LXF - 254 - September 2019

9000 9001
TAKE NOTE! MINECRAFT
M
4 EIA
FR D & Q
Write and sync your Automate games for more
AG
.7G 7
EE V 4O
open source notes fun building and surviving
B
PLUS!
.1
D S
3 Pi PROJECTS
LED CONTROL
OLED DISPLAYS
RASPBIAN BUSTER
The #1 open source mag
DON’T PAY THE…
g sto len Bea t h ack ers

Stop your data bein you r s ys tem s
S ec ure
Protect passwords
pages of
65 tutorials
& features
Suckless – the Linux tools
designed to run faster
DataStax’s
Robin Schumacher Connect Android devices

to your Linux desktop
Build an enterprise business
from open source technology Get a more powerful
open source database
LOW-LEVEL CODE HASHICORP VAULT
Kernel assembly Add high-end encryption
coding made easy to all of your projects
WELCOME
Win a secure Nitrokey Storage 2

Send your thoughts to the Linux Format dungeon server at
[email protected] and secure your chance to
win a 32GB Nitrokey! It’s the complete open hardware-
encrypted storage solution!
Learn more at www.nitrokey.com.
WHO WE ARE
This issue we’re wondering where people
could migrate to from Ubuntu when 32-bit Escape Ubuntu?
library support gets frozen. Where would Is Ubuntu about to stop being my daily
you suggest people go? desktop driver? Probably not today,
probably not tomorrow – but next year,
Jonni Bidwell the year after that, perhaps? Since 2004
Debian hasn’t said anything about dropping Ubuntu has been making Linux users’
i386 yet – and if Debian supports it, then so lives easier offering access to all the
will at least some of it’s progeny like Sparky, software their heart’s desire, but what
AntiX and Slax. Old hardware already happens when access to that software
struggles with the modern web, so in a stops? My bet is people go elsewhere.
couple of years all it’ll
i be good for is terminal apps. I don’t play games much, but I do
game and I want access to my 15-year
old Steam (for better or for worse) and
Les Pounder GoG accounts. Canonical has clearly
I’ve been using Ubuntu since Dapper said 32-bit library support is basically on life support, so it feels like the time
Drake (6.06) and it has served me well. But to up sticks and find a new home is approaching. That’s not to say Ubuntu is
just recently I have tried out the latest bad – it is without doubt superb for what it’s designed for, and that’s now for
Manjaro release on an old Thinkpad – and server, cloud and enterprise users.
wow! Admittedly it takes a little getting As always with open source there’s a host of Linux-based distros out
used
d tto, b
butt it iis slick
li and easy to use. there that offer welcoming homes with a desktop-first approach. You just
need to pick one. Why not try Mageia on the DVD as a first step? It’s pretty
accomplished. It’s going to be interesting to see where desktop users
Mayank Sharma migrate to beyond the release of Ubuntu 20.04 LTS and that freezing of
Ubuntu dropping 32-bit support will have a 32-bit library support, with the knock on effects for Mint (it has stated 32-bit
knock-on effect and other distros will soon lib support will follow Ubuntu’s lead) and other popular Ubuntu-based
follow. I have quite a few 32-bit machines distros will likely follow. Make sure you let us know what you think. Manjaro,
doing one thing or the other. I’ll seriously Pop!_OS and more are tempting… (Jonni uses Arch, by the way.)
consider moving them to another open Putting the distro drama to one side, this issue we’re looking at how you
source OS,
OS probably
b Haiku; Shashank tells me it’s the best. can protect and fight off ransomware attacks. It’s the usual combination of
sensible precautions, good password discipline and backing up – you can’t
hold my data hostage if I have a backup copy. On a more mundane level
Shashank Sharma we’re taking the time to Roundup the best text editors. It’s an essential
While I will always recommend users to try activity and it’ll be fun to look at the alternatives out there, along with notes
their hands at Arch, it too ended official apps, improving Android and loads more tutorials, so enjoy!
32-bit support, although a community driven
edition is available. But if you must have
32-bit, Mint is a viable alternate, and it’s not Neil Mohr Editor
too d
different
ff ffrom U
Ubuntu. [email protected]
Alexandar Tolstoy
I still enjoy our domestic Mandriva-based
distribution known as Rosa. It still offers fully-
fledged i586 ISO images with the latest OSS Subscribe
software and also things like 32-bit UEFI
support. Have no fear of KGB and give it a try!
& save!
On digital and print
– see p26
www.techradar.com/pro/linux September 2019 LXF254 3

Contents
NEW GIFT
SUBSCRIBE NOW!
Page 26
REVIEWS
AMD Ryzen 3000

Has Intel finally lost its processor crown?
18 DON’T PAY THE…
Can AMD smash the competition with its
new Zen 2 architecture? Can you actually
afford any of this new whizzy kit?
Panda Latte 20
Is it a full PC, a Raspberry Pi competitor, an
Arduino board or some freakish mishmash
of all thee? Mike Bedford put this unusual
product through its paces.
Whonix 15 22
If routing all traffic through Tor doesn’t
satisfy your need for privacy, Mayank
Sharma tests a resource-intensive
solution with a novel approach.
Jonni Bidwell knows how not to do a lot
Sparky Linux 2019.08 23 of things, including how not to pay
Sparks often fly when Jonni Bidwell puts
his review hat on and uses something that ransoms and how not to be fooled by
isn’t (gulp) Arch – but he’s deigned to do us social engineering scams… page 34
the honour here.
Dirt 4 25
Management is petrified, hiding in their
executive panic room from the mud
ROUNDUP INTERVIEW
monster entering the building, but it’s just
Andy Kelly after a season of rallying.
Text editors 28 Robin Schumacher 42

Which are the best text editors for Mayank Shama meets the VP of Products
programmers, writers and general use? at DataStax to talk about building success
Mike Bedford dares to find out! with open source software.
4 LXF254 September 2019 www.linuxformat.com

CONTENTS
ON YOUR
RASPBERRY Pi USER FREE DVD
Mageia 7.1
Raspberry Pi news 50 Q4OS 3.5
Buoys strut their stuff, there’s fancy new Pi Page 96
wallpaper, the Tektronix 4010 is revived –
and a message from Les Pounder.
Raspberry Buster 51
Les Pounder hasn’t seen the latest Toy
Story movie yet, but he’s already met
Buster in the form of the latest Raspbian
release all ready for the Pi 4.
OLED display monitor 52

TUTORIALS
Les Pounder shows us how to monitor a
Raspberry Pi 4 – running as a file server, TERMINAL: Tag master 58
for example – with a small screen and a Tagging people on social media posts still
little bit of Python code. foxes Shashank Sharma – but with TMSU,
at least the files on his disk are properly
Build a lightning simulator 54 tagged and organised.
Sean Conway provides the design details
to build a circuit for controlling LEDs using NOTES: Joplin and Standard Notes 60
Raspberry Pi GPIO ports – and creates a Nick Peers examines two solutions to help
very fancy lightning simulator. you record all kinds of notes on your PC,
plus access them on all your devices and
from all around your world.
CODING ACADEMY DESIGN: Sweet Home 3D 64

Neil Mohr fires up the standard open
Kernel assembly code 87 source home design tool.
John Schwartzman shows how to write
assembly language code that calls Linux ANDROID: Linux connections 68
kernel services and the C run-time libraries. Aaron Peters thinks Android and Linux
can live together in perfect harmony, and
Python: Building in Minecraft 92 he’s here to show you how.
Calvin Robinson hooks mods into the
Minecraft API so that we can directly ENCRYPTION: Hashicorp Vault 72
interface it with some Python Mihalis Tsoukalos explains how to install
programming for faster building – and to and use HashiCorp Vault from the
do some neat tricks. command line, Go and Python 3.
CUSTOMISE: Suckless Tools 76

Mats Tage Axelsson creates an image that
REGULARS AT A GLANCE is the smallest fully-fledged system you can
build and then expands it.
News 6 Subscriptions 26
Blender 2.80 arrives with a big industry
grant behind it, Valve wants to make Linux Back issues 66
IN-DEPTH
gaming better, the desktop goes all VR,
and we say farewell to the floppy. Again. Overseas subs 67 Database of the future! 46
Twiddling thumbs between sessions at a
Linux user groups 11 HotPicks 81 database conference, Mayank Sharma
Blackpool Raspberry Jam, the event run by Alexander Tolstoy hasn’t been busy ponders on the impact of the web on
our very own Les Pounder… using open source video editing tools to databases – and their future.
make Chernobyl 2.0: The CIA Did It, he’s
Answers 12 way too busy trying out the totally stable
Fixing file permissions, sorting out USB and not radioactive at all FOSS he found
sticks that go read-only, and getting a such as: Foliate, FUSS, CPU-X, Chomper,
modem to work! What year is this? TimeShift, Jade, Gifcurry, Libheif, Gotty,
Pentobi and Speed Dreams.
Mailserver 16
Do motherboards work with Linux? Are we Your free DVD 96
too retro? And someone makes a very
good point regarding the disk pages. Next month 98

Newsdesk
THIS ISSUE: New Blender gets minted Valve sorts out gaming
Linux VR Kazakhstan gets worried Farewell to the floppy
POPULAR SOFTWARE
Blender 2.80 arrives

with a sponsored fanfare
One of the most highly anticipated releases brings an overhauled
interface and serious industry money.
lender (www.blender.org) is arguably engine, while the 3D Viewport
B the most popular open-source 3D

creation suite in the world, powering
has been rewritten to be
optimised for modern
animated films, 3D applications and video graphics cards – and includes
games, and it’s just had a major update that a new LookDev shading mode
brings some exciting new features. Perhaps the for more realistic lighting. There’s also a new Blender 2.80 has been released,
biggest change with Blender 2.80 is the new user physics-based, real-time renderer called Eevee, bringing more features to the popular
interface, which focuses on making the software which replaces the internal renderer. You can open source software.
more accessible and easier to use. find out more about Eevee at http://bit.ly/
It now has a new dark theme and updated LXF254Eevee.
icons, which change depending on whether There’s been more good news for Blender, as
you’re using the light or dark theme, ensuring Epic Games – the developer behind some of the
they are clear and easy to read. It’s now easier most popular video games in the world – has
to interact with Blender, with support added for recently awarded the Blender Foundation $1.2
single-button trackpads and stylus inputs, while million as part of the company’s MegaGrants
a new right-click context menu gives users quick programme. The idea behind the programme is
access to useful commands depending on what
they are doing.
Templates and workspaces have also been
“THERE’S A NEW REAL-TIME
added, which aim to make getting stuck into RENDERER CALLED EEVEE.”
your creative work easier and faster. There are
several templates that you can load as a new file, to assist game developers, students and creators
including ones for 3D modelling, shading, – more at: http://bit.ly/LXF254MegaGrant.
animation, rendering, 2D drawing and a lot more. The money, which will be paid incrementally
Meanwhile, workspaces offer different screen over the next three years, is in recognition of
layouts depending on what task you’re Blender’s important role for game developers,
performing – and these are loaded up with with Tim Sweeney, founder and CEO of Epic
templates. They can be configured to suit Games, saying that “Blender is an enduring
people’s preferences and workflows. resource within the artistic community, and we
These are nice additions that should make aim to ensure its advancement to the benefit
using Blender easier, and the accessibility of all creators.”
options are particularly welcome – and so far it It’s also been announced that Ubisoft is
seems like the community has been very positive joining the Blender Foundation’s Development Epic Games is one of the biggest
about this latest release. There have also been Fund as a corporate Gold member, helping to names in gaming – and it’s investing
some big changes to the Workbench render fund online support for Blender developers. $1.2 million into Blender.

newsdesk
GaminG oPinion
Valve’s on a mission to Linux vr

boost Linux gaming desktop
The Steam developer proposes changes to
Linux kernel to improve gaming performance.
alve, the company behind iconic PC by any of them.” It appears the main
V games such as Half-Life and Portal (and

now perhaps best known for its Steam
beneficiaries will be games running in Wine, or
Valve’s gaming-orientated version known as
Lubosz Sarnecki
Senior Software Engineer,
game store), has long been an advocate for Linux Proton. According to the release notes for Proton Collabora
gaming – which it sees as a way of challenging 4.11 (http://bit.ly/LXF254Proton411), the
Microsoft’s Windows monopoly on gaming PCs. latest version includes “the fsync patchset, which
This has resulted in a surge of Linux games will leverage this new Linux kernel functionality to In recent years,
either running natively or via emulation, and it replace esync when supported.” several milestones have
even saw the creation of the gaming-orientated, These kernel changes, along with other been achieved towards
Debian-based distro SteamOS. improvements in Proton 4.11, appear to have making Linux the best
Now Valve is proposing changes to the Linux already borne fruit – with Valve showing a environment for VR and AR.
kernel itself to improve gaming on the open noticeable improvement in the performance The Linux graphics stack
source operating system. The proposed of Shadow of the Tomb Raider. was made aware of head-
changes (which can be seen at http://bit.ly/ mounted displays via DRM
LXF254ValveKernelChange) mainly deal with shadow of the leasing, Khronos specified
tomb raider
extending the futex (fast user-space locking) the OpenXR standard API,
performs
system call for optimal thread-pool and Monado became the
better using
synchronisation, and therefore improve Proton 4.11.
first OpenXR runtime for
the performance of CPU-intensive and GNU/Linux. The ability to
multithreaded games. Gabriel Krisman Bertazi, a interact with the desktop
kernel developer, states in the proposal that it’s from XR is one of these
“a new futex operation, called FUTEX_WAIT_ milestones.
MULTIPLE, which allows a thread to wait on In contrast to existing
several futexes at the same time, and be awoken VR-only window managers
CREDIT: Square Enix for Linux, the new open
source project xrdesktop
integrates into traditional
desktop environments,
Virtual reality allowing you to seamlessly
interact with a Gnome or
The Linux desktop moves to VR KDE desktop from VR.

The libraries implement
interaction with 3DUI
Gnome and KDE now support virtual reality. elements, generate mouse
and keyboard events from
irtual reality appears to be sticking controllers. For example, you can hold the trigger VR controllers, and can be
V around, whether you like it or not,

and now two of the most popular
button of the VR controllers that come with the
HTC Vive headset to select, place and rotate
integrated into any X11 and
Wayland window manager.
Linux desktop environments, Gnome and windows in a 3D space. The OpenVR API is
KDE, support it. As Lubosz Sarnecki writes Sarnecki’s blog post goes into a lot of detail supported, making
in a blog post announcing VR support about the work done on the project so far to xrdesktop usable with
(http://bit.ly/LXF254LinuxVR), the early bring VR to Linux desktops, and it’s well worth a headsets like the HTC Vive
days of VR on Linux were rough, to say the read. Even if you’re not particularly interested in or the Valve Index, and
least. Virtual reality headsets were treated VR, it’s a fascinating project that reimagines the OpenXR support will be
as a second monitor, which simply extended desktops we use every day and makes them added soon, providing the
the desktop onto it. usable in ways we wouldn’t have thought ability to run on a full FOSS
Now a new open source project has been possible a few years ago. XR stack. xrdesktop will
created, called xrdesktop (http://bit.ly/ It seems the project has gained a lot of interest soon be usable from the
LXF254xrdesktop), with a goal to render already, with Valve sponsoring xrdesktop. Valve real world, so you will finally
traditional desktop environments like GNOME recently launched its own VR headset, the Index, be able to place a terminal
and KDE in virtual reality 3D space – while so its support for xrdesktop certainly bodes well window in your
allowing users to interact with them via VR for the new project. See column (right) for more. kitchen!

NEWSDESK
CENSORSHIP
CREDIT: msykos, www.flickr.com/photos/

msykos/2572704701/ (CC BY 2.0)
OPINION
GREATER Kazakhstan internet

GOOD censorship fears
Internet users are being asked to install
a government security certificate. A Kazakhstan government certificate
might be used to spy on citizens.
nternet users in Kazakhstan have information from users on the internet, and
Keith Edmunds
is Tiger Computing Ltd’s MD,
I noticed that their web browsers have
begun asking them to install a security
according to CPJ Advocacy Director Courtney
Radsch, “this so-called security measure looks
which provides support for certificate issued by government authorities, much more like an attempt to increase the
businesses using Linux. raising fears that their internet security and government’s censorship and surveillance
freedom could be at risk. According to capabilities.” What’s particularly worrying is the
Kazakhstan mobile service provider Kcell, and as Kazakhstan government’s history of jailing and
Open source is about translated by the CPJ website, this is a measure censoring journalists and citizens.
community: the belief that, to “protect internet users from content that is While the certificate claims it will help ensure
between us, we can make prohibited by the laws of the Republic of the security of internet users – and at the
better software so that more Kazakhstan, as well as from malicious and moment doesn’t appear to be mandatory – the
people can benefit. That potentially dangerous content.” claims should be treated with caution. Many
might seem at odds with a However, by installing a government-issued users are calling on Mozilla and Google to block
commercial company, which certificate, authorities could intercept the certificate on their web browsers.
exists to make a profit and
provide value to its
shareholders, but it doesn’t
have to be.
Open source software
SMARTPHONES HARDWARE
is ideal for charities. The
website is an obvious
example, but Linux plus
LibreOffice, Thunderbird and
Librem 5 specs RIP floppy drive?
Firefox covers most, if not
all, of the functionality
required at the desktop.
announced Linus Torvalds announces end
of support for the legacy drive.
‘Charity’ doesn’t have to The final specs for the Linux- ans of retro games and software, and
be a household name. There
will be lots of local charities
based smartphone are out. F anyone with a nostalgic bone in their
body, are in mourning after Linus
near you that would urism, the team behind the much- Torvalds announced that the legacy driver for
welcome some help, be they
homeless centres, support
P anticipated Librem 5 smartphone which
runs a Linux-based operating system
floppy disk drives would no longer be supported
in Linux (http://bit.ly/LXF254FloppyDrive).
for older or disabled people, focusing on security and privacy, has released The move actually makes sense, as floppy disk
or even your local amateur the final specifications for the handset (http:// drives are increasingly hard to find and aren’t
drama group. bit.ly/LXF254Librem5specs), and they point easily installed on most modern motherboards.
As a reader of LXF, you to a pretty capable high-end smartphone. The Plus, most people who still use floppy disks will
have skills those charities specs include a 5.7-inch IPS screen with 720 x be using USB-connected drives, and these won’t
could use. That might be 1440 resolution, an i.MX8M quad-core be affected by the move. Still, it marks the end of
setting up a website, sorting processor, 3GB RAM, 32GB storage, Bluetooth an era for the iconic storage medium. There is a
out desktops or just being 4, 8-megapixel front camera and 13-megapixel happy ending here, as a maintainer has stepped
available when needed. Mail rear camera. Like most modern up, so perhaps our 34-pin friends will live on.
me on keith@tiger- (non-Apple) smartphones, it
computing.co.uk and tell uses a USB-C port to charge
me how you’re using Linux and transfer data, and it also
to help a charity. has a few features that most
Include your address and smartphones these days sadly
I’ll send a free copy of my lack, including a user-
book, The Linux Solution, to replaceable 3,500mAh battery.
the best mail received by 7
October 2019. The Librem 5 is shaping up to be a
powerful smartphone, but with a
high price as well - $699. Support for floppy drives in Linux might be no more…

NEWSDESK
Distro watch
OPINION
IN-DISC-
What’s behind the free software sofa? RETIONS
SPARKYLINUX 2019.08
The latest release of SparkyLinux’s semi-rolling branch,
based on Debian Testing, is now available and comes
with an updated kernel (4.19.37), a new Sparky6 theme
and a refreshed desktop look. GCC (Gnu Compiler
Collection) 9 has been added, though GCC 8 remains Jonni Bidwell
the default. You don’t need to reinstall the system to Jonni’s name is an anagram of
update – visit the release notes at https://sparkylinux. ‘Bio-dwell Jinn’ – another hint to
org/sparky-2019-08 for more information. his possibly mechanistic nature.
SparkyLinux 2019.08 is based on the
Debian ‘Bullseye’ testing branch.
Greetings reader.
Thank you for joining me over
LINUX MINT 19.2 here by the forgotten column.
This new version of Linux Mint is based on Ubuntu Here’s a fact: I’ve made nearly
18.04 LTS – which means it’ll get five years of support a dozen LXFDVDs now, and
– and it brings a number of user interface they mostly seem to have
improvements to make the distro look better, as well worked. Or at least no one has
as ensuring it’s easier to use. Each desktop complained. Amazing. There’s
environment edition – Cinnamon, MATE and Xfce – all kinds of subtle
get the update, and you can find out more at: awkwardness involved in
https://blog.linuxmint.com/?p=3786 making distros boot from an
Linux Mint is one of the most popular ISO file, but fortunately,
distros in the world, and its latest release thanks to disc editors past we
add some improvements to the UI. have a record of each flavour
of Linux’s peculiarities.
Big distros like Fedora and
DEEPIN 15.11 Ubuntu support ISO booting
A new stable release of deepin has been released, and out of the box (each in their
features a major change, with a new Cloud Sync own way), but for some
feature in the control panel. Users now have the ability reason their derivatives have
to burn optical media straight from the file manager. a terrible habit of removing
There have also been improvements and fixes for the this support. This issue was
kwin window manager, and general improvements to particularly tricky because
the user experience have been included as well. For Mageia is a little different. It
more: www.deepin.org/en/2019/07/19/deepin15-11/ uses the same tool as Fedora
(Dracut) to make its initrd,
deepin is a Debian-based distro that but seems to have gone out
focuses on the user experience, with the of its way to make ISO
stylish DDE desktop environment. booting hard.
I was able to unpack the
initrd, fiddle with the init script
ORACLE LINUX 8.0 per Mageia 6, but when I
Based on the source code of Red Hat Enterprise Linux packed it all up again… kernel
8, this enterprise-class server distro brings a number panic. I sought advice from
of new features and enhancements, such as the Neil Bothwick oracle, who
Application Streams, which according to the release helpfully informed me that
announcement (https://blogs.oracle.com/linux/ the devil was in the detail,
announcing-the-release-of-oracle-linux-8), allows and one needs to add
“multiple versions of user space components [to] be --check=crc32 to the xz
delivered and updated more frequently than the core Oracle Linux 8.0 is an enterprise- incantation. Magic. What
operating system packages.” orientated distro based on the RHEL would we do without
source code. greybeards? And distro
makers: please do stop
removing ISO-booting
support. Please?

Newsdesk
Kernel Watch
opinion
gone
floppy
Jon Masters summarises the latest happenings in
the Linux kernel, so that you don’t have to.
inus Torvalds announced the first Linus around how he would like to see disruptive
L few release candidates for what will
become Linux 5.3 in a few more
patches merged in general from now on.
Steven Rostedt announced the long-awaited
weeks. In his announcement, he noted that release of KernelShark 1.0. This is a tool that
Jon Masters is a kernel hacker 5.3-rc1 was a “pretty big release, judging by uses the output of the versatile trace-cmd utility
who’s been involved with Linux for the commit count. Not the biggest ever that to visualise the behaviour of a running Linux
more than 22 years, and works on honour still goes to 4.9-rc1, which was system, and in particular where it is really
energy-efficient Arm servers. exceptionally big. He also noted that this cycle spending its time. For example, it can allow a
had “started out pretty painfully” due to a few developer or admin to observe the behaviour of
Many of us who began bugs in the first few days but had “mostly the scheduler as it migrates tasks across cores.
using Linux in the smoothed out towards the end of the merge Underneath, trace-cmd relies on the FTrace
early days did so through Linux kernel function-tracing
distributions that shipped on
one or (usually many) floppy “There had been a few patches infrastructure, which includes
various trace points defined in the
disks. My very first Linux
distro came on 200 floppies,
merged through the graphics kernel source. Developers add
these at critical points useful to
each of which I wrote after tree that really annoyed Linus.” later analysis.
downloading a disk image To use KernelShark, you first
over a (‘high speed’) window”. Finally, he reminded us that there execute a ‘trace-cmd record’ (optionally with
100Kbps internet were about 1,600 individual developers in parameters to select filters and plug-ins) in order
connection I had access to Linux 5.3, many more than the maintainers to capture a suitable log file containing a trace of
once per week. It was with shown in the changelog listings. various kernel events. This log is then post-
some nostalgic sadness, During the 5.3 merge window there had processed and visualised with the KernelShark
then, that floppy support been a few patches merged through the ‘drm’ tool, through which events can be filtered by
appeared to reach the end (direct rendering) tree that had really annoyed process (task), CPU and various other criteria.
of the road in Linux 5.3, with Linus. In large part this was because they This is similar to the behaviour of network packet
Jiri Kosina marking it as made “a whole slew of questionable core VM protocol analyser WireShark, hence the name.
‘orphaned’ (see page 8). [Virtual Memory] changes there, and The 1.0 release has been completely rewritten
In case you never had the absolutely none of them look obvious, and using the Qt graphics framework in place of the
pleasure, floppies were a none of them have acks from any of the VM older GTK one. As such, it is “faster, it’s more
low-cost storage medium people”. This lead to a set of thoughts from extensible, and easier to use”.
commonly used until the
turn of the century in which
data was stored on a flexible ongoing DeveLopment
(‘floppy’) plasticated
magnetic disk, housed Palmer Dabbelt (the RISC-V maintainer) that can be handled by the underlying
within a sleeve of soft or posted a patch implementing a new Linux hardware. In sub-page support, Intel
hardened plastic. Different system call, named fchmodat4(). The enables an ability to manage protections
geometries existed, existing manual page for fchmodat says in a much more fine-grained manner. This
including 5.25-inch and 3.5- that it takes a ‘flags’ argument, but the is especially useful for emulating hardware
inch sizes, with capacities existing system call does not, meaning that in which different sets of registers with
typically up to 1.44MB – certain scenarios aren’t covered in the differing sets of access permissions may
while reliability varied existing code. These include cases where be closely placed in memory.
considerably with cost, and a user wants to override the handling of Matthew Garrett posted versions 35 (and
wasn’t particularly great at symbolic links. then 36) of a patch series implementing
the best of times. Yang Weijiang posted “Enable Sub-page “Kernel lockdown functionality”. These
There are still a few floppy Write Protection Support”, patches that patches aim to allow a Linux kernel to be
users left, and new systems enable Virtual Machine Monitors (VMMs) ‘locked down’ suitably so that it might –
featured drives right up until such as KVM or Xen to provide ‘sub-page’ out of the box, without downstream distro-
2006 or later. Fortunately level privileges for regions of memory. specific patches – support such things as
for those who still want Typically, Linux manages memory in pages Secure Boot and more. This has been a
to re-live yesteryear, a that represent the smallest unit of memory long time coming!
new maintainer has
been found.

