Jonathan

This week we're talking about Flathub drawing a line in the sand. Jeff breaks and then fixes his own laptop. He really Microsoft it up. X86 goes to 6.0. Cloudflare talks about when idle isn't really idle. There's a new ardour, there's more anti lag and we start talking about Ubuntu 2610, then eventually 28.04. It's a lot of fun, you don't want to miss it, so stay tuned.

Rob

Podcasts you love from people you trust.

Ken

This is Twit.

Jonathan

This is the Untitled Linux show, episode 258, recorded Saturday, June 6. Leans the wrong way. Hey folks, it is Saturday and as you know, that means it's time for Linux. It's the Untitled Linux Show. We're going to geek out today over software, a little bit of hardware, open source, all kinds of fun stuff. We got the guys with me. Going to be a great show today. Hey, Rob. Hey, Jeff. Hey, Ken. Welcome to the show.

Jeff

Glad to be here.

Ken

And I'm glad the mute button's working.

Jonathan

Yeah, absolutely. It's always good to have a mute button. That way we don't have to listen to you blow your nose and sneeze and cough and all of that other good stuff. Goodness gracious.

Rob

Specifically you, Ken.

Jonathan

Yes, Ken. Ken in particular. You don't want to hear any of that,

Ken

believe me. You don't want to hear me cough, sneeze, few other things.

Jonathan

Isn't it the truth? So we are going to start, we're going to dive into Flathub, and Rob's got the story. What's new at Flathub?

Rob

Okay, so. And this is how Snaps win. Flathub may have just handed Ubuntu and Snaps a gift. So I know in the Linux world, saying something positive about Snap is usually a good way to start a fight. For years, the debate has been FlatPak versus Snap and app images. Somewhere in there too, I guess. But Flatpak had the community goodwill. Flathub had the better desktop app story, Snap and Canonical server side control, and a whole lot of criticism from people who didn't want their Linux app ecosystem tied that closely to Ubuntu. But now Flathub has drawn a very hard line on AI. Some might like that. But anyway, according to the new policy, applications containing AI generated or AI assisted code, documentation or other content are not allowed. And this, not just this. And this does not just mean the app itself. It includes the Flatpak manifest, metadata patches, build scripts, and even the pull request used to submit it. In other words, if AI touched the process, flathub may not want it at all. Now, to be fair, I understand what they're reacting to. Open source maintainers are already overwhelmed with a wave of low effort, vibe coded apps and pull requests. You know, it could create a ton of review work and the person submitting that AI generated code may not even understand what it does. So from the maintainer side, this probably feels less like an anti AI crusade and more like a survival mechanism. But from the outside, this looks like flathub stepping in the exact opposite direction of where the rest of the Linux ecosystem and the world just seems to be going. You know, Red Hat is building its entire AI platform. Fedora is discussing AI developer desktop objective. Ubatu is laying out plans for local inference, AI assisted accessibility features and system automation delivered through removable snaps. You know, we've had stories on these the last few weeks. Canonical is basically saying AI is coming, but we want it local and transparent and optional. Flathub meanwhile, is saying if AI helped build it, we may reject it. And that is where this gets interesting. The old argument was that flatpak would win the Linux desktop because it was more community friendly and better suited for graphical apps. But if the new developers are using AI as part of their normal workflow and flathub tells them that even AI assisted documentation or metadata could be a problem, those developers may just simply publish elsewhere. And maybe that, you know, maybe that's Snap, maybe that's AppImage, maybe maybe it's direct downloads, but it weakens the idea that flathub is the obvious universal app store for Linux. You know, I don't think flathub is going to dwindle down to nothing tomorrow. It's maybe a little too dramatic, but I think this could be a turning point because the future of software development, it's not, it's not going to be no AI touch. This the future. You know, we can already see the trend that the future is going to be, you know, a human is still responsible for what AI help create, but AI is in that. And you know, if flathub cannot find a way to separate responsible AI system development from low effort AI slope, then, you know, others like Snap may win because, or, you know, may just win out that, you know, because, you know, eventually every app is going to have AI touching it and there's not going to be anything left to publish at flathub, you know, except for I don't know what. But so Snap may win just because flathub told the generation of developers to go somewhere else. And I don't know, I get the whole fear and the problem, but I think we have to learn how to work with the tools and embrace the tools rather than fighting against them.

Jonathan

Yeah, so a couple of things I'm looking right now to see if they've since then made any changes to this and there, there is minor updates it looks like, but nothing that is actually changed. Yeah, they've not backed down from this yet. But if you, if you look at some of the commenting that goes around this, like the, the really hard stance they took in the documentation is not the actual stance that they're using in practice. So there's an exception for existing programs, there's an exception for runtimes that may have AI generated stuff in it. And this is more just a kind of out of frustration reaction to the conversations that they have had with various Vibe coders. Well, my Vibe coded app is different, it should totally get in there. You know, they sort of said, well fine, we'll just remove the exception and we don't want any of these. And obviously I think they've, they've been a little over broad in their statement here, but I think the, the actual reality of it is going to be a little bit more sane.

Jeff

Yeah, I mean I get they're dealing with so much slop, but I think going scorched earth is not the right way because even though there's exceptions in there, the kind of upfront message is go away. And there probably was much more articulate ways they could have handled this.

Jonathan

I will say, and I've seen this in other projects and we've talked about this even on the show here before, just the amount of volume that AI is allowing the well intentioned new projects and pull requests that you get now from so many more people because AI enables them to do it. And a lot of those may be decent code or have decent points or be workable projects, but it's just we're talking about two to three times the amount of work we're asking these maintainers to do. And that part is just, it's not sustainable, literally, you just don't have the time to keep up with it. So what some projects have done is they've really leaned into the, okay, let's use the AI to review these and then you've got other projects that it's like we want to still review everything by human and something else has to change for that to be possible. And I think that's kind of where this comes down to?

Jeff

Well, I think it's which direction are

Jonathan

you going to go to make it even possible to try to review things.

Rob

And I can understand a stance of not wanting like something stuff in there that's all AI, but especially things I think like documentation or language, translation, accessibility, things like that I think are perfect use cases. That does not significantly affect or hinder the application itself in how it runs.

Jonathan

Yeah, so Petrowski, who's the guy that wrote the change, he noted that the previous gentler policy didn't reduce the workload, so it was ineffective. Basically he said we need to be meaner about it to be able to make this work.

Jeff

Yeah, I think, but you know, this probably, you know, two things are going to happen. One is the maintainer is going to find ways to deal with this. But the other is it's not going to be, I don't think that much longer before AI starts charging what AI actually costs. And I think a lot of this, oh, we're going to run, generate all this stuff on a whim is going to kind of go down. I mean it won't go away, but it's going to throttle some of this stuff.

Jonathan

I tell you. GitHub with Copilot has definitely started doing that with this month. They have made changes to their billing and talk about scorched earth, my goodness, I've seen some projects that are basically, they're going to get charged 10 times more for the same amount of usage. So like going from 600amonth pilot usage to suddenly a $6,000 a month bill, it's pretty, pretty, pretty big deal.

Rob

You know, I wonder, you know, what their stance is AI touching it at all. So if something like Mythos or M Dash or some, somebody finds vulnerabilities and you know, they, they use that discovery to fix it. Oh no, AI touched it. Better not fix that vulnerability.

Jonathan

Yeah, and obviously these guys are not going to that extreme. They just, they want.

Ken

The wording is that basically if you submit a brand new app to Flathead and you used an LLM anywhere in the project just to review to make sure you don't have any bugs in it, even the official answer is no.

Jeff

Well, and I agree with Rob, I mean especially calling out like documentation or translate now you're getting really just pretty, you know, like I said, they went scorched earth and it just was. I think it's just a bad PR move.

Jonathan

Yeah.

Ken

Or is it?

Jonathan

It's. Well, I mean we're talking about them so that any publicity is good. Publicity. I don't know about that in this case. No, it's just, it's born out of frustration. It's born out of frustration and just, you know, coming to a point to where you're trying to figure out what can we do to make this work at all. And you know, probably not the, the long term. Right solution.

Rob

But you mentioned the comment on how the previous did not lower their workload. Now, is that because they weren't targeting the right things? I don't think so. It's probably because people just submitted it anyway, so therefore, you know, and when

Ken

they got a note, they argued back.

Rob

Yeah, I'm going to say, I was going to say is now that it says no AI as like people weren't following the rule before, why are they going to follow this rule? They're just going to keep submitting it and they're going to have to filter through and filter it out.

Jonathan

Well, but now when you say no, there's not really an argument to be made. Oh, but my LLM generated app is different. Doesn't matter. The rule says you're out at some point. It makes it easier to basically just say, I gave this person an answer. I'm now going to block their email address because you've got a black and white rule that they're.

Rob

What if they targeted things like, okay, they don't want development, but

Ken

is Flathub the only source for FlatPaks?

Jonathan

It's the most popular centralized source. But it's not the only one.

Rob

No, it's the one that's usually configured.

Ken

So who can creators send a flat pack to or submit a flat pack to to publish?

Jonathan

I mean, you can publish it yourself. I think Fedora has one. There's a, there's several of these different. I've not done a exhaustive search, but I know there are several different flat pack repositories. Flathub is just the, you know, the, the one that has the name recognition, I think.

Jeff

Popularity contest.

Jonathan

Yeah.

