posted about 1 month ago on OSNews
Given all of these changes, we wanted to explore how the T2 coprocessor was being used by Apple and how it currently fits into the larger system security model, as well as how this may evolve in the future. What follows is the first part of this exploration where we describe how the T2 coprocessor is used to implement Secure Boot on the iMac Pro, as well as comparing and contrasting this Secure Boot approach to those that have been present in Apple’s iDevices for a number of years. Detailed exploration of the T2 coprocessor in the new iMac Pro.

Read More...
posted about 1 month ago on OSNews
A coalition of Silicon Valley tech giants has doubled down on its criticism of encryption backdoors following a proposal that would give law enforcement access to locked and encrypted devices. The group, which focuses on efforts to reform government surveillance, said in a statement that it continues to advocate for strong encryption, and decried attempts to undermine the technology. The coalition consists of, among others, Google, Microsoft, and Apple.

Read More...
posted about 1 month ago on OSNews
In an exclusive piece of research, Check Point Researchers have carried out a revealing investigation into North Korea's home-grown anti-virus software, SiliVaccine. One of several interesting factors is that a key component of SiliVaccine's code is a 10-year-old copy of one of Trend Micro's, a Japanese company, software components. It also contained a piece of malware, so not much different from western anti-virus.

Read More...
posted about 1 month ago on OSNews
I've decided to write up a little history of ispc, the compiler I wrote when I was at Intel. There's a lot to say, so it'll come out in a series of posts over the next few weeks. While I've tried to get all the details right and properly credit people, this is all from my memory. For anyone who was around at the time, please send an email if you see any factual errors. The above links to the first part in the series - there's a table of contents for the entire series.

Read More...
posted about 1 month ago on OSNews
Regulation (EU) 2016/6791, the European Union's new General Data Protection Regulation ('GDPR'), regulates the processing by an individual, a company or an organisation of personal data relating to individuals in the EU. It doesn't apply to the processing of personal data of deceased persons or of legal entities. The rules don't apply to data processed by an individual for purely personal reasons or for activities carried out in one's home, provided there is no connection to a professional or commercial activity. When an individual uses personal data outside the personal sphere, for socio-cultural or financial activities, for example, then the data protection law has to be respected. A complete guide and overview of the new GDPR going into effect in the EU later this month. It's a very comprehensive set of privacy regulations that virtually all technology - and others - will have to comply with.

Read More...
posted about 1 month ago on OSNews
Mozilla's Nate Weiner: Content on the web is powerful. It enables us to learn new things, discover different perspectives, stay in touch with what's happening in the world, or just make us laugh. Making sure that stories like these - stories that are worth your time and attention - are discoverable and supported is central to what we care about at Pocket. It's important for quality content like this to thrive - and a critical way it's funded is through advertising. But unfortunately, today, this advertising model is broken. It doesn't respect user privacy, it's not transparent, and it lacks control, all the while starting to move us toward low quality, clickbait content. We believe the Internet can do better. So earlier this year, we started to explore a new model and showed an occasional sponsored story in Pocket's recommendation section on Firefox New Tab. Starting today, we're expanding this work further - now Firefox Nightly and Beta users may also see these sponsored stories. We're preparing for this feature to go fully live in May to Firefox users in the US with the Firefox 60 release. Luckily, you can turn this off.

Read More...
posted about 1 month ago on OSNews
All those little features add up: The phone is fun and easy to use. And so far, there's no serious downside. I mentioned it above; the experience is simultaneously high-end luxury yet while staying informed and in control of the device. I believe this is a very difficult mix to get right. IMO, Apple's been drifting away from the keep-the-user-in-control value. Maybe this sounds naive, but I'm completely surprised by how the product stands on its own. It's not in the shadow of iOS, not playing catch-up with Apple. I'm continuously seeing common problems solved in new ways. I'm sure we can have a civil, informed, and respectful discussion about this. To facilitate such, I'm going for a walk. With my iPhone 10, AirPods, and Apple Watch.

Read More...
posted about 1 month ago on OSNews
Today, Microsoft released the Windows 10 April 2018 Update, which adds a number of interesting new features to Windows, and adds even more Fluent Design to the user interface. The Verge lists the 10 biggest new features and changes, while WindowsCentral has a longer, more detailed review of the update. I've been running the final version of this update for a while now on my workstation and my Surface Pro 4, and this is one of those updates that adds nothing but welcome changes and new features. There are two 'features' that really make a huge difference to me, and which have me mildly excited about Windows for the first time in ages. The tentpole feature - Timeline - is really nice, and allows you to easily scroll back in time to look at applications, documents, websites, and more that you opened in the past. It's like the history feature of your browser, but instead of just websites, it also covers apps and documents, while also combining the histories of other Windows machines you own. Timeline will clearly raise a number of privacy concerns, so luckily, it's optional, and you can turn it off. The second 'feature' isn't really a feature per se, but more a clean-up of the Windows UI that's clearly an ongoing process. Microsoft is adding Fluent Design to all of its applications, and it's slowly adding it to core parts of the operating system as well, such as the Start menu and the various applets. Fluent Design adds some much-needed depth and distinctiveness to the otherwise flat user interface, and has nice, unobtrusive animations and highlighting effects that make using such a flat UI a lot less... Cold? It feels like the next big step in the "Fluent Design-ification" of Windows is a big one: Explorer. While Microsoft is replacing more and more old Win32 parts of the operating system with new, modern Fluent Design counterparts, Explorer is the one big holdout that's still fully Win32, looking horribly out of place among all the fast, new, and responsive Fluent Design parts of the operating system. I can't wait for a modern replacement. All in all, this is a no-brainer update that makes Windows better, so unless you have some specific reason to hold out on updates, go ahead and install it.

