A (5:59)

Yeah man, if I was on Ubuntu I would really be ticked that I didn't have this feature that Fedora has had for like 20.

B (6:05)

Okay,

C (6:09)

actually some of this I was getting with Nala.

B (6:14)

Yes, but now you don't need a third party thing.

C (6:16)

No I don't.

B (6:17)

All right there.

C (6:20)

Ubuntu in 2510 is using apt version 3.1.6 right now. You know I should really be at these features.

A (6:31)

I should really be nice. They invited me to Come to the Ubuntu conference and they're gonna buy my plane ticket. So that. That joke was only a joke. I love APT and Ubuntu. It's great.

B (6:43)

Yeah. You're gonna get uninvited and if. If you still want to use that ticket, send it my way. I don't know what I'll talk about, but I'll come up with something. I like free trips. Where's that at again?

A (6:53)

In London. So put me in the economy nosebleed section.

C (6:57)

So you're saying that all these new features in Apt 3.2 are already available in DNF?

A (7:07)

I don't know about all of them, but the ability to show your history and do rollbacks is.

B (7:13)

Can you redo after you did an undo?

A (7:15)

You know, I'm honestly not sure if that's in there or not. That's not something I've ever needed to do.

B (7:22)

I mean, I still, I. I find that being useful. Like I. I've said before, I used. I use Ubuntu on my servers and, you know, sometimes I install something, it's like, you know, that doesn't work as expected. So I could see myself undoing it.

A (7:35)

The undo is very useful.

B (7:36)

Yeah. And I don't know, maybe I'd be like, oh, well, that still doesn't fix it. Maybe that wasn't the problem. Let's redo that again. I don't know.

C (7:44)

Especially if it's an unattended upgrade that you didn't want to do.

A (7:49)

Yeah, probably you don't want unattended upgrades turned on on your server.

C (7:55)

How about on your production desktop?

A (8:00)

A little bit better. But, you know, it's. It's a matter. It's a matter of taste, really. Yep. All right. We talk about flat packs.

C (8:12)

Of course we want to talk about flat pack.

B (8:14)

Another package manager, a universal one.

A (8:17)

Yeah. There was a. Was it Flatpak sandboxing that had a big security problem.

C (8:23)

In fact, that's what I'm going to be talking about here is about some important security fixes that Marcus Nestor wrote about that were part of the several updates released by Flatpak. First we hear about FlatPak 1.16.4 addressing two security vulnerabilities, CVE2026 34078 and CVE2026 34079. According to Marcus 34079 vulnerability could lead to arbitrary file deletion on the host file system, earning it a high 8.7 rating. The CVE ending in 34078 vulnerability could could allow a complete sandbox escape which could then lead to host file access and code execution in the host context. It was rated a critical 9.3. Now Flatpak 1.16.4 also fixes two other security issues, preventing arbitrary read access to files in the system helper context and preventing orphaned cross user full operations. Now when you check out the release notes you will also find the Flatpak development team has released Flatpak 1.17.4 as a new development version towards the major Flatpak 1.18 release, adding automatic branch following for extensions to ensure that no auto download extensions stay functional after an update that requires a new branch and support for Enable Inte sync unconditionally. Now I do recommend reading Marcus's article since he posted two updates since its initial release.

A (10:20)

Yeah, very, very cool. Good to get all of those security things fixed and taken care of. We had wrong Discord tab. Let's see, we had Keith512 mention that there were a a bunch of updates this week and it's now 1.16.6. So lots of things getting fixed in Flatpak.

B (10:46)

Maybe now that that's all fixed, it's starting to get time for me to do another benchmark comparison between Snap, Flatpak and native, as I've done a couple times in the past.

A (10:56)

Don't forget AppImage.

C (10:58)

If you follow the release notes you'll see that 1.17.6 is actually the last release that was done because they're all combined the 1.16 and the 1.16 in the release notes history. Weird watching it go from 1.16.4 to 1.17.4 to 1.16.6.

A (11:23)

Well, so what they did is they found vulnerabilities that were in both branches so they had to fix them at the same time.

C (11:30)

Yep.

A (11:32)

Yeah, interesting. Yeah, cool stuff. So actually, let's take a quick break and then we're going to talk about something that is probably going to happen this weekend in something sort of big in the Linux world. We'll do that right after this. So we've been talking about it and if you've been paying attention to the show over the last few weeks, this is not really a surprise. Although I don't think we knew last week that it was coming this weekend. But it looks like Linux 7.0, the big 7.0, is going to release on Sunday 12th April. So for those of you that watch on the download, it's probably already happened, but there are a bunch of things in here between performance optimizations for the amd, you've got upcoming. Speaking of amd, you've got upcoming new AMD hardware that's getting the switches turned on and the support landed. If someone really wants to read the tea leaves about what's coming from amd, you can go look into that. That's a lot of AMD Radeon graphics. There's of course the normal intel stuff, XFS I think we talked about this has the self healing added to it. Ext4 is getting a big write performance improvement. There's IO stuff, there's UDP stuff. Qualcomm's Snapdragon X2 Elite SoC is getting more of its support upstreamed, which is always nice to see. So the bump to the R version and all kinds of stuff happening there. And so kernel 7.0 probably almost certainly going to happen unless somebody finds a really big bug in it going to happen this this Sunday, which is tomorrow for those of us that are that are live and probably a couple of days ago for those of you that listen on the download. But anyway, good to see that. That'll be fun to get show up in your distros within a week or two or three or a month or two depending on what distro you run. Some of them are quite slow to get it and some of them are quite quick.

C (13:33)

In fact, hasn't Jeff started talking about some of the things that we might see in 7.1?

A (13:39)

I was also seeing some 7.1 stuff because you know, there is the, the staging branch. They load stuff up in the very. It's not just one staging branch. Each subsystem has a staging branch. They'll push stuff into that during the feature freeze so that when you know the feature freeze in seven ditto comes out, the merge window is open. Torvald says, okay, give me your new stuff. People will just do these huge pull requests from the merge branch and say okay, here's the 3,000 commits that I want you to pull.

B (14:10)

It feels like we just got to 6.0, but here we are, another milestone again.

A (14:15)

Yeah, so we are doing 2020 versions, 20 minor versions per major version and you get a kernel every a couple of months, three months, something like that. So doesn't take that long to get 20.

B (14:28)

Was it the beginning of last year?

A (14:33)

I don't know. We can ask Google when did kernel spell it right? 6.0 release Col Linux kernel version history Nope, that doesn't tell me. Lame. Linux 6.0 released October 2022 a while. It's been a while Rob. You're just getting old and the days are going faster. That's actually what it is.

B (15:01)

It's horrible.

A (15:05)

He didn't deny it.

B (15:08)

Everything feels like yesterday and I know, I know.

A (15:13)

Yeah. No, there's cool stuff happening in 7.0. One thing that you might want to think about, and this is again, Keith's512 points this out, that if you're running Nvidia, you might want to not jump to the 7.0 kernel right away. You're going to want a. You're going to want to wait for like the next update for that to be able to get support for the kernel. If they particularly 7.0.4, not necessarily the kernel version, the next Nvidia version. I don't know what they're going to call it. I don't remember how Nvidia numbers their kernel, their kernel drivers. Do they number it back to the kernel itself? I thought they did it by like month, day.