Rob

I think if they want to take a hard stance and still allow things that, that are, you know, not way out there, I think they could say no AI created code, even though I think that's maybe a little too far and just automatically include exceptions for like code review and, you know, other. All the other things that we kind of mentioned. Yeah, I don't think there's any reason why they can't.

Jonathan

And I anticipate, I anticipate them backing back from this in the next few

Ken

days or coming out with an alternative hub for AI generated Flatpaks only.

Jonathan

I doubt these guys will do that. Somebody else might, but I doubt these guys will do that.

Jeff

Well and I've never submitted anything, but I would think at least some of this would be, you know, you kind of have an entry form of like, okay, you're going to submit. It needs to be this quality. It needs to compile right away. It needs to run automatic, you know, when you. Because I'm sure they probably have at least some kind of build checker or something. You know, I would think maybe, maybe not. I mean, but it seems like you could put in also some basic. If, if it doesn't work or doesn't install properly or what it. Okay, it's. We're just flat out rejecting it. We're not looking at it. We're not, you know, little, little automation to streamline without even going to AI

Rob

there in general, I think there seems to be a little too much of the flat out no going on in, in the community overall in general in lots of places.

Ken

And part of that's because they're not finishing that sentinent. No, I don't have time to review this. Sure.

Jonathan

I mean there's a limited amount. So much of the ecosystem has just been run on essentially goodwill of people working in it for so long and like that's. This is legitimately one of the problems with the AI boom right now is it enables one part of the open source ecosystem to be much more productive, but it increases the workload on another part of it. And you know, sort of remains to be seen how that balance is going to work out. And if you have things like this, as you know, to some people's thought process, this is the only possible option. You know, something's got to give. Well, let's just get rid of the AI apps. That's the problem. Let's get rid of them.

Rob

I think, I think we've brought it up before that I think the right answer is just to find the tools, processes and the right procedures to make

Ken

it work for every individual.

Rob

Yeah. Otherwise those who are using the tools will make it work and those like Microsoft are going to use the tools and they're going to clean up all their security bugs.

Ken

Are they?

Jonathan

So I'm going to link here. There's a, an open issue where.

Rob

And Ileg's got it right. It's called throwing the baby out with the bath water.

Jonathan

Yeah. Well, so I'm looking here an open issue, closed issue actually. Where Bbhtt, that's the, the guy that did the change from Flathub talks more about why and some of the thoughts here and why he doesn't think that they are going to change it and come back with a different take on it at all. So feel free to go and look at that on your own. We're actually going to move on and we're going to talk to Jeff about his laptop. What happened with Lapi? Jeff?

Jeff

Well, you know, I touched on this last week a little and I have a laptop that I needed to boot into Windows for a project I was doing. Now this was software which was going to hit some unique drivers to program. Black box I have and I didn't want to try to see if it would work on wine is I want to make sure this was going to be done correctly and I didn't want to take a chance on bricking this particular item. And I, I have a laptop I can dual boot, but I haven't been in there for a long time. So you know, when I boot into Windows it had to do a ton of updates. You know, like I said, it's probably maybe a year since I booted into Windows on the thing and but I wanted to make sure the drivers were up to date and everything was up to date. So I let it, you know, download, install and reboot, do that loop, you know, 50 times. But one of the times that one of the things it did is it did a BIOS update on me and I wasn't prepared for that. Maybe it wasn't the BIOS update, but long story short, I was in Windows, I got my task done, my box got programmed, I was going to jump back to Linux and I lost my Grub. I couldn't do anything but boot back into Windows. Grub wasn't even working. Now I said, you know, I was just going to reinstall, but then I thought, why don't I see if I can save this rather than reinstall. You know, I. And I did, did Google some things. So don't think this was something I could just rattle off the top of my head. You know, I'm not, I'm not a pro like that, but I can, I can follow directions. Now the steps that I'm taking here, this is specifically for cache, but they're going to be close to kind of what you would do for other distributions like Ubuntu or Fedora. And I'm not going into great details here of, you know, exact command line settings or anything like that. So it's. So this is kind of just the process that I went through. And the first thing I did was get a live ISO so I could, I could boot, you know, from a usb and that way I could, I could bring it up and I wasn't on the mount, trying to run off the drives on the laptop itself. Now the second thing I had to do was I had to mount the drives. Now, you can use Chroot to do this, you can get it done. But I used cache. Chroot does the same thing, but it makes it easier and does some auto mounting of things. Now if you're in another distribution such as Ubuntu, there's Schroot, which will help automate some of the Chroot tasks as well. But more about them at the end of the show. Foreshadowing, but I pointed the program at the correct drive and it gave me a list I could navigate with the arrow keys and get my drive mounted and I CH routed into it. Now, from then I needed to reinstall the grub files into my EFI directory. I used a sudo grub install command and I won't bore you with reading the full option list, but there were three I needed to set. Basically saying I'm running on an X86 with EFI. I gave it the location of my EFI directory and my bootloader id. So once the file is installed correctly, then I could use the sudo make grub make config o and then slash boot grub grub CFG command. So it's generates a grub configuration file. Now I did get a warning that the OS prober was disabled. So I then had to go into my grub configuration and uncomment the OS prober line and run the grub make config command again. Now they do that because they say this is for security because they don't want it. You know, somebody pulling in a new operating system or something they think is a new operating system. But this is my home machine, I'm not worried about it. So I turned the operating system prober on, reran the config command, and now it found both the Windows and Linux operating system. And then all I had to do is reboot. Once I rebooted, I was greeted with my grub menu with both cache and Windows just like I wanted booted into Linux and everything was back to normal, just like nothing had ever happened. So, you know, and like I said, I'm telling this story because I was. I'm not trying to give exact details on how to fix your system if you have the same thing Happen, you know, because depending on the distribution you're running, the commands you run, you know, the syntax is going to be a little different. But now, you know, that wasn't that big of a deal to fix the issue. And I'm just kind of thought this would be a little bit interesting so that the newer people to the Linux family, you know, might rather than go, oh, everything's trashed, just hit the search engines a little bit and just figure out your own breakage. You know, it took me about 10 minutes to fix this and you know, at worst I would have just had to reinstall. But the biggest thing is not to be afraid of your system. And you know, Linux, if you don't know it very well, there's a lot of help out there. You know, Windows caused my problems, but now I know what to do if I ever boot back into Window again and I have to unmicrosoft my computer. I now know what to do.

Jonathan

You Microsoft up your computer. Yeah. And then you fixed it.

Ken

So Ms. Is a curse word

Jonathan

but.

Jeff

But newer people. Yeah, just something happens. Just look at as like a little puzzle you're solving or didn't you used

Ken

to run that other operating system in a vm?

Jeff

Yeah, but the laptop came with Windows so I just parked, you know, set

Ken

it up so you could do a boot if you needed Windows.

Jeff

Yeah. And I don't know if it worked with a vm. Like I said, this was hitting some drivers. I was programming a black box which will contune a motorcycle. So it was. It was loading some BIOS and other stuff into this machine or into this black box to let me program my motorcycle with.

Ken

Black box connected via USB cables.

Jeff

Yes.

Ken

Then yeah, I've used USB cables to connect straight through into a vm.

Jonathan

It's dicey actually.

Jeff

Yeah.

Jonathan

Something just work and some things will be totally broken.

Ken

This webcam could work and the Behringer I've got could totally act up.

Jeff

Well, I've used a USB through virtual machines before, but this is putting like firmware and stuff on something. This is not like just plugging in a camera to see if it worked. So if I was doing something like that. Oh yeah, I could use a virtual machine and I'd give it a shot, see if it worked. This was kind of like, I don't want to really screw this up. This was an expensive little box that I want to make sure is not.

Jonathan

It's a breakable device.

Ken

Yeah. We all learn two things from this then.

Jonathan

What's that?

Ken

If you want to play it safe and run windows on the bare metal Back up your configuration before you update everything 2. Keep be ready to reinstall at any

Rob

time pretty much I've never used the cache chroot but back when I first did Arch and had Nvidia every time I was installing the Nvidia I was going to say I had plenty of experience using Chroot with with the base arch because every time I was installing the Nvidia using what Pac Man Dash s Nvidia it would not boot and I so I'd go in or I boot up from the the live live ISO and chrud over uninstall Nvidia go back in see if I can figure out what happened try to install it again Messed it up again Eventually I did use the I discovered if I use the DKMS module for it that it would work and but yeah I got a lot of experience and works really well. I'm assuming the cache chroot is just Chroot with a nicer name.

Jonathan

Well probably automated a few things it

Jeff

automated some stuff in details at the command line part of the show.

Ken

Yeah and I agree with keys 512 when he says and 3 keep an old machine around for update up to

Rob

update other machines More after these messages and multiple more stories.

Jonathan

Speaking of these messages, we are going to take a quick break and we'll be back. Ken's going to talk about some emulation stuff right after this.

