Untitled Linux Show 250 Transcript
Please be advised that this transcript is AI-generated and may not be word-for-word. Time codes refer to the approximate times in the ad-free version of the show.
Jonathan Bennett [00:00:00]:
This week we're talking about APT and all of the goodies coming with the new update there. Flatpak has an update. Linux 7.0 is probably coming this weekend. We finally get Little Snitch on Linux. Nano hits the big 9.0 and lots more. You don't want to miss it, so stay tuned.
Rob Campbell [00:00:20]:
Podcasts you love from people you trust.
Jonathan Bennett [00:00:24]:
This is TWiT. This is the Untitled Linux show, episode 230, recorded Saturday, April 11th. Pardon my French. Hey folks, it is Saturday and you know. You know what to expect. You know what that means. It's time for some Linux. We're going to talk hardware and software, all of the stuff we all know and love.
Jonathan Bennett [00:00:47]:
There's a new kernel release brewing, all kinds of fun stuff. We've got some of the regular crew. Mr. Ken McDonald and Mr. Rob Campbell are with us. That other guy is off playing hooky. He had some sob story about going and visiting a friend, but.
Ken McDonald [00:01:01]:
But he earned it last week.
Jonathan Bennett [00:01:03]:
Yeah, he earned it last week.
Rob Campbell [00:01:04]:
I just figured he took off because me and Ken weren't here and he
Jonathan Bennett [00:01:07]:
had to put up with me alone. That's a stressor for anybody.
Ken McDonald [00:01:11]:
And he provided an hour of talking just by himself.
Jonathan Bennett [00:01:15]:
I know it was not a short show with just the two of us. Not that I expected it to be, but still. Wow. I started to compile right before we started it. Finished this machine did the compile in 57 seconds.
Ken McDonald [00:01:28]:
Is that the framework?
Jonathan Bennett [00:01:30]:
Yes, it's framework 16. So it's a pretty beefy little. It's a pretty beefy little machine. All right, we'll talk about what I just compiled at the end of the show during the tips. But before we do that, we've got some news to cover, and Rob is actually up first talking about everybody's second favorite package manager. That's apt.
Ken McDonald [00:01:51]:
As he's apt to be.
Jonathan Bennett [00:01:52]:
He is apt to talk about second favorite. Well, all right, my second favorite, apt,
Rob Campbell [00:02:00]:
the Debian package manager that almost everyone loves but rarely gets talked about very often. It just keeps rolling along with rarely an exciting announcement or new feature to talk about. Well, now we have a big feature to talk about that came out in apt. This isn't even a major milestone release like 3.0 or 4.0 or something like that. Maybe it is, I don't know. But this great new feature comes out in Apt 3.2, and that exciting new feature is Drumroll Transaction History with rollback support. This means APT now keeps a record of package installs, upgrades and removals with apt. APT History list, you can see a timeline of what changed on your system, and with app space history info, you can dig into the details of a specific transaction.
Rob Campbell [00:03:08]:
But the real magic is in the recovery tools. APT Space History Undo lets you reverse a specific operation, and APT Space History Redo reapplies that operation and APT Space History Dash Rollback Rollback can take your whole system back to the state it was in an earlier point in time. So apparently Saurav Rudra tried it out and in his real world testing it works exactly as advertised, he says after installing Vim and all up, the new history commands made it easy to inspect what happened. Undo and install and bring it right back. Rolling back to an earlier transaction also removed the later package changes, just as expected. And importantly, trying to reduce something after a rollback failed in a way that made sense. But that's not all. That's not all that's new in app 3.2.
Rob Campbell [00:04:22]:
As exciting as that one feature alone is, apt 3.2 also adds apt why and APT why not which help explain dependency chains. So if you've ever wondered why a package is on your system or why it isn't, APT can now tell you directly, you know, just with APT why. There's also a better repository control with the new Include and Exclude options, letting admins decide exactly which packages a repo can provide. Solver3 is now enabled by default too, bringing smarter dependency handling and source package based upgrades. Add in preventing sleep during installs and some developer focused logging which I never even realized sleep was a problem. I guess I haven't had any installs that long but you don't want your system to fall asleep on you while it's installing. So I guess that's the thing.
Jonathan Bennett [00:05:31]:
I don't know.
Rob Campbell [00:05:32]:
It's not anymore. At least Once you have 3.2 anyway app you know, once you add all these in, app 3.2 starts to feel like one of the most practical package managers. Practical pack. Yeah, practical managers updates in years. You know, quietly. APT just got a whole lot smarter, better, improved.
Jonathan Bennett [00:05:59]:
Yeah man, if I was on Ubuntu I would really be ticked that I didn't have this feature that Fedora has had for like 20 versions.
Rob Campbell [00:06:05]:
Okay.
Ken McDonald [00:06:09]:
Actually some of this I was getting with Nala.
Rob Campbell [00:06:14]:
Yes but now you don't need a third party thing.
Ken McDonald [00:06:16]:
No I don't.
Rob Campbell [00:06:17]:
All right there.
Ken McDonald [00:06:20]:
Ubuntu in 2510 is using apt version 3.1.6 right now. You know I should really be these features.
Jonathan Bennett [00:06:31]:
I should really be nice they invited me to come to the Ubuntu conference and they're gonna buy my plane ticket. So that. That joke was only a joke. I love APT and Ubuntu. It's great. Yeah.
Rob Campbell [00:06:43]:
You're gonna get uninvited and if. If you still want to use that ticket, send it my way. I don't know what I'll talk about, but I'll come up with something I like pre trips. Where's that at again?
Jonathan Bennett [00:06:53]:
In London. So put me in the economy nosebleed section.
Ken McDonald [00:06:57]:
So you. All these new features in Apt 3.2 are already available in DNF.
Jonathan Bennett [00:07:07]:
I don't know about all of them, but the ability to show your history and do rollbacks is.
Rob Campbell [00:07:13]:
Can you redo after you did an undo?
Jonathan Bennett [00:07:16]:
You know, I'm honestly not sure if that's in there or not. That's not something I've ever needed to do.
Rob Campbell [00:07:22]:
I mean, I still. I find that being useful. Like I've said before, I used to. I use Ubuntu on my servers and, you know, sometimes I install something, it's like, you know, that doesn't work as expected. So I could see myself undoing it.
Jonathan Bennett [00:07:35]:
The undo is very useful. Yeah.
Rob Campbell [00:07:37]:
And I don't know, maybe I'd be like, oh, well, that still doesn't fix it. Maybe that wasn't the problem. Let's redo that again. I don't know.
Ken McDonald [00:07:44]:
Especially if it's an unattended upgrade that you didn't want to do.
Jonathan Bennett [00:07:49]:
Yeah, probably. You don't want unattended upgrades turned on on your server.
Ken McDonald [00:07:55]:
How about your production desktop?
Jonathan Bennett [00:08:00]:
A little bit better, but, you know, it's. It's a matter. It's a matter of taste, really.
Ken McDonald [00:08:06]:
Yeah.
Jonathan Bennett [00:08:08]:
All right. We talk about flat packs.
Ken McDonald [00:08:12]:
Of course, we want to talk about
Rob Campbell [00:08:14]:
another package manager, a universal one. Yeah.
Jonathan Bennett [00:08:18]:
There was a. Was it Flatpak sandboxing that had a big security problem.
Ken McDonald [00:08:23]:
In fact, that's what I'm going to be talking about here is about some important security fixes that Marcus Nestor wrote about that were part of the several updates released by Flatpak. First we hear about FlatPak 1.16.4 addressing two security vulnerabilities, CVE 202634078 and CVE2026 34079. According to Marcus 34079 vulnerability could lead to arbitrary file deletion on the host file system, earning it a high 8.7 rating. The CVE ending in 34078 vulnerability could allow a complete sandbox escape, which could then lead to host file access and code execution in the host context it was rated a critical 9.3. Now Flatpak 1.16.4 also fixes two other security issues preventing arbitrary read access to files in the system helper context and preventing orphaned cross user pool operations. Now when you check out the release notes you will also find the Flatpak development team has released Flatpak 1.17.4 as a new development version towards the major Flatpak 1.18 release, adding automatic branch following for extensions to ensure that no auto download extensions stay functional after an update that requires a new branch and support for Enable in teams sync unconditionally. Now I do recommend reading Marcus's article since he posted two updates since its initial release.
Jonathan Bennett [00:10:20]:
Yeah, very, very cool. Good to get all of those security things fixed and taken care of. We had wrong Discord tab. Let's see, we had Keith512 mention that there were a a bunch of updates this week and it's now 1.16.6. So lots of things getting fixed in Flatpak.
Rob Campbell [00:10:46]:
Maybe. Now that that's all fixed, it's starting to get time for me to do another benchmark comparison between Snap, Flatpak and native, as I've done a couple times in the past.
Jonathan Bennett [00:10:56]:
Don't forget AppImage.
Ken McDonald [00:10:58]:
If you follow the release notes, you'll see that 1.17.6 is actually the last release that was done because they're all combined the 1.16 and the 1.16 in the release notes history. Weird watching it go from 1.16.4 to 1.17.4 to 1.16.6.
