Untitled Linux Show 225: "Not a Memory Leak"

Podcast: All TWiT.tv Shows — Untitled Linux Show
Date: October 19, 2025
Hosts: Jonathan Bennett, Rob Campbell, Ken Starks, Jeff Geerling

Overview

This episode dives into recent happenings in the Linux and open source ecosystem, including NordVPN’s open source push, the evolving x86 architecture, Blender 5.0 beta, cutting-edge kernel mitigation features, Pipewire’s new release, progress toward a completely open Linux phone, the spiritual successor to Mycroft for smart homes, Fedora 43’s delay, and the latest on Zorin OS 18. The hosts blend technical depth with their trademark humor, sharing hands-on experiences, news, and practical tips.

Key Discussion Points & Insights

1. NordVPN Goes Open Source ([05:32]–[12:22])

Rob Campbell introduces recent moves by NordVPN:

• NordVPN’s Linux graphical app is now open source under GPLv3, boosting Linux usage by 70%.
• All tunneling handled with standard Linux tools (iptables, IPRoute2, systemd-resolved).
• Official Snap package now includes the GUI.
• Notable quote:
  "Transparency through open code and a user-driven feature saved by community feedback. That is a win for open source." – Rob Campbell [09:31]
• Meshnet, Nord’s peer-to-peer LAN over WireGuard, was set to be shut down, but user outcry saved it and it will also go open source.
• Discussion: Open sourcing the client increases transparency, but you still need to subscribe for server access. Comparison with Tailscale and potential for forking the client for custom VPN setups.
• Technical aside: OpenVPN and WireGuard configs directly usable.

2. The Future of x86: Unifying AMD and Intel ([12:28]–[22:47])

Jeff Geerling explains developments from the x86 Ecosystem Advisory Group:

• One-year anniversary of AMD/Intel collaboration to keep x86 unified.
• Cleaner instruction sets, finalized FRED (Flexible Return Event Delivery) for privilege levels, new AVX10 vector extensions, and CHKTAG for memory tagging to prevent overflows.
• AVX10 and ACE (Advanced Matrix Extensions) set to handle next-gen compute and gaming tasks.
• Notable quote:
  "I know that AMD and Intel feel the pressure of RISC-V and ARM... They're trying to make sure that x86 stays around, streamlines, to better fight even Apple's M chips." – Jeff Geerling [16:54]
• Discussion of versioning confusion, the compromise between RISC and CISC philosophies, and the complexities of standardizing instruction sets across platforms (e.g., ARM, RISC-V).

3. Blender 5.0 Beta: Major Upgrades Incoming ([24:35]–[29:18])

Ken Starks covers Blender’s 5.0 public beta:

• Features: new volume rendering, display compositor node, full HDR/wide gamut color support (Wayland needed).
• Copy global transform now integrated natively; improved theming & UI.
• Warning: Breaking changes in Python API.
• Practical talk about hardware needed for HDR.
• Notable quote:
  "If you really want these modern display features like HDR in Blender, you have to be using Wayland and an HDR compatible monitor." – Rob Campbell [27:19]
• Fun sidebar on investing in good monitors & cases.
• Tips on e-waste and recycling old hardware.

4. Free Software Foundation’s Bold LibrePhone Plan ([33:12]–[45:48])

Rob Campbell relays FSF’s announcement at their 40th anniversary:

• LibrePhone project aims for a completely open phone stack, prioritizing reverse-engineering proprietary firmware (“blobs”).
• Start with documentation and specs for the most open-friendly phones; seeking community involvement in coding, documentation, advocacy.
• Notable quote:
  "It's not building a new phone or an OS... The goal is to reverse engineer and document the proprietary firmware." – Rob Campbell [35:42]
• Discussion/debate:
  • Jonathan Bennett expresses skepticism about the FSF’s strict “no blobs” stance, arguing the line is arbitrary (“FW on a chip is as closed as FW you have to load”).
  • Group discusses trade-offs; Rob and Jeff argue that even if impractical, this work creates positive pressure for openness elsewhere.
  • Jonathan suggests FSF could do more by enabling mainline kernel support for common ARM hardware.

5. Kernel Breakthrough: Runtime Security Mitigations ([49:38]–[61:07])

Jeff Geerling highlights a patch series from AMD:

• Linux will soon let you enable/disable CPU security mitigations at runtime (not just boot).
• Aimed at balancing performance vs. security, especially for servers and always-on systems.
• Live patching approach: "repatching" swaps kernel code while freezing tasks.
• Deep-dive into speculative execution attacks (Spectre, RETBleed, etc), threat models, and when to disable mitigations on desktops.
• Notable quote:
  "If you're just gaming, you're not banking or doing anything private, you can leave all the mitigations off..." – Jeff Geerling [58:26]
• Advice: Trust distro defaults unless you have special security needs.

6. PipeWire 1.6: Major Audio Latency Improvements ([61:22]–[65:36])

Ken Starks delivers the latest on PipeWire:

• Major performance and latency improvements; complete redo of link negotiation code.
• New features: Bluetooth hearing aid support, MIDI 2.0, Razer Blackshark V3, Dolby/Prologic II support.
• PipeWire getting closer to being viable for pro-audio use.
• Reflection on hardware long-life (e.g., 1965 Shure SM57 microphones outliving multiple generations of computers).

