Language Selection

English French German Italian Portuguese Spanish

Mac

Apple of 2019 is the Linux of 2000

Filed under
GNU
Linux
Mac

Last week the laptop I use for macOS development said that there is an XCode update available. I tried to install it but it said that there is not enough free space available to run the installer. So I deleted a bunch of files and tried again. Still the same complaint. Then I deleted some unused VM images. Those would free a few dozen gigabytes, so it should make things work. I even emptied the trash can to make sure nothing lingered around. But even this did not help, I still got the same complaint.

At this point it was time to get serious and launch the terminal. And, true enough, according to df the disk had only 8 gigabytes of free space even though I had just deleted over 40 gigabytes of files from it (using rm, not the GUI, so things really should have been gone). A lot of googling and poking later I discovered that all the deleted files had gone to "reserved space" on the file system. There was no way to access those files or delete them. According to documentation the operating system would delete those files "on demand as more space is needed". This was not very comforting because the system most definitely was not doing that and you'd think that Apple's own software would get this right.

After a ton more googling I managed to find a chat buried somewhere deep in Reddit which listed the magical indentation that purges reserved space. It consisted of running tmutil from the command line and giving it a bunch of command line arguments that did not seem to make sense or have any correlation to the thing that I wanted to do. But it did work and eventually I got XCode updated.

After my blood pressure dropped to healthier levels I got the strangest feeling of déjà vu. This felt exactly like using Linux in the early 2000s. Things break at random for reasons you can't understand and the only way to fix it is to find terminal commands from discussion forums, type them in and hope for the best. Then it hit me.

Read more

Critical Security Issue identified in iTerm2 as part of Mozilla Open Source Audit

Filed under
Mac
Moz/FF
Security

A security audit funded by the Mozilla Open Source Support Program (MOSS) has discovered a critical security vulnerability in the widely used macOS terminal emulator iTerm2. After finding the vulnerability, Mozilla, Radically Open Security (ROS, the firm that conducted the audit), and iTerm2’s developer George Nachman worked closely together to develop and release a patch to ensure users were no longer subject to this security threat. All users of iTerm2 should update immediately to the latest version (3.3.6) which has been published concurrent with this blog post.

Founded in 2015, MOSS broadens access, increases security, and empowers users by providing catalytic support to open source technologists. Track III of MOSS — created in the wake of the 2014 Heartbleed vulnerability — supports security audits for widely used open source technologies like iTerm2. Mozilla is an open source company, and the funding MOSS provides is one of the key ways that we continue to ensure the open source ecosystem is healthy and secure.

iTerm2 is one of the most popular terminal emulators in the world, and frequently used by developers. MOSS selected iTerm2 for a security audit because it processes untrusted data and it is widely used, including by high-risk targets (like developers and system administrators).

Read more

You can now use Apple Music on Linux without any hacks

Filed under
Linux
Mac

Apple Music is now available through a web browser, which means I’m pleased/obligated to report that you can now use the service on Linux!

Users on Ubuntu, Linux Mint and other distros just need to load beta.music.apple.com in a modern web browser (sorry Lynx) and, et voila: the ability to stream Apple Music on Linux.

Read more

Also: Here's How To Easily Use Apple Music From Any Linux Distribution

Proprietary Software Leftovers

Filed under
Microsoft
Software
Mac
Security
  • BuyDRM launches Linux support for DRM

    BuyDRM has announced Linux support for its MultiKey Server, a multi-DRM software platform specifically designed for deployments in remote or limited connectivity environments.

  • Some airlines are banning Apple’s MacBook Pros even if they weren’t recalled

    In June, Apple recalled the 2015 MacBook Pro with Retina Display, sold between September 2015 and February 2017, because the battery “may pose a fire safety risk,” and the FAA soon reminded airlines not to carry those laptops with defective batteries on board. But some airlines are now banning Apple laptops whether they’ve got a bad battery or not, as reported by Bloomberg.

  • More Airlines Ban MacBook Pros in Checked Luggage

    All 15-inch versions of Apple Inc.’s MacBook Pro must be carried in the cabin and switched off, Qantas said in a statement Wednesday. The rule went into effect Tuesday morning. Rival Virgin Australia Holdings Ltd. went further on Aug. 26, banning all Apple laptops from checked-in luggage.

