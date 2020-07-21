Proprietary Software: Microsoft Abuse and Layoffs, Security Issues and Fusion 360 on GNU/Linux Slack files competition complaint against Microsoft in Europe Workplace messaging service Slack announced Wednesday it has filed a complaint against Microsoft with the European Commission on Wednesday, alleging the tech giant is using its market dominance to crowd out competition. The complaint accuses Microsoft of illegally tying its workplace product, Teams, to its suite of productivity tools, forcing millions of installs and hiding the true costs from enterprise customers.

Microsoft’s LinkedIn to lay off 6% of its global workforce Microsoft Corp.-owned LinkedIn today said that it is laying off about 960 employees, or approximately 6% of its global workforce, amid reduced demand for its recruiting solutions among business customers. Microsoft acquired LinkedIn four years ago in a $26.2 billion deal that propelled it to a key position in the social media landscape. Since the acquisition, LinkedIn has grown from about 433 million users worldwide to 690 million as of Microsoft’s last fiscal quarter. The social network generates revenue by selling tools that enable companies to find job candidates, target potential customers and provide training resources for employees.

New Hack Can Trick Power Bricks into Starting Fires In a study published by Xuanwu Labs (which is owned by Chinese tech giant Tencent), researchers detailed the BadPower hack which works by manipulating the firmware inside fast charge power adapters. Normally, when a phone is connected to a power brick with support for fast charging, the phone and the power adapter communicate with each other to determine the proper amount of electricity that can be sent to the phone without damaging the device—the more juice the power adapter can send, the faster it can charge the phone. However, by hacking the fast charging firmware built into a power adapter, Xuanwu Labs demonstrated that bad actors could potentially manipulate the power brick into sending more electricity than a phone can handle, thereby overheating the phone, melting internal components, or as Xuanwu Labs discovered, setting the device on fire.

Fusion 360 on Linux | Architectural Design Blathering I have previously reviewed Fusion 360 and have since been gaining experience using it. I find it to be a very capable CAD application package that I rather enjoy using it too. Since most of my design experience has been using PTC Creo, I have had to relearn a lot of tools but the process has been fun (sometimes frustrating but mostly fun). To be absolutely clear, I have no architectural design experience. I am building this out of observation from hands-on experience. These are my musings about it after spending several hours on it, understanding how to design a more complex assembly. For this project, I set my units to inches and I worked at designing my ideal garage with the idea that I am renovating the existing structure. I have many unanswered questions about the structure I am digitally assembling this at the time of writing but I hope to do updates on it as the project progresses. I started out by placing the two walls I have to keep of my existing garage (over sized crappy shed). As I am “grandfathered in” to the current location so tearing it down and rebuilding would not be possible. [...] I really don’t know if Fusion 360 was ever intended on being used for “architectural design” or not but I had fun doing it. I can very easily made modification and extract the necessary dimensions as needed when I go to build this. Having the mobile application is nice for just looking at it as well and as I am picking up the lumber for it, I can look at the 3D model very easily and verify whatever it is I am thinking about. I am still only scratching the surface of Fusion 360. The more I use it, the more I like it. I am very happy by the ease of use, and resource utilization of this application. It doesn’t tax my aging system much and the fact that the tools are intuitive makes working on projects very enjoyable.

Kernel and Graphics: User-Space Threading, I/O, RenderDoc and Mesa Google Finally Begins Their Open-Source Dance Around Linux User-Space Threading Way back in 2013 there was a presentation at the Linux Plumbers Conference around Google's work on user-level threads and how they were working on new kernel functionality for using regular threads in a cooperative fashion and building various features off that. Fast forward to today, that functionality has been in use internally at Google for a range of services for latency-sensitive services and greater control over user-space scheduling while now finally in 2020 they are working towards open-sourcing that work. [...] While FUTEX_SWAP could be honored for the Linux 5.9 cycle, this is just the start and will likely be a few more cycles before all of this Google work is finally open-source and mainlined.

Operations restrictions for io_uring The io_uring subsystem is not much over one year old, having been merged for the 5.1 kernel in May 2019. It was initially added as a better way to perform asynchronous I/O from user space; over time it has gained numerous features and support for functionality beyond just moving bits around. What it has not yet gained is any sort of security mechanism beyond what the kernel already provides for the underlying system calls. That may be about to change, though, as the result of this patch set from Stefano Garzarella adding a set of user-configurable restrictions to io_uring. As one might expect from its name, io_uring is based around a ring buffer shared between the kernel and user space that allows user space to submit operations to the kernel. There is a second ring that is filled with the results of those operations. Each operation can be thought of as a way of expressing a system call; operations may read or write buffers, open files, send network messages, or request any of a number of other actions. Operations can be made contingent on the successful completion of previous operations. In short, the operation stream feeding into the kernel is a sort of language expressing a program that the kernel should execute asynchronously. Operations executed by io_uring result in calls to the code within the kernel that implements the corresponding system calls; an IORING_OP_READV operation, for example, ends up in the same place as a readv() system call. That code will perform the usual privilege checks, using the credentials of the process that created the ring in the first place. So, in the absence of bugs, a process can do nothing with io_uring that it would not be allowed to do with direct system calls — with the exception that seccomp() filters do not apply to io_uring. This model has worked well for io_uring so far, but it turns out that there is a use case that could use a bit more control. In particular, what happens if a process wants to create a ring and hand it over to another, less-trusted process? For example, I/O from within virtualized guests could perhaps be accelerated considerably if it used io_uring. This I/O, which often goes through the Virtio mechanism now, involves a certain amount of data copying and context shifting that could be avoided this way. The hypervisor could create whatever file descriptors the client would need, which would correspond to specific devices or open network connections, then let the guest handle things directly through the ring from there. The problem with this idea is that the guest could then perform any operation that io_uring supports. Remember that the ring retains the credentials of the creator, which would be the hypervisor in this case; giving such a ring to a client would open the door to actions like accessing other file descriptors opened by the hypervisor or opening new files with the hypervisor's credentials. This is likely to prove extremely disappointing to anybody counting on virtualization as a security barrier.

RenderDoc 1.9 Released - The Open-Source Graphics Debugging Tool Gets Even Better RenderDoc as the open-source, cross-platform, cross graphics API debugger tool for profiling and analyzing issues across Vulkan / Direct3D / OpenGL / GLES continues getting even better with its advanced tool set. RenderDoc 1.9 was released on Wednesday and comes with support for pixel history and shader debugging along with various other enhancements and fixes. The Vulkan shader debugging with RenderDoc 1.9 covers SPIR-V shaders at vertex, fragment and compute shader stages. Meanwhile Google engineers contributed support for RenderDoc's Vulkan support to fetch pixel history.

LLVMpipe Gallium3D Driver Now Exposes OpenGL 4.3 It was just at the start of July that the LLVMpipe software driver gained OpenGL 4.0 support at long last. Days after that milestone OpenGL 4.2 support was reached for this driver that offers OpenGL acceleration atop CPUs either for fallback purposes or a vendor-neutral debug path. Now just days before the Mesa 20.2 branching, OpenGL 4.3 support has been cleared! With Mesa 20.2 coming out around the end of August, that now takes this Gallium3D software rasterizer from OpenGL 3.3 to OpenGL 4.3 (or possibly even GL 4.4)! Red Hat's David Airlie who has been leading the charge on LLVMpipe added the remaining bits today for being able to expose OpenGL 4.3 with LLVMpipe. Those bits included the OpenGL robust buffer access and also enabling OpenGL ES 3.2.