Episode 413 Show Notes

Welcome to mintCast

the Podcast by the Linux Mint Community for All Users of Linux

This is Episode 413!

This is Episode 413.5!

Recorded on Sunday, May 28, 2023

Basking in sunshine, I’m Majid, Frying in Texas im Joe, I’m still Moss, still fabulous, I’m Bill,

— Play Standard Intro —

• First up in the news, Arch migrates Git, Ubuntu changes PPAs, Fedora Onyx is approved, Google to remove old accounts, Debian re-imposes a moratorium, Proton goes Family, Red Hat unveils a new Desktop, Fedora plans to drop X11, Thunderbird gets a new logo;
• In security and privacy, Google’s 2FA isn’t private enough;
• Then in our Wanderings, Joe is manacled to his office, Moss kicks the tires on the new Bodhi, Majid is off to University and Bill migrates;

• In our Innards section, we talk all things Git …
• And finally, the feedback and a couple of suggestions

— Play News Transition Bumper —

The News

20 minutes

• Arch Migrates Git
  • On May 19^th, the Git packaging migration for Arch began, ending on the 21^st. During that time, the Arch Linux packaging team was not able to update packages in any of the repositories.
  • How does this impact Arch Linux users?
    • The [testing] repository will be split into [core-testing] and [extra-testing], the [staging] repository will be split into [core-staging] and [extra-staging]. The [community] repository will be merged into [extra] and will therefore be empty after the migration.
    • All affected repositories will be provided as empty repositories for a transition period after the migration. For regular users, this means that everything works as before.
    • Note: After the migration is done, users that have the testing repositories enabled need to include the new repositories ([core-testing] and [extra-testing] instead of [testing]) in their pacman.conf before updating their system.
    • Other changes:
      • SVN access is discontinued and will dissappear.
      • The svn2git mirror will no longer be updated.
      • asp, which relies on the svn2git mirror, will stop working. It is replaced by pkgctl repo clone.
  • How does this impact Arch Linux tier 1 mirrors?
    • During the migration rsync and HTTP access will be shut down. We will send an email notification to arch-mirrors once everything has been finished.
  • How does this impact Arch Linux packagers?
    • Packagers will not be able to patch and update their packages. The internal Tier 0 mirror is also going to be disabled for the duration of this migration.
  • At mintCast, we assume the migration was completed effectively, and hope that all Arch based distros got the message and responded accordingly.
• Ubuntu Makes “Significant Changes” to PPAs for 23.10 Moss
  • from OMGUbuntu
  • A new version of the software-properties package is rolling out to Mantic Minotaur daily builds. The update makes brings a “significant change” to the way personal package archives (better known as PPAs) are managed on Ubuntu systems.
  • What’s changing?
  • Well, in current versions of Ubuntu when you add a PPA (via the command line — you can add them via Software & Updates but I’m not sure how key handling works there) a .list file for the PPA is created in /etc/apt/sources.list.d/, and the corresponding gpg keyring placed at /etc/apt/trusted.gpg.d.
  • From 23.10 onwards, PPAs will be added as deb822-formatted .sources files, which have their corresponding gpg keys “directly embedded into the file’s Signed-Byfield”, according to Ubuntu devs.
  • They say this change offers a number of benefits:
    • Removing a PPA will now removes its associated key
    • Keys are unique to a PPA and cannot be used for other repositories
    • Other keys cannot be used to sign a PPA
  • Or, for the tl;dr: it’s safer and simpler, innit.
  • Devs say they “these enhancements will enhance the security and reliability of managing PPAs” on Ubuntu. Now, I’m not a repo expert by any stretch, much less a security expert, but from the sounds of things that’s exactly what this change will do.
  • Despite their comparative convenience PPAs aren’t actually considered all that safe. Downsides including PPAs having root access to your system.
  • In theory, you could add a PPA to install foo, and it works wells. A few days later the maintainer of the PPA uploads a totally different, and malicious app, named foo and it gets installed on your system alongside your other software updates and… Well, who knows!
  • Thankfully, as far as I am aware, nothing like this has ever happened (though plenty of inadvertent system screws-up caused by PPA maintainers later adding updated/unstable versions of core system packages has).
  • Anyway – the new approach Ubuntu devs outline today can’t wave away all of those vectors, but it has to be said that improving security and emphasising trust between the user adding a PPA and the person maintaining the PPA is certainly a welcome step.
  • Look forward to no longer needing to delete a ton of .list files for PPAs you no longer use.
  • More details in the Ubuntu Developer mailing list announcement, and be sure to let me know your thoughts on PPAs (either regarding this change or just in general) down in the comments.
• Fedora Onyx, Immutable and with Budgie, approved for Fedora 39
  • from 9to5 Linux
  • Fedora Onyx, an upcoming variant of the Fedora Linux operating system focused on offering an immutable system featuring the Budgie desktop environment, has been approved for the upcoming Fedora Linux 39 release.
  • At the end of April 2023, Budgie Desktop developer and Solus maintainer Joshua Strobl proposed an official immutable / emerging variant of Fedora Linux with the Budgie desktop environment, complementing the Fedora Budgie Spin that was introduced with the Fedora Linux 38 release.
  • Fedora Onyx aims to offer Fedora Linux users yet another immutable/atomic desktop operating system in the style of Fedora Silverblue, Fedora Kinoite, and Fedora Sericea, leveraging technologies like rpm-ostree, Podman, toolbx, and Flatpak. An immutable system is never modified after it’s been deployed.
  • “By actively building on and leveraging technologies adopted by similar immutable variants from Fedora (Kinoite, Sericea, and Silverblue), Fedora Onyx may help to strengthen those variants by putting more contributors behind building and maturing our shared technologies,” said Joshua Strobl in the proposal.
  • The proposal has been recently approved by the Fedora Engineering Steering Committee (FESCo) and Fedora Onyx is now set to see the light of day as part of the upcoming Fedora Linux 39 release, due out in mid-October 2023.
