LINUX Unplugged - Episode 125: Slaving for Red Star OS | LUP 125
Episode Date: December 30, 2015A distribution of Linux built to survey and track speech, we go into the surveillance marvel that is Red Star OS. Solus hits 1.0 & we bring on some of the team to tell us all about it.Plus Mozilla has... a new… Distraction? We debate their merits of rumored new Firefox OS powered hardware.
Transcript
Discussion (0)
So before we start the show, can we talk about this really great project that the Pirate Bay co-founder has built?
He says, based on the Pirate Bay's own number, or based on the music industry's own numbers, he could be costing them $10 million a day.
The Pirate co-founder, Peter Sunday, I think that's how you say his name, has created a device that he believes is costing that music industry $10 million a day.
And it's a pretty sophisticated device. You see, what it does is it makes 100 copies of a song and then sends those songs to Dev
Null because the whole point of this device is just to underscore how ludicrous the RAAA's
model is to try to generate revenue off of copies of a digital item and also go after
people and sue them for copies of a digital item.
copies of a digital item and also go after people and sue them for copies of a digital item.
Eight million copies of the song have been made and the machine just constantly deletes
them.
It's, I think, built around a Raspberry Pi and it just downloads the tracks and immediately
deletes them because it's the downloading that the music industry says costs them the
dollars.
And if you base it on their figures for how much each track cost, that's a lot of money.
Yeah.
It's better than just deleting, though, because it actually copies them to dev null.
Yeah.
Yeah.
Yeah, that is great.
I love the name, too.
Copy Machine?
Good for them.
Delightfully foreign, but perfect.
What a nice, yeah.
It's built on using a Raspberry Pi, and it has an LCD display, and, you know, some quote-unquote
Python code.
Right.
LCD display, and, you know, some quote-unquote Python code.
This is Linux Unplugged, episode 125 for December 29th, 2015.
Welcome to Linux Unplugged, officially my last broadcast of 2015.
My name is Chris.
My name is Wes.
Hey there, Wes. Technically your last broadcast of 2015 as well.
I know. What fun. Yeah, it is actually kind of, it is, when you do as many shows as we do, it is like, whoa, wait a minute, this is the last one I'm doing for the year? That's a mind job.
the year that's that's a that's a mind job uh so coming up on today's episode of the unplugged program we're going to follow up on solo s 1.0's release and then the computer chaos club had a
conference and they went some presenters went deep into red star os you know north korea's
custom linux operating system the best operating system yeah in fact wes you were compelled to
install it in your own vm i sure was so we got some clips from the conference they had an hour
long presentation i've boiled it down to just a couple of minutes of some interesting things compelled to install it in your own VM. I sure was. So, we got some clips from the conference. They had an hour-long presentation.
I've boiled it down to just a couple of minutes
of some interesting things and interesting ways
the Red Star OS surveils
its users, locks them
down to just certain parts of the internet,
and watermarks all of the media
files that pass through the system
and has processes that
are unkillable by root.
It's a fascinating look into a way free software has been used to cripple free speech.
It's a little disturbing, but it's also technically fascinating.
It's fascinating.
We'll talk about that in today's episode on the Unplugged program,
and then later on in the show.
We're going to follow up on that Raspberry Pi kit, the canoe or the cano, whatever.
We still don't know what it's called, but it is an out-of-the-box,
turn your Raspberry Pi 2 into a full-fledged computer with a slick keyboard, nice case speakers,
a hookup, the whole thing. It's really cool. Plus, we have some interesting follow-up for scale
towards the end of the show if we have time left. But Wes, before all of that, there's a little story
we've followed here on the Unplugged program for the year, and that is the Linux Foundation's
core infrastructure project.
You've probably heard about that, right?
I sure have.
And there's different people that have stepped up
as of things like Heartbleed have come out
and things like that
to support important open source projects.
So our first bit of follow-up this week
is a little thick,
so we better bring in our mum-a-room.
We need them.
To get a full take on this.
Time-appropriate greetings, Virtual Lug.
Hello.
How are you doing?
Hello.
Hello.
Hello.
Apologies if 50% of the hosts this week are dying.
I apparently have like a sinus infection or something that's killing me.
So I'm going to hand this first story over to you guys and see what you think.
But did you hear this?
Facebook is apparently pulling out on their commitment of donating $50,000 to GNU PGP.
And they say they initially announced they would provide $50,000 per year.
They have since rescinded.
Since rescinded.
Wes, your initial reaction?
Well, that's unfortunate.
You know, I did see on Twitter that there are some people maybe associated with Facebook who are saying that it's a miscommunication.
So I don't know if it's clear yet.
But clearly, you know, the GNU PG folks are, you know, think they're not getting the money.
And it's kind of the best privacy, you know, kind of the best privacy guard open source that we have.
Gnu PG is my go-to one.
I'm wondering, VirtualLug, if anybody has any of the scuttlebutt on this
because it seems like a pretty D-bag move from Facebook.
But whenever something like this happens, you generally figure there's more to the story.
But if Gnu PG is willing to go publicly in their news updates to shame Facebook.
There must have been some kind of communication.
Yeah. So I'm thinking there must have been some kind of communication. Yeah.
So I'm thinking there must have been a back and forth before they made this post.
There's something interesting happening there.
But I just don't know.
And one of the things this made me kind of zoom out and think about a little bit is what
happens when critical infrastructure projects like this sort of get guaranteed funding from
somebody and then that somebody pulls out?
Is it the open source community to step up?
Because what does an open source project do when they've sort of committed to having that fund?
So maybe they hire a developer.
Yeah.
What do we do then?
Do we just cripple an important project?
Do we step up with some sort of funding?
What are your thoughts?
You know, it would be nice to kind of step up.
What are your thoughts?
You know, it would be nice to kind of step up.
GNU PG is one of those tough ones that it's used a lot, but it's kind of a niche product still, unfortunately.
Yeah, yeah.
I mean, it's going to take a certain technical user to even know what it is.
So crowdfunding could be hard.
Crowdfunding could be hard.
And that's why it was so nice to see.
I mean, you know, they're still getting the $60,000 a year from the Linux Foundation, which is great.
But Facebook's contribution would have nearly doubled that. Yeah, the other thing I don't quite understand is
I guess Stripe was also going to contribute.
But they were going to contribute along with Facebook
or something like that, so I'm not sure how this is affected
now either. But obviously
these companies make a ton of money off of
some of this technology.
Wimpy, do you have any reactions to this news
and overall funding of open source projects
in ways the community could step up?
Well, I've heard it's been a hard winter for Facebook
and, you know, money's tight and $50,000 is a lot of money
and they simply can't stretch to it anymore.
Right, yeah.
No, whilst you were just discussing that with Wes,
I was thinking, you know, we've obviously got the Linux Foundation
who are doing their sponsorship of critical infrastructure projects,
but the GPG funding wasn't through that, was it?
These were organizations that just chose to sponsor the project directly,
I think, rather than through the Linux Foundation.
Right, the Linux Foundation part of that.
Yeah, but perhaps what we need is some community organization,
body foundation that people can contribute to directly and then
they support other critical projects that are not encompassed by what the linux foundation is doing
because obviously a lot of what the linux foundation is focused on is to represent the interests of its members, not necessarily, you know, the open source
community at large.
That might diverge from the community's interests in some cases.
Yeah, exactly.
Yeah.
So maybe we need a more community focused grassroots type, you know, organization that
you can, yeah, that you can put your money into and they then you know fund these
projects that's a really interesting idea so uh how is how do you do something like that without
uh some sort of bias or corruption sneaking in eventually and you have to have a lot of people
to handle that money which is always a touchy yeah well you'd you'd need some tried and tested
um names behind this you know the immediate name i think of is, you know, Karen Sandler.
She's got good standing in the open source community.
She's got the legal chops to deal with this.
She's also horribly busy.
So, yeah, I think the conservancy itself is struggling to raise funds right now.
Yeah, exactly.
Exactly.
But, you know, you'd need you'd need people like that with a proven history, with a track record.
So here's where I'm taking this discussion.
This is our last episode of 2015, looking at 2016.
And part of me has – I'm a little worried about this particular problem.
