LINUX Unplugged - Episode 265: Privacy Priorities
Episode Date: September 5, 2018Intel has disappointed the kernel community with its latest security disclosures but there’s still hope for a better future. That’s more than can be said for the state of privacy on Android, so we... discuss some alternatives. Plus the latest community updates, a new timeline for the Librem 5, tempting new Chromebooks, and some top picks. Special Guests: Alan Pope and Eric Hendricks.
Transcript
Discussion (0)
Wes, have you seen this airplane mode box that you can put your phone in?
I sure have.
I don't know about you, Joe, but it's pretty difficult to stay away from my phone,
even on the best of times.
You're relaxing.
You're at home.
You're trying to have quality time with your friends or your family,
and yet you're always drawn to the pocket.
And that's where there's airplane mode, which, well, it's a unique collaboration.
So far, it's just a prototype, but the designers really wanted to draw your
attention to it. It's a concrete surface with some space inside for you to set your phone,
and you really want to touch it. And as soon as you do, you quickly realize that opening the box
requires both hands. It's a full sensorial experience. It's got a nice leather cradle.
It's a special place for one of your mobile devices. You can put it inside, keep the vessel shut,
and then now, next time you want it, it's an act of intention and not just being addicted.
It does look like a giant bar of soap, though, doesn't it?
Oh, you know, I hadn't even thought about that.
Yes, it's either a really well-used pumice stone or a big, dirty bar of soap.
I don't know about you, but I've got the self-control to just not pick my phone up.
I don't think I need to lock it in a big concrete container. Yeah, you know, I don't love the design.
I am a little drawn to the intentionality and the idea that, well, maybe you have to
choose to access your phone, but there is the lower tech solution, which is just turn your
phone upside down. This is Linux Unplugged, episode 265 for September 4th, 2018.
Welcome to Linux Unplugged, your weekly Linux talk show that's making a huge mess in the studio while the boss is away.
My name is Wes. My name is Wes.
My name is Joe.
Thank you so much for joining me here today, Joe.
Chris is away, but never fear, you can't stop Linux Unplugged.
Yeah, we must stop meeting like this.
We must.
You know, someday I think we will, and it will be a happy celebratory occasion.
And, you know, it almost is today because we've got a great show coming up.
We've got tons great show coming up.
We've got tons of community news, both the highs and the lows,
plus an update from the wild west of mobile Linux operating systems.
Some Google, Microsoft, all those big names, they filter in here too.
And, of course, the latest drama from some of the muckety-mucks of the Linux kernel,
plus some of our picks rounds it out.
I'm pretty excited, but before we can get to any of that great stuff, well, we're going to need some help, and I think I know just the crew.
Time-appropriate greetings, Mumble Room.
Hello.
Oh, listen to that.
It makes my heart sigh with happiness every darn time.
How are you guys today?
Awesome.
We're good.
Eating a steak.
Eating a steak.
Now you're just not focused here on Linux Unplugged.
All right, well, let's focus on the release of Linux Mint Debian Edition.
LMDE 3 has been released.
Yes, it sure has, codenamed Cindy.
Now, if you're not really familiar with Linux Mint Debian Edition,
it's just like the regular Linux Mint,
but instead of having all of its base packages supplied from the Ubuntu distribution,
well, they go back one level further and pull them straight from Debian.
It's kind of a tracking project to keep the developers' minds at ease
knowing that, well, if Ubuntu suddenly disappeared,
Linux Mint would still have something to stand on.
I know it was one of the distributions I first started out with.
You know, obviously Ubuntu was right there at the beginning of my practical
Linux career. But quickly after, I was like, oh, what's this distribution that has all the media
codecs pre-installed? And, you know, I do think Linux Mint does a reasonable job of having that
user base in mind. You can see in the release notes, they've got just a section of common
troubleshooting tips right off the bat. So if you're like, oh, my DVDs won't play in VLC,
what do I do? Well, they haven't fixed that, but they've at least thought about
it enough to have a handy guide right at the same place that you download your ISO.
A thing to keep in mind here, though, is there are no point releases for the Debian edition. So
you just get a big new rebase on the next Debian base, and then you'll get all the latest Linux
mint changes they'll just filter on down to your system. But this time there's no Mate version then?
No, there's not, Joe.
And I don't know about you, I do like Cinnamon,
but Mate's always been such a reliable choice.
I wonder what the motivation for leaving it out.
Well, you've got Ubuntu Mate now, of course,
which kind of renders the Mate version
of standard Linux Mint a little bit irrelevant.
So maybe it's kind of an acknowledgement of that. You know, I could see that Linux Mint a little bit irrelevant. So maybe it's kind of an acknowledgement of that.
You know, I could see that Linux Mint does.
Cinnamon and Linux Mint seem like they have a definite kinship.
They're developed in parallel.
I'm not sure if I would go with the Debian edition
over the Ubuntu edition just at the moment.
But if you're a Debian fan,
maybe you don't like all the things that Ubuntu layers on top
of Ubuntu's philosophy of putting together a distribution.
Well, hey, you've got options, Linux Mint fans.
Now, I know that you love GNOME.
I'm not the hugest fan of it, but you must be pretty hyped for 3.30 that's coming soon.
3.30, I know.
I think we're expecting sometime this week for that to drop.
It'll be dropping this weekend.
Perfect.
Okay, hey, that's something great to look forward to as we begin everyone getting back to work now that it's almost fall. And well, if you're getting
back to work, maybe you're refreshing some of your systems. I would be looking forward to GNOME 3.30.