  • The good news for those wishing to use the Budgie desktop environment on top of their immutable Fedora Linux system is that when Fedora Onyx will be out existing users with ostree installations will be able to seamlessly rebase their systems to Fedora Onyx in the same way they would do using any other official variant.
  • Of course, Fedora Onyx should also be available as a downloadable ISO image, but we don’t know yet what architectures will be supported at the moment of the release.
  • Let’s hope that until Fedora Linux 39 hits the public beta channel I will be able to take Fedora Onyx for a quick test drive to give you guys a proper first look and talk more about its benefits over other Fedora Linux spins.
  • As for Fedora Linux 39, it will offer many other exciting new features like fedora-autofirstboot for all desktop variants to run a predetermined set of tasks during the first boot after installation, such as installing codecs or cleaning up installer packages, and DNF5 as the new default packaging tool.
  • Fedora Linux 39 will also support the automatic enablement of persistent overlays when flashing Fedora Linux live media to USB sticks and enable DNF/RPM Copy on Write for all variants to reduce the amount of I/O and offsets CPU cost of package decompression.
• Google To Start Removing Inactive Accounts After 2 Years – Majid
  • from ArsTechnica
  • You may have thought a Google account was forever, but the company’s latest blog post details a new policy of deleting inactive Google accounts. The new deadline is two years—if your account hasn’t seen “activity” in that amount of time, Google is going to delete your data forever.
  • The company pitches this as a way to prevent spam. The blog post says that “abandoned accounts are at least 10x less likely than active accounts to have 2-step-verification set up,” and once they get compromised, they become vectors for spam and identity theft. Deleting old accounts and freeing up storage is also probably a good way to cut costs, which has been a thing at Google lately.
  • Google’s inactive account policy only applies to individual accounts. If you’re a business account and paying a monthly fee, it’s no shock that you can stay inactive for as long as the money arrives. Google says: “The simplest way to keep a Google Account active is to sign-in at least once every 2 years.” That’s all it takes to be active. Google also lists a few examples of “activity” if you’re already signed in:
    • Activity might include these types of actions you take when you sign in or while you’re signed in to your Google Account:
      • Reading or sending an email
      • Using Google Drive
      • Watching a YouTube video
      • Downloading an app on the Google Play Store
      • Using Google Search
      • Using Sign in with Google to sign in to a third-party app or service
  • Other “inactive” documentation on Google’s support system lists ‘Android check-ins’ as a viable form of activity. So theoretically plugging in an Android phone would be enough to keep your account active forever. It also says paying a Google One storage subscription counts as “activity.” Interestingly, Google Photos seems to have its own entirely separate “activity” metrics that could result in only your photos being deleted. Photos requires visiting the Google Photos app or website, or uploading a photo every two years.
  • People who are already over the “inactive for two years” mark won’t have their accounts deleted immediately. The Great Google Account Purge is officially scheduled for December 2023. Having your account deleted shouldn’t be a surprise to anyone, with Google promising to send “multiple notifications over the months leading up to deletion, to both the account email address and the recovery email (if one has been provided).”
• Google Chrome’s 2023 UI Refresh on Ubuntu – Majid
  • from OMGUbuntu
  • It seems Google Chrome is getting a minor makeover later this year, and if you’re riding the browser’s development channel on Ubuntu1 you can opt-in to try the new look out now.
  • As UI changes go, the one Google’s cooking up isn’t overly radical on Linux — at least, not to my sensibilities. If you’re the sort of person who fears UI changes — and if we’re honest they don’t always make things better — you can kind of relax.
  • Tabs are more curvaceous (first time I’ve ever used that word in a blog post, I think); the ‘new tab’ button and the ‘search tabs’ menu gain backgrounds (thus more visual prominence); and (my favourite tweak) the toolbar finally gives icons some room to breath.
  • The omnibox (aka address bar) is thicker, and the font-size for web addresses (and any queries you type inside of it) smaller. A new “options” icon replaces the traditional padlock motif beside a URL. This is to indicate that you can click the icon to access cookie settings, permissions etc.
  • More pronounced changes are on show in the main menu thanks to the (re)introduction of (new) menu icons, and more liberal use of padding/margins. The main menu, context menus, and other in-Chrome pop-overs (like the Search tabs UI) also now use rounded corners.
  • Tab bar dividers are a lighter colour than previously, and hovering over a background tab now shows a rounded rectangle accent rather than, as before, an outline of the full active tab shape.
  • Google added new customisation options to Chrome recently, including “Chrome Colors”. This latter feature lets you pick from a fairly wide selection of colour pairs to prettify Chrome’s chrome with, or you can use the included colour picker to pick out a hue/shade/tone from whatever is on screen.
  • Want to try these changes yourself? You can — all you need is the latest Google Chrome unstable build.
  • If the official Google Chrome repo is configured on your distro (it gets set up when you install Chrome on Ubuntu using the official DEB or RPM packages) you can install the google-chrome-unstable package. This does not replace the stable version; dev builds can be run alongside stable builds.
  • Then, to enable the Chrome Refresh 2023 look:

1. Go to chrome://flags/#chrome-refresh-2023 in a new tab
2. Change ‘default’ to ‘enabled’
3. Go to chrome://flags/#chrome-webui-refresh-2023 in a new tab
4. Change ‘default’ to ‘enabled’
5. Restart the browser as prompted

• To “undo” the changes repeat the steps above but change “enabled” to “default”.
• There are also changes planned for Google Chrome’s omnibox (aka address bar) and NTP — though these are in varying stages of usefulness right now. Search for “CR23” and “NTP” in chrome:flags to explore the proposals — just be aware not all are wired to use ‘real world’ data yet, so YMMV.

