In 2022 Google released a tool to easily scan for vulnerabilities in dependencies named OSV-Scanner. "Together with the open source community, we've continued to build this tool, adding remediation features," according to Google's security blog, "as well as expanding ecosystem support to 11 programming languages and 20 package manager formats... Users looking for an out-of-the-box vulnerability scanning CLI tool should check out OSV-Scanner, which already provides comprehensive language package scanning capabilities..."

Thursday they also announced an extensible library for "software composition analysis" scanning (as well as file-system scanning) named OSV-SCALIBR (Open Source Vulnerability — Software Composition Analysis LIBRary). The new library "combines Google's internal vulnerability management expertise into one scanning library with significant new capabilities such as:

• Software composition analysis for installed packages, standalone binaries, as well as source code

• OSes package scanning on Linux (COS, Debian, Ubuntu, RHEL, and much more), Windows, and Mac

• Artifact and lockfile scanning in major language ecosystems (Go, Java, Javascript, Python, Ruby, and much more)

• Vulnerability scanning tools such as weak credential detectors for Linux, Windows, and Mac

• Software Bill of Materials (SBOM) generation in SPDX and CycloneDX, the two most popular document formats

• Optimization for on-host scanning of resource constrained environments where performance and low resource consumption is critical

"OSV-SCALIBR is now the primary software composition analysis engine used within Google for live hosts, code repos, and containers. It's been used and tested extensively across many different products and internal tools to help generate SBOMs, find vulnerabilities, and help protect our users' data at Google scale. We offer OSV-SCALIBR primarily as an open source Go library today, and we're working on adding its new capabilities into OSV-Scanner as the primary CLI interface."

Parallels Desktop now supports running 64-bit x86 operating systems on Apple Silicon Macs through its proprietary emulation engine, enabling users to run traditional Windows and Linux distributions. However, performance is said to be "really slow." How-To Geek reports: The latest Parallels Desktop 20.2 update adds early support for x86 emulation on Apple Silicon, allowing traditional x86 PC operating systems to work on newer Mac computers. There were already apps like UTM that could do it (most of them are based on QEMU), but this feature uses Parallels' "proprietary emulation engine" paired with Apple's built-in hypervisor. [...] Parallels on Apple Silicon can now "run existing x86_64 Windows 10, Windows 11*, Windows Server 2019/2022, and some Linux distributives with UEFI BIOS via Parallels Emulator." You can also create new Windows 10 21H2 and Windows Server 2022 virtual machines if needed.

There are some big limitations. You can only run 64-bit x86 operating systems -- sorry, FreeDOS fans -- but those 64-bit operating systems can run 32-bit applications. There's also no support for USB devices, nested virtualization (so WSL2 won't work), or the Parallels hypervisor. Performance will also be "really slow," since x86 instructions have to be translated to ARM. The company said, "Windows boot time is about 2-7 minutes, depending on your hardware. Windows operating system responsiveness is also low."

Apple Intelligence now requires 7GB of free storage per device, nearly doubling the original 4GB requirement from iOS 18.1. This is a result of new AI features like Genmoji, ChatGPT in Siri, and Image Playground. With further updates expected, storage demands could rise to 10GB per device. 9to5Mac reports: Per Apple's website, Apple Intelligence now requires 7GB of free storage. The same 7GB number applies whether you're using an iPhone, iPad, or Mac. But it also, since each product does its own on-device processing, adds up for multi-device use. If you want to use AI features across all three devices (which I'd assume most of us do), that's a grand total of 21GB of free space being used by Apple Intelligence. And unfortunately, if you're tight on storage, there's no way to reduce the requirement by disabling certain features.

NetEase has reversed 100-year bans imposed on "Marvel Rivals" players using Linux and Mac compatibility tools in December 2024, following intervention from CodeWeavers' CEO and player complaints.

The game's anti-cheat system had banned players until 2124 for using Proton and CrossOver software on Steam Deck and Apple devices. The company stated on Discord it "will not ban players who are playing fairly and without cheating" but has made no broader commitments regarding compatibility tools.