  • Popular PDF app was quietly plonking malware onto Android phones

    The security smart folks note that the app itself doesn't appear to be a malicious one, but rather it contains a trojan that gathers spyware and other malware from a malicious server and then runs in on a victim's phone. This trojan, dubbed Necro.n appears to have been sneaked into the app through the use of a legit-looking advertising library package.

    As such, the developers of the app, which has received some 100 million downloads, might not even realise their software is causing their users a malware headache.

  • [Cracker] Claims He Can ‘Turn Off 25,000 Cars’ At The Push Of A Button

    Your car’s immobilizer is supposed to be used for good. If a crook steals your car, it's possible for you to connect to the immobilizer, which tracks the vehicle and allows you to stop anyone from turning on the engine. But with one particular immobilizer - the U.K.-made SmarTrack tool from Global Telemetrics - an easy-to-hack vulnerability meant it was simple for researchers at Pen Test Partners to turn on the immobilizer permanently, without the customer knowing a thing.

    To prove it was possible, the researchers from British cybersecurity company Pen Test Partners hacked the vehicle of one of their own employees, disabling his car whilst they were in the U.K. and he was in Greece, not long before he was due to head to a wedding.

  • French cyberpolice, Avast and FBI neutralise global 'botnet' [iophk: Windows TCO]

    French police have neutralised a [cracking] operation that had taken control of more than 850,000 computers, mainly in Latin America, while also managing to remove the malware from the infected devices.

    The agents went into action last spring after the Czech antivirus firm Avast alerted them to the software worm, called Retadup, that was being controlled by a server in the Paris region.

  • Putting an end to Retadup: A malicious worm that infected hundreds of thousands [iophk: Windows TCO]

    Retadup is a malicious worm affecting Windows machines throughout Latin America. Its objective is to achieve persistence on its victims’ computers, to spread itself far and wide and to install additional malware payloads on infected machines. In the vast majority of cases, the installed payload is a piece of malware mining cryptocurrency on the malware authors’ behalf. However, in some cases, we have also observed Retadup distributing the Stop ransomware and the Arkei password stealer.

  • Authorities free 850,000 machines from grasp of Retadup worm [iophk: Windows TCO]

    After gaining persistence, Retadup goes on to distribute secondary malware on infected machines. It most commonly delivers a Monero cryptomining program, but also has been observed spreading over malware programs including Stop ransomware and the Arkei password stealer, Avast reports.

    The vast majority of Retadup victims whose infections were neutralized in last month’s crackdown are based in Latin American countries. However, the law enforcement operation itself specifically targeted C2 infrastructure based in France and the U.S.

  • Report finds majority of 2019 ransomware attacks have targeted state and local governments [iophk: Windows TCO]

    The majority of ransomware attacks in the U.S. in 2019 have targeted state and local governments, a report published Wednesday by cybersecurity group Barracuda Networks found.

    The report counted a total of 55 ransomware attacks on U.S. state and local government entities between January and July of 2019. These attacks involve a malicious actor or group encrypting a network and asking for money, often in the form of bitcoin, to allow the user access.

  • Threat Spotlight: Government Ransomware Attacks [iophk: this is disinformation which fails to steer potential victims away from Windows and towards GNU/Linux or one of the BSDs]

    Barracuda researchers have identified more than 50 cities and towns attacked so far this year. The team’s recent analysis of hundreds of attacks across a broad set of targets revealed that government organizations are the intended victims of nearly two-thirds of all ransomware attacks. Local, county, and state governments have all been targets, including schools, libraries, courts, and other entities.

    Here’s a closer look at state and local government ransomware attacks and solutions to help detect, block, and recover from them.

Darling: macOS compatibility for Linux

Filed under
GNU
Linux
Mac

There is an increasingly active development effort, known as Darling, that is aiming to provide a translation layer for macOS software on Linux; it is inspired in part by Wine. While Darling isn't nearly as mature as Wine, contributors are continuing to build out capabilities that could make the project more useful to a wider group of users in the future.

[...]

Darling is licensed under GPLv3 and, according to the project home page, it does not violate Apple's End User License Agreement (EULA) since it only uses the parts of Darwin that have been released as free software. Darwin, however, is licensed under the Apple Public Source License (APSL), which is a free-software license, but is not compatible with the GPL according to the FSF.