Read More...
posted about 1 month ago on OSNews
The billionaire chief executive of WhatsApp, Jan Koum, is planning to leave the company after clashing with its parent, Facebook, over the popular messaging service’s strategy and Facebook's attempts to use its personal data and weaken its encryption, according to people familiar with internal discussions. As the most popular messaging application in the world, WhatsApp is one of the largest treasure troves of user data not yet exploited for targeted advertising thanks to its end-to-end encryption. Facebook must be itching to start injecting ads into WhatsApp and to scan messages for optimal targeting.

Read More...
posted about 1 month ago on OSNews
This build is a 10cm x 10cm x 10cm replica of the NeXT Computer to house a Raspberry Pi computer. I designed and built this specifically with the aim of having it run some basic server tasks on my home network, such as storing revision control repositories etc. The necessary files to make your own are available. What a neat-looking case - I'd love a similar one, but slightly larger so it can house a mini-ITX board. I would love to build a Ryzen II machine in a case like this.

Read More...
posted about 1 month ago on OSNews
It's that time of year again - Haiku is going to participate in Google's Summer of Code, and this means interesting projects to follow. One of the three projects has the goal to bring XFS support to Haiku, while another wants to implement "an addon for Tracker to support the Git version control system". The last of the three projects aims to develop an SDHCI MMC for Haiku, which, from the description of the project, seems like a massive undertaking to me. Three fascinating projects to follow over the coming months.

Read More...
posted about 1 month ago on OSNews
As a follow-up to the story about Eric Lundgren being sentenced to prison, Microsoft published a blog post with "the facts" about the case. In the last few days there have been several stories about the sentencing of Eric Lundgren in a case that began in 2012, and we have received a number of questions about this case and our role in it. Although the case was not one that we brought, the questions raised recently have caused us to carefully review the publicly available court documents. All of the information we are sharing in this blog is drawn from those documents. We are sharing this information now and responding publicly because we believe both Microsoft’s role in the case and the facts themselves are being misrepresented. As a counterpoint to Microsoft's blog post, Techcrunch's Devin Coldewey claims Microsoft is trying to spin "the facts". Earlier this week Eric Lundgren was sentenced to 15 months in prison for selling what Microsoft claimed was "counterfeit software", but which was in fact only recovery CDs loaded with data anyone can download for free. The company has now put up a blog post setting "the facts" straight, though it's something of a limited set of those facts. "We are sharing this information now and responding publicly because we believe both Microsoft's role in the case and the facts themselves are being misrepresented," the company wrote. But it carefully avoids the deliberate misconception about software that it promulgated in court. At this point, we've covered all the possible angles on this story.

Read More...
posted about 1 month ago on OSNews
Eric Lundgren is resigned to doing prison time. After spending his life working on e-waste recycling programs, Lundgren was arrested and charged with "counterfeiting" Microsoft restore discs, part of a controversial, years-long legal fight that ended this week when an appeals court declined to overturn a lower court's decision. This is one of those cases where it's very easy to hide behind the letter of the law, but anybody with more than two independent braincells to rub together should realise this man should not be in prison. Laws exist to serve man; man does not exist to serve laws. Nothing is more dangerous to a society and civilization than people believing law rules over man.

Read More...
posted about 1 month ago on OSNews
Intel has announced that, once again, mass production of its 10-nanometer "Cannon Lake" chips will be delayed. The company is already shipping the chips in low volumes (though no one knows to whom at this point), but said it "now expects 10-nanometer volume production to shift to 2019 [rather than the end of 2018]." It announced the move in its first quarter earnings report, which saw it collect a record $16.1 billion in revenue and $4.5 billion in profit, a 50 percent jump over last year. Ryzen 2 is kicking butt, and Intel is delaying chips. Must be fun to work at Intel these days.

Read More...
posted about 1 month ago on OSNews
After the recent news about Linux applications coming to Chrome OS, we now also know what they will look like. The Chrome OS developers have been working out the stylistic elements of what you'll see once you open your first native Linux apps in Chrome OS, and they've opted for Adapta, a popular Material Design-inspired Gtk theme that can be used on many of your favorite GNU/Linux distributions. This project may finally make Linux on the desktop happen.

Read More...
posted about 1 month ago on OSNews
Apple has officially ended development on its AirPort line of products, which includes the AirPort Express ($99), the AirPort Extreme ($199), and the AirPort Time Capsule ($299). This makes me sad. I have the latest AirPort Extreme, and it's one of those products I have absolutely zero complaints about. It's easy to use, works like a charm, has far better performance than any other router I've ever had, and looks unassuming. If it ever fails. I'll probably take a look at something like Eero.