LUGS
LinuX useR gRoups

The intrepid Les Pounder brings you the latest community and LUG news.
Find and Join a Lug Blackpool Raspberry Jam

Build Brighton An event run by our own Mr Pounder…
Thursday evening is open night.
http://buildbrighton.com eptember marks the fifth computing, and so offering a free
Cornwall Tech Jam
Second Saturday of the month, alternating S birthday for Blackpool
Raspberry Jam (http://
computing session once per month
in a local library means that every
between Bodmin and Camborne blackpoolraspberryjam.co.uk), child can experience learning to code
www.cornwalltechjam.uk encompassing 52 events over five and creating something unique.
Thingqbator years with zero budget. Like many BRJ also started a micro:bit
An IoT-focused makerspace, meeting weekly at Jams and user groups, BRJ operates lending scheme enabling children
The Shed MMU. on a voluntary basis and the team are across the town to borrow a micro:bit
mcr.thingqbator.org
lucky to have two STEM ambassadors as easily as a book. Running a LUG,
Leeds Hackspace leading the event. It hasn’t always Jam or user group is a rewarding
Open night every Tuesday 7pm-late. Open day been rosy for the Jam, and at times experience. It enables you to learn
second Saturday of the month, 11am-4pm.
running one can be immensely new skills and network with others
http://leedshackspace.org.uk
difficult. There will be times where who have similar interests.
Huddersfield Raspberry Jam very few or no one turns up, but there If you don’t have a local meeting,
Meet every month at Huddersfield Library,
will be times where everyone turns up why not start one and let us know
typically the fourth Saturday of each month.
and you are pulled from pillar to post about it?
Huddersfieldraspberryjam.co.uk
trying to help everyone learn
rLab Reading Hackspace
something new.
Unit C1, Weldale St, Reading, Open Sessions
Running BRJ has been
Wednesday from 7pm.
http://rlab.org.uk a great privilege as it has
enabled children across
Horsham Raspberry Jam
the town to experience
Park Side, Chart Way, Horsham.
www.facebook.com/hackhorsham using code to control
robots, circuits and create
Maidstone Hackspace
Holds open evenings every Wednesday lots of creative projects.
from 5:30pm to 8:00pm. Blackpool is a seaside town
https://maidstone-hackspace.org.uk with high levels of social
Glasgow Makers and Hardware Hackers deprivation and poor
Mitchell Library, Glasgow. uptake of computing. Many
blackpool raspberry Jam offers access to
www.facebook.com/groups/115303729096198 families cannot afford or
technology for every person who attends, with
have little knowledge of experts on hand to help everyone get coding.
Community events news

such as Netflix, Google and Amazon will four full days of sprints, workshops,
be on hand to talk about how they use conferences, talks and social events
Python in their workflows. There are for all participants.
talks, workshops, lightning talks, job fairs https://sintra2019.ubucon.org
and a great social track. Find out more
via their Twitter account. PiWars 2020
https://twitter.com/pycon 28-29 March 2020 is when robots will
wage war! At the Cambridge Computer
UbUCon EUroPE 2019 Laboratory there will be robots of all
PyCon 2020 Ubucon is an event organised by the shapes and sizes battling for superiority
PyCon is the largest Python conference worldwide Ubuntu Communities and across many different courses, and all
in the world, and it is awesome! For 2020 takes place from 10-13 October in Sintra, guaranteed to be less irritating than
the event moves location to Pittsburgh, Portugal. Ubucon focuses on Ubuntu Robot Wars (awooga?–Ed). This event
Pennsylvania from 15-23 April 2020. If (which readers of LXF should already be is a must-see for Pi fans, and there is
you work with Python in any way, this well aware of), and other free and open still time to submit your robot.
event should be on your list. Companies source technologies. There will be https://piwars.org/2020-competition

Answers
Got a burning question about open source or the kernel?
Whatever your level, email it to [email protected]
Neil
Bothwick
wonders if
Tux dreams
of electric
fish?
Q Lost in Orbit
I run Slackware 14.2. My very old
them. As well as checking /usr/share/
X11/xorg.conf.d, X also checks for files in
correctly, while the final option identifies
which of the trackball inputs to use for the
and favourite Logitech trackball died of /etc/X11/xorg.conf.d and settings in the wheel. There are other options you can use
old age, and I’ve replaced it with a latter directory take precedence. These to customise the operation of the trackball,
Kensington Orbit trackball: two buttons files are not affected by your package or any other input device – for example,
(left 1, right 3), a ball to move the cursor manager, so this is the place to put your altering the sensitivity. See the xorg.conf
and a ring as a horizontal scroll wheel. own customisations. This is what I have man page for a full list.
I cannot paste highlighted text as the in my own /etc/X11/xorg.
two buttons simultaneously do not
function as button 2.
conf.d/10-trackball.conf:
# Settings for a Kensington Orbit
Q Access denied
I am trying to access a file located
I’ve checked the buttons using xev trackball at /etc/mpd.conf with Text Editor but
and xinput, and need an appropriate Section “InputClass” am being denied as I don’t have the right
section for /usr/share/X11/xorg. Identifier “evdev pointer catchall” permission. What gives? I am using
conf.d/10-evdev.conf. MatchIsPointer “on” Linux Mint 19.1.
Brody Jones MatchDevicePath “/dev/input/event*” A. K. Stirling
Driver “evdev”
A I too had a Logitech trackball. Mine

too died after a few years. I also
Option “ButtonMapping” “3 2 1 4 5 6 7 2
9”
A Linux operates a system of file
ownerships and permissions. Each
replaced mine with a Kensington Orbit Option “Emulate3Buttons” “True” file or directory has an owner, and the
trackball, so I have some idea of what you Option “EmulateWheel” “True” default setting is for everyone to be able to
are going through. As you indicate, it is Option “EmulateWheelButton” “9” read the file, but only the owner is able to
normal to press both buttons at once to EndSection modify it. You will have created a user when
simulate a middle button press on a two- The ButtonMapping alters the order you installed Mint, or any other desktop
button device, but this is not working by of the buttons; in this case buttons 1 and Linux distro. That is the user you log in as,
default for you. You do indeed need to add 3 are swapped around. These are the left and the user that is able to modify files in
to XOrg’s configuration files, but you and right buttons and I am left-handed (me your home directory. However, /etc is a
should not touch the files in /usr/share/ too!–Ed). Funnily enough, I never bothered system directory, along with other
X11. Why? Because these files are to swap the buttons with a mouse, but on directories such as /, /usr and /var.
maintained by your package manager and a trackball it became almost essential. There is a special user, called root, that
would be overwritten by new versions The next two settings ensure the middle owns the system directories and files.
when updating the package that provides button emulation and wheel scrolling work You could log in as the root user to edit
a system file like this. Most desktops block
root logins, as there is rarely, if ever, a need
to load a whole desktop as root, and you
could do a lot of damage with a careless
click of the mouse. However, you can log
in as root from a terminal, using the su
(switch user) command. This requires the
root password and some distros, including
Linux Mint, disable the root account by not
setting a password for it.
Don’t worry though, all is not lost. There
is a command called sudo that is able to
run an individual program as another user,
most often root, and this requires only
the user password. That may seem a little
insecure, allowing you to run commands
as root without the root login credentials,
but sudo can be set to allow only certain
users to run root commands, and even
Most system files are owned by the root user, as seen here in /etc, so you need root permissions to modify them. limit the commands a user can run. Linux

Answers
Mint and its brethren give the user that

was created during installation the rights
to use sudo to run root programs, as the
first user is considered the administrator.
That’s why programs like the update
manager ask for your password before
installing updates, because software
installation has to be done as root. If you
created a second user, they would not be
able to use sudo by default.
So how do you use sudo to run a
program as root? Just prefix the command
you want to run with sudo – the catch is
Xxxxxxxx
that this has to be done in a terminal. The
text editor on Mint is called xed – you can
see this in the About window of the editor
– so to edit a file as root, open a terminal
and run: Look at the system log or journal as you plug in a USB modem; you should see it identified as a CD-ROM first,
$ sudo xed /etc/mpd.conf followed by usb_modeswitch being run to convert it to a modem.
Xed is quite helpful in this case as
it warns you that you are running with usb-modeswitch installed. You may need using a 32G HP USB stick. Somehow,
elevated privileges. Remember that the to run it after plugging in the modem, but during the process, the USB stick
root user can access, change and delete most distros also install a set of udev rules became ‘read only’ or write-protected.
any file on the system, which gives you a to run it automatically. I can read and copy from it, but can’t
unique opportunity to break your system This is a set of rules, a separate one write or format it. I’ve tried fdisk, cfdisk
if you’re not careful. Although mpd.conf for each make and model of modem, of and gparted but they all refuse to write.
is hardly system-critical, be careful when which there are many. If you have usb- Malcolm Lang
editing any important files. And how do modeswitch installed on the non-working
you know which are the important ones?
A simple rule of thumb is that if you don’t
systems but still have to run it manually,
it would be worth checking the rules file to
A Did fdisk or gparted successfully
partition and reformat the stick, or
know what it is for, treat it as important. see if your modem is included. The rules did they complain about it being read-only
file is found in /lib/udev/rules.d/ and too? Assuming that you have no
Q Missing Mint modem

Why can’t I connect to the internet
contain modeswitch in its name. Each rule
will be of the form:
irreplaceable data on the stick, I would
check if the stick is writeable at a low level
when using Mint or Zorin installed from ATTR{idVendor}==”19d2”, with dd. Plug in the stick but do not mount
Linux Format? I am using a Vodafone ATTR{idProduct}==”0031”, RUN+=”usb_ it – disable your automounter if necessary
HSPA USB stick, model K3772Z. I have modeswitch ‘/%k’” – then run:
no problem with Ubuntu or Peppermint. The vendor and product IDs for your $ dd if=/dev/zero of=/dev/sdX
Gretchen Siegling device can be found by running lsusb – This should write zeros to the whole
for the above device, this gives: stick; it will fail when it runs out of space,
A The most likely cause of this is that
the stick is not appearing to the
Bus 002 Device 007: ID 19d2:0031 ZTE
WCDMA Technologies MSM MF110/
but this should only be after it has written
32GB of data. You may want to watch the
system as a modem, and there are two MF627/MF636 kernel messages generated while doing
main causes for this. Clearly the hardware If your device is not included, either this by running:
is all working and supported – it’s just a modify one of the existing rules, or copy $ dmesg -w
matter of determining the differences the rule from a working system. It is not as root in anther terminal. Do this before
between the configurations of the different good practice to modify the file in /lib/ plugging in the stick, so you can see any
distros. The first step is to find out what udev/rules.d as this may be overwritten error messages when you do that too. This
the distro thinks you have plugged in, so by a future software update. Instead, should give you an idea of the health of the
open a terminal and run: create a file in /etc/udev/rules.d – the stick. If all works without error, you now
$ sudo journalctl -f name is not important as long as it ends in have a blank stick and should be able to
Then plug in the stick; if you are using a .rules – containing the rule for your device. partition and format it.
non-systemd distro, replace this command Another possibility is that you do not If you get any sort of error when doing
with dmesg -w . It should be identified as a have a suitable module (driver) for your this, particularly one that makes the stick
modem and you will see references to modem. This is unlikely, as support for appear read-only, you probably have a
/dev/ttyUSB. These devices often use a these is very good. You can see which faulty drive. The flash memory in USB
trick on Windows where they first appear modules are used by looking at the system sticks doesn’t last forever – they don’t
as a CD-ROM device, then the Windows log or comparing the output of lsmod have the sophisticated wear-levelling
driver sends it a command to switch it into before and after plugging it in on a working controllers that help SSDs last a long time,
modem mode. They do this so that they system. Compare with the other distros. so the flash memory may be worn out.
can include the driver installer on the stick. USB sticks are also susceptible to damage
On Linux, the usb-modeswitch
command is used to turn on the modem
Q Sticky problem
I have a problem with a USB stick.
from static electricity, especially when
carried in your pocket without a protective
side, so if the stick is identified as a storage Recently I was downloading Slackware’s cap, so you may have fried the electronics
device, make sure you have Current tree to upgrade my system. I was in this way.

Answers
Lastly, and this is actually the first thing

you should check, some flash memory
devices have a switch to make them
read-only, but I’m sure you have already
checked that. I know I would never get
caught out like that... (ahem).
Q Desktop shortcuts
I’m using Arch Linux with KDE
Plasma as my desktop environment and
I wonder if there is any way to create a
shortcut so that when I click on it, it will
run the command I want in a terminal.
Max Roberts
A You can do this, and the mechanism

is the same for all desktop
environments and distros, thanks to the
wonderful world of standards. Desktop
icons are defined by .desktop files in
~/Desktop, and these can be created KDE, along with most desktops, enables you to create desktop icons to run terminal programs. Or you can dive
through the desktop’s own mechanisms straight into creating .desktop files by hand.
or with a text editor. This is where the
standards bit starts to fall down, as and turn on ‘Run in terminal’. You may Type=Application
desktops may have slightly different ways also need to enable ‘Do not close when The actual file created by the desktop
of doing this. command exits’. Unless your program contains a few more lines, but these are
In the case of KDE, right-click the waits for input after running, the terminal the key options that enable you to create
desktop and select Create New > Link to will flash open and close again before a desktop icon for an application. Most of
Application. Set the name in the General you can read the output without this. You the options should be self-explanatory.
tab of the window which this opens, and can change these settings later by right- The desktop file always starts with
then go to the Application tab and change clicking the icon and selecting Properties. [Desktop Entry] and you need Exec to tell
the name there too – this is what you This creates a .desktop file in it what to run, Type=Application to tell it
will see on the desktop. Then either type ~/Desktop, which uses a format like this: to run a program, rather than for example
the command in the relevant box or use [Desktop Entry] viewing a file, and the Terminal options
the Browse button to select it from a file Exec=free -h for your needs. Desktop files are not only
dialogue. For a GUI program, this is all you Icon=org.kde.plasma.systemmonitor.net used for icons; if you were to copy, or link,
need to do, but a command-line program Name=Free memory the file you just created to ~/.local/share/
will have nowhere to show its output, Terminal=true applications, you would also get a menu
so press the Advanced Options button TerminalOptions=\s--noclose entry for your command.
Get help now!

a quick reference to… tree
We’d love to try and answer any questions
Graphical file managers let you view the useful for something like a home you send to [email protected],
contents of a directory or one of its directory with lots of nested no matter what the level. We’ve all been
subdirectories, as do the ls and dir subdirectories. stuck before, so don’t be shy. However, we’re
commands in the shell. Most graphical -D shows the last modification time only human (although many suspect Jonni
managers also let you view directories in of each file. is a highly nested search algorithm), so it’s
a tree format where you can see both -p shows each file’s type and important that you include as much
subdirectories and their contents in a permissions. information as you can. If something works
single view – but what if you want to do -h shows the size of each file, in on one distro but not another, then tell us. If
the same in a terminal or SSH session? human-readable format. you get an error message, please tell us the
There is a command-line tool that does --prune hides empty directories. exact message and precisely what you did to
just this, and it is called tree – no cryptic -P pattern shows only files that match invoke it. If you have, or suspect, a hardware
two-letter name here. the given wildcard pattern. problem, let us know about the hardware.
Run with no arguments, tree prints a -f prints the full path for each file. Consider installing hardinfo or lshw. These
listing of the files and directories in the There are plenty more options programs list the hardware on your
current directory and those below it. including the ability to output in XML, machine, so send us their output. If you’re
As with ls, you can pass the name of a HTML or JSON, control the colour of unwilling, or unable, to install these, run the
directory to list and there are several output and much more. The man page following commands in a root terminal and
options that alter the output. Some of details them all. Tree is not a send us the system.txt file too.
the most useful are: replacement for ls, but a complement uname -a > system.txt
-a shows hidden dotfiles. to it, each of them performing useful lspci >> system.txt
-L N only goes N directories deep, but different functions. lspci -vv >> system.txt

Discover another of our great bookazines
From science and history to technology and crafts, there
are dozens of Future bookazines to suit all tastes
you buy direct from us not available anywhere else super-safe ordering
Mailserver
Write to us at Linux Format, Future Publishing, Quay House,
The Ambury, Bath BA1 1UA or [email protected].
Not compatible? Linux-compatible. There’s certainly a large range of

You have just about covered installing Linux on a peripherals – usually USB-based, certainly Wi-Fi
Chromebook laptop, but what about those of us who dongles – that you do need to check will work, but
want a desktop with a bit more power and capability? that’s a more complicated area.
Suppliers of components (motherboards, CPUs and When we’re talking motherboards, processors,
so on) all profess a total ignorance of Linux, and offer memory, drives, displays, these are core PC
no help or advice regarding component suitability. components that are designed to work around the core
From somewhere I seem to remember there was a interface protocols that make a PC modular and the
compatibility site – does such a thing continue to parts interchangeable. As Linux recognises those
exist, and is it up to date? Maybe you could run a protocols – as they are open standards – the Linux
hardware list of the components you use. Because kernel will work. There’s way more to this and it sounds
all the wonderful software is useless if there is no like it could be part of a feature… That’s not to say you
hardware on which it can be run. might not run into the odd issue, but then you can say
Peter Brearey the same to Windows users.
Having said that, with motherboards I can imagine
Neil says there being issues with individual parts such as
I’m just going to come out and say it (until someone Ethernet, Bluetooth or audio components. But if you
tells me to stop): 90 per cent of core components are stick to well-known makes that use Intel or Broadcom
WIN A SECURE NITROKEY STORAGE 2

Send your thoughts to the Linux Format dungeon
server at [email protected],
be picked as Letter Of The Month and
win* a 32GB Nitrokey Storage 2!
The Nitrokey is worth a cool €149, has 32GB of
hardware-encrypted storage, supports hidden
volumes, secures your online accounts with one-
time passwords, can encrypt emails, files and hard
drives and is an open source, open hardware The Nitrokey is
solution. Protected with AES-256 and RSA keys up your one-stop Will this motherboard work with
to 4,096! Learn more at www.nitrokey.com. security solution. Linux? Who knows? The manufacturer
sure won’t tell you.
Helpdex
[email protected]
* For full terms and conditions see: www.futureplc.com/terms-conditions

MAILSERVER
parts, which you can and should look up beforehand,

everything should function. LETTER OF THE MONTH
On a practical level I can’t see how a site could
provide total Linux compatibility details, even if it relied Spec me up
on user-submitted reports. Wow, I’m not much help! One point regarding the ‘On The Disc’
section, plus reviews of distributions:
Good content I have a few PCs that are unable to
I’m a new subscriber to Linux Format. So far I’ve run versions of Windows that
really appreciated the dedicated research and writing Microsoft still supports. To get a bit
going into the magazine. It’s hard to find good more life out of these machines I would like to install one of the
content these days, with such a diluted and 32-bit distros of Linux. Here I could tinker and learn about Linux
overwhelming array of information on the Internet. without fear of crashing my main machines: two Linux laptops
I am looking forward to learning more about the and one Windows 7 desktop.
Raspberry Pi and coding for it. The key bit of information missing in ‘On The Disk’ is what
Sjpc, email minimum hardware is needed to run the distro (processor, RAM
and so on). For my machines I am fortunate that they have DVD
Too retro drives, so I can use the Live image to try them out, but these days
I love the editorial title ‘We’re so retro’. Go for it. But many machines only have USB. It would be a pain to write the
give a moment to those of us buying the magazine. I USB only to find out that the machine was underpowered. Can
am always keen to see what you add to the cover by you please add the minimum hardware specs to the article?
way of a DVD – usually an OS plus utilities and so on. Ralph Taylor
But I have to ask, why a DVD? I know it is hard to
attach and ship a USB memory device. Maybe an SD Neil says
or microSD card? All suitable for repurposing. These This is a good suggestion – I’ll have a chat with Jonni about it (yay,
days, bar those hell-bent on holding on to the past – more work – Jonni). I can imagine having a short list at the start of
aka your retro-inclined fans – who has a drive each distro write-up on the disc pages. I’d always dismissed the need,
capable of reading such a format as DVD? as I presume people have good
Having said that, I actually do – but it sits in a box enough hardware, but there’s
until I feel nostalgic (kind of retro) and want to rip an always going to be someone that
old DVD I have archived in a box from a decade or so needs to know.
ago, the last being The Life of Brian – well worth it. If I do see an issue in that I don’t
it must be physical then think every developer offers
SD/microSD. If not, then minimum specs, but certainly
BitTorrent or similar. I there are details such as having a
don’t buy the magazine CPU with PAE support or SSE2,
for the attached DVD. To though this requires people to
my shame, it normally know what these are in the first
goes in the bin – not 32-bit support is going, but distro place. I’d expect we’d have to
sustainable! No, I buy LXF hardware support is more nuanced explain this too, so nothing’s
because it is damn good! than that. ever simple…
Paul, Dublin, Ireland
Neil says 1Mbps region, so

You’re right, it’s a small (but a 4GB DVD with a couple distros on there can help.
significant enough) percentage USB key, SD card or DVD, I’d suspect there’s going
of the LXF readership that actually to be waste in one form or another. Ultimately the DVD
wants the DVD. Even in the UK, I would suspect is doomed to retro history, but there’s
anyone that lives in country areas no murmurings from management about doing away
can find their ADSL speed down in the with it as yet.
WRITE TO US
Do you have a
burning Linux-
related issue
that you want to
discuss? Write
to us at Linux
Format, Future
Publishing, Quay
House, The
Ambury, Bath,
BA1 1UA or email
lxf.letters@
futurenet.com.

REviEwS
AMD Ryzen 9 3900X
As AMD’s third-generation Ryzen vies for the CPU throne,
Jarred Walton goes all Zen 2 on us.
he build-up to AMD’s launch
SPECS
Ryzen 9 3900X
T party for its Ryzen 3000
CPUs – aka third-
Socket: AM4 generation Ryzen, aka Zen 2 – has
Type: 64-bit been huge, and the Ryzen 3000
Arch: Zen 2 processors are the first mainstream
Process: 7nm CPUs to utilize a 7nm manufacturing
Cores: 12 process. After flirting with the crown
Threads: 24 for the first two Ryzen generations,
Clock: 3.8GHz this could be the day when AMD
(Turbo 4.6GHz) claims an outright victory. But how
Cache: 64MB has it managed this feat?
L3, 6MB L2, Zen 2 adds an improved L2 TAGE
768KB L1 branch predictor, has a larger micro-
Mem: 128GB op cache, doubles the maximum size
max, DDR4- of the L3 cache to 32MB per CCX
3200, two and doubles the AVX floating-point
channels performance. There’s also a third
PCIe: v4.0, address-generation unit, larger You won’t even need a new
20 (16+4) buffers (reorder buffer, integer AM4 motherboard to use
TDP 105W scheduler, physical register file, entry the new processors.
store queue and more),
Ryzen 7 3700X multiplication latency is reduced to
Socket: AM4 three cycles from four and there are wider buses (256-bit For testing we’re using 16GB of fast DDR4-3200 CL14
Type: 64-bit instead of 128-bit) to improve bandwidth. PCIe Gen4 memory for all the mainstream platforms. All the newer
Arch: Zen 2 support is included, along with changes to the Infinity platforms also use an M.2 NVMe SSD for a boot drive,
Process: 7nm Fabric that links everything together, and there are though it’s not the same drive on every system – which
Cores: 8 improvements in memory compatibility. shouldn’t make any difference, as none of the tests are
Threads: 16 Wrap all of that up in a 7nm bow, then move the storage-intensive.
Clock: 3.6GHz memory controller out of the main CPU chiplet and
(Turbo 4.4GHz) into a secondary IO chiplet, and stick both into a single Ryzen, let’s get cracking
Cache: 32MB package – with the option to have dual-CPU chiplets For the first round of testing, we’re using AMD’s Ryzen 9
L3, 4MB L2, on higher tier models. That’s the Ryzen 3000 family. 3900X and Ryzen 7 3700X in an Asus ROG CrossHair VIII
512KB L1 Currently it has everything from six-core/12-thread Hero Wi-Fi (X570-based) motherboard. Memory is 16GB
Mem: 128GB models like the Ryzen 5 3600 that uses a single CPU G.Skill TridentZ Royal DDR4-3600 CL16. The good news
max, DDR4- chiplet with two CCXes, up to the current king of the hill: is that gaming performance is improved by nearly 10 per
3200, two the Ryzen 9 3900X, with 12 cores and 24 threads spread cent on average relative to the Ryzen 7 2700X. The bad
channels out over two CPU chiplets. The Ryzen 9 3950X will be a news is that overall the Core i9-9900K (8c/16t) is still
PCIe: v4.0, 16-core/32-thread solution. Phew! about 10 per cent faster.
20 (16+4) But how does third-gen Ryzen perform? AMD has The other good news is that when it comes to gaming
TDP 65W been more than willing to sell users more cores and performance, this difference between AMD and Intel
threads at lower prices than Intel, and that in turn has CPUs really only matters if you’re running at 1080p Ultra
forced Intel to step up from four-core/eight-thread with an RTX 2080 Ti – maybe you’re aiming for 144fps
mainstream CPUs such as the i7-7700K and finally start and above. If you run a slightly slower GPU, even an RTX
offering six-core/12-thread and eight-core/16-thread 2080 or 2070 Super, the gaming performance gap
models without forcing users onto the X299 platform. between the CPUs shrinks. Running at 1440p or 4K will
It’s a good thing, too, as X299 often ends up also shrink the gap (4K usually ends up a tie), and if you
performing quite a bit worse than Z390/Z370 when it run 1440p and use an RTX 2080 or slower GPU, most
comes to games. That’s because the more complex high- differences won’t be visible short of running benchmarks.
end desktop platforms end up increasing the latency of That’s not to say that Intel’s CPUs aren’t faster: they
certain operations, and games are often very sensitive are. Even the Core i7-7700K and Core i5-9600K come out
to such latencies. just ahead of the Ryzen 9 3900X in our tests. But AMD

Processor Reviews
does beat Intel’s i9-9980XE, if you’re thinking about a

£1,900 CPU for gaming purposes. It’s pretty consistent ThE ZEn 2 ARChiTECTuRE
across games using settings where we’re at least
somewhat CPU-limited. AMD loses in absolute gaming Zen 2 is more than just a die-shrink. At a high level, AMD claims its
performance, again, but not by much. As it stands, the IPC (Instructions Per Clock) are 15 per cent higher than Zen+. So for
Zen 2 architecture improves performance compared to the same number of cores and the same clock speed, Zen 2 should
Zen+, but it doesn’t fully close the single-threaded and be 15 per cent faster. But how did AMD get that improvement? It’s all
gaming performance gap. in the architectural details.
The other side of the coin is non-gaming performance, One big update is the doubling of the L3 cache size. On the single-
and here AMD makes some massive inroads against Intel. chiplet Ryzen 5/7 parts, there’s a 32MB victim cache – meaning that
The Core i7-8700K was slower overall than the Ryzen 7 data in the L2 cache doesn’t get replicated into the L3 cache. An
2700X last year, which is why Intel released the Core exclusive cache, if you prefer. The dual-chiplet Ryzen 9 CPUs,
i9-9900K. That’s an eight-core/16-thread CPU, and going meanwhile, come with a combined 64MB L3 cache.
up against AMD’s new Ryzen 7 3700X – also an eight- So what do those massive cache sizes do for memory latency?
core/16-thread CPU – Intel is barely hanging on to a lead AMD says on average that the effective memory latency is reduced
in multithreaded CPU performance. by 33ns relative to Zen+, which in turn can improve performance by
Toss in the 12-core/24-thread Ryzen 9 3900X, and it’s up to 21 per cent – and that’s in games. The larger L3 cache sizes do
not even close: AMD’s 3900X is 21 per cent faster than cause a slight increase in cache latency, but compared to the roughly
Intel’s i9-9900K, at the same nominal price (Intel is more 200-cycle latency of system memory, the benefits should be great.
expensive because you need an aftermarket cooler). AMD has added a new TAGE branch predictor in Zen 2.
Fundamentally incorrect branch predictions cause big performance
Ryzen? Ry not? hits; the 19-stage pipeline gets flushed and restarted, so every branch
Factoring gaming and single-threaded performance into miss is a major opportunity for performance improvements. Zen 2
the mix, AMD’s Ryzen 9 3900X still claims a nine per cent keeps the Perceptron branch predictor for its L1 cache (which already
lead over the i9-9900K, while the latter leads the 3700X works well), but adds the more complex TAGE branch predictor for
by nine per cent in multithreaded testing. With the Ryzen the L2 cache. The net result is that AMD says Zen 2 will make 30 per
7 3700X, the closest Intel competitor by price is the cent fewer incorrect branch predictions.
i7-9700K – again, AMD has a bigger price advantage as Finally, AMD has doubled AVX performance. Whereas Zen/+ had a
you don’t need to buy a separate cooler. Intel leads by 13 two-cycle latency for AVX256 instructions, Zen 2 is single cycle.
per cent in the gaming tests, but AMD leads by four per There’s a related change to the load and store bandwidth, which is
cent in multithreaded performance. now 256 bits wide instead of 128 bits. Also, multiplication latency is
How much do those differences really matter? It three cycles, down from four cycles. For applications that use AVX2,
depends on how you use your PC. We know a ton of the gains should again be substantial.
people that never do any form of 3D rendering. Even
video encoding, or transcoding, isn’t something that
‘most’ people do on a regular basis – it’s very important If you’ve been hovering between AMD or Intel for your
for streamers and video professionals, certainly, but not next PC build, AMD is generally the better pick now. You
really a critical item for a lot of users. If it takes five can get excellent multithreaded performance, gaming
minutes instead of six minutes to encode a video, but still performance is close enough that only benchmarks or
takes 15 minutes to upload the result to YouTube where it extremely competitive gamers would likely even notice,
will inevitably get mangled by indifferent re-encoding while price and features are also in AMD’s favour.
regardless, does the one minute saved really matter? You get PCIe Gen4, you get a dedicated x4 PCIe
As a value proposition, it’s easy to love AMD and its connection for your primary M.2 NVMe SSD, you get
Ryzen processors. Intel sat around making four-core/ more cores, you even get lower power use. Plus, so far –
eight-thread as its top consumer solution for seven years knock on wood – all of the side-channel attack exploits
when AMD wasn’t really competitive. Then Ryzen comes such as Spectre, Foreshadow, MDS and Fallout target
along and delivers eight-core/16-thread solutions to the Intel CPUs and don’t work on AMD’s CPUs.
masses, and suddenly Intel starts selling six-core and What’s more, you get all of that at equivalent or
eight-core mainstream processors. It’s really not hard to lower prices than you’d pay for Intel.
see why.
With the Ryzen 9 3900X, AMD keeps the pressure on,
delivering higher clock speeds and better latency than its
vERDiCT
previous generation, with a 12-core/24-thread CPU for DeveloPeR: AMD
the same price as Intel’s eight-core/16-thread CPU. Web: www.amd.com
Unless gaming performance – and more specifically, PRICe: £500 (£320 Ryzen 7 3700X)
high framerate gaming – is your overriding goal, AMD’s
third-gen Ryzen CPUs are now in the lead. For anyone FEATuRES 9/10 EASE oF uSE 9/10
buying Radeon RX 5700 XT and lower graphics cards – PERFoRMAnCE 9/10 vAluE 9/10
or GeForce RTX 2070 and below from Nvidia – any
differences in CPU performance when it comes to gaming Pound-for-pound, AMD is going toe-to-toe with Intel – and
are going to be mostly meaningless. A few per cent beating it. Intel can still claim single-thread dominance for
slower or faster won’t really matter, and future games specific tasks, but overall AMD is the new champ.
may even begin pushing beyond the point where four-
core/eight-thread and six-core/12-thread CPUs are all Rating 9/10
that’s needed.