I feel like the problem we've always worried about as Linux grows is
starting to happen to us today. And that is when there's enough new users coming in that don't give
a crap about the open source ideology, about software freedom. They don't give a crap about
spreading software around the world and making a general technology platform available to all
of humanity. What they care about is replacing their Mac or their Windows desktop more than
anything else. And so you get people who are coming in who do not value the open source
software. And I look at it, you know, there is a vocal, aggressive and
trolling isn't the right way to put it because it's worse than that, because it's actually
harmful. There is a subset of the last audience who's still attacking us on a daily basis
because we tried to switch Linux Action Show over to being produced fully under Linux.
And in doing so, we had to reduce the full video production scale.
And we still are being attacked daily because of that.
They don't care if it uses open source and Linux.
They just want to be able to see my hair in high definition. Well, we all want that. They don't care if it uses open source and Linux. They just want to be able to see my hair in high definition.
Well, we all want that.
I understand, but it is
interesting to see
more and more people come into this community.
Some of them are coming in because of Steam.
Some of them are coming in because Windows 10 is stealing
all of their privacy and backing up their
encryption keys. Some of them are coming in because
Macs are coming in with a single USB port.
Now, there's a lot of reasons why people are coming to Linux, and a Some of them are coming in because Macs are coming in with a single USB port. Now, there's a lot of reasons why people are coming
to Linux, and a lot of them
are not coming because of open source idealism
or free software.
And so I don't know if we can rely on these people.
So the Software Conservancy Project
isn't being funded. OpenSSL
wasn't properly being funded until the Linux Foundation
steps up. Our own shows are being
constantly pressured to be produced
under software that is not
Linux compatible, that is not free software
because there is a larger
group of people now who just don't give a shit
about those things. And so I look at GNU
PG, which is an absolutely critical project, and I
think maybe the problem is most of the users
couldn't give a crap.
Maybe we need some 1990s
Linux
approaches, you know, something akin to the box sets that you used to buy for 40, 50 quid, which had all the CDs, DVDs and manuals in it.
You know, with some really good documentation, I could see that working.
a percentage of that going back into community projects,
projects that are critical to those operating systems and the community at large.
And, you know, Red Hat are great ambassadors
for the open source community.
They employ a large number of developers
on different open source projects.
So for all of the money that, you know, Red Hat are making,
they are channeling a lot of resources back into open source projects.
But of course it's never going to be enough.
There's always going to be something like GNU PG out there that needs some funding.
And I don't mean to say that these new users that come over aren't potential users to sort of over time train them and sort of teach them through blog posts and mediums like podcasts
the values of open source and why it's important that that is free.
So that's a possibility that they are potential converts of the ideology.
We can teach them our philosophy.
But as they come in, they're sort of –
They're pragmatists at this point.
They just want to get their job.
Whatever they're trying to do.
Pragmatists or – Kitson, you think maybe it's a consumerism thing?
Yeah, I think so.
It's the same reason that people go to Abercrombie & Fitch to get a T-shirt or whatever rather than go to Goodwill.
Now, how do you relate that to desktop Linux?
I think that people see the idea of like a Macintosh or a Windows box as somehow crafted, especially for them, even though it's not.
It's that kind of thing.
I wonder in all of this if we also are suffering a little bit from our stark division between kernel and user space.
We have the Linux Foundation.
I feel like a lot of, you know, we talk a lot about the kernel. We talk a lot about the kernel community,
but less so about the wider GNU ecosystem and a lot of core utils.
We have celebrity projects.
Right.
Whereas there's a lot of stuff that isn't sexy that, you know,
lets us use our wonderful kernel that maybe doesn't get that much attention.
That's a good point. And so this sort of brings us to the next story
that's sort of trying to tackle this
specially crafted desktop.
Give it something nice.
New version of Solus 1.0 is out.
The big 1.0 is here.
We've been covering it
all year long on the show.
We just recently did our review
of the early version
and I'm pretty excited about it.
Ike just joined us.
Thanks for coming in the last minute.
I think he's here now, right?
Looks like it.
Good.
Ike, welcome to Unplugged, and nice timing, sir.
Thank you very much.
Yes.
So, come on.
Don't just sit there and be quiet.
Brag about the new release.
Tell us what's awesome, and tell me how the reception's been.
Well, to be honest with you, we didn't expect it to go the way it's gone.
And I don't mean that in a bad way.
I really don't.
So apart from the fact that my host is being completely derpy and I can't find out the stats myself, we've had something like 12,000 downloads already.
I would imagine.
I've seen coverage all over the place about the release.
I mean, I was really surprised, to be honest.
I mean, on the one hand, I shouldn't be surprised because, you know, that's kind kind of why you're doing it you kind of want to spam it everywhere and get everyone to use it
but um it actually worked though yeah like people can actually boot this well there's a tiny bug and
some people can but you know it's the end of the year we pretend that didn't happen right yeah
forget about it by next year yeah it's holidays uh so uh I see a lot of different people posting on G+, using it, a lot of people talking about what they like about it.
So anything major change since we reviewed it on the show?
Any adaptations or improvements?
Oh, yeah.
Basically everything.
Yeah.
As you do.
So we completely rewrote Budgie because, to be fair, the old one,
it's now technically two years old.
But the old version, I mean, it was full of bugs,
and we had workarounds there since, like, early GTK versions.
So we took all that out.
Budgie now has multiple panel support.
At the moment, you can have a top and a bottom panel,
but we'll add left and right later on.
We've got a new notification center, which is called Raven.
So your notifications get archived there.
At the moment, they're not interactive, but they will become that.
You can configure everything from there.
So the old derpy settings dialog is completely gone.
It's kind of your one-stop shop now to configure Budgie.
So it's kind of cool.
So how has the coverage been?
Release-wise, have the blog posts and stories that have been written up about it been pretty accurate on the coverage?
I'm sure a lot of people must be talking about Built from Scratch.
Hit and miss, what's that like?
So we won't mention Reddit.
I'm now the antichrist on Reddit, and I feel great about it.
It's funny how that happens.
It's an uplifting feeling, swear to God.
Better than being a nobody.
Yeah, I mean,
most of them have been
really, really good,
to be honest with you.
There are inaccuracies
in some places,
but to be fair,
I was lazy about updating the site.
You know,
we were supposed to release
on the 25th
and we managed it
the early hours of the 27th,
which is a lot better
than our last release date
being three months late.
So we did all right there.
Two days, you know, you can take that.
Some places, just clearly not doing the research,
which is going to happen.
So, you know, you take the coverage first over the accuracy.
That's kind of all you can do.
But, I mean, on the whole, people have been positive about it.
Some people, their focus focus on the wrong parts
like oh you're using a different package manager
it's like it doesn't matter
you still have software and a desktop
you can install them you can run them
yeah I mean if you've really
I felt like saying there is RPM and a repo
if you want to install it but I didn't go there for
I'm not going to subject anybody to that come on
no that's a bit mean well congratulations I'm not going to subject anybody to that. Come on.
No, that's a bit mean.
Well, congratulations.
And it's been fun to watch the project's arc.
And you kind of had hinted there might be a present from Santa.
It was a little late.
But nonetheless, it still landed in the rough timeline.
So I think that goes to you. I kind of had a bit too much beer, I think,
and was maybe a little bit late.
But we made it.
Hangover or not, we got there.
Very good.
Well, congratulations.
And so, when's the next version?
Come on now.
Come on now.
You know, one ship, one always ships.
Yeah.
So we will be putting out minor releases,
and the first minor release is going to be in January.
Okay, that's pretty soon.
Exciting.
Yeah.
Yeah.
Very cool, guys.
Well, congratulations.
I think we're all looking forward to seeing this
as a new member of the ecosystem here.
Well done, IK.
Well done.
Keep us posted.
Thank you very much.
It's always fun to see a new 1.0 born.
Exactly.
Yeah, and you guys have been doing a great job
spreading the word on G+,
and all that,
and the blog post
looks really good.
So, yeah, great stuff.
All right.
Well, then,
let's take a minute
and tell you something else
that's extremely great.
That's my friends
over at DigitalOcean.
Did you know about my friends
over at DigitalOcean?
D-O.
You should go check out D-O
because they got the droplets,
and you can use our promo code
D-O-U-N-P-L-U-G-E-D
to get a $10 credit.
D-O-U-N-P-L-U-G-E-D,
one word lowercase
over at DigitalOcean,
a simple cloud hosting provider dedicated to giving you the best Linux rig
all on SSDs using KVM.
That's what makes up a droplet because they take super great hardware,
tier one bandwidth, data centers all over the world,
and they let you do it all in less than 55 seconds.
