Linux

Playtron’s wildly ambitious gaming OS aims to unite stores, lure “core casuals”

AOSP, asus rog ally, Cyanogen, cyanogen inc., CyanogenMod, gaming, Handheld Gaming, handheld gaming pc, Linux, Portable gaming, steam deck / Kelly Newman / March 18, 2024

Core Casual Corps —

Headed by former Cyanogen CEO, it’s a Linux OS that might not be fully open.

Kevin Purdy – Mar 18, 2024 8: 36 pm UTC

Mock-up of a potential Playtron device — Enlarge / This isn’t what the first PlaytronOS-powered device will look like. That could be your Steam Deck, a 5G device from your cell carrier, or maybe your car.

Playtron

The Steam Deck’s OS is purpose-built for handheld gaming, but it’s confined to one device, unless you’re willing to head out to the bleeding edge. Beyond SteamOS, there is Windows, which can let down ambitious Deck-likes, there is the Nintendo Switch, and there are Android-based devices that are a lot like Android phones. This setup has got at least one company saying, in infomercial tones, that there has got to be a better way.

That company is Playtron, a new software startup that aims to fix that setup with a Linux-based gaming OS that’s tied to no particular game store or platform. Playtron has $10 million, coders from open source projects like ChimeraOS and Heroic Games Launcher, and the former CEO of Cyanogen. With that, it aims to have “Playtron-native devices shipping worldwide in 2025,” and to capture the 1 billion “core casual” gamers they see as under-served.

Demo of Playtron running on a Lenovo Legion Go, uploaded by Playtron CEO Kirk McMaster.

What devices will Playtron use to serve them? Some of them might be Steam Decks, as you will “soon be able to install Playtron on your favorite handheld PC,” according to Playtron’s ambitious, somewhat scattershot single-page website. Some might be “Playtron-powered 5G devices coming soon to markets around the world.” Really, though, Playtron aims to provide a gaming platform to any device with a CPU and a screen, be it desktop or mobile, ARM or x86, TV or car.

I have looked at this Venn diagram for long stretches and have still not figured out if the target is someone who is deeply into gaming or turned off by having to choose a platform or both or neither.

Playtron
Additional mock-ups of hypothetical Playtron devices from Playtron’s website or possibly just Playtron logos on existing devices.

Playtron

Sean Hollister at The Verge spoke with Playtron CEO Kirk McMaster. He has also viewed internal planning documents and tried out an alpha of the OS. McMaster told Hollister that handheld-maker Ayaneo plans to ship a Playtron device in 2024, while “numerous OEMs and mobile operators” are looking at 2025. Playtron aims to compete with Windows on price ($10 instead of what McMaster cites as $80 per head), and against Steam with a non-Steam platform that, McMaster claims, will still prevent cheating with a Fedora-Silverblue-based immutable file system. There are also some mentions of AI tools for helping casual gamers or determining launch configurations for games. Also, there are crypto-focused investors and a mention of offering crypto-based game purchases, though Playtron may also not have a store at all.

Another notable thing Playtron has is McMaster, the former head of Cyanogen Inc. That project launched in 2013 with $7 million in venture funding and an ambition to turn the free and open source-minded Android ROM community, CyanogenMod, into a for-profit OS and apps vendor. Google reportedly tried to buy Cyanogen Inc. at some point in 2014 but was turned away, as the company saw itself as growing. By the end of 2016, Cyanogen Inc. was shut down, and the Android ROM community reorganized around LineageOS. Ars’ 2016 “Deathwatch” cited McMaster’s “delusions of grandeur,” noting his claimed desire to “put a bullet in Google’s head” while maintaining an OS that was almost entirely dependent on Google’s open source Android code.

McMaster told The Verge’s Hollister that, from his time at Cyanogen Inc., he “learned that you shouldn’t try to commercialize an open-source project with a significant history because it can lead to culture wars.” There are strong hints that Playtron will not be entirely open source, though it will encourage the Linux coders it has hired to continue contributing to projects like ChimeraOS.