Read more

Proprietary: Microsoft, Apple and Google

Filed under
Google
Microsoft
Mac
  • Netherlands warns government employees not to use Microsoft's online Office apps

    In one example, it was found that some 300,000 top tier Office users, with the ‘365 Pro Plus' package were being sent back to the US for storage - exactly the sort of behaviour that got Dutch backs up.

    In a wider sense, this is a small but public battle in a much larger war, with the EU still leaning heavily on Microsoft to put its post-GDPR house in order.

  • The iPhone now makes up less than half of Apple’s business

    Apple today reported its fiscal third quarter 2019 earnings, earning $53.8 billion in revenue and earnings per share of $2.18. That revenue is a 1 percent jump year over year. iPhone revenue was $25.99 billion compared to $29.47 billion a year ago. That means the iPhone represented under half of Apple’s revenue for the first time since 2012.

    The all-important services unit took in $11.46 billion in revenue. Wearables saw a big boost, likely thanks to Apple’s second-generation AirPods. CEO Tim Cook said that when the services and wearables / home / accessories divisions are combined, they approach the size of a Fortune 50 company. Revenue from Mac sales was $5.82 billion, and iPads were $5.023 billion, up from $4.634 billion last year at this time.

  • Apple Finds Life After the iPhone While Still Banking on the iPhone

    Combined, Apple’s two major independent product lines not attached to the iPhone -- Mac computers and iPads -- made up only 20% of revenue in the fiscal third quarter, despite gains from the period a year ago, the Cupertino, California-based company reported Tuesday. Apple’s also working on a mixed augmented and virtual reality headset for the coming years, but that, too, is likely to be iPhone-reliant.

  • Chrome 76 for Mac, Windows rolling out: Flash blocked by default, Incognito loophole closed, Settings tweak

    As a big HTML5 proponent for the past decade, Google encouraged sites to switch away from Flash for faster, safer, and more battery-efficient browsing. In late 2016 and early 2017, Chrome blocked background Flash elements and defaulted to HTML5, with users having to manually enable the Adobe plug-in on a site-by-site basis.

  • Google Chrome 76 Released for Linux, Windows, and Mac with 43 Security Fixes

    Google promoted today the Chrome 76 web browser to the stable channel for all supported platforms, including GNU/Linux, Windows, and macOS.

    Google Chrome 76.0.3809.87 is now available as the latest stable version of the popular and cross-platform web browser from Google, based on the open source Chromium project. It contains various bug fixes and improvements, as well as no less than 43 security fixes for the latest vulnerabilities.

Proprietary Software Insecurity

Filed under
Microsoft
Mac
  • Why recent hacks show Apple’s security strength, not its weakness [Ed: Spinning bug doors as a strength? Apple has its share of liars coming to the rescue of proprietary software (not the first such bug). Moving from Microsoft to Apple "for security" is like swapping vodka for rum to cure one's liver.]

    It might be tempting to follow that line of thinking in light of two recent stories of vulnerabilities affecting the Mac and the Apple Watch. In the first instance, the Zoom video-calling app could be abused to let someone spy on you through your webcam. In the second, a flaw in Apple’s Walkie Talkie app could let a hacker eavesdrop on your iPhone conversations. They’re both troubling security issues.

  • Eavesdropping Concerns Cause Apple Watch’s Walkie-Talkie App to Be Disabled

    Just like any other Internet of things device, it’s important to remember that smartwatches are still devices. And many cool features can also be used for unethical purposes. There is always another side of the coin.

    This is what Apple Watch users found this week when Apple disabled the Walkie-Talkie app when it was discovered that it allowed users to listen in on each other’s iPhone calls without the other person’s knowledge.

  • 250M Accounts Affected By ‘TrickBot’ Trojan’s New Cookie Stealing Ability

    Popular malware TrickBot is back and this time it has learned some new capabilities like stealing cookies. So far, it has infected around 250 million Gmail accounts.

    As per the research firm Deep Instinct, among the affected accounts, some belonging to the governments of the US, the UK, and Canada have also fallen victim to TrickBot.