The pricing plans, you get a whole server spun up in less than 55 seconds.
Pricing plans start at $5 a month, get you 512 megabytes of RAM.
Oh, a 20 gigabyte SSD, because they're all SSDs.
One CPU and a terabyte of transfer.
I'm not even playing, Wes.
A terabyte.
And, you know, we say that.
We say terabyte of transfer.
We say tier one bandwidth.
But it's really there.
Yeah, and it makes a big difference.
Over the holidays, I wanted to, you know, watch some stuff.
We weren't with some friends of mine.
We weren't in the same location. I wanted to watch some stuff. We weren't with some friends of mine. We weren't in the same location.
I wanted to watch a synchronized stream.
I spun up a DO droplet, installed Nginx, installed the RTMP module.
Nice, dude.
Sent an RTMP stream up there and bam.
Yeah, we actually do that pretty often when we're on location.
It's great.
It's amazing.
And I use it all the time.
Is it just a proxy?
I don't have a good link to somewhere.
Spin up a droplet, download it there.
Download it there.
Oh, yeah, absolutely. I use that all the time for the rover. All the time? Is it just a proxy? You know, I don't have a good link to somewhere. Spin up a droplet, download it there, download it there. Oh yeah, absolutely. I use that
all the time for the rover. All the time.
And when you use the promo code DOUNPLUG
you get the $10 credit. You can run that $5 rig
two months for free. Speaking of
NGINX, they have a recent tutorial
that was posted on the 17th.
How to secure NGINX with Let's Encrypt.
Ooh. Two of our favorites.
Yeah, exactly. So if you want to use Let's Encrypt
on Ubuntu 14.04, they've got a really great guide up at Digital.
They have tons of good guides, tons of stuff.
So they have one-click deployment of apps, like entire stacks of applications in some cases.
And then for the stuff where they don't just have a one button, they have really good tutorials because they pay people to write these, and then they have full-time editors to edit them.
It's really good stuff.
And it really takes – it's like, it takes the best
of the Arch Wiki
and brings it to
your service provider.
But it's even better
than the Arch Wiki.
And it shows how much
they care about the community.
You know,
like they're not just here
to make money.
They do, obviously,
and they should.
Yeah.
But they really give a lot back.
And they don't lock these down
to be DO specific either.
Right.
Which is pretty cool.
They're quickly becoming
some of the top hits on Google
for a lot of these questions.
It's impressive.
I think that's probably
their strategy.
And the way you do that
is by making really good content.
DigitalOcean.com.
Use the promo code DEOUNPLUGGED to go spin up a rig.
There's lots of cool stuff you can do with it.
And a big thank you to DigitalOcean for sponsoring the Unplugged program for all of 2015.
Thanks, guys.
And thanks, you guys out there listening, for using that promo code DEOUNPLPlugged because, well, that's what keeps them coming back.
Keep spinning up those droplets.
And that's how we're able to show up and buy beer for this show.
Let's be honest.
DigitalOcean.com.
Use the promo code D1Plugged.
Thanks, DigitalOcean.
Okay.
So have you heard of North Korea's operating system called Red Star OS before today?
Had you heard of it before today?
I had, but I never used it before today.
We talked about it a little bit a long
time ago. Yeah, you actually used it. What was
that process like? Actually, it was surprisingly
easy. Did you have to torrent it?
Or did they have direct downloads?
Actually, I found there was a direct download in one of the links
and actually it downloaded very quickly, faster than some
Linux distributions, actually. Nice.
It's just an ISO file. I loaded it up in a virtual machine
and it's kind of the
similar Ubuntu installer that they've copied over.
Yeah, okay.
But I was able to, even though it was entirely in Korean, I was able to click through it, get it installed, and boot it up.
It does have an English mode if you can find it in the installer.
So it's based on, I believe, Fedora.
But they've taken so much stuff from so many different operating systems.
It's really kind of remarkable.
It's a science experiment.
There's clearly a lot of engineering work that went into it.
They've built their own, quote unquote, virus scanner, which runs all the time.
But it's not actually even a virus scanner.
It's a pattern matching scanner.
So if you put documents on your system that have certain phrases in them, it immediately
deletes them instantly.
I got to try that.
There's a lot of really interesting things in this operating system.
And so two German researchers, Florian and Nicholas, I think is how you say his name, pulled apart the North Korean operating system, which closely resembles Mac OS X in far as its look.
Very much like an older version of Mac OS X when the brushed metal thing was really popular.
This was at the Chaos Communications Club in Hamburg.
They say, we found that the features implemented in Red Star OS were the
wet dream of a surveillance state dictator.
How about that?
So because it is a traditional Linux OS, I figured we probably, just as Linux users,
would be kind of curious of what's under the hood.
So I grabbed a few clips, and this first clip tells us what is just the core use.
What's at the core from a standard Linux desktop perspective of Red Star?
If you look into the operating system, it's basically a fully featured general desktop system, you might imagine.
It's based on KDE and Fedora, as I already said, and it tries to mimic the look and feel of Mac OS X.
You have an email client, a calendar, a word processor.
You've got QuickTime and all of that stuff.
You even have a disk encryption utility
that Will Scott has shown last year.
They implemented additional kernel modules
and they touched a lot of kernel modules.
Oh, hi.
The kernel modules is kind of an interesting thing in particular.
I might circle back to that in a moment.
They went through and dug through a lot of this stuff.
And what you have is you have a whole system that has a whole series of protected files that can't be touched.
And some of these protected files are back-end daemons.
Some of them are other strange things.
I sure did a PS real quick.
And there's a lot of stuff running on your default install.
Yeah, and some of that stuff you can't stop because of this protection system.
And there's some stuff that kind of makes sense, like some of these system files you can't change.
And there's other things that are protected, like a WAV file, that are really strange.
What's interesting is that when we were looking through all of this stuff, there are a bunch of files that have a certain protection,
and they seem to be pretty important for the system.
And then there is a WAV file,
an audio WAV file that actually is protected.
It's userlibwarning.wav.
I don't know if we can hear this.
I hope that your ears are not going to explode right now.
I'll just try it. Do you recognize it? I'll try it again. You hear that? Can you tell what it is?
Sounds like a pig. Yeah. Does anybody know what this is? Pardon me? A pig, exactly. And where is
it coming from? Does anybody know? Do you have any guess. And where is it coming from?
Does anybody know?
Do you have any guess where this pig noise is coming from?
I have no idea.
I don't think you'd ever guess it.
Anybody in the mumble room have a guess where the pig noise came from?
It's actually kind of funny.
I've watched the videos, so I'm cheating.
Oh, okay, okay, okay.
Well, don't say it. I'll play it, and then we'll say it.
That's stolen from Kaspersky Antivirus,
because in the older version of Kaspersky Antivirus,
if you find a virus, it actually will
play this sound and it's
exactly the WAV file from Kaspersky.
We verified this by doing checksums.
Okay? So
we have a copyright violation
right here.
I don't think anybody's going to stop that.
So yeah, it was a pig
from Kaspersky antivirus.
They have reached into every nook and cranny
of the ecosystem. This desktop even has a
QuickTime player. They call it QuickTime
player. And didn't you say it's like located in slash
applications? Yeah, it looks like an OSX package
but it's a Linux binary in there. Yeah.
Yeah. So back to the virtual
look. Somebody was going to say something about the pig
noise, I think. Yeah.
It sounded a lot
like a pig noise from Warcraft 2.
Oh, yeah.
That too.
Yeah.
I thought it was going to be like some slam against American pigs.
That's what I thought it was.
Maybe it is.
Unclean.
The warning comes up when you're doing something from the West.
So then there's two processes on a Red Star OS installation that are all about the quote
unquote integrity of the system.
They watch your system, and if you alter certain files,
there's a primary daemon, and then there's a backup daemon.
And they take dramatic action.
If you alter a specific file, they're supposed to prevent tampering,
and they called it SecurityD.
SecurityD is kind of interesting because SecurityD is also a process that is known to run on the Mac OS X.
And I think that I'm not a Mac user, and I think that Mac OS X with Security D is kind of keeping track of certificates and stuff like that.
So what they did is they re-implemented Security D for Linux, and they included various plug-ins.
And one interesting issue with Security D is that it comes with a library
that provides a function called ValidateOS.
And what this function does is it has a hard-coded list of files.
You can see like our WAV file right here.