Jonathan Bennett [00:11:23]:
Well, so what they did is they found vulnerabilities that were in both branches so they had to fix them at the same time.
Ken McDonald [00:11:30]:
Yep.
Jonathan Bennett [00:11:32]:
Yeah, interesting. Yeah, cool stuff. So actually let's take a quick break and then we're going to talk about something that is probably going to happen this weekend in something sort of big in the Linux world. We'll do that right after this
Ken McDonald [00:11:52]:
and I want to apologize if I jumped ahead of you there, Jonathan.
Jonathan Bennett [00:11:56]:
No, no, it's fine. Where's. Where's the. That's the commands. I must have actually closed that tab run down there it is to close the tab. I know who closes tabs.
Rob Campbell [00:12:17]:
Come on.
Ken McDonald [00:12:20]:
I do it right before the show starts just to get downsize what it got running.
Jonathan Bennett [00:12:27]:
One of the things I was doing and it sort of came back to bite me.
Ken McDonald [00:12:33]:
Yep. In fact I'm showing that I'm using about 8.9 gigabytes of memory with What I've all what all I've currently got running on this system.
Jonathan Bennett [00:12:46]:
There's a. There's a website for that. Is that still up? I wonder if that website is at Linux ain't my RAM. Linux8MYRAM.com yes, it's still there. Little, little teaser for those of you watching live this will get cut out. This website's been around for Half a forever. Linux 8 Myra don't panic. Your RAM is supposed to Got a picture of Tux the penguin with a chunk of DRAM in his mouth.
Jonathan Bennett [00:13:15]:
That's great. Anyway, Linux lore from ages past. All right, I will pick it back up with the 7.0. Here we go. So we've been talking about it. If you've been paying attention to the show the last few weeks, this is not really a surprise. Although I don't think we knew last week that it was coming this weekend. But it looks like Linux 7.0, the big 7.0 is going to release on Sunday 12th April.
Jonathan Bennett [00:13:50]:
So for those of you that watch on the download it's probably already happened but there are a bunch of things in here between performance optimizations for the AMD you've got upcoming. Speaking of amd, you've got upcoming new AMD hardware that's getting the switches turned on and the support landed. If someone really wants to read the tea leaves about what's coming from amd, you can go look into that. That's a lot of AMD Radeon graphics. There's of course the normal intel stuff, xfs I think we talked about this has the self healing added to it. Ext4 is getting a big write performance improvement. There's IO stuff, there's UDP stuff. Qualcomm's Snapdragon next to Elite SoC is getting more of its support upstreamed, which is always nice to see.
Jonathan Bennett [00:14:42]:
So the bump to the R version and all kinds of stuff happening there and so kernel 7.0 probably almost certainly going to happen unless somebody finds a really big bug in it going to happen this this Sunday, which is tomorrow for those of us that are that are live and probably a couple of days ago for those of you that listen on the download. But anyway good to see that. That'll be fun to get show up in your distros within a week or two or three or a month or two depending on what distro you run. Some of them are quite slow to get it and some of them are quite quick.
Ken McDonald [00:15:16]:
In fact, hasn't Jeff started talking about some of the things that we might see in 7.1.
Jonathan Bennett [00:15:22]:
I was also seeing some 7.1 stuff because, you know, there is the. The staging branch. They load stuff up in the very. It's not just one staging branch. Each subsystem has a staging branch. They'll push stuff into that during the feature freeze, so that when you know the feature freeze in seven, ditto comes out, the merge window is open. Torvald says, okay, give me your new stuff. People will just do these huge pull requests from the merge branch and say, okay, here's the 3,000 commits that I want you to pull.
Rob Campbell [00:15:52]:
I feel like. It feels like we just got to 6L, but here we are, another milestone again.
Jonathan Bennett [00:15:58]:
Yeah, so we are doing 20. 20 versions, 20 minor versions per major version. And you get a kernel every a couple of months, three months, something like that. So doesn't take that long to get 20.
Rob Campbell [00:16:11]:
Was it the beginning of last year?
Jonathan Bennett [00:16:15]:
I don't know. We can ask Google. When did kernel spell it right? 6.0 release col. Linux kernel version history Nope, that doesn't tell me. Lame. Linux 6.0 released October 2022 oh, wow. It's been a while. You're just getting old and the days are going faster.
Jonathan Bennett [00:16:41]:
That's actually what it is.
Rob Campbell [00:16:44]:
It's horrible.
Jonathan Bennett [00:16:48]:
He didn't deny it.
Rob Campbell [00:16:51]:
Everything feels like yesterday.
Jonathan Bennett [00:16:53]:
I know, I know. Yeah. No, there's. There's cool. There's cool stuff happening in 7.0. One thing that you might want to think about, and this is again, Keith's512 points this out, that if you're running Nvidia, you might want to not jump to the 7.0 kernel right away. You're going to want a. You're going to want to wait for like the next update for that to be able to get support for the kernel.
Jonathan Bennett [00:17:20]:
If they particularly 7.0.4, not necessarily the kernel version, the next Nvidia version. I don't know what they're going to call it. I don't remember how Nvidia numbers their kernel, their kernel drivers. Do they number it back to the kernel itself? I thought they did it by like monthday.
Ken McDonald [00:17:37]:
It's a good question.
Jonathan Bennett [00:17:38]:
I don't know. I don't run Nvidia. I'm not an expert on it.
Rob Campbell [00:17:41]:
I mean, my recommendation, if you're running Nvidia, I mean, for now, hold off. But for future stuff, start planning your exit strategy.
Ken McDonald [00:17:51]:
If you're running Nvidia, hold off until you replace it with an AMD gpu.
Jonathan Bennett [00:17:56]:
It's not nearly as much of A pain as it used to be. I used to be very much on team don't run Nvidia on Linux. But it's better now.
Rob Campbell [00:18:05]:
It's not just for the pain, it's just everything.
Ken McDonald [00:18:08]:
It's definitely better if you're wanting to have a local AI agent.
Jonathan Bennett [00:18:12]:
Yeah, I mean Nvidia is working on their open source graphics drivers too. So, you know, it's not, it's not just Team AMD that's doing the open source thing. Nvidia is trying to get in the game too.
Rob Campbell [00:18:23]:
Yeah, well, they're still trying. When they're there, maybe I'll back down a little bit.
Jonathan Bennett [00:18:28]:
Sure.
Ken McDonald [00:18:29]:
Was there a very. Before that train?
Jonathan Bennett [00:18:36]:
All right, so I think. Have we talked about things like Little Snitch before? It seems like there was a Little Snitch command line tip that we did at some time in the past. Or maybe I'm thinking of one of the times that I was. Maybe they talked about Little Snitch on Security now or one of the other shows now.
Ken McDonald [00:18:56]:
Future Open Snitch.
Rob Campbell [00:18:57]:
Jeff. Jeff shared a tip not too long ago about Open Snitch.
Jonathan Bennett [00:19:01]:
All right.
Rob Campbell [00:19:02]:
And how it was based on Little Snitch.
Jonathan Bennett [00:19:04]:
Okay, well we've got a, we've got a story here from Rob about Little Snitch. So what's, what's going on? Isn't this thing Mac only? I thought, what's, what's the deal?
Rob Campbell [00:19:14]:
Yeah, so Little Snitch originally was an app for Mac OS and Linux had Open Snitch which was based off a Little Snitch. Well now you may have the opportunity to just use the real thing as Little Snitch has finally arrived on Linux and for a lot of longtime users, you might be excited for this. Little Snitch is written in rust, so a lot of people should be happy about that. And built around EBPF so it can watch which processes are making network connections, let users block them with the rules instead of traditional desktop apps and Linux. And. And the Linux version uses a web based interface, which also means you can monitor a remote Linux machine from another device. Oh yeah. Also side note on the Open Stitch and Snitch and Jeff haven't done this.
Rob Campbell [00:20:18]:
I actually googled YouTube. Open snitch I think it was. And right at the top was a snippet of Jeff's video from the show. So it's easy to find if anyone wants to go back on that Anyway, so that's kind of cool compared to Open Snitch, you know, that has the web interface and all that and you know, even, even I don't get a little snitch on the Mac. But, but this Linux release comes with important asterisks. The developers clear that little SEC for Linux is not being positioned as a full security tool in the same way that the Mac OS version is. Because apparently EPF EPBF limits on Linux processes can evade it. And tying traffic perfectly back to a process is harder is what the article says.
Rob Campbell [00:21:26]:
So the focus here is privacy and visibility more than hardening hardened security and to continue according to Joyce Netan testing on Ubuntu, only nine system processes connected to the Internet over a week compared to more than 100 on Mac OS. So it's a little, just a little side snippet on Linux compared to Mac os, I guess, you know, while apps like Firefox still made background connections, LibreOffice made none. And that brings me to my own experience because I wanted to do the obvious side by side comparison comparing Little Snitch versus Open Snitch spoiler here. It might be some disappointment, but anyway, I set up two identical virtual machines running Cash OS with the Cosmic Desktop because I like Cashy and I like Cosmic, so I wanted to have that environment. Anyway, on one, I installed OpenStitch from the arch repository. I've installed it way back in the past. I was disappointed that Jeff beat me to the tip and that I never did that tip before because I've actually used it like I played with a long time ago. Anyway, on the other one I installed Little Snitch from the AUR using yay the Arch that is the Arch users repository.
