Notices tagged with 8

Why should I use DuckDuckGo instead of Google?

#1 — Google tracks you. We don’t.You share your most intimate secrets with your search engine without even thinking: medical, financial and personal issues, along with all the day to day things that…

Article word count: 1978

HN Discussion: https://news.ycombinator.com/item?id=18006188

Posted by berkeleyjunk (karma: 367)

Post stats: Points: 113 - Comments: 85 - 2018-09-17T14:25:11Z

#HackerNews #duckduckgo #google #instead #should #use #why

Article content:

#1 — Google tracks you. We don’t.

You share your most intimate secrets with your search engine without even thinking: medical, financial and personal issues, along with all the day to day things that make you, well, you. All of that personal information should be private, but on Google it’s not. On Google, your searches are tracked, mined, and packaged up into a data profile for advertisers to follow you around the Internet through those intrusive and annoying ever-present banner ads, using Google’s [1]massive [2]ad [3]networks, embedded across millions of sites and apps.

In fact, it’s a myth that you need to track people to make money in web search. When you search ‘car’ we can show you a car ad without knowing anything about you. That’s how [4]we make money and it doesnʼt involve tracking because it is based on the keyword and not the person. Google could do this too; they just chose not to— all that tracking is to power their ad networks so that ads can follow you around the Internet using your search history and other information they have on you.

So-called incognito mode won’t protect you either. That’s another myth. “Incognito” mode isn’t really incognito at all. It’s an extremely misleading name and in my opinion should be changed. All it does is delete your local browsing history after your session on your device, but does nothing from stopping any website you visit, including Google, from tracking you via your IP address and other tracking mechanisms like [5]browser fingerprinting. Here’s the fine print:

To keep your searches private and out of data profiles, the government, and [6]other legal requests, you need to use [7]DuckDuckGo. We don’t track you at all, regardless what browsing mode you are in.

Each time you search on DuckDuckGo, it’s as if you’ve never been there before. We simply don’t store anything that can tie your searches to you personally, or even tie them together into a search history that could later [8]be tied back to you. For more details, check out our [9]privacy policy.

#2 — Block Google trackers lurking everywhere.

Google tracks you on [10]more than just their search engine. You may realize they also track you on YouTube, Gmail, Chrome, Android, Gmaps, and all the other services they run. For those, we recommend using [11]private alternatives like DuckDuckGo for search. Yes, you can live Google-free. I’ve been doing it for many years.

What you may not realize, though, is Google trackers are actually lurking behind the scenes on [12]75% of the top million websites. To give you a sense of how large that is, Facebook is the next closest with 25%. It’s a good bet that any random site you land on the Internet will have a Google tracker hiding on it. Between the two of them, they are [13]truly dominating online advertising, by some measures literally making up [14]74%+ of all its growth. A key component of how they have managed to do that is through all these hidden trackers.

Google Analytics is installed on most sites, tracking you behind the scenes, letting website owners know who is visiting their sites, but also feeding that information back to Google. Same for the ads themselves, with Google running three of the largest non-search ad networks installed on millions of sites and apps: Adsense, Admob, and DoubleClick.

You know those ads that creepily follow you around everywhere? Most of those are actually run through these Google ad networks, where they let advertisers target you against your search history, browsing history, location history and other personal information they collect. Even less well known is they also enable advertisers like [15]airlines to charge you different prices based upon your personal information.

These ads are not only annoying — they are literally designed to manipulate you through targeting to make you buy more things, and just showing them to you is an act of Google profiting off of your personal information.

At DuckDuckGo, we’ve expanded beyond our roots in search, to protect you no matter where you go on the Internet. Our [16]DuckDuckGo browser extension and mobile app is available for all major browsers and devices, and blocks these Google trackers, along with the ones from Facebook and countless other data brokers. It does even more to protect you as well like providing smarter encryption.

#3 — Get unbiased results, outside the Filter Bubble.

When you search, you expect unbiased results, but that’s not what you get on Google. On Google, you get results tailored to what they think you’re likely to click on, based on the data profile they’ve built on you over time from all that tracking I described above.

That may appear at first blush to be a good thing, but when most people say they want personalization in a search context they actually want localization. They want local weather and restaurants, which can actually be provided without tracking, like we do at DuckDuckGo. That’s because approximate location info is automatically embedded by your computer in the search request, which we can use to serve you local results and immediately throw away without tracking you.

Beyond localization, personalized results are dangerous because to show you results they think you’ll click on, they must filter results they think you’ll skip. That’s why it’s called the Filter Bubble.

So if you have political leanings one way or another, you’re [17]more likely to get results you already agree with, and less likely to ever see opposing viewpoints. In the aggregate this leads to increased echo chambers that are significantly contributing to our increasingly polarized society.

This Filter Bubble is especially pernicious in a search context because you have the expectation that you’re seeing what others are seeing, that you’re seeing the “results.” We’ve done studies over the years where we have people search for the same topics on Google at the same time and in “Incognito” mode, [18]and found they are significantly tailored.

On DuckDuckGo, we are committed to not putting you in the Filter Bubble. We don’t even force people into a local country index unless they explicitly opt-in.

#4 — We listen.

Google is notoriously hard to get a hold of. [19]Locked out of your Gmail account? Sorry, we can’t help you. [20]The Knowledge Graph says you’re dead? That’s unfortunate. Unless you’re a journalist or influencer of some kind, good luck getting anyone at Google to listen.

Meanwhile at DuckDuckGo we read every piece of feedback we get. We respond [21]on social media. In short, we listen. [22]My DMs are open and I read all the email sent to me personally. Feel free to reach out.

#5 — We don’t try to trap you in our “ecosystem.”

It used to be that you search on Google and then you click off to the top result. Over time, Google [23]bought more and more companies and launched more and more of their own competing services, favoring them over others in their search results. Google Places instead of Yelp, TripAdvisor, etc. Google Products instead of Amazon, Target, etc. They’re in travel, health, and [24]soon jobs. Anywhere there is money to be made, you can expect them to get into it eventually.

Even when you do click off, [25]Google AMP tries to still trap you in Google. And these tactics are not just on the search engine.

On Android on many implementations there is immovable Google search widget and you can’t even change its search engine if you want to. By just installing it by default, this behavior is a direct analogue to [26]Microsoft putting IE on Windows in the 1990s, but worse since it takes up more of the smaller screen. The same is true for [27]other Google services on Android as well, forcing carriers to bundle and promote them. We personally have similar issues with Chrome search engine integration.

At DuckDuckGo, we aren’t trying to take over the world. We don’t have an “ecosystem” to trap you in. We just want to help you get to where you want to go as fast as possible, and protect you as much as we can in that process.

#6 — We have !bangs.

To further this point, we have a [28]built-in feature called bangs that enables you to search other sites directly, completely skipping DuckDuckGo if you like. Here’s how it works. Let’s say you know you want to go to the Wikipedia article for ducks. You can just search for “!w duck” and we will take you right there.

The ! tells DuckDuckGo you want to use a bang shortcut, and the w is an abbreviation for Wikipedia. You can use the full name, though we have a lot of shortcuts such as !q for Quora, !a for Amazon, !r for Reddit, etc. There are literally thousands of sites that this feature works with, and so most sites you think of will probably work. It also works with our autocomplete so you can see what’s there easily.

If you routinely search a particular site, like Stack Overflow for coding answers or Baseball Reference for stats or All Recipes for something to make, you can just go right there.

If DuckDuckGo is your default search engine, you can just type this right into your browserʼs address bar, and skip loading our search engine altogether. We will just route you to the right place, without tracking you of course!

#7 — We strive for a world where you have control over your personal information.

Our vision is to raise the standard of trust online. If you share this vision, supporting DuckDuckGo helps us make progress towards it. For the past seven years, [29]we’ve been donating a substantial portion of our profits to organizations that also work towards the Internet we want — an open Internet where you can take control of your personal information.

We believe that privacy policies shouldn’t be default “collect it all," but instead offer a clear and compelling case as to what benefits you get by giving up your personal information. If you [30]share this view for the future of data privacy, you can vote with your feet.

#8 — Our search results aren’t loaded up with ads.

For many Google searches, most of the entire first page is ads. On mobile it can be even worse.

Not so on DuckDuckGo. We keep ads to a minimum, and naturally theyʼre non-tracking ads, based only on search keywords and not on a personal profile or search history. In fact, as stated above, it’s a myth that you need to track people to make money in web search. When you search ‘car’ we can show you a car ad without knowing anything about you, based on the keywords you type in.

#9 — Search without fear.

When people know they are being watched, they change their behavior. Itʼs a well-documented behavior called the chilling effect, and it happens on Google. For example, [31]an MIT study showed that people started doing fewer health searches on Google after the Snowden revelations, fearing that their personal ailments might get out.

