Page 1

security

Stop Spectre and Meltdown on Linux

11 Projects! Classic text adventures to RAW photo editing

FREE 4.7GB

DOWNLOAD

Privacy Toolkit 50+ tools Parrot 3.1 Tails 3.5

The #1 open source mag

stop Them

Spying! Master open source privacy tools to block the NSA and GCHQ snoopers

Pi User access the GPIO over desktop USB hacking with micropython

Juan Sรกnchez on developing Wayland

survive a Pi power failure

video chat

Remote desktop

Get the best open source conferencing solutions

Access all your PCs from the comfort of your sofa


Welcome Get into Linux today!

What we do

We support the open source community by providing a resource of information, and a forum for debate. We help all readers get more from Linux with our tutorials section – we’ve something for everyone! We license all the source code we print in our tutorials section under the GNU GPL v3. We give you the most accurate, unbiased and up-to-date information on all things Linux.

Who we are

This issue we asked our experts: We’re worrying about state surveillance in the UK, so how are things in your corner of the world? Sean Conway, Chilly Canada Would you like fries with that? This is a common up-sell question in many North America fast food establishments. I have concerns over how organisations collect and use information, because it impacts choice. What choice are we making, if what we’re given to choose from has been conditioned in the first place? Adam Oxford, Zuma-free South Africa There’s two schools of thought on state surveillance in South Africa. Either our spooks are operating without oversight and capturing everything, or we’re protected from their limitless powers by their own incompetence and lack of capacity. I believe the latter but preach the former.

Mayank Sharma, Eerie India There are two kinds of surveillance: one that you’re aware of and one that you aren’t. Just because you aren’t cognizant of Big Brother doesn’t mean there isn’t one. Since they can’t be done away with, I prefer mine to operate within a legal framework and with parliamentary oversight.

Alexander Tolstoy, Mother Russia It’s not about limiting freedom for the good, but rather fixing the issue of impunity for the bad. Those wearing black hats need to worry the most!

Mihalis Tsoukalos, Gorgious Greece We don’t have nearly as much surveillance in Greece compared to the UK, so at least we’re not aware of its excess presence in normal, day-to-day life. However, some places like embassies, airports and government buildings are under much more state scrutiny, in the form of both police officers and CCTV.

Surveillance State, UK! The UK’s “Snooper’s Charter” was described as “the most extreme surveillance law ever passed in a democracy” by the Open Rights Group. The Data Retention and Investigatory Powers Act (DRIPA) has been ruled unlawful three times now: in the UK High Court, in the European Court of Justice and most recently by the UK Court of Appeal. It turns out the UK government simply has no right and is breaking the law by collecting the entire nation’s internet activity and phone records, and enabling public bodies to grant themselves access to these personal details when there’s been no crime or even suspicious activity, without incredibly any independent oversight whatsoever. The complete disdain given to people’s privacy is worrying. The flippancy of government in giving seemingly unfettered and unquestioned access is shocking. The cost imposed on taxpayers for all of these systems is astounding. No one wants to impede law enforcement agencies, but neither does anyone want to wake up in a surveillance state, which is why there are always checks and balances in the system. So we have no qualms wielding our open source privacy toolkit, to mask our browsing, send encrypted messages to our friends and keep files locked privately away. Many of the noises coming from the UK government make it feel like it could even be lurching towards outlawing strong encryption, a muchderided position, but one that will put open source users in a difficult situation. Back in the late ‘90s the US banned exporting encryption stronger than 40-bits, later 56-bit with backdoors, which was largely futile and stifled innovation at the time. It certainly feels like a less-fun topic than usual; anything that involves repressive regimes is probably moving out of the Fun-Time Venn diagram and into the Deadly Serious one. But we do have plenty of lighter topics in here too, so if you’re in the privileged position of being able to, enjoy!

Neil Mohr Editor neil.mohr@futurenet.com

Subscribe & save!

On digital and print, see p24 www.techradar.com/pro/linux

April 2018 LXF235    3


Contents

Answers is back! On p14

“The Internet treats censorship as a malfunction and routes around it.” – John Perry Barlow

Reviews ii Intel 760p SSD................. 17 Solid state drives become ever faster, cheaper and more capacious. Intel is refreshing its entire range and this one is our favourite balancing price and speed.

stop Them

Spying! A tentacled surveillance regime is slipping right into your business. Jonni Bidwell reveals how to yank it all out on page 32!

