 Hey everybody, welcome back to the Linuxcast. I'm your host Matt Weber. I'm joined by Martin Burke. How are you doing this week, Martin? All right, Matt's doing well. I have things for you, but what have you been up to? I have been having a very successful couple weeks with Linux. Now, I think we talked about... So it's promising. Yeah, yeah. I think I talked about this before when you first started on the show that I'd never been successful actually in getting anything in wine to work. I always was trying to get a game to start in wine and could never get to work. Well, this time I decided to try it again with Lutris and I got to work. So I've been playing a lot of Hearthstone, which is a game that I used to play all the time when I was on, you know, like an iPad or something, or Windows. So that's been a lot of fun. It was astonishingly easy. It's just it was almost like installing it on Windows. It just, you know, a wizard or whatever comes up and says install these fonts and install the thing and bada-bing-bada-boom. It was really good. I also, I was having problems getting VirtualBox installed on Manjaro. I got that fixed this week, too. So it was a good week in Linux. How about you, Martin? What did you do this week in Linux? Right, not too bad myself. I put myself for one of those little mini PCs. I'd like to say it was the top of the range nook, but sadly no. It's from a company called AcePC. So the specs are Windows 10 Pro, which obviously got replaced. 8 gigabyte DDR4, 1, 2, 8 gigabyte ROM. It's just an Intel Stellar and processor. Wi-Fi, Bluetooth, supports VGA, two HDMI ports. So on paper anyway, it can handle a triple display. I've only used it on a double display. Two USB 3, two USB 2. Vessar on the back, so I can mount it on the back of my monitors or a wall if needed. I've only bought it for home working, just to save a little on runit costs, just to save a pound of a PC. But that's my excuse and I'm sticking to it. I'll probably just turn into some sort of emulation machine later on. But yeah, it's a nice little toy to build a kit, and it wasn't astronomical, so it'll get me through the day at work. So yeah, yeah, it's cool. I was just talking to play with. Yeah, it's all right. Alright, so let's jump into the contact information. If you want to contact us, you can do so at the Linuxcast on Twitter. I'm at MTWB, Martin's Martin Twitter. You can find all these links in the show notes or the video description. You can subscribe to us. All of our feeds and stuff at thelinuxcast.org. And contact us via email at contact at the, excuse me, at thelinuxcast.com. Follow us on Facebook at facebook.com slash thelinuxcast. And you can also subscribe to us on YouTube at youtube.com slash thelinuxcast. We got our URL, yeah. It was cool because it surpassed 100 followers, 100 subscribers a couple weeks ago and right 170 subscribers now. Before you know it, PewDiePie, here we come. Let's see, Mike. So each and every week, Martin and I choose a news link. Mine's a couple of weeks old, but I think it's still fairly relevant. So Martin, why don't you give us your news link first? Yeah, so 10-year-old sudo bug lets Linux users gain root-level access. I don't know whether you'd spotted this or you'd just get them to auto-update. Well, I did notice an update to sudo the other week and I thought it was a bit strange. So anyway, the bug, which is known as baron samedit, can be exploited when attackers gained local access to a PC in order to escalate privileges. The bug was introduced in the sudo code back in July 2011, effectively impacting all sudo versions released over the last 10 years. I think it was a security company found this, I mean. Yeah, I think so too. After 10 years, you just thought, it's just one of those things, isn't it? Obviously, you've got to be essentially the same, bro. There's no remote access in order to... It's like that screensaver bug that's been in screensavers or whatever server that was rediscovered a couple of weeks ago by a kid just banging on the keyboard. Yeah, so it's probably kind of like that. Yeah, it's just one of those things, isn't it? There you go. It is what it is, and there you go. How about yourself? What news? News, it's a couple of weeks. So, MX Linux, which appears to be the brand new king of DistroWatch, has been on this top of DistroWatch for quite a long time. I'm going to actually make a video about it here in a couple of days. But MX Linux has come out with an ISO for the Raspberry Pi, and I think it just kind of goes to show that more and more distros are being developed to go on both the normal platforms and the ARM platform stuff for the Raspberry Pi. Now we have, obviously Ubuntu is on there, like standard actual Ubuntu, not just Ubuntu Server. We have Debian, which is Raspbian, right? And then now we have MX Linux. There's a Manjaro spin and an Arch spin. So we have more and more mainline distros coming out for support for the Raspberry Pi. So I really got to get me one of these little computers because they are kind of awesome. I really want to build a NAS with one. I'm really