Michael:
[0:00] Welcome to Destination Linux, the USS Enterprise-D of open source exploration, where every repo is a star system waiting to be chartered, and every commit is a course correction in the continuum of tech. I am your captain, Jean-Luc Michael. This week, sipping a steaming cup of tea Earl Grey Hot while sitting in the big chair of the bridge, my mission to seek out new distros and new desktop environments to boldly pseudo where no one has pseudoed before.

Ryan:
[0:32] Who put you in charge? I didn’t vote for you. It’s ridiculous.

Michael:
[0:37] It’s military system. I’m the captain. You can’t vote. Jill is our Lieutenant Tasha Yar, fearless code enforcing security chief who can lock down a network faster than she can phaser a Klingon ambush. Her creed, if it’s not open source, it’s a Romulan cloaking device hiding treachery.

Ryan:
[0:56] It’s true.

Michael:
[0:58] Ryan is our Lieutenant Worf Gruff. What is that? Gruff?

Ryan:
[1:02] I’m Gruff. I’m Gruff.

Michael:
[1:04] Oh, you’re Gruff. I see. I thought you would be like Gruff. A hardware honing warrior forging server racks with Klingon precision and always ready to defend the honor of a Klingon colonel. Although, I’d like to point out Tashi R is defending off a Klingon ambush and you are. So this week’s Starlog, we’ll scan a community-written Linux guide that’s been crowdsourced faster than you can say, make it so. We’ll introduce newcomers to Kimi AI, our new ship’s counselor fluent in 40 languages, armed with the end-to-end encrypted empathy, and ready to tackle your dependency Hades faster than you can ask, what’s my purpose? and will stage an intervention for phone addiction. So set your phasers to install, sync your tricorder repos, and remember, in open source space, no one can hear you scream. Unless you’re on a Bluetooth mesh channel with end-to-end encryption. Then they might be able to. It’s time for Destination Linux. Engage.

Ryan:
[2:18] This week, our feedback comes from Cecil related to a discussion in episode 423. They say, for another perspective on the people are staring at their phones instead of enjoying things topic. I usually am using my phone 90% of the time while walking my dog. Hopefully you’re listening to our podcast. That’s the only acceptable reason you should have your phone on you there.

Michael:
[2:42] Or you’re in your terminal text editor.

Ryan:
[2:45] That’s true.

Michael:
[2:45] On your phone.

Ryan:
[2:46] They go on to say, I’ve sometimes thought about how someone seeing that might pity me because they think I’m not aware of my surroundings, not appreciating the scenery, etc. But I was born over a decade before smartphones and I’ve always been the kind of person who gets lost in their thoughts. Turned out that doing stuff on a smartphone can actually help me stay away or aware of my surroundings by limiting how far my thoughts can wander and focusing my field of vision. if I’m on my phone I never fail to notice when my dog does their business on the other hand when I forget to bring it I can space out completely by the time and return home I have no idea what my dog did meanwhile I’m thoroughly enjoying the breeze and whatever sounds of nature around that being said I don’t know what it might be like for some of the people who grew up with smartphones either way I think there’s something to be said for the fact that while outside observers only see someone staring at a screen anything could be on that screen including chats with loved ones educational apps online shopping pages for non-puffy cheetos good point okay so at first i’m like i’m not sure i’m following but then you went with the non-puffy cheetos and now i gotta be like going to tuxdigital.com or checking out sandfly man how am i going to argue with this great great feedback did a brilliant feedback because they gave an arguable statement but then made it impossible for me to want to argue it at the end. So the only thing I can do is be like, I agree. Like, of course, Cecil, like this is great.

Michael:
[4:13] Our hands are tied with this situation. Yeah, we agree.

Ryan:
[4:17] I mean, what can I say? No, I get what you’re saying. I think that, you know, there are certain individuals who are utilizing their phone, like you said, because of needing to help keep their focus, especially people with ADHD, those type of things too. I think certain apps and things can help a lot.

Michael:
[4:38] I feel like with ADHD, as someone who I think I have it, that’s more like a smartphone is more like kryptonite to us.

Ryan:
[4:46] Well, it can be, but there’s also apps to help with that kind of focusing and things like that. So there’s a lot of stuff. What I’m saying is what Cecil’s saying is there’s a lot of stuff you could be doing on your phone that’s not just doom scrolling. right yeah and so i i agree with you i think though if we look at the issue at large when you go into a concert, And everybody’s playing on their phone instead of listening to music. When you go into a movie and people are playing on their phone in the middle of the movie, granted, it may be a boring movie, but I think the phone addiction is real. There’s been lots of studies on phone addiction. It’s not like something we just made up or anything like that. So the phone addiction issue is a real problem. A lot of people suffer from basically not living in any moment and living completely in their digital lives. And it’s gone so far as there’s actually problems in other countries where people are only like wanting to date AI apps. Like they’re obsessed with this technology to the point where their girlfriend is basically an AI bot and things like that. And that’s probably coming here.

Michael:
[5:51] And that’s, I don’t understand that, but you know, more power to you.

Ryan:
[5:55] We don’t have to understand it but what i think is interesting is that the obsession that’s come with this is something that we are going to have to figure out how to deal with because, much like the mmo addiction which is another addiction um massively multiplayer online role-playing games there’s actually um special support groups and other things for people to break free from that addiction actually knew somebody who was severely addicted to world of warcraft uh point where they just it was ruining their life i wasn’t but.

Michael:
[6:25] I knew someone who was and it was a very interesting situation because i never even touched the game i played maybe 10 seconds and like no it’s not mine not my thing and but there’s some people who are just stuck in it for years and spend thousands of dollars.

Ryan:
[6:39] When i was pretty young i would say i was pretty addicted to everquest and to ultima online which were predecessors to world of warcraft I mean, I thought about it while I was at work. I didn’t work a very important job at the point, but I thought about it while I was at work. And I woke up and turned it on. When I was going to sleep, it was turning on. I could see the addiction. And what happens is it becomes much more rewarding and fun in the virtual world than it does in the real world. It’s much harder to make money, to make friends, to do everything in the real world. It’s much easier in this virtual space. And you feel more important in the virtual space. And I think that’s something that we all have to contend with, especially those of us with kids and figure out, you know, what is the right way, um, um, to handle these situations so that people don’t become obsessed with it. But to your point, Cecil, you can’t just assume because somebody’s on their phone that they’re not enjoying the moment. Totally get that. What are you doing? Michael, we’re in the middle. Put down your phone. We’re in the middle of a podcast.

Michael:
[7:37] I’m doom scrolling.

Ryan:
[7:40] You literally looking at pictures of doom?

Michael:
[7:42] Yeah, doom. Very funny.

Jill:
[7:44] Very cute.

Ryan:
[7:44] Very, very cute.

Jill:
[7:45] Not Warcrack?

Ryan:
[7:47] Yes.

Jill:
[7:49] He’s not doing Warcrack.

Ryan:
[7:51] It’s very interesting though. Like Jill, did you notice this? Cause you worked with a lot of college students and things like that. Did you notice that a lot of the students, especially towards the end, were more focused on their phones than maybe even learning in the classroom or was that never an issue?

Jill:
[8:08] It wasn’t really an issue because I would have my students turn off their phones.

Ryan:
[8:14] Ah, tricky.

Jill:
[8:15] Yeah. Yeah. That was one.

Michael:
[8:17] She would take their phones, put them in a box, like a lockbox, and throw it under a bus.

Jill:
[8:22] I didn’t do that, but I would have them. But before then, just having a computer in front of them to do a lecture in front of a computer, you know, with students in a computer lab with like 100 computers in there, you know, their distraction. And getting them to just focus on what I was talking about and the lesson plan was sometimes difficult to the point where some of the classes, they installed software that would disable the computers so the students couldn’t use them while the instructors were lecturing.

Ryan:
[8:57] Interesting. It’s just too simple, right? It’s too easy of a distraction. And I know my kids’ school is the same way. They’re allowed to play with their phones until the school doors open. But once the classroom bells ring, they have to put their phones up. And if they come out, the principal takes them. So that’s the only way they can get the kids to focus. I think it’s just too accessible. it’s too easy to get lost in playing with your phone and there’s a lot of great recommendations of keeping your phone not on your nightstand as an example because a lot of people will just sit there and play on their phone all night till they go to sleep and you know never.

Michael:
[9:35] Really it also keeps you awake because of that and like it’s and it’s also a good way to uh force yourself to wake up is to not keep it on nightstand keep it like the other side of the room because you have to get Get out of bed to go turn off the alarm and stuff like that.

