Transcripts

FLOSS Weekly 725 Transcripts

Please be advised this transcript is AI-generated and may not be word for word. Time codes refer to the approximate times in the ad-supported version of the show.

Doc Searls (00:00:00):
This is FLOSS Weekly. I'm Doc Searls. This week we have bonus co-host Catherine Druckman and Shawn Powers. Help me talk to Pietro di Caprio, who does Vanilla Os? It's only three months old. It's a brand new operating system. It is immutable. It's a new thing. It truly matters. There's a lot of discussion around it, and that is coming up Next.

Announcer (00:00:29):
 Podcasts you love. From people you trust. This is TWiT.

Doc Searls (00:00:35):
This is FLOSS Weekly, episode 725, recorded Wednesday, March 29th. 2023, vanilla Os on a Stick. This episode of FLOSS Weekly is brought to you by Kolide. That's Kolide with a k Kolide is a device trust solution that ensures that if a device isn't secure, it can't access your apps, it's zero trust For Okta, visit Kolide.com/floss and book a demo today. Hello again, everybody, everywhere on Earth. I am Doc Searls and this is FLOSS Weekly. Uh, joined this week by Katherine Druckman herself. There she is. Hello. And we have Shawn Powers coming in too at some point. Um, so he disappeared. There he is then is Shawn Powers. There's Shawn Powers his with his green hair and his green things. So, um, uh, both of you guys are eager to have this show. And, and Catherine, you, you, you met our guest Pietro at, um, at at Scale. Scale, yeah. And walking around with an image of Shawn as well. It's

Katherine Druckman (00:01:43):
True. Yeah. It's a great icebreaker

Doc Searls (00:01:45):
Around

Katherine Druckman (00:01:46):
Shawn's

Doc Searls (00:01:46):
Head. I have somebody's head here. It's, and it's not Hamlet. Um, what <laugh> what were you do, what was that exactly? What was the purp, what was the <laugh> that,

Katherine Druckman (00:01:54):
What was the purpose of carrying Shawn's head <laugh>? Um, yeah, I don't, yeah, I'm not really sure how to answer that. I don't think there was a purpose. It was just fun, you know, Shawn couldn't make it, so we took a cardboard head version

Doc Searls (00:02:05):
<laugh> in his way. It was flat. Flat Shawn. Flat Shawn. Yeah. Yeah. Um, so, um, okay, so I, I, this is, um, I think we've covered enough of that. I, I wanna jump into the show and introduce our guest, uh, and is Pietro, uh, di Caprio, which I'm sure I will butcher his name to some degree. Um, uh, he's in Italy now, but they met at scale in Los Angeles. Um, he is little bio. He's interested in it and software development. He says since you, he's only 28. So as far as I'm concerned, he's still young. Um, he's a full-time software developer, uh, developer, uh, in the field of fields of product safety and pharmaceutical serialization and tracking, which, um, chain of custody kind of stuff. I used to have something to do with that in my, in an earlier life, uh, passionate on, on Foss, um, Linux Advocate and a Linux server user says more than 10 years ago, founder of Fabricators, that's a company that wants to have a positive impact on people's lives. One software, uh, at a time. He says, especially Vanilla os, which is the focus of our show today. Welcome, Pietro.

Pietro di Caprio (00:03:15):
Hey.

Doc Searls (00:03:16):
Hey, we, so you're in, in Tur. Uh, where are you located? I,

Pietro di Caprio (00:03:21):
I'm currently in, uh, well, I live here. I'm in Brescia. It's one hour east from, uh, Milan. Mm-hmm. <affirmative>. And I'm Italian. I live in Italy and in the, I was, uh, in, uh, in Pasadena for the scale, uh, what was two weeks ago, two weeks ago, where I met Catherine, that I Thanks very much for, uh, taking me here with you today.

Doc Searls (00:03:45):
So how, how far are you from, uh, Verona? Uh, I was almost killed there driving the wrong way. <laugh> many years ago.

Pietro di Caprio (00:03:53):
<laugh>, uh, like 40 minutes, 45 minutes, something like that. Yeah, depending where you want to go, of course, but something around 45 minutes. Yeah.

Doc Searls (00:04:01):
Yeah. So, so tell us a little bit about, um, uh, vanilla Os and, and how they got us here. Then I'll let my co-host jump all over you.

Pietro di Caprio (00:04:11):
Uh, well, vanillas is a, a Linux distribution basically, uh, particular thing is an immutable distribution. Uh, currently in, uh, its first version, the, uh, the end of this December. So, uh, three months ago to today's 29th. So it's, yeah, uh, was 29th of December. Today's 29th March. It's three months, basically, uh, based on [inaudible], uh, with a custom customer immutability solution. Uh, there are few things going on. We are already changing a lot for version 2.2 Planet for someone in the <laugh> in the next month, we are switching to a Dian, uh, as a base. So we are completely dropping Ubuntu. Uh, and there are few reasons, uh, behind that. Consider that even today in its one point, everything version, uh, we have, we have Ubuntu as a base, but there is nothing from Buntu. Uh, we remove every customization that canonical made to, uh, we remove every particular thing that is really Ubuntu. So any customization, any extension, any changes that canonical makes to make Buntu it's removed. We are using it as a base only for compatibility, reliability on everyday systems that users have in their home. Uh, so yeah, it's, in short me few words, it's a Linux distribution. Then there are few extra staff behind it that we are going to find out during this talk.

Katherine Druckman (00:05:55):
So I'm pretty excited about this because, uh, doc and Shawn and and I were just talking to a mutual, very smart friend, and he made the comment that these types of Lennox distributions, immutable distributions are the future of Linux. And I thought, well, that's interesting. If somebody like that says, says something like that, I pay attention. And, uh, I wanted to hear from you, you know, what do you think about that? Why I, I'm curious really about your backstory. Like, what made you create the distribution in, in the, in the first place? What problems were you trying to solve? Were you primarily focused on security? Something else?