“Suppressing health information searches potentially harms the health of search engine users and… In general, our results suggest that there is a chilling effect on search behavior from government surveillance on the Internet.”

Your searches are your business, and you should feel free to search whatever you want, whenever you want. You can easily escape this chilling effect on DuckDuckGo where you are anonymous.

#10 — Google is simply too big, and too powerful.

Google is GIANT, the epitome of Silicon Valley big tech, with a [32]market cap of around 750 Billion dollars (at the time of writing), [33]75,000 employees, dominating search, browsing, online advertising, and more, with tentacles in everything tech, online and offline. Last year they [34]outspent every other company on lobbying Washington.

By comparison, DuckDuckGo is tiny. We’re currently a team of about 45 people, scattered across the globe; I’m in Pennsylvania. We have a very narrow focus: helping you take control of your personal information online.

The world could use more competition, less focus on ad tracking, fewer eggs in one basket.

Join the Duck Side!

References

Visible links
1. https://www.doubleclickbygoogle.com/
2. https://www.google.com/adsense/start/#/?modal_active=none
3. https://www.google.com/admob/
4. https://duck.co/help/company/advertising-and-affiliates
5. https://spreadprivacy.com/browser-fingerprinting/
6. https://transparencyreport.google.com/user-data/overview
7. https://duckduckgo.com/
8. http://www.nytimes.com/2006/08/09/technology/09aol.html
9. https://duckduckgo.com/privacy
10. https://myactivity.google.com/myactivity
11. https://spreadprivacy.com/how-to-remove-google/
12. https://spreadprivacy.com/followed-by-ads/
13. https://www.emarketer.com/Article/Google-Facebook-Tighten-Grip-on-US-Digital-Ad-Market/1016494
14. https://www.fool.com/investing/2017/03/17/google-and-facebook-will-account-for-74-of-digital.aspx
15. https://www.itasoftware.com/
16. https://duckduckgo.com/app
17. https://www.wsj.com/articles/SB10001424052970203347104578099122530080836?mg=prod%2Faccounts-wsj
18. https://vimeo.com/51181384
19. https://techcrunch.com/2017/12/22/that-time-i-got-locked-out-of-my-google-account-for-a-month/
20. https://www.nytimes.com/2017/12/16/business/google-thinks-im-dead.html
21. https://twitter.com/duckduckgo
22. https://twitter.com/yegg
23. https://www.cbinsights.com/research-google-acquisitions
24. https://techcrunch.com/2017/06/20/google-launches-its-ai-powered-jobs-search-engine/
25. http://ampletter.org/
26. https://en.wikipedia.org/wiki/United_States_v._Microsoft_Corp.
27. https://www.nytimes.com/2016/04/20/technology/google-android-eu-antitrust.html
28. https://duckduckgo.com/bang
29. https://duckduckgo.com/donations
30. https://medium.com/@yegg/privacy-is-at-a-crossroads-choose-wisely-96bac0644ec1
31. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2412564
32. https://ycharts.com/companies/GOOG/market_cap
33. https://en.wikipedia.org/wiki/Google
34. https://www.washingtonpost.com/news/the-switch/wp/2018/01/23/google-outspent-every-other-company-on-federal-lobbying-in-2017/?utm_term=.ab697cf2f08d

HackerNewsBot debug: Calculated post rank: 103 - Loop: 108 - Rank min: 100 - Author rank: 118

x86 finds its way into the iPhone

In one of my several lives, I’m supposed to be a vulnerability researcher working on baseband exploitation. As every vulnerability researcher knows, being up to date with recent developments is of…

Article word count: 150

HN Discussion: https://news.ycombinator.com/item?id=17988756

Posted by isp (karma: 2176)

Post stats: Points: 131 - Comments: 52 - 2018-09-14T16:48:01Z

#HackerNews #finds #into #iphone #its #the #way #x86

Article content:

In one of my several lives, I’m supposed to be a vulnerability researcher working on baseband exploitation. As every vulnerability researcher knows, being up to date with recent developments is of utmost importance for the success of your job. So of course, after Apple announced its new, shiny, big, bigger and biggest line of iPhone smartphones, I downloaded some OTA firmwares from ipsw.me and started to look into the new baseband firmware.

What I discovered sent a shiver of horror down my spine, the kind of horror that only playing Doom at nighttime, alone in your room, without lights, can produce. Bear with me and I’ll tell you what I found…

NOTE: this is just some preliminary analysis and I’m not going to describe anything related to baseband rerversing, it’s not the scope of this document.

Who/What/Where?

The baseband cpu is a standalone core that lives in your phone and is responsible for managing 2g/3g/4g/cdma/5g wireless communications. Given the absurd complexity of these standards, today a baseband cpu must be very powerful and enough general purpose, so the days of custom FPGA based IPs are long gone, at least for the main part. A lot has been said and written about basebands on modern smartphones, so I won’t repeat it. For our purpose, you just need to know that usually basebands are implemented using embedded friendly CPUs, like for example ARM (Cortex-M, Cortex-R or something inbetween), Qualcomm Hexagon (a kind of general purpose, VLIW dsp) or other more or less known architectures.

Apple is nothing special in this regard, up until the iPhone8/iPhoneX, they used to have two different basebands, one for CDMA markets and one for everything else. The CDMA one was based on Qualcomm Hexagon dsp, while the GSM one was based on Intel XMMxxxx architecture. For those that like to play around with iPhone firmwares, you might have seen MAVxxx and ICExxx files in the ipsw, well those two files contain the firmware respectively for Qualcomm based devices (MAV) and Intel based ones (ICE).

As you may know, Apple decided to drop Qualcomm and now they’re using exclusively Intel based basebands, so we will concentrate on this.

The old Intel baseband

Let’s take a look at the old generation of Intel baseband, the one used up to iPhoneX. If you download an ipsw GSM firmware and unzip it (ipsw files are just zip files), there will be, amongst other things, a “Firmware” folder. Inside this folder you will see a couple of files: “ICE17-1.04.52.Release.bbfw” and “Mav17-1.91.00.Release.bbfw”. The version will change of course, these are for iPhone8 with iOS 11.4beta3. Those files are again zip files and we’re interested in ICE17-xxx, let’s unzip it and see the contents:

John-MacBook-Air:ICE user$ ls -al
total 76800
drwxr-xr-x 16 user staff 544 Sep 14 11:08 .
drwxr-xr-x@ 15 user staff 510 Sep 14 11:08 ..
-rw-r--r--@ 1 user staff 9098 Apr 20 03:29 2GFW.elf
-rw-r--r--@ 1 user staff 753552 Apr 20 03:29 3GFW.elf
-rw-r--r--@ 1 user staff 13358 Apr 20 03:29 AudioFW.elf
-rw-r--r--@ 1 user staff 274 Apr 20 03:29 Debug_info.elf
-rw-r--r--@ 1 user staff 1031 Apr 20 03:29 Info.plist
-rw-r--r--@ 1 user staff 5146700 Apr 20 03:29 LTEFW.elf
-rw-r--r--@ 1 user staff 0 Oct 30 2017 Options.plist
-rw-r--r--@ 1 user staff 423592 Apr 20 03:29 RFFW.elf
-rw-r--r--@ 1 user staff 30633772 Apr 20 03:29 SYS_SW.elf
-rw-r--r--@ 1 user staff 1834194 Apr 20 03:29 TDSFW.elf
-rw-r--r--@ 1 user staff 83170 Apr 22 12:26 bbcfg.bin
-rw-r--r--@ 1 user staff 73496 Apr 20 03:28 ebl.bin
-rw-r--r--@ 1 user staff 163836 Apr 20 03:28 psi_ram.bin
-rw-r--r--@ 1 user staff 163836 Apr 20 03:29 restorepsi.bin

lot of stuff here. People familiar with embedded firmware reversing, will set their eyes on “psi_ram.bin” and “ebl.bin” of course. A quick hex dump of their content, will immediately reveal that they contain ARM code. As a matter of fact, “psi_ram.bin” is the stage0 bootloader, that will load “ebl.bin” at some address and jump to its entry point. ebl.bin will then load all other files and jump to the main firmware, contained in SYS_SW.elf. Just to be sure, let us fire IDA and open psi_ram.bin for example, load address does not matter, just set it to 0:

ROM:00000000 CODE32
ROM:00000000 6C 04 00 EA B loc_11B8
ROM:00000000 ; ---------------------------------------------------------------------------
ROM:00000004 6C 69 48 55 DCD 0x5548696C
ROM:00000008 01 51 FE FF DCD 0xFFFE5101
[...]
ROM:000011B8 10 40 2D E9 STMFD SP!, {R4,LR}
ROM:000011BC 1D 0D 00 FB BLX sub_463A
ROM:000011C0 08 41 9F E5 LDR R4, =0x80400
ROM:000011C4 00 00 A0 E3 MOV R0, #0
ROM:000011C8 04 00 84 E5 STR R0, [R4,#4]
ROM:000011CC 05 3A 00 FA BLX sub_F9E8
ROM:000011D0 01 00 50 E3 CMP R0, #1
ROM:000011D4 37 00 00 0A BEQ loc_12B8
ROM:000011D8 F4 10 9F E5 LDR R1, =0x230000
ROM:000011DC 08 00 84 E2 ADD R0, R4, #8
ROM:000011E0 00 30 A0 E3 MOV R3, #0
ROM:000011E4 00 21 04 E3 MOV R2, #0x4100
ROM:000011E8 27 3B 00 FA BLX sub_FE8C
ROM:000011EC
ROM:000011EC loc_11EC ; CODE XREF: ROM:000012CC↓j
ROM:000011EC 00 20 A0 E3 MOV R2, #0
ROM:000011F0 8E 0F 84 E2 ADD R0, R4, #0x238
ROM:000011F4 02 10 A0 E1 MOV R1, R2
ROM:000011F8 DB 3B 00 FA BLX sub_1016C
ROM:000011FC D4 10 8F E2 ADR R1, aBootrom ; "bootrom"
ROM:00001200 00 00 A0 E3 MOV R0, #0
ROM:00001204 F3 3B 00 FA BLX sub_101D8
ROM:00001208 01 00 A0 E3 MOV R0, #1
ROM:0000120C E4 3B 00 FA BLX sub_101A4
ROM:00001210 C8 00 8F E2 ADR R0, aPsiPsiStartup ; "psi: PSI Startup"

nothing strange here, it’s your standard embedded ARM boot code, with some custom setup related to this specific SoC. Moving on, psi_ram will load ebl and jump into it, you can find the code yourself, is not that complex. The important thing is, this is ARM code.

The new Intel baseband…the horror…the horror…

Waking up this morning, I wanted to analyse the new baseband firmware, to get an idea of what changed and where. So I downloaded a random OTA for the new iPhones from ipsw.me, in particular: https://ipsw.me/otas/iPhone11,2 , which should be the new iPhone Xs. I went through the usual stages (downloading, unzipping, unzipping, unzipping, copying, etc…), I load psi_ram.bin into IDA, I select ARM little endian, and…huge chunk of undefined data. I press “C” like an idiot for about 200 times, I reload the file multiple times, I try another IDA version, I try to disassemble the bytes with Capstone, I DISASSEMBLE THEM MANUALLY, nothing…all I got was invalid code. So I went back to sleep because obviously it was not a good day.

I wake up again after about an hour, I download again the ipsw for the same model and I go through all the same steps as usual. Still invalid code. My first guess was that the code is encrypted, so I use some random tool to analyse the entropy, nothing, it’s very low. Ok, you cannot trust tools these days, so I wrote my own script to calculate the entropy and again, is too low to be encrypted and anyway, it was also clear by a quick “eye” analysis, even though you should not trust your eyes that much.

I stare at the screen for several minutes, thinking what the fu** is going on. But of course, as a reverser you should never give up, so I try EVERY POSSIBLE RISC ARCHITECTURE I KNOW, and trust me, there’s a lot of them (no I mean, A LOT, I reversed everything from Dreamcast SH4 to Fujitsu/Siemens running inside my Nikon D90), and…

Nothing, all I get is garbage. My next guess is: ok then, it’s encrypted with some entropy-preserving algorithm. I try some cryptoanalisis approaches I know, even though is not my main job and I’m no expert at it, still nothing.

I make another coffee and I start to think, in my mind, as a joke: fuck it, this is x86 because Intel has gone insane. I start to laugh maniacally at the idea, but you know, I had tried everything, so I reopen “psi_ram.bin” and I leave the default “MetaPC” architecture in IDA, and…

seg000:0000143A sub_143A proc near ; CODE XREF: sub_12EC+6F↑p
seg000:0000143A ; sub_160B+182↓p
seg000:0000143A
seg000:0000143A var_4 = dword ptr -4
seg000:0000143A
seg000:0000143A push esi
seg000:0000143B mov [esp+4+var_4], eax
seg000:0000143E lea edx, [esp+4+var_4]
seg000:00001441 push 44h ; ʼDʼ
seg000:00001443 push edx
seg000:00001444 push 25h ; ʼ%ʼ
seg000:00001446 call sub_2644
seg000:0000144B add esp, 0Ch
seg000:0000144E pop ecx
seg000:0000144F retn
seg000:0000144F sub_143A endp

I could not believe my eyes…I was looking at embedded x86 code running inside a baseband processor. I thought that it was just random chance, that somehow I ended up with valid x86 code, so I look at another function (note: IDA automatically resolved most of the code) and….

seg000:0000DFD0 sub_DFD0 proc near ; CODE XREF: sub_DF4D+7A↑p
seg000:0000DFD0
seg000:0000DFD0 arg_0 = dword ptr 4
seg000:0000DFD0
seg000:0000DFD0 mov eax, [esp+arg_0]
seg000:0000DFD4 lgdt fword ptr [eax]
seg000:0000DFD7 mov ax, 10h
seg000:0000DFDB mov ds, eax
seg000:0000DFDD assume ds:nothing
seg000:0000DFDD mov es, eax
seg000:0000DFDF assume es:nothing
seg000:0000DFDF mov ss, eax
seg000:0000DFE1 assume ss:nothing
seg000:0000DFE1 mov ax, 18h
seg000:0000DFE5 mov gs, eax
seg000:0000DFE7 assume gs:nothing
seg000:0000DFE7 jmp far ptr 8:0FF90DFEEh
seg000:0000DFE7 sub_DFD0 endp

holy sh*t…lgdt…mov ds, eax…jmp far ptr 8:xxx, you can’t get more x86 than this. This is no coincidence, this MUST be valid x86 code…I was totally speechless, and partially in awe, because this reminds me of my younger days when I was writing bootloaders and operating systems that run in protected mode.

But my rational part told me “hey, probably they just decided to boot the system with an embedded x86 mcu, OBVIOUSLY the main firmware still runs on ARM”, so I turn my attention to “SYS_SW.elf”, the main firmware. I look at the ELF header, and it says ARM…good. I load it in IDA, and I get garbage…AGAIN!!!! I think “what.the.fuck” and I try to load it with MetaPC again and…BOOM, valid x86 code! Random snippet:

seg000:010029E4
seg000:010029E4
seg000:010029E4 sub_10029E4 proc near ; CODE XREF: seg000:0001016C↑p
seg000:010029E4 ; seg000:00010175↑p ...
seg000:010029E4 push esi
seg000:010029E5 push edi
seg000:010029E6 push ebx
seg000:010029E7 push ebp
seg000:010029E8 mov edi, [esp+14h]
seg000:010029EC cmp edi, 8Ah
seg000:010029F2 lea eax, ds:218DB44h[edi*8]
seg000:010029F9 mov esi, [eax]
seg000:010029FB mov ebp, [eax-4]
seg000:010029FE jb short loc_1002A05
seg000:01002A00 push 0FFFFFFFFh
seg000:01002A02 pop eax
seg000:01002A03 jmp short loc_1002A68

this is awesome…

Conclusions

Nothing really, I just found this funny and wanted to share. If you ever felt like you missed an x86 core in your life, now you have one (or several? I still need to investigate) always with you, so you won’t feel alone ever again. I still did no thave time to analyse the other models, but my guess is that they’re also running on x86.

What will happen next? Are we going to get a z80 inside our phones? Why not a 6502? Hell, I would love to run C64 basic interpreter natively inside my phone….

No really, I’m not criticizing Apple or Intel for using an x86 core, I don’t really care, but…my PERSONAL opinion is that something is going really wrong in this world.