And you can get a little preview of that by checking out the latest changes coming to
GNOME Tweaks. Now, if you don't use GNOME Tweaks, just harken back to the days before GNOME Tweaks
was as good as it was or really even available, and you'll realize that you probably had to go
dig way deep into some settings and config files to make all these handy changes.
Some of the changes that we're seeing is, well, to start off, there's volume indicators
in GNOME 3.30, and they can indicate when over amplification is in use.
Now, I use over amplification all the
time when I'm doing my noise removal. I have to turn up the volume way loud. So that would be
handy because sometimes I come back having turned it way up and that just blows my ears off. So if I
knew there was this nice red line showing me that, then yeah, hopefully they can add that to XFCE at
some point. Right. You can get that stuff, you know, it's buried in the ALSA or Pulse settings,
but having it right on the desktop
really does make a bit of a difference.
Now, there's another new setting here,
and that's the sound theme selector.
Sound themes aren't very popular yet,
but maybe this will help them become
just a bit more noticeable.
But you have got sound themes in Ubuntu,
haven't you, Popey?
Maybe.
We had someone in the community make a sound thing many many years ago and um we removed it i think they
were slowly removed like the one to uh that played a sound when you logged out was removed because it
was too long because it turned out we could shut the system down before the song finished playing
and so it was seen that was a bit daft, leaving it in there.
And then slowly loads of the others have been removed as well.
So most of the sound themes, I think, are removed.
And the only thing you get is like a donk noise when you, you know,
as the terminal bell, and there's not a lot of other noises in there.
That's something, you know, I hadn't,
I wasn't too familiar with sound themes even before
researching for this show. So I'll be, I'll be playing with that in the future. One more thing
I wanted to highlight was that coming up, we will see possibly center new windows, that option being
enabled by default. And it doesn't sound like much, but actually, I think it's kind of a nice
touch. It seems like it might be going into Ubuntu 18.10. Or it has been enabled in Ubuntu 18.10, rather.
And that might be a setting I'm going to have to copy
on my custom-assembled GNOME desktop.
So it's not all good news this week, unfortunately, is it?
Purism has pushed back the release date of the Librem 5
in a shocking announcement that none of us saw coming.
No, not ever.
I am still, you know, just a little bit disappointed.
It seems like you've been following this with some interest over there, Joe.
Yeah, I've been following this from the start
because I wanted a totally free phone to be available,
but I've also wanted it to be good.
And that's kind of the problem.
You know, when you're starting these things off from scratch,
it's very difficult to make something that's going to even compete
with iOS and Android in any way at all.
It's interesting the spin that they put on this, though.
The kind of official press release announcing this delay until April 2019
is very much kind of laying on how great the idea is and, you know, how terrible the other alternatives
are. And then it's kind of right at the bottom. Oh, yeah. And we've slipped a little bit.
And here's a technical blog post for more details. And it's really that technical blog post that's
more interesting, talking about exactly why this delays happened, because they got this IMX8 board
later than they had planned, basically.
And when they did their testing on it, it turns out that it wasn't quite up to scratch.
Yeah, and you know, there really just are, I think we've seen this from some of the other
vendors who've attempted to play in this space.
There's just a lot of challenges of making a non-Android-based mobile phone.
Android has such a long and convoluted history, especially with all the intricacies
you see on different systems on a chip
and all the various blobs and other hardware components
you need to assemble to make sure that it all boots up,
can actually run, and then, as you so wisely put, Joe,
is actually usable at the end of the day.
JOE BIDENSON, Yeah, unfortunately,
the bugs in this case meant that it was just going to have terrible battery life and just wouldn't go to sleep properly and use a single core, that sort of thing.
So that's pretty critical.
And at least they are acknowledging that and saying, look, we're going to have to delay it rather than just forging ahead and making it terrible.
It kind of makes me think that once we finally do get this, it isn't going to be terrible.
You know, they're
putting some thought into this here. They're making sure that they don't just ship it as soon
as they possibly can. They want it to be good. I mean, it's not going to compete with Android and
iOS. There's just no doubt about that, not to start with, but it is going to be fully free.
We have to hope that there is that sweet spot of usable enough and still respecting a lot of the
principles and philosophical positions that I think a lot of the principles and philosophical positions
that I think a lot of the audience here is interested in
and has just not been something that we've really been capable of,
barring maybe a few exceptions in the mobile space.
Now, buried in those technical arguments, Joe,
is there any mention of just how long it slipped?
Well, yeah, they say April now.
It was originally going to be January
2019. Now they're saying April. So pretty much a quarter, which sounds a bit arbitrary to me.
I think that we'll be lucky to see it by the middle of next year, really, because,
you know, they kind of had this plan to put it out in January, and it was all based on a certain
number of things happening in a certain order, getting the development kits and all the rest of it.
And each thing seems to be slipping just that little bit.
So I think, yeah, we'll be lucky if it's before,
I don't know, June or July.
I'm not undecided on if I'm going to double down
and keep playing in the Android world.
I see those ever so smug and satisfied iPhone users
and wonder maybe in a world
where I didn't use my phone for anything but simple phone things,
that could work for me.
There is, though, another option, and that's the Xero phone,
which is a $50 open-source smartphone based on the Raspberry Pi Zero.
Yeah, this is a little bit speculative at the moment.
It's not actually available.
It's been announced on CrowdSupply,
and you can kind of put your email address to register your interest. So who knows when it's actually going to come about, but it does look
pretty cool that it's a very basic phone. What do you expect for $50 based on the Raspberry Pi Zero,
but at least it is something a little bit different, and potentially that kind of second
phone that you just take out when you don't really want to take your main phone out.
