Stop hack­ing around with scripts; get real work done with

the data ac­cess stan­dard that’s been rock­ing it for 4 decades. Yes, SQL. It is an el­e­gant and pow­er­ful tool that makes work­ing with mul­ti­ple APIs sim­ple. SQL lev­els the play­ing field for your team, eas­ily in­te­grates with other sys­tems and ac­cel­er­ates de­liv­ery.se­lect aws.name aws_user_­name, slack.id as slack­_user_id, slack.dis­play_­name as slack­_­name­from aws_i­am_user as aws, slack­_user as slack­where aws.name = slack.email;Pain­lessly join live cloud con­fig­u­ra­tion data with in­ter­nal or ex­ter­nal data sets to cre­ate new in­sights.se­lect do­main, ex­pi­ra­tion_­date from whois_­do­main where do­main in (‘apple.com’,‘steampipe.io’);Stop build­ing and main­tain­ing out-of-sync lists and point-in-time en­vi­ron­ment snap­shots; Steampipe’s live ta­bles give you the cur­rent view of any re­source right now.Which users have MFA en­abled right now?What se­cu­rity groups are open to the world? se­lect id, name­from azure_­com­pute_im­age­where tags -> ‘owner’ is null or tags -> ‘app_id’ is null;What stor­age vol­umes are not in use?Steampipe re­lies on plu­g­ins to im­ple­ment the spe­cific in­ter­faces to cloud ser­vices, files, and other re­sources. Without a plu­gin, there is noth­ing to query!Use one of Steampipe’s 300+ data sources or roll your own. Explore meta­data and doc­u­men­ta­tion for our com­mu­nity plu­g­ins on the Steampipe Hub.+–––––––––––+––––––+–––––––

| Column | Type | Description

| name | text | The friendly

| role_id | text | The sta­ble an

| path | text | The path asso

| arn | text | The AWS re­sou

| cre­ate_­date | time­stamp | The date and

| as­sume_­role_pol­icy | jsonb | The IAM PolicSteampipe or­ga­nizes your cloud meta­data into ta­bles and fields that are eas­ily dis­cov­er­able and read­able by hu­mans!Every jour­ney be­gins with the first step. Let us know what your first query was @steampipeio and we will send you a steampipe sticker.

Interested in talk­ing to oth­ers about cod­i­fied op­er­a­tions?

Microsoft has fol­lowed a small group of its com­peti­tors in build­ing a VPN ser­vice di­rectly into its own browser. The VPN fea­ture, known as “Microsoft Edge Secure Network,” has rolled out to a lim­ited se­lec­tion of users in the lat­est Edge Canary ver­sion.

While Microsoft has yet to an­nounce its launch, early testers have al­ready got the first glimpse of what the new pri­vacy tool looks like and how it is de­signed to work. In Canary, the new VPN fea­ture could be found un­der Settings > Privacy, search and ser­vices.

Make no mis­take, though: Edge has not come up with its pro­pri­etary VPN ser­vice. Rather, the new pri­vacy tool is the re­sult of the tech gi­ant’s part­ner­ship with Cloudflare. The lat­ter pro­vides a se­cure server net­work through which the data is routed. Microsoft be­gan ex­per­i­ment­ing with the VPN-like ser­vice in May, al­low­ing some Canary users to pre­view it and of­fer feed­back.

Although the Cloudflare-powered VPN ser­vice will hide your IP ad­dress, en­crypt your data, and send it through a se­cure net­work (much like a reg­u­lar VPN), it lacks one im­por­tant fea­ture users seek in a vir­tual pri­vate net­work: an abil­ity to by­pass geo-block. In the case of Edge’s VPN, you won’t be able to choose any server lo­ca­tion you want since your data will au­to­mat­i­cally be routed through a Cloudflare server near to where you live.

Interestingly, un­like Opera browser, where an in-built VPN has to be en­abled man­u­ally, a VPN baked into Edge ap­pears to be turned on by de­fault, but only for cer­tain use cases.

In the Optimized (Recommended) mode, the VPN will au­to­mat­i­cally con­nect when you’re us­ing pub­lic Wi-Fi or brows­ing un­se­cured net­works and sites lack­ing a valid HTTP cer­tifi­cate. However, the VPN will not run while you’re stream­ing or watch­ing videos — so that you can save up on traf­fic which is capped at a mod­est 1 GB per month.

If you crave more pri­vacy, you can tog­gle the All Sites mode on, in which case the VPN will be run­ning at all times. But since the traf­fic cap stays at 1 GB a month, brows­ing in this mode risks eat­ing up your pre­cious traf­fic al­lowance rather quickly.

In the Select Sites mode you can con­fig­ure the VPN to work only on the sites that you want it to work on. Alternatively, you can spec­ify sites that should al­ways be ex­empted from the VPN.

It’s also pos­si­ble to en­able the VPN for a site you’re cur­rently brows­ing by click­ing the se­cure net­work icon in the Edge tool­bar and choos­ing the Always use VPN for this site op­tion.

Whether Microsoft even­tu­ally raises the traf­fic cap or makes its VPN a “freemium” fea­ture by let­ting users pay for more GBs re­mains to be seen. It’s likely we’ll have to wait up un­til its of­fi­cial re­lease to find out.