C (15:54)

It's a good question.

A (15:56)

I don't know. I don't run Nvidia. I'm not an expert on it.

B (15:58)

Yeah, I mean, my recommendation, if you're running Nvidia, I mean, for now, hold off. But for future stuff, start planning your exit strategy.

C (16:08)

If you're running Nvidia, hold off until you replace it with an AMD gpu.

A (16:13)

It's not nearly as much of a pain as it used to be. I used to be very much on team, don't run Nvidia on Linux. But it's better now.

B (16:22)

It's not just for the pain, it's just everything.

C (16:25)

It's definitely better if you're wanting to have a local AI agent.

A (16:29)

Yeah, I mean, Nvidia is working on their open source graphics drivers too. So, you know, it's not. It's not just team AMD that's doing the open source thing. Nvidia is trying to get in the game too.

B (16:40)

Yeah, well, they're still trying. When they're there, maybe I'll back down a little bit.

C (16:46)

Was there a very. Before that train?

A (16:53)

All right, so I think. Have we talked about things like Little Snitch before? It seems like there was a Little Snitch command line tip that we did at some time in the past. Or maybe I'm thinking of one of the times that I was. Maybe they talked about Little Snitch on Security now or one of the other shows now.

C (17:13)

Future Open Snitch.

B (17:14)

Jeff. Jeff shared a tip not too long ago about Open Snitch.

A (17:18)

All right.

B (17:19)

And how it was based on Little Snitch.

A (17:22)

Okay. Well, we've got a, we've got a story here from Rob about Little Snitch. So what's, what's going on? Isn't this thing Mac only? I thought what's, what's the deal?

B (17:31)

Yeah, so Little Snitch originally was an app for Mac OS and Linux had Open Snitch, which was based off a Little Snitch. Well now you may have the opportunity to just use the real thing as Little Snitch has finally arrived on Linux and for a lot of longtime users, you might be excited for this. Little Snitch is written in rust, so a lot of people should be happy about that. And built around EBPF so it can watch which processes are making network connections, let users block them with the rules instead of traditional desktop apps and Linux and, and the Linux version uses a web based interface which also means you can monitor a remote Linux machine from another device. Oh yeah. Also side note on the Open Stitch and Snitch and Jeff haven't done this. I actually googled YouTube open snitch I think it was. And right at the top was a snippet of Jeff's video from the show. So it's easy to find if anyone wants to go back on that. Anyway, so that's kind of cool compared to Open Snitch, you know, that has the web interface and all that. And you know, even, even I don't get a Little Snitch on the Mac. But, but this Linux release comes with important asterisks. The developers clear that Little Snitch for Linux is not being positioned as a full security tool in the same way that the Mac OS version is. Because apparently EPF EPBF's limits on Linux processes can evade it. And tying traffic perfectly back to a process is harder. What the article says. So the focus here is privacy and visibility more than hardening hardened security. And to continue. According to Joy Sneddon testing on Ubuntu, only nine system processes connected to the Internet over a week compared to more than 100 on Mac OS. So it's a little, just a little side snippet on Linux compared to Mac os, I guess, you know, while apps like Firefox still made background connections, LibreOffice made none. And that brings me to my own experience because I wanted to do the obvious side by side comparison comparing Little Snitch versus Open Snitch. Spoiler here there might be some disappointment, but anyway, I set up two identical virtual machines running Cash OS with the Cosmic Desktop because I like Cashy and I like Cosmic. So I wanted to have that environment anyway. On one, I installed OpenStitch from the arch repository. I've installed it way back in the past. I was disappointed that Jeff beat me to the tip and that I never did that tip before because I've actually used it like I played with a long time ago. Anyway, on the other one, I installed Little Snitch from the AUR using yay, the Arch that is the Arch users repository. The plan was simple. A side by side, same distro, same desktop, same workload. Then see whether the less open Little Snitch actually offered a compelling reason to switch or choose it over the the fully open open Snitch. But that's not quite how it went. Open Snitch needed a little bit of tweaking before it started showing data. I had to do a little googling because it just wasn't. It just wasn't seeing anything. But Little Snitch turned into a much rougher experience for me after installing that. After I installed Little Snitch, that virtual machine became completely unstable. The desktop was locking up, crashing and I couldn't do anything. I even rebooted it, same thing. I was like, I think the whole desktop was crashing once and I was like in some console errors on the screen and the desktop would be bad because I fortunately as a vm, not used. I eventually just deleted and killed the thing. So now I can't say for sure whether you know that package in the aur. I mean that's a user package. Maybe that was bad, I don't know. Or if it was an issue with the fairly new Cosmic Desktop. Maybe I should have used something more tested, I don't know.

C (22:39)

Or.

B (22:39)

Or some interaction between the two, I don't know. I did see comments though online from others mentioning memory related issues. I think one said something about memory went up to 100% and they removed and it went back down. And so I don't know there they seems like there may be some other problems with it still at the moment, depending on the system. I mean Joyce that didn't. It's not like he had any issues on Ubuntu. I don't know. Still it meant I ran out of time before I could do the true side by side comparison. I wanted other complaints about Little Snitch is that it isn't completely open source. The Linux version is partly open source. The EBPF components and the web UI are open, but the daemon itself remains closed, which is something the Europeans might have a big issue with. But that is for a Later story today.

A (23:41)

Yeah, that was something I was definitely going to point out.

B (23:45)

So in a way that's the story of little snitch on Linux right now. It's exciting for a famous macOS network monitor land on Linux with a modern tech, a remote friendly web UI and a real privacy value. But apparently for some users the experience may still be a little buggy. I'm still going to try to do a side by side, maybe later this week, maybe I'll try it on Ubuntu or something else since it worked for Joey there and see if I have more success there. You know, put those two side by side, see what happens. And I probably won't bring it back here unless it's worth a full story. So I may, if, if I do do this, I'll probably post something on my social media and follow at the end of the show to find out how to connect with me for my see my social media if you're not already connected.

A (24:40)

Nice little self plug there. Yeah, no, it's cool to see it. I don't think this is something that I'm particularly going to run. But the. Ecosystem on Linux does not really give itself to programs doing telemetry and not telling you about it because they're all generally open source, particularly if you just install stuff through your distros repositories. So it's a little less useful in that case. Although it is nice to have something that sort of double checks that.

B (25:14)

Yeah, I mean a little reminder refresher. What these apps do, if I wasn't clear in it is basically you run it and it just monitors anything that makes a network connection and it, you know, it pops up, oh, Firefox went to here, or this app went to here and then you know, you can, yeah, that's fine. Or you can go in there like. Yeah, no, block that. You know, make rules based on that. So when I played, I haven't played with it actually in a while, but it's pretty cool.

A (25:45)

Yeah, so when it pops up. No, I don't need Audacity reaching out by default and giving telemetry to the people that own it or you know, whatever program you've got.