Yeah, but there's all kinds of use cases for that, even if it's just a backup phone because you,
you know, smashed yours on a rock. It's kind of set apart by the things it doesn't have. No carrier
locks, bloated apps, or data mining, and it doesn't depend on big companies. Of course, that means you
lose out on plenty of other options, but I know I feel a little insecure when I just have the one phone,
especially given how much you actually need a phone to just communicate these days.
So, hey, I have a Raspberry Pi Zero hanging around.
Now it looks like I just need a few more supplies.
Well, you definitely don't want to be using Android
because Google will not patch a flaw in any of the other older versions of Android
than the current one,
which is pretty serious.
Oh, Google.
You know, this is really exactly the sort of thing that makes people upset
with modern phone and phone operating systems.
Somewhere between all the different systems on a chip,
somewhere between the rapid state of industry change,
and then you have software practices.
And that might be where it gets sometimes the most frustrating,
at least for me, because you've got to imagine that this is possible,
at least in theory.
It may be that it's not profitable.
It may be that it just is a lot of work to backport these patches.
But come on, we know Google has the resources.
Yeah, it's one thing for the vendors and the OEMs
to not actually implement the patches,
but for Google to just not put them out there in the first place,
that's not very good, is it, at all, really.
And to say to people,
hey, here's your solution, upgrade to Android 9 Pie,
what kind of solution is that
when there's billions of people out there using the old versions?
Yeah, I mean, it's not even really possible for anyone
apart from those who use the Pixel devices or if you're lucky enough that your manufacturer actually goes and updates
whatever modified version they've based it on. Maybe you go install your own operating system,
but you're pretty much a special case there. And what worries me is that there's going to be,
you know, there's a lot of consumers who don't need the newest and greatest, and they have,
some of my family members, they have the original Nexus 5. And
while it's not fast and it doesn't have a lot of storage and the camera's not so great,
it really does just work for them. But I worry knowing that they're on an unsupported platform
that won't get security updates. And it's shocking that, you know, Android 9 just came out
and that we're already in a world where anything else isn't secure. I don't like it.
Yeah, I don't like it. Yeah, I don't like it.
But I like that you called me a special case, Wes, because, you know, I run Lineage on my phone,
and my wife runs Lineage on her Nexus 5.
So, yeah, we're both special cases.
I'm going to tell her that.
Ooh, how does the Lineage run on the Nexus 5?
Has she been happy with that?
Yeah, she's been very happy with it.
The camera on that phone isn't great.
And that's the only thing she doesn't like. But yeah, I keep trying to tell her to get a, you know, trying to convince her to get a better phone just so I've got something to play with. But she
says, no, I don't need to. It's fine. I've got security updates. It's working fine for what I
need it for. It's small. The only phones you can get now are giant. So yeah, she's perfectly happy
with it. I mean, it's not the quickest phone in the world. It's, you know, how many years old is that now? It must be five years old or something.
But yeah, with Lineage, she's got the very latest updates. So yeah, she's happy.
I am glad to hear it. Is there anyone in the mumble room who's really an avid Android user?
Are we all just sort of accepting what we get from the big upstreams? How many people
are, you know, rooting their phones,
actually installing different operating systems?
I did.
I've got a few Android phones near me.
And obviously I used to run Ubuntu Touch on some.
Right, yeah.
But my main phone is OnePlus 3T.
And I did try Lineage on it,
but I found it a lot slower than the stock ROM
I got from OnePlus.
So I wiped it and reverted back to Oxygen,
which means I don't get the firehose of updates
that Joe gets on his,
but I get security updates at some point sometimes.
So I'm happy enough with that.
Yeah, occasionally.
Yeah, now and then I get an update
and that's good enough for me.
Which aspects were slow then particularly?
Whole thing.
The UI was laggy.
It was really slow.
Just, you know that thing you do
whenever someone hands you their phone
or you grab somebody else's phone,
the first thing you do is swipe left and right,
swipe up and down on the app screen
to see how it feels, right?
Because you don't want to dive into their applications
and start using stuff and seeing their data
if you're the kind of person
who lets someone else use your phone.
But that's all you need to do with lineage on the OnePlus 3T.
If you compare it side by side with Oxygen,
I found it really laggy and slow.
That's interesting because I've never had the stock ROM on mine.
It's always been just lineage from day one.
So I've never experienced it you poor poor child you poor
thing i know but um it's for me it's perfectly fast with um awd or adw launcher on it and i turn
off the animations i've never noticed it slow down really next time we're in the same physical
location we'll put our phones side by side and try them out with some benchmarky type stuff like
human like perception and we'll see.
Maybe it's just my perception and I'm biased,
but yeah, it felt like it.
But I do use Lineage on the OnePlus X,
the tablet thing, what's it called?
Nexus 7 2013 and a couple of other devices.
Don't be going, oh, Wes, I've got one of those as well.
I use that regularly.
Oh, no, it was an ooh of impressed. I mean, 2013's be going, oh, Wes, I've got one of those as well. I use that regularly. I know it was an ooh of impressed.
I mean, 2013 is right in the name and five years, that's some support.
That's my zombie apocalypse tablet.
It's got a lot of e-books and, you know, how to start fires,
how to, like, generate electricity and all that kind of stuff.
Survival books on it.
Do you have extra shotgun shells just sort of in the case there for that situation?
On advice of my legal team, I am not going to respond to that.
Well, one thing that I do is flash Google Apps on it,
OpenJApps, Pico, which gives me just enough to get the Play Store running.
But now I'm kind of regretting that,
given that Android collects 10 times more data than iOS, at least according to a recent study.
