a month ago – and in it, there’s a pretty interesting additional feature that should make using Nano a little bit more straightforward for those not used to its key combinations. Command-line option –modernbindings (-/) makes ^Q quit, ^X cut, ^C copy, ^V paste, ^Z undo, ^Y redo, ^O open a file, ^W write a file, ^R replace, ^G find again, ^D find again backwards, ^A set the mark, ^T jump to a line, ^P show the position, and ^E execute. GNU Nano’s news page Basically, this option makes Nano’s key bindings a bit more in line with what you might expect as someone coming from a graphical environment. Of course, Nano’s keybindings are listed at the bottom of its user interface, but it’s still nice to have the option of making them more in line with the wider computing world. Instead of using the command-line option, you can also change the name of Nano’s executable, or a symlink to it, to start with “e”.
Google is killing off a messaging service! This one is the odd “Google Business Messaging” service—basically an instant messaging client that is built into Google Maps. If you looked up a participating business in Google Maps or Google Search on a phone, the main row of buttons in the place card would read something like “Call,” “Chat,” “Directions,” and “Website.” That “Chat” button is the service we’re talking about. It would launch a full messaging interface inside the Google Maps app, and businesses were expected to use it for customer service purposes. Google’s deeply dysfunctional messaging strategy might lead people to joke about a theoretical “Google Maps Messaging” service, but it already exists and has existed for years, and now it’s being shut down. Ron Amadeo at Ars Technica When it comes to Google, it’s often hard to distinguish meme from reality.
Speaking of The Verge, its parent company Vox Media, along with The Atlantic, have signed a deal with OpenAI. Two more media companies have signed licensing agreements with OpenAI, allowing their content to be used to train its AI models and be shared inside of ChatGPT. The Atlantic and Vox Media — The Verge’s parent company — both announced deals with OpenAI on Wednesday. Emilia David at The Verge In the case of Vox Media, the deal was made and announced without informing their staff, which obviously doesn’t sit well with especially Vox’ writers. By making deals like this, upper management gets to double-dip on the fruits of their workers’ labour – first, the published content generates ad revenues, and second, OpenAI pays them to use said content for training and other purposes. And once the “AI” gets good enough, more and more of the writers will be fired, leaving only a skeleton crew of lower-paid workers to clean up the “AI” output. With this deal, the writing is on the wall for every journalist at Vox Media – you’re currently contributing to your own obsolescence, and your bosses are getting paid for it. As far as I know, OSAlert’ owner, David, has not yet been contacted by OpenAI. Regardless, I’ll sell the past 20-odd years of my terrible takes for 69 million euros, after deducting Swedish taxes. And since OpenAI is run by billionaires: taxes are this thing where normal people pay a portion of their income to the government in return for various government services. It’s wild, I know.
iFixit is ending its collaboration with Samsung, as iFixit claims the Korean giant is not actually interested in offering repair options at all. As we tried to build this ecosystem we consistently faced obstacles that made us doubt Samsung’s commitment to making repair more accessible. We couldn’t get parts to local repair shops at prices and quantities that made business sense. The part prices were so costly that many consumers opted to replace their devices rather than repair them. And the design of Samsung’s Galaxy devices remained frustratingly glued together, forcing us to sell batteries and screens in pre-glued bundles that increased the cost. Scott Head Honestly, this doesn’t surprise me. Unless right to repair legislation becomes more widespread and stricter, corporations will inevitably drag their feet in honouring any right to repair commitments and promises they make.
After Broadcom acquired VMware, there’s been a steady stream of worrying or outright bad news for people using VMware products at home, for personal use, as enthusiasts. The biggest blow to the enthusiast market was the end of perpetual licensing, forcing people into subscriptions instead. Finally, though it seems we’re getting some good news. The most exciting part is that Fusion Pro and Workstation Pro will now have two license models. We now provide a Free Personal Use or a Paid Commercial Use subscription for our Pro apps. Users will decide based on their use case whether a commercial subscription is required. This means that everyday users who want a virtual lab on their Mac, Windows or Linux computer can do so for free simply by registering and downloading the bits from the new download portal located at support.broadcom.com. Michael Roy on the VMware blog This is definitely good news for us enthusiasts, and it means I won’t have to buy a cheap VMware license off eBay every few years anymore, so I’m quite satisfied here. However, with VMware under Broadcom focusing more and more on the enterprise and squeezing every last penny out of those customers, one has to wonder if this ‘free for personal use’ is just a prelude to winding down the development of enthusiasts’ tools altogether. It wouldn’t be the first time that a product going free for personal use was a harbinger of worse things yet to come.