Jill:
[9:46] Yeah.

Ryan:
[9:47] Yeah, exactly. So Cecil, thank you for sending in the feedback. I think it’s an interesting clarification as well to not assume, but also definitely something I think everybody, especially parents are worried about of their, their kids being too stuck or obsessed with their phones there. If you want to send in your feedback, you can get your feedback at destination Linux.net slash comments. and we may read it on the show.

Michael:
[10:15] And destinationlinux.net slash forum to hang out with other people who are part of the community. Today, we’re joined by Craig Roland, the founder and CEO of Sandfly to give us our security scoop this week. Craig, welcome back to the show. And what is some recent security news or stories that are on the top of your mind for this week?

Craig:
[10:34] Well, one that’s recently come back again after we initially talked about back in 2022 was BPF door. So a well-known security blogger called HacksRob at his blog, which is H-A-X-W-R-O-B.net, HacksRob.net, he wrote about the new version of BPFDoor. So BPF door for background was a piece of malware that they believe is linked to Chinese state actors. It was largely targeting a lot of telcos and critical infrastructure. So the first version of that, it was a great backdoor. Actually, I quite liked it because it was simplicity. But version two of it, they basically added additional features and hiding capabilities to make it more evasive. And they also upgraded the security in it so you can no longer easily decode what it’s doing. and I was public-private key involved with it as well to make it more evasive.

Ryan:
[11:24] So this BPF, this is Berkeley packet filtering. This is a common packet filtering most people run on their network, but this malware is basically utilizing that and hiding it. Is that true? Is that how it works?

Craig:
[11:38] Yeah, what it’s doing, it’s using something called a magic packet to activate. So essentially BPF is a lot like, you know, it is Berkeley packet filters, like what you would use for TCP dump or something. But the way this malware uses it is it is watching all the network traffic. And when it sees a certain packet come in with a certain sequence in it and a certain correct passcode and a certain command, it will then activate. And then that’s how it does its business. So in the case of BPF door, what made it really evasive is the fact that it’s watching all the network traffic on your host. So if you send a special command, like let’s say you’re running a website on port 443, all that you say, hey, all my traffic’s encrypted. I have a great firewall. Nobody could get through this.

Craig:
[12:20] Solid. The way BP outdoor would work is it’s watching all the traffic go into that box regardless of the port. If a magic packet is received on port 443, for instance, it would say, right, this is someone who wants to control me. It would then open up a port on a high port, and then it would reconfigure the local firewall so that all the traffic just from that one user gets forwarded to the back door. Now, if you’re monitoring network traffic, you see traffic going to port 443 as expected. And of course, it’s encrypted. So everything looks normal. But behind the scenes, BPF doors forwarded that traffic to a bind shell back door that has on that box. And then that’s what makes it so evasive. So even if your firewall is working, BPF is still seeing all the packets and is able to intercept those packets and activate. So that’s what made this one pretty unique.

Ryan:
[13:08] What I think is interesting about this is I’ve talked about this on the show quite a bit that you know one of the problems with these governments attacking each other with these things is once they attack each other it’s kind of out there in the open right so they use it to maybe target a specific government entity or whatever but then these this malware can be picked up from other actors even just script kitties or whatever that can go make some modifications and utilize a very sophisticated tool that was meant for a very specific purpose now for other nefarious purposes and make it kind of dangerous. This kind of sounds like it may have started out as something like that at some point. And yeah, this type of malware, because it lays dormant, isn’t really detectable then by your standard antiviruses and other things out there, right? Because for the most part, it’s waiting for instruction. It’s not doing anything nefarious.

Craig:
[14:01] Yeah, it is. I mean, one of the other problems on Linux too is a lot of malware is open source, right? So when you start to use traditional kind of file scanning, the way you’re like a Windows antivirus would work, it doesn’t really work very well on Linux because the malware is very easy to change. So in the case of like BPF door, you really need to be looking for the tactics of how it’s hiding and waiting. Now, we could find that as a product because we look for the tactics of compromise. But if you’re just using generic kind of file scanning stuff or on a clam AV or something like that, you very likely are not going to see this type of malware there, especially if they change the code in any significant way.

Ryan:
[14:38] Yeah, because they’re looking for prior signatures. So like what you’re saying is, you know, generally how an antivirus works is it looks for signatures of viruses that have been caught, goes back and looks at those signatures in the antivirus tool to find them. But if you’ve changed those signatures just slightly enough that it’s not going to pick that up anymore, it’s not going to see it. But why would Sandfly pick up something like this? How is it different? And what would they see if they were running Sandfly?

Craig:
[15:03] We first ran into this particular backdoor back in 2022. It was actually late at night, about midnight. And I saw someone tweet about this, this undetectable malware. And I looked at the source code, the C code, and I said immediately, there’s no way we would miss this. And so we compiled it up and we ran it and we immediately lit up like a Christmas tree. And I think the difference is that undetectable. Yeah.

Michael:
[15:27] Exactly.

Craig:
[15:29] I mean, and this is a problem on Linux. Unfortunately, everything’s undetectable if you’re not looking and Linux, because of the way it works, the incompatibilities, it’s very difficult to get a lot of agent-based systems onto these platforms. But also, too, a lot of times, these other systems are using Windows approaches to malware. The way we were able to find it is that the tactics just looked very odd. We saw a process that was running out of the RAM disk, which is DevAceHM on Linux, which is very weird. Why would a process run out of a volatile memory location? The process deleted itself from disk after it executed to hide the binaries. This way, if you tried to do a file scan, you just wouldn’t see it because it wasn’t on the disk anymore. It was then sniffing network traffic. It was grabbing all network traffic, which is really unusual for the fact that it’s running from a RAM disk, and it deleted itself from the disk. And then finally, when it activates, the shell, the bind shell back door kicks off. Has a lot of suspicious attributes as well. Again, it was spawned by a process that’s sniffing network traffic. It’s got connections that look very odd to us, like a typical shell would never look that way. So it had all these things that we didn’t know what it was at the time, but it just looked like we know you’re not good, right? We don’t know what you are, but we know you’re not friendly, that kind of thing.

Michael:
[16:45] Yeah.

Ryan:
[16:45] So how does one get rid of this if you detect it? So if you have SandFly, you’re running that, boom, you’ve got all this Christmas tree lighting up exactly what you want. But what do you do with it to get rid of it?

Craig:
[16:57] You know, this is a tough one on Linux. We get asked this question a lot. So on Windows, it could be fairly straightforward to eliminate, to clean up a system and be okay. The problem with Linux is there’s too many ways for people to change it, right? So I would caution, if you get a system that’s hit with the malware, you always need to find out how they got onto the system. Because if you don’t figure out how they got on, a root cause analysis, they’re just going to be back again. Maybe it won’t be that day, but next month, you know what I mean? They’re going to come back. I’ve never seen an attacker just go away. They always try to come back. So ultimately, with Linux, if you know a system’s been compromised, you have to find out how they got on the box. and then you gotta and then at that point i would recommend burning the system to the ground and just rebuilding it because you don’t know what they did right i mean you just got a nuclear thing from orbit right yeah and the other thing too is that root cause analysis you then need to take that and look at all your other systems to make sure they didn’t use that same trick to get these other boxes so bpf door is relatively easy to clean up but i you can’t guarantee that they they’re not going to come back and, hide it.

Ryan:
[18:06] They got in at some point to put it there. So that’s why you’re saying you got to go find that door and close it basically.

Craig:
[18:12] That’s right. Yeah, you do. I mean, you know, the way I explain it is like, you know, you might let’s say even you ran a magic product that could block all the attacks against Linux and say, hey, it blocked five attacks. Well, that doesn’t mean there wasn’t a six attack that it didn’t block. You just didn’t see it. Right. So you can’t I can’t prove that. Right. You got to make sure the root cause of how they got on is fixed. that that’s basically it.

Jill:
[18:35] Right a question when it’s in the ram disc is it just like kind of like churning around and trying to find what what parts of the system that can attack randomly or is it going after a certain certain um like system d on on.

Craig:
[18:52] On the computers it’s just gone resident now that that was version one version two they did away with the running from ram disc they realized that was a bad idea so they stopped doing that but but both versions will do something very similar they’re just going to start and just very quietly run a bpf filter and then just look for the network traffic now the reason they use bpf filter and not just watch every packet is a is that keeps it a very low cpu because if they didn’t put the bpf filter in it would be watching every packet they’d have to decode it that’d be very very expensive right so but you would notice issues with.