To a cer­tain ex­tent, Edge’s VPN fea­ture re­sem­bles Apple’s VPN-like tool for Safari browser called Private Relay. The pre­mium tool, un­veiled a year ago, is still in beta and is only avail­able to iCloud+ sub­scribers. Private Relay is not a VPN per se, but aims to pro­tect pri­vacy much in the same way. It stops com­pa­nies, in­clud­ing Apple it­self, from pin­point­ing your ex­act lo­ca­tion and track­ing your brows­ing his­tory at the same time.

Private Relay routes user re­quests to ac­cess web­sites (the so-called DNS re­quests) through two sep­a­rate in­ter­net “relays” or nodes man­aged by two dif­fer­ent com­pa­nies. The first re­lay that the data passes through is op­er­ated by Apple. Both Apple and your net­work provider are able to see your IP ad­dress, but the re­quest it­self is en­crypted, mean­ing that nei­ther the provider nor Apple can see what ex­actly you want to look up on the in­ter­net. The sec­ond re­lay is owned by a third-party con­tent provider and con­nects you to the site you want to visit. That third-party provider sees the name of the site you open, but not your IP ad­dress, which is re­placed by a ran­dom IP ad­dress within your coun­try.

A VPN built into a browser is not a sub­sti­tute for a full-fledged VPN ser­vice. But de­spite the func­tion­al­ity and traf­fic lim­i­ta­tions of the for­mer (at least in the case of the free Edge VPN) built-in VPNs fur­ther user pri­vacy, which we can com­mend.

It should be noted, how­ever, that many VPN providers, in­clud­ing AdGuard VPN, al­ready of­fer browser ex­ten­sions that of­ten come with more ad­vanced fea­tures than Edge has to of­fer. You can in­stall AdGuard VPN Browser ex­ten­sion, it is avail­able for the most pop­u­lar browsers, in­clud­ing Edge, Firefox, Chrome and Opera.

By vir­tu­ally build­ing a VPN ex­ten­sion into the browser, Microsoft is do­ing noth­ing more than try­ing to pro­mote its VPN. And we find the fact that it is do­ing it this way rather con­cern­ing. In essence, such all-in­clu­sive so­lu­tions leave users with no in­cen­tive to look for other ex­ten­sions, as well as for more ad­vanced and per­haps more se­cure stand­alone VPN apps. It’s true that it might be con­ve­nient for users to stay within one ecosys­tem with­out hav­ing to search for, in­stall, and con­fig­ure a VPN. However, this may not be the most se­cure op­tion.

Also, we must be aware of the risks as­so­ci­ated with us­ing the built-in VPN ser­vices of Microsoft, Apple, and the like. The tools they so gen­er­ously of­fer might pro­tect you from be­ing tracked by your Internet Service Provider (ISP), but there’s no iron­clad guar­an­tee that the tech gi­ants them­selves won’t try to har­vest your data from their prod­ucts.

We’d been work­ing on our Google #Stadia Game Port for a few months; the first time, we had 20+ is­sues to re­solve; two weeks later, Stadia showed us 10 more.

We spent 4-5 months fix­ing every­thing, learn­ing the tech­nol­ogy be­hind it, and prepar­ing our game port.

On September 29th, we had re­paired 100% of our faults and were ready to launch Stadia.

Today I was hus­tling and stay­ing up late in the of­fice to send the last build…

Our build could be the last dis­patched build in Stadia’s his­tory…

We wished to ar­rive at this plat­form.

It’s a re­ally sad day for all Stadia em­ploy­ees, for our­selves, and for users.

We had the op­por­tu­nity to work on a dif­fer­ent game and build some­thing dif­fer­ent for 5 months, but we chose to make a Stadia port and learn all stuff.

We have spent a lot of money time and our nerves dur­ing.

I’m at a loss for words at the mo­ment.

Nobody is to blame.

Stadia’s crew was re­ally help­ful in re­view­ing and de­vel­op­ing our game.

Thank you again to every­one.

It’s a shame our game could­n’t be re­leased…

We lit­er­ally slept for a few hours…

We might record it in our com­pa­ny’s his­tory.

Take care, I try not to cry…

You guys asked about video so I have done in the morn­ing some­thing, it’s not per­fect but I ex­plain more things in the video please check it out:

https://​youtu.be/​Zs9Yy­C6sYOY

Please make sure to visit Your AdSense Page where you can find per­son­al­ized in­for­ma­tion about your ac­count to help you suc­ceed with AdSense.

A group of House Democrats has un­veiled a new bill that aims to put lim­its on the use of fa­cial recog­ni­tion tech­nolo­gies by law en­force­ment agen­cies across the United States.

Dubbed the Facial Recognition Act, the bill would com­pel law en­force­ment to ob­tain a judge-au­tho­rized war­rant be­fore us­ing fa­cial recog­ni­tion. By adding the war­rant re­quire­ment, law en­force­ment would first have to show a court it has prob­a­ble cause that a per­son has com­mit­ted a se­ri­ous crime, rather than al­low­ing largely un­re­stricted use of fa­cial recog­ni­tion un­der the ex­ist­ing le­gal regime.