Window management in Emacs gets a bad rap. Some of this is deserved, but mostly this is a consequence of combining a very flexible and granular layout system with rather coarse controls. This leaves the door open to creating and using tools for handling windows that employ and provide better metaphors and affordances. As someone who’s spent an unnecessary amount of time trying different approaches to window management in Emacs over the decades, I decided to summarize them here. Almanac might be overstating it a bit – this is a primer to and a collection of window management resources and tips. Karthik Chikmagalur I honestly had no idea Emacs was this… Advanced, complex, and feature-laden. I mean, I thought Emacs’ complexity was just a meme, but reading this article it seems the memes don’t do it justice.
I want to run GoToSocial on some *BSD system. Because I am who I am, I went for using NetBSD 10.0 . And because my hypervisor is running bhyve on OmniOS , you get the title of this blog post. Don’t get too anxious, it is quite straightforward. So let the journey begin. Joel Carnat Bhyve is a hypervisor originating from FreeBSD, while OmniOS is a distribution of illumos, a continuation of the last open source Solaris release from Oracle. GoToSocial, meanwhile, is an ActivityPub social network server, so it belongs in the same family as Mastodon, Glitch, Akkoma, and countless others. This guide makes this whole process look like a piece of cake, so if you’ve ever been interested in running your own ActivityPub server – read on. On a slightly related sidenote, there’s no OSAlert AT instance, partly because I don’t want to deal with the moderation and costs, and partly because I’m incredibly happy being a member of Exquisite, a Glitch instance running on OpenBSD, managed by OpenBSD enthusiasts. Never say never, of course, but the odds of seeing an OSAlert AT instance in the future are very slim.
Cory Doctorow, nailing it as usual. If you care about how people are treated by platforms, you can’t just tell them to pay for services instead of using ad-supported media. The most important factor in getting decent treatment out of a tech company isn’t whether you pay with cash instead of attention – it’s whether you’re locked in, and thus a flight risk whom the platform must cater to. Cory Doctorow I’m sick and tired of the phrase “if you’re not paying for the product, you’re the product”, because it implies that if just you pay for a product or service, you’re not going to be treated like ass. The problem is, as Doctorow points out, that this simply is not supported by the evidence, and that it isn’t whether or not you’re paying that makes you have a good or bad experience – it’s whether or not you’re locked in. If you’ve got nowhere else to go, then corporations can treat you like ass. There are so, so many free services and products I use where I’m anything but a “product”. My Linux distribution of choice, Fedora. My web browser, Firefox. The countless open source applications I use on my desktops, laptops, and smartphone. Those are all cases where even though I’m not paying, I know I’m being treated with respect, and I feel entirely comfortable with all of those. And no, you don’t get to exclude the open source world just because it’s inconvenient for the “you’re the product” argument. There are also countless services and products where the opposite is true; I’m a paying customer, but I still feel like I’m the product. I pay for additional Google Drive storage. I pay for an Office 364 subscription because I needed it as a translator (I’m working on OSAlert full-time now, and could use your help keeping the site going), but I can’t cancel it because my wife, my parents, and my parents-in-law use that same subscription. We pay for Netflix and one or two other video services. I don’t know if our ISP or wireless provider do anything malicious, but it wouldn’t surprise me. And so on. Being a paying customer means nothing. It’s how easy it is for you to stop being a customer that matters.
Broadcom CEO Hock Tan this week publicized some concessions aimed at helping customers and partners ease into VMware’s recent business model changes. Tan reiterated that the controversial changes, like the end of perpetual licensing, aren’t going away. But amid questioning from antitrust officials in the European Union (EU), Tan announced that the company has already given support extensions for some VMware perpetual license holders. Scharon Harding at Ars Technica I’m linking to the Ars Technica writeup here, because the original blog post from Broadcom’s CEO is effectively unreadable to me, as steeped in corpospeak as it is. The basic gist is that the storm of criticism that’s been hovering around Broadcom ever since the changes it announced to VMware’s licensing strategy isn’t going away, and even attracted the attention of the European Union. As such, Broadcom is giving existing perpetual VMware license holders some breathing room, but not much, and their plans will be executed as-is regardless. I doubt Broadcom and VMware are big and crucial enough for the full might of the EU to come down on them, so I don’t think we’ll see any sudden turnarounds like we did with Apple and Facebook, for instance, but at least some cracks are clearly starting to show. If the aforementioned storm keeps up, pressure from customers might actually force more concessions out of Broadcom.
Proton is Firefox’s new design, starting from Firefox 89. Photon is the old design of Firefox which was used until version 88. Proton’s overall feel is good, but there were a few things I didn’t like and wanted to improve.That’s why this project was born, and Lepton to denote light theme layer. Lepton’s photon styled is preserve Photon’s feeling while keep Original Lepton’s strengths. Firefox UI Fix GitHub page I do not like the current Firefox user interface, because even with the ‘compact’ layout re-enabled in about:config, I find it just too bulky and wasteful of my screen real estate. I’ve been using the above Firefox user interface mod for ages now, and I can’t imagine using Firefox without it. The GitHub pages and guides are a bit of a mess and difficult to follow due to the project consisting of several overlapping different styles, but I just use the script listed here, selecting the style “2” when running the script. It won’t be for everyone, but for me, it makes Firefox nice and compact, turning it into a mouse-first interface without trying to accommodate touch. This is also by far not the only project with this goal, so if you’re using something else – feel free to list them.