Pietro di Caprio (00:06:29):
Uh, well, I'm, I'm, I'm happy someone made a comment like that. This makes me really happy, I hope, uh, to, to make it a truth. I mean, um, I don't hide from you that this is what we have in mind. Uh, me and Mirko, uh, Mirko is the main founder of Van Lo. And indeed Van is not, uh, from myself. Van Loz is from Mirko, uh, with Luca, that is the creator of Distro Box, uh, that is a core part of, uh, of Man Lus. Um, the story behind this is that Mirko is, uh, a huge fan of Fed Silver Blue. Uh, it's a old user of, uh, um, Chromebooks. Uh, so as a user of such kind of, uh, systems of such kind of distributions, um, he always had issues with, uh, with all of them for different reasons. Um, one time was for the immutability, one time was for, uh, availability of packages.

(00:07:47):
One time was for, uh, compatibility with, uh, um, the systems, even just talking about drivers. So as developers, as people that love to be on Linux, uh, daily and work with it, uh, basically there was a common, uh, opinion about a, a common user. If you take a random user and you want to give that user a solution, you don't have a standard one. You don't have something that really, really cares about the user experience, about not needing to know really anything about Linux and, uh, everything that is not Windows or Macintosh. So, with the user experience in mind, vanillas wants to provide a system that is easy to use, provides security, reliability, and compatibility, basically to every kind of user that is a newbie that runs Linux for the first time. Or is a developer or an expert that needs more powerful, uh, options or, um, I dunno, no tools, uh, systems that allow them to work in different manners without switching. Um, so Vanilla wants, really wants to help as much as possible in the simplest way possible, every daily users. And yes, I hope this kind of distribution is the future of Linux, of course.

Shawn Powers (00:09:44):
Mm-hmm. <affirmative>. So I have a, I have a question that, um, may make me look foolish, but I'd rather look foolish than, uh, somebody else. Just now I know. What is an immutable os I don't know what that, what that means as far as a, a Lennox distribution goes.

Pietro di Caprio (00:10:02):
Well, uh, the theory, the theory is that when a system, yeah, a system is immutable, you cannot break it. This means that in theory, <laugh>, you should, I can

Shawn Powers (00:10:18):
Say that that sounds like a challenge because

Pietro di Caprio (00:10:20):
<laugh> Yeah, yeah. But give it to me a few minutes. Yeah. The point is, if you really want to do something, you are going to find a way to do that thing. So if you really want to break a system, you are going to find a way to break that system. But when a system is immutable, should make these, uh, uh, tasks really hard. So, uh, the system keeping it in a very high level, the system should always be able to boot. How can you make the system to always boot creating security, uh, safety mechanisms? One of them is the mutability. The mutability, uh, makes the root partition, the system partition, uh, read only. So, uh, random user cannot just run, uh, comments in the terminal, right files, grid files modify the state of the system, and that's it. Uh, the users don't have direct access to the system data.

(00:11:26):
So this is what makes a system immutable. Then there are different ways to reach, I mutability, of course, uh, the most known one is, um, OS three that is used in fed silver, blue, or, uh, B T r Fs. I always forget the <laugh>, the correct order of the letters. Uh, that is, uh, uh, an entire file system that brings overlays and a lot of stuff that makes, I don't want to say easy, because it, it is not easy, but allows you to create states of the system so you can go forward and, uh, and, and back, uh, between states. Um, but indeed you cannot write directly in the root partition on the system. And after an, an analysis, uh, and tests, we decided to create what we called a B root. So, um, stop, stop me when you want, because o otherwise I just, I just gone adding information and stuff. I, I don't Yeah, yeah, yeah. Create, uh, uh, like a confusion or whatever, because,

Katherine Druckman (00:12:46):
Well, I think we all have a lot of questions. We, uh, based on what's happening in the back channel, we're, um, I, you know, I think, so the way you're presenting it, it sounds like you are thinking in, in terms of desktop users, end users having an easy environment, uh, on the desktop. But I wonder if you could speak a little bit about the benefits to developers or the benefits for, you know, including vanilla in your, uh, in your container image and, and, and the benefits for having a consistent base os something like that.

Pietro di Caprio (00:13:19):
Well, um, we have to split, uh, two topics. One is the benefit indeed, of having a stable system, something that, uh, as a developer you can rely on. Uh, I every day run different softwares both written by me that are probably the most dangerous ones, and from third parties that are tools I use to develop. Uh, so since I develop, uh, as my job, it is my job to develop. I need to be sure that if this evening I turn off my pc, and tomorrow I turn it on again, it works. If I install something that I need, uh, to develop, to test, uh, or even just to play with it, I must be sure to have an uneasy recovery point. How can I do that? There are multiple ways. There are also the Windows snapshots, I don't remember what they call it, that, uh, sometimes are automatically created.

(00:14:29):
You can trigger them manually, but you must be not a power user, but you must really know what you're doing and what you need to do to have this kind of thing. And the recovery point of Windows doesn't work, uh, in a, let's say, complete way, recovering the previous state, it registers how it is the system right now creates a, a recovery point. Um, it's not a snapshot. I, I believe they call it recovery point. And then you can go back to that point in time. Uh, so as a developer, it, it happened to me many times that I needed to, uh, reinstall the operating system because strange things were going on. Uh, apps were not opening. If we talk about Windows 10 and 11, the Star menu was not showing up after an update that the system installed auto automatically without even advising me.

(00:15:27):
So, uh, and, and this is valid for both common end users, desktop users, and indeed more power users or developer. Uh, you, you need to rely on what you're working on. And from a developer point of view, there is also, uh, another, uh, thing in Manila, uh, that is, uh, uh, ops Apex, uh, provides subsystems that allow you to install on, uh, single installation. So you have vanillas currently based on, but, but let's say Dian is the next release is going to be Dian. You have Dian installed, but through opex, that is our utility. You can install packages from a u uh, from D N F, uh, and other distributions that we are having, uh, time by time. So, uh, as a developer then releases on Linux environment and publishes on different package managers, you don't need multiple installations. You can rely on the subsystems that are present in,

Shawn Powers (00:16:39):
That's, that's actually really fascinating. And it does make me wonder, how does, um, how does X windows fit into this? I mean, I, I like the idea of like compartmentalizing different, you know, applications or subsystems so that it doesn't make the system unusable. For example, I I am also running Devin right now, and last week I just did a, i I rebooted my system and discovered that there were some weird updates that happened to my Nvidia drivers, and all of a sudden I, you know, I, I couldn't use my system. So I'm curious, how does X Windows, whether Wayland or X 11 or whatever the terminology is, is that a, is that treated separately from like these other compartmentalized, don't break each other apps? Because it seems like, especially at the desktop, that's a layer that everything has to communicate with.

