The Squeak community maintains several mailing lists such as for beginners, general development, and virtual machines. You can explore them all to get started and contribute.
The Squeak Oversight Board coordinates the community’s open-source development of its versatile Smalltalk environment.
The Squeak Wiki collects useful information about the language, its tools, and several projects. It’s a wiki, so you can participate!
The Weekly Squeak is a blog that reports on news and other events in the Squeak and Smalltalk universe.
The Squeak Development Process supports the improvement of Squeak—the core of the system and its supporting libraries—by its community. The process builds on few basic ideas: the use of Monticello as the primary source code management system, free access for the developers to the main repositories, and an incremental update process for both developers and users. (Read More)
If you identify an issue in Squeak, please file a bug report here. Squeak core developers regularly check the bug repository and will try to address all problem as quickly as possible. If you have troubles posting there, you can always post the issue on our development list.
A Monticello code repository for Squeak. Many of our community’s projects are hosted here. Others you may find at SqueakMap or the now retired SqueakSource1.
Using the Git Browser, you can commit and browse your code and changes in Git and work on projects hosted on platforms like GitHub. With Monticello you can read and write FileTree and Tonel formatted repositories in any file-based version control system.
Christoph Thiede and Patrick Rein. 2023. Based on previous versions by Andrew Black, Stéphane Ducasse, Oscar Nierstrasz, Damien Pollet, Damien Cassou, Marcus Denker.
Christoph Thiede and Patrick Rein. 2022. Based on previous versions by Andrew Black, Stéphane Ducasse, Oscar Nierstrasz, Damien Pollet, Damien Cassou, Marcus Denker.
Andrew Black, Stéphane Ducasse, Oscar Nierstrasz, Damien Pollet, Damien Cassou, and Marcus Denker. Square Bracket Associates, 2007.
Mark Guzdial and Kim Rose. Prentice Hall, 2002.
Mark Guzdial. Prentice Hall, 2001.
Smalltalk special issue, August 1981.
Downloads come as *.zip, *.tar.gz, or *.dmg archives. On macOS, you must drag the included *.app file out of your ~/Downloads folder to avoid translocation; mv will not work. On Windows, you must confirm a SmartScreen warning since executables are not yet code-signed.
| Version | Support | Link | |
|---|---|---|---|
| macOS (unified) | 6.0 | ||
| Windows (x64) | 6.0 | ||
| Linux (x64) | 6.0 | ||
| Linux (ARMv8) | 6.0 | ||
| All-in-One (64-bit) | 6.0 | ||
| 32-bit Bundles | 6.0 | ||
| Try in browser (slow) | 6.0 |
❤️ Please help us keep our infrastructure up and running, which includes this website, our mailing lists, and code repositories. Donate here… ❤️
You can always take a look at the progress in the latest alpha version (aka. Trunk). Feel free to contribute to the next Squeak release with commits to the inbox. Alpha versions are not expected to be stable. All bundles (i.e., image + sources + vm) whose filename contains a YYYYMMDDhhmm token include the last stable VM. Some Trunk features might benefit from the latest VM (aka. nightly build), which can be downloaded from the OpenSmalltalk-VM repository on GitHub.
| Link | |
|---|---|
| Trunk Image (and Bundles) | |
| OpenSmalltalk VMs (latest, fast) | |
| OpenSmalltalk VMs (latest, debug) |
C10. Testing plan: verify boot state with getprop ro.boot.verifiedbootstate and vbmeta; use adb shell su?; check dm-verity status via dmesg and vbmeta/veritysetup status; avoid writing to partitions; document outputs, hashes, chain-of-trust, and reproduction steps. Include commands: adb reboot bootloader; fastboot getvar all; adb shell getprop ro.boot.verifiedbootstate; dmesg | grep -i verity. Emphasize consent and backups. C11. ADB over network risk: remote shell access, key interception; mitigations: disable TCP ADB, require authorization (adb keys), network firewall rules, MDM policies to block, charging station policies (USB Restricted Mode), educate users, use USB host-based charging-only cables; expected effectiveness assessed. C12. Detection checklist: high-value signals — ro.boot.verifiedbootstate not "green", changes to bootloader unlocked flag, presence of unknown system suid binaries, unexpected persistent services, vbmeta mismatches, kernel logs showing verity errors, abnormal boot count/resets, ADB over network enablement. Log sources: device logs (logcat, dmesg), MDM enrollment telemetry, SafetyNet/Play Integrity signals, fastboot state responses. Prioritize boot verification and bootloader lock state.
D13. Limitations & enhancements: e.g., legacy devices lack TEE-backed rollback protections; propose forcing vbmeta rollback protection, mandatory verified boot enforcement, remote attestation and enrollment checks, improved OTA signing and key provisioning; trade-offs: user flexibility, update complexity, device bricking risk, OEM coordination. D14. Ethics/legal: follow coordinated disclosure, 90-day baseline, expedited for high-risk, embargo options, provide PoC only to vendor, offer mitigations and patches, handle dual-use info carefully, notify CERTs, respect laws and user consent for testing. addrom bypass android 9
A1. Definition: explanation of "Addrom bypass" as bypassing address/ROM protections—expected to refer to boot/firmware/verified-boot bypassing; threat model: attacker with physical access or privileged software, goals (persistency, data exfiltration, bypassing verified boot). A2. Mechanisms: Verified Boot (dm-verity), SELinux enforcing mode, Secure Boot/bootloader lock, hardware-backed keystore/TEE, file-based encryption (FBE). (Any three) A3. Verified Boot + dm-verity: integrity verification of boot and system partitions; bootloader verifies boot image signature, kernel enables dm-verity for rootfs, rollbacks prevented via metadata. A4. SELinux: Mandatory Access Control limits process capabilities, confines services, reduces escalation and lateral movement after bypass. A5. ADB: debugging bridge; if enabled/unrestricted it provides shell and file access; authorized keys and adb authentication are critical. Emphasize consent and backups
End of exam.
B6. Boot process: boot ROM → bootloader (primary/secondary) → verified boot signature checks → kernel init → init.rc → zygote/framework; integrity checks at bootloader and kernel (dm-verity), verified boot metadata enforced by bootloader/boot verifier. B7. Partition layouts: A/B = two sets for seamless updates, supports rollback protections, less reliance on recovery; non A/B uses recovery partition and OTA writes — both affect where tampering would occur and persistence techniques. B8. Hardware keystore & TEE: keys stored and used in TEE, HSM-backed attestation, making raw key extraction difficult; mitigations: require attacker to bypass TEE/hardware, which is costly. B9. OEM factors: bootloader lock policy and unlock token handling; whether Verified Boot enforcement is strict or permissive; availability of fastboot flashing and signed images; presence of OEM-specific recovery/diagnostic modes. making raw key extraction difficult
An implementation of Babelsberg allowing constraint-based programming in Smalltalk.
[Quick Install]
A collaborative, live-programming, audio-visual, 3D environment that allows for the development of interactive worlds.
A media-rich authoring environment with a simple, powerful scripted object model for many kinds of objects created by end-users that runs on many platforms.
Scratch lets you build programs like you build Lego(tm) - stacking blocks together. It helps you learn to think in a creative fashion, understand logic, and build fun projects. Scratch is pre-installed in the current Raspbian image for the Raspberry Pi.