B (25:54)

Yeah, so those little things like Audacity, when they announced that they have this new telemetry thing coming out, don't worry about that. I got a little snitch program and that I could just block and you

C (26:07)

don't have to worry about going in the settings and opting out.

A (26:10)

Yeah. Now remember with Audacity I'm Pretty sure they changed it to where you opt in and it's off by default. They did they good on them. Like let's not use their name and trash them. When they made the right but made the right call here, they did go back and say, no, no, no, it's going to be opt in. And they took the right stance.

B (26:25)

Yeah, sorry, sorry. That was just an example.

A (26:27)

It was low hanging fruit.

B (26:28)

Jonathan brought it up first. But you never know what anyone else might, you know.

C (26:34)

But Audacity would be a good application to test little snitch with since you can go in and opt in and then check to see if it shows up.

A (26:42)

Yes. It would also be a good way to make sure that that opt in opt out is doing what it says it's doing.

B (26:49)

Yeah, easy way to test if you want to. If you wanted to be one of those people that goes on test if something's really not sending data.

A (26:59)

I mean, trust but verify, right?

C (27:02)

Always.

A (27:03)

Yep. All right, here in just a minute we're going to talk about everyone's number one top, without a doubt favorite text editor, the best one that everyone should use. Ken's got that story first. We're going to take a quick break. We'll be right back. All right, Ken, what is new with nano?

C (27:23)

Well, this week to find out what was new with nano, I read Bobby Borisov and Midas articles that they wrote about the latest Release of GNU Nano version 9.0. According to Bobby and Marcus, the most visible change is a Net reworked horizontal scrolling behavior. Nano 9.0 replaces the older per line horizontal movement which could fill a brute during editing with lines that scroll sideways only as much as needed to keep the cursor visible when it nears the right edge of the screen. Macro handling has also been adjusted. Stopping a macro recording immediately after it starts now cancels the recording and leaves the existing macro in place. I'm going to recommend reading Bobby and Marcus's articles if you want to find out about a new feature for mouse users.

A (28:25)

Interesting. So there's a. There is a name for this. They've given it a. They've given it like a. A tagline.

B (28:40)

The Nano 9.

A (28:42)

No, wait for it.

C (28:47)

Solo side screw.

A (28:49)

No, no. According to the one article, it's Lou Bonaire, S Dans Lepres.

C (28:56)

Oh, you're talking about the name for

A (28:58)

this version, GNU Nano 9. It has the code name Lubonair. Estanz lepre.

C (29:05)

Yes. And since I didn't want to embarrass myself by mispronouncing it, I decided not

A (29:11)

to Mention that I googled how to pronounce it and I was sitting here listening to it.

B (29:16)

So you have no idea what Ken said this whole time?

A (29:19)

No, I listened to most of it. Okay.

B (29:22)

One in each ear.

A (29:23)

Yeah, exactly. Ever since we've had things like pipewire, we can actually listen to more than one audio stream on Linux at the same time. You guys remember the old days when you could only listen to one thing at a time? You had. No, because also didn't have any built in mixing in it.

B (29:41)

Wow.

A (29:41)

So far we've come.

B (29:42)

I think. Yeah. Because you'd play something and whatever you had would stop.

A (29:46)

Yep.

B (29:47)

And then it would go back like if you're.

A (29:49)

Because whatever was playing took exclusive control of the audio output. Yeah. Pulse Audio. And then also eventually got a awesome mixer which was able to do it. Pulse Audio. And then pipewire finally fixed that.

B (30:01)

That was a while ago.

A (30:04)

Anyway, that. That French phrase that. That translates to the happiness is in the field. Which is actually a French comedy. I don't know. Apparently. Apparently a bunch of. A bunch of French people worked on this. It was just a dumb American. It's cool though. I love the fact that nano is still being updated. They don't consider it to be done software. They're continuing to add stuff to it.

B (30:32)

Yeah.

C (30:33)

I thought Michael played around with the macro feature yet.

A (30:37)

Just. Just a tiny bit. I've done a little tiny bit of that, but it's not something that I very often find myself needing.

C (30:47)

I haven't had the opportunity to play with it myself. Most of the time when I pop into nano, it's just to make a quick edit and then saving exit back out.

B (30:57)

I remember when Pico or Pico was the text editor and then nano took its place. I thought. I thought Micro was supposed to be taking nano's place, but yeah, I. I'm

A (31:11)

trying to remember what the deal was with Pico, why it. Why it's no longer around.

B (31:22)

Well, Micro is a thing. I think we've had, I don't know, a story or maybe a tip. I think maybe a tip on it already.

A (31:30)

But Pico. Pico's license had unclear distribution terms. It was not a. It was not a. It was not free software. It was not an open source licen. Although new versions of Pico are and are released under the Apache license. So they did eventually get that straightened up.

B (31:46)

I. I know for quite some time after nano became the de facto standard, I had an alias to Pico because. Or Pico because I was so. I was just so used to typing

C (31:55)

that if you want a true trip back, try using Edlin.

A (32:03)

Ugh. I know what you're talking about.

B (32:06)

Thank you.

A (32:08)

No, thank you.

B (32:11)

Is it really a trip back if you've never used it before and have no idea what you're talking about?

C (32:18)

Where you would actually be editing a file line by line rather than showing the whole screen?

A (32:24)

