Monthly Archives: September 2024

Arch Linux and Valve deepen ties with direct collaboration

Posted on 2024-09-30 by pappp

Source: OSNews

Article note: I'm super pleased by this situation. Arch is my long-term home, and Valve is being a good citizen and supporting projects they use without coercing them.

When Valve took its second major crack at making Steam machines happen, in the form of the Steam Deck, one of the big surprises was the company’s choice to base the Linux operating system the Steam Deck uses on Arch Linux, instead of the Debian base it was using before. It seems this choice is not only benefiting Valve, but also Arch.

We are excited to announce that Arch Linux is entering into a direct collaboration with Valve. Valve is generously providing backing for two critical projects that will have a huge impact on our distribution: a build service infrastructure and a secure signing enclave. By supporting work on a freelance basis for these topics, Valve enables us to work on them without being limited solely by the free time of our volunteers.

↫ Levente Polyak

This is great news for Arch, but of course, also for Linux in general. The work distributions do to improve their user experience tend to be picked up by other distributions, and it’s clear that Valve’s contributions have been vast. With these collaborations, Valve is also showing it’s in it for the long term, and not just interested in taking from the community, but also in giving, which is good news for the large number of people now using Linux for gaming.

The Arch team highlights that these projects will follow the regular administrative and decision-making processes within the distribution, so we’re not looking at parallel efforts forced upon everyone else without a say.

Posted in News | Leave a comment

Reddit is making sitewide protests basically impossible

Posted on 2024-09-30 by pappp

Source: The Verge - All Posts

Article note: I've been actively reducing my reddit use for some time now, because they've so clearly entered the "Extraction" phase. Don't build your communities in walled gardens.
An image showing the Reddit logo on a red and white background
Illustration: The Verge

Reddit is giving its staff a lot more power over the communities on its platform. Starting today, Reddit moderators will not be able to change if their subreddit is public or private without first submitting a request to a Reddit admin. The policy applies to adjusting all community types, meaning moderators will have to request to make a switch from safe for work to not safe for work, too.

By requiring admin approval for the changes, Reddit is taking away a lever many communities used to protest the company’s API pricing changes last year. By going private, the community becomes inaccessible to the public, making the platform less usable for the average visitor. And that’s part of the reason behind the change.

“The ability to instantly...

Continue reading…

Posted in News | Leave a comment

Varlink – IPC to replace D-Bus gradually in systemd

Posted on 2024-09-29 by pappp

Source: Hacker News

Article note: Interesting. DBus is ...kind of nasty... and the result of compromising on a defacto standard after an incompatible clusterfuck (DCOP/Bonobo) because a now-dead third party (Linux HAL) was hitched to it. It's now spread _everywhere_ because Systemd hitched to it. And now they're working on a gradual successor because (1) they effectively control the ecosystem so they can do whatever they want above the kernel and (2) the kernel folk wouldn't let them inject the half-baked kdbus/bus1 scheme into the kernel to work around performance issues and further canonicalize themselves. At least it seems to be reasonably sanely designed for purpose. I'm not excited to see JSON as the serialization format in system level stuff, but I guess it is defacto standard.
Comments
Posted in News | Leave a comment

HP injects AI into its printers

Posted on 2024-09-27 by pappp

Source: Hacker News

Article note: Aside from the whole "This means my document is being parsed and manipulated, probably over the internet rather than locally" concerns, remember a decade ago when some Xerox copiers tried to do smart heuristic enhancement which would cause them to ...randomly change digits in numbers under certain circumstances? We apparently learned nothing.
Comments
Posted in News | Leave a comment

NIST Recommends Some Common-Sense Password Rules

Posted on 2024-09-26 by pappp

Source: Schneier on Security

Article note: Let's hope some fuckers start following this advice, because we're currently in an age of "You have to regularly change your password following rules so arcane you have to carefully construct a password to comply with them, then two-factor with some bullshit third party that frequently doesn't work."

NIST’s second draft of its “SP 800-63-4“—its digital identify guidelines—finally contains some really good rules about passwords:

The following requirements apply to passwords:

  1. lVerifiers and CSPs SHALL require passwords to be a minimum of eight characters in length and SHOULD require passwords to be a minimum of 15 characters in length.
  2. Verifiers and CSPs SHOULD permit a maximum password length of at least 64 characters.
  3. Verifiers and CSPs SHOULD accept all printing ASCII [RFC20] characters and the space character in passwords.
  4. Verifiers and CSPs SHOULD accept Unicode [ISO/ISC 10646] characters in passwords. Each Unicode code point SHALL be counted as a signgle character when evaluating password length.
  5. Verifiers and CSPs SHALL NOT impose other composition rules (e.g., requiring mixtures of different character types) for passwords.
  6. Verifiers and CSPs SHALL NOT require users to change passwords periodically. However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.
  7. Verifiers and CSPs SHALL NOT permit the subscriber to store a hint that is accessible to an unauthenticated claimant.
  8. Verifiers and CSPs SHALL NOT prompt subscribers to use knowledge-based authentication (KBA) (e.g., “What was the name of your first pet?”) or security questions when choosing passwords.
  9. Verifiers SHALL verify the entire submitted password (i.e., not truncate it).

Hooray.

News article.Shashdot thread.