References

Things you may find useful on the subject, in no particular order:

HackerNewsBot debug: Calculated post rank: 104 - Loop: 62 - Rank min: 100 - Author rank: 171

This Week in #Lubuntu Development #8
https://lubuntu.me/this-week-in-lubuntu-development-8/
"Here is the eighth issue of This Week in Lubuntu Development. You can read the last issue here." #gnu #linux #ubuntu

Comment vous manipule-t-on par le Non ? - XP Horizon #8 https://www.youtube.com/watch?v=GVFA1V_Yh8s via @wallabagapp

LibreOffice is now available for Haiku

Hi there, just wanted to let everyone know that we have LibreOffice working and it already can be installed via HaikuDepot. https://depot.haiku-os.org/libreoffice Since this is a preliminary version…

Article word count: 643

HN Discussion: https://news.ycombinator.com/item?id=17440862

Posted by vermaden (karma: 197)

Post stats: Points: 116 - Comments: 26 - 2018-07-02T11:47:09Z

#HackerNews #available #for #haiku #libreoffice #now

Article content:

[1]Diver 2018-06-06 07:15:03 UTC #1

Hi there, just wanted to let everyone know that we have LibreOffice working and it already can be installed via HaikuDepot. [2]https://depot.haiku-os.org/libreoffice

Since this is a preliminary version it has some known issues:

 * It closes the very first time you launch it (it creates a user profile in ~/config/settings/libreofficedev)
 * You can’t change the font - everything is rendered using the same font
 * Only menubar looks native, many widgets are just bitmaps which come from the icon theme
 * Some rendering problems here and there (scrollbars, listviews, etc)
 * Crashes on quit sometimes

Most of the work was done by KapiX. I just wrote a few patches, a recipe and managed to build it using haikuporter with help from 3dEyes.

Some screenshots made by 3dEyes:

[3]LibreOffice_6_Elementary_Icons_Haiku

[4]LibreOffice_6_Calc_Haiku

[5]LibreOffice_6_Tango_Icons_Haiku

[6]LibreOffice_6_Draw_Haiku

[7]LibreOffice_6_Writer_Haiku

[8]LibreOffice_6_Impress_Haiku

[9]PulkoMandy 2018-06-06 08:31:14 UTC #2

Thanks to everyone involved for getting it running!

[10]SamuraiCrow 2018-06-06 08:41:02 UTC #3

Excellent!! I look forward to the updates!

[11]Diver 2018-06-06 12:22:12 UTC #4

New version with native look and feel is coming soon…

[12]image

[13]zittergie 2018-06-06 12:24:13 UTC #5

[14]BlueSky 2018-06-06 12:33:53 UTC #6

Wow…very impressive work, even if it is still a bit buggy [15]:wink:
Thanks a lot to everyone involved!

[16]Diver 2018-06-06 12:35:34 UTC #7

Most of the bugs are fixed too now.

[17]General_Edmund_Duke 2018-06-06 13:09:12 UTC #8

WOW! I haven`t expected to see it earlier than in incoming a few years! Good job!

[18]apgreimann 2018-06-06 17:41:07 UTC #9

Very exciting! Thanks to everyone who got this marvel running!

Just two questions: What minimum version is needed, and what repo in the Depot is this available in? Thanks!

[19]miqlas 2018-06-06 19:45:50 UTC #10

[20]apgreimann 2018-06-06 21:09:21 UTC #11

Thanks! I’ll try this out tonight! [21]:grin:

[22]frankps 2018-06-06 21:15:31 UTC #12

I’ve just installed latest 64 bit nightly build, but I get an error message when starting Libre Office. I’m missing libboost_locale.so.1.65.1

[23]cocobean 2018-06-06 22:19:16 UTC #14

Depending on when you got the package, you can either install the missing packages or:

pkgman update
pkgman uninstall libreoffice
pkgman install libreoffice

[24]Diver 2018-06-06 22:53:02 UTC #15

pkgman install boost165 should fix it. Will fix it later in the recipe…

[25]frankps 2018-06-07 02:47:39 UTC #16

Thank you all for some amazing work.

Now I need to find myself an old laptop that can run Haiku natively and start using it!

[26]Stacked_Lambda 2018-06-07 03:19:24 UTC #17

Excellent.

From the captions for the screen shots, this is LibreOffice 6.0. Correct?

I presume it is available in 32-bit and 64-bit variants?

When I have an opportunity for formal testing, I will assess how well files created/edited in LibreOffice are handled by MS Office. My current and prospective clients are using solely MS Office.

[27]Michael_V_Oliveira 2018-06-07 03:21:05 UTC #18

WOW!! Looks nice!!

Waiting for the native backend [28]:slight_smile:

[29]stippi 2018-06-07 12:07:16 UTC #19

Amazing! This screenshot looks quite awesome already. Is the look and feel due to updates to the Haiku look&feel in the Qt port?

[30]Diver 2018-06-07 12:22:25 UTC #20

Yes, LibreOffice uses its own GUI toolkit - VCL.

 Visual Components Library is responsible for the widgets (windowing, buttons, controls, file-pickers etc.) operating system abstraction, including basic rendering (e.g. the output device).

 VCL provides a graphical toolkit similar to gtk+, Qt, SWING etc.

VCL has several backends: GTK2, GTK3, Qt5 and KDE5 which is fairly new:
[31]https://github.com/LibreOffice/core/commits/master/vcl/unx/kde5.

Our Qt port also has BControlLook mapping, see:
[32]https://github.com/threedeyes/qthaikuplugins/commits/master/styles.

[33]stippi 2018-06-07 12:44:41 UTC #21

Thanks! What I meant was how is the difference between the first screenshots in the post itself and the screenshot from your comment explained? For example the scrollbars and drop-downs look native in your later screenshot. I thought the BControlLook-mapper already existed in the Qt port since a long time, I remember making changes to it myself. So if both screenshots use the same VCL backend, why does the second one look so much better?

[34]next page →

[35]Home [36]Categories [37]FAQ/Guidelines [38]Terms of Service [39]Privacy Policy

References

Visible links
1. https://discuss.haiku-os.org/u/Diver
2. https://depot.haiku-os.org/libreoffice
3. https://discuss.haiku-os.org/uploads/default/original/2X/0/0553680208d2f7e6e046e432c8d341ef2ebf18b0.jpg
4. https://discuss.haiku-os.org/uploads/default/original/2X/2/2a40fa54e75f0e9aa66a5fcca91c4302a6465f25.jpg
5. https://discuss.haiku-os.org/uploads/default/original/2X/1/1681dc6bb4be607d5c0a466b917e96d78a694c43.jpg
6. https://discuss.haiku-os.org/uploads/default/original/2X/6/60b5fdb84326f70e4820d9759894a6a8c6cf0317.jpg
7. https://discuss.haiku-os.org/uploads/default/original/2X/8/8a966a368cce966968e295373f3e127599636e8f.jpg
8. https://discuss.haiku-os.org/uploads/default/original/2X/e/ecc6b18f7b41f02fe88276c49b438757addfc4f5.jpg
9. https://discuss.haiku-os.org/u/PulkoMandy
10. https://discuss.haiku-os.org/u/SamuraiCrow
11. https://discuss.haiku-os.org/u/Diver
12. https://discuss.haiku-os.org/uploads/default/original/2X/b/bf620ae29673883b09bae7f350193c789b44d151.png
13. https://discuss.haiku-os.org/u/zittergie
14. https://discuss.haiku-os.org/u/BlueSky
16. https://discuss.haiku-os.org/u/Diver
17. https://discuss.haiku-os.org/u/General_Edmund_Duke
18. https://discuss.haiku-os.org/u/apgreimann
19. https://discuss.haiku-os.org/u/miqlas
20. https://discuss.haiku-os.org/u/apgreimann
22. https://discuss.haiku-os.org/u/frankps
23. https://discuss.haiku-os.org/u/cocobean
24. https://discuss.haiku-os.org/u/Diver
25. https://discuss.haiku-os.org/u/frankps
26. https://discuss.haiku-os.org/u/Stacked_Lambda
27. https://discuss.haiku-os.org/u/Michael_V_Oliveira
29. https://discuss.haiku-os.org/u/stippi
30. https://discuss.haiku-os.org/u/Diver
31. https://github.com/LibreOffice/core/commits/master/vcl/unx/kde5
32. https://github.com/threedeyes/qthaikuplugins/commits/master/styles
33. https://discuss.haiku-os.org/u/stippi
34. https://discuss.haiku-os.org/t/libreoffice-is-now-available-for-haiku/6917?page=2
35. https://discuss.haiku-os.org/
36. https://discuss.haiku-os.org/categories
37. https://discuss.haiku-os.org/guidelines
38. https://discuss.haiku-os.org/tos
39. https://discuss.haiku-os.org/privacy

HackerNewsBot debug: Calculated post rank: 86 - Loop: 103 - Rank min: 80 - Author rank: 28

...15 Pleromæ later...
Pleroma #1 slowly begins to deteriorate. Pleroma #2 has apparently made friends with #4. Pleromæ #3 to #8 mutated to add the well-awaited limit raise to the specific number 5058. A rationale as to why such number was selected is yet unknown, but to be found.

Before spawning Pleroma #17, I have fixed an outstanding bug with Pleroma #7 since inception - it refuses to federate out, whatsoever.
...

JVM Internals

Explains the internal architecture of the Java Virtual Machine (JVM) in simple terms using showing key components and how memory is updated during execution.

