Category Archives: Community

Community related news

Warpstock Europe 2024, Rheine, Germany

The OS/2 VOICE Foundation is pleased to announce that the working schedule for Warpstock Europe 2024 is now online. Warpstock Europe will be held June 7-9 in Rheine, Germany.

The event will be held in Hotel Lücke (the hotel’s site is available in English and German). Presenters and attendees should register with the hotel for sleeping accommodations. The discounted room rate for Warpstock Europe attendees is €104 per night, which includes breakfast.

VOICE is planning to provide a live video stream via YouTube, as well. Of course, the fullest Warpstock Europe experience is in person, where you have the ability to interact with presenters and other like-minded people. Please see the Warpstock Europe website for details.

Access for the 3-day event (including 2-course lunch each day) is €215. You may order your Warpstock Europe access through this link before May 24. For travel information and the schedule please visit the Warpstock Europe website.

Among other presenters, Arca Noae Managing Member, Lewis Rosenthal, will be on hand to present and to meet with attendees. Come join the discussion, and learn some new things about ArcaOS!

If you would like to present in person or remotely, please contact the VOICE President, Roderick Klein, via email at president AT os2voice DOT org. There are still presentation slots available, and some others have not yet been confirmed. (Note: Due to strict budget constraints, presenters must also purchase access to Warpstock Europe 2024.)

About the future of the Hobbes archive

For over 30 years, the Hobbes repository at New Mexico State University has been a mainstay for OS/2 users to locate software for OS/2, whether freeware, open source, or commercial demos.

This month, Hobbes announced that it would be shutting down as of April 15 of this year. While this truly saddens those of us closely involved with software development for the platform, Arca Noae nevertheless understands the level of resources and commitment required to maintain an ever-growing archive. We applaud the Hobbes archiver and the entire team of faculty, students, and other volunteers who have come and gone over the years, all the while keeping Hobbes up and running for the benefit of all. We are also grateful to the University for its commitment to the archive, providing hardware, software, power, and bandwidth.

We are aware that discussions are underway in the OS/2 community to find a new home for Hobbes. There is a thread on the Warp mailing list at groups.io and another in the OS/2 World forums. You may also read a public announcement from OS/2 VOICE about this here.

At this time, Arca Noae urges caution and advises against more people volunteering to host the main Hobbes repository (though mirrors of a potential new site would likely be appreciated). We remain hopefully optimistic that Hobbes will indeed find a new long-term home and that the transition from New Mexico State University to that new home (wherever it might be) will be a smooth one.

Warpstock 2023 videos now available

Videos of Warpstock 2023 presentations from earlier this month, including Arca Noae staff and developers featuring the latest ArcaOS news and how-to sessions are now available on YouTube in the WarpEvents channel.

Video topics include:

ArcaOS Roadmap
High-Resolution OS/2: The Sequel
ArcaOS 5.1
Is ArcaOS a DOS Gaming Mecca?
ArcaOS under and next to VMWare ESXi
UEFI vs Traditional BIOS: Which is Right?
…and much more

Arca Noae Package Manager version 1.1.0.2 has been released

Arca Noae is pleased to announce the immediate availability of an updated Arca Noae Package Manager for ArcaOS, OS/2, and eComStation. (1.1.0.2)

This is a minor update to the 1.1.0 release with the following bug fixes:

Update SMBIOS to 1.1.
Fix bug initializing conflict detection popup..
Increase text limit of quick install entryfield.

Arca Noae Package Manager is available in English with Spanish, French, Italian, German, Dutch, Russian, and Swedish language packs. Some of these have been refreshed for this release.

ANPM 1.1.0.2 requires WarpIN 1.0.24 or higher for installation. This WarpIN package is available from Hobbes.

This utility is licensed under the GPLv3, and is available to everyone, free of charge. See the included documentation for instructions on how to access the source code.

Please review the wiki for important first-time installation and upgrade notes and other tips.

Arca Noae Package Manager version 1.1.0 has been released

Arca Noae is pleased to announce the immediate availability of an updated Arca Noae Package Manager for ArcaOS, OS/2, and eComStation. (1.1.0)

This is update includes some major new functionality, enhancements, and bug fixes:

Support for WarpIN archives.
Add new logic to automatically re-scale all UI elements to dynamically fit the configured window font.
Change secret generation over to SMBIOS interface to provide better support for systems where DMIDECODE is unsuccessful, e.g., UEFI environments.
Fix for case where both dependency check and required packages list exceed 700 characters.
Various UI fixes and tweaks.

Arca Noae Package Manager is available in English with Spanish, French, Italian, German, Dutch, Russian, and Swedish language packs. Some of these have been refreshed for this release.

The wiki will be updated to include more information regarding the new WarpIN repository configuration.

ANPM 1.1.0 requires WarpIN 1.0.24 or higher for installation. This WarpIN package is available from Hobbes.

This open source utility is available to everyone, free of charge.

Please review the wiki for important first-time installation and upgrade notes and other tips.

Beware of used ArcaOS licenses offered for sale

Happy New Year!

Recently, we’ve become aware of several ArcaOS licenses being offered for sale on various platforms. This post is a reminder to check the validity of any used license before paying for it.

All ArcaOS licenses are generated by Arca Noae. If you order through one of our authorized resellers, that reseller places an order for your software with us, and we provide the custom ISO for you, registered to an account in your name.

While it is entirely permissible to transfer a license (see paragraph 9 of the ArcaOS End User License Agreement ), such a transfer must include a hard copy of the license and proof of entitlement. Proof of entitlement means some documentation to prove that the company or individual transferring the license does indeed have the right to do so (it must indeed be registered to that company or individual).

