LINUX Unplugged - 575: Brent's Busted Builds
Episode Date: August 12, 2024Brent's computer pulls an all-nighter at the worst possible moment, and the hits keep coming for open-source Android distributions and our new 2FA tool.Sponsored By:Core Contributor Membership: Take $...1 a month of your membership for a lifetime!Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices! 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Support LINUX UnpluggedLinks:💥 Gets Sats Quick and Easy with Strike📻 LINUX Unplugged on Fountain.FMToronto Meetup — Thursday, August 29, 2024 from 6:00 PM to 8:00 PM EDTSacramento LUG Meetup — Saturday September 7th, 2024 from 10:00 AM to 2:00 PM PDTAnker PowerConf S330 USB SpeakerphoneCorsair Void RGB Elite Wireless Premium Gaming HeadsetLoss of popular 2FA tool puts security-minded GrapheneOS in a paradoxGrapheneOS on X — Google can either permit GrapheneOS in the Play Integrity API in the near future GrapheneOS on X — If Authy insists on using it, they should use the standard Android hardware attestation API to permit using GrapheneOS too. Banning 250k+ people with the most secure smartphones from using your app is anti-security, not pro-security.GrapheneOS on X — Authy simply delegated checking device integrity to Google. It's Google choosing to block GrapheneOS users from using Authy. Google chooses to allow using a device with no security patches for the past 8 years but bans using an OS much more secure than the stock Pixel OS.Twilio kills off Authy for desktop, forcibly logs out all usersGrapheneOS on X — Our latest release with prevention for most VPN app DNS leaks is currently available in our Alpha and Beta channels. We need more feedback from testing VPN apps and services with leak blocking toggled on, which GrapheneOS already enables by default.GrapheneOS on X — Our current approach to DNS leak blocking appears to work well without breaking compatibility. We've made progress towards fixing a related issue for some VPN apps where rare connections are made to VPN DNS outside of the tunnel. We can hopefully ship stricter enforcement soon.GrapheneOS on X — We've become aware of another company selling devices with GrapheneOS while spreading harmful misinformation about it to promote insecure products. We're making our usual attempt at resolving things privately. However, we need to quickly address what has been claimed regardless.Membership Summer Discount — Take $1 a month of your membership for a lifetime!How You Guys Expect to Beat Me?Blue Iris Containernetbird — Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.netbird on GitHubOpenZiti — Open Source Zero Trust NetworkingOpenZiti on GitHubCollapse OS — Bootstrap post-collapse technologyDocker-OSX — Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.
Transcript
Discussion (0)
Brent's asked a question that I've been chewing on now for the last couple of days, and that is, do we think that Graphene OS is ready for the family? Would you give it to your parents?
I think I would, actually. My answer is yes. I realized that my parents were like, ah, we need new phones. So I got them, you know, as you do, Pixel 8s, and I'm here in town with them. And I figured what better way of spending our precious time together than to get their new phone set up.
And I thought, geez, I'm going to throw them on Giraffine because they care about their privacy.
And they've cared about, you know, following my advice for the last many years and with their phones.
And then it hit me.
Holy jeez.
I'm giving them like a really niche OS that is not vetted by the manufacturer in any way.
If anything, they're slightly hostile towards.
And I'm perfectly okay with that.
It's kind of like switching a family member to Linux, isn't it?
Oh, yeah.
If you're there to support them, I think it's pretty viable.
The only reason why I say that, though, is because I know I hear from people out there like in the U.S. too that have problems with, say, things like the cash app and certain banking applications.
I could see it being dependent.
Like I feel like there's some parents that, you know, the phone is kind of like a phone and like messaging and stuff.
And that would probably work great if they're like a person who uses their phone for their business or for like something very specific use cases.
Maybe that'd be trickier.
Yeah.
But, you know, as you know, it's know, I was talking about they care about their privacy,
but I care about their privacy too. I don't want
them getting exploited. So
when they ask me for my advice, I really do want
to recommend Graphene OS because
I don't want them essentially
being preyed upon by predatory
platforms. And it is really good. Yeah,
it is pretty good. But then there are things you run
into that we're about to get into today
that end up breaking.
And it's not even a fault of Graphene OS, but sort of the wider ecosystem that Android finds itself in.
Hello, friends, and welcome back to your weekly Linux talk show.
My name is Chris.
My name is Wes.
And my name is Brent.
Hello, gentlemen.
Coming up on the show today, Brent's had a pretty bad hardware week,
and we're going to dig in and see what we can solve,
plus why it looks like those open-source Android distributions are taking another hit this week,
and a new two-factor authentication tool that we just love and got to tell you about.
And then we'll round out the show with some great boosts and a pick that's so good we should have made the whole show about it.
So it's a banger, everybody.
So let's kick it off by saying hello to our virtual lug.
Hello, Mumble Room.
Time-appropriate greetings.
Hello, Logo.
Hey, Chris.
How's it going?
That's a powerful showing right there
We've got a good showing in the on-air and a nice showing up there in the quiet
Listening, hello Mumble Room
Details on our website if you want to join that Mumble Room
And a big good morning to our friends
Over at Tailscale
Tailscale.com slash unplugged
This is the easiest way to connect your devices
And your services to each other Wherever they are, across complex networks.
Build one flat mesh network.
Tailscale.com.
Try it for free on 100 devices for up to three users.
It's the plan I've been on now for a while, and I have no inbound ports on any of our firewalls at all because it's all on my tail net.
Tailscale.com.
Unplugged.
I have some exciting housekeeping to announce.
We officially have declared...
I should have some sort of like declaration, but I don't.
A Toronto meetup, Thursday, August 29th.
Right now, it's tentatively planned at the Amsterdam Brewhouse.
I say tentatively because I'm open to suggestions.
It will be at 6 p.m. local time.
The meetup page is in Pacific time
because meetup.com
doesn't support time zones.
Time zones are hard.
Yeah.
Programmers hate them.
So it's going to be
the wrong time zone
on the meetup page.
But at 6 p.m. local time
and rumor has it
show mascot Golden Dragon
might be whipping up some special stickers
for the meetup no way with the timing works out and brentley may also be making it to the special
toronto meet i've been looking forward to us doing a a canada meetup but toronto specifically a meetup
in toronto for four years now so i'm i'm excited that you boys will be in the neighborhood.
I'll be like a shame if you somehow missed it. Yeah.
Of all people.
I know.
Well,
and this,
this all came about by pure coincidence that I was planning a trip out here
that I didn't really even tell any of you guys about.
Not,
not for any particular reason.
Uh,
and then,
and then Alex was like,
Hey,
I'm going to kind of be in the neck of the woods,
like a couple hours from where you're going to end up just at the exact same time.
So we should do something.
And sure enough, we're doing something.
Yeah.
So the big thing that we're working on and the reason why I'm going to be there, too, is we're doing a massive infrastructure migration behind the scenes here at Jupiter Broadcasting.
And we're moving to a colo location that a listener is building out and is helping us out with and
we're going to move from vps's to a physical box that's going to be you know proxmox at the base
layer with a bunch of nix os systems in the vms and we're going to start building that out over
the next few months but step one is getting the server racked and powered on and online
alex has been doing alex from the self-Hosted Podcast has been doing tremendous work,
not only planning this stuff and speccing the server and building it out,
but some of the contingency things he's considered in building into this
are just fantastic.
And I'm sure we'll be getting into a lot of that on the Self-Hosted Podcast.
You better.
So we'll be moving to Toronto for the JB infrastructure.
So hopefully Brent can keep a watchful eye on everything.
Wait, I have a question.
How do you feel about having your main data in a different country?
I mean, as long as you kind of like keep an eye on it, I'm fine.
I assume you're going to be moving to location to keep watch.
So I'm feeling pretty comfortable.
Yeah, there's a loft there.
I'll be all right.
Yeah, there you go.
Around the corner, we also have another meetup that is in the works. Saturday, September 7th, there's going to be a Sacramento Lug. It is listener Jeff's event that he's put together, and he's trying to start a lug in the Sacramento area. And I wanted to give out a special mention of this because I think it's a fantastic idea. September 7th, 10 a.m. at the Temple Coffee Roasters on South Street in Sacramento.
Details will be linked.
Very excited.
Thank you, guys.
I'm really glad you're doing it, Jeff.
So give it a big plug.
If you're in the SAC area and you want to get together with some fellow JB listeners and talk Linux, Saturday, September 7th, 2024, 10 a.m. to 2 p.m.
And we'll put a link to that in the show notes, too, because Jeff's also testing out that
new meetup platform that we're experimenting with.
Oh, great.
Yeah.
So there you go.
A lot going on in the next couple of weeks, and we just wanted you to be aware.
There's actually a meetup that we forgot about here.
Uh-oh.
It turns out we have another one.
You're telling me, Brent, we have more meetups?
Yeah.
And I forgot about this one, but I shouldn't because it's all about where I'm going to be.
I'm going to be in Berlin in September, mid-September.
So we have a little meetup set up Saturday, September 14th in Berlin.
If you want to join me there, please do.
Oh, my gosh.
So many.
I guess if there was only some way to keep track of them.
What's that?
Meetup.com slash Jupiter Broadcasting?
Oh, okay.
Good to know.
So Brent's had kind of a rough week.
Framework, laptops acting up a bit, B-Links acting up a bit.
What's going on, buddy?
Well, you know, you grab all your equipment and all your essential technology stuff and you do a cross-country road trip and you think it's all going to work on the other end. And it turns out that's not always the case. So I decided, uh, you know,
I'm hanging out with my parents for a week here and maybe a little bit longer. And so I thought
I'm going to bring my setup. I bought that new little B link, if you remember, and I was excited
to like have a dedicated, uh, working working space so i brought like the mechanical keyboard
that was given to me by a dear listener and uh the little b-link and i got my 4k monitor and you
know i'm gonna be well set up when i'm working over here i ran into some issues with the little
b-link that i hadn't of course previously uh-oh one of the ones is uh you know, I plugged in my headphones for that early Monday morning meeting and no sound.
