Episode 430 Show Notes
Welcome to mintCast
This is Episode 430!
This is Episode 430.5!
Recorded on Sunday, February 4, 2024
Basking in inner peace im Joe; back for a bit, I’m Moss; pausing to take a deep breath, wait 4 seconds, and let it out slow, I’m Bill; back from traveling, Majid
— Play Standard Intro —
- First up in the news: Mint 21.3 “Edge” is out, Ubuntu taking heat over Pro packages, Bazzite 2.2 is out, BunsenLabs Boron is out, Parrot 6.0 is out, we say Goodbye to Ginny, RPi Compute Module 5 is in the works, Say Hello to Wilma, RH causes issues for CentOS, and DSL Linux makes a resurgence;
- In security and privacy: Ring will stop giving video to police, and AnyDesk responds to a major hack;
- Then in our Wanderings: Bill is moving gear around, Joe upgrades, Moss takes a new tablet, and Majid is drinking the Samsung Kool-Aid.
- In our Innards section: Bill explains the current mintCast infrastructure
- And finally, the feedback and a couple of suggestions
— Play News Transition Bumper —
- 21.3 “Edge” ISO Now Available Bill
- from LinuxMint Blog
- “Edge” ISO image is now available for Linux Mint 21.3.
- This image is made for people whose hardware is too new to boot the 5.15 LTS kernel included in Linux Mint 21.x. It ships with kernel 6.5 instead.
- For information on Edge ISO images visit https://linuxmint-user-guide.readthedocs.io/en/latest/edge.html.
- Ubuntu Pro Packages in ‘Software Updater’ Garner Criticism -Majid
- from OMGUbuntu
- It seems some users aren’t happy that there’s (currently) no way to disable Ubuntu Pro package updates from showing in the Software Updater tool in Ubuntu LTS releases.
- Last year, Canonical updated update-manager (aka Software Updater) to display a list of Ubuntu Pro package updates available for user systems regardless of whether Ubuntu Pro is enabled or not (and if it’s not, they can’t install them).
- Prior, only users who explicitly opted-in to Ubuntu Pro would see corresponding package updates available for their systems.
- Now, everyone sees them.
- And the inability to opt-out of being asked to opt-in is proving an irritant…
- Misguided marketing trick, or error? (more at link)
- SteamOS alternative Bazzite v2.2 out now with lots of enhancements Joe
- from GamingOnLinux
- Need something similar to SteamOS for your desktop or handhelds like the Steam Deck? The latest release of Bazzite with version 2.2 sounds like it just keeps getting better.
- Technically not a Linux distribution, and they don’t call Bazzite a Linux distro. It’s more of a community-rebuild based on Fedora Linux using ublue-os/main and ublue-os/nvidia with lots of extras included. It’s still not yet something for beginners, with their install experience gradually improving. But for people who love to tinker, this could be a bit of fun.
- The 2.2 release includes some big changes like a new modified fsync kernel with enhanced hardware support, HDR and more. You also get Nintendo HID support, a Webapp Manager, Pods as a default feature which is great for managing distrobox/containers, improvements to Steam Deck support, patches to Gamescope pulled in from ChimeraOS and tons of tweaks to both the GNOME and KDE desktop environments available. Plus lots of bug fixes.
- Lightweight Distro BunsenLabs Linux Boron Is Here Based on Debian Bookworm Bill
- from 9to5 Linux
- Coming two years after BunsenLabs Linux Beryllium, the BunsenLabs Linux Boron release has finally hit the stable channel today for this OpenBox-based and lightweight Debian derivative, a continuation of the acclaimed CrunchBang Linux distribution.
- The biggest change of the BunsenLabs Linux Boron release is the new base derived from the latest Debian GNU/Linux 12 “Bookworm” operating system series. Of course, this means that the distribution is now powered by the long-term supported Linux 6.1 LTS kernel series, which will receive updates until December 2026.
- BunsenLabs Linux Boron comes with new artwork called “Boron-aqua” inspired by Juliette Taka’s Emerald artwork for Debian Bookworm, featuring the Numix icon theme, round corners for windows, a vertical tint2 panel, and a menu with icons using the Material-Solarized-Suru++ icon theme. As an alternative, the devs are offering a dark red theme set with no icons and a horizontal tint2 panel.
- This release also introduces a new utility called “bunsen-apt-update-checker” that monitors and notifies users about package updates. However, this is not installed by default so you’ll have to manually install it from the Welcome script on the first login.
- Talking about the Welcome script, it’s been updated with various small tweaks and bug fixes, a workaround for an issue with sudo 32-bit systems when using urxvt, and the removal of the Dropbox and bunsen-image-archives installation options, yet the former is available in Menu > System Settings > Install Favourite Packages.
- The BunsenLabs Linux Boron release also updates the menu by moving and renaming several items compared with the previous BunsenLabs Linux release, add an improved keybinds menu under User Settings, and add Hardinfo and BL install info items under System Settings.
- Last but not least, the BLOB Theme Manager has been updated with a more streamlined interface, improved wallpaper support, as well as the ability to save and restore GTK and icon themes separately. Check out the release notes for more details.
- If you want your Debian flavor with the lightweight Openbox window manager, you can download the BunsenLabs Linux Boron release right now from the official website as live ISO images for 64-bit and 32-bit systems. BunsenLabs Linux Boron is perfect for old computers from 15-20 years ago.
- Ethical Hacking Distro Parrot OS 6.0 Brings Linux 6.5, Raspberry Pi 5 Support Joe
- from 9to5 Linux
- ParrotSec announced today the release and general availability of Parrot OS 6.0 as the latest version of this Debian-based security-oriented distribution for ethical hacking and penetration testing.