Sponsor/Announcer

Hey guys. This episode of the Untitled Linux show is brought to you by my favorite Bitwarden, the trusted leader in passwords, passkeys and secrets management. With more than 15 million users across 180 countries and over 80,000 businesses, Bitwarden has built its reputation around trust, transparency, open source security and putting users first. You know, I talked to Bitwarden CTO and founder Kyle Spieren earlier on Twitter and I have to say I was so impressed. I've been a fan, but he really reassured me about Bitwarden's commitment to open source. Open source from the beginning. They are still GPL licensed, they are still put the source code on GitHub. And yes, if you're wondering bit, Horton is and he reassured me, absolutely committed to its free version. The company continues investing in secure, accessible tools that help individuals, families and organizations protect their digital lives without compromising trust or transparency. Bit Warden believes security should be accessible to everyone. That's their guiding light. That's why they continue to offer and will always offer a trusted free password manager. And it's not stripped down. It is Free, multiple unlimited devices, unlimited passwords, unlimited pass keys. Now of course they also offer more advanced tools with those with families or teams to protect. That's their bread and butter. But they promised, you know, for individuals they will always have that free version at. Bitwarden gives you everything you need to stay secure online. They generate strong passwords, they store pass keys, they manage sensitive credentials and they sync securely across devices for businesses and advanced users. Bitwarden also delivers enterprise grade security tools including a fantastic secrets manager, vault health reports and secure credential sharing for teams. That's a really nice convenience. You know I use Bit Warden for my AI. Bit Warden just introduced and I think they announced this at rsac, their new agent access SDK. And what I love about this is they made it open source, they made it available to every password manager in the world. They want everybody to use this. It's an open source developer toolkit designed to help teams and people like me securely integrate credential access into their AI workflows, applications, automation, AI agent environments. The SDK enables controlled human approved, just in time access to credentials stored in Bit Warden vaults without ever exposing sensitive information or granting persistent access. It's designed to support modern development and automation workflows while keeping security and transparency front and center. I recently moved my agent over to Bitwarden. I couldn't be happier. And it really gives me peace of mind to know all of my tokens, my API keys, everything, my all my secrets, my SSH keys are stored in Bitwarden. They're safe and they're secure. And because Bitwarden is open source, you know this, its code base is continuously reviewed not only by you, its users, but also audited by the community and independent third party experts. Bitwarden complies with all the major security and privacy standards. SOC 2, type 2, GDPR, HIPAA, CCPA. They're ISO 27001 certified, they're absolutely secure. But they also understand you may want to host your own Bitwarden vault. So they have all sorts of features that make it easy to do that too. Bitwarden is continuing to evolve to meet modern security standards. Expanded passkey support, secure developer tooling, flexible self hosting options. Take a look at Bitwarden Lite for users who want additional control over their environments. I just think this is a company and with Kyle Spieren, a person committed absolutely to the open source community, to giving back and to making sure that everybody has a free secure password manager. But you should have it for your business too. So get started today. With a free trial of a Bit warden teams or enterprise plan or get started for free across all devices. As an individual user@bitwarden.com TWIT we live these guys and I was so impressed with Kyle bitwarden.com TWIT he's one of us frankly. Bitwarden.com TWIT Thanks. He had a little Raspberry PI behind him. I said what that's for? He said oh, I'm doing a talk at the Linux Users Group down the road and I just wanted to have a little Raspberry PI to show you how you could self host with Bit Warden Lite. That's the commitment. Bitwarden.com now back to ULS and Keys 512.

Ken

You'll be glad about what Bobby Borisoff wrote about this week. That was the release of 86Box version 6.0. Now 86Box describes itself as a low level x86 emulator that runs older operating systems and software designed for IBM PC systems and compatibles from 1981 through fairly recent systems designs based on the PCI bus. The latest release brings the obligatory bug fixes, some performance improvements, user interface updates, and lots of new hardware. Now 86 box version 6.0 supported minimum baseline now starts with Ubuntu 16.04, Debian 9.0 or distributions released in 2016 or later. Now on the emulation side it adds and updates numerous machines across several generations, including the I remember these 80, 88X, the 286, 386. Oh I remember when we got our first 386 how much faster that was. 486, 586 and 686 class systems. The list includes additions such as IBM Multi Station 5550, Nixdorf 8810 M30, the HP Brio 83XX series of computers, Intel Classic R R Plus, the Tandy 1000, RS6 and others that I'm not going to take the time to mention now. 86 box version 6.0 also provides several important fixes and additions for Linux users, including fixing an app image startup crash affecting Waylay Linux hosts using Nvidia drivers. Now why would that cause any crashes? Jeff Bobby's article gives more details about 86 box version 6.0 many improvement, so I do recommend reading it to get those details.

Jonathan

I am super curious how closely this is related to the DOSBox project because they're doing some very similar things. I'm really curious if there's any shared code or how does Paris didn't look

Ken

to see if there was, but I wouldn't be surprised if there is.

Jeff

Well, does DOSBox have a feature to run DOS or is it actually just trying to emulate the hardware? Because this is just trying to be the hardware.

Jonathan

So DOSBox. Yeah, there is some stuff that's ported from DOSBox. DOSBox generally runs a sort of fake DOS shell which you can then run games in. But DOSBox does also have a function where you can run like a full on Windows 95 or Windows 98 install. I've done this for a customer where they had a Windows 98, I think machine with some business critical software on it. Well, we'll just emulate. We'll drop the whole thing in as an ISO on a Linux machine and emulate it inside DOSBox.

Ken

It works similar to the way WINE lets you choose which version of Windows you want to have an application run under.

Jonathan

Yeah, so when you run.

Rob

When you run Windows 98 in DOSBox, all the drivers just kind of work because that's emulated to match the old stuff.

Jonathan

Yeah, it runs like sort of a baseline system underneath and yeah, a lot of it just in my experience it

Rob

just worked because I installed Proxmox, a Windows 98 and Proxmox and drivers for all kinds. I mean it booted up and everything, but drivers for all kinds of things didn't really work.

Ken

But with 86Box, you're also getting some audio files to help simulate the sound of your hard drive frame.

Rob

Oh, that's unnecessary.

Ken

Well

Jeff

anymore.

Ken

But if you're into really wanting to emulate that retro computer experience, then maybe it's nice. It depends on how realistic you want to get. Right.

Jeff

Well, I'm just thinking you have a multi core processor in your PC right now. If you're going to run that 286, you could dedicate one core and that x86 box has still got to go. Whoa, we got to slow this way down. This is way too much for that one core.

Rob

You know what I was surprised at when I installed Windows 98 in Proxmox VM. It still took a half hour to install and it didn't seem to run any.

Ken

How many cores was it using?

Rob

Oh, I don't know. I probably only had put one core on it, but it was still the. The one core should have been way faster than the one core I had way back in 1998.

Jonathan

Yeah.

Jeff

Is it speeding? Is it running at the speed of the old hardware? Because otherwise some games, you know, you've seen videos of that where, oh, I'm going to play this game. And it's like the start screen and the. And you're dead screen or like instantaneously because it's. Yep, it's way too fast.

Jonathan

Those are always fun. All right, let's talk about another blast from the past. Xorg. When Fedora Re added the KDE XORG packages, I opened an issue basically and I said, this is going to be a security problem. And the guy that had volunteered out of the goodness of his heart to maintain those packages said, oh, no, no, I'm pretty sure that we fixed the last of the XORG vulnerabilities. It was a couple of years ago now tell us how that's worked out, Rob.

Rob

We've had a lot of vulnerabilities since then. I mean, they just keep coming. You know, I've been beating the Wayland drum now for a couple years now. I'd say maybe longer, I don't know, you know, move away from X11. Move away Xorg. You know, the future of the Linux desktop is Wayland. And I think we all kind of agree that. Agree with that, at least on the panel. There are definitely those who don't. Here we go. But. And then right as June gets started, XORG opens the month with nine new security vulnerabilities. Now, at first glance, this feels like a perfect argument for the Whelan crowd. Nine more reasons to say, see, this is why we need to move on. These issues affect both XORG server and X Wayland. The shim to make X stuff work with Wayland. And they include the kind of memory bugs that security people really do not like. Buffer overflows, use after free issues, out of bounds, read and writes, and information disclosure problems. So yes, the easy headline is that XORG is old, messy and still carrying a lot of security baggage like, like Jonathan said. But the more interesting part of the story is how the bugs were found. According to Pharonics, eight of the nine vulnerabilities were discovered by Trend Micros Trend AI Zero Day initiative. In other words, AI Assisted Security Research went digging through one of the oldest and most complicated parts of the Linux desktop stack and found real problems. And that changes things a little bit. You know, maybe this is not just another Xorg is doom moment. Maybe this is also a glimpse@ how AI can help clean up decades of open source technical debt in xorg. XORG has been around forever. It has old assumptions, old APIs, old code paths and years of history stacked on top of stacks on top of Itself. That kind of project is incredibly hard for humans to audit by hand, especially when maintainers are already stretched thinned and mostly moved on. But AI tools can scan huge amounts of code, look for dangerous patterns, and help security researchers find bugs that, you know, may have been hiding for years. And I guess Trend Micro has this initiative. There's mythos out there. There's Microsoft's M Dash, there's lots of vulnerability AI things, finding lots of bugs. If you follow the, the security war lately they are, There's a lot going on there. But anyway, you know, this doesn't not mean, that doesn't mean the AI magically fixes everything. Maintainers still have to verify the reports, write the patches and make sure the fixes don't break something else. And bad AI generated bug reports can absolutely waste maintainers time. But this is the good version of the story. AI being used as a force multiplier, not as a garbage report generator. And it raises an interesting question. What if AI helps Xorg clean itself up enough to stay relevant longer than expected? Maybe Xorg fans get to stay on, on X. You know, maybe old workflows keep working. Maybe Xorg X11 lives on a little longer than some of us thought. Although this may be a way for Xorg fans to stay on X. I think I'm going to keep using Waylon. But you know, if AI can do this much for an archaically designed xr, imagine what it could do for Wayland. You know, and I've, I've heard a lot, I follow a lot of security things and you know, I've heard some, I won't name any names, but I've heard some vendors that have gotten a hold of some of the mythos stuff and, and some of them sound almost scared, others excited about, you know, what they could do. The scared ones, discovering how many vulnerabilities they really still have out there and how many everybody has. And others excited that, you know, maybe they can use these tools and keep ahead of the bad guys because, you know, you got, you got two ways of doing this. You know, the bad guys are going to use it to find them fast. So if the good guys aren't using it to find them as fast, hopefully faster, you know, it's, it's, it's gonna be a losing battle. So there are positives, as I keep saying, and how AI can improve our security standards. You know, there was also a story out this week about Microsoft's M Dash and how they're using AI to fix a lot of old vulnerabilities that, that they, they're finding. So we don't want to let them get, get ahead of us, do we? Anyway, well off topic there.