Yeah, it's not fun. It's. It's the whatever, whatever fun you can you consider fun. This is the opposite of that. Why? Yeah, it's real bad. Yeah. All right, let's cleanse our palate of that thought and talk about risc V&SCI5. So I came across a couple of stories this week. One of them is that in Linux 7.1 we just talked about 7 about to release and now we're off to 7.1. There is optimizations in RISC V for string, link, S T R n L E n. I guess this is. Now this is curious. Strlen is a standard C function. I guess this is the in kernel implementation of that because this would be the standard C Lib, not the kernel code. But. But the Pharonics here article talks about this implementation and the kernel itself. So apparently they have some hand coded. They have a hand coded string length implementation in the kernel for RISC V. Regardless, it is a big speed win. Going from this is in megabytes per second of throughput. If you're looking at 16 byte strings, we're going from 179 to 309. So like a 72% improvement. If you're talking about 4, 4096 byte or 4K strings you go from 356 all the way up to a whopping 1,878 megabyte per second throughput. So 427% improvement there. So the Linux 7.1 RISC V support is really maturing, which I think is interesting to think about. I've talked in the past. So like when I reviewed the Sci Fi, one of the Sci Fi boards, you know, it's kind of in the same weight class you might say as a Raspberry PI, like about a Raspberry PI 3. And I was looking at it with the question of well, how usable is it for using as a desktop machine? The answer there was it's not a great experience, but it's just good enough for developers to be able to use it to continue working on the RISC V ecosystem. And so you have things like this. That's exactly what's happening. The ecosystem here is being worked on. So you're getting these individuals performance improve tailored for RISC V. There's a few more of these landing in the 7.1 kernel. And one of the other interesting things is they're looking at a ZBB powered version. And I went and looked into that and that is one of the official RISC or actually there's a set of three RISC V extensions. So you know, with x86 processors you have, well, you have like the AVX512 was the one that we're. But you had, you know, the various, like what made a Pentium or Pentium 2, the different processor extensions that they had that were part of these big upgrades. Well, this is sort of what is going on right now with RISC V. They're putting together these packages of okay, to be a next generation RISC V chip you have to support all of these instructions. And that's interesting because RISC V is, you know, it's an open isa, but also anybody, I guess, because it's an open isa, anybody can make a RISC V chip. And so they have the fragmentation problem. All right, so that's one story. RISC V is becoming more ready for prime time. Well, prime time is coming for RISC V at least it's SCI5 against the company that makes RISC V processors. And they did a series G financing round and they raised US$400 million to be able to build Riskfire. Now I asked myself immediately, what is a Series G financing round? And I ended up going down this rabbit hole of reading about startups in which you start with seed money and that's usually the, you know, a few hundred thousand dollars that people have, either angel investors or that you just, your developers, your, your, your founders start with. And then you do like a series A financing round and there's dollar amounts that you set for that and that's the initial money to be able to build something. And then sometimes there'll be a series B financing round that is sometimes to actually get a product out the door. Then in some cases you have a series C financing round where that's like, well, to build the next product. And they have all these things defined. Well, if you read one of those articles, there'll be like this little asterisk down at the very bottom. Like sometimes companies get all the way to a series G financing round and it's essentially just another set, another round of hey, investors, we're looking for more money because we have this really big opportunity. And so that is what Sci5 has done. It's like their sixth, seventh. I can count. I know my Alphabet. It's like their seventh financing round where they've invited investors to come and give them cash to be able to do something new and cool. And so in this case they are looking to build a data center solution, a new high performance RISC V CPU core. And then they also call out specifically Cuda, Red Hat and Ubuntu environments. And so they are, interestingly, they also got investment from Nvidia was one of them. And then Apollo Global Management. That's not a company that I'm nearly as familiar with, but it's interesting to see this, that SCI5 is working apparently with Nvidia to make a big data center AI play. And instead of running Nvidia boards on top of intel or AMD cards or Intel AMD CPUs, apparently somebody thinks the future is to run them on RISC v6 CPUs. So interesting. We will, we will definitely have to watch this and see what becomes of it.

C (38:46)

Well, the Apollo Global Management, apparently it's a leading New York based alternative asset manager and retires retirement services provider.

A (38:58)

Ah, it's a mutual fund sort of place. It's a.

C (39:01)

Yes.

A (39:02)

Yeah, it's, it's strictly investments. Okay, well that makes sense.

C (39:07)

And that's what they're doing, investing.

B (39:09)

My prediction, I do not see RISC V in being a big thing in the data center, at least not in the next 10 years.

A (39:20)

I mean you've got a lot of RISC V in the data center already. It's just embedded down inside of stuff instead of being a primary cpu. I don't know. I mean there's a, there's some, there's some interesting problems with AMD and Intel. Right. Like the, the, the 64 bit ISA is getting long in the tooth and RISC V does fix some things. If you could get, if you could get a RISC V like complete modern ISA where everybody's on board with this is the instructions that are in there. It could be really compelling. And I think Sci Fi is trying to, trying to be the company that sets that standard. And if they manage to do that, then, you know, it could suddenly be

B (40:10)

very, very interesting and better than, or a better option than arm.

A (40:19)

I mean one could say that ARM and RISC V are in competition to be the next, the next CPU architecture.

B (40:27)

Yeah, that's kind of what I would say. And ARM is ahead at the moment, I think, but either way I think it's going to take, I think it's Going to take a while even if they do get there. Yeah.

A (40:40)

One thing to remember is particularly with ARM and RISC V is these processor architectures exist outside of CPUs. You've got a lot of embedded devices that are running little ARM cores and little RISC V cores, things like the Espressif ESP. I think the ESP32 P4 is A. It's one of the two. I don't remember which one.

C (41:10)

Don't intel and AMD also use ARM or at least reduced instructions that inside some of their chips?

A (41:25)

Yeah, so things like the intel management unit down inside the chip is a RISC V core and that's where the, you know, the super secret intel code that you don't ever get to look at it runs on RISC v. Yeah, the ESP32 P4 which is one of the new Espressif MCUs. Although honestly this thing is powerful enough that it sort of blurs the line between an MCU and a very low power cpu. You can run Linux on is a RISC V dual core processor. And you know, we're starting to see devices come out that are running these things. People are pretty excited about them. Yeah. So various companies are getting into this game in a way that exists beyond just, you know, what your server runs and what your desktop runs. Seeing these chips out in the wild. All right, let's see. Ah, Rob, speaking of French. We were speaking French a moment ago, or at least attempting it very badly. We're gonna take a quick break and then Rob has a. Rob has a story about the French government of all things. We promise it is Linux related, so we'll cover that right after this. All right, Rob, what's happening in France?

B (42:43)

Well, I'm going to start out by saying pardon my French, except I am not using any French in this. I, I did not, I did not even attempt or pretend to attempt to speak any French during this segment, so you're welcome. Anyway, we've been talking a lot about European countries moving away from proprietary software like Microsoft Office and Windows and Mo to open source like LibreOffice and Linux. This week another domino falls as France is making one of the boldest government it moves in Europe. It is officially preparing to replace Windows desktops with Linux across the country. And every ministry has been told to put together its own implementation plan by autumn 2026. This is not just a rumor or a pilot project. The news comes directly from Ditum Di N u m the French government's Inter Ministerial Digital Directorate as part of a broader national Push for. Well, I think, I think this is the word of the year here. A broader national push for digital sovereignty. We've been saying that word a lot lately. France is not just changing operating systems because Linux is cheaper, but because. Or because open source is fashionable, which it is.

A (44:19)

It's very fashionable.

B (44:21)

Officials are saying very directly that the state has become too dependent on extra European technology, especially American platforms, and that it wants more control over its own data, infrastructure, pricing and strategic decisions. In other words, this is about power independence and who gets to shape the future of public technology. What makes this especially interesting is that Linux desktops are only one part of of a much bigger shift. France is also moving government collaboration towards sovereign tools. And the National Health Insurance Fund has already shifted 80,000 employees to alternatives like TCAP and France Transferred instead of relying on services like Team Zoom and Dropbox. The government has also said its health data platform is moving to a trusted solution by the end of this year. That's pretty fast moving for most things I've. I know about in IT in the IT world, but good for them. There are still a lot of big questions. France has not yet said which Linux distribution it will use, and the real scale of the migration will depend on the ministry plans due later this year. But the signal is unmistakable. One of Europe's largest governments has formally put Linux at the center of its national tech strategy. If France can make this work, it may not just change French government computing. It could continue to influence the rest of Europe as other governments seem to have been already. Now let's take a step back. This might be a political move, you know, or just common sense, you know, that any sovereign government should consider. You know, you kind of want to be a control of your data, no matter who you are, who your political friends are, political enemies are. It's kind of good to have control because I mean one, you never know

A (46:37)

what the future brings.