"I still can't quite believe that I'm using an Arm-powered Windows laptop every day," writes a senior editor at the Verge: After more than a decade of trying to make Windows on Arm a reality, Microsoft and Qualcomm finally nailed it this year with Copilot Plus PCs. These new laptops have excellent battery life and great performance — and the app compatibility issues that have plagued Windows on Arm are mostly a thing of the past (as long as you're not a gamer). Microsoft wanted 2024 to be "the year of the AI PC," but I think it was very much the year of Windows on Arm...

The key to Windows on Arm's revival this year was Qualcomm's Snapdragon X Elite processors, which were announced in April. They've provided the type of performance and power efficiency only previously available with Apple's MacBooks and challenged Intel and AMD to do better in the x86 space. After much debate over Microsoft's MacBook Air-beating benchmarks, the reviews rolled in and showed that Windows on Arm was indeed capable of matching and beating Apple's MacBook Air. Qualcomm even hired the "I'm a Mac" guy to promote Windows on Arm PCs, showing how confident it was in challenging Apple's laptop dominance.

Microsoft and Qualcomm also worked closely with developers to make key apps compatible, and it's now very rare to run into an app compatibility issue that can't be solved by a native Arm64 version or Microsoft's improved emulator. Even Google, which previously shunned Windows Phone, has created Arm64 versions of Chrome and Google Drive to support Microsoft's efforts. With developers continually providing native versions of their apps, it makes it a lot easier to switch to a Windows on Arm laptop. The only big exception is gaming, where x86 still reigns supreme for compatibility and performance...

It's hard not to see 2025 as the year that Windows on Arm continues to eat into the laptop space. A Dell leak revealed Qualcomm is preparing new chips for 2025, and the chip maker has also been rolling out cheaper Arm-based chips to bring laptop prices down.
The article acknowledges that both AMD and Intel "have the key advantage of game compatibility that Windows on Arm is definitely not ready for..." But "Given the Windows on Arm gaming situation, a new generation of Nvidia's GPUs could help generate fresh excitement around x86 laptops throughout 2025." And "Nvidia might also be planning to help the Windows on Arm effort. The chip maker has long been rumored to be planning to launch Arm PC chips as soon as 2025... Whatever happens to laptops in 2025, you can guarantee that there's going to be fierce competition between Intel, AMD, and Qualcomm."

But the author still complains about the dedicated Copilot key on his new WIndows-on-Arm laptop. "While the Copilot experience on Windows has gone through several confusing revisions, it's still a key I accidentally press and then get frustrated when a Copilot window appears."

Apple's $3,499 Vision Pro headset has failed to gain widespread adoption despite advanced technology, with consumers preferring discreet wearables like smartwatches. The Verge: Nearly a year from launch, though, Apple hasn't done enough to demonstrate why the Vision Pro should be a potential showcase of the future of computing. It's taking a long time to put together its immersive content library, and while those are great demonstrations of what's possible, the videos have been short and isolating. There aren't many great games, either.

Yes, Apple keeps adding cool new software features. The wide and ultra widescreen settings for using a Mac display seem exceptionally useful. But those are pretty specific options for pretty specific use cases. There still isn't an immediate, obvious reason to buy a Vision Pro the way there usually is with the company's newest iPhones and Macs. If I bought a Vision Pro today, I wouldn't know what to do with it besides give myself a bigger Mac screen or watch movies, and I don't think either of those are worth the exorbitant price.

Wil Shipley, announcing the end of Delicious Library, a media cataloging app: Amazon has shut off the feed that allowed Delicious Library to look up items, unfortunately limiting the app to what users already have (or enter manually).

I wasn't contacted about this.

I've pulled it from the Mac App Store and shut down the website so nobody accidentally buys a non-functional app. John Gruber of DaringFireball adds: The end of an era, but it's kind of surprising it was still functional until now. (Shipley has been a full-time engineer at Apple for three years now.)