The bill also puts other lim­its on what law en­force­ment can use fa­cial recog­ni­tion for, such as im­mi­gra­tion en­force­ment or peace­ful protests, or us­ing a fa­cial recog­ni­tion match as the sole ba­sis for es­tab­lish­ing prob­a­ble cause for some­one’s ar­rest.

If passed, the bill would also re­quire law en­force­ment to an­nu­ally test and au­dit their fa­cial recog­ni­tion sys­tems, and pro­vide de­tailed re­ports of how fa­cial recog­ni­tion sys­tems are used in pros­e­cu­tions. It would also re­quire po­lice de­part­ments and agen­cies to purge data­bases of pho­tos of chil­dren who were sub­se­quently re­leased with­out charge, whose charges were dis­missed or were ac­quit­ted.

Facial recog­ni­tion largely refers to a range of tech­nolo­gies that al­low law en­force­ment, fed­eral agen­cies and pri­vate and com­mer­cial cus­tomers to track peo­ple us­ing a snap­shot or photo of their faces. The use of fa­cial recog­ni­tion has grown in re­cent years, de­spite fears that the tech­nol­ogy is flawed, dis­pro­por­tion­ately misiden­ti­fies peo­ple of color (which has led to wrong­ful ar­rests) and harms civil lib­er­ties, but is still de­ployed against pro­test­ers, for in­ves­ti­gat­ing mi­nor crimes and used to jus­tify ar­rests of in­di­vid­u­als from a sin­gle face match.

Some cities, states and po­lice de­part­ments have lim­ited their use of fa­cial recog­ni­tion in re­cent years. San Francisco be­came the first city to ban the use of fa­cial recog­ni­tion by its own agen­cies, and Maine and Massachusetts have both passed laws curb­ing their pow­ers — though all have carved out ex­emp­tions of vary­ing de­grees for law en­force­ment or pros­e­cu­to­r­ial pur­poses.

But the cur­rent patch­work of laws across the U. S. still leaves hun­dreds of mil­lions of cit­i­zens with­out any pro­tec­tions at all.

“Protecting the pri­vacy of Americans — es­pe­cially against a flawed, un­reg­u­lated, and at times dis­crim­i­na­tory tech­nol­ogy — is my chief goal with this leg­is­la­tion,” said Rep. Ted Lieu (D-CA, 33rd District) in a state­ment an­nounc­ing the bill along­side col­leagues Sheila Jackson Lee (D-TX, 18th District), Yvette Clarke (D-NY, 9th District) and Jimmy Gomez (D-CA, 34th District).

“Our bill is a work­able so­lu­tion that lim­its law en­force­ment use of [facial recog­ni­tion tech­nol­ogy] to sit­u­a­tions where a war­rant is ob­tained show­ing prob­a­ble cause that an in­di­vid­ual com­mit­ted a se­ri­ous vi­o­lent felony,” Lieu added.

Gomez, who was one of 28 mem­bers of Congress misiden­ti­fied as crim­i­nals in a mugshot data­base by Amazon’s fa­cial recog­ni­tion soft­ware in 2018, said that there is “no doubt that, left unchecked, the racial and gen­der bi­ases which ex­ist in FRT will en­dan­ger mil­lions of Americans across our coun­try and in par­tic­u­lar, com­mu­ni­ties of color.”

The bill has so far re­ceived glow­ing sup­port from pri­vacy ad­vo­cates, rights groups and law en­force­ment-ad­ja­cent groups and or­ga­ni­za­tions alike. Woodrow Hartzog, a law pro­fes­sor at Boston University, praised the bill for strength­en­ing base­line rules and pro­tec­tions across the U. S. “without pre­empt­ing more strin­gent lim­i­ta­tions else­where.”

Skip to main con­tent

GamesRadar+ is sup­ported by its au­di­ence. When you pur­chase through links on our site, we may earn an af­fil­i­ate com­mis­sion. Here’s why you can trust us.

Red Dead Redemption 2 fan with nearly 6,000 hours on Stadia begs Rockstar for char­ac­ter trans­fer

A Red Dead Redemption player with al­most 6,000 hours logged on Google Stadia is beg­ging Rockstar to al­low char­ac­ter trans­fers af­ter the news of the ser­vice’s clo­sure. YouTuber @ItsColourTV (opens in new tab) took to Twitter shortly af­ter the news that Google Stadia is shut­ting down broke out yes­ter­day. “No, you don’t un­der­stand how se­ri­ously pissed off I am,” the tweet read, along­side a screen­shot that shows that they’ve put 5,907 hours into Red Dead Redemption on Google’s gam­ing ser­vice. No you don’t un­der­stand how se­ri­ously pissed off I am pic.twit­ter.com/​UZ157WLm­ruSep­tem­ber 29, 2022″For con­text: these hours are on Google Stadia and to­day Google an­nounced they’ll be shut­ting down the plat­form,” a fol­low-up tweet (opens in new tab) reads, “@RockstarGames please let us do a one-time char­ac­ter trans­fer I am beg­ging you.” If you aren’t aware, once Google shuts down its Stadia ser­vice on January 18, 2023, ItsColourTV’s progress will all be erased from ex­is­tence, mean­ing they’ll need to start a new save file on an­other plat­form - with all 5,907 hours (approximately 246 days) go­ing to waste. It seems that fel­low Red Dead Redemption play­ers felt sym­pa­thetic to­wards ItsColourTV, with many re­ply­ing to the tweet with sug­ges­tions as to how to save this play­er’s save. One sug­gested (opens in new tab) that ItsColourTV use Google Takeout - a data down­load­ing ser­vice - to trans­fer their file to PC, to which they replied: “I don’t play story mode.” Rockstar, if you’re read­ing this, do our guy a fa­vor and let them trans­fer their char­ac­ter just this once.If you’re also about to lose your Stadia save data, why not take a look at our games like Red Dead Redemption list for in­spi­ra­tion on what game to move on to.