Pietro di Caprio (00:17:29):
Uh, well, yeah, it is. The, the graphic server, whatever you use, uh, our default is <inaudible>, but you can switch to, to X. It's installed on, on the root system. It's installed on our, uh, file system on our Dian. Uh, when you install on the subsystems, those are containers, uh, that are run through Distro Box. Luca, the creator of Distro Box, is one of the founders of Vanillas. So there has been a development, and from this development, apex was born to have those containers running in the background, still having direct access to the, um, to the apps, whatever they are installed on those containers directly in the host system. So they see each other, the host system is exposed, the home partition is exposed to the container. So you may install whatever you want when in I do a step back in Manilas, you don't have access to the pseudo command or the a p t command if you try them.

(00:18:36):
They are common, not found. You cannot install directly from a p t. You have to use Apex. The syntax is a apx. Install whatever package you want, presser. And this is installed in the default container that since is Dian ba, the default container is going to be Dian ba. If you add the flag dash dash a u r, this is going to be installed in the arch container because you explicitly said I wanted from a u at the end of our installation, you have the question, do you want a desktop entry for this? You answer yes, and you go, when you have <inaudible>, actually, uh, you go in the activity view and you have your app here. There are people that tried to install the same app, was Firefox, probably, uh, in multiple containers, create all the desktop entries, start the same app from different systems in the same system, Mo in the same time.

(00:19:34):
So they had like, uh, Firefox from Ubuntu, Firefox from Arch and Firefox from Fedora there working and being able to do a comparison between the same app running of different systems, but staying on the same one. So you are really free to work, uh, how you prefer. You don't really need to change your, uh, your usual way to work. You don't really need to learn new stuff. Also, because we, uh, discourage users from installing stuff from the terminal with discourage users from copy pasting comments from Google, uh, we are lover of flat pack ground software patch to show you, uh, flat pack as the full option. Um, anyway, there is, when you install, uh, um, when you install vanilla s and the first, the first time you start up vanillas after installation, there is what we call the first setup. The first setup helps users to make choices.

(00:20:41):
Uh, one of them is, do you want flat pack support? That is by default flag as yes, and as an end user, you don't need to really know what is flat pack, how to install it, what to do, uh, basically in this first setup, you can also do just next, next, next, next, leave our the full options. And you are basically ready to go. You open ground software, you already have flat packs there, there, and you install whatever you prefer without really knowing that is coming from Flat pack. And other options you have in the first setup is for Invidia preparatory drivers that are a benefit for most users. Uh, of course, checking if you have an Invidia card, if we see an Invidia card in your system, we prompt you for atory drivers. Uh, you can still enable, uh, fl uh, support to up images and just go next. Everything is handled in the background as an end user. You don't need to know in advance what you need to do in the system.

Doc Searls (00:21:46):
Okay, this is <laugh>. The, the questions are piling up in the back channels. Um, but first I ha and we're gonna get to some, uh, but first I have to let everybody know that this episode of FLOSS Weekly is brought to you by Kolide. That's Kolide with a K Kolide is a device trust solution that ensures unsecured devices can't access your apps. Kolide is a big news. If you're an Okta user, Kolide can get your entire fleet to 100% compliance. Kolide patches, one of the major holes in zero trust architecture, device compliance. Think about it, your identity provider only lets known devices log into apps. But just because a device is known doesn't mean it's in a secure state. In fact, plenty of the devices in your fleet probably shouldn't be trusted. Maybe they're running on out of data OS versions, or maybe they've got unencrypted credentials lying around.

(00:22:42):
If a device isn't compliant or isn't running the Kolide agent, it can't access the organization's SaaS, apps or other resources. The device user can't log into your company's cloud apps until they fix the problem on their end. It's that simple. For example, a device will be blocked if an employee doesn't have an up-to-date browser. Using end user remediation helps drive your fleet to 100% compliance without overwhelming your IT team. Without Kolide IT teams have no way to solve these compliance issues or to stop insecure devices from logging in. With Kolide, you can set and enforce compliance across your entire fleet. Mac, windows, and Linux Kolide is unique in that it makes device compliance part of the authentication process. When a user logs in with Okta Kolide alerts them to compliance issues and prevents unsecured devices from logging in, it's security you can feel good about because Kolide puts transparency and respect for users at the center of their product.

(00:23:49):
To sum it up, Kolides method means fewer support tickets, less frustration, and most importantly, 100% fleet compliance. Visit Kolide.com/floss to learn more or book a demo. That's K O L I D e.com/floss. Okay, Pietro, we have actually, um, a couple of questions together. Um, <laugh>, because words have been said here, have scrolled off. Okay. Um, one is, um, you know, is it, is it a, so this is kind of positioning stuff. There are a zillion, um, distributions already out there, and I think it's amazing to me that more keep coming along. Um, and, and you've got one of them. And so one question is, is it a re is it a replacement for COR os and sort of related, is somebody in the back channel says, we have this already, um, with Linux Mint for Noobs and Arch Linux for power users. So there's some niche you're trying to fit into. That's none of those. So tell me how you, how, when you're selling it to somebody who says, ah, I'm already looking at, I'm already looking at Minter Arch or whatever, or CORs, whatever the others are.

