Untitled Linux Show 165 Transcript
Please be advised this transcript is AI-generated and may not be word for word. Time codes refer to the approximate times in the ad-supported version of the show
00:00 - Jonathan Bennett (Host)
Hey folks, we're talking about Snap improvements and AMD hardware. Debian 11 goes LTS, there's Tails, there's Proton, there's Clam AV. It is a fun-filled episode and you don't want to miss it, so stay tuned. Podcasts you love From people. You trust this is Twit. You trust this is Twit.
00:26
This is the Untitled Linux Show, episode 165, recorded Saturday, august 17th, the Onion Ring. Hey folks, it is Saturday and you know what that means. It's time to get your geek on. It's time to get geeky and talk about Linux and open source, all that good stuff. It's going to be a lot of fun. It's the Untitled Linux Show and, of course, it is not just me. We've got the whole crew here today. We've got Ken, we've got Rob, we've got Jeff, all in, I think, their correct places. I get in trouble every once in a while if I have people in the wrong place. Oh, me and Ken are swapped. Well, I can understand. I guess I should have told you to hang on first. So, rob, you are going to start us out with something that no one's going to have a problem with, not controversial at all. We're going to talk about snaps again, all right.
01:17 - Rob Campbell (Co-host)
Yep. So after years and years of snaps being horrible, I came across an article on Phronix this week about Canonical finally making improvements to snaps, making them ahead of the Ubuntu 24.10. Well, it's about time. Okay, I speak a little tongue-in-cheek here, but we all know improvements are needed, so let's dig into what they are improving. So first thing I came across reading this article is the addition of a progress bar in the dock for snaps. So I had to take it as that. First I wasn't really clear. A progress bar for what? So after going down the rabbit hole, had to dig a few links deep and really kind of look at the original blog post and see what this is all about. And what it is is for Snap programs. When they're being updated in the background and the icon is in the dock, it will now show a progress bar of its updating progress. Now show a progress bar of its updating progress. Uh, so it's probably similar to kind of how updates work on cell phones where, like, the icon will gray out and you get little indicator. It's not quite a bar always, but you get various ones depending on what you're using. So I think it's. It's kind of like that yeah, cool, great. So along this, with this comes clear prompts when you are running snaps that have an update available. So you know if you're running it and it's it's it's not up to date. You know that you can, you know, restart it, I guess, and and get to update. The next thing Canonical's post is improvements to how SnapD handles the latest NVIDIA drivers, which will improve Jeff's experience using snapped versions of Steam with his NVIDIA GPU.
03:21
Next they talked about seated snap tracks for desktop apps. This one was even more confusing, at least from what I read. I didn't know what they were talking about. So I dug into this and, yeah, their discussion was tough to make sense of. But here's what I think I got that they're doing the old tracks. It went from latest stable and then had the ubuntu invert version, dash version that they're for, and all apps followed that.
03:51
The new tracks are going to separate out ubuntu software and their app center, where their third-party software is. So currently, I guess, when users install Snap DStore Snaps, they receive, like the old Ubitoo software. When installing latest stable and the new Flutter based app center, it's only available on latest stable, ubitoo 23.10 and newer releases. So if you're running older, you get the older, if you're running the newer, I think you can get the newer. So this allows UBIT2, I guess, to continue to support their snaps in older LTSs, kind of maintain that line that they have going and on the same app version for years, while allowing users to install the new App Center and then get the new software. So if I'm wrong with that, if somebody else understood that different, please correct me. I'd love to share with the world where I was wrong, and so would Jeff. Finally, finally.
05:04
I'm not quite done yet.
05:05
Unless you have something to cut in for no, no, no, go ahead All right. So finally, the App Center. The App Center Manage page has improvements, including these highlights the Available Updates section now refreshes its list automatically after updates are applied and OpenStamps that can't be updated are clearly messaged in the managed center and it doesn't affect the all or update all actions. So, to wrap this up, it's good to see they're making improvements, but if you ask me and pretty much all the commenters on the Internet, these aren't necessarily improvements. We're looking for One of the commenters, one of them that them I read and I completely resonate with this one.
05:49
He says quote now, only if you could stop making a mount point for every app, which which slows everything down. I'm not sure if it really slows things down, but just seeing all that mess cluttering up my system drives me nuts. You know, maybe if our systems were obfuscated more like a mobile operating system you know mobile operating systems are today snaps would be fine in that aspect, but Linux users dig into their systems and they see that mess and I just hate that mess. So snaps are improving, maybe not quite where some of us would like to see them, but yeah, step forward yeah, so there's one.
06:33 - Jonathan Bennett (Host)
There's one particular problem with snaps that I've been hitting and it's related to the uh, the security thing. So I'm I'm involved in the mesh tastic project and we have people that want to be able to flash their nodes, to put new firmware on their nodes off of the browser. Because, you know, chromium now has I think Firefox may have it as well, but Chromebase is where we really support it the most has the web serial, which is actually pretty cool Because then you can do things like flash firmware off of the web browser, off of the web browser. But if you're running it on Ubuntu and you're running the Chromium Snap, it just doesn't work because Chromium or because Snap applications just don't have the permissions to do it. So I was kind of listening and reading and hoping that they finally fixed that and as far as I could tell, they didn't. So we're going to be sad pandas for a while longer.
07:19 - Rob Campbell (Co-host)
Nothing like that at all, just fancy little progress bars.
07:26 - Jonathan Bennett (Host)
I just fancy little progress bars, I mean the, the, the sugar, the, the, the visual sugar is nice, but uh, I would, yeah, it'd be nice to fix some more, um, real problems. It sounds like they have, though, like they've got some, some things in the gaming world, some applications on steam that are going to start working because they fix things. I mean that's cool. No, it's it's.
07:41 - Rob Campbell (Co-host)
Yeah, there's some good stuff. The snaps team should should work better, especially if you're using NVIDIA.
07:48 - Jeff Massie (Co-host)
Well, and they're trying to make it open more so the other distributions can hop on the Snap bandwagon and let others open up their own Snap stores and whatnot. So they're trying to make it better.
08:00 - Rob Campbell (Co-host)
Yeah, it's getting there. Has anyone, anyone other than Ubuntu, adopted that yet though?
08:07 - Jeff Massie (Co-host)
I don't know if it's fully ready for that yet.
08:10 - Ken McDonald (Co-host)
That's a fair point. Well, no, they've adopted it when they start making distros based on Ubuntu Core.
08:19 - Jonathan Bennett (Host)
That was something I noticed in here I don't remember if Rob mentioned it or not, but Ubuntu Core, that's their take on an atomic desktop, and it's going to be based on Snaps, which will be interesting. That would be great for some people, I think.
08:37 - Jeff Massie (Co-host)
Well, the person they hired to make it more easier to port to other distributions, I think he's only been hired for about three, four months. It's kind of short yet to see the results of that work.
08:53 - Jonathan Bennett (Host)
Three months is barely enough time to figure out where your desk is at Probationary period.
08:58 - Rob Campbell (Co-host)
Hopefully he's found it by now. Probationary period is only six months, so you better have something to show for it by then. Yeah, probationary period is only six months, so you better have something to show for it by then.
09:08 - Jonathan Bennett (Host)
Yeah, all right, let's, uh, let's talk about some hardware. It's, it's, it's jeff the hardware guy gonna have to take the hardware corner for a minute and we're going to talk about some fun amd chips I am.
