Computer Speed Gains Erased By Modern Software

[Julio] has an older computer sitting on a desk, and recorded a quick video with it showing how fast this computer can do seemingly simple things, like open default Windows applications including the command prompt and Notepad. Compared to his modern laptop, which seems to struggle with even these basic tasks despite its impressive modern hardware, the antique machine seems like a speed demon. His videos set off a huge debate about why it seems that modern personal computers often appear slower than machines of the past.

After going through plenty of plausible scenarios for what is causing the slowdown, [Julio] seems to settle on a nuanced point regarding abstraction. Plenty of application developers are attempting to minimize the amount of development time for their programs while maximizing the number of platforms they run on, which often involves using a compatibility layer, which abstracts the software away from the hardware and increases the overhead needed to run programs. Things like this are possible thanks to the amount of computing power of modern machines, but not without a slight cost of higher latency. For applications developed natively, the response times would be expected to be quite good, but fewer applications are developed natively now including things that might seem like they otherwise would be.  Notepad, for example, is now based on UWP.

While there are plenty of plausible reasons for these slowdowns in apparent speed, it’s likely a combination of many things; death by a thousand cuts. Desktop applications built with a browser compatibility layer, software companies who are reducing their own costs by perhaps not abiding by best programming practices or simply taking advantage of modern computing power to reduce their costs, and of course the fact that modern software often needs more hardware resources to run safely and securely than equivalents from the past.

Exploring The Anatomy Of A Linux Kernel Exploit

A lot of talk and discussion happens anytime a hardware manufacturer releases a new line of faster, more powerful, or more efficient computers. It’s easy to see better and better specifications and assume that’s where all the progress is made. But without improved software and algorithms, often the full potential of the hardware can’t be realized. That’s the reason for the creation of io_uring, an improved system call interface in the Linux kernel. It’s also where [chompie] went to look for exploits.

The reason for looking here, in a part of the kernel [chompie] had only recently learned about, was twofold. First, because it’s a place where user space applications interact with the kernel, and second because it’s relatively new and that means more opportunities to find bugs. The exploit involves taking advantage of a complicated asynchronous buffer system, specifically at a location where the code confuses a memory location being used by the kernel with one which is supposed to be used for user space.

To actually get this to work as an exploit, though, a much more involved process is needed to make sure the manipulation of these memory addresses results in something actually useful, but it is eventually used to gain local privilege escalation. More about it can be found in this bug report as well. Thanks to the fact that Linux is open-source, this bug can quickly be fixed and the patch rolled out to prevent malicious attackers from exploiting it. Open-source software has plenty of other benefits besides being inherently more secure, though.

Too Much Git? Try Gitless

Git has been a powerful tool for software development and version control since the mid ’00s, gaining widespread popularity since then. Originally built by none other than Linus Torvalds for handling Linux kernel development, it’s branched out for use with all kinds of other projects. That being said, it is not the easiest thing to learn how to use, with tons of options, abstract ideas, and non-linear workflows to keep track of. So if you’re new to the system or don’t need all of its vast swath of features, you might want to try out an alternative like Gitless.

Thanks to the fact that the original Git is open source, it’s free to modify and use as any user sees fit, and there are plenty of options available. This one aims to simplify many of the features found in the original Git, implementing a tracking system which somewhat automates commits. It also includes a simplified branching system, making it easier to switch between branches and keep better track of all that’s happening in a project. The command line interface is simplified as well, and the entire system is backwards-compatible with Git which means that if you find yourself needing some of the more advanced tools it’s possible to switch between them with relative ease.

For those of us keeping track of our own software projects, who don’t necessarily need the full feature set that the original Git has to offer, this could be a powerful tool that decreases the steep learning curve that Git is known for. It’s definitely a system work diving into, though, regardless of whichever implementation you choose. It’s an effective tool for everything from complex, professional projects to small hobby projects on the Arduino.

Using Excel To Manage A Commodore 64

The “save” icon for plenty of modern computer programs, including Microsoft Office, still looks like a floppy disk, despite the fact that these have been effectively obsolete for well over a decade. As fewer and fewer people recognize what this icon represents, a challenge is growing for retrocomputing enthusiasts that rely on floppy disk technology to load any programs into their machines. For some older computers that often didn’t have hard disk drives at all, like the Commodore 64, it’s one of the few ways to load programs into computer memory. And, rather than maintaining an enormous collection of floppy discs, [RaspberryPioneer] built a way to load programs on a Commodore using Microsoft Excel instead.