Pietro di Caprio (00:25:07):
Uh,

(00:25:08):
Yeah, the, I I've already heard that question. It's, it's a bit hard to, uh, to provide a, a final answer because indeed vanillas can be, uh, the solution for multiple proposals. Uh, there are also been, uh, at scale users that explain me their, uh, their need, their, uh, daily usage. And I was the first one to tell them vanillas is not for you. Uh, because was a so high, um, high level usage in meaning, uh, as expertise. So those users were doing are, are actually doing, um, operations directly on the kernel, uh, and stuff like that. And I was the first one to tell them, don't use vanilla s you don't have the freedom to reach that low level in the system as you have in other distributions. And whatever you prefer, uh, is a replacement for CORs. I dunno, depends. What you do is a replacement for arch as a power user, what you're doing. Exactly. Uh, I may just tell you yes, to sell you vanilla, but the truth is what you're doing daily, what you need to do, because if it can be the solution for, uh, most of the users, whatever is the distribution they come from it for is not a proper distribution for a certain type of users.

(00:26:51):
So I,

Katherine Druckman (00:26:53):
Yeah. Sorry, I I have a, I kind, it is somewhat related question. Um, because again, these are conceptually very different from, let's call them the usual type distro. Uh, so I immuno this, this concept is fairly, is still very new to me, the immutable distros and the benefits and whatnot. I wondered if, can you tell me, and, and for everybody else out there who probably, uh, finds this new, how do you address vulnerabilities and bugs that's different from the usual way of doing that?

Pietro di Caprio (00:27:22):
Um, let I introduce you <laugh>, one of the updates of, uh, van Vanillas 2.2. Um, right now we have, uh, so little step back. We have aru. Abru is, uh, two partition system. We have two physical partitions on the disk where two exact exact copies of the system are leading. One partition is the one you booted in and is the system you're running, right? Only the other partition is your past or your future, depending on what you're doing is your past until you need to, uh, apply changes on the system is your future in the moment you apply changes to the system. For example, you install a driver update. The driver update is not installed on your current partition that is redone, but is installed on the future partition. That is the one that you are not using in this moment. The installation is performed in an atomic way.

(00:28:24):
So there is a transaction, another race created. Everything is executed. If all the comments exit with, uh, code zero, then the transaction is success. The changes are written on disk, on the future partition. And whenever you are ready to reboot, you are going to reboot in the future partition because grab entries have been updated. This is the core concept, but indeed are act two exit copies of the installation with 2.2. We want, we are trying to, and we almost succeeded to switch to oci. So the update you are receiving for your system to fix, to update drivers, to fix bags, to address vulner vulnerabilities and so on, are, let's say containers that are, uh, extracted to your, uh, root partition. I'm simplifying as much as possible. <laugh>, I don't want to go too much in detail, but this is basically what's happening. So whatever, uh, there is the need.

(00:29:28):
This is another change between following Ubuntu's release and switching to Dian Dian seed to be precise. We're going to release whenever we believe it's required to release. And with this O C I system, uh, we are providing you indeed from drab or our app, we are going to run, I don't know yet, an update of the image of the system, and you are going to receive it and install in the a route style. So there is a transaction, if everything goes successfully, is written on disk, when you user are ready to reboot. At next reboot, you will find your system updated. For any reason you are not happy with update, you simp to reboot and select the previous partition. So you are back before the changes that you don't like. You may not like them because something change it because some problem rises up, even if the installation was successful. Uh, it can be whatever reason you have, you simply reboot back to the previous state and you may force another date or install other stuff. This is going to be handed replacing the content of the partition, having the installation you don't like anymore, let's say like that.

(00:30:50):
And about updates, uh, I'm picking what shown said earlier about, uh, powering on the system and finding changes that he didn't like. This is where vs o the vanilla system operator, uh, enters the game. Uh, we changed how we update the system. Um, most of the systems use, um, page kit. Page kit is, it's using deviate wound two and many other distributions. This is checking for updates, it's downloading updates, is pre installing updates. Then when you reboot, uh, you are going to reinstall those updates and you are then going to reboot again. Uh, then depending on what has been installed, you reboot one time to times or you don't have to the boat. Uh, it, it's really a little mess. So vso, what does is check checks weekly or monthly? You can select it in the options if there are updates. If there are updates, then it checks is the computer in a condition where I can download in this tool?

(00:32:04):
Uh, the updates, how is this check down? Uh, what's the network status? What's the c p load? What's the RAM load? What's the user? The average user, I'm on a laptop. Okay, I'm on battery, I'm on uh, power cable. What's the condition? Uh, can I download the updates right now and install them right now? Yes, I'm in the condition. So the download, the updates are downloaded, are installed in the background with the a b root transaction in the future partition. The next time you are reboot because you wanted to reboot, you have the already updated system, you don't need any more reboots. You don't need to, um, wait on doing stuff because there is a process running in the background that is making, uh, your PCs lower or whatever. Uh, we take care of all the process for you, and we want that Euro reboot only once the next time you want.

Katherine Druckman (00:33:06):
That sounds massively appealing. So I have another question from, from kind of the back channel. Uh, so there are a few hand, uh, a handful, let's say, of immutable Distros available right now. What do you, what do you see happening in the future? Let's say five years down the road? Do you think there will be a, a lot more of these types of distros or do you see, do you see maybe, uh, convergence into, into a couple of base images plus some customizations? Do you see working together or do you see this just kind of blowing up into a whole new ecosystem?

Pietro di Caprio (00:33:42):
Hard to say for sure. What is clear right now is that there are many distributions out there that are, uh, migrating to immutability and, uh, immutability like systems. And there are already, uh, distributions that cloned our repositories, remove the credits and publish it <laugh> uh, annual new, uh, distribution. So, uh, I dunno, uh, things are moving on. Uh, people is, uh, day by day more interested in this immutability thing, whatever it is. Uh, it's interested in having a more reliable distribution, whatever is the method. And today, the method looks to be immutability tomorrow. I dunno. Uh, what I know is that we, uh, as vanilla as release everything open source on our GitHub organization, on our GitHub organization, there is only one private repository that is another repository of internal notes, internal meetings, whatever. Uh, so everything is, it's open, uh, AB route. It's open via, so it's open app exits open, all the, uh, customization made in this toolbox to work in this way are open. Uh, we encourage other developers to join the project if they want, if they believe in what we believe or make their own version even using our stuff. We are happy if, uh, the community, and I don't mean only our community, but the Linux community moves on user experience and providing reliable solutions to end users.

