Page 1

Automate games for more fun building and surviving

S VD 4O FREE D & q B .1 .7G 7

Write and sync your open source notes

4 eia ag m

take note! minecraft

PLUS!

3 Pi projects

LED control oled displays Raspbian Buster

The #1 open source mag

don’t pay THE…

at hackers e B n le o st g n ei b a at Stop your d r systems u yo re cu e S s rd o sw Protect pas

pages of tutorials & features

65 DataStax’s

Robin Schumacher Build an enterprise business from open source technology low-level code hashicorp vault Kernel assembly coding made easy

Add high-end encryption to all of your projects

Suckless – the Linux tools designed to run faster Connect Android devices to your Linux desktop Get a more powerful open source database


Welcome Win a secure Nitrokey Storage 2

who we are This issue we’re wondering where people could migrate to from Ubuntu when 32-bit library support gets frozen. Where would you suggest people go? Jonni Bidwell Debian hasn’t said anything about dropping i386 yet – and if Debian supports it, then so will at least some of it’s progeny like Sparky, AntiX and Slax. Old hardware already struggles with the modern web, so in a couple of years all it’ll be good for is terminal apps.

Les Pounder I’ve been using Ubuntu since Dapper Drake (6.06) and it has served me well. But just recently I have tried out the latest Manjaro release on an old Thinkpad – and wow! Admittedly it takes a little getting used to, but it is slick and easy to use.

Mayank Sharma Ubuntu dropping 32-bit support will have a knock-on effect and other distros will soon follow. I have quite a few 32-bit machines doing one thing or the other. I’ll seriously consider moving them to another open source OS, probably Haiku; Shashank tells me it’s the best.

Shashank Sharma While I will always recommend users to try their hands at Arch, it too ended official 32-bit support, although a community driven edition is available. But if you must have 32-bit, Mint is a viable alternate, and it’s not too different from Ubuntu.

Alexandar Tolstoy I still enjoy our domestic Mandriva-based distribution known as Rosa. It still offers fullyfledged i586 ISO images with the latest OSS software and also things like 32-bit UEFI support. Have no fear of KGB and give it a try!

Send your thoughts to the Linux Format dungeon server at linuxformat@futurenet.com and secure your chance to win a 32GB Nitrokey! It’s the complete open hardwareencrypted storage solution! Learn more at www.nitrokey.com.

Escape Ubuntu? Is Ubuntu about to stop being my daily desktop driver? Probably not today, probably not tomorrow – but next year, the year after that, perhaps? Since 2004 Ubuntu has been making Linux users’ lives easier offering access to all the software their heart’s desire, but what happens when access to that software stops? My bet is people go elsewhere. I don’t play games much, but I do game and I want access to my 15-year old Steam (for better or for worse) and GoG accounts. Canonical has clearly said 32-bit library support is basically on life support, so it feels like the time to up sticks and find a new home is approaching. That’s not to say Ubuntu is bad – it is without doubt superb for what it’s designed for, and that’s now for server, cloud and enterprise users. As always with open source there’s a host of Linux-based distros out there that offer welcoming homes with a desktop-first approach. You just need to pick one. Why not try Mageia on the DVD as a first step? It’s pretty accomplished. It’s going to be interesting to see where desktop users migrate to beyond the release of Ubuntu 20.04 LTS and that freezing of 32-bit library support, with the knock on effects for Mint (it has stated 32-bit lib support will follow Ubuntu’s lead) and other popular Ubuntu-based distros will likely follow. Make sure you let us know what you think. Manjaro, Pop!_OS and more are tempting… (Jonni uses Arch, by the way.) Putting the distro drama to one side, this issue we’re looking at how you can protect and fight off ransomware attacks. It’s the usual combination of sensible precautions, good password discipline and backing up – you can’t hold my data hostage if I have a backup copy. On a more mundane level we’re taking the time to Roundup the best text editors. It’s an essential activity and it’ll be fun to look at the alternatives out there, along with notes apps, improving Android and loads more tutorials, so enjoy!

Neil Mohr Editor neil.mohr@futurenet.com

Subscribe & save! On digital and print – see p26

www.techradar.com/pro/linux

September 2019 LXF254     3


Contents

NEW GIFT Subscribe now! Page 26

Reviews

AMD Ryzen 3000 

18

Has Intel finally lost its processor crown? Can AMD smash the competition with its new Zen 2 architecture? Can you actually afford any of this new whizzy kit?

Panda Latte 

don’t pay THE…

20

Is it a full PC, a Raspberry Pi competitor, an Arduino board or some freakish mishmash of all thee? Mike Bedford put this unusual product through its paces.

Whonix 15 

22

If routing all traffic through Tor doesn’t satisfy your need for privacy, Mayank Sharma tests a resource-intensive solution with a novel approach.

Sparky Linux 2019.08 

23

Sparks often fly when Jonni Bidwell puts his review hat on and uses something that isn’t (gulp) Arch – but he’s deigned to do us the honour here.

Dirt 4 

Jonni Bidwell knows how not to do a lot of things, including how not to pay ransoms and how not to be fooled by social engineering scams… page 34

25

Management is petrified, hiding in their executive panic room from the mud monster entering the building, but it’s just Andy Kelly after a season of rallying.

roundup

Text editors  Which are the best text editors for programmers, writers and general use? Mike Bedford dares to find out!

4     LXF254 September 2019

Interview

28

Robin Schumacher 

42

Mayank Shama meets the VP of Products at DataStax to talk about building success with open source software.

www.linuxformat.com


Newsdesk

This ISSUE: New Blender gets minted Valve sorts out gaming Linux VR Kazakhstan gets worried Farewell to the floppy Popular software

Blender 2.80 arrives with a sponsored fanfare One of the most highly anticipated releases brings an overhauled interface and serious industry money. lender (www.blender.org) is arguably the most popular open-source 3D creation suite in the world, powering animated films, 3D applications and video games, and it’s just had a major update that brings some exciting new features. Perhaps the biggest change with Blender 2.80 is the new user interface, which focuses on making the software more accessible and easier to use. It now has a new dark theme and updated icons, which change depending on whether you’re using the light or dark theme, ensuring they are clear and easy to read. It’s now easier to interact with Blender, with support added for single-button trackpads and stylus inputs, while a new right-click context menu gives users quick access to useful commands depending on what they are doing. Templates and workspaces have also been added, which aim to make getting stuck into your creative work easier and faster. There are several templates that you can load as a new file, including ones for 3D modelling, shading, animation, rendering, 2D drawing and a lot more. Meanwhile, workspaces offer different screen layouts depending on what task you’re performing – and these are loaded up with templates. They can be configured to suit people’s preferences and workflows. These are nice additions that should make using Blender easier, and the accessibility options are particularly welcome – and so far it seems like the community has been very positive about this latest release. There have also been some big changes to the Workbench render

B

6     LXF254 September 2019

engine, while the 3D Viewport has been rewritten to be optimised for modern graphics cards – and includes a new LookDev shading mode for more realistic lighting. There’s also a new physics-based, real-time renderer called Eevee, which replaces the internal renderer. You can find out more about Eevee at http://bit.ly/ LXF254Eevee. There’s been more good news for Blender, as Epic Games – the developer behind some of the most popular video games in the world – has recently awarded the Blender Foundation $1.2 million as part of the company’s MegaGrants programme. The idea behind the programme is

Blender 2.80 has been released, bringing more features to the popular open source software.

“There’s a new real-time renderer called Eevee.” to assist game developers, students and creators – more at: http://bit.ly/LXF254MegaGrant. The money, which will be paid incrementally over the next three years, is in recognition of Blender’s important role for game developers, with Tim Sweeney, founder and CEO of Epic Games, saying that “Blender is an enduring resource within the artistic community, and we aim to ensure its advancement to the benefit of all creators.” It’s also been announced that Ubisoft is joining the Blender Foundation’s Development Fund as a corporate Gold member, helping to fund online support for Blender developers.

Epic Games is one of the biggest names in gaming – and it’s investing $1.2 million into Blender.

www.linuxformat.com


Answers

Answers

Got a burning question about open source or the kernel? Whatever your level, email it to lxf.answers@futurenet.com

in Orbit Q Lost I run Slackware 14.2. My very old and favourite Logitech trackball died of old age, and I’ve replaced it with a Kensington Orbit trackball: two buttons (left 1, right 3), a ball to move the cursor and a ring as a horizontal scroll wheel. I cannot paste highlighted text as the two buttons simultaneously do not function as button 2. I’ve checked the buttons using xev and xinput, and need an appropriate section for /usr/share/X11/xorg. conf.d/10-evdev.conf. Brody Jones

A

I too had a Logitech trackball. Mine too died after a few years. I also replaced mine with a Kensington Orbit trackball, so I have some idea of what you are going through. As you indicate, it is normal to press both buttons at once to simulate a middle button press on a twobutton device, but this is not working by default for you. You do indeed need to add to XOrg’s configuration files, but you should not touch the files in /usr/share/ X11. Why? Because these files are maintained by your package manager and would be overwritten by new versions when updating the package that provides

them. As well as checking /usr/share/ X11/xorg.conf.d, X also checks for files in /etc/X11/xorg.conf.d and settings in the latter directory take precedence. These files are not affected by your package manager, so this is the place to put your own customisations. This is what I have in my own /etc/X11/xorg. conf.d/10-trackball.conf: # Settings for a Kensington Orbit trackball Section “InputClass” Identifier “evdev pointer catchall” MatchIsPointer “on” MatchDevicePath “/dev/input/event*” Driver “evdev” Option “ButtonMapping” “3 2 1 4 5 6 7 2 9” Option “Emulate3Buttons” “True” Option “EmulateWheel” “True” Option “EmulateWheelButton” “9” EndSection The ButtonMapping alters the order

of the buttons; in this case buttons 1 and 3 are swapped around. These are the left and right buttons and I am left-handed (me too!–Ed). Funnily enough, I never bothered to swap the buttons with a mouse, but on a trackball it became almost essential. The next two settings ensure the middle button emulation and wheel scrolling work

Most system files are owned by the root user, as seen here in /etc, so you need root permissions to modify them.