Playtron’s wildly ambitious gaming OS aims to unite stores, lure “core casuals” Read More »

Critical vulnerability affecting most Linux distros allows for bootkits

Biz & IT, bootkits, Linux, Security, shim, uefi, vulnerabilities / Shannon Garcia / February 6, 2024

Linux developers are in the process of patching a high-severity vulnerability that, in certain cases, allows the installation of malware that runs at the firmware level, giving infections access to the deepest parts of a device where they’re hard to detect or remove.

The vulnerability resides in shim, which in the context of Linux is a small component that runs in the firmware early in the boot process before the operating system has started. More specifically, the shim accompanying virtually all Linux distributions plays a crucial role in secure boot, a protection built into most modern computing devices to ensure every link in the boot process comes from a verified, trusted supplier. Successful exploitation of the vulnerability allows attackers to neutralize this mechanism by executing malicious firmware at the earliest stages of the boot process before the Unified Extensible Firmware Interface firmware has loaded and handed off control to the operating system.

The vulnerability, tracked as CVE-2023-40547, is what’s known as a buffer overflow, a coding bug that allows attackers to execute code of their choice. It resides in a part of the shim that processes booting up from a central server on a network using the same HTTP that the Internet is based on. Attackers can exploit the code-execution vulnerability in various scenarios, virtually all following some form of successful compromise of either the targeted device or the server or network the device boots from.

“An attacker would need to be able to coerce a system into booting from HTTP if it’s not already doing so, and either be in a position to run the HTTP server in question or MITM traffic to it,” Matthew Garrett, a security developer and one of the original shim authors, wrote in an online interview. “An attacker (physically present or who has already compromised root on the system) could use this to subvert secure boot (add a new boot entry to a server they control, compromise shim, execute arbitrary code).”

Stated differently, these scenarios include:

Acquiring the ability to compromise a server or perform an adversary-in-the-middle impersonation of it to target a device that’s already configured to boot using HTTP
Already having physical access to a device or gaining administrative control by exploiting a separate vulnerability.

While these hurdles are steep, they’re by no means impossible, particularly the ability to compromise or impersonate a server that communicates with devices over HTTP, which is unencrypted and requires no authentication. These particular scenarios could prove useful if an attacker has already gained some level of access inside a network and is looking to take control of connected end-user devices. These scenarios, however, are largely remedied if servers use HTTPS, the variant of HTTP that requires a server to authenticate itself. In that case, the attacker would first have to forge the digital certificate the server uses to prove it’s authorized to provide boot firmware to devices.

The ability to gain physical access to a device is also difficult and is widely regarded as grounds for considering it to be already compromised. And, of course, already obtaining administrative control through exploiting a separate vulnerability in the operating system is hard and allows attackers to achieve all kinds of malicious objectives.

Critical vulnerability affecting most Linux distros allows for bootkits Read More »

Convicted murderer, filesystem creator writes of regrets to Linux list

Biz & IT, file systems, Hans Reiser, Linux, Linux kernel, linux kernel mailing list, LKML, ReiserFS, Tech / Kelly Newman / January 19, 2024

Pre-release notes —

“The man I am now would do things very differently,” Reiser says in long letter.

Kevin Purdy – Jan 19, 2024 9: 20 pm UTC

Hans Reiser letter to Fredrick Brennan — Enlarge / A portion of the cover letter attached to Hans Reiser’s response to Fredrick Brennan’s prompt about his filesystem’s obsolescence.

Fredrick Brennan

With the ReiserFS recently considered obsolete and slated for removal from the Linux kernel entirely, Fredrick R. Brennan, font designer and (now regretful) founder of 8chan, wrote to the filesystem’s creator, Hans Reiser, asking if he wanted to reply to the discussion on the Linux Kernel Mailing List (LKML).