After study­ing Film Studies and Creative Writing at uni­ver­sity, I was lucky enough to land a job as an in­tern at Player Two PR where I helped to re­lease a num­ber of in­die ti­tles. I then got even luck­ier when I be­came a Trainee News Writer at GamesRadar+ be­fore be­ing pro­moted to a fully-fledged News Writer af­ter a year and a half of train­ing.  My ex­per­tise lies in Animal Crossing: New Horizons, cozy in­dies, and The Last of Us, but es­pe­cially in the Kingdom Hearts se­ries. I’m also known to write about the odd Korean drama for the Entertainment team every now and then.

Get the best gam­ing deals, re­views, prod­uct ad­vice, com­pe­ti­tions, un­miss­able gam­ing news and more!

Contact me with news and of­fers from other Future brands

Thank you for sign­ing up to GamesRadar+. You will re­ceive a ver­i­fi­ca­tion email shortly.

There was a prob­lem. Please re­fresh the page and try again.

By sub­mit­ting your in­for­ma­tion you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

New games for 2022 and be­yond to add to your wish­list now

SteelSeries Qck gam­ing mouse pad re­view: “The best mouse pad on the mar­ket right now”FIFA 23 re­view: “Legacy headaches hurt, but the se­ries still bows out on a high”Log­itech G Pro X Superlight re­view: “great for play­ers look­ing for that up­per hand”Em­pire of Light re­view: “Sam Mendes’ el­e­gant homage to the movies”Blonde re­view: “Ana de Armas is lu­mi­nous in a kalei­do­scopic study of Marilyn Monroe”Dreamin’ Wild re­view: “Musical biopic drifts just when you’d ex­pect it to sing”The Lord of the Rings: The Rings of Power episode 6 re­view: “Changes the face of Middle-earth”Andor episode 4 re­view: “Improves on one of Star Wars’ biggest mis­steps”House of the Dragon episode 6 re­view: “Impatiently de­vours its source ma­te­r­ial”

Sign up

Search and run nvim-qt.exe or run nvim.exe on your CLI of choice.

Run chmod u+x nvim.ap­pim­age && ./nvim.appimage

If your sys­tem does not have FUSE you can ex­tract the ap­pim­age:

high­light: Error on in­valid names and al­low ‘.’ and ‘@’

treesit­ter: Do not merge queries by de­fault (#20105)

de­faults: Search se­lec­tion by * and # in vi­sual mode (#18538)

lsp: Allow pass­ing cus­tom list han­dler to LSP func­tions that re­turn lists (#19213)

lua: Allow some vim script func­tions to run in fast call­backs

lua: Allow vim.cmd to be in­dexed (#19238)

lua: Vim.ui_attach to get ui events from lua (EXPERIMENTAL)

map­pings: Do not re­place ex­ist­ing map­ping for sim­pli­fied form

map­pings: Allow spe­cial keys and mod­i­fiers in map­ping

tui: Allow grid and host to dis­agree on am­bigu­ous-width chars (#19686)

ui: Allow to set the high­light name­space per win­dow

eval: Make Lua Funcref work as method and in sub­sti­tute() (#20217)

eval: Input() sup­port any type for “cancelreturn” in a dict (#19357)

Show au­tocmd out­put when F is in short­mess (#18251)

Remote UI may get in­valid ‘pumblend’ value #19379

api: Check for in­clu­sive buffer line in­dex out of bounds cor­rectly (#19056)

api: Change de­fault value of ‘pattern’ in nvim_ex­ec_au­tocmds (#19115)

api: Do not switch win/​buf if get­ting op­tion in cur­rent win/​buf (#19383)

api: Nvim_set_hl bail out on in­valid group name (#20021)

api/​com­mand: Fargs be­hav­ior when no ar­gu­ments are passed (#19862)

cmd­line: Do not trig­ger com­ple­tion at wrong time (#19920)

ex­mode: Do not throt­tle mes­sages when press­ing en­ter to print line

high­light: Use ctermbg/​fg in­stead of bg/​fg when use_rgb=false #18982

hl: Return cterm fg/​bg even if they match Normal #18981

in­c­com­mand: Do not try to pre­view an am­bigu­ous com­mand (#18827)

in­c­com­mand: Clear cmd­pre­view state if pre­view is not shown (#18923)

in­c­com­mand: Skip split win­dow if not enough room #18937

in­c­com­mand: Parse the com­mand to check if it is pre­view­able

in­put: Allow Ctrl-C to in­ter­rupt a re­cur­sive map­ping even if mapped (#18885)

in­put: Use cor­rect grid when restor­ing cur­sor for map­ping (#19047)

