Podcasts about Unix

Family of computer operating systems that derive from the original AT&T Unix

  • 694PODCASTS
  • 2,120EPISODES
  • 48mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • Oct 9, 2025LATEST
Unix

POPULARITY

20172018201920202021202220232024

Categories



Best podcasts about Unix

Show all podcasts related to unix

Latest podcast episodes about Unix

BSD Now
632: Zipbomb defeated

BSD Now

Play Episode Listen Later Oct 9, 2025 52:56


zipbomb defeated, Optimizing ZFS for High-Throughput Storage Workloads, Open Source is one person, Omada SDN Controller on FreeBSD, Building a Simple Router with OpenBSD, Back to the origins, Enhancing Support for NAT64 Protocol Translation in NetBSD, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines zipbomb defeated (https://www.reddit.com/r/openzfs/comments/1niu6h7/when_a_decompression_zip_bomb_meets_zfs_19_pb/) Optimizing ZFS for High-Throughput Storage Workloads (https://klarasystems.com/articles/optimizing-zfs-for-high-throughput-storage-workloads?utm_source=BSD%20Now&utm_medium=Podcast) News Roundup Open Source is one person (https://opensourcesecurity.io/2025/08-oss-one-person) Omada SDN Controller on FreeBSD (https://blog.feld.me/posts/2025/08/omada-on-freebsd) Back to the origins (https://failsafe.monster/posts/another-world/) Google Summer of Code 2025 Reports: Enhancing Support for NAT64 Protocol Translation in NetBSD (http://blog.netbsd.org/tnf/entry/gsoc2025_nat64_protocol_translation) Undeadly Bits j2k25 - OpenBSD Hackathon Japan 2025 (http://undeadly.org/cgi?action=article;sid=20250601104254) OpenSSH will now adapt IP QoS to actual sessions and traffic (http://undeadly.org/cgi?action=article;sid=20250818113047) Preliminary support for Raspberry Pi 5 (https://undeadly.org/cgi?action=article;sid=20250903064251) OpenBSD enters 7.8-beta (https://undeadly.org/cgi?action=article;sid=20250911045955) Full BSDCan 2025 video playlist(s) available (https://undeadly.org/cgi?action=article;sid=20250912124932) OpenBGPD 8.9 released (https://undeadly.org/cgi?action=article;sid=20250926141610) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Brad - a few things (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/632/feedback/Brad%20-%20a%20few%20things.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

Destination Linux
438: Jill's Treasure Hunt, Google vs F-Droid, Samsung Ads on Refrigerators

Destination Linux

Play Episode Listen Later Oct 6, 2025 106:15


video: https://youtu.be/GWF9d5CDF9g Sponsored by Sandfly Security: the revolutionary agentless platform designed for Linux. Visit https://destinationlinux.net/sandfly to experience security that's not just effective but gives you peace of mind. No agents. No downtime. Just cutting-edge protection. In this episode of Destination Linux, the team dives into global privacy laws and how the UK's proposed child protection and filtering systems could reshape the internet as we know it. Ryan breaks down Google's latest developer decree that threatens the very existence of F-Droid and other open-source Android app stores, while Jill takes us on a nostalgic journey through her boxed Linux collection—from Red Hat 5 to Corel Linux and Mandrake 7.0. Nate wraps things up with a look at Samsung's bizarre decision to push advertisements on $1,800 smart refrigerators. Privacy, history, and a little bit of corporate absurdity all collide in this week's show. Forum Discussion Thread (https://destinationlinux.net/forum) Download as MP3 (https://aphid.fireside.fm/d/1437767933/32f28071-0b08-4ea1-afcc-37af75bd83d6/14fee361-101b-4f8f-834b-68c94975eedc.mp3) Support the show by becoming a patron at tuxdigital.com/membership (https://tuxdigital.com/membership) or get some swag at tuxdigital.com/store (https://tuxdigital.com/store) Hosted by: Ryan (DasGeek) = dasgeek.net (https://dasgeek.net) Jill Bryant = jilllinuxgirl.com (https://jilllinuxgirl.com) Michael Tunnell = michaeltunnell.com (https://michaeltunnell.com) Chapters: 00:00:00 Intro 00:02:58 Update on Michael & The Two-Week Hiatus 00:05:12 Community Feedback: UK Privacy Laws & Router Control 00:23:09 Sponsor: Sandfly Security 00:25:30 Is Google Killing F-Droid? Android's Open Source Dilemma 00:43:18 Jill's Treasure Hunt: Unboxing Classic Linux Distros 00:45:50 Red Hat 5.0 Hurricane: The Shift from UNIX to FOSS 00:53:29 Corel Linux OS: Industry Graphics and the Wine Breakthrough 01:07:29 Linux Mandrake 7.0: The Distro That Detected Your Sound Card 01:15:06 Treasure Hunt Wrap Up 01:15:35 Samsung's Ad-Riddled ,800 Refrigerator 01:40:44 Over Time 01:41:44 Support the Show 01:43:35 Outro 01:44:36 Post Show Links: Community Feedback https://destinationlinux.net/comments (https://destinationlinux.net/comments) https://destinationlinux.net/forum (https://destinationlinux.net/forum) Sandfly Security https://destinationlinux.net/sandfly (https://destinationlinux.net/sandfly) Is Google Killing F-Droid? Android's Open Source Dilemma https://f-droid.org/en/2025/09/29/google-developer-registration-decree.html (https://f-droid.org/en/2025/09/29/google-developer-registration-decree.html) Samsung's Ad-Riddled ,800 Refrigerator https://fortune.com/2025/09/19/samsung-family-hub-refrigerators-advertisements/ (https://fortune.com/2025/09/19/samsung-family-hub-refrigerators-advertisements/) Support the Show https://tuxdigital.com/membership (https://tuxdigital.com/membership) https://store.tuxdigital.com/ (https://store.tuxdigital.com/) Special Guests: Nathan Wolf and Wendy Hill.

BSD Now
630: Bhyve Management UI

BSD Now

Play Episode Listen Later Oct 2, 2025 35:43


FreeBSD Foundation Q2 2025 Status Update, Keeping Data Safe with OpenZFS, Ollama on FreeBSD Using GPU Passthrough, ClonOS, Preliminary support for Raspberry Pi 5, Sylve: Manage bhyve VMs and Clusters on FreeBSD, Preventing Systemd DHCP RELEASE Behavior, Call for testing - Samba 4.22, and more

Hacker News Recap
October 1st, 2025 | Jane Goodall has died

Hacker News Recap

Play Episode Listen Later Oct 2, 2025 14:45


This is a recap of the top 10 posts on Hacker News on October 01, 2025. This podcast was generated by wondercraft.ai (00:30): Jane Goodall has diedOriginal post: https://news.ycombinator.com/item?id=45441069&utm_source=wondercraft_ai(01:54): Show HN: Autism SimulatorOriginal post: https://news.ycombinator.com/item?id=45438346&utm_source=wondercraft_ai(03:18): CDC File TransferOriginal post: https://news.ycombinator.com/item?id=45433768&utm_source=wondercraft_ai(04:42): Don't avoid workplace politicsOriginal post: https://news.ycombinator.com/item?id=45440571&utm_source=wondercraft_ai(06:06): I only use Google SheetsOriginal post: https://news.ycombinator.com/item?id=45435463&utm_source=wondercraft_ai(07:30): Building the heap: racking 30 petabytes of hard drives for pretrainingOriginal post: https://news.ycombinator.com/item?id=45438496&utm_source=wondercraft_ai(08:54): TigerBeetle is a most interesting databaseOriginal post: https://news.ycombinator.com/item?id=45436534&utm_source=wondercraft_ai(10:18): Our efforts, in part, define usOriginal post: https://news.ycombinator.com/item?id=45435825&utm_source=wondercraft_ai(11:42): Unix philosophy and filesystem access makes Claude Code amazingOriginal post: https://news.ycombinator.com/item?id=45437893&utm_source=wondercraft_ai(13:06): Solar leads EU electricity generation as renewables hit 54%Original post: https://news.ycombinator.com/item?id=45440387&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Monday, September 29th, 2025: Convert Timestamps; Cisco Compromises; GitHub Notification Phishing

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Sep 29, 2025 8:36


Converting Timestamps in .bash_history Unix shells offer the ability to add timestamps to commands in the .bash_history file. This is often done in the form of Unix timestamps. This new tool converts these timestamps into a more readable format. https://isc.sans.edu/diary/New%20tool%3A%20convert-ts-bash-history.py/32324 Cisco ASA/FRD Compromises Exploitation of the vulnerabilities Cisco patched last week may have bone back about a year. Cisco and CISA have released advisories with help identifying affected devices. https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices Github Notification Phishing Github notifications are used to impersonate YCombinator and trick victims into installing a crypto drainer. https://www.bleepingcomputer.com/news/security/github-notifications-abused-to-impersonate-y-combinator-for-crypto-theft/

BSD Now
631: Endorphin Rush

BSD Now

Play Episode Listen Later Sep 25, 2025 36:53


Secure Boot for FreeBSD, Systems lie about their proper functioning, Teching the tech and rushing the endorphins, Passing a Device Into A FreeBSD Jail With A Stable Name, ZFS snapshots aren't as immutable as I thought, due to snapshot metadata, Let's write a peephole optimizer for QBE's arm64 backend, Migrate a Peertube instance from Debian to FreeBSD, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Secure Boot for FreeBSD (https://forums.FreeBSD.org/threads/how-to-set-up-secure-boot-for-freebsd.99169/) The Fundamental Failure-Mode Theorem: Systems lie about their proper functioning (https://devblogs.microsoft.com/oldnewthing/20250716-00/?p=111383) News Roundup Teching the tech and rushing the endorphins (https://vulcanridr.mataroa.blog/blog/teching-the-tech-and-rushing-the-endorphins) Passing a Device Into A FreeBSD Jail With A Stable Name (https://blog.feld.me/posts/2025/09/passing-device-freebsd-jail-with-stable-name/) ZFS snapshots aren't as immutable as I thought, due to snapshot metadata (https://utcc.utoronto.ca/~cks/space/blog/solaris/ZFSSnapshotsNotFullyImmutable) Let's write a peephole optimizer for QBE's arm64 backend (https://briancallahan.net/blog/20250901.html) Migrate a Peertube instance from Debian to FreeBSD (https://www.tumfatig.net/2025/migrate-a-peertube-instance-from-debian-to-freebsd) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions -Steve - Interviews (https://github.com/BSDNow/bsdnow.tv/blob/master/631/feedback/Steve%20-%20Interviews.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