You can see configuration files and autostart files for SCN PRC is the antivirus scanner.
So it checks if these files are untouched
and if these files have been tampered with, it initiates a reboot instantly. So if you touch one
of these files, your machine will reboot instantly. The same library is also used from KDM. So during
the startup process when KDM is starting, it is also doing an integrity check.
And if it finds that one of these files has been tampered with, it actually immediately issues a
reboot. And the problem is that if you start tampering with the system, you will end up in
reboot loops all of the time if you're doing your research. Because once KDM is saying reboot the
system, it's going to check it again if it's rebooted
and sees like it's still tempered with
and it's rebooting again and again and again
and then your system is basically dead.
Super annoying.
Wow.
Yeah, and so they kind of went through in the video,
they talk about what you would have to do
to de-weaponize this thing
and it's like this whole process of peeling an onion
and then one of the last things is you go clean up KDM
so it stops checking to see if files have been modified too.
And you could see like if you're distributing an operating system, integrity would be pretty important I suppose of that operating system.
I'm also just imagining a free software advocate going to a dictator in a country and telling them about all the great things you can do with free software and how you can customize it for exactly your use case, be that spying on your citizens or not.
Yeah.
you can customize it for exactly your use case,
be that spying on your citizens or not. Yeah.
So our next one really kind of fits in perfectly
with that whole spying on your citizens theme.
This is something we covered, I think, a year ago,
but now we have details on how it works,
and they go into further detail in the video,
which I have embedded in the show notes.
Media files that you put on Red Star OS get watermarked
with a ID that is generated based on hardware in your computer
so it is unique to each PC,
and then every PC that media file goes to
gets that PC's identifier appended to it.
So you could actually track it down back to the original PC
where the media file was created and each person it was shared with.
But the most interesting thing this service is doing is it watermarks files.
And now we are going to look deeper
into what this watermarking means.
So actually, as soon as this system will be started,
it reads your hard disk serial
and then scrambles it a little bit.
And as soon as you are plugging in, for example,
USB stick in your system,
then it will trigger a watermarking process
where it takes the serial, takes and hardcodes the desk key from the
binary itself, and then encrypts it and puts it into your file.
When you're converting this hex key into a
decimal representation, then you see that it's actually two dates.
We actually cannot confirm what those dates mean, but
one of those matches Madonna's birthday.
Madonna's birthday?
There are rumors that some people in North Korea
might really like Madonna,
but this is just speculation.
But if you have a better conspiracy theory,
then just let us know,
because we found some pretty interesting stuff,
but we actually cannot confirm this.
So technically, the watermarks,
they have an ASCII EOF appended,
which is most likely used by the code itself
to parse the files
and see if there's already a watermark in there.
And for JPEG and RV files, for example,
it just appends this watermark to the end of the file.
And when you have a DOCX, for example,
then it appends it near the header
where a bunch of null bytes, and then it just puts it in there so it's aware of the type of media
file it's altering see what i mean this is a lot of work to make it really is it really is
um so the watermarking itself is like as soon as you open a document file with the office
then it will be watermarked um And actually they have code which watermarks files
even if you don't open those files,
but as soon as we saw this, it's like pretty buggy.
It doesn't work every time,
but they have code for this implemented.
And mostly it works, but sometimes it just fails.
The supported types that we can confirm are docx files,
image files like jpeg and png and rvvideo files.
But the code indicates that there are several more file types
available for watermarking,
but we most likely didn't look into this.
But the most interesting thing here
is that only media files are affected.
So they don't watermark any binaries or something like that.
They're reducing their surface to files which could
be used to carry information, which could be used
to put information
for your free speech purposes. And actually what we think is that
this is not a security feature,
so they're actually trying to watermark free speech in general.
So that every time you might have a document file,
an image or a video file,
then they want to know who had this file
and they watermark it so they can track the origin of the file.
And they show a visualization of a program they were able to put it into and generate
essentially a
social connections graph of all of the
computers that this
had visited. And they say it's entirely possible
that these files would have visited. They say it's entirely possible
that Red Star OS
could send that ID
back to some central server
so they would know which
machine ID is tied to which IP.
They wouldn't even have to come hunt down the machine.
They'd just know what house it's at.
And they use an internal IP scheme.
10.1.something.
At least they're using a private subnet. That's nice.
The whole country. That's crazy.
The whole country is behind a NAT.
And the web browser is a Firefox
fork.
And it's like a Firefox 3.0 fork, the one they looked at.
They have a newer version out now, but the researchers didn't get a chance to look at it.
The only SSL root servers it has support for are North Korean ones,
and it's just set to use all North Korean URLs.
You know, I couldn't even get it quite to get a DHCP-provided address on my network,
so maybe I'll have to change that and see if it's in 10-8 that maybe it'll work.
Isn't that interesting that it seems like the DHCP client didn't even fire up when you tried it?
Yeah.
And then they don't let you have root, so.
You know, here's the reality is you are giving the distro maker root access
when you set up a Linux box.
And anything they do, so like this thing, you know,
it automatically detects when thumb drives are connected, immediately mounts them, immediately scans all of the files.
I mean, it is very aggressive.
A couple of things, though, that I thought were interesting that you might jump out at you as something you might not expect.
IP tables is installed, turned on, and configured by default to protect the machine.
Wow.
There was a couple other things that I thought was kind of interesting.
Snort, the intrusion detection system, installed by default,
configured with some really reasonable defaults,
not actually turned on, but just ready to be flipped on,
and you have an IDS on your rig.
They also included a well-known open source desktop encryption app.
I'm blanking on the name. It's a GTK app, I believe. It starts with a B. They also included a well-known open source desktop encryption app.
I'm blanking on the name.
It's a GTK app.
I believe it starts with a B.
I'm messing up with Becerra right now.
It is legitimately an encryption tool that allows users to encrypt their files on Red Star OS, and they can't even find a back – they don't see any indication there's a back door.
It's a really useful actual application. Yeah, their summarization
was even the North Korean government
realizes that forcing backdoors
into software is futile and just going to make you
vulnerable. So they don't even, even North Korea
doesn't bother trying to inject backdoors
which I thought was a little slam at
North Korea. It sounds like maybe, you know
I'm sure they're using it for their regular
citizens but these kind of things make it sound like, you know, they're probably also gearing it for their military use, state use.
Definitely.
In fact, they said there's very, very few web-facing North Korean web servers that are publicly web-facing.
But one that they did find publicly facing was running Red Star OS.
Wow.
Yeah.
So I guess the most recent version hasn't been publicly posted.
So there is one version newer that's in North Korea that's based on newer stuff.
Like it's not based on the 2.6 kernel or something like that.
So, Chris, any chance that Noah and Chris review Red Star OS?
That would be funny.
That would be – oh, boy.
What an idea, actually.
That would be a good April Fool's episode.
It sure would.
Save that one in the bank.
That's not bad.
I like that.
So, Ike,
I didn't happen to be implying that
maybe you're not the trustworthy sort,
but it's true, right? You distro makers, you really
have rude access to my box.
Yep.
Yeah.
And I don't know.
There's a lot of people out there that may not really think about
that when they're trying these one-off distributions.
Why should I trust a guy like you?
Like, yeah, what's going on?
Is it just because Josh hangs out with you?
I like Josh.
No, I mean, mostly I've got a really awesome hat and I do look pretty good in jeans.
So, I mean, those stand for my character more than anything.
I agree.
Your logic has convinced me.
Your logic has convinced me.
The truth is no matter what operating system you're using, if you're downloading from a repository and you're not the maintainer, then you're inherently trusting someone with root access typically.
Yeah.
And some of the tools they used to see if their operating system was spying on them, for example, was they would just really – like one of the first things that tipped them off.
It's really simple and straightforward. They put a thumb drive with a text document in a Red Star OS machine and never opened it.
And when they ejected it and put it back in another machine, the file size was slightly larger.
And they're like, well, we never even opened the file.
And so then they realized after analyzing it that it was – so there's just some basic tools they're using to determine if the system is spying on them. So the nice thing is while they were capable of using free software to do this,
to surveil their public and to sort of monitor speech,
also free tools were used to discover it and reveal it.
So that's sort of the positive side of it too.
It really is.
Any other thoughts?
Oh, yeah, Aiki, go ahead.
So on the serious side of it, there's a few things that we can do.
Now, in terms of delivery from us to the users, I mean, I know the problem is that we could be evil ourselves.