12     LXF254 September 2019

Neil Bothwick wonders if Tux dreams of electric fish?

correctly, while the final option identifies which of the trackball inputs to use for the wheel. There are other options you can use to customise the operation of the trackball, or any other input device – for example, altering the sensitivity. See the xorg.conf man page for a full list.

denied Q Access I am trying to access a file located at /etc/mpd.conf with Text Editor but am being denied as I don’t have the right permission. What gives? I am using Linux Mint 19.1. A. K. Stirling

A

Linux operates a system of file ownerships and permissions. Each file or directory has an owner, and the default setting is for everyone to be able to read the file, but only the owner is able to modify it. You will have created a user when you installed Mint, or any other desktop Linux distro. That is the user you log in as, and the user that is able to modify files in your home directory. However, /etc is a system directory, along with other directories such as /, /usr and /var. There is a special user, called root, that owns the system directories and files. You could log in as the root user to edit a system file like this. Most desktops block root logins, as there is rarely, if ever, a need to load a whole desktop as root, and you could do a lot of damage with a careless click of the mouse. However, you can log in as root from a terminal, using the su (switch user) command. This requires the root password and some distros, including Linux Mint, disable the root account by not setting a password for it. Don’t worry though, all is not lost. There is a command called sudo that is able to run an individual program as another user, most often root, and this requires only the user password. That may seem a little insecure, allowing you to run commands as root without the root login credentials, but sudo can be set to allow only certain users to run root commands, and even limit the commands a user can run. Linux

www.linuxformat.com


Mailserver

Mailserver

Write to us at Linux Format, Future Publishing, Quay House, The Ambury, Bath BA1 1UA or lxf.letters@futurenet.com.

Not compatible? You have just about covered installing Linux on a Chromebook laptop, but what about those of us who want a desktop with a bit more power and capability? Suppliers of components (motherboards, CPUs and so on) all profess a total ignorance of Linux, and offer no help or advice regarding component suitability. From somewhere I seem to remember there was a compatibility site – does such a thing continue to exist, and is it up to date? Maybe you could run a hardware list of the components you use. Because all the wonderful software is useless if there is no hardware on which it can be run. Peter Brearey

Neil says I’m just going to come out and say it (until someone tells me to stop): 90 per cent of core components are

Linux-compatible. There’s certainly a large range of peripherals – usually USB-based, certainly Wi-Fi dongles – that you do need to check will work, but that’s a more complicated area. When we’re talking motherboards, processors, memory, drives, displays, these are core PC components that are designed to work around the core interface protocols that make a PC modular and the parts interchangeable. As Linux recognises those protocols – as they are open standards – the Linux kernel will work. There’s way more to this and it sounds like it could be part of a feature… That’s not to say you might not run into the odd issue, but then you can say the same to Windows users. Having said that, with motherboards I can imagine there being issues with individual parts such as Ethernet, Bluetooth or audio components. But if you stick to well-known makes that use Intel or Broadcom

Win A secure Nitrokey Storage 2

The Nitrokey is your one-stop security solution.

Will this motherboard work with Linux? Who knows? The manufacturer sure won’t tell you.

shane_collinge@yahoo.com

Helpdex

Send your thoughts to the Linux Format dungeon server at linuxformat@futurenet.com, be picked as Letter Of The Month and win* a 32GB Nitrokey Storage 2! The Nitrokey is worth a cool €149, has 32GB of hardware-encrypted storage, supports hidden volumes, secures your online accounts with onetime passwords, can encrypt emails, files and hard drives and is an open source, open hardware solution. Protected with AES-256 and RSA keys up to 4,096! Learn more at www.nitrokey.com.

* For full terms and conditions see: www.futureplc.com/terms-conditions 16     LXF254 September 2019

www.linuxformat.com


Reviews Single board computer

LattePanda

Is it a PC, a Raspberry Pi competitor or an Arduino board? Mike Bedford put this unusual product through its paces in order to find out. SPECS

OS: Ubuntu 16.04 LTS or Windows 10 CPU: Intel Cherry Trail Z8350, 1.8GHz, quad-core, 2MB cache, 64-bit, VT-x, AES GPU: Intel HD Graphics Mem: 2GB, 1,600MHz DDR3L SSD: 32GB (plus microSD slot) Display: HDMI (max 1080p), DSI USB: 2x 2.0, 1x 3.0 Comms: 100Mbps Ethernet, Wi-Fi 802.11n 2.4GHz, Bluetooth 4.0 Arduino: ATmega32U4 GPIO: 20 Arduino, 6 gravity sensors, 6 Intel CPU Size: 88 x 58mm, 55g

ince there are several similar products to the LattePanda, we need to spell out exactly what we are reviewing here. It’s described as the LattePanda 2GB/32GB – that is, 2GB of RAM and 32GB of onboard flash storage. When we also point out that you’ll often also see the phrase “Windows 10 Mini PC” tagged to the end of the name, you might think it’s a strange product to review in Linux Format, but things aren’t that simple. Certainly, the LattePanda launched as a Windows 10-only product – unusual in the world of SBCs where Linux dominates – but Linux is now officially supported too. At this point we need to clarify things further by referring to the fact that even the 2GB/32GB board is available as two variants. Both versions have Windows 10 pre-installed in the boards’ flash storage, but in one you get a Windows activation key and in the other you don’t. Needless to say, since there’s a price difference of almost £29 and you’re not going to be using Windows – indeed, you’ll be overwriting it – you should choose the nonactivated version which has our quoted price. You might also like to take a look at the designer’s website, www.lattepanda.com.

S

Lattes all round? The LattePanda has a similar form factor to the Raspberry Pi, measuring the same lengthways and being just 12mm wider than the RPi 4. It has two full-sized USB 2.0 and one USB 3.0 ports, a full-sized HDMI socket, an Ethernet socket and a micro-USB socket for power.

There’s a serial display connector for attaching a touchscreen LCD panel, but not a camera connector – although you could use a USB camera. It also supports Wi-Fi and Bluetooth 4.0. The GPIO connectors look markedly different from that of the RPi, though. The main difference between the LattePanda and Raspberry Pi – and also the RPi’s various competitors for that matter – is in its CPU. While nearly all SBCs are equipped with an Arm device of some sort, the LattePanda has a 64-bit Intel Cherry Trail Z8350, with four cores clocked at 1.8GHz, plus Intel HD graphics. A variant with 4GB is also available, so we’re in the same region as the RPi 4. Oh, and while the LattePanda does have a microSD card slot, we shouldn’t forget its 32GB of onboard storage, so it saves you £5-£10 compared to what you’d have to pay with most SBCs.

Real-world interfacing If you want to use the LattePanda as the heart of a PC, or for similar software applications as a Raspberry Pi, then what we’ve seen so far is all you’ll need to know. However, if you’re interested in interfacing via the GPIO for experimentation or embedded applications, there are some caveats. The most unusual aspect of the LattePanda is that it doesn’t have a Raspberry Pi-compatible GPIO but, instead, its interface to the outside world is Arduino-compatible (see box, opposite page). LattePanda is very unusual in offering Arduino compatibility on a board that runs Linux with an HDMI output. It does this by having an onboard ATmega32U4

It comes with Windows 10 preinstalled, but don’t let that put you off!

20     LXF254 September 2019

www.linuxformat.com


subscribe Save money today!

Subscribe

Sign up today and get your

White Eclipse 3-Way USB Charger Charge multiple devices at maximum speed with the Eclipse 3-Way USB Charger. This easy-on-the-eye charger is a three-port USB charging hub that keeps 6m of cables neatly wrapped inside when not in use, while  providing neat pop-up access with a press of its top.

YOUR GIFT! Worth £69.99

Don’t miss out,   subscribe now!

Product Features Three devices at once No more messy cables Holds 6m of cable Smart-IC Technology High-speed charging

SUBSCRIBE NOW! www.myfavouritemagazines.co.uk/lin/eclipse19/

Call: 0344 848 2852 26     LXF254 September 2019

www.linuxformat.com


Overseas subs on p67

PLUS: Exclusive access to the Linux Format subs area! 1

! don’t miss ars Now with 5 ye & of Linux User er op el ev D issues

CHOOSE YOUR PACKAGE! Quarterly print

Only

£16.25 Quarterly print   by Direct Debit

Annual print and digital

PLUS!

PLUS!

Every issue comes with a 4GB DVD packed full of the hottest distros. Plus your Eclipse 3-Way USB Charger

Get both the   print and digital  editions with a 4GB DVD. Plus your Eclipse 3-Way USB Charger

SAVE!

22% That’s just £5 per issue!

Only

£72

Annual print and digital   by Direct Debit

SAVE!

58%

That’s just £5.54 per issue!