I realized I'd never really done a meeting with this thing before, but no sound.
Couldn't solve it.
So I had to yank out the framework and get that going for the meeting.
So the B-Link, I got to solve that.
If someone can help me, please, please do.
Is it just like the onboard sound output?
Yeah, like the output's great.
Like I've been listening to music for, what, weeks on this thing.
The input, not so great.
It doesn't take my mic input in any way.
Oh, it's just that side.
Okay.
Yeah, it currently is because I'm, so I'm using that little B-Link today to do this podcasting,
which is also the first time, you know, just pulling out of the stuff.
We do seem to be hearing you.
Yes, but I'm using an audio interface for that.
So it's bypassing, you know, the little 3.5 millimeter jack on the front of it.
So it might have something to do with the jack.
Maybe it's a hardware issue.
Maybe it's software issue.
I've got to look into it.
So that's, you know.
You're having to carry a secondary interface.
I mean, they do make small interfaces,
but it just kind of takes away from the whole little portable form factor idea.
You know what I have done, though?
It's a compromise, but for my B-Link, and I've recommended this before,
but I'm going to give it a plug again because it's been fantastic.
I've used it for multiple calls.
The Anker PowerComp S330 USB speakerphone.
Rolls right off the tongue.
But it's a tiny little flat speaker that has A or C, and it has a mic array on there.
So you actually get pretty good pickup.
And I just kind of put it by my keyboard.
And it also has a hardware mute built into it that doesn't register in the software call.
So they can't tell you're muted, but you can hit a mute button right there on the speaker.
As well as for some apps, you can answer the call with a button.
And it's got volume controls.
They're all soft touches, but they work really well.
And so this is what I use as my lazy sound device for the B-Link, period.
This is what all my playback comes out of.
All of my, you know, any kind of voice dictation I'm doing for like search
or any kind of meeting I'm on all gets captured by this guy.
It does all my sound because for the B-Link, it's just,
it's a quick and dirty work machine.
I want to be able to hear something if I play a video or I take a call,
but I don't need it.
I don't need it in high fidelity.
And the speaker works pretty good for that.
And I just put it kind of on the table with me
you know by my key
sort of near my keyboard
and it does a great job of picking me up perfectly
you know I sound better than 90% of the other people
in the call
Really?
We should have had you call into the show
I know
I mean it's not going to sound as good as this microphone
but it's like 59 bucks right now
with a $10 coupon on Amazon
You know I've been running laptops as my main machine for so long But it's like $59 right now with a $10 coupon on Amazon.
You know, I've been running laptops as my main machine for so long that I forgot all of those, like, peripherals that are built in that you don't even really think about.
But then you really miss once you get a desktop PC and you're like, oh, wait, it doesn't come with speakers.
I got to solve this one.
Listener Jeff wonders, have you checked the BIOS?
You know, is the mic possibly disabled in there?
That's actually a great idea.
I will dive into the BIOS.
How about I don't do it during the show, but I'll do it after the show.
Okay, I'm also assuming then, if we're just going to ask troubleshooting questions here,
I'm assuming that you've launched Puvit Control and made sure it's not like in digital mode or something like that. That was exactly the very first thing I did.
Yeah, I assumed.
Yeah, yeah, okay.
You got to check with these things.
You do, just because you know you're going to hear people send that in.
See, but he hasn't rebooted to try it because of the tab.
See, but the weird thing that I found in Pabu Control
that I've not seen before is how you can pick the profile
that you're certain audio controller is using.
So I got off, which is nice, Pro Audio,
and Play Hi-Fi Quality Music.
I've never seen that one before, so that's a new one to me.
So I don't know what's going on there.
That's sus.
Usually you see, like, Audio Duplex or whatever,
which seems like the thing I want, but that's not available.
So I don't know.
I don't know.
You know, it is interesting, our takes on this, right?
Because I literally have never used the onboard sound on the Beelink.
You could have steered them clear if you knew, but you didn't even try it.
Well, it's just my approach to this type of hardware is I just never engage with the onboard audio regardless.
If I didn't use this anchor, I would have used a USB audio interface.
And it just never would have been a consideration because I've just, over the the years i've had like buzzy audio or these kinds of problems and i just you know one of i think
personally one of the nice things about a desktop is you can mix and match components like this well
you know one thing i was looking forward to the most is how quiet this thing is so i thought
yeah hey i'm gonna rock it for my meetings and stuff and have the you know the quietest audio
it turns out that was true because you don't get any audio at all but uh yeah at least for the podcast today it's working great
my other pro just meet if you want just works 100 of the time meeting audio for linux
is um i forget who makes mine i've talked about it before on the show. But gaming headsets that have a 2.4 or whatever radio, an actual USB dongle.
The RF headsets.
And they're doing RF.
And then they show up to the Linux machine as a sound interface.
And the output and input are just the headphones going over RF.
So there's no Bluetooth pairing.
There's no Bluetooth sleeping.
There's no Bluetooth pairing. There's no Bluetooth sleeping. There's no Bluetooth delay. And it just shows up as an always on, even if your headphones are dead,
even if they're not charged at all, the USB device is always there. So it's always the default.
Every time the browser launches, the audio device is always there. And guess what? That means it
always works in your meetings because it's the changing of the audio devices and the browser maybe not being closed or open in between all
of this that adds to the, I would say, brittleness of Linux audio in a Zoom call or like a, you know,
a NextCloud meet. So if you can do a static, always there audio device that's there every
time the machine boots, every single time the browser launches, you'll have a better time.
And so that's why I'll either go with one of these little RF USB audio dongles for headphones,
usually like the gaming headphones, or I'll do something like this anchor because it's always
physically plugged in. And then it means every time I launch my browser, it's always got the
right input and output. These are great tips. Great, great tips. Thank you. I guess I got out
my game. So speaking of the b-link there's
a couple more things i discovered though pushing this thing a little bit because oh no
so uh i did this great thing and i bought like the cheap version that came with eight gigs of
memory because i had some memory on the shelf just sitting there and i threw it in which was
like gonna give me 16 gigs of ram and i thought sure i'm i'm you
know this this machine specifically i'm buying to give me a very targeted workspace for a very
specific you know i wanted this as just my day job computer basically i'm not gonna do any crazy
like linux unplugged tinkering on this thing It's exactly the opposite of what I want to do with this little box.
Right.
We talked about it.
It's a,
it's like a mission purpose built machine,
one tool for the job.
It's not going to do anything else.
And it's been great for that until this week,
you know,
we're at a next cloud,
we're getting ready for a release.
So we're doing a bunch of like video recording and all this stuff.
And,
um,
turns out I'm being reminded in a deep way that 16 gigs just is not enough.
I thought I could get away with it with this like minimalistic computer.
Too many tabs.
Too many tabs.
And so I am deeply suffering over here.
And please send RAM.
Do you remember, Brent, could you pop in 32 gigs of RAM into that hardware?
I think this thing officially supports 32,
but I'm seeing reports that it can actually handle up to 64,
so I'm tempted to try that route.
Because really, RAM's the kind of thing that you just max it out,
and it's like future-proofing, right?
And how many times do you really want to open your computer up to begin with?
You want to get in there once or twice at most, really.
I should have done that from the start, really.
If you don't have enough RAM,
it really hinders the sorts of weird K-exec situations
you can do.
Yeah, I don't want to have that covered.
Honestly, you know, at first,
I had a funny journey with this
because we were chatting about this the other night off air,
and Brent was complaining about 16 gigs
being insufficient for all his browser tabs,
and I'm just, like, thinking to myself,
oh, Brent and his browser tabs, because I've got the same machine with 16 gigs of ram and i'm like it's
fine it's fine and then maybe 15 minutes later i decided well let's launch steam oh it it wants
it wants to render shaders okay i'll let it do that okay while it's rendering shaders i'll go
do an update because of course what i'm i'm just i'm fiddling with my computer and so then i go do an update because, of course, I'm fiddling with my computer.
And so then I go do like a Nix rebuild.
And I don't know.
Maybe I had the browser open.
Maybe I might have also done a Flatpak update.
I don't know at the same time.
But the machine immediately spiked up to like 12 gigs of RAM usage and just came to an absolute crawl.
And I realized Brent's right. These, these machines do need more than 16 gigs of Ram because sometimes I just do jackassery on my computer and do things that nobody should do
at the same time, render Vulcan shaders, update your flat packs and rebuild your next OS
installation. But you know, I got ADD, I guess. But that's just it. Like I was seeing these as
the purpose built single, you know, single use minimalistic machine so i thought okay
i can reduce things here and there that's not a big deal you know it hardly sips you know it just
sips power and it's you know i i thought i could keep things nice and simple but they're so capable
and and that's where it gets like you can you can push these things and they are impressive but i just didn't allocate
enough memory it sounds like you didn't either so hey you can we get a deal on memory from somewhere
two for one listener jeff in the chat room suggests that maybe you could just uh steal
from the dev one you know pop it open and that's hilarious you know the memory i actually put in
this thing is the stuff that came stock on the dev one because i upgraded that one and i had ram sitting on the shelf there you go ha that's a little tricky though when you're traveling brent
yeah i know and i checked and there's no said ram here locally despite being in a bigger city
so i gotta order some in we'll see can i ask you something have you considered a firefox memory
saver extension?
You know, those ones that like unload your tabs and stuff when you're not using them.
Do you have one to recommend?
I don't know if I do.
I know they're out there.
And I don't even know, maybe Firefox is building this in more now, but it's clearly not working for you if it is.
There are also like session plugins.
Yes.
I was going to mention there's that too.
So you can sort of close Windows, but then open the whole window or set of windows back up. I have been using one called OneTab and there's like a giant button and you hit it and it'll just hoover up all your current tabs in your current window and just throw them into some background, I guess, bookmarking style.