It’s a lean, mean storage machine, which is handy, because it’s an SSD!

Crucial MX500 SSD......... 18 Want the biggest SSD at the lowest price, but still have all the speed? Let us introduce you to the Crucial MX500, a SATA-based option that offers everything you need.

Roundup: Conferencing tools p26

A1 Box Android...............19 Are these low-cost Chinese Android boxes everything they’re cracked up to be? Costing just a couple of ponies, we test   drive one of the latest models.

RedCore Linux 18.01....... 20

Shashank Sharma is convinced that   we’re in the ‘decade of rolling release distribution’, as he tries his hands at   a young Gentoo derivative.

Nitrux 1.0.8...................... 21

Pleasing Shashank Sharma is simply a matter of offering custom software and being a rolling release. Nitrux claims to have the first sorted, so how about the rest…?

Iconoclasts......................... 23

Andy Kelly is constantly repressed by Zealots… but enough of the Linux Format management, how about a game about being repressed by Zealots?

Interview

Battering enemies with her spinning wrench like a Wild West gunslinger.

4     LXF235 April 2018

What we’ve been doing for two years, is porting Chromium to Wayland! Juan José Sánchez loves Wayland. Find out why on p40 www.linuxformat.com


On your FREE DVD

p96 Tails 3.5 Live Parrot Home 3.1 Anarchy Linux 1.0.0 64-bit

32-bit

64-bit

Only the best distros every month

Raspberry Pi User

Subscribe & save! 24

In-depth... Fixing Meltdown & Spectre.. 44

Pi news.................................... 48

One of the most complex and far-reaching security flaws hits almost every modern processor. Luckily Mayank Sharma has a fix.

Mozilla release an IoT gateway technology designed to run on the Pi. Bang & Olufsen   are saving classic speakers with a Pi extension.

Inkyphat HAT......................... 49 Eink displays come to a Pi Zero near you, so Les Pounder paints the town black, white and red.

Vero 4K OSMC box................ 50 A Pi-beating mini-media box, running everyone’s favourite open source media centre.

PC-based GPIO...................... 52 We’ve heard of doing crazier things, but now you can gain GPIO access via your USB connection.

The bogeyman! Also known as CVE-20175754 or Meltdown to his Intel friends.

Uninterrupted Pi power....... 54 Nick Peers waits for no (wo)man, especially the electrician, so he’s built his own Pi-based UPS.

Tutorials

Coding Academy

Terminal ToDo.txt.............................56

Bash ninjas like Shashank Sharma can do everything from the command line, and preparing a to-do list is no exception.

Python adventures............... 88 Nate Drake takes us back to the days of bighair, Ziggy Stardust and being glints in our father’s eye. Also, writing text adventures!

Photography DarkTable.........................58

WordPress payments........... 92

Forget ropey Instagram filters, says Adam Oxford. Once you’ve started developing digital negatives you’ll never look back.

Kent Elchuk enhances our fledgling WordPress site by adding our own payment system and that even includes a PayPal option, yuk!

Compression Optimise your photos.....64

Regulars at a glance News.............................. 6 Roundup.....................26 Overseas subs...........63 Dealing with Spectre and Meltdown

Shunning human contact, Shashank

Shot out of a canon, straight into

doesn’t get easier, we’re a little closer

Sharma apes Howard Hughes and

your letterbox – we can send copies

to the Librem 5 smartphone, and

now only uses online conferencing.

of LXF all around the Earth’s flat disc.

Mozilla donates to FOSS projects.

Mailserver................... 10

Back issues................62 HotPicks......................81 We all want to build the best PC that

Alexander Tolstoy hasn’t been

Naughty things. Surveillance things.

runs Linux – we explain everything

mining Bitcoin at his local USSR

Expensive things. Terrible things.

you need to know in LXF234.

Nuclear Base, he’s too busy mining for top FOSS, including LibreOffice,

Passthrough things. All reader things.

Butteraugli, Telegram-Qt, Latte Dock,

User groups.................13

Dosbox-X, Nitroshare, TupiTube,

Les Pounder emigrates to the

Polybar, MATE, Phaser Quest  

beautiful land of Preston, Lancashire.

and SDLPoP.

Subscriptions............24

Next month................98.