Rob Campbell [00:22:57]:
The plan was simple. A side by side, same distro, same desktop, same workload. Then see whether the less open Little Snitch actually offered a compelling reason to switch or choose it over the the fully open Open Snitch. But that's not quite how it went. Open Snitch needed a little bit of tweaking before it started showing data. I had to do a little googling because it just wasn't. It just wasn't seeing anything. But Little Snitch turned into a much rougher experience for me after installing that.
Rob Campbell [00:23:37]:
After I installed Little Snitch, that virtual machine became completely unstable. The desktop was locking up crashing and I couldn't do anything. I even rebooted it. Same thing, I was like, I think the whole desktop was crashing once and I was like in some console errors on the screen and the desktop would be bad because I fortunately as a vm, not used. I eventually just deleted and killed the Thing. So now I can't say for sure whether you know that package in the aur. I mean that's a user package. Maybe that was bad, I don't know.
Rob Campbell [00:24:15]:
Or if it was an issue with the fairly new Cosmic Desktop. Maybe I should have used something more tested, I don't know.
Jonathan Bennett [00:24:21]:
Or.
Rob Campbell [00:24:22]:
Or some interaction between the two, I don't know. I did see comments though online from others mentioning memory related issues. I think one said something about memory went up to 100% and they removed it, it went back down and so I don't know there they seems like there may be some other problems with it still at the moment depending on the system. I mean Joyce that didn't. It's not like he had any issues on Ubuntu. I don't know. Still it meant I ran out of time before I could do the true side by side comparison I wanted. Other complaints about Little Snitch is that it isn't completely open source.
Rob Campbell [00:25:05]:
The Linux version is partly open source. The EPPF components and the web UI are open, but the daemon itself remains closed, which is something the Europeans might have a big issue with. But that is for a later story today.
Jonathan Bennett [00:25:24]:
Yeah, that was. That was something I was definitely going to point out.
Rob Campbell [00:25:28]:
So in a way that's the story of Little Snitch on Linux right now. It's exciting for a famous macOS network monitor land on Linux with a modern tech, a remote friendly web UI and a real privacy value. But apparently for some users the experience may still be a little buggy. I'm still going to try to do a side by side maybe later this week. Maybe I'll try it on Ubuntu or something else since it worked for Joey there and see if I have more success there. You know, put those two side by side, see what happens. And I probably won't bring it back here unless it's worth a full story. So I may.
Rob Campbell [00:26:08]:
If I do do this I'll probably post something on my social media and follow at the end of the show to find out how to connect with me for my see my social media if you're not already connected.
Jonathan Bennett [00:26:22]:
Nice little self plug there. Yeah, no, it's cool to see it. I don't think it's something that I'm particularly going to run. But the. Ecosystem on Linux does not really give itself to programs doing telemetry and not telling you about it because they're all generally open source, particularly if you just install stuff through your distros repositories. So it's a little less useful in that case. Although it is nice to have something that sort of double checks that.
Rob Campbell [00:26:57]:
Yeah, I mean, a little reminder refresher. What these apps do, if I wasn't clear in it, is basically you run it and it just monitors anything that makes a network connection and it, you know, it pops up, oh, Firefox went to here or this app went to here and then, you know, you can, yeah, that's fine. Or you can go in there like. Yeah, no, block that. You know, make rules based on that. So when I played, I haven't played with it actually in a while, but it's pretty cool.
Jonathan Bennett [00:27:28]:
Yeah. So when it pops up. No, I don't need Audacity reaching out by default and giving telemetry to the people that own it or, you know, whatever program you've got.
Rob Campbell [00:27:37]:
Yeah. So those little things like Audacity when they announced that they have this new telemetry thing coming out. Yeah, don't worry about that. I got a little snitch program and that I could just block and you
Ken McDonald [00:27:50]:
don't have to worry about going in the soothings and opting out.
Jonathan Bennett [00:27:52]:
Yeah. Now remember with Audacity, I'm pretty sure they changed it to where you opt in and it's off by default. They did they good on them. Like let's not use their name and trash them. When they made the right but made the right call here, they did go back and say, no, no, no, it's going to be opt in. And they, they took the right stance.
Rob Campbell [00:28:07]:
Yeah, sorry, sorry. That was just an example.
Jonathan Bennett [00:28:10]:
It was low hanging fruit.
Rob Campbell [00:28:11]:
Jonathan brought it up first. But you never know what anyone else might, you know.
Ken McDonald [00:28:16]:
But Audacity would be a good application to test little snitch with since you can go in and opt in and then check to see if it shows up.
Jonathan Bennett [00:28:25]:
Yes. It would also be a good way to make sure that that opt in, opt out is doing what it says it's doing.
Rob Campbell [00:28:32]:
Yeah. Easy way to test if you want to. If you want to be one of those people that goes on test if something's really not sending data.
Jonathan Bennett [00:28:41]:
I mean, trust but verify, right?
Ken McDonald [00:28:45]:
Always.
Jonathan Bennett [00:28:46]:
Yep. All right, here in just a minute we're going to talk about everyone's number one top without a doubt, favorite text editor, the best one that everyone should use. Ken's got that story first. We're going to take a quick break. We'll be right back. 41 30.
Ken McDonald [00:29:08]:
So even Windows users think it's their favorite test editor.
Jonathan Bennett [00:29:12]:
Absolutely.
Rob Campbell [00:29:13]:
On wsl, that's when I use on
Jonathan Bennett [00:29:15]:
Windows, I can use a. If I have to use a command line text editor while using Windows, I'll use Nano.
Ken McDonald [00:29:21]:
Yeah,
Jonathan Bennett [00:29:25]:
no, I like. It's not a VIM story.
Ken McDonald [00:29:29]:
Maybe it is.
Jonathan Bennett [00:29:33]:
All right, Ken, what is new with nano?
Ken McDonald [00:29:36]:
Well, this week to find out what was new with Nano, I read Bobby Borisov and Midas's articles that they wrote about the latest Release of GNU Nano version 9.0. According to Bobby and Marcus, the most visible change is a Net reworked horizontal scrolling behavior. Nano 9.0 replaces the older per line horizontal movement which could fill a brute during editing with lines that scroll sideways only as much as needed to keep the cursor visible when it nears the right edge of the screen. Macro handling has also been adjusted. Stopping a macro recording immediately after it starts now cancels the recording and leaves the existing macro in place. I'm going to recommend reading Bobby and Marcus's articles if you want to find out about a new feature for mouse users interest.
Jonathan Bennett [00:30:38]:
So there's a. There is a name for this. They've given it a. They've given it like a. A tagline.
Rob Campbell [00:30:53]:
The Nano 9.
Jonathan Bennett [00:30:55]:
No, wait for it.
Ken McDonald [00:31:00]:
Solo side screw.
Jonathan Bennett [00:31:02]:
No, no. According to the one article, it's Loup Bonheur estans le pre.
Ken McDonald [00:31:09]:
Oh, you're talking about the name for this version.
Jonathan Bennett [00:31:12]:
GNU Nano 9. It has the codename Le Bonaire. Estans le pretty.
Ken McDonald [00:31:18]:
Yes. And since I didn't want to embarrass myself by mispronouncing it, I decided not
Jonathan Bennett [00:31:24]:
to mention that I googled how to pronounce it and I was sitting here listening to it.
Rob Campbell [00:31:29]:
So you have no idea what Ken said this whole time?
Jonathan Bennett [00:31:32]:
No, I listened to most of it.
Rob Campbell [00:31:34]:
Okay. One in each ear.
Jonathan Bennett [00:31:36]:
Yeah, exactly. Ever since we've had things like pipe wire, we can actually listen to more than one audio stream on Linux at the same time. You guys remember the old days when you could only listen to one thing at a time? You had. No, because also didn't have any built in mixing in it.
Rob Campbell [00:31:54]:
Wow.
Jonathan Bennett [00:31:54]:
So far we've come.
Rob Campbell [00:31:55]:
I think. Yeah. Because you'd play something and whatever you had would stop.
Jonathan Bennett [00:31:59]:
Yup.
Rob Campbell [00:31:59]:
And then it would go back. Like if you're.
Jonathan Bennett [00:32:02]:
Because whatever was playing took exclusive control of the audio output. Yeah, Pulse Audio. And then I'll say, eventually you got a awesome mixer which was able to do it. Pulse Audio. And then pipewire finally fixed that.
Rob Campbell [00:32:14]:
That was a while ago.
Jonathan Bennett [00:32:17]:
Anyway, that. That French phrase that. That translates to the happiness is in the field. Which is actually a French comedy. I don't know. Apparently. Apparently a bunch of. A bunch of French French people worked on this.
Jonathan Bennett [00:32:33]:
It was just a dumb American. It's cool though. I love the fact that nano is still being updated. They don't consider it to be done software. They're continuing to add stuff to it.
Rob Campbell [00:32:45]:
Yeah, I thought.
Ken McDonald [00:32:47]:
Played around with the macro feature yet?
