Episode Transcript
Transcripts are displayed as originally observed. Some content, including advertisements may have changed.
Use Ctrl + F to search
0:03
I have been exploring the secrets
0:06
of the TPM. Is that anything
0:08
like the TPS report from
0:10
Office Space? Almost exactly as
0:12
useless. No, no, no. I jest, of course. So
0:15
TPM stands for Trusted Platform
0:18
Module,
0:19
which is not a terribly useful
0:21
descriptive name. It's basically
0:24
a bit of hardware on your computer
0:26
that can do things like encrypting,
0:30
decrypting and storing small
0:32
amounts of data. But it also looks
0:35
at your machine and tries to understand
0:37
what state various bits of it are
0:39
in. And it can use
0:41
those states to make decisions about whether
0:44
or not it should decrypt the data that
0:46
you're asking it for.
0:47
Are the states things like, has
0:50
the computer been taken apart and is it
0:52
currently in a laboratory in some
0:54
foreign actor or something? Or is it simpler than
0:56
that?
0:57
Not necessarily that specific, but that
0:59
sort of thing. It tries to essentially
1:01
tell if someone has tampered with the
1:04
known state of the computer, like have
1:06
they turned secure boot off or
1:09
has the boot loader changed? Has the firmware
1:11
been changed? Things like that. And there's other things
1:13
that the operating system can hook into, I
1:15
think, as well.
1:17
Now, the reason that I got interested in this is
1:19
because I use
1:21
full disk encryption on my work
1:24
laptop and I
1:27
find it a bit of a pain when
1:29
I have to reboot. For
1:32
example, recently Ubuntu
1:34
started requiring you to reboot to install
1:37
some software updates.
1:39
And the workflow for that became reboot,
1:42
enter your decryption password, let it run
1:44
the updater, and then it reboots
1:46
again. And then you have to enter your encryption password again,
1:49
and then it boots back into your system. And
1:51
that was a right pain having to do
1:53
that. And other times that I might, I
1:56
haven't actually taken my laptop anywhere, so I'm not worried
1:58
about anyone.
2:00
I've not left it side, so it's not like
2:02
it's someone else trying to do anything. It's just me
2:04
pressing reboot from my logged in system.
2:07
And it would be nice if I didn't always
2:09
have to enter the encryption password. So I got
2:11
wondering whether using the TPM
2:14
might be a way around this. So
2:17
I found some useful and some less
2:19
useful guides to this on the internet.
2:22
One went into quite a bit of detail about how to set
2:24
up a script that ran boot and
2:27
ran some commands against the TPM and got
2:29
it to give
2:30
you the encryption key, which
2:32
all seemed to run okay except that it
2:35
didn't actually get an encryption key out for
2:37
some reason. When I ran the commands in a logged
2:39
in system, it worked. And when it tried
2:41
to do it at boot, it just didn't get anything. So I was obviously
2:44
doing something wrong there.
2:45
And then I found
2:47
another tool called System
2:50
D with TPM2, which completely bricked my
2:52
system. I should say I was doing this on a VM.
2:55
That's fine. In fact, I was using QuickMU
2:57
with the TPM equals on option
2:59
to test this out, because I didn't want to actually
3:01
be doing this on a real system. But
3:04
while I was doing this, I ended up reading some
3:07
man pages,
3:08
as you do, and found
3:11
in the man page for crypt tab that
3:13
you can configure crypt tab to
3:16
point to your TPM directly
3:18
without any additional tools or
3:20
utilities or scripts that you have to write yourself.
3:23
And I imagine crypt tab is
3:25
something that works alongside FS
3:27
tab to say these file systems
3:29
are encrypted. And here are the strategies
3:32
to provide decryption keys.
3:35
That's exactly what it does. Yes. So you have
3:37
a list of here are your encrypted devices and here
3:39
are what they're called. And then one of those
3:41
names maps to the thing that you're mounting in FS
3:43
tab.
3:45
Finding this, I managed to do
3:47
quite a bit of digging and find that there's a
3:50
command called system D dash crypt
3:52
enroll.