09:22 - Jeff Massie (Co-host)
So last week we talked about the new AMD 6 and 8 core parts. This week is the second half, where we talk about the Ryzen 9 9900X and the Ryzen 9 9950X, or the 12 core and 16 core parts respectively. The Ryzen 9 CPUs are geared for server loads, database work, simulation programs such as chemical or fluid content creators, content creators, things like running Blender or doing large video projects. They can play games, but that's not where they really excel at. So you're going to hear that a few times in here. So anybody thinking, well, I really want to use this for gaming, that's not where you want to go. They, you know these chips do a lot better with high CPU loads. You know things that can really take advantage of the 12 and 16 cores in parallel. You know, and honestly, if you want to play games and that's your main thing the 7800X3D is still the king of the heap, you know. Now, when is the 9000 series X3D parts coming? I don't know. I've heard September, but that was a rumor and I haven't seen it substantiated past that. So it may or may not happen, but games wait for the extra cash. Now, the Ryzen 9 9900X is a 12 core, 24 thread part that features a 4.4 gigahertz base clock and a boost clock up to 5.6 GHz. The 9900X also has a 120-watt default TDP and 64 MB L3 cache and it's priced at about currently it's going to be released price of $499 US. Currently it's going to be release price of $499 US. The Ryzen 9 9950X is a 16-core, 32-thread flagship processor that has a 4.3 base clock with a maximum boost clock up to 5.7 GHz. The Ryzen 9 9950X has a 170-watt default TDP and a 64-megabyte L3 cache, and it's priced at $649.
11:30
So now Michael Larable over at Phronix has done his run of 400 benchmarks again on these CPUs and run a lot of older Ryzen chips and lots of Intel chips. This is what he did with the last one that we talked about last week, but he does mention that he removed some of the lower end CPUs so the charts would be a little more readable. When you have real low end hardware sometimes the scale really has to scrunch down to make everything fit. So he just cut off some of the bottom tail so that we can focus better on the actual results. Now the hardware and software setup was the same as it was for the last week's test Ubuntu 24.04 LTS with Linux 6.10, kernel GCC 13.2 as the default compiler.
12:14
All motherboards were using their latest BIOS. They all run the 2TB Corsair MP700 NVMe SSD. The graphics was Radeon RX 7900 GRE GPU. The DDR5 compatible chips were using two 16 gigabyte DDR5 DIMMs running at 6,000 speed, while the older, like the Ryzen 5000 series, was using two 16 gigabyte DIMMs of DDR4 at 3600. Now keep in mind, those speeds are where you have unity with the memory clock, so that's the best speed you're going to get. If you go faster than that, then your memory clock is not keeping up and you're waiting cycles for things to sync up again. So for the, for the later processors, it's 6,000. For the older processors it's 3,600.
13:12
Now, as I always say on these large benchmark runs, take a look at the article in the show notes. If you have a specific workload that you care about, you know these chips might be worth investing in, but it's going to be situational. Looking at the overall mean the geometric mean which takes out some of the flyers we've gone over that in the past the 9950X came out to being 17.8% faster than the 7900, and the 9950X was 33% faster than the Intel Core i9-14900K. And even the 9900X was 18% faster than the Core i9-14900K. Now for those still on AM4, the 9950X was delivering 1.87 times the performance of the Ryzen 9 5950X processor. So it's edging up on double the speed there. Not quite, but you know, big improvement from the 5000 series.
14:26
So I'm going to add my own information here. But if you look at a lot of the online reviews in windows they tend to focus a lot on gaming and those benchmarks are not that much of an improvement. It might be the choice for you know it, some of it might be the choice for amd. When playing a game through the windows software they park some of the cores so they don't get the delay across the numa node. So this is, this is the ryzen 9 chips. Now this doesn't seem to have paid off much and while linux benchmarks come in favorable for the new chips, the, the Windows ones are rather mediocre. Now sites like Level One Text, which do both Windows and Linux benchmarking, said the same thing. They feel that Linux was much more prepared for this release and the speed increase is a lot more in Linux than Windows. Now that really kind of says that you have to look at what you're doing to see whether this is going to be a bump in performance or not.
15:31
Now one place that a person really needs to look and see if you want to upgrade is using something that relies heavily on the AVX-512 instructions. The 7000 series of chips had a double pump method of working with these instructions, which is where they break the instructions into two operations because the CPU can't handle the full instruction width. The 9000 series doesn't have that and can handle them directly. So if you have AVX-512 workloads, they will see a very large speed increase. Now Intel doesn't support the AVX-512 instructions as they're trying to get people to buy their enterprise, which do support the instructions. So take a look at the article for full details and know there are not really any gaming benchmarks in here, because that's not what these chips are for and universally everybody agrees these are for playing games. After you do a majority of your workload and you still want to play, yeah, it'll play. If you care at all about the performance of games, wait for the X3D chips. These do not fare well. I mean, they're okay, but they they're not gaming chips.
16:46 - Jonathan Bennett (Host)
They're workstation chips. These particular, they're really workstation chips. Now, yes, it. Are people thinking that there's also going to be a 9 000 series thread ripper?
16:58 - Jeff Massie (Co-host)
uh, they are, but I that. Well, it's rumored to be right, so again, it hasn't been substantiated so I I can't say that for sure it is, but it's rumored to be Right.
17:04
So again, it hasn't been substantiated. So I can't say that for sure it is, but it's rumored that there will be. And that's kind of where you kind of think of these chips as kind of a poor person's thread ripper. They're stepping stone between the two. You know, say you know 128-core chips, or you go down to the Threadripper chips which have a lot more PCI bandwidth, things like that, but they clock slower. These give you a little better clock, less PCIe bandwidth, you know, and they kind of cross in that straddling between gaming at home, pc use and where you'd use a Threadripper.
17:49 - Jonathan Bennett (Host)
Yeah, it's pretty interesting. You have to kind of figure out, like, what am I doing with the chip? Do I want to game? Do I want to be able to compile? Am I doing a bunch of multimedia stuff and then find out where the sweet spot is for you.
18:04 - Jeff Massie (Co-host)
Yeah, because some of the benchmarks benchmarks they run slightly faster than the 7000 series and even not that much faster than 5000, so it's not worth it. But certain ones, like especially avx 512 holy cow, if you care about that the these things blow the old stuff out of the water yeah, and I want to say there are some things in AVX 512 that are really interesting general speedups if you compile for it.
18:27 - Jonathan Bennett (Host)
And AVX 512, is that x86v4, I think has the 512 stuff in it, I thought it was 3. It's 3 or it's 4. I honestly can't remember which. I don't know what we're up to now, but one of them has it, and you can actually do some really interesting things like doing your string comparisons using the AVX-512 instructions, and those people are starting to see some very impressive speed ups as a result of being able to do that, and so the you know, once upon a time, avx 512 and all that was almost considered like toy instructions or or instructions that nobody on their home computer really cared about. Um, but they found this, found some places where it really makes sense, and so I think we might we might hear more about that to come. Intel may get forced to start putting them back into their consumer chips.
19:26 - Jeff Massie (Co-host)
We'll see, I kind of wait to see if they are going to do that or not. If they're going to kind of knuckle under and say you know what, oh fine, we'll support them.