• The flags for these UI changes use the word “refresh” and that’s spot on. A major redesign of Chrome this is not. Instead, Google designers are giving the browser — still the world’s most popular, fyi — a quick spruce to bring it up to date with the “Material You” design aesthetic it uses on Android.
• Could Google have bigger changes in the pipeline than the ones previewed here? Yes – such is the nature of development! As such nothing showcased in the post should be thought of as final until Google announces the changes formally and they make their way to stable builds.
• Debian Votes to Reinstate Merged-usr File Movement Moratorium
  • from Phoronix
  • The Debian Technical Committee has voted to reinstate the merged-/usr file movement moratorium.
  • Over the course of Debian 12 “Bookworm” development there has been some questions left open by developers around the state of a merged /usr file-system layout and upgrade path handling for existing Debian 11 users. While previously was the recommendation of a merged-/usr for Debian 12, it looks like this effort won’t be wrapped up now until Debian 13 “Trixie”.
  • The Debian Technical Committee voted in favor of reinstating the merged-/usr file movement moratorium. The Debian TC statement reads:
    • “Under Constitution 6.1.5, the Technical Committee recommends that the maintainers of individual packages should not proactively move files from the root filesystem to corresponding locations under /usr in the data.tar.* of packages. So, /foo/bar should not move to /usr/foo/bar.
    • Files that are in /usr in the Debian 12 release should remain in /usr, while files that are in /bin, /lib* or /sbin in the Debian 12 release should remain in those directories. If any files are moved from /bin, /lib* or /sbin into /usr after the Debian 12 release, they should be moved back to their Debian 12 locations.
    • This moratorium lasts until we vote to repeal it. We expect to do that during the trixie development cycle, and sooner rather than later. We will continue to facilitate efforts to resolve the remaining issues that stand in the way of safely repealing the moratorium.”
• Proton Unveils Family Plan – Majid
  • from Proton Blog
  • On May 23, Proton introduced Proton Family, an all-in-one plan to protect your family’s privacy.
  • When you’re a parent, you do everything you can to prepare for the unexpected and keep your family safe. But extending this protection online is difficult unless you’re particularly tech-savvy — until now. The Proton Family plan lets you protect your loved ones by giving them access to all Proton services and premium features. Up to six family members share 3 TB of storage space, and everyone gets their own encrypted email address, calendar, secure storage for their files, and VPN to browse securely.
  • It’s a great way to quickly improve your family’s digital security and privacy. Proton makes things simple by handling all the encryption automatically in the background. This plan includes all Proton services – Mail, Drive, Calendar, VPN – including paid services to be added later, such as the Password Manager now in beta.
  • Cost is 19.99 Euros per month for the whole family.
• Red Hat Reveals Podman Desktop 1.0
  • from Red Hat blog
  • As containerization continues to gain popularity in the world of enterprise software development, there is also growing demand for tools and technologies that make container management more accessible and efficient. One such tool is Podman Desktop, which provides a user-friendly interface for managing containers and working with Kubernetes from a local machine (Figure 1).
  • After months of hard work, we are excited to announce the general availability (GA) of Podman Desktop 1.0. Let’s explore what Podman Desktop is and why it can be advantageous for enterprise developers.
  • Podman Desktop is a container management tool that lets developers easily create, manage, and deploy containers on their local machine. Podman Desktop downloads, installs, and abstracts away the configuration of the underlying environment. This makes it a lightweight and efficient option for container management without the overhead of having to administer everything locally.
  • The main advantage of using a UI like Podman Desktop for container management, especially for enterprise developers, is that it simplifies the process of working with containers. You can easily view and manage all containers in one place rather than having to remember and type out complex command-line commands. This saves time and reduces the risk of errors when managing multiple containers or complex container configurations.
  • Another advantage of using Podman Desktop is that it can help developers who are new to containerization get started more easily. The user-friendly interface and simplified management process make it easier for developers who might be intimidated by the command-line interface of other container management tools to get started with containerization. This can help organizations onboard new developers more quickly and reduce the learning curve for containerization.
  • For developers interested in Kubernetes or targeting it as a deployment platform, Podman Desktop provides the ability to natively work with Kubernetes objects, which helps to gradually and naturally transition from containers to Kubernetes. Podman Desktop also provides an out-of-the-box Kubernetes environment based on Kind. This means that developers can create and test applications in an environment that closely mirrors production, preventing configuration changes between development and production and ensuring a smooth transition from one environment to another.
• Fedora Intends To Completely Drop X11 in Plasma 6 Moss
  • from linuxiac.com
  • For years, one of the most hotly debated topics on the Linux desktop has been the replacement of the X11 protocol with Wayland. Moreover, despite popular belief that X11 is already too old and that Wayland is the way to go, X11 is generally still supported in all Linux distributions for various reasons.