Will the offers never end?! No they

After fasting since celebrating the

won’t, management demands you subscribe or we all suffer! <Wail>

Our subscription team is waiting to take your call.

birth of Jesus, we’re ready to fill back up with delicious Raspberry Pi. Yum!

www.techradar.com/pro/linux

Alexander Tolstoy explores image optimisation, and uncovers new ways to compress what’s already been squeezed.

Embedded MicroPython.....................68

Tim Armstrong has lost his mind constructing a wireless “Thing” on the internet, using LoRa, MicroPython and TheThingsNetwork. What is he on about?

Networking Remote computing..........72 That’s not a ghost in the machine, it’s a remote Mats Tage Axelsson playing around with your desktop from the comfort and safety of his concrete bunker hideout.

Protocols Next-gen IPv6...................76 Apparently, the internet is full. But, as   John Lane explains, there’s a bigger, better one waiting in the wings, biding its time for world domination. Buckle up, folks!

April 2018 LXF235    5


This ISSUE: General panic

Librem 5

Mozilla donates $$$

Godot 3.0 released

Security

Spectre and Meltdown vulnerability fallout Patches to mitigate the vulnerabilities are coming thick and fast, but there are still ongoing problems to deal with…

T

he Spectre and Meltdown vulnerabilities, which affect a huge range of processors and the machines that run on them, have been known for a while now, and the technology world is still reeling from the ramifications. Since last issue, where we delved into the vulnerabilities, a number of patches have been release by both hardware and software makers to help mitigate these issues. Some of these fixes have been more successful than others. Intel had to ask people not to download its initial update, when it was discovered that it was causing machines to crash. It’s since released a working fix, as described in a blog post (https://newsroom.intel.com/news/ security-issue-update-progresscontinues-firmware-updates) that outlines the progress the chipmaker has made in addressing these issues. There was also warnings that many – if not all – of the mitigations for Spectre and Meltdown would result in reduced performance on affected machines, and it looks like that has come to pass. In a blog post (which can

be read at http://www.brendangregg. com/blog/2018-02-09/kpti-kaisermeltdown-performance.html), Brendan Gregg, an industry expert in computing performance and cloud computing, noted that “the patches that workaround Meltdown introduce the largest kernel performance regressions I’ve ever seen”, and looked at the Linux kernel page table isolation (KPTI) patches and KAISER patches for Meltdown, and what kind of performance impact that introduce. His post is well worth reading, as it gives you an excellent idea of what the performance impact is, why it happens and what can be done to help reduce that impact.In some areas, Brendan noted that the patches could increase overheads by up to 800 per cent, though with thorough system tuning these levels will be reduced. Meanwhile, white hat hackers have been looking into Meltdown and Spectre to see what sort of exploits

details MeltdownPrime and SpectrePrime, exploits that leverage these flaws in modern processors via side-channel timing attacks. The SpectrePrime proof-of-concept exploit has already been successfully used on a MacBook with an Intel Core i7 processor. There is concern that it’ll be only a matter of time before we see malicious code exploiting these vulnerabilities in the wild, so it’s worth getting those patches even with their impacts on performance. Meanwhile, Linus Torvalds blew off more steam about the vulnerabilities with the release of Linux 4.15 (http://lkml.iu.edu/hypermail/ linux/kernel/1801.3/02794.html), saying “This obviously was not a pleasant release cycle, with the whole Meltdown/Spectre thing coming in the middle of the cycle and not gelling with our normal release cycle… There’s more work pending (arm, spectre-v1, misc details), and equally importantly, to get the biggest fix for the indirect branch mitigations, you need not just the kernel updates, you need to have a compiler with support for the “retpoline” indirect branch model.”

“Many of the mitigations for Spectre and Meltdown would result in reduced performance…” malicious users could utilise, and rather worryingly, they’ve already discovered plenty of potential exploits. Recently, security experts from Nvidia and Princeton University have authored a new research paper (read it at https:// arxiv.org/pdf/1802.03802.pdf), which

6     LXF235 April 2018

These things are still causing us headaches thanks to the Spectre and Meltdown vulnerabilities.

www.linuxformat.com


Newsdesk Hardware

Progress made on Librem 5 smartphone In an update report, the team behind the smartphone built on free and open source software shows how far it’s come along.