3:53
And what this does is generates
3:56
a decryption key adds
3:58
it to your luck. encrypted
4:01
volume because you can have multiple
4:03
keys associated with the volume
4:06
and then it stores that in the TPM
4:09
and does some other wizardry in the background
4:11
to connect things up. Then you edit
4:14
your crypt tab, you add an option there
4:16
to say which device it is. If
4:18
you've only got one TPM you just say auto and
4:20
it finds it and then you rebuild your
4:23
init RAMFS which is the system that runs
4:25
at boot to bootstrap everything and
4:28
then that will include the bits it
4:30
needs to read the stuff out of the TPM.
4:33
This was all going very well except
4:35
I was trying to do it on Ubuntu. For
4:40
some reason when you try and rebuild
4:42
init RAMFS on Ubuntu with this option
4:44
it doesn't recognize it and I tried a few
4:46
different versions with different versions of
4:49
crypt setup
4:51
but it just wasn't having any of it despite
4:53
other people saying they were successful doing this on
4:55
other distributions. So I
4:57
thought well someone said this works on Fedora
5:00
I'll give that a go and
5:01
I've read exactly the same thing on Fedora except
5:04
they use a utility called dracut
5:07
or something
5:08
of that effect to rebuild init RAMFS
5:11
and it worked so I ended up with a system
5:13
that I could boot into and
5:15
when I rebooted it would
5:18
decrypt the disk without me having to do anything.
5:21
Can I just clarify you're doing this all in a
5:23
VM that's talking to the fake
5:25
TPM module and you're doing
5:27
it with Fedora in a VM right?
5:30
In a VM yes and that's right isn't it Martin
5:32
it's actually it's a software TPM.
5:34
Yeah yeah so what Mark's using
5:37
here is my quickemu project which is
5:39
a wrapper around QEMU and
5:42
one of the things that I added to that project
5:44
was to enable
5:46
a software TPM emulator.
5:49
So this was the result I was looking for
5:51
except I didn't have the option
5:54
to if I shut down the
5:56
computer completely have it then ask
5:58
me for the password when I
5:59
logged in. So the way that the TPM
6:02
works is it has a number of things called
6:04
platform configuration registers, which
6:06
is basically where it stores like a signature
6:09
of the various things that it's
6:11
looking at. And you can tell
6:13
it when you're running system decrypting role,
6:15
which of the registers it should look at
6:17
to decide whether it should give up the encryption
6:20
key. But I went looking at what happens
6:22
to these registers when you reboot
6:24
versus when you power down and there's
6:27
no difference. So there's no way of saying
6:29
decrypt it for me when you reboot.
6:32
But if I do a cold boot, ask
6:34
me for the password. Okay, that has clarified
6:37
the scary thing I was thinking is surely
6:40
it could just unlock like at any point, like
6:43
when someone steals out of your bag. Exactly.
6:45
But this in theory should work. So
6:48
this has kind of got me thinking,
6:51
what's the actual use case for doing this? Because,
6:54
yes, it would stop the case where someone
6:56
takes the hard drive out of your computer
6:59
and then tries to decrypt it because the
7:01
encryption key only lives in that
7:03
TPM. And once they've
7:06
started messing around with the hardware, it's not going to give it back.
7:08
They can't boot from a USB drive
7:10
and get it out. It's not going to accept that.
7:13
But it doesn't stop the case where,
7:15
you know, I'm getting off the train and someone
7:17
steals my bag and then they turn the computer on.
7:20
It boots, decrypts. And
7:22
yes, they're at the login screen and they can't actually log
7:24
in without my password. But
7:27
unless I'm wrong, my data is not completely secure
7:29
at that point. It is decrypted
7:32
or accessible decrypted on the
7:34
computer somehow if they could find
7:37
some other exploit if there was a bug
7:39
in the lock screen that meant if they mashed the keyboard
7:41
a lot, it crashed something
7:44
like that. They don't even need to do that. They
7:46
could just change the in its shell
7:48
to bim bash.
7:49
They could decrypt the disk and have it
7:52
boot straight to the root prompt running
7:54
bash. So there is other things
7:57
which you can do like locking down
7:59
grub. and locking down your
8:02
EFI config so that things can't
8:04
be edited like that. Oh, okay.