Reiser, 59, serving a potential life sentence in a California prison for the 2006 murder of his estranged wife, Nina Reiser, wrote back with more than 6,500 words, which Brennan then forwarded to the LKML. It’s not often you see somebody apologize for killing their wife, explain their coding decisions around balanced trees versus extensible hashing, and suggest that elementary schools offer the same kinds of emotional intelligence curriculum that they’ve worked through in prison, in a software mailing list. It’s quite a document.

What follows is a relative summary of Reiser’s letter, dated November 26, 2023, which we first saw on the Phoronix blog, and which, by all appearances, is authentic (or would otherwise be an epic bit of minutely detailed fraud for no particular reason). It covers, broadly, why Reiser believes his system failed to gain mindshare among Linux users, beyond the most obvious reason. This leads Reiser to detail the technical possibilities, his interpersonal and leadership failings and development, some lingering regrets about dealings with SUSE and Oracle and the Linux community at large, and other topics, including modern Russian geopolitics.

“LKML and Slashdot.org seem like reasonable places to send it (as of 2006)”

In a cover letter, Reiser tells Brennan that he hopes he can use OCR to import his lengthy letter and asks him to use his best judgment in where to send his reply. He also asks, if he has time, Brennan might send him information on “Reiser5, or any interesting papers on other Filesystems, compression (especially Deep Learning based compression), etc.”

Then Reiser addresses the kernel mailing list directly—very directly:

I was asked by a kind Fredrick Brennan for my comments that I might offer on the discussion of removing ReiserFS V3 from the kernel. I don’t post directly because I am in prison for killing my wife Nina in 2006.

I am very sorry for my crime–a proper apology would be off topic for this forum, but available to any who ask.

A detailed apology for how I interacted with the Linux kernel community, and some history of V3 and V4, are included, along with descriptions of what the technical issues were. I have been attending prison workshops, and working hard on improving my social skills to aid my becoming less of a danger to society. The man I am now would do things very differently from how I did things then.

ReiserFS V3 was “our first filesystem, and in doing it we made mistakes, because we didn’t know what we were doing,” Reiser writes. He worked through “years of dark depression” to get V3 up to the performance speeds of ext2, but regrets how he celebrated that milestone. “The man I was then presented papers with benchmarks showing that ReiserFS was faster than ext2. The man I am now would stat his papers … crediting them for being faster than the filesystems of other operating systems, and thanking them for the years we used their filesystem to write ours.” It was “my first serious social mistake in the Linux community, and it was completely unnecessary.”

Reiser asks that a number of people who worked on ReiserFS be included in “one last release” of the README, and to “delete anything in there I might have said about why they were not credited.” He says prison has changed him in conflict resolution and with his “tendency to see people in extremes.”

Reiser extensively praises Mikhail Gilula, the “brightest mind in his generation of computer scientists,” for his work on ReiserFS from Russia and for his ideas on rewriting everything the field knew about data structures. With their ideas on filesystems and namespaces combined, it would be “the most important refactoring of code ever.” His analogy at the time, Reiser wrote, was Adam Smith’s ideas of how roads, waterways, and free trade affected civilization development; ReiserFS’ ideas could similarly change “the expressive power of the operating system.”

Convicted murderer, filesystem creator writes of regrets to Linux list Read More »

Stealthy Linux rootkit found in the wild after going undetected for 2 years

backdoor, Biz & IT, Linux, malware, rootkits, Security / Mike M. / December 10, 2023

Trojan horse on top of blocks of hexadecimal programming codes. Illustration of the concept of online hacking, computer spyware, malware and ransomware.

Stealthy and multifunctional Linux malware that has been infecting telecommunications companies went largely unnoticed for two years until being documented for the first time by researchers on Thursday.

Researchers from security firm Group-IB have named the remote access trojan “Krasue,” after a nocturnal spirit depicted in Southeast Asian folklore “floating in mid-air, with no torso, just her intestines hanging from below her chin.” The researchers chose the name because evidence to date shows it almost exclusively targets victims in Thailand and “poses a severe risk to critical systems and sensitive data given that it is able to grant attackers remote access to the targeted network.