Jonathan Bennett [00:32:50]:
Just. Just a tiny bit. I've done a little tiny bit of that, but it's not something that I very often find myself needing.
Ken McDonald [00:33:00]:
I haven't had the opportunity to play with it myself. Most of the time when I pop into nano it's just to make a quick edit and then saving exit back out.
Rob Campbell [00:33:10]:
I remember when Pico or Pico was the text editor and then nano took its place.
Jonathan Bennett [00:33:16]:
I thought.
Rob Campbell [00:33:17]:
I thought Micro was supposed to be taking Nano's place.
Jonathan Bennett [00:33:20]:
But yeah, I'm trying to remember what the deal was with Pico, why it. Why it's no longer around.
Rob Campbell [00:33:35]:
Well, Micro is a thing. I think we've had. I don't know, a story or maybe a tip, I think maybe a tip on it already.
Jonathan Bennett [00:33:43]:
But Pico's license had unclear distribution terms. It was not a. It was not a. It was not free software. It was not an open source license, although new versions of Pico are part and are released under the Apache license. So they did eventually get that straightened up.
Rob Campbell [00:33:59]:
I know for quite some time after nano became the de facto standard, I had an alias to Pico because. Or Pico because I was so. I was just so used to typing that.
Ken McDonald [00:34:09]:
If you want a true trip back, try using Edlin.
Jonathan Bennett [00:34:16]:
Ugh. I know what you're talking about. Thank you. No, thank you.
Rob Campbell [00:34:24]:
Is it really a trip back if you've never used it before and have no idea what you're talking about?
Ken McDonald [00:34:31]:
Where you would actually be editing a file line by line rather than showing the whole screen?
Jonathan Bennett [00:34:37]:
Yeah, it's not fun. Whatever fun can you consider fun. This is the opposite of that.
Rob Campbell [00:34:44]:
Why?
Jonathan Bennett [00:34:45]:
Yeah, it's real bad. Yeah. All right, let's cleanse our palette of that thought and talk about risc V&SCI5. So I came across a couple of stories this week. One of them is that in Linux 7.1 we just talked about 7 about to release and now we're off to 7.1. There is optimizations in RISC V for string, link, S T R N L E N. I guess this is. Now this is curious.
Jonathan Bennett [00:35:24]:
Strlen is a standard C function. I guess this is the in kernel implementation of that because this would be the. The Standard C Lib, not the kernel code but the Pharonics here article talks about this implementation and the kernel itself. So apparently they have some hand coded. They have, they have a hand coded string length implementation in the kernel for RISC V. Regardless, it is a big speed win. Going from this is in megabytes per second of throughput. If you're looking at 16 byte strings, we're going from 179 to 309.
Jonathan Bennett [00:36:07]:
So like a 72% improvement. If you're talking about 4096 byte or 4K strings you go from 356 all the way up to a whopping 1878 megabyte per second throughput. So four hundred and twenty seven percent improvement there. So the Linux 7.1 RISC V support is really maturing, which I think is interesting to think about. I've talked in the past, so when I reviewed one of the Sci Fi boards it's kind of in the same weight class, you might say as a Raspberry PI, like about a Raspberry PI 3. And I was looking at it with the question of well, how usable is it for using as a desktop machine? The answer there was it's not a great experience, but it's just good enough for developers to be able to use it to continue working on the RISC V ecosystem. And so you have things like this. That's exactly what's happening.
Jonathan Bennett [00:37:04]:
The ecosystem here has been worked on. So you're getting these individual performance improve tailored for RISC V. There's a few more of these landing in the 7.1 kernel. And one of the other interesting things is they're all also they're looking at a ZBB powered version and I went and looked into that and that is one of the official RISC or actually there's a set of three RISC V extensions. So you know with, with x86 processors you have. Well, you have like the AVX 512 was the one that we're. But you had, you know, the various, like what made a pentium or pentium 2, the different processor extensions that they had that were part of these big upgrades. Well, this is sort of what is going on right now with RISC V.
Jonathan Bennett [00:37:56]:
They're putting together these packages of okay, to be a next generation RISC V chip you have to support all of these instructions. And that's interesting because RISC V is, you know, it's an open isa, but also anybody, I guess because it's an open isa, anybody can make a RISC V chip and so they have the fragmentation problem. All right, so that's one story. RISC V is becoming more ready for prime time. Well, prime time is coming for RISC V at least. It's SCI5 again. It's a company that makes RISC V processors and they did a Series G financing round and they raised US$400 million to be able to build Risk Fire. Now I asked myself immediately, what is a Series G financing round? And I ended up going down this rabbit hole of reading about startups in which, you know, you start with seed money and that's usually the, you know, a few hundred thousand dollars that people have either angel investors or that you just, your developers, your, your, your founders start with.
Jonathan Bennett [00:39:06]:
And then you do like a Series A financing round and there's dollar amounts that, and that's the initial money to be able to build something. And then sometimes there'll be a Series B financing round that is sometimes to actually get a product out the door. Then in some cases you have a Series C financing round where that's like, well, to build the next product and they have all these things defined. Well, if you read one of those articles, there'll be like this little asterisk down at the very bottom. Like sometimes companies get all the way to a serious G financing round and it's essentially just another set, another round of hey, investors, we're looking for more money because we have this really big opportunity. And so that is what Sci Fi has done. It's like their sixth, seventh, I can count, I know my Alphabet. It's like their seventh financing round where they've invited investors to come in and give them cash to be able to do something new and cool.
Jonathan Bennett [00:40:01]:
And so in this case they are looking to build a different data center solution, a new high performance RISC V CPU core. And then they also call out specifically Cuda, Red Hat and Ubuntu environments. And so they're, they, interestingly, they also got investment from Nvidia was one of them. And then Apollo Global Management, that's not a company that I'm nearly as familiar with, but it's interesting to see this, that SCI5 is working apparently with Nvidia to make a big data center AI play. And instead of running Nvidia boards on top of intel or AMD cards or Intel AMD CPUs, apparently somebody thinks the future is to run them on RISC V CPUs. So interesting, we will definitely have to watch this and see what becomes of it.
Ken McDonald [00:40:59]:
Well, the Apollo Global Management, apparently it's a leading New York based alternative asset manager and retires retirement services provider.
Jonathan Bennett [00:41:11]:
Ah, it's a mutual fund sort of place. It's a.
Ken McDonald [00:41:14]:
Yes.
Jonathan Bennett [00:41:15]:
Yeah, it's, it's strictly investments. Okay, well that makes sense.
Ken McDonald [00:41:20]:
And that's what they're doing investing.
Rob Campbell [00:41:22]:
My prediction, I do not see Risk five in being a big thing in the data center. At least not in the next 10 years.
Jonathan Bennett [00:41:33]:
I mean you've got a lot of RISC V in the data center already. It's just embedded down inside of stuff instead of being a primary cpu. I don't know. I mean there's a, there's some, there's some interesting problems with AMD and Intel. Right. Like the, the, the 64 bit ISA is getting long in the tooth and RISC V does fix some things. If you could get, if you could get a RISC V like complete modern ISA where everybody's on board with this is the instructions that are in there, it could be really compelling. And I think Sci5 is trying to, trying to be the company that sets that standard.
Jonathan Bennett [00:42:21]:
And if they manage to do that then you know, it could suddenly be
Rob Campbell [00:42:23]:
very, very interesting and better than, or a better option than arm.
Jonathan Bennett [00:42:32]:
I mean one could say that ARM and RISC V are in competition to be the, the next, the next CPU architecture.
Rob Campbell [00:42:40]:
Yeah, that's kind of what I would say. And ARM is ahead at the moment, I think, but either way I think it's going to take a while even if they do get there. Yeah.
Jonathan Bennett [00:42:53]:
One thing to remember is particularly with ARM and RISC V is these processor architectures exist outside of CPUs. You've got a lot of embedded devices that are running little ARM cores and little RISC V cores. Things like the Espressif ESP. I think the ESP32 P4 is A, it's one of the two. I don't remember which one.
Ken McDonald [00:43:23]:
Don't intel and AMD also use ARM or at least reduced instructions that inside some of their chips?
Jonathan Bennett [00:43:38]:
Yeah, so things like the intel management unit down inside the chip is a RISC V core and that's where the, you know, the super secret intel code that you don't ever get to look at it runs on RISC v. Yeah, the ESP32 P4, which is one of the new Espressif MCUs. Although honestly this thing is powerful enough that it sort of blurs the line between an MCU and a very low power CPU you can run Linux on is a RISC V dual core processor. And you know, we're starting to see devices come out that are running these things. People are pretty excited about them. Yeah. So various companies are getting into this game in a way that exists beyond just, you know, what your server runs and what your desktop runs. See? And they see these, these chips out in the wild.
Jonathan Bennett [00:44:30]:
All right, let's see. Ah, Rob, speaking of French. We were speaking French a moment ago, or at least attempting it very badly. We're going to take a quick break and then Rob has a. Rob has a story about the French government of all things. We promise it is Linux related. We'll cover that right after this. Oh, 5722.
Ken McDonald [00:45:04]:
Is the ESP32 S3 N16 R8 using risk 5?