Michael:
[19:27] The cpu and everything yeah.

Craig:
[19:28] Absolutely you would notice it so a bpf door is it’s serving as a first order filter that they’re only looking at packets that just happen to have that magic id and then they go ahead and validate it so the bpf is really used for an efficiency mechanism to make the malware really really unobtrusive so you know the first version like i said i’m a bit of a malware connoisseur right i appreciate the craft and i thought the first version of bpf door It’s just awesome. It’s just a small little thing. It did one thing really well. The new version of it, it’s a lot more bloated. They have like, you know, SSL key negotiations and stuff, which I know they had to do because that keeps other people from trying to access it. But it’s lost a little bit of the magic, I’ll be honest with you.

Ryan:
[20:10] So from your perspective, I think that’s an interesting perspective. And by the way, the person I want running security stuff and making software for my system of security, I want to be a fan of this stuff so that they understand it and study it.

Michael:
[20:21] That’s why you would be doing it in the first place.

Ryan:
[20:23] But I love that you’re more fascinated by the simple ones than the advanced bloated ones that try to be a Swiss army knife. And I think that’s because that’s far more complex, even from a mitigation standpoint, when you’re creating tools to try to stop this stuff, of stopping when it keeps itself super simple versus something that’s pinging all over the place, right?

Craig:
[20:45] Yeah, yeah. You want to keep it simple. I mean, look, I have a really simple heuristic for malware. The more ASCII art it contains, the less seriously I take it. I mean, it is like the stuff that no ASCII art, it just got one task, does it really well, doesn’t try to do everything. That stuff is what I consider professional grade, right? The stuff they ask you aren’t trying to do 50,000 different things. That’s like, you know, I don’t know, kiddie level stuff. I don’t consider it very serious because, you know, you don’t want to get seen. And the more times you add features to it, blah, blah, blah, man, you’re going to mess up. You’re going to mess up and get seen.

Ryan:
[21:23] It’s funny you say the ASCII art thing because I remember the first time I saw a hacking program. I was at a friend’s house and he had an older brother who had this hacking software. And I thought it was amazing back then because he could boot people out of AOL chat rooms. That’s how advanced it was. I mean, unbelievable. No one’s ever heard of such a thing, right?

Michael:
[21:42] A lot of people who are watching this haven’t heard of AOL.

Ryan:
[21:45] Oh, you’re probably right. Yeah. Most people don’t even know what AOL is. They send a lot of CDs. That’s all you need to know. But when he loaded the program, I just remember the ASCII art was scrolling. It had like death and skulls and all these different things. And all it did was just boot people from an AOL chat room. It was fantastic. So yeah, I think you’re dead on there.

Michael:
[22:04] I feel like there’s a lot of there’s a lot of nostalgia in terms of like the hacking aspects, because what you described just then about the stuff being scrolled in the chat rooms and stuff reminded me of this one malware. I don’t know what it’s called. I just remember it happening where it would basically like do this effect where it just once it activated, it started melting your screen.

Ryan:
[22:24] So like make it look like that yeah yeah.

Michael:
[22:26] An effect of the desktop melting and stuff and then at the very end you’d be like just it’d be like 99 black screen and it’s just a bunch of colors sitting at the bottom.

Ryan:
[22:37] And anyway i.

Michael:
[22:39] Don’t remember what it was called but and that kind of stuff was funny but now looking back on it but it’s uh it’s definitely not one of something you would take very serious.

Ryan:
[22:47] Yeah well that that.

Craig:
[22:49] Was the good old days today they just encrypt your hard drive and look for you know want you to pay bitcoin.

Ryan:
[22:53] So yeah yeah exactly um well i think it’s awesome that uh those who have taken advantage i know there’s a lot of you out there of the sandfly home edition other things this is something it’s just one of the many reasons why uh sandfly is an amazing product because it’s not doing that standard virus scanning stuff

Ryan:
[23:12] it’s looking for those anomalies out there and can pick up things like this speaking though of viruses, I hear you’re attending DEF CON very jealous by the way I hear you’re attending DEF CON and Black Hat again this year so I thought for our listeners that are like me who’ve always wanted to go to these conferences, that are very scared.

Michael:
[23:33] To go because of being hacked that’s why.

Ryan:
[23:35] Ryan’s not going that’s not why I’m not going I can’t wait to be hacked at DEF CON what are the differences between the two so DEF CON and Black Hat If someone’s like me, they want to know what’s the difference between the two. How would you describe which one maybe someone will go to based on the event?

Craig:
[23:54] So Black Hat is if you have money and DEF CON is if you don’t. So Black Hat is what the guys working at big corporations use as the excuse to actually go to DEF CON. Because Black Hat gives that legitimate look to it. So I started going to DEF CON. Price, I forgot what it was. I think we talked before the call, like four or five. I forgot. It was very small back then. A few hundred people. We all fit in a single room. Now it’s like 20 plus thousand people. It’s very, very large now. So I think there’s a lot of Linux there. So if you’re into Linux, just really great people. I don’t worry about getting hacked there at all. People talk about bringing your burner phone and this and that. Look, man, nobody’s going to burn a zero day on you. You’re just not that important. You know, that’s what I tell people. I mean, you’re just not, right? I mean, you know, a zero-day iPhone bug is like worth a million plus dollars. You think they’re just going to throw it out on the DEF CON network, right? So, man, bring your phone. You’re fine. Turn it off if you don’t want. You know, you’ll be fine. You know? Hey, and if you’re worth having a zero-day, you should feel special.

Ryan:
[25:05] Someone burns a zero-day. Look, I got a zero-day. I’m hacked.

Craig:
[25:07] They just did it. But, you know, it’s a good conference to go to. So, we will be at Blackout. We’re running a booth at Startup City. And then I will stay on for a few extra days. So I’ll be a black hat. We’ll have shirts. We’ll have stickers. I’ll be walking around if you want to come up and talk Linux and, We can debate the pluses and minuses of system D, whether or not it’s destroyed the planet or not, whatever you want.

Ryan:
[25:31] I love it. I love it. And then, you know, I was getting to the tips and tricks for DEF CON. And it’s funny you mentioned the burner phone because a few folks I’ve talked to are like, don’t go with your regular phone. You better have a burner phone. So now I know no one’s going to waste time on that. I can bring my regular phone. Is there any other tips to getting the most out of DEF CON that you would have?

Craig:
[25:51] Um you know i i guess like my thing is like you know vegas has gotten a lot more serious about security and people who look suspicious so like if you’re walking around with enough antennas out of your backpack that you look like a porcupine you’re gonna get questioned by hotel security right don’t act surprised the last year people were all upset oh security came into my room and like yeah they go into everyone’s room because of stuff they’ve had happen and especially if you look like you’re going to cause trouble at a casino, yes, they’re going to throw you out. I don’t know what to say. So I would go there and be like, look, just don’t be an idiot. If you look normal, you’re not going to get bothered. If you look like someone who’s causing trouble because you are causing trouble, then you will attract the attention of casino security. And don’t complain about it when it happens. I won’t feel too sorry for you. So that’s it. Otherwise, though, yeah, it’s a great crowd. You’ll have a good time, other than the fact that it’s hot. But other than that.

Ryan:
[26:51] It’s pretty good.

Michael:
[26:53] So there’s two reasons don’t wear a ski mask. The heat and the suspicion.

Craig:
[26:59] Yeah, that’s right. Yeah, walking through the casino floor with a bunch of antennas hanging under your backpack is a really good way to get attention you don’t want.

Jill:
[27:07] Yeah.

Craig:
[27:08] The ski mask might get you less attention.

Ryan:
[27:12] Yeah.

Michael:
[27:13] Well, the amount of trolling that happens there, I wonder if anybody just walks around in the floor with a backpack that’s just antennas connected to nothing. You know, it’s just a bunch of…

Ryan:
[27:26] And then they go on social media and complain that they were picked up.

Craig:
[27:30] You could do. When Guido and Luigi take you down to the bottom basement of the Caesar’s Palace to talk to you in a room closet.

Michael:
[27:37] Fine, I’m worth it then.

Craig:
[27:38] Don’t complain. Yeah, the collapsible nightstick comes out across your knees, right?

Ryan:
[27:43] Yeah. Yeah. No, there’s, it sounds like an incredible time for those that go. And there’s other podcasts. I love Darknet Diaries and they’re out there. You know, that person, Jack goes all the time to the DEF CON series. And it’s just, it sounds like it’s an amazing time. So I’m going to get there, but you’re not going to see me there this year, but you will see Craig. So go check that out. That’s going to be awesome. And Craig, thank you for coming on and giving us a security scoop. We’re going to have you back when we have some righteous or awesome hacks or malware or other things that we can talk about. And it’s always awesome hearing from you. And thank you so much for all you do for our community and support and things. We appreciate it.