in­put: Do no rein­ter­pret mouse keys with ALT mod­i­fiers

in­put: Use click num­ber of last click for mouse drag (#20300)

key­word­prg: Default to :help if set to empty string (#19983)

log­ging: Try harder to re­solve Nvim “name” #19016

lsp: Only send di­ag­nos­tics from cur­rent buffer in code_ac­tion() (#18639)

lsp: Abort pend­ing changes af­ter flush when de­bounc­ing (#19314)

lsp: Don’t at­tach a client in lsp.start() if there is none (#19328)

lsp: Send di­dOpen if name changes on write (#19583)

lsp: Out of bounds er­ror in lsp.util.ap­ply_­tex­t_ed­its (#20137)

lsp: Use cor­rect func­tion name in dep­re­cated mes­sage (#20308)

lua: Highlight.on_yank can close timer in twice #18976

lua: Make it pos­si­ble to can­cel vim.wait() with Ctrl-C (#19217)

mac: Use same $LANG fall­back mech­a­nism as Vim

man.vim: Q in “$MANPAGER mode” does not quit #18443

mark: Give cor­rect er­ror mes­sage when mark is in an­other buffer (#19454)

menu: Make :menu still print header when there are no menus

mes­sages: Do not crash on cmd­height=0 and g< re­dis­play

mpack: Make sure a bool al­ways is a bool

pum: Make right drag in an­chor grid to se­lect work in multi­grid UI (#19382)

re­draw: Handle switch­ing to a tab­page with larger p_ch value

screen: Check for col in­stead of vcol when draw­ing fold (#19572)

startup: Nvim with –clean should not load user rplu­g­ins

ter­mi­nal: Do not trim white­space that is ac­tu­ally in the ter­mi­nal (#16423)

ter­mi­nal: Avoid read­ing over the end of cell.chars (#19580)

ter­mopen: Avoid am­bi­gu­ity in URI when CWD is root dir (#16988)

tests: Check for EOF on exit of nvim prop­erly

tests: Indicate in test logs when nvim exit times out

treesit­ter: Create new parser if lan­guage is not the same as cached parser (#18149)

treesit­ter: Don’t er­ror when node ar­gu­ment of pred­i­cate is nil (#19355)

treesit­ter: Do not link @error by de­fault

treesit­ter: Use the right load­ing or­der for base queries (#20117)

ui: Require win­dow-lo­cal value to show win­bar on float­ing win­dows (#18773)

ui: Do not call show­mode() when set­ting win­dow height (#18969)

ui: Allow re­draw­ing sta­tusline when ms­gsep is used (#20337)

ui: Redraw end of buffer if last line is mod­i­fied (#20354)

user­cmd: Also check for white­space af­ter es­caped char­ac­ter (#19942)

win­dow: Close floats first when clos­ing buffer in other tab (#20284)

winhl: Do not crash when un­set­ting winhl in just opened win­dow

Add for­mat­ting tar­gets for c and lua files (#19488)

cmake: Simplify and speed up the unin­stall tar­get

cmake: Use glob_wrap­per in­stead of file(GLOB in main CMakeLists

Only re­draw for CurSearch when it is cur­rently in use

high­light: Allocate per­ma­nent names in an arena for fun and cache lo­cal­ity

map: Visit only one hash bucket in­stead of all, like an ac­tual hash table

mem­ory: Use an arena for RPC de­cod­ing and some API re­turn val­ues

mes­sages: Don’t call ui_flush() per mes­sage line in var­i­ous places

Change type of linen­r_T from long to in­t32_t

Rename func­tion pre­fix mb to the more ac­cu­rate ut­f_cp (#19590)

api: Use a hashy hash for look­ing up api method and event names

api: Use a un­packer based on libm­pack in­stead of ms­g­pack-c

cmd: Hoist out some code into func­tions

eval: Use Hashy McHashFace in­stead of gperf

file­type: Allow vim.file­type.match to ac­cept buf and file­name (#19114)

lsp: Make the use of lo­cal aliases more con­sis­tent

un­crus­tify: Format all c code un­der /src/nvim/

You can’t per­form that ac­tion at this time.

You signed in with an­other tab or win­dow. Reload to re­fresh your ses­sion.

You signed out in an­other tab or win­dow. Reload to re­fresh your ses­sion.

The Command key (sometimes ab­bre­vi­ated as Cmd key), ⌘, for­merly also known as the Apple key or open Apple key, is a mod­i­fier key pre­sent on Apple key­boards. The Command key’s pur­pose is to al­low the user to en­ter key­board com­mands in ap­pli­ca­tions and in the sys­tem. An “extended” Macintosh key­board—the most com­mon type—has two com­mand keys, one on each side of the space bar; some com­pact key­boards have one only on the left.

The ⌘ sym­bol (the “looped square”) was cho­sen by Susan Kare af­ter Steve Jobs de­cided that the use of the Apple logo in the menu sys­tem (where the key­board short­cuts are dis­played) would be an over-use of the logo. Apple’s adap­ta­tion of the sym­bol—en­coded in Unicode at U+2318—was de­rived in part from its use in Nordic coun­tries as an in­di­ca­tor of cul­tural lo­ca­tions and places of in­ter­est.[1] The sym­bol is known by var­i­ous other names, in­clud­ing “Saint John’s Arms” and “Bowen knot”.