thinking about it. Yes, it's got, it escaped me this. I mean, I'd start on it, MX Linux essentially. And it does what it says on the tin really, but yeah, just reading through it now. Yep, uses Fluxbox, nice and easy, low power. Yeah, I might as well give this a spin weekend, have a check through it. But yeah, I'll quite enjoy MX Linux. It's just... I've got to download it. Because I'm going to put it in a hopper in a virtual machine and see what all the hype is about because for some reason it's been at the top of district watch for, I don't know, months and months. Yeah, my only quirk with it when I'd first installed it is you ever got the bottom browser? You got the browser on the left-hand side going up, which is a bit of a quirk. And then once you get it set up the way you like it. That was the only thing I had with it other than that. It literally works as your other favorite Linux Mint. I mean, it's in a Debian-based distro so I'm assuming it's going to be, you know, the only thing it won't be like Ubuntu where you snap shoved on your throat. I'm going to give it a try. I don't mind... I've never minded the app package manager, but it was always the PPA crap that bothered me. Mainly because once I used the AUR, obviously I never wanted to leave. Alright, so our main topic this week was Martin, firewalls and security. Now I have no clue what we're going to be talking about because there's no notes here. So what are we talking about this week, Martin? Right, so firewalls and security, as you say. First off, just to say that I'm definitely not a security expert, but as Linux uses, security is quite high on our agendas. I mean, whilst on Windows, it was literally shoved down your throat to use firewall, use virus protection, which at the end of the day I just frequently turned it off due to eating up my system resources, especially when playing a decent game. I mean, do you actually use firewall? I installed the firewall on Argo when I had Argo installed for that long period of time. I did actually do the simple firewall or whatever. It's the one that YouTube covered, and I actually did the day he did that video, and I left it on there and it was fine. I have not reinstalled it since I'm in Manjaro, but I'm still hedging on the fact that I'm pretty sure that Manjaro will eventually will stop working for me. There's a lot of things I've just kind of put off because I know eventually I'm going to have to go back to Argo or some other ArchBase sister. But eventually, yeah, I'll probably put a... I've never been... I don't know why, but especially when it's so easy to install a firewall, I've just never been all that, you know, seen the need to do it. I don't know. I mean, it's really lack of security for me, but it's just, you know, it's just the way I've kind of always felt. I mean, I'm not sure exactly. I mean, as a Windows user, yeah, I always used to listen and yeah, whatever, doing like these big programs, having running, eating up and stuff like that. But I mean, let's be honest, it's a typical home user. I mean, I'm myself personally, I think it's necessary for it. But although thankfully, the kernel does have a utility program baked into it called IP Tables. It contains shells of chains of rules and how it will treat network traffic. And it can be run by your favourite, the command line, using a package called, which was on about earlier, uncomplicated firewall. It's super easy to get it up and running. And I mean, I use my way, which is a G-U-F-W, which is obviously the graphical way. Oh, come on, man. You're losing your Linux card. You're going to lose the command line. No, I'm quite happy to click, click, oh, turn on. Yep, turn off. There you go. I'm quite happy instead of opening up a terminal, sticking my commands. But yeah, it's super-duper easy, whichever way you want to do it. And there's your added bitters security, especially, I mean, obviously, if you're remote-in-in or things like that, or you've got your NASA and you just want that extra bitters security book. I mean, I've stuck it on, and obviously it doesn't eat up anything really, so, I mean... What I find the most interesting, actually, isn't the ones that you can sell on your computer, the one that you run through like a Raspberry Pi, because if you've got something like a... something that could be network-wide, just plop a pie on your network and all your network traffic goes through the pie running this whatever, and then you just have a firewall for everyone that's in your house. That'd be a lot more sense to me. Plus, you could do something like that network-wide ad blocker or whatever. You could install the same thing on the same pie or whatever and get them both to work together. Sounds like a good project for me because then I can say that I'm secure, and every time I hop distros, I don't have to remember to install the uncomplicated firewall. It's just on a pie somewhere running for ever and ever. Yeah, I thought about it myself, set up a piehole, but I mean, you're going to lose, especially if you've got your Wi-Fi. I mean, you've got the added benefits