Yeah, the paper titled Google Data Collection from Douglas C. Schmidt, a computer science professor at Vanderbilt University,
well, it arrives at some stark conclusions regarding just how much data Google is sucking up from all of those handsets out there.
Among several findings, the experiments found that an idle Android phone
with the Chrome web browser active in the background
communicated location information to Google 340 times during a 24-hour period.
Now, of course, they ran the same experiment on iOS with Safari.
Google could not collect any appreciable data
unless a user was actually interacting with the device.
That's kind of a contrast right there.
Well, it's not hugely surprising that Google couldn't collect the data,
but even just the sheer number of pings back home were lower on iOS as well,
which is not altogether surprising, is it,
given that you've got two completely different business models.
You've got Google's business model, which is collect all the data,
sell all the adverts,
different business models. You've got Google's business model, which is collect all the data,
sell all the adverts, whereas Apple is just sell the product for five times what we build it for,
probably 10 times. You know, they just sell expensive stuff. That's their business model. And then they sell you content to watch on it. So it's not a surprise at all. You know,
I don't think anyone was surprised reading this story.
No, I don't think so. It was interesting, some of the deeper findings they had. Of course,
there's just the actual frequency of data transmission. But the research also turned
up some of the ways that Google could potentially tie together anonymous data
collected through passive means and correlate that with personal information. And of course,
that's what advertisers want, right?
They want, you have all of these sort of statistics
and numbers that flow through from user actions
and you want to piece those together
so that you can actually, you know,
sell that information as something useful.
As an example, on an Android device,
so-called anonymous advertising identifiers
that collect activity data on apps
and third-party webpage visits,
well, that can get associated
with a user's real Google identity by the passing of device-level identification information
right back to Google's services.
And, well, that same thing goes for the supposedly user-anonymous double-click cookie ID.
It is kind of upsetting that, you know, just by default, when you choose this platform,
especially the platform that's based on the technology that, well, we're all here to talk about today,
you end up with all of these other implications,
and you kind of end up at a crossroads
where you have to choose between,
well, do I care about nominal open-sourceness,
that sort of, those arguments that I want a phone
that at least is somewhat open-source,
that runs on technologies someone can audit,
that I can understand,
or do I care more about my internet privacy, about my interactions,
and about all of my personal information?
You would hope, and oftentimes those align, not in today's mobile phone market.
No, I'm just going to get one of those airplane mode boxes,
stick my phone in it, and move into the woods, Wes.
It's the only answer.
Yeah, you know, I mean, maybe you can do this RMS style
and sort of just collect all your stuff, do it offline,
and then send it up occasionally
or get some sort of personal assistant
who can do all of your tweeting for you.
They'll scrape the Linux news
and tell you what to say for your shows.
That sounds a lot easier.
That does sound a lot easier.
Yeah, let's get on that.
Well, okay, if you're going to get a personal assistant, Joe,
I think you'll probably need to set them up
with some equipment
and you're probably not going to give up your machines
even if you're not using them anymore. Have you considered a potential Chromebook?
I don't know, Wes. I don't know. I don't like any more Google in my life. But this
Ars Technica article that you found about $600 Chromebooks being dangerous to Microsoft,
that sounds good to me.
Oh, not a Microsoft fan, are we, Joe?
Come on, who here likes Microsoft?
Okay, yeah, that's fair.
You know, I think here at Linux Unplugged,
we have been trying to say it is a new Microsoft.
Now, what that means, that's up to the audience to decide.
But there is this added complication.
This article in particular is highlighting Lenovo's new $600 Yoga Chromebook,
which, well, as they say, brings high-end styling and materials to the Chromebook space,
along with, you know, well-specced internals and a high-quality screen.
Also, there's Dell's $600 Inspiron Chromebook 14, slightly lower specs, but it's a similar offering with better styling,
bigger, better-quality screens, and, well, superior specs to a lot of the other Chromebooks out there.
Yeah, we're talking mid-range here, aren't we?
We're not talking XPS quality and price,
and we're not talking about terrible, cheap Chromebook.
We're talking about that middle range that appeals to not kids,
but kind of college students and people kind of just out of college or whatever.
And it is Google's play against Microsoft, potentially,
to try and get people onto the Chrome OS platform,
using all the Google services,
get tied into things like Drive and Docs and everything,
and then hopefully push Microsoft off their perch
at the top of that market.
Microsoft has obviously been sort of the assumed solution for this. And in
some ways, it feels like we're watching the Chromebook world grow up. You know, it started
off with these really cheap machines for schools and for educational use and young kids using them.
And now that some of those people that have been using them, they get older, they're familiar with
the Chrome OS interface already. And at the same time, Chrome OS is just becoming more and more
capable of real workloads.
So the Lenovo people, they're excited about this. They say that this new Chromebook was developed
because the company was seeing demand for Chromebooks from users with a bit more disposable
income, college graduates, people from upper class families that could afford a nicer machine.
That's a lot of the space where you kind of see especially for people that aren't computer enthusiasts
just you know an average midline
Dell HP laptop
that of course they've got that Microsoft Windows deal
that's going to come pre-installed
you've got the latest and greatest Microsoft products
you'll probably get some sort of pre-installed
office suite that you'll start using
with the Chromebooks advantage of already being in schools
and having all the sorts of user management
and child permission controls
that maybe you have to know what you're doing
on maybe an open source solution,
seems pretty competitive.
This seems to be mostly in America, though, doesn't it?
This push into education.
Piper, you've got kids.
Do they ever use Chromebooks at school
or is it all just Windows?
Never seen a Chromebook in the kids' school,
but I do know the school that one of them is going to starting tomorrow, they get given iPads.