Do you have Firefox open right now?
Oh, yeah.
Multiple tabs.
Which one do you want?
Okay.
Open up a new tab and just tell me what happens if you go to about colon unloads.
Oh, no.
About?
Unloads?
Unloads.
Yeah.
Oh, I'm scared to hit enter.
No, it doesn't do anything.
Okay.
What do you want?
Well, so you should see.
Do you see the tab unloading screen now?
I do.
Yeah.
So I guess a way in here is you can manually use this tool built into
Firefox to unload certain tabs and free up memory,
but keep them open.
So the next time you go to use them,
they would resume.
You know,
I thought this would,
it would just handle like if,
if,
if me too,
I think it must human hasn't seen page in,
you know,
12 hours,
then unload or something like that.
I think this is just to expose that feature to you.
I love this.
I think it does.
I'm going to bookmark this.
But it's perhaps not aggressive enough for you
with your tighter memory environment.
You may also want to check out AboutColonMemory.
You can see a bunch of Firefox memory details, it turns out.
AboutColonMemory.
That's another good one.
Thank you, gentlemen, upgrading me.
I will still get more RAM because I don't think I can squeeze into 16. Oh, you found my headset. Thank you, gentlemen, upgrading me. I will still get more RAM because I don't think I can squeeze into 16.
Oh, you found my headset.
Thank you, Wes.
Yeah, was that the one?
I purchased this on May 3rd, 2020.
I found it in 2020 show notes.
That is the exact one.
Thank you.
Yes, and it's $80, and I still use it to this day.
The battery is still great four years later.
The Corsair Void RGB Elite Wireless Premium Gaming Headset.
My boy uses it, too.
When he's over, he'll take it and use it for gaming.
But I just use it for meetings.
Adulting.
All right, Brent.
Well, so it sounds like the real solution, though, would be to try to get this thing up to like 32 minimum.
Yeah, I mean, if you're going to upgrade, go all the way, right?
So I think let's try the 64 route.
In the meantime, though, you might try to practice some sort of memory management with Firefox.
That takes discipline.
Now, I will say, and I think this might be related, I've had issues sleeping the B-Link.
It seems like it sleeps, but then it just gives me a black screen with the mouse cursor floating around and the monitor is still totally active.
the monitor is still totally active. Although Wes, you were kind enough to help me try to solve this and you sent me one command and it failed because it complained of not having enough memory. So I
think... Have you tried that again yet? No, this morning I rebooted for the podcast, but I haven't
actually tried again. So we'll give it a go after the show. In the OS that you're using, Brent,
you have a lot of flexibility in what out-of-memory killer you use.
And there's a real simple one on the documentation wiki site to just set up, and it will start kind of preemptively killing some of your user space applications before your whole system goes down.
It's pretty neat, right?
Like we've over the past, I don't know, five years on the show, we've kind of documented as those features have gotten developed, just the better memory, user space memory options or like the, you know, the pressure stall information that you can get now. Yeah, it specifically will monitor your memory pressure.
And that's one of the things that takes into consideration.
And I found that to be pretty helpful.
I did in trying to troubleshoot this enable ZRAM swap too, because I figured how can that hurt?
Oh, yeah, sure, sure.
Did it help at all?
Did you notice any difference?
I will say I don't know yet, because I went and closed everything before pushing it this morning.
So I will report back on how that goes.
I'm hoping it helps.
What did we figure out with the sleep?
What's going on?
Why aren't these B-links sleeping properly?
I don't think we know yet.
I mean, because Brent was prohibited from doing much diagnostics.
You dug into something, though, that said, like, S3 sleep had been sort of deprecated on these things.
Yeah, I don't know if that applies to the model that Brent has or not.
To be clear, the model that I do have is the B-Links Serf 5 uh just if anyone's out there hoping to help me
i we were poking around in like slash sys slash power um they've got slash state and slash mem
sleep and i guess mem sleep tells you some options like what sleep things are available
at least like at the kernel level so like s2 idle is one on mine and deep is another one.
And it seemed like Brent's system was reporting both of those.
On my system, it was set to deep and my system does suspend.
This is just my ThinkPad.
But then in experimenting this,
I changed it manually to S2 idle and then forgot about it.
And yeah, it turns out when you, you know,
it would quote unquote sleep
and go into a semi-low power state,
but not actually deep sleep.
Still drains the battery though, yeah.
I came back and I was like, oh no.
It's dead.
So that at least works.
So I wonder like,
it's interesting that the kernel's showing that.
Is it not getting properly triggered?
Is something else going on?
And then here I am again,
exact opposite side.
I've literally never once ever tried to sleep my B-Link, ever.
You just leave that thing on like a monster.
It's like a desktop, right?
I do.
Because every time I turn a computer off, it dies on me.
So I've just started leaving them on.
And then I put the monitor on a smart plug.
Actually, the computer's on a smart plug too.
And I just fire it on and off with automations and Home Assistant.
I find that much more reliable.
Okay.
So the trick is don't turn it off, Brent.
I wonder if I should learn from you
or not in this case.
You're turning it off wrong.
Yeah, clearly.
Now, I did have one more hardware failure this week,
but that's one last one.
Are you ready for it?
Yeah.
Okay.
What happened?
It's been a hard week.
So I've got my framework with me because I travel everywhere with that thing.
It's been awesome.
And, you know, with some of these hardware woes with the B-Link, I thought, okay, I got to lean on the framework a little bit more.
Well, it turns out, you know, I had a late night session that I was trying to get done real fast.
that I was trying to get done real fast.
And it took me about 20 minutes to log in because all of a sudden the keyboard decided to not exactly behave.
So I've got a cluster of about four keys around like O, P,
and the pluses.
And they just decide to not respond reliably.
So anytime I'd type in my password,
which of course requires one of those
keys oh no uh it would not register but for some reason at the password dialogue it like
in a serious way like maybe 0.5 of the time it would register the key when i would hit it
so i i i it took me 20 minutes because i i was trying to log in and find all these workarounds.
How do I just log in to get this work done without using the key in my password?
And, uh, it turned out I found after a while that I could fondle the keyboard in a certain
way and it would eventually register like a host of key, like 20 different characters.
And one of them was the one I needed in my password and I could delete all the characters
I didn't need and eventually log in.
Wow.
It was rough.
And I immediately enabled fingerprint logging in.
So that,
that was a good thing,
but yeah,
so I got a little something going on with the framework keyboard.
I think some,
you know,
damaged in the trip maybe.
Well,
I didn't think of that,
but it sounds like maybe,
or perhaps it was jiggled or something
and the-
Loose connection?
Yeah, loose connection is exactly what I was thinking.
So I have to take that thing apart and maybe, you know, try to clean a little bit.
And I had some keys off thinking maybe it was a little piece of, I don't know, debris
or something that got in the keys, but it wasn't that at all.
And Chris, there wasn't that much cat hair.
So it wasn't that.
I mean, the nice thing is you can take it apart.
Yeah.
Well, that's just it.
Right.
So I feel less bad that it seems broken because the path to fixing is a lot easier than a lot of these other machines.
So I have yet to peel this thing apart.
But when I do, it's easy to do.
But man, I was pretty depressed by the end of the week with all these hardware issues.
I bet.
Yeah.
And these are problems you think that are solved and now they're unsolved.
And you're like, wait a minute.
No, no.
I'm in the middle of a trip.
I need this all to work.
That's why I set this up the way it is.
I solved this already.
It worked a couple of days ago.
I promise.
Yeah.
But it does sound like maybe there's like a new hardware project on the horizon.
There is.
I thought this up you know i'm
here to visit family and i've got some extended family that lives in this area too and so the
whole point is to like spend time with family and so my mind has been thinking about family quite a
bit and i have a grandfather who you know he he used to go to a cottage that he'd have here on a
river and he grew up there and lived there as long
as he possibly could. And his health has deteriorated in the last few years. And he just
hasn't been able to be at the cottage. That's like the most meaningful place for him in his whole
life. Um, you know, his, his father owned that place, his grandfather was there. So it's like a multi-generational place for my family.
And, you know, I'm here partly to visit my grandfather, too.
You know, he's getting older and all that stuff.
And I had this brilliant idea, of course, Chris, as you know, sitting in a hot tub.
I had this idea with my father that—
Eating breakfast.
It was more like drinks.
Just snacks and drinks was it was the
second hot tub uh session of the day so breakfast had already happened oh sure of course and i
thought wouldn't it be nice if i could build for my grandfather a real time video stream of what's
going on in the view that he used to have for like 50 years you know can i set up a
webcam you know right near the picture window of his old cottage and have that projected i don't
know on a tv on his wall where he currently is and so i'm leaning on you boys and the audience
to help me think of how do i get this done? You know, there's a couple fun things in here.
There's some hardware, right?
We've got some hardware requirements on a couple sides.
So on the webcam side, which is on a side of a river that, you know, is almost off-grid.
It's got power and satellite internet.
But I'm sure we're going to need like a single board computer over there somewhere doing
something right and then how do we project that stream for him on just like a dumb monitor he
doesn't need to control this thing and he also isn't very computer literate so it can just run
100 of the time and just showcase a video stream but just boots right up into the video does he
have a screen now he's got a television okay does it have any kind of like set-top box like an Android or Apple TV or a Roku?
You know, he recently moved, so I don't actually know what he has.
But I believe-
So we may have to solve for that end of it too.
And part of that solution might just be a completely different monitor that just is dedicated.
That's an option too.
I think I'd say boost in,
if you have an idea on how to solve this,
I can cook,
I can cook up a few ways,
but I don't think they're great.
No.
Well,
this would be,
that's the point where I was thinking like a couple like H3s,
you know,
one on either end just to run this.
And we need some kind of way of capturing the video and,
and streaming it.
So is it.
Yeah.
And you want something that's reliable enough that like if a satellite internet gets a little
sketch, it'll auto resume when it picks back up.