DwarFS is a read-only file system with a focus on achieving very high compression ratios in particular for very redundant data. DwarFS also doesn’t compromise on speed and for my use cases I’ve found it to be on par with or perform better than SquashFS. For my primary use case, DwarFS compression is an order of magnitude better than SquashFS compression, it’s 6 times faster to build the file system, it’s typically faster to access files on DwarFS and it uses less CPU resources. DwarfFS GitHub page DwarfFS supports both Linux, macOS, and Windows, but macOS and Windows support is experimental at this point. It seems to have higher compression ratios at faster speeds than various alternatives, so if you have a use case for compression file systems – give DwarfFS a look.
It was Stability’s armada of GPUs, the wildly powerful and equally expensive chips undergirding AI, that were so taxing the company’s finances. Hosted by AWS, they had long been one of Mostaque’s bragging points; he often touted them as one of the world’s 10 largest supercomputers. They were responsible for helping Stability’s researchers build and maintain one of the top AI image generators, as well as break important new ground on generative audio, video and 3D models. “Undeniably, Stability has continued to ship a lot of models,” said one former employee. “They may not have profited off of it, but the broader ecosystem benefitted in a huge, huge way.” But the costs associated with so much compute were now threatening to sink the company. According to an internal October financial forecast seen by Forbes, Stability was on track to spend $99 million on compute in 2023. It noted as well that Stability was “underpaying AWS bills for July (by $1M)” and “not planning to pay AWS at the end of October for August usage ($7M).” Then there were the September and October bills, plus $1 million owed to Google Cloud and $600,000 to GPU cloud data center CoreWeave. (Amazon, Google and CoreWeave declined to comment.) Kenrick Cai and Iain Martin As a Dutch person, I can smell a popping bubble from a mile away, even if tulipmania is most likely anti-Dutch British propaganda. In all seriousness, there’s definitely signs that the insane energy and compute costs of artificial image and video generation in particular are rising at such an insane pace it’s simply unsustainable for the popularity of these tools to just keep rising. Eventually someone’s going to have to pay, and I wonder just how much regular people are willing to pay for this kind of stuff.
One alternative to ESXi for home users and small organizations is Proxmox Virtual Environment, a Debian-based Linux operating system that provides broadly similar functionality and has the benefit of still being an actively developed product. To help jilted ESXi users, the Proxmox team has just added a new “integrated import wizard” to Proxmox that supports importing of ESXi VMs, easing the pain of migrating between platforms. Andrew Cunningham at Ars Technica It’s of course entirely unsurprising other projects and companies were going to try and capitalise on Broadcom’s horrible management of its acquisition of VMware.
While Ladybird does an okay job with well-formed web content, I thought it would be useful to throw some security research tools at it and see what kind of issues it might reveal. So today we’ll be using “Domato”, a DOM fuzzer from Google Project Zero, to stress test Ladybird and fix some issues found along the way. The way this works is that Domato generates randomized web pages with lots of mostly-valid but strange HTML, CSS and JavaScript. I then load these pages into a debug build of Ladybird and observe what happens. Andreas Kling I have high hopes for Ladybird.
On Wednesday, Midjourney banned all employees from image synthesis rival Stability AI from its service indefinitely after it detected “botnet-like” activity suspected to be a Stability employee attempting to scrape prompt and image pairs in bulk. Midjourney advocate Nick St. Pierre tweeted about the announcement, which came via Midjourney’s official Discord channel. Benj Edwards So “AI” companies are allowed to ingest whatever data they want, but as soon as someone ingests their data, it’s suddenly a problem? Seems like a sound business model.