  • TrickBooster – TrickBot’s Email-Based Infection Module - Deep Instinct

    Seeing a signed malware binary delivered to a customer environment prompted us to investigate further. We analyzed the malware sample and found swaths of PowerShell code in its memory. Analysis of this PowerShell code immediately led us to the conclusion that we are dealing with a mail-bot.

  • A better zip bomb

    This article shows how to construct a non-recursive zip bomb that achieves a high compression ratio by overlapping files inside the zip container. "Non-recursive" means that it does not rely on a decompressor's recursively unpacking zip files nested within zip files: it expands fully after a single round of decompression. The output size increases quadratically in the input size, reaching a compression ratio of over 28 million (10 MB → 281 TB) at the limits of the zip format. Even greater expansion is possible using 64-bit extensions. The construction uses only the most common compression algorithm, DEFLATE, and is compatible with most zip parsers.

Microsoft DRM, Security, and Apple's Combustion Threat

Filed under
Microsoft
Mac
Security
  • You Don't Own What You've Bought: Microsoft's Books 'Will Stop Working'

    The latest in our forever ongoing series, recognizing in the digital age how you often no longer own what you've bought, thanks to DRM and copyright: this week, people with Microsoft ebooks will discover they're dead.

  • Security updates for Tuesday

    Security updates have been issued by Arch Linux (firefox, firefox-developer-edition, libarchive, and vlc), CentOS (firefox, thunderbird, and vim), Debian (firefox-esr, openssl, and python-django), Fedora (glpi and xen), Mageia (thunderbird), openSUSE (ImageMagick, irssi, libheimdal, and phpMyAdmin), Red Hat (libssh2 and qemu-kvm), Scientific Linux (firefox, thunderbird, and vim), SUSE (389-ds, cf-cli, curl, dbus-1, dnsmasq, evolution, glib2, gnutls, graphviz, java-1_8_0-openjdk, and libxslt), and Ubuntu (python-django).

  • Kali Linux in the DigitalOcean Cloud

    DigitalOcean is a cloud provider similar to AWS, Microsoft Azure, Google Cloud Platform, and many others. They offer instances, called “droplets”, with different Linux distributions such as Debian, Ubuntu, FreeBSD, etc. Similar to AWS, DigitalOcean has datacenters around the world and sometimes multiple datacenters in each country.

    However, one feature in particular sets them apart them from their competitors. A little while ago, they added support for custom images, which allows users to import virtual machine disks and use them as droplets. This is perfect for us as we can use our own version of Kali Linux in their cloud.

    While it might be possible to load the official Kali Linux virtual images, it wouldn’t be very efficient. Instead, we’ll build a lightweight Kali installation with the bare minimum to get it working.

  • Cybersecurity Experts Blocked 5 Million Attempted Hacks of IoT Cameras

    Trend Micro cybersecurity experts report that they blocked an astounding five-million hack attempts on IoT cameras. It’s quite frightening to think what may have happened if these experts weren’t hard at work.

  • Public Certificate Poisoning Can Break Some OpenPGP Implementations

    OpenPGP installations can grind to a halt and fail to verify the authenticity of downloaded packages as the keyserver network has been flooded with bogus extra signatures attesting ownership of a certificate.

    Vulnerabilities that allow this type of certificate spamming attack have been known for years and a timely fix or mitigation is nowhere in sight, neither from the keyserver network community nor the OpenPGP Working Group.

  • Report: Apple Discovers MacBook Air Logic Board Issue

                   

                     

    Not all 13-inch MacBook Air with Retina Display units from 2018 are believed to be affected by the logic board issue. The memo reportedly said that only units with certain serial numbers were affected; Apple plans to inform the owners of those devices via email. Affected units can be taken to Apple's retail stores or authorized repair shops until four years after their original purchase date, 9to5Mac said. 
     

                     

    It's not clear why Apple didn't publicly announce the replacement program.  

  •              

  • Apple finds issue w/ logic board in some 2018 MacBook Airs, offers free repair

                   

                     

    Apple has confirmed in an internal document to repair staff that it’s identified an issue with the main logic board in what it says is a “very small number” of MacBook Air models. Apple Stores and authorized repair staff have been informed to replace the main logic board in affected machines at no cost to customers, according to the document obtained by 9to5Mac.  

  •              

  • Apple Recalls 15-Inch MacBook Pro Laptop Computers Due to Fire Hazard

                   

                     

    The batteries in the recalled laptop computers can overheat, posing a fire hazard.  