Reviews Single board computer
LattePanda
Is it a PC, a Raspberry Pi competitor or an Arduino board? Mike Bedford
put this unusual product through its paces in order to find out.
ince there are several similar products to the There’s a serial display connector for attaching a touch-
SPECS
OS: Ubuntu
S LattePanda, we need to spell out exactly what
we are reviewing here. It’s described as the
screen LCD panel, but not a camera connector –
although you could use a USB camera. It also supports
16.04 LTS or LattePanda 2GB/32GB – that is, 2GB of RAM and 32GB Wi-Fi and Bluetooth 4.0. The GPIO connectors look
Windows 10 of onboard flash storage. When we also point out that markedly different from that of the RPi, though.
CPU: Intel you’ll often also see the phrase “Windows 10 Mini PC” The main difference between the LattePanda and
Cherry Trail tagged to the end of the name, you might think it’s a Raspberry Pi – and also the RPi’s various competitors
Z8350, 1.8GHz, strange product to review in Linux Format, but things for that matter – is in its CPU. While nearly all SBCs are
quad-core, 2MB aren’t that simple. equipped with an Arm device of some sort, the
cache, 64-bit, Certainly, the LattePanda launched as a Windows LattePanda has a 64-bit Intel Cherry Trail Z8350, with
VT-x, AES 10-only product – unusual in the world of SBCs where four cores clocked at 1.8GHz, plus Intel HD graphics. A
GPU: Intel HD Linux dominates – but Linux is now officially supported variant with 4GB is also available, so we’re in the same
Graphics too. At this point we need to clarify things further by region as the RPi 4. Oh, and while the LattePanda does
Mem: 2GB, referring to the fact that even the 2GB/32GB board is have a microSD card slot, we shouldn’t forget its 32GB
1,600MHz available as two variants. Both versions have Windows 10 of onboard storage, so it saves you £5-£10 compared to
DDR3L pre-installed in the boards’ flash storage, but in one you what you’d have to pay with most SBCs.
SSD: 32GB get a Windows activation key and in the other you don’t.
(plus microSD Needless to say, since there’s a price difference of almost Real-world interfacing
slot) £29 and you’re not going to be using Windows – indeed, If you want to use the LattePanda as the heart of a PC, or
Display: HDMI you’ll be overwriting it – you should choose the non- for similar software applications as a Raspberry Pi, then
(max 1080p), activated version which has our quoted price. You what we’ve seen so far is all you’ll need to know. However,
DSI might also like to take a look at the designer’s website, if you’re interested in interfacing via the GPIO for
USB: 2x 2.0, www.lattepanda.com. experimentation or embedded applications, there are
1x 3.0 some caveats. The most unusual aspect of the
Comms: Lattes all round? LattePanda is that it doesn’t have a Raspberry
100Mbps The LattePanda has a similar form factor to the Pi-compatible GPIO but, instead, its interface to the
Ethernet, Wi-Fi Raspberry Pi, measuring the same lengthways and being outside world is Arduino-compatible (see box, opposite
802.11n 2.4GHz, just 12mm wider than the RPi 4. It has two full-sized USB page). LattePanda is very unusual in offering Arduino
Bluetooth 4.0 2.0 and one USB 3.0 ports, a full-sized HDMI socket, an compatibility on a board that runs Linux with an HDMI
Arduino: Ethernet socket and a micro-USB socket for power. output. It does this by having an onboard ATmega32U4
ATmega32U4
GPIO:
20 Arduino, 6
gravity sensors,
6 Intel CPU
Size: 88 x
58mm, 55g
It comes with
Windows 10 pre-
installed, but don’t
let that put you off!

Single board computer Reviews
coprocessor, the chip family used on Arduino boards,

with which it communicates via a hidden USB port. As unDERSTanDIng aRDuIno
such, it’s not too dissimilar – but a lot neater – than the
typical setup of a PC with an external Arduino attached Arduino boards are quite unlike most other SBCs because they don’t
via a USB port. Specifically it’s compatible with the run an operating system or drive a display. This is because they’re
Arduino Leonardo, which has 20 digital I/Os and 6 gravity intended for embedded applications – a piece of equipment where
and 6 Intel analogue inputs. However, the physical the user might not be aware that a computer is buried inside, working
arrangement of the headers is different from Arduino in the background – where these are would be an unnecessary
boards, which means you’ll only be able to fit Arduino overhead. The result is that they can use very cheap processors to
shields (add-on boards) with a converter. We should also good effect.
point out that, in addition to the Arduino GPIO, there is a For example, the ATmega32U4 that’s used in the Arduino
header for the main CPU containing six GPIOs. Leonardo, and also in the LattePanda to provide compatibility, has an
8-bit architecture and is clocked at just 16MHz. As a microcontroller it
What’s it do, then? also has its own memory and flash storage on chip and these are also
If you’ve never upgraded a PC from Windows to Linux extremely modest: just 2.5KB and 32KB, respectively. Because of
and are a bit wary of doing that to a brand new SBC, our this, software is usually developed on a separate PC and uploaded to
advice is simple: don’t be afraid. The LattePanda website the Arduino. The LattePanda is probably unique, therefore, in offering
gives clear instructions and we had no issues whatsoever. Arduino compatibility while also running an operating system.
In fact the only real difference between this and installing
an operating system onto a board such as the Raspberry
Pi is that you’ll be writing it to onboard storage, via a USB
stick, rather than to a microSD card. However, while
some SBCs give you a choice of several flavours on Linux,
there’s currently just the one for the LattePanda: the now
somewhat outdated Ubuntu 16.04 LTS.
A slight oddity is that when you apply power to the
LattePanda, a couple of LEDs light up but it doesn’t
actually boot. Unlike most SBCs, it only boots when you
subsequently push and release the onboard power
button. This seems an unnecessary inconvenience, and
it also precludes you from fitting it into a case, given the
miniscule dimensions of the pushbutton and the fact that
there’s no header to which you can attach an external
button. Apparently you can change the firmware to one
that boots as soon as power is applied, but we didn’t try
that. Other than that niggle, start-up is quick, and you’ll
be at the login page in well under 30 seconds.
With a quick start-up under its belt, we were keen to
learn more about the LattePanda’s performance. After all,
while four cores clocked at 1.8GHz might sound fast, it’s
pretty much impossible to make meaningful comparisons in that secondary display and That onboard
since most SBCs use Arm CPUs of some sort. Sysbench you can’t see it on your main storage accounts
certainly has its critics but, as a quick and ready way of display. Second, when we tried to download software to for some cost.
measuring processing power, it’s useful because the Arduino coprocessor, it reported that permission was
corresponding figures for other platforms are readily denied to use the necessary comms port. Only when we
available – so we’ve used that. resolved the issue with permissions did it work correctly.
The CPU test uses an application for calculating prime Hopefully these issues will be addressed with more
numbers and we configured it to find all up to a value of comprehensive instructions regarding upgrading
20,000, because this is a commonly used test. Running LattePanda to Ubuntu – indeed, they might even have
on all cores, it completed in 35 seconds. For comparison, been already, as you read this.
quoted figures for the Raspberry Pi 3 B+ and Raspberry
Pi 4 are in the region of 82-94 seconds (the exact time
depending on the temperature and hence the clock
VERDICT
speed) and around 63 seconds respectively. That’s about SUPPlIeR: Farnell
1.8 and 3.7 times faster than the latest and greatest RPi WeB: https://uk.farnell.com
and its predecessor. PRICe: £86.51
Turning to the Arduino functionality, while the
necessary Arduino IDE software is pre-installed if you stick FEaTuRES 8/10 EaSE oF uSE 7/10
with Windows, this is not the case if you upgrade it with PERFoRmanCE 8/10 VaLuE 7/10
the supported Ubuntu image. Having to install it yourself
would be only a minor irritation, but we have to report that Despite costing more than twice as much as the Raspberry
getting it to work wasn’t as straightforward as we’d Pi 4, it offers an attractive set of alternative features.
expected, taking us over half a day of detective work.
First, Ubuntu is configured with two monitors and, unless Rating 8/10
you disable the secondary one, the Arduino IDE displays

Reviews Linux distribution
Whonix 15
If routing all traffic through Tor doesn’t satisfy your need for privacy,
Mayank Sharma tests a resource-intensive solution with a novel approach.
honix is functionally very
in brief
This Debian-
W different from other privacy-
focused distros. Here’s a
based distro whistle-stop tour if you haven’t heard
isn’t unique in of it: The distro ships as a pair of
routing all Debian-based virtual appliances that
internet traffic you must run simultaneously.
through the There’s the Whonix-Gateway that
Tor network. exists to configure and route all
However, unlike internet traffic via Tor. This machine
its peers such has two virtual network interfaces:
as Tails and one connected to the internet via
SubgraphOS, NAT, which is used to communicate
Whonix is built with Tor, and the other connected to
on the concept a virtual network.
of security by The other machine is the Whonix- With the exception of an office suite, Whonix contains all the usual desktop apps that you’ll find
isolation and Workstation, which is the desktop in other everyday distros.
ships in the you are supposed to use for browsing
form of two and other tasks. Firewall rules on the Whonix-Workstation On the Whonix desktop you get a cherry-picked
virtual force it to only connect to the virtual network and redirect collection of privacy apps. There’s the KeePassXC
machines. This all traffic to the Whonix-Gateway. This scheme prevents password manager, zuluCrypt for encryption, qTox
arrangement web apps from ever knowing the user’s real IP address or instant messenger along with some Tor-based tools
strengthens accessing any information on the physical hardware. such as the Tor Browser and OnionShare for sharing files.
privacy and The latest v15 release introduces several new features, Highlights for us include the Firetools app to sandbox
helps isolate including a couple that make Whonix easier to deploy. apps, the MAT2 metadata anonymisation toolkit, and the
the work Starting with this release, the distro is available as a single Kloak keystroke anonymisation utility.
environment combined appliance. When you import this, it In case a bunch of privacy tools don’t convince you
from the automatically unfolds into the two virtual machines we of Whonix’s resolve to help you remain anonymous,
internet. mentioned earlier. By default, the VMs are configured to perhaps the distro’s behind-the-scenes work to curb
use four processors plus 768MB/2GB RAM for the privacy leaks will. For instance, they have blacklisted
gateway/workstation VMs. We reduced the processors uncommon network protocols out of the box to minimise
Min SPeC to two for both VMs and increased the RAM to 1GB/4GB, chances of abuse. They’ve also taken steps to harden the
Mem: 1GB and they still performed admirably well. kernel and have even sandboxed systemd services in a
HDD: 10GB bid to limit the damage of a compromised service.
CPU: AMD-V or Thoroughbred for privacy The best thing about Whonix is that its privacy
Intel VT-x The other change is the introduction of a ‘Live’ boot hardening doesn’t come at the cost of usability. The use
support option. When selected, the distro makes all writes to the of VMs eliminates the need for installation of any sort,
required memory instead of the VMs’ hard disks, which means which makes it very easy to deploy. Furthermore, the
Builds: 64-bit, they won’t persist after a reboot. Working from a Live distro also ships with a handful of wrapper scripts to
arm64 environment adds a layer of security in addition to the ease regular administration tasks.
distro’s privacy features. However, you shouldn’t rely on
this alone to thwart data retrievals, since that requires
additional steps, as the project’s documentation notes.
VerDiCT
Whonix 15 is also rebased on the new Debian 10 DeveloPeR: Whonix Developers
Buster release and has switched from the resource- WeB: www.whonix.org
intensive KDE desktop to the lightweight Xfce, which is a liCenCe: Various Free Software licences
welcome change. We weren’t enthusiastic about wasting
resources running KDE on two VMs, and the switch to feaTureS 8/10 eaSe of uSe 8/10
Xfce has made Whonix compatible with a lot more PerforManCe 7/10 DoCuMenTaTion 8/10
machines. Talking of underpowered machines, Whonix 15
has a CLI version that boots to a command line. You can Whonix is a meticulously crafted, privacy-enhancing distro
theoretically use it to pull in another desktop that helps you to remain anonymous .
environment, but the developers don’t recommend this
as it might pull in services whose privacy implications Rating 8/10
haven’t been tested by Whonix.

Linux distribution Reviews
Sparky Linux 2019.08

Sparks often fly when Jonni Bidwell puts his review hat on and uses
something that isn’t (gulp) Arch.
parky Linux is a coverdisc
in brief
A veteran
S favourite here at Future
Towers – it might even be
Debian-based on there next issue. Up until recently,
distro that’s it has maintained a stable release –
long been the 4.x series based on Debian Stable
popular with – and a rolling release, the 5.x series
users of older based on Debian testing. Now things
hardware. Unlike have been shuffled and new additions
many such spin- to the 5.x series are now based on
offs, this isn’t the new edition of Debian Stable,
just Debian with ‘Buster’, which was released in July,
some desktop and there’s a new, unnumbered,
flim-flam and a semi-rolling release based on Debian
nicely branded Testing ‘Bullseye’.
Calamares We were going to review Buster
installer. It will on this very page, but that would Sparky releases all have celestially themed names. ‘Po Tolo’ is the Dogon tribe’s name for the
appeal to a read something like “It’s Debian, it constellation Sirius B. Obviously.
much broader doesn’t break, it does what you need,
audience thanks review over” (that’s why he gets the big bucks – Ed). So newer than the stock Debian 4.19 kernel. Sparky provides
to its tolerance we thought we’d cover Sparky’s Rolling edition with Xfce packages for a couple of dozen other desktops, including
of non-free instead. And we have. the web-tech-based Jade and Manokwari, so no need to
software, helper As a happy side effect of this we get a peek at what stick with LXQt/Xfce. The long-awaited Xfce 4.14 will
utilities and the next Debian will be like. Debian’s rolling and stable probably have been released by the time you read this,
friendly releases haven’t had a chance to diverge much (yet), so and this should make its way into Debian’s Testing repos
community. the underlying base of both Sparky releases are similar soon and from there into Sparky’s rolling release.
for the moment. One difference is that GCC 9 is now
available in Debian’s Testing repos (GCC 8 is still the Swift and smooth
default), which will be a boon for developers wanting to Many apps in Xfce 4.12 still use GTK2 and appear slightly
compile with newer features. dated as a result, but this isn’t Sparky’s fault, and if it
bothers you there’s always two other GUI versions (LXQt
Sparky? Well put your coat on and OpenBox) and a CLI release. Xfce has very low
Sparky installation was a breeze and the initial install system requirements and we were impressed at how
occupied 4.2GB. This was larger than we expected, but it swift and smooth things were, even in a VM.
does pack in an impressive array of applications, which There’s a 32-bit edition of Sparky stable – it doesn’t
you can happily remove if you don’t need them. We even need PAE (a CPU feature) – but this rolling release is
appreciated the inclusion of BleachBit, since LXf has 64-bit only. However, 32-bit users of the previous 5.x
become awfully privacy-conscious these last couple of series rolling release can continue to use that; it will
issues. Having VLC available straight out of the box will automagically use the new Testing repositories.
make lots of users happy too. On first boot a helpful app
offers to update the system and add any desired
language packs, including a strange dialect spoken on
VerDiCT
this island called EnglishGB. DevelopeR: Sparky Linux developers
A number of Sparky’s own tooling is included in the WeB: https://sparkylinux.org
default install, including APTus for doing all kinds of licence: Multiple
package management and SparkyTube for downloading
YouTube videos. Sparky maintains an awful lot of feaTureS 8/10 eaSe of uSe 8/10
packages across its own three repositories. You’ll find PerformanCe 9/10 DoCumenTaTion 7/10
non-free software like Spotify, Lutris and TeamViewer as
well as a several web browsers not available in Debian, Excellent for people who want the power of Debian
such as Brave, Vivaldi, Palemoon and Waterfox. combined with the luxuries of a well thought-out but
Repos for Dropbox and the (desktop-optimised) lightweight desktop. Solid, with only a few rough edges.
Liquorix kernel have been added, so these are easy to
install. Speaking of kernels, you can install Sparky’s own Rating 8/10
custom versions of 5.1 and 5.2 if you seek something

GET PROGRAMMING WITH THE
LINUX AND OPEN SOURCE ANNUAL
Uncover the highlights of Linux and open source programming from the last
year with 180 pages of handy step-by-step guides and all the information you
need to get started and improve your knowledge
ON SALE
NOW
Ordering is easy. Go online at:

www.myfavouritemagazines.co.uk
Or get it from selected supermarkets & newsagents
Driving simulator Reviews
Dirt 4
Management is petrified, hiding from the mud monster entering
the building, but it’s just Andy Kelly after a season of rallying.
alfway through a gruelling
SPECS
Minimum
H four-mile rally, a tyre
suddenly pops. You can
OS: Ubuntu hear the loose rubber clinging on for
18.04 64-bit dear life until it eventually bursts and
CPU: 3.3GHz disintegrates, revealing a bare-metal
Intel Core wheel scraping along the gravel and
i3-3225 leaving a trail of sparks. The car is
Mem: 4GB flailing wildly and it’s a fight to keep it
GPU: Nvidia on the track, but we manage to limp
GeForce GTX over the finish line and place a
680/AMD R9 respectable third.
285 (GCN 3rd This is Dirt 4 at its best: those
Gen+), 2GB moments when you’re flying by the
VRAM seat of your pants, wrestling with The car is flailing wildly and you have to
fight with it to keep it on the track.
HDD: 39GB your car as it careens through the
Note: GPU mud, surviving long enough to cross
driver requires the finish line. Rallies are intense, nerve-racking tests of Mother Base. Money earned in championships is spent on
Vulkan, Nvidia endurance and driving skill. And when something goes facilities and staff, unlocking the ability to buy better parts
v418.43+, AMD wrong, like a knackered wheel or your headlights blinking for your vehicles and bonuses, such as sponsors paying
Mesa 18.3.4, out after one too many bumps in a night race, things get out greater sums of money and mid-championship
Intel GPUs are even more stressful – especially when you consider that repairs costing less. But it all happens through a series of
not supported. some damage will carry over into the next stage. dull, joyless menus, and while it’s compelling for a few
When you start Dirt 4 you’re given a choice of two hours, it soon begins to feel like a chore.
Recommended controls: Gamer and Simulation. Gamer labels itself as The sponsor system is cool, though. The gaudy logos
CPU: Intel Core being for those who want to “have fun”, but don’t be you plaster your car with aren’t just for show. If you team
i5-6600k tempted to choose it. When it’s enabled the game is up with, say, electronics company Blaupunkt, it might be
Mem: 8GB laughably easy, and you’ll soon grow tired of coming first pleased if you finish a race cleanly without hitting
GPU: Nvidia in every event and rarely veering off the track. anything – and if you do your relationship will improve,
GeForce GTX Simulation isn’t quite on the same level as superb earning you more money. But it goes the other way too,
1070 or better hardcore spin-off Dirt Rally, but it’s a lot less forgiving and it’s possible to damage your partnerships with
than Gamer. You really feel the weight of the car as you sponsors by failing to meet their needs.
speed around a corner, and it’s easy to spin out if you’re The tone is a lot more understated and serious,
too aggressive with the throttle. Even so, it’s noticeably reminiscent of the old Colin McRae Rally series, and we
more accessible and immediately playable than Dirt Rally, welcome this with wide-open arms. But it does lean a little
with nowhere near as much nuance to the controls and too heavily into being earnest and minimalist, and sorely
physics. You can get away with a lot more here, and the lacks any personality as a result. It’s so dry, although the
“Left into hard turn,
learning curve is less steep as a result. lovely Welsh voice of rally legend Nicky Grist – who you
right, right, hard Off the track there’s a team management mode that can now choose to be your co-driver – does bring a bit of
stop, crash.” seems to have been inspired by Metal Gear Solid V’s colour to the thing.
VERDICT
DevelopeR: Feral Interactive
Web: www.feralinteractive.com/en/games/dirt4
pRice: £45
GamEPlay 8/10 lonGEVITy 7/10

GRaPHICS 8/10 ValuE 7/10
An accessible, customisable off-road racer let down by

a half-hearted career mode.
Rating 8/10

subscribe Save money today!
SubScribe
Sign up today and get your
White Eclipse 3-Way
USB Charger
Charge multiple devices at maximum speed with the Eclipse 3-Way USB
Charger. This easy-on-the-eye charger is a three-port USB charging hub
that keeps 6m of cables neatly wrapped inside when not in use, while
providing neat pop-up access with a press of its top.
YoUr
GIFt!
Worth
£69.99
Don’t miss out,
subscribe now!
Product Features
Three devices at once
No more messy cables
Holds 6m of cable
Smart-IC Technology
High-speed charging
SUBSCrIBE NoW!
www.myfavouritemagazines.co.uk/lin/eclipse19/
Call: 0344 848 2852
Overseas
subs on
p67
PLUS: Exclusive access to 1
the Linux Format subs area!
1) Only available to MyFavouriteMagazines.co.uk subscribers.

1,000s of DRM-free
PDF back issues and
articles! Get instant
access back to issue
66 (May 2005) with
!
tutorials, interviews,
DON’T MISS
Now with 5 ye
r
ars
&
features and reviews.
of Linux Use
Developer
issues
At linuxformat.com
CHOOSE YOUR PACKAGE!

QUARTERLY PRINT ANNUAL PRINT AND DIGITAL
PLUS! PLUS!
Every issue comes Get both the
with a 4GB DVD print and digital
packed full of the editions with a 4GB
hottest distros. Plus DVD. Plus your
your Eclipse 3-Way Eclipse 3-Way
USB Charger USB Charger
SAVE! SAVE!
Only Only
O
£16.25 22% That’s just £5 £72 58%
That’s just £5.54
Quarterly print per issue! Annual print and digital per issue!
by Direct Debit by Direct Debit
Terms and conditions: This offer is only available for new UK subscribers. Gift is subject to availability. Product pricing stated is RRP at original print date. Please allow
up to 60 days for the delivery of your gift. In the event of stocks being exhausted we reserve the right to replace with items of similar value. Prices and savings quoted
are compared to buying full-priced print issues. You will receive 13 issues in a year. You can write to us or call us to cancel your subscription within 14 days of purchase.
Payment is non-refundable after the 14-day cancellation period unless exceptional circumstances apply. UK calls will cost the same as other standard fixed line numbers
(starting 01 or 02) or are included as part of any inclusive or free minutes allowances, if offered by your phone tariff. For full terms and conditions please visit
www.bit.ly/magterms. Offer ends 30 September 2019.

WE COMPARE TONS OF STUFF SO YOU DON’T HAVE TO!
Roundup
Atom Brackets Emacs
FocusWriter nano
Mike Bedford
loves writing but
more than that he
loves a text editor
that integrates a
coffee maker
Text editors
Which are the best text editors for programmers, writers and just
good old general use? Mike Bedford investigates…
HOW WE TESTED…
Largely because our group is

so wide-ranging, we started
out by providing an overview of
all the packages on offer – see
Overview on page 30 for this.
You might like to read that first
before getting bogged down in
the details.
In terms of specifics, there
were several topics we needed
to consider but, in some cases,
they didn’t apply to all the
products. So we certainly
needed to consider which
programming languages are
supported (all but one of these
programs have such support).
Areas that apply universally
are file format compatibility,
support of multiple views, ease
of use and expandability, all of
which we consider. To make any computer users probably Here we’re taking a look at five text
sure we didn’t miss anything,
in the Advanced Features
M consider the text editor as a left-over
of a bygone age that has been
editors that cover a broad spectrum of uses.
Perhaps the most common use is for
sections we’ll pass comment superseded by the word processor. However, programmers to enter and edit source code
on any stuff that we didn’t as more technically minded users will know, before compiling it – for those who don’t
cover elsewhere. a word processor isn’t just a bigger and use an IDE (Integrated Development
better text editor; the latter is quite different Environment) that bundles editing and
and it continues to have a role today. Most compilation together.
importantly, it generates a file containing Next are those who don’t develop their
plain ASCII text. Now of course a word own code, but have the occasional need to
processor can export as plain text, but even edit configuration files and the like. Then
so, unless you pay careful attention it will there are those people – commonly writers
often attempt to format your text or authors – who welcome a distraction-free
automatically and correct spelling mistakes – editing environment and who therefore spurn
which might not be mistakes at all. word processors.

Text editors roundup
Display options
How the information is presented
on-screen in each app.
aving lots of windows or panes on screen at once
H can offer big gains in productivity, but it can also be

confusing to go too far, so configurability is important.
Here we look at the options provided by each package for editing
several files at the same time.
Nano and FocusWriter are easily dealt with, because they
each enable you to view just the one file at once. With each of the Like most of its main competitors, Brackets enables you to see and edit two files
others, though, you can go much further. Although you can use on screen at once.
Atom to work with files individually, it also uses the concept of a
project which comprises all the files associated with a particular to Emacs, navigating your way around these features takes
job. If you’re working on a project, Atom shows a tree view to help some getting used to.
you navigate it. When you open a file for editing, it appears in an Finally, while it might seem to be an unnecessary complication,
editing pane which you can split horizontally or vertically, and Atom, Brackets and Emacs support themes that affect their
split those items again, if you want. Furthermore, each pane item appearance. Seasoned users of these packages report that
can contain multiple tabs. choosing a theme for a particular programming language – and
In many ways, Brackets is similar to Atom in adopting the hence the colours used in syntax highlighting – can help make
concept of projects, providing a view of the files in the project, your code much easier to read and understand. Alternatively,
and allowing the editing window to be split horizontally or different themes can be used, for example, to eliminate problems
vertically. Unlike Atom, a split editing window cannot be split that could be caused by colour blindness.
again. The editing window, or its parts, can’t have tabs, but much
the same is achieved using the ‘working files’ list, which lets you VERDICT
choose between several files that are open for editing.
Basically Emacs can do pretty much all Atom and Brackets can ATom 9/10 FoCusWRITER 2/10
do in the way of presenting information, although its terminology BRACkETs 8/10 NANo 2/10
is different – something in which we won’t get bogged down here. EmACs 8/10
It has to be said, though, that in common with most things related only FocusWriter and nano stick to single-file editing.
File types
Moving beyond just plain text files.
he plain text file format, containing just ASCII characters,
T is the most obvious format for a text editor to use, and all
our editors support this type of file. In the case of those
editors that only support text files, however, you’re not limited to
giving them a TXT extension. This means, for example, that if
you’re creating an HTML file, you could save it with the proper
HTML file extension.
Giving a text file an extension to indicate a programming
language isn’t just for your own information. If a text editor Because of its different target audience, FocusWriter supports RTF, DOCX and ODT
recognises an extension such as PHP or JAVA as that of a files as well as just plain text.
particular programming language, as all but FocusWriter can,
they enable their specific support for that language. This is FocusWriter will be lost. These additional file formats include
discussed later under the Language Support section. Rich Text Format (RTF), OpenOffice XML (DOCS) and Open
While the phrase ‘text editor’ might suggest that such a Document format (ODT).
package will only ever be able to read and write plain ASCII data –
whatever the file extension – FocusWriter goes one step further, VERDICT
and in this respect it resembles more of a word processor.
In reality, you’re not going to be able to create fully formatted ATom 6/10 FoCusWRITER 8/10
text in FocusWriter as you might in Microsoft Word or LibreOffice, BRACkETs 6/10 NANo 6/10
but this functionality does enable you to export your work to a EmACs 6/10
word processor or import text from one. In the latter case, With the single exception of FocusWriter, all these editors support plain text
however, sophisticated formatting that is not supported by files only.

roundup Text editors
overview
Making sense of a wide
range of packages. Atom 9/10 Brackets 9/10
To a large extent, Atom is aimed at Brackets differs from several of our other
iven that our five text editors programmers and of the packages text editors in that, although developers
G represent a broad range of

products, we really needed to
included here, it has most in common with
Emacs. However, it does differ significantly
are seen as the most likely users, it targets
web designers specifically. So, in addition
spend some time providing an overview in one respect. In the realm of general- to supporting the programming languages
of the group to help you better purpose text editors, Atom is the new kid and markup languages most commonly
appreciate our more detailed on the block: it was released in 2014. used in web development, it enables you
discussion. However, scoring an By way of contrast, nano has been to preview your HTML – with the optional
overview is tricky, because if we were around since 2000 – and Emacs since addition of CSS and so on – in a browser
to treat this naively, we’d simply end up 1976! You might reasonably expect, as you edit the source code (Atom also
scoring each package with something therefore, that its user interface was been provides previewing and add-ons are
close to an average of the scores in all designed with modern principles in mind, available for Emacs). A possible benefit of
the other categories, such as support as opposed to having been continually Brackets is that it’s simpler than Atom and
for programming languages and upgraded over the last 43 years. And Emacs, which could be a benefit to web
advanced features. Instead, therefore, that’s exactly the case. designers who don’t need a lot of
the scores we’ve given here reflect how As you might expect of a text editor additional but potentially distracting
well each package fulfils its aim and aimed at code developers, Atom is a fully functionality.
meets the needs of its intended user. featured product, as are Brackets and Brackets is written in HTML, CSS and
So for example, although FocusWriter is Emacs. More generally, though, many JavaScript, three of the main languages
the least functional – in some cases by other text editors could be considered that its users will employ. This led its
a significant margin – it doesn’t have a competitors to these three – see Also developers to suggest “If you can code
low score here because it does exactly Consider on page 33. in Brackets, you can code on Brackets”.
what’s expected of it. All the products
fulfil their aims admirably, hence the
universally high scores.
Ease of use
Keeping you on the straight and narrow.
tom, Emacs and nano have a user manual; with Brackets indeed, Emacs boasts over 10,000 commands, and let’s face
A you’re limited to a Getting Started project that opens

when you first use it, and a Quick Start guide. All except
it, you’re unlikely to use the vast majority of those if you just want
to do some basic text editing. Of the two, Emacs has gained
FocusWriter have either a user forum or mailing list for support. something of a reputation for being difficult for the newcomer to
It would be easy to argue that FocusWriter doesn’t need a manual get to grips with because of its unusual interface and extensive
or user support because it’s so simplistic. There’s always more use of key combinations.
than an element of truth to the suggestion that ease of use is It might seem unfair that, to a significant extent, we’ve given
inversely proportional to functionality – and that’s true of our low scores for usability to the more fully functional packages,
group of text editors. purely because of their extensive feature set. However, that will
Both FocusWriter and to a lesser extent nano are so simple to be more than cancelled out in scoring elsewhere.
get up to speed with because of their limited set of features. Even
though nano is keystroke-driven, the common commands are VERDICT
listed at the bottom of the screen, and more are displayed if you
make the terminal window full screen. ATom 7/10 FoCusWRITER 8/10
It’s going to take you a lot longer to become proficient with the BRACkETs 7/10 NANo 8/10
other editors, although the sensible approach is to start with the EmACs 5/10
basic features and work up over time. Nevertheless, it’ll take you Ironically, Emacs scores poorly for ease-of-use, to a large extent because of
a while to learn everything that Atom and Emacs have to offer; its large feature set.