of your ads are blocked, using different DNS's, things like that. You've got your firewall set up. But I mean, I don't know about yourself, but I've got, in my family of four, I've got to have about eight wireless devices. And if you're running that through the pie, essentially the pie is filtering it all out. I think it would grade on your network speed somehow. Well, somewhat. Like a per-channel, like your own little Wi-Fi router out of pies. So you'd have your own, have a Wi-Fi router, but maybe one per device or something. You're moving past the $100 Raspberry Pi into spending thousands of dollars on pies in different routers or whatever, but it has to be some kind of solution for that. I suppose it would be just to share the load, but what I've looked into anyway, I think it has degrade on your connectivity, because you've got that many things flying here and everywhere. It's not going to keep up. We're in 2020. Why the hell don't wireless routers have firewalls built in? I mean, You can buy them. Yeah? Yeah, I'm sure you can buy them. I think it's my day that we're talking to do with ads and stuff like this and tracking you and things like that. They still want to track you, but yeah, I'm on board. I mean, it should just be there, but the thing is, everyone would be buoying with these and having no ads and things like this and it had just grown to a halt. I mean, I know, yeah, you can use your ad blockers and things like that. But yeah, it's one of those things, but yeah, I'm sure you can get the I'm sure I've in America, you can get some open source routers and get the software set up on that and get it all tweaked running how you like it. Obviously keeping you safe online and helping blocking all the renders ads. So yeah, I mean in terms of security I mean, strong passwords is a must. Don't use silly things like Elvis, let me know password as you're logging. I mean, the main problem is if your website that you're on gets compromised, whether it's it's got your passwords that they'll just link it and just keep brute forcing different web surfaces in the hopes that you are using let me in as your main Facebook password or straight the way across. I mean, I know some I could put my hand up and I did use the same password for a while years ago to realize it. I think everybody does that when they first start out on the internet. Especially at work, you just lock it up a number or change a letter or add a question mark or something like that to me. But yeah, I think and again, password managers I think some must because I mean it can create a massive string that's going to take some brute forcing for the years to work out. I mean, have you looked into any password managers recently? I switched from here sometime probably towards the beginning of the year I switched from using Npass to Bitwarden because it's an open source one. Prior to that, I used LastPass and I still have data in LastPass but I think I've got most of it out now and I set my mom up with LastPass so yeah, I use Bitwarden as my main one. Yeah, the way I went from LastPass onto Bitwarden and I just didn't like Bitwarden to be fair I'm going to get shouted down but LastPass is nice and easy you've got your login to your web page it's there you don't have to right click select a password it's just automatically filled in and your auto login it's just nice and easy I hadn't any time to the LastPass I just wanted something that was open source Yeah, I purchased Bitwarden premium and stuff like that I used it for about a weekend and I just went back to LastPass it's just what you feel comfortable with at the end I mean they're both free essentially and it took some security what I've done recently is I've bought myself one of those UB keys so it's just literally a small USB device just pop it into your computer and there's like a little gold disk on it and you just literally tap the gold disk and that's for your two-factor authentication so if I need to go into Dropbox or Google or things like that it'll come up please insert your key just pop that in and press that in just for that added benefit especially on my Gmail because I did it about you but I've got a lot on Google services and I obviously email that you don't particularly use but I do use the photos and the documents and things like that so I think a UB key is up there just a second pass and I've got sick of using the various authenticators that you still grab your phone and I mean you're knackered as well if you do lose your UB key like I did the other day I couldn't find it for love no worry so it might be best if a complacent like me is buying too but I would recommend just for that added bit of security so even if they do get in your account they've got to have the two-factor on it which I believe Bitwarden supports and LastPass as two-factor authentication which definitely make them rock tight especially LastPass because it literally is just sticking your password on your LastPass and urine so yeah I definitely recommend a UB key or something very similar obviously with security we've all got our various