Jonathan Bennett [00:45:14]:
I don't know. That's one of the other ones, that. Low power lx7. It's an extensa LX7, which I'm not sure what that is, is. Let's see. Sometimes you need a bit of a decoder ring to dive down and figure out exactly what these things are.
Ken McDonald [00:45:53]:
It does use a optional low power CO processor that can be programmed using RISC V instructions for ultra low power tasks.
Jonathan Bennett [00:46:07]:
So it looks like the ESP32 S3 is an Extensa LX7 which is apparently its own ISA and not like ARM or risc V. The S3 is slightly older. The P4 is the new one
Ken McDonald [00:46:29]:
that happens to be the ESP32 processor. That's going to be in a diptychs E reader that's coming out dual screen.
Jonathan Bennett [00:46:41]:
I'm not surprised. It's, it's fairly popular right now. You see it in a bunch. Let's see, this thing for instance, which, that's the Hackaday badge, the Hackaday communicator. It's an ESP32 S3.3, I believe. Pretty sure that's what's in there. All right.
Ken McDonald [00:47:08]:
Okay. Ready, Rob?
Jonathan Bennett [00:47:12]:
He's ready. He's been ready. All right, Rob, what's happening in France?
Rob Campbell [00:47:19]:
Well, I'm gonna start out by saying part of my French, except I am not using any French in this. I, I did not, I did not even attempt, attempt or pretend to attempt to speak any French during this segment. So you're welcome. Anyway, we've been talking a lot about European countries moving away from proprietary software like Microsoft Office and Windows and moving to open source like LibreOffice and Linux. This week another domino falls as France is making one of the boldest government it moves in Europe. It is officially preparing to replace Windows desktops with Linux across the country. And every ministry has been told to put together its own implementation plan by autumn 2026. This is not just a rumor or pilot project.
Rob Campbell [00:48:17]:
The news comes directly from Dittum D I N U M, the French government's Inter Ministerial Digital Directorate, as part of a broader national push for. Well, I think. I think this is the word of the year here. A broader national push for digital sovereignty. We've been saying that word a lot lately. France is not just changing operating systems because Linux is cheaper, but because. Or because open source is fashionable, which it is.
Jonathan Bennett [00:48:56]:
It's very fashionable.
Rob Campbell [00:48:58]:
Officials are saying very directly that the state has become too dependent on extra European technology, especially American platforms, and that it wants more control over its own data infrastructure, pricing and strategic decisions. In other words, this is about power, independence and who gets to shape the future of public technology. What makes this especially interesting is that Linux desktops are only one part of a much bigger shift. France is also moving government collaboration towards sovereign tools. And the National Health Insurance Fund has already shifted 80,000 employees to alternatives like TCAP and France Transfer. Instead of relying on services like Team Zoom and Dropbox, the government has also said its health data platform is moving to a trusted solution by the end of this year. That's pretty fast moving for most things I've. I know about in IT in the IT world, but good for them.
Rob Campbell [00:50:10]:
There are still a lot of big questions. France has not yet said which Linux distribution it will use, and the real scale of the migration will depend on the ministry plans due later this year. But the signal is unmistakable. One of Europe's largest governments has formally put Linux at the center of its national tech strategy. If France can make this work, it may not just change French government competing. It could continue to influence the rest of Europe as other governments seem to have been already. Now let's take a step back. This might be a political move, you know, or just common sense, you know, that any sovereign government should consider.
Rob Campbell [00:51:04]:
You know, you kind of want to be a control of your data no matter who you are, who your political friends are, political enemies are. It's kind of good to have control because I mean one, you never know what the future brings. But no matter the reason or for the move, the continued push from Europe, European governments to move to Linux and Open Source is bound to be good for all of us. I always say that more Linux users will drive more devs to port to Linux, you know, I think Jeff reported on the, the Steam survey last week, which was well above 5%, which I think, I think that, I think that might hit, might be my Prediction already, I'll have to review that later. But anyway, more numbers. Good. So anyway though, one thing to consider is this push is really for digital sovereignty. So maybe that might be a blocker for proprietary software to port, which I know some of you don't care, but some of you really like to see some of this stuff like this, I don't know some of this proprietary stuff.
Rob Campbell [00:52:14]:
But since you know this move is kind of to not have proprietary stuff, maybe that'll be a slight blocker for some of those apps to port. But I don't think it'll be a hard block. You know, you get more people on Linux and things like hardware manufacturers, you know, even though many of them are fairly decent supported today, you know, a lot more are really going to be forced to make hardware that is well supported on Linux. It, it's not going to be their second thing if we start, if it starts spreading all over the place. And, and you know, and software developers, they're still going to want to try to get their software to where the users are. They may just need to adjust their proprietary approach to appeal to those that want more sovereignty in their software. You know, maybe they'll have to loosen up on their proprietaryness. You know, open source licensing doesn't conflict with the ability to sell software.
Rob Campbell [00:53:12]:
So I mean this could really push openness, open software all around. You know, there's, there's no reason that someone has proprietary software, can't make it a little more open, can't loosen up the control over the digital data that's in it. And you know, some of that might be enough for some of these more digital sovereign entities or places that want more digital sovereignty, you know, might be enough to get, for something to get in. So I like it.
Jonathan Bennett [00:53:49]:
Yeah, I mean it's always nice to see governments in various places thinking about things exist other than Windows. I think even taking off my Linux fanatic hat, I think we can look at the world and say it's not been a good thing that 99% of desktops run Windows. So for that it makes sense. Looking at it from a European perspective, it obviously makes sense to try to get away from running all of this software from the US Digital sovereignty is something that makes sense. And you know, I am, I support, even being an American, I support them in this. So it's a, it's definitely something that makes a lot of sense.
Rob Campbell [00:54:30]:
Yes, sovereignty from our country, that's fine. As long as it's boosting Linux and Open Source. I'm okay with that. I I approve of this.
Ken McDonald [00:54:41]:
So do. Do you think you'll try Jin Buntu?
Jonathan Bennett [00:54:46]:
No, I will not. They can, they can do it, but I will not.
Rob Campbell [00:54:51]:
What?
Ken McDonald [00:54:52]:
It's the French Jim Jimadarn have their own version of Ubuntu.
Rob Campbell [00:54:59]:
Yeah, I think I saw that.
Jonathan Bennett [00:55:00]:
Yeah.
Rob Campbell [00:55:02]:
Yeah, I don't think I'd be able to read the, the menus very well.
Jonathan Bennett [00:55:06]:
I'm sure they have an option to put it back in English.
Ken McDonald [00:55:09]:
The, the one that I find interesting is their application for online meetings. Vizio for some reason makes me think of another application that.
Rob Campbell [00:55:24]:
Yeah, there is a charting Microsoft charting application called Visio.
Ken McDonald [00:55:31]:
It wasn't originally my Microsoft. I think that's one of those where
Jonathan Bennett [00:55:34]:
they bought it and branded it. Microsoft brand on it.
Ken McDonald [00:55:41]:
What's the.
Jonathan Bennett [00:55:43]:
They did the three E's, Extending, brace, extinguish. Yeah, yeah, just very slowly.
Rob Campbell [00:55:52]:
Yeah, you're right. According to Google, there was a Vizio Corporation in 1992. Microsoft acquired them. So, yeah, that's well before I was paid 93.
Ken McDonald [00:56:06]:
They extinguished them.
Rob Campbell [00:56:09]:
Yeah, that was well before I was paying much attention to computers. I was playing Word Munchers back then.
Jonathan Bennett [00:56:17]:
You know, it's. It's interesting. So something did just occur to me and we talked about this last week and probably it's worth mentioning again, I, I talked just now about the idea of supporting Europe's digital sovereignty to get away from running US Software. I think it's probably worth pointing out that I also support the United States and its attempts for digital sovereignty to get away from hardware. That's all coming from one country. I don't know that the way that it's being attempted right now is going to work, but I like the idea of let's make more hardware in this country. Just I like the idea of let's make more software in the eu.
Rob Campbell [00:56:53]:
I think that's a lot harder to do than the software piece too.
Jonathan Bennett [00:56:56]:
You know, there's. There is this saying among hardware devs and software devs that like, software is really, really easy and hardware is really, really hard. Software is basically free. It's true. Takes more work.
Ken McDonald [00:57:11]:
Especially when you consider that it's the results of some of the American companies, hardware manufacturers, who are responsible for giving that country most of its power in the hardware market.
Jonathan Bennett [00:57:32]:
Well, I mean, it's been, it's been economic forces, economic forces that have really made that happen. No company is going to say, well, we're going to make it in this country just because even though it costs two times more, three times more, five times more, Five times more in some cases. Yeah. Another.
Rob Campbell [00:57:48]:
Another way to look at that. If you want to move software that's made in France, let's say, and you want it made in the U.S. i mean, sure, you can open source, you can fork and do all this stuff, but if you really want that software, you just pay that guy and he'll, he'll just move overseas. And now he's us and it's made in the us but it's a lot harder to do that with the manufacturing plant.
Ken McDonald [00:58:11]:
So are you talking about hiring him and sponsoring him to come into the us?
Rob Campbell [00:58:18]:
Whatever you want.