8:06
Well, the only editing would be at the point when
8:08
you press F10 or
8:10
whatever button triggers your grub, press
8:13
down arrow, edit the line. And if you
8:15
can stop them being able to edit the line
8:18
at boot time, I don't know
8:20
if grub does that. Right.
8:21
I'm pretty sure it's possible that you can lock
8:23
down things like that as well, which
8:26
would stop them being able to do that. But I still don't
8:28
feel comfortable with the idea that I've
8:30
enabled full disk encryption, but whenever
8:32
you boot the laptop, it just decrypts
8:35
anyway.
8:36
So I'm sort of wondering, yeah, am I missing
8:38
something here? Maybe one of our
8:40
security-minded listeners might be able to enlighten
8:43
me as to this. Or I wondered if one
8:45
of you two might understand this better than
8:47
I do, but it seems like an odd
8:50
setup to me. So I'd be
8:52
interested to hear anyone's input on this.
8:54
So to be clear, you haven't enabled it on your host.
8:57
You were fiddling with this entirely in a VM
8:59
to get it working and understand the technology, but
9:02
it didn't seem to fit as you want. And so
9:05
help. Yes.
9:06
Yeah. I can't offer any assistance
9:08
with this because I've never used TPM
9:11
for disk encryption. So
9:13
I have zero experience. Have
9:15
you used it for something else? The only time
9:18
I used it was when I integrated
9:20
it into QuickMU in order
9:22
to get Windows 11 images to
9:25
boot. That was the reason that I
9:27
tampered with it. So it was purely
9:29
just to satisfy the system requirement for
9:31
Windows 11. And that is where my
9:34
TPM knowledge starts and ends.
9:38
Linux Matters is part of the Late Night Linux
9:40
family. If you enjoy the show, please
9:42
consider supporting us and the rest of the Late
9:44
Night Linux team using the PayPal or
9:47
Patreon links at linuxmatters.sh
9:49
slash support.
9:50
For $5 a month on Patreon, you can
9:53
enjoy an ad-free feed of our show
9:55
or for $10 get access to all the Late
9:57
Night Linux shows ad-free.
9:59
You can get in touch with us via email, show
10:02
at linuxmatters.sh, or chat
10:04
with other listeners in our Telegram group.
10:06
All the details are at linuxmatters.sh
10:09
slash contact.
10:13
I've migrated to a dual GPU
10:15
system in two of my workstations,
10:18
so I have Radion and Nvidia
10:21
sitting in my PCs, K-I-S-S-I-N-G.
10:24
I do hope they're not touching. That could lead to all
10:27
kinds of electrical failure. Well,
10:29
maybe they're not touching physically, but they're definitely
10:32
interacting digitally. So
10:34
is this, you've got two graphics cards with
10:36
separate outputs plugged in, or are they doing some
10:39
sort of combined processy
10:41
output thing to a single
10:43
screen? They are
10:45
not both driving displays.
10:47
Let me explain. So this
10:50
all started when I used to have
10:52
an RTX 3090 in
10:55
my main workstation.
10:57
And it's a fantastic GPU, but
10:59
it has one considerable drawback
11:02
in that it has 24 gigabytes
11:05
of video memory, and half
11:07
of that video memory is on the rear
11:09
of the card. And the heat that
11:12
that memory creates
11:14
is dissipated by a metal backplate.
11:17
And that metal backplate was 99
11:21
degrees Celsius at
11:24
all times. Wow. And
11:26
that backplate is also
11:29
adjacent to the fan
11:32
in the case that pushes air
11:35
out of the case.
11:36
But what it's actually doing is it's blowing
11:39
superheated air at
11:41
the radiator for the CPU
11:44
water cooling. And it was turning
11:47
that water radiator
11:50
into a space heater. And
11:52
the direction of air that is exhaust
11:55
from the case was at me. So what that
11:57
meant was is that it was permanent.
11:59
permanently being blasted
12:02
with not just warm but
12:04
considerably hot air and
12:07
during the summer months that was just intolerable.
12:10
So as much as I liked the GPU
12:12
I thought I've got to
12:14
find a better way of doing things and
12:17
amazingly using two
12:19
GPUs is actually the solution.