  • However, the Fedora KDE Plasma spin developers have plans to take a significant move by dropping support for X11 entirely following the release of Plasma 6, which is currently in early development. Here are their main arguments behind this decision.
  • Fedora and its derivatives are closely linked to Red Hat and its enterprise distribution, RHEL. This means the distribution inherits and conforms to many of Red Hat’s decisions.
  • One of them is that the Xorg display server has been deprecated since the release of RHEL 9.0 in May 2022 and will most likely be removed in future major RHEL releases.
  • So it is unsurprising that the Fedora developers follow Red Hat’s recommendations. Ultimately, they are related projects, with Fedora being “upstream” of Red Hat Enterprise Linux.
  • Let’s face it – X11 is old. I mean, really old. The X window system was first introduced in 1984, but computers have evolved significantly since the 1980s. So, the design of X11 is unsuitable for modern hardware or use cases.
  • Wayland emerged in 2008 to replace it. It operates entirely differently than X11; it is considerably simpler, and its architecture reflects modern hardware, ranging from embedded devices to desktop PCs.
  • In practice, in recent years, Xorg does not receive any development and is only kept alive with some patches. Furthermore, there aren’t enough developers willing to put in the time and effort. In other words, the question is not if but when the project will be declared discontinued.
  • At the same time, Wayland enjoys active development and successfully meets the needs of modern computer systems. So, Fedora KDE Plasma developers see the upcoming Plasma 6 release as a good starting point to say goodbye to the past with an eye to the future.
  • Wayland hasn’t yet fully taken X11’s place, owing to its lack of stability when working with various applications and GPU drivers. However, many still rely on X11, so developers can’t replace a 40-year-old window system overnight.
  • However, this is losing strength as an argument, as nearly every modern application and GPU drivers already offer good Wayland compatibility. This is especially true with the KDE desktop environment.
  • The developers of Plasma strongly recommend that Wayland be adopted as the default session type in the upcoming 6.0 release of the desktop environment. Something that has been taken into account by the Fedora KDE spin team.
  • What’s Next for Fedora KDE? First and foremost, it should be made clear that switching entirely to Wayland and removing support for X11 currently only affects the Fedora KDE Plasma spin and is at the proposal stage. Whether it will be accepted as final is yet to be seen, but initial expectations are that it will happen.
  • Meanwhile, the KDE Plasma desktop developers have not yet committed to any roadmap for the 6.0 release, simply stating that it is expected by the end of the year.
  • This means that even if the proposal is approved, it will not become a reality until the Fedora 40 KDE Plasma release, which will happen around late April 2024, along with the main Fedora 40 release.
  • Finally, transitioning to Wayland-only does not imply that X11 applications will no longer work in Plasma 6 in the Fedora KDE spin. Don’t forget about Xwayland – a compatibility layer that bridges the Wayland protocol and the legacy X11 applications.
  • In other words, by utilizing Xwayland, users can run their favorite X11 applications without needing to be rewritten or adapted for Wayland.
  • In any case, news about the discontinuation of X11 support in favor of Wayland from various Linux distributions will become more common over the next few years, which is quite normal given the evolution of Linux as a fully functional desktop operating system ready to cover the daily needs of an everyday computer user.
• Thunderbird Gets a Brand New Logo
  • From blog.thunderbird.net (via londoner)
  • Quote from blog dated May 24: “After nearly 20 years, we are thrilled to share a completely redesigned Thunderbird logo that honors our history and vital connection to Mozilla, while carrying us forward into the next 20 years.
  • It’s no secret that after many years of being viewed as stagnant, Thunderbird is enjoying a resurgence. Our project is thriving with a renewed sense of purpose, and we see an invigorating energy bubbling up from our users, our community of contributors, and our core team.
  • Just like the software, the current Thunderbird logo has seen small, iterative improvements throughout the last 20 years. But now the software is evolving into something more modern (while retaining its powerful customization) and we believe it deserves a fresh logo that properly represents this revitalization.
  • But you should never forget your roots, which is why we asked Jon Hicks, the creator of the original Firefox and Thunderbird logos, to re-imagine his iconic design in light of Thunderbird’s exciting future.
  • Here’s a look at our new logo across Linux, Windows, macOS, Android, and iOS.
  • 
  • Yes, we have officially added an iOS version of Thunderbird to our future development roadmap. Expect more concrete news about this toward the end of 2023.
  • When can you see it integrated with Thunderbird itself? Our plan is to incorporate it into Thunderbird 115 (code-named “Supernova“) this summer. During the next few months, we’ll also gradually redesign our website and update the branding on various social channels and communication platforms.
    We understand that change can be uncomfortable, but we hope you agree this is a positive new look for the project. I encourage everyone to do what we did throughout this process: to live with the new design for a while. Let it breathe, let it sink in, and let us know what you think after a few days.
  • We all have a soft spot for the old Thunderbird logo (which I affectionately call the “wig on an envelope”), but our project is changing in big, positive ways, and we want to clearly show that to the world with a beautiful, revitalized logo and icon.” End of quote.

