Category Archives: General

Extended service outage due to Tropical Storm Isaias

All systems are back online as of 5:00am EDT, following a blackout which began at approximately 2:25pm EDT, yesterday.

Power, fiber optic broadband, and even wireless communications were impacted by yesterday’s passing of Isaias, rendering even the best of contingency plans inadequate. We apologize for any inconvenience this may have caused.

About requests for support

Whenever you encounter a problem with Arca Noae software which you cannot resolve on your own, you should consider opening a trouble ticket. If you have a current ArcaOS Support & Maintenance subscription or a current OS/2 & eCS Drivers & Software subscription, we’re here to help in any way we can. You paid for professional support with your software license and/or subscription, and you are entitled to it. To provide that level of service, however, we need a little help from you.

Before opening your ticket, please consider whether the issue is really in Arca Noae software or perhaps in a third-party component bundled with ArcaOS. Third-party software is not produced or directly supported by Arca Noae. Look at the program’s documentation. Where does it say support requests should be directed? If it is third-party software, you should probably start there. On the other hand, if it is a third-party component but your problem seems to have stemmed from the manner in which it was installed during an ArcaOS installation or update, that would be a problem for us to at least review first, because it may involve our installation software (which is our component).

Please don’t take offense if we refer you to the program’s developer or distributor for support. Those entities are probably closer to the source code than we are, and thus in a better position to assist you with your problem. We’re not passing the buck, just trying to direct you to the best place for the help you need.

If your issue is with an Arca Noae component, please review that component’s wiki pages for information on supported configurations as well as debugging instructions. The more you do ahead of time, the more you will know and the more information you will have available when we request it in your ticket. Be sure you’re using the right driver for your hardware. Be sure your system is in a supported configuration.

As a general rule when opening tickets, you should familiarize yourself with our Reporting Problems – Best Practices and Ticket Guidelines wiki pages. While these pages don’t change often, they document the framework within which we process tickets, give you an overview of what to expect from us, and likewise, what we expect from you (see mention above of “a little help from you”).

When a technician or engineer has been assigned to your ticket, consider that person your concierge to a solution for the duration of your problem. He or she is there to help. If that technician or engineer requests logging information, that’s not a suggestion. He or she requests that information in order to resolve the problem.

Always bear in mind that not all problems are reproducible by the technician or engineer, or your problem could be a configuration or usage issue. Often the only objective information the technician or engineer has to work with is contained in the log file(s) requested. If the log file(s) contain what you consider to be sensitive information (usernames, IP addresses, etc.), simply ask the ticket assignee to set your ticket to private status. When private, only you, Arca Noae staff, and developers have access to the information. You also have the option of sanitizing your log info to your satisfaction, as long as such anonymizing does not obscure the underlying data (your ticket assignee can provide more guidance, here; just ask).

If you fail to provide requested information or log files, your ticket assignee may very well resolve the ticket as “reporter unresponsive.” You may reopen the ticket within 30 days of resolution if you provide the requested information.

When you attach files to a ticket, please also post a comment. File attachments do not trigger email notifications, and do not change ticket status from Feedback, so without a comment added, the technician or engineer will have no idea that you have provided the requested information, and this may delay the ticket resolution process.

Please do not provide extra, not-requested attachments, such as configuration files and screenshots. If your ticket assignee has need of this information, he or she will ask for it.

Our goal is to resolve your issue as quickly as possible. Some issues may require more time than others. Some issues require group input, and thus, there may be some delays in responding to your ticket. Please be patient.

Above all, our goal is to provide quality software and attentive, professional support. All we ask in return is that you follow the procedures we have put in place so that we may work as efficiently as possible, and you may get back to the business of enjoying your Arca Noae products.

A brief, but very heartfelt thank-you to all of our friends

I don’t often post personal notes on the Arca Noae blog, but as I have been spending some time reviewing our sales over the past couple of months, I noticed something important, and I didn’t want this to go unmentioned.