Software Sessions
Elizabeth Figura on Wine and Proton

Software Sessions

Play Episode Listen Later Sep 24, 2025 64:07


Elizabeth Figura is a Wine developer at Code Weavers. We discuss how Wine and Proton make it possible to run Windows applications on other operating systems. Related links WineHQ Proton Crossover Direct3D MoltenVK XAudio2 Mesa 3D Graphics Library Transcript You can help correct transcripts on GitHub. Intro [00:00:00] Jeremy: Today I am talking to Elizabeth Figuera. She's a wine developer at Code Weavers. And today we're gonna talk about what that is and, uh, all the work that goes into it. [00:00:09] Elizabeth: Thank you Jeremy. I'm glad to be here. What's Wine [00:00:13] Jeremy: I think the first thing we should talk about is maybe saying what Wine is because I think a lot of people aren't familiar with the project. [00:00:20] Elizabeth: So wine is a translation layer. in fact, I would say wine is a Windows emulator. That is what the name originally stood for. it re implements the entire windows. Or you say win 32 API. so that programs that make calls into the API, will then transfer that code to wine and and we allow that Windows programs to run on, things that are not windows. So Linux, Mac, os, other operating systems such as Solaris and BSD. it works not by emulating the CPU, but by re-implementing every API, basically from scratch and translating them to their equivalent or writing new code in case there is no, you know, equivalent. System Calls [00:01:06] Jeremy: I believe what you're doing is you're emulating system calls. Could you explain what those are and, and how that relates to the project? [00:01:15] Elizabeth: Yeah. so system call in general can be used, referred to a call into the operating system, to execute some functionality that's built into the operating system. often it's used in the context of talking to the kernel windows applications actually tend to talk at a much higher level, because there's so much, so much high level functionality built into Windows. When you think about, as opposed to other operating systems that we basically, we end up end implementing much higher level behavior than you would on Linux. [00:01:49] Jeremy: And can you give some examples of what some of those system calls would be and, I suppose how they may be higher level than some of the Linux ones. [00:01:57] Elizabeth: Sure. So of course you have like low level calls like interacting with a file system, you know, created file and read and write and such. you also have, uh, high level APIs who interact with a sound driver. [00:02:12] Elizabeth: There's, uh, one I was working on earlier today, called XAudio where you, actually, you know, build this bank of of sounds. It's meant to be, played in a game and then you can position them in various 3D space. And the, and the operating system in a sense will, take care of all of the math that goes into making that work. [00:02:36] Elizabeth: That's all running on your computer and. And then it'll send that audio data to the sound card once it's transformed it. So it sounds like it's coming from a certain space. a lot of other things like, you know, parsing XML is another big one. That there's a lot of things. The, there, the, the, the space is honestly huge [00:02:59] Jeremy: And yeah, I can sort of see how those might be things you might not expect to be done by the operating system. Like you gave the example of 3D audio and XML parsing and I think XML parsing in, in particular, you would've thought that that would be something that would be handled by the, the standard library of whatever language the person was writing their application as. [00:03:22] Jeremy: So that's interesting that it's built into the os. [00:03:25] Elizabeth: Yeah. Well, and languages like, see it's not, it isn't even part of the standard library. It's higher level than that. It's, you have specific libraries that are widespread but not. Codified in a standard, but in Windows you, in Windows, they are part of the operating system. And in fact, there's several different, XML parsers in the operating system. Microsoft likes to deprecate old APIs and make new ones that do the same thing very often. [00:03:53] Jeremy: And something I've heard about Windows is that they're typically very reluctant to break backwards compatibility. So you say they're deprecated, but do they typically keep all of them still in there? [00:04:04] Elizabeth: It all still It all still works. [00:04:07] Jeremy: And that's all things that wine has to implement as well to make sure that the software works as well. [00:04:14] Jeremy: Yeah. [00:04:14] Elizabeth: Yeah. And, and we also, you know, need to make it work. we also need to implement those things to make old, programs work because there is, uh, a lot of demand, at least from, at least from people using wine for making, for getting some really old programs, working from the. Early nineties even. What people run with Wine (Productivity, build systems, servers) [00:04:36] Jeremy: And that's probably a good, thing to talk about in terms of what, what are the types of software that, that people are trying to run with wine, and what operating system are they typically using? [00:04:46] Elizabeth: Oh, in terms of software, literally all kinds, any software you can imagine that runs on Windows, people will try to run it on wine. So we're talking games, office software productivity, software accounting. people will run, build systems on wine, build their, just run, uh, build their programs using, on visual studio, running on wine. people will run wine on servers, for example, like software as a service kind of things where you don't even know that it's running on wine. really super domain specific stuff. Like I've run astronomy, software, and wine. Design, computer assisted design, even hardware drivers can sometimes work unwind. There's a bit of a gray area. How games are different [00:05:29] Jeremy: Yeah, it's um, I think from. Maybe the general public, or at least from what I've seen, I think a lot of people's exposure to it is for playing games. is there something different about games versus all those other types of, productivity software and office software that, that makes supporting those different. [00:05:53] Elizabeth: Um, there's some things about it that are different. Games of course have gotten a lot of publicity lately because there's been a huge push, largely from valve, but also some other companies to get. A lot of huge, wide range of games working well under wine. And that's really panned out in the, in a way, I think, I think we've largely succeeded. [00:06:13] Elizabeth: We've made huge strides in the past several years. 5, 5, 10 years, I think. so when you talk about what makes games different, I think, one thing games tend to do is they have a very limited set of things they're working with and they often want to make things run fast, and so they're working very close to the me They're not, they're not gonna use an XML parser, for example. [00:06:44] Elizabeth: They're just gonna talk directly as, directly to the graphics driver as they can. Right. And, and probably going to do all their own sound design. You know, I did talk about that XAudio library, but a lot of games will just talk directly as, directly to the sound driver as Windows Let some, so this is a often a blessing, honestly, because it means there's less we have to implement to make them work. when you look at a lot of productivity applications, and especially, the other thing that makes some productivity applications harder is, Microsoft makes 'em, and They like to, make a library, for use in this one program like Microsoft Office and then say, well, you know, other programs might use this as well. Let's. Put it in the operating system and expose it and write an API for it and everything. And maybe some other programs use it. mostly it's just office, but it means that office relies on a lot of things from the operating system that we all have to reimplement. [00:07:44] Jeremy: Yeah, that's somewhat counterintuitive because when you think of games, you think of these really high performance things that that seem really complicated. But it sounds like from what you're saying, because they use the lower level primitives, they're actually easier in some ways to support. [00:08:01] Elizabeth: Yeah, certainly in some ways, they, yeah, they'll do things like re-implement the heap allocator because the built-in heap allocator isn't fast enough for them. That's another good example. What makes some applications hard to support (Some are hard, can't debug other people's apps) [00:08:16] Jeremy: You mentioned Microsoft's more modern, uh, office suites. I, I've noticed there's certain applications that, that aren't supported. Like, for example, I think the modern Adobe Creative Suite. What's the difference with software like that and does that also apply to the modern office suite, or is, or is that actually supported? [00:08:39] Elizabeth: Well, in one case you have, things like Microsoft using their own APIs that I mentioned with Adobe. That applies less, I suppose, but I think to some degree, I think to some degree the answer is that some applications are just hard and there's, and, and there's no way around it. And, and we can only spend so much time on a hard application. I. Debugging things. Debugging things can get very hard with wine. Let's, let me like explain that for a minute because, Because normally when you think about debugging an application, you say, oh, I'm gonna open up my debugger, pop it in, uh, break at this point, see what like all the variables are, or they're not what I expect. Or maybe wait for it to crash and then get a back trace and see where it crashed. And why you can't do that with wine, because you don't have the application, you don't have the symbols, you don't have your debugging symbols. You don't know anything about the code you're running unless you take the time to disassemble and decompile and read through it. And that's difficult every time. It's not only difficult, every time I've, I've looked at a program and been like, I really need to just. I'm gonna just try and figure out what the program is doing. [00:10:00] Elizabeth: It takes so much time and it is never worth it. And sometimes you have to, sometimes you have no other choice, but usually you end up, you ask to rely on seeing what calls it makes into the operating system and trying to guess which one of those is going wrong. Now, sometimes you'll get lucky and it'll crash in wine code, or sometimes it'll make a call into, a function that we don't implement yet, and we know, oh, we need to implement that function. But sometimes it does something, more obscure and we have to figure out, well, like all of these millions of calls it made, which one of them is, which one of them are we implementing incorrectly? So it's returning the wrong result or not doing something that it should. And, then you add onto that the. You know, all these sort of harder to debug things like memory errors that we could make. And it's, it can be very difficult and so sometimes some applications just suffer from those hard bugs. and sometimes it's also just a matter of not enough demand for something for us to spend a lot of time on it. [00:11:11] Elizabeth: Right. [00:11:14] Jeremy: Yeah, I can see how that would be really challenging because you're, like you were saying, you don't have the symbols, so you don't have the source code, so you don't know what any of this software you're supporting, how it was actually written. And you were saying that I. A lot of times, you know, there may be some behavior that's wrong or a crash, but it's not because wine crashed or there was an error in wine. [00:11:42] Jeremy: so you just know the system calls it made, but you don't know which of the system calls didn't behave the way that the application expected. [00:11:50] Elizabeth: Exactly. Test suite (Half the code is tests) [00:11:52] Jeremy: I can see how that would be really challenging. and wine runs so many different applications. I'm, I'm kind of curious how do you even track what's working and what's not as you, you change wine because if you support thousands or tens thousands of applications, you know, how do you know when you've got a, a regression or not? [00:12:15] Elizabeth: So, it's a great question. Um, probably over half of wine by like source code volume. I actually actually check what it is, but I think it's, i, I, I think it's probably over half is what we call is tests. And these tests serve two purposes. The one purpose is a regression test. And the other purpose is they're conformance tests that test, that test how, uh, an API behaves on windows and validates that we are behaving the same way. So we write all these tests, we run them on windows and you know, write the tests to check what the windows returns, and then we run 'em on wine and make sure that that matches. and we have just such a huge body of tests to make sure that, you know, we're not breaking anything. And that every, every, all the code that we, that we get into wine that looks like, wow, it's doing that really well. Nope, that's what Windows does. The test says so. So pretty much any code that we, any new code that we get, it has to have tests to validate, to, to demonstrate that it's doing the right thing. [00:13:31] Jeremy: And so rather than testing against a specific application, seeing if it works, you're making a call to a Windows system call, seeing how it responds, and then making the same call within wine and just making sure they match. [00:13:48] Elizabeth: Yes, exactly. And that is obviously, or that is a lot more, automatable, right? Because otherwise you have to manually, you know, there's all, these are all graphical applications. [00:14:02] Elizabeth: You'd have to manually do the things and make sure they work. Um, but if you write automateable tests, you can just run them all and the machine will complain at you if it fails it continuous integration. How compatibility problems appear to users [00:14:13] Jeremy: And because there's all these potential compatibility issues where maybe a certain call doesn't behave the way an application expects. What, what are the types of what that shows when someone's using software? I mean, I, I think you mentioned crashes, but I imagine there could be all sorts of other types of behavior. [00:14:37] Elizabeth: Yes, very much so. basically anything, anything you can imagine again is, is what will happen. You can have, crashes are the easy ones because you know when and where it crashed and you can work backwards from there. but you can also get, it can, it could hang, it could not render, right? Like maybe render a black screen. for, you know, for games you could very frequently have, graphical glitches where maybe some objects won't render right? Or the entire screen will be read. Who knows? in a very bad case, you could even bring down your system and we usually say that's not wine's fault. That's the graphics library's fault. 'cause they're not supposed to do that, uh, no matter what we do. But, you know, sometimes we have to work around that anyway. but yeah, there's, there's been some very strange and idiosyncratic bugs out there too. [00:15:33] Jeremy: Yeah. And like you mentioned that uh, there's so many different things that could have gone wrong that imagine's very difficult to find. Yeah. And when software runs through wine, I think, Performance is comparable to native [00:15:49] Jeremy: A lot of our listeners will probably be familiar with running things in a virtual machine, and they know that there's a big performance impact from doing that. [00:15:57] Jeremy: How does the performance of applications compare to running natively on the original Windows OS versus virtual machines? [00:16:08] Elizabeth: So. In theory. and I, I haven't actually done this recently, so I can't speak too much to that, but in theory, the idea is it's a lot faster. so there, there, is a bit of a joke acronym to wine. wine is not an emulator, even though I started out by saying wine is an emulator, and it was originally called a Windows emulator. but what this basically means is wine is not a CPU emulator. It doesn't, when you think about emulators in a general sense, they're often, they're often emulators for specific CPUs, often older ones like, you know, the Commodore emulator or an Amiga emulator. but in this case, you have software that's written for an x86 CPU. And it's running on an x86 CPU by giving it the same instructions that it's giving on windows. It's just that when it says, now call this Windows function, it calls us instead. So that all should perform exactly the same. The only performance difference at that point is that all should perform exactly the same as opposed to a, virtual machine where you have to interpret the instructions and maybe translate them to a different instruction set. The only performance difference is going to be, in the functions that we are implementing themselves and we try to, we try to implement them to perform. As well, or almost as well as windows. There's always going to be a bit of a theoretical gap because we have to translate from say, one API to another, but we try to make that as little as possible. And in some cases, the operating system we're running on is, is just better than Windows and the libraries we're using are better than Windows. [00:18:01] Elizabeth: And so our games will run faster, for example. sometimes we can, sometimes we can, do a better job than Windows at implementing something that's, that's under our purview. there there are some games that do actually run a little bit faster in wine than they do on Windows. [00:18:22] Jeremy: Yeah, that, that reminds me of how there's these uh, gaming handhelds out now, and some of the same ones, they have a, they either let you install Linux or install windows, or they just come with a pre-installed, and I believe what I've read is that oftentimes running the same game on both operating systems, running the same game on Linux, the battery life is better and sometimes even the performance is better with these handhelds. [00:18:53] Jeremy: So it's, it's really interesting that that can even be the case. [00:18:57] Elizabeth: Yeah, it's really a testament to the huge amount of work that's gone into that, both on the wine side and on the, side of the graphics team and the colonel team. And, and of course, you know, the years of, the years of, work that's gone into Linux, even before these gaming handhelds were, were even under consideration. Proton and Valve Software's role [00:19:21] Jeremy: And something. So for people who are familiar with the handhelds, like the steam deck, they may have heard of proton. Uh, I wonder if you can explain what proton is and how it relates to wine. [00:19:37] Elizabeth: Yeah. So, proton is basically, how do I describe this? So, proton is a sort of a fork, uh, although we try to avoid the term fork. It's a, we say it's a downstream distribution because we contribute back up to wine. so it is a, it is, it is a alternate distribution fork of wine. And it's also some code that basically glues wine into, an embedding application originally intended for steam, and developed for valve. it has also been used in, others, but it has also been used in other software. it, so where proton differs from wine besides the glue part is it has some, it has some extra hacks in it for bugs that are hard to fix and easy to hack around as some quick hacks for, making games work now that are like in the process of going upstream to wine and getting their code quality improved and going through review. [00:20:54] Elizabeth: But we want the game to work now, when we distribute it. So that'll, that'll go into proton immediately. And then once we have, once the patch makes it upstream, we replace it with the version of the patch from upstream. there's other things to make it interact nicely with steam and so on. And yeah, I think, yeah, I think that's, I got it. [00:21:19] Jeremy: Yeah. And I think for people who aren't familiar, steam is like this, um, I, I don't even know what you call it, like a gaming store and a [00:21:29] Elizabeth: store game distribution service. it's got a huge variety of games on it, and you just publish. And, and it's a great way for publishers to interact with their, you know, with a wider gaming community, uh, after it, just after paying a cut to valve of their profits, they can reach a lot of people that way. And because all these games are on team and, valve wants them to work well on, on their handheld, they contracted us to basically take their entire catalog, which is huge, enormous. And trying and just step by step. Fix every game and make them all work. [00:22:10] Jeremy: So, um, and I guess for people who aren't familiar Valve, uh, softwares the company that runs steam, and so it sounds like they've asked, uh, your company to, to help improve the compatibility of their catalog. [00:22:24] Elizabeth: Yes. valve contracted us and, and again, when you're talking about wine using lower level libraries, they've also contracted a lot of other people outside of wine. Basically, the entire stack has had a tremendous, tremendous investment by valve software to make gaming on Linux work. Well. The entire stack receives changes to improve Wine compatibility [00:22:48] Jeremy: And when you refer to the entire stack, like what are some, some of those pieces, at least at a high level. [00:22:54] Elizabeth: I, I would, let's see, let me think. There is the wine project, the. Mesa Graphics Libraries. that's a, that's another, you know, uh, open source, software project that existed, has existed for a long time. But Valve has put a lot of, uh, funding and effort into it, the Linux kernel in various different ways. [00:23:17] Elizabeth: the, the desktop, uh, environment and Window Manager for, um, are also things they've invested in. [00:23:26] Jeremy: yeah. Everything that the game needs, on any level and, and that the, and that the operating system of the handheld device needs. Wine's history [00:23:37] Jeremy: And wine's been going on for quite a while. I think it's over a decade, right? [00:23:44] Elizabeth: I believe. Oh, more than, oh, far more than a decade. I believe it started in 1990, I wanna say about 1995, mid nineties. I'm, I probably have that date wrong. I believe Wine started about the mid nineties. [00:24:00] Jeremy: Mm. [00:24:00] Elizabeth: it's going on for three decades at this rate. [00:24:03] Jeremy: Wow. Okay. [00:24:06] Jeremy: And so all this time, how has the, the project sort of sustained itself? Like who's been involved and how has it been able to keep going this long? [00:24:18] Elizabeth: Uh, I think as is the case with a lot of free software, it just, it just keeps trudging along. There's been. There's been times where there's a lot of interest in wine. There's been times where there's less, and we are fortunate to be in a time where there's a lot of interest in it. we've had the same maintainer for almost this entire, almost this entire existence. Uh, Alexander Julliard, there was one person starting who started, maintained it before him and, uh, left it maintainer ship to him after a year or two. Uh, Bob Amstat. And there has been a few, there's been a few developers who have been around for a very long time. a lot of developers who have been around for a decent amount of time, but not for the entire duration. And then a very, very large number of people who come and submit a one-off fix for their individual application that they want to make work. [00:25:19] Jeremy: How does crossover relate to the wine project? Like, it sounds like you had mentioned Valve software hired you for subcontract work, but crossover itself has been around for quite a while. So how, how has that been connected to the wine project? [00:25:37] Elizabeth: So I work for, so the, so the company I work for is Code Weavers and, crossover is our flagship software. so Code Weavers is a couple different things. We have a sort of a porting service where companies will come to us and say, can we port my application usually to Mac? And then we also have a retail service where Where we basically have our own, similar to Proton, but you know, older, but the same idea where we will add some hacks into it for very difficult to solve bugs and we have a, a nice graphical interface. And then, the other thing that we're selling with crossover is support. So if you, you know, try to run a certain application and you buy crossover, you can submit a ticket saying this doesn't work and we now have a financial incentive to fix it. You know, we'll try to, we'll try to fix your, we'll spend company resources to fix your bug, right? So that's been so, so code we v has been around since 1996 and crossover, I don't know the date, but it's crossover has been around for probably about two decades, if I'm not mistaken. [00:27:01] Jeremy: And when you mention helping companies port their software to, for example, MacOS. [00:27:07] Jeremy: Is the approach that you would port it natively to MacOS APIs or is it that you would help them get it running using wine on MacOS? [00:27:21] Elizabeth: Right. That's, so that's basically what makes us so unique among porting companies is that instead of rewriting their software, we just, we just basically stick it inside of crossover and, uh, and, and make it run. [00:27:36] Elizabeth: And the idea has always been, you know, the more we implement, the more we get correct, the, the more applications will, you know, work. And sometimes it works out that way. Sometimes not really so much. And there's always work we have to do to get any given application to work, but. Yeah, so it's, it's very unusual because we don't ask companies for any of their code. We don't need it. We just fix the windows API [00:28:07] Jeremy: And, and so in that case, the ports would be let's say someone sells a MacOS version of their software. They would bundle crossover, uh, with their software. [00:28:18] Elizabeth: Right? And usually when you do this, it doesn't look like there's crossover there. Like it just looks like this software is native, but there is soft, there is crossover under the hood. Loading executables and linked libraries [00:28:32] Jeremy: And so earlier we were talking about how you're basically intercepting the system calls that these binaries are making, whether that's the executable or the, the DLLs from Windows. Um, but I think probably a lot of our listeners are not really sure how that's done. Like they, they may have built software, but they don't know, how do I basically hijack, the system calls that this application is making. [00:29:01] Jeremy: So maybe you could talk a little bit about how that works. [00:29:04] Elizabeth: So there, so there's a couple steps to go into it. when you think about a program that's say, that's a big, a big file that's got all the machine code in it, and then it's got stuff at the beginning saying, here's how the program works and here's where in the file the processor should start running. that's, that's your EXE file. And then in your DLL files are libraries that contain shared code and you have like a similar sort of file. It says, here's the entry point. That runs this function, this, you know, this pars XML function or whatever have you. [00:29:42] Elizabeth: And here's this entry point that has the generate XML function and so on and so forth. And, and, then the operating system will basically take the EXE file and see all the bits in it. Say I want to call the pars XML function. It'll load that DLL and hook it up. So it, so the processor ends up just seeing jump directly to this pars XML function and then run that and then return and so on. [00:30:14] Elizabeth: And so what wine does, is it part of wine? That's part of wine is a library, is that, you know, the implementing that parse XML and read XML function, but part of it is the loader, which is the part of the operating system that hooks everything together. And when we load, we. Redirect to our libraries. We don't have Windows libraries. [00:30:38] Elizabeth: We like, we redirect to ours and then we run our code. And then when you jump back to the program and yeah. [00:30:48] Jeremy: So it's the, the loader that's a part of wine. That's actually, I'm not sure if running the executable is the right term. [00:30:58] Elizabeth: no, I think that's, I think that's a good term. It's, it's, it's, it starts in a loader and then we say, okay, now run the, run the machine code and it's executable and then it runs and it jumps between our libraries and back and so on. [00:31:14] Jeremy: And like you were saying before, often times when it's trying to make a system call, it ends up being handled by a function that you've written in wine. And then that in turn will call the, the Linux system calls or the MacOS system calls to try and accomplish the, the same result. [00:31:36] Elizabeth: Right, exactly. [00:31:40] Jeremy: And something that I think maybe not everyone is familiar with is there's this concept of user space versus kernel space. you explain what the difference is? [00:31:51] Elizabeth: So the way I would explain, the way I would describe a kernel is it's the part of the operating system that can do anything, right? So any program, any code that runs on your computer is talking to the processor, and the processor has to be able to do anything the computer can do. [00:32:10] Elizabeth: It has to be able to talk to the hardware, it has to set up the memory space. That, so actually a very complicated task has to be able to switch to another task. and, and, and, and basically talk to another program and. You have to have something there that can do everything, but you don't want any program to be able to do everything. Um, not since the, not since the nineties. It's about when we realized that we can't do that. so the kernel is a part that can do everything. And when you need to do something that requires those, those permissions that you can't give everyone, you have to talk to the colonel and ask it, Hey, can you do this for me please? And in a very restricted way where it's only the safe things you can do. And a degree, it's also like a library, right? It's the kernel. The kernels have always existed, and since they've always just been the core standard library of the computer that does the, that does the things like read and write files, which are very, very complicated tasks under the hood, but look very simple because all you say is write this file. And talk to the hardware and abstract away all the difference between different drivers. So the kernel is doing all of these things. So because the kernel is a part that can do everything and because when you think about the kernel, it is basically one program that is always running on your computer, but it's only one program. So when a user calls the kernel, you are switching from one program to another and you're doing a lot of complicated things as part of this. You're switching to the higher privilege level where you can do anything and you're switching the state from one program to another. And so it's a it. So this is what we mean when we talk about user space, where you're running like a normal program and kernel space where you've suddenly switched into the kernel. [00:34:19] Elizabeth: Now you're executing with increased privileges in a different. idea of the process space and increased responsibility and so on. [00:34:30] Jeremy: And, and so do most applications. When you were talking about the system calls for handling 3D audio or parsing XML. Are those considered, are those system calls considered part of user space and then those things call the kernel space on your behalf, or how, how would you describe that? [00:34:50] Elizabeth: So most, so when you look at Windows, most of most of the Windows library, the vast, vast majority of it is all user space. most of these libraries that we implement never leave user space. They never need to call into the kernel. there's the, there only the core low level stuff. Things like, we need to read a file, that's a kernel call. when you need to sleep and wait for some seconds, that's a kernel. Need to talk to a different process. Things that interact with different processes in general. not just allocate memory, but allocate a page of memory, like a, from the memory manager and then that gets sub allocated by the heap allocator. so things like that. [00:35:31] Jeremy: Yeah, so if I was writing an application and I needed to open a file, for example, does, does that mean that I would have to communicate with the kernel to, to read that file? [00:35:43] Elizabeth: Right, exactly. [00:35:46] Jeremy: And so most applications, it sounds like it's gonna be a mixture. You're gonna have a lot of things that call user space calls. And then a few, you mentioned more low level ones that are gonna require you to communicate with the kernel. [00:36:00] Elizabeth: Yeah, basically. And it's worth noting that in, in all operating systems, you're, you're almost always gonna be calling a user space library. That might just be a thin wrapper over the kernel call. It might, it's gonna do like just a little bit of work in end call the kernel. [00:36:19] Jeremy: [00:36:19] Elizabeth: In fact, in Windows, that's the only way to do it. Uh, in many other operating systems, you can actually say, you can actually tell the processor to make the kernel call. There is a special instruction that does this and just, and it'll go directly to the kernel, and there's a defined interface for this. But in Windows, that interface is not defined. It's not stable. Or backwards compatible like the rest of Windows is. So even if you wanted to use it, you couldn't. and you basically have to call into the high level libraries or low level libraries, as it were, that, that tell you that create a file. And those don't do a lot. [00:37:00] Elizabeth: They just kind of tweak their parameters a little and then pass them right down to the kernel. [00:37:07] Jeremy: And so wine, it sounds like it needs to implement both the user space calls of windows, but then also the, the kernel, calls as well. But, but wine itself does that, is that only in Linux user space or MacOS user space? [00:37:27] Elizabeth: Yes. This is a very tricky thing. but all of wine, basically all of what is wine runs in, in user space and we use. Kernel calls that are already there to talk to the colonel, to talk to the host Colonel. You have to, and you, you get, you get, you get the sort of second nature of thinking about the Windows, user space and kernel. [00:37:50] Elizabeth: And then there's a host user space and Kernel and wine is running all in user, in the user, in the host user space, but it's emulating the Windows kernel. In fact, one of the weirdest, trickiest parts is I mentioned that you can run some drivers in wine. And those drivers actually, they actually are, they think they're running in the Windows kernel. which in a sense works the same way. It has libraries that it can load, and those drivers are basically libraries and they're making, kernel calls and they're, they're making calls into the kernel library that does some very, very low level tasks that. You're normally only supposed to be able to do in a kernel. And, you know, because the kernel requires some privileges, we kind of pretend we have them. And in many cases, you're even the drivers are using abstractions. We can just implement those abstractions kind of over the slightly higher level abstractions that exist in user space. [00:39:00] Jeremy: Yeah, I hadn't even considered the being able to use hardware devices, but I, I suppose if in, in the end, if you're reproducing the kernel, then whether you're running software or you're talking to a hardware device, as long as you implement the calls correctly, then I, I suppose it works. [00:39:18] Elizabeth: Cause you're, you're talking about device, like maybe it's some kind of USB device that has drivers for Windows, but it doesn't for, for Linux. [00:39:28] Elizabeth: no, that's exactly, that's a, that's kind of the, the example I've used. Uh, I think there is, I think I. My, one of my best success stories was, uh, drivers for a graphing calculator. [00:39:41] Jeremy: Oh, wow. [00:39:42] Elizabeth: That connected via USB and I basically just plugged the windows drivers into wine and, and ran it. And I had to implement a lot of things, but it worked. But for example, something like a graphics driver is not something you could implement in wine because you need the graphics driver on the host. We can't talk to the graphics driver while the host is already doing so. [00:40:05] Jeremy: I see. Yeah. And in that case it probably doesn't make sense to do so [00:40:11] Elizabeth: Right? [00:40:12] Elizabeth: Right. It doesn't because, the transition from user into kernel is complicated. You need the graphics driver to be in the kernel and the real kernel. Having it in wine would be a bad idea. Yeah. [00:40:25] Jeremy: I, I think there's, there's enough APIs you have to try and reproduce that. I, I think, uh, doing, doing something where, [00:40:32] Elizabeth: very difficult [00:40:33] Jeremy: right. Poor system call documentation and private APIs [00:40:35] Jeremy: There's so many different, calls both in user space and in kernel space. I imagine the, the user space ones Microsoft must document to some extent, but, oh. Is that, is that a [00:40:51] Elizabeth: well, sometimes, [00:40:54] Jeremy: Sometimes. Okay. [00:40:55] Elizabeth: I think it's actually better now than it used to be. But some, here's where things get fun, because sometimes there will be, you know, regular documented calls. Sometimes those calls are documented, but the documentation isn't very good. Sometimes programs will just sort of look inside Microsoft's DLLs and use calls that they aren't supposed to be using. Sometimes they use calls that they are supposed to be using, but the documentation has disappeared. just because it's that old of an API and Microsoft hasn't kept it around. sometimes some, sometimes Microsoft, Microsoft own software uses, APIs that were never documented because they never wanted anyone else using them, but they still ship them with the operating system. there was actually a kind of a lawsuit about this because it is an antitrust lawsuit, because by shipping things that only they could use, they were kind of creating a trust. and that got some things documented. At least in theory, they kind of haven't stopped doing it, though. [00:42:08] Jeremy: Oh, so even today they're, they're, I guess they would call those private, private APIs, I suppose. [00:42:14] Elizabeth: I suppose. Uh, yeah, you could say private APIs. but if we want to get, you know, newer versions of Microsoft Office running, we still have to figure out what they're doing and implement them. [00:42:25] Jeremy: And given that they're either, like you were saying, the documentation is kind of all over the place. If you don't know how it's supposed to behave, how do you even approach implementing them? [00:42:38] Elizabeth: and that's what the conformance tests are for. And I, yeah, I mentioned earlier we have this huge body of conformance tests that double is regression tests. if we see an API, we don't know what to do with or an API, we do know, we, we think we know what to do with because the documentation can just be wrong and often has been. Then we write tests to figure out what it's supposed to behave. We kind of guess until we, and, and we write tests and we pass some things in and see what comes out and see what. The see what the operating system does until we figure out, oh, so this is what it's supposed to do and these are the exact parameters in, and, and then we, and, and then we implement it according to those tests. [00:43:24] Jeremy: Is there any distinction in approach for when you're trying to implement something that's at the user level versus the kernel level? [00:43:33] Elizabeth: No, not really. And like I, and like I mentioned earlier, like, well, I mean, a kernel call is just like a library call. It's just done in a slightly different way, but it's still got, you know, parameters in, it's still got a set of parameters. They're just encoded differently. And, and again, like the, the way kernel calls are done is on a level just above the kernel where you have a library, that just passes things through. Almost verbatim to the kernel and we implement that library instead. [00:44:10] Jeremy: And, and you've been working on i, I think, wine for over, over six years now. [00:44:18] Elizabeth: That sounds about right. Debugging and having broad knowledge of Wine [00:44:20] Jeremy: What does, uh, your, your day to day look like? What parts of the project do you, do you work on? [00:44:27] Elizabeth: It really varies from day to day. and I, I, a lot of people, a lot of, some people will work on the same parts of wine for years. Uh, some people will switch around and work on all sorts of different things. [00:44:42] Elizabeth: And I'm, I definitely belong to that second group. Like if you name an area of wine, I have almost certainly contributed a patch or two to it. there's some areas I work on more than others, like, 3D graphics, multimedia, a, I had, I worked on a compiler that exists, uh, socket. So networking communication is another thing I work a lot on. day to day, I kind of just get, I, I I kind of just get a bug for some program or another. and I take it and I debug it and figure out why the program's broken and then I fix it. And there's so much variety in that. because a bug can take so many different forms like I described, and, and, and the, and then the fix can be simple or complicated or, and it can be in really anywhere to a degree. [00:45:40] Elizabeth: being able to work on any part of wine is sometimes almost a necessity because if a program is just broken, you don't know why. It could be anything. It could be any sort of API. And sometimes you can hand the API to somebody who's got a lot of experience in that, but sometimes you just do whatever. You just fix whatever's broken and you get an experience that way. [00:46:06] Jeremy: Yeah, I mean, I was gonna ask about the specialized skills to, to work on wine, but it sounds like maybe in your case it's all of them. [00:46:15] Elizabeth: It's, there's a bit of that. it's a wine. We, the skills to work on wine are very, it's a very unique set of skills because, and it largely comes down to debugging because you can't use the tools you normally use debug. [00:46:30] Elizabeth: You have to, you have to be creative and think about it different ways. Sometimes you have to be very creative. and programs will try their hardest to avoid being debugged because they don't want anyone breaking their copy protection, for example, or or hacking, or, you know, hacking in sheets. They want to be, they want, they don't want anyone hacking them like that. [00:46:54] Elizabeth: And we have to do it anyway for good and legitimate purposes. We would argue to make them work better on more operating systems. And so we have to fight that every step of the way. [00:47:07] Jeremy: Yeah, it seems like it's a combination of. F being able, like you, you were saying, being able to, to debug. and you're debugging not necessarily your own code, but you're debugging this like behavior of, [00:47:25] Jeremy: And then based on that behavior, you have to figure out, okay, where in all these different systems within wine could this part be not working? [00:47:35] Jeremy: And I, I suppose you probably build up some kind of, mental map in your head of when you get a, a type of bug or a type of crash, you oh, maybe it's this, maybe it's here, or something [00:47:47] Elizabeth: Yeah. That, yeah, there is a lot of that. there's, you notice some patterns, you know, after experience helps, but because any bug could be new, sometimes experience doesn't help and you just, you just kind of have to start from scratch. Finding a bug related to XAudio [00:48:08] Jeremy: At sort of a high level, can you give an example of where you got a specific bug report and then where you had to look to eventually find which parts of the the system were the issue? [00:48:21] Elizabeth: one, one I think good example, that I've done recently. so I mentioned this, this XAudio library that does 3D audio. And if you say you come across a bug, I'm gonna be a little bit generics here and say you come across a bug where some audio isn't playing right, maybe there's, silence where there should be the audio. So you kind of, you look in and see, well, where's that getting lost? So you can basically look in the input calls and say, here's the buffer it's submitting that's got all the audio data in it. And you look at the output, you look at where you think the output should be, like, that library will internally call a different library, which programs can interact with directly. [00:49:03] Elizabeth: And this our high level library interacts with that is the, give this sound to the audio driver, right? So you've got XAudio on top of, um. mdev, API, which is the other library that gives audio to the driver. And you see, well, the ba the buffer is that XAudio is passing into MM Dev, dev API. They're empty, there's nothing in them. So you have to kind of work through the XAudio library to see where is, where's that sound getting lost? Or maybe, or maybe that's not getting lost. Maybe it's coming through all garbled. And I've had to look at the buffer and see why is it garbled. I'll open up it up in Audacity and look at the weight shape of the wave and say, huh, that shape of the wave looks like it's, it looks like we're putting silence every 10 nanoseconds or something, or, or reversing something or interpreting it wrong. things like that. Um, there's a lot of, you'll do a lot of, putting in print fs basically all throughout wine to see where does the state change. Where was, where is it? Where is it? Right? And then where do things start going wrong? [00:50:14] Jeremy: Yeah. And in the audio example, because they're making a call to your XAudio implementation, you can see that Okay, the, the buffer, the audio that's coming in. That part is good. It, it's just that later on when it sends it to what's gonna actually have it be played by the, the hardware, that's when missing. So, [00:50:37] Elizabeth: We did something wrong in a library that destroyed the buffer. And I think on a very, high level a lot of debugging, wine is about finding where things are good and finding where things are bad, and then narrowing that down until we find the one spot where things go wrong. There's a lot of processes that go like that. [00:50:57] Jeremy: like you were saying, the more you see these problems, hopefully the, the easier it gets to, to narrow down where, [00:51:04] Elizabeth: Often. Yeah. Especially if you keep debugging things in the same area. How much code is OS specific?c [00:51:09] Jeremy: And wine supports more than one operating system. I, I saw there was Linux, MacOS I think free BSD. How much of the code is operating system specific versus how much can just be shared across all of them? [00:51:27] Elizabeth: Not that much is operating system specific actually. so when you think about the volume of wine, the, the, the, vast majority of it is the high level code that doesn't need to interact with the operating system on a low level. Right? Because Windows keeps putting, because Microsoft keeps putting lots and lots of different libraries in their operating system. And a lot of these are high level libraries. and even when we do interact with the operating system, we're, we're using cross-platform libraries or we're using, we're using ics. The, uh, so all these operating systems that we are implementing are con, basically conformed to the posix standard. which is basically like Unix, they're all Unix based. Psic is a Unix based standard. Microsoft is, you know, the big exception that never did implement that. And, and so we have to translate its APIs to Unix, APIs. now that said, there is a lot of very operating system, specific code. Apple makes things difficult by try, by diverging almost wherever they can. And so we have a lot of Apple specific code in there. [00:52:46] Jeremy: another example I can think of is, I believe MacOS doesn't support, Vulkan [00:52:53] Elizabeth: yes. Yeah.Yeah, That's a, yeah, that's a great example of Mac not wanting to use, uh, generic libraries that work on every other operating system. and in some cases we, we look at it and are like, alright, we'll implement a wrapper for that too, on top of Yuri, on top of your, uh, operating system. We've done it for Windows, we can do it for Vulkan. and that's, and then you get the Molten VK project. Uh, and to be clear, we didn't invent molten vk. It was around before us. We have contributed a lot to it. Direct3d, Vulkan, and MoltenVK [00:53:28] Jeremy: Yeah, I think maybe just at a high level might be good to explain the relationship between Direct 3D or Direct X and Vulcan and um, yeah. Yeah. Maybe if you could go into that. [00:53:42] Elizabeth: so Direct 3D is Microsoft's 3D API. the 3D APIs, you know, are, are basically a way to, they're way to firstly abstract out the differences between different graphics, graphics cards, which, you know, look very different on a hardware level. [00:54:03] Elizabeth: Especially. They, they used to look very different and they still do look very different. and secondly, a way to deal with them at a high level because actually talking to the graphics card on a low level is very, very complicated. Even talking to it on a high level is complicated, but it gets, it can get a lot worse if you've ever been a, if you've ever done any graphics, driver development. so you have a, a number of different APIs that achieve these two goals of, of, abstraction and, and of, of, of building a common abstraction and of building a, a high level abstraction. so OpenGL is the broadly the free, the free operating system world, the non Microsoft's world's choice, back in the day. [00:54:53] Elizabeth: And then direct 3D was Microsoft's API and they've and Direct 3D. And both of these have evolved over time and come up with new versions and such. And when any, API exists for too long. It gains a lot of croft and needs to be replaced. And eventually, eventually the people who developed OpenGL decided we need to start over, get rid of the Croft to make it cleaner and make it lower level. [00:55:28] Elizabeth: Because to get in a maximum performance games really want low level access. And so they made Vulcan, Microsoft kind of did the same thing, but they still call it Direct 3D. they just, it's, it's their, the newest version of Direct 3D is lower level. It's called Direct 3D 12. and, and, Mac looked at this and they decided we're gonna do the same thing too, but we're not gonna use Vulcan. [00:55:52] Elizabeth: We're gonna define our own. And they call it metal. And so when we want to translate D 3D 12 into something that another operating system understands. That's probably Vulcan. And, and on Mac, we need to translate it to metal somehow. And we decided instead of having a separate layer from D three 12 to metal, we're just gonna translate it to Vulcan and then translate the Vulcan to metal. And it also lets things written for Vulcan on Windows, which is also a thing that exists that lets them work on metal. [00:56:30] Jeremy: And having to do that translation, does that have a performance impact or is that not really felt? [00:56:38] Elizabeth: yes. It's kind of like, it's kind of like anything, when you talk about performance, like I mentioned this earlier, there's always gonna be overhead from translating from one API to another. But we try to, what we, we put in heroic efforts to. And try, try to make sure that doesn't matter, to, to make sure that stuff that needs to be fast is really as fast as it can possibly be. [00:57:06] Elizabeth: And some very clever things have been done along those lines. and, sometimes the, you know, the graphics drivers underneath are so good that it actually does run better, even despite the translation overhead. And then sometimes to make it run fast, we need to say, well, we're gonna implement a new API that behaves more like windows, so we can do less work translating it. And that's, and sometimes that goes into the graphics library and sometimes that goes into other places. Targeting Wine instead of porting applications [00:57:43] Jeremy: Yeah. Something I've found a little bit interesting about the last few years is [00:57:49] Jeremy: Developers in the past, they would generally target Windows and you might be lucky to get a Mac port or a Linux port. And I wonder, like, in your opinion now, now that a lot of developers are just targeting Windows and relying on wine or, or proton to, to run their software, is there any, I suppose, downside to doing that? [00:58:17] Jeremy: Or is it all just upside, like everyone should target Windows as this common platform? [00:58:23] Elizabeth: Yeah. It's an interesting question. I, there's some people who seem to think it's a bad thing that, that we're not getting native ports in the same sense, and then there's some people who. Who See, no, that's a perfectly valid way to do ports just right for this defacto common API it was never intended as a cross platform common API, but we've made it one. [00:58:47] Elizabeth: Right? And so why is that any worse than if it runs on a different API on on Linux or Mac and I? Yeah, I, I, I guess I tend to, I, that that argument tends to make sense to me. I don't, I don't really see, I don't personally see a lot of reason for, to, to, to say that one library is more pure than another. [00:59:12] Elizabeth: Right now, I do think Windows APIs are generally pretty bad. I, I'm, this might be, you know, just some sort of, this might just be an effect of having to work with them for a very long time and see all their flaws and have to deal with the nonsense that they do. But I think that a lot of the. Native Linux APIs are better. But if you like your Windows API better. And if you want to target Windows and that's the only way to do it, then sure why not? What's wrong with that? [00:59:51] Jeremy: Yeah, and I think the, doing it this way, targeting Windows, I mean if you look in the past, even though you had some software that would be ported to other operating systems without this compatibility layer, without people just targeting Windows, all this software that people can now run on these portable gaming handhelds or on Linux, Most of that software was never gonna be ported. So yeah, absolutely. And [01:00:21] Elizabeth: that's [01:00:22] Jeremy: having that as an option. Yeah. [01:00:24] Elizabeth: That's kind of why wine existed, because people wanted to run their software. You know, that was never gonna be ported. They just wanted, and then the community just spent a lot of effort in, you know, making all these individual programs run. Yeah. [01:00:39] Jeremy: I think it's pretty, pretty amazing too that, that now that's become this official way, I suppose, of distributing your software where you say like, Hey, I made a Windows version, but you're on your Linux machine. it's officially supported because, we have this much belief in this compatibility layer. [01:01:02] Elizabeth: it's kind of incredible to see wine having got this far. I mean, I started working on a, you know, six, seven years ago, and even then, I could never have imagined it would be like this. [01:01:16] Elizabeth: So as we, we wrap up, for the developers that are listening or, or people who are just users of wine, um, is there anything you think they should know about the project that we haven't talked about? [01:01:31] Elizabeth: I don't think there's anything I can think of. [01:01:34] Jeremy: And if people wanna learn, uh, more about the wine project or, or see what you're up to, where, where should they, where should they head? Getting support and contributing [01:01:45] Elizabeth: We don't really have any things like news, unfortunately. Um, read the release notes, uh, follow some, there's some, there's some people who, from Code Weavers who do blogs. So if you, so if you go to codeweavers.com/blog, there's some, there's, there's some codeweavers stuff, uh, some marketing stuff. But there's also some developers who will talk about bugs that they are solving and. And how it's easy and, and the experience of working on wine. [01:02:18] Jeremy: And I suppose if, if someone's. Interested in like, like let's say they have a piece of software, it's not working through wine. what's the best place for them to, to either get help or maybe even get involved with, with trying to fix it? [01:02:37] Elizabeth: yeah. Uh, so you can file a bug on, winehq.org,or, or, you know, find, there's a lot of developer resources there and you can get involved with contributing to the software. And, uh, there, there's links to our mailing list and IRC channels and, uh, and, and the GitLab, where all places you can find developers. [01:03:02] Elizabeth: We love to help you. Debug things. We love to help you fix things. We try our very best to be a welcoming community and we have got a long, we've got a lot of experience working with people who want to get their application working. So, we would love to, we'd love to have another. [01:03:24] Jeremy: Very cool. Yeah, I think wine is a really interesting project because I think for, I guess it would've been for decades, it seemed like very niche, like not many people [01:03:37] Jeremy: were aware of it. And now I think maybe in particular because of the, the Linux gaming handhelds, like the steam deck,wine is now something that a bunch of people who would've never heard about it before, and now they're aware of it. [01:03:53] Elizabeth: Absolutely. I've watched that transformation happen in real time and it's been surreal. [01:04:00] Jeremy: Very cool. Well, Elizabeth, thank you so much for, for joining me today. [01:04:05] Elizabeth: Thank you, Jeremy. I've been glad to be here.

