Category Archives: Community

Community related news

Tune in to Warpstock 2020 Online

Warpstock 2020 will happen online at 9:00am EST (14:00 UTC) this Saturday, November 7, for those in North America and western Europe, and sessions will repeat in a second block beginning at 8:00pm EST (01:00 UTC, Sunday, November 8) for those in the Asia/Pacific region and eastern Europe. Each block should only be 3-4 hours in length.

Sessions will be a mix of live and prerecorded presentations, with the presenters available to answer questions in realtime, submitted during the event via IRC or YouTube chat.

The WarpEvents YouTube channel is the place to watch the event stream. This channel should be viewable with any ArcaOS release, using Firefox or SeaMonkey, or any other device or OS you might want to use.

IRC Channel: irc://freenode/warpstock

The conference is entirely free this year, and no registration is necessary.

Both David Azarewicz and Lewis Rosenthal will be among those presenting this year.

A brief, but very heartfelt thank-you to all of our friends

I don’t often post personal notes on the Arca Noae blog, but as I have been spending some time reviewing our sales over the past couple of months, I noticed something important, and I didn’t want this to go unmentioned.

While the world has been turned upside down for many of us, and for still others, finding new and different ways to work and to put food on the table has been challenging (not to mention staying healthy and well-distanced from COVID-19). Yet somehow, some way, quite a few ArcaOS, eCS, and OS/2 users have managed to not only renew support but to purchase additional licenses and – perhaps most importantly – purchase sponsoring units for our friends and hard-working developers.

Make no mistake, the whole Arca Noae team will come through this just fine. However, we’ll come through just a little better off, though, with friends like you out there. I — we — greatly appreciate everything you do for our hard-working developers, customer service staff, and admins striving to make our computing platform of choice even better.

So, from all of us, THANK YOU. Stay safe and healthy as we continue to weather this storm together. There truly are better days ahead, and we have some great things in store for 2020 (and we’re still working hard on them).

Lewis Rosenthal
Managing Member
Arca Noae, LLC

Join Us at Warpstock 2019 in Orlando

Warpstock 2019 will be held November 8-10 at the Country Inn & Suites, Orlando Airport. Arca Noae staff and developers will be there with the latest ArcaOS news and how-to sessions, as well as a host of other OS/2 experts ready and willing to share their knowledge and expertise.

Register in the next 24 hours (before June 1) and receive a $30 Early Bird discount on a full conference registration or $20 on a daily conference registration! Spouses/family members/guests/office mates attending sessions also receive great discounts, and non-attending guests are FREE. Students with valid student ID are welcome to attend sessions at no charge, with full benefits! (This is a great opportunity for Computer Science majors and aspiring young developers and engineers to gain some exposure to a platform which is still in use in the manufacturing, finance, and insurance sectors around the globe today.)

Arca Noae Package Manager version 1.0.4 has been released

Arca Noae is pleased to announce the immediate availability of an updated Arca Noae Package Manager for ArcaOS, OS/2, and eComStation. (1.0.4)

While this is technically a minor update, it includes an array of substantial enhancements:

Implemented editing of secure repositories.
Implemented passing of long (>900 char) parameter lists by pipe instead of going through CMD (for package export).
Install from file now goes through yum engine, thereby enabling dependencies and update/downgrade/reinstall.
Ensured that special characters in encrypt/decrypt commands are not intercepted by CMD.
Make sure reinstall, update, and downgrade also enable DLL conflict checking.
Even more improved message formatting.
Expanded help guide.
Updated included libraries.
Various bug fixes and other minor improvements.

Arca Noae Package Manager is available in English with Spanish, French, Italian, German, Dutch, and Swedish language packs.

This open source utility is available to everyone, free of charge, regardless whether you have an Arca Noae software subscription or an ArcaOS license.

Please review the wiki for important first-time installation and upgrade notes and other tips.

Warpstock Europe 2019 is this weekend!

This weekend, May 18-19, Stichting VOICE International (the Dutch OS/2 VOICE foundation) will present Warpstock Europe 2019 at the Ibis Hotel in Utrecht, Netherlands. For program and travel details, visit http://www.warpstock.eu.

Ticket sales will close Wednesday afternoon, Dutch local time, so visit http://www.warpstock.eu now to purchase your ticket for this exciting event.