But from us to the users, every single package has a hash in the index, and we only use SSL on the repo.
So, I mean, that's one part.
They know it'll only be us who compromises.
But on the other side of it, we are open source and all of our infrastructure is completely transparent.
We've got build instructions out there.
So anyone can take a package from the Solus repo.
They can build it exactly the same way that we do it.
And they can see every individual comment that went into making an update that they got.
So that would be one thing that would kind of mitigate the concerns for people.
They can actually see what we're doing in real time.
Yeah, Red Star is being developed behind closed doors. Right. That's a
pretty big difference, isn't it?
Yeah, good point. All right. Anyone else in the
Moma room have any closing thoughts?
Yes, I do on this.
Yeah.
So not only do the distro makers
have root access, really anybody
that makes a RPM or
a deb package, because those things have
scripts inside them too.
Yeah, they do.
Yes, they do.
Yeah.
That's one of the reasons why you have folks
that are trying to work on installing applications
inside sandboxes.
Right.
That's part of the reason sandboxing brings some security,
not just when the application is running
in case the application has a vulnerability,
but installation time as well.
It's probably something that will come up in 2016.
I think it will.
Speaking of things that might happen in 2016,
I bet that's one we'll actually see somebody working a lot more on.
All right, well, I want to follow up on the canoe,
and I also want to talk about scale, because scale's getting crazy.
I can't believe it.
So before we do that, I'm going to mention Linux Academy.
Talk about something else you could do in 2016.
Bring your skill level up a little bit. Linux Academy is the place to go. Linuxacademy.com
slash unplugged. They've been sponsors of the Unplugged program now for a while. All of a sudden,
they're also now on those jerks over at Linux Action Show. I don't know who those guys are.
But Linux Academy is a platform created by Linux and open source enthusiasts. In fact,
I think it's a pretty brilliant idea because I've definitely noticed over the years
that you can suss out somebody who's not really a genuine open source enthusiast or Linux
user, somebody who's more of like getting into it to make money off of it.
You definitely notice this when you go to the cons.
You really see like there's companies out there that make money off the open source
ecosystem.
And then there's companies out there that are part of the open source ecosystem. They work in there. They follow it. It's their
day-to-day stuff. They live and breathe it. They advocate it. Those are the kind of people that
make really great content for other people like that. And that's where Linux Academy stands.
They are crazy passionate about Linux and open source. And they wanted to do something to spread
the word about Linux and to do something in the content space. And they just happened to figure
out a pretty good revenue model.
Not like I have.
I think they did a better job than I did.
They might be smarter than you.
They might be.
They might be.
You can get smart, too, by going to linuxacademy.com slash unplug.
Scenario-based labs, almost 2,000 comprehensive study guides with videos, instructor help
on demand, seven-plus distros you choose from.
It automatically adjusts the courseware and the virtual servers.
Did I mention that instructor help?
Because that's actually a huge deal.
So it's not just like, okay,
go punch some buttons
and then good luck with everything. It's like,
here's some genuinely good content by people who
really care. Oh, and if you get stuck,
instructor help is available. That's what makes
the difference for me. Huge. You know, because I feel like there's a lot
of us and we kind of feel like, well, we're smart. We know
computers. I should be able to read the man pages and figure
it out. But sometimes you want
to learn stuff and you want to learn it quick and you want to learn it
well and they have real experts to help you.
And that is really a competitive advantage
that a lot of online learning services
cannot compete with.
And I think what's genuinely great about that is
the specific type
of subject material is even more challenging
for most of these places to deal with. And this is
their bread and butter. And it's the entire technology stack
around Linux and open source, including
AWS, all of the Red Hat
certifications if you want to get out and work in that space,
OpenStack, Ubuntu, your basic Linux
stuff, your advanced Linux stuff, all of it.
LinuxAcademy.com slash unplugged.
They've been improving it all throughout 2015
and they continue to improve.
Check them out and support the show by going to LinuxAcademy.com
slash unplugged. Thanks, Linux Academy, for the year of support. and they continue to improve. Check them out and support the show by going to linuxacademy.com.
Thanks, Linux Academy, for the year of support.
Man, you guys rock it.
You rock it.
All right, so I want to just take a moment before we get into all the other stuff.
We'll do the canoe follow-up here in a second too,
but another little bit of follow-up from a discussion we had a couple of weeks ago. You see this rumor that Mozilla is working on a tablet, a stick, and a keyboard.
Oh, and also a router.
Oh, boy.
Yeah, Firefox OS is far from dead.
It's not dead yet at all.
They have a tablet that's going to be just a web browser.
It's total focus on simplicity called the Firefox Pad.
It's like just a web browser tablet.
Then they're going to have like a Chromecast thing.
And they're going to have a Firefox OS router.
And a keyboard, which I believe may have a Raspberry Pi in it.
So it's like a keyboard with a built-in Raspberry Pi running Firefox OS.
So you could just plug that keyboard into a screen or whatever and there you go.
This is coming from FirefoxCentral.com.
They say this is an exclusive.
So an Apple TV Chromecast competitor, a router, a keyboard with a built-in Raspberry Pi, a
tablet that does nothing but run a web browser, no App Store, no telephony, automatic updates.
What do you think? Is this a scary, wandering Mozilla?
Or is this maybe the thing to double down on?
Well, I think it's already a scary, wandering Mozilla.
But I have mixed views.
I feel like some of these are better than others.
I don't know about the tablet.
I think the tablet space is already kind of difficult and hard to compete in.
And people have a lot of tablets.
What if they get it like around $99?
Here's your web browser tablet.
That might be great too for kids or people who don't do a lot
but they just want to check Facebook or whatever.
It's just a flash mode.
The Chromecast competitor and the router,
I'm definitely interested in.
The router is kind of interesting, isn't it, actually?
And you know what?
The Chromecast thing is what I would totally be down for.
Because I love the Chromecast model
but it's so hard to shoehorn your own media in there.
And it's such a closed ecosystem.
Firefox would present a much more open playground.
I would buy one.
If they shipped a Firefox stick.
Yep, I would buy two.
Yeah.
I mean, they could charge me probably $60, $80 maybe, $99 maybe.
I'd say $50, but you're a big spender, Chris.
Noelle, I'm thinking i would i
wouldn't support mizula yeah exactly like i bought a backpack from them and a shirt before because i
wanted to support them so i could kind of i could kind of see maybe spend a little extra support the
project if they would let me but yeah 50 bucks would be great 25 bucks would be nailing it yes
it would yeah uh all right north r, what are your thoughts on this?
Well, you know, I really appreciate Mozilla for their efforts to keep the web open.
But it's kind of a funny point in their history where they didn't succeed in getting embedded with other software projects that needed a browser. And, you know, they kind of defaulted or ceded that market to WebKit.
So are they trying to, you know, kind of do one up on WebKit and say, well, we're not just going to give you the browser engine to build your products around.
We're going to give you a whole OS to build your project around.
I think it's more of a direct to consumer thing.
I think it's more of, well, we tried working with LG and all these other folks.
Now we're going to just make a few devices and ship them.
I think it feels – I don't know.
So they say it also does include Panasonic TV.
So that's not totally true actually.
But yeah, I wonder if that's true.
I don't think it is that.
I don't think this is – I think this is a new approach.
I think that brings up the larger question too of how they tie it into the rest of the Firefox experience or ecosystem or – if they do have a success with this, how do they ensure that that helps the rest of their brand?
I'll tell you.
If they had a really good handoff between the Firefox web browser on the desktop or your mobile and the Firefox web browser tablet – so if this thing is $99, let's say.
And let's say it's got like a 10-inch or larger widescreen display,
and it's got maybe an all-day battery,
and this thing is a touch of a button,
and your web browser's ready to go,
and everything you were just looking at on your desktop
is now available on your tablet or vice versa.
You can go from tablet to desktop.
If they nailed that using Firefox or Mozilla Sync, whatever,
and this thing's running Firefox OS.
I think there's some people in this audience right now that go, well, you know what?
I don't need the iPad.
I don't need the Android tablets that constantly disappoint me because number one thing I do on that Android tablet, I run Chrome.
And so I'm not speaking for me.
I'm just saying this sounds like somebody that – this sounds like a likely scenario.
And if the number one thing you're using your browser for, your tablet for right now is Chrome or Safari, well, maybe this works really well for you, especially if you're already a Firefox user.