Craig:
[28:27] Right. I appreciate it. Thank you.

Ryan:
[28:29] So it was awesome having Craig on the show to talk about the security scoop. But if you want to experience, just like we talked about, SandFly is one of the tools that can detect all types of different intrusions, all different types of malware because of how it works. It’s an absolutely amazing tool. Experience security that’s not just effective, but gives you peace of mind. No agents, no downtime, just cutting edge protection. Head right now to DestinationLinux.net slash SandFly and check out their amazing security protection services to keep your system safe.

Michael:
[29:04] And there’s also a discount code that you can use. Destination is what you use to get 50% off the home edition. That’s right. There’s a home lab edition for anyone who wants to protect their network, their land, and you can get a discount with that with destination coupon code. So dive into the future of Linux security at destinationlinux.net slash S-A-N-D-F-L-Y. That’s destinationlinux.net slash Sandfly and see how Sandfly can transform

Michael:
[29:30] your security strategy.

Ryan:
[29:31] So, Michael, we covered the very impressive DeepSeek AI. Jill, have you checked out DeepSeek as well already since we covered that on the show?

Michael:
[29:40] I think she went into it very deeply.

Ryan:
[29:43] Ah, well, good job, Michael. Good job. You know, DeepSeek was made on a smaller budget. I mean, not quite as small as they were advertising because there’s a lot of controversy there. But either way, it was made on a smaller budget than things like ChatGPT and other stuff. It was very powerful. But there’s an even more powerful open source tool, at least that’s the claim, coming from Moonshot AI. and a lot of the tools like grok chat gpt and claude if you’ve played with them done anything extensive with them outside of just kind of standard prompts you may run into the fact that they have limits on the amount of characters that it will process at a single time now i run into this if i write one of my papers in college and i want it to go and review to find mistakes make sure i’m not missing anything apa formats i basically use it as an error checking agent the tools will time out and be like that’s too much information i can’t process that um so ironic considering.

Michael:
[30:43] The fact that they want to take everyone’s information.

Ryan:
[30:45] Yeah exactly i’m like i’m giving you a paper that you know somebody else will just plagiarize so like you’re welcome hello um you know additionally those tools are not open source deep seek was open source yeah um at least big parts of it were open source but you know this chat gpt and things or not. However, there are billions of investments, you know, going into these projects that are not open source. So you think it’s impossible to compete with something like chat GPT and stuff that probably have hit the stock market would be worth in the trillions and probably surpass Apple, when they, when they go live on the stock market, just because of how influential they’ve become. Well, this company Moonshot is breaking benchmarks even against these billion-dollar GPTs that are closed source.

Michael:
[31:35] Are you saying that they’re shooting for the moon?

Ryan:
[31:38] They’re moonshot. No, they already shot the moon.

Michael:
[31:41] Oh, they already shot it? Okay. So they hit it. That’s what we’re talking about now.

Jill:
[31:46] They already landed.

Michael:
[31:47] There you go.

Ryan:
[31:49] So the features of Moonshot AI include huge text capacity. So Kimi AI can handle up to 2 million Chinese characters at once, way more than ChatGPT or Grok, perfect for big documents, long chats. It’s free to use right now. So Kimi AI 1.5 is completely free, no limits, unlike ChatGPT, which is like $20, $30 a month now, or SuperGrok, which is $30 a month, but does come with an AI girlfriend.

Michael:
[32:18] Uber Grok. Super grok. That sounds like such a grok.

Ryan:
[32:24] You know, they have multi-model power, processes text, images, code together that beats models like DeepSeq for tasks needing mixed data analysis as real-time web search, which, you know, some of these GPTs you get, they’re behind. They’re not up with current events, but this can do real-time search, which makes it very effective.

Ryan:
[32:43] It was scoring for coding 96.2% on Math 500 tests, shines in coding challenges, often outperforms Claude for developers that have tried it and used it. Obviously, it works very well because it was made in China with different Chinese languages and also works with tons of other languages as well, which I think is very interesting and breaks down these questions that are given to it in very step-by-step basis so that it can basically explain very complex scenarios, but utilize some of its reasoning to break that down into things to help you. for instance, create a model to help you learn the code SQL, create a model to help you code, you know, a new language you want to learn or some other thing. So it’s got some reasoning model built into it. It’s got 1 trillion parameters, which is crazy. It’s made by Moonshot, this Kimmy thing, and it is founded back in 2023, but it’s backed by Alibaba and Tencent. And if you don’t know, if you play Marvel Rivals, Marvel Rivals is also created by Tencent. And Alibaba is like Amazon of China.

Michael:
[33:57] So that’s kind of interesting. I mean, the Tencent thing with the Marvel Rivals, I didn’t know that Marvel Rivals was made by them. But Riot Games is also owned by Tencent. And Riot Games refuses to support Linux. And Marvel Rivals is so proactive on supporting Linux. Very confusing.

Jill:
[34:14] Yeah. And Alibaba is also owned by Alibaba and their parent company. Also owns Temu.

Ryan:
[34:27] Interesting. I think I was wrong about Marvel Rivals. Marvel Rivals is owned by NetEase.

Jill:
[34:35] Okay. Oh, similar sounding name.

Ryan:
[34:38] Yeah.

Jill:
[34:39] Okay.

Ryan:
[34:40] So NetEase, not Tencent. Interesting.

Michael:
[34:43] That makes more sense because Tencent, I knew that they owned Riot Games and I knew Riot Games was lame and had a stupid rootkit. and uh uh oh anti-cheat i call it an anti-cheat oh yeah yeah you got that mixed.

Ryan:
[34:56] Up it’s easy to mix those up.

Michael:
[34:58] Yeah my bad my bad i i forgot i i pronounced it wrong my bad uh but uh but yeah that that one’s a down’s a terrible a terrible piece of software that i would highly recommend to avoid don’t play those games it’s not worth it.

Ryan:
[35:14] So I played with this new Kimmy model and I was very impressed with it. I was asking it some pretty, you know, advanced topics to break down and explain. And I thought it did a very, very good job. I also told it to make code that was undetectable by other AI algorithm checkers. Nice. And so it wrote some stuff. I ran it through the algorithm checkers. It scored like a 60%, which is about on par when you ask ChatGPT or others to write things that are undetectable by AI, meaning it has to use an original voice. And so that’s one of the tests I like to do with the AI tools to see how good they can try to manipulate or trick. So I was pretty impressed with the fact that it’s free. Like it kind of blows me away that it’s free. It is crazy. What did you think, Jill?

Jill:
[36:05] I was really impressed with it. I brought in a couple PDFs of our show notes and asked a few questions.

Ryan:
[36:13] You’re teaching it about us?

Michael:
[36:13] Whoa.

Jill:
[36:14] Yeah.

Ryan:
[36:16] I love it.

Michael:
[36:17] You gave it like, it was like very important behind the scenes data about how we do this show that’s completely public and given to everyone.

Jill:
[36:26] Yeah. Well, it’s an open source algorithm. So it has to be accurate about open source, including podcasts that specialize in open source and Linux.

Michael:
[36:35] Fair enough, Jill. Fair enough.

Ryan:
[36:37] I want the machine to know us so it won’t kill us, Michael. Proceed, Jill.

Jill:
[36:42] So I also like that it actually, when you ask the Kimmy AI question, it shows you the results from the web articles it used to answer the question in a sidebar on the left-hand side. It was just nice and organized and easy to see. And it shows, you know, it’s showing you right there. This is where I’ve gotten this information from, or these are the files that I’m using. So I was impressed by that because a lot of the other ones, they don’t necessarily tell you what websites they went to to find this information.

Michael:
[37:14] It’s interesting that these kinds of tools, the open source tools that have been released are more popular. they’re giving you more information about like what you’re actually trying like how is it coming to this conclusion and the most important piece of these kinds of ai tools is not the final outcome but how they got to it yeah and because that way you can learn through the process and now with these chat gpt and the gemini they give you like this sort of synopsis of how they got to it but they don’t really give it to you while it’s doing its thinking mode it’s telling you what it’s thinking about but you can’t go back and like actually look at all the details of what it was doing it’s just telling you for like two seconds as it’s thinking and then it is if if they give you the the full details of how it got there i think that would be so much more useful now.