Unable to attend? Live audio and video streams will be made available. To ask questions remotely during the conference, use IRC. For details concerning both streams and IRC participation, see http://www.warpstock.eu/2019/58-videostream2019.

Members of the Arca Noae team will be presenting on the latest application, device driver, and ArcsOS development. Alex Taylor, Arca Noae’s Chief UI Architect, will be there live to present and to answer your questions. In addition, the developers at bww bitwiseworks will be on hand to discuss their latest projects for the OS/2 platform, including Qt5 progress.

Remember that the audio and video streams will be in real time, so be sure to account for any local time difference from Central European Summer Time (CEST), which is GMT +0200.

Videos will be available from the Warpstock Europe YouTube channel after the conference. See http://www.warpstock.eu/2019/58-videostream2019 for the link.

If you want to support the activities of VOICE, please consider making a donation:

http://www.os2voice.org/membership.html

Arca Noae at Warpstock 2018 in Calgary…and an ArcaOS Sale

This year’s Warpstock event is scheduled for September 14-16 in Calgary, Alberta, Canada.There will be several sessions devoted to getting the most out of ArcaOS and OS/2, in general.

To celebrate this year’s event, Arca Noae will be running a sale on ArcaOS personal and commercial licenses for the duration of Warpstock, Friday through Sunday. This is a great time to get in on this fresh and exciting OS/2 release or to pick up additional licenses for more stations. ArcaOS 5.0.3 was recently released, and the first beta for 5.0.4 is already in testing. Version 5.1 is scheduled for release in 2019, with a host of new features planned, including NLVs for several popular languages.

More information about Warpstock, its history, past speakers and presentations, and this year’s event may be found on the Warpstock site.

If you can’t join us in Calgary, be sure to watch the live feed on the WarpEvents page on YouTube.

Once there, locate the WarpStock 2018 Live Stream URL.

Users with OS/2 can watch the stream in two ways:

Firefox with Flash pointing to the WarpEvents site; or
Grab the YouTube URL and play it in VLC (preferred; get the latest VLC, ported by KO Myung-Hun, from Hobbes).

To ask questions during the live event, use the #netlabs channel on IRC.

There will be up to date information on OS/2 World and the following social networks:

Arca Noae Package Manager version 1.0.3 has been released

Arca Noae is pleased to announce the immediate availability of an updated Arca Noae Package Manager for ArcaOS, OS/2, and eComStation. (1.0.3)

This is a minor update, featuring various fixes and enhancements:

Ability to select specific platform for package installation/replacement.
Better filtering of duplicate packages in lists.
Improved message formatting.
Improved and expanded help guide, with more “how-to” references.
Updated included libraries.
Various bug fixes and other minor improvements.

Arca Noae Package Manager is available in English with Spanish, French, Italian, German, Dutch, and Swedish language packs. Some have added help file translations in this version.

This open source utility is available to everyone, free of charge, regardless whether you have an Arca Noae software subscription or an ArcaOS license.

Please review the wiki for important first-time installation and upgrade notes and other tips.

Support FreeRDP for OS/2!

If you have a need to access a remote Windows desktop, the best option is using a Remote Desktop Protocol (RDP) client. Using RDP, the local system’s drives may be mapped (redirected) into the remote system to access local files, and even audio from the remote system may be redirected to the local system.

Currently, the RDP client of choice on OS/2 is RDesktop, ported by Andrey Vasilkin. However, RDesktop is showing its age, and a newer, more active project, FreeRDP, has become very well known.

Andrey proposes porting FreeRDP to OS/2, which poses its own set of challenges, so in order to do that, he needs support from the OS/2 user base. This project will take several months, but when he is done, all users of OS/2 warp, eCS, and ArcaOS will have a free, modern, remote access tool.

Sponsoring units for this work may be purchased in the Arca Noae store, in $15, $25, $50, and $100 increments, and of course, it is possible to purchase multiple units at one time.

As with all of the sponsoring collected through Arca Noae 100% of your donation (subject to currency conversion) goes to the project or to the developer. Arca Noae absorbs any related transfer fees.