It's hard to describe just what a sensation Delicious Library was when it debuted, and how influential it was. Delicious Library was simultaneously very useful, in very practical ways, and obsessed with its exuberant UI in ways that served no purpose other than looking cool as shit. It was an app that demanded to be praised just for the way it looked, but also served a purpose that resonated with many users. For about a decade it seemed as though most popular new apps would be designed like Delicious Library. Then Apple dropped iOS 7 in 2013, and now, no apps look like this. Whatever it is that we, as an industry, have lost in the now decade-long trend of iOS 7-style flat design, Delicious Library epitomized it.

Back in the mid-1980s Mark Roth was in 5th grade when the game ChipWits "helped kindle his interest in coding," according to an online biography. ("By middle school, he wrote his first Commodore 64 assembler and by high school he authored a 3D Graphics library for DOS.")

And 40 years later, Slashdot reader markroth8 writes that the programming puzzle/logic game "inspired many people to become professional coders": ChipWits was first released for Mac in 1984, and was later ported to Commodore 64 and Apple II in 1985. To celebrate the game's 40th anniversary, the team behind the new Steam reboot of ChipWits (including its original co-creator Doug Sharp, also of fame for the game King of Chicago) is announcing the recovery and open source release of the original game's source code, written in the FORTH programming language, for both Mac and Commodore 64 platforms.

Recovering data from 40-year old 5.25" and 3.5" disks was a challenge in and of itself, and most of the data survived unscathed! It's interesting to read the 40-year-old code, and compare it to modern game development.
"Our goal for open sourcing the original version of ChipWits is to ensure its legacy lives on," according to the announcement. (It adds that "We also wanted to share an appreciation for what cross-platform software development for 8-bit microcomputers was like in 1984.")

The latest Steam client drops support for operating systems older than Windows 10 or macOS 10.15 Catalina. "That means Mac users can't run 32-bit games anymore, as all macOS versions from Catalina onward only run 64-bit binaries," reports The Register. From the report: [I]f you have a well-specified older Mac, here is another reason to check out Open Core Legacy Patcher. For now, macOS 10.15 Catalina will do but we suspect it won't for long. This version of Steam uses the equivalent to Chrome 126: "Updated embedded Chromium build in Steam to 126.0.6478.183." However, versions since Chrome 128 require macOS 11 or newer. For now, Catalina will work -- but the next significant Steam update will update Chromium as well, and there's a high probability that that will drop support for 10.15.

So, if you're using OCLP to install a newer macOS, you should probably go directly to Big Sur. In The Reg FOSS desk's testing, we found that Big Sur ran reasonably well on a machine with Intel HD 520 graphics, although the same hardware ran very poorly with macOS 12 Monterey. Unfortunately, the inevitable end is in sight for older Macs. That said, the November 2024 Steam client update brings several "wins," including a built-in Game Recording feature, an upgraded Chromium browser engine, and the new "Scout" Linux runtime environment for improved compatibility and performance, especially on the Steam Deck and Linux distros. Additionally, it delivers bug fixes and enhancements for modern OS users.

Apple has pushed out security updates that it says are "recommended for all users," after fixing a pair of security bugs used in active cyberattacks targeting Mac users. From a report: In a security advisory on its website, Apple said it was aware of two vulnerabilities that "may have been actively exploited on Intel-based Mac systems." The bugs are considered "zero day" vulnerabilities because they were unknown to Apple at the time they were exploited.

[...] The vulnerabilities were reported by security researchers at Google's Threat Analysis Group, which investigates government-backed hacking and cyberattacks, suggesting that a government actor may be involved in the attacks.