(00:35:30):
And I don't hide that. We also see a future for vanillas in the server, uh, environment because, uh, with the changes we are performing, we are going to release also a desktop less version that can provide you immutability on, on servers. So who knows?

Doc Searls (00:35:50):
Wow. So, um, <laugh>, I, we have more questions backed up here and Shawn is, uh, chomping at the bit for one of them. But first, have let everybody know that joining Club Twit is another great way to support our network here as a member, you'll get access to add free versions of all the shows on TWiT, as well as other great benefits. There's a bonus TWiT plus feed, which includes footage and discussions that didn't make the final show edit, as well as bonus shows we started, such as Hands-on Mac, Hands-on Windows. Ask me anything since Fireside chats with some of your favorite TWiT guests and co-hosts as FLOSS Weekly listeners, you might be interested in checking out. You should be interested in checking out another club TWiT exclusive show, the Untitled Linux Show, hosted by Jonathan Bennett. Um, so sign up, sign up and join Club Twit for just $7 a month. Head over to TWiT tv slash club TWiT and join today. We thank you for your support. So, Shawn <laugh>. Yeah, so,

Shawn Powers (00:36:56):
So I, I have to admit, I thought, oh, uh, you know, it's, it's gonna be a, a show about, you know, one more distribution, but this is a, this is kind of a drastic departure from a traditional, like, this is another distribution based on TU or, or whatever. Uh, I, I mean, the, the amount of things that are integrated, like being able to compartmentalize or containerize or whatever you want to call it, things from, uh, various distributions, even ones that aren't, you know, directly Debbie based, uh, or Ubuntu based. Uh, fascinating. So I'm, I'm curious, what are some of the frustrations that, uh, Linux user who is, wants to try, you know, vanilla out, what would some of the frustrations be? I mean, you mentioned, you know, the potential to have to reboot a bunch of things, but that's not, I mean, that's not for everything, you know, it's not everything you do. Oh, I need to reboot three times. But what are some of the frustrations or the, the issues that you hope to be able to make a little smoother for people yourself? Especially, I mean, you know, you, this is something you use. So what are some of your pain points?

Pietro di Caprio (00:38:00):
Well, um, one big example, let we have to split this question for, uh, my mom for example, that needs nothing. And, uh, my community members that are more power users and need something more, uh, what if I want, um, updated packages, arch style, but I still want to, uh, be sure I don't break my system. Uh, what if I want, uh, an app from a store, um, a package manager, uh, that the developer, uh, choosing or didn't want, uh, whatever to do, not publish on a different package manager. Um, so it's difficult to, to say one specific thing. Uh, life is difficult to say many things, uh, in my scenario is I, I have the containers, uh, with different envi, um, development environments, and I can access the single environment, uh, for other users could be, uh, being able to find on directly on ground software or simply the software center, whatever is the desktop you use and search for, uh, um, programs and know that they work that where they will continue to work, and especially that they are updated because then the problem of selecting a specific package manager is, uh, how often the packages, whatever they are, are updated by the maintainers.

(00:39:54):
How many packages are published only on one, uh, let's say 1, 1 1 repository type, one store, and one manager by the creator that then relies on, uh, community maintainers to keep the other channels updated.

Shawn Powers (00:40:11):
And that's already a, a frustration with, uh, Annu, Buntu user, right? Uh, you have, you have the app repositories and the, the Snap store, whatever the snap thing is called. And, uh, in general, I tend to, because I'm old, I tend to install things from the app repository. Um, but often I have to like look and say, okay, well, which one has been updated more recently? Which has, you know, the, the more recent stuff does, does that kind of multiply when you're looking at, I mean, if you can install a package from, you know, the arch repositories or from Fedora or from, you know, Debbie's app repositories or flat pack, I assume, or I mean, oh my goodness, you said that you can enable and disable things. Uh, but what if somebody has all of them enabled? Do they just have to pick and like, oh, well, you know, for this package I'm using flat pack for that package. I'm using, you know, arch and, and all that stuff. Uh, is the, this is cheesy metaphor, but is the juice worth the squeeze? I mean, all of the, you know, maintaining all of those various ways, uh, is it worth it or is it, or, or would you rather just see like, we only support doing this because otherwise it's just, you know, more work for ourselves for very little benefit?

Pietro di Caprio (00:41:27):
Well, uh, if you are wondering yourself, where you should take the package means you are not a newbie. You already know what you're talking about. So, uh, the newbie opens the software center searches programs that are proposed as flat pack, because during the first setup, just press the next X next without knowing nothing. And this is the way period. Then you learn something more, you find out the subsystems, or you come from a different distribution and you look, oh, how can I do, uh, DNF install, blah, blah, blah on this system, Ubuntu, vanilla, Dian, whatever, you can't use dnf, you must use a P t or whatever. So you are already, uh, learning more and more, and one day you will know how to select, but in the meantime, you just install from the software center or via a p t that is replaced via a P X, because you're not going to use a p t, you're not going to u use dnf, you're going to do a p t install whatever, and this is going to be installed like a p t until you declare the flags for dnf, for a u for, uh, void, uh, Linux subsystem and so on.

(00:42:48):
Uh, you can also use N'S scripts if you want, but then you are on another level. Uh, you're not an anymore a common user, uh, you know, um, from our side to keep all those channels available. It's not much effort, um, along the run. So once we have the support, uh, it's there and it's difficult. It is going to be changed or need to need a lot of maintenance because it's a matter of supporting a different subsystem basically. And once it's, once it's there, it's managed by this toolbox. Um, so as was same previously, if you're a newbie, you install next test next, and you are fine, you are free to go. Uh, if you are shown, and you know, the difference between the package managers, the difference between this is most updated, this is most outdated, uh, this is unstable because how many times on, uh, uh, on arch you install staff that is released without testing, for example. Uh, so when you know this kind of stuff, you already know where to take things.