- Parrot OS 6.0 is here almost a year after Parrot OS 5.2 and it’s based on the latest Debian GNU/Linux 12 “Bookworm” operating system series. However, the devs decided not to ship Parrot OS 6.0 with Debian Bookworm’s long-term supported Linux 6.1 LTS kernel but with the newer Linux 6.5 kernel series for better hardware support due to backporting DKMS modules for Wi-Fi drivers.
- This release also ships with an improved installation experience thanks to the Calamares installer, updated system appearance for a fresh look (yet still using the MATE desktop), PipeWire as the default audio system replacing PulseAudio, GRUB fail-safe boot options for more reliable and safe booting, and VirtualBox backported from Debian Sid for enhanced virtualization support.
- As expected, all the included penetration testing tools have been updated to give you access to the latest hacking methods and techniques, and an experimental containerization feature was introduced for unsupported tools to improve flexibility. Also, Parrot OS 6.0 includes a new libc6 library and Python 3.11 to enable various tools to be upgraded to their latest upstream version.
- “This will enable future versions of Parrot to bring in several tools that were either deprecated/dropped in the past, or that were never added before due to their integration complexity,” explained the devs.
- Parrot OS 6.0 is available for download right now for new installations from the official website in multiple flavors including Security Edition, Home Edition, and Hack The Box Edition. Existing Parrot OS users can upgrade to the new release by running the commands below twice in a terminal emulator.
- sudo apt update && sudo apt full-upgrade
- The Raspberry Pi Edition of Parrot OS 6.0 will be available shortly with support for Raspberry Pi 5 so I’ll do some testing and write a review to let you guys know how this distro works on the latest Raspberry Pi computer.
- After Three Years on Mars, NASA’s Ingenuity Helicopter Mission Ends Moss
- from NASA.gov
- NASA’s history-making Ingenuity Mars Helicopter has ended its mission at the Red Planet after surpassing expectations and making dozens more flights than planned. While the helicopter remains upright and in communication with ground controllers, imagery of its Jan. 18 flight sent to Earth this week indicates one or more of its rotor blades sustained damage during landing, and it is no longer capable of flight.
- Originally designed as a technology demonstration to perform up to five experimental test flights over 30 days, the first aircraft on another world operated from the Martian surface for almost three years, performed 72 flights, and flew more than 14 times farther than planned while logging more than two hours of total flight time.
- “The historic journey of Ingenuity, the first aircraft on another planet, has come to end,” said NASA Administrator Bill Nelson. “That remarkable helicopter flew higher and farther than we ever imagined and helped NASA do what we do best – make the impossible, possible. Through missions like Ingenuity, NASA is paving the way for future flight in our solar system and smarter, safer human exploration to Mars and beyond.”
- Raspberry Pi Compute Module 5 is official and expected to launch sometime in 2024 – Majid
- from XDA-developers
- Raspberry Pi 5 debuted to much fanfare, and with good reason. The single-board computer has several hardware improvements compared to its predecessors, including a quad-core CPU that clocks around 2.4GHz. It also has a GPU that can reach a clock speed of 800MHz, making it fully capable of handling newer displays. Despite its initial success, it seems that the Raspberry Pi Foundation isn’t done just yet — the Raspberry Pi Compute Module 5 (CM5) is all but confirmed, and it could come as soon as this year.
- YouTube creator Jeff Geerling recently had an opportunity to interview Eben Upton, CEO of Raspberry Pi, which led to the reveal of the CM5 news. When Geerling asked Upton about the model, he confirmed that the model is “happening” before suggesting that it could arrive at some point in 2024. Thus far, little much else is known about the CM5, aside from the fact that it will likely have the same dual connectors as the Compute Module 4 (via Tom’s Hardware). It’s also speculated that the CM5 will have a similar 55x40mm form, but again, few details have been made public. With all of this being said, it wouldn’t be surprising if it pulled from CM4 in more ways than one.
- The Raspberry Pi Compute Module 4 launched at a budget-friendly starting price of $25, and it was built on a 64-bit quad-core BCM2711 application processor. It also supported dual HDMI interfaces and included a single-lane PCIe 2.0 interface. Perhaps its most notable highlight, however, was its variations — the CM4 came in 1GB, 2GB, 4GB, and 8GB LPDDR4-3200 SDRAM models, along with optional 8GB, 16GB, or 32GB eMMC flash storage. If the CM5 is anything like its predecessor, it isn’t hard to imagine Raspberry Pi enthusiasts — and PC hardware customers — clambering to get their hands on it.
- LM 22 Announced – Majid
- from LinuxMint blog
- Linux Mint 22
- The codename for Linux Mint 22 was chosen. It will be “Wilma”.
- Its Cinnamon edition will include a new Nemo Actions Organizer.
- Some other updates to 21.3 and LMDE 6 are covered in this blog post.
- RHEL’s Source Code Access Change Is Causing Issues For CentOS SIGs Moss
- from Phoronix, by Michael Larabel
- It looks like the Red Hat change restricting access to RHEL sources that was announced last year is having the unintended consequence of causing some headaches for CentOS special interest group (SIG) projects.
- Published last week on the CentOS blog was the Kmods SIG status update. This is the special interest group maintaining extra kernel modules for CentOS Stream and Red Hat Enterprise Linux. Notable there is the note:
- “Due to changes in the way Red Hat releases Red Hat Enterprise Linux source code, the Kmods SIG is currently unable to produce packages for Red Hat Enterprise Linux for legal reasons. We are working with Red Hat to resolve this situation and hope to be able to provide packages for Enterprise Linux again as soon as possible.”