  •              

  • Apple recalls 432,000 MacBook Pro laptops for fire and burn risks

                   

                     

    Manufactured in China, the recalled computers had a retail price of $2,000 and more, and were sold at Apple and electronics stores nationwide, as well as online, from September 2015 through February 2017.  

  •              

  • 2015 15" MacBook Pro Recall Applies to About 432,000 Units, Apple Received 26 Reports of Batteries Overheating

                   

                     

    Last week, Apple launched a worldwide recall and replacement program for select 2015 15-inch MacBook Pro units, sold primarily between September 2015 and February 2017, due to batteries that "may overheat and pose a fire safety risk." Apple will replace affected batteries free of charge.  

  •                  

  • 'Dangerous' Muslim Brotherhood fatwa app in Apple Store's top 100 downloads

                       

                         

    The Euro Fatwa app, which was launched in April, was created by the European Council for Fatwa and Research, a Dublin private foundation set up by Yusuf Al Qaradawi, spiritual leader of the Muslim Brotherhood.
     

                         

    Touted as a guide to help Muslims adhere to Islam, critics including Germany’s security service, say the app is a radicalisation tool.  

  •                  

  • Jony Ive found Tim Cook's disinterest in design 'dispiriting'

                       

                         

    But more damagingly, the WSJ highlights that Ive was left "dispirited" by Tim Cook, in stark contrast to his close relationship with Steve Jobs. Cook, apparently "showed little interest in the product development process" according to the paper's sources. Ive was also left frustrated by the makeup of Apple's board of directors, which was filled with people with backgrounds outside of Apple's core business (the pun is ours, and very much intended). 
     

                         

    As well as these reports, Ive's own words have come back to haunt the company. Back in 2014, he told The Times he'd leave Apple if it stopped innovating. Awkward.  

Audio With DeaDBeeF, Demise of Apple's "Pod" Empire, New Podcast About Go

Filed under
GNU
Linux
Mac
  • DeaDBeeF 1.8.1 Released! How to Install in Ubuntu 18.04 / Higher

    Deadbeef audio player 1.8.1 was released a few days ago with various bug-fixes and performance improvements for the 1.8 series.

  • Jony Ive ‘dispirited’ by Tim Cook’s lack of interest in product design: WSJ

    The WSJ report follows a similar piece published by Bloomberg last week. Both reports describe an Apple design team, led by Jony Ive, increasingly frustrated by his absence after the launch of the Apple Watch in 2015. They tell the story of a company that once put design at the forefront, progressively being led by operational concerns. Ive’s absence was “straining the cohesion central to product development,” according to the WSJ, causing several key design team members to leave Apple over the last few years.

  • Gabbing About Go | Coder Radio 364

    Mike and Wes burrow into the concurrent world of Go and debate where it makes sense and where it may not.

    Plus gradual typing for Ruby, a new solution for Python packaging, and the real story behind Jony Ive’s exit.

Darling Still Has A Goal Of Running macOS Apps On Linux

Filed under
GNU
Linux
Mac

Darling is the open-source project we first covered back in 2012 that aimed to be able to run macOS software (binaries) on Linux. It's what Wine is to running Windows programs on Linux but rather to be able to handle Apple/Mac software. While we haven't heard much from the project recently, they still are pursuing their goal.

Over the years Darling has made some project on handling Mac binaries on Linux albeit times that the project seemed on hiatus without any development work. The last time we covered Darling on Phoronix was in November of 2017 when they were still aiming for macOS apps on Linux.

Read more

Direct: Darling Progress Report Q1 2019

Syndicate content

More in Tux Machines

Canonical Outs New Linux Kernel Security Update for Ubuntu 18.04 and 16.04 LTS

Affecting both the Linux 4.15 kernel used in Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04.6 LTS (Xenial Xerus) systems, the new security patch fixed an improperly implemented Spectre mitigation in the ptrace susbsystem (CVE-2019-15902), which could allow a local attacker to expose sensitive information. It also addresses a buffer overread (CVE-2019-15918) discovered that the SMB networking file system implementation, which could allow an attacker to expose sensitive information (kernel memory), two flaws (CVE-2019-15117 and CVE-2019-15118) discovered in the USB audio driver that may allow a physically proximate attacker to crash the system, and a flaw (CVE-2019-14821) in the KVM hypervisor implementation that let a local attacker to crash the system. Read more

Leftovers: MX-19, Versalogic and Security

  • MX-19 “patito feo” released!