Terms and conditions: This offer is only available for new UK subscribers. Gift is subject to availability. Product pricing stated is RRP at original print date. Please allow up to 60 days for the delivery of your gift. In the event of stocks being exhausted we reserve the right to replace with items of similar value. Prices and savings quoted are compared to buying full-priced print issues. You will receive 13 issues in a year. You can write to us or call us to cancel your subscription within 14 days of purchase. Payment is non-refundable after the 14-day cancellation period unless exceptional circumstances apply. UK calls will cost the same as other standard fixed line numbers (starting 01 or 02) or are included as part of any inclusive or free minutes allowances, if offered by your phone tariff. For full terms and conditions please visit   www.bit.ly/magterms. Offer ends 30 September 2019.

www.techradar.com/pro/linux

September 2019 LXF254     27

1) Only available to MyFavouriteMagazines.co.uk subscribers.

1,000s of DRM-free  PDF back issues and articles! Get instant access back to issue 66 (May 2005) with tutorials, interviews, features and reviews.  At linuxformat.com


roundup Texttons editorsof stuff so you don’t have to! We compare

Roundup Atom Brackets Emacs FocusWriter nano

Mike Bedford loves writing but more than that he loves a text editor that integrates a coffee maker

Text editors Which are the best text editors for programmers, writers and just good old general use? Mike Bedford investigates…

how we tested… Largely because our group is so wide-ranging, we started out by providing an overview of all the packages on offer – see Overview on page 30 for this. You might like to read that first before getting bogged down in the details. In terms of specifics, there were several topics we needed to consider but, in some cases, they didn’t apply to all the products. So we certainly needed to consider which programming languages are supported (all but one of these programs have such support). Areas that apply universally are file format compatibility, support of multiple views, ease of use and expandability, all of which we consider. To make sure we didn’t miss anything, in the Advanced Features sections we’ll pass comment on any stuff that we didn’t cover elsewhere.

28     LXF254 September 2019

any computer users probably consider the text editor as a left-over of a bygone age that has been superseded by the word processor. However, as more technically minded users will know, a word processor isn’t just a bigger and better text editor; the latter is quite different and it continues to have a role today. Most importantly, it generates a file containing plain ASCII text. Now of course a word processor can export as plain text, but even so, unless you pay careful attention it will often attempt to format your text automatically and correct spelling mistakes – which might not be mistakes at all.

M

Here we’re taking a look at five text editors that cover a broad spectrum of uses. Perhaps the most common use is for programmers to enter and edit source code before compiling it – for those who don’t use an IDE (Integrated Development Environment) that bundles editing and compilation together. Next are those who don’t develop their own code, but have the occasional need to edit configuration files and the like. Then there are those people – commonly writers or authors – who welcome a distraction-free editing environment and who therefore spurn word processors.

www.linuxformat.com


Text editors roundup

Display options How the information is presented on-screen in each app. aving lots of windows or panes on screen at once can offer big gains in productivity, but it can also be confusing to go too far, so configurability is important. Here we look at the options provided by each package for editing several files at the same time. Nano and FocusWriter are easily dealt with, because they each enable you to view just the one file at once. With each of the others, though, you can go much further. Although you can use Atom to work with files individually, it also uses the concept of a project which comprises all the files associated with a particular job. If you’re working on a project, Atom shows a tree view to help you navigate it. When you open a file for editing, it appears in an editing pane which you can split horizontally or vertically, and split those items again, if you want. Furthermore, each pane item can contain multiple tabs. In many ways, Brackets is similar to Atom in adopting the concept of projects, providing a view of the files in the project, and allowing the editing window to be split horizontally or vertically. Unlike Atom, a split editing window cannot be split again. The editing window, or its parts, can’t have tabs, but much the same is achieved using the ‘working files’ list, which lets you choose between several files that are open for editing. Basically Emacs can do pretty much all Atom and Brackets can do in the way of presenting information, although its terminology is different – something in which we won’t get bogged down here. It has to be said, though, that in common with most things related

H

Like most of its main competitors, Brackets enables you to see and edit two files on screen at once.

to Emacs, navigating your way around these features takes some getting used to. Finally, while it might seem to be an unnecessary complication, Atom, Brackets and Emacs support themes that affect their appearance. Seasoned users of these packages report that choosing a theme for a particular programming language – and hence the colours used in syntax highlighting – can help make your code much easier to read and understand. Alternatively, different themes can be used, for example, to eliminate problems that could be caused by colour blindness.

VERDICT Atom 9/10 FocusWriter Brackets 8/10 Nano Emacs 8/10 Only FocusWriter and nano stick to single-file editing.

2/10 2/10

File types Moving beyond just plain text files. he plain text file format, containing just ASCII characters, is the most obvious format for a text editor to use, and all our editors support this type of file. In the case of those editors that only support text files, however, you’re not limited to giving them a TXT extension. This means, for example, that if you’re creating an HTML file, you could save it with the proper HTML file extension. Giving a text file an extension to indicate a programming language isn’t just for your own information. If a text editor recognises an extension such as PHP or JAVA as that of a particular programming language, as all but FocusWriter can, they enable their specific support for that language. This is discussed later under the Language Support section. While the phrase ‘text editor’ might suggest that such a package will only ever be able to read and write plain ASCII data – whatever the file extension – FocusWriter goes one step further, and in this respect it resembles more of a word processor. In reality, you’re not going to be able to create fully formatted text in FocusWriter as you might in Microsoft Word or LibreOffice, but this functionality does enable you to export your work to a word processor or import text from one. In the latter case, however, sophisticated formatting that is not supported by

T

www.techradar.com/pro/linux

Because of its different target audience, FocusWriter supports RTF, DOCX and ODT files as well as just plain text.

FocusWriter will be lost. These additional file formats include Rich Text Format (RTF), OpenOffice XML (DOCS) and Open Document format (ODT).

VERDICT Atom 6/10 FocusWriter 8/10 Brackets 6/10 Nano 6/10 Emacs 6/10 With the single exception of FocusWriter, all these editors support plain text files only.

September 2019 LXF254     29


Defeat ransomware

Beware of the

Ransomware Jonni Bidwell knows how not to do a lot of things, including how not to pay ransoms and how not to  be fooled by social engineering scams…

e’re still patiently waiting for the year of the Linux desktop, but one sign that Linux has become mainstream is that it is now actively targeted by malware pushers. Perhaps not to the same extent as Windows, and perhaps those miscreants are more interested in hijacking servers than desktops, but peddling the old “Linux doesn’t get viruses” line does not make for credible journalism. (don’t use the J word!–Ed) Linux servers are compromised all the time. It’s a little too easy for your run-ofthe-mill script kiddie to find their favourite exploit in Metasploit, find some vulnerable

W

34     LXF254 September 2018

servers via shodan.io and create havoc. Attacking desktop Linux is a little more delicate, but that’s not to say it doesn’t happen. Rogue websites may serve driveby downloads, bona fide websites may get hacked or a long-standing bug in the kernel may be discovered. All of which might spell the end for your data. A much greater threat, however, is social engineering. This is pretty much operating system agnostic – it relies on weaknesses in human nature rather than in software – so there’ll be a few tips that will help you even if you use some other heathen OS. A well-crafted email can trick a weary mark into opening the wrong kind of file, disclosing their password (or other

personal information) or even wiring money to a stranger. Some of these scams are easy to spot, but others are not. Over the last five years, cybercriminals (we promise not to use this prefix too much) have cottoned on to the fact that people care about their files, so a popular MO is to encrypt them and hold them to ransom. Victims are ‘invited’ to pay, usually by cryptocurrency, for a decryption key, but often this is never provided. Sometimes ransomware is ill thought-out, and boffins can reverseengineer whatever encryption was used and provide free decryption tools. But you shouldn’t count on this. Instead heed our guide – be strong, be vigilant and behave.

www.linuxformat.com


Defeat ransomware

Ransom and deceit

The scammers have figured out that your data is more valuable to you than it is to others. Don’t let them exploit this fact. hile we did a cover feature on malware not all that long ago (LXF251), our state of the art analytical engine (that’s me – Ed) tells us that you want to hear more detail about one particular type of malware – ransomware – and one particular means of delivery, social engineering. Holding things to ransom is an ancient idea, and one that has been shown to work very well. Kings, nobles and precious works of art have been ransomed since antiquity. Likewise using smooth talking to hoodwink people into doing things they probably shouldn’t – grifting, if you will. But in the digital age these practices take on a whole new, sinister dimension. On the face of it having files held to ransom is in an entirely different league to having a family member kidnapped. But what if people’s lives depended on the integrity of those files? Terrifyingly enough, this has happened on more than one occasion. The Wannacry ransomware outbreak of 2017 infected some 300,000 computers in 150 countries – making it, according to veteran security researcher Mikko Hypponen, “the biggest ransomware outbreak in history”. People showing up to work were greeted by their computers asking for Bitcoin payments equivalent to $300-$600 to decrypt their files. In the UK it brought our (already struggling–not Wales) NHS to its knees. Patients saw operations cancelled, and were advised to only seek medical care in emergencies. Staff, devoid of network and phone access, had to resort to manual methods to deliver vital healthcare services. Commentators were quick to point out that the NHS had, and still has, a number of machines running Windows XP, but these weren’t really the problem –

W

SET, the Social Engineering Toolkit, comes with Kali Linux and is full of tips and tricks (and references to our favourite movie).

www.techradar.com/pro/linux

most of these were embedded installations that can’t be upgraded and weren’t even connected to the network. The problem was the huge number of unpatched Windows 7/8/2000 systems that were vulnerable to a bug in the SMB protocol of which, it turns out, the NSA was aware for some time. It had in fact weaponised said bug for use in its own Tailored Access Operations unit, and named the exploit EternalBlue. Unfortunately that exploit fell into the hands of a hacker collective known as the Shadow Brokers. The NSA alerted Microsoft to the possible theft and a patch was issued in March 2017. In April 2017, EternalBlue – alongside other NSA exploits named EternalChampion and EternalRomance – was leaked by the Shadow Brokers and a month later, when many systems remained unpatched, WannaCry used it to wreak havoc around the world. See the box on page 38 for more on the anatomy of WannaCry. We’d love to say there are magical open source tools that with just a little bit of command-line fu can help you recover from any ransomware attack, but that’s just not the case. And nor will it ever be. There are a couple of things that are guaranteed to help you though, and they’re skills everyone should practise.