BSD Now
629: Host Naming Conventions

BSD Now

Play Episode Listen Later Sep 18, 2025 68:11


The Death of Industrial Design, Host naming Convensions, Symbian reflections, bash timeouts, nvme vs ssds, a system to organize your life, and more. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines The Death Of Industrial Design And The Era Of Dull Electronics (https://hackaday.com/2025/07/23/the-death-of-industrial-design-and-the-era-of-dull-electronics) Host Naming Convention (https://vulcanridr.mataroa.blog/blog/host-naming-convention) News Roundup Open, free, and completely ignored: The strange afterlife of Symbian (https://www.theregister.com/2025/07/17/symbian_forgotten_foss_phone_os/) TIL: timeout in Bash scripts (https://heitorpb.github.io/bla/timeout/) It seems like NVMe SSDs have overtaken SATA SSDs for high capacities (https://utcc.utoronto.ca/~cks/space/blog/tech/NVMeOvertakingSATAForSSDs) A system to organise your life (https://johnnydecimal.com) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions - Nelson - Books (https://github.com/BSDNow/bsdnow.tv/blob/master/629/feedback/Nelson%20-%20books.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

Code Story
S11 Bonus: Simon Ritter, Azul

Code Story

Play Episode Listen Later Sep 11, 2025 31:09


Simon Ritter has been in the IT industry for 40 years. He went from university to work on Unix in the early days, employed by AT&T and programming in the C language. In 1996, he switched gears to join Sun Microsystems, programming in Java. Years later, after the Oracle transition, he started to dig into what might be next. Outside of tech, he is married with an older son. He is a complete petro-head - meaning, he is really into cars. In fact, in the last few years, he and his son re-built a classic mini from the ground up.While Simon was at Oracle, he started to crave a different opportunity, but still in the Java space. He stumbled upon a company digging into powering the Java platform, to make it the most secure, efficient and trusted platform on the planet - and he, and the company, found a great fit.This is Simon's creation story at Azul.SponsorsFull ScalePaddle.comSema SoftwarePropelAuthPostmanMeilisearchLinkshttps://www.azul.com/https://www.linkedin.com/in/siritter/Support this podcast at — https://redcircle.com/code-story-insights-from-startup-tech-leaders/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

BSD Now
628: Product Hype

BSD Now

Play Episode Listen Later Sep 11, 2025 49:11


The Hype is the Product, Programmers Aren't So Humble Anymore—Maybe Because Nobody Codes in Perl, Is OpenBSD 10x faster than Linux?, How to install FreeBSD on providers that don't support it with mfsBSD, SSHX, Zvault Status Update, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines The Hype is the Product (https://rys.io/en/180.html) Programmers Aren't So Humble Anymore—Maybe Because Nobody Codes in Perl (https://www.wired.com/story/programmers-arent-humble-anymore-nobody-codes-in-perl) News Roundup Is OpenBSD 10x faster than Linux? (https://flak.tedunangst.com/post/is-OpenBSD-10x-faster-than-Linux) How to install FreeBSD on providers that don't support it with mfsBSD (https://it-notes.dragas.net/2025/07/02/install_freebsd_providers_mfsbsd/) SSHX (https://github.com/ekzhang/sshx) Zvault Status Update (https://github.com/zvaultio/Community/blob/main/posts/2025-07-13.md) Undeadly Bits 4096 colours and flashing text on the console! (http://undeadly.org/cgi?action=article;sid=20250705081315) Font caching no longer runs as root (http://undeadly.org/cgi?action=article;sid=20250717061920) OpenSSH will now adapt IP QoS to actual sessions and traffic (http://undeadly.org/cgi?action=article;sid=20250818113047) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