Shawn Powers (00:44:12):
So

Pietro di Caprio (00:44:13):
Go ahead,

Shawn Powers (00:44:13):
Shawn. Oh, sorry. No, no, no, that was fine. No, I, I can ask my, oh, sorry, go ahead. No, no, I was just, I was thinking to, and I guess what you're saying is once the, once the wrapper, for lack of a better term, around the various package managers, since everything is installed in its own containerized environment, I, I guess as long as the tools are in place, yeah, it's not like this, you're not maintaining three versions of a, of a package. You're just maintaining the, the method for containerizing, that sort of thing. And that's already done with correct distro box. I, I might have forgotten which tools, but, okay, so, okay. So I guess that that makes sense. And, and there are, yeah, there's reasons like, uh, you know, the, the Devin based, uh, app repository of O B S, for example, doesn't include browser source, so you'd never wanna use that one. But, uh, do you have a, you said the default is flat pack? Is that, is that true? Did I, did I misheard that, or did I imagine that?

Pietro di Caprio (00:45:05):
Yes, correct. Correct. But, uh, you are not going to install flat pack using Apex. You're going to install them well, or you do a flat pack install, but open the software center and install from there. Uh, you, you start using the terminal when you really want to use the terminal. Uh, we want users to, uh, avoid the need to open the terminal.

Shawn Powers (00:45:32):
Oh, I'm offended at the core. No, I'm just kidding.

Pietro di Caprio (00:45:34):
<laugh>, I, no, well, I, I can, I can understand. I can understand, uh, many, many old users, and I mean, not old of age, but, uh, old also just one year old, two year olds. Uh, when you tell them, oh, in vanilla, you don't need the terminal. They are like, what? I want to install this stuff. I want to install this, I want to do this, I want to do that. Vanilla s wants to, uh, improve and move your experience. Uh, we have utilities with vs. So you can also, uh, how many of you know automator from Apple? Uh,

Shawn Powers (00:46:17):
Uh, yeah, I mean, I know of it. I, I haven't used it. I underst I

Doc Searls (00:46:20):
Understand it's actually good, but I've not, I've not used it

Pietro di Caprio (00:46:22):
Yet. Okay. It, it's, uh, uh, you can automate stuff based, uh, on TRI and stuff like that in vanilla. You can do the same, for example, you can, uh, currently only by common line that against what I just said, but because we are still working on it and it's not, uh, officially ready to use, uh, but it, it's shipping into the system, uh, for, for the Braves who want to test it. Um, you can for example, say, okay, when I connect, uh, these specific mouse that is blocked by the cable, that is a gaming mouse, um, open steam in, uh, uh, big view, uh, mode, and I want to use it in this way, a mouse or a controller or whatever. So you can connect a specific device to a specific action that is executed out automatically for you. Uh, you can say stuff, uh, okay, when I open, uh, visa Studio Code, uh, and I just go in, um, start activity, whatever is your favorite way, ride Visa Studio, enter and open Visual Studio code from the menu, uh, automatically run, um, debit server, language server, uh, uh, web, web server, whatever, because you need it to develop.

(00:47:43):
You open Visual Studio Code only when you develop. So you want that, those stuff are started automatically when you open with Studio Code. Um, so you have multiple things going on <laugh> on that system. Uh, but again, you don't have to need to use the terminal. We try to provide you, uh, with utilities that are easy to use and try to solve as much needs as possible to every kind of users.

Shawn Powers (00:48:24):
It's almost ironic because behind the scenes, uh, you're doing some amazingly complex, uh, operating system magic, right? I mean, you know, the, the idea of all of these, uh, objects being, uh, containerized and, and separate and, and, you know, two root partitions, one active, one future for, uh, the ability to roll back or whatever. I mean, th those are all extremely, um, high level, low level, I dunno what you wanna call it, just complicated aspects of an operating system. And yet at the same time, uh, the goal is so that people don't have to think about it, probably ultimately, so they don't have to fix it, cuz it won't break as easy, which probably goes all the way back to the whole immutable idea. So I that's, it's fascinating to me that something so complicated under the hood is designed so that you don't ever need to lift the hood <laugh>.

Pietro di Caprio (00:49:17):
Uh, well this is exactly the idea. So the vanilla name is not only because Mirko, uh, indeed, the, the, the real mine behind all this stuff loves vanilla. Uh, it's entirely, uh, it's the concept, it's the idea. Uh, we are both members of Theo Foundation and you have, uh, vanilla installation of gun of GN in man. So it's the name, it's the idea, it's the concept and experience you find in it. It's a move experience, uh, that should, uh, uh, make you to feel comfortable with whatever you are doing, simple and complex stuff.

Katherine Druckman (00:50:07):
So we have a question from our back channel that I think is actually a really good one, and we can, a lot of us can identify, but h how can using an immutable distro help with maintaining system entropy, keeping things organized, clean, if you will. Uh, this person who asks, says they often reinstall their os every because their computer gets disorganized with old packages and files. Can vanilla os help end that cycle of reinstallation?

Pietro di Caprio (00:50:37):
Okay, um, this is, uh, a problem, allow me to, to call it a problem, uh, that, uh, OS three, uh, brings in. So over time, you have those overlays that are, uh, OS three is, uh, uh, gi like, so you have comments and you have, uh, layers, layers, layers, layers. So over time you have many of them. Uh, as a user you can choose to, uh, drop the oldest, you can choose to, um, merge together multiple layers. You, uh, can do things, but as a user, whatever you are, a newbie, a developer or an expert is not an something that happens automatically, uh, in vanillas thanks to B. The, uh, idea behind a b root and the concept of keeping things simple, you have only two states, and this may be a plus or maybe, uh, a minus in, in, uh, uh, depending on what you do of, uh, indeed having only two states. But having only those two states, you have only two copies of your, uh, root partition and that's it. You don't keep, uh, the, um, old stuff, dirty stuff, however you want to call it. Over time, you, you have one state more than what you're using. So in one year from today, you are still going to have the current state and the past or future state, depending on what you're doing.