L

ike many of you, we’re looking forward to the Librem 5, a crowd-funded smartphone that will run on free and open source software and with a focus on security and privacy. We covered the device in depth in LXF229 and LXF231, so we’re always pleased to hear how the project is going. In a new progress report (which can be read at https://puri.sm/posts/librem5-progressreport-5), Nicole Faerber, mobile development lead, has some promising news, with the Librem 5 development board fitted with a modem card, running a web browser and terminal window. As

The Librem 5 is starting to take shape…

Nicole explains, work will need to be made to the GUI to make it usable on the Librem 5’s highresolution screen. Her team is currently working on the basic framework of the software, and they’re using oFono (https://01.org/ofono), a piece of middleware that enables the modem to make phone calls and send and receive text messages. A screenshot shared with the progress report shows a successfully-sent SMS message, revealing how far the phone has come. The blog post also goes into details about the challenges – and rewards – of building a smartphone from scratch, rather than, as Nicole puts it, a “yet-another Qualcomm SOC based phone”. A lot of research by the team was undertaken into the design of the phone, especially considering how modern smartphones are now made. As she explains, “current 3G/4G modems that include a firmware of 60 or more megabytes are becoming more common. It didn’t take long before storing this firmware became an issue as well as at run time, since this requires significant increases of RAM usage.” The entire blog post is well worth reading, as it shows the effort that’s going into what we hope will be a very special phone indeed.

Distros

Red Hat acquires CoreOS Company’s commitment to containerised programs boosted.

R

ed Hat, Inc has bought CoreOS for $250 million. In a press release (http://bit.ly/ core-os), Red Hat says its acquisition of CoreOS “will further its vision of enabling customers to build any application and deploy them in any environment with the flexibility afforded by open source.” Red Hat was also clear that its main focus with the acquisition was to strengthen its position when it comes to supporting containerised applications. CoreOS, which was founded in 2013, specialised in containerised applications and lightweight distributions, such as Container Linux. CoreOS is also responsible for the Docker-alternative rkt, and CoreOS Tectonic is a Containers as a Service, hybrid enterprise Kubernetes platform. Kubernetes is an open source system for

deploying, scaling and managing containerised applications, and Red Hat’s own OpenShift (www.openshift.com) platform utilises it. With the acquisition of CoreOS and its various products and technologies (especially Tectonic), Red Hat now has an array of tools for making working with Kubernetes, which is well known for its complexity, much easier to manage. It also puts Red Hat into a stronger position against its competitors, most notably Canonical, whose Ubuntu distro dominates the public cloud, and Docker, Inc, which provides a popular platform for containerised apps. In a statement Paul Cormier, president of products and technologies at Red Hat explains that, “We believe this acquisition cements Red Hat as a cornerstone of hybrid cloud and modern app deployments.”

www.techradar.com/pro/linux

Comment

Training for all Clyde Seepersad We’ve seen several years running from The Linux Foundation and Dice Open Source Jobs Report that there’s a significant skills shortage in open source. More developers, DevOps professionals and sysadmins are needed to maintain existing open source systems and expand new ones. The Linux Foundation has partnered with edX to help address this talent gap, and we are proud to report the effort seems to be working. Recently, the number of students enrolled in Linux Foundation training courses through edX has surpassed one million. That’s a million more individuals with knowledge of Linux, cloud, containers, blockchain and more. The fact that most of these courses are available free of charge has made professional open source training available to masses of people who were unable to afford it previously, with students coming from more than 200 countries. These courses have helped prepare countless individuals for new careers and formal certifications. And more courses are in the pipeline for 2018 and beyond. We encourage anyone interested in a new career or looking to improve their open source skills to view all the available training opportunities at https://training. linuxfoundation.org.

Clyde is general manager, training and certification at The Linux Foundation.

April 2018 LXF235    7


Newsdesk Comment

Belts ‘n’ braces

open source community

Mozilla pumps $1.65 million into projects Company’s support programme had a great 2017.

Keith Edmunds Do you mandate twofactor authentication (2FA) on the systems you manage? It’s ever easier to do, and thus there are ever fewer excuses not to. Take WordPress, for example. A very popular, flexible CMS used by some big businesses as well as smaller ones and individuals, and thus a popular target for crackers. Two simple actions make it significantly harder to compromise: remove or rename the “admin” user, and mandate 2FA for all admin logins. There are a number of 2FA plugins for WordPress: we use ‘Two-Factor’ by George Stephanis, an open source implementation that’s hosted on Github (no connection, just satisfied users). It supports 2FA using one-time passwords, such as the (excellent) “Authy” (Android, iOS) and – arguably even better – Universal 2nd Factor, such as the YubiKey. There are other options too, including emailing a one-time password. If you’re responsible for a WordPress site, you can set this up, for free, easily. Just be aware that user configuration of two-factor is done from the WordPress “Users” admin pages, not the plugin pages. Look – you have 2FA on your website! Mandating 2FA for all SSH logins is a little more involved, but you’re already on the way. Keith is the managing director at Tiger Computing Ltd (www.tiger-computing.co.uk)