Jonathan Bennett [00:58:20]:
I will not, I will not go down the rabbit hole that just came to mind. But there's. Let's move on. Ask me after the show and we
Rob Campbell [00:58:29]:
can get real political now, but let's.
Jonathan Bennett [00:58:31]:
I'll make that joke after the show, but there's some history there.
Ken McDonald [00:58:37]:
Anyway, so we need to partition. Do some partitioning here.
Jonathan Bennett [00:58:41]:
Yes, Ken, it is time for you to talk partitioning. Take it away.
Ken McDonald [00:58:47]:
Well, Jonathan, this week Marcus Nestor wrote about the latest stable version of the Debian based live system for managing disk partitions graphically. I am talking about, of course, departed. In this case, it's version 1.8.13. It is powered by the Linux kernel 6.19.10 and based on the Debian SID, the unstable repositories as of 4-4-2026 shipping with GPARTed 1.8.1. It implements a workaround for the block ID command to identify blocked devices, preventing false detection of Whole Disk ZFS, GPARTED Live 1.8.13 also introduces a new boot menu entry to verify the integrity of the live boot medium. It replaces SHA256 with B3 Sum for checksums and fixes an issue with the checksums of the files inside the LIVE system. As always, check out Marcus's article for a link to the release notes and other details I didn't cover.
Jonathan Bennett [01:00:08]:
Yeah, nice. A small but nice update.
Ken McDonald [01:00:14]:
Time to get the latest Ventory update and update my Ventura USB stick with this as well.
Jonathan Bennett [01:00:25]:
That is a. You know, that is a really, really fresh copy of Debian Sid. April 4th. That's like a week ago. It was even just like three days earlier when they, when they did that. So that's, that's a very up to date Debian install as. As up to date as you can get with Debian, I think.
Rob Campbell [01:00:46]:
Very up to date. I mean even though the soft round, that's like three years old. But no kidding.
Ken McDonald [01:00:52]:
Actually, no, not.
Rob Campbell [01:00:53]:
I know, I know it's joke. It's a joke. Ken, calm down.
Ken McDonald [01:00:57]:
You're thinking of Trixie.
Rob Campbell [01:00:59]:
Calm down. Easy.
Jonathan Bennett [01:01:05]:
All right, so it seems like can't have a show about Linux or Open source these days without talking about AI, at least somewhere in it. And I came across this week a story in the Register. This is where Greg kh, excuse me, not Greg K, Stephen J. Von Nichols is talking about Greg kh Actually he's talking about project Glasswing, which I wasn't super familiar with just reading about. This is a group of big tech companies coming together and investing about $100 million in AI. And what they are doing particularly here is putting this project towards finding bugs in open source software. And they've got something called Mythos AI, which can actually, apparently generate zero days. Can, can find vulnerabilities and actually generate zero days, which is pretty interesting.
Jonathan Bennett [01:02:04]:
Now there's probably some timing here and Stephen J. Von Nichols points this out that, you know, not very long ago we talked about Greg KH and his, his opinion that vulnerability hunting using AI has gotten a lot better within the last few months. And it makes me wonder if, if Project glasswing and some of the things behind it is what caused that, what caused that bug hunting to get a lot better. One of the companies behind it is Anthropic and they, they claim that they found a 27 year old bug in OpenBSD, a 16 year old bug in FFmpeg. And one of the, one of the points that, that Nichols makes here, bond Nichols makes here, is that not every bug is a vulnerability, which I think is worth thinking about. Some of these are and can be weaponized, but not all of them are. But the other side of this is finding vulnerabilities is only half of the battle. And you have to have someone on the project side that one can read through the report and verify that it's a problem, but two can also fix it, fix it in a way that makes sense that's not going to cause other problems.
Jonathan Bennett [01:03:25]:
And when you get a whole bunch of vulnerability reports, it's a lot of work. And so the question is now what is Glasswing going to do to these open source projects where it is reporting all these vulnerabilities and it is pitched that glasswing is going to hunt down and fix vulnerabilities. So all I can say is I look forward to all of the great high quality pull requests that this will result in and not just the security reports and hopefully that can be reality and not just the sardonic snark that it feels like right now one of the other things Von Nichols points out is that Mythos, this new AI bot, totally closed source, nothing really open source about it, which, you know, it would be nice for this to be opened up if it's going to be working on open source software. And then there's sort of a flip side to this coin that was just quite humorous and that is that Greg KH Greg Karl Hartman, the Linux number two guy, has been working on new fuzzing tools for the K SMBD and SMB code. And he says purely because it's something that is simple to set up and test locally with virtual machines. And he found some minor problems for it. And we are now seeing things are signed off by Greg Karl Hartman and then assisted by Greg KH_Clanker._T1000, which is just hilarious to me. Clanker, of course, being the slightly derogatory term for an AI bot, and the T1000 of course being a Terminator reference.
Jonathan Bennett [01:05:08]:
So Greg KH has built his own model and is using it for doing some kernel work, which is, you know, obviously there's some humor going on there, but interesting times to live in to be open source devs.
Ken McDonald [01:05:25]:
Yes. Yeah. But I do like the name KH gave as a tool.
Jonathan Bennett [01:05:33]:
It's funny. Yeah, I got a real kick out of that.
Rob Campbell [01:05:36]:
It's scary to think though, if the good guys have an AI that can find Zero Days what the bad guys already have.
Jonathan Bennett [01:05:46]:
I mean, it depends upon who you mean by the bad guys, right? If you're, if you're talking about, you know, the, the guy in his basement, the script kid in his basement, well, this probably, you probably don't have to worry about that. But I mean, if you talk about like the NSA or the equivalent of North Korea or China or Russia, then I, I guarantee that, yes, they are also spearheading this research into finding vulnerabilities using AI. Absolutely right.
Rob Campbell [01:06:16]:
The guy in the basement isn't necessarily going to have the, the CPU power and GPU power and all that to maybe find these. I don't know. But still, if, if it's valuable enough, I mean, it, it doesn't even necessarily need to be a government. These, you know, if these ransomware folks are making millions off of, you know, ransom.
Jonathan Bennett [01:06:38]:
So you don't, you don't actually see ransomware gangs using Zero Days very often. Occasionally they will, but usually what happens with ransomware is they just find a disgruntled employee. It's so much, it's so much Easier
Rob Campbell [01:06:53]:
just because that's what they have done. If there are new tools, there's no reason they aren't going to think about diversify possibly.
Jonathan Bennett [01:07:03]:
I think you'll see the state sponsored groups though, really being the ones that use this kind of thing. State. State sponsored. And then also groups like NSO Group and, and that sort of mix. The, you know, the legal spyware guys. The, you know, the ones that come up with these crazy vulnerabilities where you can send a text message to an iPhone and the next thing you know is you've got malware running on it and it's legal because the right government told us to do it and gave us pretty warrants and everything.
Ken McDonald [01:07:30]:
And money, sure.
Rob Campbell [01:07:31]:
I think likely, I think that's likely, more likely. But for people like me, for the most part, I'm not going to be a target of those, except for maybe botnets. But for the most, there's not. They're not going to be targeting me to extort me or anything. So for me, my worry isn't those people as much for me personally actually.
Ken McDonald [01:07:54]:
My worry is after hearing the latest security now issue is LinkedIn, I think
Rob Campbell [01:08:01]:
they're gonna, they're gonna extort you.
Ken McDonald [01:08:05]:
They are. You didn't listen to the security now ish. Latest security now word. Steve talks about how as soon as you pull up a link in page, web page, it starts getting. Gathering information about you.
Jonathan Bennett [01:08:21]:
Yeah, that's a, that's a little different though from hitting you with a zero day and trying to either move Bitcoin out of your wallet or you know, install something that's going to persist after you close the page.
Rob Campbell [01:08:34]:
I mean, as soon as you put yourself on a dating app, everybody else looking at you is trying to figure out all the information about you. So.
Jonathan Bennett [01:08:41]:
And what is LinkedIn except a dating app for workers or businesses. Or businesses. Yes.
Ken McDonald [01:08:50]:
Helps that worker find the right HR person.
Jonathan Bennett [01:08:54]:
Yeah, yeah, exactly. All right, well, that is our fun for the day. For news stories, we're going to get into tips here in just a minute. We'll take one final break and then we're to come back and we're going to talk about aptui.
Rob Campbell [01:09:07]:
Bless you.
Ken McDonald [01:09:08]:
Bless you.
Rob Campbell [01:09:12]:
They got it.
Jonathan Bennett [01:09:13]:
I was hoping they'd get the joke. I was just sitting here like, I hope they say it else this is going to be really weird.
Rob Campbell [01:09:26]:
You did a good job pronouncing it to really bring it out.
Jonathan Bennett [01:09:30]:
Yeah, I tried.
Rob Campbell [01:09:32]:
I don't know if you noticed I added that. I saw it.
Jonathan Bennett [01:09:35]:
That's where it came From I just
Rob Campbell [01:09:38]:
did that about 10 minutes ago it came to me.
Ken McDonald [01:09:41]:
I thought it would have been pronounced
Jonathan Bennett [01:09:43]:
at 2 I no because textual user interface it's like gooey.
