Podcast Summary: Untitled Linux Show 181: Run Rootless

Release Date: December 9, 2024

Host/Author: TWiT

1. Introduction & Overview

In episode 181 of the Untitled Linux Show, host Jonathan and his co-hosts Rob, Jeff, and David delve into a variety of topics central to the Linux and open-source communities. From desktop environment debates to security updates and the latest in software releases, the episode offers a comprehensive look at current trends and developments.

2. Cinnamon vs. Other Desktop Environments

The episode kicks off with a heated discussion led by Rob, who critiques a ZDNet article by Jack Whalen titled "Five Ways the New Cinnamon Desktop is Better Than Your Default Desktop Environment." Rob questions the validity of the claims made about Cinnamon's superiority, especially regarding performance and features that are already standard in other desktop environments.

Rob (02:50): "How do any of these things on this list make Cinnamon desktop environment better than the DE you are currently using?"

Jeff adds to the debate by noting that features like window shading have long been present in environments like Xfce and Mate, challenging the notion that Cinnamon offers unique advantages.

Jeff (08:46): "Keith, 512 says Xfce has had shading for a very long time."

The team concludes that while Cinnamon is a solid choice, the reasons presented for its superiority are not compelling enough to deem it better than other established desktop environments.

3. Flathub & KDE's Monetization Efforts

Rob shifts the conversation to Flathub and KDE's initiatives to monetize the platform. He explains that the GNOME Foundation, in partnership with KDE, is looking to introduce payment and donation systems to make Flathub self-sustaining. This move aims to support open-source projects financially, ensuring their continuity.

Rob (33:14): "Flathub is an easy way to package something universally... this could help potentially draw in more developers."

Jonathan highlights KDE's successful donation campaign, noting a significant increase in contributions following their respectful and non-intrusive solicitation for donations.

Jonathan (36:27): "KDE has pulled in $60,000 in donations in December. Wow, that was a win for KDE."

The discussion underscores the importance of sustainable funding models for open-source projects and the positive reception of KDE's approach to donations.

4. OpenVPN Updates

Jonathan revisits OpenVPN, highlighting its ongoing development despite the rise of WireGuard. David informs listeners about the new Data Channel Offload (DCO) kernel module aimed at enhancing OpenVPN's performance by leveraging AES-NI in kernel space to reduce overhead.

David (13:19): "OpenVPN is trying to win me back... the DCO kernel module is going through its review process."

The team acknowledges that while WireGuard is gaining popularity for its simplicity and speed, OpenVPN remains a viable option for those reliant on its features, thanks to these recent improvements.

5. OpenWRT Security Vulnerability

Jeff brings attention to a reported security issue in OpenWRT's upgrade system, where vulnerabilities could allow attackers to serve compromised firmware images. He details the nature of the vulnerabilities and the steps OpenWRT has taken to mitigate them, including input sanitization and using full-length SHA256 hashes.

Jeff (17:02): "OpenWRT had an issue with their attended SIS upgrade server that could have led to compromised firmware images being served."

Jonathan reassures listeners that there's no evidence of exploitation but emphasizes the importance of updating to the latest version as a precautionary measure.

Jonathan (23:46): "They are encouraging people to upgrade to the same version to eliminate any possibility of being affected."

6. OBS Studio 31 Release

Jeff provides an overview of the latest OBS Studio release, version 31, outlining new features such as Nvidia's blur filters, improved support for Intel Quick Sync Video, and enhanced integration with Amazon IVS. He also mentions several bug fixes aimed at improving stability and performance across different platforms.

Jeff (56:05): "OBS Studio 31 includes the Nvidia blur filter, Intel Quick Sync Video support, and numerous bug fixes."

David shares his experience using the new features, specifically the Nvidia background filter, highlighting the improvements in streaming capabilities.

David (61:03): "I am streaming on OBS31 and I am using the Nvidia background filter."

7. Steam Machines and SteamOS-Powered Hardware

The conversation shifts to the resurgence of Steam Machines, with Jonathan referencing an Ars Technica article about hardware running SteamOS in collaboration with Valve. The hosts speculate on the potential impact of more powerful processors and improved software support, suggesting that this iteration of Steam Machines could overcome past shortcomings.