An update to OpenAI's ChatGPT app for macOS adds integration with third-party apps, including developer tools such as VS Code, Terminal, iTerm2 and Apple's Xcode. 9to5Mac reports: In a demo seen by 9to5Mac, ChatGPT was able to understand code from an Xcode project and then provide code suggestions without the user having to manually copy and paste content into the ChatGPT app. It can even read content from more than one app at the same time, which is very useful for working with developer tools. According to OpenAI, the idea is to expand integration to more apps in the future. For now, integration with third-party apps is coming exclusively to the Mac version of ChatGPT, but there's another catch. The feature requires a paid ChatGPT subscription, at least for now.

ChatGPT Plus and Team subscribers will receive access to integration with third-party apps on macOS starting today, while access for Enterprise and Education users will be rolled out "in the next few weeks." OpenAI told 9to5Mac that it wants to make the feature available to everyone in the future, although there's no estimate of when this will happen. For privacy reasons, users can control at any time when and which apps ChatGPT can read. The app can be downloaded here.

Apple released Final Cut Pro 11 this week, marking the first major version change in over a decade for its professional video editing software. The update introduces several AI-powered features, including a new "Magnetic Mask" function that automatically tracks objects through video clips for targeted color grading and effects.

The suite now offers on-device automatic caption generation for dialogue tracks and adds support for spatial video editing compatible with Apple Vision Pro. Users can adjust the depth of titles and objects for 3D viewing. The update requires macOS 14.6 and at least 8GB of RAM, with some features exclusive to Apple silicon Macs.

Existing Final Cut Pro X users will receive the upgrade at no cost, while new users can purchase the software for $299. Accompanying updates include Final Cut Camera for iPhone, which now supports H.265 HEVC format for Apple Log footage on iPhone 15/16 Pro models, and Final Cut Pro for iPad 2.1, featuring enhanced automated color grading tools and new creative assets.

Projects created on Mac remain incompatible with the iPad version, PetaPixel reports.

An anonymous reader quotes a report from Ars Technica: The classic PC games market is "in a sorry state," according to DRM-free and classic-minded storefront GOG. Small games that aren't currently selling get abandoned, and compatibility issues arise as technology moves forward or as one-off development ideas age like milk. Classic games are only 20 percent of GOG's catalog, and the firm hasn't actually called itself "Good Old Games" in 12 years. And yet, today, GOG announces that it is making "a significant commitment of resources" toward a new GOG Preservation Program. It starts with 100 games for which GOG's own developers are working to create current and future compatibility, keeping them DRM-free and giving them ongoing tech support, along with granting them a "Good Old Game: Preserved by GOG" stamp.

GOG is not shifting its mission of providing a DRM-free alternative to Steam, Epic, and other PC storefronts, at least not entirely. But it is demonstrably excited about a new focus that ties back to its original name, inspired in some part by its work on Alpha Protocol. "We think we can significantly impact the classics industry by focusing our resources on it and creating superior products," writes Arthur Dejardin, head of sales and marketing at GOG. "If we wanted to spread the DRM-free gospel by focusing on getting new AAA games on GOG instead, we would make little progress with the same amount of effort and money (we've been trying various versions of that for the last 5 years)."

What kind of games? Scanning the list of Good Old Games, most of them are, by all accounts, both good and old. Personally, I'm glad to see the Jagged Alliance games, System Shock 2, Warcraft I & II, Dungeon Keeper Gold and Theme Park, SimCity 3000 Unlimited, and the Wing Commander series (particularly, personally, Privateer). Most of them are, understandably, Windows-only, though Mac support extends to 34 titles so far, and Linux may pick up many more through Proton compatibility, beyond the 19 native titles to date. [...] [I]f you see the shiny foil-ish GOG badge on a game, it's an assurance that GOG has done all it can to bring forward a classic title. It's important work, too. "Preserving" games doesn't just mean locking a stable media in a vault, but keeping games accessible, and playable.

Apple executives have defended the relocation of the power button to the bottom of its new M4 Mac mini, citing the computer's significantly reduced size as the driving factor behind the design change.