8     LXF235 April 2018

M

ozilla is arguably one of the biggest success stories from the open source community, so it’s heartening to see that it’s giving back so much to the open source and free software movement. In a blog post (which can read more about at http://bit.ly/mozilla-blog), it’s revealed that the Mozilla Open Source Support (MOSS) program – which was created to celebrate and support open source projects that contribute to Mozilla’s work and to the health of the Internet – has invested $1.65 million in 2017. In the blog post, a number of worthy recipients of the MOSS program are listed, including Buildbot (https://buildbot.net), a Python-based continuous integration server. Another Pythonbased recipient was the Python Package Index, which provides essential support to the Python

ecosystem by supporting the download of over 100 million packages every week. However, the platform it runs on is now showing its age, which is why the MOSS program awarded $170,000 to help it replace the existing codebase. It’s well worth reading the whole blog, as there are some wonderful projects that are being supported, and if there’s a project you want to see supported in the future, you can submit a suggestion at http://bit.ly/moss-form.

open Hardware

game engine

Mozilla is giving back to the community, in the form of millions of dollars.

First RISC-V PC GODOT 3.0 FOSDEM attendees glimpse released the Linux-based board.

No more waiting necessary.

A

t this year’s FOSDEM, SiFive (www.sifive. com) announced the HiFive Unleashed – the first Linux-ready RISC-V System on Chip (SoC), which features a quad-core, 64-bit Freedom U540 chip. It costs $999 and can be bought from Crowd Supply (www.crowdsupply. com/sifive/hifive-unleashed), with deliveries around 30 June 2018. The board features the first multi-core RISC-V processor that supports Linux, and comes with four 1.5GHz U54 RV64GC CPU cores and an E51 RV64IMAC management core with Sv39 virtual memory support. 8GB of DDR4 RAM, 32MB quad SPI flash, a microSD slot, Gigabit Ethernet port and FMC connector round out the features.

Got a spare thousand dollars in your pocket?

www.linuxformat.com

A

new major release of Godot (https:// godotengine.org), the free and open source engine for game developers, has been released. As the team admitted in a blog announcing the release (which can be read at https://godotengine.org/article/godot-3-0released), Godot 3.0 was a much bigger release than they anticipated, and meant the team skipped releasing Godot 2.2 altogether, instead focusing on the major release. The features list of Godot 3.0 is impressively long, with a new physically-based 3D renderer, Mono/C# support, virtual reality support, bullet physics backend, a new networked multiplayer API, and more. Basically, pretty much any feature you’d need to build a modern game. The new 3D renderer is particularly impressive and helps make Godot 3.0 a powerful alternative to other game engines. It’s the first game engine to offer the full range of Disney’s principled BSDF for physically-based rendering, and thanks to its rendering architecture the rendering of complex materials can be made at no extra cost, which should hopefully lead to some incredible graphics in future Godot-based games.


Newsdesk Comment

Distro watch

Happy birthday!

What’s behind the free software sofa?

Mark Filion

VLC 3.0 A major release of the popular open source video player is now available to download, and brings a huge amount of TITLE new features for enjoying modern media files. It supports video resolutions up to a whopping 8K, HDR support for compatible screens, and the ability to play 360-degree video (with 360-degree audio). Perhaps more usefully, it can now also stream videos to a Chromecast, and is available to download from www.videolan.org/vlc/ releases/3.0.0.html. One of the best media playing applications has just got even better.

The icon may be the same, but VLC has been souped behind the scenes.

Zevenet 5.0 The team behind this load balancer and application delivery system, which is based on Debian, has announced a new version with an improved web GUI frontend, named Angular. It also features new API JSON+REST capabilities, a new Local Service Load Balancer (LSLB) module that handles both L4xNAT and HTTP/S profiles, along with two different maintenance modes for those profiles. There’s also improvements to troubleshooting and support. For more information visit www.zevenet.com/support/ resources/timeline.

Zevenet 5.0, based on Debian 9 Stretch, comes with many features.