Apple’s com­put­ers up through the 1979 Apple II Plus did not have a com­mand key. The first model on which it ap­peared was the 1980 Apple III, where there are two mono­chrome Apple keys, both to the left of the space bar on the low­est row of the key­board. Two other early Apple com­put­ers, the 1982 Apple IIe and the 1984 Apple IIc, also had two such keys, one to the left and one to the right of the space bar; in these mod­els, they mapped to the first two fire but­tons of an at­tached joy­stick. This al­lowed for flex­i­ble com­bi­na­tions of a mod­i­fier key and base key (such as Open-Apple with C for Copy) with just a few ex­tra wires and no ROM changes, since the Apple II could only reg­is­ter one key press at a time (Shift and Control keys were han­dled in the key­board en­cod­ing hard­ware which gen­er­ated ASCII codes). In all these cases, the left Apple key had an out­lined “open” Apple logo, and the one on the right had an opaque, “closed” or “solid” Apple logo key. The Apple Lisa had only the closed Apple logo.

When the Macintosh was in­tro­duced in 1984, the key­board had a sin­gle com­mand key with a looped square sym­bol (⌘, U+2318), be­cause Steve Jobs said that show­ing the Apple logo through­out the menus as a key­board short­cut was “taking [it] in vain”.[2] Thus, the ⌘ sym­bol ap­pears in the Macintosh menus as the pri­mary mod­i­fier key sym­bol. The orig­i­nal Macintosh also had an Option key, which was used pri­mar­ily for en­ter­ing ex­tended char­ac­ters.

In 1986, the Apple II was in­tro­duced. Like the newer Macintosh com­put­ers to come, such as the Macintosh SE, it used the Apple Desktop Bus for its key­board and mouse. However, it was still an Apple II. Apple changed the keys on the II’s key­board to Command and Option, as on Mac key­boards, but added an open-Ap­ple to the Command key, for con­sis­tency with ap­pli­ca­tions for pre­vi­ous Apple II gen­er­a­tions. (The Option key did not have a closed-Ap­ple, prob­a­bly be­cause Apple II ap­pli­ca­tions used the closed-Ap­ple key much more rarely than the open-Ap­ple key; thus there was less need to keep it around.) Because any ADB key­board could be used with the II, all of Apple’s ADB key­boards—even those in­tended for the Mac—also re­quired the open-Ap­ple, and it stuck for more than twenty years, caus­ing con­fu­sion long af­ter the Apple II se­ries went out of pro­duc­tion.

The Apple sym­bol was re­moved in the key­board’s 2007 re­design, mak­ing room for the key’s name to ap­pear—the word “command” is now printed on the key. [3]

On the key­board of the NeXT Computer that key was marked in green. The menus were not marked with a sym­bol de­not­ing the com­mand key.

Besides be­ing used as a mod­i­fier key for key­board short­cuts it was also used to al­ter the func­tion of some keys. + tog­gles al­pha lock, + sends Enter and + tog­gles Mute.[4]

The func­tions were printed in green on the front side of the mod­i­fied keys. This was also done on the Z, X, C and V keys (Undo, Cut, Copy and Paste).

On the NeXT ADB key­board, the Command keys were re­placed by keys la­beled and the Command key mor­phed into a wide Command bar in front of the space bar.[5]

The pur­pose of the Command key is to al­low the user to en­ter key­board short­cuts in ap­pli­ca­tions and in the sys­tem. The Macintosh Human Interface Guidelines have al­ways rec­om­mended that de­vel­op­ers use the Command key (and not the Control or Option keys) for this pur­pose. A small set of key­board com­mands (such as cut and paste, open and save) are stan­dard across nearly all ap­pli­ca­tions, and many other com­mands are stan­dard­ized (Find, Show Fonts). If an ap­pli­ca­tion needs more short­cuts than can be ob­tained with the twenty-six let­ters of the Latin al­pha­bet, dou­ble mod­i­fiers such as Command+Option are used.

One ad­van­tage of this scheme, as con­trasted with the Microsoft Windows mixed use of the Control and Alt keys, is that the Control key is avail­able for its orig­i­nal pur­pose: en­ter­ing con­trol char­ac­ters in ter­mi­nal ap­pli­ca­tions. (Indeed, the very first Macintosh lacked a Control key; it was soon added to al­low com­pat­i­ble ter­mi­nal soft­ware.)

The Macintosh key­board’s other un­usual mod­i­fier key, the Option key, serves as a mod­i­fier both for en­ter­ing key­board short­cuts and for typ­ing text—it is used to en­ter for­eign char­ac­ters, ty­po­graph­i­cal sym­bols, and other spe­cial char­ac­ters.