Article word count: 4956

HN Discussion: https://news.ycombinator.com/item?id=17271913

Posted by flying_sheep (karma: 60)

Post stats: Points: 120 - Comments: 10 - 2018-06-09T07:03:55Z

#HackerNews #internals #jvm

Article content:

This article explains the internal architecture of the Java Virtual Machine (JVM). The following diagram show the key internal components of a typical JVM that conforms to [1]The Java Virtual Machine Specification Java SE 7 Edition.

[2]internal architecture of Java Virtual Machine (JVM)

The components shown on this diagram are each explained below in two sections. [3]First section covers the components that are created for each thread and the [4]second section covers the components that are created independently of threads.

A thread is a thread of execution in a program. The JVM allows an application to have multiple threads of execution running concurrently. In the Hotspot JVM there is a direct mapping between a Java Thread and a native operating system Thread. After preparing all of the state for a Java thread such as thread-local storage, allocation buffers, synchronization objects, stacks and the program counter, the native thread is created. The native thread is reclaimed once the Java thread terminates. The operating system is therefore responsible for scheduling all threads and dispatching them to any available CPU. Once the native thread has initialized it invokes the run() method in the Java thread. When the run() method returns, uncaught exceptions are handled, then the native thread confirms if the JVM needs to be terminated as a result of the thread terminating (i.e. is it the last non-deamon thread). When the thread terminates all resources for both the native and Java thread are released.

JVM System Threads

If you use jconsole or any debugger it is possible to see there are numerous threads running in the background. These background threads run in addition to the main thread, which is created as part of invoking public static void main(String[]), and any threads created by the main thread. The main background system threads in the Hotspot JVM are:

VM thread

This thread waits for operations to appear that require the JVM to reach a safe-point. The reason these operations have to happen on a separate thread is because they all require the JVM to be at a safe point where modifications to the heap can not occur. The type of operations performed by this thread are "stop-the-world" garbage collections, thread stack dumps, thread suspension and biased locking revocation.

Periodic task thread

This thread is responsible for timer events (i.e. interrupts) that are used to schedule execution of periodic operations

GC threads

These threads support the different types of garbage collection activities that occur in the JVM

Compiler threads

These threads compile byte code to native code at runtime

Signal dispatcher thread

This thread receives signals sent to the JVM process and handle them inside the JVM by calling the appropriate JVM methods.

Per Thread

Each thread of execution has the following components:

Program Counter (PC)

Address of the current instruction (or opcode) unless it is native. If the current method is native then the PC is undefined. All CPUs have a PC, typically the PC is incremented after each instruction and therefore holds the address of the next instruction to be executed. The JVM uses the PC to keep track of where it is executing instructions, the PC will in fact be pointing at a memory address in the Method Area.

Stack

Each thread has its own stack that holds a frame for each method executing on that thread. The stack is a Last In First Out (LIFO) data structure, so the currently executing method is at the top of the stack. A new frame is created and added (pushed) to the top of stack for every method invocation. The frame is removed (popped) when the method returns normally or if an uncaught exception is thrown during the method invocation. The stack is not directly manipulated, except to push and pop frame objects, and therefore the frame objects may be allocated in the Heap and the memory does not need to be contiguous.

Native Stack

Not all JVMs support native methods, however, those that do typically create a per thread native method stack. If a JVM has been implemented using a C-linkage model for Java Native Invocation (JNI) then the native stack will be a C stack. In this case the order of arguments and return value will be identical in the native stack to typical C program. A native method can typically (depending on the JVM implementation) call back into the JVM and invoke a Java method. Such a native to Java invocation will occur on the stack (normal Java stack); the thread will leave the native stack and create a new frame on the stack (normal Java stack).

Stack Restrictions

A stack can be a dynamic or fixed size. If a thread requires a larger stack than allowed a StackOverflowError is thrown. If a thread requires a new frame and there isn’t enough memory to allocate it then an OutOfMemoryError is thrown.

Frame

A new frame is created and added (pushed) to the top of stack for every method invocation. The frame is removed (popped) when the method returns normally or if an uncaught exception is thrown during the method invocation. For more detail on exception handling [5]see the section on Exception Tables below.

Each frame contains:

 * Local variable array
 * Return value
 * Operand stack
 * Reference to runtime constant pool for class of the current method

The array of local variables contains all the variables used during the execution of the method, including a reference to this, all method parameters and other locally defined variables. For class methods (i.e. static methods) the method parameters start from zero, however, for instance method the zero slot is reserved for this.

A local variable can be:

 * boolean
 * byte
 * char
 * long
 * short
 * int
 * float
 * double
 * reference
 * returnAddress

All types take a single slot in the local variable array except long and double which both take two consecutive slots because these types are double width (64-bit instead of 32-bit).

Operand Stack

The operand stack is used during the execution of byte code instructions in a similar way that general-purpose registers are used in a native CPU. Most JVM byte code spends its time manipulating the operand stack by pushing, popping, duplicating, swapping, or executing operations that produce or consume values. Therefore, instructions that move values between the array of local variables and the operand stack are very frequent in byte code. For example, a simple variable initialization results in two byte codes that interact with the operand stack.

int i;

Gets compiled to the following byte code:

0: iconst_0 // Push 0 to top of the operand stack 1: istore_1 // Pop value from top of operand stack and store as local variable 1

For more detail explaining interactions between the local variables array, operand stack and run time constant pool [6]see the section on Class File Structure below.

Each frame contains a reference to the runtime constant pool. The reference points to the constant pool for the class of the method being executed for that frame. This reference helps to support dynamic linking.

C/C++ code is typically compiled to an object file then multiple object files are linked together to product a usable artifact such as an executable or dll. During the linking phase symbolic references in each object file are replaced with an actual memory address relative to the final executable. In Java this linking phase is done dynamically at runtime.

When a Java class is compiled, all references to variables and methods are stored in the classʼs constant pool as a symbolic reference. A symbolic reference is a logical reference not a reference that actually points to a physical memory location. The JVM implementation can choose when to resolve symbolic references, this can happen when the class file is verified, after being loaded, called eager or static resolution, instead this can happen when the symbolic reference is used for the first time called lazy or late resolution. However the JVM has to behave as if the resolution occurred when each reference is first used and throw any resolution errors at this point. Binding is the process of the field, method or class identified by the symbolic reference being replaced by a direct reference, this only happens once because the symbolic reference is completely replaced. If the symbolic reference refers to a class that has not yet been resolved then this class will be loaded. Each direct reference is stored as an offset against the storage structure associated with the runtime location of the variable or method.

Heap

The Heap is used to allocate class instances and arrays at runtime. Arrays and objects can never be stored on the stack because a frame is not designed to change in size after it has been created. The frame only stores references that point to objects or arrays on the heap. Unlike primitive variables and references in the local variable array (in each frame) objects are always stored on the heap so they are not removed when a method ends. Instead objects are only removed by the garbage collector.

To support garbage collection the heap is divided into three sections:

 * Young Generation

      * Often split between Eden and Survivor

 * Old Generation (also called Tenured Generation)
 * Permanent Generation

Objects and Arrays are never explicitly de-allocated instead the garbage collector automatically reclaims them.

Typically this works as follows:

 1. New objects and arrays are created into the young generation
 2. Minor garbage collection will operate in the young generation. Objects, that are still alive, will be moved from the eden space to the survivor space.
 3. Major garbage collection, which typically causes the application threads to pause, will move objects between generations. Objects, that are still alive, will be moved from the young generation to the old (tenured) generation.
 4. The permanent generation is collected every time the old generation is collected. They are both collected when either becomes full.

Objects that are logically considered as part of the JVM mechanics are not created on the Heap.

The non-heap memory includes:

 * Permanent Generation that contains

      * the method area
      * interned strings

 * Code Cache used for compilation and storage of methods that have been compiled to native code by the JIT compiler

Java byte code is interpreted however this is not as fast as directly executing native code on the JVM’s host CPU. To improve performance the Oracle Hotspot VM looks for “hot” areas of byte code that are executed regularly and compiles these to native code. The native code is then stored in the code cache in non-heap memory. In this way the Hotspot VM tries to choose the most appropriate way to trade-off the extra time it takes to compile code verses the extra time it take to execute interpreted code.

Method Area

The method area stores per-class information such as:

 * Classloader Reference
 * Run Time Constant Pool

      * Numeric constants
      * Field references
      * Method References
      * Attributes

 * Field data

      * Per field

           * Name
           * Type
           * Modifiers
           * Attributes

 * Method data

      * Per method

           * Name
           * Return Type
           * Parameter Types (in order)
           * Modifiers
           * Attributes

 * Method code

      * Per method

           * Bytecodes
           * Operand stack size
           * Local variable size
           * Local variable table
           * Exception table

                * Per exception handler

                     * Start point
                     * End point
                     * PC offset for handler code
                     * Constant pool index for exception class being caught

All threads share the same method area, so access to the method area data and the process of dynamic linking must be thread safe. If two threads attempt to access a field or method on a class that has not yet been loaded it must only be loaded once and both threads must not continue execution until it has been loaded.