Doc Searls (00:52:33):
So, so I'm wondering, um, as we're getting down toward the end of the show, we're not quite there. Um, what, are there any verticals this appeals to? It seems to me, um, like I look at the back channel. So people say, well, I love the command line interface. I wanna live in a terminal all the time. And, um, and you're trying to keep people off the terminal. Um, because, so you've got a, you have a kind of very broad niche here. Um, it seems to be you've got kind of a B2B cell for a lot of companies that don't want to have to manage their users a lot, but don't want to be using Windows or Mac are probably using Chromebooks, that they're using Linux at all. Um, and, uh, you know, or, or fedora silver blue or something you mentioned in, uh, ahead of time in an email. So I'm wondering if you're seeing uptake, actually I'd be interested about uptake in general, like who's, who among outside of your immediate circle is, is chomping onto this and wanting it and, uh, and what surprises might be in there as well.

Pietro di Caprio (00:53:32):
Well, right now, I dunno, uh, or at least mm, we don't have companies or now that say, Hey, uh, we are using vanilla as because solves us this stuff. Uh, we hope it can be a solution for the Shea. You mentioned it about not having Windows machines, uh, providing users different, uh, different system that may, uh, Linux instead of a Chromebook, but still being able of easily manage them and provide a safe environment for the user. Uh, so from the security point of view, vanilla can be a lot can avoid installation of, um, broken stuff, can avoid installation of not authorized packages. If you want to say about corporate environment, um, can really help on that kind of management. Uh, it's really new. Uh, it's only three months old. Uh, we don't have much, uh, use cases to, to provide you. Uh, I would like to have, uh, if there is any company out there that wants to be, um, a pirate <laugh> and tested right now, please raise your hand.

(00:54:58):
We are happy to help you. Um, but out outside of our community, uh, I hope everyone can be a use case. Really, everyone, um, of course it's impossible. It's, it's really impossible. Uh, our main focus right now is on, uh, common users that are not needing, uh, a lot of technical staff, a lot of, uh, geek knowledge. So, uh, while vanilla is good for developers, uh, we want to bring it to, uh, daily users that just go on, uh, internet and browse Facebook, Twitter, uh, whatever, and sometimes play games. Uh, our, our goal is to make those users feel comfortable, and if we reach that goal, we are really, really, really happy.

Katherine Druckman (00:55:55):
So I think we're running out of time, but to wrap, I wondered if you could quickly tell us what, what's a vanilla key? Can you tease that a little bit?

Pietro di Caprio (00:56:04):
<laugh>, man, vanilla key. It's something that it's, uh, we are working on, well, we are working on the idea right now. Um, the idea is that wherever you go, you have, uh, a U S B key that is the vanilla key key with you. You go to a random pc, both the vanilla key, and this is your vanilla permanent installation. So it's a live key that doesn't work as a simple live key, but it's your current installation with your immutability staff, with your home partition and whatever. So you may have documents there and edit, uh, uh, edit them, save, uh, when you connect to a pc, you can extend your, um, let's say can extend your home partition, but in true, you should be able to, um, link, uh, share folder to the hard drive you have available. So you partition data drive to reserve a Beto space or the entire drive for your installation, uh, and vanilla records, the fingerprint of data drive to connect to link automatically to the share folder.

(00:57:23):
You turn off the pc, you go home, you connect to the key, to your pc, oh, I know this drive, I already registered it, let's link it. And you have your games, for example. So you have a single installation available everywhere for multiple scopes. Having on the physical PC only the home partition, there are, uh, few things to work on. There is the cryptography of the data, the possibility to lose the key. And so the private key to unlock the data on the drives, uh, there is the possibility that the drive has been formatted. There are a lot of things to resolve. We are working on the idea we are looking for helps also just in thinking out the logics, uh, that are behind the van vanilla key. Uh, but this is something we want to, to, uh, to create and to, to provide to everyone.

Speaker 6 (00:58:20):
Very cool.

Doc Searls (00:58:23):
Well, we have, we have run out of time. We're close to run out of time. This has been a terrific show. You've got something that I haven't seen as much activity on, on both our front channel among ourselves, <laugh>, and the back channel as well. Um, we've got an exciting thing going on there. So our final, um, just a, a quick one if you can answer briefly. Is there anything we haven't asked that you would like us to have asked that we, uh,

Pietro di Caprio (00:58:48):
Uh, well, I, I believe we touch almost every, uh, every topic, uh, almost is also the previous tool before Abru. So <laugh>, we may bring this out, but, uh, we spoke really about, uh, uh, more than the most important topics. Uh, there is more going on. There are, uh, more stuff we have and we usually talk about, uh, it's everything on our website and on our discord. So if you go on vanillas.org, you have, uh, blog posts, documents, links, uh, whatever. Uh, at any time you have questions, we are, uh, ready to, to answer both to our audience and to you. Three that I thanks again. Um, but right now I don't have anything else, <laugh> that is quick to share to everybody, so, uh, thank you so much for Yeah. You

Doc Searls (00:59:52):
Here. Yeah, so

Pietro di Caprio (00:59:56):
Thanks Katherine. That, uh, uh, was really, uh, a random thing that we met and, and prepared this thing. Uh, so yeah,

Doc Searls (01:00:05):
Thank you. She went fishing and uh, and brought in a penguin as it were. So <laugh> <laugh>. Yes. Always. Um, so, uh, final, final two questions. Um, uh, what are your favorite text editor and scripting language?

Pietro di Caprio (01:00:19):
Uh, the, the, the, the community is going to, to eat me, not only hate me to eat me because I am a sea developer using Jet Brains Rider.

Doc Searls (01:00:31):
So <laugh>,

Pietro di Caprio (01:00:33):
I'm the, I'm the alien <laugh>.

Doc Searls (01:00:39):
I used to use

Pietro di Caprio (01:00:40):
Peace Storm itself for Vin and Bash. That was the per <laugh>. Yeah. Yeah. I, I'm the evil in, in, in this, in this thing, right? Uh, well, I, I use multiple language. My daily language is indeed C Sharp with the dotnet core. So targeting, uh, basically everything that powers on. Uh, but I use Shehar, Python, go sometimes php. Um, um, well my, my favorite is still is C Sharpie because it is what I've learned first, basically, uh, at a professional level, at least I started with P H P, but, uh, C Sharp is what has been taught to me at a professional level and is what is providing me the salary every month. <laugh> so helps, uh, yeah. Uh, sometimes yes.