Ryan:
[38:04] A lot of the ai will tell you like if you tell it hey do this and provide me references where you got this they will it will list sites but.

Michael:
[38:12] Yeah but they also go to those sites that don’t exist They don’t exist.

Jill:
[38:16] Yeah.

Ryan:
[38:17] That’s what’s really interesting is, you know, it will give you what you want, whether it’s right or not.

Michael:
[38:23] My favorite is when it makes it a link and says, here’s the source, and there is no link attached to it whatsoever. It’s just like this colored letter.

Ryan:
[38:31] One of our patrons said, not going to kill you, but replace you. So that’s a really interesting topic because I was thinking just today that, you know, in 26 years working for corporate America, I’ve seen some things. And one of the things that I saw that was really tricky was a particular situation where they said, hey, we’re not outsourcing, but we’re bringing in this other company to help take off the low hanging fruit of your work. So you’ll still do the advanced stuff. They’re just going to do the extra stuff to help you guys have more time to do your work.

Michael:
[39:06] That does not sound good.

Ryan:
[39:08] Yeah, of course not. It wasn’t good. So they did this because they didn’t want us to be alarmed that we were training these people overseas who were, of course, going to take our jobs six months later. And so we were training these people to do our jobs, all knowing and having conversations that, hey, they’re going to take our jobs. And this whole thing’s kind of been a shadow off on us. And now I’m thinking like AI has it so that we’re training, the world is training this thing to take our jobs. Like we’re all doing it. No matter what field you’re in or what job, when you go and you give that thing prompts and you’re correcting it and fixing it, you’re training it to replace you.

Michael:
[39:47] In a way, yeah. That’s why I don’t correct it.

Ryan:
[39:50] You just you’re like that’s right stick to that stick.

Michael:
[39:54] No i i if it actually gives me a bad answer i need to get it to give me a good answer i will say like that’s not even remotely close and i won’t i won’t tell it what the answer is and but i but even if it’s like gives me uh the wrong answer again i’m just like all right whatever but if it’s sometimes i’ll just give me something that’s close to what i needed like i was doing some something i don’t remember what it was. I was trying to figure out something and it was some kind of code that I couldn’t figure it out. And I couldn’t, I just couldn’t, no, I just couldn’t remember what the, never that’s, that’s too perfect. There’s no reason to reverse it. Um, there’s, there’s so, there was something I couldn’t remember exactly what it was. And I asked, uh, like all the different AI chat systems and they all gave me the worst possible answer. None of it’s right. I know none of it’s right and one of them used a single term that like triggered my memory to go like oh that’s what it would be called and then i figured it out and i told none of them like i didn’t respond i didn’t give any information i was like nope god that’s nope like you come at me bro ai okay don’t come at me please uh to the ai overlords in the future if you’re listening to this because jill put the PDF into your database. I wasn’t saying that.

Ryan:
[41:13] Yeah, Skynet’s coming for you, brother. Coming for you. I think it’s just an interesting thing to think about. I don’t think there’s any way around it because you’re never going to stop people from feeding it. And here’s what I think makes Kimmy and DeepSeek a huge threat. You know, OpenAI was supposed to be open source and then they closed sourced it.

Michael:
[41:35] Right.

Ryan:
[41:35] So now you only have a finite amount of resources that are writing and programming into this thing. A lot of people utilizing it, but of course you have paywalls up as well for any of the advanced stuff. Whereas China with these two open source models, I mean, there’s like, I don’t know, over a billion people in China that are probably utilizing these tools. Plus everybody in the US now using these tools. And so their ability to scale up and be able to create more reasoning, better answers, better reasoning models and things, I think is going to be vastly surpass what ChatGPT and things can process. That’s just a thought. Maybe I’m wrong. Maybe closed source can do it better somehow here. Yeah. But I don’t think I am. I really think it’s because the AI’s power is in its ability, like you said, Michael, to not only get information, but get correct information and get corrected. So the more people you have utilizing it, the more powerful it becomes. And so that’s where I think that these closed source models are going to run into a lot of trouble.

Michael:
[42:43] Yeah, I think the AI, open source AI stuff is going to be a lot more powerful because of that. And I feel like a lot of people are more willing to use the open source AI because of that reason. They know that it’s being it’s being at least transparent about stuff. And I wonder if the Kimi AI is a like a homegrown independent thing or was it like forked from DeepSeek or something? That’d be kind of interesting.

Ryan:
[43:10] Yeah, I think they were two separate projects because it started, I think they said back in 2021, 2022 something like that so it’s been out there being worked on for a minute, but you know what’s interesting is like all of the, AI development all the AI tools they all run on Linux which is open source and then you got these companies in there closed sourcing the basically the end portion of it and I think chat GPT needs to go back to its original model but I know that won’t be profitable for the stockholders So what’s.

Michael:
[43:48] Funny about it is that the founder of open AI admitted that that was a mistake to close it.

Jill:
[43:53] Yeah.

Michael:
[43:53] And apparently it’s, he has no ability to make any changes, you know, cause they haven’t changed anything. But it’s kind of funny that he’s acknowledged that. But also I feel like the only reason he acknowledged that is because these models are coming out that are just destroying the market share and the, the valuation of the company and stuff like that. Like the deep seek and now this Kimmy thing. I think it’s interesting because a lot of like we had Sherard on last week talking about AI and how it could be used in really good ways. And I feel like the open source approach to these types of tools is really the like the the.

Michael:
[44:35] I don’t know, the silver bullet type of thing. It’s basically what powers the movement forward that these companies won’t be able to keep up because they’re going to be competing at something that’s moving at such a fast pace because a lot of the things about open source, if it starts way behind the other proprietary things and it takes a while to get to catch up, then it’s clear that there’s a difference in that sense. But in some cases where like open source is moving at that same pace, it quickly surpasses very quickly and also in extreme ways. Like the fact that Linux is not just the most popular server based operating system. It’s the most popular operating system on everything. It’s powering all these AI things like it’s powering everything. The only desktop aside, it’s powering everything. and that’s not that wouldn’t have happened with this a single proprietary thing so once the the threshold is met you know that mass adoption is met and i feel like with the deep seek stuff and the kimmy stuff and i would bet there’s at least another one or two that are going to do the same thing i feel like once that those these they’re already in a path where these other companies are just scared out of their minds they’ve.

Ryan:
[45:52] Got to be right because you just got too much competition and our only opus hugging face just because they have a full name and the.

Michael:
[45:58] Name is the best ever yeah it is the best and.

Jill:
[46:02] Like we were talking about charard with charard last week having having the um open uh framework the open guardrails to unify.

Michael:
[46:14] The open.

Jill:
[46:15] Source software that’s what what needs to happen and it is starting to happen.

Michael:
[46:20] And NVIDIA is involved in that, too.

Jill:
[46:23] Yeah.

Ryan:
[46:23] I think there’s probably something to learn from China here as well, because believe me, China has some very extensive guardrails built into their AI tools so that you can’t question the government on certain topics and historic events and things like that. Now, since it’s open source, it would be interesting to take some of those guardrails and obviously maybe not utilize those specifically. But however, it’s implementing them in that open world would be very interesting. All these large language models, they are trained on Linux servers, not only because of the efficiency, but the cost savings efficiency part of it as well versus utilizing other things. So, I mean, Linux powers all this stuff. They deserve to be open source. We talked about the whole fact that the digital divide and things like this. So I think this is a very important topic that we’re going to be covering probably a lot, like Michael said, with a lot of different models coming out by two, three, four, maybe a couple dozen sitting out there that are going to emerge.

Michael:
[47:22] Maybe there’s going to be some forks of existing ones and we’re going to have some like improvements on those and all sorts of that. I feel like this is going to be a thing that we’re going to be talking about for for a long time, but also not that infrequently. Like, I feel like it’s going to happen quite a bit.

Ryan:
[47:37] Yep. all right jill so give us some good news looks like you picked a really happy topic thank.

Jill:
[47:42] You oh i’m sorry this is kind of sad news and i and i hate that i’m covering something sad but but it’s okay we’re gonna we’re gonna talk to the community about it and we’re gonna think about it in a nostalgia way rather than the ending way yeah yeah so don’t.

Ryan:
[48:00] Cry jill geez it’s not that serious, Now she’s crying. Oh, gosh.

Michael:
[48:08] No, that’s not crying. She was just dabbing.

Jill:
[48:10] Yeah.

Michael:
[48:12] My bad.