The best solution to all of these woes is something you should already be doing: regular backups.

Pay up or the data gets it A number of high-profile organisations have paid ransom fees, and we are likely to see a lot more of this unless our collective security game is upped. Large organisations with lax security practices can (but shouldn’t) be crippled by a careless employee falling for an email scam. This may be an untargeted attack, where the ransomware keymasters’ expected targets are unsuspecting  home users, in which case the asking price is pretty modest. Or it could be some kind of spear phishing campaign, where execs or sysadmins are targeted so their privileges or well-endowed bank accounts can be ransacked. And if you’re going to cripple a large organisation you’ll probably be after more than pocket change. In June of this year, Riviera Beach City Council in Florida agreed  to pay a $600,000 (65 BTC) ransom to hackers after their systems were crippled. They join a growing number of institutions that have chosen to cough up six-figure sums in order to restore critical services. A 2018 report from SentinalOne surveyed some 500 large organisations and found that of those hit by ransomware, 45 per cent of them had paid up, but only 26 per cent of those had their files unlocked. So much for honour among thieves.

September 2019 LXF254     35


Interview Robin Schumacher

Enterprise

soaring success Mayank Shama meets Robin Schumacher of DataStax to talk about building success with open source while nurturing the community.

42     LXF254 September 2019

www.linuxformat.com


Robin Schumacher Interview

ack in the days when virtually all open source software was licensed under the GPL, building a business around it was quite a challenge. MySQL was one of the first projects that attempted to create a true-blue ‘enterprise open source’ product by creating new licensing terms and adding exceptions to work around restrictive licensing. The proliferation of permissive licenses opened the flood gates, both for the use of open source software in the enterprise and for setting up professional support business around these products. Despite the fact that these days virtually all major open source software has a corporate backer that works with the community, mixing the two without burning your fingers is quite a balancing act. We caught up with Robin Schumacher, SVP of Products at DataStax, at the company’s Accelerate conference in Washington, to better understand its relationship with the open source Apache Cassandra community. We wanted to see how it contributes to the open source project, and what it takes to offer commercial solutions based on a freely available piece of software. Robin is a been-there, done-that kind of guy and has worked up and down the corporate food chain. He has been tinkering with all kinds of databases in one form or another for about three decades, first as a database administrator and then making software for DBAs, before heading enterprise product teams at companies such as MySQL AB and EnterpriseDB.

B

Robin pointed out that, for the first time, DataStax has put up some of its new under-development apps on its website, for anyone to try without signing up for the Early Access Program.

began with him having reindeer meat with the company’s co-founder David Axmark in Sweden. Just as Oracle was closing on MySQL AB, he moved into a similar role at a PostgreSQL company called EnterpriseDB. He tells us that his process of turning open source software into enterprise products has evolved over time from MySQL AB to EnterpriseDB to DataStax now. It’s critical for a responsible

how datastax built up its trust “If you go to a government agency or a financial institution, they’re not going to let you in the front door.”

Paid or not paid? Robin came to DataStax as one of its earliest employees in 2011, when his good friend Billy Bosworth was tapped to be CEO. He has overseen the company’s enterprise products almost from the start, and has been responsible for adding the features you’d expect from an enterprise grade database. “When I got here, we had no security,” he says. “There was none. So if you go to a government agency or a financial institution, they’re not going to let you in the front door. And so you need to be laying these big pieces of the puzzle that’s going to make up your data platform for the enterprises.” Robin cut his teeth on rolling opensource software at MySQL AB – a relationship, he fondly tells us, which

www.techradar.com/pro/linux

the ability to have IDs and passwords, and manage the permissions of the various objects. Once they have this list of necessary features that’s customary for any database, those were the things they gave back to the community. “But then we asked, is it normal for a database to have low-level access control? No. That’s typically something government and financial institutions

company to first reinforce the open source software by contributing the necessary features upstream. At DataStax he’s helped to develop a set of guidelines that help the company determine what it gives back to the community, and what features it retains for paying customers. For him, the segregation process begins with the classification of features: “I like to start with the foundation, where you begin by asking the question in terms of the features you are starting to look at: is the functionality usual and customary for the software’s original purpose in the marketplace?” He illustrates this point by saying that it’s imperative for any database to have

need, and so we kept that feature for our paying customers. “So we start with that rule of thumb and begin to work out from there,” Robin continues. “Then you begin asking some of the big overarching questions. We added analytics as you always need to do realtime analytics on your data. You need to look up data, search of course, secure your data; you bet, be able to manage your data via some visual tools and things, make it easy to handle complex rollouts; absolutely. And then you just keep moving down the line.” Connecting the dots all the way to the latest cloud-centric releases at the conference, Robin says that now that the company has put in the big pieces,

September 2019 LXF254     43


in-depth Databases

The future of the database

Twiddling thumbs between sessions at a database conference, Mayank Sharma ponders on the impact of the web on databases… his is the information era, where almost everything is data. The scale at which this data is being collected and used is growing at an exponential rate. The speed at which organisations are ingesting, storing and processing data is hard to fathom; it’s very common these days for even small-scale companies to process terabytes and even petabytes of data. In order for this data to be crunched into meaningful information, it first needs to be housed in a database. Databases have become a part of your daily routine in more ways than you can imagine. These days you don’t even have to be on a computer or use your smartphone to interact with a database. For instance, when you purchase items at the local supermarket, chances are there’s an inventory database that automatically updates itself while you checkout. The same thing happens when you borrow a book from the library, withdraw cash from the

T

46     LXF254 September 2019

ATM or buy a movie ticket – the list is virtually endless. In fact, it’s safe to say that a majority of your daily chores will involve some sort of interaction with a database. In addition to these traditional uses of a database that are fulfilled by what is known as a relational database, the internet has had a great influence on databases in both form and function. The explosion of social media platforms such as Twitter, Facebook, Instagram and the like have ushered in a new generation of databases that are designed to overcome the scalability limitations of the earlier varieties. These hold vast quantities of different kinds of data that just cannot be stored and processed, at least not efficiently, by traditional relational database systems. Taking a look at the evolution of the mechanisms for data storage, retrieval and processing will help us better appreciate the challenges of an often unappreciated and unglamorous branch of computer science.

www.linuxformat.com


Databases in-depth

Missed opportunity Despite both Codd and Date being IBM employees, the company wasn’t prepared to support their idea since it already had a successful database product in IMS. But that didn’t stop others from jumping on the relational database model. In 1973, two researchers at UC Berkeley, Michael Stonebraker and Eugene Wong, built on Codd’s idea to create the Ingres (Interactive Graphics and Retrieval System) database. Ingres worked with a query language known as QUEL. Several companies used Ingres as the basis for successful commercial products, although it took until 1975 for IBM to produce an experimental relational database called System R. It used a structured query language (SQL), developed by IBM’s Don Chamberlin and Raymond Boyce, to search and modify data. SQL quickly replaced QUEL as a more functional query language and became an ANSI standard towards the end of the 1980s. The third major adaptation of Codd’s idea came about in 1977, when Larry Ellison got together with Bob Miner and Ed Oats in order to commercialise the relational database. They shipped the Oracle database in 1979 –

www.techradar.com/pro/linux

Open sesame One of the key ingredients that fuelled the success of the relational database model was open source code. It started with the Ingres database in 1974, which made its code available for a small fee under the BSD licence. The Ingres code spawned a number of popular and commercially successful databases such as Sybase

Popularity broken down by database model, July 2019 100 18.3%

19.5%

21.1%

29.6%

34.4%

35%

59.8%

60.5%

70.4%

82.8%

89.8%

81.7%

80.5%

78.9%

70.4%

65.6%

65%

40.2%

39.5%

29.5%

17.2%

10.2%

Ranking scores %

75

S BM eD alu tiv

Mu l

t-o Ob

jec

RD

F

rie

nt

sto

at ed

re s

S BM na tio

Re la

ML eX tiv

lD

DB

gin en Na

Se

ar ch

h ap Gr

MS

es

MS DB

to re s es

ts en

lu

re s m cu

Ke yva

ide W

Do

co lu

er

m

n

ies

sto

DB

MS

0

to re s

25

eS

W

the first commercially available relational database. It became the dominant format and didn’t leave much room for anyone else by the time IBM released a fullfledged commercial relational database in the form of DB2 in 1983. The 1980s saw the development of various commercial relational databases as their benefits became more widely known. The first relational databases were quite slow, especially while accessing data records. However, their performance improved with the development of new storage and indexing techniques and better query processing and optimisation. Eventually, relational databases became the dominant type of database system for what are now referred to as traditional database applications.