19:35 - Jonathan Bennett (Host)
I mean it's going to come down to so AMD is supporting the AVX512 on all of their chips. It's going to come down to how important people think that is. And really what it's going to come down to is Windows going to start compiling for those instructions. So if people start seeing a big speed increase running AMD chips because it's got AVX 512, then Intel, I think, would be forced to.
20:04 - Jeff Massie (Co-host)
They used to support it on their consumer cpus. They stopped after yeah, yeah I remember it was a 12 series. There's 11, I forget now it's the.
20:14 - Jonathan Bennett (Host)
it's the weirdest thing because intel did support it and amd didn't, and now they've swapped and it's I don't know. It's just a weird choice by intel to to stop supporting a instruction set in their CPU that they brought out.
20:27 - Ken McDonald (Co-host)
Yeah, Maybe that's why they get tired of having to do that.
20:35 - Jeff Massie (Co-host)
Well, they didn't want the high-end their i9 chips to cut into their Xeon server chips and their enterprise chips.
20:47 - Jonathan Bennett (Host)
I see a question from Inquiring Mind about the sync close flaw and 3000 series chips and honestly, I'm not taking the time to look into sync close yet, so I don't know the answer. As soon as I do, though, I will let you know, because that is an interesting question, but I don't yet know, so I will continue to do some reading about it. While I do that, ken is going to tell us about something interesting with Bullseye, not Bookworm. Bookworm is Debian 12. That's the one that's most recently out. This is the one before that Debian 11, bullseye. And what just changed in 11?
21:23 - Ken McDonald (Co-host)
Debian 11, bullseye and what just changed in 11? Well, Jonathan, according to Bobby Borisov, Debian has transitioned its version 11 codename Bullseye from regular security updates to a long-term support phase as of this past Thursday, August 15, 2024. Just make sure we've got the date correct. Bobby points out that this shift comes exactly three years after Bullseye's initial release. He explains that each Debian release, including Bullseye, typically enjoys three years of regular support from its release teams support from its release teams followed by two additional years under the long-term support or LTS umbrella, for a predictable life cycle of five years. That's got five years of supported use from the original release date.
22:19
The LTS phase started, as I said, on August 15th of this year and runs until August 31st of 2026. That gives you that full month. If you wait until the very last second, you procrastinators to upgrade to get switched over. Now the Debian LTS team will take over the responsibilities of the security and release teams, focusing solely on critical I repeat, critical security updates and essential fixes during this period. The good news is this will give users time to upgrade to Debian 12 Bookworm, the current stable release. I would recommend marking June 10, 2026 on your calendar after upgrading to Debian 12 to remind you when Bookworm will transition to its own LTS phase.
23:19
Bobby is kind enough to include a link to linuxiaccom's step-by-step guide to upgrading from debian 11 to debian 12, if you need assistance. Bobby also says users need to be aware that, while most packages are covered under lts, some may not be supported, and he provides a link to the. And. It provides a link to the debian-security-support package, which checks for and notifies you of any non-supported packages critical to your system. Fortunately, I upgraded my Chromebooks Linux package partition to Debian 12 last summer.
24:04 - Jonathan Bennett (Host)
You know, for the longest time Raspberry Pi, with the Raspberry Pi OS, was still continuing to push Debian 11 for 32-bit. It looks like they've moved away from that now, as far as I can tell on their website. I'll have to pull up the actual flashing tool and see if it does the same thing. But that was kind of a weird thing where the older versions of the pie they were by default putting people on 11 and people would come and say it doesn't work. Are you running? Are you running bullseye? You need to run bookworm. Yes, book one more work on your pie. I don't know why. Um, so yeah, it's time to go to 12, but bookworm bookworm is great, it's time to do it.
24:41 - Jeff Massie (Co-host)
Let's leave bullseye in the past I think, those stable releases are very much like red hat enterprise, you know, it's just very slow and stable and oh yes yeah, that bullshit, that bullseye has been shot off the wall.
24:59 - Rob Campbell (Co-host)
Time to uh take it down.
25:01 - Jonathan Bennett (Host)
Yep, yep, all right. So I saw that question, like I said, from acquiring mind. I went and I did a little bit of reading and AMD has actually come out now, very recently, and said that they will actually be releasing patches for the Ryzen 3000 series for the sync close flaw. And this is a deal where they tried to work. They worked around one potential problem and accidentally caused another one with some memory remapping to fix one problem. But August 20th they are planning the Ryzen 3000 series fixes for sync close. So if you're on a 3000, then know that that's when it is coming all right, let's talk about tails, everybody's favorite browser that we hardly ever use.
25:57 - Rob Campbell (Co-host)
Yeah, well, I'm talking about sonic and tails. If you remember the game Sonic the Hedgehog? Oh yeah, no, I'm not so, but that was a fun game many years ago that's probably before your time, jonathan but I know Sonic and Tails.
26:14
What way. Too often on the internet, you know, I see new users trying to use Linux distributions like Kali Linux, because they hear it is for security and they think that means privacy. Well, PSA Kali is purpose built for things like pen testing. The security that it is is like offensive and defensive. It's not a general purpose distribution for your own privacy. It's not good at that. For all For privacy, you want a distro like Tails. So I don't know if we've talked much about Tails before, but this week Tails has released version 6.6. So I thought it would be a good time to bring it up on the show. And Tails stands for the Amnesic Incognito Live System. Fun name if you want to know the acronym. But Tails is a security-focused, debian-based Linux distribution aimed at preserving internet privacy and anonymity. It connects the internet exclusively through the anonymity network TOR. Tails is designed to be anonymous as possible, preventing all manner of tracking and surveillance, while being extra portable. Tails is a live bootable Linux distribution that erases every last trace of all activity each time the system is shut down. At least that's in their words. I haven't done the testing to confirm that. Every trace that that seems like a lot, but anyway, they do. They do the best they can.
28:05
So now, now that we know what it is, let's dig into what's new in 6.6. As with many linux releases, this release uh supports new hardware, such as new gpus and wi-fi cards, which is good if you want to bring the thing around and run it on you know various systems or whatever. It has better error handling, uh, when starting up. Uh, persistent storage was improved by increasing the maximum wait time to four minutes, which seems like a long time to wait, but anyway, it's mostly the first time use it. So by increasing that to four minutes when unlocking the persistent storage before returning an error. So this prevents freezing and allows the creation of the persistent storage after starting a Tails USB stick for the first time. So after that it shouldn't ever take that long.
29:12
But you know USB drives can have a lot of various speeds. You never know what you're getting into. So if you're running on on something slow, you just may need that time. Um, you can now enable multiple network interfaces, not just the one, and then a list of bug fixes have also been addressed stuff with the cloning and, uh, you know other other bugs got swashed. So if you're looking for privacy on the internet Tails might be the district for you. You could carry it in your pocket on a USB stick, run it on your personal computer on a USB stick and a friend's house say hey, can I reboot your computer and just boot up into this and use it? Or wherever you're at, you could just run it on your USB stick.
30:06 - Jonathan Bennett (Host)
Yeah, it's a. It's super useful for well being able to get to something and honest anonymously, without giving yourself away and not leaving any breadcrumbs. Um, very useful it is. It's tails with tour. Is that what a Snowden used? It seems like it was. That's been a long time ago.
30:28 - Rob Campbell (Co-host)
That sounds right, but I don't know. I think.