emacs 9/10 Focuswriter 9/10 Nano 9/10

Emacs is the editor you’ll find listed as FocusWriter is quite different from all our Nano is a minimalistic text editor so it will
GNU Emacs in your distro’s software other text editors, being aimed at the non- appeal to those with modest requirements
centre. Here we’ve looked specifically at technical user who wants a clutter-free who want to get up to speed quickly. It
the GUI version, although installing GNU environment for creating and editing text. might be surprising to learn, therefore,
Emacs installs both this and the command Interestingly, the concept of removing that nano has a command line interface
line version – which is started in the distractions doesn’t apply only to (CLI). While the CLI is often thought of as
terminal with the command emacs -nw . FocusWriter itself. appealing only to the technically minded,
Emacs has an enthusiastic user base Certainly, you won’t see any toolbars, in this case we really don’t believe that it
because it’s so powerful, doing much more menu bars or the like unless you move the hinders the less experienced user.
than just text editing, as you can read pointer to the top of the screen to see the Even though you issue commands via
under Advanced Features. According to menu bar and, when you do look at the keystrokes instead of menus, those
the user manual, it’s an “extensible, options on offer, you’ll find they’re pretty keystrokes that are most used – and
customizable, self-documenting real-time minimal. However, this intriguing text there aren’t many in total – are shown at
display editor”, and it’s even been referred editor also aims to prevent you from being the bottom of the screen as a constant
to as “practically an operating system of distracted by yourself. reminder. The main drawback of this is
its own”. Reportedly, some users find that By default, therefore, it presents a full- that the user interface certainly looks
they can do almost all of their work from screen display, which means you have to dated, appearing like something you’d
within Emacs (see LXF245-247). be a bit more determined to break off to have expected to find in the ’80s.
Needless to say, therefore, you’re not check the latest score. You can even set Our main grouse, though, is that the
going to be using all its features overnight, yourself a goal in terms of writing time or shortcuts for cut, copy and paste are
but the option is there to start simply and a word count per day, with a status bar non-standard rather than being the ones
build up your usage over time. showing your progress. that many people are familiar with.
Advanced features
Going beyond the basics of text editing.
ano offers nothing that could be considered over and than just a plain text editor, and whereas some of the features
N above the basics of text editing. FocusWriter provides

just those features aimed at preventing distraction –
are just a gimmick, a lot of the others provide everything a
programmer needs in a single place. Included here are a file
even by yourself – as discussed in the Overview. Brackets’ manager with useful facilities such as comparing and merging
advanced features mostly concern its main application of web files and support for compilation – so it effectively becomes an
development. Included here are live preview of HTML/CSS, and Integrated Development Environment.
a quick-edit feature that enables you to open up a linked CSS or For general use it claims to support text used by almost
JavaScript file for editing while editing HTML. all human languages, adds a calendar and a calculator, and
Atom provides a lot more than just basic text editing. Perhaps even integrates support for sending and receiving emails –
its most commonly cited advanced feature is integration with git/ presumably just in case you don’t have a real email package.
GitHub, to provide facilities such as version control and
collaborative features – including access control, bug tracking, VERDICT
feature requests and project management. Although it has to be
added separately, another impressive feature called Teletype ATom 8/10 FoCusWRITER 1/10
facilitates teamwork by enabling team members to share their BRACkETs 6/10 NANo N/A
workspaces, and permits real-time collaborative working. EmACs 9/10
When we come to look at Emacs, it’s more appropriate to ask Advanced features vary from none in nano through to the proverbial
what it doesn’t do, and the answer is not a lot. It’s so much more “operating system of its own” in the case of Emacs.

roundup Text editors
Add-ons
Investigating options
for expandability.
ocusWriter offers no facilities whatsoever for expanding
F its basic functionality by way of plug-ins, this being a key

part of its ethos of providing a distraction-free
environment. It perhaps seems unfair, therefore, to penalise it
for this omission, but we obviously can’t give it any points for a
facility it doesn’t offer. Nano’s support for add-ons is extremely Emacs can be extended using the many add-on packages that are available
limited; only the provision to extend syntax highlighting to
support a new language is provided. contains 4,224 of them and, while this is the official repository,
Atom claims to have over 7,000 add-ons, which it calls there are still others on offer. Yet again, numerous third-parties
packages, and more than 2,000 themes. In fact Atom itself will help you to better understand the best packages to go for
comprises the core software plus dozens of packages for each depending on your needs.
default feature. A package manager in Atom serves a similar The bottom line must surely be that, with the three packages
purpose to your distro’s software centre. Having a vast number of providing extensive support for add-ons, you’re going to be spoilt
packages doesn’t necessarily imply that they’re all of high quality, for choice no matter which of these you plump for.
so it’s good to see that there are lots of third-party reviews of the
best Atom extensions. VERDICT
Brackets’ add-ons are called extensions. It too appears to have
a vast selection on offer, although it’s not entirely clear exactly ATom 8/10 FoCusWRITER N/A
how many there are. Again, you’ll find lots of reviews claiming to BRACkETs 8/10 NANo 1/10
list the top 10 or 25 Brackets extensions. EmACs 8/10
As with Atom, Emacs’ add-ons are called packages and are Atom, Bracket and Emacs all support add-ons and a large number of these
handled by an internal package manager. The MELPA repository are available.
Language support
Is there support for specific
programming languages?
ext editors intended for use by programmers or web
T developers support specific programming languages;

FocusWriter does not. Languages are recognised by
their file extension, and there’s usually a provision to add extra
languages and associate them with particular extensions. While
Atom, Brackets, Emacs and nano all enable you to add new
language support, reports suggest it’s not always a trivial task. Despite its simplicity, even nano supports syntax highlighting for several languages
Fortunately, however, all these editors support a wide range of
languages by default. readable without you having to specifically enter tabs. Some text
Language support differs slightly from one package to another editors offer additional programming support, but that tends to
but, generally speaking, they make it easier to understand the be associated with more advanced features such as compilation
structure of your code, which could make it simpler to spot or live view of web pages.
syntax errors. Common features offered by all three The full list of the languages supported by each text editor
programmers’ editors include syntax highlighting, bracket- would be very long, so we’ve just giving a summary. Atom boasts
matching and auto indentation. 34, Brackets 38, Emacs 33 and nano around a dozen. The specific
Syntax highlighting uses different colours to identify different language support provided by each editor depends on their
elements within your code, such as keywords and variable advanced features as discussed elsewhere so our scores are
names. Bracket-matching, otherwise known as brace-matching, based purely on how many languages are supported.
matches opening and closing pairs of round, square or curly
brackets, and sometimes opening and closing HTML tags. This VERDICT
is useful for debugging if statements and loops, and is especially
helpful for figuring out what’s wrong with a mathematical ATom 8/10 FoCusWRITER N/A
expression with lots of nested brackets. BRACkETs 9/10 NANo 6/10
Auto indentation causes your code to be indented as EmACs 8/10
necessary in accordance with good practice, to make it more Atom, Brackets and Emacs support all the commonly used languages.

Text editors
The Verdict
irst, a disclaimer. If you’re a seasoned user of text
F editors, there’s a good chance that our first-placed

product isn’t your favourite. After all, there are so many,
each with their loyal following, yet we’ve only been able to put
five under the spotlight. Furthermore, we deliberately chose
those five to cover as broad a spectrum of users as possible.
Our first-placed text editor is Atom, but it isn’t far ahead of
our next two offerings. We particularly liked the modern and
easy-to-use interface, but we recognise that this is subjective.
However, if you’ve never used a text editor before, or if you want
to try something new, Atom is highly recommended, especially if
you’re coding.
Our next two products – Brackets and Emacs – scored
exactly the same total score, so we’ve shown them as second 1st Atom 8/10
equal. But while they excelled in different areas, they’re both
worth considering if you’re going to be using them for web: https://atom.io
development. If you’re a web developer, Brackets is preferred, Licence: MIt licence Version: 1.38.2
since that is its target application. However, both could be used An excellent programmer’s editor with an up-to-date user interface.
for developing across a wide range of markup and programming
languages. The major differences are that Brackets scored much 2nd Brackets 8/10
better for ease of use, while Emacs has the edge for being
feature-packed. web: http://brackets.io
Next up is nano and, while this does have some specific Licence: MIt licence Version: 1.14
features for the programmer, it’s just as applicable for general An editor aimed specifically at web designers.
use. If you want something that you can use fully almost
immediately, then this could be exactly what you need. 2nd emacs 8/10
Conversely, that ease of use is, to no small extent, due to
the fact that functionality is very limited. web: www.gnu.org/software/emacs
Lastly, we have FocusWriter – but that certainly doesn’t mean Licence: GNU General Public License Version: 26.2
it should be discounted. It certainly wouldn’t be our first choice Feature-packed, but with a steep learning curve.
for programming – or second, third or fourth for that matter –
but if you want a simple text editor for general-purpose writing, 3rd Nano 5/10
this could be exactly what you need, especially if you find it
difficult to discipline yourself. This is because its main boast is web: www.nano-editor.org
that it provides a distraction-free environment and this even Licence: GNU General Public License Version: 2.9.3
extends to preventing you distracting yourself. A simple command line editor for general-purpose use.
4th Focuswriter 4/10
web: https://gottcode.org/focuswriter
Licence: GNU General Public License Version: 1.6.12
Ideal for the writer who doesn’t want to be distracted.
ALso CoNsIDER…
If you’re an Ubuntu user, you’ll find that you already have Text, which is free to trial for an unlimited period, but for
the GUI text editor Gedit and the command line editor which you are trusted to pay $70 for continued use; and
Vim (accessed by the vi command rather than vim ) Visual Code Studio, which is unusual in being an open-
pre-installed on your system, so these would be easy source Microsoft project. Add to these jEdit, Cream, SciTE,
ones to try out. Geany, Bluefish and Kwrite, and you’d have a major job on
For other distributions, you might discover Mousepad, your hands in deciding which to use. What’s more, there are
Kate, Pluma, Xed or LeafPad already installed for you to test- lots of others where these came from. Never let it be said
drive. Others which are highly respected include Sublime that text editors for Linux are in short supply.

Defeat ransomware
BEWARE OF THE
RANSOMWARE
Jonni Bidwell knows how not to do a lot of things,
including how not to pay ransoms and how not to
be fooled by social engineering scams…
e’re still patiently waiting servers via shodan.io and create havoc. personal information) or even wiring
W
for the year of the Linux Attacking desktop Linux is a little more money to a stranger. Some of these
desktop, but one sign that delicate, but that’s not to say it doesn’t scams are easy to spot, but others are
Linux has become happen. Rogue websites may serve drive- not. Over the last five years, cyber-
mainstream is that it is now actively by downloads, bona fide websites may get criminals (we promise not to use this
targeted by malware pushers. Perhaps hacked or a long-standing bug in the prefix too much) have cottoned on to the
not to the same extent as Windows, kernel may be discovered. All of which fact that people care about their files, so
and perhaps those miscreants are might spell the end for your data. a popular MO is to encrypt them and hold
more interested in hijacking servers A much greater threat, however, is them to ransom. Victims are ‘invited’ to
than desktops, but peddling the old social engineering. This is pretty much pay, usually by cryptocurrency, for a
“Linux doesn’t get viruses” line does operating system agnostic – it relies on decryption key, but often this is never
not make for credible journalism. (don’t weaknesses in human nature rather than provided. Sometimes ransomware is ill
use the J word!–Ed) in software – so there’ll be a few tips that thought-out, and boffins can reverse-
Linux servers are compromised all the will help you even if you use some other engineer whatever encryption was used
time. It’s a little too easy for your run-of- heathen OS. A well-crafted email can trick and provide free decryption tools. But you
the-mill script kiddie to find their favourite a weary mark into opening the wrong kind shouldn’t count on this. Instead heed our
exploit in Metasploit, find some vulnerable of file, disclosing their password (or other guide – be strong, be vigilant and behave.

Defeat ransomware
Ransom and deceit

The scammers have figured out that your data is more valuable to
you than it is to others. Don’t let them exploit this fact.
hile we did a cover feature on malware not all most of these were embedded installations
W that long ago (LXF251), our state of the art

analytical engine (that’s me – Ed) tells us that
that can’t be upgraded and weren’t even
connected to the network. The problem was
you want to hear more detail about one particular type the huge number of unpatched Windows
of malware – ransomware – and one particular means 7/8/2000 systems that were vulnerable to a
of delivery, social engineering. bug in the SMB protocol of which, it turns
Holding things to ransom is an ancient idea, and one out, the NSA was aware for some time. It had
that has been shown to work very well. Kings, nobles in fact weaponised said bug for use in its own
and precious works of art have been ransomed since Tailored Access Operations unit, and named
antiquity. Likewise using smooth talking to hoodwink the exploit EternalBlue. The best solution
people into doing things they probably shouldn’t – Unfortunately that exploit fell into the hands of a to all of these
grifting, if you will. But in the digital age these practices hacker collective known as the Shadow Brokers. The woes is something
you should already
take on a whole new, sinister dimension. On the face of NSA alerted Microsoft to the possible theft and a patch be doing: regular
it having files held to ransom is in an entirely different was issued in March 2017. In April 2017, EternalBlue – backups.
league to having a family member kidnapped. But what alongside other NSA exploits named EternalChampion
if people’s lives depended on the integrity of those files? and EternalRomance – was leaked by the Shadow
Terrifyingly enough, this has happened on more than Brokers and a month later, when many systems
one occasion. remained unpatched, WannaCry used it to wreak havoc
The Wannacry ransomware outbreak of 2017 around the world. See the box on page 38 for more on
infected some 300,000 computers in 150 countries – the anatomy of WannaCry.
making it, according to veteran security researcher We’d love to say there are magical open source tools
Mikko Hypponen, “the biggest ransomware outbreak that with just a little bit of command-line fu can help you
in history”. People showing up to work were greeted by recover from any ransomware attack, but that’s just not
their computers asking for Bitcoin payments equivalent the case. And nor will it ever be. There are a couple of
to $300-$600 to decrypt their files. In the UK it brought things that are guaranteed to help you though, and
our (already struggling–not Wales) NHS to its knees. they’re skills everyone should practise.
Patients saw operations cancelled, and were advised to
only seek medical care in emergencies. Staff, devoid of
network and phone access, had to resort to manual PAY UP OR THE DATA GETS IT
methods to deliver vital healthcare services.
Commentators were quick to point out that the A number of high-profile organisations have paid ransom fees, and
NHS had, and still has, a number of machines running we are likely to see a lot more of this unless our collective security
Windows XP, but these weren’t really the problem – game is upped. Large organisations with lax security practices can
(but shouldn’t) be crippled by a careless employee falling for an
email scam. This may be an untargeted attack, where the
ransomware keymasters’ expected targets are unsuspecting
home users, in which case the asking price is pretty modest.
Or it could be some kind of spear phishing campaign, where
execs or sysadmins are targeted so their privileges or well-endowed
bank accounts can be ransacked. And if you’re going to cripple a
large organisation you’ll probably be after more than pocket change.
In June of this year, Riviera Beach City Council in Florida agreed
to pay a $600,000 (65 BTC) ransom to hackers after their systems
were crippled. They join a growing number of institutions that have
chosen to cough up six-figure sums in order to restore critical
services. A 2018 report from SentinalOne surveyed some 500 large
organisations and found that of those hit by ransomware, 45 per
cent of them had paid up, but only 26 per cent of those had their
SET, the Social Engineering Toolkit, comes with Kali Linux and is full of files unlocked. So much for honour among thieves.
tips and tricks (and references to our favourite movie).

Defeat ransomware
Backup your files

They say there are two kinds of people in this world: people who don’t
backup their files, and people who have never experienced data loss.
here’s no shortage of backup tools available
T for Linux. Timeshift is great for backing up

system files. It’s vaguely analogous to System
Restore in Windows or Time Machine on macOS and
it comes as standard with Linux Mint (you can look
forward to Mint 19.2 on next issue’s coverdisc). For
backing up personal files we recommend DéjàDup
(https://wiki.gnome.org/Apps/DejaDup) – it has
a simple GUI and can automate everything for you. In
its own words “It hides the complexity of doing backups
the Right Way (encrypted, off-site, and regular)”. It also
comes by default with Ubuntu, so check out our handy
six-step guide to using it, opposite.
Behind the scenes DéjàDup uses the Duplicity
command line tool, so if you prefer to do things old- Mint’s Backup Tool (not Timeshift) is pretty rudimentary, but ad hoc
school you can hack up some scripts, cron jobs and backups of your important files are better than none
what have you to invoke this directly. All the magic
(incremental backups, encryption, scheduling) happens interferes with the client and prevents the sync from
in Duplicity, so if your command line and scripting mojo happening, in which case you would be okay. Still, why
is strong this might be the option for you. It’s great for take the risk? Use a proper backup tool, and backup to
server-type things where you don’t necessarily have the an external hard drive that isn’t always connected: cold
luxury of a GUI. storage, if you like.
For typical home use your personal files are, we
think, much more important than the rest of the Keeping regular
system. Whatever flavour of Linux you have, if your Backing-up for the first time might give you some sense
system gets hosed you can re-install it and all the of security, and rightly so. But backing-up should be a
applications in a matter of between minutes (Ubuntu) way of life, not a one-off event or even something you
and days (Arch). Fair enough, it might take longer to do on an ad hoc basis. Unless you integrate it into your
replicate all the little tweaks that you’ve added along digital routine then you’re risking all your latest and
the way, and maybe it’ll never end up greatest work (or fresh memes). Fortunately, thanks
quite the ssame. Your photos and to modern tooling this is easier than ever.
documments and movies are Of course, life will be much easier if your files are
more precious.
far m in some kind of ordered state, but we can’t all be Melvil
You may, and Dewey (for one thing, imagine how everyone’s address
should, already back book would look – Ed). Your first backup may take a long
up some of these to time, depending on how much stuff you have so pop the
some kind of cloud kettle on. Or you may have to cancel it when you realise
storage, be it an certain directories should have been included or
open source excluded. But once it’s done, you’re happy with it and
offering like don’t go messing up your document structure too
Nextcloud (yay!) much, subsequent backups will be much easier. Later
or a proprietary one backups will probably be much quicker, since they are
such as Dropbox done incrementally – only files that have changed since
(meh). The trouble the last backup will be stored.
with clients like these
w If you’re using Mint you may prefer to use its own
–oones that automatically Backup Tool which is simple to use but doesn’t have the
keep your local files and scheduling facilities. It’s great for casual backing-up of
cloudy filles synchronised – is your home directory, but doesn’t have all the
that in the midst of a ransomware scheduling and other features of DéjàDup. You can
We like the attack they will happily send scrambled files to the install it on Mint and other Debian-like systems
KeePassXC logo, cloud. So instead of having an off-site backup you (you already have it if you’re using Ubuntu) with:
and we also like
when our readers
effectively have an off-site rubbish dump. $ sudo apt install deja-dup
use it and perform This all depends on the nature of the ransomware – Then fire it up and follow this handy guide to
regular backups perhaps it changes filenames, or perhaps the malware securing your precious files.

Defeat ransomware
BackuP with déjàduP
Set backup location Choose what to save

1 You can use Gnome’s online accounts feature to back up to 2 Add any folders outside your home directory you want to
Google Drive, a Nextcloud instance and more. You can also use a include in the backup, and exclude any inside that you don’t. The
network location such as Samba or SSH, or a local folder. We ~/.cache/ folder is not necessary and often takes up lots of space
recommend using an external hard drive and unplugging it – it’s where Chromium’s cache is stored. If you use Steam then
afterwards. If you use a truly local folder, be aware that anywhere you’ll want to exclude ~/.steam as well. Gnome’s Disk Usage
you can write to could be hit by a ransomware attack. Analyzer is a useful tool to see what’s taking up space.
Initiate the backup Set up a schedule

3 Hit the Back Up Now button. You may be prompted to 4 Just as with yoga, regular practice is the key to backup
install Duplicity and you will be prompted for a password. If you heaven. Click the Scheduling tab to choose the frequency and
use one (encrypting off-site backups is a good idea) then for pity’s longevity of backups. If you backed up to a location that isn’t
sake don’t forget it; in fact, just use a password manager, like we available when an automatic backup initiates, don’t worry, you’ll
tell you to later in this feature. Click the Forward button and start be warned. Also beware of running out of space – old backups
to feel secure in the knowledge that your files are safe. will be silently removed in this event, which may not be ideal.
Be sure to be sure Test your backups

5 This step is optional, but a belt-and-braces approach 6 Making backups is all very well, but you need to be sure
is always good if you truly care about your data. So consider they are viable and that you know the drill for restoring them.
manually copying your encrypted backups somewhere else: a Click the Restore button, plug in your storage device if that’s how
USB key, your home server, somewhere in the cloud, it doesn’t you did it, choose your backup location and choose the date to
matter. Redundancy is good and since you encrypted your restore from. The most recent is shown first. For this test, restore
backups (didn’t you?), losing the storage shouldn’t be a concern. to a specific folder so nothing is overwritten.

Defeat ransomware
Anatomy of a
ransomware attack
Ever wondered how all this high-tech financial half-inching
and data scrambling works? Wonder no more.
nfortunately, if you fall victim to a ransomware their friends. Be that as it may, whether or not you
U attack and don’t have any backups, it’s

probably too late to do anything about it. The
have access to it a decryption key probably does exist
somewhere. There is of course malware that just
usual asking price to unlock is around $500, though deletes everything – this class of malware is known as
many variants will threaten to increase this amount a wiper and would fall into the Chaotic Evil category in
after a couple of days, and may even threaten to make D&D – but this doesn’t offer criminals much in the way
decryption impossible after longer. These threats just of revenue generation. Since crypto is hard, the people
provoke anxiety in the victim, who’s then more likely to peddling ransomware often get it wrong and it is
pay up before considering the merits of doing so. possible to recover a decryption key without becoming
What is important to remember is that while there’s a victim of extortion. To understand how this is
a possibility that whoever’s in control of this malware is possible, it’s necessary to understand how all this
reasonable enough to provide a decryption key, there’s key generation malarkey (ha – Ed) works.
also the possibility that they won’t. Their business Traditional symmetric encryption relies on two
model, after all, is to collect payments, so why should people being able to agree on a secret key by a secure
they bother with the extra admin of sending an email channel. That channel might be a meeting in the woods,
after that is achieved? It’s not like people who receive a or sealed message delivered by a trusted intermediary.
key will recommend that particular strain of malware to Today’s numerous, distant electronic transactions do
not allow us this luxury. We can’t go whisper to our
buddy at Paypal every time we want to pay for
makes you wannacry something online; every transaction requires a new key
to be negotiated.
The WannaCry damage could have been much worse had it not Fortunately we now have public key (asymmetric)
been for the actions of one Marcus Hutchins (aka MalwareTech), encryption which enables us to negotiate a shared
a security researcher who noticed WannaCry was trying to contact secret with a remote other party, be it a person or a
a server at an unregistered domain. Feeling inquisitive, he duly machine, even if we’ve never met them. This is what
registered the domain and set up a sinkhole, a server designed to underlies the key-exchange part of SSL/TLS (used in
capture information, which had the effect of neutering the malware. HTTPS), SSH and PGP communications. Public key
Once infected machines were able to contact this domain they crypto is also intrinsic to the workings of all
stopped trying to infect other machines: in short, Hutchins had cryptocurrencies. It’s a fascinating subject, and also
found a killswitch. a strange concept to get your head around, but we’ll
Further variants of WannaCry appeared in the aftermath, and leave you to ponder it at your leisure (or check out
mercifully killswitch domains were found for these too. Hutchins our Crypto feature in LXf247). All you need to know is
became something of a hero overnight, which makes the next part that it requires parties to hold not one but two keys –
of the story quite upsetting. In August 2017 he was in Las Vegas a keypair; that only one of them needs to be kept
attending the Def Con hacker conference, and was promptly picked secret; and that random numbers are involved.
up by the FBI on hacking charges relating to the Kronos banking
trojan, to which he admitted contributing code as a teenager. In July
2019, Hutchins was effectively granted his freedom, with the judge
sentencing him to time already served and even recommending he
seek a pardon. This could have gone much worse for Hutchins; the
plea deal he accepted could have seen him spend a decade in jail.
We’ve long commented that technology is moving faster than
laws can keep up with. People doing security research have to walk
a fine line. They are bound by a treaty known as the Wassenaar
Arrangement, by which signatory nations agree to implement
regulations governing software that could be used maliciously.
The agreement was reworded in December 2017 to make special
provisions for security researchers, who may have previously risked
prosecution by sharing tools or vulnerabilities across borders. You’re unlikely to see a screen like this on Linux, or such a high ransom
demand – but you never know.

Defeat ransomware
Ransomware that phones home to some central Gwarn, put a

bullet in our optical
server could use symmetric encryption to perform its
drive – we have
sordid garbling. A random key and a unique identifier backups and other
could be generated on the target machine and both of PCs y’know.
these numbers sent and then stored on that command
and control (CC) server. All traces of the key would be
removed from the victim’s machine once files had been
duly scrambled, and the unsuspecting victim would
then send the requested ransom, together with their
unique identifier to the extortionist.
Said extortionist, if they had any shred of decency,
would then provide the decryption key and life would
go on. This all relies on some degree of centralisation:
somewhere out there a list of keys and tokens needs to
be stored. For large-scale attacks this isn’t ideal – often,
multiple command and control servers are used for
redundancy – and it makes more sense to somehow
store those keys locally. Without public-key encryption
this turns into a Catch-22 cascade of futility. You can
encrypt the key and store it locally, but then where do
you store the key used to encrypt that key?
Instead, an attacker can use a hybrid scheme
whereby the symmetric key (or keys) used to scramble of view the victims aren’t that much worse off.
all the files is stored on the victim’s machine, but Hospitals, and indeed all reputable organisations,
encrypted asymmetrically. The simplest ought to have a watertight backup regimen in place, but
implementation of this type of scheme would require restoring a whole network under considerable pressure
our attacker to only look after a single private key, while is a complicated business. Consider how long it would
the public key could be stored locally – inside the take you to restore your machine’s software stack,
decryption program, for example. configuration and data after it was wiped, then multiply
So in order to recover their files, the victim needs to this number by at least several hundred. Locky evolved
pay the ransom, which releases the attacker’s private
key, which is combined with the public key and these
two keys used to decrypt the locally stored symmetric hoW To BlaCKmaIl people
“Ransomware that phones home
key. Simple, right? Whoever said these people don’t
work for their money…
Scum, vile scum to some central server could use

symmetric encryption to perform
Actually, they don’t. Ransomware and command and
control servers can be readily bought/rented via the
its sordid garbling.”

darker recesses of the dark web and all this key
management business can be taken care of with just
a few clicks in a friendly interface. Having a single
private key governing all victims is also not a terribly over 2016 to become one of the (then) most-detected
smart idea. It’s straightforward enough to protect it as pieces of malware in the wild, eventually being localised
it’s sent down the wire from the C2 server to the victim in 30 different languages and no longer requiring C2
machine over HTTPS or SSH, but a suitably meticulous infrastructure – which, if it’s located in a friendly
researcher would, given enough time and a retainer, be jurisdiction, is easy enough for authorities to shut down
able to extract it from memory during the decryption once an outbreak becomes prevalent enough.
phase. In this way, paying the ransom once (or maybe Some malware is selective about what it encrypts; it
a few times) could provide decryption capability for may just encrypt documents (based on file extensions)
everyone. Which is not really what malware authors and leave the rest of the OS intact. Doing this means it
want and why more advanced key distribution is only requires user permissions to run. If you’re lucky
generally used. this means it’s easy to clean up, at least once the
There have been a number of high-profile cases source of the infection is tracked down and so long as
where ransom has been paid and data has been backups were taken. Of course, people have come up
liberated. For example, in 2016 a hospital in Los Angeles with ingenious ways of hiding scripts and getting these
coughed up 40 Bitcoins ($17,000 at the time) after infections to resurrect themselves. There’s nothing
being infected with the Locky ransomware. In life or more frustrating than thinking you’ve recovered
death situations like this, it’s easy to see why paying everything to the pre-outbreak state only to have it
the ransom is a reasonable option. The sum of money all come undone.
involved may well be less than the daily cost of working ‘Fileless malware’ is becoming the new norm.
around a crippled network. This often travels by poisoned documents (PDFs in
Even if the crooks don’t provide a decryption key, particular) which contain some script or code to fetch
the ransom payment may be dwarfed by these costs, hostile code from the internet and inject it directly into
so from an accounting (but not awfully principled) point memory. This makes it terribly tricky to detect.