The Lunduke Journal of Technology
Brian Kernighan: Rust is "a pain"

The Lunduke Journal of Technology

Play Episode Listen Later Sep 5, 2025 5:36


The C and UNIX legend says the Rust programming language is "incomprehensibly big and slow", "I don't think it's gonna replace C". Bonus: What Kernighan thinks of NixOS. More from The Lunduke Journal: https://lunduke.com/ This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit lunduke.substack.com/subscribe

BSD Now
627: Catastrophic OpenZFS bug

BSD Now

Play Episode Listen Later Sep 4, 2025 55:41


An (almost) catastrophic OpenZFS bug, crawler plague and the fragility of the web, Classic CDE (Common Desktop Environment) coming to OpenBSD, Some notes on DMARC policy inheritance and a gotcha, GNAT (Ada) is in fact fully supported on illumos, Eighteen Years of Greytrapping, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines An (almost) catastrophic OpenZFS bug and the humans that made it (and Rust is here too) (https://despairlabs.com/blog/posts/2025-07-10-an-openzfs-bug-and-the-humans-that-made-it) The current (2025) crawler plague and the fragility of the web (https://utcc.utoronto.ca/~cks/space/blog/web/WebIsKindOfFragile) News Roundup Classic CDE (Common Desktop Environment) coming to OpenBSD (https://undeadly.org/cgi?action=article;sid=20250730080301) Some notes on DMARC policy inheritance and a gotcha (https://utcc.utoronto.ca/~cks/space/blog/spam/DMARCPolicyInheritanceNotes) Despite thoughts to the contrary, GNAT (Ada) is in fact fully supported on illumos (https://briancallahan.net/blog/20250817.html) Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? (https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

BSD Now
626: USB webcam testing

BSD Now

Play Episode Listen Later Aug 28, 2025 56:10


FreeBSD Journal Summer 2025 Edition, Java hiding in plain sight, BSDCan 2025 Trip report, Call for testing OpenBSD webcams, recent new features in OpenSSH, Improved 802.11g AP compatibility check, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines FreeBSD Journal April/May/June 2025 Edition (https://freebsdfoundation.org/our-work/journal/browser-based-edition/networking-3/) BSDCan 2025 Trip Report – Chuck Tuffli (https://freebsdfoundation.org/blog/bsdcan-2025-trip-report-chuck-tuffli/) News Roundup Call for testing: USB webcams (http://undeadly.org/cgi?action=article;sid=20250808083341) From Minecraft to Markets: Java Hiding in Plain Sight (https://freebsdfoundation.org/blog/from-minecraft-to-markets-java-hiding-in-plain-sight/) Recent new features in OpenSSH (http://undeadly.org/cgi?action=article;sid=20250802084523) NetBSD 11.0 release process underway (https://blog.netbsd.org/tnf/entry/netbsd_11_0_release_process) Interview: Nico Cartron Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow) Special Guest: Nico Cartron.

BSD Now
625: Build Cluster Speedup

BSD Now

Play Episode Listen Later Aug 21, 2025 50:36


Why FreeBSD is the Right Choice for Embedded Devices, The Day GlusterFS Tried to Kill My Career, DragonFly DRM updated, NetBSD on Raspberry Pi, Speed up suspend/resume for FreeBSD, Revisiting ZFS's ZIL, separate log devices, and writes, One of my blog articles featured on the BSD Now podcast episode, New build cluster speeds up daily autobuilds, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Why FreeBSD is the Right Choice for Embedded Devices (https://klarasystems.com/articles/why-freebsd-is-the-right-choice-for-embedded-devices/?utm_source=BSD%20Now&utm_medium=Podcast) The Day GlusterFS Tried to Kill My Career (https://it-notes.dragas.net/2025/05/21/the_day_glusterfs_tried_to_kill_my_career/) News Roundup DragonFly DRM updated (https://www.dragonflydigest.com/2025/07/31/dragonfly-drm-updated/) NetBSD on Raspberry Pi! (https://www.ncartron.org/netbsd-on-raspberry-pi.html) Speed up suspend/resume for FreeBSD (https://eugene-andrienko.com/en/it/2025/07/28/speed-up-suspend-resume-freebsd.html) Revisiting ZFS's ZIL, separate log devices, and writes (https://utcc.utoronto.ca/~cks/space/blog/solaris/ZFSWritesAndZILIII) One of my blog articles featured on the BSD Now podcast episode! (https://www.ncartron.org/one-of-my-blog-articles-featured-on-the-bsd-now-podcast-episode.html) New build cluster speeds up daily autobuilds (http://blog.netbsd.org/tnf/entry/new_build_cluster_speeds_up) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

The Asianometry Podcast
The Weird OS Built Around a Database

The Asianometry Podcast

Play Episode Listen Later Aug 21, 2025


Is it a database software? An operating system? It's both. Produced by Richard Pick, nicknamed "Dick", (Yes, I know) Pick OS is older than SQL, UNIX, or CP/M. I have never seen anything like it, and the people who use it tend to love it to death. In today's video, we explore a unique database software plus operating system.

The Asianometry Podcast
The Weird OS Built Around a Database

The Asianometry Podcast

Play Episode Listen Later Aug 21, 2025


Is it a database software? An operating system? It's both. Produced by Richard Pick, nicknamed "Dick", (Yes, I know) Pick OS is older than SQL, UNIX, or CP/M. I have never seen anything like it, and the people who use it tend to love it to death. In today's video, we explore a unique database software plus operating system.

AppleVis Podcast
A Demonstration and Walkthrough of Multi-User Support on macOS

AppleVis Podcast

Play Episode Listen Later Aug 18, 2025


In this episode, Tyler walks through how multi-user accounts work on macOS—why you might use them, how to add a new user, ways to switch quickly (including Touch ID), and how to safely delete an account while preserving data for troubleshooting. He also covers guest access, account types (Administrator, Standard, and Sharing Only), and a few accessibility tips with VoiceOver.Key PointsWhy multi-user: Separate files, settings, and Apple Account sync per person; great for shared Macs or isolating issues by testing in a fresh account.Account types: Administrator can change system settings and install software.Standard has its own files/settings but cannot administer the Mac.Sharing Only can access shared services remotely but cannot log in at the Mac.Guest user: If FileVault is on, Guest can only use Safari; if off, Guest can use apps but all data is wiped on logout.Fast User Switching: Add the menu-bar item via Control Center settings (listed as “Menu Bar” in macOS Tahoe per the recording timeframe), then switch from the status menu.Touch ID switching: Register different fingers per account to jump between users instantly—even from the lock screen.Deleting an account: Three options—(1) save home folder as a disk image under Deleted Users, (2) don't change the home folder, or (3) delete the home folder.Troubleshooting tip: You can preserve your home folder, delete the account, then recreate it with the same account name to merge and reset settings—handy if issues are account-specific.Shared folder caveat: The /Users/Shared folder defaults to read/write for creator and read-only for others; permissions can be finicky, and other sharing methods may be easier.Step-by-Step GuideCreate a New User Open System Settings > Users & Groups, and click Add User…Pick an Account Type (Administrator, Standard, or Sharing Only). Standard is the default.Enter Full Name; Account Name (home folder name) will auto-fill. Set a Password and optional Hint, then click Create User.First Login & Touch ID Log out of your account, select the new user, and sign in.In Setup Assistant, the user can enroll Touch ID with their finger.Enable Fast User Switching (Menu Bar) Go to System Settings > Control Center (labeled “Menu Bar” in future macOS versions relative to the time of recording).Find Fast User Switching and set it to Show (e.g., show Account Name). Then use the status menus to switch users.Switch Between Users Instantly From the menu bar via Fast User Switching, or with Touch ID, a user can press the sensor with the finger registered to their account (works at the lock screen once accounts have been logged into).Share Files Between Accounts (Optional) Use /Users/Shared; creator has read/write, others read-only by default. Adjust permissions via Get Info if needed—but expect some Unix permission quirks.Delete a User Safely In Users & Groups, click the "Show detail" button for an account, click Delete User, and choose what to do with the Home folder.TranscriptDisclaimer: This transcript was generated by…

BSD Now
624: OpenBSD Innovations

BSD Now

Play Episode Listen Later Aug 14, 2025 61:16


OpenBSD chflags vs. Log Tampering, How to Defend Against Aggressive Web Scrapers With Anubis on FreeBSD 14, OpenBSD Innovations, Full Ada programming toolchain NOW on FreeBSD, Compute GPUs can have odd failures under Linux (still), A handy collection of shell aliases from my bash startup, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines When Root Meets Immutable: OpenBSD chflags vs. Log Tampering (https://rsadowski.de/posts/2025/openbsd-immutable-system-logs/) How to Defend Against Aggressive Web Scrapers With Anubis on FreeBSD 14 (https://herrbischoff.com/2025/07/how-to-defend-against-aggressive-web-scrapers-with-anubis-on-freebsd-14/) News Roundup OpenBSD Innovations (https://www.openbsd.org/innovations.html) Full Ada programming toolchain NOW on FreeBSD (https://www.reddit.com/r/freebsd/comments/1m21t7o/ann_full_ada_programming_toolchain_now_on_freebsd/) Compute GPUs can have odd failures under Linux (still) (https://utcc.utoronto.ca/~cks/space/blog/linux/ComputeGPUsStillFinicky) A handy collection of shell aliases from my bash startup (https://blog.petdance.com/2020/02/03/handy-collection-of-shell-aliases/) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Efraim - modernizing (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/624/feedback/Efraim%20-%20modernizing.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

Brad & Will Made a Tech Pod.
299: Donkey Kong Is a Florida Man

Brad & Will Made a Tech Pod.

Play Episode Listen Later Aug 10, 2025 74:41


It's a topic two-fer! Brad's refrigerator died last week, which gives us a chance to talk about online appliance-buying on a budget in 2025, some refrigeration and food-safety basics, product minimalism and applying the Unix philosophy to home ownership, and more. And Will just got back from Super Mario Land in Hollywood, so we go through a (literal) trip report about the experience and the tech underpinning it, from Amiibo wristbands to augmented-reality Mario Kart, ways to stay off your phone in a theme park, and a startling encounter with Bowser Jr. Support the Pod! Contribute to the Tech Pod Patreon and get access to our booming Discord, a monthly bonus episode, your name in the credits, and other great benefits! You can support the show at: https://patreon.com/techpod

BSD Now
623: Two's interview

BSD Now

Play Episode Listen Later Aug 7, 2025 60:29


Software Bill of Materials (SBOM) for FreeBSD Project, Your Guide to Lock-In Free Infrastructure, and we interview David Gwynne from the University of Queensland and developer on the OpenBSD project. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Software Bill of Materials (SBOM) for FreeBSD Project (https://freebsdfoundation.org/blog/software-bill-of-materials-sbom-for-freebsd-project/) FreeBSD Summer 2025 Roundup: Your Guide to Lock-In Free Infrastructure (https://klarasystems.com/articles/freebsd-guide-to-lock-in-free-infrastructure) Interview David Gwynne from the University of Queensland and developer on the OpenBSD project. Interview thoughts from Benedict and Jason Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow) Special Guest: David Gwynne.

Mac Admins Podcast
Episode 423: Writing the book on Threat Hunting macOS, with Jaron Bradley

Mac Admins Podcast

Play Episode Listen Later Aug 5, 2025 63:24


Macs are safe - they don't get malware. We used to hear this all the time and whilst Apple has done a wonderful job of building a secure by design operating system, there are still threats out there we need to protect ourselves against. It's also no surprise that macOS is not Windows. And it's further and further away from behaving like UNIX these days. So how do we know what to look for, and where to even go looking for it? Jaron Bradley from Jamf Threat Labs joins us to talk about his new book: Threat Hunting macOS - Mastering endpoint security Hosts: Tom Bridge - @tbridge@theinternet.social Marcus Ransom - @marcusransom Selina Ali - LinkedIn Guests: Jaron Bradley - LinkedIn Links: https://themittenmac.com/threat-hunting-book/ https://objectivebythesea.org https://en.wikipedia.org/wiki/The_Cuckoo%27s_Egg_(book) SpriteTree https://themittenmac.com/tools/ Sponsors: Kandji 1Password Nudge Security Material Security Watchman Monitoring If you're interested in sponsoring the Mac Admins Podcast, please email podcast@macadmins.org for more information. Get the latest about the Mac Admins Podcast, follow us on Twitter! We're @MacAdmPodcast! The Mac Admins Podcast has launched a Patreon Campaign! Our named patrons this month include Weldon Dodd, Damien Barrett, Justin Holt, Chad Swarthout, William Smith, Stephen Weinstein, Seb Nash, Dan McLaughlin, Joe Sfarra, Nate Cinal, Jon Brown, Dan Barker, Tim Perfitt, Ashley MacKinlay, Tobias Linder Philippe Daoust, AJ Potrebka, Adam Burg, & Hamlin Krewson  

LINUX Unplugged
626: The Btrfs Blues

LINUX Unplugged

Play Episode Listen Later Aug 4, 2025 69:30 Transcription Available


A Btrfs bug that bites is in the wild, and we discover whole home audio that works like a charm.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

Lenny's Podcast: Product | Growth | Career
He saved OpenAI, invented the “Like” button, and built Google Maps: Bret Taylor on the future of careers, coding, agents, and more

Lenny's Podcast: Product | Growth | Career

Play Episode Listen Later Jul 31, 2025 88:57


Bret Taylor's legendary career includes being CTO of Meta, co-CEO of Salesforce, chairman of the board at OpenAI (yes, during that drama), co-creating both Google Maps and the Like button, and founding three companies. Today he's the founder and CEO of Sierra, an AI agent company transforming customer service. He's one of the few people I've met who's been wildly successful at every level—from engineer to C-suite executive to founder—and across almost every discipline, including PM, engineer, CTO, COO, CPO, CEO, and board member.In this conversation, you'll learn:1. The brutal product review that nearly ended his Google career—and how that failure led to creating Google Maps2. The question Sheryl Sandberg taught him to ask every morning (“What's the most impactful thing I can do today?”) that transformed how he approached every role3. The three AI market segments that matter4. Why AI agents will replace SaaS products5. His framework for knowing whose advice to actually listen to—and how that came in handy during the OpenAI board drama6. The counterintuitive go-to-market strategy most AI startups get wrong7. Sierra's outcome-based pricing model that's transforming how enterprise software is sold (and why every SaaS company should adopt it)8. What he's teaching his kids about AI that every parent should know—Brought to you by:CodeRabbit—Cut code review time and bugs in half. Instantly: https://coderabbit.link/lennyBasecamp—The famously straightforward project management system from 37signals: https://www.basecamp.com/lennyVanta—Automate compliance. Simplify security: https://vanta.com/lenny—Where to find Bret Taylor:• X: https://x.com/btaylor• LinkedIn: https://www.linkedin.com/in/brettaylor/—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Introduction to Bret Taylor(04:10) Bret's early career and first major mistake(08:24) The birth of Google Maps(11:57) Lessons from FriendFeed and the importance of honest feedback(31:30) The future of coding and AI's role(45:26) Preparing the next generation for an AI-driven world(48:46) AI in education(52:05) Business strategies in the AI market(01:04:38) Outcome-based pricing in AI(01:09:15) Productivity gains and AI(01:17:35) Go-to-market strategies for AI products(01:21:49) Lightning round and final thoughts—Referenced:• Marissa Mayer on LinkedIn: https://www.linkedin.com/in/marissamayer/• “Lazy Sunday”—SNL: https://www.youtube.com/watch?v=sRhTeaa_B98• Quip: https://quip.com/• Sierra: https://sierra.ai/• FriendFeed: https://en.wikipedia.org/wiki/FriendFeed• Sheryl Sandberg on LinkedIn: https://www.linkedin.com/in/sheryl-sandberg-5126652/• Jim Norris on LinkedIn: https://www.linkedin.com/in/halfspin/• Paul Buchheit on X: https://x.com/paultoo• Sanjeev Singh on LinkedIn: https://www.linkedin.com/in/sanjeev-singh-20a1b72/• Barack Obama: https://www.obamalibrary.gov/obamas/president-barack-obama• Oprah Winfrey: https://en.wikipedia.org/wiki/Oprah_Winfrey• Ashton Kutcher: https://en.wikipedia.org/wiki/Ashton_Kutcher• PayPal Mafia: https://en.wikipedia.org/wiki/PayPal_Mafia• Sam Altman on X: https://x.com/sama• Warren Buffett on X: https://x.com/warrenbuffett• Unix: https://en.wikipedia.org/wiki/Unix• Fortran: https://en.wikipedia.org/wiki/Fortran• C: https://en.wikipedia.org/wiki/C_(programming_language)• Python: https://www.python.org/• Perl: https://www.perl.org/• Rust: https://www.rust-lang.org/• Eleven Labs: https://elevenlabs.io/• The exact AI playbook (using MCPs, custom GPTs, Granola) that saved ElevenLabs $100k+ and helps them ship daily | Luke Harries (Head of Growth): https://www.lennysnewsletter.com/p/the-ai-marketing-stack• Confluent: https://www.confluent.io/• Databricks: https://www.databricks.com/• Snowflake: https://www.snowflake.com• Harvey: https://www.harvey.ai/• Behind the founder: Marc Benioff: https://www.lennysnewsletter.com/p/behind-the-founder-marc-benioff• Larry Summers's website: https://larrysummers.com/• AutoCAD: https://www.autodesk.com/products/autocad/overview• Revit: https://www.autodesk.com/products/revit/• The art and science of pricing | Madhavan Ramanujam (Monetizing Innovation, Simon-Kucher): https://www.amazon.com/Monetizing-Innovation-Companies-Design-Product/dp/1119240867• Pricing your AI product: Lessons from 400+ companies and 50 unicorns | Madhavan Ramanujam: https://lenny.substack.com/p/pricing-and-scaling-your-ai-product-madhavan-ramanujam• Cursor: https://cursor.com/• CodeX: https://openai.com/codex/• Claude Code: https://www.anthropic.com/claude-code• The rise of Cursor: The $300M ARR AI tool that engineers can't stop using | Michael Truell (co-founder and CEO): https://www.lennysnewsletter.com/p/the-rise-of-cursor-michael-truell• DirecTV: https://www.directv.com/• SiriusXM: https://www.siriusxm.com/• Wayfair: https://www.wayfair.com/• Akai: https://www.akaipro.com/• Chubbies Shorts: https://www.chubbiesshorts.com/• Weight Watchers: https://www.weightwatchers.com/• CLEAR: https://www.clearme.com/• Stripe: https://stripe.com/• Building product at Stripe: craft, metrics, and customer obsession | Jeff Weinstein (Product lead): https://www.lennysnewsletter.com/p/building-product-at-stripe-jeff-weinstein• Twilio: https://www.twilio.com/• ServiceNow: https://www.servicenow.com/• Adobe: https://www.adobe.com/• Jobs to be done: https://jobs-to-be-done.com/jobs-to-be-done-a-framework-for-customer-needs-c883cbf61c90• The ultimate guide to JTBD | Bob Moesta (co-creator of the framework): https://www.lennysnewsletter.com/p/the-ultimate-guide-to-jtbd-bob-moesta• Inception: https://www.imdb.com/title/tt1375666/• Alan Kay's quote: https://www.brainyquote.com/quotes/alan_kay_100831• Jobs at Sierra: https://sierra.ai/careers—Recommended books:• Monetizing Innovation: How Smart Companies Design the Product Around the Price: https://www.amazon.com/Monetizing-Innovation-Companies-Design-Product/dp/1119240867• Competing Against Luck: The Story of Innovation and Customer Choice: https://www.amazon.com/Competing-Against-Luck-Innovation-Customer/dp/0062435612• Endurance: Shackleton's Incredible Voyage: https://www.amazon.com/Endurance-Shackletons-Incredible-Alfred-Lansing/dp/0465062881—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.Lenny may be an investor in the companies discussed. To hear more, visit www.lennysnewsletter.com

BSD Now
622: Interview with Mark Phillips - Technical Marketing Manager at the FreeBSD Foundation

BSD Now

Play Episode Listen Later Jul 31, 2025 55:10


This week Benedict interviews Mark Phillips , the Technical Marketing Manager at the FreeBSD Foundation, while they both are at a Hackathon in Germany. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Interview Mark Phillips - Technical Marketing Manager at the FreeBSD Foundation (https://freebsdfoundation.org/about-us/our-team) Personal website (https://probably.co.uk/) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow) Special Guest: Mark Phillips.