Jonathan

I went back and found it. I was just, I was so curious. And his, his exact comment was there are few to vulnerabilities left in X11 and I do not expect a lot to come up anymore.

Rob

That's closed, right? That, that issue or was that issue or how did you.

Jonathan

It was a, it was a ticket.

Rob

I like, should I, I would love to just reopen that. I was like, how many have there been since this?

Jonathan

I'm not, I'm not gonna do it, but I'll, I'll, I'll give you the link.

Rob

Yeah.

Jonathan

Just in case you want to.

Ken

Well, next 11 put his key this way. How many vulnerabilities were found by AI recently in the kernel?

Jonathan

Oh, quite a few. But nobody's coming. Nobody said, oh no, I'm pretty sure the kernel doesn't have any more critical vulnerabilities. Nobody was that dumb.

Ken

And I don't think anybody's ever going to say that.

Jonathan

Right.

Rob

Yeah, there's like a story recently about I think Mythos finding. Like I'm not just talking about Linux, but Mythos finding. I think it was open source. 10,000. More than 10,000 vulnerabilities and various projects and multiple projects.

Sponsor/Announcer

Multiple.

Jeff

Yeah, well, and we talked about this last week where you know, a lot of the stuff that AI is finding in the kernel or you know, just little spelling mistakes and just little goofball things, they're not, you know, high level CVE type stuff. It's minor little bugs. But honestly though, X11, I think it's pretty much dead. KDE 6.8 is going to totally kill X11 support. And they said because 95% of their people don't use X11. And actually a huge chunk of the X11 people on KDE are on Plasma 5, which is last generation. So anybody running anything more modern is almost all Wayland. I think Gnome killed it. A lot of the other desktops are getting, getting rid of X11 support. Yeah, it's. Didn't Flack Flat Pack say they weren't going to support it anymore?

Rob

Well, it's the, the communities I've been in it. It's. I mean that's just kde. But if it's that much of a minority. It's a very vocal minority, I'll say that. And you know, for one thing, like one of that minority is, you know, there's a large Linux mint User base out there that can't use Wayland yet.

Ken

So everybody start donating to that 1% that still wants to support X11 or X or so they can hire, pay for all the AI they need to use.

Rob

Yeah, they're going to, they're going to keep using. They might as well make it secure.

Jeff

Or you could burn your money to keep yourself warm, you know, might be more beneficial.

Ken

I don't know. Some of those older systems that would run the XORG would keep you pretty warm too.

Rob

Some people really love their XFC desktops. Isn't that right? I have streamer mode on. It just says k dot, dot dot.

Jonathan

That's Keith's 512. Look, there's, there's plenty of modern desktops that you can use under Linux and you don't have to use ancient broken insecurities software underneath it. Come, come in out of the cold, guys. KDE and gnome. And there's more options.

Rob

They're great. Cosmic.

Jonathan

Yeah, Cosmic. I haven't tried Cosmic in a while. I haven't looked at it in a while. They've got some cool stuff going on.

Rob

I like it. But others.

Ken

More and more people becoming dependent on AI, in some cases to help with doing the programming. Does that mean we're going to have more idle time?

Jonathan

Wow, it's a real stretch there, Ken, really. Stretching for that.

Rob

Your computers won't have any idle time.

Ken

No.

Jonathan

There's probably a future where we all start renting out our GPUs for doing AI, but I don't think we're there yet.

Rob

Yeah, just like the seti. And at home. This will be for AI.

Jonathan

Yeah, Make a few cents on the side. All right, Jeff, we've had one attempt to segue to this. You've got a story here about idle, not actually being idle. What's, what's going on here? What do our computers do anyways when they're not running code?

Jeff

Well, now I'm gonna, I'm gonna preface this that this is, this is a little out there for me. So I thought it was interesting. But if somebody reads the article and went, that's not quite right, go ahead and let me know and correct me on the, on the discord. But anyway, so imagine you start downloading and it crawls along even though your Internet looks fine. That's what happened in a particular QUIC implementation used by Cloudflare. Quic. The connection didn't recover after some packet loss and stayed painfully slow. Engineers called this behavior a death spiral. And the fix turned out to be as Surprising. Then, the fix turned out to be surprisingly small. Now, Quic QUIC is a modern protocol that helps web traffic move quickly and securely between servers and your device. Inside Quic, there's a traffic manager called Cubic C U B I C that decides how fast to send data over the network so it stays efficient without getting overloaded. Now, Cloudflare was using their own. They called it quiche, so their own kind of version of cubic. When the network drops packets, Qubic slows down to avoid making congestion worse. When the network is healthy again, Cubic should ramp up, ramp the speed back up. The problem cloud for Cloudflare, Cloudflare found was that in some cases, Qubic never ramped back up. In tests that simulated heavy packet losses early in a connection, about 60% of runs failed to finish within a generous timeout. Instead of recovering, the sender fell into a repeating pattern. Send a tiny burst of data, wait for acknowledgments, then send another tiny burst, and so on. The patterns match the round trip time of the connection and kept the sending rate stuck at a minimum. Now, to a user, this looked like a download that never really got going. And even after the network stopped dropping packets, you know, just why is my connection so slow? What's going on? Well, the root cause was a timing measurement used by an organ was used by an optimization meant for true idle periods, times when an application simply stopped sending data for a while. The optimization tried to fast forward an internal timer by the idle duration so the congestion manager could resume smoothly. But the code measured idle time from the last packet sent. And in the failure scenario, the connection wasn't truly idle. Instead, it was sending the smallest possible amount of data and waiting for the acknowledgments. Because each acknowledgment arrived after the round trip, measuring from the last cent made the code think a full round trip had been idle time. The mistaken idle measurement pushed an internal boundary forward, causing the congestion manager to treat every incoming acknowledgment as if it belonged to a recovery period. During recovery, the algorithm intentionally avoids increasing the sending rate. The result was a self reinforcing loop. Perceived recovery prevented growth and lack of growth kept the connection at the same state. Now, basically to even simplify that further, the way it measured it was putting that recovery time into the future. And it kept thinking its recovery was in the future, further and further as it kept getting, measuring the acknowledgments. And so it, it was basically never going to sort itself out. The fix was straightforward. Measure idle time from the Last acknowledgement, not just the last sent by recording when the last acknowledgment arrived and using the later of that time or of the last sent time, the code stopped, confusing normal round trip timing with true idleness. With that correction, the congestion manager could recognize the end of recovery and grow the sending window again. So although diagnosing the issue required detail logs and you know, visualizations, the actual code change was very small. Take a look at the article in the show notes and see the full details for yourself as they go into a lot of details and there's a lot of graphics and you know, really, if you're, if you're in the network timing or things like that, they give you everything in there. So how they diagnosed it, it was observed, you know, it's got code snippets in there. So take, you know, if you're into it, this article goes into tremendous detail and like I said before when I started, you know, if I, if I misread anything in the article, please let me know is, you know, I thought it was really interesting and pretty cool. But you know, some of this was at the edge of my understanding. So, you know, happy reading.

Jonathan

Yeah, I can tell you how many times I've, I've fixed bugs that are, you know, not exactly like this, but understanding what's going on under the hood and then trying to figure out like how your, so you understand how it's supposed to work and then mapping that onto what's actually happening and then figuring out the difference is so much of the battle. And once you can actually understand those things at the same time you go, oh well that's what's wrong and you fix it. And the fix is like a one line fix. It's very, very typical. And yeah, I feel for them and all of their, like, let's gather all the data, let's try to present it in a way so that we can look at it. Let's figure out what's going on. It's challenging. Good for them for running it down and getting it fixed.

Ken

Or sometimes it's just the matter of modifying some of the parameters in that one line.

Jonathan

Yeah, yeah. Oftentimes tune it just a little bit differently. All right, what's up next? Let's see here. Well, we're going to take a quick break. We are going to be idle for just a moment and then we're going to talk about some audio stuff and I'm excited to hear what's new here. So we'll be right back right after this. Where Is Pterodactyl a miner? Don't witness the return of Marvel Television's Daredevil Born Again. So what's next?

Jeff

I feel liberated.

Jonathan

We're gonna take this city back over medicated in an all new season. Now streaming only on Disney plus. They're hunting us. It's time we started hunting them.

Rob

I can work with them.