According to the researchers:

Krasue is a Linux Remote Access Trojan that has been active since 20 and predominantly targets organizations in Thailand.

Group-IB can confirm that telecommunications companies were targeted by Krasue.

The malware contains several embedded rootkits to support different Linux kernel versions.

Krasue’s rootkit is drawn from public sources (3 open-source Linux Kernel Module rootkits), as is the case with many Linux rootkits.

The rootkit can hook the `kill()` syscall, network-related functions, and file listing operations in order to hide its activities and evade detection.

Notably, Krasue uses RTSP (Real-Time Streaming Protocol) messages to serve as a disguised “alive ping,” a tactic rarely seen in the wild.

This Linux malware, Group-IB researchers presume, is deployed during the later stages of an attack chain in order to maintain access to a victim host.

Krasue is likely to either be deployed as part of a botnet or sold by initial access brokers to other cybercriminals.

Group-IB researchers believe that Krasue was created by the same author as the XorDdos Linux Trojan, documented by Microsoft in a March 2022 blog post, or someone who had access to the latter’s source code.

During the initialization phase, the rootkit conceals its own presence. It then proceeds to hook the `kill()` syscall, network-related functions, and file listing operations, thereby obscuring its activities and evading detection.

The researchers have so far been unable to determine precisely how Krasue gets installed. Possible infection vectors include through vulnerability exploitation, credential-stealing or -guessing attacks, or by unwittingly being installed as trojan stashed in an installation file or update masquerading as legitimate software.

The three open source rootkit packages incorporated into Krasue are:

Enlarge / An image showing salient research points of Krasue.

Group-IB

Rootkits are a type of malware that hides directories, files, processes, and other evidence of its presence to the operating system it’s installed on. By hooking legitimate Linux processes, the malware is able to suspend them at select points and interject functions that conceal its presence. Specifically, it hides files and directories beginning with the names “auwd” and “vmware_helper” from directory listings and hides ports 52695 and 52699, where communications to attacker-controlled servers occur. Intercepting the kill() syscall also allows the trojan to survive Linux commands attempting to abort the program and shut it down.

Stealthy Linux rootkit found in the wild after going undetected for 2 years Read More »

Try Ubuntu Daily Builds on Windows With Ubuntu Preview for WSL

Highlights, Linux, Ubuntu, Windows Subsystem for Linux / DJ Henderson / December 13, 2022

internal/modules/cjs/loader.js: 905 throw err; ^ Error: Cannot find module ‘puppeteer’ Require stack: – /home/760439.cloudwaysapps.com/jxzdkzvxkw/public_html/wp-content/plugins/rss-feed-post-generator-echo/res/puppeteer/puppeteer.js at Function.Module._resolveFilename (internal/modules/cjs/loader.js: 902: 15) at Function.Module._load (internal/modules/cjs/loader.js: 746: 27) at Module.require (internal/modules/cjs/loader.js: 974: 19) at require (internal/modules/cjs/helpers.js: 101: 18) at Object. (/home/760439.cloudwaysapps.com/jxzdkzvxkw/public_html/wp-content/plugins/rss-feed-post-generator-echo/res/puppeteer/puppeteer.js:2: 19) at Module._compile (internal/modules/cjs/loader.js: 1085: 14) at Object.Module._extensions..js (internal/modules/cjs/loader.js: 1114: 10) at Module.load (internal/modules/cjs/loader.js: 950: 32) at Function.Module._load (internal/modules/cjs/loader.js: 790: 12) at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js: 75: 12) code: ‘MODULE_NOT_FOUND’, requireStack: [ ‘/home/760439.cloudwaysapps.com/jxzdkzvxkw/public_html/wp-content/plugins/rss-feed-post-generator-echo/res/puppeteer/puppeteer.js’ ]

Try Ubuntu Daily Builds on Windows With Ubuntu Preview for WSL Read More »