Jill:
[48:14] So, yeah, like I was just saying, this is some really sad news, and it really has me concerned about the future of Intel. Intel is ending support for Clear Linux OS and will no longer provide security patches, maintenance, and updates. What is Clear Linux OS, you may be asking? Clear Linux OS is Intel’s own Linux distribution created in 2015 for cloud computing and built for performance and designed specifically for Intel hardware. It is optimized for power efficiency, speed, and security, which makes it great both for cloud and you can use it on your desktop as well. And a number of changes were made to the defaults in the kernel, along with lots of other tweaks, which help it perform extremely fast, even on older hardware for both Intel and AMD. And I know they went in and adjusted a lot of the CPU clock timings and the timings that Linux kernel works with the RAM. So they’ve done so many little tweaks.

Ryan:
[49:25] We would know it better, you know?

Jill:
[49:27] So back in 2019 actually when i was testing clear linux it performed performed very fast on amd hardware too actually i had never i hadn’t tested it on intel i just went ahead and put it on a couple you’re such a hacker jill you.

Ryan:
[49:44] Take an intel os.

Jill:
[49:45] And you’re like but i’m gonna run it on amd Yeah, but the results were actually striking. Even on my old 2013 Lenovo ThinkPad Edge E3. 545 laptop with a quad-core AMD A6 APU, the older Radeon HD 8450G graphics card that was in that laptop performed really nicely playing games in Steam. I remember I couldn’t believe it because I was getting 60 FPS average, of course, on medium settings, playing distance, and the Talos principle compared to 30 to 50 frames per second I was getting from Ubuntu on the same machine. So I actually did comparisons of the different distros at the time. And I was really impressed that it was the fastest for gaming for FPS.

Ryan:
[50:44] What’s interesting about this is I remember Ike working on this, who is a developer that worked on a couple of different distros out there, But most recently, Serpent OS, which became Erin OS, that they’re working on. And they worked at Intel for a while and had made some advancements to Clear. You know, the fact that we probably have to explain Clear Linux OS and what it is probably speaks a lot to why it’s no longer around. It was a really, really cool operating system, but it really never picked up steam with the broader community. because I’m not sure it really explicitly stated what its purpose was for people. And so I think that kind of put it in a very niche kind of arena as far as distros go.

Michael:
[51:33] And also they did things very specifically. Like the whole idea was to optimize for the hardware and have the fastest experience you can with a Linux distro. And that’s great. But also they had their own package management tool that was custom to their stuff. So the only things that were available on Clear Linux were things that they packaged themselves because the vast majority of applications are going to be running like dev packages or RPM packages and not going to be swap D. Well, you’ve got flat packs. Well, they added flat packs way later.

Jill:
[52:05] Way later. But they were using the swap D package manager, which was a bit clunky and kind of heavy. But it did work. It worked.

Michael:
[52:14] It worked.

Jill:
[52:15] And Clear Linux, you know, was a rolling release Linux.

Ryan:
[52:18] Superior release. You can just take out rolling with superior. Superior release model.

Michael:
[52:23] Okay, so we’re going to have to have a debate in the future, I guess, because about rolling release versus the whole.

Ryan:
[52:29] There’s no debate. If you seriously, like seriously, I’m not even joking. You cannot debate a rolling as a superior release model. Release model.

Michael:
[52:38] I can’t debate it because there’s not.

Ryan:
[52:39] You would be wrong. It’s ridiculous.

Michael:
[52:41] Because you’re thinking there’s only two release models, the stable and the rolling.

Ryan:
[52:44] You’re looking at the hybrid.

Michael:
[52:46] I’m talking about the new style like Bazite and stuff and the universal blue and the fedora silver blue, which are basically kind of rolling, but not exactly. They’re stable bases with their, no, they’re stable base systems that are rolling at the same time. Like it’s, it’s, I guess it’s hybrid.

Ryan:
[53:01] But Tesla’s a car, but not exactly because it’s got electric engines instead of actual gas engines. So like.

Michael:
[53:05] No, that’s not what I’m saying.

Ryan:
[53:06] It’s irrelevant.

Michael:
[53:07] It’s not what I’m saying. It’s still a car.

Ryan:
[53:09] Rolling is superior. I win.

Michael:
[53:11] Yes, I agree that rolling is very superior for a car to be able to do. Yes.

Ryan:
[53:15] Yes.

Jill:
[53:15] Thank you. This is true. It’s better than having the square wheels.

Michael:
[53:21] Yes, exactly. The square wheels does not work.

Ryan:
[53:24] Have we tried it recently? Do we know? I think I got a new conspiracy theory going. Triangle wheels were always better, but the government, big government didn’t want us to know.

Michael:
[53:32] Actually, the hexagon wheel.

Ryan:
[53:34] The.

Michael:
[53:34] Hexagon is the bestagon.

Ryan:
[53:36] And that.

Michael:
[53:36] Is proof that is undeniable proof.

Ryan:
[53:38] Yeah it’s.

Jill:
[53:39] Bumpy but closer to round.

Ryan:
[53:40] You know why they went with round because round tears up whereas a triangle wheel never tears up so you don’t have to replace the wheel and the government never tears up that’s.

Michael:
[53:48] True it doesn’t go anywhere either but it never tears up so.

Jill:
[53:54] Arjan van devin from the clear linux project, he states, Clear Linux OS GitHub repository will be archived in read-only mode. So if you’re currently using Clear Linux OS, we strongly recommend planning your migration to another actively maintained Linux distribution as soon as possible to ensure ongoing security and stability. Rest assured that Intel remains deeply invested in the Linux ecosystem, actively supporting and contributing to various open source projects and Linux distributions to enable and optimize for Intel hardware.

Michael:
[54:33] Well, that sounds good. But usually when these announcements are made, those kinds of things everybody just ignores anyway because they’re meaningless.

Ryan:
[54:40] They missed marketing opportunity, Michael. That’s the problem.

Michael:
[54:43] Yeah, exactly.

Ryan:
[54:44] If I was over-marketing, and I know I’m going to get a job offer just saying this. It may even bring it back when I say this. If I was over-marketing a clear Linux, I’d have called Pepsi been like bring back Clear Pepsi we’re going to merge the two together have a Clear Pepsi while, programming on Clear Linux I mean come on billion dollar idea I.

Michael:
[55:04] Actually feel like that is a fantastic idea but just real quick for history lesson do you know why they got rid of Clear Pepsi, No, because this is like society thought it was super weird that it was clear and tasted exactly like Pepsi. It was like, it felt wrong. So they got rid of it, even though it didn’t need to look like it didn’t need to look almost black.

Ryan:
[55:26] We wouldn’t have to have these artificial dyes in our drink and have the same flavor. But people thought it was kind of like the pink ketchup that you see sometimes and stuff like it does throw you. I get it. like when i saw when they did the fun colored ketchup and mustard i wanted nothing to do with yeah.

Michael:
[55:44] The yellow ketchup was so well like nah pass.

Ryan:
[55:46] No i can’t there’s just something about it you know like my ketchup needs to be red i’ve been programmed it’s got to be red just like i’ve been programmed round wheels are the best when we all know triangle wheels are the best oh it’s dodecagons dodecahedrons exactly quit quit showing off please yeah.

Michael:
[56:04] But also like when we’re talking about clear linux os we cannot be confusing that with clear os which is also another thing yeah so that didn’t help with the.

Ryan:
[56:14] Marketing well clear os can hire me and we’ll get the marketing thing going with clear pepsi we’ll bring it back because you know i think it’ll be worth millions.

Jill:
[56:23] So so to me the demise of clear linux you know it does kind of say something about intel’s future um this move is actually part of intel’s broader restructuring efforts which plans to cut over 5 000 jobs across the u.s states a lot of people have been hearing that in the news and that’s scary but this to me is very scary because not only was the announcement sudden but this shows the extent they have to cut if they are getting rid of smaller projects like clear linux i mean this is was a tiny project compared to i feel like that but that’s also Also.

Michael:
[57:02] The easiest thing to get rid of is tiny projects that don’t really have that much purpose, you know?

Ryan:
[57:07] Revenue generating.

Jill:
[57:08] Yeah.

Ryan:
[57:10] But I get Jill’s point, you know, Intel’s went from a situation where they were able to contribute to a lot of different things because of the amount of money that they were bringing in, because of being king, because of being number one. And now you’re going to see a lot of this extra stuff go away. Frankly, that’s something we’ve had to face as a podcast. A lot of companies after COVID cut their budgets for marketing entirely.

Jill:
[57:35] That’s true. Yeah.