Posted in News | Leave a comment

Sony, Ubisoft scandals prompt Calif. ban on deceptive sales of digital goods

Posted on 2024-09-26 by pappp

Source: Ars Technica

Article note: We needed this regulation widely implemented like 20 years ago. If it isn't covered by first sale doctrine, you aren't "buying" it. If a vendor controlled server controls your access, you aren't "buying" it.
Sony, Ubisoft scandals prompt Calif. ban on deceptive sales of digital goods

Enlarge (credit: Carol Yepes | Moment)

California recently became the first state to ban deceptive sales of so-called "disappearing media."

On Tuesday, Governor Gavin Newsom signed AB 2426 into law, protecting consumers of digital goods like books, movies, and video games from being duped into purchasing content without realizing access was only granted through a temporary license.

Sponsored by Democratic assemblymember Jacqui Irwin, the law makes it illegal to "advertise or offer for sale a digital good to a purchaser with the terms buy, purchase, or any other term which a reasonable person would understand to confer an unrestricted ownership interest in the digital good, or alongside an option for a time-limited rental."

Read 10 remaining paragraphs | Comments

Posted in News | Leave a comment

OpenAI to Become For-Profit Company

Posted on 2024-09-26 by pappp

Source: Hacker News

Article note: The griftiest grift. Retain the nonprofit to suck up content under the "It's just research" excuse [1], while spinning up a for-profit to more efficiently move rubes'[2] money into insiders' pockets. [1] Note: I'm an IP minimalist who only resents AI companies getting away with that because everyone should be able to and can't. [2] Rubes here being mostly VCs buying into the AI hype and giving OpenAI money hoping they'll be the ones to reap absurd profits, and B2B customers setting up "AI Startups" and "AI in their business" by making OpenAI API Calls.
Comments
Posted in News | Leave a comment

Being Raised by the Internet

Posted on 2024-09-25 by pappp

Source: Hacker News

Article note: I've told this story many times, but posts like this always make me reflect on it. I grew up comfortable, but one of the most consequential things that ever happened to me was the series of computers my parents kept me supplied with when I was young. They weren't (mostly) nice, recent, or high-end machines, and most of them weren't new, but I had a little Pentium MMX Winbook XL, and a whole assortment of aging Macs, and some junker old PCs that I could play with fearlessly, and it set the course of my life. There were some nicer machines that I could use and later bought for me, but the ones that _mattered_ were the ones I could play with. I learned more about computers fixing and hacking on those machines than I did from college. That Winbook ran like a dozen operating systems over its life (Windows 98, 2000, and Server 2003. SuSE 7.2 from the physical boxed media. Debian. Slackware. BeOS. At least one of the BSDs but I honestly don't remember which. Some truly weird stuff like Syllable). I cobbled internet access in various cheap-to-free ways before having broadband (mostly from UK nearby). I ran an Appletalk network along one wall of my room. Sure, I played a lot of video games, but I learned networking, and systems administration, and repair, and deeply how computers work. The same story come up last week because one of the folks I lunch with was asking everyone what the best gift they've ever received is; there's your answer. I hear similar stories from a many of the really engaged students I work with. Most of them naming some specific old dumpster-dive Dell tower or repurposed Chromebook or whatever that was _the_ machine that was their education. I wish I knew a reliable way to create an experience like that for every kid that shows any sort of proclivity.
Comments
Posted in News | Leave a comment

Linux/4004: booting Linux on Intel 4004 for fun, art, and no profit

Posted on 2024-09-20 by pappp

Source: Hacker News

Article note: A custom i4004 board. Hosting a standalone MIPS emulator for i4004 w/ addon hardware to better support the client platform. That can run Linux. What a delightfully ridiculous thing.
Comments
Posted in News | Leave a comment

Real-time Linux is officially part of the kernel after decades of debate

Posted on 2024-09-19 by pappp

Source: Ars Technica

Article note: Very cool, RT patches have been a bit of a pain for decades. I think in an increasing number of applications it now makes more sense to use attached controllers for RT tasks and a (more)conventionally scheduled host, but there are a bunch of places where a big computer with a full OS doing things like sophisticated coordinated motion (think LinuxCNC) is a really nice option.
CNC laser skipping across a metal surface, leaving light trails in long exposure.

Enlarge / Cutting metal with lasers is hard, but even harder when you don't know the worst-case timings of your code. (credit: Getty Images)

As is so often the case, a notable change in an upcoming Linux kernel is both historic and no big deal.

If you wanted to use "Real-Time Linux" for your audio gear, your industrial welding laser, or your Mars rover, you have had that option for a long time (presuming you didn't want to use QNX or other alternatives). Universities started making their own real-time kernels in the late 1990s. A patch set, PREEMPT_RT, has existed since at least 2005. And some aspects of the real-time work, like NO_HZ, were long ago moved into the mainline kernel, enabling its use in data centers, cloud computing, or anything with a lot of CPUs.

But officialness still matters, and in the 6.12 kernel, PREEMPT_RT will likely be merged into the mainline. As noted by Steven Vaughan-Nichols at ZDNet, the final sign-off by Linus Torvalds occurred while he was attending Open Source Summit Europe. Torvalds wrote the original code for printk, a debugging tool that can pinpoint exact moments where a process crashes, but also introduces latency that runs counter to real-time computing. The Phoronix blog has tracked the progress of PREEMPT_RT into the kernel, along with the printk changes that allowed for threaded/atomic console support crucial to real-time mainlining.

Read 3 remaining paragraphs | Comments

Posted in News | Leave a comment