They've got to do something because I keep seeing stories about how Firefox's browser share has been shrinking for years now.
And I don't want to live in a world without Mozilla.
I don't think I'm ready for that.
Yeah, yeah, exactly.
Anybody else?
WWE, do you have any thoughts?
Anybody else have thoughts before we wrap up?
Yeah, exactly.
Anybody else?
WWE, do you have any thoughts?
Anybody else have thoughts before we wrap up?
I'm thinking that maybe they learned something crucial from the Firefox OS phone, and maybe they figured out, okay, maybe we should go desktop and get more users,
but make it so it could be mobile so people could take it with them somewhere else
and use someone else's keyboard and mouse or whatever.
Maybe they're trying something different that will work out for them in the long run, I hope.
Well, this is what I find interesting.
Maybe out of all of this is the Firefox Pi.
And if you would have talked to me a couple of weeks ago, I would have found this to be maybe the least interesting.
But now since we've talked to Wimpy and he says the version of Ubuntu Mate for Raspberry Pi is super popular, we got this canoe in that it makes the Raspberry Pi like a ready-to-go computer kit that really just means you plug a few things together like building Legos and you have a full computer.
I look at this Firefox Pi and the bullet points are the target market is education and emerging markets.
Education is brilliant for creation, not just consumption of the web.
Keyboard computer form factor with built-in keyboard and track markets. Education is brilliant. For creation, not just consumption of the web, keyboard computer form factor with built-in
keyboard and trackpad can plug into spare TV or monitor, e.g. millions of obsolete analog
TVs in India.
Mozilla WebMaker built-in harnesses the maker movement, which is a funny bullet point, and
partnership with Raspberry Foundation and or the canoe?
Question mark.
Question mark.
So let's shift over and talk about that first.
Oh, I don't have my webcam working.
That's too bad.
I don't have – oh, hello.
Hello.
So anyways, right here in studio we have the canoe, which we talked about on the episode
right before the holidays of Linux Unplugged.
It is a very cool piece of kit that makes the Raspberry Pi a ready-to-go computer.
And listener FilesCopy sent this in because he thought this might pique my interest.
And FilesCopy, how did you hear about the canoe and what made you decide to send it in?
The main way I found it, I had a friend that was trying to get someone interested in learning about computers.
And all the toys that she was looking at, I was like, they're just toys.
I wanted to find like a real Linux kit.
I knew something had to exist.
And so you started your search, and you came across this.
And it's an actual ready-shipping-to-go product.
And so you sent it into the studio.
You sent us a heads-up.
But I got the box the day we went on air.
And the email, I didn't read until the day after we went on air.
So I didn't know who had sent it in.
So it was great.
We tracked them down.
We got files copied here.
I played with it a little bit.
And my impressions were, so it was great. We tracked them down. We got files copied here. I played with it a little bit and my impressions
were this is really slick.
It's still more work, though, than the Firefox
Pi, but what it made me realize
is this is ready for
my kids. The Raspberry Pi,
once you get this, they could assemble this.
My six-year-old, I think, could put this together
and he would have a Linux Raspberry
Pi.
The idea of the Firefox Pi is maybe the solution for Chromebooks in education.
Possibly.
You get something that's ready to go, 20, 30 bucks with a keyboard and everything.
That could be pretty portable.
Yeah, we'll see.
I mean there's still a lot of other factors like marketing and deals and all that kind of stuff that makes it look like that.
But I don't know if I like the idea of the Mozilla Foundation being the people behind it,
but I still want to see where it goes.
And I wonder how much Mozilla can manage a transformation because I just think about the days before Chrome existed.
I remember being a little surprised.
Oh, Google is making WebBars.
I mean it made sense given their agenda, but they making WebRouter. I mean, it made sense, given their agenda.
But they've managed to kind of transform themselves from what they were into owning Android and Chrome and so much.
And I wonder if there's any chance Mozilla can – maybe there's a future where we –
Mozilla makes a great router and I trust them with my internet infrastructure.
That would be really great.
And you want a cheap computer that doesn't have like an advertising monster behind it.
It's a first-class web client.
And it comes with web creation software.
Mumbler, any closing thoughts?
Go on.
I do.
Yeah, go ahead.
I think they're spreading themselves too thin.
That's my concern too.
You think that's a valid concern?
Yeah.
You think that's a valid concern?
Yeah.
It's just like the most recent upgrade to the Mozilla browser for whatever reason.
Just decided to not work with Google.
Is that their fault, though, or is that Google's fault?
I don't know. I know that like I'll be on Google plus or YouTube or whatever, and either the page won't load or the page will just stop loading. And then I'll close the browser,
open it back up. Sometimes it works. Sometimes it doesn't. Don't know what's going on there.
Yeah. I, uh, yeah, I mean, I, I hope, so here's my, I'm, I'm very conflicted and I hope people
aren't getting tired of this because I'm actually, my stance on this is starting to change as we do these episodes.
I initially would have taken the hard line.
They need to focus on the browser and focus on Thunderbird even.
But now when you look at the undeniable trend, I think it's – Wes, I don't know if you remember the number.
I think definitely 2011 but I think maybe even possibly since 2009, Firefox browser market share has been
on a decline.
And that's the reality of the market.
And the thing is, is what's pushing that too is also mobile to a degree which they have
very little foothold in.
Right.
And so they are just literally now dealing with a new market reality and they have to
make some adjustments at some point to stay a viable company.
Not that they're about to die and go away, but you need to get ahead of the puck.
You've got to have the momentum to keep going.
Exactly.
And you've got to start early in some of these new emerging marketplaces.
And Internet of Things, done right, there is demand for that.
Because right now these things like these Internet of Things devices are just a mess.
And they're a hot mess at that.
So if you could have a trusted name that has a trusted brand come in
and offer some devices there, they could have a foothold.
And I wonder if they can play up the foundation aspect.
I'm sure there are competitors to Google that
worry about having too much
investment in this other company.
Mozilla might be a more neutral party where you can be like,
well, we use their stuff because
they don't have an agenda against us.
Or even if they just shipped a couple of these things
and they were good. Right.
Let's just say they shipped the stick and the Raspberry Pi because that Firefox Pi just – the Raspberry Pi is just complicated.
It's like you could make that today.
Yeah.
And the Raspberry Pi is being built for you.
But if they could ship those and they were really well received, then maybe your Panasonics and your LGs would be willing to sort of have a more serious conversation about shipping a good product.
A proven record.
Yeah.
But we'll see.
We'll see where it goes with that.
All right.
So I got a little more to cover.
Some big stuff coming up in just, well, January, which is just around the corner.
It's literally around the corner.
It sure is.
Holy smokes, Wes.
Holy smokes.
What are you doing in January?
Got anything big coming up in January, Wes?
No, I don't.
But I think that means that I have some exciting projects I need to finish.
Well, well, we got some exciting stuff coming up in January.
So you will be probably involved in some way or another with some of these shenanigans.
I hope so.
Yeah, yeah.
And I'll tell you about that.
But first, I'm going to tell you about our friends over at Ting.
You know, I was talking to Kyra over the holidays, as I do.
Well, you guys are besties.
Yeah.
Well, she's an Overcast fan.
So I called her and I said, Kyra, I noticed you had some podcasts in your Overcast subscription,
but I didn't see Linux Action Show.
I didn't see Linux Unplugged, so I had to talk to her about that.
You know, I squared her away.
Just a little, you know, slap on the wrist.
Don't worry.
Don't worry.
It's not a big deal.
But you know what?
Kyra works over at Ting, and I love Ting.
Let me tell you about Ting.
Ting is mobile that makes sense.
It's a flat rate.
It's really simple. $6 for the phone every month. That's all you pay. And then it's just your usage
on top of that. So if you don't use Align, then you don't pay anything. And if you use a little
more data one month or a couple of months, then the other 10 or 11 months of the year,
you'll use less and you pay way less. So it sort of adapts to your actual usage.
So for me, that usually means in April, have a spike and around the holidays I sometimes have a
spike. But for the majority of the year, my cell bill for three lines is around 40 bucks.
That's amazing.
That's hard to beat.
That is really hard to beat. And the thing I love about Ting is they have two networks
to choose from. So you can just be like a little savvy. They got the GSM and CDMA networks.
So if you have a phone that's compatible with one of those networks, you can get a $25 service credit by going to Linux.ting.com.
You also support the show.