Jonathan

This should be tons of fun. Marvel Television's Daredevil Born Again now streaming only on Disney plus Experience a membership that backs what you're building with American Express Business Platinum. Get 2 times Membership Rewards points per dollar on eligible purchases in key business categories, as well as on each eligible purchase of $5,000 or more on up to $2 million in eligible purchases per calendar year. American Express Business Platinum there's nothing like it. Terms apply. Learn more at american express express.com Business

Ken

Platinum

Jonathan

all right, Ken, so what is new in our door?

Ken

Well, Jonathan, this week, according to Bobby Barzif and Marcus Nester who wrote about the recent release of the digital audio workstation Ardor, and this time it's version 9.7, this release introduces an optional vertical summary to complement the newly revamped horizontal summary pane. It implements natural sort order around the user interface and integrates the MIDI tools sidebar into the other editor as well as improving listing of control surfaces. Ardor 9.7 now groups supported devices by vendor, providing a clear list. OTTER also provides an empty binding map for generic MIDI controllers and a generic device file for Mackie to help with using devices that are new and unknown. Now, Ardor 9.7 does improve restoration of miscellaneous port connections when switching between audio and video backend or devices. Plus LTC synchronization has been enhanced as well, with Ardor now continuing recording when LTC sync is lost or the frames per second value changes. Jonathan for more details about Ardor 9.7 various improvements, I'm going to recommend reading Bobby and Marcus's articles because I don't want to take the rest of the podcast to go over it all.

Jonathan

Yeah, so apparently there was a 9.6 that almost got released and they found some bug in it and yanked it at the last second. So we went from almost like a

Ken

regression from what little I could find out about it.

Jonathan

Yeah, that happens. That happens. Yes. Looks like some good fixes in here and some other really neat stuff. I shall have to go and grab the latest and give it a try. It looks looks pretty neat.

Ken

I have to see how long before Ubuntu 2604 updates to it or otherwise. I May end up grabbing it myself.

Jonathan

Yeah, I pay the not very much a month, but I pay a little bit a month to be able to get the builds right away. And so I've got dual installs of Ardour on my system, one through Fedora and one the Ardour installer. Fairly useful to have.

Ken

You've got one that you can fall back to if there's a regression in the new one.

Jonathan

Yeah, exactly. Had to do that a time or two. Not for very long though, thankfully. All right, I've got a bit of an update here from things that Valve are up to. And this is the AMD anti lag implementation for radv. And this caught my eye because when I first saw it I thought, oh good, they're working on micro stuttering. Well, that's actually not what this is about. Anti lag in this case is all about the timing of new frames versus input. So you want, when you're gaming, obviously you want the most up to date input from the keyboard and the mouse to be what shows up on the screen. So you can sort of think about this as like worst case scenario. If your screen was lagging, say a second behind what your mouse and your keyboard was doing, we can imagine that it would be extremely difficult to control a character to play a game. As you tighten up the difference between those two, one of the ways that you can do it is just by increasing the frame rate. And so you know, if your internal frame rate, frame rate is running at say 300fps and your display is only showing at 60fps, well your, your latest frame is going to be the one that goes the display and it's going to be, it's going to have very, very up to date input because you know, the window is very, very short, but you're driving your GPU at like five or six times what you actually need on the screen. And so anti lag, one of the things that it does is it understands that timing difference and it will wait until just the right time, grab the latest input and generate the frame basically as late as possible so that you get up to date input reflected in the frame. And from what I can understand, one of the things it allows is to game at basically a locked frame rate 60fps, but with lower input latency. And that also is going to give you better battery life, lower power consumption. So some neat stuff here and personally I think it's pretty cool to see. They also mentioned the VKNV Low Latency 2 command and whether they can do it on top of this framework and it sounds like that's something that's already being considered. So lots of neat low latency stuff in the immediate future. Something Valve cares about. And of course we'll see it sort of trickle down to all of our machines as well. I thought it was cool.

Jeff

That is cool. And Steam Deck and everything runs with AMD graphics, so they've got a really good vested interest in making sure that AMD runs pristine.

Jonathan

Yes, that's also you kind of watch the HDMI 2.1 story and how that has come along. You have to think Valve had a hand in that one too. Pretty, pretty interesting stuff.

Ken

I wonder how much more we're going to see coming from Valve in the future.

Jonathan

I mean it depends on how well their heart continues to sell, but I would assume a lot.

Jeff

That's my prediction. A lot.

Jonathan

There you go. No insider knowledge there. Just reading the tea leaves.

Jeff

Just reading the tea leaves.

Jonathan

Yep. Okay, well there's some other tea leaves that we have read over the years and that is Microsoft Windows. And they're slow but somehow constant progress towards becoming a Linux distro. Rob, what's the newest here?

Rob

Yeah, so we have long speculated on this show that one day Windows will just be another Linux distro. And this week Microsoft took Windows one more step in that direction. Microsoft announced coreutils for Windows, which brings a whole pile of familiar Linux and Unix style command line tools directly to Windows. We're talking about commands like cat, cp, find, grab, host name, ls, mb, some of these which you'll see in our command line tips maybe later on in the show, pwd, rm, sleep, T, uptime and more. And no, this is not just wsl. This is not spitting up Ubuntu inside Windows and pretending you're on Linux. These are native Windows commands. Microsoft's official explanation is that this is about making Windows more like Linux. I mean making Windows more developer friendly platform. And sure this is probably true. Developers live in the terminals. Well, you know, the good ones do. At least they work across Linux servers, containers, cloud platforms, GitHub workflows and Windows desktops. Having the same basic tools available everywhere makes life easier. I know I've been in the Windows command line and typed in Linux command and it didn't work for me. Anyway, if you really want to make Windows more developer friendly, just go all in Microsoft, you know, make the next version of Windows based entirely on Linux. Then you don't have to do much work, you know, the community will take care of for you. But I Guess it's a start. You know, Microsoft is making, making progress, making Windows act a little more like Lindo Linux bit by bit every day. Yeah, they could get the Lindo's name probably since you know, they, they did a sue somebody for it and I'm sure they could get that name back. I don't know who owns it because Lindo's changed the lens Fire, but I think that was voluntarily anyway. First they made Windows 11 look like KDE Plasma and they gave users the Windows subsystem for Linux wsl. They kind of embraced Open SSH and then then Windows Terminal became a more serious terminal emulator. Then Microsoft started leaning hard into package managers like Winget. Command line workflows, developer containers, lifestyle development environment. It's all coming together, you know, and, and now they're bringing core Unix commands directly into Windows. Almost, almost all, you know, they are missing is the Linux kernel and the transition could be complete. Another note on the core Utils editions that they are jumping right to Utils, the Rust based implementation of coreutils. They're not, they're not wasting their time at the old C libraries or just jumping right over that. For years Linux users have been told that Windows is the mainstream desktop and Linux is the weird command line operating system for nerds, servers and developers. But now Microsoft keeps adding the nerd tools and so maybe Windows is not officially a Linux distro yet, but they keep getting closer. And any bets on which version of Windows will use the Linux kernel? Maybe how, you know, maybe it's going to be kind of how Apple's iOS and Mac OS is slowly merging together. Maybe Microsoft will start taking Azure, Linux and Windows and kind of merge them together. Wine would work pretty good for us then, wouldn't it?

Ken

Yeah.

Jonathan

So we've been able to do this for a long time by the way, through things like MingW. That's the minimal GNU for Windows. I was looking here. There's MingW, Cygwin, Imsis, Twitter too. I've done installs of several of these over the years, getting sort of the GNU toolkit inside of Windows. What is of course noticeable here is it's official from Microsoft and you can just install it with winget. I wonder if you can winget install bash. That would be the, that would be the way to do it. Really. I don't know if it's possible. Is it, is it out there? Is bash on winget?

Rob

Ah, let's find out.

Jeff

Come on, you're Mr. Microsoft, you know. Yeah.

Rob

You're supposed to know this says the guy who's talking about his dual boot Windows computer today.

Jeff

Yeah, and I hadn't been in it for forever and I did what I needed and I never looked back again.

Jonathan

So apparently you can install Git for Windows through winget and that does indeed bundle bash. So yes, yes you can.

Ken

Or something called Git Bash available.

Jonathan

I mean that is, yes, that is Bash bundled with Git. Of course, as Strawberry Kitten says, yes, yes, you can use wsl, but that's running in a virtual machine. We don't want that. We want the real thing. We want actual open source code running directly on the Windows kernel.

Jeff

Banging off the metal.

Jonathan

Exactly.

Jeff

But do they fix the slashes so they go the right way?

Jonathan

I would assume that inside of Bash it does. But if you're running like PowerShell, it's going to go the Microsoft direction.

Ken

So it leans toward Microsoft.

Jonathan

Yeah, yeah, it really just leans the wrong way.

Ken

Well, well, now they've switched to running on Linux. When it leans towards Linux.

Jonathan

Yeah, yeah.

Rob

That's not a good segue to anything. Try harder.

Ken

Who is doing a segue? I was just trying to say, everybody watch for this last. Lean the other direction.

Rob

If you're running Windows, everything you do is a segue.

Jonathan

What we're actually going to do is go ahead and lean into a break and then we're going to talk Ubuntu when we get back, right after this.