Sure.
Yeah.
That's actually a challenge I hadn't thought of.
Yeah.
Maybe.
Yeah.
Hmm.
Right.
This is a terrible solution, but you buy two iPads.
Oh, yeah.
You tape one iPad to the wall and then you just leave them in a FaceTime call.
1password.com slash unplugged.
Go there to support the show and check out 1Password's extended access management solution.
Here's the problem.
You know, I guess you could picture it like this.
Your company security is a lot like the quad of a college campus.'s those nice brick paths that are well maintained they've been designed from you know
central planning those go between all the buildings those are like your company-owned
devices those are the ones that have it approved apps on them those are the ones where you can
manage identities and things like that but then there's those paths that the people actually use
you know the ones that are kind of like cut through the grass, the actual straightest line between point A and B.
That's more like the unmanaged devices.
Your shadow IT apps, non-employee identities, contractors that come along, you know, devices you have no control over.
And the reality is most security tools only work on those happy brick paths.
So you have users that are taking the shortcuts.
That's where most of the security issues happen, and it's a blind spot for most security tools.
That's the problem at a high level.
1Password Extended Access Management is the first security solution that brings all those unmanaged devices, apps, and identities under your control.
That ensures every user credential is strong and protected.
Every device is known and healthy, and every app is visible.
1Password Extended Access Management solves the problems of traditional IAMs or MDMs,
the things they just can't touch.
It's security for the way we actually work today, and it's available for companies with
Okta, and coming later this year to Google Workspace and Microsoft Entra.
So go check it out.
Support the show and see the demo.
Go to 1password.com slash unplugged.
That's 1password.com, the number 1password.com slash unplugged.
Support the show and check it out.
I think we move from bad to worse here.
Chris, at the top of the show, you promised us some difficulties for Giraffine, our beloved Giraffine
OS. Yes, our favorite
of the Android distributions,
built super secure, works on the Pixel
device, takes advantage of the hardware
security on the Pixel devices.
Really clean, minimal OS
that you can build up and even get Google Play on
eventually if you need to.
And they've made a lot of
changes and tweaks that make it
in my opinion and in their opinion more secure by default than stock android
and certainly more secure than a lot of the android devices that ship out there
but there seems to be a growing problem that makes these types of os's like lineage or calyx
or graphene less and less viable.
And the project, Graphene's doing everything they can
to try to stop this slide.
But it really came to light in the last couple of weeks
when Authy simply started telling Graphene OS users,
go screw yourself.
We don't want you.
We're sorry your app no longer works.
Oh, what's that?
We've never built in a backup or an export, so you're screwed?
Sorry.
You're on a hacked device as far as we're concerned.
And I'm paraphrasing.
They didn't really say that, but that's essentially the vibe that users received.
And they're screwed.
They forcibly log people out too, right?
Yeah.
It's just service cut off.
Yeah.
You're out.
And if you disable your Authy account, but you've used it with services that support Authy, there's a couple.
I'm drawing a blank, but there's even two that I use where they integrate with the Authy app.
If you close your Authy account, it will disable your ability to log into those services completely.
So it's really putting Graphene OS users that are using Authy for two-factor authentication in an extremely tough spot. And the root cause is essentially
the Google Play API verification layer that tells
you the device is secure. Even though
you can do a physical attestation that says this device is secure,
verified by the enclave or whatever it is. Yeah, right. You can do
that kind of lookup. Authy could do that.
Yeah, right.
I mean, and Draftian in particular, like,
does a lot of work to, you know,
like, it's not like a rooted phone.
Right, it's not rooted.
No, like, you re-lock up the phone.
I mean, yes, you've changed the key,
but, you know, it tries to take advantage
of all those things.
It tries to be secure.
So instead of using this, and there is a,
there's a standard Android hardware API to permit this check.
It works on Graphene OS.
The project confirmed that.
But they just delegated checking device integrity to Google.
And everybody's doing this.
It's becoming the way to go.
And of course, of course, Google doesn't say these devices are legit in that check.
And it's kind of how they control the Android ecosystem. And I just think this is an interesting little struggle,
like a little tiny struggle in the war that is the Google monopoly, as the US Justice Department
declared this last week. And Authy in general is the quintessential rug pull gone to crap
application. You know, you really shouldn't be using
it because you know these kinds of things it's an app that synchronizes your two-factor logins
across devices you knew that eventually was going to go bad right uh it's got no export option the
only way you could in the past was by using the authy desktop client and then running scripts
that kind of extract the password database or i of extract the two-factor database.
And then they got bought by Twilio. Yeah, and they shut down the desktop app as of last month.
So no doing that anymore. You can't even download it anymore.
Twitch. I put it in the notes. Twitch, if you just
deactivate your Authy account and you have Twitch paired to Authy
for two-factor authentication, it'll disable your Twitch account.
Just done.
Wow.
Yeah.
So it's a dirty app.
And then, you know, they've just done this change and they're just telling Graphene OS users to go pound sand.
And so I'm going to vote with my wallet and I'm going to walk away from Authy.
I should have done that a long time ago.
And I don't know if you boys have heard of this.
I'm migrating to 2FAS, 2-F-A-S, which is an open source two-factor authenticator.
Super nice design.
Works really well.
Available for iOS or Android.
It's open sourcing up on GitHub, so I have it installed with Obtanium.
Is that right? Okay.
Mm-hmm. And
it will automatically back up to your
cloud storage of choice. It'll do local
encryption, and then you can import
that on your other device. So you're essentially implementing your own
sync. And
on Android, it's going to just recommend you just
save an encrypted database to Google Drive.
It's small. It's tiny.
And iOS supports that, too. Okay. This doesn't sound bad. It's tiny. And iOS supports that too.
Okay.
This doesn't sound bad.
Very nice app.
I very much like this.
And the only problem is,
is, you know,
you got to do it one by one, right?
You got to go into each service.
You got a two-factor.
So you need to do this
while you still have Authy working
because you got a two-factor
to turn off the two-factor.
And then you got to turn the two-factor back.
Set it up again.
Yep.
Yep.
I'm going to scan it now with TooFast.
Oh, they have their, there's a TooFast server?
Yes.
Interesting.
And that's open source as well.
I wanted to hear your guys' thoughts on this because I considered solving this problem with Bitwarden.
Yeah.
And you and I have done that a little bit in the past for some things, and it works fine.
But I'm just trying to wrap my head
around that model. You know, the
two-factor model. And it feels like
the Bitwardens, doing it in Bitwarden while
very convenient, is
really one factor, in a way?
Yeah. And so it
feels like having a dedicated app that's open
source, that's just focused on these
two-factor tokens, was a better route. Yeah, I think
it depends on what you're trying to address and what like risk level you're comfortable with um you know if
they get access to your account then yeah you don't get a second factor to prevent anything in
that case uh you do then have other problems because they have your uh so i think you probably
want something different and you need something different if you wanted to have two factor four
bit warden itself anyway. So I think you can
have them all in a separate app or do like
a hybrid where things that you don't really care
about that compromise
scenario, then leave them there for convenience
and for things that you really do want
solid two-factor. Because I don't know about
you, but there's now so many
websites enable two-factor and I'm generally
supportive. But there's some things where I just don't
you know, like my credit card isn't saved all you have are records about I bought movie
tickets at your theater one time like I just I don't I don't need it and so for that I'm totally
fine leaving it in BitWarp yes exactly but for things that are linked to financial accounts or
like important details then yeah I think you're right having something that is an SMS and is an
open source app that that seems great yeah too, TooFast is GPL3.
So I feel a little more comfortable with that long term.
Compared to Authy, it's just beautifully designed too.
Like Authy just really shows its age in comparison.
TechDev has comments in the mobile room.
Yeah, well, recently I went through this same road of TooFactor with Bitwarden.
And what I realized is that while it's convenient, it's also really dangerous.
The particular example here that I found is I started using passkeys in Bitwarden before I really knew what passkeys were.
And for circumstances outside of my control, I lost all of my devices at the same time, except for my device with Bitwarden.
Oh, no.
So that meant that I had no phone.
I had no laptop.
I had no backup laptop.
They all got wiped, all the data gone.
And I was left with Bitwarden intact, perfectly fine.
Except the pass keys for Bitwarden are stored per device.
So now all of these services that I have
are trying to reference passkeys
that only exist on device.
And that's how Bitwarden does
at least passkey-based 2FA.
So it breaks then that security model
of what you have and what you know,
because you don't know anything.
And if you lose your device,
then you don't have something. So if you lose your device, then you don't have something.
So it's the worst of both worlds.
I think Bitwarden is a wonderful password manager, but not a great two-factor system.
Well, it sounds like some of that might be specific to passkeys too, though, right?
Like I've been a little worried about passkeys for that reason.
I think mine, I'm just using it for OTP two-factor.
In that case, it may work well.
Or even a security key if you're using it
within security key. But since the password or the passkey is device-specific, yes, you're right.
That is the caveat. Oh, gosh. Wow. No, that's a very important thing to be aware of. And
as hopefully unlikely as we might think those events happening, I mean, you're just,
it totally can. And you need to think through that scenario. Yikes.
You know, every single time we start to talk about this topic, I start to sweat slightly because I'm doing that thing of syncing my two-factor passwords, or two-factor authentications right beside my passwords in the same database.
Right.
Which always is like, hey, this works really well right now, but is kind
of breaking the whole point.
But Chris, it's the one factor, two factor setup.
It's like makes the websites happy.
It's 1.5 factor.
It is 1.5 factor.
And Wes, you've always said, well, why don't you just have a decent two factor for your
password manager?
And that way you're kind of applying two factorfactor to all your passwords in a way.
And I think that's a pretty good solution.
But, Chris, you kind of get me here with too fast.
It seems like this syncing across mobile devices is at least a feature I haven't seen elsewhere.
I could be wrong there, but that gives me hope.