12:23
So what I've done is I took the 3090 out
12:26
which is an over triple slot card
12:28
so it takes up half of
12:29
the available space in the
12:32
cut. Physically it's huge. So I took
12:34
that out and I replaced that with
12:36
a Radian RX 6700 XT
12:39
which is a dual slot card
12:41
and it's what you'd call a mid-range
12:44
GPU I imagine.
12:45
And then with the space that
12:48
made in the case I was able to reorder
12:50
the other cards on
12:52
the motherboard and free up a
12:54
single slot space
12:57
on the motherboard and in there
12:59
I added an Nvidia
13:02
T1000 GPU
13:04
and these are rather dinky. In
13:06
fact it's a single slot GPU
13:08
and it only takes power from the
13:11
bus which means technically
13:13
it can only pull 75 watts. That's
13:16
the maximum that the PCI slot can deliver
13:18
and actually the card uses way way less than
13:21
that. So by doing this
13:23
the RX 3090 at idle
13:26
would use about 40 watts of power
13:28
which is not too bad for a GPU but
13:30
under load it would get up to like 365
13:34
watts. It's an absolute power pig
13:36
you know in that regard but it doesn't
13:38
matter whether it's idle or going
13:40
full bore that back plate is 99 degrees
13:44
all the time. That
13:46
was the main problem. Was it not possible
13:48
to just like turn the case 90 degrees
13:51
and face the other way and blow the hot
13:53
air out
13:53
the door or something you had you had to
13:55
go. When it did have to go it didn't really matter
13:57
that it was blowing it at me that heat had
13:59
go into this room in some way
14:02
or other. It would find you, yes.
14:04
Using the Radion 6700 alongside the NVIDIA
14:09
T1000 has brought the power consumption down considerably.
14:12
The two together under idle
14:15
conditions, the Radion uses
14:17
about 30 watts of power when it's
14:19
just moving the desktop around, and
14:23
as best as I can tell the NVIDIA T1000 uses between 4
14:25
to 5 watts when idle, because it's really
14:29
not doing anything. I only have the
14:31
displays plugged into the Radion GPU.
14:34
This
14:34
NVIDIA GPU is purely
14:37
for compute and I'll get to
14:39
how I use it in just a moment.
14:41
And when the system is under load, let's
14:43
imagine I am game streaming, so
14:46
playing games and streaming that all
14:48
with OBS. The
14:50
Radion is using about 190 watts
14:53
to basically composite OBS
14:55
and play the game, and
14:58
then the NVIDIA GPU is
15:00
just being used for the compute
15:02
to do the encoding of the video
15:04
stream that gets sent to Twitch or
15:06
wherever. I've seen other people suggest
15:09
having two GPUs, and in fact I've
15:11
seen some people online who profess
15:13
to be expert at OBS
15:16
suggesting that this was actually not a good
15:18
thing and you should absolutely not put two GPUs
15:21
in a machine, but you should just throw one big
15:23
GPU at it. And so it's interesting
15:25
to hear your experience of it
15:27
being
15:28
good and performant and not
15:30
hot. Yes, so it works very
15:32
well in as much that now I'm
15:35
getting considerable power savings, so
15:37
under load this new configuration is
15:39
using about 150 watts less than the 3090, and the
15:42
temperatures are
15:48
way down. Both those GPUs
15:50
sit around 50 to 60 degrees
15:52
depending on the load that they're under, so
15:54
it isn't generating that same
15:57
volume of heat
15:58
into the case. the room around
16:00
me. And are there any complications with
16:03
installing the, I assume
16:05
that you're using the vendor
16:07
supplied drivers for both of these or
16:10
are you using the open source drivers
16:12
for AMD? And yeah, what's it
16:15
like having both of those installed and managing
16:17
that? That's an excellent question because that's actually
16:19
sort of the secret source in making this
16:22
all work. And kind of goes
16:24
to Alan's point about like people
16:26
recommend not doing this. I imagine
16:28
maybe those people aren't running
16:29
Linux where this, where
16:32
Linux kind of shines at this
16:34
particular sort of use case.