B (46:37)

But no matter the reason or for the movement, the continued push from Europe, European governments to move to Linux and Open Source is bound to be good for all of us. I always say that more Linux users will drive more devs to port to Linux. You know, I think Jeff reported on the Steam survey last week, which was well above 5%, which I think, I think that. I think that might hit. Might be my prediction already. I'll have to review that later. But anyway, more numbers. Good. So anyway though, one thing to consider is this push is really for digital sovereignty. So maybe that might be a blocker for proprietary software to port, which I know somebody don't care. But some of you really like to see some of this stuff like this, I don't know, some of this proprietary stuff. But since, you know, this move is kind of to not have proprietary stuff, maybe that'll be a slight blocker for some of those apps to port. But I don't think it'll be a hard block. You know, you get more people on Linux and things like hardware manufacturers, you know, even though many of them are fairly decent supported today, you know, a lot more are really going to be forced to make hardware that is well supported on Linux. It, it's not going to be their second thing if, if we start, if it starts spreading all over the place. And you know, and software developers, they're still going to want to try to get their software to where the users are. They may just need to adjust their proprietary approach to appeal to those that want more sovereignty in their software. You know, maybe they'll have to loosen up on their propriet. You know, Open Source licensing doesn't conflict with the ability to sell software. So I mean this could really push openness, open software all around. You know, there's, there's no reason that someone has proprietary software, can't make it a little more open, can't loosen up the control over the, the digital data that's in it. And some of that might be enough for some of these more digital sovereign entities. There are places that want more digital sovereignty. It might be enough for something to get in. So I like it.

A (49:12)

Yeah, I mean it's always nice to see governments in various places thinking about things exist other than Windows. I think even taking off my Linux fanatic hat, I think we can look at the world and say it's not been a good thing that 99% of desktops run Windows. So for, for that it makes sense. Looking at it from a European perspective, it obviously makes sense to try to get away from running all of this software from the US Digital sovereignty is something that makes sense. And you know, I am, I support even being an American, I support them in this. So it's a, it's definitely something that makes a lot of sense.

B (49:54)

Yes, sovereignty from our country, that's fine. As long as it's boosting Linux and Open Source, I'm okay with that. I, I approve of this.

C (50:04)

So do, do you think you'll try Gin Bantu?

A (50:09)

No, I will not. They can, they can do it, but I will not.

B (50:14)

What?

C (50:15)

It's the French Jim, Jimadarn have their own version of Ubuntu.

B (50:23)

Yeah, I Think I saw that. Yeah, I don't think I'd be able to read the, the menus very well.

A (50:30)

I'm sure they have an option to put it back in English.

C (50:32)

The, the one that I find interesting is their application for online meetings. Vizio for some reason makes me think of an. Another application that.

B (50:47)

Yeah, there is a, a charting, Microsoft charting application called Vizio.

C (50:54)

It wasn't originally my Microsoft. I think that's one of those where

A (50:58)

they bought it and branded it. Microsoft brand on it.

C (51:05)

What's the.

A (51:06)

They did the three E's, Extending, brace, extinguish. Yeah, yeah, just very slowly.

B (51:15)

Yeah, you're right. According to Google, there was a Vizio Corporation in 1992. Microsoft acquired them. So, yeah, that's well before I was paying 93.

C (51:29)

They extinguished them.

B (51:32)

Yeah, that was well before I was paying much attention to computers. I was playing Word Munchers back then.

A (51:40)

You know, it's, it's interesting. So something did just occur to me and we talked about this last week and probably it's worth mentioning again, I talked just now about the idea of supporting Europe's digital sovereignty to get away from running US Software. I think it's probably worth pointing out that I also support the United States and its attempts for digital sovereignty to get away from hardware. That's all coming from one country. I don't know that the way that it's being attempted right now is going to work, but I like the idea of let's make more hardware in this country. Just I like the idea of let's make more software in the eu.

B (52:17)

I think that's a lot harder to do than the software piece too.

A (52:20)

You know, there's. There is this saying among hardware devs and software devs that like, software is really, really easy and hardware is really, really hard. Software is basically free, takes more work.

C (52:35)

Especially when you consider that it's the results of some of the American companies, hardware manufacturers, who are responsible for giving that country most of its power in the hardware market.

A (52:56)

Well, I mean, it's been, it's been economic forces, economic forces that have really made that happen. No company is going to say, well, we're going to make it in this country just because even though it costs two times more, three times more, five times more, five times more. In some cases. Yeah.

B (53:11)

Another, another way to look at that. If you want to move from software that's made in France, let's say, and you want it made in the U.S. i mean, sure, you can open source, you can fork and do all this stuff, but if you really want that software, you just pay that guy and he'll. He'll just move overseas. And now he's us and it's made in the us but it's a lot harder to do that with the manufacturing plant.

C (53:34)

So are you talking about hiring him and sponsoring him to come into the us?

B (53:41)

Whatever you want.

A (53:43)

I will not, I will not go down the rabbit hole that just came to mind. But there's. Let's move on. Ask me after the show and we

B (53:52)

can get real political now, but let's.

A (53:55)

I'll make that joke after the show, but there's some history there anyway.

C (54:01)

So we need to partition. Do some partitioning here.

A (54:05)

Yes, Ken, it is time for you to talk partitioning. Take it away.

C (54:10)

Well, Jonathan, this week Marcus Nestor wrote about the latest stable version of the Debian based LIVE system for managing disk partitions graphically. I am talking about, of course, departed. In this case, it's version 1.8.13. It is powered by the Linux kernel 6.19.10 and based on the Debian SID, the unstable repositories as of April 4, 2026, shipping with GPARTed 1.8.1. It implements a workaround for the block id command to identify blocked devices, preventing false detection of whole disk ZFS. GPARTed Live 1.8.13 also introduces a new boot menu entry to verify the integrity of the live boot medium. It replaces SHA256 with B3 Sum for checksums and fixes an issue with the checksums of the files inside the LIVE system. As always, check out Marcus's article for a link to the release notes and other details I didn't cover.

A (55:31)

Yeah, nice. A small but nice update.

C (55:37)

Time to get the latest Ventory update and update my Venturi USB stick with this as well.

A (55:48)

That is a, you know, that is a really, really fresh copy of Debian Sid. April 4th. That's like a week ago it was. He was like three days earlier when they, when they did that. So that's, that's a very up to date Debian install. As. As up to date as you can get with Debian, I think.

B (56:09)

Very up to date. I mean even though the soft round, that's like three years old. But no kidding.

C (56:15)

Actually, no, not.

B (56:16)

I know, I know. It's joke. It's a joke. Ken, calm down.

C (56:20)

You're thinking of Trixie.

B (56:22)

Calm down. Easy.