While the world has been turned upside down for many of us, and for still others, finding new and different ways to work and to put food on the table has been challenging (not to mention staying healthy and well-distanced from COVID-19). Yet somehow, some way, quite a few ArcaOS, eCS, and OS/2 users have managed to not only renew support but to purchase additional licenses and – perhaps most importantly – purchase sponsoring units for our friends and hard-working developers.

Make no mistake, the whole Arca Noae team will come through this just fine. However, we’ll come through just a little better off, though, with friends like you out there. I — we — greatly appreciate everything you do for our hard-working developers, customer service staff, and admins striving to make our computing platform of choice even better.

So, from all of us, THANK YOU. Stay safe and healthy as we continue to weather this storm together. There truly are better days ahead, and we have some great things in store for 2020 (and we’re still working hard on them).

Lewis Rosenthal
Managing Member
Arca Noae, LLC

Arca Noae progress report: ArcaOS in your language

Translation work continues for ArcaOS. General availability of German and Spanish editions of ArcaOS are anticipated for the 5.0.5 release, with more languages slated to follow. We are making tremendous strides toward achieving the goal of a non-English reader to be able to install and run ArcaOS with minimal effort.

Translators are invited to join a core team working on the project. If you have the linguistic skills, enjoy a challenge, and would like to participate in a truly fun and rewarding endeavor, please let us know. Translators automatically become members of the test team, with early access to development releases (among other benefits).

Potential localized versions of ArcaOS include:

  • German
  • Spanish
  • French
  • Italian
  • Dutch
  • Portuguese
  • Japanese
  • Chinese (Simplified)
  • Chinese (Traditioinal)
  • Korean
  • Russian

(This is by no means a promise to deliver any of the above. Partial work has at least been done on most of the above translations, however.)

Need a language not listed above? Need one of the above languages completed sooner? Talk to us about specific localization needs for your enterprise.

Don’t have ArcaOS yet? Now is a great time to pick up a license or two and replace that aging Warp 4 or eComStation installation and get to know what’s new and improved. ArcaOS runs the vast majority of existing OS/2 Warp 4 software, because it really is OS/2 – just better. ArcaOS supports more modern hardware than any other OS/2 distribution available today, making hardware upgrades much easier than ever before.

Arca Noae progress report: USB, ArcaOS updater, multimedia

Here are some of the recent happenings around the Arca Noae labs and design studios:

We’ve recently made significant progress toward localizing various parts, particularly for German and Spanish, and will soon have a new test build of the CWMM classes in Spanish (a completely new translation for this component).


We continue to improve the update process for the next ArcaOS release, as we find edge cases where the current updater doesn’t quite finish due to unexpected conditions in the target system. (As a reminder, please check the ArcaOS Updating wiki page before beginning an update to the latest release. There you’ll find hints and tips to help avoid – or resolve – some known problems.)


When IBM left off USB driver development, OS/2 had a working, 16-bit USB 1.x and 2.0 driver stack. Fast forward to 2019, and this is no longer adequate for the needs of today’s hardware.

The Arca Noae USB stack is now fully 32-bit, and USB 3 support development continues to make good progress. Implementing USB 3 support has been tedious because the OS/2 USB architecture didn’t accommodate the peculiarities of USB 3 well.

Adding USB 3 support was not as simple as just writing a new xHCI driver. Significant changes were required throughout the entire USB stack, including changes to USBD and the OHCI, UHCI, and EHCI drivers. The xHCI driver as it exists today in beta testing works quite well. There are just a couple of things that still need to be done before we will be able to release it for general availability. One thing is to implement support for Isochronous transfers (audio and video devices). The second thing is to improve the error recovery speed. Error recovery speed was not an issue with USB 2 because USB 2 devices rarely, if ever, had errors. Super Speed (USB 3) devices operating at the new USB 3 speeds have higher error rates so the error recovery speed is important. We are actively working to resolve these last two issues.