Read More...
posted about 1 month ago on OSNews
Downgrade prevention has been a cat-and-mouse game between consumers and companies since the inception of remote updates. The Nintendo Switch adopts a worrisome-strategy of preventing firmware downgrades by permanently modifying your device every time it updates. While this isn’t a new concept (the Xbox 360 was doing it back in 2007), it is part of a greater effort to prevent end users from modifying their devices to their liking. The Nintendo Switch use an Nvidia Tegra X1 SoC, which comes with a fuse driver. This allows it to programmatically blow fuses - permanently modifying the device, making it impossible to revert to a previous state. Despite being used in an anti-consumer manner, the technology is fascinating.

Read More...
posted about 1 month ago on OSNews
Let's say a machine in your corporate fleet gets infected with malware. How would you detect it? How could you find out what happened on the machine? What did the malware do? Did it steal your browser's passwords? What network connections did the malware make? Was it looking for crypto currency? By having good telemetry and a good host monitoring solution for your machines you can collect the context necessary to answer these important questions. Proper host monitoring on macOS can be very difficult for some organizations. It can be hard to find mature tools that proactively detect security incidents. Even when you do find a tool that fits all your needs, you may run into unexpected performance issues that make the machine nearly unusable by your employees. You might also experience issues like having hosts unexpectedly shut down due to a kernel panic. Even if you are able to pinpoint the cause of these issues you may still be unable to configure the tool to prevent the issue from recurring. Due to difficulties like these at Dropbox, we set out to find an alternative solution. Exactly what it says on the tin.

Read More...
posted about 1 month ago on OSNews
Here's all you need to know about Google's year-long secretive development of Linux app functionality in Chrome OS, also known as Project Crostini. In a nutshell, it's a way to run regular Linux applications on Chrome OS without compromising security or enabling developer mode. The (not yet available) official setting states that it's to "Run Linux tools, editors, and IDEs on your Chromebook." Crostini is a culmination of several years of development that enabled the functionality to run securely enough to meet Chrome OS's high-security standards. To understand why it's only just appearing, it's best to look at what came before. This should make easy to manage, safe, and secure ChromeBooks infinitely more attractive to developers.

Read More...
posted about 1 month ago on OSNews
It was a glorious sunny day in Wakefield and a very upbeat RISC OS show with lots of interesting hardware and software. You can see some show pictures, and here are my show notes if you were not able to attend. A detailed description of the Wakefield 2018 RISC OS show.

Read More...
posted about 1 month ago on OSNews
Let me preface this by saying that this is a (very) long and medium-rare technical article about the security considerations and minutiae of porting (most of) the Arcan ecosystem to work under OpenBSD. The main point of this article is not so much flirting with the OpenBSD crowd or adding further noise to software engineering topics, but to go through the special considerations that had to be taken, as notes to anyone else that decides to go down this overgrown and lonesome trail, or are curious about some less than obvious differences between how these things "work" on Linux vs. other parts of the world. You know you're getting something good with a preface like this.

Read More...
posted about 1 month ago on OSNews
Email is a necessity for most of us. We use it to stay in touch with colleagues and friends, keep up with the latest news, manage to-dos at home or at work - we just can't live without it. Today we announced major improvements to Gmail on the web to help people be more productive at work. Here's a quick look at how the new Gmail can help you accomplish more from your inbox. A major redesign of the Gmail web interface is now available for testing.

Read More...
posted about 1 month ago on OSNews
Nintendo Switch has been hacked, with two similar exploits released in the last 24 hours following a complete dump of the console's boot ROM. The hacks are hardware-based in nature and cannot be patched by Nintendo. The only way forward for the platform holder in fully securing the console will be to revise the Nvidia Tegra X1 processor itself, patching out the boot ROM bug. In the short term, homebrew code execution is possible and a full, touch-enabled version of Linux with 3D acceleration support is now available. I'm a little hesitant to try this out on my own Switch out of fear of messing it up and leaving me with a bricked console, but this is great news for the homebrew community.

Read More...
posted about 1 month ago on OSNews
Haiku's monthly activity report for March is out has been out for weeks now, and it contains some interesting nuggets as the team moves closer to beta, but one stood out to me: Kalisti5 got the PowerPC build working again. It is still not possible to boot PowerPC images very far, but at least it is now possible to compile them, and our buildbots are now happily doing so. I find it interesting that there's people at Haiku still working on PowerPC support. It'd be interesting if they ever manage to support Apple PowerPC hardware, if only to offer yet another choice besides MorphOS.

Read More...
posted about 1 month ago on OSNews
Windows 10 Lean appears to live up to its name: an installation is about 2GB smaller than Windows 10 Pro, and it is missing a bunch of things, such as desktop wallpaper, Registry Editor, the MMC management console, and more. Lucan reports that Lean does not seem to apply the same restrictions as S Mode, and as such it is capable of running both Universal Windows Programs from the Store and traditional Win32 applications. The latest build also has some new telephony APIs, which is fueling speculation of a Surface Phone.

Read More...