- Due to restricting access to the RHEL kernel sources among other Red Hat Enterprise Linux source packages, it’s causing issues for the CentOS SIG trying to improve the kernel modules experience for RHEL (and CentOS Stream) users…
- A seemingly similar kernel change was noted today by the CentOS Hyperscale SIG.This special interest group as a reminder is about enhancing CentOS Stream for large-scale infrastructure like those at Meta / Facebook, X / Twitter, and others:
- “The latest version in the Hyperscale SIG is kernel 6.7.1-0.hs1 for CentOS Stream 9. This new kernel is now based on upstream Fedora release kernel rather than the CentOS/RHEL kernel tree. For the foreseeable future, the Hyperscale SIG will be tracking Fedora kernels to build and release into CentOS. The kernel is still built with a RHEL-like configuration, modulo changes for CentOS Hyperscale specifically.”
- So the CentOS Hyperscale SIG is now basing their fresh kernel builds on Fedora in a RHEL-like build rather than the CentOS/RHEL kernel tree.
- The Hyperscale SIG also shared about their work on the latest systemd updates, new experimental GNOME and KDE workstation live media images for CentOS Stream Hyperscale 9, and other leading-edge package updates. The SIG also continues maintaining a DNF/RPM stack with Btrfs copy-on-write support.
- DamnSmallLinux is Back! – Majid
- from damnsmalllinux blog
- [Article is by John Andrews, any usage of “I” in this article refers him.]
- The New DSL 2024 has been reborn as a compact Linux distribution tailored for low-spec x86 computers. It packs a lot of applications into a small package. All the applications are chosen for their functionality, small size, and low dependencies. DSL 2024 also has many text-based applications that make it handy to use in a term window or TTY.
- DSL 2024 currently only ships with two window managers: Fluxbox and JWM. Both are lightweight, fairly intuitive, and easy to use.
- DSL has three X-based web browsers:
- BadWolf (light, security-oriented, fully HTML5 compatible)
- Dillo (super-light GUI browser)
- Links2 (text and light GUI browser)
- For office applications, DSL has:
- AbiWord word processor
- Gnumeric spreadsheets
- Sylpheed email client
- Zathura PDF viewer
- For multimedia applications:
- MPV (video and audio)
- XMMS (a lightweight audio player)
- Other applications:
- mtPaint (graphics editing)
- gFTP (FTP, SFTP, and SCP)
- Leafpad (quick editing)
- zzzFM (file manager lifted straight out of antiX)
- There are three GUI-based games picked because they are fun and relatively light.
- DSL 2024 is also loaded up with a whole bunch of handy term-based applications.
- Why make a new DSL after all these years?
- Creating the original DSL, a versatile 50MB distribution, was a lot of fun and one of the things [the dev] am most proud of as a personal accomplishment. However, as a concept, it was in the right place at the right time, and the computer industry has changed a lot since then. While it would be possible to make a bootable Xwindows 50MB distribution today, it would be missing many drivers and have only a handful of very rudimentary applications. People would find such a distribution a fun toy or something to build upon, but it would not be usable for the average computer user out of the gate.
- Meanwhile, in 2024, nearly everyone has abandoned the sub-700MB size limit to run on computers old enough to not have a DVD and cannot boot off of a USB drive. This is completely understandable because applications, the kernel, and drivers have all mushroomed in their space requirements. Hats off to Puppy Linux for staying one of the few that still offer a full desktop environment in a small size.
- The new goal of DSL is to pack as much usable desktop distribution into an image small enough to fit on a single CD, or a hard limit of 700MB. This project is meant to service older computers and have them continue to be useful far into the future. Such a notion sits well with my values. I think of this project as my way of keeping otherwise usable hardware out of landfills.
- As with most things in the GNU/Linux community, this project continues to stand on the shoulders of giants. I am just one guy without a CS degree, so for now, this project is based on antiX 23 i386. AntiX is a fantastic distribution that I think shares much of the same spirit as the original DSL project. AntiX shares pedigree with MEPIS and also leans heavily on the geniuses at Debian. So, this project stands on the shoulders of giants. In other words, DSL 2024 is a humble little project!
- Though it may seem comparably ridiculous that 700MB is small in 2024 when DSL was 50MB in 2002, I’ve done a lot of hunting to find small footprint applications, and I had to do some tricks to get a workable desktop into the 700MB limit. To get the size down, the ISO only has en_US, en_BG, en_CA, and en_AU locales enabled, and I had to strip the source codes, many man pages, and documentation out. I do provide a download script that will restore all the missing files, and so far, it seems to be working well.
- Unlike the original DSL, this version has apt fully enabled. So if there is anything you feel is missing, it is very simple to get it installed. I also made an effort to leave as much of the antiX goodness enabled as possible. However, it must be said that DSL is a derivative work but also a reductive work. Some things from antiX may be broken or missing. If you find a bug, it is likely my fault.
— Play Security Transition Bumper —
- Victory! Ring Announces It Will No Longer Facilitate Police Requests for Footage from Users Moss
- from EFF
- Amazon’s Ring has announced that it will no longer facilitate police’s warrantless requests for footage from Ring users. This is a victory in a long fight, not just against blanket police surveillance, but also against a culture in which private, for-profit companies build special tools to allow law enforcement to more easily access companies’ users and their data—all of which ultimately undermine their customers’ trust.
- This announcement will also not stop police from trying to get Ring footage directly from device owners without a warrant. Ring users should also know that when police knock on their door, they have the right to—and should—request that police get a warrant before handing over footage.