Once the xHCI (USB 3) driver is released, the Arca Noae USB stack will make it possible to install and run ArcaOS on systems which lack USB 2.0 (EHCI) controllers. (Even though many modern systems advertise the availability of USB 2.0 ports, these ports are indeed wired to xHCI controllers. Without an xHCI driver, this will result in loss of keyboard and mouse control shortly after boot and the inability to mount the installation ISO from USB-attached media.)


Don’t have ArcaOS yet? Now is a great time to pick up a license or two and replace that aging Warp 4 or eComStation installation and get to know what’s new and improved. ArcaOS supports more modern hardware than any other OS/2 distribution available today, making hardware upgrades much easier than ever before.

Arca Noae progress report: Bits and Pieces

We continue to explore new ways to make the ArcaOS desktop experience more user-friendly and useful. To that end, we’d like to share some upcoming enhancements which should be available in the near future.

An update to the Arca Noae Removable Media Monitor widget for the XCenter is currently in testing which handles JFS, HPFS, and FAT32 media changes better, avoiding a trap which could otherwise occur when removing one device and inserting another without a proper eject operation.

We also have a component in testing now which transparently switches audio output from the built-in audio device to a USB audio device and back again when the USB device is attached or removed.

If you have a Brother laser printer, and have not been able to print to it, even via CUPS, we have some possibly good news for you: The brlaser CUPS driver package (RPM) has recently been updated to version 6.0.0, and our port should be moving from our experimental repository to the subscription repository very soon.

Don’t have ArcaOS yet? Now is a great time to pick up a license or two and replace that aging Warp 4 or eComStation installation. Better yet, why not upgrade to newer hardware entirely, and install ArcaOS fresh? ArcaOS supports more modern hardware than any other OS/2 distribution available today.

Arca Noae progress report: ArcaOS on UEFI-only hardware

Unified Extensible Firmware Interface (UEFI) is gradually replacing the traditional system BIOS. The vast majority of PCs on the market are now based on UEFI technology, and a number of these include what is called a Compatibility Support Module (CSM). This CSM “layer” replaces the traditional BIOS and provides backward-compatibility support for booting operating systems such as DOS, OS/2, and, of course, ArcaOS. (This is typically listed as “Compatibility”, or “Legacy” boot in the system setup menu of UEFI-based PCs.)

PC manufacturers and Intel specifically have stated publicly that they intend to phase out inclusion of a CSM layer in the next few years (in the case of Intel, beginning in 2020), leaving UEFI as the only boot option, eliminating the “Compatibility” selection. To prepare for this, Arca Noae has been exploring ways to boot ArcaOS on systems lacking a manufacturer-supplied CSM. We are pleased to announce that over the last several months our development team has made significant progress in achieving that goal.

In the lab, we are now able to boot ArcaOS all the way to a desktop on a system configured to boot in UEFI mode. All necessary drivers load, with all CPU cores running, and ArcaOS properly switches to graphics mode. The importance of this accomplishment cannot be overstated. To our knowledge, this is the first time ArcaOS has ever booted without the presence of an active CSM.

Having said that, this project is still in its research stage and not yet ready for release to our beta testers. Native UEFI support requires changes to the low level disk and video subsystems, and this work is ongoing.

We remain cautiously optimistic that we will complete our Proof of Concept successfully and will have a UEFI solution for a future ArcaOS version.

Oh, and Arca Noae has been an Adopting member of the UEFI Forum since 2015.

Arca Noae progress report

Work continues at a furious pace behind the scenes at Arca Noae! Sometimes, a lot of work is needed before any highly visible releases are done, so we thought it might be a good idea to provide periodic progress reports so everyone can see just how much work is being done. Here’s the first in the series.

Device drivers

Work is continuing on Panorama. There have been improvements in monitor detection. Our developers and dedicated beta testers discovered some issues on some systems with different EDID types. Other changes to the Panorama PMI have improved compatibility with more systems. Watch for a new release in the near future, and of course, in the upcoming ArcaOS 5.0.4.

The ACPI project continues to get improvements. In addition to the regular updates for ACPICA, there has been work needed to fix some minor issues, increasing compatibility over a wider range of systems.