The ⌘ sym­bol came into the Macintosh pro­ject at a late stage. The de­vel­op­ment team orig­i­nally went for their old Apple key, but Steve Jobs found it frus­trat­ing when “apples” filled up the Mac’s menus next to the key com­mands, be­cause he felt that this was an over-use of the com­pany logo.[2] He then opted for a dif­fer­ent key sym­bol. With only a few days left be­fore dead­line, the team’s bitmap artist Susan Kare started re­search­ing for the Apple lo­go’s suc­ces­sor. She was brows­ing through a sym­bol dic­tio­nary when she came across the clover­leaf-like sym­bol, com­monly used in Nordic coun­tries as an in­di­ca­tor of cul­tural lo­ca­tions and places of in­ter­est[1][6] (it is the of­fi­cial road sign for tourist at­trac­tion in Denmark, Finland,[7] Iceland,[8] Norway,[9] and Sweden,[10] and the com­puter key has of­ten been called Fornminne—ancient mon­u­ment—by Swedish Mac users[11] and Seværdighedstegn—landmark signs—by Danish users). When she showed it to the rest of the team, every­one liked it, and so it be­came the sym­bol of the 1984 Macintosh com­mand key.[12][6] Susan Kare states that she has since been told that the sym­bol was picked for its Scandinavian us­age due to its re­sem­bling the shape of a square cas­tle with round cor­ner tow­ers as seen from above look­ing down, no­tably Borgholm Castle.[6] However, the sym­bol is used in many places in Scandinavian his­tory, for ex­am­ple on a 5th cen­tury pic­ture stone from Gotland,[13] and first us­age of the shape as a sign for a place of in­ter­est was sug­gested by the Finnish Local Heritage Federation in the 1950s.[14]

The sym­bol was in­cluded in the orig­i­nal Macintosh font Chicago, and could be in­serted by typ­ing a + key com­bi­na­tion.[15]

In Unicode and HTML it is en­coded as ⌘ PLACE OF INTEREST SIGN.[16][17][18]

On USB key­boards, the keys are mapped to stan­dard key­codes re­served for GUI func­tions.[19]

When us­ing a Macintosh com­puter with a key­board with­out keys, the keys used on Microsoft Windows ori­ented key­boards, or the keys used on Sun and other Unix key­boards, can be used in place of the Command keys.[20] Conversely, when an Apple USB key­board is used with other op­er­at­ing sys­tems, the Command keys func­tion as Windows keys or Meta keys.

On a Windows key­board the po­si­tion of the and keys are swapped com­pared to the po­si­tion of and keys on an Apple key­board. In ma­cOS this can be con­fig­ured in the key­board pref­er­ences (Modifier Keys …[21]) so that the Windows key (next to the space bar) be­comes the Mac key and vice versa so that users do not have to change their mo­tor learn­ing. All the mod­i­fier keys, along with the , can be remapped to whichever mod­i­fier key func­tion the user wishes, so users of tra­di­tional Unix style key­boards may choose to use the key as a key or other mod­i­fier.

The fol­low­ing sub­scrip­tion-only con­tent has been made avail­able to you by an LWN sub­scriber. Thousands of sub­scribers de­pend on LWN for the best news from the Linux and free soft­ware com­mu­ni­ties. If you en­joy this ar­ti­cle, please con­sider sub­scrib­ing to LWN. Thank you for vis­it­ing LWN.net!

When the ker­nel is run­ning, it has ac­cess to its en­tire ad­dress space — usu­ally in­clud­ing all of phys­i­cal mem­ory — even if only a small por­tion of that ad­dress space is ac­tu­ally needed. That in­creases the ker­nel’s vul­ner­a­bil­ity to spec­u­la­tive at­tacks. An ad­dress-space

iso­la­tion patch set aim­ing to change this sit­u­a­tion has been cir­cu­lat­ing for a few years, but has never been se­ri­ously con­sid­ered for merg­ing into the main­line. At the 2022 Linux

Plumbers Conference, Ofir Weisse sought to con­vince the de­vel­op­ment com­mu­nity to re­con­sider ad­dress-space iso­la­tion.

Weisse be­gan by point­ing out that there seems to be a steady sup­ply of new spec­u­la­tive-ex­e­cu­tion at­tacks that need to be mit­i­gated; “Retbleed” is just one of the lat­est ex­am­ples. The per­for­mance costs of mit­i­ga­tions for these vul­ner­a­bil­i­ties can be high, to the point that a lot of com­pa­nies are sim­ply not us­ing them. The cost is also high in terms of de­vel­op­ment time, with each new vari­ant re­quir­ing months of work to ad­dress.

Address-space iso­la­tion (ASI) is the tech­nique of un­map­ping mem­ory that is not im­me­di­ately needed, mak­ing it in­ac­ces­si­ble to the cur­rent run­ning con­text. Speculative-execution at­tacks can­not tar­get mem­ory that is not mapped, so the con­tents of un­mapped mem­ory can no longer be ex­fil­trated via such an at­tack. One ex­am­ple of ASI is ker­nel page-table iso­la­tion, which was adopted in re­sponse to the Meltdown vul­ner­a­bil­ity. There have been nu­mer­ous pro­pos­als for us­ing ASI in other con­texts in re­cent years, but none have been merged. The spe­cific pro­posal un­der dis­cus­sion in this ses­sion is meant to pro­tect hosts against hos­tile vir­tual ma­chines.