different types of ad blockers and things like that just to keep some of the untrusted sites away and obviously nobody clicks on that we've won a brand new iPad congratulations things like that I think that's gone a bit old obviously and obviously the other bane of my existence is YouTubers ramming down your neck the use of VPNs to protect your plumbing security and things like that it just makes me want to turn them off I mean I know they've got to earn their crust but at the end of the day a VPN is if you're outside of the home and you're connecting to unsecure networks things like that I mean I've got one and it can be useful especially if you want to do a region change to watch Netflix on a different country things like that but that's mainly what I use it for I mean I've got it on my phone if I ever do run out of wireless minutes but at 10 gig it's going to be a cold day in hell when I do that have you got anything to add on security any tips well I agree with the UB key the problem is I've never used one so I'm probably going to have to actually learn how to do it maybe I'll buy one of those eventually I do use a VPN but not necessarily for security I just want it for when I want to watch something that comes from across the pond and they won't let me because I'm American or whatever that's really the only reason why we have a VPN it's a good idea to have a VPN if you're maybe like during normal times and you were at a coffee shop or something and you wanted to protect your information off of an open hot spot or whatever but I mean in this day and age everybody's at home and if you're downloading a lot of like like torrents or whatever I guess I mean even if you're using torrents the legal way just like downloading like Linux ISOs you probably should use a VPN because a lot of ISPs will see that you're downloading torrents or whatever and just assume that you're downloading the latest blockbuster hits really what you're doing is downloading Arch Linux so a VPN in that situation probably be a good idea but that has less to do with security and more about you know the man's paranoia about you stealing everything on the internet yeah I guess yeah definitely but yeah very rarely use my VPN it's just there it's 35 quid a year and it's there on my phone if I do need to connect and as you say region lock content God knows what it's a thing in this day and age at the end of the day could just do a Google search and get whatever you want anyway so just open up Netflix worldwide give everyone the choice and Prime I think Prime Amazon Prime do the same I think I'm sure yeah but yeah each to the road and they need the subscribers to get it but at the end of the day more choices more viewers I thought about subscribing to the new Firefox VPN not necessarily because I think it's going to be good or because I necessarily trust it but just because it you know to support Firefox a little bit but I'll probably just stick with Express VPN which is what I've been using is it just like you say it's just something that charges you every couple years and it's just in the background and you use it when you absolutely have to yeah I mean I see a lot of people saying oh yeah we've got to help support Firefox from it they get a wadge of cash on Google an absolute wadge of cash the idea hopefully is that eventually they won't have to have that support Google but I don't know I think we talked about this last time about the Mozilla stuff is really the CEO and all the executives are seem very attached to that Google money because it paced them all their salaries yeah that's completely off topic but it's a mess we need some good open source browsers yeah definitely you're still using Qt browser you're still on that I have it still installed I made a video about this but if it wasn't for the stupid YouTube interstitial ads the ones that they interrupt the videos for if I could get rid of those I'd use Qt browser as my daily driver it's really really good and especially because I use Google docs for a lot of stuff I know I know Google bad I use Google docs for a lot of stuff for work for keeping track of all this all this other stuff and I love VIM key bindings in every place that I can have them and you can't use VIM key bindings in like Firefox or Chrome I mean you can there are VIM plugins for but they don't work in Google docs but if you use Qt browser they work so that's the one reason why I still have it installed on my system because I can use Google docs with VIM bindings and with the hope that eventually the ad blocking in Qt browser will get better supposedly I got a comment on YouTube that the most recent give version has better ad blocking and supposedly will block those YouTube ads which is a big thing because YouTube ads I mean I know I'm trying to be a YouTuber Martin but I think everybody can agree even like the people who make millions of dollars on YouTube that the YouTube ads are terrible I mean they're just so bad I mean watch an 8 minute video interrupted 6 times by an advertisement that I mean no yeah I mean gone are the days where you