It's using your own cloud back-end
storage or google drive or something like that but that's perfectly fine which i'm yeah i'm
perfectly fine with that because my worry was always especially with how much i travel is
exactly what tech dev was saying is you know i've got this this one device a mobile phone or
something that uh has all my two factors on it and uh yeah i can export them on a one-off but
you know i'm not going to do that on a regular basis. And so when, when that device goes down, cause it will at some point that I can't control for, for the most of the time, you know, when the dump truck comes and crushes my phone, um, usually it's always the worst case scenario, right? When you're traveling or away from home, like all my hardware is failing right now.
all my hardware is failing right now.
And it almost seemed like, you know,
you've got to do the trade-off between how secure you are
versus how willing you are
to put up with those situations
when they come when you can't plan for it.
And I've leaned on the side of being less secure,
which I feel really awful about
because I have not found a great solution to that.
But this syncing seems like you got my ears up at least.
If you try it, I'd love to know what you think
about it because I'm pretty happy with it so far.
Yeah, I'm going to give it an install.
All right.
So also what, they have a browser extension?
Yeah.
And the server is involved in that?
Yeah, now I haven't gone down that route,
but that is on my something I think I want to dig into
if I keep using it playing.
That seems cool.
Yeah, that's an interesting idea.
Mm-hmm, yeah.
One last thing on the Graphenehing os slash drafting os topic and i don't have a lot of information on this
particular one but they're popular enough now that companies are bundling up graphing os and
then selling their phone as like a secure phone the ultimate secure phone and unfortunately and i really mean this sincerely
it is i i feel really really crappy about this unfortunately the folks that are doing this
at least one of them is called unplugged the phone company is called unplugged and uh yeah
i i guess i just big fail horn to that because they're clearly agitating the
graphene OS project and the fact that they're called unplugged.
I'm like, Oh no, I don't want to get like guilty by association.
We like the project.
I don't really know what they're doing wrong.
Other than by reading the Twitter feed of graphene OS, it appears that perhaps the unplugged
carrier is installing, um, maybe an app that uses accessibility to get like extra above and beyond access to watch everything.
Yeah.
Yeah.
Right.
And so it's being sold as like a super secure phone using graphing OS.
But then they've essentially bypassed a lot of the security and made it a spy device.
That's the implication.
I get reading the thread.
I will link to that.
I do not know the details of the situation, but I just felt like we've been such fans for more than a year now.
We're almost going in on two,
closing in on two years of using graphing OS and go figure somebody out there
that's harassing them and give them a hard time is named.
It's not us guys.
Somehow listen to Jeff got one sent to him.
Oh,
an unplugged phone,
Jeff.
No,
no,
sorry.
A buddy of mine sent me like,
you know,
Hey,
I heard about this on a podcast.
Check this thing out. I know you're into security. And I'm like, I looked into it a little bit. Yeah, it seems pretty dang sketchy.
They're getting spread around. Yeah, I've been sent a link too. Is this you?
Normies are hearing about it for sure.
Make an easy sponsor though, I think.
I know, too bad they have to be screwing it up.
Look, the only phone we ever made was a Windows phone.
Look, the only phone we ever made was a Windows phone, okay?
Yeah, if any Windows phone, anybody has inventory out there and wants to unload, let us know.
We got your listeners there ready to buy up some Windows phones.
If you listen to this show, you're probably pretty observant. And if you've listened for a little bit, you've probably noticed that this spot right here usually has a sponsor in it.
In fact, pretty much for the entire run of the show, Linux Unplugged has been totally sold out.
Every now and then we'd, you know, maybe have an opening and we'd rotate somebody in,
but we get to be really picky. It was actually kind of a great position to be in.
Now we maintain that pickiness, but it's not really too many people knocking on the door for this spot.
The podcast ad market has collapsed.
The CPM is what they call it, which really is clicks per thousand, basically downloads per thousand,
has declined for the last two years.
The rate at which podcasters can charge has declined for the last two years.
podcasters can charge, has declined for the last two years.
So podcasters are making less money while things like the cost of doing business and cost of living and inflation have gone up.
Like what?
Maybe 15, 20 percent.
And the podcast billing is down about 8 to 10 to 20 percent.
And there's less ads to go around.
That's why I'm a big fan of the boost and that's
why we've been advocating this for now for almost about two years linuxunplugged.com slash boost
you can boost from the web there's no middleman there's no surge in marketing because you know
interest rates go down all of that kind of gets abstracted away. It's the value you get from the show you give back to the show.
It's value for value.
And when we get sats on this end, as a business, we can choose to sit on those sats,
and we can sell them for a pretty tidy little profit if we need to.
Because even with Bitcoin on sale right now, as it were,
it's still up something like 50% year over year.
I mention that because as a business, we can kind of be tactical.
We can say, okay, we can sell now, we can hodl now, and we can beat inflation, we can beat the fact that ad rates are down.
And it comes directly from our audience, so it makes our audience the biggest customer.
There's no company we have to go to to ask for the funds.
There's no sponsor that feels like, eh, maybe we got a little too political this episode,
so we're not going to sponsor anymore.
None of that really happens.
It's just whatever makes the audience happy keeps us going. So there's two ways to support us
directly. Linuxunplugged.com slash boost. You can boost from the web now. You just need something
like Strike or Cash App to send those sats over Lightning. Or support us every month with your
fiat. We love that too. It's linuxunplugged.com slash membership. That gives you some nice ongoing
perks as well, because there's still a nice traditional system around that where we can generate you an RSS feed for a specific version of the show.
Maybe you like the ad-free tight version.
Don't have to hear this anymore.
Or maybe you like the full uncut version of the show with a lot more content.
That's the bootleg.
Both are available to you.
We really appreciate that support.
So it's two ways to do it.
Linuxunplug.com slash boost and Linuxunplug.com slash membership.
Two ways to do it, linuxunplugged.com slash boost and linuxunplugged.com slash membership.
We can beat the ad collapse, and we can keep on going directly supported by our audience.
If you think about it right now, there's never been a better time, too, to experiment and test this technology out.
We're at a great phase in technology and networking.
You can even play with this right as podcasting's at this stage.
So I'm pretty excited about the future, and we appreciate your support.
linuxunplugged.com slash boost, and LinuxUnplugged.com
slash membership.
And
now, it is time for
Le Boost. Well, we got some
wonderful boosts from
all of you this week, and
Baller Booster,
Supreme Hybrid Sarcasm
came in with 500,000 satoshis.
No!
Hey, rich lobster!
Thank you, Hybrid. That's incredible.
He writes, take the week off, boys.
Yeah, on the member feed, we have been pondering about perhaps taking a week off or so in Sunday.
We've never taken a week off.
In fact, even when I was dying in the hospital, you guys still got together and did a show.
So we've never done that before.
And I don't know.
I was thinking maybe we could do – there's so many classic topics we we've talked about like we could do like a peek back into the archive
but we also would love to still have
you know the support to keep the show going so thank you hybrid sarcasm that puts us
a little bit towards that goal I mean I hadn't you know that's
you know if he's voting he's voting with the staff for us to take a week off I mean we should
consider it should consider it.
We should consider it.
So thank you, Hybrid.
I really appreciate that.
That's an incredible boost.
And we know right now that the show has made it this week.
So we'll take the rest of the week off.
It seems like the golden dragon in our mumble room has a little something for Hybrid.
Okay.
What is it?
What you got?
You know, he's been such a legend over the last long time, ever since the boosts have really started.
It's really amazing to see someone like Hybrid just really reach out and say,
hey, look, just take this break.
I mean, you guys really deserve it.
You guys have been going on forever.
I agree.
I agree.
Round of applause to him.
It is nice.
It's really nice to know that the support's out there for us every now and then to take the foot off the gas pedal.
You can tell I need a break. Don't even know my analogies anymore.
Thank you, Hybrid. Really appreciate it.
Deleted boosts in with 350,000 cents.
Wow!
That's amazing. Thank you, Deleted. What a week.
That's amazing.
Thank you, Deleted.
What a week.
After hearing the standings for the boost totals,
I feel the need to channel Ralph from the 1990 Teenage Mutant Ninja Turtles movie.
I mean, come on.
How do you guys expect to beat me?
He gave us a link to the reference here.
Now, I'm a big fan.
Classic.
Classic. You guys must be studying the bridge book of ninja fighting.
Oh, yeah.
Takes me back.
Kicking some turtle butt.
How did they ever expect to beat him?
Incredible.
Thank you, deleted.
Did you ever watch the Teenage teenage mutant ninja turtle movies yeah definitely you
did yeah appreciate it thank you well vamax boosted in with a hundred thousand sats i hoard that which
your kind covet wow hey about jupiter broadcasting taking a week off this boost is to help you folks
get there maybe someone or some ones from the community
could do an episode to cover the week i'm still a very junior engineer so i'm not sure i'd have
enough value of an episode unless folks want to hear about my various k8s home labs grew ups
i do yeah that sounds great joins in the mobile room come on i want to hear that
you know how cool would it be if we had this thing so automated that, like, Sunday morning at noon Pacific, it goes live and the Mumble Room opens up and they can just sit here and hang out and have a live stream.
And it ships.
Yeah.
There's an MP3 available.
It's all technically possible.
For sure.
It's just a matter of time.
And there's nothing more scarce than time.
But, geez, that'd be cool.
You could technically do it without the studio at all if you just went right to the JB Live FM stream, too.
There's multiple ways to skin that particular project.
Rotted Mood comes in with a very healthy 100,000 cents.
I hoard that which your kind comes.
Wow.
How about that?
Value for value with a
live long and prosper, he sends.
And also, he said, I had tried
sending in the last few weeks, but I couldn't
do it. Issues with the product, I
won't name because I don't want to talk negatively
about them.
Yeah, same. If you got any errors when
boosting in this week, I have been transitioning
nodes. So I'm
in between nodes at the moment.