Rob Campbell [01:09:51]:
Yes.
Ken McDonald [01:09:53]:
Well that's where you get the bless you from is for that. That gooey.
Jonathan Bennett [01:09:58]:
Yep, absolutely.
Rob Campbell [01:10:06]:
All right. So my command line tip for the day is aptui. So I started out the show talking about apt. I'm gonna finish my part again talking about APT app being the package manager for Debian based distros. Well AptUI is a TUI application to help you manage. It's a front end for APT and let me just show you for those who are watching. So for those watching I have apptui up here. I could search what I want.
Rob Campbell [01:10:42]:
So right now I am on the all tab. So this is everything that is in the repos I can navigate down through it and it's going to tell me over on the right the package name, the status, if it's installed or not, priority description, install size, all the data you could think of which I know it's behind my head but no one's going to read that anyway. And there's a search filter at the top so I don't know what to search for but yeah you could filter and filter the alt so and. And at the very top there is a menu I can tab over to the. Why can't I tab over because. Because I am stuck in the search There we go. Because I was stuck in the search fielder had to escape out of that. So anyway I could tab over and it's going to show I'm in the installed tab.
Rob Campbell [01:11:41]:
It's listing everything that's installed same information on the site. Oh and up at the top right there is a status that says how many packages are installed. I got 454I have recommends on suggest soft I could tab over and see what is upgradable so I can see this. You know same data what's upgradable? There's a cleanup tab I'm that's probably where like if you have packages waiting to be auto removed I'm assuming I don't so I don't know what that looks like. Tab over to errors. I do have a package details with the CA certificate app cache problem renaming the file I don't know what that is but I do have an error in there transactions. You can see a transaction history tab over you can see the repos you have. It's just the default Ubuntu repos here again you can go back and and on Here like on the all or on the installed you can.
Rob Campbell [01:12:48]:
Right from here you can hit space to select so you can multiple select I if you want to install R if you want to remove there is a help menu that gives you even more detail. I press H and then you got purge and hold and pin and unpin and I don't know about everything. I don't know if it has everything you can do. An APT maybe doesn't have those new features in there yet that I talked about earlier, but I don't know. It's a really nice two interface I thought to app to really, I don't know, let you see everything.
Jonathan Bennett [01:13:30]:
Cool. I like it.
Ken McDonald [01:13:33]:
Does it give you access to the new history features in apt?
Rob Campbell [01:13:39]:
Like the stuff I talked about earlier? I don't have that version of APT on here, so I'm guessing they don't have that there already.
Ken McDonald [01:13:48]:
Actually I was just looking at the GitHub and it looks like with the latest version that gives you transaction history.
Rob Campbell [01:13:57]:
Well, yeah, there's transaction history I guess. Actually yeah, I, yeah I did show that tab. I don't have any transactions in here yet because I. That must, that must just be transactions that have been done in here. I'm assuming I've actually used it. Oh, and I do see now that I see this on the transaction tab there is a Z to undo X to redo and I don't know if that's a 0 or an O for transactions, but I guess I, I missed that. So I don't know if that actually requires you to have the app 3.2 yet or what, but I guess it is in the transactions and I didn't even notice it.
Jonathan Bennett [01:14:43]:
Cool.
Ken McDonald [01:14:47]:
I wonder if this will be improved as the app keeps improving as long
Rob Campbell [01:14:53]:
as they don't abandon it. That's how apps work.
Jonathan Bennett [01:14:58]:
That's how apps work. All right, Ken, what you have for us?
Ken McDonald [01:15:03]:
Well, this week I am going to be demonstrating a command line sound tester for for Alsa sound card drivers called Alsabat. For those of you all listening, I've actually got a link in the show notes that'll let you see how it operates. But Alsabat is a simple command line utility intended to help automate audio driver and sound server testing with little human interaction. Alabat can be used to test audio quality, stress test features and test audio before and after PM state changes. It also also plays an audio stream and captures it in either a digital or analog loop at it then compares the captured stream using an FFT with the original to Determine whether the test case passes or fails. And are you ready to see me demonstrate this on the terminal, Jonathan?
Rob Campbell [01:16:07]:
I am not.
Ken McDonald [01:16:09]:
Well, I'm going to use a schema to demonstrate. That way I don't have to do that video. The loopback that I had to do during the test. The one thing you want to remember is you can do a dash question mark after aslbat to find out all the options available. Now you can run it without susing and it'll do the test on your default also sound cards. Or you can go in and enter some options to indicate which sound card you're running or just to indicate the information for the number of channels and the bit format that you want to use and the frequency that you want to test at. For those of y' all watching, you'll see that my screen is just going through doing all that. I did a couple of different tests.
Ken McDonald [01:17:14]:
The first one was just the basic one and I'm going to scroll back up here so I can explain that. But just running Alphabet I had had manually gone in and made the my ALC 897 audio sound card the default. And it tells you what version of ALSA Utils it's running. It tells you that it gives you the period size and the buffer size that it's using for playback as well as for capturing. And it gives you a analysis. The signal has 65,536 frames at 44,100 Hz 1 channel 2 bytes per sample. And for the channel 1 it starts by checking for target frequency of 997. If you wanted to, you could actually use the options to change that frequency to 1000.
Ken McDonald [01:18:23]:
But was reading that it's recommended to use something off of 1000 so you don't have to worry about harmonics as much. And then it goes through gives the amplitude and the percentage and where it actually the frequency that it detected the peak at as well as its level and what the total level for the frequency range in question is and whether or not it passed or failed the 997 pass peak detected at target frequency. Then it went and did some other tests for 2991.10 Hz, 4984.94 Hz, 6978.78 Hz and 8973.29 Hz. All of those felt because of the peak frequency being too high in relation to the test frequency. Then when I tried doing it with specifying the Hardware, it came back and it gave me a warning signal overflow. And if you look at that amplitude there, Jonathan 51417.1.
Jonathan Bennett [01:20:02]:
It's really. It's a lot. Yeah.
Ken McDonald [01:20:06]:
So when I saw that I tried it without specifying and for whatever reason it came down and it passed for the 99, 997. So I went back and tried it again with the hardware. It failed again. This time I started playing with ALSA mixer to adjust the level and ran it and as you can see, that did have an impact on the amplitude. Brought it down. I adjusted it down to about 40% or no, 49, 50% for the line in and line out.
Jonathan Bennett [01:21:00]:
Interesting. Let's go play with Alphabet. That looks pretty fascinating. Very cool.
Rob Campbell [01:21:08]:
So I do have a couple follow ups. I did install something via the the app 2e and then it shows up on transactions. I can't do anything. The undo and redo is grayed out. So that must require the new app 3.2. So they must have just added that already to the tui, I'm guessing. And the other thing, I am not running this on a GUI system. It is just a server without.
Rob Campbell [01:21:39]:
Without Wayland or X or anything. And my mouse actually works on it, so I'm a little surprised. I actually can mouse click around on the tabs and on things which I.
Ken McDonald [01:21:49]:
Are you running version 0.7.0.
Rob Campbell [01:21:54]:
Oh, of app two? Yeah, it's the latest.
Jonathan Bennett [01:21:59]:
Okay. All right. Okay, Very cool. I have got a quick demo. Let's see if I can get the screen share working here. So. Yeah, there we go. See if I can make this all a little bit bigger.
Jonathan Bennett [01:22:21]:
Well, that side's bigger. We'll do this one at a time, I suppose. So if you recall, we've got Grafana running and we've got a Mosquito install running and I have here where we are subscribed to Mosquito and we're just watching for everything there. And I was asking myself what would be a good MQTT source to play with and of course I went with meshtastic because, you know, it's kind of. It's kind of the project that I'm invested into right now. So if you don't know, we've got meshtastic D which runs a real meshtastic instance on a native Linux machine. So go ahead and start that up. Getting that set up is not the thing that I'm necessarily going to talk about, although we are going to talk real quickly about how to set up mqtt.
Jonathan Bennett [01:23:15]:
So there is the Mustastic command line terminal and we got to tell it host, local, host and then we can just say. Set the MQTT address to 127.0.0.1 localhost. Of course it does stuff on the left hand side and we do that. And then we're also going to come in here and grab the next line which is to set it to enabled enabled true. And then the other thing that we have to do is tell it to enable it for channel. It is a little bit fiddly and meshtastic to get this done, but it's usually not too bad once you get. Once you know the trick, once you understand what all you have to set. So we have set MQTT to localhost, we have enabled it and then we've set the uplink and the downlink for channel zero.
Jonathan Bennett [01:24:27]:
And in theory we may have to give it a quick reboot, but in theory that should get things moving. We can do a dash dash Get MQTT to see how it's set. Enable true 127001 and of course the username and password is just the default that it ships with and nothing yet. This is a live demo. So of course there is the possibility that this isn't going to work. It's always possible. Let's see, Fourteen seconds ago, that should have. Yeah, let's try giving this a dash dash reboot.
Jonathan Bennett [01:25:25]:
Sometimes things need a reboot for it to become live. Hold on, we'll get it. We'll get there. I know I'm crazy for doing this live. All right, MQTT connected on a private IP subscribe to. That's where it's going to go to 2e short fast. We can refresh that. Give it a second, wait for real packets to come through.