Kali Linux 2018.1 The Debian-based distro that features a good selection of security and forensic tools now has an updated kernel, 4.14. This brings a range of new features, such as AMD Secure Memory Encryption support and increased memory limits, both of which will benefit this distro. As well as an updated kernel, Kali Linux 2018.1 also features a number of updated packages, including zaproxy, secure-socket-funneling, pixiewps, seclists, burpsuite, dbeaver and reaver. Head over to www.kali.org/news/kali-linux-2018-1release for more information.

Kali, the distro formally known as BackTrack, is an ideal choice for security-conscious users.

KDE Plasma 5.12 LTS KDE has announce the second long-term support release of its popular Plasma 5 desktop environment. This release focuses on speed and stability, with boot time to desktop being improved, and Wayland integration is included for the first time on long-term support. It uses less processor and memory resources than previous versions, and the look and feel of the interface has also been improved, to make it easier on the eye and also enhanced usability. Find out more at www.kde.org/ announcements/plasma-5.12.0.php.

Plasma 5.12 LTS has some excellent new features and improvements.

www.techradar.com/pro/linux

In late January 1998, Netscape surprised everyone by releasing the source for Communicator, its web browser, making it readily available to all. That marked the birth of a new term in software development: open source. Coined by Christine Peterson, its introduction was meant to “make this field of endeavour more understandable to newcomers and to business”, clearing the confusion that often accompanied the term free software, and “viewed as necessary to its spread to a broader community of users.” Two decades later, open source is the driving force behind today’s rapid technological advancements. It powers leading products across all industries. It will continue to enable all of us to create, tinker and lead our future. Open source thrives because of its collaborative and democratic nature, giving software developers and corporations the opportunity to work together directly on projects of common interests. As someone who’s been a part of this community for only a few years, I’m regularly left in awe at what the open source movement achieves, and can’t help but wonder, what’s next? Happy birthday, open source!

Mark is the marketing manager at Collabora Ltd (www.collabora.com)

April 2018 LXF235    9


Mailserver

Write to us at Linux Format, Future Publishing, Quay House, The Ambury, Bath BA1 1UA or lxf.letters@futurenet.com.

Too hot? Regarding HotPicks this month, and the program youtube-DL. Is it possible to find a program to convert YouTube videos into just music (MP3) files? One that comes complete with a GUI? I’ve never asked before in case it’s illegal, and I like to stay on the right side of the law. Ian Learmonth, via email Jonni says: There is a utility called youtube-dlg, available on GitHub, which is precisely a GUI for youtube-dl. You can find it at https://mrs0m30n3.github.io/ youtube-dl-gui. Legality varies from place to place and we’re not lawyers, so you’re best off ignoring everything we say. The site youtube-mp3.org – which did MP3 conversion online – was recently shut down. We’re pretty sure that if you like a

piece of music that’s sold commercially then you should pay for it by one of the many available channels for doing so. You’ll likely find it in a superior format (MP3 is old) and higher quality too. If you can’t, then buy the CD and rip it. Here in the UK this has ping-ponged from illegal to legal back to illegal, but we can barely pay for our own police force these days. There are many issues here. If you just wanted a small clip to use in some other project, then that would almost certainly come under fair use, as far as the artist is concerned. However, using YouTube, not via a web browser or their API, is a breach of their conditions, which you have implicitly agreed to by visiting their site, don’t you know? And if you didn’t, you do now.

CCTV school Thank you for producing a very readable Linux magazine. Your longevity speaks volumes about your ability to speak to your target market. I’ve been struggling to get a competent security system NVR (Network Video Recorder) up and running. I would like to use a dual NIC machine that connects to the LAN on one NIC and to a switch that connects the cameras and devices on the other NIC. The cameras and devices are on a separate subnet. The LAN should be able to access the NVR software to view the recordings and to take clips off of it. I’m surprised how difficult this seems to be. Either I’ve missed something rather

shane_collinge@yahoo.com

Nothing to see here, move along please. It’s just The Police!