Ryan:
[57:35] And we talked to other podcast networks. They face the same problem at the same time. And it was really like dark there for a while. So, you know, it’s one of those things where a lot of these companies had excess. Now they don’t. And they are because of some bad decisions. I mean, right. You got to call them what they are. I love Intel. I hope Intel exists for the rest of my lifetime, if not longer than that. And I think they’ve done some incredible things. I remember how exciting it was to get an Intel CPU in your computer. I remember so many exciting innovations that that company has made, that company has brought to the market. I also remember when they laughed at AMD, when Lisa Su was bringing Ryzen to the forefront and the CEO was being all arrogant about AMD being nothing. thing i remember being on hardware addicts telling everybody amd is going to be the next big player i remember all the hate mail saying how stupid i was and don’t know crap about hardware and i ended up being right and i would like to.

Michael:
[58:44] Point out that i was right on as well on the same subject because i just agreed with ryan having no idea what he was talking about like yeah you’re probably right ryan.

Ryan:
[58:53] And i’m not giving you stock advice but when i honed down on that i bought stock and now it’s worth a lot of money because I saw where AMD was going. What I saw AMD doing, my clue to why AMD was going to be successful was this. Lisa Sue was a bona fide engineer. A bona fide engineer, not an executive coming out of some Ivy League college that was trained in business and blah, blah, blah, but can’t speak to engineers, was going to take over this company. and I knew at that point that she was going to be able to speak to engineers on their level to tell them what they needed to do to get this thing where it needed to be and that’s exactly what happened I didn’t know at the time she happened to be related to NVIDIA’s CEO as well, man what a bloodline but in any case Intel’s got what you’re saying so.

Michael:
[59:43] Real quick question Ryan so you’re you’re saying you this was that was not a stock tip about you know AMD or anything.

Ryan:
[59:50] I don’t give stock tips.

Michael:
[59:51] Right, of course not. So what company do you think is going to be very interesting in the next coming years?

Ryan:
[59:58] Um clear linux uh clear linux is what i would invest all okay oh okay i get you clear linux for sure that’s a hot like i feel.

Michael:
[1:00:06] Like i missed we missed the boat on that one.

Ryan:
[1:00:08] Yeah maybe a little bit uh no i i think intel has some interesting you know i’ve seen the new ceo’s plans they’re obviously going to be relying heavily on tsmc for a lot of their fat the problem is tsmc is backed up in all their fabrication, meaning NVIDIA and Apple and AMD have bought most of their manufacturing time. And Intel doesn’t have the bucks it used to basically get priority on that line. They have some new exciting products. I’m very excited to see what they come out with. Never underestimate Intel. I think there’s a potential for this company to come back in a huge way. We’ve talked to some of the Intel employees. I think they are incredibly gifted. They have some incredible people on that team. So if the leadership can let those people have a voice at the table, I think they could turn Intel around. If the leadership thinks they know everything and closes their engineers and people out of the conversation, I don’t know that Intel will be around. So that’s my take.

Michael:
[1:01:10] I mean, I feel like Intel has, they have a long time appreciation in the Linux community because of how like dedicated they have been to Linux. And I do feel like the statement about them still being putting effort into Linux and that sort of stuff is still going to continue. Because before Clear Linux, they were already doing tons of work for decades of like working with the kernel and that sort of stuff. So it’s not like Clear Linux is actually like a big deal in that sense. I feel like Intel is still committed to Linux. But it is kind of a shame to see Clear Linux going away just because of the, you know, because they were doing a lot of innovations. They were doing a lot of testing and they were using Clear Linux as a way to get to it.

Ryan:
[1:01:53] They were the most supportive of Linux and always have been. They were the first ones in the kernel. Yeah.

Michael:
[1:02:00] I mean, they actually put stuff in the kernel sometimes like before their hardware is out. other companies that are supporting the kernel of AMD will put stuff after the fact or much after the fact and Intel will get stuff in like because they’ll kind of like, try to not tease too much in the kernel because people are like looking for Intel commits to see if they’re actually, you know, they’ll leak information. So, but they still are trying to put in the effort to make things work in the kernel as soon as possible. So as soon as the stuff comes out, it’s there and it’s working. And they’ve been doing that for a very long time. So mad respect to Intel in that sense. And I do think that Clear Linux had a purpose that was really cool where they would just use it as an innovation project. but I’ve never saw it as like a distro for everyday users. To me, it seemed like it’s just their kind of play thing, like their playground of, of testing something.

Ryan:
[1:02:54] Kind of like, uh, that KDE, uh, KDE neon. That’s it.

Jill:
[1:02:59] Yeah, yeah, definitely.

Ryan:
[1:03:01] So I think, uh, I hope the best for Intel. I want them to succeed. They do so much for Linux, uh, continue to do so much for Linux.

Jill:
[1:03:09] And they’re one of the largest contributors to the Linux kernel. one of the largest in the world so this is we have to continue to have intel supporting linux and hashtag save intel yeah there.

Ryan:
[1:03:26] You go i think i think we’ll see some exciting things from intel i really like what they’re doing in the gpu market and stuff.

Jill:
[1:03:32] Battle mage i’m looking forward to that cool.

Ryan:
[1:03:34] Name as well which i.

Jill:
[1:03:36] Really digs hey my intel arc a770 is still rocking in this machine and it keeps getting updates and it’s getting better let’s hope they continue to keep updating

Jill:
[1:03:46] there you go i think they will for sure hey jill.

Ryan:
[1:03:49] We got a.

Jill:
[1:03:51] Community member sent.

Ryan:
[1:03:52] In our tip and trick this week which is pretty dope.

Jill:
[1:03:54] Yeah it’s pretty cool so i wanted to read what this community member said i enjoyed the flat pack section i’ve been working on a guide to help my coworkers, network engineers, switch from Windows to Linux. It’s a GitHub book, and I would love to have your feedback on the Flatpak chapter. And they, of course, included the URL. FlatSeal is one of the Flatpaks I recommend in the guide and GearLever for managing snaps.

Ryan:
[1:04:27] So what I love about this is that it’s not just a guide on Flatpak. It’s a complete Linux user guide from beginning to end. I know they wanted feedback on the Flatpak, but I was I went through this and I was like blown away. I thought it was so well done and it immediately made me think of my boss who’s moving to Linux recently. And I was like, what an amazing guide to hand over because it’s written from a user perspective. There’s a lot of guides out there, but they’re not really written from that end user perspective. They don’t have the graphics and things to follow to help a new end user really get the most out of Linux. And I feel like this guide is an incredible resource. Like, I love it. I completely dig it. And we will have it linked in the show notes for everybody to take a look. And because it’s on GitHub, I think others can contribute to it too. And I highly recommend it. I really think we should rename it the Destination Linux Guide to Linux. And officially…

Michael:
[1:05:33] So this is the… We’re just going to have to ask the contributors to see if they would be open and renaming it the Destination Linux Guide.

Ryan:
[1:05:41] We did no work on it, but we want our name on it.

Michael:
[1:05:44] Nothing at all.

Ryan:
[1:05:45] We provide you nothing except exposure, but we want…

Michael:
[1:05:48] Oh, and entertainment. That too. That’s true.

Ryan:
[1:05:51] Think about our entertainment. That’s what you need to think.

Michael:
[1:05:54] But this is really good. The only thing is that I feel like this is fantastic and it is definitely good for people. I agree with Ryan. It’s just not, it’s not beginner friendly because it’s not necessarily for like it’s trying to teach people who are in the in the industry of some kind so like it’s talking about specifics then talking about like the package tools and all that sort of stuff so if you’re a brand new user it’s not really aimed at i mean i give you if you’re if you’re a beginner if you’re a beginner if you’re brand new then you’re and you’re in the tech world then it’s fine i’m just i’m just saying that a lot of people i’m actually i don’t know Can you push.

Ryan:
[1:06:33] Your glasses up and say, I’m actually, please?

Michael:
[1:06:35] So this topic, the reason why is that it’s talking about different types of package management. So it’s like the APT versus Nala. Most beginners don’t need to care about any of that stuff. But in terms of people who want to, this is a great resource.

Ryan:
[1:06:53] I think they do because that’s one of the most confusing things when you’re coming to Linux is if you don’t understand where you get your software from. Keep in mind, everybody who comes from Windows is used to going to a website, downloading an EXE. And so they have no clue where they get their software in a Linux environment and why there’s multiple ways to get software and why.