Jonathan Bennett [01:25:54]:
Hey look, we've got real packets. There we go. Now you may notice that over here in our MQTT window, these packets are just. They're gobbledygook, they're garbled. Actually what it is, they're encrypted. And this is something that you do a lot with mqtt. You will run a second command to basically translate it, picks it up off of one MQTT topic and then puts it back on another. And there is a tool that we're in the process of writing that does this for meshtastic MQTT packets.
Jonathan Bennett [01:26:33]:
So we're going to get this going real quick. So I've pulled it down. Git clone. I'm going to use PIP to install the requirements. We are going to hope that this works. It may. PIP command not found. Yeah, give it a second.
Jonathan Bennett [01:26:56]:
Literally doing this live here. So we'll see if it's going to let us do it. Yeah. All right. It went through and it installed. Now we should be able to run a Python command that will connect to the local MQTT server. This is what it looks like Python 3. And then it runs the script meshtastic protobuf to JSON script.
Jonathan Bennett [01:27:19]:
We're going to tell it regional us. That's where I'm at. The broker 127.0.0.1. That's the local thing. The PSK, the AQ equals, equals. That's the default no password. And then we have debug turned on. Let's see what it does.
Jonathan Bennett [01:27:33]:
All right. It thinks it's connected. It says it's subscribed to Mesh us to JSON. Let's wait for another packet to come through and we'll see what happens. The waiting is the worst part. Got one of these machines set to send a packet every 30 seconds. There we go. All right, now check this out.
Jonathan Bennett [01:27:56]:
So we have first the encrypted packet up here, gobbledygook. And then we have in JSON a decrypted packet. This is on a second MQTT topic. All right, now, do we have time? I think we have time. I think we have time to look at the next step real briefly. Let's flip over to the actual Grafana tab. And so this is basically where we were last time. We've got the MQTT connection there, but not doing anything with it.
Jonathan Bennett [01:28:31]:
And we're on a new dashboard. We can add a visualization. So we're going to add. We're going to say, use the MQTT data source. And over here, under topic, we're just going to give it an asterisk for now, or, excuse me, not asterisk. Pound sign. Pound sign for the moment. And in theory here, in a bit, this will get a packet.
Jonathan Bennett [01:28:56]:
Sometimes Grafana is a little slow about this anyway. But what we're going to do is we're going to go into transformations. This is how we take it from just that raw text string to something that we can actually use in Grafana. And the first one is, I think it's just, yeah, extract fields. We're just going to do extract fields. This lets us take JSON, which is one of the options, and it'll pull all of these fields out for us so that we can look at it and see what is in there. We are pulling a little bit of data you can see on the one panel. But this is just ID and timestamp and to and from a channel.
Jonathan Bennett [01:29:38]:
Not really what we're interested in. So this will, this will get us better data. So source. It's now, it's seen something and it's actually payload is what we want. Now we're getting somewhere. Because now up here in our preview we've got not only the channel and the time and the ID also have uptime seconds and free MEM bytes. This is the telemetry that we were looking for that we want to actually look at. And I can add another transformation and there's all kinds of these transformations inside of Grafana.
Jonathan Bennett [01:30:16]:
I am looking for one of the filters. Filter field by name, that's the one. So I don't want the id, I don't want the value. We can keep the timestamp. I don't need the one. Nope. We need time, we don't need timestamp, we don't need to. We don't need from.
Jonathan Bennett [01:30:43]:
We don't need channel or sender or type. But we do want to keep these, the uptime seconds, the free MEM bytes disk, free bytes to load. And in fact if you wanted to, you could actually go in even closer and say all I want is those three. Okay. And then we could say save, that's fine. And now again. So this is something with Grafana doing MQTT again we come back to no data. And inside Grafana using this direct MQTT connector, it is completely ephemeral.
Jonathan Bennett [01:31:20]:
Meaning it doesn't save this data at all. All that it's doing is it's taking it directly off MQTT and throwing it into the browser. And so if we sit here long enough, we'll get these data points. And so it's doing something really interesting here. It's actually pulling from two different machines. That's why it's going to look really weird. Really what we would want to do is go in here to edit and under transform. We're going to want to add yet another transformation to.
Jonathan Bennett [01:31:49]:
It's another filter. I believe it's filter data by values. Yes. See if I can get this going real quick. And we want this to happen further up here. Let me have to zoom out. Grafana does not super like being that far zoomed in. So we're going to include.
Jonathan Bennett [01:32:14]:
We'll add a condition the field in this case we'll grab sender and then is equal to and I don't even know off the top of my head, which one we want to grab. You know, there's a. The different sender values and we could probably pull it up real quick. Yeah, here's one. I'll grab it off of the command line terminal that we've got. We say that one. There we go. So now we are looking at fewer of these.
Jonathan Bennett [01:32:54]:
And, you know, it takes some fiddling. I'm not going to get this. It took me about an hour, I think, on the desktop behind me to get this really dialed in the way that I wanted it. But you eventually get to a really nice bit of data that you can pull to just from MQTT and you see again, we're getting more data here. It looks like we're. That that filtering probably needs more fine tuning. So it's probably not sender, it's probably from. That's probably what it is.
Jonathan Bennett [01:33:34]:
So again, we'll save and apply. This will probably make more sense. Grafana is like this though, to really. Until you really get good at it, you got to. You got to fiddle with it and try it and play. To take this and to really take it to the next step, if you want to make it more useful would be instead of just doing a direct pull with that MQTT connector, you would actually, you would use a time domain database is what they call it. And that's where you take one of these things off of MQTT and you put it in a database and then you pull it out of the database to make your visualization rather than just going straight from MQTT onto a dashboard here. But that is basically how Grafana works.
Jonathan Bennett [01:34:24]:
And hopefully I didn't try to stuff too much into each of these. It's been really cool for me to sort of step through and figure out how these things plug in together. And yeah, maybe, maybe next week I'll fine tune this at the end of the show next week I'll show you exactly what it can look like once. Once everything is put together the right way. It's fun though. All right.
Ken McDonald [01:34:50]:
Fun playing with a new toy.
Jonathan Bennett [01:34:51]:
Yeah, it really is. It's cool. And you could do some really cool stuff with the Grafana. I've seen people just go nuts with it. And it has the ability also to give you alerts when values go above or below a range that you set and some neat stuff like that. So, yeah, it's pretty cool.
Rob Campbell [01:35:08]:
Once you finish with all this, I'll. I'll watch all of them together and start experimenting with the Grafana myself.
Jonathan Bennett [01:35:16]:
Yeah, well, I think I think probably last week in particular with actually setting one up is enough to get started. And then, yeah, I'll go through next week one last time. Just looking at the way things are set up that actually give us valuable data.
Rob Campbell [01:35:31]:
Yeah, I'll wait till you finish the whole whole series because I'll have more time then.
Ken McDonald [01:35:36]:
I don't think that's one that you could capture with a schema.
Jonathan Bennett [01:35:40]:
No, probably not. Probably not. Probably not.
Rob Campbell [01:35:44]:
It's always more time tomorrow.
Jonathan Bennett [01:35:45]:
Yeah, always. Yeah, that's how, that's how that works, Shirley. All right, Ken, you have anything you want to jump, get in for the end of the show, get the last word in on something or plug anything?
Ken McDonald [01:35:57]:
Yes. For those of y' all listening, I do have a link in the show Notes to an article by Saurav Rupal Rufal. It's about a two minute rig and talks about anthropic funding the Apache Software Foundation.
Jonathan Bennett [01:36:14]:
Interesting. Very cool. All right.
Rob Campbell [01:36:17]:
And Rob, I just got my usual plug and that is me. I'm gonna plug me anyway. You can come find me. Robert P. Campbell.com Once you get to my website. There are links there to LinkedIn, Twitter, Blue Sky, Mastodon, and you know, follow me on there. And if I do post anything, like maybe that open Snitch, a little snitch, side by side comparison, it'll be there. And if you really want me to try really hard to get that done, you can always go here and incentivize my work by donating a coffee to me on this little coffee mug on my site.
Jonathan Bennett [01:37:08]:
Yeah, very cool. So I real quick wanted to show that I did get this working. It was a decimal versus hex issue. And so it's literally just the from value. I had this in hex and it needs to be in decimal. And now we are indeed pulling some live load values from there. And so we now have a load panel going through, well, through meshtastic, but also through mqtt, through the script to decode it, and then into Grafana. And this is.
Jonathan Bennett [01:37:47]:
Yeah, this will be useful for watching what a system is doing. And I think like we said, next week I will have more of this all prettified and we'll take a look at what it looks like when it's all put together. Yeah, we let the, we let the guys get their last word in. And the only other thing that I want to say is if you want to find more of me, there is Floss Weekly over at, over at Hackaday. We have a lot of fun there, interviewing the movers and shakers, as it were, of the open source world. Appreciate you, Ken and Rob, for being here. Thank you so much, much. All right.
Jonathan Bennett [01:38:23]:
And we appreciate you, all the people out there that watch and listen whether you get us live or on the download. And we'll be back next week on the Untitled Linux Show.