30:32 - Ken McDonald (Co-host)
Snowden did use the Onion Network.
30:35 - Jonathan Bennett (Host)
Yeah, I think so, the Onion Ring.
30:40 - Ken McDonald (Co-host)
Well, those are good too.
30:48 - Jonathan Bennett (Host)
And there's the show title onion ring. Yes, yes, yeah, that's that's what happens when you run tor over a token ring network you get the onion ring.
30:56 - Jeff Massie (Co-host)
Oh, that's great, uh one of the token ring in the ethernet yeahnet.
31:01 - Jonathan Bennett (Host)
Yeah, one of the things that always has worried me just a little bit about Tails is that you're running an old like by design, you're always going to be running a slightly old browser and sometimes browser fixes need to happen in a hurry, so that's like the one thing to be aware of is keep an eye out for updates to Tails because of updates to the browser yeah, a lot, a lot of the stuff is old.
31:25 - Rob Campbell (Co-host)
I I think when I was looking at it, the kernel the current one they have, I think it was the kernel um is in the life in like december um, well, or was it those based on that's currently out there.
31:39 - Jonathan Bennett (Host)
Yeah, so they, they. It's powered, it says, by the 6.1 lts, so that is supported through december of 26. So the kernel, the kernel is going to get support releases for a while, just as long as they stay on top of that, the lts. But the browser itself is the one that I would.
31:56 - Ken McDonald (Co-host)
I would think about and also good news is it's uh.
32:02 - Rob Campbell (Co-host)
According to marius's article, it's based on the latest debbie and uh 12 bookworm yes, yep, yep, yeah, I think I mean, yeah, you have to worry about it being um, a lot of out of date, potentially insecure stuff, but at the same time being a system that I mean there is some persistence to it. As I mentioned in one of the key features, a lot of it isn't persistent. Hopefully that would avoid anything permanently getting on there but it definitely helps.
32:37 - Jeff Massie (Co-host)
It definitely helps um all right, yeah, I'll say, inquiring mind says but it won't matter, because any infection will not get saved to the usb stick. The problem is you could have an uh an issue that would expose the data you're at now. Maybe you're doing some banking or something and they're able to catch the, the data in memory or something like that. It doesn doesn't have to be saved to the USB stick to get you in trouble.
33:03 - Rob Campbell (Co-host)
Reboot often, especially if you're doing anything sketchy. Yeah, if you're doing something sketchy, reboot before you go to your bank.
33:12 - Jonathan Bennett (Host)
Yeah, I mean. So you kind of have to think about what your threat profile is, right Like are you a Snowden and are you worried that someone from the NSA is trying to figure out what you're doing? Well then you, you take your USB key and you plug it in and you do what you got to do. You don't? You know, you're very careful about your computer hygiene. And then you take your USB key and you destroy it. And then you, the next time that you need to do this, you go to a different store and you buy a new one, and you go to a random library or coffee shop and borrow somebody's computer and put tails on it and then go to a different. Like the amount of whole bunch of uh usb drives.
33:55 - Rob Campbell (Co-host)
Burn tails on all of them and have them single use.
33:57 - Jonathan Bennett (Host)
There you go there, you go um, because I mean like but. But when you're talking about like, going head to head with advanced, persistent threats, with groups like the NSA, I mean they've got tools to literally get from. If they've got a zero day in your browser, they break out of the browser sandbox sandbox and then there are literally vulnerabilities to go and to overwrite the bios on the computer that you're working on. It's uefi. Now I know the firmware on the motherboard of the computer that you're working on, um and so it like. It's just if you're up against that kind of a threat, it's a. It's a much different threat model than I'm going to go look at something sketchy and I don't want to leave any tracks, right so that's, that's just the model, just give up.
34:45 - Jeff Massie (Co-host)
Yeah, well, you know, and I'll say this life I, I really enjoyed reading the, the book skunk works, which had to do with, uh, lockheed martin and their think tank, where they came up with like the sr 50, sr 51 and the stealth fighter and all that and you think, wow, this is great technology. And then you think, well wait, this is what they declassified and let out. So, whatever you know that the government has you better figure that they're about three steps ahead of that.
35:16 - Jonathan Bennett (Host)
So yeah.
35:18 - Jeff Massie (Co-host)
If you're going into sketchy stuff, you better be hardcore into this and being be able to really predict what they could probably be doing.
35:28 - Jonathan Bennett (Host)
Yeah, it is fun that every once in a while we get a little peek behind the curtain because something like Stuxnet will happen and it gets out. Um, and then you do get to take a look at the sort of things that the U? S NSA and I believe that one was that one was us and Israel worked together on. So that's always fun when something sneaks out from behind the curtain, you just take a look at it.
35:50 - Ken McDonald (Co-host)
Anyway, what's also really fun is when they just release it open source, like they did with Gidra.
35:56 - Jonathan Bennett (Host)
Yeah, gidra is different, though. Gidra is all about figuring something taking a binary, taking it apart and figuring it out. Which excellent I'm so I'm so glad the NSA did that. It's been one of the coolest tools that the community has had for doing reverse engineering. Um yeah, gidra is a little different.
36:14 - Jeff Massie (Co-host)
Well, I think they're under legal requirements, cause I want to say, at least in the U S, I thought like the NSA couldn't give code directly to other agencies, they had to open source it. I mean, there was something like that where it was.
36:28 - Jonathan Bennett (Host)
Ah, that could be, there's some.
36:30 - Jeff Massie (Co-host)
I will tell you. I'm sure there's some limitations.
36:31 - Jonathan Bennett (Host)
I will tell you another little known secret about the US government writing code. When a government employee writes code, it is not copyrighted. It is automatically placed in the public domain, which is why the US government hires contractors to write code rather than doing it directly. Let's move on. Let's talk about smart cash injection. Is that what's up next? That is.
37:00 - Rob Campbell (Co-host)
My wallet needs.
37:01 - Jonathan Bennett (Host)
That is my wallet needs. Yeah, mine too. So this is an upcoming CPU. Is this an X3D CPU? We think.
37:12 - Jeff Massie (Co-host)
Well, that's a little hazy A little hazy.
37:14
Probably not X3D, probably Epic. So more speedup is coming to the kernel for future AMD hardware. By the way of Smart Data Cache Injection SDCI Now, maybe home users will see it in the future, but right now they're targeting AMD Epic server processors. Now, while a home user can purchase these, they go for several thousands of dollars. Unless you're doing very complex simulations or moving a lot of data in huge databases, the workloads most people see at home are going to run slower than the normal home use chips. Now there's a new patch series getting ready to be introduced into the kernel and the notes from AMD describe it as the following, so I'm quoting AMD here Upcoming AMD hardware implements smart data cache injection SDCI, and SDCI is a mechanism that enables direct insertion of data from IO devices into the L3 cache.
38:14
By directly caching the data from IO devices rather than first storing the IO data in DRAM, sdci reduces demands on DRAM bandwidth and reduces latency to the processor consuming the IO data. The SDCIAE, which is allocation enforcement so smart data cache injection allocation enforcement features, allow systems software to limit the portion of L3 cache used for SDCI. So what this means is if you need something from an IO device, like a drive, it can load what you need into the L3 cache with possible limitations. You need into the L3 cache with possible limitations. So to utilize this feature it also depends on the translation layer. Packet processing hints and the really short version is this allows data to have hints on where the best location to put the data will be. For example, when you have a multiple NUMA node CPU, it can guide the data to the cache closest to the core that's going to utilize the data. So there isn't a delay of requesting the data across the NUMA node.