A (56:29)

All right, so it seems like can't have a show about Linux or Open Source these days without talking about AI, at least somewhere in it. And I came across this week a story in the Register. This is where Greg Kh, excuse me, not Greg K. StephenJayvon Nichols is talking about Greg Kh actually he's talking about Project Glasswing which I wasn't super familiar with, did some reading about this is a group of big tech companies coming together and investing about $100 million in AI. And what they are doing particularly here is putting this project towards finding bugs in open source software. And they've got something called Mythos AI which can actually apparently generate zero days, can, can find vulnerabilities and actually generate zero days, which is pretty interesting. Now there's probably some timing here and Stephen J. Von Nichols points this out that you know, not very long ago we talked about Greg KH and his, his opinion that vulnerability hunting using AI has gotten a lot better within the last few months. And it makes me wonder if, if Project glasswing and some of the things behind it is what caused that, what caused that bug hunting to get a lot better. One of the companies behind it is Anthropic and they claim that they found a 27 year old bug in OpenBSD, a 16 year old bug in FFmpeg. And one of the points that Nichols makes here, bond Nichols makes here, is that not every bug is a vulnerability, which I think is worth thinking about. Some of these are and can be weaponized, but not all of them are. But the other side of this is finding vulnerabilities is only half of the battle. And you have to have someone on the project side that one can read through the report and verify that it's a problem, but two can also fix it, fix it in a way that makes sense that's not going to cause other problems. And when you get a whole bunch of vulnerability reports, it's a lot of work. And so the question is now what is Glasswing going to do to these open source projects where it is reporting all these vulnerabilities and it is pitched that glasswing is going to hunt down and fix vulnerabilities. So all I can say is I look forward to all of the great high quality pull requests that this will result in and not just the security reports and hopefully that can be reality and not just the sardonic snark that it feels like right now. One of the other things Von Nichols points out is that Mythos, this new AI bot, totally closed source, nothing really open source about it, which, you know, it would be nice for this to be opened up if it's going to be working on open source software. And then there's sort of a flip side to this coin that was just quite humorous and that is that Greg KH Greg Karl Hartman, the Linux number two guy, has been working on new fuzzing tools for the K SMBD and SMB code he says purely because it's something that is simple to set up and test locally with virtual machines. And he found some minor problems for it. And we are now seeing things are signed off by Greg Karl Hartman and then assisted by Greg KH_Clanker._T1000, which is just hilarious to me. Clanker of course being the slightly derogatory term for an AI bot and the T1000 of course being a Terminator reference. So Greg KH has built his own model and is using it for doing some kernel work which is, you know, obviously there's some humor going on there, but interesting times to live in to be open source devs.

C (60:48)

Yes, yeah. But I do like the name KH gave as a tool.

A (60:57)

It's funny. Yeah, I got a real kick out of that.

B (61:00)

It's scary to think though the good guys have an AI that can find zero days what the bad guys already have.

A (61:09)

I mean it depends upon who you mean by the bad guys, right? If you're, if you're talking about you know, the, the guy in his basement, the script kid in his basement, well this probably, you probably don't have to worry about that. But I mean if you talk about like the NSA or the equivalent of North Korea or China or Russia, then I guarantee that, yes. They are also spearheading this research into finding vulnerabilities using AI. Absolutely right.

B (61:39)

The guy in the basement isn't necessarily going to have the, the CPU power, GPU power and all that to maybe find these. I don't know. But still, if, if it's valuable enough, I mean it, it doesn't even necessarily need to be a government. These, you know, if these ransomware folks are making millions off of, you know, ransom.

A (62:02)

So you don't, you don't actually see ransomware gangs using Zero Days very often. Occasionally they will, but usually what happens with ransomware is they just find a disgruntled employee. It's so much, it's so much easier

B (62:16)

just because that's what they have done. If there are new tools, there's no reason they aren't going to think about diversifying.

A (62:25)

Possibly. I, I think, I think you'll see the state sponsored groups though really being the ones that use this kind of thing. State, state sponsored and then Also groups like NSO Group and, and that sort of mix the, you know, the legal spyware guys, the, you know, the ones that come up with these crazy vulnerabilities where you can send a text message to an iPhone and the next thing you know is you've got malware running on it and it's legal because the right government told us to do it and gave us pretty warrants and everything.

B (62:53)

And money, sure, I think, I think that's likely, more likely. But for people like me, for the most part, I'm not going to be a target of those, except for maybe botnets. But for the most, there's not, they're not going to be targeting me to extort me or anything. So for me, my worry isn't those people as much for me personally actually,

C (63:18)

my worry is after hearing the latest security now issue is LinkedIn, I think

B (63:25)

they're gonna, they're gonna extort you.

C (63:28)

They are. You didn't listen to the security now ish. Latest security now where Steve talks about how as soon as you pull up a LinkedIn page web page, it starts getting, gathering information about you.

A (63:44)

Yeah, that's a, that's a little different though from hitting you with a zero day and trying to either move Bitcoin out of your wallet or, you know, install something that's going to persist after you close the page.

B (63:57)

I mean, as soon as you put yourself on a dating app, everybody else looking at you is trying to figure out all the information about you. So.

A (64:04)

And what is LinkedIn except a dating app for workers or businesses. Or businesses. Yes.

C (64:14)

Helps that worker find the right HR person.

A (64:17)

Yeah, yeah, exactly. All right, well, that is our fun for the day for news stories. We're going to get into tips here in just a minute. We're taking one final break and then we're to come back and we're going to talk about aptui.

B (64:31)

Bless you.

C (64:31)

Bless you.

B (64:35)

All right, so my command line tip for the day is AptUI. So I started out the show talking about Apt. I'm going to finish my part again talking about Apt. Apt being the package manager for Debian based distros. Well, AptUI is a TUI application to help you manage. It's a front end for apt. And let me just show you for those who are watching. So for those watching, I have apptui up here. I could search what I want. So right now I am on the all tab. So this is everything that is in the repos. I can navigate down through it and it's going to tell me over on the right the package name, the status if it's installed or not, priority description, install size, all the data you could think of which I know it's behind my head but no one's going to read that anyway. And there's a search filter at the top so I don't know what to search for but yeah you could filter and filter the alt so and it and at the very top there is a menu I could tab over to the. Why can't I tab over Because I am stuck in the search There we go. Because I was stuck in the search fielder had to escape out of that so anyway I could tab over and it's going to show I'm in the installed tab. It's listing everything that's installed same information on the site. Oh and up at the top right there is a status that says how many packages are installed. I got 454I have recommends on suggest software I can tab over and see what is upgradable so I can see this you know same data what's upgradable There's a cleanup tab I'm that's probably where like if you have packages waiting to be auto removed I'm assuming I don't so I don't know what that looks like Tab over to errors I do have a package details with the CA certificate app cache problem renaming the file I don't know what that is but I do have an error in there transactions you can see a transaction history tab over you can see the repos you have it's just the default ubuntu repos here again go back and and on here like on the all or on the installed you can right from here you can hit space to select so you can multiple select I if you want to install R if you want to remove there is a help menu that gives you even more detail I should press H and then you got purge and hold and pin and unpin and I don't know about everything I don't know if it has everything you can do. An APT maybe doesn't have those new features in there yet that I talked about earlier but I don't know it's a really nice two interface I thought to APT to really I don't know let you see everything Cool.

A (68:01)

I like it.

