‘Turn an Old PC Into a High-End Amiga with AmiKit’

Mike Bouma (Slashdot reader #85,252) writes:
AmiKit is a compilation of pre-installed and pre-configured Amiga programs running emulated on Windows, macOS, and Linux (as well as running on classic 68K Amigas expanded with a Vampire upgrade card).

Besides original Workbench (Commodore’s desktop environment/graphical filemanager), AmiKit provides Directory Opus Magellan and Scalos as desktop replacements and its “Rabbit Hole” feature allows you to launch Windows, Mac or Linux applications directly from your Amiga desktop! Anti-aliased fonts, Full HD 32-bit screen modes and DualPNG Icons support is included and this package comes with exclusive versions of the Master Control Program (MCP) and MUI 5 (Magic User Interface).

The original AmigaOS (version 3.x) and Kickstart ROM (version 3.1) are required, also the recently released AmigaOS 3.2 is supported. You can also get the needed files from the Amiga Forever package(s). It even supports emulating AmigaOS 4.x (for PowerPC) easily through Flower Pot.

Here’s an extensive overview video by Dan Wood. An Amiga Future review of an earlier 2017 version can be read here.

“Everything began in 1994 when my parents bought an Amiga 500 for me and my brother,” explains AmiKit’s developer.

“I was 14 years old…”

Fast forward to 2005, the AmiKit was born — an emulated environment including more than 350 programs. It fully replaced my old Amiga and it became a legend in the community over the years.

Fast forward to 2017, a brand new AmiKit X is released, originally developed for A.L.I.C.E., followed by the XE version released in 2019, Vampire edition in 2020 and Raspberry Pi in 2021. The latest & greatest version was released in 2020.

When someone, who has never heard about Amiga before, asks me why I would want to turn current modern computer into something retro and old fashioned, my short answer is: “Simply because I love Amiga!”

Read more of this story at Slashdot.

Instagram Moderators Say Iran Offered Them Bribes to Remove Accounts

The BBC reports:

A Persian-language content moderator for Instagram and a former content moderator have said Iranian intelligence officials offered them money to remove Instagram accounts of journalists and activists….

Both content moderators also accused some Iranian colleagues of exhibiting “pro-regime bias” when reviewing posts on the photo-sharing service. They spoke to the BBC after many Iranian Instagram users complained that posts about recent anti-government protests in their country had been deleted. Instagram’s owner, Meta Platforms, and the third-party company it uses to moderate content said there was no validity to the claims….

The protests received very little coverage on Iranian state media, meaning that Iranians had to rely on Instagram and other social media sites to learn what was happening on the ground. As the unrest continued, users noticed that some videos posted on Instagram were being removed….

The former content moderator told the BBC that he “personally knew some reviewers who supported the Iranian regime and received instructions from Iran”….

All three interviewees said it was likely that some videos of the protests were removed because they included people shouting: “Death to Khamenei”.

Meta has previously said that its guidelines around incitement of violence prohibit calls for the death of a head of state. However, in Iran the phrase “Death to…” is commonly chanted at protests to express discontent with something or someone, rather than to express an actual threat.

Read more of this story at Slashdot.

Should IT Professionals Be Liable for Ransomware Attacks?

Denmark-based Poul-Henning Kamp describes himself as the “author of a lot of FreeBSD, most of Varnish and tons of other Open Source Software.” And he shares this message in June’s Communications of the ACM.

“The software industry is still the problem.”
If any science fiction author, famous or obscure, had submitted a story where the plot was “modern IT is a bunch of crap that organized crime exploits for extortion,” it would have gotten nowhere, because (A) that is just not credible, and (B) yawn!

And yet, here we are…. As I write this, 200-plus corporations, including many retail chains, have inoperative IT because extortionists found a hole in some niche, third-party software product most of us have never heard of.

But he’s also proposing a solution.
In Denmark, 129 jobs are regulated by law. There are good and obvious reasons why it is illegal for any random Ken, Brian, or Dennis to install toilets or natural-gas furnaces, perform brain surgery, or certify a building is strong enough to be left outside during winter. It may be less obvious why the state cares who runs pet shops, inseminates cattle, or performs zoological taxidermy, but if you read the applicable laws, you will learn that animal welfare and protection of endangered species have many and obscure corner cases.

Notably absent, as in totally absent, on that list are any and all jobs related to IT; IT architecture, computers, computer networks, computer security, or protection of privacy in computer systems. People who have been legally barred and delicensed from every other possible trade — be it for incompetence, fraud, or both — are entirely free to enter the IT profession and become responsible for the IT architecture or cybersecurity of the IT system that controls nearly half the hydrocarbons to the Eastern Seaboard of the U.S….

With respect to gas, water, electricity, sewers, or building stability, the regulations do not care if a company is hundreds of years old or just started this morning, the rules are always the same: Stuff should just work, and only people who are licensed — because they know how to — are allowed to make it work, and they can be sued if they fail to do so.

The time is way overdue for IT engineers to be subject to professional liability, like almost every other engineering profession. Before you tell me that is impossible, please study how the very same thing happened with electricity, planes, cranes, trains, ships, automobiles, lifts, food processing, buildings, and, for that matter, driving a car.

As with software product liability, the astute reader is apt to exclaim, “This will be the end of IT as we know it!” Again, my considered response is, “Yes, please, that is precisely my point!”

Read more of this story at Slashdot.