Wider use of ASI in the ker­nel would elim­i­nate much of the work of mit­i­gat­ing spec­u­la­tive vul­ner­a­bil­i­ties, Weisse said. It would re­duce the task of ad­dress­ing a new vul­ner­a­bil­ity to “three-to-ten lines of code by a sin­gle en­gi­neer” with no new per­for­mance im­pact. The “new” in that claim is im­por­tant, though; the ASI patch set it­self has a per­for­mance im­pact of 2-14%, de­pend­ing on which bench­mark is run. There is room for im­prove­ment in those num­bers, though, he said.

The patch set (which is de­scribed in more de­tail in this ar­ti­cle) is “a bit­ter pill” to swal­low, he con­tin­ued. It is large and re­quires sig­nif­i­cant changes to the mem­ory-man­age­ment sub­sys­tem and to many calls to al­lo­ca­tion func­tions like

. In short, ASI de­pends on the mark­ing “sensitive” parts of mem­ory that should be shielded from spec­u­la­tive-ex­e­cu­tion at­tacks; those are the por­tions that are un­mapped when the iso­la­tion is in ef­fect. That means new GFP flags for mem­ory al­lo­ca­tions, sim­i­lar flags for slab cre­ation and , and new an­no­ta­tions for lo­cal and global vari­ables. Doing a com­plete job would re­quire check­ing each al­lo­ca­tion and de­c­la­ra­tion site and de­ter­min­ing whether the mem­ory in­volved is sen­si­tive or not.

When the ker­nel hands con­trol to a vir­tual ma­chine, it first calls

to un­map all of the mem­ory that has been marked as be­ing sen­si­tive, mak­ing that mem­ory in­ac­ces­si­ble to spec­u­la­tive at­tacks. When that vir­tual ma­chine ex­its back into the host ker­nel, that mem­ory will ini­tially re­main un­mapped while the host ker­nel processes the re­quest from the vir­tual ma­chine. Many of the rea­sons for a vir­tual-ma­chine exit can be han­dled with­out ac­cess to the sen­si­tive mem­ory, he said. In such cases, the re­quest will be han­dled and con­trol will re­turn to the vir­tual ma­chine with­out ever map­ping the sen­si­tive mem­ory.

Sometimes, though, there will be a need to ac­cess sen­si­tive mem­ory. An im­por­tant ob­ser­va­tion here, Weisse said, is that spec­u­la­tive ex­e­cu­tion will never cause a page fault. So, if the ker­nel faults while try­ing to do some­thing with sen­si­tive mem­ory, the ac­cess is known to not be spec­u­la­tive; the ker­nel re­sponds by map­ping the sen­si­tive ranges and con­tin­u­ing ex­e­cu­tion. If si­mul­ta­ne­ous multi-thread­ing (SMT) is in use, any sib­ling CPUs will be “stunned” (forced idle) be­fore map­ping that mem­ory as an ad­di­tional de­fense. On re­turn to the vir­tual ma­chine, that mem­ory will be un­mapped again and sib­ling CPUs will be re­sumed.

The key to mak­ing this mech­a­nism work well is de­ter­min­ing which mem­ory should be clas­si­fied as be­ing sen­si­tive. Increasing the num­ber of re­quests that can be han­dled with­out map­ping sen­si­tive mem­ory will im­prove both per­for­mance and se­cu­rity. This is be­ing done by run­ning var­i­ous work­loads of in­ter­est and look­ing that the per­cent­age of vir­tual-ma­chine exit events that re­quire map­ping sen­si­tive mem­ory; ide­ally it should be low. In cases where it is not, the task is to look at the mem­ory that is be­ing ac­cessed and de­ter­mine whether it is sen­si­tive or not. In the lat­ter case, the al­lo­ca­tion site can be changed to mark the mem­ory ac­cord­ingly.

Weisse con­cluded by say­ing that ASI could make it eas­ier to ad­dress the spec­u­la­tive-ex­e­cu­tion vul­ner­a­bil­i­ties that are sure to come in the fu­ture with a per­for­mance cost that is far less than that im­posed by cur­rent mit­i­ga­tions. The de­vel­op­ment com­mu­nity should, he said, re­con­sider swal­low­ing the bit­ter pill.

Dave Hansen asked whether ASI could be ex­tended to work more gen­er­ally on bare-metal sys­tems, rather than be­ing spe­cific to the KVM in­ter­face. Weisse an­swered that it should be pos­si­ble, but that there would be a lot more work in­volved to get to that point.

Christian Brauner asked why the patch set had been re­jected in the past. Junaid Shahid, who posted the most re­cent ver­sion of this work, said that there has­n’t been any real op­po­si­tion to the idea, but nei­ther has there been much in­ter­est in get­ting it merged. Hansen said that he did­n’t like it be­cause it is a large amount of code for a fairly nar­row use case; it does­n’t ad­dress the sys­tem-call path at all. The need to de­ter­mine the sen­si­tiv­ity of mem­ory would im­pose a large main­te­nance bur­den in every cor­ner of the ker­nel, he added.

The ses­sion came to a close with­out any real con­clu­sions on the fu­ture of this work. Unless a wave of en­thu­si­asm for ASI ma­te­ri­al­izes from some di­rec­tion, it seems likely to lan­guish out­side of the main­line in­def­i­nitely. The pill, it seems, re­mains too bit­ter for most de­vel­op­ers.

[Thanks to LWN sub­scribers for sup­port­ing my travel to this event.]

(Log in to post com­ments)