Defeat ransomware
Social engineering
Convincing people to do things not in their interests has become
quite the artform, so don’t be fooled. Click here for puppies…
here are all kinds of devious ways that It’s incredibly easy to cosmetically clone an entire
T unscrupulous scammers will use to get hold

of unsuspecting marks’ data – whether it’s
website with open source spidering tools which have
legitimate uses. Widgets and search facilities are harder
tricking them to install ransomware or some other kind to reproduce, but if you can dupe victims into thinking
of malware such as a keylogger, or having them visit a the site is real long enough for them to enter their
booby-trapped website and enter valuable credentials. username and password then you’ve already won.
Most people nowadays know better than to reply to an People tend to drop their guard considerably if they feel
email purporting to come from a Nigerian prince who they are communicating with a friend, so contact lists
needs some help organising a wire transfer for his from plundered email clients are valuable too. Social
considerable inheritance. Indeed, most scammers no media accounts then become like gold for scammers.
longer bother with these kinds of ruses; their game has We’d rather you didn’t use Facebook and such, but
been considerably upped. if you do, it offers a few ways you can secure your
They may play on local events, especially natural account. In particular, you can nominate a person or
disasters. They may also send targeted email based persons that you trust so that, in the event you get
on public information harvested from the target’s social hacked, they will be able to trigger a password reset for
you. You’ll find these and other options in the Security
pay Up or The KId geTS IT

and Login section of Facebook’s settings.
You may have already witnessed hijacked accounts
“Concerned parents, particularly those

sending messages of the form “Help, I’m trapped in
Timbuktu. Please send money”, which are easy enough
that aren’t too tech-savvy, will readily

to sniff out. But with a little imagination and a little
knowledge about the victim – and if you have access to
part with cash if they think their

their social media you’ll have plenty at your disposal –
a much more convincing con can be crafted. Concerned
children are in some sort of danger.”

parents, particularly those that aren’t too tech-savvy,
will readily part with cash if they think their children are
in some sort of danger (not me – Ed).
media accounts. For this reason you should be awfully Human beings aren’t really designed to remember
careful about what information you broadcast publicly passwords or indeed come up with secure ones, so it
about yourself. Knowing your interests, location or even should come as no surprise that password-reset
those of your friends is enough to gain a data-mining mechanisms or forgeries thereof are popular means for
foothold. WannaCry and others like it exploited an hijacking accounts. If you search your email address on
unpatched vulnerability in Windows to spread, but this Troy Hunt’s https://haveibeenpwned.com website,
is comparatively rare. Most ransomware, and indeed you may well find it has appeared on one of the many
most unauthorised access to computers, is installed by lists of breached credentials that are now forever in the
unwitting users being schemed and duped. public domain.
Fraudsters will send email from domains that at a This doesn’t mean that email address is
glance look legitimate – say, linuxf0rmat.com – or compromised, just that an account associated with it
direct you to counterfeit websites at such domains. has been published – possibly something insignificant
and maybe even something that has since been
secured. For obvious reasons, the actual credentials
aren’t listed, so you can’t check their validity. But doing
a thorough password audit is never a bad idea. If a
password you used on a forum 12 years ago that’s
similar to any you use today is in any way traced to
a different account, that account is at risk.
It’s a painful process, going through all the places
where you may have signed up, resetting passwords or
cancelling accounts as appropriate. But it might just
KeePassXC’s save your identity, or prevent your contacts getting
advanced settings phished, or something else beneficent. Rather than
are nothing if not
impressive, but
trying to remember a bunch of secure and different
the defaults are passwords, it’s much more sensible to use a password
fine. for us manager. That way you just need to remember a single

Defeat ransomware
strong password, and have the password manager

generate (and remember) hard-to-crack, gibberish
passwords for all the sites you use. There are plenty
of cross-platform solutions that work through browser
extensions and mobile apps, but there’s a few that
actually support desktop Linux too. Our favourite is
KeePassXC (https://keepassxc.org), which is a fork
of the largely unmaintained KeePassX (which itself was
a fork of the Windows-centric KeePass). You can install
an older (but still good) version straight from the
Ubuntu repos with
$ sudo apt install keepassxc
or use a snap to get a newer version with
$ sudo snap install keepassxc
Then fire it up from the Applications menu and click
‘Create new database’. The default encryption and
storage options are fine for normal humans, but feel
free to turn everything up to 11. The next screen is the
most important: it’s where you must decide your
master passphrase. Choose wisely, and consider GitHub supports
writing it down somewhere and keeping it somewhere second factor at all, but other factors should be used 2FA. First set it
up to use Google
safe, but not somewhere it’s likely to get stolen. Choose for critical services.
Authenticator,
a location for your password database, and consider Hardware tokens and security keys are becoming then you can
backing up this file (and all your important files) much more widely supported as a second factor for use a U2F token.
regularly. Now add your many, many freshly secured popular services. The Challenge-Response card readers
passwords. You can sort them into groups, and install required by some forms of internet banking are an
the KeePassXC browser extension for Firefox. example; they add credence to the notion that it is the
account holder trying to make a given transaction by
a matter of factor proving that whoever is doing so has their card and PIN
Many services now offer two-factor authentication number. Unfortunately, these devices tend to spend
(2FA), where besides a password some other token is most of their time getting lost or running out of battery
required. Often this second factor is an SMS message, at the most inopportune moments.
but there are problems with this. For one, a determined That’s the problem with real-world security: it has
attacker may have the means to carry out a SIM-swap to take into account all the silly mistakes real world
attack, whereby mobile network staff are socially humans are so good at. Stay safe, peeps!
engineered (or bribed or blackmailed) into porting the
victim’s phone number to an attacker’s sim.
Mobile malware is becoming more and more we second this motion
prevalent (don’t sideload apps you don’t trust!) and if
the victim’s phone has fallen victim to such then their Google’s Authenticator app for Android is a software 2FA solution,
SMS messages will all be up for grabs. The SS7 albeit a proprietary one, that uses the Time-based One-time
protocol that connects cellular networks has long been Password protocol (TOTP) to generate six- to eight-digit one time
a source of concern for the security conscious. Once codes for use as a second factor. It’s widely supported, not just on
you have access to any cellular network – whether Google sites, so if you have an Android phone this is a free way to
that’s internally through a rogue employee or externally boost your security and reduce the chance of unfortunate takeovers.
by some devious hackery – it’s actually possible to The magic of this is that, once a token is generated and shared
access any other network and intercept or reroute between the site and the app, the same code is generated
messages as befits your whim. So using SMS as a independently based on the current time. The algorithm can tolerate
second factor is certainly stronger than using no clock skews and network latency, so the app and the site don’t need
to both keep exactly the same time.
Authenticator codes can theoretically be spied on, though an
attacker would have to be watching
you in real time for this to work, so for
ultimate security we recommend using
a hardware solution such as one of
Yubico’s YubiKey range. These support a
variety of authentication protocols. It can
work in tandem with a TOTP app as a
Universal Second Factor (U2F), or it can
authenticate with supported services via
NFC (Near Field Communication) on a
Yubico kindly sent us some mobile phone. It can also work as an
YubiKeys – we’ll check them unlock key for a password manager
Generate unwieldy passwords without worrying about having out in a future issue. service. Which is nice.
to remember them.

INTERVIEW Robin Schumacher
ENTERPRISE
SOARING SUCCESS
Mayank Shama meets Robin Schumacher of DataStax to talk about
building success with open source while nurturing the community.

Robin Schumacher IntervIew
ack in the days when virtually
B
all open source software
was licensed under the GPL,
building a business around
it was quite a challenge. MySQL was
one of the first projects that attempted
to create a true-blue ‘enterprise open
source’ product by creating new
licensing terms and adding exceptions
to work around restrictive licensing.
The proliferation of permissive licenses
opened the flood gates, both for the use
of open source software in the enterprise
and for setting up professional support
business around these products.
Despite the fact that these days
virtually all major open source software
has a corporate backer that works with Robin pointed out that, for the first time, DataStax has put up some of its new under-development apps on
the community, mixing the two without its website, for anyone to try without signing up for the Early Access Program.
burning your fingers is quite a balancing
act. We caught up with Robin Schumacher, began with him having reindeer meat the ability to have IDs and passwords,
SVP of Products at DataStax, at the with the company’s co-founder David and manage the permissions of the
company’s Accelerate conference in Axmark in Sweden. Just as Oracle was various objects. Once they have this list of
Washington, to better understand its closing on MySQL AB, he moved into a necessary features that’s customary for
relationship with the open source Apache similar role at a PostgreSQL company any database, those were the things they
Cassandra community. We wanted called EnterpriseDB. He tells us that his gave back to the community.
to see how it contributes to the open process of turning open source software “But then we asked, is it normal for
source project, and what it takes to offer into enterprise products has evolved over a database to have low-level access
commercial solutions based on a freely time from MySQL AB to EnterpriseDB to control? No. That’s typically something
available piece of software. DataStax now. It’s critical for a responsible government and financial institutions
Robin is a been-there, done-that kind
of guy and has worked up and down the
corporate food chain. He has been how datastax Built uP its trust
“If you go to a government agency or a
tinkering with all kinds of databases in one
form or another for about three decades,
financial institution, they’re not going to

first as a database administrator and then
making software for DBAs, before heading
let you in the front door.”

enterprise product teams at companies
such as MySQL AB and EnterpriseDB.
Paid or not paid?

Robin came to DataStax as one of its company to first reinforce the open source need, and so we kept that feature for
earliest employees in 2011, when his good software by contributing the necessary our paying customers.
friend Billy Bosworth was tapped to be features upstream. “So we start with that rule of thumb
CEO. He has overseen the company’s At DataStax he’s helped to develop a and begin to work out from there,” Robin
enterprise products almost from the start, set of guidelines that help the company continues. “Then you begin asking some of
and has been responsible for adding the determine what it gives back to the the big overarching questions. We added
features you’d expect from an enterprise community, and what features it retains analytics as you always need to do real-
grade database. “When I got here, we had for paying customers. For him, the time analytics on your data. You need to
no security,” he says. “There was none. segregation process begins with the look up data, search of course, secure
So if you go to a government agency or a classification of features: “I like to start your data; you bet, be able to manage
financial institution, they’re not going to with the foundation, where you begin your data via some visual tools and things,
let you in the front door. And so you need by asking the question in terms of the make it easy to handle complex rollouts;
to be laying these big pieces of the puzzle features you are starting to look at: is absolutely. And then you just keep moving
that’s going to make up your data platform the functionality usual and customary down the line.”
for the enterprises.” for the software’s original purpose in the Connecting the dots all the way to
Robin cut his teeth on rolling open- marketplace?” the latest cloud-centric releases at the
source software at MySQL AB – a He illustrates this point by saying that conference, Robin says that now that
relationship, he fondly tells us, which it’s imperative for any database to have the company has put in the big pieces,

IntervIew Robin Schumacher
it’s time to ease the experience: “Our

current roadmap makes it even cleaner
in terms of bringing some of these very
powerful functions to bear inside of the
platform itself. A couple of the first steps
is our advanced performance feature set,
where it’s all transparent to the users. You The three services DataStax announced during the
don’t have to worry about doing anything Washington event will begin rolling out later over 2019 .
special in your app to make it run faster.
You don’t have to do anything to your Azure you have a variety of different about open source, what are we going to
cluster to make sure all the nodes are services that developers and database give back to open source. And it not only
synchronised with the proper data. It’s all pros take advantage of. It’s the same concerns the Cassandra database, but
handled for you in an automatic fashion.” thing with us.” also things like our drivers. We currently
DataStax unveiled its cloud platform maintain all the open source drivers, but
strategy (see box below) during the No free lunches we also have a set of Enterprise drivers;
conference, led by the DataStax During our discussions, Robin shared that what the differentiation between those
Constellation platform, which Robin likens DataStax has a very active Open Source looks like, and why.” He adds that having
to Microsoft Azure: “Constellation is the committee that’s made up of product a strong committee has helped DataStax
overall platform, and within Constellation representatives, engineering and the not only walk the fine line between being
you are going to have a variety of different developer relations and community team very good open source stewards, but at
services that support cloud applications. that represents the open source interest: the same time has helped differentiate
So it’s kind of like Azure; as Azure is to “We have very healthy and strong debate its enterprise products to help keep its
Microsoft, Constellation is to us. Under about what we are going to be doing accounts in the green.
One of the decisions DataStax had to
take to ensure its viability came about
rollIng the database as a servIce with the release of DataStax Enterprise
(DSE) 6.0. With that release the company
A couple of times during our multiple copies of our software at prioritised its development efforts
conversation, Robin alluded to the fact the same time. But you don’t need behind DSE, and relaxed a number of
that DataStax has now set its eyes on that in the cloud, because it’s already guidelines that Robin helped develop,
helping users eradicate some of the containerised and already contains in order to retain functionality for its
day-to-day operational complexity the virtual machines and everything enterprise offering. For instance, one
from their workflow. The DataStax else. So there’s no reason to take all of the guidelines said that open source
Apache Cassandra as a Service is one that and put it over to our service. Cassandra would never run slower, or
of the initiatives announced during the The same is true of some of the other scale less, than DSE. That changed with
conference that’ll help it meet features that we have there.” the DSE 6.0 release, which included a set
this lofty objective. Some of the DBAs we spoke of optimisations and utilities that enabled
The database-as-a-service to wondered how Constellation it to not only run faster than the open-
(DBaaS) product aims to simplify compared to InstaClustr, which offers source Cassandra, but also helped it to
app deployment and development a similar platform for managing scale much better.
provisioning by reducing the process Apache Cassandra deployments. When asked how the larger Cassandra
to just a few clicks. Robin tells us “They kind of do the same thing, in community reacted to the news, Robin
that to make the cloud offering more a sense, yes,” agrees Robin. But he said the reaction was actually quite
enticing, DataStax has rolled it along adds that InstaClustr takes the open muted. “I was pretty happy to see that we
with enterprise grade security and source Cassandra and provides a web had, I think, only one or two people out on
offers it on usage-based pricing console for managing it: “When you the Cassandra mailing list that complained
terms. He adds that it’ll also get the look at what they do verses what our about that.” Robin concedes that the
self-healing features that ensure distribution offers, we have quite a bit reaction would have been quite different
users don’t have to deal with certain more enterprise capability.” back in his MySQL days, and that’s
administrative functions that are a One set of features he points out because the open source community
headache to deal with in the open- that is missing in InstaClustr are these days has much better appreciation
source Cassandra. the advanced security capabilities, for what a vendor like DataStax does:
But it isn’t just a simple port of because it’s based off open source “They understand that you can’t get
DataStax Enterprise (DSE) to the Cassandra’s minimalist feature set: something for nothing all the time.”
cloud: “You’re right, there are some “So for people who have critical
things we’ve ported over from DSE to needs to protect sensitive data, they Mature community
the new service, but there are things want to make sure they are able to He recalls an incident from back in the
that are just simply not required in the track who changed what when, who MySQL days when he had someone at an
cloud that you may need on-premise. looked at what when; when they open source event walk up to him and say
As an example, we have something need to interface with all the security that they should just put out everything
called DSE multi-instance, and this packages that are out there that their for free. “I just answered him: when you
enables you to take a particular app might need to adhere to… they stop taking a pay cheque, so will I.” Robin
large piece of hardware and run are going to find that in our service.” continues: “It doesn’t work that way. You
need a strong vendor that’s incentivised

Robin Schumacher IntervIew
to be able to buttress these open source points out that all graph databases – to use open source software is to avoid
projects. And every open source project be it JanusGraph, DSE Graph, Amazon vendor lock-in. “And then thirdly, while
out there has one or two that do this type Neptune, Cosmos DB or IBM Graph – are some customers understand the need
of thing.” all built on top of Apache TinkerPop, which for DataStax Enterprise for large-scale
He’s glad that the Cassandra is the open source graph framework – and production systems, they might have
community has been very understanding DataStax is the largest code contributor to smaller departmental systems or large
of the differentiation DataStax has had that project. development environments where they
to build between the products: “They don’t necessarily need the extra firepower
understand that it’s a business that has Engaging the community that DSE provides.”
to be run, and they also understand that Another bit of the company’s engagement It’s a combination of these three
when that business is successful we are with open source that intrigued us was reasons that led DataStax to offer DDAC:
continuing to give back to open source. the DataStax Distribution of Apache “What we have done is taken Cassandra
There are features now in DSE that likely Cassandra (DDAC). It was announced and certified it just as we do for DSE. We
in three to five years we will transfer to towards the end of 2018 as essentially supplied the bulk loader and we give them
open source as we continue to innovate.” the company’s release of the open source that hand to hold, the support, all at an
One of the developments that DataStax version, and sticks out among DataStax’s extremely attractive cost. Believe me,
hasn’t yet contributed back to the proprietary DSE offerings. they are spending pennies to save tons
of money.”
Talking to Robin and the other head
talk is chEaP, BEEr lEss so honchos at the company, especially its
“Back in the MySQL days with large companies

co-founder and CTO Jonathan Ellis, you
get the feeling that the company has
like Facebook, Yahoo! and Google – they find

its heart in the right place. Ellis was the
project chair of Apache Cassandra from
out open source is free, like a free dog.”

its beginning, before stepping down in
2016. Besides contributing code, bug-
fixes and documentation, the company
Cassandra project is the Graph database “A lot of folks, when they say they does its bit through various initiatives
technology it got through the acquisition believe in open source, what they really such as certifications, meet-ups and
of Aurelius LLC in 2015. Robin points out mean is that they are looking for a zero- more, to nurture the open source
that at the time of acquisition, DataStax cost or a low-cost product. And I get community around the Cassandra
followed through the commitment it made that,” explains Robin. “But they quickly open source project.
to the open source community that it find out – and I’ll tell you that I saw There were also a large number of
would see through the 1.0 release of the this back in the MySQL days with large individual Cassandra users and developers
TitanDB database. companies like Facebook, Yahoo! and at the conference, and talking to them it
The project was later forked and Google – they find out open source is was clear that they all saw DataStax as a
rechristened JanusGraph and moved to free, like a free dog.” Besides cost, another staunch ally and a committed contributor
the Linux Foundation. However, Robin popular reason that companies want to the open source project.
DataStax Cassandra as a Service will have consumption-based

pricing and add-ons, like the analytics tool Insights which gives
deployment-specific actionable recommendations.

in-depth Databases
The future of
the database
Twiddling thumbs between sessions at a database conference,
Mayank Sharma ponders on the impact of the web on databases…
his is the information era, where ATM or buy a movie ticket – the list is virtually
T almost everything is data. The

scale at which this data is being
collected and used is growing at
endless. In fact, it’s safe to say that a majority
of your daily chores will involve some sort of
interaction with a database.
an exponential rate. The speed at which In addition to these traditional uses of a
organisations are ingesting, storing and database that are fulfilled by what is known as
processing data is hard to fathom; it’s very a relational database, the internet has had a
common these days for even small-scale great influence on databases in both form and
companies to process terabytes and even function. The explosion of social media
petabytes of data. In order for this data to be platforms such as Twitter, Facebook,
crunched into meaningful information, it first Instagram and the like have ushered in a new
needs to be housed in a database. generation of databases that are designed to
Databases have become a part of your daily overcome the scalability limitations of the
routine in more ways than you can imagine. earlier varieties. These hold vast quantities of
These days you don’t even have to be on a different kinds of data that just cannot be
computer or use your smartphone to interact stored and processed, at least not efficiently, by
with a database. For instance, when you traditional relational database systems.
purchase items at the local supermarket, Taking a look at the evolution of the
chances are there’s an inventory database that mechanisms for data storage, retrieval and
automatically updates itself while you checkout. processing will help us better appreciate the
The same thing happens when you borrow a challenges of an often unappreciated and
book from the library, withdraw cash from the unglamorous branch of computer science.

Databases in-depth
e’ve been using databases to help us the first commercially available relational database. It
W organise information since time immemorial.

Archaeologists have found stone tablets in digs
became the dominant format and didn’t leave much
room for anyone else by the time IBM released a full-
dating to 4000 BC that were used to index various kinds fledged commercial relational database in the form of
of information. Before the advent of the computer, we DB2 in 1983.
were cataloguing information manually. The first The 1980s saw the development of various
computer databases were just digital versions of this commercial relational databases as their benefits
manual system: a flat file of a consecutive list of records. became more widely known. The first relational databases
While filing information was straightforward, search and were quite slow, especially while accessing data records.
retrieval was a slow, time-consuming process. In the However, their performance improved with the
mid-1960s IBM started using a hierarchical data model development of new storage and indexing techniques
for its information management system, called IMS. It and better query processing and optimisation.
featured a parent node that pointed to several child Eventually, relational databases became the dominant
nodes. IMS was famously used by NASA to help with type of database system for what are now referred to as
the design of the Lunar Lander. traditional database applications.
In 1969, the Committee on Data Systems Languages
(CODASYL) consortium, which was a group of scientists Open sesame
and researchers working with the COBOL programming One of the key ingredients that fuelled the success of
language, got together and came up with a standard the relational database model was open source code. It
interface for how COBOL programs should access and started with the Ingres database in 1974, which made its
share databases. The lead proponent of the CODASYL code available for a small fee under the BSD licence. The
group was Charles Bachmann, who tweaked the Ingres code spawned a number of popular and
hierarchical model and made it more flexible by commercially successful databases such as Sybase
establishing what’s known as the network data model,
enabling child nodes to have multiple parents.
The CODASYL approach was a very complicated
Popularity broken down by database model, July 2019
100
system to execute and required substantial training.
18.3% 19.5% 21.1% 29.6% 34.4% 35%
Edgar ‘Ted’ Codd was a mathematician at IBM who saw 59.8% 60.5% 70.4% 82.8% 89.8%
programmers wasting time rewriting programs every 75

Ranking scores %
time there were any changes to the layout of the

database. He proposed a database abstraction approach
that separated the logical and the physical structure of
the database. 25
His relational database model, first proposed in 1970,
organised a body of data into simple tables of related 81.7% 80.5% 78.9% 70.4% 65.6% 65% 40.2% 39.5% 29.5% 17.2% 10.2%
0
information. Instead of a freeform list of linked records,
MS
MS
ed
S
re
re
re
re
M
BM
BM
gin
at
DB
DB
DB
sto
sto
to
Codd proposed data to be stored in tables with fixed- sto
nt
lD
eD
es
en
ph
ies
ML
rie
n
F
na
en
alu
lu
RD
m
ch
a
t-o
er
eX
tio
va
m
lu
Gr
ar
tiv
eS
length records. This, along with several other changes,

co
y-
cu
la
jec
tiv
Se
l
Mu
Re
Ke
Tim
Do
ide
Ob
Na
W
made it easier to access, append and modify data. His KEY

words resonated with C. J. Date, an instructor Commercial Licence
The share of open source databases is comparatively low when
at IBM, and together the duo authored several papers Open Source Licence it comes to the traditional database models.
on relational databases.
Missed opportunity The dawn of skyneT?

Despite both Codd and Date being IBM employees, the
company wasn’t prepared to support their idea since it Artificial Intelligence (AI) and machine learning (ML) have entered
already had a successful database product in IMS. But the mainstream in the last couple of years. These technologies are
that didn’t stop others from jumping on the relational now making their way into the next generation of databases as well.
database model. In 1973, two researchers at UC Berkeley, Administering large databases that operate complex workloads isn’t
Michael Stonebraker and Eugene Wong, built on Codd’s a simple feat, considering the amount of configuration settings that
idea to create the Ingres (Interactive Graphics and need to be managed. An increasing number of database vendors are
Retrieval System) database. Ingres worked with a query thus infusing AI and ML in their databases in order to relegate some
language known as QUEL. regular monitoring and optimisation tasks to an autopilot that can
Several companies used Ingres as the basis for then assist admins tune the databases for maximum performance.
successful commercial products, although it took until “For decades, the primary time-sink for administrators has been
1975 for IBM to produce an experimental relational routine maintenance and performance monitoring/tuning tasks that
database called System R. It used a structured query ensure each database system is optimised for its supported
language (SQL), developed by IBM’s Don Chamberlin and applications,” says Robin Schmacher. “The promise of well-designed AI
Raymond Boyce, to search and modify data. SQL quickly and ML functionality in databases is that it will remove this
replaced QUEL as a more functional query language and productivity drain from the IT staff and have the database maintain
became an ANSI standard towards the end of the 1980s. and tune itself – all the while learning internally what proper
The third major adaptation of Codd’s idea came about optimisation is for each ind ividual database.” Thus databases in the
in 1977, when Larry Ellison got together with Bob Miner very near future will be able to anticipate operational issues and take
and Ed Oats in order to commercialise the relational preventative actions automatically. (destroy meat-bag infestation–ED)
database. They shipped the Oracle database in 1979 –

in-depth Databases
and Microsoft SQL Server, among others. After a brief called Minerva. To meet his requirements, he developed
hiatus, Michael Stonebraker returned to Berkeley in 1985 mSQL, first as an SQL extension to Postgres, and then as
and began work on the next generation of the Ingres a lightweight database with a limited subset of the SQL
database to address some of the bottlenecks with the standard. When mSQL development began to stagnate in
original design. His work, dubbed Postgres (Post Ingres), 1996, its open source code was adapted into MySQL.
eventually evolved into PostgreSQL. After the acquisition of MySQL AB by Oracle, the code
The next milestone for open source databases came was forked into MariaDB in 2010.
in the mid 1990s, when David Hughes wanted a database Another popular database that came about as a result
for his network monitoring and management system of open source code was Firebird. It was forked from the
open source code of InterBase 6.0 in 2000. The database
introduced several performance improvements, and is
Ranking scores per category, July 2019 the default database engine in LibreOffice.
Document stores 8.7% Graph DBMS 1.5% Order in chaos
Wide column Key-value stores 4.8% The first chinks in the armour of the relational databases
stores 3.3%
Native XML began to appear with the dot-com boom in the 2000s.
Time Series DBMS DBMS 0.3% The proliferation of online applications and platforms
0.6% such as social media websites, e-commerce vendors,
RDF stores
Search engines 0.4% cloud storage silos and others led to a huge surge in the
4.7% amount of data that now had to be stored in large
databases and massive servers. As the nature of the data
changed, relational databases – which had mastered the
art of storing and processing structured data – were
incapable of efficiently handling the vast amounts of
non-relational, schema-less unstructured data.
This called for a new type of database system that
could provide fast search and retrieval, as well as reliable
and safe storage of the unstructured, non-traditional data.
NoSQL came about as a response to the need for faster
speed and the processing of this new unordered and
disorganised data. The term NoSQL is most often
interpreted as Not Only SQL. It points to the fact that in
these databases, some of the data is stored using SQL
Relational DBMS 75.3% systems, whereas other data is stored using NoSQL,
depending on the requirements of the application.
The highlight of the NoSQL data model is that it is non-
relational and uses a distributed database system. It is
TyPes of daTabases fast, uses an ad hoc method of organising data, and is
efficient at processing different kinds of data at high-
NoSQL databases provide the performance, scalability and stability volumes. The widespread use of NoSQL can be attributed
that’s required by the modern data-driven apps we interact with to the services offered by popular social media platforms
these days. But that is where the similarity between NoSQL systems and cloud services such as Twitter, Facebook, LinkedIn,
end. In fact, it wouldn’t be wrong to say that the only thing most Instagram and Google. These online platforms store and
NoSQL databases have in common is that they do not follow the process colossal amounts of unstructured data.
traditional relational data model. Broadly speaking, NoSQL databases Just as open source helped fuel the evolution of
typically fall into one of four categories: relational databases, it essayed a similar role in helping
Key-value These function in heavy read environments. Key-value
stores are the simplest form of NoSQL databases and won’t be of Complete Trend, starting with Jan 2013
much help when there are complex relationships between data
Graph DBMS Time Series DBMS Object oriented DBMS
elements. That’s because all access to the database is done using Document stores Wide column stores Multivalue DBMS
a primary key. Redis and Memcached are frequently used solutions. Search engines RDF stores Reletional DBMS
Columnar These are optimised for reading and writing columns of Key-value stores Native XML DBMS
data as opposed to rows of data. Also known as wide-column store
databases, they are well suited for analysing huge data sets. Apache
Cassandra, HBase and Accumulo are the best-known ones.
Image Credit: DB-Engines.com
Document These store, manage and retrieve data as semi-

structured documents such as JSON and XML. These document-
orientated databases store all information for a given object, and
each object can be quite different from the others. MongoDB,
Couchbase and CouchDB are the best known and most widely used.
Graph Focus on how data relates to other data points. These
databases explore the relationships that link data. Data from graph
databases stores directed link between data sets called edges. Neo4j,
OrientDB and JanusGraph are popular examples. As you can see, graph databases have been steadily rising, while the
popularity of relational databases has plateaued in the last five years.