The AHCI driver received some improvements to help protect non-MBR disks from accidental damage.

A lot of progress has been made on USB3. We now have a driver that mostly works but still needs further refining before it is ready for alpha testing.

Kernel and boot environment

Work has recently begun to investigate booting of ArcaOS on UEFI-based systems without a vendor-supplied Compatibility Support Module (CSM). Watch for further updates on this project. Early indications are very positive for this critical component, necessary to support the latest generation of hardware.

ArcaOS 5.0.4

A lot of work has gone into getting the next release of ArcaOS ready. Our next progress update will focus on this, but the biggest news to share is that thanks to our new Update Facility, bringing any version of ArcaOS 5.0 up to date will be a snap: no more reformatting and reinstalling! Instead, just boot from the installation disc, ISO, or USB flash drive, select the ArcaOS installation to be updated, and allow the process to complete.

A lot of work has gone into Installer fixes and improvements, too. For new installations, the process has never been easier or more trouble-free.

Outside development

Most of our developers also do their own things, away from ArcaOS. Most of these projects find their way into ArcaOS or into the Arca Noae software repositories in some form or fashion. Here are a couple of notable things seeing active development.

Several years ago, Alex Taylor, our Chief UI Architect, began work on a replacement utility for the graphical LVM (Logical Volume Manager) Java applet. Alex has recently returned to that work, and the latest beta is looking promising for inclusion in ArcaOS 5.1.

Alex has also spent some time working on not only the ConfigApps utility which associates various internet applications with the Workplace Shell, and has contributed some new work for NewView, the help and INF viewer. Source code for both of these may be viewed and checked out of the Netlabs NewView project repository.

Consulting and development for commercial clients

We have spent a lot of time in recent months working on some custom projects for commercial clients. Not only does this work help fund ongoing development for many of the projects mentioned above, but many new things come out of this work to benefit all users of the platform.

Ongoing subscription service and support

We work tirelessly to provide professional, courteous, and knowledgeable technical support for the software we produce and distribute. Sometimes, this support uncovers bugs which we work quickly to address, other times, we find that documentation could be improved, and in some cases, we discover hardware which may require some software modification to support (or which we may determine to be unsuitable for ArcaOS). We offer two levels of support: personal and commercial, where commercial subscribers receive priority attention. Still, we do our best to see that everyone’s needs are addressed.

As a reminder, when considering opening a new trouble ticket, it’s a good idea to re-read our ticket guidelines and Best Practices page, and be sure to search for similar issues in our bug tracker. If a ticket is indeed necessary, we generally will require a TestLog log file, so be sure to follow the directions here to get the latest TestLog build, first. You may attach a log file at the time of opening the ticket, saving time in the process.

Policy statement concerning Spectre and Meltdown exploits

Spectre and Meltdown are terms used to describe two potential exploits in a class of security attacks commonly termed “timing attacks” because they access data which may be sensitive in nature (passwords and other information) from areas of memory which may only be available at specific times (either moved elsewhere or removed entirely at other times). They belong to the more general class termed “side-channel attacks,” because they exploit the hardware itself, rather than breaking encryption or utilizing a software flaw. For more technical information regarding these exploits, please refer to the links section, below.

Arca Noae engineers are monitoring the situation, and while there is still much contradictory information crossing the internet at this time, we believe we have been able to assess at least some of the risk and provide some guidance to users of the OS/2 platform (OS/2 Warp, eComStation, and ArcaOS). As further reliable information becomes available, this post will be updated to reflect any change in Arca Noae’s position and any actions we may plan to take.

General information

In order to gain access to any information in privileged memory using one of these exploits, a user-level application must be launched on the specific machine to be compromised. This means that presently, an OS/2 executable must be used as the attack vector. As of this writing, we are not aware of any such code which executes on the OS/2 platform.