Class File Structure

A compiled class file consists of the following structure:

ClassFile { u4 magic; u2 minor_version; u2 major_version; u2 constant_pool_count; cp_info contant_pool[constant_pool_count – 1]; u2 access_flags; u2 this_class; u2 super_class; u2 interfaces_count; u2 interfaces[interfaces_count]; u2 fields_count; field_info fields[fields_count]; u2 methods_count; method_info methods[methods_count]; u2 attributes_count; attribute_info attributes[attributes_count];
}

magic, minor_version, major_version

specifies information about the version of the class and the version of the JDK this class was compiled for.

access_flags

provides the list of modifiers for this class.

this_class

index into the constant_pool providing the fully qualified name of this class i.e. org/jamesdbloom/foo/Bar

super_class

index into the constant_pool providing a symbolic reference to the super class i.e. java/lang/Object

interfaces

array of indexes into the constant_pool providing a symbolic references to all interfaces that have been implemented.

fields

array of indexes into the constant_pool giving a complete description of each field.

methods

array of indexes into the constant_pool giving a complete description of each method signature, if the method is not abstract or native then the bytecode is also present.

attributes

array of different value that provide additional information about the class including any annotations with RetentionPolicy.CLASS or RetentionPolicy.RUNTIME

It is possible to view the byte code in a compiled Java class by using the javap command.

If you compile the following simple class:

package org.jvminternals; public class SimpleClass { public void sayHello() { System.out.println("Hello"); } }

Then you get the following output if you run:

javap -v -p -s -sysinfo -constants classes/org/jvminternals/SimpleClass.class

public class org.jvminternals.SimpleClass SourceFile: "SimpleClass.java" minor version: 0 major version: 51 flags: ACC_PUBLIC, ACC_SUPER
Constant pool: #1 = Methodref #6.#17 // java/lang/Object."":()V #2 = Fieldref #18.#19 // java/lang/System.out:Ljava/io/PrintStream; #3 = String #20 // "Hello" #4 = Methodref #21.#22 // java/io/PrintStream.println:(Ljava/lang/String;)V #5 = Class #23 // org/jvminternals/SimpleClass #6 = Class #24 // java/lang/Object #7 = Utf8 #8 = Utf8 ()V #9 = Utf8 Code #10 = Utf8 LineNumberTable #11 = Utf8 LocalVariableTable #12 = Utf8 this #13 = Utf8 Lorg/jvminternals/SimpleClass; #14 = Utf8 sayHello #15 = Utf8 SourceFile #16 = Utf8 SimpleClass.java #17 = NameAndType #7:#8 // "":()V #18 = Class #25 // java/lang/System #19 = NameAndType #26:#27 // out:Ljava/io/PrintStream; #20 = Utf8 Hello #21 = Class #28 // java/io/PrintStream #22 = NameAndType #29:#30 // println:(Ljava/lang/String;)V #23 = Utf8 org/jvminternals/SimpleClass #24 = Utf8 java/lang/Object #25 = Utf8 java/lang/System #26 = Utf8 out #27 = Utf8 Ljava/io/PrintStream; #28 = Utf8 java/io/PrintStream #29 = Utf8 println #30 = Utf8 (Ljava/lang/String;)V
{ public org.jvminternals.SimpleClass(); Signature: ()V flags: ACC_PUBLIC Code: stack=1, locals=1, args_size=1 0: aload_0 1: invokespecial #1 // Method java/lang/Object."":()V 4: return LineNumberTable: line 3: 0 LocalVariableTable: Start Length Slot Name Signature 0 5 0 this Lorg/jvminternals/SimpleClass; public void sayHello(); Signature: ()V flags: ACC_PUBLIC Code: stack=2, locals=1, args_size=1 0: getstatic #2 // Field java/lang/System.out:Ljava/io/PrintStream; 3: ldc #3 // String "Hello" 5: invokevirtual #4 // Method java/io/PrintStream.println:(Ljava/lang/String;)V 8: return LineNumberTable: line 6: 0 line 7: 8 LocalVariableTable: Start Length Slot Name Signature 0 9 0 this Lorg/jvminternals/SimpleClass;
}

This class file shows three main sections the constant pool, the constructor and the sayHello method.

 * Constant Pool – this provides the same information that a symbol table typically provides and is [7]described in more detail below.
 * Methods – each containing four areas:

      * signature and access flags
      * byte code
      * LineNumberTable – this provides information to a debugger to indicate which line corresponds to which byte code instruction, for example line 6 in the Java code corresponds to byte code 0 in the sayHello method and line 7 corresponds to byte code 8.
      * LocalVariableTable – this lists all local variables provided in the frame, in both examples the only local variable is this.

The following byte code operands are used in this class file

aload_0

This opcode is one of a group of opcodes with the format aload_. They all load an object reference into the operand stack. The refers to the location in the local variable array that is being accessed but can only be 0, 1, 2 or 3. There are other similar opcodes for loading values that are not an object reference iload_, lload_, float_ and dload_ where i is for int, l is for long, f is for float and d is for double. Local variables with an index higher than 3 can be loaded using iload, lload, float, dload and aload. These opcodes all take a single operand that specifies the index of local variable to load.

ldc

This opcode is used to push a constant from the run time constant pool into the operand stack.

getstatic

This opcode is used to push a static value from a static field listed in the run time constant pool into the operand stack.

invokespecial, invokevirtual

These opcodes are in a group of opcodes that invoke methods these are invokedynamic, invokeinterface, invokespecial, invokestatic, invokevirtual. In this class file invokespecial and invokevirutal are both used the difference between these is that invokevirutal invokes a method based on the class of the object. The invokespecial instruction is used to invoke instance initialization methods as well as private methods and methods of a superclass of the current class.

return

This opcode is in a group of opcodes ireturn, lreturn, freturn, dreturn, areturn and return. Each of these opcodes are a typed return statement that returns a different type where i is for int, l is for long, f is for float, d is for double and a is for an object reference. The opcode with no leading type letter return only returns void.

As in any typical byte code the majority of the operands interact with the local variables, operand stack and run time constant pool as follows.

The constructor has two instructions first this is pushed onto the operand stack, next the constructor for the super class is invoked which consumes the value off this and therefore pops it off the operand stack.

[8]local variables, operand stack and run time constant pool changes when invoking a static method in Java Virtual Machine (JVM)

The sayHello() method is more complex as it has to resolve symbolic references to actual references using the run time constant pool, [9]as explained in more detail above. The first operand getstatic is used to push a reference to the static field out of the System class on to the operand stack. The next operand ldc pushes the string "Hello" onto the operand stack. The final operand invokevirtual invokes the println method of System.out which pops "Hello" off the operand stack as an argument and creates a new frame for the current thread.

[10]local variables, operand stack and run time constant pool changes when calling System.out in Java Virtual Machine (JVM)

The JVM starts up by loading an initial class using the bootstrap classloader. The class is then linked and initialized before public static void main(String[]) is invoked. The execution of this method will in turn drive the loading, linking and initialization of additional classes and interfaces as required.

Loading is the process of finding the class file that represents the class or interface type with a particular name and reading it into a byte array. Next the bytes are parsed to confirm they represent a Class object and have the correct major and minor versions. Any class or interface named as a direct superclass is also loaded. Once this is completed a class or interface object is created from the binary representation.

Linking is the process of taking a class or interface verifying and preparing the type and its direct superclass and superinterfaces. Linking consists of three steps verifying, preparing and optionally resolving.

Verifying is the process of confirming the class or interface representation is structurally correct and obeys the semantic requirements of the Java programming language and JVM, for example the following checks are performed:

 1. consistent and correctly formatted symbol table
 2. final methods / classes not overridden
 3. methods respect access control keywords
 4. methods have correct number and type of parameters
 5. bytecode doesnʼt manipulate stack incorrectly
 6. variables are initialized before being read
 7. variables are a value of the correct type

Performing these checks during the verifying stages means these checks do not need to be performed at runtime. Verification during linking slows down class loading however it avoids the need to perform these checks multiple when executing the bytecode.

Preparing involves allocation of memory for static storage and any data structures used by the JVM such as method tables. Static fields are created and initialized to their default values, however, no initializers or code is executed at this stage as that happens as part of initialization.

Resolving is an optional stage which involves checking symbolic references by loading the referenced classes or interfaces and checking the references are correct. If this does not take place at this point the resolution of symbolic references can be deferred until just prior to their use by a byte code instruction.