— Play Security Transition Bumper —

Security and Privacy

10 minutes

• Google’s New 2FA Isn’t End-to-End Encrypted
  • from Gizmodo
  • A new two-factor authentication tool from Google isn’t end-to-end encrypted, which could expose users to significant security risks, a test by security researchers found.
  • Google’s Authenticator app provides unique codes that website logins may ask for as a second layer of security on top of passwords. On Monday, Google announced a long-awaited feature, which lets you sync Authenticator to a Google account and use it across multiple devices. That’s great news, because in the past, you could end up locked out of your account if you lost the phone with the authentication app installed.
  • But when app developers and security researchers at the software company Mysk took a look under the hood, they found the underlying data isn’t end-to-end encrypted.
  • “We tested the feature as soon as Google released it. We realized that the app didn’t prompt or offer an option to use a passphrase to protect the secrets,” said Tommy Mysk, one of the researchers who uncovered the problem, in a conversation with Gizmodo.
  • When Mysk and his partner Talal Haj Bakry analyzed the network traffic as the app synced with Google servers, they found the data is not end-to-end encrypted.“This means that Google can see the secrets, likely even while they’re stored on their servers,” the Mysk team wrote on Twitter. In the security community, “secrets” is the term for credentials that work as a key to unlock an account or a tool.
  • You can use Google Authenticator without tying it to your Google account or syncing it across devices, which avoids this issue. Unfortunately, that means it might be best to avoid a useful feature that users spent years clamoring for. “The bottom line: although syncing 2FA secrets across devices is convenient, it comes at the expense of your privacy,” Mysk wrote. “We recommend using the app without the new syncing feature for now.”
  • The tests found the unencrypted traffic contains a “seed” that’s used to generate the two-factor authentication codes. According to Mysk, anyone with access to that seed can generate their own codes for your accounts and break in.
  • “If Google servers were compromised, secrets would leak,” Mysk said. Adding insult to injury, QR codes involved with setting up two-factor authentication also contain the name of the account or service (Amazon or Twitter, for example). “The attacker can also know which accounts you have. This is particularly risky if you’re an activist and run other Twitter accounts anonymously.”
  • But it’s not just cyber criminals you need to worry about. “Google or Google staff can access this data,” Mysk said.
  • Google acknowledged that the data is not end-to-end encrypted, but said the security feature is coming at some point.
  • “End-to-End Encryption (E2EE) is a powerful feature that provides extra protections, but at the cost of enabling users to get locked out of their own data without recovery,” said Christiaan Brand, group product manager at Google. “To ensure that we’re offering a full set of options for users, we have also begun rolling out optional E2EE in some of our products, and we plan to offer E2EE for Google Authenticator in the future.” Braand posted a Twitter thread with more details.
  • The lack of encryption means Google could in theory look at the data and learn what apps and services you use, which can be valuable for a number of purposes, including targeted ads. “Allowing a tech giant thirsty for data like Google to establish a graph of all accounts and services each user has is not a good thing,” Mysk said.
  • The issue comes as a surprise, given Google’s history with similar tools. Google has a vaguely similar feature that lets you sync data from Google Chrome across devices. There, the company gives users the option to set up a password to protect that data, keeping it away from prying eyes at Google and protecting it from anyone else who might intercept it.
  • “2FA secrets are considered sensitive data, just like passwords. Google already supports passphrases for syncing Chrome data. So we expected that 2FA secrets be treated the same,” Mysk said.

— Play Wanderings Transition Bumper —

Bi-Weekly Wanderings

30 minutes (~5-8 mins each)

