Monthly Archives: June 2022

Apple will allow Linux VMs to run Intel apps with Rosetta in macOS Ventura

Source: Ars Technica

Article note: This is a pretty nifty bit of tech, and uncharacteristically exposed for Apple. Some folks seem to have pulled the binary and run it on Linux boxes running on other AARCH64 chips with x86 style memory ordering and it seems to just work for the most part.
Apple will allow Linux VMs to run Intel apps with Rosetta in macOS Ventura

Enlarge (credit: Apple)

One of the few things that Intel Macs can do that Apple Silicon Macs can't is run operating systems written for Intel or AMD processors inside of virtual machines. Most notably, this has meant that there is currently no legal way to run Windows on an Apple Silicon Mac.

Apple Silicon Macs can, however, run operating systems written for Arm processors inside of virtual machines, including other versions of macOS and Arm-compatible versions of Linux. And those Linux VMs are getting a new feature in macOS Ventura: the ability to run apps written for x86 processors using Rosetta, the same binary translation technology that allows Apple Silicon Macs to run apps written for Intel Macs.

Apple's documentation will walk you through the requirements for using Rosetta within a Linux guest operating system—it requires creating a shared directory that both macOS and Linux can access and running some terminal commands in Linux to get it set up. But once you do those steps, you'll be able to enjoy the wider app compatibility that comes with being able to run x86 code as well as Arm code.

Read 3 remaining paragraphs | Comments

Posted in News | Leave a comment

When Patents Attack 3D Printing: The HangPrinter Is In Peril

Source: Make: Online

Article note: That's some bullshit. The HangPrinter design has been around in public for almost a decade.
When Patents Attack 3D Printing: The HangPrinter Is In Peril

Today I saw some sad news. Apparently, a patent has been rewarded to someone in the U.S. for the HangPrinter, someone who is not Torbjorn Ludvigsen, the original creator who released the project as Open Source back in 2014. Yesterday, Torbjorn shared on twitter that he has released a gofundme to help fight the legal […]

The post When Patents Attack 3D Printing: The HangPrinter Is In Peril appeared first on Make: DIY Projects and Ideas for Makers.

Posted in News | Leave a comment

Meeting Owl videoconference device used by govs is a security disaster

Source: Ars Technica

Article note: Ooh. UK's ECE department has a couple of these things, and frankly the user experience is superb... turns out like many pandemic-expedient telecom tools, they're a security clusterfuck.
Meeting Owl videoconference device used by govs is a security disaster

Enlarge (credit: Owl Labs)

The Meeting Owl Pro is a videoconference device with an array of cameras and microphones that captures 360-degree video and audio and automatically focuses on whoever is speaking to make meetings more dynamic and inclusive. The consoles, which are slightly taller than an Amazon Alexa and bear the likeness of a tree owl, are widely used by state and local governments, colleges, and law firms.

A recently published security analysis has concluded the devices pose an unacceptable risk to the networks they connect to and the personal information of those who register and administer them. The litany of weaknesses includes:

  • The exposure of names, email addresses, IP addresses, and geographic locations of all Meeting Owl Pro users in an online database that can be accessed by anyone with knowledge of how the system works. This data can be exploited to map network topologies or socially engineer or dox employees.
  • The device provides anyone with access to it with the interprocess communication channel, or IPC, it uses to interact with other devices on the network. This information can be exploited by malicious insiders or hackers who exploit some of the vulnerabilities found during the analysis
  • Bluetooth functionality designed to extend the range of devices and provide remote control by default uses no passcode, making it possible for a hacker in proximity to control the devices. Even when a passcode is optionally set, the hacker can disable it without first having to supply it.
  • An access point mode that creates a new Wi-Fi SSID while using a separate SSID to stay connected to the organization network. By exploiting Wi-Fi or Bluetooth functionalities, an attacker can compromise the Meeting Owl Pro device and then use it as a rogue access point that infiltrates or exfiltrates data or malware into or out of the network.
  • Images of captured whiteboard sessions—which are supposed to be available only to meeting participants—could be downloaded by anyone with an understanding of how the system works.

Glaring vulnerabilities remain unpatched

Researchers from modzero, a Switzerland- and Germany-based security consultancy that performs penetration testing, reverse engineering, source-code analysis, and risk assessment for its clients, discovered the threats while conducting an analysis of videoconferencing solutions on behalf of an unnamed customer. The firm first contacted Meeting Owl-maker Owl Labs of Somerville, Massachusetts, in mid-January to privately report their findings. As of the time this post went live on Ars, none of the most glaring vulnerabilities had been fixed, leaving thousands of customer networks at risk.

Read 12 remaining paragraphs | Comments

Posted in News | Leave a comment

Science Is Getting Harder

Source: Hacker News

Article note: This is a neat argument.
Comments
Posted in News | Leave a comment

Google is combining Meet and Duo into a single app for voice and video calls

Source: The Verge - All Posts

Article note: Google's chat service flailing is truly a thing to behold.
Second screen in Google Meet
Meet is Google’s calling app of the future. | Image: Google

Google announced today that it’s combining two of its video-calling apps, Duo and Meet, into a single platform. Pretty soon, there will be only Google Meet, and Google’s hoping it can be the one calling app users need for just about everything in their lives.

By bringing them both together, Google’s hoping it can solve some of what ails modern communication tools. “What’s been really important is understanding how people make the choice as to what tool they’re going to use, for what purpose, in what circumstance,” says Javier Soltero, the head of Google Workspace. Our digital lives are filled with a million different chat apps, each with its own rules and norms and contact list, some for work purposes and some for personal ones. Google’s...

Continue reading…

Posted in News | Leave a comment