Tim

e’ve been using databases to help us organise information since time immemorial. Archaeologists have found stone tablets in digs dating to 4000 BC that were used to index various kinds of information. Before the advent of the computer, we were cataloguing information manually. The first computer databases were just digital versions of this manual system: a flat file of a consecutive list of records. While filing information was straightforward, search and retrieval was a slow, time-consuming process. In the mid-1960s IBM started using a hierarchical data model for its information management system, called IMS. It featured a parent node that pointed to several child nodes. IMS was famously used by NASA to help with the design of the Lunar Lander. In 1969, the Committee on Data Systems Languages (CODASYL) consortium, which was a group of scientists and researchers working with the COBOL programming language, got together and came up with a standard interface for how COBOL programs should access and share databases. The lead proponent of the CODASYL group was Charles Bachmann, who tweaked the hierarchical model and made it more flexible by establishing what’s known as the network data model, enabling child nodes to have multiple parents. The CODASYL approach was a very complicated system to execute and required substantial training. Edgar ‘Ted’ Codd was a mathematician at IBM who saw programmers wasting time rewriting programs every time there were any changes to the layout of the database. He proposed a database abstraction approach that separated the logical and the physical structure of the database. His relational database model, first proposed in 1970, organised a body of data into simple tables of related information. Instead of a freeform list of linked records, Codd proposed data to be stored in tables with fixedlength records. This, along with several other changes, made it easier to access, append and modify data. His words resonated with C. J. Date, an instructor at IBM, and together the duo authored several papers on relational databases.

KEY Commercial Licence Open Source Licence

The share of open source databases is comparatively low when it comes to the traditional database models.

The dawn of skynet? Artificial Intelligence (AI) and machine learning (ML) have entered the mainstream in the last couple of years. These technologies are now making their way into the next generation of databases as well. Administering large databases that operate complex workloads isn’t a simple feat, considering the amount of configuration settings that need to be managed. An increasing number of database vendors are thus infusing AI and ML in their databases in order to relegate some regular monitoring and optimisation tasks to an autopilot that can then assist admins tune the databases for maximum performance. “For decades, the primary time-sink for administrators has been routine maintenance and performance monitoring/tuning tasks that ensure each database system is optimised for its supported applications,” says Robin Schmacher. “The promise of well-designed AI and ML functionality in databases is that it will remove this productivity drain from the IT staff and have the database maintain and tune itself – all the while learning internally what proper optimisation is for each ind ividual database.” Thus databases in the very near future will be able to anticipate operational issues and take preventative actions automatically. (destroy meat-bag infestation–ED)

September 2019 LXF254     47


Pi User

Tutorial Prey

Les Pounder In the larger Raspberry Pi community there have been a number of longterm members who have been having a tough time, and so I’d like to address the community at large and talk a little about this.

Finding help My friends, You may feel as though you are isolated, have no one to turn to, or feel like you do not matter. But these feelings are not a true reflection of you and your worth. Our thoughts are capable of great things, but they can also cause great harm to ourselves. We are all part of a community, a place where we surround ourselves with those who share a similar interest or ideal. Whether it is a small computer, operating system or a way of working, we all share a passion for something and that may be the genesis for a community to form. A community is made of friendship and respect, both of which are earnt over time. The friendships we make online in forums and social media will become real friendships at conferences and events. We will remember each others’ birthdays, anniversaries and family members. We will grieve when a member is lost, cry when heartache strikes and rejoice when good news comes our way. You may have a dark moment, but rely on your friends and never be afraid to talk to them as that will rob the darkness of its power. A community is formed around something, but that something is not a community. Our passion and friendships are what form a great community. If you or anyone you know is struggling with mental health issues, you can find more resources with the NHS: www.nhs.uk/conditions/stressanxiety-depression.

The Raspberry Pi isn’t used just by buoys Build yourself a smart mini-buoy for tracking waves and sea temperature, all powered by your Pi. ne maker duo is prototyping a smart buoy for monitoring sea waves, temperature and more. While the project doesn’t seem to have official bodies backing at the moment, it’s certainly interesting in itself to see how the Raspberry Pi and, more widely, maker skills can help create devices that make a difference in the real world.

O

Before the whole thing is buttoned up ready for launch. CREDIT: t3chflicks.com

Snazzy Pi

Plotting plots

Sexing it up…

Classic displays.

ancy some better-looking Raspberry Pi wallpaper? You’d do a lot worse than checking out the official Raspberry Pi Instagram account. It has coined the #SnazzyRPi hashtag that we hear are ever so popular with the young people. Check it out and gaze upon the Pi loveliness. www.instagram.com/ raspberrypifoundation

veryone loved the Tektronix 4010. It was a classic, and now you can relive those heady days of vector-plotting at a heady 1024x1024 resolution with a painfully detailed emulator down to the 4000 vector inches per second! Check out the official blog post on the fascinating project: www.raspberrypi.org/blog/historical-highresolution-graphics-on-raspberry-pi.

F

That’s some damn good-looking hardware. CREDIT: Raspberry Pi Foundation, Instragram.com

50     LXF254 September 2019

The Smart Buoy is built from a 3D-printed hollow sphere and is powered from four integrated solar panels, It uses a Pi Zero and Arduino board, and is outfitted with a host of sensors plus a radio antenna. The aim of the prototype buoy was to measure wave dynamics along with sea and air temperature, communicating those details via the radio. The Grenadian government gave the team approval to set the buoy free along its coastal waters, and even made suggestions on how the project could be improved to aid it with its own research, including monitoring wind speeds. Meanwhile, the team itself thinks that implementing a mesh network would enable it to communicate more easily, and hope to add this soon. https://www.hackster.io/t3chflicks

E

Black and green the only colours a display needs. CREDIT: Rene Richarz, YouTube.com

www.linuxformat.com


TutorialS Pi monitor screen

I2C Display

Create a Raspberry Pi OLED monitor Les Pounder shows us how to monitor a Raspberry Pi 4 with a small screen and a little bit of Python code. his issue’s project is a tiny OLED screen that will provide useful data about a Raspberry Pi at a glance. We will also run our project on boot to monitor the system as we work. The OLED screen connects to the Raspberry Pi GPIO using an I2C interface. This is a special interface that only needs four pins on the Pi in order to send data. To connect your Pi please refer to the diagram on page 53. With the physical connection made we now need to enable I2C on our Pi – do this in the Raspberry Pi Configuration tool. We will also need to install two Python libraries for this project. The first library is for our OLED screen and the second enables our code to work with network interfaces. In a terminal enter the following command.

T

our expert Les Pounder is a freelance maker who works with organisations such as the Raspberry Pi Foundation to promote maker skills.

$ sudo pip3 install Adafruit-SSD1306 netifaces

Writing the code To write the code we shall be using Thonny, the default Python editor on the latest Raspbian. You’re free to use any editor you want, but please save the code as livedata.py – and save often. We start the code with a line indicating where our Python 3 interpreter is located. Our project will be a background app in the system, so this enables it to run. #! /usr/bin/env python3

You need Any Raspberry Pi An i2c OLED screen (128 x 64 pixels) 4x femaleto-female jumper wires The Code: http://bit.ly/ lxf254i2c

This tiny screen is easy to work with and really cheap. It can provide all the data we need at a glance, without firing up a terminal.

We now import three libraries to add features to our code. The first enables us to use the OLED screen with Python. The second is used for accessing system information in Python. The last is used to access network interface information. Note that we import ‘netifaces’ but refer to it as ‘ni’ for ease of use. import Adafruit_SSD1306 import psutil import netifaces as ni

Three more imports, and they are all from the Python Imaging Library (PIL). These will handle drawing content on the screen. from PIL import Image, ImageDraw, ImageFont

In order to use the OLED screen, we need to tell Python where it is, and what size it is. For this we create an object called disp and in there we use the Adafruit library, specifically the 128_64 function. Note that the screen does not have a reset pin ( rst ) so we set that to None . Then we begin the connection to the screen.

52     LXF254 September 2019

disp = Adafruit_SSD1306.SSD1306_128_64(rst=None) disp.begin()

To configure the screen we need to know the width and height; luckily, the function handles that. These are saved to variables, and then the screen is set to 1-bit colour (black and white). width = disp.width height = disp.height image = Image.new(‘1’, (width, height))

Preparing the screen for output, we create an object to which we can draw. draw = ImageDraw.Draw(image)

Now we set the confines of the screen. The padding variable enables us to stay inside the screen; we set the top to match the padding, and the bottom of the screen as the height minus the padding. We also create a variable, x , to keep track of where text will appear on the horizontal axis. padding = -2 top = padding bottom = height-padding x=0

Here we gather the data for our screen. The first data collected is the CPU’s temperature, and for this we open a file in read-only mode. This file stores the data from the CPU temp sensor, which we save to a variable called f . f = open(“/sys/class/thermal/thermal_zone0/temp”, “r”)

www.linuxformat.com


Tutorials TMSU

Tagging files made easy Tagging people on social media posts still foxes Shashank Sharma – but with TMSU, at least the files on his disk are properly tagged and organised. e covered the basic usage of TMSU in LXF253. Briefly, it’s a nifty little command-line utility which can be used to tag all the files on your disk, leading to easy organisation. This is especially useful if you’ve been running the same distribution such as a rolling-release or a LTS edition for some time, as the number of files on your system will grow exponentially the longer you run the same distribution. With TMSU, you can tag any file on your disk with a simple tmsu tag <filename> <tag> command. The command expects a filename and a space-separated list of tags that you want to assign to the specified file. See last issue (LXF253) for how to install the minimalist but robust utility, its usage as well as the basics of the TMSU database.

