Microsoft is pushing ahead with plans to warn Windows 11 users that have installed the operating system on unsupported hardware. In a new update to Windows 11, a watermark has appeared on the desktop wallpaper for unsupported systems, alongside a similar warning in the landing page of the settings app. From a report: Microsoft had been testing these changes last month, but they're now rolling out to Release Preview just ahead of a full release to all Windows 11 users in the coming days. While Microsoft doesn't mention the addition of a watermark in its "improvements" list for this update, testers have noticed it's included. If Windows 11 is running on unsupported hardware, a new desktop watermark will state "System requirements not met. Go to settings to learn more." It's similar, but far less prominent, to the semi-transparent watermark that appears in Windows if you haven't activated the OS.

"Asahi Linux aims to bring you a polished Linux experience on Apple Silicon Macs," explains the project's web site.

And now that first Asahi Linux alpha release is out — ready for testing on M1, M1 Pro, and M1 Max machines (except Mac Studio): We're really excited to finally take this step and start bringing Linux on Apple Silicon to everyone. This is only the beginning, and things will move even more quickly going forward!

Keep in mind that this is still a very early, alpha release. It is intended for developers and power users; if you decide to install it, we hope you will be able to help us out by filing detailed bug reports and helping debug issues. That said, we welcome everyone to give it a try — just expect things to be a bit rough.... Asahi Linux is developed by a group of volunteers, and led by marcan as his primary job. You can support him directly via Patreon and GitHub Sponsors....

Can I dual-boot macOS and Linux?

Yes! In fact, we expect you to do that, and the installer doesn't support replacing macOS at this point. This is because we have no mechanism for updating system firmware from Linux yet, and until we do it makes sense to keep a macOS install lying around for that. You can have as many macOS and Linux installs as you want, and they will all play nicely and show up in Apple's boot picker. Each Linux install acts as a self-contained OS and should not interfere with the others.

Note that keeping a macOS install around does mean you lose ~70GB of disk space (in order to allow for updates, since the macOS updater is quite inefficient). In the future we expect to have a mechanism for firmware updates from Linux and better integration, at which point we'll be comfortable recommending Linux-only setups....

Is this just Arch Linux ARM?

Pretty much! Most of our work is in the kernel and a few core support packages, and we rely on Linux's excellent existing ARM64 support. The Asahi Linux reference distro images are based off of Arch Linux ARM and simply add our own package repository, which only adds a few packages. You can freely convert between Arch Linux ARM and Asahi Linux by adding or removing this repository and the relevant packages, although vanilla Arch Linux ARM kernels will not boot on these machines at this time.
The project's home page adds that "All contributors are welcome, of any skill level!"

"Doing this requires a tremendous amount of work, as Apple Silicon is an entirely undocumented platform," the team explains. "In particular, we will be reverse engineering the Apple GPU architecture and developing an open-source driver for it." But they're already documenting the Apple Silicon platform on their GitHub wiki. We will eventually release a remix of Arch Linux ARM, packaged for installation by end-users, as a distribution of the same name. The majority of the work resides in hardware support, drivers, and tools, and it will be upstreamed to the relevant projects....

Apple allows booting unsigned/custom kernels on Apple Silicon Macs without a jailbreak! This isn't a hack or an omission, but an actual feature that Apple built into these devices. That means that, unlike iOS devices, Apple does not intend to lock down what OS you can use on Macs (though they probably won't help with the development). As long as no code is taken from macOS to build the Linux support, the result is completely legal to distribute and for end-users to use, as it would not be a derivative work of macOS.
An interesting observataion from Slashdot reader mrwireless: It once again seems Apple is informally supportive of these efforts, as the recent release of OS Monterey 12.3 makes the process even simpler. As Twitter user Matthew Garrett writes:

"People who hate UEFI should read https://github.com/AsahiLinux/... — Apple made deliberate design choices that allow third party OSes to run on M1 hardware without compromising security, and with much less closed code than on basically any modern x86."

At the 2022 Google for Games Developer Summit where its Stadia B2B cloud gaming platform was unveiled, Google announced the long-awaited availability of Steam on Chromebooks. 9to5Google reports: Google specifically said that the "Steam Alpha just launched, making this longtime PC game store available on select Chromebooks for users to try." That said, no other details appear to be live this morning, but we did reveal the device list last month. As we noted at the time: "At a minimum, your Chromebook needs to have an (11th gen) Intel Core i5 or i7 processor and a minimum of 7 GB of RAM. This eliminates almost all Chromebooks but those in the upper-mid range and high end."