C (68:03)

Does it give you access to the new history features in APT in light

B (68:09)

like the stuff I talked about earlier? I don't have that version of APT on here so I'm guessing they don't have that there already actually I Was

C (68:18)

just looking at the GitHub and it looks like with the latest version it gives you transaction history.

B (68:27)

Well, yeah, there is transaction history, I guess. Actually, yeah, I did show that tab. I don't have any transactions in here yet because that must just be transactions that have been done in here, I'm assuming, and I haven't actually used it. Oh, and I do see now that I see this on the transaction tab there is a Z to undo, X to redo, and I don't know if that's a 0 and O for transactions, but I guess I missed that. So I don't know if that actually requires you to have the app 3.0.2 yet or what, but I guess it is in the transactions and I didn't even notice it.

A (69:13)

Cool.

C (69:16)

I wonder if this will be improved as the app keeps improving as long

B (69:23)

as they don't abandon it. That's how apps work.

A (69:28)

That's how apps work. All right, Ken, what you have for us?

C (69:33)

Well, this week I am going to be demonstrating a command line sound tester for ALSA sound card drivers called Alsabat. For those of you all listening, I've actually got a link in the show notes that'll let you see how it operates. But Alsabat is a simple command line utility intended to help automate audio driver and sound source server testing with little human interaction. Al can be used to test audio quality, stress test features, and test audio before and after PM state changes. It also plays an audio stream and captures it in either a digital or analog loop at. It then compares the captured stream using an FFT with the original to determine whether the test case passes or fails. And are you ready to see me demonstrate this on the terminal, Jonathan?

B (70:36)

I am not sure.

C (70:39)

Well, I'm going to use a schema to demonstrate. That way I don't have to do that video. The loopback that I had to do during the test. The one thing you want to remember is you can do a dash question mark after aslbat to find out all the options available. Now you can run it without susing and it'll do the test on your default ALSA sound card. Or you can go in and enter some options to indicate which sound card you're running or just to indicate the information for the number of channels and the bit format that you want to use and the frequency that you want to test at. For those of y' all watching, you'll see that my screen is just going through doing all that. I did a couple of different tests. The first one was Just a basic one. And I'm going to scroll back up here so I can explain that we're just running Alphabet. I had had manually gone in and made the My ALC 897 audio sound card the default. And it tells you what version of ALSA utils it's running. It tells you that it gives all gives you the period size and the buffer size that it's using for playback as well as for capturing. And then it gives you analysis. The signal has 65,536 frames at 44,100 Hz, 1 channel 2 bytes per sample. And for the channel 1 it starts by checking for target frequency of 996. 7. If you wanted to you could actually use the options to change that frequency to 1000 but was reading that you. It's recommended to use something off of 1000 so you don't have to worry about harmonics as much. And then it goes through gives the amplitude and the percentage and where it actually the frequency that it detected the peak at as well as its level and what the total level for the frequency range in question is and whether or not it passed or failed the 997pass peak detected at target frequency. Then it went and did some other tests for 29.91.10 Hz, 4984.94 Hz, 6978.78 Hz and 8973.29 Hz. All of those felt because of the peak frequency being too high in relation to the test frequency. Then when I tried doing it with specifying the hardware, it came back and it gave me a warning signal overflow. And if you look at that amplitude there, Jonathan 51417.1.

A (74:32)

It's really. It's a lot. Yeah.

C (74:36)

So when I saw that I tried it without specifying and for whatever reason it came down and it passed for the 99 997. So I went back and tried it again with the hardware. It felt again. This time I started playing with ALA mixer to adjust the level and I ran it

B (75:08)

and

C (75:10)

as you can see that did have an impact on the amplitude. Brought it down, Adjusted it down to about 3, 40% or no 49, 50% for the line in and line out.

A (75:30)

Interesting. Let's go play with also that. It looks pretty fascinating. Very cool.

B (75:37)

So I do have a couple follow ups. I did install something via the the app 2e and then it shows up in transactions. I can't do anything the Undo and redo is grayed out. So that must require the new app 3.2, so they must have just added that already to the tui, I'm guessing. And the other thing, I am not running this on a GUI system. It is just a server without. Without Wayland or X or anything. And my mouse actually works on it, so I'm a little surprised. I actually can mouse click around on the tabs and on things which I.

C (76:18)

Are you running version 0.7.0.

B (76:24)

Oh, of app two? Yeah, it's the latest.

C (76:29)

Okay.

A (76:31)