Databases in-depth
are going to start a new project, having access to

enterprise-ready tools and databases to build not only a
proof of concept but also the actual applications enables
faster time to value.”
Robin Schumacher, SVP and Chief Product Officer,
DataStax, agrees: “One of the key benefits the open
source development model offers is being able to draw
on the innovative talent and efforts of everyone in the
technical community, and have their contributions rapidly
come together to form a meaningful technology that’s
open and available to anyone. Of course, the fact that
such software is free to use helps adoption.”
With the rise of widely distributed cloud apps
Percona Live is a yearly conference dedicated to open source generating copious amounts of unstructured data, it’s
databases. It will be held in Amsterdam this year from 30 September the unprecedented workload that’s fuelling the growth
to 2 October.
of NoSQL databases designed to operate and function
efficiently at this level. But neither Robin nor Matt is
democratise NoSQL databases. The term NoSQL can be writing off relational databases just yet. Robin believes
traced back to 1998 when Carlo Strozzi released his that the relational database remains a “crucial
lightweight open source Strozzi NoSQL database, which component in today’s infrastructure stack”. He adds
was relational but didn’t use SQL as the query language. that relational databases will continue to be useful “for
‘NoSQL’ as it is used today originated in 2009 when it applications that are centralised in nature, are best
was used to describe the emergence of new databases handled by a relational data model, don’t need to scale
that do not view data as strictly defined tables of rows past singular hardware deployments, and don’t have 100
and columns. It sought to encapsulate the clones of per cent uptime requirements.”
Google’s Bigtable and Amazon’s DynamoDB that had The advantages that open source databases offer over
started popping up around that time. traditional closed source, proprietary ones are twofold.
One of the developers of DynamoDB, Avinash On the one hand they equip users with powerful solutions
Lakshman, helped develop a NoSQL database at without raiding their pockets. On the other, they enable
Facebook that was eventually released as Cassandra vendors to build a sustainable business model around
under an open source licence in 2008. But it was open source software. It’s a feedback loop, as the vendor
MongoDB that made the industry stand up and take then ploughs back some of its revenue to fund the
notice of open source non-relational databases as viable development of the open source database
solutions. Unlike traditional databases, MongoDB is a
document database that stores related data clumped Position Database Type Score
together in chunks. 1 Oracle Relational, Multi-model 1321.26
Another approach to catalogue the complex
2 MySQL Relational, Multi-model 1229.52
distributed data relationships in the social-media-
dominated web came about in the form of graph 3 Microsoft SQL Server Relational, Multi-model 1090.83
databases. One of the oldest graph databases is the open 4 PostgreSQL Relational, Multi-model 483.28
source Neo4j. Yet another open source NoSQL database
5 MongoDB Document 409.93
that’s making heads turn is Redis. It’s a simple database
that employs what’s known as a key-value store. Redis’ 6 IBM Db2 Relational, Multi-model 174.14
unique selling point is its stellar performance, since it 7 Elasticsearch Search engine, Multi-model 148.81
operates entirely from memory.
8 Redis Key-value, Multi-model 144.26
The popularity of open source databases can be
gauged from the DB-Engines rankings (https:// 9 Microsoft Access Relational 137.31
db-engines.com/en/ranking). It tracks 350 databases, 10 Cassandra Wide column 127
of which 172 are open source, as compared to 178 11 SQLite Relational 124.63
commercial systems. Between them, all types of NoSQL
12 Splunk Search engine 85.49
databases are dominated by open source databases –
see the table, right. When you drill down inside each 13 MariaDB Relational, Multi-model 84.44
category, you’ll find an open source database at the top. 14 Hive Relational 80.87
Redis leads the key-value database ranking, MongoDB
15 Teradata Relational, Multi-model 77.83
tops the document database ranking, Neo4j is the most
popular graph database, InfluxDB outscores the other 16 Solr Search engine 59.64
Data from: DB-Engines.com
time-series databases and Cassandra is the top ranking 17 FileMaker Relational 57.9
wide column database.
18 HBase Wide column 57.54
This comes as no surprise to Matt Yonkovit, Chief
Experience Officer at Percona. He explains that open 19 SAP Adaptive Server Relational 56.65
source databases are popular since “the barrier for entry 20 Amazon DynamoDB Multi-model 56.42
for open source is extremely low – there is no need for 21 SAP HANA Relational, Multi-model 55.54
budget approval with free software, there are lots of
people with the right skills available, and support for these 22 Neo4j Graph 48.98
systems is at hand for production applications. When you All things considered, 12 out of the top 22 databases in use today are open source.

Pi USER
Les Pounder
In the larger
Raspberry Pi
The Raspberry Pi isn’t
used just by buoys
community there
have been a
number of long-
term members
who have been having a tough time,
and so I’d like to address the Build yourself a smart mini-buoy for tracking waves
community at large and talk a little
about this. and sea temperature, all powered by your Pi.
ne maker duo is prototyping a The Smart Buoy is built from a 3D-printed
FINDING HELP
O smart buoy for monitoring sea
waves, temperature and more.
hollow sphere and is powered from four
integrated solar panels, It uses a Pi Zero and
My friends, While the project doesn’t seem to have Arduino board, and is outfitted with a host of
You may feel as though you are official bodies backing at the moment, it’s sensors plus a radio antenna. The aim of the
isolated, have no one to turn to, certainly interesting in itself to see how prototype buoy was to measure wave
or feel like you do not matter. the Raspberry Pi and, more widely, maker dynamics along with sea and air temperature,
But these feelings are not a true skills can help create devices that make a communicating those details via the radio.
reflection of you and your worth. difference in the real world. The Grenadian government gave the team
Our thoughts are capable of approval to set the buoy free along its coastal
great things, but they can also waters, and even made suggestions on how
cause great harm to ourselves. the project could be improved to aid it with its
We are all part of a community, own research, including monitoring wind
a place where we surround speeds. Meanwhile, the team itself thinks
ourselves with those who share a that implementing a mesh network would
similar interest or ideal. enable it to communicate more easily, and
Whether it is a small computer, hope to add this soon.
operating system or a way of https://www.hackster.io/t3chflicks
working, we all share a passion
for something and that may be Before the whole thing is
the genesis for a community to buttoned up ready for launch.
form. A community is made of CREDIT: t3chflicks.com
friendship and respect, both of
which are earnt over time. The
friendships we make online in
forums and social media will
become real friendships at
Snazzy Pi Plotting plots
conferences and events. We Sexing it up… Classic displays.
will remember each others’
birthdays, anniversaries and ancy some better-looking Raspberry veryone loved the Tektronix 4010. It
family members. We will grieve
when a member is lost, cry when
F Pi wallpaper? You’d do a lot worse
than checking out the official
E was a classic, and now you can relive
those heady days of vector-plotting
heartache strikes and rejoice Raspberry Pi Instagram account. It has coined at a heady 1024x1024 resolution with a
when good news comes our way. the #SnazzyRPi hashtag that we hear are painfully detailed emulator down to the 4000
You may have a dark moment, ever so popular with the young people. Check vector inches per second! Check out the
but rely on your friends and never it out and gaze upon the Pi loveliness. official blog post on the fascinating project:
be afraid to talk to them as that www.instagram.com/ www.raspberrypi.org/blog/historical-high-
will rob the darkness of its power. raspberrypifoundation resolution-graphics-on-raspberry-pi.
A community is formed around
something, but that something is
not a community. Our passion
and friendships are what form a
great community.
If you or anyone you know is
struggling with mental health
issues, you can find more
resources with the NHS:
www.nhs.uk/conditions/stress-
anxiety-depression.
That’s some damn good-looking hardware. Black and green the only colours a display needs.
CREDIT: Raspberry Pi Foundation, Instragram.com CREDIT: Rene Richarz, YouTube.com

Raspberry Pi distro Reviews
Raspbian buster
les pounder hasn’t seen the latest Toy Story 4 movie as yet, but
nevertheless he’s already met Buster…
ith the release of a new
In bRIEf
The latest
W Raspberry Pi there is always
an update of Raspbian, and
Raspbian this time there is one big change.
release from Released on 24 June, Raspbian
Raspberry Pi Buster marks the start of new
Trading. Raspbian images based on the
Designed for latest Debian Buster image. In
use with the Pi 4 fact Raspbian Buster was released
but compatible before the official Debian release.
with most of the Running Linux Kernel 4.19.50
older boards, created on 20 June 2019, Raspbian
this is a grown- Buster is not much different to the
up distribution last release of Raspbian Stretch.
that can take on Most of the changes are to security
most ‘desktop and the backend. But Simon Long Refreshed and ready for new challenges, Raspbian Buster offers a great user experience.
PC’ tasks. was keen to refresh Raspbian’s
interface and so it features a more refined desktop that a newer OpenGL driver which offers better performance,
feels even more like a ‘desktop replacement’ than before. and the ability to alter the screen layout, as the Pi 4
If you’re familiar with previous Raspbian releases then the supports two 4K screens. There is also a new compositor.
basics are the same, but it just looks a little nicer. If you are not running a Pi 4 these options are not visible
Software choices for Raspbian Buster are Chromium nor configurable.
74, which runs reasonably well – and on Pi 4 it runs The Raspberry Pi Foundation’s Raspbian distribution
remarkably well. YouTube playback on anything but a Pi 4 has always been backwards-compatible, all the way back
is choppy, and the installed version of VLC has issues to the original Pi in 2012. So we tested Raspbian Buster
with audio playback in videos. LibreOffice 6.1 is installed on ageing models of the Pi. If you want to run Raspbian
and runs really well. For Python coders we see Python Buster as a desktop OS then stick to Pi 2 and above – in
3.7.3 installed as standard – it may not be the latest fact, Pi 3 would be better. Anything older that Pi 2 is really
version, but it’s recent and well supported. The ageing only usable with Buster as a terminal-only OS. On the Pi
Python editor IDLE has not been retired from the Zero range of boards you can do basic work… slowly. But
Raspbian image and instead we see the great Thonny then the Pi Zero range was never meant to be a desktop
editor, an ideal Python editor for beginners. This is now device, more embedded into projects.
the default editor for Python. There is also an alternative Is Raspbian Buster any good? Yes it is! We have a
editor called Mu, aimed squarely at beginners, which great desktop environment for users that will tackle
offers compatibility with the CircuitPython, the micro:bit whatever they throw at it. But as we mentioned earlier,
Thonny is now and the game creation library PyGame Zero. this is a release for Pi 2 and above. If you really need to
the default Python
editor and it works
Although Raspbian Buster is meant to work across all run Raspbian on older hardware then use the last version
well for beginners versions of Raspberry Pi, there are a few extra features of Raspbian Stretch, or if you need to run a terminal/
and experts alike. for the Raspberry Pi 4. Raspi-config has an option to use server install try something lighter such as DietPi.
VERDICT
DevelopeR: Raspberry Pi Trading
Web: www.raspberrypi.org
licence: Mixed, same as Debian
fEaTuREs 8/10 EasE of usE 9/10

PERfoRmanCE 8/10 DoCumEnTaTIon 8/10
Grown-up, but it still retains the features that make it the

de facto standard for Pi users – especially the Pi 4.
Rating 8/10

TUTORIALS Pi monitor screen
I2C DISPLAY
Create a Raspberry Pi
OLED monitor
Les Pounder shows us how to monitor a Raspberry Pi 4 with a small
screen and a little bit of Python code.
his issue’s project is a tiny OLED screen that
T will provide useful data about a Raspberry Pi at

a glance. We will also run our project on boot to
monitor the system as we work.
The OLED screen connects to the Raspberry Pi GPIO
using an I2C interface. This is a special interface that
OUR only needs four pins on the Pi in order to send data. To
EXPERT connect your Pi please refer to the diagram on page 53.
Les Pounder With the physical connection made we now need to
is a freelance enable I2C on our Pi – do this in the Raspberry Pi
maker who works Configuration tool. We will also need to install two
with organisations Python libraries for this project. The first library is for
such as the our OLED screen and the second enables our code to
Raspberry Pi work with network interfaces. In a terminal enter the This tiny screen is easy to work with and really cheap. It can provide
Foundation to following command. all the data we need at a glance, without firing up a terminal.
promote maker $ sudo pip3 install Adafruit-SSD1306 netifaces
skills. disp = Adafruit_SSD1306.SSD1306_128_64(rst=None)
Writing the code disp.begin()
To write the code we shall be using Thonny, the default To configure the screen we need to know the width
Python editor on the latest Raspbian. You’re free to use and height; luckily, the function handles that. These are
any editor you want, but please save the code as live- saved to variables, and then the screen is set to 1-bit
data.py – and save often. We start the code with a line colour (black and white).
indicating where our Python 3 interpreter is located. width = disp.width
Our project will be a background app in the system, height = disp.height
so this enables it to run. image = Image.new(‘1’, (width, height))
#! /usr/bin/env python3 Preparing the screen for output, we create an object
We now import three libraries to add features to our to which we can draw.
code. The first enables us to use the OLED screen with draw = ImageDraw.Draw(image)
Python. The second is used for accessing system Now we set the confines of the screen. The padding
information in Python. The last is used to access variable enables us to stay inside the screen; we set the
network interface information. Note that we import top to match the padding, and the bottom of the screen
‘netifaces’ but refer to it as ‘ni’ for ease of use. as the height minus the padding. We also create a
YOU NEED import Adafruit_SSD1306 variable, x , to keep track of where text will appear on
Any import psutil the horizontal axis.
Raspberry Pi import netifaces as ni padding = -2
An i2c OLED Three more imports, and they are all from the Python top = padding
screen (128 x Imaging Library (PIL). These will handle drawing content bottom = height-padding
64 pixels) on the screen. x=0
4x female- from PIL import Image, ImageDraw, ImageFont Here we gather the data for our screen. The first
to-female In order to use the OLED screen, we need to tell data collected is the CPU’s temperature, and for this we
jumper wires Python where it is, and what size it is. For this we create open a file in read-only mode. This file stores the data
The Code: an object called disp and in there we use the Adafruit from the CPU temp sensor, which we save to a variable
http://bit.ly/ library, specifically the 128_64 function. Note that the called f .
lxf254i2c screen does not have a reset pin ( rst ) so we set that to f = open(“/sys/class/thermal/thermal_zone0/temp”,
None . Then we begin the connection to the screen. “r”)

Pi monitor screen TuTorialS
t = f.readline() Only four wires are

As the data is stored as a string, in order to do any needed for this
project. It’s easier
maths with it we need to convert it to a float . The value
to wire up than
stored is far too large, so we divide it by 1,000 and round an LED!
the returned value to one decimal place, giving us the
correct temperature.
t = float(t)
t = round(t/1000,1)
To get the CPU usage percentage, we create a
variable called cpu and in it store the output from the
psutil.cpu_percent() function. Then we round the value
down, with no decimal place for ease of reference.
cpu = psutil.cpu_percent(interval=1)
cpu = round(cpu)
To get the RAM usage we again use psutil ,
specifically the virtual memory function. This will return
a list of data, and from the list we need the second
value, which is available memory. To get the second item is the same, but we set the move down eight pixels.
we use [1] , as a list starts from 0. Then we do a little draw.text((x, top), “CPU Temp is “+str(t)+”C”,
maths on the value in memory, which represents bytes. font=ImageFont.load_default(), fill=255) sometimes
We need to convert it to megabytes so we divide the draw.text((x, top+8), “CPU usage is “+str(cpu)+”%”, OLED screens
value by 1,024, twice. font=ImageFont.load_default(), fill=255) come in I2C and
memory = psutil.virtual_memory() The next three lines are our Alert status, available sPI versions. If
memory = memory[1] RAM, and IP address. in doubt, always
memory = round(memory / 1024 / 1024) draw.text((x, top+16), ALERT, font=ImageFont.load_ look for sDa
and sCL. but
The last piece of data is the internal IP address of the default(), fill=255)
sometimes sCL
Ethernet port. For this we create a variable called ip draw.text((x, top+25), str(memory)+”MB Free”,
can be referred
and in it we store the data obtained from netifaces font=ImageFont.load_default(), fill=255) to as sCLK or
ifaddresses function. This requires the interface name draw.text((x, top+33), “eth0:”+ip, font=ImageFont. CLK. no matter
as an argument, and in the returned data we need to go load_default(), fill=255) what, sDa is
into a series of nested lists: first at position 2, then The very final two lines of this code will update the data and sCL is
inside that list, position 0. Then we use the addr key to display and show the live data. ‘Clock’, used for
retrieve the data stored in a dictionary. disp.image(image) precisely timing
ip = ni.ifaddresses(‘eth0’)[2][0][‘addr’] disp.display() the interface.
The next step is to add an alert for our CPU. If the Save the code and click Run; your OLED screen will
temp ( t ) is over 50C, it will change the text on the come to life and show the latest data for your machine.
screen. Otherwise we get NOMINAL . See below to have this code run on boot.
if t > 50:
ALERT = “CPU TEMP ALERT”
else: RunnIng thE CODE On bOOt
ALERT = “NOMINAL”
We now start writing text to the screen. The first two Our project is best used on boot, so here are the extra steps to make
lines write the CPU temp and usage. that happen. First we need to make our code executable, and for that
The first line is our CPU temp and you will see that we need to open a terminal and type
we start writing in the top left ( x ), two pixels from the $ chmod +x live-data.py
top of the screen (top is -2). We write a string of text, Now to make the code available to everyone as a command, we
and convert it to a string t . Then we use the default need to copy it to /usr/bin, so in the terminal type
font, and set the colour to 255 (white). The second line $ sudo cp live-data.py /usr/bin/live-data
Now give the command a try. In the terminal type the following and
watch the OLED screen.
$ live-data
So now we have the command, let’s use it on boot. In the terminal
we shall use crontab and edit cron to start the command on boot, and
run the command every minute that the Pi is on.
$ sudo crontab -e
In crontab, go to the bottom and add this line.
* * * * * live-data >/dev/null 2>&1
Now save by pressing Ctrl+X and pressing Y, then Return. That’s it!
Now you can reboot your Pi and watch your OLED screen as every
minute your Pi is on, it will give you live data. The lengthening autumn
If you need to change the I2C address for your screen, desolder the evenings will just fly by…
connection to 0x78 and make a new one to 0x7A.
gEt yOuR Pi fILLIng hERE Subscribe now at http://bit.ly/LinuxFormat

TUTORIALS Lightning simulator
GPIO
Build a lightning
simulator with LEDs
Sean Conway provides the design details to build a circuit for
controlling LEDs using Raspberry Pi GPIO ports.
et’s use the Raspberry Pi’s general purpose
L input output (GPIO) to do some work. Under

the control of a Python script, the GPIO output
will drive a heavy load – meaning that the electrical
current is in the magnitude of amps rather than
milliamps. For this discussion the load will be a string
OUR of light emitting diodes (LEDs) requiring 12V DC at 2A.
EXPERT If you’re not familiar with Pi technology, GPIO
Sean D. Conway outputs operate at 3.3V DC and are only capable of
A retired senior IT supplying milliamperes of current – so the board is not The Raspberry Pi
security specialist designed for such applications. Using the outputs to installation ‘circle of life’.
who makes drive any load is not recommended. In order for the Pi
automation and to be up to the task of driving a heavy load, we are going
simulation to employ external electronics in the form of metal ctrl_interface=DIR=/var/run/wpa_supplicant
projects for the oxide field effect transistors (a MOSFET) to overcome GROUP=netdev
Raspberry Pi. these limitations. update_config=1
country=<your_ISO-3166-1_two-letter_country_code>
Operating framework network={
Before we look at the external circuit requirements, ssid=”<your wireless network ssid>”
let’s go through the process of installing an operating psk=”<your wireless network password>”
system on the Pi. The drawing represents five steps in key_mgmt=WPA-PSK
cycle of installing the Raspbian OS. }
Obtain the Raspbian OS. In this project we won’t need Change the text between the < > and the angle
YOU NEED the capabilities of a graphical user interface (GUI) on brackets to insert your own network details. The open
Raspberry Pi the Pi. That enables us to use the ‘lite’ version from the and closed double quotes in some statements need to
3 model B Raspberry Pi website (www.raspberrypi.org/ remain in place or the file will not work.
16GB downloads). Remember to complete a checksum Download and install PuTTY (www.ssh.com/ssh/
microSD verification once the image file has been downloaded, putty/linux) to establish a secure terminal session
memory card to ensure that all the bits were transported correctly. connection to the Pi over a network. The key to making
5VDC 2.5 Use the balenaEtcher image-flashing software a connection is discovering the IP address assigned to
amp power (www.balena.io/etcher) to install the Raspbian OS the Raspberry Pi when it boots up. Installing PuTTY is
supply, image to a microSD card. balenaEtcher redundant if the operating system on your laptop of
micro-USB is open source software and available for a number of desktop has an application that supports SSH;
IRFZ44 operating systems. Download the software, unpack the Microsoft products don’t provide this out of the box, so
power installer and install the application. Fire it up and select you should use PuTTY if you’re running on Windows.
MOSFET the image file and SD card device to kick off the process Instruct Raspbian to perform an update and upgrade
BSS138 of writing an image to the SD card. using the below commands in a terminal. These
MOSFET Install two files in the /boot folder of the Raspbian OS commands ensure that the OS repository listing and
Raspbian on the SD card. One file enables the SSH service for software versions are up to date, by connecting to the
Stretch with network connections, and the second enables Wi-Fi Raspbian repository and performing updates:
desktop network connectivity to the Pi. Put a blank file named $ sudo apt-get upgrade
(Release date ssh in /boot to enable remote network connections to $ sudo apt-get update
2019-04-08) the Pi using SSH. Create a second file named wpa_ These instructions are just a summary to get the Pi
balenaEtcher supplicant.conf with the following contents to provide set up as needed. If you need more details, check out
PuTTY wireless access to the Pi: the article “Constructing a drive-in cinema” in LXF239,

Lightning simulator TuTorialS
or have a look at the the Raspberry Pi website.
Now the science part

A valve is a mechanical device used to control the flow
of water: by adjusting the control on the valve, the flow
of water can be varied. The analogy of a valve can be
used to describe the operation of type of field effect
transistor (FET). There are a number of different types
of FETs. For this discussion, we will focus on the metal
oxide semiconductor field effect transistor (MOSFET)
type we’ll be using.
Level-shifting from
The gate on a MOSFET is similar to the control on the external 3.3V DC will give the Pi cause for alarm, and 3V to 5V.
the water valve. As a positive voltage is applied to the the result is that the Pi hangs. Allow the Pi to complete
gate, the device will start to conduct; like opening a its startup, then power on the external circuit, and
valve, it enables current to flow through to the load. everything will work.
The power supply for the load is 12V DC. The load is By adding an additional MOSFET to the driver circuit,
represented by the boxed resistor and LED combination. shown on the right side of the diagram, this startup
In physical terms this load is a 5m strip of LED lighting, issue can be resolved. The 3.3V DC that supplies the
requiring 2A of current from the power supply. low side is sourced from the Pi board. The 5V DC on the
This power MOSFET is packaged in a TO-220 case right is sourced from an external source.
with a metal tab to provide heat dissipation. The metal The MOSFETs on the low and high voltage sides of
tab can also be used to mount the device to a larger the circuit isolate their respective side when the voltage
heatsink for more heat dissipation if needed. The is not present. The Pi never experiences the high side
rugged device provides a fast switching speed for use voltage and since it is the source for the low side
in a wide variety of applications. In this project we are voltage, the boot issue is never experienced.
switching a resistive load. The bidirectional level converter circuits use
Now that we have a basic understanding of a FET a MOSFET, but not one designed for high-power
operation, let us explore how the device can be used application. The power MOSFET used to drive the LED
to assist the Pi GPIO to drive heavier loads. load is designed to handle high-input voltages. The
The low voltage (3.3V DC) available at the Pi GPIO MOSFET used in the converter circuits are not designed
pins have both positive and negative effects. The GPIO to handle high input voltage. MOSFET have very high
3.3V DC output comes directly from the Pi processor – input impedance, making them ideal for input circuits.
there are no additional circuits on the board to enhance Their internal design also makes them flexible for high-
the signal output, such as bumping it up to 5V DC. and lower-power applications. PuttY can be
Adding additional circuits would add extra components, Now that we have a Pi up and running with an OS found at https://
which would increase cost and possibly increase the connected to a bidirectional level converter circuit, www.ssh.com/
size requirements. outputting to a power MOSFET switching circuit ssh/putty.
The 3.3V DC requirement for the processor is ideal capable of driving an 12V DC LED light strip, let us
since it adds efficiencies that are not found in
processors requiring higher voltage. A processor with
5V DC ports is possible, but again there is a cost. LOaD-BEarInG
The Pi power supply is small and compact. It is
designed to support the Pi. Using the Pi to power An inductive load (as opposed to a resistive load) describes
external loads would add complexity and size to the any device that contains a motor, such as a refrigerator, an air
power supply. If the plan is to use the Pi GPIO to conditioner or a device containing a coil, like a relay.
support a design that is driving more than a simple LED You may have noticed that when you first turn on a device with a
circuit found on a breadboard, driver capabilities will motor in it, the house lights sometimes dim very briefly. The motor
need to be added. By adding additional circuits to the has coils of wire turning inside a magnetic field that produces an
GPIO output, loads that require more voltage and/or electromagnetic field (EMF). This EMF, referred to as back EMF, is
current can be supported. acting against the voltage that was applied to get the motor to spin.
Now look at the circuit diagrams top-right. The single When the voltage is removed from the coil by stopping the motor, a
MOSFET circuit shown on the left side, with a few back EMF is also produced. Back EMF doesn’t want the current to
resistors added, enables support for lower voltage increase (at motor start) and back EMF doesn’t want the current to
(i.e. 3.3V DC) on one side and a higher voltage (5V DC) decrease (motor stop). The same physics apply to the coil on a relay.
on the opposite side. The circuit is bidirectional. Back EMF can be destructive, and motor designs should provide
Outgoing signals on the low side are translated to the protection to accommodate this anomaly. If you plan to use a
high side, and vice versa. MOSFET to switch an inductive load, like a relay, be sure to install
Remember we said that the GPIO outputs come a diode across the coil, or relay windings to prevent damage to the
directly from the Pi processor. This creates a problem MOSFET from back EMF. The back EMF from an inductive load has
on power-up. Ideally, the MOSFET circuit will contain its the potential to punch a hole through the substrate of a MOSFET and
own power supply. If the 3.3V DC power supply on the render it useless.
MOSFET circuit is on before the Pi completes it startup,
sPark mOrE BrIGht IDEas Subscribe now at http://bit.ly/LinuxFormat

TuTorialS Lightning simulator
LED and “EL” cord strips.

IO_array_light = (
Lightning in
the cloud, IO_2, IO_3, IO_4,
or to the IO_5, IO_6, IO_7
ground. )
The next section of code configures the Raspberry Pi
GPIO ports to be used as outputs:
# Set GPIO function
GPIO.setup(IO_array_light, GPIO.OUT) # set GPIO pins
Cloud LED strip
material for lighting output
Next, we define a function to simulate cloud-to-cloud
lightning. It establishes the interval that the LED light
Wire frame
EL Cord source is both on and off:
def flashHZ (GPIOpin):
High_HZ = random.uniform(0,.3)
Low_HZ = random.uniform(1,2)
GPIO.output(GPIOpin, GPIO.HIGH)# set HIGH (LED
ON)
time.sleep(High_HZ) # wait
GPIO.output(GPIOpin, GPIO.LOW) # set LOW (LED
bang out some Python code to control it. OFF)
The purpose for this Raspberry Pi design is to time.sleep(Low_HZ) # wait
Etcher download construct a flashing light-show lightning simulator. return
and instructions: Random light will flash through ‘clouds’ to simulate This next section of code defines a function that
https://www.
cloud-to-cloud lightning, and randomly a light source randomises the interval at which the EL cord light
balena.io/
will leave the cloud and strike the ground, to simulate source is both on and off, used to simulate cloud-to-
etcher.
ground-strike lightning. ground lightning:
We constructed a wire frame covered with white def flashHZ_GND (GPIOpin):
fluffy material (such as cotton wool) to simulate the High_HZ = random.uniform(0,1.5)
cloud. The underside of the material on the frame has Low_HZ = random.uniform(1,2)
been blackened to appear like the dark underside of a GPIO.output(GPIOpin, GPIO.HIGH)# set HIGH (LED
thundercloud. Our cloud structure is over 5m in length ON)
and 1m in depth. time.sleep(High_HZ) # wait
Within the wire frame are five sections of 12V DC GPIO.output(GPIOpin, GPIO.LOW) # set LOW (LED
LED light strips (5m in total) to simulate lighting within OFF)
the cloud. One 12V DC EL LED flexible cord light set was time.sleep(Low_HZ) # wait
connected from the frame to the ground in order to return
simulate lighting from the cloud to ground. This section is the body of the code. It randomly
selects a GPIO port from the array provided. If the
On with the code element of the array is 3, we need to simulate a
We haven’t got sufficient space here to include all the lightning strike from the cloud to the ground by calling
Python code for the project, but you’ll find it in the www. the flash function. If it’s any other value, we call the
linuxformat.com/archives online archives. We’ll look flash function for a cloud-to-cloud lightning simulation.
at some select portions of the code, however. try:
This first section of code defines the array that holds while True:
the GPIO ports used in the simulation. The Raspberry Pi strike = random.choice(IO_array_light) #pick a LED
pins associated with these GPIOs are connected to the from lighting list
#test to determine if lighting is ground strike or air
strike
sOurcInG Parts if (strike == 3):
print(“Ground Strike!”,strike)
Now that you have mocked up the circuits on a small breadboard, flashHZ_GND(strike)
what next? Ideally we would have all the parts and processes to else:
construct our own MOSFET circuits, installed on working printed print(“Cloud Strike.”, strike)
circuit boards that we designed and etched ourselves. flashHZ(strike)
But that’s not going to happen for this writer! Why build when you The full code we’ve provided is designed to be used
can buy? There are a number of versions of MOSFET power-switched from a Raspberry Pi running Python without needing to
modules and bidirectional-level converter printed circuit boards have anything attached to the GPIO ports. The code
available on the market today. A search for “MOSFET trigger” or simply prints text saying “Ground Strike” or “Cloud
“bidirectional level converter” will return plenty of results. Strike” depending on what is selected from the array.
You can find two good examples at http://bit.ly/lxf254llc and But lightning flashing without the accompaniment
http://bit.ly/lxf254mos. We’re not specifically endorsing or a of thunder would only be half a simulation. Stay tuned
recommending these product or their distributors – these links are to Linux Format for a future issue (see LXF256) that
provided to demonstrate that ready-made products are available. configures Bluetooth sound to enhance the simulation.
Until then, keep baking with Pis!