16:36
So I'm just using the regular
16:39
drivers to run the radian
16:41
stuff. So I don't use the AMD
16:44
GPU pro drivers or whatever they're called.
16:46
I'm just using the open source
16:48
drivers plus the firmware that you
16:50
get with the Linux firmware bundle. And
16:53
that means that Wayland and all
16:55
of that stuff works, including
16:58
video acceleration, hardware,
16:59
encoding and what have you is
17:02
available on the radian GPU,
17:04
but I'm choosing not to use it.
17:06
On the Nvidia side, just using
17:09
the Nvidia proprietary drivers.
17:11
But the important step here is on
17:13
Ubuntu, there's a meta package for the Nvidia
17:16
drivers, which has dash headless in
17:18
the name. And effectively, that
17:21
includes all of the Nvidia drivers,
17:24
except the display
17:26
server drivers, so no XOR
17:28
drivers. And so that
17:31
enables things like CUDA and NVENC
17:33
and all the compute capabilities, but
17:36
it has no facility to drive displays
17:38
at all. So when you run those
17:40
two side by side, you now
17:43
get the full compute capability
17:45
of an Nvidia GPU,
17:47
but none of the display output. And that's
17:49
also what helps keep the power
17:51
draw of that Nvidia GPU down because actually
17:54
driving the displays is what actually pumps
17:56
a load of voltage through the GPU
17:59
in order to drive the
17:59
those displays.
18:01
And I was talking about temperatures
18:04
and power consumption earlier.
18:07
I'm able to measure that with NV top.
18:09
So it's a little command line love for you here.
18:11
NV top's been around for ages. The NV
18:14
is a clue that it was an Nvidia tool, but
18:17
it recently added support for multi GPUs.
18:19
So when I run NV top now, it's a stacked
18:22
display and I can see all of the metrics
18:24
for both GPUs, what's running
18:26
on them and all the rest of it. So with
18:29
this configured and I've run this
18:31
configuration
18:31
on Ubuntu and I'm now running
18:33
it on Nix OS. On
18:36
Nix OS, it's a slightly different configuration
18:38
in
18:39
that you just tell your Nix OS configuration
18:41
that you're using what's called reverse sync.
18:44
Because traditionally when you have
18:46
an Nvidia GPU, it wants to be the
18:48
primary and the other things it's
18:51
subordinates. And what we're doing is we're tipping
18:53
that on its head. I want the Radian
18:55
GPU to be the primary and I just
18:57
want the Nvidia GPU to be the sibling,
19:00
the dumb thing that we just
19:02
do compute with. And it works as
19:05
well on both. It's been really
19:07
stable. I've been running this for like nine months
19:09
now. It's been really great. But
19:11
this means I have all the benefits of running a Radian
19:14
driver on the desktop. So Wayland,
19:17
if you care about those things, will work just
19:19
fine. But most importantly,
19:22
all of those workloads were an Nvidia GPU
19:24
is required. For example, DaVinci
19:27
Resolve. DaVinci Resolve will work
19:29
even though the display driver is using Radian
19:32
and it has a requirement for CUDA.
19:35
It finds the CUDA being
19:38
satisfied by this other GPU, which
19:40
means you can do your effects
19:42
composition on the Nvidia GPU
19:45
and the video encoding on the Nvidia
19:48
GPU all seamlessly. And
19:50
the same is true on OBS Studio.
19:53
Everything's composited with the Radian, but
19:55
then the Nvidia GPU is used
19:57
for all of the hardware encoding, but you can turn it on.
19:59
and all of the quality settings up to 11
20:03
on the NVIDIA GPU because all it's
20:05
doing is that encoding piece. So you get
20:07
no penalty of your game performance
20:10
where the NVIDIA GPU can sometimes take
20:12
too much when it's doing the video
20:14
encoding away from the game. It's interesting,
20:17
I have a not quite as complicated but
20:19
similar setup of multi GPUs in the
20:21
NUC that is on
20:23
my desk here, which has an
20:25
inbuilt Intel CPU, an AMD GPU
20:28
and externally an eGPU,
20:31
which is an NVIDIA card. But
20:33
I'm using them the other way around the traditional way. The NVIDIA
20:36
is driving the displays and the AMD is for
20:38
whatever else I can use it for. Yeah,
20:41
it's interesting that you can actually use both
20:44
the GPUs at the same time with both drivers
20:47
loaded and it works fine on
20:49
Linux and on Windows. Right, so you've used
20:51
it with Windows and Linux quite happily.