Google today said "you can check that out on the Chromebook community forum." The post in question is now live, but without any actual availability timeline beyond "coming soon." However, we did learn that the "early, alpha-quality version of Steam" will first come to the Chrome OS Dev channel for a "small set" of devices.

Meanwhile, Google also said Chrome OS is getting a new "games overlay" on "select" Android titles to make them "playable with user-driven keyboard and mouse configurations on Chromebooks without developer changes." It will launch later this year in a public beta. Further reading: The part of the keynote where this announcement was made can be viewed here.

Google's Domain Name Registrar is Out of Beta After Seven Years

Cognitive Dissident writes: Ars Technica is reporting a major new vulnerability in Linux. Named "Dirty Pipeline" it involves abuse of 'pipes' at the shell level as you might guess.

"Much of the most widely used free and open source software is developed by only a handful of contributors," warns the Linux Foundation, in the executive summary for its massive new census of free and open source software application libraries. It was prepared in conjunction with Harvard's Laboratory for Innovation Science — and that's just one of its five high-level findings.

The census also notes "the increasing importance of individual developer account security," but also the persistence of legacy software, the need for a standardized naming schema for software components, and "complexities" around package versions. But there's also just a lot of data about package popularity, writes SD Times: The report, Census II, is a follow-up to Census I, which was conducted in 2015 to identify the packages in Debian Linux that were most critical to the operation and security of the kernel. According to the Linux Foundation, Census II allows for a more "complete picture of free and open source (FOSS) adoption."

"Understanding what FOSS packages are the most critical to society allows us to proactively support projects that warrant operations and security support," said Brian Behlendorf, executive director at Linux Foundation's Open Source Security Foundation (OpenSSF).
The census "aggregates data from over half a million observations of FOSS libraries used in production applications at thousands of companies," according to its executive summary. It argues that preserving FOSS will require this kind of data-sharing (about where and how FOSS packages are being used ) as well as coordination — including standardizing terminology — and of course, investment.

"The motivation behind publishing these findings is to not only inform, but also to inspire action by developers to improve their security practices and by end users to support the FOSS ecosystem and developers who need assistance." (It suggests companies companies could provide not just financial support but also the technical talent and their time.) The results take the form of eight Top 500 lists — four that include version numbers in the analysis and four that are version agnostic. Further, as mentioned above, we present npm and non-npm packages in separate lists... Although these lists provide valuable, important insights into the most widely used FOSS projects, it is important to also consider the level of security related to these projects. Therefore, in each list, we also include the "Tiered %" measure from the OpenSSF Best Practices Badging Program....

A year and a half later, Amazon's Luna cloud gaming service has formally launched in the U.S. for Android, iOS, Chrome OS, macOS and Windows. Engadget reports: The core Luna+ service with over 100 games will normally cost $10 per month, with the kid-friendly Family Channel and Ubisoft+ Channels available for a respective $6 and $18 per month. Amazon hopes to reel in newcomers by dropping the monthly fees of Luna+ and the Family channel to $6 and $3 for anyone who signs up during March. Existing users just have to maintain their subscriptions to lock in that pricing.

The official debut comes alongside some new channels. A Prime Gaming channel, as the name implies, gives Amazon Prime members a free, rotating mix of games. The March selection will include titles like Devil May Cry 5 and Flashback. Pay $5 per month for the Retro Channel and you'll get Capcom and SNK classics like Street Fighter II Hyper Fighting and Metal Slug 3, while a similar outlay for the Jackbox Games Channel provides access to all eight Jackbox Party Pack titles. Luna's latest update also makes it simpler to stream gameplay from a Fire TV device, Mac or Windows PC on Twitch.

Jolla, a Finnish startup that develops a mobile Linux-based alternative to Google's Android which has had some take-up by the Russian government in the past, is looking to restructure its business to jettison links to the Russian state. TechCrunch reports: We reached out to the startup earlier this week to ask if it was concerned about the impact of looming EU sanctions on Russia -- given how, since 2018, it has counted Russian telecom company, Rostelecom, as a strategic investor. "We have actually ramped down business and exports to Russia already in 2021," CEO and co-founder Sami Pienimaki told TechCrunch. "Thus, the potential tech sanctions would not impact Jolla's business anymore. In parallel, Jolla is growing in particular rapidly in the automotive sector, and it formed already significant part of our 2021 revenues. In regards the ownership, that is correct, and something we're looking to re-structure during this year," he also confirmed. Sailfish has been certified in Russia for government and corporate use since 2016.