- Years ago, after public outcry and a lot of criticism from EFF and other organizations, Ring ended its practice of allowing police to automatically send requests for footage to a user’s email inbox, opting instead for a system where police had to publicly post requests onto Ring’s Neighbors app. Now, Ring hopefully will altogether be out of the business of platforming casual and warrantless police requests for footage to its users. This is a step in the right direction, but has come after years of cozy relationships with police and irresponsible handling of data (for which they reached a settlement with the FTC). We also helped to push Ring to implement end-to-end encryption. Ring has been forced to make some important concessions—but we still believe the company must do more. Ring can enable their devices to be encrypted end-to-end by default and turn off default audio collection, which reports have shown collect audio from greater distances than initially assumed. We also remain deeply skeptical about law enforcement’s and Ring’s ability to determine what is, or is not, an emergency that requires the company to hand over footage without a warrant or user consent.
- Despite this victory, the fight for privacy and to end Ring’s historic ill-effects on society aren’t over. The mass existence of doorbell cameras, whether subsidized and organized into registries by cities or connected and centralized through technologies like Fusus, will continue to threaten civil liberties and exacerbate racial discrimination. Many other companies have also learned from Ring’s early marketing tactics and have sought to create a new generation of police-advertisers who promote the purchase and adoption of their technologies. This announcement will also not stop police from trying to get Ring footage directly from device owners without a warrant. Ring users should also know that when police knock on their door, they have the right to—and should—request that police get a warrant before handing over footage.
- AnyDesk says hackers breached its production servers, reset passwords – Majid
- from bleepingcomputer
- AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company’s production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack.
- AnyDesk is a remote access solution that allows users to remotely access computers over a network or the internet. The program is very popular with the enterprise, which use it for remote support or to access colocated servers.
- The software is also popular among threat actors who use it for persistent access to breached devices and networks.
- The company reports having 170,000 customers, including 7-Eleven, Comcast, Samsung, MIT, NVIDIA, SIEMENS, and the United Nations.
- AnyDesk hacked
- In a statement shared with BleepingComputer late Friday afternoon, AnyDesk says they first learned of the attack after detecting indications of an incident on their production servers.
- After conducting a security audit, they determined their systems were compromised and activated a response plan with the help of cybersecurity firm CrowdStrike.
- AnyDesk did not share details on whether data was stolen during the attack. However, BleepingComputer has learned that the threat actors stole source code and code signing certificates.
- The company also confirmed ransomware was not involved but didn’t share too much information about the attack other than saying their servers were breached, with the advisory mainly focusing on how they responded to the incident.
- As part of their response, AnyDesk says they have revoked security-related certificates and remediated or replaced systems as necessary. They also reassured customers that AnyDesk was safe to use and that there was no evidence of end-user devices being affected by the incident.
- “We can confirm that the situation is under control and it is safe to use AnyDesk. Please ensure that you are using the latest version, with the new code signing certificate,” AnyDesk said in a public statement.
- While the company says that no authentication tokens were stolen, out of caution, AnyDesk is revoking all passwords to their web portal and suggests changing the password if it’s used on other sites.
- “AnyDesk is designed in a way which session authentication tokens cannot be stolen. They only exist on the end user’s device and are associated with the device fingerprint. These tokens never touch our systems, “AnyDesk told BleepingComputer in response to our questions about the attack.
- “We have no indication of session hijacking as to our knowledge this is not possible.”
- The company has already begun replacing stolen code signing certificates, with Günter Born of BornCity first reporting that they are using a new certificate in AnyDesk version 8.0.8, released on January 29th. The only listed change in the new version is that the company switched to a new code signing certificate and will revoke the old one soon.
- BleepingComputer looked at previous versions of the software, and the older executables were signed under the name ‘philandro Software GmbH’ with serial number 0dbf152deaf0b981a8a938d53f769db8. The new version is now signed under ‘AnyDesk Software GmbH,’ with a serial number of 0a8177fcd8936a91b5e0eddf995b0ba5, as shown below.
- Signed AnyDesk 8.0.6 (left) vs AnyDesk 8.0.8 (right)
- Certificates are usually not invalidated unless they have been compromised, such as being stolen in attacks or publicly exposed.
- While AnyDesk had not shared when the breach occurred, Born reported that AnyDesk suffered a four-day outage starting on January 29th, during which the company disabled the ability to log in to the AnyDesk client.
- “my.anydesk II is currently undergoing maintenance, which is expected to last for the next 48 hours or less,” reads the AnyDesk status message page.
- “You can still access and use your account normally. Logging in to the AnyDesk client will be restored once the maintenance is complete.”
- Yesterday, access was restored, allowing users to log in to their accounts, but AnyDesk did not provide any reason for the maintenance in the status updates.
- However, AnyDesk has confirmed to BleepingComputer that this maintenance is related to the cybersecurity incident.
- It is strongly recommended that all users switch to the new version of the software, as the old code signing certificate will soon be revoked.
- Furthermore, while AnyDesk says that passwords were not stolen in the attack, the threat actors did gain access to production systems, so it is strongly advised that all AnyDesk users change their passwords. Furthermore, if they use their AnyDesk password at other sites, they should be changed there as well.
- Every week, it feels like we learn of a new breach against well-known companies.
- Last night (Feb 1), Cloudflare disclosed that they were hacked on Thanksgiving using authentication keys stolen during last years Okta cyberattack.
- Last week, Microsoft also revealed that they were hacked by Russian state-sponsored hackers named Midnight Blizzard, who also attacked HPE in May.