39:28
And if that's still a little confusing, basically, when you have these large multi-core chips, they break them into subsections. So not all chips share the same memory. All cores share the same memory and some of them are grouped together. Say like, let's take the 16, you know, the 9950X 16 chip or cores. Eight of the cores talk to one set of memory, eight of the cores talk to another set of memory. Now they can communicate across that boundary. It's just slower Now. It's, you know, maybe a nanosecond more or something. It's very, very fast. But on high intensity loads that time adds up. So that's what they're trying to avoid here.
40:16
Now the article does note that this isn't clear if the latest Epic server chips can support this or if there's it's just future hardware. Will this? This will be implemented. You know, I'm sure it's going to become more clear in the future, as AMD will reveal more when they fully release the patches. It should be noted, though, that the documentation for this feature has been in some of the AMD programmer documentation for the last year, so either the existing hardware or new hardware should hit the ground ready to go because the existing hardware or new hardware should hit the ground ready to go because the information has been there and people have been aware how to implement this. You know, I'm sure we'll see how much directly putting the data into the exact location, you know, bypassing RAM and speed it up. We'll see the benchmark soon. You know, like I said, I know a certain someone who will benchmark the heck out of it michael arable over at phronix I'm sure, I'm sure he'll try.
41:10 - Jonathan Bennett (Host)
I tell you I don't know that this is something that michael's going to easily be able to benchmark, because where this really probably makes the most sense is for networking. Like you're trying to handle a 100 gigabit per second pipe on a machine, or even bigger pipes on a single server, and so this can do things like your network card instead of, instead of writing into the ram for the cpu to pick up and work with, it can now write directly into the cache. And so you know we talk about zero copy, meaning the the cpu works on it right in ram. Well, now, when we talk about zero copy, we can talk about working on it directly in cache, and it doesn't even have to hit the ram maybe. Um, well, I bet you they would.
41:51 - Jeff Massie (Co-host)
Amd will let him borrow a server to test it out, because amd is pretty good about some of the hardware he's able to test on and sometimes it's a loner and they you know he's he's able to test on and sometimes it's a loner and they you know he's got a twenty thousand dollar server or something that's true play with. He doesn't get to keep it but he can play and just kind of they because they want that benchmarking out there, because a lot of people look at pharonix for the benchmarking and it's true, he gets into some of some of the server hardware yeah, so I priced out a server recently.
42:22 - Rob Campbell (Co-host)
Lately have you 20 000. Really isn't all that expensive. You can do.
42:26 - Jonathan Bennett (Host)
You can do quite a bit with 20 000, especially if it's one that you build yourself on something like a super micro uh chassis, you can really make a nice server, but you can very easily spend more than that yeah, I was using a random kind of a number.
42:41 - Jeff Massie (Co-host)
I know what we run some of our servers at and I'm not going to talk about that, but it's a lot more and they are really beefy machines, yeah.
42:53 - Rob Campbell (Co-host)
I mean most business servers are less than 20,000. But you can easily.
43:00 - Jonathan Bennett (Host)
Oh yes, oh yes.
43:09 - Ken McDonald (Co-host)
You can spend 20,000 on the cpu. Yes, ken. Is this going to be disabled by default, or is it going to be enabled, and how will that impact as far as uh security issues?
43:17 - Jonathan Bennett (Host)
um, it probably. It probably will be like, enabled in the CPU, but you're going to have to have drivers that specifically support it. Um, and I don't know if they're going to be enabled or disabled. And as far as security issues, researchers will have to bang on it for a few months to find out.
43:36 - Jeff Massie (Co-host)
Or years, and that's where the limitation of what you can put in the L3 cache comes from, because you can limit to where the memory can go and I think you can limit to what it is. So they're thinking of that as well.
43:51 - Jonathan Bennett (Host)
Yeah, I will tell you kind of a sneaky little secret. Generally speaking, our threat modeling for computers does not include the idea of something malicious on the PCI Express bus, and so that's sort of going to apply here too. And so if you have something malicious on the PCI Express bus that's going to try to use this, it's going to be able to own your machine, no problem.
44:19 - Ken McDonald (Co-host)
If you got something malicious on your PCI Express, somebody already has owned your machine, right? Yeah, yeah, pretty much.
44:26 - Jeff Massie (Co-host)
Well, that kind of goes back to the last story where let's just say even something benign like an NVMe drive, if they can load something in there that gets into the firmware and can rewrite that firmware. Now a lot of times it's locked down so you can't but say you know, you got a cheap drive off eBay or whatever and it can rewrite it. Now it's got in there and because that firmware is corrupted, it can now contaminate the rest of the machine.
44:53 - Jonathan Bennett (Host)
Yep, although if it's the hard drive, in particular, that's where it's very advantageous to have a software encryption layer, because good luck doing something nefarious when we're reading encrypted bytes off of the hard drive. Anyway, let's talk. Speaking of security, maybe this is where Ken was trying to go. Clam AV is doing something odd with their 32-bit support.
45:22 - Ken McDonald (Co-host)
Yes, they are. I'm going to start off by letting you know it's been six months since Bobby Borisov last wrote about Clam AV, back when they released version 1.3. This week he's writing again about Clam AV, this time releasing its latest version 1.4, along with an updated bytecode compiler. If you haven't heard of Clam AV before, it is an antivirus engine designed to detect trojans, viruses, malware and other malicious threats, often deployed in various settings such as Linux email servers, web gateways and file servers. I even have it running on my home file server.
46:06
Some of the highlights of this new release introduce a range of improvements tailored to enhance user experience and system security. One is Clam AV has broadened its capabilities with support for ALZ and LHA, slash, lzh file formats, allowing for deeper inspection with more compressed file types. It allows more nuanced control over image fuzzy hashing, which helps detect visual similarities in images that can indicate phishing or malware. Similarities and images that can indicate phishing or malware. There's a new dynamic configuration settings that have been included, so users can now toggle specific features directly through the configuration files, providing tailored operational flexibility.
46:59
Now ClamAV has upgraded from the RHEL 7 to AMA Linux for their build host, and if you didn't know this, ama Linux does not provide 32-bit images. This has resulted in ClamAV no longer providing 32-bit packages for Linux. However, ClamAV users on 32-bit platforms can still build from source. This release also includes a range of other enhancements to improve the software's overall efficiency and usability, including better integration with modern build systems. Refined error messages for easier troubleshooting. Optimized performance settings for faster and more reliable scans even reliable scans even Now. Bobby also includes links to the Clam AV's official announcement, download and GitHub release pages in his article. If you do want more information or you need to update.
48:05 - Jonathan Bennett (Host)
Interesting. So I did not realize that Clam AV was owned by Talos, which is now Cisco Talos. So Clam AV was owned by Talos, which is now Cisco Talos.
48:15 - Rob Campbell (Co-host)
So Clam AV is a Cisco product. I didn't notice that either.
48:18 - Ken McDonald (Co-host)
Well, actually there was another link I was tempted to throw in but I didn't. That went into some of the history in regards to that and about the Clam. Av itself does not have a commercial version.