And I'm feeling really good about it. I feel like, you know, I had a good time with my old node
and we learned a lot from each other. But it's time for me to go out there, spread my wings a
little bit and maybe hook up with a new node. So if you get any errors, if you boosted recently,
I apologize. I'm sorting it out.
You know, that new node, relationship energy, you got to ride that.
And that's what I'm sorting out right now.
Keep those channels balanced, man. Oh, the channels, Wes.
So many channels, Wes.
Are you, like, swiping left on nodes?
Is that what's happening?
Or do you swipe right?
I don't know how that works.
Swiping right and left on channels, at least.
VT52 comes in with 60,000 cents.
I hoard that which your kind covet.
This first boost here, services.jb.summerbreak.enable equals true.
Oh, I get it.
That's a boost to enable the summer break.
I was actually thinking it'd be in September, though.
Would that make it an early fall break? It's summer in some places summer in some you know this is incredible we didn't even announce this in the
show this is amazing i think we should actually make this official i should think about this and
get the dates and come back next week because yeah we could cover for a week or even two i don't know
that'd be amazing we've never done that i don't i actually i'm a little scared by that it scares
me a little bit to think we'd take two weeks off. But one week, it doesn't feel as scary.
Yeah, just one week.
Come on.
Be fine.
I mean, I think we'd have to release a best of.
I could not do it without not releasing something.
Like, I literally could not do it.
But I've always wanted to try to do a really decent best of.
Because if you've got a show that's been running for nearly a decade, there's a lot of history to pull from.
So, maybe.
a decade there's a lot of history to pull from so maybe are you saying that listeners should boost in with their favorite episodes so we could put together like a best of you know that's not a
bad idea that's not a bad idea uh is if you want to send a little support boost and we should have
said this earlier well we hadn't thought about it but if you want to send a little support boost in
for us take a week off maybe suggest a moment we cover, too. That would be really helpful. Yeah, episode time code would be.
Yeah, and our goal is really the more stats we can stack for that week,
the more time we'll take off, I suppose.
I know that's a weird thing to request.
I've never done anything like this before.
But the idea would be that way, you know, like the podcast index still gets a little bit.
Everybody gets to stack a little bit.
Drew, editor Drew, still everybody still kind of makes a little bit for the week even though the show doesn't go on um which is really kind of part of the problem
is we're all we're all just doing this um on our own so like when we don't do the show
nobody gets paid nobody makes any money and the network doesn't have any content and it's like
everything stops like editor drew doesn't have a gig like you know it's like there's ramifications
there people depend on that kind of stuff.
So that's what we've been trying to solve with this.
And the reality is, too, is you don't want people to lose the habit of listening.
There's always that fear that people would stop listening if you took a couple of weeks off. You know, if you check on Sundays, there's going to be a Linux Unplugged in your feed.
You know, it's funny because in the era of magazines, we'd wait an entire month between publications, right?
And now it's like the internet.
It's like, oh, God, if you go more than a week, they'll forget about you.
So that's, yeah,
I'd love to hear your suggestions.
VT goes on to chime in
on our talking about
and exploring Bluefin and uBlue.
Containerizing the entire desktop
feels like going the wrong direction to me.
Bare metal most things
and containerize,
flat pack, whatever,
risky and security sensitive stuff. IMO
Moore's Law gains should
be spent on making my experience
faster, not on adding more
layers of abstraction.
I mean, I kind of
think that's what I was sort of getting at
and feeling, and I think you just put
it in better words than I did, for sure.
Although I like what they're building
over there, and I don't take away from it, could totally see myself using it from time to time or having family
members use it yeah but i do agree also with the with the premise there thank you sir appreciate
that boost vt now listener jeff sent in a couple boosts for a total of 34 3. Put some macaroni and cheese on there, too. It gets me every time.
The first boost here, long time no boost.
Time, treasure, or talent, right?
Well, I've spent some treasure in order to make some time using my talents to bring some
mesh.
It may take a while, though.
More to come soon.
Also, I'm all for sending sats to get you folks a few weeks off.
Oh, thanks, Jeff. Also, tease for the for sending sats to get you folks a few weeks off. Oh, thanks, Jeff.
Also, tease for the members version of the show.
We did talk a little bit about the early bits of the Meshtastic project that Jeff is working on.
Jeff also sent in a boost here, Rove Ducks, just announcing the meetup that we mentioned earlier in the show.
Just a reminder, it's November 7th in Sacramento.
Check that out.
Whoop, whoop.
And I think this whole thing kind of started by a little chat in the West Coast crew matrix chat.
And now it's blossomed into a lug meetup.
Temple Coffee Roasters.
Go check it out.
CuracÃa is back with 24,690 sats.
Pew, pew, pew.
Take it slow.
Hey, I just wanted to point out that while you are crowing about how awesome the Cosmic Config layout is,
you are also crowing about the Windows Registry.
No big deal.
It's just always funny how these things come full circle.
You know, I'm not a huge registry hater, and if the registry was a flat file system,
I think I'd actually be totally fine with it.
Yeah, I wonder if the registry might be one of those things where, like, the principles behind it are, like, there's, like, lots of stuff to totally fine and to like.
And it's just, like, the particulars, the implementation.
Well, it's just its own.
It feels like you're going under the hood in Windows.
It feels like this weird, bizarro language and all of that.
But very powerful hive registry.
Yeah.
Yeah.
And it's like,
just come on guys.
Just make it a file.
Hey,
did you notice that this might be a space balls boost?
You think so there,
Brantley?
You think so?
The combination is one,
two,
three,
four,
five.
Yes.
That's amazing.
I've got the same combination on my luggage.
Yep.
They go on to say, talking about full disc encryption. I use it everywhere on all data, unless there is a serious
performance hit, but in all the tests I've done, there doesn't really seem to be enough of one to
justify not encrypting at least with modern hardware that has AES acceleration. Now, the
reason I encrypt everything is if you piecemeal encrypt now,
the attacker knows where to focus and where you made that,
and it makes their job easier.
Great point.
I had been before talking about
how I'd love to be able to just encrypt one directory.
That's sort of, that's a big target right here.
What you want is right here.
Yeah, I remember the BcacheFS docs
talking about one reason they hadn't gone down that route,
at least right now,
is just it was a lot more complicated if you wanted to keep similar security guarantees.
I wonder, too, if you combine with something like compression, again, something the CPU is very good at now, combined with the speeds of SSDs, I wonder if you actually would negate the performance loss of encryption.
By gaining the performance increases of compression reads, you may actually be just closing
the gap that you lost with
slowing things down with encryption. I don't know.
Someone should do the test. Run a
pharonic suite on it and tell us how it goes.
Todd from Northern Virginia boosts in with
22,222
SATs. Things are looking up
for old McDuck.
SATs on sale. Cheers.
Todd, I like the way you think.
I agree.
I agree.
It's a great time to boost
when sats are on sale.
I'll take the golden dragon too,
why not?
Because the golden dragon
show mascot boosts in
with 17,222 sats.
The golden dragon!
My only issue is
one of my main tools I use
hasn't been able to work
on Wayland yet.
Ah, yes.
Yes, I think that's also sometimes made the sleep situation harder for some of our systems as well. We'll get there, though. And here's a live boost.
More sats for the Gen 2 Challenge.
Also, you guys are a great light in my latest saga on low times, and it's always a pleasure
to join live. Thank you, GoldenDragon. Brantley, there's a lot
of support for this Gen 2 challenge.
Hey, so I listened
to the last episode
and it seems like
you signed me up
for something
in that episode.
Is that true?
I mean,
is the lack of something
the action of something?
I don't know.
I just,
I think we're just
along for the ride.
It's really,
we're following
the will of the listener,
I think.
And what do you know?
Maybe a Gen 2 build will actually properly sleep on the Beelink.
Oh, Wes.
And the Golden Dragon signs off with a little bit of wisdom.
The greatest factor is change over time,
and we can either move with it or fight it.
Love you guys, and keep up the great work.
Thank you, Dragon.
Thank you, Dragon.
Appreciate you.
Now, Anonymous came in with a total of 6,500 sats over three boosts.
Everything's under control.
No message, no username, just some value for value.
Thank you very much.
And The Immunologist came in with a row of, wait, this is a bunch of threes,
3,333 sats.
That's right!
Well done decoding my previous boost soon everything will be much less
confusing when open zuza will change their name oh come on is that is he joking or is he serious
i can't tell it depends what the name ends up being that's the best part about it because like
if he's from open seuss or an open seuss user then he's serious and if he's outside of seuss
he's joking and you just don't know.
You don't know.
Okay, well, I look forward to more name changes.
It's good we got that one last one, right?
Because I feel like today, I don't know, we're not doing a skid to jump.
What I need is a flowchart.
I need a flowchart.
Chris, you did say last week you needed a cheat sheet,
and I didn't see any boosts about cheat sheets yet.
Mm-hmm.
Yeah, it's because now I think I need a flowchart.
Zach Attack comes in with 2,200 sats.
Roger that.
Universal Blue's Bluefin showed me that Gnome can be usable with the right extensions.
I run Aurora and Bluefin on systems I need low maintenance on.
I'll probably go on the parent's machine eventually by the end of summer,
and Cosmic has me excited.
It looks to be a good blend of gnome and plasma.
I'll probably test it once it makes the first major point release.
Maybe like a 1.5.
It's a good idea.
I think the initial impressions, I've seen people talking about it very fast.
But there are some things missing.
It is early days.
But you can see them iterating pretty quickly.
And, again, it is fast., but you can see them iterating pretty quickly. And,
um,
again,
it is fast.
Thank you,
Zach.
Vake boosts in with 2000 sats.
I hope you didn't get kidnapped by aliens.
I think that might be referring to Brent.
Yeah.
Well,
maybe I did.
It was,
yeah,
we're not actually sure.
Yeah.
I actually think it's probably 50 50.
It could easily be a chunk of missing time in that, you know, long drive across country.