Baldur Bjarnason has written an excellent piece to explain why, exactly, companies like Apple seem wholly incapable of working with the EU, instead of against it. He argues – quite effectively – that Apple, and US tech punditry in general, simply do not understand the EU, nor are they willing to spend even 10 minutes to understand it, which is really all you need. The core premise of the EU, its very primary function, is to enable and protect the single market. A great example of this is the ban on roaming charges – mobile phone carriers in EU are not allowed to charge extra for using mobile voice and data services in another EU country. From the EU’s perspective, taking action to prevent private parties from fragmenting and taking private control over the single market simultaneously grew the economy and increased consumer surplus. This is the operating theory behind much of the actions the EU takes regarding market regulation and product standardisation: a single market built on standards is more profitable for both businesses and consumers. Baldur Bjarnason And because Apple and its tech punditry refuse to try and understand the party they are dealing with, they get caught looking like childish idiots every time they open their mouths about it. Normally when the EU regulates a given sector, it does so with ample lead time and works with industry to make sure that they understand their obligations. Apple instead thought that the regulatory contact from the EU during the lead time to the DMA was an opportunity for it to lecture the EU on its right to exist. Then its executives made up some fiction in their own minds as to what the regulation meant, announced their changes, only to discover later that they were full of bullshit. This was entirely Apple’s own fault. For months, we’ve been hearing leaks about Apple’s talks with the EU about the Digital Market Act. Those talks were not negotiations even though Apple seems to have thought they were. Talks like those are to help companies implement incoming regulations, with some leeway for interpretation on the EU’s side to accommodate business interests. Remember what I wrote about electrical plugs? The EU is pro-business – often criticised for being essentially a pro-business entity – and not in favour of regulation for regulation’s sake. If Apple had faced reality and tried to understand the facts as they are, they would have used the talks to clarify all of these issues and more well in advance of the DMA taking effect. But they didn’t because they have caught the tech industry management disease of demanding that reality bend to their ideas and wishes. Baldur Bjarnason What a lot of people – both inside and outside the EU – do not grasp is that while we all know the EU has shortcomings and issues, in general, the EU is uncharacteristically (for a government agency) popular among EU citizens, no matter the country of origin. That’s because we, as EU citizens, and especially as EU citizens who do anything international, know just how ridiculously beneficial the EU has been for trade, business, the economy, travel, and so much more. Apple can keep acting like a whiny trust fund boy who thinks the world owes them everything, but they’ll have to deal with the consequences. Continued violation of the DMA can lead to fines of up to 10% of revenue. That’s 38 billion dollars. I secretly hope Apple keeps this childish behaviour up. It’s deeply entertaining.
The European organisation for crash testing and car safety, Euro NCAP has announced that starting in 2026, cars will need physical controls in their interiors to gain the highest safety ratings. “The overuse of touchscreens is an industry-wide problem, with almost every vehicle-maker moving key controls onto central touchscreens, obliging drivers to take their eyes off the road and raising the risk of distraction crashes,” said Matthew Avery, Euro NCAP’s director of strategic development. “New Euro NCAP tests due in 2026 will encourage manufacturers to use separate, physical controls for basic functions in an intuitive manner, limiting eyes-off-road time and therefore promoting safer driving,” he said. Jonathan M. Gitlin at Ars Technica Excellent news, and it’s taken regulators and safety organisations way too long to long to adapt to the growing menace of touch screens in cars.
Embedded software is used in safety-critical systems such as medical devices and autonomous vehicles, where software defects, including security vulnerabilities, have severe consequences. Most embedded codebases are developed in unsafe languages, specifically C/C++, and are riddled with memory safety vulnerabilities. To prevent such vulnerabilities, RUST, a performant memory-safe systems language, provides an optimal choice for developing embedded software. RUST interoperability enables developing RUST applications on top of existing C codebases. Despite this, even the most resourceful organizations continue to develop embedded software in C/C++. This paper performs the first systematic study to holistically understand the current state and challenges of using RUST for embedded systems. Our study is organized across three research questions. We collected a dataset of 2,836 RUST embedded software spanning various categories and 5 Static Application Security Testing ( SAST) tools. We performed a systematic analysis of our dataset and surveys with 225 developers to investigate our research questions. We found that existing RUST software support is inadequate, SAST tools cannot handle certain features of RUST embedded software, resulting in failures, and the prevalence of advanced types in existing RUST software makes it challenging to engineer interoperable code. In addition, we found various challenges faced by developers in using RUST for embedded systems development. Ayushi Sharma, Shashank Sharma, Santiago Torres-Arias, Aravind Machiry Some light reading.
On Friday, Bloomberg reported that Reddit has signed a contract allowing an unnamed AI company to train its models on the site’s content, according to people familiar with the matter. The move comes as the social media platform nears the introduction of its initial public offering (IPO), which could happen as soon as next month. Reddit initially revealed the deal, which is reported to be worth $60 million a year, earlier in 2024 to potential investors of an anticipated IPO, Bloomberg said. The Bloomberg source speculates that the contract could serve as a model for future agreements with other AI companies. Benj Edwards at Ars Technica Properly paying for the content you’re feeding into your “AI” model is a huge improvement over just taking it without users’ consent, but it does add yet another area of concern for users of all kinds of platforms. Whatever you write, create, or post might be fed into “AI” models without you ever realising it, and while the platform you use gets paid for that, you aren’t. In any event, OSAlert is not selling your comments to an “AI” company, but with how old we are, there’s no doubt both your comments and our stories have already found their way into countless “AI” black holes.