The home of technology
techradar.com
TuToRiaLs
TMsu
Tagging files made easy

Tagging people on social media posts still foxes Shashank Sharma – but
with TMSU, at least the files on his disk are properly tagged and organised.
e covered the basic usage of TMSU in LXF253. specified tag. But if you want to narrow down the files
W Briefly, it’s a nifty little command-line utility

which can be used to tag all the files on your
even more than is possible with this basic usage, you
can do so using the and , or and not operators. This is
disk, leading to easy organisation. This is especially especially useful if you use the same tags for different
useful if you’ve been running the same distribution such types of files. For instance, you can use the todo tag
ouR as a rolling-release or a LTS edition for some time, as
the number of files on your system will grow
for all your work files, in-progress blog posts, half-baked
videos for your YouTube channel and so on. You can
eXpeRT exponentially the longer you run the same distribution. still separate the different files and identify the one
Shashank Sharma With TMSU, you can tag any file on your disk with a you’re looking for using these operators:
is a trial lawyer in simple tmsu tag <filename> <tag> command. The $ tmsu files todo
New Delhi and avid command expects a filename and a space-separated LXF-articles-to-do-list
Arch user. He’s list of tags that you want to assign to the specified file. WS-sumit-arora.docx
always on the hunt See last issue (LXF253) for how to install the $ tmsu files todo not lxf
for budget-friendly minimalist but robust utility, its usage as well as WS-sumit-arora.docx
geeky memorabilia. the basics of the TMSU database. As you can see from the output produced by the two
commands, the second command removes the file
Smart lookup LXF-articles-to-do-list because of the not operator
As we discussed last issue, the tmsu files command is used in the command. Similarly, the command tmsu
used to list all the files in the TMSU database. You can files LXF will list all the files which match the specified
alternatively run the tmsu files <tag> command to only tag LXF , while the command tmsu files LXF not
list files in the database which are identified with the year=2018 will only list files tagged LXF but not
assigned the year=2018 value.
Using the or operator is just as straightforward, and
RepaiRing The daTabase you can even combine operators to restrict results even
more, to quickly narrow down the files you’re looking
As TMSU only creates a symbolic link to all the tagged files and
directories, the database can easily get out of sync with the actual
files on the disk if you were to move the files or rename them.
This is because TMSU doesn’t watch the filesystem for changes.
You can run the tmsu status command to determine whether the
database is out of sync or not. When run without any additional
command options, the status command will check each file in the
database with the corresponding file on the disk. The filenames it
produces as output are preceded with either T, M, ! or U symbols,
identifying the respective files as either Tagged, Modified, Missing
or Untagged.
Renamed files, identified with the ! symbol, which still reside in the
same directory can be fixed in the database by running the tmsu
repair command. TMSU will then report the changes it made to the
database to bring it back into sync:
tmsu repair Documents/
/home/linuxlala/Documents/LXF- -tutorial-vim.odt: updated
path to /home/linuxlala/Documents/LXF- -tutorial-vim-possible.
odt
When not provided a path as an argument, tmsu repair will fix all the
tagged files in all the nested directories within the parent directory. TMSU uses a standard Sqlite3 database to store information. You can
use sqlite3 to read the database, or even export the content.

Tagging files TuTorials
for. For instance, the command tmsu files todo or LXF

not (year=2019 or articles) will produce a list of only
those files which are tagged todo or LXF but which
are not assigned value year=2018 or the articles tag.
In a nutshell, all the tags or values you want to exclude
must be prefixed with the not operator, and if you want
to exclude multiple tags, you can use parentheses just
as in our example.
Apart from these operators, you can also create
complex queries using other operators such as == , != ,
< , > , >= , <= and others. So the command tmsu files
LXF year<2019 will list all the files tagged LXF where
the year value is less than 2019. In fact, you can even
use the --where command option to narrow down the
files using query language, and then manipulate them
with TMSU. For instance, the command tmsu tag
--where=”articles and todo” LXF will add the tag LXF
to files which already have the tags articles and todo .
Virtual filesystem
As easy as it is to list all the tags and access files from You can use the -c option to count the number of files which match the query criteria, or even
the terminal, this isn’t always a practical solution, the number of untagged files.
especially when you want to access files using other
applications. Thankfully, TMSU provides a virtual $ ls
filesystem which you can mount to access all the articles lxf LXF project todo year
tagged files. Once mounted, you can even access the $ mv articles Articles The files listed
virtual filesystem using graphical applications, just as $ ls in the tags
you would any other filesystem on your disk. Articles lxf LXF project todo year directory are
To mount the virtual filesystem, you must first Removing a file from the tags directory has the all assigned
create a mount point and then run the tmsu mount expected effect of removing that tag from the file. For a unique
numerical
<mount-point> command: instance, if you remove the file todo-june.txt from the
value, which is
$ mkdir vfs vfs/tags/todo/files directory, the tag todo will be
appended to
$ tmsu mount vfs removed from the todo-june.txt file, without affecting the filename
$ cd vfs the original file itself. itself. This
$ ls Unlike the tags directory, which lists all the files and unique number
queries tags tags stored in the database, the queries directory in the or id is used to
The tags directory contains virtual directories for virtual filesystem lets you look up files on the basis of distinguish files
all the tags created in the current TMSU database. You queries using different operators, like the ones we with the same
can navigate these directories just as you would the discussed above: name that have
directories on your filesystem. Within each tag $ cd vfs/queries been assigned
the same tags.
directory, the directory files is home to symbolic links $ ls “articles and todo”
don’t worry
to all the files which have been assigned that particular LXF-254-tutorial.odt
however, as the
tag. Each tag directory also hosts directories for the LXF-255-tutorial.odt numerical value
other tags which have been assigned to these files: LXF-255-roundup.odt is added only
$ cd vfs/tags/articles $ ls to the symbolic
$ ls articles and todo links – the
files LXF year As you can see, running the query with the ls actual filenames
Here, the directory for the articles tag is made up of command produces a list of the files you’re looking for, remain
three separate directories. The files directory houses and the command automatically creates a directory unaffected.
all the files which have been assigned the articles tag. with the specified query. These directories can
But since some of the files assigned the articles tag subsequently be used to quickly identify files on the
have also been assigned the LXF tag, while others basis of different queries without having to run the
have been assigned a year value, those are also listed same query again and again.
in the articles directory. While the tool may seem overwhelming to use,
In addition to running the tmsu tag --create <tag1> especially if you’re not accustomed to the terminal,
<tag2> command to create tags, you can also create you’ll easily become used to its intuitive and
new directories within the tags directory in the straightforward working within no time at all. The ready
mounted virtual filesystem. You can also rename a tag availability of thorough documentation – as discussed
directory from the mounted virtual filesystem with the last issue – which details the different sub-commands
mv command, just as you would any regular directory: also goes a long way to explain the features and
$ cd vfs/tags functionality of the project.
enhance youR TeRMinaL-Fu Subscribe now at http://bit.ly/LinuxFormat

TUTORIALS Store and sync notes
NOTES
Store and sync notes
across PC and devices
Nick Peers examines two solutions to help you record all kinds of notes on
your desktop computer, plus access them on all your mobile devices.
veryone needs a note-taking app – a way of differences, which means you’ll probably find one
E quickly scribbling anything from a to-do list to

a detailed breakdown of an upcoming project.
is a better fit for your needs than the other.
While Standard Notes is open-source it does
When it comes to choosing which app to trust with your lock some of its more advanced features behind a
notes, you’re spoilt for choice. One place you won’t find subscription-based paywall. However, if you’re looking
a notes app is in your default Ubuntu installation, for a simple, text-only note-taking app, there’s a lot to
OUR however – you’ll need to make a choice. recommend it. Your notes are synced and stored
EXPERT In this tutorial we’re going to focus on two note- online, using end-to-end AES256 encryption to ensure
Nick Peers taking apps, Standard Notes and Joplin. They share they’re kept private. There are no limits to the number
uses Joplin to some common features: they’re both open-source, of notes you can store, but that’s largely because
keep track of his naturally, both support syncing and work across they’re plain text and there’s no support in the free
spiralling music multiple platforms, so you can access and update your version for storing attachments, so your footprint will
DVD collection. notes from anywhere. But there are also some notable always be a modest one.
The advantage of storing them online – as you’ll see
Getting around Standard Notes later – is that you can access them through any trusted
web browser as well as your regular desktop and mobile
apps. Let’s start by installing the desktop version. Head
to https://standardnotes.org and click the prominent
blue download button to save the AppImage to your
6 ~/Downloads folder. Now open a Terminal window to
1 3 move the image and make it executable with the
5 following commands:
$ mv ~/Downloads/standard-notes-3.0.15-x86_64.
AppImage ~/standard-notes-3.0.15-x86_64.AppImage
$ cd ~
$ chmod a+x standard-notes-3.0.15-x86_64.AppImage
4 Finally, launch the application – if prompted to
integrate the app into your desktop, choose Yes:
$ ./standard-notes-3.0.15-x86_64.AppImage
The app will launch for the first time from the
Views Note view

1 Use the left pane to navigate around 4 The middle pane displays your notes,
your notes, applying tags to help quickly set filtered according to what views you’ve selected
up filtered views. or your search terms.
Account Note editor

2 Click here to access account-related 5 Click here to edit your notes – the free
settings, as well as setting a local passcode. version of Standard Notes supports plain-text
notes only.
View options
3 Click here to change how the selected Note options
notes are sorted, plus choose what information 6 Click the buttons above your note text Protect your notes and other Standard Note settings by deploying
to display with each (date, tags and so on). to access context-sensitive options. a local passcode in addition to your account password.

Store and sync notes TuTorials
Terminal. Close this, and then relaunch it from its new

shortcut in the application launcher.
You’ll be prompted to sign in or register an account
– this isn’t mandatory if you plan to use the app
exclusively on your desktop (in which case click Close).
If you do want to use Standard Notes across multiple
devices or simply want an encrypted backup
automatically stored online, click the Register button
to get started.
Enter your email and set a strong password, but
note the warning about the lack of a password reset
option. This is a security measure, so make sure you’ve
stored it somewhere safe in a password manager like
KeePass or BitWarden. Then click Register. When you
install Standard Notes on other platforms – including
your Android mobile – click Sign In to link it to your
You can restore
account, and all notes will be automatically synced to Roll back the changes notes and settings
the new device. The final button on the note editor – Session History – stored offline to
From here it’s all pretty straightforward. Standard enables you to view recent changes and roll back to an Standard Notes
Notes lets you store multiple plain-text notes, each with earlier version of the note if necessary. Click the via its Backup
Explorer, part of
its own title. Notes can be assigned one or more timestamp entry to preview the older revision, then the Batch Manager
keyword tags, which can be used to filter the list of click Restore or ‘Restore as copy’ to recreate it as a extension.
notes shown as well as to provide additional keywords separate note. By default, only the current session’s
when searching your notes for specific content. changes are stored, so once you’ve closed the app
The user interface is a similarly simple affair – the they’re lost.
annotation (opposite page) reveals all the key elements If you select ‘Enable saving history to disk’, all your
that make it up. Pay particular attention to the four changes are permanently stored – but note the warning
buttons in the note editor pane. The Options menu about the potential effect on performance, which could
shows options for pinning your note to the top of the be a deal-breaker on older machines. Other options
list, along with options to archive, lock and protect it. under ‘Session history’ include disabling the auto clean- When you start
Lock prevents accidental editing (select Options > up function if you want to preserve all changes, however adding tags
Unlock to remove it), while Protect allows you to seal small, plus options for clearing the note history to free to your notes
in Standard
the note, requiring either your account password or a up space.
Notes, separate
locally set passcode to open the note in future. Speaking of backups, Standard Notes automatically
individual tags
Before selecting Protect, click the Account button in syncs all your changes online if you’ve registered and with the #
the bottom-left corner of the Standard Notes window to signed into an account, but if not you should click the symbol – for
verify that you’re signed in, or to set a local passcode if menu button in the top-left corner of the window and example, type
not. Once done, return to the note and select Options > choose Backups > Change Backups Location to set an #dvd #media.
Protect – the first time you do this, you’ll be redirected offline folder to store periodic backups of your notes as tags appear in
to the Manage Privileges window where you should plain text files. the left pane;
tick ‘View Protected Notes’ and click Done to apply The contents are unencrypted unless you’ve set a click one to
protection to this and all subsequent notes you choose local passcode, and you can restore backups by clicking show options
to rename (this
to protect. Extensions at the bottom of the Standard Notes
updates all
Notes are clearly labelled if they’re archived, locked window, scrolling down and clicking Open under ‘Batch
notes with that
or protected, while clicking a protected note displays Manager’. Click Backup Explorer followed by Choose tag) or delete it.
the passcode or password prompt along with an option File to select your last backup, then enter your
to remember your choice for anything from five
minutes to a week. You can then easily unprotect the
note via Options. Head back to Accounts to reopen the exteNdiNg StANdArd NoteS
Manage Privileges screen in future to require your
password or passcode to perform other sensitive In its free form, Standard Notes is a capable text-based notes editor.
actions, from deleting notes to downloading or But if you’re willing to shell out for an Extended subscription, you’ll
importing backups. gain so much more. First, you unlock access to almost 30 extensions,
The Options button also enables you to set global including a range of different themes and editors that enable you to
display settings for the note editor: these include introduce word-processor-like formatting to your notes, with support
toggling the display font between monospace and for images, tables and other elements. There’s even an editor for
proportional, enabling a built-in spell-check and support creating simple spreadsheets.
for adjusting the editor’s margins. Next to it is the Editor The feature list is undoubtedly impressive, and you can road-test
button, which is where you’d go to switch to a different all this for free by visiting https://standardnotes.org/demo, where
editor with additional features like support for you’ll get access to a web-based demo account that you can navigate
markdown code and formatting – but this is one of and use as if logged into your own account. The biggest issue is the
numerous features that require the Extended package, pricing: currently only a subscription-based model is available, with
a paid-for subscription that’s outlined in detail in the prices ranging from $9.99 a month to $149 for five years – which
box (right). The same is true for the Actions button next works out at $2.48 a month.
to it.

TuTorials Store and sync notes
passcode or password if required. You’ll then see a

list of all backed-up elements (notes, settings and
Add additional extensions). Tick the ones you want to restore and
capabilities click ‘Recover x items’ to finish.
to Joplin’s
You’ll find free apps for other computer platforms
markdown
as well as Android and iOS mobiles within their
editor by
toggling various respective app stores. Simply log into your account
settings on or on each device, and your notes will be automatically
off via ‘tools synced between them. Your data is held securely in the
> general cloud, which also makes it accessible through your web
options’. Scroll browser on any trusted device. Just browse to https://
down to the app.standardnotes.org and you’ll see an identical user Protect your notes by adding a passcode – this protects and encrypts
Plugins section interface to the Linux app, which works in exactly the all the data while it’s stored on your PC.
where options same way. If you’re on a shared device, make sure you
such as soft
don’t simply close the browser window when you’ve to capture web pages and screenshots to incorporate
breaks, support
finished: instead, take the time to log out via the into your notes too. There’s also a command-line
for subscript
and superscript Account button by clicking ‘Sign out and clear local version for using in the shell environment – see the box
syntax and even data’ to purge the browser’s cache. (below left) for details.
emojis can be As with Standard Notes, you can’t install Joplin
enabled. Joplin through the Software Centre. Instead, open a Terminal
Standard Notes has all the core functionality you window and issue the following command:
need for simple text-based notes, but if you’d like to $ wget -O - https://raw.githubusercontent.com/
implement formatting like bold and headings, you can laurent22/joplin/master/Joplin_install_and_update.sh |
avoid taking out an Extended subscription by trying an bash
alternative. Our current favourite is Joplin (https:// This downloads and runs a script that will in turn
joplinapp.org). It’ll appeal to those who’d prefer to download and install the latest version of Joplin. Once
retain complete control of the sync platform, but you do done, it’ll be accessible from the application launcher,
lose the ability to access your notes through any web although you may have to reboot before the app icon
browser – not necessarily a problem, as apps are appears properly.
available for mobile and desktop. When you launch Joplin for the first time, it’ll display
While Joplin doesn’t have all the bells and whistles a four-paned window. It’s superficially similar to
found in the paid-for version of Standard Notes, it does Standard Notes: on the left is a collapsible (click ‘Toggle
have numerous features not found in that app’s free sidebar’) pane for choosing your view by selecting a
edition, which makes it a worthy alternative. First, its specific notebook or tag. The notebook section reveals
built-in markdown editor enables you to add formatting a key difference with Standard Notes: Joplin enables
to your documents, and it also lets you embed images you to organise your notes into different notebooks –
and attach files. You can import notes from Evernote, perfect for separating content by subject.
plus install a web-clipper extension in Firefox or Chrome The selected view’s notes are displayed in the next
pane, while the final two panes display the markdown
editor on the left and a preview window on the right.
ruN JoPliN from the Shell You’ll see that the markdown editor window relies on
code to format your text in the right-hand pane, but a
If you’d like to run Joplin from the Terminal or other shell series of buttons beneath the note title window simplify
environment, you’ll need Node.js 8.x or later. If it’s not on your the formatting of selected text by inserting the correct
system, enter the following commands (skip the first if curl and git code as required. Common keyboard shortcuts such as
are already installed): Ctrl+B for bold are also supported.
$ sudo apt install curl git Adding further notes and notebooks is simple, using
$ curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash - the buttons at the top of the program window, along
$ sudo apt-get install -y nodejs with a handy ‘New to-do’ button. This creates a note in
Once installed, issue the following two commands: the usual way, but displays a tick box next to its title in
$ NPM_CONFIG_PREFIX=~/.joplin-bin npm install -g joplin the notes pane, allowing you to quickly mark it as
$ sudo ln -s ~/.joplin-bin/bin/joplin /usr/bin/Joplin completed. There’s also a Layout button, this cycles
Once done, type joplin and press Return to launch the application. between displaying both editor and preview window
It runs independently of your desktop app, but has a similar interface, side by side or simply displaying each window on its
albeit with just three panes: Notebooks, Notes and the currently own in turn.
selected note. Use Tab and Shift+Tab to move between the windows,
and the cursor keys to navigate within the currently selected pane. Get in sync
To issue commands, press : followed by the command – for By default, Joplin stores everything locally on your PC.
example, type :config editor nano (substitute nano with your It supports multiple devices and sync, but these need to
choice of text editor) and press Return to associate it with Joplin. be applied manually using your own network or cloud
Now typing :edit $n enables you to open the note for editing in storage as an intermediary. Five choices are available:
that editor. Alternatively, press : followed by Tab to cycle through a Dropbox, OneDrive, WebDav, Nextcloud or a network
list of available commands when in command-line mode; refer to share. The step-by-step guide (opposite page) shows
https://joplinapp.org/terminal for detailed instructions. how to set this up, plus establish encryption to ensure
your notes are kept private – an essential step if you’re

Store and sync notes TuTorials
Set uP eNCryPted SyNC iN JoPliN
Choose sync provider Nextcloud pre-requisites Apply encryption

1 Select Tools > General Options. 2 If you select Nextcloud, enter its 3 Once sync has been tested
First, select your cloud storage from the WebDAV URL (visit your Nextcloud account successfully, choose ‘Tools > Encryption
‘Synchronisation target’ drop-down: in your browser and click the Settings options’ and click ‘Enable encryption’.
choose ‘File system’ and enter its full path button in the bottom left corner to find Choose a strong password to protect your
if you have a shared network folder ready. this), followed by your Nextcloud account notes and click OK. You’ll see your master
OneDrive and Dropbox options are easy to username and password. If your Nextcloud password listed: verify it’s marked as okay.
set up: choose the option, click OK and account is on a secure (https) connection, Click Back followed by Cancel to return to
then click Synchronise in the main window, tick ‘Ignore TLS certificate errors’ before the main Joplin screen. Sync runs every five
before following the instructions to connect clicking Apply followed by ‘Check minutes, or you can click Synchronise to
Joplin to your account. synchronisation’. perform a quick manual sync.
syncing to a publicly accessible cloud service. Note you’ll need to enter on your PC before you can access
that WebDav and Nextcloud sync is unreliable between those notebooks on there.
mobile and desktop at present, so you’re better off The Joplin web-clipper makes it easy to grab content Joplin makes
using OneDrive or Dropbox if you plan to sync with an from websites to incorporate into your notes. Get it possible to
Android or iOS device. started by opening Joplin and selecting ‘Tools > Web nest notebooks
Once you’ve set up and performed your first sync, clipper options’. Click ‘Enable Web Clipper Service’ and inside other
Joplin will continue to synchronise in the background at then click the relevant link for Firefox or Chrome to notebooks as
five-minute intervals. In the meantime, it’s time to download and install the add-on. sub-notebooks.
switch to your new device. Configure synchronisation in Once in place – which might take a while, as we Just drag
exactly the same way as you did with your PC, pointing found it claimed not to be working for a few minutes an existing
notebook on
to the same provider and account via the configuration before magically starting – make sure Joplin is running
top of another
screen. If you’re an Android user, tap to bring up the in the background. Then simply browse to a website
notebook to
menu to select Synchronise and then log in to your and click the Joplin icon in your browser toolbar to bring move it inside
account if necessary. up a pop-up menu of options. that notebook.
Joplin will bring in your synced items as a separate First, choose what you want to clip: a simplified drag a sub-
notebook, to sit alongside whatever items are locally version of the page, a complete HTML version of the notebook on to
stored on your new device. You’ll see they’re all listed as page, the selected portion of the page only, a the Notebooks
‘encrypted’ and unreadable. To resolve this, simply tap screenshot image of the page, or the URL. Make your header to move
‘Press to set the decryption password’, enter the choice and a preview will appear. Next, choose which it back to the
password and tap Save. You’ll also need to encrypt any notebook to save the note to, add any required tags (as root level.
existing notebooks on the device before they sync into you type, it will offer to autocomplete from existing tags
the cloud. Set up a master password for these, which in Joplin) and edit the title in the Preview: box before
clicking Confirm.
Once created – you may have to wait a few seconds
while the page is downloaded and any necessary
conversion is performed – switch back to Joplin where
you should find your note waiting for you.
Both Standard Notes and Joplin are great note-
taking tools, with different sets of features to appeal
to different audiences. Those looking for a simple, fuss-
free solution with minimal effort will most likely lean
towards Standard Notes, but if you find yourself
yearning for its premium-only features on a budget,
If you’re looking for notes that can be formatted using markdown text you’ll find Joplin fills the gap admirably – without
and contain images as well as file attachments, choose Joplin. costing a penny.
get All our Silly loVe NoteS Subscribe now at http://bit.ly/LinuxFormat

TUTORIALS Home design
Credit: www.sweethome3d.com
SWEET HOME 3D
Build a better home

with open source
Dreaming of escaping the dank walls and tourtured souls of Linux Format
Towers, Neil Mohr starts designing his dream home with that there Linux.
hey say an Englishman’s home is his castle – if
T you ignore the mortgage, lack of murder holes

(or does the letterbox count?) and general
improvements to loft insulation and all that twin-and-
earth wiring. That aside, regardless of whether you just
want to move some furniture around or do some drastic
OUR DIY extensions, having an accurate plan of your home is
EXPERT a useful thing.
Neil Mohr Nosing around the Software Centre for home design
has a ‘fixer- tools turns up Sweet Home 3D. This is a GNU-licensed
upper’ home home interior design tool, so it’s aimed at helping you to
into which he’s plan furniture positions or garden layouts rather than
building Linux to being a professional architectural design tool (we’re
power security managing expectations here). It’s all about trade-offs,
and home so Sweet Home 3D is easy to learn and fast to use With a little time you can build pretty impressive structures, such as
entertainment. rather than being exact to the millimetre or modelling this demo example–there are plenty to explore.
tensile material strengths in a structure.
The workflow is pretty obvious: draw out the exterior Firing up SH3D for the first time presents a window
and internal walls of your home, add windows, doors split into four, the right two being the plan display and
and staircases, mark out rooms, add additional floors, the 3D presentation of that plan. The left views are the
then start decorating it with kitchen and bathroom object list – split into useful categories – and a list of
units. You can then admire your handy work with a full objects in use, such as walls, doors, windows and so on.
3D walkthrough. As you can imagine, with larger buildings the in-use list
It comes with a reasonable library of built-in objects, can get large, so ensure you use the Group feature:
but it’s more than happy to import individual objects Shift-select furniture in a room, right-click and select
or entire collections of library objects. Check out Group for this. You’ll discover that levels are handled
www.sweethome3d.com/freeModels.jsp for more separately as part of the tabs in the Plan view. This
than 1,000 extra objects. offers a natural separation, though it’s possible to view
everything at once if need be.
We’ll take you through creating a basic house in the
THE PROBLEM WITH ROOFS walkthrough opposite. As walls are typically straight
with 90 degree corners, you’ll find the wall-drawing
We had a level of head-scratching when it came to popping a roof on tools offer intuitive snap features by default. When you
our building – two, in fact. Problem one was a lack of available roof add in objects such as doors, they’ll also snap to walls
models. Luckily there are add-on packs (see https://sourceforge. automatically, and can be shifted with the arrow keys.
net/p/sweethome3d/d-models/257) that do an excellent job of We don’t have space to explain here, but it’s possible
offering a range of usable roofs, rather than cobbling a coloured to add lighting to rooms and adjust the décor. It
pyramid or triangle model on top, which is what we first went with. appears plumbing and electrical plans aren’t directly
The other issue was how to add it to the plan itself. We went with part of SH3D, but people have worked around this by
adding an extra ‘floor’, but at the same elevation as the existing floor. using the Poly Line tool on dedicated layers.
So for a ground-floor extension, add an extra floor at the ground-floor Loads of example buildings can be found online and
elevation. You can position the roof on the existing ground-floor plan, the documentation is extensive, while there’s plenty
then cut/paste it to the new floor created for the roof. The advantage going on in the online forums. So we expect you won‘t
is that it enables you to hide the roof when not needed. find any issues in getting help, additional models or
inspiration for using SH3D.

Home design TuTorials
six sTeps To home heaven
Real-life measures Place the walls

1 We’re going to presume you’re going to base your SH3D 2 SH3D does offer a ‘blueprint’ overview mode, but we’re
project on a real home. If so, you’re going to want to get out your going to draw things from scratch. Depending on how accurate
tape measure out and get some room sizes. As we’re in the EU you want to be, you can adjust the global thickness of exterior
(just about), it’s all metric metres and centimetres. Colonial types walls in File > Preferences or as individual wall settings. We went
(or Rees-Moggs) might want to switch to Imperial units via Files > with the defaults. Use the Dimensions tool to add on-screen
Preferences > Unit, just don’t go crashing into Mars again. measures to help align internal walls.
Create rooms Doors and windows

3 Once you have your floorplan drawn out, you should use 4 People love entering and leaving rooms, so adding doors
the Create Rooms tool to mark out individual room areas. Usually and windows for them to stare out of is useful. Drag these from
just a double-click within the space is enough to identify it as the Object list to the wall they need to live in. The arrow keys let
such, otherwise you’ll need to trace out the room with the line you easily nudge positioning. A double-click enables you to adjust
tool. This adds in a ‘solid’ floor area – essential on higher levels – absolute size, height and other object-specific attributes. To alter
but it also enables you to define décor for the room. opening directions flip the object – v6 adds extended controls.
Stairs and floors Furniture and more

5 Additional floors are added via the Tabs at the top of the 6 By now you should have something that looks like a home
Plan view. This can include cellars, lofts, outhouses, gardens and but is devoid of interior. This is where the rest of the object library
so on. You’ll probably want to copy/paste the Ground Floor walls comes in. You’ll find everything for the kitchen, bathroom,
to the new floor, then add a staircase on the Ground Floor; the bedroom and other furniture available to drag and drop into
selection of stairs is limited, so grab more (including loft ladders) place. Just as for windows, you’re able to tweak the dimensions.
from the extended model library. You can then use the 3D view to run virtual walkthroughs too.

back issues
Back issues Missed one?