So that's a different thing altogether, which should be interesting.
Well, that's really where the competition is these days, isn't it, in education?
Windows and Microsoft, I get the feeling feeling are kind of slipping a little bit.
And it's really between Chromebooks and iPads, isn't it?
Possibly. Ask me again in a month or two when I've seen what they get.
Yeah.
Oh, yeah, it is just that back to school season. That's a funny angle. You know,
I always think about what I'm going to get for the latest things. But
of course, kids need supplies too.
Yeah, and Google is really trying to hook them while they're young.
That's why they got into the whole education market.
I mean, Microsoft did it 20 years earlier, didn't they?
Yes, absolutely.
I wonder where this leaves some of the, you know,
if you've got iPads, but where do you go?
I guess you can go to the desktop Mac OS experience,
but between some of the newer lower-end Windows devices
and then more functional Chromebooks,
it's just a lot easier to get started with.
And then if you can, you know, maybe you go up,
you learn about Linux.
One of these kids could be just using the Windows subsystem
or they could be running their Linux app on Chrome OS.
And does that mean,
do they ever make it off those platforms?
Or is it just too easy these days?
You use a combination of web apps.
You've got Linux there if you need it.
You've got some native apps, maybe.
Are you ever going to need to install Ubuntu for real?
Well, that's a good question.
Pope is hoping that people will keep installing that.
And I think that they will.
It's going nowhere on the server, is it? And that's the thing, that people will keep installing that. And I think that they will. It's going nowhere on the server, is it?
And that's the thing that people, as they get more into technology
and realize that everything in the world runs on Linux pretty much server-wise,
they then realize, well, hang on, it's so robust and solid on the server,
maybe it's worth a try on the desktop.
And I don't know if the subsystem and the Linux apps
on Chrome OS are really going to do it justice.
And hopefully, I think it's only going to be a percent,
put it this way.
It's not going to be everyone who gets into development.
I'm sure that some of them will be absolutely fine
with the subsystem.
But it only takes a small percent to make a big difference.
And so that's my hope.
I don't know, that's my positive spin on it.
Right, and maybe one way to look at it too is that
if it's easier to become familiar with those technologies,
then the draw will be immediate, right?
You can start playing around in a terminal,
getting a feeling for the real Linux environment,
and then when you're ready,
go full war. Now, of course, what have we all been talking about right here? It always sneaks into the discussion somehow. I don't know. It must be in the name of the show. But yes, of course,
that's the Linux kernel. And well, there's been some, I don't know, I'm not going to call it
drama, but there's been some news around some of the remarks from two of the top people associated with that kernel.
And of course, that would be Linus and his right-hand man, Greg KH.
Over at the recent open source summit in North America, Greg warned some attendees about the severe impact that, of course, we've all been talking about, which has been Meltdown and Spectre.
The CPU vulnerabilities that have been flagging modern out-of-order processors for the better part of 2018.
Really, what's at issue here is responsible disclosure and how does that work, especially
in a world dominated by large enterprise distributions and, you know, two, three,
four main hardware providers. How does open source fit into that picture?
Well, to give an idea, Jan Horn discovered the first of these issues way back in July 2017.
And it wasn't until October that some of the kernel community were starting to hear rumors of the flaw.
That's not disclosure of the flaw.
That's rumors of the flaw.
That's a long time, especially as, you know, in the same vein,
other very large operating system vendors had already heard the news. And really,
it only filtered down to the Linux community because some of those vendors told Intel to just
get off their butts and tell people about it. Well, remember, around Christmas time,
the register put it together, I think, with the various bits of evidence that they had,
and that basically forced a disclosure.
And then there was a huge scramble with the various Linux distros and the other OS vendors
to get the patches together.
And by all accounts, it absolutely ruined the Christmas holidays and New Year time
for a lot of people in those companies.
Yeah, right.
They siloed Seuss.
They siloed Red Hat.
They siloed Seuss, they siloed Red Hat, they siloed
Canonical, they never even told Oracle, and they wouldn't let anyone talk to each other. And, you
know, normally, of course, you get all the people together, you start talking, everyone has different
resources, each company and contributors can pick and choose the people that know the most about
these subsystems, who has time, who has energy to do this, group them all together, form a war room,
and actually get stuff patched. And of course, when it's a security vulnerability, you want to
get that patched as fast as you can. So really, this process that happened this time around,
it just isn't good enough. But thankfully, lessons were learned from that. And both Greg and Linus
have said that, you know, things are a lot better now. Now they've got back channels to Intel and, you know, they can all talk to each other.
And you've even got the Windows people and the Linux people talking together and working together, which would have just never happened five or ten years ago.
So it's almost like the silver lining of this terrible, terrible cloud of speculative execution is that we've got people working together that wouldn't have otherwise.
I was pretty impressed when I read that, Joe.
I will be honest.
Add that to the bucket of, hey, it's a new Microsoft.
But it also makes sense, right?
I mean, largely what they're trying to do, build operating systems to run on top of Intel's hardware or, you know, x86 hardware or whatever, that's the same job. And it would make sense where appropriate to share resources,
share insights, and share knowledge, especially because as we've seen, a lot of these speculative
execution attacks are complicated. And especially when they first released, this was a new type of
vulnerability that no one really understood very well and is really ingrained in the core parts of how modern out-of-order processing happens
and some very clever attacks therein.
And of course, you have to remember that these attacks,
although they do render client machines, desktops kind of vulnerable,
really the biggest problems are on servers and especially with virtualization.
Really, the biggest problems are on servers, and especially with virtualization.
And that's a huge part of Microsoft's business now, is virtualization.
And a lot of it's running Linux.