• Joe
  • Well I can’t say that it has been too interesting the past couple of weeks but there have been some things
  • 3d printed some adapters and extenders for some of the mounts for my theater chair. Just to give more options on how I place my phone and camera. This is based off of the mic mount that I made for my workspace in the living room. It is fairly simple but that is how I like my designs.
  • I have started looking at broken lapdocks on eBay to see if I can one at a good price and see if I can get it working again as I think it would be interesting to work on
  • I installed scrcpy on my Dell venue 11 an tried out the wireless adb version with it, It worked well with the wired version but the connection was terrible with wifi. I have used it wirelessly on several other devices so I think it must be the wifi on the tablet itself. I have a couple of ideas for solutions that I should check out. Or get another USB 3.0 hub when I can.
    • If you don’t know what scrcpy is it mirrors your Android phone onto your Linux machine using adb. Adb wireless is actually pretty easy to setup as well and you only need to hook up the phone for a few seconds to turn the function on. It also allows you to interact with the touch screen.
  • I had my listening speed pushed up to 5x for a few days before quality forced me to bring it back down. it was a good way to work my way through a series quickly and I will try again. The more I practice the easier it will get and the less I will be concerned with the quality.
  • Work is really knuckling down on coming back into the office so I have been working a lot with getting used to going into the office and being there. My manager really wants us there 3 days a week and 8 hours a day. One of the things this means is that I am back to figuring out different devices that I can use that do not violate the policies that are in place and still have the freedom to do the things that I want while also getting my job done. I’m not watching YouTube or trolling Facebook but I am doing research as needed and some light journaling and maybe putting together some show notes
    • previously I was using easytether to provide my tablets with internet so that I am not having them on works network. I have come up with different setups over the years but I like what I am using now.
    • I have started using the built in tethering along with a VPN which allows me to use a wifi connection and share it with the device that I am hooked to and the network to be connected to my home network with the VPN without having to reset up on every device that I might use.
  • I am also going on vacation to Florida shortly. Not sure that I can afford it but I really need to get away for a little while and I know that JJ is looking forward to spending some time with his grandparents.
  • But I would also like to get a couple of other things all set up at my dads house. I think that I have an old pi 3 or 2 sitting around and I want to get it up and running with 2tb worth of external storage and create an offsite backup. Obviously I will also need to setup as much remote management as possible with the device. This might be better and easier with a laptop or one of the Linux running tablets that I have, But it will also require me setting it up in such a way that it will not get disconnected for at least a year.
  • I tried out printing something for the inside of my car. Just a coverplate for the ashtray for the back seat that I have also attached an accessory port to. I think it came out well. The interior size is good enough to hold it into place but I have see some warping and I need to print the outer portion a bunch wider to cover the rest of the slot. I think that I will be printing it again with either a deeper mounting portion or just thicker so that it is less impacted by the heat in the car.
• Moss
  • All year I’ve been complaining about lack of teaching assignments. The week after the last show, I had 3 assignments in a single week. But of course, the school year ended. I had 7 total assignments in May, more than any other month.
  • Bodhi 7 Beta was released. There are a couple of small bugs before it goes to RC. I have it installed on my laptop; as of this writing, I am still running Alpha5 on my desktop. The themes are spectacular as always, and the new browser picker is great. I’m still waiting for an office picker app, but Robert tells me it is in the works. If you don’t know how much I love this distro you have not been listening to mintCast.
  • I have another online concert June 11 at 19:00 ET via Zoom. If you’re interested, look up Festival of the Living Rooms; sadly, it’s probably on a Facebook page.
  • I recorded Full Circle Weekly News on Tuesday, May 23. And then I re-recorded most of the second half and spent two hours with cut and paste. Apparently my sound box glitched out a few times during the recording. I’m looking into it.
• Majid
  • Still trying to sell that MacBook!
  • First time in a long time decided to root/custom rom a phone. Got a OnePlus 6 specifically for trying out Linux (Ubuntu Touch or PostmarketOS), but my daughter has been using it regularly so decided to stick with Android. As its a 6, it’s EOL now on Android 10. Thought I’d go for the pixel experience ROM. Initially thought Lineage (as I’ve used it before on multiple devices) but I find the stock apps a bit rubbish, and so end up putting gapps on. With PE, I’ll get them altogether including a Gcam. So this was a bit of fail. I couldn’t access the wiki or download pages for PE. This could be just due to the wesbite being down, but I wondered if my ISP was blocking it. I then decided to run my VPN, then realised I hadnt got round to installing it on this box. Why do I need a VPN to download a VPN? I am in the slightly ridiculous situation of having 3 VPNs (Nord, Surfshark and Proton) on my system. For reasons I can’t fathom, I need to have at least Proton running to even access the websites that have the Linux clients for Nord or Surfshark. Even the case with browser extensions for vivaldi/firefox. Am I missing something?
  • Anyhoo, I did the the only thing one can do in this situation, and that is I went back to Lineage O
  • My browsing of browsers continues, now I’m trying GNOME Web since finding out it’s based on webkit. Still underfeatured.
  • In more headphone-churn, I returned the Sony Linkbuds S that I bought recently. The sound was ok, improved a lot after I fiddled with the EQ settings. ANC was average, and at the end of the day they didn’t seem to be worth the price ($150). I had headphones which sounded just as good which were half the price, so thought I couldn’t justify the expense. Might regret it though, as I am missing them! The was an upside from this misadventure as I got to understand EQ settings better and used that to improve the sound quality on some of my other devices.
  • Had a bit of a tech-intersection at work. We normally do an introductory tour for the new doctors when they come in Feb or Aug. This time we thought it’d be better to make a video tour that we can send them in advance. The cameraman was a good guy and showed me some of the kit and software he was using. Enjoyed it!
  • On a personal note, went to the funeral of friend’s mother. Poor lady had fallen ill few months ago with metastatic cancer, and a few months later she was gone. Sobering thought. Was good to see the mosque packed out with mourners.
  • Survived my 24-hour shift at the hospital. In the end got a couple of hours sleep so taking it was a win.
  • Off to Oxford tomorrow for a bit of R&R with the wife. Will be staying at the Castle, and so so planning on seeing the historical university, etc.
• Bill
  • So the migration of all my websites including mintcast.org to docker containers on my big servers is now complete. Linuxotc.org, 3ftpodcast.org, and wchouser3.com have been moved over for a couple weeks now. I waited another week before completing the mintcast.org migration to make sure everything would run smoothly on the other sites. So far I have to say the transition has been a positive experience. The only hiccups I’ve ran into are those that you would encounter in many migration cases where links don’t get changed correctly. For example this go around, a background image was linked to the local ip of the machine the web server is installed on. This could happen in any migration. My thanks to initrd for helping me though. I have to say – for anyone considering building a website, the WordPress Docker image is the way to go. It gets you up and running in no time. One caviat is that if you are going to point a domain at the site with TLS (https) you have to stand a reverse proxy up in front if it; I already had one of those set up so that was trivial for my use case. Folks should notice a slight performance boost as the site is now installed on a proper x86 server rig. The machine mintcast.org and linuxotc.org is installed on is a Dell/EMC PowerEdge T40 with a quad core Intel Xeon E-2224G at 4.7GHz with 64Gb of ram and a Samsung 980 Pro NVMe. I’ve been running other stuff on this machine for about 4 years now, and it has proved to be an absolute powerhouse machine. It’s also the server that runs my Jellyfin instance as well as my “audiobokshelf.” This migration will simplify management for me by reducing the number of production server machines I have to maintain from 6 to 2. Prior to this change my server workload was split up between the two big x86 machines and 4 Raspberry Pi’s of various iteration. This is especially important if I have to do any server maintenance from the road.