Apple appears to be exploring the possibility of integrating a fully functioning Mac within a keyboard, reminiscent of home computers of the 80s, such as the Commodore 64 and Sinclair ZX Spectrum. MacRumors: The concept was revealed by the U.S. Patent and Trademark Office in a new Apple patent application called "Computer in an input device," which describes a thicker Magic Keyboard-style chassis with "all the components of a high performance computer" integrated under the hood. The patent describes the premise for such a device, which could be plugged into a separate external display via a single I/O port designed to receive both data and power, and wirelessly paired with a trackpad or mouse for additional input.

An anonymous reader quotes a report from Ars Technica: [T]he last couple Windows 11 Insider Preview builds have augmented Windows 11's touchscreen capabilities. The build released to Dev channel users last week included new gestures, changes to how snapping windows works when in tablet mode, and a few other improvements. And a new build released today totally overhauls the taskbar for touchscreens.

Windows 11 in its current form adds more space between icons when you're using your device as a tablet, but the new preview goes further. When you're using apps, the taskbar will shrink to a narrow strip across the bottom of the screen: it's still tall enough to show the clock and your network, sound, and battery status icons, but all your pinned apps and other system tray icons are hidden. Swiping up from the bottom of the screen or closing an app window brings up a new, larger version of the taskbar with larger, more finger-friendly icons and spacing. The taskbar disappears again once you've launched your app. "Windows 11 still doesn't have a dedicated Tablet Mode toggle like Windows 10 did," notes Ars. "Instead, the OS relies on signals from your hardware to enable and disable the tablet-centric UI tweaks."

Samsung shipped an estimated 100 million smartphones with botched encryption, including models ranging from the 2017 Galaxy S8 on up to last year's Galaxy S21. Threatpost reports: Researchers at Tel Aviv University found what they called "severe" cryptographic design flaws that could have let attackers siphon the devices' hardware-based cryptographic keys: keys that unlock the treasure trove of security-critical data that's found in smartphones. What's more, cyber attackers could even exploit Samsung's cryptographic missteps -- since addressed in multiple CVEs -- to downgrade a device's security protocols. That would set up a phone to be vulnerable to future attacks: a practice known as IV (initialization vector) reuse attacks. IV reuse attacks screw with the encryption randomization that ensures that even if multiple messages with identical plaintext are encrypted, the generated corresponding ciphertexts will each be distinct.

The design flaws primarily affect devices that use ARM's TrustZone technology: the hardware support provided by ARM-based Android smartphones (which are the majority) for a Trusted Execution Environment (TEE) to implement security-sensitive functions. TrustZone splits a phone into two portions, known as the Normal world (for running regular tasks, such as the Android OS) and the Secure world, which handles the security subsystem and where all sensitive resources reside. The Secure world is only accessible to trusted applications used for security-sensitive functions, including encryption.

Matthew Green, associate professor of computer science at the Johns Hopkins Information Security Institute, explained on Twitter that Samsung incorporated "serious flaws" in the way its phones encrypt key material in TrustZone, calling it "embarrassingly bad." "They used a single key and allowed IV re-use," Green said. "So they could have derived a different key-wrapping key for each key they protect," he continued. "But instead Samsung basically doesn't. Then they allow the app-layer code to pick encryption IVs." The design decision allows for "trivial decryption," he said.

Samsung responded to the academics' disclosure by issuing a patch for affected devices that addressed CVE-2021-25444: an IV reuse vulnerability in the Keymaster Trusted Application (TA) that runs in the TrustZone. Keymaster TA carries out cryptographic operations in the Secure world via hardware, including a cryptographic engine. The Keymaster TA uses blobs, which are keys "wrapped" (encrypted) via AES-GCM. The vulnerability allowed for decryption of custom key blobs. Then, in July 2021, the researchers revealed a downgrade attack -- one that lets attacker trigger IV reuse vulnerability with privileged process. Samsung issued another patch -- to address CVE-2021-25490 -- that remoged the legacy blob implementation from devices including Samsung's Galaxy S10, S20 and S21 phones.

HP, Lenovo, Acer, and Asus are expected to be among the first companies to release gaming Chromebooks. From a report: A code change in the Chromium Gerrit suggests the vendors are working on Chrome OS devices that will support Steam. In January 2020, Google said it would bring Steam to Chromebooks, and the plan may be starting to take shape. 9to5Google spotted a code change on Saturday showing a list of what appears to be Chromebook models that will support Steam:

Acer Chromebook 514 (CB514-1H)
Acer Chromebook 515
Acer Chromebook Spin 713 (CP713-3W)
Asus Chromebook Flip CX5 (CX5500)
Asus Chromebook CX9 (CX9400)
HP Pro c640 G2 Chromebook
Unknown Chromebook from Lenovo.