Microsoft loves Linux and all that.
So it's not a surprise that they are now working with the Linux community on this, because they're working with them.
Look what they're doing with Canonical to get the subsystem into
the Windows desktop. We're seeing a lot more cross-pollination here. And it's, you know,
a cynical person might say that it's Microsoft trying to, you know, embrace extend and extinguish,
but I always say this, it's about them making money. They're just following the money and
the money's in Linux and open source. And that's why they're getting into that. This all makes me curious. Okay. So maybe,
maybe it's as we've heard today, maybe Intel's learned a lesson from this. They're going to do
better next time. And I'm sure there will be a next time sooner rather than later. That's,
that's all well and good. But what happens when AMD, you know, Ryzen really takes off,
AMD is the dominant or Intel just can never compete. Mobile operating systems become the norm. And, you know, we're dealing with Taiwanese
semiconductor. Is this going to be a battle we have to keep fighting as one dominant or several
dominant companies come into play, fade away? I imagine that a lot of these open source communities
will last a good bit longer or have that kind of staying power. So are these constant battles,
or can we actually reach a cultural norm
where people understand how to make this work
and understand and can navigate the complex relationships?
Well, there's one obvious answer to all of this,
and that is to go to RISC-V, a properly open instruction set,
rather than having to rely on Intel and AMD and ARM,
where there's all sorts of things going on that we just don't understand.
You know, the future, it has to be something.
If it's not RISC-V, it has to be something similar, doesn't it?
It does seem to be that way.
We are obviously running against physical limits in our current architectures,
and a lot of these difficulties are a result of just how darn complicated
everything that we do these days are. We haven't, you know, x86 has a lot of legacy built in, even though we're all really running,
you know, the more modern 64 variant. There's still a lot going on. We have this CISC architecture
architectured on top of really like a RISC core, complicated firmwares. We were just talking about
it in a recent episode of this show, the complicated licenses that go around that.
If you could start with something a little more pure, right?
Yeah, something like RISC-V,
something where you've got an open foundation.
You can pick a retailer or a foundry
that can make that hardware for you that you choose,
and then you can take the open source operating system
you want to run on top of it.
You're getting me excited and also really upset
because I can't really do that right now.
And you can't even trust your operating system and processor together
to give you truly random numbers, can you?
Or can you?
Or can you? You know, that's a good question.
We've seen a lot of controversy about this over the years.
Way back in 2013, you may remember there was calls on the mailing list
to ditch Intel's RD-RAND instruction,
which can be used to help provide secure sources of random numbers.
And, you know, there was a lot of pushback then.
There was a lot of saying like, well, can we really trust this?
We don't know what's going on.
At the time, the kernel community really was saying that,
well, we already use multiple sources of input.
We mix them together in a secure and trustworthy way.
So you really, you just shouldn't have to worry about this.
But of course, when there's big corporations involved and black boxed microcode, I can understand why you'd be suspicious.
So this week, we have some news.
RC1, which was just published, allows those building their own kernel to choose whether or not to trust particular CPU hardware random number generation. Now, of course, when random
number generation is insufficiently random, everything you do on a computer that relies on
that core source of entropy, it's just, it's not really going to work. One solution to this has
been having external
hardware sources of randomness. You have hardware keys, you have things scavenged from radioactive
decay. There's all sorts of techniques to get around this, right? Cloudflare has a wall of
lava lamps at their headquarters where they use cameras to sample the lava lamp state and use
that as a source of random numbers. These days, hardware manufacturers have gotten wind that people want this,
and they've been building it in.
That makes a rather complicated trust arrangement.
Yeah, do you trust the likes of Intel?
Not necessarily to not be nefarious, but just to not be incompetent.
I mean, look what they did with speculative execution.
That wasn't them deliberately doing that.
That was just them not stopping to think
about it. And so if they can't get that right, then why should I trust that they're going to get
the random number generation right? I like how this was described. There's a recent patch, and
it's determined that it's been punting the controversy into the laps of Linux distributions
and kernel builders. If enabled, the random trust CPU flag prevents the
kernel's get random system call from blocking the boot process in order to accumulate enough
entropy. This, you know, that can hasten the boot process, which has some benefits, but obviously
that makes it so that you have less certainty in your cryptographic strength. Now, this setting
would apply not only to that RD-RAND instruction that we talked about before, but also RDC, which works for both Intel and AMD chips, as well as random number generators that are built into some of IBM's PowerPC chips.
But at what point do you just stop worrying and just get on with it?
Do you spend your entire life just paranoid about these things?
And is it providing enough entropy? And,
you know, at the end of the day, does anyone care enough to attack you? And, you know, that's not a
great attitude to have from a security point of view. Obviously, you want things to be as secure
as possible, but you always have to weigh up that choice, don't you, between usability and security.
And, you know, what other choice do you have
but to trust these hardware vendors, really?
Unfortunately, at least for individual users,
really not much of a choice.
Now, maybe if you're a big vendor or a big manufacturer
or one of those big internet companies,
you might have more say in this.
You might have the ability to fabricate some of your own hardware.
But I can see it being a prudent choice for the kernel developers because it just gets
them out of the decision.
I imagine a lot of distributions will just ship this same as it has ever been and not
enabled.
But, you know, who's to say?
And if you are a purist, you have that option.
I, for one, well, I'm not doing anything secure enough to really care.
And I already have so much implicit trust
in every company that plays a part in manufacturing
anything that runs on all of my computing devices
there's not a lot of gain
but hey, it's cool
it's a small patch set
which I was pretty impressed with
so that makes me think
at least this is a good
it's a good framework
it's a good idea that
you have options
they might not even be practical options
but if it makes it a more usable kernel for everyone,
even if I'm not going to use it, well, I support the idea.