    We are pleased to offer MX-19 for your use. As usual, this iso includes the latest updates from debian 10.1 (buster), antiX and MX repos.

  • Compact Apollo Lake SBC aims sky high

    Versalogic’s Linux-ready, sandwich-style “Harrier” SBC has an Apollo Lake processor and a compact 95 x 55mm footprint, ECC RAM support, and ruggedization features designed for high altitude UAVs. Versalogic announced a Harrier SBC due in Q1 2020 that revises the compact, COM-and-carrier design of its three-year-old, Intel Bay Trail based Osprey, but advances to the newer Intel Apollo Lake. The Osprey is similarly bereft of real-world ports to enable easier real-world deployments in constrained environments.

  • Security updates for Tuesday

    Security updates have been issued by CentOS (jss and kernel), Debian (libpcap, openjdk-8, and tcpdump), Fedora (java-11-openjdk), openSUSE (libreoffice), Oracle (java-1.7.0-openjdk), Red Hat (java-1.7.0-openjdk, python, and wget), Scientific Linux (java-1.7.0-openjdk), SUSE (ceph, ceph-iscsi, ses-manual_en, dhcp, openconnect, and procps), and Ubuntu (exiv2, linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-raspi2, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-hwe, linux-azure, linux-gcp, linux-gke-5.0, linux-snapdragon, and uw-imap).

  • Password lessons: Longer is better, so is salt

    Infosec pros who had no idea of how easily a stolen list of hashed passwords could be cracked got a sobering lesson at this month’s SecTor security conference in Toronto. There, Will Hunt, co-founder of the U.K. based In.security consulting firm, casually talked of systems that can be built around a common (about $1,500) Nvidea GTX 2080 graphics card that could make 100 billion guesses a second in a brute force attack.

Unix Celebrates 50 Years

Today and tomorrow Nokia Bell Labs is hosting a two-day event celebrating 50 years of the Unix operating system, reflecting on Unix’s past and exploring the future of computing. Speakers and panelists include many of the original team that built Unix and designed the C programming language. Read more

Red Hat Leftovers

  • How we brought JavaScript to life for Command Line Heroes

    Animators within Red Hat?s Open Studio help bring Command Line Heroes? artwork more to life. All throughout Season 3, they?ve added movement to our episode pages and created eye-catching trailers for social and Red Hat?s YouTube channel. This post highlights their important contributions to the Command Line Heroes? creative process by looking at their work for Episode 3 of Season 4: Creating JavaScript. Also, designer Karen Crowson talks about the easter eggs in that episode?s artwork.

  • Red Hat Ceph Storage RGW deployment strategies and sizing guidance

    Starting in Red Hat Ceph Storage 3.0, Red Hat added support for Containerized Storage Daemons (CSD) which allows the software-defined storage components (Ceph MON, OSD, MGR, RGW, etc) to run within containers. CSD avoids the need to have dedicated nodes for storage services thus reducing both CAPEX and OPEX by co-located storage containerized daemons. Ceph-Ansible provides the required mechanism to put resource fencing to each storage container which is useful for running multiple storage daemon containers on one physical node. In this blog post, we will cover strategies to deploy RGW containers and their resource sizing guidance. Before we dive into the performance, let's understand what are the different ways to deploy RGW.

  • OpenShift 4.2: New YAML Editor

    Through our built-in YAML editor, users can create and edit resources right in the Red Hat OpenShift Web Console UI. In the latest release, we’ve upgraded our editor to include language server support. What is language server support? The language server support feature uses the OpenAPI schema from Kubernetes to provide content assist inside the YAML editor based on the type of resource you are editing. More specifically, the language server support offers the following capabilities: Improved YAML validation: The new editor provides feedback in context, directing you to the exact line and position that requires attention. Document outlining: Document outlines offer a quick way to navigate your code. Auto completion: While in the editor, language server support will provide you with valid configuration information as you type, allowing you to edit faster. Hover support: Hovering over a property will show a description of the associated schema. Advanced formatting: Format your YAML.