BSD Now
621: Exaggerated Death Report

BSD Now

Play Episode Listen Later Jul 24, 2025 50:07


Designing a Storage Pool, The Report of My Death Was an Exaggeration, Generic BSD installations on ARM64 UEFI, dmtargetcrypt_ng - Add next-generation implementation, The X Window System didn't immediately have X terminals, The Book of PF 4th Edition Is Coming Soon, Periodical 20 Localized Computing, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Designing a Storage Pool: RAIDZ, Mirrors, and Hybrid Configurations (https://klarasystems.com/articles/designing-storage-pool-raidz-mirrors-hybrid-configurations/?utm_source=BSD%20Now&utm_medium=Podcast) The Report of My Death Was an Exaggeration (https://freebsdfoundation.org/blog/the-report-of-my-death-was-an-exaggeration/) News Roundup Generic BSD installations on ARM64 UEFI: results and first impressions (https://mekboy.ru/post/bsd-uefi-arm64/) dmtargetcrypt_ng - Add next-generation implementation (https://gitweb.dragonflybsd.org/dragonfly.git/commit/14e6c73d4c479e4ab26571490758da27da5cbbad) The X Window System didn't immediately have X terminals (https://utcc.utoronto.ca/~cks/space/blog/unix/XTerminalsNotImmediate) Yes, The Book of PF, 4th Edition Is Coming Soon (https://bsdly.blogspot.com/2025/07/yes-book-of-pf-4th-edition-is-coming.html) Periodical 20 — Localized Computing (https://www.chrbutler.com/2024-10-16) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions -Aleksej - RockPro64 (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/621/feedback/Aleksej%20-%20RockPro64.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

MacVoices Audio
MacVoices #25198: Two First Time Macstock Attendees Reactions

MacVoices Audio

Play Episode Listen Later Jul 23, 2025 9:33


During a break at Macstock Conference and Expo, we had a chance to chat with Blair Mah and his daughter Jasmine about their first-time Macstock experiences. They highlight the diversity of attendees and presentation topics, the strong sense of community, and the high educational value of the sessions. From in-depth technical talks to practical tips, both found the event enriching and inspiring, and had one request for next year. This edition of MacVoices is brought to you by the MacVoices Dispatch, our weekly newsletter that keeps you up-to-date on any and all MacVoices-related information. Subscribe today and don't miss a thing. Show Notes: Chapters: 00:10 Welcome to MacStock Conference 01:58 Father-Daughter Perspectives on MacStock 03:13 Learning and Value from Presentations 04:28 Insights on Conference Diversity 06:01 Social Media and Community Projects 08:10 Closing Thoughts and Future Engagements Links: AlbertaLoop.com Support:      Become a MacVoices Patron on Patreon      http://patreon.com/macvoices      Enjoy this episode? Make a one-time donation with PayPal Connect:      Web:      http://macvoices.com      Twitter:      http://www.twitter.com/chuckjoiner      http://www.twitter.com/macvoices      Mastodon:      https://mastodon.cloud/@chuckjoiner      Facebook:      http://www.facebook.com/chuck.joiner      MacVoices Page on Facebook:      http://www.facebook.com/macvoices/      MacVoices Group on Facebook:      http://www.facebook.com/groups/macvoice      LinkedIn:      https://www.linkedin.com/in/chuckjoiner/      Instagram:      https://www.instagram.com/chuckjoiner/ Subscribe:      Audio in iTunes      Video in iTunes      Subscribe manually via iTunes or any podcatcher:      Audio: http://www.macvoices.com/rss/macvoicesrss      Video: http://www.macvoices.com/rss/macvoicesvideorss

Jorgenson's Soundbox
#091 The Magic of Code, History of Computing, and the Future of AI Interfaces [Sam Arbesman #2]

Jorgenson's Soundbox

Play Episode Listen Later Jul 22, 2025 75:47


Topics: (00:00:00) - Intro (00:03:14) - The magic of code (00:05:30) - The wonder of early computing (00:11:13) - The evolution of computing: From analog to digital (00:18:45) - The personal computer revolution (00:32:36) - The future of computing: Beyond silicon (00:36:59) - The importance of computing history (00:40:53) - AI and human uniqueness (00:50:46) - The future of AI and computing interfaces (01:02:13) - The intersection of playfulness and utility in computing (01:11:17) - Conclusion and final thoughts Links: Books: God & Golem, Inc. — https://mitpress.mit.edu/9780262730065/god--golem-inc In the Beginning... Was the Command Line — https://www.harpercollins.com/products/in-the-beginning-was-the-command-line-neal-stephenson I, Robot — https://www.penguinrandomhouse.com/books/180504/i-robot-by-isaac-asimov The Half-Life of Facts — https://www.penguinrandomhouse.com/books/310285/the-half-life-of-facts-by-sam-arbesman The Magic of Code — https://themagicofcode.com Tubes: A Journey to the Center of the Internet — https://www.harpercollins.com/products/tubes-andrew-blum People: Eric Jorgenson — https://www.ericjorgenson.com Sam Arbesman — https://arbesman.net Podcasts: The Orthogonal Bet — https://podcasts.apple.com/us/podcast/the-orthogonal-bet/id1682641800 Companies: Lux Capital — https://www.luxcapital.com tldraw — https://www.tldraw.com Websites / Tools / Platforms: Arbesman.net — https://arbesman.net Internet Archive Spacewar Emulation — https://archive.org/details/spacewar_202301 To support the costs of producing this podcast:  >> Buy a copy of the Navalmanack: www.navalmanack.com/  >> Buy a copy of The Anthology of Balaji: https://balajianthology.com/ >> Sign up for my online course and community about building your Personal Leverage: https://www.ejorgenson.com/leverage  >> Invest in early-stage companies alongside Eric and his partners at Rolling Fun: https://angel.co/v/back/rolling-fun >> Join the free weekly email list at ejorgenson.com/newsletter >> Text the podcast to a friend >> Or at least give the podcast a positive review to help us reach new listeners! We discuss: Why software can be seen as ACTUAL MAGIC The combination of history and science fiction for more accurate prediction The phases of computing technology, and what might be next after silicon The creative opportunities for the future of software Quotes from Sam: “Software is absolutely magic. It's wizardry. It's sorcery. Nobody gets it.” “We actually can use text and code to affect the world around us.” “Computing should almost be this humanistic liberal art—it should connect to language and philosophy and art.” “Code is not a substance, but it operates in the world.” “Computers are weird everything machines.” “We're shielded from the vast complexity of computing—until something goes wrong.” “People used to build computers in their garages. Now we can't even open them.” “Unix is like the Epic of Gilgamesh of computing—it's been around for decades and it's still foundational.” “AI is powerful, but it's part of a much longer conversation around tools for thought.” “Biology is a wildly different computer than anything we would ever use to compute with.” “Science fiction doesn't always predict well, but it gives us worlds we can aim toward.” “I want more weird, playful experimentation in computing—something beyond the chat interface.” “Computing history is so young that many of the pioneers are still around to email.” “Ultimately, all these tools were developed for people. They're meant to be in service of humans.”

BSD Now
620: Postmortem for jemalloc

BSD Now

Play Episode Listen Later Jul 17, 2025 53:53


The Server That Wasn't Meant to Exist, ZFS Performance Tuning – Optimizing for your Workload, what would a multi-user web server look like, That Grumpy BSD Guy: A Short Reading List, rsync's defaults are not always enough, jemalloc Postmortem, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines The Server That Wasn't Meant to Exist (https://it-notes.dragas.net/2025/05/13/the_server_that_wasnt_meant_to_exist/) ZFS Performance Tuning – Optimizing for your Workload (https://klarasystems.com/articles/zfs-performance-tuning-optimizing-for-your-workload/?utm_source=BSD%20Now&utm_medium=Podcast) News Roundup What would a multi-user web server look like? (A thought experiment) (https://utcc.utoronto.ca/~cks/space/blog/web/MultiUserWebServerWildIdea) That Grumpy BSD Guy: A Short Reading List (https://bsdly.blogspot.com/2025/05/that-grumpy-bsd-guy-short-reading-list.html) rsync's defaults are not always enough (https://rachelbythebay.com/w/2025/05/31/sync/) jemalloc Postmortem (https://jasone.github.io/2025/06/12/jemalloc-postmortem/) Beastie Bits IPv6 and proxying on DragonFly (https://www.dragonflydigest.com/2025/06/25/ipv6-and-proxying-on-dragonfly/) BoxyBSD (https://boxybsd.com) Sysctltui (https://alfonsosiciliano.gitlab.io/posts/2025-05-29-sysctltui.html) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

The Asianometry Podcast
AT&T's UNIX PC Failure

The Asianometry Podcast

Play Episode Listen Later Jul 17, 2025


It was going to be the year of the UNIX desktop. On March 27th 1984, the telephone giant AT&T announced that they will make computers and compete with IBM. At the centerpiece of AT&T's market strategy was the legendary operating system, UNIX. Powerful and “open”, AT&T saw UNIX as key to beating Big Blue. A year later, they released their first UNIX PC. Guess what happened next? In today's video, that time AT&T attempted to use UNIX to become a computer company.

The Asianometry Podcast
AT&T's UNIX PC Failure

The Asianometry Podcast

Play Episode Listen Later Jul 17, 2025


It was going to be the year of the UNIX desktop. On March 27th 1984, the telephone giant AT&T announced that they will make computers and compete with IBM. At the centerpiece of AT&T's market strategy was the legendary operating system, UNIX. Powerful and “open”, AT&T saw UNIX as key to beating Big Blue. A year later, they released their first UNIX PC. Guess what happened next? In today's video, that time AT&T attempted to use UNIX to become a computer company.

The Retro Hour (Retro Gaming Podcast)
488: "My Spectrum Caught Fire on Boxing Day!" - RetroBytes - The Retro Hour EP488

The Retro Hour (Retro Gaming Podcast)

Play Episode Listen Later Jul 11, 2025 89:35


This week, we're joined by John from the awesome YouTube channel RetroBytes - a creator who dives into the obscure corners of computing history. From his childhood memories of a flaming Spectrum, to restoring Unix workstations, the beauty of operating systems that time forgot, and why Gopher might've beaten the web, if not for one fatal mistake.  RetroBytes on Youtube: https://www.youtube.com/@RetroBytesUK Contents: 00:00 - The Week's Retro News Stories  40:03 - RetroBytes Interview Please visit our amazing sponsors and help to support the show: Bitmap Books - https://www.bitmapbooks.com Take your business to the next level today and enjoy 3 months of Shopify for £1/month: https://shopify.co.uk/retrohour We need your help to ensure the future of the podcast, if you'd like to help us with running costs, equipment and hosting, please consider supporting us on Patreon: https://theretrohour.com/support/ https://www.patreon.com/retrohour Join our Discord channel: https://discord.gg/GQw8qp8 Website: http://theretrohour.com Facebook: https://www.facebook.com/theretrohour/ X: https://twitter.com/retrohouruk Instagram: https://www.instagram.com/retrohouruk/ Bluesky: https://bsky.app/profile/theretrohour.com Twitch: https://www.twitch.tv/theretrohour Events: The Amiga at 40: https://tinyurl.com/4wu2866h NottsVGE: https://www.nottsvge.com/ RetroMessa: https://www.retromessa.no/ Show notes Xbox Mass Lay Offs: https://tinyurl.com/47t45sum New Jazz Mag: https://www.supercellphonegamer.com/ GameCube to Switch 2 Dock: https://tinyurl.com/5k32x59t Flipping Good Game: https://tinyurl.com/bddecmvz 3D Print with Accuracy: https://tinyurl.com/37t6zwsz

BSD Now
619: Happy Tooling

BSD Now

Play Episode Listen Later Jul 10, 2025 45:57


Disaster Recovery with ZFS: A Practical Guide, The best interfaces we never built, Choose Tools That Make You Happy, open source has turned into two worlds, TrueNAS CORE is Dead – Long Live zVault, You should start a computer club in the place that you live, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Disaster Recovery with ZFS: A Practical Guide (https://klarasystems.com/articles/disaster-recovery-with-zfs-practical-guide/?utm_source=BSD%20Now&utm_medium=Podcast) The best interfaces we never built (https://www.chrbutler.com/the-best-interfaces-we-never-built) News Roundup You Can Choose Tools That Make You Happy (https://borretti.me/article/you-can-choose-tools-that-make-you-happy) I feel open source has turned into two worlds (https://utcc.utoronto.ca/~cks/space/blog/tech/OpenSourceTwoWorlds) UPDATE 2 – TrueNAS CORE is Dead – Long Live zVault (https://vermaden.wordpress.com/2024/04/20/truenas-core-versus-truenas-scale/#truenas-core-dead-long-live-zvault) You should start a computer club in the place that you live (https://startacomputer.club) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Brad - syslogng issue (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/618/feedback/Brad%20-%20syslogng%20issue.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

Hacker Public Radio
HPR4417: Newest matching file

Hacker Public Radio

Play Episode Listen Later Jul 8, 2025


This show has been flagged as Explicit by the host. Overview Several years ago I wrote a Bash script to perform a task I need to perform almost every day - find the newest file in a series of files. At this point I was running a camera on a Raspberry Pi which was attached to a window and viewed my back garden. I was taking a picture every 15 minutes, giving them names containing the date and time, and storing them in a directory. It was useful to be able to display the latest picture. Since then, I have found that searching for newest files useful in many contexts: Find the image generated by my random recipe chooser, put in the clipboard and send it to the Telegram channel for my family. Generate a weather report from wttr.in and send it to Matrix. Find the screenshot I just made and put it in the clipboard. Of course, I could just use the same name when writing these various files, rather than accumulating several, but I often want to look back through such collections. If I am concerned about such files accumulating in an unwanted way I write cron scripts which run every day and delete the oldest ones. Original script The first iteration of the script was actually written as a Bash function which was loaded at login time. The function is called newest_matching_file and it takes two arguments: A file glob expression to match the file I am looking for. An optional directory to look for the file. If this is omitted, then the current directory will be used. The first version of this function was a bit awkward since it used a for loop to scan the directory, using the glob pattern to find the file. Since Bash glob pattern searches will return the search pattern when they fail, it was necessary to use the nullglob (see references) option to prevent this, turning it on before the search and off afterwards. This technique was replaced later with a pipeline using the find command. Improved Bash script The version using find is what I will explain here. function newest_matching_file { local glob_pattern=${1-} local dir=${2:-$PWD} # Argument number check if [[ $# -eq 0 || $# -gt 2 ]]; then echo 'Usage: newest_matching_file GLOB_PATTERN [DIR]' >&2 return 1 fi # Check the target directory if [[ ! -d $dir ]]; then echo "Unable to find directory $dir" >&2 return 1 fi local newest_file # shellcheck disable=SC2016 newest_file=$(find "$dir" -maxdepth 1 -name "$glob_pattern" \ -type f -printf "%T@ %p\n" | sort | sed -ne '${s/.\+ //;p}') # Use printf instead of echo in case the file name begins with '-' [[ -n $newest_file ]] && printf '%s\n' "$newest_file" return 0 } The function is in the file newest_matching_file_1.sh , and it's loaded ("sourced", or declared) like this: . newest_matching_file_1.sh The '.' is a short-hand version of the command source . I actually have two versions of this function, with the second one using a regular expression, which the find command is able to search with, but I prefer this one. Explanation The first two lines beginning with local define variables local to the function holding the arguments. The first, glob_pattern is expected to contain something like screenshot_2025-04-*.png . The second will hold the directory to be scanned, or if omitted, will be set to the current directory. Next, an if statement checks that there are the right number of arguments, aborting if not. Note that the echo command writes to STDERR (using '>&2' ), the error channel. Another if statement checks that the target directory actually exists, and aborts if not. Another local variable newest_file is defined. It's good practice not to create global variables in functions since they will "leak" into the calling environment. The variable newest_file is set to the result of a command substitution containing a pipeline: The find command searches the target directory. Using -maxdepth 1 limits the search to the chosen directory and does not descend into sub-directories. The search pattern is defined by -name "$glob_pattern" Using -type f limits the search to files The -printf "%T@ %p\n" argument returns the file's last modification time as the number of seconds since the Unix epoch '%T@' . This is a number which is larger if the file is older. This is followed, after a space, by the full path to the file ( '%p' ), and a newline. The matching file names are sorted. Because each is preceded by a numeric time value, they will be sorted in ascending order of age. Finally sed is used to return the last file in the sorted list with the program '${s/.\+ //;p}' : The use of the -n option ensures that only lines which are explicitly printed will be shown. The sed program looks for the last line (using '$' ). When found the leading numeric time is removed with ' s/.\+ //' and the result is printed (with 'p' ). The end result will either be the path to the newest file or nothing (because there was no match). The expression '[[ -n $newest_file ]]' will be true if $newest_file variable is not empty, and if that is the case, the contents of the variable will be printed on STDOUT, otherwise nothing will be printed. Note that the script returns 1 (false) if there is a failure, and 0 (true) if all is well. A null return is regarded as success. Script update While editing the audio for this show I realised that there is a flaw in the Bash function newest_matching_file . This is in the sed script used to process the output from find . The sed commands used in the script delete all characters up to a space, assuming that this is the only space in the last line. However, if the file name itself contains spaces, this will not work because regular expressions in sed are greedy . What is deleted in this case is everything up to and including the last space. I created a directory called tests and added the following files: 'File 1 with spaces.txt' 'File 2 with spaces.txt' 'File 3 with spaces.txt' I then ran the find command as follows: $ find tests -maxdepth 1 -name 'File*' -type f -printf "%T@ %p\n" | sort | sed -ne '${s/.\+ //;p}' spaces.txt I adjusted the sed call to sed -ne '${s/[^ ]\+ //;p}' . This uses the regular expression: s/[^ ]\+ // This now specifies that what it to be removed is every non-space up to and including the first space. The result is: $ find tests -maxdepth 1 -name 'File*' -type f -printf "%T@ %p\n" | sort | sed -ne '${s/[^ ]\+ //;p}' tests/File 3 with spaces.txt This change has been propagated to the copy on GitLab . Usage This function is designed to be used in commands or other scripts. For example, I have an alias defined as follows: alias copy_screenshot="xclip -selection clipboard -t image/png -i \$(newest_matching_file 'Screenshot_*.png' ~/Pictures/Screenshots/)" This uses xclip to load the latest screenshot into the clipboard, so I can paste it into a social media client for example. Perl alternative During the history of this family of scripts I wrote a Perl version. This was originally because the Bash function gave problems when run under the Bourne shell, and I was using pdmenu a lot which internally runs scripts under that shell. #!/usr/bin/env perl use v5.40; use open ':std', ':encoding(UTF-8)'; # Make all IO UTF-8 use Cwd; use File::Find::Rule; # # Script name # ( my $PROG = $0 ) =~ s|.*/||mx; # # Use a regular expression rather than a glob pattern # my $regex = shift; # # Get the directory to search, defaulting to the current one # my $dir = shift // getcwd(); # # Have to have the regular expression # die "Usage: $PROG regex [DIR]\n" unless $regex; # # Collect all the files in the target directory without recursing. Include the # path and let the caller remove it if they want. # my @files = File::Find::Rule->file() ->name(qr/$regex/) ->maxdepth(1) ->in($dir); die "Unsuccessful search\n" unless @files; # # Sort the files by ascending modification time, youngest first # @files = sort {-M($a) -M($b)} @files; # # Report the one which sorted first # say $files[0]; exit; Explanation This is fairly straightforward Perl script, run out of an executable file with a shebang line at the start indicating what is to be used to run it - perl . The preamble defines the Perl version to use, and indicates that UTF-8 (character sets like Unicode) will be acceptable for reading and writing. Two modules are required: Cwd : provides functions for determining the pathname of the current working directory. File::Find::Rule : provides tools for searching the file system (similar to the find command, but with more features). Next the variable $PROG is set to the name under which the script has been invoked. This is useful when giving a brief summary of usage. The first argument is then collected (with shift ) and placed into the variable $regex . The second argument is optional, but if omitted, is set to the current working directory. We see the use of shift again, but if this returns nothing (is undefined), the '//' operator invokes the getcwd() function to get the current working directory. If the $regex variable is not defined, then die is called to terminate the script with an error message. The search itself is invoked using File::Find::Rule and the results are added to the array @files . The multi-line call shows several methods being called in a "chain" to define the rules and invoke the search: file() : sets up a file search name(qr/$regex/) : a rule which applies a regular expression match to each file name, rejecting any that do not match maxdepth(1) : a rule which prevents the search from descending below the top level into sub-directories in($dir) : defines the directory to search (and also begins the search) If the search returns no files (the array is empty), the script ends with an error message. Otherwise the @files array is sorted. This is done by comparing modification times of the files, with the array being reordered such that the "youngest" (newest) file is sorted first. The operator checks if the value of the left operand is greater than the value of the right operand, and if yes then the condition becomes true. This operator is most useful in the Perl sort function. Finally, the newest file is reported. Usage This script can be used in almost the same way as the Bash variant. The difference is that the pattern used to match files is a Perl regular expression. I keep this script in my ~/bin directory, so it can be invoked just by typing its name. I also maintain a symlink called nmf to save typing! The above example, using the Perl version, would be: alias copy_screenshot="xclip -selection clipboard -t image/png -i \$(nmf 'Screenshot_.*\.png' ~/Pictures/Screenshots/)" In regular expressions '.*' means "any character zero or more times". The '.' in '.png' is escaped because we need an actual dot character. Conclusion The approach in both cases is fairly simple. Files matching a pattern are accumulated, in the Bash case including the modification time. The files are sorted by modification time and the one with the lowest time is the answer. The Bash version has to remove the modification time before printing. This algorithm could be written in many ways. I will probably try rewriting it in other languages in the future, to see which one I think is best. References Glob expansion: Wikipedia article on glob patterns HPR shows covering glob expansion: Finishing off the subject of expansion in Bash (part 1) Finishing off the subject of expansion in Bash (part 2) GitLab repository holding these files: hprmisc - Miscellaneous scripts, notes, etc pertaining to HPR episodes which I have contributed Provide feedback on this episode.