20:53
Yeah, yeah. I mean, maybe
20:55
some people haven't experimented with this in other
20:58
parts of the world because they live in places
20:59
where air conditioning is ubiquitous
21:03
and they wouldn't run into this particular,
21:06
you know, climate issue. Or they live in Norway
21:08
where it's just naturally cold.
21:10
Yeah, exactly. And I also
21:13
have an Intel Arc GPU. And
21:16
what I'm going to be looking at next is how
21:18
I can potentially use the Intel Arc
21:20
GPU in a similar configuration.
21:22
So maybe use Intel Arc as the primary
21:25
with NVIDIA alongside it. Or
21:27
maybe in my test workstation,
21:30
all three GPUs at the same time
21:32
and see what madness we can cook up there.
21:35
But yeah, it's been a great configuration.
21:37
So if you have got mixed workloads,
21:40
dual GPU setups on Linux, work
21:42
a treat, and these T
21:45
series cards from NVIDIA, single
21:47
slot, bus powered, not tons
21:50
of CUDA performance, something around
21:52
the sort of 1050 Ti sort of region. But
21:58
in terms of their video encoding... performance
22:00
exactly the same as a 3090, so pretty great.
22:06
I
22:06
have a further update to what I
22:08
talked about in episode 10. And
22:11
a small reminder is that last time I downloaded
22:14
some historical EV data,
22:17
charging data from BMW, the
22:19
manufacturer of the car. And I
22:22
uploaded it to Axiom, my employer,
22:24
to build a dashboard so I could see some
22:27
detail about the different types of places
22:29
where I've charged and how frequently
22:32
I use my home charger and other
22:34
charges. So that's what I talked about
22:36
in the last episode, go back for a refresher to
22:38
listen to episode 10 for that. But
22:41
the problem with that is I only had the historical data
22:43
and I've had the car for 18 months and I could download
22:45
a snapshot of that 18 months, but
22:48
I couldn't use that to get ongoing
22:50
data because I'm still on the car and I'm still charging
22:52
the car every day or so. And
22:55
so I wanted to get ongoing
22:57
data and BMW has
22:59
an API for getting that car
23:01
data and I tried to
23:03
register. They have a service called AOS,
23:06
which is after sales online system
23:09
and I got rejected.
23:12
I applied for access and
23:14
they said nine. So
23:16
I said, please, it's my
23:19
car and I would like access to the
23:21
data around my car and I got redirected
23:23
to another department who also
23:26
said no, because and
23:28
I quote, I do not fit to
23:30
be a publisher of technical information.
23:33
So what I think it is, is it's designed
23:35
for app developers or people
23:38
who work in the automotive industry who want to
23:40
integrate with the car
23:42
system in some way.
23:44
And I kind of moaned a little bit on Mastodon
23:47
and then I did a bit of
23:49
Googling and actually found
23:52
a tool that helped me and
23:54
it's called Bimmer Connect.
23:57
Bimmer being the colloquial
23:59
name.
23:59
for BMW manufactured motor
24:02
vehicles. I went down a little bit of a rabbit
24:04
warren in the UK.
24:06
We tend to call them Beamer's, but actually Beamer
24:08
is generally the term for the motorcycles made
24:11
by BMW and Beamer is the
24:13
term for the cars apparently. And
24:15
there's a different name they use in China that
24:17
sounds very much like a boamer,
24:20
which sounds a bit like a cow or something.
24:23
It's very strange. Anyway, there's a whole article on the BMW's
24:25
website about Beamer, Beamer, and
24:28
so on.
24:29
Anyway, there's this piece of software called Beamer
24:31
Connected and it's open source. And
24:34
it's a library to query the
24:36
status of your BMW or your Mini using
24:38
the connected drive portal. And the connected drive portal
24:40
is a thing that I have a sign on for, because
24:43
it's the thing that the official app uses
24:46
to link you as a person to your
24:48
car. And this thing is a Python library.