W

our expert Shashank Sharma is a trial lawyer in New Delhi and avid Arch user. He’s always on the hunt for budget-friendly geeky memorabilia.

Smart lookup As we discussed last issue, the tmsu files command is used to list all the files in the TMSU database. You can alternatively run the tmsu files <tag> command to only list files in the database which are identified with the

Repairing the database

specified tag. But if you want to narrow down the files even more than is possible with this basic usage, you can do so using the and , or and not operators. This is especially useful if you use the same tags for different types of files. For instance, you can use the todo tag for all your work files, in-progress blog posts, half-baked videos for your YouTube channel and so on. You can still separate the different files and identify the one you’re looking for using these operators: $ tmsu files todo LXF-articles-to-do-list WS-sumit-arora.docx $ tmsu files todo not lxf WS-sumit-arora.docx

As you can see from the output produced by the two commands, the second command removes the file LXF-articles-to-do-list because of the not operator used in the command. Similarly, the command tmsu files LXF will list all the files which match the specified tag LXF , while the command tmsu files LXF not year=2018 will only list files tagged LXF but not assigned the year=2018 value. Using the or operator is just as straightforward, and you can even combine operators to restrict results even more, to quickly narrow down the files you’re looking

As TMSU only creates a symbolic link to all the tagged files and directories, the database can easily get out of sync with the actual files on the disk if you were to move the files or rename them. This is because TMSU doesn’t watch the filesystem for changes. You can run the tmsu status command to determine whether the database is out of sync or not. When run without any additional command options, the status command will check each file in the database with the corresponding file on the disk. The filenames it produces as output are preceded with either T, M, ! or U symbols, identifying the respective files as either Tagged, Modified, Missing or Untagged. Renamed files, identified with the ! symbol, which still reside in the same directory can be fixed in the database by running the tmsu repair command. TMSU will then report the changes it made to the database to bring it back into sync: tmsu repair Documents/ /home/linuxlala/Documents/LXF-tutorial-vim.odt: updated path to /home/linuxlala/Documents/LXF-tutorial-vim-possible. odt

When not provided a path as an argument, tmsu repair will fix all the tagged files in all the nested directories within the parent directory.

58     LXF254 September 2019

TMSU uses a standard Sqlite3 database to store information. You can use sqlite3 to read the database, or even export the content.

www.linuxformat.com


Tutorials Store and sync notes

Notes

Store and sync notes across PC and devices Nick Peers examines two solutions to help you record all kinds of notes on your desktop computer, plus access them on all your mobile devices. veryone needs a note-taking app – a way of quickly scribbling anything from a to-do list to a detailed breakdown of an upcoming project. When it comes to choosing which app to trust with your notes, you’re spoilt for choice. One place you won’t find a notes app is in your default Ubuntu installation, however – you’ll need to make a choice. In this tutorial we’re going to focus on two notetaking apps, Standard Notes and Joplin. They share some common features: they’re both open-source, naturally, both support syncing and work across multiple platforms, so you can access and update your notes from anywhere. But there are also some notable

E

our expert Nick Peers uses Joplin to keep track of his spiralling music DVD collection.

Getting around Standard Notes

1

6

3

5

differences, which means you’ll probably find one is a better fit for your needs than the other. While Standard Notes is open-source it does lock some of its more advanced features behind a subscription-based paywall. However, if you’re looking for a simple, text-only note-taking app, there’s a lot to recommend it. Your notes are synced and stored online, using end-to-end AES256 encryption to ensure they’re kept private. There are no limits to the number of notes you can store, but that’s largely because they’re plain text and there’s no support in the free version for storing attachments, so your footprint will always be a modest one. The advantage of storing them online – as you’ll see later – is that you can access them through any trusted web browser as well as your regular desktop and mobile apps. Let’s start by installing the desktop version. Head to https://standardnotes.org and click the prominent blue download button to save the AppImage to your ~/Downloads folder. Now open a Terminal window to move the image and make it executable with the following commands: $ mv ~/Downloads/standard-notes-3.0.15-x86_64. AppImage ~/standard-notes-3.0.15-x86_64.AppImage $ cd ~ $ chmod a+x standard-notes-3.0.15-x86_64.AppImage

4

Finally, launch the application – if prompted to integrate the app into your desktop, choose Yes: $ ./standard-notes-3.0.15-x86_64.AppImage

The app will launch for the first time from the

2 Views Use the left pane to navigate around your notes, applying tags to help quickly set up filtered views.

Note view The middle pane displays your notes, filtered according to what views you’ve selected or your search terms.

Account Click here to access account-related settings, as well as setting a local passcode.

Note editor Click here to edit your notes – the free version of Standard Notes supports plain-text notes only.

1

2

View options Click here to change how the selected notes are sorted, plus choose what information to display with each (date, tags and so on).

3

60     LXF254 September 2019

4

5

Note options Click the buttons above your note text to access context-sensitive options.

6

Protect your notes and other Standard Note settings by deploying a local passcode in addition to your account password.

www.linuxformat.com


Tutorials Android access

Android

Part One!

Don’t miss next issue, subscribe on page 26!

Get your Linux box connected to Android Aaron Peters has been using Android and Linux together in increasing degrees of harmony since 2011 – and he shows how you can too. eing a fan of open source, you’re familiar with Android. Not only familiar with it, but you’re also aware that Android is built on Linux, and that technically helps make Linux the world’s top operating system based on installed devices. It follows that since both of these are Linux, they should work famously together. This is true, but unfortunately there are some caveats. There are a number of ways to make Android get on well with your Linux rig, but you’ll have to roll up your sleeves a bit to make some of them work. In this article we’ll first take a look at Android as a Linux-based operating system: how it’s structured, where the ‘Linux’ pieces come into play, and what’s uniquely Android. Then we’ll explore a couple ways to get some simple integrations up and running, such as logging into a shell, transferring files or viewing notifications.

B

our expert Aaron Peters is a business analyst and wannabe developer who once even coded an Android app that did what he wanted.

Structure of an Android

If you’re not able to see a connected device with the ‘adb devices’ command, or you get an error, try the following. The first will install the adb package containing the required plugdev rules. The second adds your user to the plugdev system group: ‘sudo apt install adb’ ‘sudo usermod -aG plugdev [your username]’

The easiest way to understand how Android equals Linux is to understand how your favourite distro achieves the same thing. As you should be aware, Linux is a kernel, not an operating system – at least not all by itself. The Linux kernel can talk to all your device’s hardware and shuffle data back and forth between storage, RAM and processor, among others. But it’s software that requests the kernel does all this work, and that’s where other organisations like the GNU Project comes in. What started out as a collection of humble (but important!) utilities like ls, cat and who has morphed into the Gnome desktop environment and the GIMP image editor. But whether it’s a fancy graphical app or a basic console program, it’s still a collection of interconnected software that’s telling the kernel what to do. Android is another such collection, although it’s set up very differently from what you’re probably used to seeing. It doesn’t use the Filesystem Hierarchy Standard or common disk formats for its storage. Smartphones are like tiny computers, but at the end of the day they’re still devices running on telecom networks – and telecom providers like their devices to work a certain way. Some of the reasons Android is laid out the way it is include: Increased security The operating system is

68     LXF254 September 2019

Android

iOS

Windows

Samsung

A graph showing Android as the number one OS in the world.

separated from working files to prevent any misuse. Predictable hardware Once the manufacturer decides on the hardware for their device, it’s not going to change, unlike a desktop PC. So they can create an ‘image’ of the base OS that is likewise unchangeable. Easier maintenance This separation of the OS from working files also enables manufacturers to easily update devices in one shot, with an over-the-air download. As a result, Android’s unusual filesystem structure is as follows: acct This directory contains information on user accounting (that is, user accounts). cache If you’ve used Android for a while, you know how much space cache files can take up. This is where they’re stored. data This directory is a mountpoint for the partition where Android apps are installed. dev As with standard Linux, files representing the device’s hardware live in this directory. etc This is actually a link to /system/etc, which in turn stores the same type of configuration files as a standard Linux distro. mnt The Android filesystem, like Linux, can consist of a number of other filesystems mounted together. As in the FHS, this directory is used to store many of these, including the SD Card(s) and other media, user-related information and the temporary filesystems. proc Mirrors that of standard Linux, showing a browsable list of directories and files that represent currently running processes. root As you’d expect, this is the home directory for

www.linuxformat.com


Tutorials Lightweight system

Suckless Tools

Compile it yourself for performance Mats Tage Axelsson guides you through creating an image that is the smallest fully fledged system possible – and then expands on it. re you worried that most of your software sucks resources out of your system like a wet sponge? Then you’ll be interested in Suckless Tools (https://tools.suckless.org). All the tools in this series have been designed to be as small as possible, even when some functionality is sacrificed. But when would you use them? Well, you can usually live with a regular system, but when you have a small system or a background process such as mining, you might want to use Suckless Tools to have another machine available for commands. In this tutorial, we’ll learn how to compile and patch the most common parts of the Suckless Tools. You will be able to transition over to a smaller system without killing your current system. This way you can get used to the new ways of running your computer.