— Play Innards Transition Bumper —

Linux Innards

30 minutes (~5-8 minutes each)It’s

Much of this was pulled from articles whole and collated here

• Git, GitHub, GitLab, Gogs, Gitea, Gitee, Codeberg
  • Git is a distributed version control system that tracks changes in any set of computer files, usually used for coordinating work among programmers collaboratively developing source code during software development. Its goals include speed, data integrity, and support for distributed, non-linear workflows (thousands of parallel branches running on different computers).
  • Git was originally authored by Linus Torvalds in 2005 for development of the Linux kernel, with other kernel developers contributing to its initial development. Since 2005, Junio Hamano has been the core maintainer. As with most other distributed version control systems, and unlike most client–server systems, every Git directory on every computer is a full-fledged repository with complete history and full version-tracking abilities, independent of network access or a central server. Git is free and open-source software shared under the GPL-2.0-only license.
  • History
  • Git development was started by Torvalds in April 2005 when the proprietary source-control management (SCM) system used for Linux kernel development since 2002, BitKeeper, revoked its free license for Linux development.[14][15] The copyright holder of BitKeeper, Larry McVoy, claimed that Andrew Tridgell had created SourcePuller by reverse engineering the BitKeeper protocols.[16] The same incident also spurred the creation of another version-control system, Mercurial.
  • Torvalds wanted a distributed system that he could use like BitKeeper, but none of the available free systems met his needs. He cited an example of a source-control management system needing 30 seconds to apply a patch and update all associated metadata, and noted that this would not scale to the needs of Linux kernel development, where synchronizing with fellow maintainers could require 250 such actions at once. For his design criterion, he specified that patching should take no more than three seconds, and added three more goals:
    • Take Concurrent Versions System (CVS) as an example of what not to do; if in doubt, make the exact opposite decision.
    • Support a distributed, BitKeeper-like workflow.
    • Include very strong safeguards against corruption, either accidental or malicious.
  • These criteria eliminated every version-control system in use at the time, so immediately after the 2.6.12-rc2 Linux kernel development release, Torvalds set out to write his own.
  • The development of Git began on 3 April 2005.Torvalds announced the project on 6 April and became self-hosting the next day. The first merge of multiple branches took place on 18 April. Torvalds achieved his performance goals; on 29 April, the nascent Git was benchmarked recording patches to the Linux kernel tree at the rate of 6.7 patches per second. On 16 June, Git managed the kernel 2.6.12 release.
  • Torvalds turned over maintenance on 26 July 2005 to Junio Hamano, a major contributor to the project. Hamano was responsible for the 1.0 release on 21 December 2005.
  • Naming
  • Torvalds sarcastically quipped about the name git (which means “unpleasant person” in British English slang): “I’m an egotistical bastard, and I name all my projects after myself. First ‘Linux’, now ‘git’.” The man page describes Git as “the stupid content tracker”. The read-me file of the source code elaborates further:
    • “git” can mean anything, depending on your mood.
    • Random three-letter combination that is pronounceable, and not actually used by any common UNIX command. The fact that it is a mispronunciation of “get” may or may not be relevant.
    • Stupid. Contemptible and despicable. Simple. Take your pick from the dictionary of slang.
    • “Global information tracker”: you’re in a good mood, and it actually works for you. Angels sing, and a light suddenly fills the room.
    • “Goddamn idiotic truckload of sh*t”: when it breaks.
  • The source code for Git refers to the program as, “the information manager from hell”.

• GitHub and GitLab
  • While Git is a standalone tool that doesn’t rely on central repositories, there are external Git repositories that you’ll most likely come across. These platforms significantly simplify data exchange between members of a development team, serve as an additional backup, and provide various additional functions like documentation, bug tracking, and quality assurance. For public projects, these repositories also act as an information and download page for anyone interested in the project. In essence, these modern web interfaces make it easy to begin and manage Git projects.
  • GitHub, Inc. is an Internet hosting service for software development and version control using Git. It provides the distributed version control of Git plus access control, bug tracking, software feature requests, task management, continuous integration, and wikis for every project. Development of the GitHub.com platform began on October 19, 2007 and the site was launched in April 2008. Headquartered in California, it has been a subsidiary of Microsoft since 2018.
  • It is commonly used to host open source software development projects. As of January 2023, GitHub reported having over 100 million developers and more than 372 million repositories, including at least 28 million public repositories. It is the largest source code host as of November 2021.
  • Users can choose to open a free account or select one of the multiple paid options. Recently, restrictions on private repositories were lifted, so you can now create unlimited projects that are visible only to selected users. The advantages of paid accounts are increased storage availability, the ability to include enterprise servers for authentication (single sign-on), and the additional support provided by GitHub.
  • If you use GitHub for all your software projects, then you effectively have a cloud solution for your source code. You won’t have to search for project data on multiple computers or in old backups because you know you can find everything on GitHub.
  • GitLab Inc. is an open-core company that operates GitLab, a DevOps software package which can develop, secure, and operate software. The open source software project was created by Ukrainian developer Dmytro Zaporozhets and Dutch developer Sytse Sijbrandij. In 2018, GitLab Inc. was considered the first partly-Ukrainian unicorn.
  • Since its foundation, GitLab Inc. promoted remote work, and is known to be among the largest all-remote companies in the world. GitLab has an estimated 30 million registered users, with 1 million being active licensed users.
  • GitLab Inc. was established in 2014 to continue the development of the open-source code-sharing platform launched in 2011 by Dmytro Zaporozhets. The company’s other co-founder Sytse Sijbrandij initially contributed to the project and, by 2012, decided to build a business around it. GitLab offers its platform as a freemium. Since its foundation, GitLab Inc. has been an all-remote company. By 2020, the company employed 1300 people in 65 countries.
  • GitLab also gives you the option of running a GitLab server in your own data center, which can reduce costs. Users can install the GitLab platform on their own server to manage Git projects. They can then use the software to develop commercial or open-source projects without their code or business data falling into the wrong hands.
  • If you’re taking a self-hosted GitLab approach, keep in mind that there are several components that must run on one or more servers. These include web applications based on Ruby on Rails, PostgreSQL database server, SSH server, Gitaly server, Redis database server, and Nginx web server.
• Gogs
  • Gogs is described on their website as “a painless self-hosted Git service.” Gogs can be hosted on all platforms supported by Go including Linux, macOS, and Windows. It can be hosted even on a Raspberry Pi.
• Gitea
  • Gitea is a forge software package for hosting software development version control using Git as well as other collaborative features like bug tracking, code review, continuous integration, kanban boards, tickets, and wikis. It supports self-hosting but also provides a free public first-party instance. It is a fork of Gogs and is written in Go. Gitea can be hosted on all platforms supported by Go including Linux, macOS, and Windows.
  • Gitea was created by Lunny Xiao, who was also a founder of the self-hosted Git service Gogs. He invited a group of users and contributors of Gogs. Though Gogs was an open-source project, its repository was under the control of a single maintainer, limiting the amount of input and speed with which the community could influence the development. Frustrated by this, the Gitea developers began Gitea as a fork of Gogs in November 2016 and established a community-driven model for its development. It had its official 1.0 release the following month, December 2016.
  • In October 2022, Gitea Limited was formed by Lunny Xiao. The company will offer paid services. The commercial ownership model, as opposed to the community/non-profit ownership model, received some resistance and resulted in the Forgejo software fork of Gitea. A major Gitea forge, Codeberg, was also unhappy with the new model and switched to Forgejo.
• Gitee
  • Gitee is an online forge that allows software version control using Git and is intended primarily for the hosting of open source software. It was launched by Shenzhen-based OSChina in 2013. Gitee claims to have more than 10 million repositories and 5 million users.
  • Gitee was chosen by the Ministry of Industry and Information Technology of the Chinese government to make an “independent, open-source code hosting platform for China”.
  • In May 18, 2022, Gitee announced all code will be manually reviewed before public availability. Gitee did not specify a reason for the change, though there was widespread speculation it was ordered by the Chinese government amid increasing online censorship in China.
• Codeberg
  • Codeberg is described on their website as “a democratic community-driven, non-profit software development platform operated by Codeberg e.V. and centered around Codeberg.org, a Forgejo-based software forge.
    On Codeberg you can develop your own Free Software projects, contribute to other projects, browse through inspiring and useful free software, share your knowledge or build your projects a home on the web using Codeberg Pages, just to name a few.
    Codeberg is not a for-profit corporation but an open community of free software enthusiasts providing a humane, non-commercial and privacy-friendly alternative to commercial services such as GitHub.