Jeff

Okay, I'm going to confess right now that I picked this story because of Ubuntu's 2610's name. For anybody that have not heard it, it's called Stonkin Stingray. I don't know why I love that name. It just makes me laugh. Now we do know a few things already about the release as they're expecting to have gnome51 and the 7.2 kernel as assuming nothing derails. You know, it's still many months away, but if everything keeps its timing, it should hit stonk. And Stingray is a fall Release. And the dot 10 releases are where Canonical can put the pedal to the metal. Because they're short releases, they don't need to worry about long term support cycles. So they can put a lot of experimental things in the the dot 10 releases and get them ready and try them out for the upcoming LTS releases. Now, one of the things they're working on is a simplified install experience. Here's what Ubuntu had to say. So this is a quote from Ubuntu. We're completing the design of a simplified installation experience that dramatically reduces complexity during partitioning and storage configuration. The new design uses a safe default uses safe defaults, guided workflows and a progressive disclosure of advanced functionality. These projects are targeted towards Ubuntu 28.04 LTS, but the design decisions that take that shape them are happening now. Now I know people are going to criticize 2610. This is, this is where you know Ubuntu is going to try out their first AI tools integration. But one of the changes is to make packages like.debs, snaps or flatpaks more abstracted, Ubuntu said. Applications will be presented consistently regardless of packaging technology with unified search ratings, categories and metadata, said Jean Baptiste Le Lament, member of the Canonical Desktop team. Users who care about packaging formats will still be able to choose, so they're not locking you out. But for people that don't, you know, everyone else should simply be able to find and install software without needing to understand the differences between packaging systems. So I think that'll help definitely simplify people coming from other operating systems to the Linux world. Under the hood there are more changes like this going, more changes like going from D Bus Daemon to D Bus Broker. Now this is something, this is not going to be something normal users are going to see or notice. But under the hood D bus brokers designed to be a drop in replacement with more reliability be tightly integrated with System D and there are things where like D Bus daemon could drop messages which won't happen with Broker. There's a better per user strict resource management and Broker doesn't start services like D Bus daemon does it hands all of that over to System D. Now like this this might people might be going whoa, I don't know about this. This seems like a change to be wary of. Fedora and Arch are already running D Bus Broker, so Ubuntu's catching up. This isn't anything super experimental that others haven't done already. Now there's accessibility improvements to the Flutter system which this makes sense as Google just announced that Canonical is taking over the Flutter Flutter desktop maintenance. But you know, Canonical is heavy into Flutter now, but Ubuntu's Discourse post said we're also improving driver management, better metadata, cleaner presentation, improved sorting and explicit maturity indicators will make it easier to understand available driver options and choose the appropriate one. Some of the most important work this cycle will not be immediately visible to users. So this we've talked about this before where you know you're they're setting up the foundation so you're not going to see anything for.

Ken

At the.

Jeff

At the desktop level, user level, but it's putting that underlying framework in and then, you know, maybe 2704, we'll actually see more of the actual results built on top of that framework. We'll have more stories in the future as 2610 gets closer to release. It's expected October 15th. So you can take a look at the article linked in the show Notes for full details, more links to Ubuntu Discourse and other information on Stonking. Stingray. I love that name.

Jonathan

Yep. That's great. Yeah. I am glad that as they're talking about doing AI tools integration, they're starting with speech to text because it's kind of terrible in Linux and really, really needs improvement. And I think, you know, the modern wave of LLMs and models can really take that to the next level and make it a lot better. So that's. That is a. This is a good pain point to target. Yeah.

Rob

Speech to text has been stalking for sure.

Jeff

Yeah. Actually using that backwards.

Jonathan

Yeah.

Jeff

Stonking is like awesome big.

Jonathan

It's been stinking.

Rob

When something stonks, it doesn't smell good to me.

Ken

No, that stink.

Jeff

So.

Jonathan

So something of note.

Rob

Stink. Stink. Stonk.

Jeff

Something of note on this too is that they want to have wherever you have a text box you can put in voice to text and supposedly from at least initially, what I've heard the AI to do, this will run locally, so it's not sending stuff out to some other server. It's all local on your machine.

Jonathan

Yeah. They talked about this briefly at the summit and one of the things that they're really trying to do here is the screen reader experience and then being able to put things back into text fields. Basically they're trying to make the whole desktop accessible to someone that is, you know, either blind or has some sort of access visual impairment accessibility problem, which, you know, that's a. That's a huge deal. I've. I had a blind piano teacher, which was in some ways the coolest thing. He was one of the neatest guys

Rob

I've ever met,

Jonathan

but I tried to help him a couple of times. Like he had certain things set up. I remember this one time I had my laptop, it was in college. I'd bought a new Dell laptop and I brought it to one of the piano lessons and he asked, can I

Jeff

look at your laptop?

Ken

I'm like, what do you mean?

Jonathan

Yes, but how do you do. What do you mean? And he literally just wanted to feel it and get a Feel for what the size was and what it felt like to use. But I even thought then I'm like, man, the accessibility on these scenes is going to be really hard for him to use. I wonder how that works. And it's still, it's still a problem. So, you know, I mean, good for, good for Ubuntu, for like there's a. There's a very real felt need here. And you know, it's, it's a, it's a place where you can make some real positive change. And I, I like that.

Jeff

And, and just, just kind of a note too. People that are blind, legally blind, sometimes can still see. It's just a degraded level of vision. I, I had without. Before I had PRK on my eyes. I was considered legally blind without my glasses. Now I wasn't considered legally blind because it could be corrected, but with correction. You know, without correction I could still see some stuff. It was just really blurry and pretty bad. But I couldn't function really that well in the real world without my glasses.

Jonathan

But you wouldn't be allowed to drive without them, for one thing.

Jeff

Oh God, no.

Jonathan

Not even.

Jeff

But I mean I could, I could see at a. Like a laptop, maybe boxes and stuff like that. I might not be able to read the text on it, but I could see there's something there and some of that. So yep, it, it would definitely help. It'll be a good thing.

Jonathan

Yeah, absolutely.

Ken

And I can definitely see where this would come all come in handy with for Windows subsystem for Linux.

Jeff

Oh, how so?

Ken

Yeah, well, that way if you're you when you're switching from applications that are running within Windows itself to the Windows subsystem for Linux, you'd still be able to use the same speech to text option that you may have does.

Jeff

Well have that.

Jonathan

I don't know what Windows has. It has some. I know. It's got the accessibility. I know. Because that's one of the easiest ways to hack a Windows machine is going to replace the accessibility with command.

Rob

I've gotten into the log. One, I couldn't log in, but anyway, I wonder how Blender would run on this.

Jonathan

Oh no, Rob started it too.

Ken

Well, before we go to Blender, I do want to mention mentioned that we're going to have three interims before Ubuntu 2804 comes out.

Jonathan

Yes. Two. Yes, there's because. Because we only LTS every couple of years. So.

Rob

Yeah, because 28 comes out in 2028 and this is 2026.

Jonathan

There you go.

Jeff

And that's why they said they're making ARC major art kind of design decisions now. It's, it's going to take say a year to get it more refined to a level of LTS quality.

Rob

That's what all the interims are for.

Jonathan

Yeah. Three releases to break it, then one to get it right.

Rob

Three. Three to break it, one to. Yeah, I don't know.

Jonathan

Right now let's talk Blender. Ken's got this story and this is also an LTS. What's new in the Blender 5.2?

Ken

What type of smoothie do you want?

Jonathan

Tasty.

Ken

Oh, this is going to be tasty thing. At least according to the articles that Michael Larabel Marcus Nester wrote where they talk about the beta release of Blender2LTS bringing many new improvements. According to Michael, Some of Blender 5.2 highlights include a new experimental physics system, overhauled screen space ray tracing pipeline for addressing long standing usability issues, and that it's overhauled its screen the new input color spaces for Apple Arri, Blackmagic Design, Canon and Sony cameras. According to Marcus, Blender 5.2 promises several new features to include a brand new fill tool, a new bevel node, new geometry bundles, a new sample sound node to pull frequency data from audio files, support for geometry nodes and empty objects, and support for node based physics simulations powered by geometry nodes. According to Blender's planned release schedule, this 14th of this month is when Blender 5.2 LTS will actually be released. Now I'm going to recommend seeing Marcus's and Michael's articles for more details about Blender 5.2 because I know you don't want me to take the rest of the podcast to talk about it.

Jonathan

Yeah. So when. When are we getting AI in Blender? When? When. Can I just say, make me a. Let's see. What, what. What immediately came to mind is model me an anime girl. Long story as to why that's what came to mind. But you know, that's for after the show.

Jeff

Model me a dancing tux penguin.

Jonathan

Yeah, there you go. Model me tux the penguin. Now that's absolutely that. There we go. That's what totally what I would ask for in Blender. But no, I think it's now to ask the question like or somebody already

Ken

built this and have them dancing to

Jonathan

Safety dance or the YMCA or. Yeah, all kinds of fun stuff or

Ken

a medley of several.

Jonathan

Yeah, absolutely. Maybe it's. Maybe it's already possible.

Jeff

Well, you know, I could see,

Jonathan

you

Jeff

know, it's kind of tongue in Cheek. I can now. I had the surgery. But, you know, you could have it in Blender where you could run it local and it won't necessarily auto generate things, but it tells you how to get where you want. You know, I want to do this or that. And it says, oh, you need this tool and that tool. Here's, you know, the progression or, you

Ken

know, or actually with blender and a LLM designed to create 3D graphic models. You could create the model, then import it into Blender and use it that way.