I think the twin is actually a clone that was put here.
And they were initially trying to just trick us into thinking that Brent was always here.
Because don't you think it's a little weird that it took like a year and a half or so before Brent told us he had a clone?
And I think that was only after he was discovered.
And then he plays it off as a twin.
That could have been growth time.
Yeah.
Well, you gotta put him in the maturation chamber.
Yeah, right.
Isn't it also weird how I keep podcasting
from a bunch of different locations
that I sometimes do and sometimes don't tell you in advance?
Hmm.
Well, Martin DeBurr sends in a 1-2-3-4-5,
said Hoshiz.
We're gonna have to go right to ludicrous speed. Well, Martin DeBerr sends in a 1-2-3-4-5, Satoshi's.
We're going to have to go right to ludicrous speed.
Really interesting discussion about Universal Blue.
I think Bazite, Aurora, and Bluefin are very interesting as well.
Also, the dev additions for anyone that wants to experience, or mess with, the container technology.
Keep up that great coverage.
Thank you, Martin. Martin, think about this, too. Keep up that great coverage. to manage their own universal blue system or something like that. So it just seems like that user base is going to grow and grow and grow.
And I suspect they're going to pick up a lot of people that don't traditionally consider themselves Linux users,
but they consider themselves system administrators or they consider
themselves in the DevOps field or whatever.
And they see that,
oh,
I can use the skillset and tools that I use to deploy applications and
manage things at work or in my projects to deploy and manage my desktop so it works the way I want.
And that's going to be the vector in which they start using the desktop and Linux.
The cloud to desktop Linux pipeline.
I like it.
I think it's actually going to be a thing.
And I feel like the Universal Blue Project's in a perfect position to be sort of the funnel for that.
Sneaking in a live boost, Magnolia Mayhem comes in with a hundred sats just to say burnout is real.
Take a break.
Coming in hot with the boost.
Wow, thank you.
Yeah, I think it feels like just a recharge is what's required.
Just a bit of a recharge.
Catch the breath.
Actually, what it is, it's just clear the head and not worry about things for a couple of weeks or a week, even.
And then come back recharged, refreshed, and excited.
You'll probably get sick, though, that week, right, Chris? That's usually how it works.
Maybe I'll just, like, be, just, oh.
No, I'll just stay with the wife. I'll quarantine with the wife.
Well, I'll be 1984, boosted in 4,000 sets.
That's not possible. Nothing can do that.
Now, Oppie simply says V for V-Boost.
Thank you, Oppie. It's always nice to hear from you.
Fuzzy Mistborn comes in with 12,100 sats.
The traders love the Vol.
The craziest thing I ever ran in a container is Blue Iris.
It's a Windows-only NVR software.
I've had some issues with it,
particularly the GPU acceleration,
but I did get it to work.
Although the image hasn't been updated in a while.
Here it is.
We will come back to craziest things
you can run in a container in a moment.
Blue Iris is badass.
I've heard great things about Blue Iris,
but I've never been willing to go the Windows route.
Windows in a VM is chef's kiss.
Or in a VM that's in a container,
I guess.
Yeah, that sounds like the best way to run it. I don't know.
Yeah, maybe so.
BHH32
boosts in with
5,000 cents. You're so boost!
I've been running Cosmic
on Pop dual booted for
months now. In the beginning, it was rough, but I've got to watch it evolve.
It actually is so stable and featureful already that I use it full time when I boot into that partition,
as well as on my daily driver Fedora install.
It's fast, smooth, and simple.
The launcher is almost as good as KRunner,
and I'm beginning to miss it when I'm using a computer without it.
That's a good sign.
Also, it works flawlessly with an NVIDIA hybrid laptop.
Yeah.
This DE might be my forever home.
Ooh, well, that's good to hear.
Wow.
Thanks, BHH.
That's some good feedback.
I wish I would have had a chance to try Cosmic with an NVIDIA card.
I've slowly worked them out of my life, but that hybrid option is really appealing.
I do have an AMD and an eGPU.
So it probably worked for that.
Uh,
but that's quite the testimony for cosmic.
Thank you,
sir.
Southern pride.
Sessa frass came in with 5,150 cents.
Yes,
sir.
Sir.
Sir,
sir,
sir.
Take a week off.
I selfishly don't want y'all to because i like the new content every week but
everyone deserves a break now and then if you want to do it without feeling guilty you can always
pull an old banger out of the back catalog and replay it maybe you record a new intro in front
of it too make a sass for us you know i could see us doing that sitting down there you know we got
our uh we got our like beverages in our hands clinking it with the ice you know boys i remember when we talked about this back in 2018 zip you know and play a clip
that actually sounds really fun but that's not us taking the week off is it i'm in i'm just
incredibly impressed though that so many people picked up on this did we even we didn't mention
it in the show right i don't know okay know. Okay. All right. Maybe we did. Digital Farmer comes in with 10,000 sats.
B-O-O-S-T.
Long-term listener, first-time booster.
Hey, right on.
Congratulations.
I just wanted to send some value for value I've received from the show.
Well, thank you, Digital Farmer.
Oh, you sent it from Breeze, too?
You took a real trek.
That's a genuine self-hosted path you took there.
Very impressed.
Thank you for taking the time and the effort.
A Devri is 17 boosts in with 10,001 Satoshis across three boosts.
Oh, there he is!
Boost!
Adversary 17.
There we go.
I couldn't remember what you...
I kind of changed it up.
I was going with A Devri.
Yeah, that's good, too. Ad I kind of changed it up. I was going with Adev Rees. Yeah, that's good too.
Advries.
Make it show.
All right, well, Brent, if you Gen 2, then I will too.
Oh!
Talk about the social pressure.
Never installed it myself, but I have done the official Arch Linux from scratch challenge
when I installed Arch with only the help of the Arch wiki on my desktop PC
and went full X-Monad
with ButterFS en route. Impressive.
Great system, but one update to
GLIB-C broke everything
and I gave up maintaining it. Oh man,
I am so sorry to hear that.
I was able
to roll back the update because I had pre- and
post-Pac-Man hooks, but I was spending more
time maintaining the system than actually getting
work done. I've been considering getting
a Garmin Instinct 2 Solar as well.
After this episode,
it looks like I'm definitely going to.
I'll update you fellas after I get it and have
some time to use it. I would love to hear
your results, because Brent and I
were chatting before we turned the mics on,
and I'm still very happy with mine.
And I did
manage, did I tell you boys I managed to scratch it up on my trip?
No.
You know what?
Yeah.
Yeah.
It hit the bottom of the pool and it took damage.
So it will scratch pretty easy on the bottom of the pool.
But those things are pretty rough.
It's kind of a sign that you've, you know, you're really, it's yours now.
Like you're, you two are bonded.
But I feel like I've had it for a couple of months and I've probably charged it two and a half times.
Yeah.
It's incredible.
So it's really great.
It's really nice.
I will say I've been using the heck out of it this week.
I've been commuting to quote unquote work via a canoe.
So I've been like clicking that on every single day.
It makes me feel good.
And but.
Oh yeah.
Because you get a little workout on your commute to work.
Yeah.
And it like, you know, the little, the little Tamagotchi on my wrist seems to think that's
a good thing.
So, uh, Chris, you and I were also, uh, kvetching about how bad we're sleeping recently.
So at least this helps me realize it.
It'll help you actually have to be accountable for it.
There's that too.
Now, Gene Bean came in with 4,444 s sats which is a double row of ducks this old duck
still got it i've got a question um do y'all have any experience with netbird or any of the other
fully self-hosted wire guard solutions tailscale is nice but not the answer for a use case i have
rattling around in my head looking for something where I can do a hub-like setup with multiple servers at
the center and each done connected to all hubs. The spokes should not be able to talk to each
other. This is why I need a hub-like setup. Your experience would be much appreciated.
Great question, Gene Bean. That's a great boost.
Yeah, sounds like an interesting project.
Wes, do you have any thoughts? I know you have pretty extensive experience with NetBird,
or at least compared to the rest of us.
Yeah, I mean, I like NetBird.
Obviously in the same sort of mesh network space
as on Tailscale and Nebula and things.
NetBird is probably more similar to Tailscale
because it also uses WireGuard under the hood.
Though also under the hood,
there's some differences around the exact specifics.
I think it uses kernel WireGuard
instead of the UserLand version, which has various pros and cons and all kinds of details you can get into if you care.
But I found network to be not quite as feature rich as tail scale, but it has, you know, does some things differently that you might like better or worse.
And it has definitely been reliable and open source and you can self host it, which is all great.
and open source and you can self-host it, which is all great.
I don't know that it makes, I mean, I think you could probably bend it into working for this use case, but probably in the same way you could with Tailscale, you know, between
like your own routes you set up and ACLs and groups and the like.
What about Nebula?
Is this a job for Nebula?
Well, I think they're all kind of designed primarily around like-
The hub and, or the kind of flat mesh.
Yeah, right.
Yeah, the flat mesh and everything's P2P between each of the nodes.
So I think you could
kind of enforce things
to route,
you know,
you could expose stuff.
But you have to do it yourself.
Even with Tailscale,
you could technically
pull this off with ACLs.
And obviously,
like you can add your own,
you know,
if you have your own routing
for your networks
that you're managing on top,
you can use any of the tunnels
you establish over
something like this
to then like just act
as a single VPN tunnel.
Does he want just
a standard WireGuard setup?
Just a manual hub model?
He could do that, probably.
You'd have to design it yourself and lay it out.
And if it's a dynamic system,
then you're going to have to deal with managing how it updates.