And if you don't have a Ting device yet, you can get $25 off a device by going to Linux.ting.com.
Unlock devices, great devices.
I love that they now have the brand new Nexus 6P and the Nexus 6, the first Nexus 6.
Right.
Because check this out.
Now it's $350.
Boy, that is like half off.
Yeah.
On Ting, unlocked, direct updates from Google, Android M.
Pay for what you use.
Right?
And then they also, if you want like a great value Android phone, the LG Volt 2, Lollipop 5.1,
Lollipop 5.1,
Triband LTE,
5-inch display,
$183, no contract,
unlocked, pay for what you use.
That's crazy.
Linux.ting.com, Linux.ting.com,
go check them out. Also, they have an early termination relief program. If you got stuck in one of those
duopoly contracts, you can find out more about that
on their website. Just get started by going to
linux.ting.com. And a big thank you to Ting
for sponsoring the unplugged program.
Thank you, Ting.
Thank you, Ting.
Thank you very much.
Okay, Wes.
So it was like last week or two I got talked into trying to go to scale this year.
You just couldn't resist.
Frickin' scale 14, January 21st through the 24th in Pasadena Convention Center.
And Mr. P4, P3R in the Linux Action Action Show subreddit, started a semi-official Scale 14 thread.
And if you're going, I invite you to check out this thread and give us the details.
So is it official now?
Does that make it official?
Well, we're working on it.
So, you know, budget-wise, it's extremely tight because in April, LinuxFest Northwest is a big deal for us.
And that's where we spend pretty much all the money we make in a year.
That's a first class production.
Yeah.
So this being in January is super tight.
But we're – and – oh, oh, oh, oh.
And to make matters worse, right during Noah's wife's birthday.
Yeah.
Yeah, yeah, yeah.
But we really – it seems like it's becoming a pretty big event.
And so we're going to try to make it down there one way or another.
I don't know yet.
Still trying to work out the details on how I'm going to do that.
But I'm trying to get a sense of how big the audience is going to be presence-wise down there.
And so that thread's there.
And we might move that into a meetup thread sometime if we get a lot of interest.
So I'll have it linked in the show notes.
I should probably put it in the chat room too.
Wes, do you mind dropping that in the chat room when you get a chance?
I would be happy to.
Thank you, sir.
Anybody in the mobile room when you get a chance? I would be happy to. Thank you, sir. Anybody in the mobile room going to scale?
Nobody?
I know Popey's going to go, but he's not here today.
I'm wondering.
I'm curious to see because we don't – for a bit, we were considering not going just because of the cost because we go to so many other shows.
But I think it's a big enough event with Ubicon happening a little bit beforehand.
So we have the official scale thread started.
It's over there.
You go check that out.
Go show your support.
See if you'll be there.
Sure.
Make it a good event.
Sure.
So a couple of other things that I want to talk about.
Just sort of,
now it's just towards the end of the show.
I got the fire going.
It's just you.
So warm and cozy.
You, the Mamba Room, a couple hundred of our closest friends listening now.
I'm sure most people downloading probably are going to tune out here in a couple of minutes.
So I'm just going to have a little chit-chat with you guys, a little fireside chat.
So we're going to make some changes on the Linux Action Show coming up pretty soon.
Whoa.
Yeah.
And we're going to tell you about it on Sunday's Linux Action Show.
We're doing Linux Action Show on Sunday this week because of New Year's.
So that will be on January 3rd.
And I invite you to tune in.
I'm excited already.
We can talk about that kind of stuff,
get your feedback live in the chat room.
And we're going to make that pretty integral
with the show experience.
So I'd love to have you there live, if you can,
on January 3rd.
We're going to do it at 10 a.m. Pacific time.
You can go to jupiterbroadcasting.com slash calendar.
But I'll just give you a hint.
Just give you a hint.
You're going to be seeing a lot more of us.
That's all I'm going to say.
I'm just going to say that.
Oh.
No, no, I don't need you to take that for what it is.
Mystery.
Yeah, yeah.
So there you go.
Wes, I hope you have a good New Year's.
Oh, I sure will.
Yeah?
You got any big plans?
I'm thinking about seeing some friends in Portland.
Really? Yeah. That's a good drive. A little New Year's road trip. Yeah? You got any big plans? I'm thinking about seeing some friends in Portland. Really?
Yeah.
That's a good – that would be a good drive.
A New Year's road trip.
Yeah.
Yeah.
It's like a fun time.
So I'm thinking – going back to scale real quick.
I'm thinking while I'm at scale – so here's the thing.
It goes from the 21st to the 24th, right, in January.
Okay.
And UBACON is like on the 20th or something like that.
I'll probably be – I would love to take the rover down. I just don't know how it works
out timing wise because I got so much going on in the month of
January. I got family stuff, I got
my daughter's birthday, I got my birthday,
I also got some business stuff going on.
Oh, it's your birthday. That's good to know.
And then scales right in the middle of all of it. So it's just really
crazy. But if I go down there, I would probably
be doing Linux Unplugged from the road.
So it would be one of those where you can be in studio.
I like those. Those are fun.
Those are fun.
Those are fun.
And then Kernel Linux will probably be making it out there mid-week.
And we'll probably record a Linux action show from there too.
Maybe, maybe not, depending on the timing.
Now looking at the calendar, we actually might not.
So, yeah. We're not going to do a booth.
Okay. So you'll be free-floating.
Yeah. Oh, man. That's my favorite.
I don't know.
We might not ever do a booth again except for at LinuxFest Northwest.
Yeah.
Well, you're a staple there.
I mean, you have to.
Well, and it's fun to do the two-day broadcast. I suppose that would be sort of the line is if we're going to do a multi-day broadcast,
then you kind of have to have a booth.
But if you're going there to get clips and do interviews, it's so much better to be walking around.
You get the real experience of what
someone else at the conference would be. Yeah.
Alright, so anyways, join
that. We'll have that thread over there, and I
hope you guys, if you're going to make it, can
leave a comment in there, and I also hope
you have a great holiday. Happy New
Year's to everybody in the bubble room.
As we wrap up here, does anybody have
one big prediction for Linux
in 2016?
Anybody have one they want to – if you do, ping me in the IRC with the mum prefix.
Do you have any big predictions for 2016, Wes?
Do you have anything you've been kicking around?
Big predictions.
Yeah.
I know.
It's hard when you actually go to – when you actually go to like just do it on the spot.
It's one of those like – like when they come to it while I'm driving it around,
and I'm like, oh, that's totally going to happen.
And then I write it down.
I think Ubuntu 16.04 is going to be a powerful release.
I think that's going to be one of the releases
that shapes the Linux ecosystem for the next, you know,
three or four years.
It looks like Wimpy and the gang did theirs
in Ubuntu Podcast Season 8, Episode 42.
We did.
Have a listen.
I will. I will. I'll did. Have a listen. I will.
I will.
I'll have to have a listen.
And then Ham Radio,
you have a big prediction for 2016.
He says you're in the Linux desktop.
I thought he was in the mobile room.
But yeah.
Oh, well, look at Ike dropping some...
Look at that.
Wow, look at that.
He's trying to get...
Ike, you have a challenge with Mark Shuttleworth? Now we've completely gone let's hear it let's hear it this will this would
be a good ending note you saw it on g plus right no i don't think i don't think i did see it drop
us a link though yeah yeah yeah did you do a throwdown publicly with because i'm sure he'll
respond because you know well i mean it was more in humor but um the way it started out is somebody
was saying about 32-bit UEFI and all that crap.
I was like, okay, I'll try and get it working.
So I went down to the shop and got a tablet, and it had Windows 10 on it.
No, it didn't. It had Windows 8.
Jesus, it's bad.
I don't know how you're supposed to do it.
You'd need a seal to coordinate your actions for you to use the screen.
So I had to think about it, and I thought within five minutes, well, GNOME can already do half the things you need to do on a tablet.
So after I'd bitched about it publicly, I put a comment there underneath,
and I said, well, during 2016, we'll get to the end of 2016
and see who's got a better tablet-based operating system,
Solus or Ubuntu.
And I didn't get a reply.
So, I mean, it was friendly, but, yeah, the challenge is still there.