Initialization of a class or interface consists of executing the class or interface initialization method

[11]class loading, linking and initialization in the Java Virtual Machine (JVM)

In the JVM there are multiple classloaders with different roles. Each classloader delegates to its parent classloader (that loaded it) except the bootstrap classloader which is the top classloader.

Bootstrap Classloader is usually implemented as native code because it is instantiated very early as the JVM is loaded. The bootstrap classloader is responsible for loading the basic Java APIs, including for example rt.jar. It only loads classes found on the boot classpath which have a higher level of trust; as a result it skips much of the validation that gets done for normal classes.

Extension Classloader loads classes from standard Java extension APIs such as security extension functions.

System Classloader is the default application classloader, which loads application classes from the classpath.

User Defined Classloaders can alternatively be used to load application classes. A user defined classloader is used for a number of special reasons including run time reloading of classes or separation between different groups of loaded classes typically required by web servers such as Tomcat.

[12]classloader hierarchy in the Java Virtual Machine (JVM)

Faster Class Loading

A feature called Class Data Sharing (CDS) was introduce in HotSpot JMV from version 5.0. During the installation process of the JVM the installer loads a set of key JVM classes, such as rt.jar, into a memory-mapped shared archive. CDS reduces the time it takes to load these classes improving JVM start-up speed and allows these classes to be shared between different instances of the JVM reducing the memory footprint.

Where Is The Method Area

[13]The Java Virtual Machine Specification Java SE 7 Edition clearly states: “Although the method area is logically part of the heap, simple implementations may choose not to either garbage collect or compact it.” In contradiction to this jconsole for the Oracle JVM shows the method area (and code cache) as being non-heap. The [14]OpenJDK code shows that the CodeCache is a separate field of the VM to the ObjectHeap.

All classes that are loaded contain a reference to the classloader that loaded them. In turn the classloader also contains a reference to all classes that it has loaded.

Run Time Constant Pool

The JVM maintains a per-type constant pool, a run time data structure that is similar to a symbol table although it contains more data. Byte codes in Java require data, often this data is too large to store directly in the byte codes, instead it is stored in the constant pool and the byte code contains a reference to the constant pool. The run time constant pool is used in dynamic linking [15]as described above

Several types of data is stored in the constant pool including

 * numeric literals
 * string literals
 * class references
 * field references
 * method references

For example the following code:

Object foo = new Object();

Would be written in byte code as follows:

0: new #2 // Class java/lang/Object 1: dup 2: invokespecial #3 // Method java/ lang/Object ""( ) V

The new opcode (operand code) is followed by the #2 operand. This operand is an index into the constant pool and therefore is referencing the second entry in the constant pool. The second entry is a class reference, this entry in turn references another entry in the constant pool containing the name of the class as a constant UTF8 string with the value // Class java/lang/Object. This symbolic link can then be used to lookup the class for java.lang.Object. The new opcode creates a class instance and initializes its variables. A reference to the new class instance is then added to the operand stack. The dup opcode then creates an extra copy of the top reference on the operand stack and adds this to the top of the operand stack. Finally an instance initialization method is called on line 2 by invokespecial. This operand also contains a reference to the constant pool. The initialization method consumes (pops) the top reference off the operand pool as an argument to the method. At the end there is one reference to the new object that has been both created and initialized.

If you compile the following simple class:

package org.jvminternals; public class SimpleClass { public void sayHello() { System.out.println("Hello"); } }

The constant pool in the generated class file would look like:

Constant pool: #1 = Methodref #6.#17 // java/lang/Object."":()V #2 = Fieldref #18.#19 // java/lang/System.out:Ljava/io/PrintStream; #3 = String #20 // "Hello" #4 = Methodref #21.#22 // java/io/PrintStream.println:(Ljava/lang/String;)V #5 = Class #23 // org/jvminternals/SimpleClass #6 = Class #24 // java/lang/Object #7 = Utf8 #8 = Utf8 ()V #9 = Utf8 Code #10 = Utf8 LineNumberTable #11 = Utf8 LocalVariableTable #12 = Utf8 this #13 = Utf8 Lorg/jvminternals/SimpleClass; #14 = Utf8 sayHello #15 = Utf8 SourceFile #16 = Utf8 SimpleClass.java #17 = NameAndType #7:#8 // "":()V #18 = Class #25 // java/lang/System #19 = NameAndType #26:#27 // out:Ljava/io/PrintStream; #20 = Utf8 Hello #21 = Class #28 // java/io/PrintStream #22 = NameAndType #29:#30 // println:(Ljava/lang/String;)V #23 = Utf8 org/jvminternals/SimpleClass #24 = Utf8 java/lang/Object #25 = Utf8 java/lang/System #26 = Utf8 out #27 = Utf8 Ljava/io/PrintStream; #28 = Utf8 java/io/PrintStream #29 = Utf8 println #30 = Utf8 (Ljava/lang/String;)V

The constant pool contains the following types:

Integer

A 4 byte int constant

Long

An 8 byte long constant

Float

A 4 byte float constant

Double

A 8 byte double constant

String

A String constant that points at another Utf8 entry in the constant pool which contains the actual bytes

Utf8

A stream of bytes representing a Utf8 encoded sequence of characters

Class

A Class constant that points at another Utf8 entry in the constant pool which contains the fully qualified class name in the internal JVM format (this is used by the [16]dynamic linking process)

NameAndType

A colon separated pair of values each pointing at other entries in the constant pool. The first value (before the colon) points at a Utf8 string entry that is the method or field name. The second value points at a Utf8 entry that represents the type, in the case of a field this is the fully qualified class name, in the case of a method this is a list of fully qualified class names one per parameter.

Fieldref, Methodref, InterfaceMethodref

A dot separated pair of values each pointing at other entries in the constant pool. The first value (before the dot) points at a Class entry. The second value points at a NameAndType entry.

Exception Table

The exception table stores per-exception handler information such as:

 * Start point
 * End point
 * PC offset for handler code
 * Constant pool index for exception class being caught

If a method has defined a try-catch or a try-finally exception handler then an Exception Table will be created. This contains information for each exception handler or finally block including the range over which the handler applies, what type of exception is being handled and where the handler code is.

When an exception is thrown the JVM looks for a matching handler in the current method, if none is found the method ends abruptly popping the current stack frame and the exception is re-thrown in the calling method (the new current frame). If no exception handler is found before all frames have been popped then the thread is terminated. This can also cause the JVM itself to terminate if the exception is thrown in the last non-daemon thread, for example if the thread is the main thread.

Finally exception handlers match all types of exceptions and so always execute whenever an exception is thrown. In the case when no exception is thrown a finally block is still executed at the end of a method, this is achieved by jumping to the finally handler code immediately before the return statement is executed.

Symbol Table

In addition to per-type run-time constant pools the Hotspot JVM has a symbol table held in the permanent generation. The symbol table is a Hashtable mapping symbol pointers to symbols (i.e. Hashtable) and includes a pointer to all symbols including those held in run time constant pools in each class.

Reference counting is used to control when a symbol is removed from the symbol table. For example when a class is unloaded the reference count of all symbols held in its run time constant pool are decremented. When the reference count of a symbol in the the symbol table goes to zero then the symbol table knows that symbol is not being referenced anymore and the symbol is unloaded from the symbol table. For both the symbol table and the string table (see below) all entries are held in a canonicalized form to improve efficiency and ensure each entry only appears once.

Interned Strings (String Table)

The Java Language Specification requires that identical string literals, that contain the same sequence of Unicode code points, must refer to the same instance of String. In addition if String.intern() is called on an instance of String a reference must be returned that would be identical to the reference return if the string was a literal. The following therefore holds true:

("j" + "v" + "m").intern() == "jvm"

In the Hotspot JVM interned string are held in the string table, which is a Hashtable mapping object pointers to symbols (i.e. Hashtable), and is held in the permanent generation. For both the symbol table (see above) and the string table all entries are held in a canonicalized form to improve efficiency and ensure each entry only appears once.

String literals are automatically interned by the compiler and added into the symbol table when the class is loaded. In addition instances of the String class can be explicitly interned by calling String.intern(). When String.intern() is called, if the symbol table already contains the string then a reference to this is returned, if not the string is added to the string table and its reference is returned.