48:37 - Jonathan Bennett (Host)
Right, it's actually, but it is included in some of the cisco systems with a name change I mean, that makes sense honestly and so that makes it worth it for cisco to put money into it if they're using it internally for stuff I wonder if it has any connection to their Cisco iron ports or anything like that.
48:54 - Ken McDonald (Co-host)
It is embedded in some of their hardware.
48:59 - Jonathan Bennett (Host)
Yeah, I'm sure they're using it where it makes sense to use it.
49:04 - Rob Campbell (Co-host)
I was surprised I didn't realize that it detected phishing. I suppose that's if you're using it on like a mail server. Yeah, that would be the sort of thing.
49:15 - Jonathan Bennett (Host)
long time ago I've used down a mail server I'm I'm real fascinated by the fuzzy image hashing and, uh, they're talking here about trying to detect phishing and malware with it.
49:29
Um, I have to wonder, though, if there's not somebody there thinking about, well, can you detect sketchy images, but also things like the term these days they use is CSAM, c-s-a-m, that's, child Sexual Abuse Materials. I would not be surprised if they are working towards being able to detect those things, which, honestly, I would love to be able to just detect and toss into the trash any of that stuff on incoming emails, because that's nobody wants that surprise opening up an email, and yeah, so hopefully that's something they're thinking about too. I imagine it is because that's really where that that fuzzy image matching kind of became, uh, infamous. Maybe we'll say it was where apple was trying to do it and and the way apple was doing it? Everybody's like this is not a good idea, please don't, but something like this getting incoming emails makes a little more sense that way your server can keep that stuff off of it exactly because you don't want that on your server.
50:34
It's bad, it's a bad day, it's not?
50:38 - Ken McDonald (Co-host)
no, no, I'm talking legal liability, all kinds of bad stuff jeff may tell us what we can want on our server and maybe even in our browsers is it what's reflecting off your glasses, ken Rob?
51:02 - Rob Campbell (Co-host)
what's the newest with a ProtonVPN? All right, so we've talked about ProtonMail and ProtonDocs, but have we told you about ProtonVPN yet? I think we probably have mentioned it in passing, but I don't know if we've ever gone too deep with it. So Proton, located in Switzerland, as we've mentioned in previous stories, is well known for its security. They provide a VPN with a secure connection and they don't log your data either. So you know all good things with the VPN With a secure connection and they don't log your data either. So you know All good things with the VPN. And did you know? Proton offers a premium VPN For as low as $4.49. Us dollars per month, as high as $9.99. Depending if you play monthly or for a year, or for two years or whatever. But thanks to paid memberships, proton is also able to provide a free version With the app. You can use the free or paid versions of ProtonVPN on virtually every OS. I'm sure it's not on like Redux or Redo or those real big niches, but Linux, windows, mac, android it's on all those. So the free version it doesn't include as many features as a paid version, but it gets you pretty much everything a basic user might need who's uh, you know, trying to be a little secure out there in the world for free. But this week there's one more paid feature that has been moved over to the free tier. Proton vpn's chrome and firefox extensions are now available to its free users.
52:53
What makes this different than just using the ProtonVPN app? The key difference is specificity. When you use the ProtonVPN app, all your data on your computer goes through the VPN connection. Whether you're pinging from the command line or your browser, your email or some other app, it all goes out through, that is, it's at the networking layer. But when you use the browser extensions, this allow you to, allows you to only send your web browsing traffic through the VPN, so you can turn it on and off as your browser as you need it. And you know this would allow you to do things like open multiple browsers, maybe, and just have VPN ProtonVPN on one of them and have the other for locally, so you can kind of quickly go back and forth. But whatever you're doing, or keep your email or other services on your local connection. And well, because I don't know, maybe that maybe they have to come from your ip for security purposes, or or your ssh or whatever it is, while hiding your web traffic or security over a vpn. So or maybe it's just convenient for you because maybe it just don't have full admin root access to your machine, but you can Excel extensions.
54:23
So I confess I'm not a Proton user but I think many of their offerings they've always been really interesting and the place has been really interesting as a company all the things they've done, and I've heard great things about them for a while. But now that I know that they have a free VPN tier, I didn't even realize they had a free one. I just thought they had their paid one and I still don't feel like spending any money because I don't have enough money. But now that I know they have a free VPN tier, I think I'm at least going to keep that in mind and there's a good chance I may install that extension somewhere. Also, I should say Proton is not a sponsor of the Untitled Linux show, but I think they have been a sponsor on the Twit Network before. Maybe I'm wrong, maybe I'm not, I I don't recall. It sounds like I recall hearing them on here before I I did go and check.
55:18 - Jonathan Bennett (Host)
They are not a current sponsor. Um, because I did, I didn't want to make sure and mention that if they were, but not currently a sponsor and I can't remember for sure if they have been in the past or not the only vpn that's a current sponsor that I know of is ExpressVPN. And I enjoy it.
55:35
Yeah, so I did want to. I was kind of thinking about this ahead of time because I saw you had this story and I'm curious what you guys think I would say. If you're going to use ProtonMail, particularly for, like, something important where you really want to be hidden, you should not use ProtonVPN. You should go use one of the other kind of what's the bulletproof. You should go use one of the other sort of bulletproof VPN services to then talk to Proton. Don't do it all from the same company, it's just one warrant to get all of your information instead of two Tails.
56:13 - Rob Campbell (Co-host)
ExpressVPN, ProtonMail, all these different factors. They'll never find you.
56:20 - Ken McDonald (Co-host)
So if you use ProtonVPN, what email service would you recommend paying for?
56:28 - Jonathan Bennett (Host)
I don't know. No, not Gmail. No, not Gmail. So I use Gmail. I have nothing wrong with Gmail, but for this particular no, not Gmail. No, not Gmail. So I use Gmail. I have nothing wrong with Gmail, but for this particular scenario, not Gmail. No, I honestly don't know. I'm not sure. This is not a thing that I spend a whole lot of time thinking about.
56:45 - Ken McDonald (Co-host)
It's safe to say you use Gmail for certain things. Comcast.
56:49 - Jonathan Bennett (Host)
Mail. I use Gmail for well, so I have my own email server for, like, my local business email, and then everything else is on gmail. I think, so I use gmail for a lot uh, mine's all gmail.
57:02 - Jeff Massie (Co-host)
My isp used to have email, but I don't. You know, I don't have anything too crazy in email yeah, that's true.
57:09 - Ken McDonald (Co-host)
I haven't accessed it in years but I bet I still could access uh, my email account through southwestern bill yeah, that's probably a yahoo account these days.
57:19 - Jeff Massie (Co-host)
Oh, you should get rid of that then, oh yeah if you want one of those hanging out there my, my employer, if you, if you leave, yeah, it's all locked down and I mean you're really good about your nothing's hanging out there to oh, let's.
57:37 - Ken McDonald (Co-host)
So it works real directly with hr on locking out accounts as people get uh, yes, upgraded to customer yes, upgraded.
57:50 - Jonathan Bennett (Host)
I'm sure they also work hand in hand with legal, with making sure that those emails don't get deleted, but they're there just in case they are needed. It's something in the future. Uh, all right, so let's chat about some easter eggs in ubuntu yeah I don't know wrong flavor, what? What flavor are the Easter eggs?