Yeah, and even if you can't trust your CPU hardware,
you basically can't trust any of the other hardware, can you?
It's all got firmware in it.
Even your SSD and everything has got firmware.
And, you know, we've talked about being able to update that,
but that's all just binary blobs that we have no idea what it's doing.
And so at some point, you just have to relax and just use your hardware and just get on with it.
It's all shifty turtles all the way down, Joe.
Yeah.
So you've got a couple of picks to share with us.
Yeah.
You know, it just wouldn't be a good Linux Unplugged if we didn't sneak in a few picks here and there.
First up, something called Proven.
Proven is an alternative to Twitter's verified program,
but, oh my friends, but, it's powered by Keybase.
Proven is a browser extension that has badges for Keybase, GitHub,
and a number of online services next to usernames on some sites,
especially Twitter, much like Twitter's verified badge.
But instead, it's based on the user-hosted proofs Keybase enables.
Yeah, and to be honest, these days,
the Twitter verified badge is pretty much worthless, isn't it?
So this is much more valuable to me.
Yeah, you know, Keybase has done a lot of things.
We haven't talked about it too much on Linux Unplugged recently,
but they've been working hard in the background
to establish a sane way to build distributed trust
that doesn't all have to be based on key signing parties.
Now, if you use their service,
you've got some verifiable accounts set up,
you've posted some proofs to services.
We all interact on this internet,
and knowing that I can actually have some trust that you are you, and that someone I've talked to on IRC, and someone I've seen in the comments of Hacker News, and then someone's Twitter feed are all actually the same identity, even if it's a pseudo-anonymous identity, there's a lot that I like there.
In addition, Keybase has done a lot of neat things, like they've got their own distributed file system that you can check out, a chat app. I haven't tried, but I'm very curious.
Yeah, that sounds very interesting.
I've only heard of it today when we were talking about this before,
and I had no idea that they did so much more than just, you know, this verification stuff.
So, yeah, I'm going to definitely have to check that out.
Although, do we really need another chat app at this point?
No, probably not.
Although, if it does have security in mind,
well, I'm tempted.
If you're curious though, don't worry.
You can head on over to linuxunplugged.com
slash 265 to get a link to everything we've talked about,
but also proven.
You can go try it out.
See if you like it.
See how many, I think you might be surprised
how many people are actually on Keybase
that you already interact with online.
And if you
don't mind one add-on, of course, they have one for Firefox and Chrome. So probably a browser near
you. I don't know. Something I've installed and maybe you should too. That's not the only pick
for this week, though, is it? No, of course not, Joe. What are you trying to say? I'm not trying
to sell everyone short of the picks. That would be insane. Okay. So this one's a little bit weird. It's got an unfortunate name. It's called RAT.
Yeah, that's right. RAT. R-A-T. And well, I don't know why it's called RAT, but what it lets you do
is kind of novel. It's a tool to compose shell commands to build interactive terminal applications.
This is one you should definitely go follow up.
Click on those show notes, go over to their GitHub page
and watch some of their demos because it's a little,
really, there's a lot of power here.
I think they've found a unique way to leverage that Unix philosophy
we're always prattling on about here
and actually get some pretty usable results.
Have you had a chance to fully check this out then?
Yeah, it's a Go application, so it's
really pretty easy to get. I don't think they have any binaries pre-compiled for you, but if you've
got the Go build chain already installed, it's just a Go get away. And it was really inspired by
things like TIG to have very little actual opinionated UI logic, but allowing you to stick
that in together. So they've got an example here where they've hooked up various, you can configure various modes and then trigger that on key
presses to show different things. So their example is maybe you're working in a complicated Git tree
and you know you're going to want multiple panes. You're going to want to be able to see,
you know, maybe like the actual tree layout. You're going to want to see some blames. You're
going to want to see just raw diffs. This lets you do that. And you can do it all interactively. So you can choose, you know,
you can have it show like get show, you can have it show the get log, you can imagine using all
sorts of tools, maybe you have your whole development environment set up in this,
you've got something watching to show all your tests in one window, you've enabled it with key
presses so that you can rerun those tests or trigger to go do a build and upload it to a
server when you're ready to test it in staging.
I think the possibilities are kind of endless.
Now, of course, that means RAT is a little bit of a power user tool.
You're going to have to get down and gritty with all of that config.
But the upside is it's, you know, it's composable.
It has some really nice, I think, base abstractions.
And what you could build, I bet, is limitless.
This sounds really interesting,
even from a systems administrator perspective.
I'm doing more and more work with SaltStack
and I'm trying to pick up Ansible
to automate stuff at work or stuff here at the house.
And it's nice having something like Visual Studio Code.
I like their implementation of Git and that kind of thing
and how it's all within the GUI.
There's days where I just live in VS Code.
But having something like this that is that intricate,
I think would really help,
especially for someone who just within the last few months
has started heavily using Git
when six months ago, 12 months ago,
I didn't use
Git at all except to pull down new applications. Yeah. And it's, it seems like one of those things
too, where often you end up with workflows where on one side you have some scripts that you have
to custom set up. Maybe you've got a script to open them all in Tmux panes, or on the other side
of that spectrum, you've got custom developed web UIs that hook through, and maybe you've set up
like a Rails app or an Express app.
To my eye, RAT occupies an interesting middle space
where you can actually set up actual UX workflows on the terminal
relying just on terminal commands that you're already using,
but in a more structured way.
And as someone who always has way too many terminals open,
I'll be playing with it.