In a Bilibili video interview, Apple's Greg Joswiak and John Ternus explained that the Mac mini's form factor, now half the size of its predecessor, necessitated finding a new position for the power button. The executives said that the bottom placement allows for convenient access despite initial user criticism.

With iOS 18.2, Apple will allow you to share the location of a lost AirTag with other people and with more than 15 different airlines. The Verge reports: When using the feature, you can generate a Share Item Location link within the Find My app on an iPhone, iPad, or Mac. Once you share the link with someone, they can click on it to view an interactive map with the location of your lost item. Apple will update the website automatically when the lost item moves, and it will also display a timestamp when it moved last. Apple will turn off the feature once you find your lost item. You can also manually stop sharing the location of an AirTag at any time, or the link will "automatically expire after seven days." [...]

As part of the rollout, Apple is partnering with over 15 airlines, including Delta, United, Virgin Atlantic, Lufthansa, Air Canada, and more. All of these airlines will be able to "privately and securely" accept links to lost items, as "access to each link will be limited to a small number of people, and recipients will be required to authenticate in order to view the link through either their Apple Account or partner email address." This feature will be available to airlines in the "coming months." Additionally, SITA, a baggage tracing solution, will also implement Share Item Location into its luggage tracker.

According to a partial teardown video of Apple's new Mac mini, the new machine features modular storage that can be removed. "As we saw with the Mac Studio, however, replacing the modular storage is complicated," notes MacRumors. The teardown also reveals two 128GB storage chips in the 256GB model, enabling faster SSD speeds comparable to higher-capacity versions. From the report: The criticism surrounding Apple's decision to use a single 256GB chip in some base-model Macs a few years ago primarily came from a vocal contingent of tech enthusiasts, and the average customer is unlikely to even notice the slower speeds in common day-to-day tasks. Nevertheless, it appears that customers who do want the fastest SSD speeds do not need to worry about which storage capacity they choose when ordering the new Mac mini.

Apple has confirmed it has no plans to release a 27-inch iMac, ending speculation about a larger successor to its flagship desktop computer. The tech giant will instead focus on its 24-inch M3 iMac and Mac Studio offerings.

Apple released the first beta of visionOS 2.2, introducing new "Wide" and "Ultrawide" modes for the Mac Virtual Display feature on the Vision Pro headset. MacRumors reports: Apple has previously said the ultra-wide version of Mac Virtual Display is equivalent to having two physical 4K displays sitting side by side on a desk. Mac Virtual Display is now available in three sizes: Normal, Wide, and Ultrawide. visionOS 2.2 will likely be released to the public in December alongside iOS 18.2, iPadOS 18.2, macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, and other updates. Further reading: Apple Delays Cut-price Vision Headset Until 2027, Analyst Ming-Chi Kuo Says

Apple has moved the power button on its new M4 Mac mini to an awkward spot underneath the device, requiring users to lift or tip the computer to turn it on. The button now sits near the left rear corner, raised slightly by cooling vents, instead of its previous accessible position on the back panel. The change, absent from Apple's marketing materials, complicates basic operations like power-cycling the machine - especially with cables attached.

Further reading: Apple's New Mouse Retains Flawed Charging Design.

Apple launched a dramatically smaller Mac Mini desktop computer on Tuesday, powered by its new M4 processor and featuring ray tracing capabilities for the first time. The redesigned Mini measures just 5 inches square, roughly half the size of its predecessor, while delivering up to 1.8 times faster CPU performance compared to the M1 model.

The base version starts at $599, while the more powerful M4 Pro variant begins at $1,399. The M4 Pro model sports 14 CPU cores and 20 GPU cores, with support for up to 64GB of RAM and 8TB storage. It introduces Thunderbolt 5 connectivity, offering data transfer speeds up to 120 Gb/s. Apple has revamped the port configuration, adding front-facing USB-C ports and a headphone jack. The rear features Ethernet, HDMI, and three Thunderbolt ports, though USB-A ports have been eliminated. The new Mini supports up to three 6K displays with the M4 Pro chip.