An anonymous reader quotes a report from CNET: The delayed 5G BlackBerry phone is dead, OnwardMobility has confirmed on its website. "It is with great sadness that we announce that OnwardMobility will be shutting down, and we will no longer be proceeding with the development of an ultra-secure smartphone with a physical keyboard," OnwardMobility said in a message posted Friday, as spotted earlier by CrackBerry. "Please know that this was not a decision that we made lightly or in haste. We share your disappointment in this news and assure you this is not the outcome we worked and hoped for." Android Police and CrackBerry originally reported the phone had been cancelled on Feb. 11, saying OnwardMobility, a Texas-based startup seeking to revitalize the iconic brand through an Android-based, next-gen Wi-Fi device, lost the license from BlackBerry Ltd. to use the BlackBerry brand name. OnwardMobility did not expand on why it is shutting down and cancelling production of the phone. The news comes after BlackBerry ended service for its legacy devices in early January. "Before OnwardMobility picked up the license, Chinese manufacturer TCL was the most recent maker of BlackBerry-branded phones," adds CNET.

Most recently, the company sold its prized patent portfolio to "Catapult IP Innovations Inc." for $600 million.

An anonymous reader quotes a report from Ars Technica: Now that Windows 11's first major post-release update has been issued, Microsoft has started testing a huge collection of new features, UI changes, and redesigned apps in the latest Windows Insider preview for Dev channel users. By and large, the changes are significant and useful -- there's an overhauled Task Manager, folders for pinned apps in the Start menu, the renewed ability to drag items into the Taskbar (as you could in Windows 10), improvements to the Do Not Disturb and Focus modes, new touchscreen gestures, and a long list of other fixes and enhancements.

But tucked away toward the bottom of the changelog is one unwelcome addition: like the Home edition of Windows 11, the Pro version will now require an Internet connection and a Microsoft account during setup. In the current version of Windows 11, you could still create a local user account during setup by not connecting your PC to the Internet -- something that also worked in the Home version of Windows 10 but was removed in 11. That workaround will no longer be available in either edition going forward, barring a change in Microsoft's plans. While most devices do require a sign-in to fully enable app stores, cloud storage, and cross-device sharing and syncing, Windows 11 will soon stand alone as the only major consumer OS that requires account sign-in to enable even basic functionality.

Roku, the leading supplier of smart TV OS in North America, is looking at possibly building its own TV sets. Nexttv reports: According to Business Insider, Roku convened a focus group earlier this month in which participants were shown "different models, feature sets and names, sizes, price points," of smart TVs, according to an individual "familiar" with the event. This unnamed person told the news site that the moderator made it clear that Roku is exploring the possibility of "going it alone" with its own "manufacturing operation," and not merely attaching its brand to an existing smart TV manufacturer's product line.

"The OS/2 community is getting close to obtaining a modern browser on their platform," writes Slashdot reader martiniturbide. In an announcement article on Monday, president of the OS/2 Voice community, Roderick Klein, revealed that a public beta of the new Chromium-based Otter Browser will arrive "in the last week of February or the first week of March." XDA Developers reports: OS/2 was the operating system developed jointly by IBM and Microsoft in the late 1980s and early 1990s, with the intended goal of replacing all DOS and Windows-based systems. However, Microsoft decided to focus on Windows after the immense popularity of Windows 3.0 and 3.1, leaving IBM to continue development on its own. IBM eventually stopped working on OS/2 in 2001, but two other companies licensed the operating system to continue where IBM left off -- first eComStation, and more recently, ArcaOS.

BitWise Works GmbH and the Dutch OS/2 Voice foundation started work on Otter Browser in 2017, as it was becoming increasingly difficult to keep an updated version of Firefox available on OS/2 and ArcaOS. Firefox 49 ESR from 2016 is the latest version available, because that's around the time Mozilla started rewriting significant parts of Firefox with Rust code, and there's no Rust compiler for OS/2. Since then, the main focus has been porting Qt 5.0 to OS/2, which includes the QtWebEngine (based on Chromium). This effort also has the side effect of making more cross-platform ports possible in the future.

The 111-year-old tech institution today announced it will offer the Z mainframe platform on the IBM Cloud, by offering virtual machines running z/OS as-a-service. The Register reports: These VMs are intended for mainframe test and development environments, rather than have Big Blue care for and feed virtual production mainframes in the cloud for you. The service will be tied to Wazi -- an IBM development environment for mainframe applications. Test and dev was one of the first workloads suggested as an ideal candidate to run in the cloud. Before elastic infrastructure-as-a-service, organizations often found themselves building and operating replicas of their production stacks for their developers. Renting such environments as and when needed in the cloud was often -- and often remains -- cheaper than owning and operating the necessary infrastructure.