58:12 - Jeff Massie (Co-host)
Right color, wrong season. There's going to be Easter eggs in the 24.10 Ubuntu release, so the Easter eggs are going to be about Wordy Warthog, which was the 4.10 release, which came out 20 years ago. So Canonical wants to do something special for the 20-year birthday of Ubuntu and they're putting in a few things which are throwbacks to the original release. One of the things is the wordy brown accent color, which can be used to tint your desktop. 24.10 will include GNOME 47, which will support the accent color, and upstream, gnome has it. Now, since 20 2022, ubuntu has been patching it in. So if you think we've always had this, well, that was that was ubuntu patching it in, not from upstream gnome. Now you can. You can use the wordy brown to color your ui elements, such as toggle switches, focus rings. You know selection bounds, know a number of Yaru icons, including folders, all sorts of good stuff.
59:17
Another one of the things added is the login sound. Ubuntu has a login sound, though it was disabled by default in 12.04. So, though, you have been able to re-enable it if you so desired. So those that have turned it on or remember it from the old days may not remember the original sound. There's a link in the article, in the show notes, which has an audio clip of the original sound, and if you're curious about the new sound, there's also a link to the article which has an audio clip to the newer login sound.
59:49
The author of the article is still looking for more Easter eggs and since there's a while before we'll see 2410, there's still time, you know, for more to find their way into the release. He says he'll let us know if he finds more or if any of our early testers run into Easter eggs. He wants to be kept in the loop and notified on what you found. Take a look at the article to show notes if you're interested in some nostalgia. You know, for me I missed Wordy, as my first Ubuntu release I played with was 6.04. So I came in along and a little later Before that I was on like Debian and Caldera and things like that, though I you know I honestly forgot about. You know I've been using canonicals on and off for quite a while now, but I forgot about the startup sound after all these years and you know, honestly, what I do remember was Ubuntu was the first distribution I used that you didn't have to plan an entire day of loading and then manually going through and editing files.
01:00:47
And you know, 20 years ago was a lot more command line required and you had to really dig in to figure some things out. So you know, when I think back I can see how far Linux in general has come, and you know. I love Linux and I love the future of it.
01:01:01 - Rob Campbell (Co-host)
Still miss setting IRQs, though no.
01:01:07 - Jeff Massie (Co-host)
Manually editing your xorg file. Not x11, your x or you and uh, your sound, your sound preferences.
01:01:16 - Jonathan Bennett (Host)
Manually loading in the days of your sound card, the days when also was all it was, and so you could only ever play one sound at a time yep, it was fun when I was young and had a lot of time, but I don't think I could.
01:01:32 - Rob Campbell (Co-host)
I don't think I could do it if it, if I switch to it these days yeah, just out of curiosity, how long did that startup sound actually play?
01:01:42 - Jeff Massie (Co-host)
oh, probably the new one or the old one. The old one. The old one is a little longer. It was probably 15 seconds, enough time for it to finish booting up. Yeah, oh no come on. You had to turn it up too, because those old hard drives sounded like they were chewing cement marbles. They were clacking and rattling yeah.
01:02:07 - Jonathan Bennett (Host)
Goodness, the old days tell you what All right. Well, that you what All right? Well, that's been a little bit. That's been enough down the nostalgia lane. Let's talk about new fun stuff in Handbrake. I've not pulled out Handbrake for a while, but I've got a set of DVDs here that maybe might pull me back into it. Ken, what's new with Handbrake?
01:02:30 - Ken McDonald (Co-host)
Mike pulled me back into it, Ken. What's new with Handbrake? Well, first I want to thank Keith's 512 for sharing in the club Twit Discord earlier this week, Marius Nestor's article about Handbrake's latest release. They just released version 1.8.2. This is the second maintenance update to the latest Handbrake 1.8 stable series and it fixes various bugs, like an issue where an encoded file could be outputted with the wrong file name. That could be disastrous when using the queue on Linux systems.
01:03:04
Handbrake 1.8.2 also fixes a potential crash that occurred when trying to scan deleted files. Why you'd scan deleted files? I don't understand an issue that can cause some audio tracks to be dropped that I'm familiar with, yeah, and scanning of broken video clips that use reserved color matrix values. Now, under the hood, Handbrake 1.8.2 adds support for the latest FFmpeg 7.0.2 open source multimedia frameworks for video decoding and filters and for VP8 and VP9 video encoding, as well as libass 0.17.3 library for subtitles. Before updating Hambright, please make sure you have no pending encodes in the queue and be sure to make a backup of any custom presets and app preferences you have, as they may not be compatible with this version, especially if you're upgrading from an older series Now. I'll be double-checking after the show if I've got the latest one, because I didn't take time before, and if not, then I'll be using the flat packed up flat hub to update yeah, interesting.
01:04:38 - Jonathan Bennett (Host)
Um, it sounds like they've got a couple of nifty fixes there, and always good to get up to the, the next f of m peg version, so good stuff yeah, so we don't have to experience those audio dropouts.
01:04:51
Ideally. Yeah, not good in your permanently archived videos, all right. Well, I think it's time to get into some command line tips, command line and other kind of tips. They're not all command line tips. What? At least 50% of the tips today are going to be command line tips, though I think let's first start with Rob. Rob is not in the cool club. I don't think he has a command line tip for us, I think he has a cosmic tip for us.
01:05:22 - Jeff Massie (Co-host)
Rob messes things up.
01:05:25 - Rob Campbell (Co-host)
Mine is not a command line tip, but since we've been talking about cosmic lately and it's going to be talking about more, I thought I would show you something, something I came across a few weeks ago. I think this was even before my vacation, but I got some time to squeeze in and show you this. So, for those who are fans of Cosmic, I came across a GitHub repository. It is a cosmic project collection. So if you make something for cosmic community that says community community repository if you want to make something for for the cosmic desktop, you can make it submitted to this project and get it on here. So if you look through what's on here, they have like a simple task, a simple task management application for Cosmic fan control, cosmic web apps.
01:06:23
So I don't know what that is, but I suppose it's kind of like progressive web apps, but using Firefox it clearly isn't. But yeah, other mobile well, a good couple dozen on here, some applets, some cosmic noise. So check out the show notes. Or, for those watching it's at, I don't know, check out the show notes. Or if you Google Cosmic Dash Project, dash Collection, it will probably come up. But it's a nice little collection of Cosmic apps that you may want to install when you get your PopOS or wherever you install Cosmic, when you get your new Rust Cosmic desktop all set up.
01:07:18 - Jonathan Bennett (Host)
Very good, All right, Jeff. What is Reflector and what are we reflecting?
01:07:24 - Jeff Massie (Co-host)
So Reflector, this is something you probably didn't think you would hear from me, but it's a program to find the most up-to-date and fastest mirrors for arch. I know me doing arch right what the heck. So sometimes after you install arch you can have issues with slow downloads, and with arch you know you download a lot as it's a rolling release. Reflector is a python script and it scans and selects the fastest and most synced mirrors based on bandwidth response time when the mirror was last refreshed. So Reflector will also update your mirror list so you can always have the best mirrors you're updating your system with.
01:08:03
There are several options you can use. You know the most up-to-date mirrors over speed. You can also rate the mirrors by download speed. You can go by the country they're in, so Reflector can also limit your search to specific countries. It can run automatically so your mirror list stays up to date at the frequency you want, along with even limiting the list by protocol use. So how you get your software which protocols used, you can filter by that. So take a look at the article in the show notes and it'll show you how to install and run reflector and get the best experience out of your arch in style, so arch.