Browser-based attacks (running JavaScript) appear to require greater precision in a high-resolution timer than is currently available on OS/2, making such exploits more difficult than on other platforms, if not altogether impossible. It should also be noted that any such JavaScript-based attack would have to also be specifically designed to handle access to memory regions as managed by OS/2 (in other words, a malicious JavaScript program must be written for OS/2 and specifically to run in the OS/2 browser version in which it is running; a JavaScript program written for Windows or Linux will not work on OS/2). Realistically, the chance of this level of coding detail is extremely small.

Risks – virtual installations vs bare metal

By far, virtualized environments (running OS/2 as a guest under some other more vulnerable platform) are at the greatest risk, because the host system may rightly have access to the guest’s memory and virtualized processor. A host running a vulnerable operating system with an exploitable CPU which remains unpatched is the greatest concern. Arca Noae believes bare metal installations of OS/2-based operating systems are at much less risk.

Arca Noae’s current strategy

To date, we have not identified a need for a kernel patch to mitigate the risk of any hypothetical Spectre or Meltdown attack against OS/2-based systems. We continue to monitor the available information and will adjust our strategy as conditions require.

Arca Noae’s current recommendations

For virtualized and bare metal installations, Arca Noae recommends only running software obtained from trusted sources. Per stand practice, reasonable security precautions should be taken when accessing the internet, particularly when visiting unfamiliar or untrusted sites, and browser cache should be cleared regularly. The use of a NAT firewall is also encouraged (either a separate one, as built into a broadband router or at a minimum, a software firewall running on the local OS/2 system, such as InJoy Firewall).

Because a malicious application designed to utilize one of these exploits would have to be downloaded or copied to the target OS/2 system and then executed locally, normal malware protections remain the best first line of defense.

For virtualized installations, Arca Noae recommends applying to the host system whatever patches are made available and recommended by the developer of the host operating system.

Updates

2019-02-14: Security researchers apparently conclude in this whitepaper that Spectre cannot be entirely mitigated at the software level.

2019-10-07: Intel engineers have proposed (official/latest Intel PDF, here) a new memory type, speculative-access protected memory (SAPM), to mitigate a common factor in side-channel attacks which access cache/memory.

Links

Official information

Spectre CVEs:

CVE-2017-5753

CVE-2017-5715

Meltdown CVE:

CVE-2017-5754

Mozilla Security Blog

CERT: CPU hardware vulnerable to side-channel attacks

Intel: Facts about side-channel analysis and Intel products

AMD: An update on AMD processor security

October 2017 happenings

ArcaOS 5.0.2 in the works

We are hard at work finalizing the last bits to be included in ArcaOS 5.0.2. Among the enhancements and features are a few bug fixes, updates to included RPM packages, updated Samba client, and the new ability to install from an ArcaOS bootable USB stick (or local partition). We call this new feature AltBoot, and it is a milestone for OS/2. This should assist those with USB 2.0 capability but no optical drives in getting ArcaOS installed and running.

Arca Noae experimental YUM repository access now restricted

In an effort to better ensure the integrity of packages provided by Arca Noae in our release and subscription channels, we have now restricted access to the arcanoae-exp repository to developers and the test team only.

Rest assured, any software which you may have installed from the experimental repository will continue to function just as it did before. However, we strongly urge that if you have installed the arcanoae-exp RPM to configure the experimental repository in Arca Noae Package Manager (ANPM) or YUM, you uninstall that package. It will be withdrawn from the Netlabs stable repository shortly.

Firefox 45.9 RPM coming soon to an Arca Noae YUM repository near you

Firefox 45.9 GA should be arriving soon for installation via ANPM as part of the subscription content for ArcaOS licensees with active support and maintenance and Drivers & Software subscribers. This new packaging should ease the burden of upgrades by managing dependencies and better ensuring a successful installation. More details will be provided in an upcoming post. (Of course Firefox is free for all to download as zip from Netlabs. There is no requirement to maintain a subscription with Arca Noae in order to get the latest Firefox for OS/2.)

If you are still running OS/2 and/or eComStation systems and haven’t yet purchased a software subscription, this is a great reason to do so now. It may also be a good time to consider moving up to ArcaOS.