— Play Wanderings Transition Bumper —
30 minutes (~5-8 mins each)
- Well as some would be aware, my mother-in-law was recently diagnosed with a combination of brain and lung cancer. This last week and a half has been all about that. I did manage to get some time to get my ThinkCentre M93P transplanted into a new Antec P101 Tower case which is identical to the one I transplanted my Dell PowerEdge T40 into a couple of weeks prior. These cases are huge. They’ve got lots of Hard drive bays and lots of space for expansion, but the best feature in my opinion is the sound dampening. If I were being honest, I’d admit the reason for transplanting the ThinkCentre was more cosmetic than anything else – in stark contrast to the reason I transplanted the Dell. The T40 which among other things runs my Jellyfin server, the NGINX reverse proxy manager, as well as several websites. The case it came in, while modern and not ugly, was plagued with vibrations, buzzes, and ticks. Which drove me crazy. These Antec towers have sound dampening panels on all sides. The only time I hear hard drives chugging away is when some intense writing is being done, or Zpool is doing a scheduled scrub. These cases take up considerably more room than their predecessors, but In my opinion look better, and are functionally more appealing. I recommend these cases to anyone building a server.
- Some may remember in a previous episode I was exploring LMDE running with the Sid (unstable) Debian repos enabled. I’ve been running that on a KVM for some time with minimal trouble, and decided to take the big plunge and install it on my production machine. I’m pleased to announce I’ve taken that plunge and this episode is being streamed using LMDE 6 with Debian unstable on the back end. I won’t go so far as to recommend doing this because it requires you to know how to fix some potential problems that may arise. Another thing to consider is that with this configuration, I’m fully at the mercy of Pipewire, a rather new technology that will take some time to grow comfortable with. There were times not that long ago when for the sake of keeping a simple system, I ran bare bones ALSA. Obviously that’s not an option for me anymore, so I’ll do what is necessary to get accustomed with the new thing. I’ve been on Pipewire for some time on my laptops, but my sound needs for those machines is considerably less complicated. I’ve spent some time setting up and testing the applications I use to make and stream my shows and I’m confident things will go well. If you’re hearing us right now, then there’s all the testimonial I need.
- It has been busy but I feel like I have not gotten a whole lot done. My wife and I celebrated our 21st wedding anniversary but by spending time together. We decided not to do gifts this year
- We just had a simple dinner at our favorite restuarant here in Texas and did some walking around after. It was nice.
- We also decided that we needed to upgrade our phones since the Note 10 Plus’s were getting a little long in the tooth. We were able to get a good trade in on them from t-mobile and got the S24 Ultras at a good price. And because we got the pre-order special we also got double the internal storage.
- I dont use a lot of the storage but i do have 20 plus years worth of photos that i have been moving to all of my new devices since i started taking photos with a phone
- I will say that while the phone feels a little bit heftier in the hand it doesnt really feel like that much of an upgrade. Maybe it is because of the built in process of transfering everything from one phone to the other and the back ground and applications being the same but I have not noticed a performance difference.
- I would have liked to keep the old phones as well but the trade in was just too good to pass up
- To offset the added monthly cost of the phones I also switched to ATT Fiber which is new to my neighborhood. Getting the passthrough setup so that my router was public facing instead of the modem/router of theirs was a bit of a pain but it got done in the end.
- Hopefully they are reliable. But you cant argue with 300 up and 300 down and after my military discount I should only be paying 35 dollars a month. Plus 150 giftcard 50 dollars towards my first bills. I will call that a good deal for now. Although it took me a while to wade through the tech support people to find one that could assist with the passthrough and it did get a little frustrating re-explaining the things several times over, all my servers are now up and running.
- I will no longer be the owner of the modem but at least they are not charging me a monthly fee for it. Plus it can work as a back up router if mine fails. It does have 2.5 and 5ghz built in and it would not take me long to redo the port forwardings.
- Cancelling with Spectrum was also a bit annoying with them trying to retain me and offer me various deals that were not as good as what ATT is offering me. It is also just plain annoying that you have to CALL them in order to stop service. Yes i have been with them for a very long time and some of the speeds they were offering were pretty darn good but the price is better at ATT and i know that the speeds are more likely to be true there as opposed to a coaxial network that will be congested when the neighborhood is busy.
- Did not really do a lot of 3D printing. I printed a bog roll holder with a shelf that was mounted using some 3M two sided tape. Also 3D printed a cup holder replacement for my Gazelle exercise machine. I have printed the cup holder before but I could not find it and the only thing interesting about the print is that I used the 3mf file instead of an stl.
- But it works the exact same way.
- I’ve attempted to get back to work as my wife’s knee surgery continues to heal. Not many openings lately though. Her second knee surgery has been pushed to late May or early June.
- I purchased a used PineTab 2 from listener Jackie Moore. I received it on Jan 31, and Bill has ordered me a wifi dongle for it. I have amazing friends. There is a wifi chip in the device, but they have not yet finished the driver for it (or for the Bluetooth), although word is that it should be ready soon. The dongle arrived, and I’ve done all my updates and most of my app installations. I can’t manage to get Discord installed, but if I’m going to mostly be using it at school, that’s not an issue as the school’s wifi blocks Discord anyhow. By the way, it runs Arch.
- I had a brand new episode of Full Circle Weekly News get published just before the show today.
- Bodhi Linux has come out with betas on 32-bit DeBodhi (Bodhi based on Debian) and 64-bit DeBodhi. I’ve been running the 64-bit on my studio machine for a couple weeks now, and it’s a thing of beauty. The 32-bit version is already into a 2nd beta. Look for them on the Bodhidev page of Sourceforge if you’re interested.