just get one ad I mean there was a time when you just get the one ad at the beginning at the start of YouTube which is fine then you get two or three yeah show them all to me at the beginning I don't care I mean I'd love the opportunity to skip them if they're crappy ads but I mean I want to support I mean some YouTubers I could give a rat's ass if I support them you know like I don't if you have a billion subscribers I don't care about supporting Taylor Swift or whatever on YouTube but I mean there's a lot of YouTubers that I would you know sure I'll watch your ads because I'd like to you know Distritube or you know whatever um but I don't want to watch the stuff in the middle it's dumb I mean it's so stupid I don't like who who thought this was a good idea and Tiva who has spent a decade trying to get it so that you can skip ads on TV and we brought it to the internet like oh this was a good idea for the last 50 years let's do it on the internet and like no that's dumb Google your idiots you wouldn't mind if there was relevant ads to you would it it's like when you get the tick tock ads you just feel like pinching your small screen it's like oh my yeah it's so dumb I thankfully I've just upgraded to premium and it's job done then and it's just made my life just I can actually sit down and watch where I want to watch and without being interrupted and share it out between the family and it's worth its weight in gold to be fair because at the end of the day I'm moving forward and I do watch more YouTube than I do TV that's that goes yeah I think everybody does see my thing is I have all my music playlists on Spotify and I know that there's hacky ways of getting your music over to YouTube music but they're not great and I've I've tried YouTube music on the app and the app is kind of godawful on Android so maybe it's changed because I haven't used it well over here so maybe I'll give it a try because the thing is if you're going to pay for YouTube premium you also are probably going to pay for the music because they're kind of like bundled together right yeah yeah there's the shed service I'd never use YouTube music before and I always stick to Spotify I mean you can't mess with Spotify recommendations or YouTube's got a bit of work to do and things like that I don't want to be attached to using I listen to music all the time like everybody does and I don't want to have to listen to my music in a browser tab I want an application on my desktop and Spotify is the only one that seems to have a good app on Spotify and they also have an API which allows for a command line application that will allow me to listen to Spotify and so I know I know I'm a nerd I can't help it alright we've gone long enough let's talk about our apps of the week Martin your app of the week what is this thing alright let me just get it so no surprise surprise it's G U F W firewall one of the easiest firewalls in the world basically a GUI you get your mouse click status on and you've got various rules to set up and obviously as I said earlier there is a command line version if you like to do it the long way but once you get used to it it's even better way so yeah that's mine just on the topic of it it just runs in the background leave it running it's not going to do any harm end of so I'm using that currently which is erm it's with Ubuntu it's on mint anyway but you can download it and it's in the AUR that massive and monitored software library yep you can literally get it anywhere take take that back are you worried all hail the are screw snaps I'm just saying alright so I have two I'm breaking the rules I don't care I know so I've been on a quest to find a good file manager I know it's a nerdy quest I can't help it erm and here's the thing so I've decided that NEMO is the best file manager and this comes from I believe I might be wrong about this Linux Mint type it's the cinnamon version file manager erm the reason why I needed a new file manager is because I wanted a file manager that had dual pain so I could put two pains side by side and transfer stuff between them erm and I had been using Dunarth Rages which is the XFCE version erm and soon after I made a video saying that there was no good dual pain file managers I had a flood of comments coming on YouTube saying that NEMO actually has this and it does it did have this and a few days after that Thunar actually added this feature so I haven't actually used that yet but erm yeah NEMO is awesome it's very fast it's um and it gives me everything I want so the other one that I want to talk about I don't know if I've made videos on this I've talked about this on the podcast but the Bluetooth on Linux is kind of terrible and Martin you and I have talked about how Bluetooth is bad erm and there is an application called blue man manager it goes with the blue utilities and blueberry I believe erm for sure the blue the blue utilities um and this is a gooey application so make Martin happy erm and it basically just allows you to deal with all your Bluetooth stuff and it actually works erm now it's not perfect because