Doc Searls (01:01:29):
<laugh>, well, we've had, uh, Miguel Deza on here, one of the fathers of Nome, he's got in into Microsoft in part because of his use of tools coming from their, their side and.net and all the rest of it. So it all blurs. It all blurs together. And because you're early enough, you've just been at this for three months, is that right? Is did I hear that right? Yes,

Pietro di Caprio (01:01:49):
Yes. Correct. Yes. So 29th or December was the, was release

Doc Searls (01:01:52):
Release. Oh, wow. That's already three months ago. Um, we are going to have to have you back, we just said that to pretty much everybody, but you've got something that's so new and hot. I think that the, this I immutable idea, especially since, uh, uh, Kyle Rankin came in, he's, he runs, um, purism, he's the c e o of Purism, so, uh, he's not a lightweight at all. <laugh> and his well as a little colleague of ours. So thanks so much for being on the show.

Shawn Powers (01:02:19):
Thank you so much. Thank you. Really appreciate that.

Doc Searls (01:02:23):
So guys, we had a lot of back and forth <laugh> going

Katherine Druckman (01:02:26):
Over. Yeah,

Doc Searls (01:02:26):
That was great. Yeah. What we might wanna ask,

Shawn Powers (01:02:29):
I'm curious. Yeah, I'm curious to hear more about the automation stuff, to be honest. So, you know, if, if we have 'em back, I'm curious what exactly who was talking about if that was an existing system, if that was, uh, something specific to, uh, vanilla. Yeah, that was, that was fascinating to me.

Doc Searls (01:02:45):
Yeah, I, I've, it's interesting you mentioned Automator. Um, I've been told by people who are deep in the Mac world that that's one of the best programs that Apple has, and nobody knows about it. It's just called Automator. And, uh, and it's scripting, you know, it used to be Apples script, I guess maybe they just rebranded that. Um, but a way to deal with repetitive tasks and I guess is their, their way of helping people that's not, that don't want to go down into the command line, or they don't want you to go down into the command line

Shawn Powers (01:03:15):
And it can be triggered, you know, by events. I think that's the, that's the big issue Yeah. With the automator is it's event triggered so you can, you know, have something happen based on something else happening. So,

Katherine Druckman (01:03:25):
Um, yeah, I think I'm gonna install it and try it out before we talk to 'em again, so.

Shawn Powers (01:03:29):
Fair enough. Yeah.

Doc Searls (01:03:29):
Well, that's a good idea. That's a

Katherine Druckman (01:03:31):
Good idea. Give it a test run kick the tires.

Doc Searls (01:03:34):
I I, I I should use it on the, on the Lytics box. I don't have yet <laugh>. So getting boxes coming into here. So we have both of you, this is actually Catherine's co show this time, right?

Katherine Druckman (01:03:46):
<laugh>? Yeah, but if Shawn's online, you gotta pull 'em in.

Doc Searls (01:03:48):
I'll, I'll, I'll let you plug first, Catherine.

Katherine Druckman (01:03:50):
Oh, sure, sure, sure. Uh, let's see, what do I have to plug? Uh, think we have the other, oh, well, yes. Uh, earlier this year I launched a podcast. Oh, this is on the screen. We have Reality 2.0, which doc and I do. Uh, when we're not doing this show and we talk about different stuff, uh, I hope you'll join us for that. I also launched a, another podcast open at Intel. I hope you'll check that out. We talk about a lot of open Sourcey things lately. It has been security, uh, open source security. So, uh, yeah, check it out please, and you can find me on Master It On and Twitter, and if you have any questions or feedback.

Doc Searls (01:04:27):
And Shawn,

Shawn Powers (01:04:29):
Ah, same as always for me. Uh, I'm doing all the things. YouTube, I guess is the, the place I'd like to be spending more time. Uh, yeah. Yeah. Just, uh, Shawn

Doc Searls (01:04:39):
Power and you got zillion things on YouTube, <laugh>. Yeah,

Shawn Powers (01:04:43):
Yeah. Pick your poison. What do you, what do you wanna see me do? I'll dance for you.

Doc Searls (01:04:47):
<laugh>. Yeah, I, I actually ran into, in Chicago, uh, somebody who's a, uh, my wife has a, a vast cautery of Irish relatives in Chicago. And one of them were a relative of relative there was from Yourtown Petoskey. And, uh, oh, and I, and so I, I I, I looked you up on a, on a phone or had them look over their phone and there was like, so much stuff. <laugh>. So you're good

Shawn Powers (01:05:11):
Stuff. Bad stuff. I'm a little bit

Doc Searls (01:05:12):
Worried. It's all good stuff. It's all good

Shawn Powers (01:05:14):
Stuff. Oh, okay.

Doc Searls (01:05:15):
So thanks a lot for being on, um, next week. Yeah, yeah, this is great. Um, and thanks to Jonathan too in the, in the back channel who didn't get in the flood channel here, <laugh>, because you jumped in ahead of him and we roomed for four. That's it. So, um, uh, I, next week we have the return of Paula Hunter of Mojo Loop. Um, uh, much has been happening in Mojo Loops as we had her on before. And, um, and she was a great guest. So that is coming up next week. And until then, I'm Doc Searls. This is FLOSS Weekly, and we'll see you then.

Mikah Sargent (01:05:47):
Hey, I know you're super busy, so I won't keep you long, but I wanted to tell you about a show here on the Twit network called Tech News Weekly. You are a busy person, and, uh, during your week, you may want to learn about all the tech news that's fit to, well say not print here on Twitter, it's Tech News Weekly. Uh, me, Mikah Sargent, my co-host Jason Howell. We talk to and about the people making and breaking the tech news, and we love the opportunity to get to share those stories with you and let the people who wrote them or broke them share them as well. So I hope you check it out every Thursday right here on Twitter.

All Transcripts posts