- I’m falling behind on my review for this week’s Distrohoppers’ Digest. I made the mistake of installing Enlightenment WM on it instead of just keeping Fluxbox. The issues of getting things set up are stymying me.
- CarFax has been telling me for months that I’m overdue to get the brakes checked on my lovely little Mazda 2. I took it to the brake shop… and left with a $417 bill for new rotors and pads on the front (pads with unlimited warranty) and they cleaned the rear brakes “for free”, which were quite filthy to the point that most of the screws and such were frozen.
- So been a month since I’ve been here so you’d think I’d have loads to say. But its January and not necessaarilly the case.
- Even though I have a OnePlus 11, and had been really happy with it, due to my recent travels I found that the camera was a bit diappointing. I hadnt taken many pictures after having got the phone since september, so I only really put its in its paces on my recent trip to Morocco. The photos and videos were not bad per se, but it had turned into a really memorable trip, and I wasnt happy with the output. Even though there were no issues with lighting etc. When I got back from Morocco, all the S24 Ultra coverage was everywhere, and I got sucked in by the hype. Managed to find a deal where i got the 512GB sku of the device for £300 discount (before trade-ins) and on 3-month interest free (via paypal). I decided that this was too good a deal to miss out on, so bought it. I felt I had to try and save some money though, so I got rid of a few devices to afford this purchase. This included a Ticwatch Pro 5 which I had bought recently, and the Meta Quest 2, which was very gimmicky if quite cool. Thank God for Amazon returns! I also managed to sell the Oneplus on ebay, though for less then I wanted.
- Whilst on my travels, I had managed to lose one of my ear buds (earfun air pro 3) on the coach ride to the airport, so I decide to buy some Samsung Galaxy Buds FE from the airport. This now means I have inadvertently gone full-in into the Samsung ecosystem, with the S24 Ultra, S8 Tablet, and Galaxy Watch 4. I thought I’d embrace this and see how life goes with it. Its definitely more seamless then having a variety of different Android OEM products, but android things are pretty interoperable anyway, so maybe not the slam-dunk it might be.
- I’m very happy with the S24 Ultra. It’s speedy, performs well, I love the spen, the camera is great and i love the new anti-glare screen. Plus having 512gb storage removes any semblence of storage anxiety. The one thing I’m not happy about is the slow charging. This will charge at a max of 45W. Which is ok, but I’ve got used to the 100W charging of the OnePlus (which was a real boon whilst travelling). Tbh is a minor gripe though as the actual battery life is very good.
- I mentioned that I was trying another expereiment to see if I could use Samsung Dex as work replacement . I found a cheap 2022 S6 lite on ebay and tried this out. End of the day, the device is really underpowered, and its just easier to use my laptop! I think its time i just accepted that this is the way it should be.
- Linux-wise, I’m starting to lose patience with Manjaro. Theres too many paper cuts and jank with Arch as compared to the Ubuntu/Ubuntu-based distros i’m used to. The only reason i havent distro-hopped already is because I havent had time. Im still running Feren on the desktop though, really is Mint with KDE, with all the benefits that package would entertain.
- I mentioned a bit about travelling. So basically I joined a Sufi Islamic lodge back in November. Its basically a school of spirituality within the islamic tradition.Not something I’d ever been into before. As part of this, the group were making a trip to Morocco to meet the spiritual leader there. I thought it’d be good for me (as a new initiate) to go. The trip itself was memorable for many different reasons, but the actual travelling was a bit much for me. 3 hours to airport, 3 hours flight, 3 hours from airport to the border with Algeria where the centre was, sleeping in a hall with 30 other people, sharing 3 toilets. I’m far too middle class for this! The food was amazing too though.
- Work has been ok, managing residents is like having children you can’t scold! But the work is fine. Our strikes have been suspended as there has been a pay offer. It was rejected 51-49, but because it was so close, it was felt that further industrial action wasn’t justified.
- As a patient though, the NHS has collapsed. My wife has a couple of health problems and getting anything done has required me to flex any kind of influence in the hospital. It shouldn’t be this way, and I worry that normal folk are being let down by the system.
- Been listening to a lot of Beartooth recently. I love Caleb Shlomo and his lyrics on mental health really left an impact. Recommended.
- Enjoying the new True detective, and the new He Man. Watching Fool Me Once, is fun but the central character is really really irritatiing. Entitled white woman.
— Play Innards Transition Bumper —
30 minutes (~5-8 minutes each)
- This week we’re taking some time to talk a little about our infrastructure here on mintCast. What it took to get it up and running; What changes have been made over the recent few years; what we are hoping for the future.
- My first episode was 377 – Zero Days of Christmas. To say I was eager to make my presence known in this space would be understating it. At the time ( and indeed as of now) Linux podcasts were my favorite form of entertainment. Mintcast holds a special place in my heart because of how comparatively more approachable the show is. Nearly anyone with the desire to come on camera and talk about Linux can find a home here on this show.
- The initial fun was slightly replaced by a sense of urgency early on during my time here. Almost immediately after my arrival several very important things were Beginning to fall apart. We were losing our free website hosting that we were relying on for some time, we were under the belief that we were going to lose our free Google workspace (or whatever it was called at the time) account given Google’s announcement that they were discontinuing support for the “grandfathered” workspace accounts that were set up very early on when Google first got into that space. Both of these things are critical infrastructure that if not corrected, could have spelled the end of mintCast, if not just temporarily. I’ll describe the two biggest things separately, and discuss a little about what we put into place to keep us rolling.