References

Visible links
1. http://www.amazon.co.uk/Virtual-Machine-Specification-Edition-Series/dp/0133260445
2. http://blog.jamesdbloom.com/images_2013_11_17_17_56/JVM_Internal_Architecture.png
3. http://blog.jamesdbloom.com/JVMInternals.html#threads
4. http://blog.jamesdbloom.com/JVMInternals.html#shared_between_threads
5. http://blog.jamesdbloom.com/JVMInternals.html#exception_table
6. http://blog.jamesdbloom.com/JVMInternals.html#class_file_structure
7. http://blog.jamesdbloom.com/JVMInternals.html#constant_pool
8. http://blog.jamesdbloom.com/images_2013_11_17_17_56/bytecode_explanation_SimpleClass.png
9. http://blog.jamesdbloom.com/JVMInternals.html#dynamic_linking
10. http://blog.jamesdbloom.com/images_2013_11_17_17_56/bytecode_explanation_sayHello.png
11. http://blog.jamesdbloom.com/images_2013_11_17_17_56/Class_Loading_Linking_Initializing.png
12. http://blog.jamesdbloom.com/images_2013_11_17_17_56/class_loader_hierarchy.png
13. http://www.amazon.co.uk/Virtual-Machine-Specification-Edition-Series/dp/0133260445
14. http://openjdk.java.net/
15. http://blog.jamesdbloom.com/JVMInternals.html#dynamic_linking
16. http://blog.jamesdbloom.com/JVMInternals.html#dynamic_linking

HackerNewsBot debug: Calculated post rank: 83 - Loop: 58 - Rank min: 80 - Author rank: 46

Shutting Down Forum (GDPR)

In case anyone is interested, this basically described what has been happening to me: https://jacquesmattheij.com/so-your-start-up-receive-the-nightmare-gdpr-letter The sad thing is that one email…

Article word count: 806

HN Discussion: https://news.ycombinator.com/item?id=17208065

Posted by spacebearmakes (karma: 52)

Post stats: Points: 90 - Comments: 128 - 2018-06-01T17:54:20Z

#HackerNews #down #forum #gdpr #shutting

Article content:

[1]bradrydzewski 2018-05-28 19:23:48 UTC #1

Dear Drone Community,

Drone has begun receiving formal GDPR compliance requests. As an open source project I do not have the time or resources to process these requests, nor am I willing to pay for legal counsel out-of-pocket to advise on such matters and draft formal policy documentation.

I have therefore decided to shutdown this forum effective July 1 and have disabled new account creation effective immediately. We will transition this mailing list to [2]/r/droneci which is better equipped to ensure ongoing compliance with data privacy regulations. Please understand that I am not making a political statement for or against GDPR. I simply believe this is the easiest, most cost-effective path toward compliance.

Please note that we will continue to offer Enterprise Support via our Slack channel.

[3]bradrydzewski 2018-05-28 19:24:08 UTC #2

[4]bradrydzewski 2018-05-29 01:04:50 UTC #4

I do appreciate the links. The gdpr documentation is quite long and I lack the domain expertise to read and comprehend the document in full. Perhaps this is cultural, since the United States is a very litigious society, but I would not feel comfortable accepting liability for gdpr compliance without consulting an attorney. It is also unclear how I am expected to respond to DPA execution requests (what the hell is a DPA request?), which I have already received, and what penalties I could face if I fail to provide a sufficient response. Overall, it just seems like outsourcing to StackOverflow or Google Groups makes more sense. This way I can focus my time on making Drone better, as opposed to becoming a legal expert [5]:slight_smile:

[6]laszlocph 2018-05-29 12:18:04 UTC #5

The sad part is losing this knowledgebase completely.

Github issues have links to the old forum, then there was the Gitter period, and now losing this forum. Doesn’t send a good message [7]:frowning:

[8]bradrydzewski 2018-05-29 14:32:44 UTC #6

The knowledge base can be archived, and Stack Overflow will still provide an avenue to share knowledge and receive support from volunteers. The great thing about Stack Overflow is that there is no administration required, and ownership and administration is much more decentralized. Stack Overflow also supports a feature called [9]Stack Overflow Documentation to which the current knowledge base may be transferred.

[10]gboddin 2018-05-29 16:02:15 UTC #7

Clicks on documentation

We have shut down
Stack Overflow Documentation.

Documentation was our attempt at improving existing reference materials by focusing on examples. The beta ran from July 21st, 2016 until August 8th, 2017. For more details on why we ended it, please see our post on meta. Thank you to everyone that participated. As always, the content contributed by our community is available under CC-BY-SA: download the archive.

[11]@bradrydzewski maybe just transfer ownership ^^

[12]bradrydzewski 2018-05-30 06:56:11 UTC #8

Unfortunately I am told I may not permitted to transfer ownership. The Discourse software collects some personally identifiable and sensitive data (username, email, IP and github token for oauth login) and I do not have authorization to transfer ownership of this data to a third party. Such a transfer could be considered a violation of GDPR without having consent.

[13]ogarcia 2018-05-30 07:10:07 UTC #9

Why not do a Subreddit? It works like discourse and can have moderators.

[14]cedk 2018-05-30 10:23:19 UTC #10

bradrydzewski:

 I may not permitted to transfer ownership

But maybe you may “delegate” the operational to a “sub-contractor” who will take the responsibilities.

[15]bradrydzewski 2018-05-30 15:06:42 UTC #11

 But maybe you may “delegate” the operational to a “sub-contractor” who will take the responsibilities

I like the creative thinking [16]:slight_smile: Unfortunately even if I delegate operations I would still legally own the data, and would ultimately be financially liable for violations. Even if there were some loophole, I would need to consult my attorney to further advise and draw up agreements, which at a rate of $ 900 / hour could still be very expensive for me.

I think the best option is to move the forum to reddit or google groups as suggested by [17]@ogarcia.

[18]bradrydzewski 2018-05-30 16:44:16 UTC #12

[19]bradrydzewski 2018-05-31 18:58:42 UTC #13

In case anyone is interested, this basically described what has been happening to me:
[20]https://jacquesmattheij.com/so-your-start-up-receive-the-nightmare-gdpr-letter

The sad thing is that one email came from the co-founder of a Startup out of Germany. I cannot believe a startup founder would troll an open source project like this. It is very sad that people are using grpd, something that could provide a real social good, as a means to troll people.

The irony is not lost on me that I am now sending my community to Reddit, which is going to more actively collect and analyze data and browsing habits and serve people ads. Note that this is not a criticism of Reddit; I am very happy they are able to provide this service.

Anyway, I digress …

[21]Home [22]Categories [23]FAQ/Guidelines [24]Terms of Service [25]Privacy Policy

References

Visible links
1. https://discourse.drone.io/u/bradrydzewski
2. https://www.reddit.com/r/droneci
3. https://discourse.drone.io/u/bradrydzewski
4. https://discourse.drone.io/u/bradrydzewski
6. https://discourse.drone.io/u/laszlocph
8. https://discourse.drone.io/u/bradrydzewski
9. https://stackoverflow.com/documentation
10. https://discourse.drone.io/u/gboddin
11. https://discourse.drone.io/u/bradrydzewski
12. https://discourse.drone.io/u/bradrydzewski
13. https://discourse.drone.io/u/ogarcia
14. https://discourse.drone.io/u/cedk
15. https://discourse.drone.io/u/bradrydzewski
17. https://discourse.drone.io/u/ogarcia
18. https://discourse.drone.io/u/bradrydzewski
19. https://discourse.drone.io/u/bradrydzewski
20. https://jacquesmattheij.com/so-your-start-up-receive-the-nightmare-gdpr-letter
21. https://discourse.drone.io/
22. https://discourse.drone.io/categories
23. https://discourse.drone.io/guidelines
24. https://discourse.drone.io/tos
25. https://discourse.drone.io/privacy

HackerNewsBot debug: Calculated post rank: 102 - Loop: 290 - Rank min: 100 - Author rank: 104

@simba Clarification: They new laws were introduced in Norway specifically, after the Utøya massacre carried out by Anders Breivik. Norway is a bit of an odd man out in Europe. We are #8 in gun ownership in the world, with 31 guns per 100 residents, but talk of guns is almost completely absent in the public space. There's an equivalent to the NRA but it doesn't seem to have much sway, perhaps because guns aren't a part of the national identity.

If there's one tiefling babe I will never get sick of drawing, it's definitely Lorafaen. This lovely lady is for you @JoshuaDean19@twitter.com - I do hope you enjoy!

✏️ko-fi #8 | https://t.co/znPX39yhTu https://t.co/8qZBRcQALR

https://twitter.com/sylessae/status/994294400099520514

https://mastodon.social/media/-isW4FsT9gdNBgcnBhg so jervis tetch is wearing this outfit in batman allstars #8 and I had to draw it it's too dapper

Spaceship Landing - 8tel Ride...

off of Spaceship Landing 12”x2 (red translucent vinyl) on World In Sound (2005)

#spaceshiplanding #spaceship #landing #8 #ride #worldinsound #2012 #audio #animatedgif #psychedelicrock