Jonathan (53:21): "This is going to be the Steam machine idea... software support for running things on SteamOS on Linux using Proton is much better now than it was."

Rob adds that while Steam Decks and similar devices have been popular, a new wave of SteamOS-powered hardware could offer fresh opportunities for gamers and developers alike.

8. Linux Distro Cosmic

Rob reviews the latest updates to System76's Cosmic desktop environment, now in Alpha 4. He highlights features such as enhanced language settings, default application configurations, improved power management, accessibility enhancements, and support for Variable Refresh Rate (VRR). The team praises the desktop's performance and its potential to compete with established environments like KDE and GNOME.

Rob (61:50): "System76 Cosmic Desktop Alpha 4 is incredibly fast... accessibility applet makes the desktop more inclusive."

Jonathan expresses excitement about Cosmic's progress, comparing its smoothness to Cinnamon and contemplating giving it a firsthand experience.

Jonathan (66:10): "It's pretty good... it was one of the snappiest desktops I've used."

9. Docker, Podman, and Containerization Security

David offers a critique of Docker's security features, referencing Linus Torvalds' concerns about container isolation. He explains the vulnerabilities associated with Docker compared to full virtual machines and suggests encapsulating Docker containers within virtual machines for enhanced security.

David (40:28): "Docker reduces heaviness by using namespaces and control groups... but it's easier to escape Docker's isolation than a full VM."

Jonathan recommends using Podman in a rootless configuration as a more secure alternative, noting its compatibility with most Docker images and its ability to operate without root permissions.

Jonathan (45:22): "Run Podman rootless... Most Docker images will just work under Podman."

10. Rust in OpenSSL and TLS Performance

David discusses an article from Phoronix highlighting Rust LS, a modern TLS library written in Rust, outperforming OpenSSL in multithreaded server environments. The hosts touch on the origins of Rust and its growing influence in system-level programming.

David (67:33): "Rust LS multispeed performance is better than OpenSSL... Rust is just out there blowing through more performance metrics."

Jonathan shares his personal experience with Rust, including participating in Advent of Code challenges, and reflects on Rust's potential in enhancing software security and performance.

11. Nvidia Driver Updates

Jeff announces the release of Nvidia's new stable driver version 565.77, detailing its enhancements for Wayland support, bug fixes for Vulkan applications, and improved performance for gaming through better memory management.

Jeff (76:23): "Nvidia driver 565.77 supports Wayland better, fixes crashes with Vulkan applications, and enhances HDR hardware acceleration."

The team discusses the importance of these updates for gaming and Linux users, with David confirming active use of the new features.

David (61:03): "I am streaming on OBS31 and I am using the Nvidia background filter."

12. Command Line Tips: Eza & pv

Rob introduces Eza, a Rust-based alternative to the traditional ls command, highlighting its additional features like color-coded outputs and customizable formats. He demonstrates how to alias Eza for ease of use and showcases its enhanced display options.

Rob (94:26): "Eza is an alternative to the LS command with extra features like color and icons."

David presents a tip on using pv (Pipe Viewer) to monitor data transfer progress in command-line operations, enhancing user experience during file manipulations.

David (99:17): "Use pv to display progress bars during data transfers, useful for long-running pipelines."

Jonathan adds that these command-line tools can significantly improve productivity and user interaction with the Linux environment.

13. Conclusion

As the episode wraps up, the hosts reflect on the diverse range of topics covered, from desktop environments and security updates to the latest software releases and command-line enhancements. They encourage listeners to explore the discussed tools and stay engaged with the Linux community for ongoing developments.

Notable Quotes:

• Rob (08:37): "I never look down on somebody trying to make money on something as long as they don't do something dumb."

• Jonathan (36:27): "KDE has pulled in $60,000 in donations in December. Wow, that was a win for KDE."

• Jeff (56:05): "OBS Studio 31 includes the Nvidia blur filter, Intel Quick Sync Video support, and numerous bug fixes."

• David (67:33): "Rust LS multispeed performance is better than OpenSSL... Rust is just out there blowing through more performance metrics."

This episode of the Untitled Linux Show provides valuable insights into the current state of Linux desktops, security frameworks, and the ongoing evolution of open-source projects. Whether you're a developer, system administrator, or enthusiast, the discussions offer actionable information and thoughtful critiques to enhance your Linux experience.