A

our expert Mats Tage Axelsson shows you what even he can do using Linux to make the world a better place.

Get set for sucking Suckless Tools are based on Plan 9, a system developed by Bell Labs that implements most of the *Nix based systems in a more networkcentred way.

You need to have the essential development tools for compiling C: gcc is the most common choice. However, the project considers that a bloated piece of software too, so don’t ask them for help with gcc. We’ll use gcc though, since it will probably already be installed on your system. Otherwise, your best bet for getting the source is to set up a directory where you clone each package into its own directory. Then add a patches directory and you are good to go. If you want to publish your unique masterpieces, create forks with git: $ git branch MyConfig

$ git checkout MyConfig

After you have run these two commands, you can add your changes to your own git branch and then publish to GitHub or any git server. You can also send any brilliant changes to the Suckless Tools by using git’s send-email functionality. In general, all you need is to have a great editor for the command line and the particular development libraries. Finding the libraries you need may be a challenge because the developers assume you know this or can find it easily. It is easy! With that said, these tools need very little, since that’s the basic idea of the whole project. To make sure you know which libraries you need, open config.mk. In that file, you have all statements that include libraries. The file also sets all the flags for the compiler process. In most package managers you also have buildessential options, for example under Ubuntu: $ sudo apt install build-essential

Due to the minimalist ideal of the developer community, there are very few libraries needed. For each package, there are just a few needed. We will point out what’s required throughout this tutorial.

Libraries that suck The exact libraries depend on the package you are configuring. Suckless Tools needs only libx11-dev, the header files to get access to your X11 environment. You need to check and possibly change two files before you start compiling. The first is config.mk, which sets the paths, libraries and flags for your compiler. The second file is config.h, which is where you set features to be on or off. This is also usually patched – more on that later. $ sudo make clean install

If you leave all configurations as standard, the file will end up in /usr/local/bin/. The new binary is also set to the default one. Try it with the which command. You may have created a mess at this point – don’t worry, you can remove it with the uninstall option. $ sudo make uninstall

When you have run the patch command, Vimdiff is a great alternative to check what has been rejected so you can correct it yourself.

76     LXF254 September 2019

This way you can experiment without destroying your existing install. All packages can be installed this way, so you can try it out before committing it to your new system. To remove it, you can just erase the executable – though we recommended using the

www.linuxformat.com


The best new open source software on the planet

HotPicks

Alexander Tolstoy counted all the open source he has ever written about and thought that if each title was a raindrop, the whole list would create a downpour.

Foliate F.U.S.S. CPU-X Chomper Timeshift Jade Gifcurry Pentobi Speed Dreams Libheif GoTTY eBook reader

Your ePub books have never looked better, thanks to Foliate.

Foliate Version: 1.5.0 Web: https://github. com/johnfactotum/foliate ccording to J.K. Rowling, “If you don’t like to read, you haven’t found the right book”. But it’s important to add that your attitude to reading in electronic form is greatly impacted by the software we use for it. There is a whole slew of ebook readers for Linux that have existed for ages. Still, there is a room for another even better ebook reader, and we think we have found the one. Foliate is a sleek GTK3-based and JavaScriptpowered desktop application that was limited to the ePub format, but the latest release adds Mobi and Amazon Kindle formats (MOBI, AZW and AZW3). While that means that you’ll need other software to handle PDF or DjVu files, Foliate is perhaps the most polished and comfortable to use application when it comes to ePub. The secret is in the details, in those little things that you mostly notice when you start reading. A good example is the built-in word look-up. Many applications have this feature, but few deliver word definitions right inside the book-reading view, instead of taking you away to a web browser window. When you select a word in Foliate, a compact dialogue pops up and instantly loads the word definition from Wiktionary. Below it are the buttons for switching to Wikipedia and Google Translate views. When reading ePubs that contain some words you may not know, Foliate makes it very easy to get definitions and to keep on reading. The header bar in Foliate has buttons for searching and accessing the main menu, and setting a custom font, theme or layout. It is possible to adjust font size and type (or stick to the publisher’s font), change brightness and adjust margins and hyphenation for a perfect reading session. Use the lower slider to navigate inside the book, and also the top-left button at the header bar to switch between chapters. If you close Foliate and run it again, it will ask if you want to open another file, or continue reading the previous book. Get Foliate on Flathub, or grab the DEB package from the GitHub page’s Releases section.

A

www.techradar.com/pro/linux

Exploring the Foliate interface 2

1

3

4

5

Adjust the way your book looks You can set our own font size and margins, and also choose sepia or a dark theme.

Built-in highlighter The middle section in the sidebar lets you navigate between highlighted items.

A handy sidebar Navigate inside the book using the index, highlighted items and bookmarks.

Never get lost This slider indicates your total reading progress. It also lets you jump back and forth within a book.

1

2

Word look-up Select a word and quickly get its definition, translation and Wikipedia article.

4

5

3

September 2019 LXF254     81


Coding academy

Assembly language coding academy

Assembly Language

Part One!

Low-level kernel access and coding

Don’t miss next issue, subscribe on page 26!

John Schwartzman shows how to write assembly language code that calls Linux kernel services and the C run-time libraries. earning assembly language won’t make you a faster programmer. It won’t enable you to create portable, write-once run-anywhere programs. It’s not object-orientated. It’s not new. So why learn it? The answer is that it just might make you a better programmer. By learning just what a processor can and can’t do, you’re on the way to a deeper understanding of computer science. A processor doesn’t just perform arithmetic – it also performs Boolean logic operations. Understanding Boolean logic operations teaches you about the Boolean logic gates inside the CPU and how the CPU uses these logic gates to make decisions. That just might make you a more capable computer engineer as well as a better programmer. Assembly language is a low-level language: it’s specific to a particular processor. You use it to program a specific processor at the hardware level. Compilers understand assembly language, because that’s what they use to create the instructions in high-level languages. C++ is used to create many different programming languages. The C++ compiler strings together lots of assembly language instructions to do its work. Every kind of program ultimately executes machine language on the computer.

L

our expert John Schwartzman is a long-time engineering consultant to business and government. He also teaches Computer Science at a local college.

Assembly language is particularly useful for writing device drivers and for writing methods and functions that control and interrogate hardware (embedded systems). It’s also very useful to help learn how computers and compilers work.

Some assembly required Assembly language is simply machine language with mnemonics. Mnemonics are names given to machine language instructions, also known as op codes, so that we don’t have to remember hundreds of numeric values. It allows us to write a program using identifiers like ADD, SUB, MOV and so on. High-level languages make programs portable – they enable you to program without worrying about the lowlevel details of how the CPU works. They provide the abstraction that lets you think about problems at a higher level. Object-orientated languages like C++, Java, C#, Python and so on are ‘higher’ high-level languages that enable you to incorporate the problem domain into your program. The programs you create with an object-orientated language ‘understand’ your application and not just the generic algorithms used to

www.techradar.com/pro/linux

Figure 1: hello.c – the obligatory first program.

operate on data. But at the heart of every high-level language is assembly language. The Linux boxes in our office use Intel x86-64 microprocessors, so we’re writing assembly language in the Intel dialect. We’re using Linux and so the assembly language we write will use Linux kernel services. Even when we use the C library (glibc), the library methods we call will, in many cases, be thin wrappers around the Linux kernel services. It has become obligatory to introduce every new programming language with a program that prints “Hello, world!” to the console, so let’s start there. Figure 1 (above) shows the program hello.c, and Figure 2 (page 88) shows hello.asm, its assembly language equivalent. At the command line in your working directory, type make release . Make invokes the yasm assembler to create the object file (hello.obj) from the hello.asm file and the ld gnu linker to create the executable (hello) from the object file. It also uses the gcc C compiler to build and link hello.c into the executable file a.out (assembler output). make clean removes all of the build artefacts from the working directory. Figure 3 (page 89) shows the makefile for hello. Each project in this series has a similar makefile and all rely on the Bash shell script named maketest.sh in the parent directory. There is also a makefile in the parent

September 2019 LXF254     87


coding academy Minecraft and Python Part One!

Don’t miss next issue, subscribe on page 26!

Credit: www.minecraft.net

python

Building in Minecraft powered by Python

Calvin Robinson hooks mods into the Minecraft API so that we can directly interface to it with some Python programming. inecraft is one of the most versatile video games of all time: it offers an open environment where the only limit is your imagination (well, plus your hardware and your patience – Ed). It is not, however, open source, so the practical limitations are usually the building blocks and macros available in-game. That was the case until the Raspberry Pi version of Minecraft was released, which offers a pretty decent API. A few hacks here and there with the help of a couple of projects called Raspberry Jam and Forge, and we’re able to access the Minecraft API on Linux and hook directly into the game with Python code. For the purposes of this tutorial we’re using a pre-packaged toolset called McPiFoMo, which stands for Minecraft Pi Forge Mods (available at http://rogerthat.co.uk/McPiFoMo.rar).

M

our expert Calvin Robinson is a former assistant principal and Computer Science teacher with a degree in Computer Games Design and Programming BSc (Hons).

Getting started First, download and install the appropriate version of Minecraft for your distro of choice. Developer Mojang offers pre-packaged solutions for Debian/Ubuntu and Arch (DEB and AUR respectively), and a generic Java version for everyone else, at www.minecraft.net/ en-us/download/alternative. Next you’ll want to make sure you’ve got Python installed. sudo apt-get

Hello world indeed!

install python should suffice for any Debian-based distro (after a sudo apt-get update , of course).