Forty cameras is a lot for a system to manage, nevermind thousands…

10    LXF235 April 2018

www.linuxformat.com

fundamental or this is a black art. The research I have done so far shows the cameras and NVR all residing on the LAN and I don’t want to do that. Imagine a system with a thousand or so cameras and the LAN will quickly become overloaded. I read an article from your magazine archives that walked through using Zoneminder, but it was a rather simple setup with everything on the same subnet. Would you folks be willing to take that article to the next level and walk through the dual NIC NVR solution? Fred Legace, Canada. Neil says: Certainly, if you were looking at a system with more than 254 cameras than a subnet would be essential. IPv6 might offer a solution, if the cameras


Mailserver

supports it, but managing all those cameras would also be very troublesome! I’d have imagined if we commissioned anything CCTV related we wouldn’t be thinking more than 20 cameras. Anything more would be an industrial solution, but I’m now intrigued!

MacBook woe First and foremost, I’d like to congratulate you on your efforts on keeping the Linux community well informed with your comprehensive magazine. I’ve been an avid reader and subscriber for a number of years now and always look forward to each issue. I have an old but reliable Mac Pro 1.1 (2006) that has been updated to support “unofficially” later versions of Mac OS X. I’ve been reliably informed that it has 2x 64-bit CPUs and Apple made a decision to give the machine a 32-bit EFI. This hardware configuration makes it difficult to boot 64-bit OSes. My question is, how am I able to install or even run the DVD’s that you publish each month? I’m usually presented with a black screen and a message ‘Select CD-ROM boot type’. Despite any keys I press I never manage to get past this screen. I’ve been successful in booting and installing 32-bit flavours of Linux (burned myself) and was pleased to stumble across ubuntu14.04.3-desktopamd64+mac.iso, which once burned to disc booted without issues. Is there any modifications that can be made to newer

64-bit Linux distro’s to enable them to boot on older 64-bit Mac’s with 32-bit EFI? Your magazine often refers to resurrecting older machines any booting distros, but Mac users seem to have fallen by the wayside as of late… Dale Gratton, Nottinghamshire. Jonni says: Our discs use the ambidextrous, hybrid GRUB EFI image that complies with all the standards. Apple’s 32-bit UEFI is what’s to blame here, and as you’ve already noticed, it’s only happy to boot 32-bit images and dislikes intensely our disc. It doesn’t like multi-catalogue images (which is what we and most distros use to boot on UEFI and BIOS platforms). There’s not really anything we can do about it from our end, unfortunately. But it is possible to respin distro ISOs to work with this. By making a homogenous, 64-bit EFI image on the ISO, Apple’s buggy UEFI implementation can be placated. You can read more about it here: https://mattgadient. com/2016/07/11/ linux-dvd-

Apple hardware seems to be terribly expensive!

images-and-how-tofor-32-bit-efi-macslate-2006-models/ You can also download some respun images, but (like the instructions there point out) you shouldn’t trust arbitrary ISOs from some random person’s website. It would be a better idea to get your head around what isomacprog does, compile it, and respin the images yourself. There are other, somewhat pointed, instructions here: http://selfemployedgeek. com/2017/07/17/how-toinstall-64-bit-linux-on-a-late2006-mac-with-32-bit-efi/ The article suggests that using a 32-bit Debian install to get the EFI partition set up on the Mac’s hard drive is necessary.

Terrible ; worserer In the text in the middle column of the Installing ADB box, the highlighted text showing the additional script for Bash profile, I suspect that there should be a space after the semi-colon that precedes “then”. I added this text as written and ran into a boot error and the error message pointed to the script I had added. When I compared the Bash profile that already existed, there was a space there. I hadn’t helped by using a full colon not a semi, and I’d put the whole script on one line as opposed to breaking after “then”, but once those corrections were made, It rebooted okay and the sample phone I was using was detected, eventually. So I learned how to get into terminal at boot-up

If we’re creating our own programming language, which letter can we use…?

(Ctrl-Alt-F1) and how to read instructions properly! Roger, via email, Location Neil says: I think the moral of the story is we all make mistakes, perhaps some of us more than others… thank goodness we haven’t tried creating our own programming language. What a disaster that would be!

Oh boy! I loved the Purple encryption feature in LXF230. I thought of making a DSL for encryption. Can you please publish a making a programming language feature? Recently, while reading the Linux Format archive, I discovered that you once wrote a tutorial about making programming languages. Please, can you publish an article about this again please? Dillon (The BIG penguin), via email Neil says: We have problems making our own beds, but I’ll pop it on the list as it sounds interesting and we love interesting, though I’m sure someone might have thought this would end badly.