Upon transfer, the transferor must notify Arca Noae of the transfer and provide contact information for the transferee. Without this, it will not be possible to renew support for that ArcaOS license – including a late renewal.

It is worth noting also that only the ArcaOS license is transferable. Support is not. Thus, when an unsuspecting user purchases an existing ArcaOS license and he or she wants to access related downloads for updates or even request an updated ISO, a new ArcaOS Support & Maintenance subscription will be required. The cost of the used license plus new support may be far more than a new license with included support and the ability to renew that support at a discount.

If you are considering the purchase of a used ArcaOS license, be sure to ask for a copy of the registrant’s name, email address, and serial number, and contact us first so that we may be able to determine whether the license is, in fact, legitimate. If it’s not, it will not be valid for purchasing a Support & Maintenance subscription, so technical support, updates, discounted upgrades, and bug fixes will never be available.

Happy Thanksgiving!

Just a brief post to send our best wishes for a Happy Thanksgiving to all of our friends. The Arca Noae family is sincerely grateful for all the support you show for us and for our mutual platform of choice, ArcaOS. It was great to see and hear from so many of you while we were at Warpstock in Orlando, earlier this month.

We have news concerning the upcoming release of ArcaOS 5.1. Our required infrastructure enhancements continue, and we anticipate the release of ArcaOS 5.1 in the very near future. Look for a post here concerning upgrade and new license purchase options.

Be safe, and enjoy this Thanksgiving in good health with close friends and family.

Join Us at Warpstock 2022 in Orlando

Warpstock 2022 will be live once again, November 4-6 at the Country Inn & Suites, Orlando Airport. Arca Noae staff and developers will be there with the latest ArcaOS news and how-to sessions, as well as a host of other OS/2 experts ready and willing to share their knowledge and expertise.

Register before August 1 and receive a $30 Early Bird discount on a full conference registration or $20 on a daily conference registration! Spouses/family members/guests/office mates attending sessions also receive great discounts, and non-attending guests are FREE. Students with valid student ID are welcome to attend sessions at no charge, with full benefits! (This is a great opportunity for Computer Science majors and aspiring young developers and engineers to gain some exposure to a platform which is still in use in the manufacturing, finance, and insurance sectors around the globe today.)

Major topics of discussion this year will center around ArcaOS 5.1 and new disk and installation options. As always, we welcome questions and feedback from both new and experienced users.

Apache Log4j vulnerability (CVE-2021-44228)

On Thursday, December 9, 2021, the Apache Log4j project disclosed a critical security vulnerability which may result in remote code execution on systems running Log4j. The exploit has been aptly named Log4Shell (CVE-2021-44228).

Log4j is a logging component which runs under Java on many different platforms, and is useful not only for Java applications, but for other programs, as well. It is commonly bundled with unrelated software, simply as a means of providing a standard logging engine.

Arca Noae has completed a scan of our internal systems and has determined that we are not affected by this vulnerability. Further, ArcaOS has never included any Log4j components, and is also unaffected. However, because the exploitable feature in Log4j has existed for some time, it is possible that Java and other applications may have been installed under ArcaOS which utilize Log4j, and these systems may be at risk.

The feature used for the Log4Shell exploit is in the JNDI (Java Naming and Directory Interface) lookup class which was added to Log4j several years ago during the 2.0 beta cycle. Log4j versions through 2.3 required only Java versions up to 1.6, and so may be utilized by some OS/2-compatible applications.

Risk assessment

To determine whether any of your OS/2 systems may be at risk, start by searching all accessible volumes for log4j-*.jar. If any are found, determine the version of Log4j by examining the content of META-INF/MANIFEST.MF in the core jar file:

[c:\] unzip -c log4j-core.jar META-INF/MANIFEST.MF | less

Note the Implementation-Version line content.

Edge servers as well as firewalled systems running various applications may be at risk, as queries may be submitted to the Log4j engine from other applications and potentially from outside the network.

Mitigation

Although the exploit has been addressed in Log4j 2.16.0, because versions above 2.3 are not currently compatible with OS/2’s available Java Runtime Engine, it is necessary to mitigate the condition by removing the JndiLookup class from the classpath, e.g.:

[c:\] zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class

Additional information

Older (pre-2.0-beta9) versions of Log4j lack this lookup class, and do not appear to be at risk for Log4Shell (though some earlier security advisories may have been issued). Further research may be needed based upon the version(s) of Log4j which may be in use on these earlier systems. Also, this is not the only security advisory for Log4j 2.0-beta9 – 2.3. This notification is only related to CVE-2021-44228.

Links

https://nvd.nist.gov/vuln/detail/CVE-2021-44228
https://nakedsecurity.sophos.com/2021/12/10/log4shell-java-vulnerability-how-to-safeguard-your-servers/
https://www.kb.cert.org/vuls/id/930724

Arca Noae Package Manager version 1.0.7 has been released

Arca Noae is pleased to announce the immediate availability of an updated Arca Noae Package Manager for ArcaOS, OS/2, and eComStation. (1.0.7)

This is update includes several minor fixes and a few critical enhancements:

Clear repo filter when selecting Installed RPM view.
Add 30s timeout to all curl commands.
Fix parsing of package name when it contains a period.
Ensure Python 2 is always used, now that Python 3 packages may be installed.
Initial commit of Russian translation.
Detect when CONFIG.SYS is modified.
Various UI fixes and tweaks.

Arca Noae Package Manager is available in English with Spanish, French, Italian, German, Dutch, Russian, and Swedish language packs. Some of these have been refreshed for this release.

ANPM 1.0.7 requires WarpIN 1.0.24 or higher for installation. This WarpIN package is available from Hobbes.

This open source utility is available to everyone, free of charge.

Please review the wiki for important first-time installation and upgrade notes and other tips.