Another project you might check out,
I don't know if it is quite a fit, I might have to know more,
but is OpenZD, which is open source zero trust networking they talk about a
lot about that because they um one of the primary ways they want you to engage with it is using like
sdk clients so instead of having like an interface on your system that talks to your you know uh
back-end network your client just you know uses the sdk to open up a basically like a you know
port on your internal mesh network that's handy but they also have like whole host you know uses the sdk to open up a basically like a you know port on your internal mesh network
that's handy but they also have like whole host you know things kind of just open like an interface
on your thing and dedicated interface yeah so that that works just fine but they're intentionally not
a full mesh like where each node is p2p with each other uh so you have like actual you know
nose on the edge with clients whether that's like a client that's for a whole PC or a client for a specific application.
And then those talk to routers and the routers are what form the mesh.
So you can use like the routers as maybe like a hub layer and then have the clients, the
clients don't need to talk to each other as long as they can talk to each other between
a router.
Yeah.
Okay.
That could work.
So that's OpenZiti, Z-I-T-I.
I will put a link to that in the show notes for you, Gene Bean.
It's a great question.
And if anybody has any suggestions, please send them in.
Gene from Antique comes in with 2,000 sats.
When Brent shared his Morse code open and shut app on LUP572, I remember that.
I came across CollapsibleOS, Bootstrap Post-Collapse Technology at CollapseOS.org.
It's based on the fact that the collapse of the global supply chain is probable by 2030.
Make sure you read the why page.
I'm interested to think what you think of the future of Bitcoin in this case.
Not to sound pessimistic, but we can't predict all what will happen.
So let's enjoy what we have today.
Good point, Jin.
You know, I think we're all going to survive on a meshtastic network using MQTT to pass things around.
That's what I suspect.
Can we do IRC over that thing?
Oh, you bet.
Dude, if you could do a BBS.
Yeah, right.
We're going to get IRC to work.
I fear none of that's going to reach me up in the mountains.
Someone come save me.
Well, you know.
We just got to lay a mesh.
Yeah, with them hills, you'd probably get a big antenna.
Get you a van.
You could just drive around.
Don't worry, Jin. Where there's a will, there'd probably get a big antenna. Get you a van, you could just drive around. Don't worry, Jin.
Where there's a will, there's a way.
Megastrike comes in with 8,000 sats.
Hey, look at that.
That's not bad.
You shall all bombard.
Plus one for the Toronto meetup.
Okay.
Toronto meetup.
Also, yes to the Linux desktop coverage.
Okay, okay.
I really enjoy hearing about the latest developments and
ability to customize, and all the
customizations you can do.
Some more in-depth Hyperland coverage
would be nice. I've gotten into
it recently and love the fact that you can build a desktop
essentially from the ground up the way
you want. Thank you. That
is a good suggestion. I think I have
been meaning to really give Hyperland another go since
the first time I took a look at it when it was brand new, when I was just a baby.
When I was just a little baby.
Yeah, it's been a long time.
Does anybody know of like a great Hyperland out of the box experience?
You know, because that's usually my route is I'll try like somebody's very opinionated setup.
And then if I like it or if I feel like I could do better or want to do better, then I'll go build it up myself typically.
If anybody has any suggestions, I'd love it.
Now forward humor boosts in a row of ducks.
Okay, about this whole Gentoo challenge.
So Brent, maybe you were not destined to build Linux from scratch or other painful activities
your audience or co-host might encourage you to do like Gentoo.
I'm with you.
or co-host might encourage you to do, like Gentoo.
I'm with you.
Stable and simple is a high value,
and being able to trust your updates is table stakes.
Okay.
I think if you don't do Gentoo,
then you should have to, like,
try and build OpenSUSE from scratch somehow.
Yeah, I mean, what does do safe and stable updates?
I mean, not something I'm going to mention.
Not something I can't mention, that OS,
but I don't think it was your tumbleweeds over there.
I don't know, but I get his point.
Like, ultimately, if you were for serious doing this for your own machine,
you'd want something that's a little more rock solid.
They say Gen 2 can't be rock solid?
I was just going to say, having run Gen 2 in production for multiple years,
I actually never really got anything that ever went sideways was my own fault. Really.
I don't think I ever really had to survive any major transitions or anything, though.
So I probably got lucky in that window of time.
Well, we rounded out with Limpin, who comes in with a row of ducks.
And it is their very first boost, which is absolutely fantastic.
Thank you very much.
Appreciate you taking the journey to make that work.
And I hope we get to hear from you again in the future. We had 27 boosters and we had 36
sat streamers as they listened, who also streamed in an additional
49,380 sats to bring us to a total of 1.3 million sats this week.
You know, I really appreciate this because the show has been down a
sponsor now for over a year.
And really, we've
been able to continue right along.
As if, I mean, at these
levels, we don't even need that other sponsor.
It's pretty incredible.
And the community support, just by the even perhaps implication that we might want to take a week off, has been really, really fantastic.
Can't wait to tell the wife about this one.
Thank you, everybody who boosted in.
If you want to get in on the fun, if you haven't done it yet, it's easier than ever.
You can boost from the web now.
If you go to linuxunplugged.com slash boost, you just need an app that supports Lightning.
Strike's fantastic.
It's available in more
than 100 countries.
Recently just launched
in the UK.
Shortly after that,
it had also launched
in the EU.
So a lot of the people
that speak the English
now can get their access
to the Strike,
but also Cash App's fantastic.
My family uses that.
It'll work for you
to also send sats
or anything that's
on the Lightning Network.
We'll do that for you. Or you can get a new podcast app and get it all integrated with all the new
podcasting 2.0 standards that are all open source and a huge like 22 000 podcasts now we're taking
advantage of it's a growing community every week you can get one of those apps like fountain
at podcastapps.com and of course thank you to our members who also support us. They get access to a ad-free version and a bootleg version, which is a lot more content. And everybody that comes together to make sure that this show, the world's largest Linux podcast, goes out every single week. And we couldn't be more grateful. Thank you, everyone.
To you all, truly humbling and truly motivating as well.
And with that, we have a banger of a pick this week.
We've been sitting on this one for a little bit, trying to play around with it.
And it's in the similar vein that we got in a boost. Instead of running Windows inside a Docker container, which has a VM inside of it, you can actually run macOS.
And not only that, you can get access to the graphical desktop and a range of macOS versions that's even hard to actually get installed in the physical world.
And I started looking at this probably about a month ago as maybe a plan B for running the Blue Bubble system.
Ideally, you get a nice robust x86 Linux box running in a closet or running maybe on a VPS or somewhere.
Then you load this
Docker OS 10 container with Mac OS in there and get Blue Bubbles working.
And they even have documentation specifically to make sure you can get iMessage up and going.
A few extra steps you have to take.
What do you think of this, Wes?
Is this one of the craziest things you've ever seen in a container?
Yeah, I love it.
I mean, come on.
It's great.
Plus, people run containers in virtual craziest things you've ever seen in a container? Yeah, I love it. I mean, come on. It's great.
Plus, people run containers in virtual machines, and you can run virtual machines in containers,
and you can do both.
And I just think the spirit of all of this, you just wouldn't think...
It feels like one of those things that would work in theory, but you just wouldn't end up doing for various practical limitations or reasons.
And to see it robustly developed is rad.
Well, and it actually means, like,
if you have something that is dependent on macOS,
it's kind of server-ish,
you can actually still run that and manage it on a Linux system
that is probably a more viable system to run 24-7.
Because the biggest problem I have with Blue Bubbles
is I have to run it on Mac hardware and macOS,
which is not really meant to run 24-7.
Not designed as, like, a server experience, a server experience or to operate as an appliance.
So Docker OS X has got to be one of the coolest, craziest things I've ever seen running in
a container.
And they've got a ton of good documentation.
You do need to have functional KVM on your system.
So that's going to limit your VPS choices.
That's a problem we ran into.
They're out there, but if you've got any good recommendations, let us know. But if you have a machine that supports KVM, which is most of them
now, you could get it running on there. And it doesn't download the ISOs. And I can't believe
Apple hasn't shut this down yet. It's nice to you because it feels like it's kind of like building
a Hackintosh. It's just like, you know, 2024 style. Yeah. I have to believe some of this stuff
remains and survives because low-key inside the Apple
data center, they're using these very tools.
They're running Linux on their M-series hardwares, and they're also using x86 Linux, and they're
using macOS and a VM.
You know they're doing it.
Because if they have software that runs on macOS, you're not going to run on actual Macs
in a data center.
You're not.
You're not going to do that.
Not at scale.
So I bet just projects like this secretly
get used by Apple staff. That's
my little conspiracy bacon for you, right? Some of them
are just too good to resist. Well, Brantley,
I hope we were able to provide you at least with
a few tips, but it sounds like there's a few outstanding
items, especially if anybody
has suggestions for that video stream setup
that Brent was suggesting, kind of an end-to-end
solution. I could totally see us putting something together like that um especially you have our buddy alex
help us out we could have a lot of fun with that so please boost in if you do have any suggestions
for how to kind of handle that if you have any ideas for episodes we should feature moments
we're really looking for moments we could feature not entire episodes but moments from an episode
or a segment or a chapter really that we
could feature that people really find something useful some value out of we don't want it just
to be a crappy best of if we do take a week off we want to be something that maybe takes us back
to a moment that's worth reliving so please do boost in and tell us about those as well and if
you want the real high signal you can always join us live sundays at noon Pacific, 3 p.m. Eastern. See you next week.
Same bad time, same bad station.
We got that live chat going where you can interact with us.
We got that mumble room where you can pop in and chat with us.
And, oh, it's an experience.
You can listen live over at JBLive.tv while you're doing something on your Sunday
and get the absolute freshest version.
The next best thing is the members bootleg because we publish that the moment we can
after the show wraps up.
So that's kind of your next best bet.
And then you get the RSS feed,
subscribe to that,
you'll get when choose done and it's ready
and Fireside's actually letting us release files.
And when all those things come out,
we publish an episode in the feed.
It's pretty nice.
Links to what we talked about today
are at linuxunplugged.com slash 575.
I had to throw some shade in there.
We appreciate you, really.
Thank you for listening,
and we'll see you right back here
next Sunday. Thank you. you