- The website – the mintcast.org website is likely more important to our show than with many other shows given our RSS feed is generated by a WordPress plugin that handles distribution of the shows directly. “No website, no RSS feed” “No RSS feed, no show.” Other shows like my other two shows for example use a podcast service like Redcircle, or Blueberry which both handle the file hosting as well as the distribution of the episodes. Since mintCast does not utilize a service like that, the website is of the utmost importance. Before my time, our website hosting was on a service called Bytemark, based in the UK. We had been relying on credits placed on the account before my time. Those credits ran out, and the service shut down the website. Much of the difficulty with Bytemark had nothing to do with the service itself and everything to do with the facts that it was in the name of a person who hasn’t been a part of the show for some time. Fortunately I was able to work with that person to get the account switched over to my name. It wasn’t completely straight forward; there was a lot of security hurdles to get past given that I’m on another continent, and once all of that was overcome, getting my credit union to authorize the payments was another bit of odyssey. It was important to get an account and get the website back up and running at least temporarily so that we could use another WordPress plugin we rely on to generate a backup so that we could smoothly migrate the site somewhere else.
- When I started on mintCast, I knew nothing about the networking nuances with regards to setting up a website, and pointing a domain at it. I knew nothing about setting up a WordPress site itself at all. These were all things to be overcome if we were to move forward. My first thought, and indeed the first option we tried was to put the site on a $5 Linode, which served as a quick solution to address the need for the website to have a home. It was probably necessary because at the time I hadn’t quite figured out how I was going to handle running the site from my home infrastructure. Websites require a static ip address or a dynamic solution so that DNS knows where to route the traffic from the internet to the server running the website. At the time, I was running on a residential service where the external ip address could change at any time whenever there’s a powercycle on the router. The Linode was an elegant solution in the beginning, but quickly revealed itself to be inadequate to the task. If we were to remain with the Linode solution, we would have to cough up more money for a more powerful VPS. The $5 for the Linode was already $5 more per month than the show was bringing in. Mintcast has historically not solicited for donations from the listeners. Though there have been conversations about setting up Patreon, and other options for generating income, we’ve yet to pull the trigger on any of that. If we are to be a zero income show, we need to find solutions that are as close to zero as possible in terms of cost. There’s no way to get everything down to zero, but with some intense learning, and a bit of hard work, we are as close as I believe we can come. As of right now, the only recurring cost for mintCast is for the mintcast.org domain name it’s self, which is a yearly payment of less than $10 which I can live with for the time being. Once it was established the Linode wasn’t going to be a viable long-term solution, I set forth learning about static ip’s and reverse proxys. I also learned how to set up WordPress sites and took online courses in Docker. I had the internet service in my home upgraded to a symetrical 500Gb per second business service which gave me a static ip address. This gave me a good jumping off point, because it meant I can now host these services on bare metal hardware that I have full control of. The next hurdle was that though I now have a static IP address, it’s still only “one” static ip address. Websites for example need two ports: 80 (http) and 443 (https) routed through the router to the server itself. You cannot route a single port to more than one server at a time. This was a challenge that would need to be overcome given I had several services I needed to host from my infrastructure. I set my attention to finding a solution to that problem. This is where learning Docker became so important. There is a very well managed docker project called NGiNX Proxy Manager which runs in a docker container, what it does is listen on ports 80, and 443 among others for other services like Jellyfin. NPM takes the packets and routes them to the servers running the services. At first, I had our website running on a Raspberry Pi 400, which handled the task honorably. The only problem was that it meant more hardware using more electricity and was one more piece of kit I had to manage remotely from the road. For the sake of simplicity, the site was moved to an official WordPress Docker image container which is where it is to this day. I see no reason to migrate it any more. It seems to add no measurable resource intensiveness to system, and plays nicely with all the other containers running everything from Jellyfin media server, Audiobookshelf server, Calibre Web ebook server, as well as several other WordPress websites running from docker containers. Mintcast.org is safe and secure for the foreseeable future.
- Cloud Storage and Document Collaboration – On January 19th, 2022 Google announced they were “shutting down” the free tier of their grandfathered “G Suite.” This was to be devastating for the show because we had been relying on that service for the free Cloud storage to host our raw, flac audio files as well as our collaborative show notes. Our email address, [email protected] exists because we are able to take advantage of this free service from Google, and they were killing it in favor of their “new” Google Workspaces service which is basically just tweedle dumb, rather than tweedle dee. It was necessary to come up with a solution, and fast. Open source to the rescue. I set forth on the journey to learn how to spin up and administer a fully fleshed out Nextcloud server, complete with plenty of cloud storage, and document collaboration – and that I did. We weren’t sure what we were going to do about the email address, though we were at the time resolved to using the free [email protected] address the show has had for years and never really used. Shortly after getting all the Nextcloud stuff set up, Google back-peddled on their plans and continued to offer the service to folks like us who don’t make any money off the use of their service, but the writing was well and truly on the wall; Google was not to be trusted with our stuff. While we still use the [email protected] email address through gmail, we have long since shifted all of our cloud usages to the Nextcloud server which is set up and running as follows:
- The Nextcloud server itself is installed on bare-metal (no containerization) hardware. The machine is a seasoned but still a truly capable Lenovo Thinkcentre M93P with a 4th gen i7 and 32G of ECC RAM. Moss found this machine on Ebay for $99 and I was quick to grab it up. I’ve added the ECC ram to it, as well as a Samsung SSD that runs the operating system and containers, as well as two 2TB Seagate Ironwolf HDD’s which run a ZFS mirror, and that is where all of our stuff is stored. I also have periodic cold storage back ups of the data. The guys all have access to upload their flacs, as well as edit and create documents. There’s all kinds of other functionality like calendar, contacts, email, todo list, and the like which everyone can take full advantage of.