This Week in Google (MP3)
IM 826: Cusp of Noodles - The AI Copyright Battle Heats Up

This Week in Google (MP3)

Play Episode Listen Later Jul 3, 2025 156:11 Transcription Available


Interview with Board Member of Cloudflare, John Graham-Cumming My Couples Retreat With 3 AI Chatbots and the Humans Who Love Them Two Judges, Same District, Opposite Conclusions: The Messy Reality Of AI Training Copyright Cases How I Use AI To Help With Techdirt (And, No, It's Not Writing Articles) Google launches Doppl, a new app that lets you visualize how an outfit might look on you The Internet Needs Sex Senate drops plan to ban state AI laws Adam Thierer reacts Denmark To Tackle Deepfakes By Giving People Copyright To Their Own Features - Slashdot The Velvet Sundown are a seemingly AI-generated band with 325k Spotify listeners People are using AI to 'sit' with them while they trip on psychedelics China hosts first fully autonomous AI robot football match AI virtual personality YouTubers, or 'VTubers,' are earning millions AI helps find formula for paint to keep buildings cooler Microsoft's New AI Tool Outperforms Doctors 4-to-1 in Diagnostic Accuracy - Slashdot It's Known as 'The List'—and It's a Secret File of AI Geniuses The AI Company Zuckerberg Just Poured $14 Billion Into Is Reportedly a Clown Show of Ludicrous Incompetence We used Veo to animate archive photography from the Harley-Davidson Museum G/O Media Winds Down by Selling Kotaku, One of Its Last Sites Roadside America Dot Com Cluely pitches itself as undectable AI Lorde's new album: Virgin AI recipe creation Hosts: Leo Laporte, Jeff Jarvis, and Paris Martineau Guest: John Graham-Cumming Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit smarty.com/twit agntcy.org

All TWiT.tv Shows (MP3)
Intelligent Machines 826: Cusp of Noodles

All TWiT.tv Shows (MP3)

Play Episode Listen Later Jul 3, 2025 156:11 Transcription Available


Interview with Board Member of Cloudflare, John Graham-Cumming My Couples Retreat With 3 AI Chatbots and the Humans Who Love Them Two Judges, Same District, Opposite Conclusions: The Messy Reality Of AI Training Copyright Cases How I Use AI To Help With Techdirt (And, No, It's Not Writing Articles) Google launches Doppl, a new app that lets you visualize how an outfit might look on you The Internet Needs Sex Senate drops plan to ban state AI laws Adam Thierer reacts Denmark To Tackle Deepfakes By Giving People Copyright To Their Own Features - Slashdot The Velvet Sundown are a seemingly AI-generated band with 325k Spotify listeners People are using AI to 'sit' with them while they trip on psychedelics China hosts first fully autonomous AI robot football match AI virtual personality YouTubers, or 'VTubers,' are earning millions AI helps find formula for paint to keep buildings cooler Microsoft's New AI Tool Outperforms Doctors 4-to-1 in Diagnostic Accuracy - Slashdot It's Known as 'The List'—and It's a Secret File of AI Geniuses The AI Company Zuckerberg Just Poured $14 Billion Into Is Reportedly a Clown Show of Ludicrous Incompetence We used Veo to animate archive photography from the Harley-Davidson Museum G/O Media Winds Down by Selling Kotaku, One of Its Last Sites Roadside America Dot Com Cluely pitches itself as undectable AI Lorde's new album: Virgin AI recipe creation Hosts: Leo Laporte, Jeff Jarvis, and Paris Martineau Guest: John Graham-Cumming Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit smarty.com/twit agntcy.org

Radio Leo (Audio)
Intelligent Machines 826: Cusp of Noodles

Radio Leo (Audio)

Play Episode Listen Later Jul 3, 2025 156:11 Transcription Available


Interview with Board Member of Cloudflare, John Graham-Cumming My Couples Retreat With 3 AI Chatbots and the Humans Who Love Them Two Judges, Same District, Opposite Conclusions: The Messy Reality Of AI Training Copyright Cases How I Use AI To Help With Techdirt (And, No, It's Not Writing Articles) Google launches Doppl, a new app that lets you visualize how an outfit might look on you The Internet Needs Sex Senate drops plan to ban state AI laws Adam Thierer reacts Denmark To Tackle Deepfakes By Giving People Copyright To Their Own Features - Slashdot The Velvet Sundown are a seemingly AI-generated band with 325k Spotify listeners People are using AI to 'sit' with them while they trip on psychedelics China hosts first fully autonomous AI robot football match AI virtual personality YouTubers, or 'VTubers,' are earning millions AI helps find formula for paint to keep buildings cooler Microsoft's New AI Tool Outperforms Doctors 4-to-1 in Diagnostic Accuracy - Slashdot It's Known as 'The List'—and It's a Secret File of AI Geniuses The AI Company Zuckerberg Just Poured $14 Billion Into Is Reportedly a Clown Show of Ludicrous Incompetence We used Veo to animate archive photography from the Harley-Davidson Museum G/O Media Winds Down by Selling Kotaku, One of Its Last Sites Roadside America Dot Com Cluely pitches itself as undectable AI Lorde's new album: Virgin AI recipe creation Hosts: Leo Laporte, Jeff Jarvis, and Paris Martineau Guest: John Graham-Cumming Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit smarty.com/twit agntcy.org

BSD Now
618: Funding BSD projects

BSD Now

Play Episode Listen Later Jul 3, 2025 53:59


A year of funded FreeBSD, ZFS Performance Tuning – Optimizing for your Workload, Three Ways to Try FreeBSD in Under Five Minutes, FFS optimizations with dirhash, j2k25 hackathon report from kn@, NetBSD welcomes Google Summer of Code contributors, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines A year of funded FreeBSD (https://www.daemonology.net/blog/2025-06-06-A-year-of-funded-FreeBSD.html) ZFS Performance Tuning – Optimizing for your Workload (https://klarasystems.com/articles/zfs-performance-tuning-optimizing-for-your-workload/) News Roundup Three Ways to Try FreeBSD in Under Five Minutes (https://freebsdfoundation.org/blog/three-ways-to-try-freebsd-in-under-five-minutes/) FFS optimizations with dirhash (https://rsadowski.de/posts/2025/ffs-optimizations-dirhash/) j2k25 hackathon report from kn@: installer, low battery, and more (https://undeadly.org/cgi?action=article;sid=20250616082212) NetBSD welcomes Google Summer of Code contributors (https://blog.netbsd.org/tnf/entry/gsoc2025_welcome_contributors) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

This Week in Google (Video HI)
IM 826: Cusp of Noodles - The AI Copyright Battle Heats Up

This Week in Google (Video HI)

Play Episode Listen Later Jul 3, 2025 156:10 Transcription Available


Interview with Board Member of Cloudflare, John Graham-Cumming My Couples Retreat With 3 AI Chatbots and the Humans Who Love Them Two Judges, Same District, Opposite Conclusions: The Messy Reality Of AI Training Copyright Cases How I Use AI To Help With Techdirt (And, No, It's Not Writing Articles) Google launches Doppl, a new app that lets you visualize how an outfit might look on you The Internet Needs Sex Senate drops plan to ban state AI laws Adam Thierer reacts Denmark To Tackle Deepfakes By Giving People Copyright To Their Own Features - Slashdot The Velvet Sundown are a seemingly AI-generated band with 325k Spotify listeners People are using AI to 'sit' with them while they trip on psychedelics China hosts first fully autonomous AI robot football match AI virtual personality YouTubers, or 'VTubers,' are earning millions AI helps find formula for paint to keep buildings cooler Microsoft's New AI Tool Outperforms Doctors 4-to-1 in Diagnostic Accuracy - Slashdot It's Known as 'The List'—and It's a Secret File of AI Geniuses The AI Company Zuckerberg Just Poured $14 Billion Into Is Reportedly a Clown Show of Ludicrous Incompetence We used Veo to animate archive photography from the Harley-Davidson Museum G/O Media Winds Down by Selling Kotaku, One of Its Last Sites Roadside America Dot Com Cluely pitches itself as undectable AI Lorde's new album: Virgin AI recipe creation Hosts: Leo Laporte, Jeff Jarvis, and Paris Martineau Guest: John Graham-Cumming Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit smarty.com/twit agntcy.org

All TWiT.tv Shows (Video LO)
Intelligent Machines 826: Cusp of Noodles

All TWiT.tv Shows (Video LO)

Play Episode Listen Later Jul 3, 2025 156:10 Transcription Available


Interview with Board Member of Cloudflare, John Graham-Cumming My Couples Retreat With 3 AI Chatbots and the Humans Who Love Them Two Judges, Same District, Opposite Conclusions: The Messy Reality Of AI Training Copyright Cases How I Use AI To Help With Techdirt (And, No, It's Not Writing Articles) Google launches Doppl, a new app that lets you visualize how an outfit might look on you The Internet Needs Sex Senate drops plan to ban state AI laws Adam Thierer reacts Denmark To Tackle Deepfakes By Giving People Copyright To Their Own Features - Slashdot The Velvet Sundown are a seemingly AI-generated band with 325k Spotify listeners People are using AI to 'sit' with them while they trip on psychedelics China hosts first fully autonomous AI robot football match AI virtual personality YouTubers, or 'VTubers,' are earning millions AI helps find formula for paint to keep buildings cooler Microsoft's New AI Tool Outperforms Doctors 4-to-1 in Diagnostic Accuracy - Slashdot It's Known as 'The List'—and It's a Secret File of AI Geniuses The AI Company Zuckerberg Just Poured $14 Billion Into Is Reportedly a Clown Show of Ludicrous Incompetence We used Veo to animate archive photography from the Harley-Davidson Museum G/O Media Winds Down by Selling Kotaku, One of Its Last Sites Roadside America Dot Com Cluely pitches itself as undectable AI Lorde's new album: Virgin AI recipe creation Hosts: Leo Laporte, Jeff Jarvis, and Paris Martineau Guest: John Graham-Cumming Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit smarty.com/twit agntcy.org

BSD Now
617: FreeBSD 14.3

BSD Now

Play Episode Listen Later Jun 26, 2025 63:52


FreeBSD version 14.3 is available, Reliable ZFS Storage on Commodity Hardware, My website is ugly because I made it, Semi distributed filesystems with ZFS and Sanoid, April 2025 Laptop Support and Usability Project Update, UDP sockets instead of BPF in dhcpd(8), and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines FreeBSD 14.3 released (https://www.freebsd.org/releases/14.3R/announce/) Reliable ZFS Storage on Commodity Hardware (https://klarasystems.com/articles/cost-efficient-storage-commodity-hardware/) News Roundup My website is ugly because I made it (https://goodinternetmagazine.com/my-website-is-ugly-because-i-made-it/) Semi distributed filesystems with ZFS and Sanoid (https://anil.recoil.org/notes/syncoid-sanoid-zfs) April 2025 Laptop Support and Usability Project Update (https://freebsdfoundation.org/blog/april-2025-laptop-support-and-usability-project-update/) dhcpd(8): use UDP sockets instead of BPF (https://undeadly.org/cgi?action=article;sid=20250613111800) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions No feedback this week. Send more... Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