All right. So maybe
we'll see a tablet
out of there. If you guys have any other
predictions, if you think about it, we could cover them in the post
show, but otherwise, that's one of the things we will
be doing on Sunday's Linux Action Show. Wow, look at me
bring it all back. On Sunday's Linux Action
Show, we're going to do our 2016 predictions, an annual
tradition, an annual tradition,
which means at some point we have to own do our 2016 predictions, an annual tradition, an annual tradition, which means at some point
we have to own up to past predictions, which
I guess would probably be with Matt. I can't remember.
It must be. Which I haven't
contacted him about, so I'm not sure.
So we might just have to start fresh, because I can't
really hold Matt
accountable if he's not there to
attest. But I
wonder how I did. I'll have to go back, because that's
always the hard thing, is go back and see how I did. And you know what always really stings, is when I go back and look at the predictions that didn't come true, but I wonder how I did. I'll have to go back, because that's always the hard thing, is go back and see how I did.
And you know what always really stings,
is when I go back and look at the predictions that didn't come true,
but totally should have.
Then you just get sad.
Yeah, like, why did that happen?
Why did that happen?
All right, well, that brings us to the end
of this week's episode of Linux Unplugged.
Thank you very much for tuning in.
I hope you will have a fantastic New Year's.
Hope you had a great holiday.
Make sure to join us for all the Linux excitement in 2016.
No kidding. Kick it off.
JupyterBroadcasting.com slash calendar to get it converted
to your local time zone over at jblive.tv.
Don't forget we've got that mumble room
which you are
welcome to hang out in our virtual lug.
Linux Action Show at reddit.com is where you go to submit
topics or feedback for episode 125.
You can also go to jupyterbroadcasting.com
slash contact and choose unplugged from the drop down. And yes, I know I sound like I'm sick. So don't have to write that in. I can also go to jupiterbroadcasting.com slash contact and choose Unplugged from the
dropdown. And yes, I know I sound like I'm sick.
So don't have to write that in. I'm probably going to get like a dozen of those.
I don't want that. I know that. Alright.
Thanks so much for tuning in to this week's episode of
Linux Unplugged. Hope you had a great 2015.
See you in 2016. Thank you. All right.
There we go.
That is the last show of mine in 2015.
My last show.
Boom.
Done right there.
I think we really need to give Wimpy some credit for his excellent suggestion of a hot toddy right about now.
I know, right?
What is it?
So it's Bailey's?
What else?
No.
No. They vary sort of region to region and family to family. I know, right? What is it? So it's Bailey's? What else? No, no.
They vary sort of region to region and family to family.
But the way we make ours is we use Ribena.
I don't know if you have that in the U.S., but it's a blackcurrant squash.
So you put some blackcurrant squash in a mug.
You add to that some freshly squeezed lemon, a large spoon of honey,
a generous measure of brandy, and then boiling water.
And then you stir all that up together and you drink it as hot as it can be.
Wow, I've never heard of that recipe.
This is a cold remedy.
You know, when you're feeling a bit bunged up, you know,
it's got all the things in it, you know, the honey to soothe your throat, the lemon for the vitamin C, the brandy to sort of, you know, help with the chest.
For the spirit.
And you have one of those before you go to bed to help you get to sleep at night.
Sounds like a great excuse.
It does.
Or in my case, two or three.
And if you drink enough, you'll forget you're even sick at all right yeah except for i actually have so much like sinus pressure right now that it's making me a little dizzy as
it is so like i had one beer that i sipped this whole episode because like i already feel a little
intoxicated like i i had a day quill earlier today but i think it's worn off by now so i think that's
why all of a sudden the sinus pressure is like boom hitting me so hard because it's like wearing
off during the show which is like so stupid but i only had one thing at dayquil so there you go dayquil also makes me sleepy
all right so let me go dig out this link so uh where did you where did you i slacked it to you
oh you slacked it you slacked it i can paste it elsewhere you want it right in the air yeah if
you would i want to go uh so let's get to the bottom of this uh let's see if this tells me
where oh shipping status okay so we'll go over to the
Purism blog. We'll check the shipping status.
Let's see. Updated December 21st.
I believe I have the Rev
2 coming to me of the Librem 15.
Says it's shipping now.
Says it's shipping now.
I thought
it was going to say never project
canceled.
Rev 1 shipped June 2015, sold out.
So I must not have gotten that one.
It must be Librem 15 Rev.
Then there's – so what's going on here?
What's the difference between – there is a Rev 2 – there's two Rev 2s, and one ships in January, and one is shipping now.
Do you have the hinge clutch cover?
I don't know anything about that.
All I know is I was one of the very first people to back it,
and a lot of things have changed since then.
I didn't even know it had multiple revs, let alone different hinges.
Or whatever the HKS location is.
There's a 4K version, which is shipping in February.
And as much as 4K is awesome, I sincerely hope that's not the one I get
because I specifically bought this laptop because I need 1080p out.
I need to be able to mirror
1080 from the machine here to the
capture machine. And honestly,
high DPI just
needs another year for Linux maybe. I don't know.
Yeah. So, yeah, I hope I
will see. Wimpy, what do you know?
You're the one that pointed us to this.
I know what you know now because you've read the same
blog that I have. Not so helpful.
And I also saw a tweet earlier saying that if you'd chosen an international keyboard,
so anything other than a US or UK keyboard layout, your devices would be delayed further still.
And if you didn't want to have those delays, then to come and change your keyboard selection.
I see. Okay, I see
a lot of the difference in the Rev 2 is all about
the hardware kill switch location.
I do like kill switches.
So either you'll get it soon...
Do they work?
Do they not work?
You want to see the blog from
December the 10th where they explain they don't work.
Oh boy.
Damn it. Damn it.
Damn it.
In the meantime, I should have just bought an Oryx Pro.
How many games do people buy in the Steam sales?
Oh, I bought a couple.
But I only...
No, yeah, I only bought...
I literally bought two.
How many did you get?
About 30.
Really?
Yeah, I think I only got two or three.
I had a lot of games already.
Yeah, I had about 30 games, and I've got about 70 now.
Now, have you tried any of them?
Yes, yes.
I'm big into Trine at the moment.
Oh, my God.
Yeah, Trine is great.
I've never played Trine before, so I'm on the first Trine at the moment.
Oh, I'm so excited for you.
Yeah, Trine's gorgeous.
Also playing Coffin Dodgers as well.
I'm enjoying that a lot.
Yeah.
Did you get all the Trines?
I did.
There was a bundle deal to get all of them for like $6 or something.
Wow, no way.
Wow, that's a great deal.
I need three.
I only have one and two.
Yeah, three's a little different.
It's got more of a 3D camera.
Oh.
I was totally in awe of that.
When I started, because I'm not a huge gamer.
The last time I was seriously into games was sort of like PlayStation 2 era.
So when it started up, it was just like, oh, this is so pretty.
I just wanted to play it.
Yeah, it's gorgeous.
It's gorgeous.
And just the way you interact with things and the subtlety of motion was just like,
oh, this is too nice.
Yeah, and the mechanic of switching
between different player characters is a fun one.
That's a fun mechanic.
I see here that distance is on sale if anyone wants to.
Oh, yeah, I've got that too.
Yeah, I've got that too.
Yes, yes, very nice.
You've got to jump on the top of his head, Chris.
Yeah, I figured that too. Yes, very nice. He had a jump on the top of his head, Chris. Yeah, I figured.
I just sucked.
I need to get the controller out.
That's what I need to do.
I ended up getting GTA V and The Long Dark from Hinterland,
which I'm more excited about playing because it's pretty good.
Wimpy, how's the performance been for you?
For what?
Trying. Yeah, are you playing on the nook
i am i'm playing it on that new nook uh so far i've played everything on the new nook and not
had any issues and i'm playing it at quad hd as well because i've got a new no kidding really
yeah well that is really cool i was gonna say i wonder how it would do at higher resolution but
it sounds like it's doing okay yeah well good enough for me i mean i've not i actually looked
to see how many frames per second it's producing because i Yeah, well, good enough for me. I mean, I've actually looked to see
how many frames per second it's producing
because I didn't want to sort of find
that it wasn't very high
and I was then annoyed by that.
So I haven't looked,
but I haven't noticed anything
that makes me think,
oh, this isn't fast enough or responsive enough.
But I've been using an Xbox 360 controller
and I was like, hmm.
And so I've ordered a Steam controller as well now.
Look at you, you're going all in that's funny that's awesome uh yeah my daughter's getting a bit older so i've decided i need to up my gaming skills it is a fun thing to do with the kids
and they really yeah so i've got got a couple of you know kids games for her as well to have a play