henfredemars

This is merely a small blurb. Here's the (nearly) complete text of the article (no real need to visit the page):

Qualcomm says Arm is no longer threatening to take its chip architecture away.

”Arm recently notified us that it was withdrawing its October 22nd, 2024 notice of breach and indicated that it has no current plan to terminate the Qualcomm Architecture License Agreement,” Qualcomm CEO Cristiano Amon said on today’s Q1 2025 earnings call. (Qualcomm reported record quarterly revenue, and Amon says Snapdragon now has 10 percent share of $800-plus Windows laptops at US retail.)

Sounds like the chip licensing drama is coming to an end, although it's hard to know what agreements went on behind the scenes to call off the giants' battle.

• Android will soon be able to alert you when your device’s time zone has been automatically updated.
• This alert will come in the form of a notification.
• The feature isn’t live yet in the latest Android 16 preview, but when it does go live, it’ll be opt-in.

Sounds like a nice QOL mini-feature.

Hello Linux Gurus,

I am seeking divine inspiration.

I don’t understand the apparent lack of hypervisor-based kernel protections in desktop Linux. It seems there is a significant opportunity for improvement beyond the basics of KASLR, stack canaries, and shadow stacks. However, I don’t see much work in this area on Linux desktop, and people who are much smarter than me develop for the kernel every day yet have not seen fit to produce some specific advanced protections at this time that I get into below. Where is the gap in my understanding? Is this task so difficult or costly that the open source community cannot afford it?

Windows PCs, recent Macs, iPhones, and a few Android vendors such as Samsung run their kernels atop a hypervisor. This design permits introspection and enforcement of security invariants from outside or underneath the kernel. Common mitigations include protection of critical data structures such as page table entries, function pointers, or SELinux decisions to raise the bar on injecting kernel code. Hypervisor-enforced kernel integrity appears to be a popular and at least somewhat effective mitigation although it doesn't appear to be common on desktop Linux despite its popularity with other OSs.

Meanwhile, in the desktop Linux world, users are lucky if a distribution even implements secure boot and offers signed kernels. Popular software packages often require short-circuiting this mechanism so the user can build and install kernel modules, such as NVidia and VirtualBox drivers. SELinux is uncommon, ergo root access is more or less equivalent to the kernel privileges including introduction of arbitrary code into the kernel on most installations. TPM-based disk encryption is only officially supported experimentally by Ubuntu and is usually linked to secure boot, while users are largely on their own elsewhere. Taken together, this feels like a missed opportunity to implement additional defense-in-depth.

It’s easy to put code in the kernel. I can do it in a couple of minutes for a "hello world" module. It’s really cool that I can do this, but is it a good idea? Shouldn’t somebody try and stop me?

Please insert your unsigned modules into my brain-kernel. What have I failed to understand, or why is this the design of the kernel today? Is it an intentional omission? Is it somehow contrary to the desktop Linux ethos?

This year has been a milestone for us, with significant strides in decentralizing app distribution, expanding the F-Droid ecosystem, and solidifying our infrastructure. All of these advancements were made possible thanks to donations, grants, our volunteers and regular contributors. So thank you again to everyone who helped make 2024 another great year for F-Droid. Now let’s take a closer look at what we accomplished.

Pixelfed is now available as a mobile apps for both iOS and Android. The open source, decentralized platform offers image sharing similar to Instagram. However, Pixelfed has no advertisements and does not share user data with third parties.

The AirTag is the gold standard, but Google had eight months to fix its bad network. It's still not fixed.

If I had a strong source of radio-frequency photons, can these be converted to electricity like a solar panel does for light?

Bullet points taken from article:

• The latest Google Messages beta supports MLS encryption, RCS’s next step toward E2EE interoperability across apps and platforms.
• We managed to enable MLS for one-on-one RCS conversations in Google Messages, but we haven’t been able to enable it for RCS group chats yet.
• This indicates that MLS encryption support could be on the horizon for Google Messages.

Note that Google Messages already does end to end encryption, but there are many cases where this feature doesn't work (such as when communicating with an iPhone).

Would really hit the spot right about now.

Though spending was up, there was another worrying sign about the overall health of the app ecosystem. This year, global app downloads were down by 2.3%, compared with 2023, reaching nearly 110 billion. This downward trend was seen across both app stores, the data indicates.

EU regulation has led to Apple being forced to open up iOS in ways that many never expected, but it’s not done just yet. In an effort to ensure “effective interoperability” with other platforms, the EU wants Apple to make native features of iOS being compatible with Android, including the likes of AirDrop and more.

AI Article Summary:

Android has improved its unknown tracker alerts to notify users faster and more often, and has introduced two new features to help users protect themselves from unwanted tracking. The key findings are the introduction of two new features: Temporarily Pause Location and Find Nearby, which aim to provide users with more control and privacy when dealing with unknown trackers.