All right. Okay, Very cool. I have got a quick demo. Let's see if I can get the screen share working here. So. Yeah, there we go. See if I can make this all a little bit bigger. Well, that side's bigger. We'll do this one at a time, I suppose. So if you recall, we've got Grafana running and we've got a Mosquito install running and I have here where we are subscribed to Mosquito and we're just watching for everything there. And I was asking myself what would be a good MQTT source to play with and of course I went with meshtastic because you know, it's kind of. It's kind of the project that I'm invested into right now. So if you don't know, we've got meshtastic D which runs a real meshtastic instance on a native Linux machine. So go ahead and start that up. Getting that set up is not the thing that I'm necessarily going to talk about, although we are going to talk real quickly about how to set up mqtt. So there is the Mustastic command line terminal and we got to tell it host local host and then we can just say. Set the MQTT address to 127.0.0.1 local host. Of course it does stuff on the left hand side and we do that. And then we're also going to come in here and grab the next line which is to set it to enabled enabled. True. And then the other thing that we have to do is tell it to enable Bullet for channel. It is a little bit fiddly and meshtastic to get this done, but it's usually not too bad once you get. Once you know the trick, once you understand what all you have to set. So we have set MQTT to localhost, we have enabled it and then we've set the uplink and the downlink for channel zero. And in theory we may have to give it a quick reboot but in theory that should get things moving. We can do a dash dash, get MQTT to see how it's set. Enable true 127001 and of course, the username and password is just the. The default that it ships with. And nothing yet. This is a live demo. So of course there is the possibility that this isn't going to work. It's always possible. Let's see. Fourteen seconds ago, that should have. Yeah, let's try giving this a dash dash reboot. Sometimes things need a reboot for it to become live. Hold on, we'll get it. We'll get there. I know I'm crazy for doing this live. All right. MQTT connected on a private IP subscribe to. That's where it's going to go to 2e short fast. We can refresh that. Give it a second. Wait for real packets to come through. Hey, look, we've got real packets. There we go. Now, you may notice that over here in our MQTT window, these packets are just. They're gobbledygook. They're garbled. Actually what it is, they're encrypted. And this is something that you do a lot with mqtt. You will run a second command to basically translate it, picks it up off of one MQTT topic and then puts it back on another. And there is a tool that we're in the process of writing that does this for meshtastic MQTT packets. So we're gonna get this going real quick. So I've pulled it down. Git clone. I'm gonna use PIP to install the requirements. We are gonna hope that this works. It may PIP command not found. Yeah, give it a second. Literally doing this live here. So we'll see if it's going to let us do it. Yeah. All right. It went through and it installed. Now we should be able to run a Python command that will connect to the local MQTT server. This is what it looks like Python 3. And then it runs the script messtastic protobuf to JSON script. We're going to tell it regional us. That's where I'm at. The broker 127001. That's the local thing. The PSK, the AQ equals, equals. That's the default. No password. And then we have debug turned on. Let's see what it does. All right. It thinks it's connected. It says it's subscribed to Mesh us to JSON. Let's wait for another packet to come through. And we'll see what happens. The waiting is the worst part. Got one of these machines set to send a packet every 30 seconds. There we go. All right, now check this out. So we have first the encrypted packet up here, gobbledygook. And then we have in JSON a decrypted packet. This is on a second MQTT topic. All right, now do we have time? I think we have time. I think we have time to look at the next step real briefly. Let's flip over to the actual Grafana tab. And so this is basically where we were last time. We've got the MQTT connection there, but not doing anything with it. And we're on a new dashboard. We can add a visualization. So we're going to add. We're going to say use the MQTT data source. And over here under topic, we're just going to give it an asterisk for now, or excuse me, not asterisk. Pound sign. Pound sign for the moment. And in theory, here in bit, this will get a packet. Sometimes Grafana is a little slow about this anyway. But what we're going to do is we're going to go into transformations. This is how we take it from just that raw text string to something that we can actually use in Grafana. And the first one is, I think it's just, yeah, extract fields. We're just going to do extract fields. This lets us take JSON, which is one of the options, and it'll pull all of these fields out for us so that we can look at it and see what is in there. We are pulling a little bit of data you can see on the one panel. But this is just ID and timestamp and to and from a channel. Not really what we're interested in. So this will. This will get us better data. So source. It's now it's seen something and it's actually payload is what we want. Now we're getting somewhere. Because now up here in our preview, we've got not only the channel and the time and the id, we also have uptime seconds and free MEM bytes. This is the telemetry that we were looking for, that we want to actually look at. And I can add another transformation and there's all kinds of these transformations inside of Grafana. I am looking for one of the filters. Filter field by name. That's the one. So I don't want the id, I don't want the value. We can keep the timestamp. I don't need the one. Oh, we need time, we don't need timestamp, we don't need to. We don't need from. We don't need channel or sender or type. But we do want to keep these, the uptime seconds, the free mem bytes disk, free bytes to load. And in fact if you wanted to you could actually click go in even closer and say all I want is those three. Then we could say save. That's fine. Now again, so this is something with Grafana doing MQTT again we come back to no data and inside Grafana Using this DirectMQTT connector, it is completely ephemeral, meaning it doesn't save this data at all. All that it's doing is it's taking it directly off MQTT and throwing it into the browser. And so if we sit here long enough we'll get these data points. And so it's doing something really interesting here. It's actually pulling from two different machines. It's why it's going to look really weird. Really what we would want to do is go in here to edit and under transform we're going to want to add yet another transformation to. It's another filter. I believe it's filter data by values. Yes. See if I can get this going real quick. And we want this to happen further up here. Let me have to zoom out. Grafana does not super like being that far zoomed in. So we're going to include. We'll add a condition the field in this case we'll grab sender and then is equal to. And I don't even know off the top of my head which one we want to grab. You know there's a. The different sender values and we could probably pull it up real quick. Yeah, here's one. I'll grab it off of the command line terminal that we've got. We say that one. There we go. So now we are looking at fewer of these and you know, it takes some fiddling. I'm not going to get this. It took me about an hour I think on the desktop behind me to get this really dialed in the way that I wanted it. But you eventually get to a really nice bit of data that you can pull just from MQTT and you see again we're getting more data here. It looks like we're that that filtering probably needs more fine tuning. So it's probably not sender, it's probably from. That's probably what it is. So again we'll save and apply. This will probably make more sense. Grafana is like this though, until you really get good at it. You gotta, you gotta fiddle with it and try it and play with it. To take this and to really take it to the next step, if you want to make it more useful, would be instead of just doing a direct pull with that MQTT connector, you would actually, you would use a time domain database is what they call it. And that's where, you know, you take one of these things off of MQTT and you put it in a database and then you pull it out of the database to make your, your visualization rather than just going straight from MQTT onto a, a dashboard here. But that is basically how Grafana works. And hopefully I didn't try to stuff too much into each of these. It's been really cool for me to sort of step through and figure out how these things plug in together and. Yeah, maybe, maybe next week I'll fine tune this at the end of the show next week, I'll show you exactly what it can look like once, once everything is put together the right way. It's fun though. All right.

C (89:18)

Always fun playing with a new toy.

A (89:21)

Yeah, it really is. It's cool. And you could do some really cool stuff with Grafana. I've seen people just go nuts with it. And it has the ability also to give you alerts, hurts when values go, you know, above or below a range that you set and some neat stuff like that. So, yeah, it's. It's pretty cool.

B (89:37)

Yeah. Once you finish with all this, I'll. I'll watch all of them together and start experimenting with the Grafana myself.

A (89:46)

Yeah, well, I think, I think probably last week in particular with actually setting one up is enough to get started and then, yeah, I'll go through next week one last time. Just looking at the way things are set up that actually give us valuable data.

B (90:00)

Yeah, I'll wait till you finish the whole whole series because I'll have more time then.

C (90:05)

I don't think that's one that you could capture with a schema.

A (90:09)

No, probably not. Probably not. Probably not.

B (90:13)

It's always more time tomorrow.

A (90:14)

Yeah, always. Yeah, that's how that works, surely. All right, Ken, you have anything you want to jump? Get in for the end of the show, get the last word in on something or plug anything.

C (90:27)

Yes. For those of y' all listening, I do have a link in the show notes to an article by Sarov R. Rupal. It's about a two minute rig and talks about anthropic funding the Apache Software Foundation.

A (90:43)

Interesting. Very cool. All right.

B (90:46)

And Rob, I just got my usual plug and that is me. I'm gonna plug me anyway. You can come find me Robert P. Campbell.com Once you get to my website. There are links there to LinkedIn, Twitter, Blue Sky, Mastodon, and you know, follow me on there. And if I do post anything, like maybe that open snitch, little snitch, side by side comparison, it'll be there. And if you really want me to try really hard to get that done, you can always go here and incentivize my work by donating a coffee to me on this little coffee mug on my site.

A (91:37)

Yeah, very cool. So I real quick wanted to show that I did get this working. It was a decimal versus hex issue. And so it's literally just the from value. I had this in hex and it needs to be in decimal. And now we are indeed pulling some live load values from there. And so we now have a load panel going through, well, through meshtastic, but also through mqtt, through the script to decode it, and then into Grafana. And this is. Yeah, this will be useful for watching what a system is doing. And I think like we said next week I will have more of this all prettified and we'll take a look at what it looks like when it's all put together. Yeah, we let the, we let the guys get the last word in. And the only other thing that I want to say is if you want to find more of me, there is one Floss Weekly over at Hackaday. We have a lot of fun there interviewing the movers and shakers, as it were, of the open source world. Appreciate you, Ken and Rob, for being here. Thank you so much. All right. And we appreciate you, all the people out there that watch and listen whether you get us live or on the download. And we'll be back next week on the Untitled Linux Show. SA.