The Excel sheet that manages this task uses Visual Basic for Applications (VBA), an event-driven programming language built into Office, to handle the library of applications for the Commodore (or Commodore-compatible clone) including D64, PRG, and T64 files. This also includes details about the software including original cover art and any notes the user needs to make about them. Using VBA, it also communicates to an attached Arduino, which is itself programmed to act as a disk drive for the Commodore. The neceessary configuration needed to interface with the Arduino is handled within the spreadsheet as well. Some additional hardware is needed to interface the Arduino to the Commodore’s communications port but as long as the Arduino is a 5V version and not a 3.3V one, this is fairly straightforward and the code for it can be found on its GitHub project page.

With all of that built right into Excel, and with an Arduino acting as the hard drive, this is one of the easiest ways we’ve seen to manage a large software library for a retrocomputer like the Commodore 64. Of course, emulating disk drives for older machines is not uncommon, but we like that this one can be much more dynamic and simplifies the transfer of files from a modern computer to a functionally obsolete one. One of the things we like about builds like this, or this custom Game Boy cartridge, is how easy it can be to get huge amounts of storage that the original users of these machines could have only dreamed of in their time.

Arbitrary Code Execution Over Radio

Computers connected to networks are constantly threatened by attackers who seek to exploit vulnerabilities wherever they can find them. This risk is particularly high for machines connected to the Internet, but any network connection can be susceptible to attacks. As highlighted by security researcher and consultant [Rick Osgood], even computers connected to nothing more than a radio can be vulnerable to attacks if they’re using certain digital modes of communication.

The vulnerability that [Rick] found involves exploiting a flaw in a piece of software called WinAPRS. APRS is a method commonly used in the amateur radio community for sending data over radio, and WinAPRS allows for this functionality on a PC. He specifically sought out this program for vulnerabilities since it is closed-source and hasn’t been updated since 2013. After some analysis, he found a memory bug which was used to manipulate the Extended Instruction Pointer (EIP) register which stores the memory address of the next instruction to be executed by the CPU. This essentially allows for arbitrary code execution on a remote machine via radio.

The exploit was found while using Windows XP because it lacks some of the more modern memory protection features of modern operating systems, but the exploit does still work with Windows 10, just not as reliably and with a bit of extra effort required. It’s a good reminder to use open-source software when possible so issues like these can get resolved, and to regularly install security updates when possible. If you’re looking to delve into the world of APRS in more modern times, take a look at this project which adds APRS to budget transceivers. Just make sure you get your license first.

Commodore 64 Reports The News

In the late 80s and into the 90s, [Cameron Kaiser] aka [ClassicHasClass] was an aspiring journalist, first becoming interested in the career in elementary school and then working on various publications into university. At some point, he started using a piece of software for laying out newspapers called The Newsroom which, he admits, was lacking a lot of tools that would have been modern even for the time, but had an otherwise agreeable price tag thanks to its focus more on home desktop publishing and newsletter production than on full-scale newspaper operations. It did have one interesting feature that he never could figure out, though, at least until he went back and pieced this mystery together.

The software itself ran on the Apple II and was eventually ported to other systems of the era, including the Commodore 64. The mystery feature was known as “Wire Service” and appeared to be a way that users of the software who had a modem could connect with one another and share news releases, layouts, graphics, and other content created in Newsroom, but in the days where it would have been modern never was able to connect to anything. In fact, it was eventually abandoned by the developers themselves in later releases of the software. But [ClassicHasClass] was determined to get it working. Continue reading “Commodore 64 Reports The News”

FOSDEM 2023: An Open-Source Conference, Literally

Every year, on the first weekend of February, a certain Brussels university campus livens up. There, you will find enthusiasts of open-source software and hardware alike, arriving from different corners of the world to meet up, talk, and listen. The reason they all meet there is the conference called FOSDEM, a long-standing open-source software conference which has been happening in Belgium since 2000. I’d like to tell you about FOSDEM because, when it comes to conferences, FOSDEM is one of a kind.

FOSDEM is organized in alignment with open-source principles, which is to say, it reminds me of an open-source project itself. The conference is volunteer-driven, with a core of staff responsible for crucial tasks – yet, everyone can and is encouraged to contribute. Just like a large open-source effort, it’s supported by university and company contributions, but there’s no admission fees for participants – for a conference, this means you don’t have to buy a ticket to attend. Last but definitely not least, what makes FOSDEM shine is the community that it creates.

FOSDEM’s focus is open software – yet, for hackers of the hardware world, you will find a strong hardware component to participate in, since a great number of FOSDEM visitors are either interested in hardware, or even develop hardware-related things day-to-day. It’s not just that our hardware can’t live without software, and vice-versa – here, you will meet plenty of pure software, a decent amount of pure hardware, and a lot of places where the two worlds are hard to distinguish. All in all, FOSDEM is no doubt part of hacker culture in Europe, and today, I will tell you about my experience of FOSDEM 2023. Continue reading “FOSDEM 2023: An Open-Source Conference, Literally”