VO BOSS Podcast
Protecting Your Voice and Identity

VO BOSS Podcast

Play Episode Listen Later Jun 24, 2025 28:14


BOSSes Anne Ganguzza and Tom Dheere, your "real bosses" and co-hosts, connect to dive deep into the critical world of online security and scam prevention for voiceover professionals. They unpack Tom's recent harrowing experience with an AI voice cloning scam, offering a candid look into the crucial insights needed to navigate digital threats and build a truly secure business in today's landscape. Listeners will discover the essential role of vigilance and proactive measures in protecting their assets, gain an understanding of emerging scam tactics, and appreciate the power of community in safeguarding their careers. Anne and Tom also discuss practical pathways for secure transactions and the evolving nature of digital defense.   00:01 - Anne (Host) Hey guys, it's Anne from VO BOSS here.  00:04 - Speaker 2 (Announcement) And it's George the Tech. We're excited to tell you about the VO BOSS. Vip membership, now with even more benefits.  00:10 - Anne (Host) So not only do you get access to exclusive workshops and industry insights, but with our VIP plus tech tier, you'll enjoy specialized tech support from none other than George himself.  00:22 - Speaker 2 (Announcement) You got it. I'll help you tackle all those tricky tech issues so you can focus on what you do best Voice acting. It's tech support tailored for voiceover professionals like you.  00:32 - Anne (Host) Join us guys at VO BOSS and let's make your voiceover career soar. Visit voboss.com slash VIP-membership to sign up today.  00:45 - Speaker 3 (Announcement) It's time to take your business to the next level, the boss level. These are the premier business owner strategies and successes being utilized by the industry's top talent today. Rock your business like a boss, a VO boss. Now let's welcome your host, Anne Ganguzza. Hey, hey, everyone, welcome to the VO BOSS Podcast.  01:04 - Anne (Host) I'm your host, Anne Ganguzza. Hey, hey everyone, welcome to the VO BOSS Podcast. I'm your host, Anne Ganguzza, and I'm here with my real boss, Tom Deere. I had to think about that, Tom. We've been together so long. I was like what is our subtitle here? We are real bosses.  01:20 - Tom (Host) Yeah, we're real bosses. Thanks for having me back, Anne.  01:23 - Anne (Host) How are you doing, Tom, my real boss? Co-host.  01:26 - Tom (Host) All things considered, I'm doing okay, I had a weird experience recently which it seems like a lot of voice actors are experiencing. I got an email from someone expressing interest in wanting to cast me for a voiceover project. Oh yes, I looked at it and it was this long-form project, something like 9,000 and change words. And I looked at it and I'm like and you know I was reading the ins and outs of it and I'm like, huh, like my spider sense was tingling a little bit, but I'm looking at, I'm like this one is worth replying to and getting some information about.  02:00 So there was a little bit of back and forth about it.  02:03 - Anne (Host) So you did reply, and then there was.  02:05 - Tom (Host) There was more conversation.  02:06 - Anne (Host) Yeah, there was more conversation, which is what I always do when I'm trying to find out more information about a job to make sure it's legit.  02:12 - Tom (Host) Right Now, around the same time, maybe a couple of days after that, someone posted on a Facebook group hey, I got this email. It was saying this and this Did anyone else get it? Does it seem legit? And it looked like it was the same email that I had gotten, so I was following that it turns out.  02:28 It was posted by our friend, bridget Real, who is the co-founder of VA for VO, the virtual assistant site that helps voice actors, and we talked about it a little bit and we're both like, yeah, we're going to keep digging a little bit and see what's going on. And then her business partner, lynn, also got the email and I was getting ready to accept it just to see what would happen. And that morning I got a message from her saying hey, did you accept this project? Yet I'm like no, why? And she said because both of us accepted the project. We both got cast for the same exact project. We both got the same exact script. They sent me the script.  03:00 So then I did this. I went to Gemini, google Gemini, which is my AI bot of choice, and I did the prompts. I said you are an expert at detecting scams. Please analyze this script and let me know if you think that this script could be used to harvest a voice actor's voice to clone it. A voice actor's voice to clone it. And it did its analysis and I've got like the 2.5 advanced. So it takes a little time. And it wrote back oh, yes, it does. And here are all the reasons why this, this, this, this, this, this and this. And then I sent that information to Bridget and Lynn and they're like we knew it. We knew it. So then she created a wonderful post on LinkedIn talking about it. And then I wrote a blog with all the information and, like what happened, it was the most read blog I've had in like three years or something like that.  03:52 Yeah, it was crazy.  03:53 - Anne (Host) What's so interesting is it could have been a legit job, like for payment. You would have done it, they would have paid you for it, but they would have used your voice as an AI voice.  04:05 And so therefore, legally right in the end. Right, if you found out later on they could say, oh no, no, no, we paid you. I mean, it was a job that we paid you for and there was no extenuating circumstances or contracts to be signed which, by the way, I'm going to bring up Nava and the AI writer For all your jobs. You should be attaching that AI writer so that your voice is not going to be used as an AI voice, for sure, for sure.  04:37 - Tom (Host) So, to let everybody know, the website was GigLumin G-I-G-L-U-M-I-N. And if you do a Google search of GigLumin and this is what Bridget had figured out is that the website was only a month or two old. And there's these scam websites that you can enter the URL of a website in and it can tell you how likely that's a scam. It checked every red flag, every box, every single box.  04:56 - Anne (Host) So, yes, vo people, bosses, beware, right. So beware of emails. And you know, it's funny because it's lately, just because of the whole AI thing. Anytime I get an email with a job from someone that I don't know, right, that is just out of the blue, that I didn't audition for, where they have large amounts of words, the hairs on the back of my neck kind of stand up and I immediately, immediately check into it. And I think this really warrants a discussion, bosses, because it's very timely that you want to make sure that these jobs are legitimate. So the more research you can do. And I love, Tom Dheere, how you used AI to fight AI Again.  05:37 We had our previous episode on tools that we use. I mean, we are utilizing it as a tool to help us in our day-to-day jobs, and so I think, being aware of possible scams out there, we absolutely have to be, and I'll tell you if it's somebody that I've never heard of and they don't have a signature file. I've gotten to the point where I don't even like and it's not like from a company.com. I don't even literally take it seriously anymore. I don't know about you, Tom, what do you think?  06:05 - Tom (Host) Yes, I'm equally skeptical these days but, I, really like what you said about when you receive the email, check to see if there is a signature at the Tom of it with the company logo, website and contact information. That is one of many red flags and I don't know how much you've noticed lately, Anne, but since I would say about early April, there has been an explosion of scam attempts going on in the voiceover industry. We've had the overpayment scam. That's been going on for at least 10 or 15 years.  06:37 - Anne (Host) Gosh, at least, and bosses. If you haven't heard about it, Tom, let's talk about the overpayment scam for just a minute. Yeah, yeah, Okay so what happens is it's very common.  06:45 - Tom (Host) It's very common. It's been going on for a really long time. So basically they email you and say hey, we've got a project for you, da-da-da-da-da-da. The classic one was the game show host voiceover.  06:55 - Anne (Host) It has since evolved.  06:56 - Tom (Host) And basically they say that we've booked a studio in the area nearby. We're going to get paid or pay for the studio and then send us back the difference and something like that. And it's never a gig.  07:12 - Speaker 2 (Announcement) All they're trying to do is get you to cash that check and send them money, which is fraudulent, by the way.  07:18 - Anne (Host) And, by the way, I've gotten to the point where, if I have a new client, the only way they can really pay me is electronically.  07:25 And I figure, if you don't have electronic means to pay me immediately before the job and it's even in my terms and I've done this for years, Tom, I always have payment in full prior to job start is appreciated and other options available upon request.  07:39 But if it's a new client, I'll take that out because I must have that money in my bank account before I will even consider finishing that job or sending a file. And I'll tell you what, Tom for all of my career it's worked for me Because if people are serious about hiring you, they know that you're a professional, they know that you're going to get the job done. Of course they have to put their faith in you. But in reality and I'll even say because you're a new client I require payment up front electronically. And here are the ways that you can pay me. And so I'll send them, like a QuickBooks invoice, or I'll give them a PayPal account or however that works, and I expect that money in the account and I wait for that money and I make sure that I have the money and then I'll proceed with the job.  08:21 - Tom (Host) That's a really good idea. There's nothing wrong with even asking for 50% or 25% or just some percentage of it. The fact that they're actually going to fork over money with no expectation of an overpayment or getting it back or disputing the payment or anything like that.  08:37 Once it clears, you know that they're serious. And there's a bunch of like. I use Wave apps, for example. That's a great way to do it and I'm pretty sure they can do a partial payment. Or you can just make one invoice just for the deposit and then issue another invoice for the balance If they're a legitimate client that actually has money that they're planning on paying you with, they would have no problem with paying at least a portion of it up front.  08:59 - Anne (Host) Yeah, a lot of my clients nowadays the larger clients that used to like work off of purchase orders, and then it would be like 90 days after the job has been submitted. We'd have to wait for that check, they'd have to generate the PO and everything. You'd sign contracts like vendor contracts and that sort of thing, which I've done a lot, and so if they've got a contract for you to sign, that's vendor, nda, that sort of thing, and you know the company. It's like a well-known company. They're on the web. They've been on the web for years. I mean you can pretty much trust in that where I'll do the job and then I'll get paid. If I've worked with them before, I know that's typically how larger companies work and so that's when I'll accept a check. But even now most of those companies they're going to electronic deposit, like ACH they call it.  09:42 ACH, yeah, so it's direct deposit to your bank and most of the companies I know will do that and that's a form of payment that I trust and that would be a client that I would trust. So if it's a larger company that I know they exist on the web and they talk about, well, you're going to have to do the job first and then we'll be able to pay you once the purchase order is created, blah, blah, blah, blah, and you sign these contracts. I feel fairly good about that and I don't have to think, oh, this is a scam. But whenever I get an email without an actual signature file that comes from an address that isn't companycom, right, if it's a Gmail or a Yahoo or whatever, even a Microsoft what is the free Microsoft one?  10:20 Hotmail, hotmail, yeah, even if it's Microsoftcom, I feel like there's some sort of free sort of Microsoft. You know what I mean Like email that says that I just don't trust it and I'll immediately. The first thing I'll do is look for a website and when I get to the website I'll look for a phone number and then I'll actually try to call that phone number. What are the steps that you take, Tom, to ensure that your job is legit?  10:41 - Tom (Host) Everything that you just said. I also, by the way, I do love the ACH direct deposit because there's no fee. When PayPal, there is a fee, or wire transfer. That's really nice. Here's one thing that I've been doing lately is, if I get a we'll call it a solicitation, for lack of a better term from a company saying hey, and it'll most often be we found you on Google, we found you on Voice123 or some other front-facing thing. You know what's an interesting thing to do? Go look for them on LinkedIn.  11:11 Look for them on LinkedIn. Look for the company and look for the individual and see if you have any mutual connections. I mean, it could be anybody, whether it's a voice actor or somebody in some other profession, and you can reach out on LinkedIn and say, hey, I got an email from this company and you have a connection with them on LinkedIn. What's your experience with them? And that could give you some really quick insight. Sometimes it's just like, oh, I've been working with them for years, or it's oh, they're a huge scam. I forgot to disconnect with them. Run, run, run. Or I'd sent a rando invite, or they sent a rando invite and I don't have any information for you. But it could increase your chance of vetting them a little bit better. Another thing is that I keep an eye out, for is if they ask me to send them a W-9, the more likely that they are legitimate.  12:00 Yeah, yeah, absolutely, which I find interesting because if they were a real, true scam artist, they would want that W-9, because now they would have your social security number and now they can steal your identity too.  12:11 - Anne (Host) Well, oh my gosh, Tom, and that's scary actually, but that's why you don't put your social security number. You put your EIN number, because you're a company right, and you don't have to give up your EIN number, which is, by the way, one thing. I'm glad you mentioned that like we should all be having an EIN number. I'm glad you mentioned that, like we should all be having an EIN number.  12:30 - Tom (Host) Yes, it's very, very simple to get. It takes very, very little time. So it's a very easy get. I just reminded myself and we just talked about identity theft is that I almost had my identity stolen yesterday.  12:43 - Anne (Host) Whoa, that's scary. Yes.  12:45 - Tom (Host) How do you?  12:46 - Anne (Host) know like what happened.  12:51 - Tom (Host) Okay, so it was about a little after 10 am yesterday is when things started happening, so within a few minutes of each other, I got an email from Credit Karma, norton which, because I have my Norton 360 antivirus software package, I pay a subscription through that and Experian. For those of you who don't know, there are three major credit bureaus there's Experian, there's TransUnion and there's Equifax. I have a free account with Experian and I have a free account with Credit Karma. All three of them, within a few minutes of each other, messaged me and said that there was a hard inquiry.  13:30 - Anne (Host) Yeah.  13:30 - Tom (Host) So what that means is if you are applying for a loan, a mortgage, a credit card or something like that, the company that you're applying to will do a credit check. So they will check your credit and see if you are a safe credit risk to make the loan or to get the credit card, for this was a hard inquiry. If you get enough hard inquiries on your credit, your credit will go down.  13:55 - Anne (Host) Yeah, absolutely. I know that because I'm a stickler about my credit.  13:59 - Tom (Host) Me too. My credit rating, oh my gosh. If mine isn't at least 800, something I freak out, oh my gosh.  14:04 - Anne (Host) Yeah, no, mine has to be like almost close to perfect, and when it goes down like two points, I'm like wait why? Why did that happen? Right? And it's just because you put a charge on it for a few hundred dollars, and then you pay it off next week and then everything's fine, so that's normal.  14:18 - Tom (Host) So all three of them told me at roughly the same time that there was a hard inquiry. So I clicked on all the emails and all three of them said that somebody was applying for a Discover credit card, I think in Salt Lake City, and someone was applying for a Capital One credit card in Delaware, and I was in New York City neither applying for a Discover credit card or a Capital One credit card. I certainly wasn't in Salt Lake City or Delaware at the same exact time.  14:49 - Anne (Host) You know, what's so interesting, Tom, is that, like I don't know, a few months ago I don't know if there was a discussion circulating or maybe I got an email but somebody said, and like I should have done this years ago, I mean you can freeze your account so that if you don't open up a credit card every other day which I'm certainly not right Because again, it affects my credit rating and I'm anal about that and so I'm like well, I don't need to apply for any other credit cards, so you can go and freeze that, so that you can actually reduce the risk of somebody trying to open up credit cards or identity theft.  15:19 So and it's super simple to do it, as I said, everybody should have that free account. You should log in, you should check your credit scores regularly I think they allow you once a month, I think even my credit cards. My American Express will tell me oh, your FICO score has changed, right, so they're monitoring it too, and so literally, I get lots of notifications when that rating goes up and down. But I know that I've reduced my chances of identity theft, which is a very scary thing, by freezing those accounts and it's very simple to unfreeze. So, if you know you want to apply for a credit card. You just got to go and unfreeze it for a certain amount of time so you can apply for it and then freeze it back up again. So that way it reduces the risk.  15:57 - Tom (Host) And all those emails that I got, all those notifications did give me the option to do that. I was also able to say this because it, literally, when Norton 360 popped up and it took me to their website, it literally said is this you and you can check yes or no? And I wrote no and then the whole screen turned red saying okay, we know this is a problem, we will look into it.  16:17 It did it with all those and then I called Capital One Bank. It took me a few people. It had to get escalated a couple of times to the credit card fraud department.  16:25 - Anne (Host) Well, don't you say, they give you a special number, right?  16:27 - Tom (Host) They say call this number if it's not you, or you can call this number. I just called the general number because all that was on the notification, I think, was the Capital One in Salt Lake City or something like that. So I called directly and said please state your problem. I'm like I think I'm getting my identity stolen. And then it got up there and then they manually rejected the credit card application at least for the Capital One.  16:50 And then this morning I got another Credit Karma email saying that there was a check on my Equifax report not the Experian one and I looked at the date of it. It also said yesterday. So that means Credit Karma had my back twice and Experian had my back and Norton had my back twice. Right, right, and Experian had my back and Norton had my back and everybody bosses. This is the takeaway. Creditkarmacom is free, having an account with Experian is free, it doesn't cost you a nickel.  17:18 - Anne (Host) All of them TransUnion, they're all free TransUnion, Equifax, they're all free.  17:23 Exactly and you can check your scores and, like I said, a lot of banks and a lot of credit cards are actually adding that on as like a value add kind of service, but you don't have to pay anything for it. I think there's a lot of it going on, Tom, which is kind of scary. We got to be careful about scammers, that's for sure. And anytime, even in your email, right, if you get like again, if I find something that doesn't have a signature and then they have an attachment like PayPal has been well-known scams where you get like oh, you've got a PayPal invoice, right, and you have to pay this amount and it looks legit. I mean, they've got like the PayPal logo. I've gotten quite a few of those over the last six months.  18:01 - Speaker 2 (Announcement) And.  18:01 - Anne (Host) I just ignore anything. Just remember that most financial institutions will never email you for information and they'll never text you necessarily for that information either, and you should also, Tom. We should have a big discussion on having multi-factor authentication.  18:19 - Tom (Host) Yes.  18:19 - Anne (Host) This is extremely important.  18:21 - Tom (Host) It's annoying as hell or two-factor, two-factor authentication For every account that you have, especially the financial ones, you should have two-factor authentication, which means either they send you a text message and you just click on the link and you're good to go, or it sends you an email and it'll usually give you a passcode of some sort and then you go to the website. When you're trying to log on, you enter that passcode and then it'll let you do it, and most of them are only good. Some of them are only good for 30 days. Sometimes you can check a box saying this is my private computer. It's okay for a certain amount of time, or they make you do it every single time, which isn't the worst thing in the world. Yes, it's annoying.  18:55 - Anne (Host) You know what I just thought about. It is annoying but it keeps you safe. It's funny how much like value you put in that number, that phone number, in this phone which, by the way, I just got a new phone but in this number for the two-factor authentication, right Like text me at this number. So think of the power that these phone companies have right, and that is scary. I mean it used to be a thing where I always thought like the large scale communication companies were a little bit of a monopoly, depending on the area that you're in. I mean, when I lived in the East Coast it was always Verizon right, verizon everything, verizon this, verizon that. Out here it's a couple of different companies but still, if you think about it, I mean I'm glad to have the two-factor authentication and it's super convenient on the phone.  19:39 But, it's interesting to know that you wouldn't want the hackers to get smart right and then start really infiltrating the phone, you know, and impersonating a phone number.  19:50 - Tom (Host) There's a couple of things about that is that, when it comes to authentication, when you're logging on your phone, I've got it set up where I just use my thumbprint for a lot of it.  19:59 - Anne (Host) I love that, or Face ID yeah the Face ID is a great one.  20:05 - Tom (Host) There's also a thing for a lot of the websites where I have a personal PIN that has nothing to do with the PIN or the password to access the site itself. If I am using my phone to log in somewhere, I can enter a four-digit PIN that's different from everything else, so it also increases the chance of having a secure whatever. Also, just as a rule, I don't do anything financial on my phone, with the exception of like Venmo Well, I have mobile banking If I'm like sending money if, like me, and the guys are having pizza, you know what I mean.  20:31 - Anne (Host) I have mobile banking and I do have Apple Pay.  20:35 - Tom (Host) Well, I have GPay too.  20:36 - Anne (Host) Yeah, so.  20:36 - Tom (Host) I'm a Google guy but like I will unless to my bank accounts online or Wave app or Wise or PayPal on the phone, unless I absolutely have to.  20:49 - Anne (Host) Interesting. I go to them quite a bit. Actually, you're probably fine because of all the precautions that you're taking, but I'm just a little extra neurotic about it. Oh, it's constantly got multi-factor authentication, but I get that. I totally get that. Wow, yeah, being careful, and you know what.  21:02 What's interesting is, back in the day and I'm going to date myself when I was working at the school and we had text-based email okay, and text-based email, I could have something and it was all based on like the Unix systems and so like hacking into a text-based, like I don't know how to say this, but hacking into a system like that, like a Unix system, and reading your email with text-based, you didn't always have like the conditions of people attaching things that could be viral, loading a virus on your computer. So I was always proud to say that I used text-based email and I used something called a PGP signature, which was a digital signature at the time, which meant that when I sent mail out, my PGP signature, it would actually negotiate and verify with the person that I would send it to so that it could be a verified digital signature. That indeed, yes, this mail did come from me, and I think that Norton probably has something like that now right. Is that with your email or no?  21:59 - Tom (Host) Yeah, it has all kinds of functions.  22:01 And it works on my desktop and it works on my laptop and it works on my phone. The most important function that it has is when I'm not home and I'm on my phone or my laptop or my tablet is the VPN when you can turn it on to make sure that if you're using Wi-Fi at a cafe or something like that, that it's secure, because apparently there are people who just like sitting around at a Panera or a Starbucks with their laptop and just waiting for someone to have an insecure Wi-Fi connection and they can just steal their life right there through their own laptop.  22:31 - Anne (Host) Well, it's funny how this conversation has turned into a big security conversation, starting off with scamming. Which guys you got to be aware? It's one of the reasons why, for all of my years and because of my years working in technology, I like wired connections. I mean Wi-Fi. I mean it's a wonderful technology and it's convenient as anything. However, it's not as secure as a wired connection, because a wired connection is basically, you know, your digital numbers flowing back and forth along a wire, versus all this information out in the air where, if somebody is sitting outside of my home, they can possibly hack into my wireless network and then they can run some sort of a tracer to see and to actually get my passwords, which is something that you don't really want that to happen. So you should really be cautious, guys, and I think it's always a good idea that, if you are working from home, if you have the opportunity to have a wired connection to your router, I think that that's better rather than using Wi-Fi. Number one it's more stable, right, it's faster and it's also more secure.  23:32 - Tom (Host) I agree. If you have a desktop at home and you are doing any kind of recording or you're doing basically anything, you should have an ethernet connection. That yellow wire with the big old phone jack that plugs right into the back of your computer and plugs into your Wi-Fi router.  23:47 - Anne (Host) And it sounds old school, but it's still the most secure method of data transfer.  23:51 - Tom (Host) Without question so if you are recording from home. If you're doing whatever from home, you have a desktop ethernet. If you have a laptop, I are recording from home. If you're doing whatever from home, you have a desktop Ethernet. If you have a laptop, I think the newer laptops don't even have an Ethernet connection. I have to think about my laptop and whether I even have one anymore, and here's the simple reason.  24:06 - Anne (Host) Think about it. It's a wire, guys. It's a wire. It's not like data floating around in the air which people can listen to. Somehow the frequency of the data traveling in the air right? Wi-fi works on frequencies when your data is traveling via a wire like a physical cable, unless somebody like I don't even know, unless they tap into that wire, right, somehow.  24:26 I don't know how they do that, and we're talking about your wire in your house going from your computer to your router. Right, that's as secure as it gets, right, unless somebody's coming into your house and hacking into the wire and tapping into it.  24:38 - Tom (Host) You've got some foreign embassy bugging your home.  24:41 - Anne (Host) Yeah, yeah, doing some fancy work, you're not going to have to worry about your data being transferred. So if you're working on the internet right, at least the data that's transferring from your house to your router is absolutely secure. And then it's up to your internet provider right on the router, to their routers, to make sure that things are encrypted, things are secure and for the most part I mean that's been handled right. I mean there are hackers out there that they can hack into networks. They can hack into things like that, but you want to be as safe as you possibly can, so wired is best.  25:14 - Tom (Host) Yes, it's fascinating. We talk about hard security and soft security, yes, that's hard security, that's hard security.  25:20 - Anne (Host) So, if we go back to talking about the scams that are floating around these days, one thing I wanted to mention is I think one of the best applications for groups, facebook groups and social media groups and discussion groups is for that thing, so that you and Bridget were talking to one another about this job that you both got, and then it's really wonderful that we can come together as a community and protect each other right and say, hey, look, watch out for the scam. So it is one of the best advantages, I would say, of being a part of the social media groups in that way. Otherwise, we've talked about how it's hard to sometimes they're toxic, sometimes it's really hard to be on social media. But I would say one of the best reasons to be on social media, in those groups and in those forums, would be because of the protection that you're getting of us banding together and saying, hey, watch out, this is a scam.  26:09 - Tom (Host) Absolutely, it's one of the most important things. Community is more than just about you know rah rah and whoop whoop and you know we support you and feel better if you're feeling down, but like just actual education, along with inspiration and commiseration can literally save your identity Absolutely.  26:27 - Anne (Host) Wow, what a great conversation, Tom. So bosses out there, be aware of scams. Be cautious. Research, research. Take a look at those signatures when you get emails coming in, when you get something that's asking for lots of words and a good price and it seems too good to be true, guess what it might be. So make sure that you're communicating with the community as well, checking those jobs out and attach that AI rider to every one of your jobs. Now, it's simple. It's there at NAVA and it's free. You can attach that rider to every job. If you have a new client, make sure you're very careful with the payment options. You know we spoke about that. I always make sure I get money up front, or partial money up front, first to make sure that it's a legit client. What else did I miss, Tom, in this recap?  27:14 - Tom (Host) Hardware and software VPNs.  27:16 - Anne (Host) EINs yes.  27:19 - Tom (Host) Oh yeah, VPNs, EINs, Two-factor authentication.  27:20 - Anne (Host) I love it. Yeah, Make sure you guys are implementing all of that to keep yourself safe and secure. So great topic, Tom. I like geeking out like this.  27:30 - Tom (Host) Yeah, it's fun and helpful.  27:31 - Anne (Host) Yeah, I'm going to give a great big shout out to my sponsor, IPDTL. You too can connect and network like real bosses. Find out more at IPDTL.com. Guys have an amazing week and we'll see you next week.  27:52 - Speaker 3 (Announcement) Bye. Join us next week for another edition of VO BOSS with your host, Anne Ganguzza, and take your business to the next level. Sign up for our mailing list at voboss.com and receive exclusive content, industry revolutionizing tips and strategies and new ways to rock your business like a boss. Redistribution, with permission. Coast-to-coast connectivity via IPDTL.   