Michael:
[1:07:14] Well, I’m saying that not necessarily a term. I don’t think that. I think we should try to keep the… the beginner aspects as far as like, you know, not trying to focus the terminal because I mean, I think it pushes away a lot more than it keeps in. And I feel like the, you know, this one is great. This whole guide is great. I’m just saying like the, the beginner user who’s not interested in that sort of stuff doesn’t know that he doesn’t need to know the difference between the various different terminal package managers.

Ryan:
[1:07:43] I’m getting terminal listening to your mouth. That’s what I’m getting terminal with. Yeah. But that’s it. Thank you for this.

Michael:
[1:07:51] Saying i’m killing you is that what you’re saying exactly.

Ryan:
[1:07:53] Exactly thank you for this incredible uh guide it really is well done and we’ll have a link to it in the show.

Michael:
[1:08:00] It is well done i’m not knocking it at all i think it’s very good he.

Ryan:
[1:08:03] Did he did but.

Michael:
[1:08:05] I’m just saying he said you should be everybody should look at it i’m just saying like not everybody is gonna it’s it’s literally it’s literally titled ubuntu for network people like for network engineers or something like that like that they know who it’s for.

Ryan:
[1:08:22] I’m just saying, I looked at this guide and saw a lot of questions that people who are brand new to Linux are asking.

Michael:
[1:08:30] It is very good.

Ryan:
[1:08:32] It’s just well done. So yeah, I endorse it. I give it my thumbs up. I give it two thumbs. Look at that. Two thumbs up. And those are actual big thumbs.

Michael:
[1:08:43] I give it two weak thumbs up.

Ryan:
[1:08:46] Three thumbs.

Jill:
[1:08:47] Up four thumbs up.

Ryan:
[1:08:49] Jill you only have two, Thumbs.

Jill:
[1:08:53] I think she’s.

Michael:
[1:08:54] Adding to yours.

Ryan:
[1:08:55] Oh, okay. All right. I thought maybe Jill was about to…

Michael:
[1:08:59] She’s not counting my thumbs because they’re too weak.

Ryan:
[1:09:01] Oh, that makes sense. That makes sense. Okay, got it. I thought maybe she was revealing to us she was an alien. She was just going to like, here it is.

Michael:
[1:09:09] That would explain why everybody loves her so much. Yeah.

Ryan:
[1:09:13] All right. Well, a big thank you to each and every one of you supporting us by listening, watching the show, however you do it. We love your faces. And you can come join us in our Discord by going to tuxedigital.com slash Discord, where you can join hundreds and hundreds of other thousands, even.

Michael:
[1:09:30] Thousands.

Ryan:
[1:09:30] Fellow Linux users. Why did I start at hundreds? You can join tens of people.

Michael:
[1:09:35] I think you’re going for the joking of the dozens and dozens of people.

Ryan:
[1:09:39] Yes. Baker’s dozens of people. There’s Baker’s dozens of people in there.

Michael:
[1:09:44] There’s at least that many. Yes.

Ryan:
[1:09:47] No, there is thousands of people in our Discord chat. So you could go hang out, tell people you love Linux, automatically got something in common with them, make lots of friends, talk about the show, especially discuss why Michael has to um actually every topic. That would be a great discussion topic to kick off the week.

Michael:
[1:10:07] Because that’s providing context on the show. Like I’m giving extra information for the people who are listening. You’re benefiting. You’re welcome. You’re welcome, people. to tuxdigital.com slash discord to let to say thank you to me for giving you more context to say thank.

Ryan:
[1:10:21] You to me who’s the authoritarian leader now.

Michael:
[1:10:26] If you want to support the show if you want to support the show for all the great context that I provide go to tuxdigital.com slash membership, And you can become a patron. You get a bunch of cool perks like unedited episodes of the show. Watch the show live. You get merch discounts and all kinds of great stuff. And if you would like to get, like I talked about the merch discount, you want to get some merch, you go to tuxed.com slash store, and you can get a bunch of cool stuff. We have hats, mugs, hoodies, T-shirts, and so much more, including the very popular, no, not a screen light. No, we don’t have that. that is a new one. He’s that’s the first time he’s ever picked that up. So I appreciate it. Cause for those who don’t know, it’s whenever Ryan picks up something, it’s never in the store. And, uh, but anyway, what is in the store is also not that, but what is in the store is the Ryan is okay. I guess merch, which is, it’s the, it’s the most popular right now. And if you would like to, if you would like to tell Ryan that you also agree that he’s okay, I guess, then check it out at toxic.com.

Ryan:
[1:11:32] I feel bad for all the other Ryans out there because, you know, people are getting it to troll me, sure. But they’re also getting it to troll their other Ryan friends. Because imagine going to a party.

Michael:
[1:11:42] Which is fantastic.

Ryan:
[1:11:43] And you can just wear a Ryan’s okay, I guess shirt. And they’re like, you got a whole shirt just to tell me I’m okay? You guess. And it’s just, you know. I think it’s perfect.

Michael:
[1:11:53] It’s also a great gift for people who are like.

Ryan:
[1:11:57] It’s a compliment, Jules.

Michael:
[1:11:58] It’s a compliment. it it’s also a great gift for anyone uh who’s the spouse of anyone who’s named ryan uh that could be.

Ryan:
[1:12:06] Yeah yeah my wife’s gonna have one of those shirts ryan’s okay i guess unbelievable ryan’s.

Jill:
[1:12:12] Okay i guess.

Ryan:
[1:12:13] Jill you’re not supposed to say that you’re supposed to be the kind one what is wrong you’re supposed to say i’m amazing well it’s a compliment.

Jill:
[1:12:22] Because people are spending their hard-earned money to buy a shirt.

Ryan:
[1:12:25] To troll me no they’re spending their hard-earned money to troll me let’s not turn this into something it’s not okay okay.

Michael:
[1:12:32] To be fair to Ryan it is to troll him which is awesome so.

Ryan:
[1:12:37] People go to the store textdigital.com.

Michael:
[1:12:39] Slash store and help troll Ryan.

Jill:
[1:12:43] And make sure to check out all the cool shows here on text digital that’s right we have an entire network of shows to fill your whole week with awesome geeky goodness head to textdigital.com to keep those Linux penguins marching.

Michael:
[1:12:58] Everybody, have a great week, I guess.

Michael:
[1:13:01] And remember that the journey itself is just as important as the destination.

Ryan:
[1:13:08] I mean, these days, it’s kind of like, have a great week, I guess. It’s kind of fitting, you know?

Michael:
[1:13:13] It is kind of fitting. I mean, 2025 is a mess of a year.

Jill:
[1:13:17] Yeah.

Michael:
[1:13:18] You know? It hasn’t been the greatest. No, a lot of ways. But what is the greatest is this show.

Jill:
[1:13:25] Yeah.

Michael:
[1:13:25] It still continues. It’s continuing, yes. but it actually is about to close. We need to start over.

Ryan:
[1:13:33] Let’s do it.

Michael:
[1:13:33] Do a whole other episode.

Ryan:
[1:13:34] Yeah.

Michael:
[1:13:35] Are you doing another episode or redoing this episode?

Ryan:
[1:13:37] Maybe we should redo this one. I think I could do it better the second time.

Jill:
[1:13:40] You know, but what.

Michael:
[1:13:42] But is it, is it going to be a tribute to the first one or is it going to be just better in general?

Ryan:
[1:13:45] I think it’d just be better in general because this time I’m not going to allow you to talk about the stupid shirt you created.

Michael:
[1:13:51] I want to guarantee bring that up at any random point, you know? So I feel like there’s no reason. to do it again then because it’s going to happen.

Ryan:
[1:14:00] You know, I want to go to DEF CON and stuff. But if I go…

Michael:
[1:14:05] And wear the Ryan’s OK I guess shirt?

Ryan:
[1:14:07] No. I’m just saying if I go and I see one of those dang shirts at DEF CON, like I’m going to be really… Because if I announce I’m going, you know somebody is going to wear one there.

Jill:
[1:14:18] Yes.

Michael:
[1:14:19] In fact, I might go with you just to make sure that happens.

Ryan:
[1:14:23] You hand them out. You’ve got free Ryan. It’s OK. I guess shirts.

Michael:
[1:14:28] It’s kind of like a challenge where you do a scavenger hunt or something and then the reward is that shirt.

Ryan:
[1:14:37] I love it. I dig it.

Michael:
[1:14:39] See you next week, everybody.

Jill:
[1:14:41] Bye, everyone. Love you all.

Ryan:
[1:14:43] You’re okay, I guess.

Jill:
[1:14:47] That’s good, Ryan.

Michael:
[1:14:48] That was good.