It’s always best to backup your Minecraft folder first, before making any changes. It can be found hidden in your Home as /.minecraft. The keyboard shortcut Ctrl+H can be used in most file explorers to show hidden directories, or use ls -la if you’re not a fan of the GUI. In a terminal window mv ~/.minecraft ~/minecraftbackup should suffice to save a hidden backup. Extract the new .minecraft directory from McPiFoMo directly into your Home directory. You may need to sudo apt-get install unrar if your system doesn’t recognise the RAR file. unrar xe McPiFoMo.rar ~/.minecraft should then do the trick. If you have worlds you’d like to carry over, copy the Saves directory from your backup .minecraft directory into the new one using cp –r ~/.minecraft-backup/ Saves ~/.minecraft/ .

Launch modded Minecraft Launch Minecraft as you normally would, but after logging in select ‘Forge’ as the profile. This should load Minecraft 1.8 with Forge 11.14. You can play around with the latest version of Minecraft and download and install an updated Forge if you wish, but these are the versions we’ve found to be most compatible with Raspberry Jam. Do let us know if you get more recent versions running smoothly. You’ll know you’re running the correct profile when you see the version numbers in the bottom left corner of the window. Create a new ‘Superflat’ world in singleplayer Creative mode, and you’re ready to begin coding. We’ve included a single ‘Flat’ world pre-installed with the McPiFoMo package. It might be worthwhile making a few copies of this to experiment on: just copy the ~/.minecraft/Saves/world directory a few times.

Hello World! Chat commands Using your favourite text editor, create a new helloworld.py file and save it in ~/.minecraft/mcpipy as a Python file (PY), inserting the following code: from mc import * mc = Minecraft()

92     LXF254 September 2019

www.linuxformat.com


On the disc

Download your dvd Get code

and DVD images at: www.linuxform at.com /archives

Discover the highlights from this month’s packed DVD!

START HERE using the LXFDVD

Using Linux for the first time can be very confusing. It’ll be unlike anything that you’ve likely operated before, especially if you’re used to Microsoft Windows or Apple macOS. Generally our DVDs are designed to be run directly, which is to say that when you first power on your PC (or Mac) it should ‘boot’ from the DVD – so before Windows or macOS even starts to load – with Linux running directly from the DVD. This trick is known as a Live Disc. It enables you to try out the various versions of Linux without having to install or change anything on your PC. Just remove the DVD, restart your PC and it’ll be exactly as you left it. While many systems will boot from a DVD when it finds one, many will not. See below for the standard process for enabling booting from a DVD on various desktops and laptop PCs. The alternative option is to locate the ISO file on the DVD and write this to your own USB thumb drive and attemp to run that. We recommend using Etcher from https://balena.io/etcher that’s available for Windows, macOS and Linux. Good luck!

a slick gallic spin min specs: 512KB RAM, 5GB HDD

Mageia 7.1 Plasma ne distro we feel doesn’t get enough attention is Mageia. Its pedigree lineage goes back to Mandrake, via Mandriva, and its name evokes images of magic(k) and wizardry. Mageia comes in three editions: Plasma, Gnome and Xfce. We’re continuing our dalliance with Plasma this month, because we think more people need to check out all the snazzy and jazzy features introduced recently, as well as enjoy the generally awesome things KDE Plasma has featured for the past few years. Mageia 7 was released in early July, too late to be included on our DVD last issue – and also too early to feature support for Ryzen 3000 hardware. That point is remedied in this new release, which is otherwise much the same as its predecessor, so there’s no need to reinstall if you’re running Mageia 7 already. Mageia will take care of itself till the end of the support period (which is until December 2020 at least), and you’ll be able to upgrade to the next release long before then.

O

64-bit

If you’re not running Mageia, there are all kinds of things you’re missing out on. It features a 5.1 kernel so supports all the latest hardware, and can optionally use the proprietary Nvidia driver straight from the live environment. Just choose the appropriate option from the boot menu. Check the documentation for tips on hybrid graphics arrangements. Mageia uses RPM packages, like Fedora, and this release offers DNF – Fedora’s Yum replacement – besides its own Urpmi package manager. Of course, you can update everything graphically from Plasma’s Discover or Gnome Software if you prefer. The Mageia repositories now use zchunk delta compression, so checking for updates may be a lot faster than what you’re used to. The Nonfree repository, which gives access to proprietary drivers and firmware, is enabled by default, and a further Tainted repository (not enabled by default) gives access to programs and codecs whose redistribution may be legally questionable.

boot the disc

Many PCs should boot automatically if they’re turned on with a disc in the drive. If not, many offer an early Boot Menu accessed by tapping a key while powering up from cold: F9 (HP), F12 (Dell, Lenovo), F8 (Amibios) or F11 (Award BIOS). Alternatively, use the BIOS/UEFI to adjust the boot order to start with the optical drive. Again, this is accessed by tapping a key during power up, usually Del but sometimes F1 or F2. Some new UEFI PCs require access via Windows: holding Shift select its Restart option. If you’re still having problems using the DVD visit: www.linuxformat.com/ dvdsupport Mac owners: Hold the C key while powering on your system to boot from the disc.

96     LXF254 September 2019

Mageia’s Control Centre is considerably more stylish than your average settings panel.

Important Notice!

Defective discs: For basic help on running the disc or in the unlikely event of your Linux Format coverdisc being in any way defective, please visit our support site at www.linuxformat.com/dvdsupport. Unfortunately, we’re unable to offer advice on using the applications, your hardware or the operating system itself.

www.linuxformat.com


9000

AND MORE! powerful but lightweight

the LXF library

min specs: 1GHz CPU, 1GB RAM, 5GB HDD

Q4OS 3.8 Plasma ow, it’s been a long time since Q4OS last featured on our DVD – more than a year, in fact. To remedy that we bring you not one but two editions of the latest Centaurus release: the flagship 64-bit Plasma one, which you can try out straight from the DVD, and the 32-bit Trinity edition, which you

W

If you think about it, a centaur has two ribcages – and frankly we find that terrifying.

64-bit

can’t (see below). Q4OS is built on the latest Debian 10 Buster release, so features a 4.19 series kernel, coupled with a reasonably new Plasma 5.14. This is an LTS release too, so will be supported for at least five years. Q4OS’s Desktop Profiler makes it easy to install additional desktops, including but not limited to MATE, LXQt and Xfce, as well as choose from predefined software bundles. Proprietary codecs are much easier to install than in Debian too; you can do it with a single click from the Welcome screen. Various thirdparty applications can be easily installed from here too, and the proprietary Nvidia driver is likewise only a few clicks away. We’d be hesitant to recommend Debian to beginners, but have no such qualms with Q4OS. Q4OS is great for seasoned Linux users too – you can start off with a lean install and add only what you need.

super lightweight

rinity (aka TDE) is the continuation of ye olde – and, dare we say, Windows XP-style – KDE 3.5 desktop, and can run on the most modest of hardware. There’s no live edition, and sadly we couldn’t get the install ISO to work with the LXFDVD menu, so you’ll need to write the ISO from the /Q4OS directory on the DVD to a USB or optical medium in the usual way. Once you’ve done that you can enjoy desktop Linux as it used to be, all built on a strong and stable Debian base. The initial install occupies a paltry 1.5GB, but if you add the common applications bundle this will double. Trinity comes with desktop effects turned off by default, but if you have more capable hardware turn them on to add a modern twist to your classic desktop. Note that this edition is not compatible with UEFI, so on newer systems

T

 ash Guide for Beginners B Get to grips with the basics of Bash scripting.  ourne Shell Scripting B First steps in shell scripting.  he Cathedral and T the Bazaar Eric S Raymond’s classic text explains the advantages of open development.  he Debian Book T Essential guide for sysadmins.  ive Into Python D Everything you need to know. I ntroduction to Linux A handy guide full of pointers for new Linux users.  inux Dictionary L The A-Z of everything to do with Linux.  inux Kernel in a Nutshell L An introduction to the kernel written by master hacker Greg Kroah-Hartman.  he Linux System T Administrator’s Guide Take control of your system.

min specs: 300MHz CPU (PAE not required), 128MB RAM, 3GB hdd

Q4OS 3.8 Trinity

 dvanced Bash A Scripting Guide Go further with shell scripting.

32-bit

you’ll want to boot in Classic BIOS mode. If you have other OSes installed through UEFI, they won’t be available until you re-enable it. The Konqueror web browser is a nice bit of nostalgia, and is impressively fast, but you’ll want to install something else for compatibility with the new-fangled websites of today.

 ools Summary T Overview of GNU tools.  NU Emacs Manual G Six hundred pages of essential information!  roducing Open P Source Software Everything you need to know.  rogramming from P the Ground Up Take your first steps.

They don’t make file managers like this any more. Actually they do, so this is a bit of a silly caption.

New to Linux? Start here…

Never used a Linux before? Here are some handy resources: Read our quick-install guide http://bit.ly/LXFinstall Looking for an answer? https://askubuntu.com Want to delve more deeply? https://linuxjourney.com

www.techradar.com/pro/linux

September 2019 LXF254     97

Profile for Future PLC

Linux Format 254 (Sampler)  

You can subscribe to this magazine @ www.myfavouritemagazines.co.uk

Linux Format 254 (Sampler)  

You can subscribe to this magazine @ www.myfavouritemagazines.co.uk