BSD Now
616: FreeBSD Foundation Interview

BSD Now

Play Episode Listen Later Jun 19, 2025 47:34


This week on the show Tom interview Deb Goodkin and Justin Gibbs from the FreeBSD Foundation. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Guests Deb Goodkin (https://www.linkedin.com/in/deb-goodkin-b282924a/) Justin Gibbs (https://www.linkedin.com/in/justin-gibbs-3974671/) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow) Special Guests: Deb Goodkin and Justin Gibbs.

Hacker Public Radio
HPR4404: Kevie nerd snipes Ken by grepping xml

Hacker Public Radio

Play Episode Listen Later Jun 19, 2025


This show has been flagged as Explicit by the host. More Command line fun: downloading a podcast In the show hpr4398 :: Command line fun: downloading a podcast Kevie walked us through a command to download a podcast. He used some techniques here that I hadn't used before, and it's always great to see how other people approach the problem. Let's have a look at the script and walk through what it does, then we'll have a look at some "traps for young players" as the EEVBlog is fond of saying. Analysis of the Script wget `curl https://tuxjam.otherside.network/feed/podcast/ | grep -o 'https*://[^"]*ogg' | head -1` It chains four different commands together to "Save the latest file from a feed". Let's break it down so we can have checkpoints between each step. I often do this when writing a complex one liner - first do it as steps, and then combine it. The curl command gets https://tuxjam.otherside.network/feed/podcast/ . To do this ourselves we will call curl https://tuxjam.otherside.network/feed/podcast/ --output tuxjam.xml , as the default file name is index.html. This gives us a xml file, and we can confirm it's valid xml with the xmllint command. $ xmllint --format tuxjam.xml >/dev/null $ echo $? 0 Here the output of the command is ignored by redirecting it to /dev/null Then we check the error code the last command had. As it's 0 it completed sucessfully. Kevie then passes the output to the grep search command with the option -o and then looks for any string starting with https followed by anything then followed by two forward slashes, then -o, --only-matching Print only the matched (non-empty) parts of a matching line, with each such part on a separate output line We can do the same with. I was not aware that grep defaulted to regex, as I tend to add the --perl-regexp to explicitly add it. grep --only-matching 'https*://[^"]*ogg' tuxjam.xml http matches the characters http literally (case sensitive) s* matches the character s literally (case sensitive) Quantifier: * Between zero and unlimited times, as many times as possible, giving back as needed [greedy] : matches the character : literally / matches the character / literally / matches the character / literally [^"]* match a single character not present in the list below Quantifier: * Between zero and unlimited times, as many times as possible, giving back as needed [greedy] " a single character in the list " literally (case sensitive) ogg matches the characters ogg literally (case sensitive) When we run this ourselves we get the following $ grep --only-matching 'https*://[^"]*ogg' tuxjam.xml https://archive.org/download/tuxjam-121/tuxjam_121.ogg https://archive.org/download/tuxjam-120/TuxJam_120.ogg https://archive.org/download/tux-jam-119/TuxJam_119.ogg https://archive.org/download/tuxjam_118/tuxjam_118.ogg https://archive.org/download/tux-jam-117-uncut/TuxJam_117.ogg https://tuxjam.otherside.network/tuxjam-115-ogg https://archive.org/download/tuxjam_116/tuxjam_116.ogg https://tuxjam.otherside.network/tuxjam-115-ogg https://tuxjam.otherside.network/tuxjam-115-ogg https://tuxjam.otherside.network/tuxjam-115-ogg https://ogg http://tuxjam.otherside.network/wp-content/uploads/sites/5/2024/10/tuxjam_115_OggCamp2024.ogg https://ogg https://archive.org/download/tuxjam_114/tuxjam_114.ogg https://archive.org/download/tuxjam_113/tuxjam_113.ogg https://archive.org/download/tuxjam_112/tuxjam_112.ogg The last command returns the first line, so therefore https://archive.org/download/tuxjam-121/tuxjam_121.ogg Finally that line is used as the input to the wget command. Problems with the approach Relying on grep with structured data like xml or json can lead to problems. When we looked at the output of the command in step 2, some of the results gave https://ogg . When run the same command without the --only-matching argument we see what was matched. $ grep 'https*://[^"]*ogg' tuxjam.xml This episode may not be live as in TuxJam 115 from Oggcamp but your friendly foursome of Al, Dave (thelovebug), Kevie and Andrew (mcnalu) are very much alive to treats of Free and Open Source Software and Creative Commons tunes. https://tuxjam.otherside.network/tuxjam-115-oggcamp-2024/ https://tuxjam.otherside.network/tuxjam-115-oggcamp-2024/#respond https://tuxjam.otherside.network/tuxjam-115-oggcamp-2024/feed/ With the group meeting up together for the first time in person, it was decided that a live recording would be an appropriate venture. With the quartet squashed around a table and a group of adoring fans crowded into a room at the Pendulum Hotel in Manchester, the discussion turns to TuxJam reviews that become regularly used applications, what we enjoyed about OggCamp 2024 and for the third section the gang put their reputation on the line and allow open questions from the sea of dedicated fans. OggCamp 2024 on Saturday 12 and Sunday 13 October 2024, Manchester UK. Two of the hits are not enclosures at all, they are references in the text to OggCamp what we enjoyed about OggCamp 2024 Normally running grep will only get one entry per line, and if the xml is minimised it can miss entries on a file that comes across as one big line. I did this myself using xmllint --noblanks tuxjam.xml > tuxjam-min.xml I then edited it and replaced the new lines with spaces. I have to say that the --only-matching argument is doing a great job at pulling out the matches. That said the results were not perfect either. $ grep --only-matching 'https*://[^"]*ogg' tuxjam-min.xml https://archive.org/download/tuxjam-121/tuxjam_121.ogg https://archive.org/download/tuxjam-120/TuxJam_120.ogg https://archive.org/download/tux-jam-119/TuxJam_119.ogg https://archive.org/download/tuxjam_118/tuxjam_118.ogg https://archive.org/download/tux-jam-117-uncut/TuxJam_117.ogg https://tuxjam.otherside.network/tuxjam-115-ogg https://archive.org/download/tuxjam_116/tuxjam_116.ogg https://tuxjam.otherside.network/tuxjam-115-ogg https://tuxjam.otherside.network/?p=1029https://tuxjam.otherside.network/tuxjam-115-oggcamp-2024/#respondhttps://tuxjam.otherside.network/tuxjam-115-ogg https://ogg http://tuxjam.otherside.network/wp-content/uploads/sites/5/2024/10/tuxjam_115_OggCamp2024.ogg https://ogg https://archive.org/download/tuxjam_114/tuxjam_114.ogg https://archive.org/download/tuxjam_113/tuxjam_113.ogg https://archive.org/download/tuxjam_112/tuxjam_112.ogg You could fix it by modifying the grep arguments and add additional searches looking for enclosure . The problem with that approach is that you'll forever and a day be chasing issues when someone changes something. So the approach is officially "Grand", but it's a very likely to break if you're not babysitting it. Suggested Applications. I recommend never parsing structured documents , like xml or json with grep. You should use dedicated parsers that understands the document markup, and can intelligently address parts of it. I recommend: xml use xmlstarlet json use jq yaml use yq Of course anyone that looks at my code on the hpr gittea will know this is a case of "do what I say, not what I do." Never parse xml with grep, where the only possible exception is to see if a string is in a file in the first place. grep --max-count=1 --files-with-matches That's justified under the fact that grep is going to be faster than having to parse, and build a XML Document Object Model when you don't have to. Some Tips Always refer to examples and specification A specification is just a set of rules that tell you how the document is formatted. There is a danger in just looking at example files, and not reading the specifications. I had a situation once where a software developer raised a bug as the files didn't begin with ken-test- followed by a uuid . They were surprised when the supplied files did not follow this convention as per the examples. Suffice to say that was rejected. For us there are the rules from the RSS specification itself, but as it's a XML file there are XML Specifications . While the RSS spec is short, the XML is not, so people tend to use dedicated libraries to parse XML. Using a dedicated tool like xmlstarlet will allow us to mostly ignore the details of XML. RSS is a dialect of XML . All RSS files must conform to the XML 1.0 specification, as published on the World Wide Web Consortium (W3C) website. The first line of the tuxjam feed shows it's an XML file. The specification goes on to say "At the top level, a RSS document is a element, with a mandatory attribute called version, that specifies the version of RSS that the document conforms to. If it conforms to this specification, the version attribute must be 2.0." And sure enough then the second line show that it's a RSS file.

LINUX Unplugged
619: The Trouble with TUIs

LINUX Unplugged

Play Episode Listen Later Jun 15, 2025 72:56 Transcription Available


We spent the week learning keybindings, installing dependencies, and cramming for bonus points. Today, we score up and see how we did in the TUI Challenge.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices! 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

BSD Now
615: Wifi Brakes Unlocked

BSD Now

Play Episode Listen Later Jun 12, 2025 44:02


How to unlock high speed Wi-Fi on FreeBSD 14, What We've Learned Supporting FreeBSD in Production, rsync replaced with openrsync on macOS Sequoia, Framework 13 AMD Setup with FreeBSD, FreeBSD on Dell Latitude 7280, Backup MX with OpenSMTPD, Notes on caddy as QUIC reverse proxy with mac_portacl, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines How to unlock high speed Wi-Fi on FreeBSD 14 (https://freebsdfoundation.org/blog/how-to-unlock-high-speed-wi-fi-on-freebsd-14/) What We've Learned Supporting FreeBSD in Production (https://klarasystems.com/articles/what-weve-learned-supporing-freebsd-production/) News Roundup rsync replaced with openrsync on macOS Sequoia (https://derflounder.wordpress.com/2025/04/06/rsync-replaced-with-openrsync-on-macos-sequoia/) Framework 13 AMD Setup with FreeBSD (https://euroquis.nl/freebsd/2025/03/16/framework.html) FreeBSD on Dell Latitude 7280 (https://adventurist.me/posts/00352) Backup MX with OpenSMTPD (https://blog.feld.me/posts/2025/05/backup-mx-with-opensmtpd/) Notes on caddy as QUIC reverse proxy with mac_portacl (https://mwl.io/archives/24097) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions No feedback this week. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

BSD Now
614: Upstream Contributions Matter

BSD Now

Play Episode Listen Later Jun 5, 2025 63:54


The Hidden Costs of Stagnation: Why Running EOL Software is a Ticking Time Bomb, Maintaining FreeBSD in a Commercial Product – Why Upstream Contributions Matter, LLMs ('AI') are coming for our jobs whether or not they work, Implement Anubis to give the bots a harder time, erspan(4): ERSPAN Type II collection, Just my memory here is how I've configure OpenBSD and FreeBSD for a IPv6 Wifi, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines The Hidden Costs of Stagnation: Why Running EOL Software is a Ticking Time Bomb (https://freebsdfoundation.org/blog/the-hidden-costs-of-stagnation-why-running-eol-software-is-a-ticking-time-bomb/) Maintaining FreeBSD in a Commercial Product – Why Upstream Contributions Matter (https://klarasystems.com/articles/maintaining-freebsd-commercial-product-why-upstream-contributions-matter/?utm_source=BSD%20Now&utm_medium=Podcast) News Roundup LLMs ('AI') are coming for our jobs whether or not they work (https://utcc.utoronto.ca/~cks/space/blog/tech/LLMsVersusOurJobs) Implement Anubis to give the bots a harder time (https://dan.langille.org/2025/05/03/implement-anubis-to-give-the-bots-a-harder-time/) erspan(4): ERSPAN Type II collection (https://www.undeadly.org/cgi?action=article;sid=20250512100219) Just my memory here is how I've configure OpenBSD and FreeBSD for a IPv6 Wifi (https://vincentdelft.be/post/post_20250208) Beastie Bits Some Interesting pieces of history Netnews History (https://www.cs.columbia.edu/~smb/papers/netnews-hist.pdf) History of Solaris (https://cse.unl.edu/~witty/class/csce351/howto/history_of_solaris.pdf) Nuclear Wall Charts (https://econtent.unm.edu/digital/collection/nuceng/search) [TUHS] The Case of UNIX vs. The UNIX System (https://www.tuhs.org/pipermail/tuhs/2025-February/031403.html) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Paul - my setup (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/614/feedback/Paul%20-%20my%20setup.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

BSD Now
613: DragonflyBSD 6.4.2

BSD Now

Play Episode Listen Later May 29, 2025 53:24


Isolating Containers with ZFS and Linux Namespaces, DragonFly BSD 6.4.2, FreeBSD fans rally round zVault upstart, For Upcoming PF Tutorials, We Welcome Your Questions, Using ~/.ssh/authorized keys to decide what the incoming connection can do, PDF bruteforce tool to recover locked files, How and why typical (SaaS) pricing is too high for university departments, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Isolating Containers with ZFS and Linux Namespaces (https://klarasystems.com/articles/isolating-containers-with-zfs-and-linux-namespaces/?utm_source=BSD%20Now&utm_medium=Podcast) DragonFly BSD 6.4.2 (https://www.dragonflybsd.org/release64/) FreeBSD fans rally round zVault upstart (https://www.theregister.com/2025/05/12/second_preview_zvault/) News Roundup For Upcoming PF Tutorials, We Welcome Your Questions (https://bsdly.blogspot.com/2025/05/for-upcoming-pf-tutorials-we-welcome.html) Using ~/.ssh/authorized keys to decide what the incoming connection can do (https://dan.langille.org/2025/04/17/using-ssh-authorized-keys-to-decide-what-the-incoming-connection-can-do/) PDF bruteforce tool to recover locked files (https://dataswamp.org/~solene/2025-03-09-test-pdf-passwords.html) How and why typical (SaaS) pricing is too high for university departments (https://utcc.utoronto.ca/~cks/space/blog/tech/UniversityTypicalPricingTooHigh) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Nils - CFP (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/612/feedback/nils%20-%20CFP.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Wednesday May 28th 2025: Securing authorized_keys; ADAuditPlus SQL Injection; Dero Miner vs Docker API

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later May 28, 2025 6:37


SSH authorized_keys File One of the most common techniques used by many bots is to add rogue keys to the authorized_keys file, implementing an SSH backdoor. Managing these files and detecting unauthorized changes is not hard and should be done if you operate Unix systems. https://isc.sans.edu/diary/Securing%20Your%20SSH%20authorized_keys%20File/31986 REMOTE COMMAND EXECUTION ON SMARTBEDDED METEOBRIDGE (CVE-2025-4008) Weatherstation software Meteobridge suffers from an easily exploitable unauthenticated remote code execution vulnerability https://www.onekey.com/resource/security-advisory-remote-command-execution-on-smartbedded-meteobridge-cve-2025-4008 https://forum.meteohub.de/viewtopic.php?t=18687 Manageengine ADAuditPlus SQL Injection Zoho patched two SQL Injection vulnerabilities in its ManageEngine ADAuditPlus product https://www.manageengine.com/products/active-directory-audit/cve-2025-41407.html https://www.manageengine.com/products/active-directory-audit/cve-2025-36527.html Dero Miner Infects Containers through Docker API Kaspersky found yet another botnet infecting docker containers to spread crypto coin miners. The initial access happens via exposed docker APIs. https://securelist.com/dero-miner-infects-containers-through-docker-api/116546/

BSD Now
612: Zip Bomb Protection

BSD Now

Play Episode Listen Later May 22, 2025 37:33


I use Zip Bombs to Protect my Server, Owning the Stack: Infrastructure Independence with FreeBSD and ZFS, Optimisation of parallel TCP input, Chosing between "it works for now" and "it works in the long term", Losing one of my evenings after an OpenBSD upgrade, What drive did I just remove from the system?, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines I use Zip Bombs to Protect my Server (https://idiallo.com/blog/zipbomb-protection) Owning the Stack: Infrastructure Independence with FreeBSD and ZFS (https://klarasystems.com/articles/owning-the-stack-infrastructure-independence-with-freebsd-zfs/?utm_source=BSD%20Now&utm_medium=Podcast) News Roundup Optimisation of parallel TCP input (https://www.undeadly.org/cgi?action=article;sid=20250508122430) Chosing between "it works for now" and "it works in the long term" (https://utcc.utoronto.ca/~cks/space/blog/sysadmin/WorksNowVsWorksGenerally) Losing one of my evenings after an OpenBSD upgrade (https://www.ncartron.org/losing-one-of-my-evenings-after-an-openbsd-upgrade.html) What drive did I just remove from the system? (https://dan.langille.org/2025/04/21/what-drive-did-i-just-remove-from-the-system/) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Benjamin - Street PCs (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/613/feedback/Benjamin%20-%20street%20pcs.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

BSD Now
611: Ghosty Things

BSD Now

Play Episode Listen Later May 15, 2025 49:02


GhostBSD: From Usability to Struggle and Renewal, Why You Can't Trust AI to Tune ZFS, Introducing bpflogd(8): capture packets via BPF to log files, What I'd do as a College Freshman in 2025, FreeBSD and KDE Plasma generations, Improvements to the FreeBSD CI/CD systems, FreeBSD as a Workstation, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines GhostBSD: From Usability to Struggle and Renewal (https://freebsdfoundation.org/our-work/journal/browser-based-edition/downstreams/ghostbsd-from-usability-to-struggle-and-renewal/) Why You Can't Trust AI to Tune ZFS (https://klarasystems.com/articles/why-you-cant-trust-ai-to-tune-zfs/?utm_source=BSD%20Now&utm_medium=Podcast) News Roundup Introducing bpflogd(8): capture packets via BPF to log files (http://undeadly.org/cgi?action=article;sid=20250425074505) What I'd do as a College Freshman in 2025 (https://muratbuffalo.blogspot.com/2025/04/what-id-do-as-college-freshman.html) FreeBSD and KDE Plasma generations (https://euroquis.nl//freebsd/2025/03/02/kde5.html) Improvements to the FreeBSD CI/CD systems (https://freebsdfoundation.org/blog/improvements-to-the-freebsd-ci-cd-systems/) FreeBSD as a Workstation (https://darknet.sytes.net/wordpress/index.php/2025/03/16/freebsd-as-a-workstation/) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Effie - FreeBSD as a Workstation (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/611/feedback/effie%20-%20freebsd%20as%20a%20workstation.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)