Write to us Do you have a burning Linuxrelated issue you want to discuss? What have we done wrong now!? Want to suggest sections to resurrect from the dead or just suggest new projects? Write   to us at Linux Format, Future Publishing, Quay House, The Ambury, Bath, BA1 1UA or   lxf.letters@futurenet.com.

www.techradar.com/pro/linux

April 2018 LXF235    11


Mailserver Bad clients Reading the article by Bobby Moss I finished up wondering why no mention of the KDE app Kmail? Thunderbird was mentioned (but nothing about the earlier problems of trying to use the Maildir format rather than the clumsy Mailbox format), as was Evolution (which I have tried but gave up on). Even Mutt got a mention, but of Kmail not a word. How about an article on the powerful Kmail (for which I have no axe to grind except as a user)? Maurice Batey, via email Neil says: I think Bobby, rightly so, wanted to concentrate on just Thunderbird so he could go as deep as possible (with our limited space) into the subject. I’m sure you could easily write an entire book on using just one client. Another reader pointed out that

Mint and Ubuntu are both excellent choices for those just wanting to try Linux.

we also said Thunderbird with the Lightning calendar was only 32-bit, which isn’t the case. Oops!

Doesn’t work Can anyone tell me a distro which actually works? I’ve been

Thunderbird remains a top-flight email client, but it’s not the only option… just take a look at Kmail!

trying Linux for five years without confidence, and always go back to Windows, which has stability and performance. Apart from Windows 8, of course. Just trying Debian 9.01 which the mag describes as ‘rock solid'? The X command line app doesn’t even load. I appreciate Linux is the core of Android and many other things, and when cut down and hardened works well. But if it were not for Libre Office I don’t think there would be any point in a domestic Linux. So please tell me a version which is ‘rock solid’ actually works without requiring a Britannica of expert code? Actually, I’m trying Linux Mint 18.2, so there may be hope! Of course, it is not 100 per cent – perhaps I’m expecting too much. Alan Cooper, via that magic internet

Neil says: It’s hard to give any helpful feedback with so little to go on. Saying “it doesn’t work” to a car mechanic isn’t going to help them fix a problem with your car. What PC spec are you running? What are the specific problems that you’re experiencing? What do you see, what happens, what are the error messages? We’re going to need more information! That aside, lots of Linux distros aren’t created with beginners in mind and Debian is one of them. For a beginner then yes, I’d recommend Mint and Ubuntu. If you have an optical drive you can try booting our discs and just give many distros a try. Linux distros aren’t made with the same aims as Windows, but then I’ve had more problems using Windows over my many years than I have with Ubuntu, which on the whole just works. LXF

Letter of the month

I

Passing through

’m a (relatively) new subscriber to your wonderful magazine and have been loving the back issues and the monthly goodness coming through my letterbox. However, I was dismayed that I couldn’t find anything about VFIO GPU passthrough in any of the back issues? Is it really that niche? It might be controversial to say, but I would really appreciate some coverage of running a Windows virtual machine for those pesky games that don’t run natively

12    LXF235 April 2018

on Linux. My desktop is now an Ubuntu server and I can hear it crying out for a monitor and keyboard once again. Dualbooting isn’t an option, sadly. Scott Stevenson, via email. Jonni says: Sadly?! GPU passthrough is a little niche, but that didn’t stop me covering it in my Virtualisation feature in LXF227. It was just a couple of pages, and I could only really talk about my own set up (Radeon 290X for the Windows guest and GTX680 on the host running Arch Linux). It’s a bit of a hardware

www.linuxformat.com

You can do some wild and crazy things with virtualisation these days.

lottery: lots of the popular Intel chips and motherboards don’t support IO-APIC, and you may need a new video BIOS image. But   I was happy to get it working.


SPECIALS & GUIDES

myfavouritemagazines has over 100 one-off guides and specials which celebrate your favourite subjects. There’s something for everyone treat yourself or give gift.

DELIVERY INCLUDED

https://www.myfavouritemagazines.co.uk/guides

Or call now – UK: 0344 848 2852 Overseas: +44 344 848 2852 MyFavouriteMagazines is the official magazine subscription store of Future. You can save up to 74% on a huge range of popular magazine titles. Every magazine subscription will be delivered direct to your door, and includes free UK delivery; guaranteeing you don’t miss a copy of your favourite magazine.

Linux Format 235 (Sampler)  

You can subscribe to this magazine @ www.myfavouritemagazines.co.uk

Linux Format 235 (Sampler)  

You can subscribe to this magazine @ www.myfavouritemagazines.co.uk