Arca Noae Package Manager version 1.0.2 has been released

Arca Noae is pleased to announce the immediate availability of an updated Arca Noae Package Manager for ArcaOS, OS/2, and eComStation. (1.0.2)

This is a minor release, but with lots of new functionality, including:

Prioritization of installed/updated packages, and prompted rebooting (should eliminate various problems when updating all packages).
Export & import of package lists, designed to make it easier to keep different systems in sync or when a complete refresh is required.
Fixed problems filtering out spurious checksum messages.
Improved error message formatting overall.
Program now gracefully handles bad or offline repositories.
Secure repositories can now be disabled/enabled in Repository Manager.
Cancelling credential entry for a secure repository now automatically
disables it.
Some changes to menu names and arrangement.
Improved and expanded help guide.
Various bug fixes and other minor improvements.

Arca Noae Package Manager is available in English with Spanish, French, Italian, German, Dutch, and Swedish language packs. Some have added help file translations in this version.

This open source utility is available to everyone, free of charge, regardless whether you have an Arca Noae software subscription or an ArcaOS license.

Please review the wiki for important first-time installation and upgrade notes and other tips.

Policy statement concerning Spectre and Meltdown exploits

Spectre and Meltdown are terms used to describe two potential exploits in a class of security attacks commonly termed “timing attacks” because they access data which may be sensitive in nature (passwords and other information) from areas of memory which may only be available at specific times (either moved elsewhere or removed entirely at other times). They belong to the more general class termed “side-channel attacks,” because they exploit the hardware itself, rather than breaking encryption or utilizing a software flaw. For more technical information regarding these exploits, please refer to the links section, below.

Arca Noae engineers are monitoring the situation, and while there is still much contradictory information crossing the internet at this time, we believe we have been able to assess at least some of the risk and provide some guidance to users of the OS/2 platform (OS/2 Warp, eComStation, and ArcaOS). As further reliable information becomes available, this post will be updated to reflect any change in Arca Noae’s position and any actions we may plan to take.

General information

In order to gain access to any information in privileged memory using one of these exploits, a user-level application must be launched on the specific machine to be compromised. This means that presently, an OS/2 executable must be used as the attack vector. As of this writing, we are not aware of any such code which executes on the OS/2 platform.

Browser-based attacks (running JavaScript) appear to require greater precision in a high-resolution timer than is currently available on OS/2, making such exploits more difficult than on other platforms, if not altogether impossible. It should also be noted that any such JavaScript-based attack would have to also be specifically designed to handle access to memory regions as managed by OS/2 (in other words, a malicious JavaScript program must be written for OS/2 and specifically to run in the OS/2 browser version in which it is running; a JavaScript program written for Windows or Linux will not work on OS/2). Realistically, the chance of this level of coding detail is extremely small.

Risks – virtual installations vs bare metal

By far, virtualized environments (running OS/2 as a guest under some other more vulnerable platform) are at the greatest risk, because the host system may rightly have access to the guest’s memory and virtualized processor. A host running a vulnerable operating system with an exploitable CPU which remains unpatched is the greatest concern. Arca Noae believes bare metal installations of OS/2-based operating systems are at much less risk.

Arca Noae’s current strategy

To date, we have not identified a need for a kernel patch to mitigate the risk of any hypothetical Spectre or Meltdown attack against OS/2-based systems. We continue to monitor the available information and will adjust our strategy as conditions require.

Arca Noae’s current recommendations

For virtualized and bare metal installations, Arca Noae recommends only running software obtained from trusted sources. Per stand practice, reasonable security precautions should be taken when accessing the internet, particularly when visiting unfamiliar or untrusted sites, and browser cache should be cleared regularly. The use of a NAT firewall is also encouraged (either a separate one, as built into a broadband router or at a minimum, a software firewall running on the local OS/2 system, such as InJoy Firewall).

Because a malicious application designed to utilize one of these exploits would have to be downloaded or copied to the target OS/2 system and then executed locally, normal malware protections remain the best first line of defense.

For virtualized installations, Arca Noae recommends applying to the host system whatever patches are made available and recommended by the developer of the host operating system.

Updates

2019-02-14: Security researchers apparently conclude in this whitepaper that Spectre cannot be entirely mitigated at the software level.

2019-10-07: Intel engineers have proposed (official/latest Intel PDF, here) a new memory type, speculative-access protected memory (SAPM), to mitigate a common factor in side-channel attacks which access cache/memory.