25 Gigabit Per Second Fiber Retail Broadband Service Demoed in New Zealand

25 gigabits per second — both downloading and uploading. CRN reports broadband infrastructure wholesaler Chorus demonstrated those speeds over their existing passive optical fiber network [PON].

The demonstration in Auckland achieved 21.4 Gbps throughput, tested simultaneously on the same strand of fibre that ran an 8 Gbps symmetric HyperFibre connection, and a 900/550 Mbps UFB link…. Chorus uses Nokia’s Lightspan FX and MX access nodes for multiple types of fibre service, including standard GPON, the XGS-PON behind HyperFibre, point-to-point Ethernet, and envisages the 25 GPON service to run on it as well. It is based on the Quillion chip set line cards, which Nokia says are 50 per cent more energy efficient than earlier models.

Currently, Chorus has no wholesale 25 GPON product, with its fastest offering topping out at 8/8 Gbps HyperFibre. The wholesaler expects to develop a 25 GPON based services within the next two to three years, with a Nokia optical network termination unit that supports either 25/25 Gbps or 25/10 Gbps options. Kurt Rodgers, network strategy manager at Chorus, said the faster broadband service would come into its own for industrial metaverse applications, the Internet of Things, and low-latency cloud connectivity….

Chorus chief technology officer Ewen Powell said the 25 GPON service demonstrated “a future-proofed technology.” Although two-wavelength 50 Gbps service is appearing as a choice for providers, with 100 GPON on the horizon, Chorus is betting that the 25 Gbps variant will offer the best cost benefit overall for providers, as it can use existing optics equipment.

Thanks to long-time Slashdot reader Bismillah for submitting the article.

Read more of this story at Slashdot.

How CentOS Stream and RHEL 9 Led to AlmaLinux 9

ZDNet writes that in late 2020 Red Hat decided “they’d no longer release CentOS Linux as a standalone distribution. Instead, CentOS Stream would work as a beta for RHEL.”
So where are we now?
The competition immediately sprang up to replace CentOS. The two most important of these are the AlmaLinux OS Foundation’s AlmaLinux and Rocky Enterprise Software Foundation’s Rocky Linux. [May 16th saw the release of Rocky Linux 8.6.] Now, mere weeks after the release of RHEL 9, AlmaLinux 9 has arrived.

Like RHEL itself, AlmaLinux 9 starts from CentOS Stream via RHEL. Indeed, AlmaLinux developers are CentOS Stream contributors. The bottom line is that CentOS 9 is an identical twin to RHEL 9 — except for the names and trademarks. It has all the same features, all the same advances, and, for better or worse, all the same bugs.

Besides the big server architectures, AlmaLinux is also ready to run on everything from cloud and Docker images to Microsoft’s Windows Subsystem for Linux and Raspberry Pi, the article points out.

And Jack Aboutboul, AlmaLinux’s Community Manager, tells ZDNet “We are building AlmaLinux with the specific goal of creating an independent CentOS successor that is truly community-centric and designed for everyone… We offer everyone a uniform platform that is safe, secure, easy to use, and dependable to build your tomorrow on.”

Read more of this story at Slashdot.

Omnipotent BMCs From Quanta Remain Vulnerable To Critical Pantsdown Threat

“Quanta not patching vulnerable baseboard management controllers leaves data centers vulnerable,” writes long-time Slashdot reader couchslug. “Pantsdown was disclosed in 2019…” Ars Technica reports: In January 2019, a researcher disclosed a devastating vulnerability in one of the most powerful and sensitive devices embedded into modern servers and workstations. With a severity rating of 9.8 out of 10, the vulnerability affected a wide range of baseboard management controllers (BMC) made by multiple manufacturers. These tiny computers soldered into the motherboard of servers allow cloud centers, and sometimes their customers, to streamline the remote management of vast fleets of computers. They enable administrators to remotely reinstall OSes, install and uninstall apps, and control just about every other aspect of the system — even when it’s turned off. Pantsdown, as the researcher dubbed the threat, allowed anyone who already had some access to the server an extraordinary opportunity. Exploiting the arbitrary read/write flaw, the hacker could become a super admin who persistently had the highest level of control for an entire data center.

Over the next few months, multiple BMC vendors issued patches and advisories that told customers why patching the vulnerability was critical. Now, researchers from security firm Eclypsium reported a disturbing finding: for reasons that remain unanswered, a widely used BMC from data center solutions provider Quanta Cloud Technology, better known as QCT, remained unpatched against the vulnerability as recently as last month. As if QCT’s inaction wasn’t enough, the company’s current posture also remains baffling. After Eclypsium privately reported its findings to QCT, the solutions company responded that it had finally fixed the vulnerability. But rather than publish an advisory and make a patch public — as just about every company does when fixing a critical vulnerability — it told Eclypsium it was providing updates privately on a customer-by-customer basis. As this post was about to go live, “CVE-2019-6260,” the industry’s designation to track the vulnerability, didn’t appear on QCT’s website. […] “[T]hese types of attacks have remained possible on BMCs that were using firmware QCT provided as recently as last month,” writes Ars’ Dan Goodin in closing. “QCT’s decision not to publish a patched version of its firmware or even an advisory, coupled with the radio silence with reporters asking legitimate questions, should be a red flag. Data centers or data center customers working with this company’s BMCs should verify their firmware’s integrity or contact QCT’s support team for more information.”

Read more of this story at Slashdot.