And you've got yet one more pick, haven't you?
TCPdump101.com.
Yeah, this one's not so much of an app as it is a web app.
I don't know about you, Joe, but sometimes there's something shady
going on on your network or on your box.
The kernel's failing you, you're getting a lot of spam,
or your packets just aren't going where you told them to go.
That's when I turned to my trusty friend, TCP dump.
Unfortunately, I think for many of us, if it's not one of your daily drivers,
it's just one more tool that you forget the language to use to configure it.
You forget all the command line flags.
And to add to that, there's a lot of hardware out there that has somewhat similar commands
that aren't just always the same,
enter tcpdump101, a handy site that has a simple GUI builder to help you compose tcpdump commands.
This looks super useful to me, man.
Yeah, that's it. Because tcpdump, it has a lot of functionality. And usually,
I saw a lot of outcries of people discussing this tool being like, well, you know,
it already has a man page and you can just type dash H.
And that's all true.
And, you know, we probably do that already.
I know I do.
But it's nowhere near as in depth of this.
And there's some amount of shame.
I think we like to we like to put a stigma on people that need help.
Right. Maybe you're always going to stack overflow or you just can't learn to memorize those command line switches. But all that matters at the end of the day is you have a powerful tool
and you want to be able to use it. And if you don't use it every day, you might need a little
help. That's where things like query builders or planners really come in and they've got different
stuff. So maybe you're using a Cisco ASA checkpoint thing, FortisGate, doesn't really matter. Just
plain old good TCP dump. They've got a handy
GUI you can click through. It'll help you graft all
the options. You enter your capture
interface. You've got a whole bunch of sort of like, where do you
want to save this output? What's the format that you
want to save it? And at the end, you're given
a command to copy, paste in your
terminal, and away you go.
Very nice. Well,
Joe, I think that's the
end of the picks.
And unless you've got anything else you'd like to add today,
I think that's going to wrap up Linux Unplugged 265.
Yeah, I think we did an okay job while the boss is away.
You know, it was definitely a quick episode.
There's been lots going on over here,
but never fear, you can't stop Linux Unplugged and you can't stop Jupyter Broadcasting.
You're probably saying that wasn't enough Linux Unplugged for me. And you know what? I Broadcasting, you're probably saying, that wasn't enough Linux
Unplugged for me. And you know what? I feel you. So don't worry. We'll be back next week. You can
tune in. Join the mumble room. We do this thing at 2 p.m. Pacific time. JupyterBroadcasting.com
for a whole bunch more, but JupyterBroadcasting.com slash calendar to get that converted to your local
time. You can go to LinuxUnplugged.com slash 265 to get all the details and show notes.
And of course, linuxunplugged.com slash subscribe
if you want to just make sure
you always get the latest Linux Unplugged.
Of course, we have many wonderful contributors.
You get to be a part of this mumble room if you want to.
Please do join us.
It's always a lot of fun.
You can, of course, find the wonderful Popey
over at the Ubuntu podcast.
And you can find Joe
all over the place. He's at Joe
Ressington. And make sure you check out
Linux Action News this week and the
always fabulous Late Night Linux.
I'm at
Wes Payne and the whole darn network,
well, that's at Jupiter Signal.
Thank you for joining me so much,
Joe.
We'll see you maybe next week. thanks for joining us everyone sorry it was a short one today. I wish I had more to contribute.
Yeah, I just didn't have much to add today.
I feel like I should have had more to say,
more in my head to say about 3.30 since I'm supposed to be helping with our social media for it.
I was too busy enjoying a steak.
Think about it and be ready for next week's Unplugged, sir.
Yeah, next week's going to be huge.
I've already got it blocked off on my calendar and I'm probably even just going to take a few hours off of work because between the Libre
Application Summit and GNOME 3.30, I'm going to try and make some notes and come properly prepared.
Excellent. You're a blessing to us all. All my thoughts are around the conference I'm driving
out to tomorrow. I'm really excited to get away from my routine, get away from the house and take a few days off work and just hang out with a bunch of other nerds.
Which conference is that then?
Oh, that would be the Libre Application Summit, right, Eric?
Oh, Wes listens to me.
I sure do.
Yeah.
I was going to say, I didn't want to presume, but I had heard you talking about it. Yeah,
that sounds really cool, man. There's going to be people from all sorts of communities there,
aren't there?
Yeah, it's going to be nice to
meet, like, in particular, I'm looking
forward to meeting the folks from Elementary.
Talk to both of them
quite a bit on the show and
in IRC and that kind of thing. So it'll be fun
to just get to meet a bunch of these
folks in person. You know, you really just can't
replace that in-person feeling.
Even if you get to talk to them every week
here, there's something about seeing someone
in person, giving them a hug, and just
having some time to hash out
everything you want to talk about. You just can't replace.
Yeah, and you can't replace that hangover feel
the next day after you've been out for drinks
all night. No, that's an important aspect.
Yeah, I take it there's going to be
plenty of that as well then. Oh, there's
plans flying around and they're trying to
figure out how much of a budget there is for drink tokens like no no we don't we don't need drink tokens
that would just make it worse right yeah you want a self-limiting supply yeah exactly oh i'm really
envious now i really wanted to go to that but unfortunately it was the wrong time of year
yeah you'll really have to be the uh ambassador there eric i'm excited for that i was toying with
the idea of taking my setup here just in
case there's some thoughts or something I want to record. But I've also set up a one-click
ghost deployment on DigitalOcean. And I'm just going to try and, if nothing else, I'm just going
to try and start blogging about everything that happens just to record it. Oh, excellent. Yeah,
that'd be a good read.