7. UBO Pod: The Privacy-First Open Smart Speaker ([66:16]–[72:52])

Rob Campbell introduces the UBO Pod:

• Open source, hackable “smart speaker”, runs on Pi 4/5, uses only local AI models by default.
• Physical privacy switches, hardware mods welcome, Dockerized apps, easy integrations with Home Assistant.
• Positioned as a Mycroft spiritual successor.
• Notable quote:
  "UBO Pod is the smart device for people who don't trust smart devices." – Rob Campbell [70:20]
• Group debates the “woodgrain” aesthetic and hardware design; genuinely excited about the open stack.

8. Fedora 43 Release Delayed ([73:38]–[79:24])

Jeff Geerling reports:

• Fedora 43’s release pushed from Oct 21 to Oct 28 due to outstanding blocker bugs (installer dropdown bug, WiFi regression, rescue mode failure).
• Fedora known for delays but prioritizes reliability; everyone agrees on value of “wait and fix.”
• Rawhide (Fedora's bleeding-edge branch) explained.

9. Zorin OS 18: A Slick, User-Friendly Distro ([79:51]–[86:28])

Ken Starks recaps Zorin OS 18 launch:

• Based on Ubuntu 24.04 LTS, with kernel 6.14.
• Modern UI: rounded corners, floating panels, consistent look for GTK/QT apps.
• New window tiling, Web Apps tool, OneDrive integration.
• Neat feature: detects Windows installers and suggests Linux alternatives.
• Downloaded 100,000+ times in 48 hours—Zorin’s “biggest launch ever.”
• Jokes about version numbering and love/hate for rounded UI corners.

Notable Quotes & Memorable Moments

• “I like listening to barbershop music, therefore I am not going to let you guys ruin it for me.” – Jonathan Bennett, [01:39]
• "I'd rather pay them [NordVPN] than have maybe the product being... sold off." – Ken Starks [10:13]
• "It's like, okay, this is a pain to do yourself, but it's nice when they [NordVPN] open source it." – Jonathan Bennett, paraphrased [12:00]
• “If you really want modern features like HDR in Blender, you have to use Wayland and an HDR monitor.” – Rob Campbell [27:19]
• "If my laptop had a MediaTek MT7922, I'd definitely want them to push it back so I'd know my WiFi would work." – Ken Starks, on Fedora 43’s responsible delay [77:28]
• "UBO Pod is the smart device for people who don't trust smart devices." – Rob Campbell [70:20]

Tips & Command-Line Segments

1. Fastmail Desktop App for Linux ([88:40])

• Fast, clean email provider with dedicated Linux client (Electron-based, but with full desktop integration and notifications).
• "I do wish others like Thunderbird could maybe improve their interface... this one just looks beautiful." – Rob Campbell

2. Octopi: Pacman GUI for Arch/Derivatives ([92:22])

• Octopi offers a full-featured GUI for Pacman package management (search, install, upgrade, etc).
• Written in C++, QT-based, open on GitHub.
• "If you'd rather point and click than type it out... check out Octopi." – Jeff Geerling

3. Gemini AI from Linux Terminal ([95:54])

• Gemini CLI lets you interact with Google's Gemini from the terminal (Node.js install via npx).
• Demonstrated asking it to summarize a webpage, stats tracking, conversation checkpointing.
• Agentic AI: can run shell, fetch web, summarize, and more.

4. Secure Disk Erasure: shred & hdparm ([106:47])

• Use shred (e.g., sudo shred -v /dev/sdX) for multi-pass, random data overwrites.
• Follow up with hdparm’s security-erase feature for SSDs/hard drives with wear leveling.
• Drill bits for physical destruction (if required), though SSDs may need special care.

Important Timestamps

• NordVPN News: 05:32 – 12:22
• x86 Future: 12:28 – 22:47
• Blender 5.0 Beta: 24:35 – 29:18
• LibrePhone/FSF: 33:12 – 45:48
• Kernel Mitigations: 49:38 – 61:07
• PipeWire 1.6: 61:22 – 65:36
• UBO Pod: 66:16 – 72:52
• Fedora 43 Delay: 73:38 – 79:24
• Zorin OS 18: 79:51 – 86:28
• Command-Line Tips & Tools: 88:40 – 113:55

Conclusion & Plugs

• Lots of actionable news for desktop and professional Linux users alike—from open source privacy tools to power-user distros and homebrew AI.
• Panelists share personal sites and projects; Jonathan plugs the upcoming TWiT D&D adventure.
• Call to “backup, backup, backup” from Ken; light poetic interlude from Jeff.

Useful Links

• NordVPN Linux Client on GitHub
• Blender 5.0 Beta Official Announcement
• LibrePhone FSF Announcement
• PipeWire 1.6 Details
• Fedora 43 Release Notes
• Zorin OS 18 Announcement
• UBO Pod Kickstarter
• Fastmail Linux App
• Octopi Package Manager
• Gemini CLI Terminal Client
• shred manual (GNU Coreutils)
• hdparm Secure Erase

For more Linux news, practical advice, and lively discussion, tune into Untitled Linux Show each week on TWiT.tv!