Rob

Is Blender available on flathub, though?

Jonathan

I would assume so. It's probably available flathubs.

Rob

It better not. AI can't touch that at all.

Jeff

But it's existing, so it's okay.

Rob

Can't touch this.

Jeff

You didn't read the fine print.

Jonathan

Yeah, you didn't read the fine print, man. All right, so we've got some command line tips. We're going to take one final break, then we're going to come back with the command line tips. Is Laura involved in this one? We'll find out right after this. Do you hear that?

Rob

Sounds like breakfast is ready because Quaker's coming in hot with morning nutrition. 100% whole grain oats and a good source of fiber to fuel the rhythm of your morning and kickstart your day. And that sounds absolutely delicious.

Jonathan

Fuel to start.

Rob

Whatever's next. Quaker, official sponsor of FIFA World Cup 26.

Jonathan

Let's go. All right, Rob, what's. What is Croft and why does it not have anything to do with Tomb Raider?

Rob

All right, so my command line tip this week is Croft. This is for you developers out there who are just using regular code and not using AI. I mean, I suppose you could use AI, but anyway, what this is is this is a TUI clone of a VS code. It's VS code all in the terminal. For those watching, I don't have any projects to open, so this is not all that interesting. This is just my demo and I opened a file and whatnot. But as you can see for VS code users, it looks like you got your Explorer here. You got a text file that I opened up. You have a terminal down here. You have other sections like a search section, source control, which, you know, no projects going. So I don't have anything like that going. You have a section for running and debugging. Obviously I can't run settings, conf, and then Remote Explorer. If I had SSH hooked. Hooked up to this. Now, I haven't really played with this at all. I just kind of came across this it looked like a pretty cool alternative to VS code all being in the command line. You can do it all without. You could do it over SSH without, you know, a GUI at all or on your console with, you know, you don't need X, you don't even need Wayland. You do it all right in the. Right. In the. The TTY itself. Obviously you want to be able to have mouse like I'm using here, so you had to figure out how to tab your way around it. But.

Ken

And you got.

Rob

I got my system stuff here. CPU and MEM and network usage. Disk temp. Temp isn't reading because this isn't a vm. But that's what Croft is. Nothing to do with Tomb Raider or Lara Croft. I don't know how they got the name. I don't know what else it could mean. But yeah, there it is. A VS code clone in the terminal.

Jonathan

So it's cool. But they want to do everything that VS code does. They're going to have to add support for VS code extensions because so much of the power of VS code these days is in extensions.

Rob

Yeah, I mean, when you're like me and still just using Nano for all of your coding, at least this is

Jonathan

fine then.

Jeff

Well, it's. It says, you know, it. It's a VS style development. Does it. Does it actually run VS code or is it just a.

Rob

No, it does not run VS code. It's just. It's not an actual.

Ken

They're copying the style of VS code.

Jeff

Yeah, yeah. So you. So you could program in Rust in this development window especially.

Ken

So you'd use the Rust application to program in Rust.

Rob

It is a Rust based application. Yes.

Jonathan

Self hosting. Dog fooding. All right, all right, Jeff, let's talk about. Let's talk more about fixing your laptop, actually.

Rob

Oh boy.

Jeff

See, Rob's thrilled.

Jonathan

Yeah.

Jeff

So my command line tip is cache Chroot. I don't know if you root or what the proper way to say that is, but it's simply a tool to make Chroot easier. It lists all the partitions discovered on the machine, also supports listing BTRFs, butter or better File system sub volumes. And while we talk about, you know, betterfs, Cache to Root supports mounting pretty much any file system supported by the Linux kernel except zfs. But it also. But it does support encrypted systems via Lux. It will map each of the folders fstab entries to its designated crypt tab entries and will gracefully close all Lux volumes when exiting Chroot. Now, for those who don't know LUX is the Linux Unified Key Setup and it's the standard for block level disk encryption in Linux. To run it, simply type cache chroot as a root user and it will go through a list of all the available partitions, use the arrow keys to go up and down and select the root drive you want to mount. It will attempt to automatically mount all the partitions and sub volume listed under the ECT FS tab of the root device and any partitions you know. If you fail to mount, or you know you want to do something something else you know, you'll get notified given the option to mount them manually if needed. And you can choose no and just say, okay, I mounted what I needed, or you can say yes and you can mount other stuff as well. So when you, you know, and the whole purpose of this is when you run commands like in my case, I was booted off of a USB drive, so I was running, running that. So any commands like Install grub it would want to do it on that USB image that I had. Well, just like chroot and we've covered this before in the past.

Ken

It.

Jeff

What it does is when you mount it says, oh, now pretend I'm running off of this mounted drive. So when I said install the grub it does it to that. That chroot mounted disk or directory. So it. It's how you kind of trick the system, I guess, or officially change the system so that you then can make modifications easier with that mounted file system. So take a look at the article linked in the show notes for more details. And if you're on Arch or an Arch variant, this should, this should work. There's probably one out there, maybe it doesn't, but, but all the major ones, the arch flavors, it should. Should just work out of the box. And next week I'll cover sch root, which is a debian type of helper and has some overlap with the Kashi Cheroot, but not the other one is a little more powerful. So, you know, we'll. But we'll talk about that next week. So happy recovery.

Jonathan

All right. Had to do that a few times. Not. Not the cashew flavor of it exactly, but done the CH fruit recovery thing a few times now.

Ken

Since you're doing that from a live ISO, would it work with any Linux distro you've got installed?

Rob

Yes.

Ken

Even if it was like Fedora or Ubuntu?

Rob

Well, CH root would, yeah.

Jonathan

Does the cashew flavor of it

Jeff

the. Well, I guess the cashy would, theoretically, because it's you know, you're running off the ISO. But when it, when you go to mess with your file system, if it's. Things are in different places, then it would start falling apart.

Rob

I know, like I've used the arch one to chroot into other distros before.

Jonathan

Well, actually if you set your chroot up correctly, you can do it from one distro to another because you're using the chroot like bin and user bin. And so when you run. So if you're going from, I don't know, say you're an Ubuntu ISO and you ch root into Fedora, you run DNF and it's going to grab the fedora DNF because that's the binary, that's ch rooted in your. In your new path. So it should be possible. Really what gets challenging is if you've done something fun with your file system like LVM CH reading into an LVM or you know, something of that nature. That's challenging sometimes. Yeah, well, yeah, yeah, that's, you know.

Rob

And chroot isn't. Oh, I don't know about the cache one, but chroot doesn't necessarily always had to be to go from a live into another disk or something. You know, other uses are like within a system you can give a user a chroot so it looks like they have their own full system or whatever. When it's really a, you know, a different portion. You know, you see each root, this directory and to them it looks like that's root.

Jonathan

Yeah, that's actually fairly important for doing like setting up SFTP for a user that you don't necessarily fully trust. And then you've also got the idea of doing a chroot jail for applications. So on some systems bind runs that way by default it's bind inside of a ch root jail for security reasons.

Ken

And it's a way you can say you already booted up into your system but you need to touch to copy or update on an another partition for that's got another distribution installed. You could use chroot after you've mounted it to CHRH setup for that partition.

Rob

And if you ever install arch vanilla arch the step by step direction way, not with the script you actually chroot into your new to finish the setup.

Jonathan

Yeah, makes sense. Ken, we've got a command here that we have certainly mentioned in passing multiple times, but never really in detail. What command line tip do you have for us?

Ken

Well, I'm going to be covering how you can Move files around. Let me go ahead and bring up my terminal. And there we go. And as I said, we're going to be. I'm going to be showing you how to move or rename files and directories using the MV command. I'm going to keep saying move instead of it shorten it to mv because it's actually harder to say MV than move. Let's start off by getting to temp directory. So I not just demonstrating in one of my active ones here, there's the temp directory I want to work in. And let's look at what we've already got in this directory. We've got three files are two files in a directory. Now let's move that directory. Actually, before I do that, I want to go ahead and show you that MV space dash dash help is a quick way to get a reference to all the options that you have available to use with move. And the two options I am going to recommend for right now are I and V. And you're gonna find out why in a minute. So let's take this directory called old directory. And I'm gonna use MV to rename. New directory. And by using the IV it the V option let tell has it tell us that it's renamed O directory to new directory. And if I do a listing of what's in my current temp directory, you'll see it has two files, one and two and a new directory. Now let's real quickly create another file called uls. And now we're going to. Move uls to. New directory and we're going to rename it to. Entitled_ Linux_ show and it says that it did rename it to new directory slash. Untitled Linux shown. But let's do an ls. We no longer have it in there. But if we do LS. New directory we see we have it there. Now what really is the power of move. Is that we can move multiple files from one directory to another directory.

Jonathan

I didn't know you could do that actually.

Ken

So that now we don't have any files in this directory.

Rob

All right, good tip.

Jonathan

Did not know that worked.

Ken

And here's another one that you may want to use when you're moving stuff. Dash S for adding a suffix or actually no, it's going to be dash B. And I'm going to move new directory 1 2, New directory 2, which are both in there.

Jonathan

They both exist. It's going to try to overwrite the second one.

Ken

Yep. And that's why you use the eye. I'M going to say, yes, go ahead and overwrite. And you'll see it renamed that to two and then it did a backup of the original.

Jonathan

Oh, that's handy as well. Very cool. I like it.