This infrastructure-as-a-service offering is therefore pitched as a way to reduce the time and resources required to develop mainframe applications. IBM said the new offering is currently a "closed experimental" technology -- we think that means closed beta. It's certainly not mentioned in the catalog of the IBM Cloud account your correspondent maintains, so information on cost or specs is not available at the time of writing. The service will become generally available in the second half of 2022 -- after IBM's 112th birthday.

Microsoft is bringing new touch gestures, Start menu folders, a redesigned Task Manager, and lots more improvements to Windows 11. From a report: A new build of Windows 11 is available to testers today, and it's full of new features that look like they will significantly improve the usability of Windows 11 overall. The new Start menu folders will allow Windows 11 users to customize the pinned section of the Start menu into folders. You drag an app on top of another to create a folder, and you can rearrange apps within folders and remove them. The ability to rename folders is coming in future test builds, but it's good to see more customization on the Start menu, given Windows 11 launched without many ways to tweak the menu design. If you've always been a fan of the gestures in Windows 8, Microsoft is bringing five new touch gestures to Windows 11 soon that will make using tablets a little easier. The first is the ability to swipe up on the taskbar to bring up the Start menu and swipe down to dismiss it again. You'll also be able to swipe between pinned, all apps, and recommended / more on the Start menu. [...] Last but not least, the Task Manager redesign in Windows 11 is now official. It includes a new command bar and a dark theme, alongside an efficiency mode that lets you limit apps from consuming system resources.

An anonymous reader quotes a report from Ars Technica: Here's a fun new feature of Android 13: working virtualization support. Google is building virtualization into Android for its own reasons, but Android developer kdrag0n has commandeered the feature to boot ARM Windows 11 and desktop Linux. The developer even got the Windows version of Doom running, all inside a VM on the Pixel 6. kdrag0n says that Android 13 has "full KVM functionality" at "near-native performance." You need root to enable the functionality, which doesn't support GPU acceleration. The functionality also doesn't support nested virtualization, so while you can now run Android on Windows and Windows on Android, making an infinitely nested OS turducken is out of the question.

This makes for a neat demo that's not at all what Google wants to do with Android's upcoming VM support. Esper's Mishaal Rahman has been meticulously tracking Android's virtualization progress for some time now, and the apparent plan is to someday (maybe in Android 13) use virtual machines as a security and privacy sandbox for various features. Imagine instead of processing sensitive data at the normal app permission level, the data could be processed in a separate OS, so any attackers would have to break through the app security model, then Android, then the hypervisor, then this other, private OS.

Google has announced a new version of Chrome OS called Chrome OS Flex, which is designed to run on old PCs and Macs. The Verge reports: The operating system can be installed "within minutes," according to Google's blog post. Google told me that Chrome OS Flex will look and feel identical to Chrome OS on a Chromebook -- it's built from the same code base and follows the same "release cadence." It did caveat that some features may be dependent on the hardware of the PC you're using. In fact, it said this for every specific feature I asked about, including always-on Google Assistant and Android phone syncing. So, if you're going to try this, keep an eye out.

If you want to try out Chrome OS Flex yourself, you can learn more on the Chrome Enterprise website. Note that the OS is still in early access mode, so you may encounter bugs -- you can boot it directly from a USB drive if you'd rather poke around before installing it on your machine.

Microsoft is releasing its first big update to Windows 11 today, and it includes a lot of new additions. From a report: A public preview of Android apps on Windows 11 will be available today in the US, alongside redesigned Notepad and Media Player apps. The first big Windows 11 update will also include a bunch of improvements to the taskbar. The public preview of Android apps on Windows 11 will allow users to install apps from Amazon's Appstore. The Verge points to workarounds to get Google Play Store running on Windows 11 unofficially. Back to more changes: The biggest changes in this Windows 11 update are related to the taskbar. The time and date will finally be available on multiple monitors in Windows 11, something that was missing at launch. The weather widget also returns to the taskbar in this update, and a new mute / unmute feature in the taskbar will be available for Microsoft Teams calls. You'll also be able to quickly screen share a specific app or window from the taskbar directly into a Microsoft Teams call. Microsoft has also redesigned the Media Player and Notepad apps for Windows 11. Notepad now includes multi-step undo, an improved search interface, and dark mode support. The new Media Player app is designed to replace Groove Music and Windows Media Player and includes support for both audio and video and a design that better matches Windows 11's UI improvements.