— Play Vibrations Transition Bumper —

Vibrations from the Ether

20 minutes (~5 minutes each)

— Play Check This Transition Bumper —

Check This Out

10 minutes

• Generate Secure Passwords on Linux Fast with ‘Key Cutter’
  • from omglinux.com (via londoner)
  • Most of us know that using complex (cOm_Pl3X) passwords is good security but coming up with passwords to satisfy the demands of pernickety sign-up forms can be an effort.
    Capital letter. Special character. Number. Hex code. Etc.
  • Okay, hex code is made up but hopefully you get my point!
  • Key Cutter (formerly known as Secrets) is a super-simple password generator app for Linux. Written in Python and GTK4/libadwaita, it does nothing more than generate random passwords when required. That’s it.
  • Obviously using a dedicated password manager (which often have generators built-in) or a web browser that suggests complex passwords in sign up forms is, arguably, more efficient but apps like Key Cutter have a place too. The app is NOT intended to replace your password manager but as a backup solution if the integrated password generator in, for example, Firefox doesn’t recognize the password field or you need to generate a password for an app where you can’t use your password manager.
  • It’s ideal for those times when you want to generate a password in an app your password manager doesn’t work with, or when an auto-generated suggestion doesn’t match the necessary criteria (e.g., you need a specific character).
  • You can generate secure passwords of up to 100 characters with Key Cutter. Passwords can contain some/all: uppercase letters; lowercase letters; numbers; special characters. The list of special characters is editable so if you want to only use specific specials character, edit it.
  • In summary, Key Cutter is a Linux app that lets you generate strong passwords that are difficult for others to guess. Since using unique passwords for different accounts is the best insurance against hacking, this app lets you do that in seconds.
  • G et Key Cutter on Flathub
  • G
    it Beginner Projects
  • Top 8 Open Source GitHub Projects to Level-Up Your Coding

Housekeeping & Announcements

• Thank you for listening to this episode of mintCast!
• If you see something that you’d like to hear about, tell us!

Send us email at [email protected]

Join us live on Youtube

Post at the mintCast subreddit

Chat with us on Telegram and Discord,

Or post directly at https://mintcast.org

• Next Episode – 2 pm US Central time on Sunday, June 11, 2023
• Get mintCast converted to your time zone
• for 414 Next Roundtable Live Stream – 2 pm US Central time on Saturday, June 3, 2023
• Get the Roundtable Live Stream converted to your time zone
• for 414.5 Next Roundtable Live Stream – 2 pm US Central time on Saturday, June 17, 2023
• Get the Roundtable Live Stream converted to your time zone
• Livestream information is at mintcast.org/livestream

Wrap-up

• Joe – Tllts.org,  linuxlugcast.com, MeWe, [email protected], Buy Joe a coffee
• Moss – Full Circle Weekly News, Distrohoppers’ Digest, [email protected], I’m on Mastodon as @[email protected], and other contact information can be found at It’s Moss dot com
• Bill – [email protected], Bill_H on Discord, @[email protected] on Mastodon, @wchouser3 on Twitter, and wchouser3 on Facebook also – checkout my other podcasts Linux OTC and 3 Fat Truckers
• Majid – [email protected] @atypicaldoctor on twitter, AtypicalAnaesthetist on instagram and The Atypical Anaesthetist Podcast on Spotify (https://open.spotify.com/show/6Uo4DsJE8fJmvo8npljbmx)

Before we leave, we want to make sure to acknowledge some of the people who make mintCast possible:

• Someone for our audio editing
• Archive.org for hosting our audio files
• Hobstar for our logo, initrd for the animated Discord logo
• Londoner for our time syncs
• Bill Houser for hosting the server which runs our website, website maintenance, and the NextCloud server on which we host our show notes and raw audio
• The Linux Mint development team for the fine distro we love to talk about <Thanks, Clem … and co!>

— Play Closing Music and Standard Outro —