Rob

You bury the lead. Ken, you started out with the command I've never seen before, and I don't know that if you've ever done a tip on that one. 1. Your very first command on that command

Jonathan

line there, what was the command?

Ken

We covered that already. I think Jonathan actually brought it.

Rob

Really? Yeah, I usually just use cd, but.

Jonathan

All right, I've got one.

Jeff

Well, one simple note though. If you have a super huge file and you move will still go very quick because it doesn't actually move the file, it moves the pointers to the file.

Jonathan

Yes. But if you're moving it from one drive to another, it'll be slow.

Jeff

Yes.

Jonathan

Or even one partition.

Ken

I think the rushed version of Move, this is a GNU version I'm using right now. May have a progress option.

Jonathan

I think so. I think that is one of the things that they added in the Rust

Rob

version or Travis K's tip is to use the dash N for no clobber.

Jonathan

No clobber, indeed. All right. I have complained a time or two about many things. You're right, you're right. Let's see. I want. Nope, not any of those things. Hang on, I want to share a window. That one. There we go. So I've complained several times that resolve D sort of gets in the way of doing DNS stuff. And so the way that we used to be able to do this is just cat the etc resolve conf file and it would show us our current DNS resolver. Now, with this newfangled systemd stuff, it always shows as a 127 DNS resolver. Well, that doesn't do me a whole lot of good. That's not really what I want to know. I want to know what we're pointing at. Upstream. And I was actually told about this nifty command resolvectl. And if you just run it, it's going to give you the current status. And there you go. The current upstream DNS server 10.0.1.1 and also it knows about an IPv6 DNS server as well. All kinds of neat information here. If you just run resolvectl and it gives you some info on your various connections. This has a bunch of tricks in it, actually. So if you do the dash H, you can see all the verbs that it knows about, but one in particular that's worth mentioning is query. Do a resolvectl query google.com and it will tell you all of the, all of the IP addresses that it knows about that you can use to get to google.com and it gives you a bit of interesting additional information. So in this case we got that via protocol DNS in 5.4 milliseconds and the data is not authenticated and the data was not encrypted in transport. That's because I'm running my own DNS server on an open WRT box and I did not install all of that extra fancy stuff. If I were to change my DNS provider to, you know, an upstream Google or cloudflare, I'm sure it would be authenticated and encrypted. But there you go. Resolve CTL actually a really nifty tool for, you know, a certain, certain set of problems.

Ken

Jonathan, I need to go back to there.

Jonathan

There you go.

Ken

But I was about tried asking but I was muted. If you could do a Control T or Control plus increase that. My eyesight's not that good.

Jonathan

I had. I can make it even bigger. There you go. So the help.

Ken

Yeah, that helps for me.

Jonathan

Then that's what you get if you run just resolvectl and then there's the query. So yeah, it's pretty, pretty, pretty nifty. Tip. I was scrambling before the show started, like what command line tip am I going to bring? And Ken's like, oh, you should talk about Resolve ctl. All right, there we go.

Ken

So I've been playing with that because I've been sitting up a hiho in a VM on a headless Debian server.

Rob

So, so why not just nslookup and Ping?

Jonathan

I mean you could totally. So we did not ping. We did not do a ping. We did an NSLookUp. But, but NSLookUp, there's not a problem with doing NSLookUp, it's just a different tool. Like, welcome to Unix, there's 17 different tools to do everything. It's that way by design. But also what resolvectl does give you that none of those others do is it will tell you what the resolve daemon is looking at as its upstream DNS resolver. And as far as I know, that's about the only tool to actually get that information. That's like the first time I've seen.

Rob

I guess my question is more like Ken, like especially being an old time Linux guy, why didn't he just opt for the old time tools, the tried and true NS lookup and ping While working with the PI hole, what made you choose this newer systemd tool?

Jonathan

I will tell you one other thing. It looks like when you do an nslookup it just talks to 1270053 localhost whereas when you do a resolve ctl it looks like. At least to me and I've not done a deep dive into this. It looks like it's actually, you know, it's stepping up a layer above that and going out to the network and back.

Sponsor/Announcer

Sure.

Rob

But I like I would. When I set up my pie hole, I would take another computer, do it and let's look up against the pie hole to see if it's working. Right. So I guess I'm wondering.

Ken

I was using. I used that because that was one of the suggestions I got for trying to check on the status of my PI hole.

Rob

That's your Google search then.

Jonathan

I bet. I bet nslookup is going to handle DNS caching differently than resolvectl will.

Rob

I know I've worked with my. I have. I have two PI holes running and I know I've worked with a lot

Ken

and it's twice and according to the YAML files for my netplan it indicates my using Network manager.

Jonathan

Yeah.

Ken

Which uses a totally different command nmcli for doing the actual configuration.

Jonathan

Yeah, I think it is. I want to do some more research into this because I don't know this for sure, but I bet when you do a query it is indeed sending out from your computer a query to your upstream provider. Whereas NSLookup is not necessarily doing that. If it's got it cached, it's just going to return that cache. So like that is potentially very useful.

Ken

Yeah. Because I'm still researching why my ATT provided Nokia router for my Fiverr connection. Keeps wanting to pull the DNS back to it

Jonathan

because it's the ISP provided router and will not behave correctly.

Ken

Anyway, that's what's been hinted at with some of the research I've done so far.

Jonathan

Yeah, absolutely. I would not trust. I do not trust ISP provided routers. I would double router them double n.

Rob

It's not that I don't trust them, I just prefer my own control. So I, I have always said, nope, I don't want your router.

Jonathan

I got my own I I 100% do not trust them. I've heard too many stories about shenanigans from ISPs is ISP people are the worst.

Ken

Rob,

Jonathan

it's a joke. It's a joke.

Rob

I Can't speak for the other guys. I don't know. From my experience, I trust them.

Jonathan

Yeah, Rob trusts himself. There you go.

Ken

That was the fact when I tried. I got the laptop usually used for sharing the stream back into Discord, running via the pie hole. But when I tried getting this system set up, I'd lose the Internet connection because for whatever reason it would see the V. It stopped talking to anything.

Jonathan

Something's not happy on kids.

Ken

That's because the. I've had to bridge my network interface card for the VM to get contact the router.

Jonathan

Yeah, that gets, that gets sketchy sometimes that doesn't work the way you think it should. Been alive once upon a time. Whenever you bridge something by default, it would apply your iptables rules. And there was a. There was a flag you had to set to let bridging work transparently. I wonder if that's what's getting you that.

Ken

The fact that if I tell it to go to the router and then come back into my system to the vm, it seems to be grabbing the router as the DNS.

Jonathan

That makes sense too. All right, well, we will let Ken work on his network woes on his own time. We don't have to do that on Showtime. It is the end of the show, though. We'll let each of the guys plug whatever they want to. I suppose if Ken really wants to take a moment and talk more about his network, he can, but we'll let Rob go first. I bet Rob is going to tell you how to connect with him, how to buy him a coffee.

Rob

So what I'm going to tell you about is, you know, with all these AI articles lately and, you know, a lot of the Linux ones being kind of. It's too much work. I don't want it. Don't. Don't put that on my system and just pushing away. And then you got those like Microsoft pushing their M Dash for vulnerabilities that they're using internally and what we've seen with Mythos and other ones, how fast they've been finding vulnerabilities. It made me kind of ponder where we were and kind of wonder where, if, you know, Windows is actually using the tools available to fix their vulnerabilities and Linux doesn't. Will Windows actually pull ahead and become the secure option at some point in the future? So I did write something up and that is in the show notes at the end. And I, I think I'm going to do a. Since I didn't have enough, we didn't we didn't have enough spots to do the article for me to do on here. I think I'm going to do a little side one on that. So a little talk about it. So if you want to catch that, you have to connect with me and to do that you can find me@robertp Campbell.com and on there are links to my LinkedIn, Twitter, Blue Sky, Mastodon and a place to donate a coffee. I never put anything on Twitter. You can connect with me there if you want to just, I don't know, show show people that you like me on Twitter. But I'm probably not going to post it there. But LinkedIn, Blue Sky, Mastodon, I will post it there, which I've also posted this article there earlier this week. That's where I post stuff. So if you want to actually hear what I have to say outside of the show, connect with me on one of those platforms.

Jonathan

All right, very good. And Jeff,

Jeff

not too much this week. So another haiku. A crash reduces your expensive computer to a simple stone. Have a great week everybody.

Jonathan

Because it's made out of silicon stoves. I get it. I get the joke there. All right.

Ken

And Ken, Well I didn't think I'd have time to cover during the show so I've got links to two articles by Bobby Borisoff and Marcus Nestor about the latest release of Clonezilla. One of my go to's for making a one of the backups that I use of a full partition.

Jonathan

There you go. All right, very cool. Appreciate you guys being here. Was another fun show as far as things to plug. I will mention over at Hackaday we had to take about a month off with Floss Weekly but we have shows scheduled now starting this Tuesday and going through the end of the month we are scheduled up so watch over at Hackaday for new Floss Weekly episodes. Got some really, really really neat stuff in the pipeline there and then I I'm going to open Sauce bought tickets today. So anyone in the Bay Area, I will be there for open source and would love to see you stop by. We're going to be talking Meshtastic and open source. All kinds of fun stuff there as well. Other than that, just want to say thank you to everyone out there that watches that listens whether you get us live or on the download. And we'll be back next week for the untitled Lynx show.