- In order to have true document collaboration such as the likes of Google docs and MS Office 365, a second server is necessary to run the necessary mechanism for the document management solution. For our part, we have a service called “Collabora” which is basically web-based Libreoffice running in a docker container which our Nextcloud instance connects to as a resource for handling document collaboration. This solution works, though it is different enough from the commercial solutions to which most people are accustomed to have caused some pain points. It’s been a non-zero amount of effort, though we’ve gotten on with it if for no other reason than it gives us content for the show. For the time being, I think we’ll dredge on.
- As stated earlier on, mintCast has never asked for money from it’s listeners. It’s been tempting to set up some kind of solution to offer those who want to help support the show financially. I’m not sure what’s kept the whole thing from happening other than perhaps everyone may be just waiting on one of the other guys to do it. I for one would be happy to hear from the listeners whether you all would be accepting of us using a service like Patreon, Sponsus, or a combination of several. Do you feel as though the concept is vulgar? What do you all think. In the future we may find it necessary to get at least a little money to help with infrastructure issues. Electricity isn’t free, the domain name isn’t free. Hard drives definitely aren’t free. Tell us what you all think. Don’t be afraid to be completely honest.
— Play Vibrations Transition Bumper —
20 minutes (~5 minutes each)
- Dear Mintcasters,
- I wanted to thank you all for the time and effort you put into the podcast. It is very much appreciated as I have learned about a lot of interesting topics by listening to the things that you uncover.
- It is no exaggeration to say that although I have the usual quota of friends and acquaintances, I don’t know anyone at all who uses linux or even knows what it is, so online communities and podcasts are very important.
- Also in a recent episode, the subject of headsets and Bluetooth on linux got a mention, and what a problem area this still is. My job requires use of Conference calls using Zoom or Teams daily, and this has been awkward.
- I had tried using Bluetooth earbuds (Pixel Buds) which would pair OK, but no matter which audio configuration profiles I chose, the result was either decent output but voice quality that sounded to others like I was phoning from underwater, or better voice but only mono output.
- Also tried a Poly (aka Plantronics) Blackwire USB headset, but still had to compromise on quality.
- After a good deal of tweaking, cursing and even changing up to Pipe Wire, I was about to give up and go back to joining calls from my phone, when I looked at the Headset leaflet and spotted that the USB end on the Headset cable could be removed to reveal a 3.5mm headphone plug. Plugged that into the computer headphone jack and all problems were solved.
- Lesson 1: read the documentation!
- But on a wider note, if this is the current state of Headset/Bluetooth audio on linux, and I simply wasn’t just doing it all wrong (quite possible) this is one of the areas that holds linux back, particularly as these things work just fine on Windows, MacOS, iOS and Android.
- Perhaps this is a topic you could dive in to a little more?
- Anyhoo – please keep up the fine work!
- All the best,
— Play Check This Transition Bumper —
10 minutes (Moss)
- Hacker Public Radio needs more shows; apparently show submission has dropped to a trickle. HPR has long had a hand in supporting mintCast and many other shows.
- It appears that nobody is doing maintenance on LinuxQuestions.org. It is time for the Best Of 2023 voting results, and they haven’t even posted call for nominations yet. I have left a message on the site; it would be horrible if Jeremy is having problems with either his health or the site itself. I’ve been a member of LQ since 2008, and it has been of frequent benefit to me and perhaps millions of Linux users.
- Thank you for listening to this episode of mintCast!
- If you see something that you’d like to hear about, tell us!
Send us email at [email protected]
Join us live on Youtube
Post at the mintCast subreddit
Or post directly at https://mintcast.org
- Next Episode – 2 pm US Central time on Sunday, February 18, 2024.
- Get mintCast converted to your time zone
- for 430 Next Roundtable Live Stream – 2 pm US Central time on Saturday, February 10, 2024.
- Get the Roundtable Live Stream converted to your time zone
- for 430.5 Next Roundtable Live Stream – 2 pm US Central time on Saturday, February 24, 2024.
- Get the Roundtable Live Stream converted to your time zone
- Livestream information is at mintcast.org/livestream
- Joe – Tllts.org, linuxlugcast.com, [email protected], Buy Joe a coffee
- Moss – Full Circle Weekly News, Distrohoppers’ Digest, [email protected], Mastodon @[email protected]
- Bill – [email protected], Bill_H on Discord, @[email protected] on Mastodon, also – checkout my other podcasts Linux OTC and 3 Fat Truckers
- Majid – [email protected] @atypicaldr870on twitter, AtypicalDr on instagram and The Atypical Doctor Podcast on Spotify
- Eric – You can hear and see me on this and the Linux OTC and Distrohoppers’ Digest podcasts as well as the Linux Saloon and LinuxLUGCast streams. If you’d like to get in touch with me I can be reached by email at [email protected], Discord (eric_adams), Telegram (https://t.me/ericadams), Matrix (@esa1975:matrix.org), and Mastodon (https://fosstodon.org/@ericadams). Links in the show notes.
Before we leave, we want to make sure to acknowledge some of the people who make mintCast possible:
- Someone for our audio editing
- Archive.org for hosting our audio files
- Hobstar for our logo, initrd for the animated Discord logo
- Londoner for our time syncs and various other contributions
- Bill Houser for hosting the server which runs our website, website maintenance, and the NextCloud server on which we host our show notes and raw audio
- The Linux Mint development team for the fine distro we love to talk about <Thanks, Clem … and co!>
— Play Closing Music and Standard Outro —