erm I have a set of Bluetooth headphones and they're set to automatically pair to my Linux computer and I actually have to disconnect them and reconnect them manually in this program in order to get to work but that has nothing to do with the utility itself it's just that Bluetooth on Linux is terrible so erm yeah it's way easier to deal with this than it is to either do it on the command line which is which was the way I was doing it um I know I'm I just had doing it on the command line it was bad but in this case it was it was bad um erm or using a like your your system settings through like XFCE or you have sentiment or whatever you're using blue man seems to do better because it's literally just doing Bluetooth that's all it does I was gonna actually I did see erm a little USB that I thought maybe I should send that to you because I mean obviously Bluetooth that came out for like sending small files over small distances and it wasn't quite able to erm handle the erm audio side but this this little erm I think it's about 20 books something like that that actually handles erm audio which may well but I mean if this little erm program sorted your audio right that's fine erm in regards to your erm did you try I'm sure you did midnight commander I did but that's a um a command line utility yeah yeah erm you can't drag and drop from a command line utility you can't do it erm that and that's really what I want like I use for my command line file manager I use Ranger I love it it's fantastic but you can't you can't drag and drop out of it or drag and drop between it you have to use you know I mean it's just kind of a siloed thing unfortunately I mean if there was a way to drag and drop from Ranger or midnight commander even I use it in heartbeat now there is a gooey version of midnight commander it's called double commander and it is the most complicated piece of software I've ever seen in my life and that is having used blender I mean this is for a file manager the settings the settings pane is like I don't know three miles long it's it's not that it's bad and it works fine it's just one of those things that have so many settings and you know I'm the kind of guy who likes a lot of settings but it was kind of like a disorganized mess yeah I'm pretty sure I used that before and it was quite busy for me that it's nice and easy I mean they might restrict it but it's just a right click open as root boom there you go which I think depending what package it use I mean a lot of different restrict it and I like KDE it was a pain I couldn't get a special command to stick in so I could use the open as root privileges on that yeah nice and easy right click open as root jump done see excellent I'm positive that Dolphin has every feature that I want to have but the problem is I don't have KDE on my system right now and I loathe to download one KDE app and have to download every single KDE dependency yeah it's a problem like I jumped from Arco to Manjaro just simply because I wanted to not have 30,000 packages on my system and I'm already croaching back up to 2000 packages which is absolutely nuts because a lot of people have like 700 packages on my system well good for you man well done I want to see how many I have right now just real quick I have 1475 packages on my system right now so when I left Arco I was over 3000 so I cut down by half which is good and I've been trying to do a better job of when I install something like to try to immediately get rid of it when I don't use it so when I downloaded double commander and the sunflower file manager when I was done with those I got rid of them and so just leaving them on my system to you know be there forever and ever and ever yeah I've got 22,760 1,761 packages 17 flat packs yeah I if I were to use a package manager like that I'd use flat packs too because Snap puts that stupid folder in your home directory and it'll be a cold day in hell before I use Snaps anyways alright we've gone a little long it's okay actually we're actually right on time I want to talk about anyways if all the contact information there was there at the beginning make sure you subscribe to us on youtube and podcast Apple podcast spotify we're on overcast and all these different podcast catcher things that you can subscribe to us all the time we do a podcast every week that we can we publish videos on youtube every single day and we're awesome so definitely subscribe next topic is um oh this this shit get mr martin fired up does linux mint have a purpose we're going to talk about that you're going to try linux mint for a whole week fuck no I'm definitely going to have to beep that part out but no hell no I'll put it in a virtual machine and that's where the recording ends for some reason but we pretty much got the whole episode in thank you for listening if you were remember to subscribe and all that stuff I'm pretty sure I said that in the original recording but I can't really remember and we can all send thanks to the Skype gods who decides to just crash in the middle of a podcast episode thanks for listening see you next time