01:08:40 - Jonathan Bennett (Host)
Install, so happy updating I wonder if there is a version of reflector that runs for fedora, because occasionally this is a problem with other distros, where there's just one mirror that, for whatever reason, you're using. That's terribly slow and you know it's really bad when, of course, the the big package like Google's chromium or whatever, gets used on that, and so you're sitting there like everything else is done and you're sitting there waiting for something and it's at 50 K a second. It's like, okay, this will be done eventually.
01:09:07
I mean a door doesn't have something like Nala Ubuntu or app-based distros have.
01:09:34 - Ken McDonald (Co-host)
Remind me what exactly Nala does that allows you to fetch all your mirrors and show their speed for downloading the read files. So then you can go through and pick the fastest ones.
01:09:44 - Jonathan Bennett (Host)
Nifty. I don't know if Fedora has something exactly like that or not. I know this is something they've worked on with DNF5, I think it is. It comes in Fedora 41. But I just know this has something they've worked on with dnf5, I think it is. It comes in fedora 41. But I just know. This has been a thing in the past where I'm just sitting there staring at a download like, please finish so I can reboot my computer and get back to work. All right, ken, you've got, you've got part two.
01:10:08 - Ken McDonald (Co-host)
You're gonna, you're gonna tell me how to do things on my Wayland machine yes, last time uh, if you've watched it I covered two x.11 or x-word based clipboard management utilities for the command line. This week I'm going to be introducing it's actually a rust crate or library for working with the Waylink clipboard which includes what Rust based implementations of the commands wl-copy, wl-paste and the one I was glad to see, wl-clip. Now, I chose this particular implementation after looking around, since it had the most recent commits compared to some of the other projects about. Well, the first command, as I mentioned, is going to be wlcopy. And let me go ahead and switch to my command line here. And is that big enough for everybody to see?
01:11:07 - Jonathan Bennett (Host)
Yeah, I think, so Let me yeah that'll work.
01:11:17 - Ken McDonald (Co-host)
If not, I can do this.
01:11:20 - Rob Campbell (Co-host)
Nah, that should be good Ken.
01:11:22 - Jonathan Bennett (Host)
Yeah, that works.
01:11:25 - Ken McDonald (Co-host)
But there I've got WL, it's copy. What I'm going to do is pipe the echo hello us aliens. Into wl copy and that basically is like putting it into the clipboard and then I'm going to use wl paste to print it back out to the command line and then I've also pre-typed in so I'm not trying to type it in on the screen here how you can use WLClip to watch your clipboard. Oh, cool, and there you see it's doing the thing. And, david, do you mind if I quote you here?
01:12:14 - Jonathan Bennett (Host)
Nifty.
01:12:18 - Rob Campbell (Co-host)
So you're watching the clipboard there, so a hacker could use this and wait for you to copy and paste your passwords.
01:12:30 - Ken McDonald (Co-host)
Yes, that would be one malicious use of it. Now, one that would be really nice to use is if you set it up so then, instead of going to the uh screen, like I'm doing here, you'd set it up to go to a file and just add it each time, so it would uh a history.
01:12:53 - Jonathan Bennett (Host)
Yeah, create a history of your clipboard that could actually be useful. I could see that being a kind of a killer app for it.
01:13:00
Very cool that way you could then go back and maybe use it to add those as snippets for uh programming purposes cannot tell you how many times I've lost something that I had in my clipboard and then I copy something else and it's gone. Or in KDE there is at least a list of. You can get your last five or six things out of your clipboard, but sometimes it's not enough. It's still gone out of the end of it.
01:13:25 - Ken McDonald (Co-host)
And with Linux you've actually got three different clipboards. You've got the clipboard and then there's the primary and secondary.
01:13:35 - Jonathan Bennett (Host)
Yeah, I think we've talked about that in the past. All right, I've got one for us that I've actually used a couple of times this week already, and that is you can do a git apply with curl. And you may not know that on GitHub if somebody has a pull request, you can do so. The whole URL. It ends in the number of the pull request. You can just add a dot diff to that and it'll pull up and you've got the raw diff there. Well, you can use curl to get that on your command line and you can do a curl and then the whole URL ending in dot diff, then pipe and you can pipe that directly into git apply and rather than having to download and apply the patch or, you know, apply it with patch, just all a one-liner there. So, curl, you probably want to use a dash capital L to follow any redirects and then you might want to do a git apply, dash v to be able to give it verbose mode and see what it's doing, but for testing out somebody's patch. It's really pretty cool. Curl, the diff URL piped into git apply. Really a time saver. I like it quite a bit.
01:14:43
Yeah, there you go On. All of your programming needs this week that I know everybody will get up to All right. Thank you guys for being here. It's been a great show A lot of news, a lot of tips. I've enjoyed it very much. I'm going to give each of the guys a minute to plug whatever they want to, or get the last word in on something, and we will let Rob go first.
01:15:05 - Rob Campbell (Co-host)
All right, A minute. I better talk fast. So, as you know, you can come connect with me at robertpcampbellcom and from there you can find links to my LinkedIn, my Twitter or X Mastodon or a place to buy me a coffee. And with that I want to have a shout out here to Linda Annenberg, one of my coworkers at Nuvera, who actually listened to the show recently and donated five coffees to me. Nice, and I said she didn't have to because, but she did. She said I work hard at this and I said you know you're right, I took those coffees.
01:15:44 - Jeff Massie (Co-host)
so thank you, linda awesome, now did didn't we previously figure out? Five coffees was a pizza, something like that, yeah.
01:15:51 - Rob Campbell (Co-host)
Yeah, that's that's where out. Five coffees was a pizza, something like that. Yeah, that's where the five coffees came from originally. There, you go.
01:15:58 - Jonathan Bennett (Host)
We leave it to Rob's discretion whether he will enjoy five individual coffees or just splurge on a pizza. Up to you, man, All right.
01:16:07 - Ken McDonald (Co-host)
Ken, I just want to remind everybody to back up, back up, back up and then print out a backup.
01:16:22 - Jonathan Bennett (Host)
Absolutely All right, and Jeff.
01:16:26 - Jeff Massie (Co-host)
Well, if you want to find me, I guess you could go to Rob's LinkedIn and then you could probably find me, because I'm connected with Rob, but I don't really have much to say. So it's going to be poetry corner this week. So, rather than a beep or a rude error message, these words file not found. Have a great week, everybody.
01:16:49 - Jonathan Bennett (Host)
Oh, fun, fun, fun. All right. Well, I appreciate everybody, you guys being here, everybody here, that was live. Everybody that watches on the download. If you're not a part of it yet, you should look into joining Club Twit. Scan the QR code. It's about the cost of a cup of coffee per month and it is definitely worth it as a way to support Club Twit and get access to the Discord discord, access to all the shows without the advertising. It is a great deal, um and uh yeah. The only other thing I want to mention is if you want to follow my work, you can find me over at hackaday. We've got floss weekly there, tapes on tuesdays now and goes live on hackaday on wednesdays, and then we've got the security column on friday. Have a lot of fun with both of those things. Would love to see you there. Other than that, have a great week and we will see everybody next time on the Untitled Linux Show.