24:50
So you could use it to query the API using
24:53
your existing username and password that you already
24:55
have and the VIN of your
24:57
car, the VIN being the vehicle
24:59
identification number or VIN number.
25:02
And it also has a command line
25:04
tool
25:05
you can use to get the data. And the command line
25:07
tool is called Beamer Connected.
25:10
And all you do is run Beamer Connected and you pass
25:12
it your username and password and the
25:15
region that you're in, because I think they've got multiple
25:17
endpoints for USA, China
25:19
and rest of the world. And then
25:21
it produces a JSON
25:23
dump of data about the car. And
25:26
what data about the car you ask? Well,
25:29
but this is different kind of data because
25:31
before you did like a data checkout,
25:34
it was all of your data
25:35
for all time. So yeah,
25:37
what is this? Is this everything again
25:39
or is this something else? No, this is just
25:42
a snapshot. And
25:44
the snapshot is like real time.
25:47
So if you query it multiple times over
25:49
a period of time, the data will change.
25:52
Well, some of the data will change. There's some of
25:54
it, which is stuff
25:55
that doesn't change, physical attributes of
25:57
the car, like the make and the model, the drive track.
25:59
whatever enabled capabilities
26:02
that the car has like electric windows and so
26:04
on. And there's some stuff that doesn't change
26:06
very often like software versions
26:08
that's reported in there as well. It's just
26:11
one big big JSON file. What
26:14
else is in there? The charge schedule.
26:16
So if you set it to charge at certain times that's
26:18
in there. The status of the doors
26:20
and the windows and the sunroof whether they're closed or
26:23
open which is good from
26:25
a security point of view. But the stuff I actually
26:27
wanted is also in there and the
26:29
stuff I wanted was the mileage, the
26:31
charge level, the range
26:34
and the latitude longitude and heading
26:36
of the car. So I can tell where it
26:38
is, what the charge level is and how many miles I've
26:41
done. And which way it's pointing. And which way
26:43
it's pointing yes which is very helpful. I
26:45
think the reason why they put that in there is
26:48
in the app it shows a little picture of your car and
26:50
it actually does show it which way the car
26:52
is pointing on a map which is yeah quite cute.
26:55
I don't know why that's useful but it is. So
26:58
I wrote a five line shell script
27:00
which calls BIMA connected with all
27:02
my credentials which dumps
27:05
out the JSON and then I just throw that at
27:07
Axiom using curl using our API.
27:10
And I do that, I was doing it every
27:12
minute but then realized
27:14
that was a little bit excessive to keep poking
27:16
it going where's my car where's my car where's my car every 60
27:19
seconds. Especially given when
27:22
I looked at the data I zoomed in on the
27:24
dashboard that I built in Axiom and I
27:26
could see that even if I poke the API every 60
27:28
seconds it only actually updates every five minutes.
27:31
So I think my car only reports status
27:34
every five minutes and so I dialed
27:36
back my script so that it goes
27:38
to sleep for five minutes and then pokes the API
27:40
again. And so now I have
27:43
the historical data and
27:45
I have ongoing data showing charge
27:47
level. It doesn't quite have all
27:50
the information that
27:51
I could get from the data dump. It doesn't
27:53
have like the street address of the charger where
27:55
it's currently sat but it does have latitude
27:58
and longitude and I can calculate.
27:59
If the car
28:02
was at a certain spot and the amount
28:04
of charge went up, then I could
28:06
log that somehow. So I can use
28:08
this information. It's just
28:10
not quite as nicely formatted. But
28:13
I could also once a month do
28:15
a takeout and get that historical
28:17
data again. And I'll put all of this
28:19
in a follow-up blog post to
28:22
the last one, and that one will be in the show notes. But I just thought
28:24
I'd mention that I've managed to wrap
28:26
this whole thing together with the takeout
28:29
and BIMR Connected.
28:29
And thank you to all the wonderful
28:32
people who've written and maintained
28:34
that BIMR Connected bit of Python. Well,
28:36
open source will find a way.
28:38
Yeah, it certainly does. As will a dodgy
28:40
shell script running on a server in my house.
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More