Issue 253 Issue 252 Issue 251
Summer 2019 August 2019 July 2019
Product code: Product code: Product code:

LXFDB0253 LXFDB0252 LXFDB0251
In the magazine In the magazine In the magazine

Filthy snoopers Sort out your Stop all Linux
want to steal your data, so find out storage – build a RAID, meddle with malware! Yes, we really mean it –
how to thwart them. Get into audio LVM, consider a Btrfs partition and just follow our guide. Create a
production with open source tools, loads more. Roundup Lightweight database-driven website, discover
build your own online office suite, distros, code a Minecraft GUI, more open operating systems in our
fancy up your docs with some fresh fractals, explore Calibre the ebook Roundup, build your own custom
fonts, and find out how to patch a manager and discover the Open Raspberry Pi image and meet a
satellite millions of miles away. Mainframe project with John Mertic. Microsoft employee. (Be nice.)
DVD highlights DVD highlights DVD highlights

PCLinuxOS 06.2019, Tails 3.14.2 The amazing Pop!_OS (64-bit) gave Ubuntu 19.04 “Disco Dingo” (64-bit)
and KDE neon 5.16.0 (all 64-bit). production punctuation nightmares. plus Fedora 30 (64-bit).
Issue 250 Issue 249 Issue 248

June 2019 May 2019 April 2019
Product code: Product code: Product code:

LXFDB0250 LXFDB0249 LXFDB0248
In the magazine In the magazine In the magazine

Get Linux on Proprietary Find out how to
your Chromebook with our voice control systems be gone! Build relive the entirety of computing
complete install guide. Plus check your own open source smart home. history (well, most of it) through
out our Roundup of rescue distros, Plus, keep track of your Git repos, open source. Build your own Pi
tweak your Pi config to perfection, edit audio in Audacity, learn Camera photobooth, check out our
optimise Steam or ditch it WebAssembly with Rust, check out Roundup of vector graphic editors,
altogether with Lutris, and meet the our Roundup of disk cloning tools, build a better WordPress server, and
fine folks behind 64 Studio. and create a stop-motion studio. make scanning easy.
DVD highlights DVD highlights DVD highlights

Solus Linux 4.0 (64-bit) and Sparky Kali Linux 2019.01 64- & 32-bit: the Qubes OS 4.0.1 64-bit, possibly the
Linux 5.7 (32- and 64-bit). penetration testing kit used by pros! most secure Linux distro to date.
To order, visit myfavouritemagazines.co.uk

Select Tech from the tabs of magazine categories, then select Linux Format.
Or call the back issues hotline on 0344 848 2852
or +44 344 848 2852 for overseas orders.
Quote the issue code shown above and have your credit or debit card details ready

UK subs
NOT FROM THE UK? turn to
p26
SUBSCRIBE!
Don’t wait for the latest issue to reach your local store –
subscribe today and let Linux Format come straight to you!
3 GREAT
WAYS TO
SUBSCRIBE
Print, digital and
print & digital
bundles!
USA REST OF THE WORLD EUROPE

From $15 From $15 From €15
every 3 months every 3 months every 3 months
IT’S EASY TO SUBSCRIBE!

Click: www.myfavouritemagazines.co.uk/sublin
Call: +44 344 848 2852
Lines open 8am–7pm BST weekdays, 10am–2pm BST Saturdays*
Savings compared to buying 13 full-priced issues. You’ll receive 13 issues in a year. You can write to us or call us to cancel your subscription within
14 days of purchase. Your subscription is for the minimum term specified and will expire at the end of the current term. Payment is non-refundable after
the 14-day cancellation period unless exceptional circumstances apply. Your statutory rights are not affected. Prices correct at time of print and
subject to change. *UK calls will cost the same as other standard fixed-line numbers (starting 01 or 02) and are included as part of any inclusive or free
minutes allowances, if offered by your phone tariff. For full terms and conditions please visit http://bit.ly/magtandc. Offer ends 31 October 2019.

TuTorials Android access
Android
Part One!
Don’t miss
Get your Linux box

next issue,
subscribe on
page 26!
connected to Android
Aaron Peters has been using Android and Linux together in increasing
degrees of harmony since 2011 – and he shows how you can too.
eing a fan of open source, you’re familiar with
B Android. Not only familiar with it, but you’re

also aware that Android is built on Linux, and
that technically helps make Linux the world’s top
operating system based on installed devices. It follows
that since both of these are Linux, they should work
our famously together.
expert This is true, but unfortunately there are some
Aaron Peters caveats. There are a number of ways to make Android
is a business get on well with your Linux rig, but you’ll have to roll up
analyst and your sleeves a bit to make some of them work. In this
wannabe article we’ll first take a look at Android as a Linux-based Android iOS Windows Samsung
developer who operating system: how it’s structured, where the ‘Linux’
A graph showing Android as the number one OS in the world.
once even coded pieces come into play, and what’s uniquely Android.
an Android app Then we’ll explore a couple ways to get some simple separated from working files to prevent any misuse.
that did what integrations up and running, such as logging into a Predictable hardware Once the manufacturer
he wanted. shell, transferring files or viewing notifications. decides on the hardware for their device, it’s not going
to change, unlike a desktop PC. So they can create an
Structure of an Android ‘image’ of the base OS that is likewise unchangeable.
The easiest way to understand how Android equals Easier maintenance This separation of the OS from
Linux is to understand how your favourite distro working files also enables manufacturers to easily
achieves the same thing. As you should be aware, Linux update devices in one shot, with an over-the-air
if you’re not is a kernel, not an operating system – at least not all by download. As a result, Android’s unusual filesystem
able to see itself. The Linux kernel can talk to all your device’s structure is as follows:
a connected hardware and shuffle data back and forth between acct This directory contains information on user
device with the storage, RAM and processor, among others. accounting (that is, user accounts).
‘adb devices’ But it’s software that requests the kernel does all cache If you’ve used Android for a while, you know
command, this work, and that’s where other organisations like the how much space cache files can take up. This is where
or you get an GNU Project comes in. What started out as a collection they’re stored.
error, try the of humble (but important!) utilities like ls, cat and who data This directory is a mountpoint for the partition
following. the
has morphed into the Gnome desktop environment and where Android apps are installed.
first will install
the GIMP image editor. But whether it’s a fancy dev As with standard Linux, files representing the
the adb package
containing graphical app or a basic console program, it’s still a device’s hardware live in this directory.
the required collection of interconnected software that’s telling the etc This is actually a link to /system/etc, which in
plugdev rules. kernel what to do. turn stores the same type of configuration files as a
the second Android is another such collection, although it’s set standard Linux distro.
adds your user up very differently from what you’re probably used to mnt The Android filesystem, like Linux, can consist of
to the plugdev seeing. It doesn’t use the Filesystem Hierarchy a number of other filesystems mounted together. As in
system group: Standard or common disk formats for its storage. the FHS, this directory is used to store many of these,
‘sudo apt Smartphones are like tiny computers, but at the end including the SD Card(s) and other media, user-related
install adb’
of the day they’re still devices running on telecom information and the temporary filesystems.
‘sudo
networks – and telecom providers like their devices to proc Mirrors that of standard Linux, showing a
usermod -aG
plugdev [your work a certain way. Some of the reasons Android is laid browsable list of directories and files that represent
username]’ out the way it is include: currently running processes.
Increased security The operating system is root As you’d expect, this is the home directory for

Android access TuTorials
the root user.

sbin Also echoing a standard Linux layout, this
contains system-level binaries such as daemons.
sdcard Probably the most important directory to you
as a user, this represents your ‘normal’ storage –
possibly with a number of symlinks, usually including
/mnt/sdcard, that eventually end up here. Data for
apps, your media and downloads will all end up here.
sys Contains a virtual filesystem of kernel objects.
system Within this directory are many of the
directories you’d normally see in the root of a standard
FHS layout. Directories like /bin, /lib and /usr are
similar to their Linux counterparts. These basically
represent the bulk of the ‘operating system’ part of the
device, while the /system/app directory stores copies
of all your installed apps.
vendor Linking to /system/vendor, this directory
contains manufacturer-specific items. Viewing the
Talking about this filesystem is one thing, but wouldn’t If you see the shell prompt change, you’ll know you’re Android filesystem
through ADB shell.
it be great to actually navigate around in it? Let’s get logged into your device, probably in the root directory.
your Linux box talking to the Android device over the You can use standard commands here to navigate
Android Debug Bridge (adb), which will give you a around, as well as do some file management:
command line interface to do just that. $ noblelteatt:/sdcard/Download $ touch androidfile1.
txt in the event
Building bridges $ noblelteatt:/sdcard/Download $ ls *.txt you leave your
cable at home,
In order to remote into your Android device from Linux, androidfile1.txt
you can restart
you’ll need Google’s adb-tools. If you’ve installed $ cp androidfile1.txt ./androidfile2.txt
the AdB server
Android Studio, the good news is you already have $ noblelteatt:/sdcard/Download $ ls *.txt with a tcp/ip
them. If not, these are available via a direct download androidfile1.txt androidfile2.txt port number
from https://developer.android.com/studio/ $ noblelteatt:/sdcard/Download $ exit (it defaults to
releases/platform-tools. If you install them this way, More importantly, you can use this connection to usB mode), and
you just need to unzip the archive, and make sure the move files back and forth between your Linux box and connect to your
adb program is executable and in your PATH – unless the device. First, we’ll pull androidfile2.txt from the device with:
you like typing out long paths, you weirdo. Android device into the current directory: ‘adb tcpip 5555’
Next, you’ll need to make sure your device responds $ adb pull /sdcard/Download/androidfile2.txt ‘adb connect
[ip address of
to ADB commands. Open your Android device’s /sdcard/Download/androidfile2.txt: 1 file pulled.
device]:[port]’
Settings app and search for the USB Debugging option. Next, copy it to androidfile3.txt and push it back:
The precise path to it may differ between $ ls *.txt
manufacturers, though it’s usually on the Settings > androidfile2.txt
Developer Options screen. No Developer options? This $ cp androidfile2.txt ./androidfile3.txt
typically needs to be unlocked on fresh devices, in $ adb push androidfile3.txt /sdcard/Download
Settings > System > About > tap Build Number seven androidfile3.txt: 1 file pushed.
times, a handy message should inform you you’re now a
developer! Back in the Developer Options, flip the USB
Debugging switch to on, and your device will be ready to so mAny directories…
talk via ADB.
Connect your Android device to your Linux box with Android manufacturers have a great deal of leeway on how much
a USB cable. Then open up a terminal and enter: they customise the Android OS they will put on their devices. It is an
$ adb devices -l open source project after all, but even within the bounds of ‘official’
* daemon not running; starting now at tcp:5037 Google Android, they can change a lot. This is because, unlike a
* daemon started successfully traditional OS, each one corresponds to a single device model –
List of devices attached for reasons mentioned in the article.
05157df5ddd6ba2d device usb:1-2 As a result, you may see many folders above and beyond those
product:noblelteuc model:SAMSUNG_SM_N920A listed here in your device, or some you may not even see at all. In
device:noblelteatt transport_id:1 Note 5, for example, I also see directories including: config, cpefs,
If your Android device is connected, you should see a efs, factory, knox_data, oem, persdata, preload and storage. The
result similar to the above–usually you’ll also need to purpose of some of these is evident; for example, /storage is where
accept a security warning on your Android device. If you links like /sdcard and /mnt/sdcard point.
get no results, the Android device configuration for your These shouldn’t make any difference to you, however. A standard
machine may be incomplete. The -l flag provides user won’t run into the operating system proper under normal
additional information on each device, which might be circumstances; rather, you’ll interact with the apps you have installed
useful if you have more than one attached. through the GUI, as well as the files in directories related to media
When you can see your Android device, logging into (such as /sdcard). But knowing that these other directories exist can
it is as easy as the following: be beneficial – when it comes to backing-up, for example.
$ adb shell

TuTorials Android access
Log back into the device with adb shell and you’ll
see all three files in the /sdcard/Download directory:
in additon to $ adb shell
clicking and $ noblelteatt:/ $ ls /sdcard/Download/*.txt
dragging, the /sdcard/Download/androidfile1.txt /sdcard/Download/
following androidfile3.txt /sdcard/Download/androidfile2.txt
keyboard/ This is all well and good for moving the occasional
mouse APK from ‘unknown sources’ onto your device. But it’s
shortcuts not a particularly good way to get a backup of all your
will help you files, for example. Luckily, there’s another out-of-the-
control your
box method you can use to connect to your Android.
phone from
Launch SSHDroid on your Android, and browse its files over SFTP.
Linux: ctrl+H
(or middle click) That media thing
for the Home Modern Android devices come loaded with the Media or phone-charging only. Make sure this is set to MTP.
screen, ctrl+B Transfer Protocol (MTP), which was also used in music Now when you plug your device into your Linux rig,
(or right-click) players. It enables computers to browse and access the it should connect via MTP. One way you can confirm
to go back, and filesystems of these devices; the mtp-tools and libmtp this is if the device indicator in your system tray shows
ctrl+s to switch packages for Linux provides the bits you need. Recent a new device. In KDE, for example, you’ll see the device
apps. versions of Ubuntu should come with this support out show up as a ‘Portable Media Player’ in the Device
of the box. But in the event you’re using a different spin Notifier, with options to open it in Dolphin or Gwenview.
or otherwise don’t have it, the following command (or Clicking on Dolphin opens the Phone device with the
your distro’s equivalent) will install it: mtp:/ KIO slave, which represents your device’s
$ apt install mtp-tools /sdcard directory. You can click files and folders, use
Next, make sure your Android device is set to Ctrl key commands to cut/copy/paste or drag-and-
connect in MTP mode. Go to the Settings app, and look drop files to your heart’s delight.
for a setting like ‘USB connection’ or ‘USB This is definitely a step up from terminal-based file
configuration’. This should give you a selection of shuffling, but it’s worth noting that the Linux
options including MTP, Picture Transfer Protocol (PTP) implementation of MTP does not always cooperate.
Fortunately, to this point we’ve only explored out-of-the-
box options. By trying some of the applications available
in the Play Store, and other sources, we can accomplish
some more cool stuff.
Keep it secret, keep it SFTP

MTP on Linux Android is capable of running a wide variety of the same
enables Android
software as your standard Linux distribution. Now, you
device plugability
and viewing in a can’t just take an Arm Linux program, copy it over to
file manager. your device and expect to be productive. Because
Android’s UI is almost exclusively graphical, you’d have
no way to run that program. But what developers can do
AdB tooLs And Android studio is to take that program, wrap it in a simple Android UI
and package it up to install nicely.
If you’re a fan of Android devices, you’re probably aware that Android That’s exactly what Berserker, the developer behind
Studio is the application recommended to develop apps. Using it is SSHDroid, has done. SSHDroid is an SSH server that
pretty involved, but check out Kent Elchuk’s intro in LxF233 if you you can easily install and connect to from your Linux (or
want to give it a go. any other) machine. The great news is that your Linux
If you’ve already installed Android Studio and are currently using it machine should already have everything you need: the
to build apps for your device, the good news is that you already have ssh or sftp command-line programs, or supporting file
adb-tools as well. You’ll just need to find them. Take the following managers like Dolphin or Nautilus. On your Android
steps to locate your adb binary: device, head over to the Play Store, search for
1 Open Android Studio. ‘SSHDroid’ and install in the usual manner.
2 Click the SDK Manager button on the toolbar, or from the Tools > Launch the app, and it will lead you through a few
Android > SDK Manager option in the main menu. introductory steps. Note the location of the ‘app drawer
3 At the top of the dialogue that appears, there’s a field titled Android menu’: you should go there first and change the default
SDK Location. Find the directory path indicated in a file manager or password. Once this is done, all you need to do is tap
the terminal. the Start button in the upper-right corner. The main
4 The adb binary is located in the platform-tools sub-directory screen shows you the correct username (root), current
beneath the SDK. Check to see if this is somewhere in your $PATH. IP address, and the port (2222) to which you need to
If not, make a quick link to a convenient directory like ~/bin, so you connect. Plug all this into your favourite SSH or SFTP
can just fire off the adb command at the prompt. program, and you’re off to the races.
While the Android Studio application uses these tools, you’re The free version of SSHDroid lacks some useful
perfectly free to do so outside the IDE as well. So don’t install (or features such as shared key authentication and
update) them twice: why create more work for yourself? (Quite – removing the ad at the bottom of the screen. So if you
I just give it to Jonni instead – Ed) try it out and like it, consider supporting its
development with a purchase.

Android access TuTorials
You’re on notice Linux rig, including mousing around and entering text.
For many people their phone is their connection to the Remote Keyboard from the desktop This lets you
outside world, and notifications are one of the many type on your Linux machine and have the entered text
ways you can be distracted to waste some valuable show up on your Android.
time. KDE Connect and its Gnome counterpart There are some others as well, like sharing the
GS-Connect show you all the notifications your phone clipboard and running commands, but the last two in
receives on your Linux desktop, for better or worse. If the above list really demonstrate a high level of
this sounds like a good idea to you, you can install it on integration. On one hand, you can select an option on
Ubuntu with the following (use your distro’s equivalent): your phone, and all of a sudden you’re controlling your
$ apt install kdeconnect Linux machine from across the room with the screen as
GS-Connect, on the other hand, is an extension for a mousepad and the Android virtual keyboard.
Gnome Shell. You can install it from the Gnome As for the Remote Keyboard feature… the concept is
Extensions repository. sound, but it’s not hugely simple to use. Once you select
Once it’s connected you’ll see its icon in your system the KDE Connect keyboard from your Android Settings,
tray. Next you’ll need to get your the KDE Connect app you get a tiny text box where you can type plain text.
for your phone. It’s available on both the Play Store It’s a great start for sure, but seems underwhelming
(boo hiss–Ed) and from F-Droid (huzzah!–Ed) at compared to the fancy programs Windows and macOS
https://f-droid.org/en/packages/org.kde. users have. Those let you mirror and interact with your
kdeconnect_tp. Once installed, when your devices device’s entire screen. Isn’t there something equally
are on the same network you can open your System fancy for Linux? You bet there is.
Settings app in Linux and select the KDE Connect item.
It should be showing your device in the list to the left. Mirror, mirror on the Android
Select it, then click the ‘Request pair’ button in the While SSH/SFTP access should be enough to make the
upper right. A dialogue on your device will ask you to most stalwart Linux geek happy, we haven’t finished
confirm. Once you do, you’ll have the ability to select all yet. Some Android models, notably those from
the various integrations listed in the ‘Available plugins’ Samsung, have proprietary utilities available that make
list for that device, including some of the following it easy to view your device’s screen on your PC.
important ones: SideSync is the name of the app from Samsung, and
Receive notifications As mentioned, this will display until recently it would have taken a great deal of effort
all the notifications from your phone in your desktop’s to do the same thing on Linux.
notification list. It behaves exactly as advertised, so use But no longer, thanks to the fantastic scrcpy. It’s
at your own peril. cross-platform and available from https://github.
Multimedia control receiver This enables you to, com/Genymobile/scrcpy, and although there’s not a
for example, pause music on your desktop using your ‘standard’ package for it in either DEB or RPM format,
phone. Why? No idea. there is a Snap available for easy installation. (Sure,
Ring my phone A useful little tool to find your the article in LxF244 might suggest Flatpak is a better
phone if you’ve misplaced it – within hearing and package format. But let’s not split hairs – at least we
network distance. don’t need to build it from scratch.)
Remote Filesystem Browser If you find MTP too Provided your distro has the Snap platform available,
unreliable and don’t like the idea of installing a server getting scrcpy is as easy as this:
from some strange developer on your phone, this plug- $ sudo snap install scrcpy
in enables you to view your phone’s files in Dolphin. Once the install is finished, the only other thing you
Virtual Input Like many app/server combinations need is USB Debugging enabled on your device. If
available on the Play Store and elsewhere, this lets you you’ve followed along with this tutorial, it already will be.
use your Android device as a remote control for your Just plug in via USB and fire off the following:
$ scrcpy
It takes a moment to start up, but soon you should
see a window showing your device’s screen. You can
interact with this using your mouse in all the ways you’d
expect: a click is a tap, and drag-and-drop is a swipe.
The GitHub page provides some great pointers on
things like keyboard shortcuts for Switch App and the
Home screen, as well as instructions to get this
connection working over Wi-Fi as well.
Linux and Android living together

Hopefully the above will give you a couple of ideas on
how to get your Android device linked up to your Linux
box. By and large these methods only take a little bit of
elbow grease, are free to use and every bit as capable as
proprietary applications. What else would you expect
KDE Connect offers a variety of plug-ins to show Android info on Linux. from the free software community?
Be A Good LittLe Android… Subscribe now at http://bit.ly/LinuxFormat

TUTORIALS Manage your secrets
Credit: www.hashicorp.com
HASHICORP VAULT
Add military-level
security to any project
Mihalis Tsoukalos explains how to install and use Hashicorp security
software from the command line with Go and Python 3.
ather around, lovers of encryption – today we
G learn about HashiCorp Vault, which is software

for storing secrets of any kind. Put simply,
Vault is secret management software, which nowadays
is a critical part of most applications and organisations,
because you don’t want your sensitive information to
OUR wander around in plain text format without being
EXPERT protected by reliable security mechanisms and
Mihalis services. The good thing is that Vault can be integrated
Tsoukalos with existing software such as databases, value stores
is a UNIX person and streaming applications, which makes things easier.
and the author of The first thing to remember is that the priority of
Go Systems Vault is the security of your data. When working with
Programming sensitive data, you should know what you are doing for
and Mastering two main reasons. The first is that you should keep
Go, second sensitive data private, but also accessible only by the
edition. right people. The second is that you should remember
where and what data you stored – sounds obvious, but Figure 1: The main help screen of the Vault binary file. To get more
not when when you have lots of data. information about specific commands, execute the vault binary
followed by the command name and the --help parameter.
Lastly, keep in mind that Vault is complex software,
composed of many different subsystems. However, this
tutorial will present down-to-earth examples that will Note that the ‘kv secrets’ engine has two versions,
help you get started with Vault in your projects. kv and kv-v2 – the dev mode of Vault uses kv-v2 by
default. Also note that in dev mode, Vault runs entirely
Installing HashiCorp Vault from memory, does not use a configuration file and
There are two ways to install Vault on your Linux starts unsealed with a single unseal key. After executing
machine: using a precompiled binary or by compiling it that command, Vault will return information about the
from source. You can find more information about the running Vault instance, including the following:
There’s more installation process at www.vaultproject.io/docs/ $ vault server -dev -dev-root-token-id=”root”
general install. After installation, you only need to execute the ==> Vault server configuration:
information vault binary file and you are good to go. Figure 1 (above
about HashiCorp right) shows the help screen of the Vault binary file – if Api Address: http://127.0.0.1:8200
Vault at www.
you are familiar with Go, you can see that the Vault Cgo: disabled
hashicorp.com/
products/vault.
binary is a tool written in Go using the Cobra and Viper Cluster Address: https://127.0.0.1:8201
Additionally, Go packages, and therefore is a static binary file with no Listener 1: tcp (addr: “127.0.0.1:8200”, cluster
you can learn external dependencies. address: “127.0.0.1:8201”, max_request_duration:
about the Vault You will need to start the server process using the “1m30s”, max_request_size: “33554432”, tls: “disabled”)
API at www. vault server command. However, you will also need to Log Level: info
vaultproject.io/ provide a configuration path with it because otherwise Mlock: supported: false, enabled: false
api or visit the you will get an error message similar to the following: Storage: inmem
official Vault $ vault server Version: Vault v1.1.3
documentation Must specify at least one config path using -config Version Sha:
site at www.
The quickest way to begin using Vault is by starting a 9bc820f700f83a7c4bcab54c5323735a581b34eb
vaultproject.io/
docs.
server in dev mode with a custom initial root token: ...
$ vault server -dev -dev-root-token-id=”root” You may need to set the following environment

Manage your secrets TuTorials
variable: Figure 2: The

$ export VAULT_ADDR=’http://127.0.0.1:8200’ commands that
can be used to
...
create a new path
Unseal Key: 8Fg1jPVtP+PyeG+vPkKK+lGmw5S/ along with a secret,
sV0c48XysxtLaQI= view the contents
Root Token: root of a path and add
... multiple secrets to
a path.
From the previous output you can see that the Vault
server process listens to TCP port number 8200 for API
calls, and that the cluster address is using port number
8201. It also shows that the current log level is ‘info’ and
that you are using Vault v1.1.3. When started in dev
mode, Vault server will print log information on the
terminal. You can stop the Vault process by pressing
Ctrl+C in the terminal with which you started Vault.
At this point it’s a good idea to perform the tasks images in general is that you cannot harm your own
that follow. First, create a new terminal window and Linux system and that by restarting a Docker image you
execute the export VAULT_ADDR command as seen have a totally fresh installation of the desired software
in the output above. This will enable your Vault client to – great for experimenting.
talk to the Vault server. Second, save the value of the
‘Unseal Key’ somewhere. Third, execute export Working with secrets
VAULT_DEV_ROOT_TOKEN_ID=”root” . If the value Vault solves the problem of ‘secret’ management, Vault is open
of Root Token is different in your case, use that. which includes database credentials, usernames and source software
So, if you have a running Vault server on your local passwords, API tokens and TLS certificates. This gives written in Go.
Linux machine and have performed the previous three you a central point for keeping your sensitive this means
that you can
steps, you can communicate with the Vault server using information that you can access from everywhere. The
look into its
the vault status command, which generates the vault kv command is used for grouping subcommands
code, improve
following kind of output: that enable you to work with secrets. The list of it or even find
Key Value subcommands includes get , put , metadata and a security issue
--- ----- delete . For the full list of supported subcommands with Vault and
Seal Type shamir you should execute vault kv --help . report it. Who
Initialized true The format of the vault kv put secret/hello knows, you
Sealed false data=world command shows how to add a new secret might end up
Total Shares 1 to a running Vault server. The name of the secret pair working for
Threshold 1 is data/world and it is written to a path that is named Hashicorp!
Version 1.1.3
Cluster Name vault-cluster-d9c65799
Cluster ID 5b778249-9a39-9f5f-7561-f8f901633d0c HAsHicorp terrAform
HA Enabled false
You can also find out the version of Vault you are HashiCorp Terraform is a product that enables you to define
using by executing the vault -v command from your infrastructure as code, which includes physical hardware, virtual
favourite shell. At the time of writing the latest Vault machines and containers as well as email and DNS providers. Put
version is 1.1.3. simply, you can describe your infrastructure and then you can update
it and make changes to it using plain-text files. The use of these files
Using a Docker image means that you can automate, share, review and version-control your
You can download the official Vault Docker image, Terraform infrastructure definitions, while making it easy to read and
which is about 100MB in size, by executing docker pull understand and easily available to all team members. Terraform will
vault on your Linux system, provided that it supports also build a graph of all your resources to help you get a higher-level
Docker. You can then start the Vault server as follows: view of them.
$ docker run --cap-add=IPC_LOCK -d --name=dev-vault The two main stages of a Terraform project are planning and
vault deployment. You first design and describe your infrastructure and
b1bec4ec442a58e64d9f62768b18a4e2e2ceb0224cca discuss it with other members of your team before reviewing it and
2b32609253d64264f75c finalising it. Next you can apply it while being able to safely go back to
Note that the --cap-add=IPC_LOCK command line previous installations. A side effect of this process is that
argument is used for preventing sensitive values from infrastructure can be easily reproduced in multiple places, which will
being swapped to disk – this is a security measure. You enable you to use stable and tested configurations. Terraform has
can get shell access to a running Vault Docker image, support for both input and output variables that enable you to use
which is this case is called dev-vault , as follows: parameters for your configurations. It also offers both a GUI and a
$ docker exec -it dev-vault /bin/ash command line tool. Unfortunately, though, talking more about
/# Terraform is beyond the scope of this tutorial.
You can find more information about the official You can learn more about Terraform at www.hashicorp.com/
Docker images for Vault at https://hub.docker. products/terraform, at www.terraform.io and at https://github.
com/_/vault. Although the rest of the tutorial will use com/hashicorp/terraform. The official Docker image of Terraform
a local installation of Vault, it is good to know that a can be found at https://hub.docker.com/r/hashicorp/terraform.
Docker image for it exists. The good thing with Docker

TuTorials Manage your secrets
secret/hello . Note that you are free to write multiple $ vault kv get secret/hello
pieces of data into a path, like so: The command vault kv metadata get secret/hello
$ vault kv put secret/hello val1=s1 val2=s2 shows the metadata of an existing key. Figure 2 (page
As the previous command writes to an existing path, 73) shows the output of some of the aforementioned
all data in that path will be replaced by the new data. If commands. If you just want to print the value of a
the Vault server is not running, you will get an error specific field instead of the entire contents of a secret,
message of Get http://127.0.0.1:8200/v1/sys/internal/ you can use the -field command line option:
ui/mounts/secret/hello: dial tcp 127.0.0.1:8200: connect: $ vault kv get -field=val1 secret/hello
connection refused . As Vault keeps a history of values of a path, you can
The next command illustrates how to get/read go back in time and get the keys and values of a
a secret that you created previously: previous version of the path. For the secret/hello path
that only has two versions, getting the pairs stored in
the first version can be done as follows:
$ vault kv get -version=1 secret/hello
s1
You can now see the data=world pair of the path
secret/hello . The command vault kv delete secret/
hello will delete the contents of an existing path from
Vault. Figure 3 (below left) shows how to delete a secret
as well as some error messages generated by the Vault
binary. Please note that the secret/hello path is still
there, but it is empty.
Now that you know how to do basic things with
Vault, let’s continue discussing what it can do before
talking about configuration files. Vault keeps all its
information encrypted. Additionally, it offers access
Figure 3: How to
control that enables you to define who can access what.
get the value of
a specific field, Lastly, there is an audit trail that permits you to see
how to delete a who accessed what, which gives you more visibility
secret and how to and control.
view the metadata Vault also offers dynamic secrets, which are
of a path, as
well as some
ephemeral credentials that change over time, are
error messages unique to each client and can be revoked based on
generated by Vault. who leaked the related sensitive information.
Introducing HCL
HAsHicorp consul Vault would be almost useless if you couldn’t
operate it using configuration files. It supports HCL
HashiCorp Consul is a service mesh solution or, if you prefer, a multi- configuration files, and Figure 4 (page 75, top left)
cloud service networking platform that enables you to connect and shows a sample HCL file that will be used in this section.
secure services in dynamic infrastructures across any runtime The file has three parts. The first part is about storage,
platform and cloud provider. The key features of Consul are a service the second part is about the TCP configuration of the
directory, health checking, key/value storage, support for multiple Vault server and the third part is about the specification
data centres and service segmentation. of the telemetry reporting system that will be used.
Put simply, Consul acts as a service registry that keeps track of Reporting is a central part of modern systems because
available services and returns information about these when asked. it allows you to find out what went wrong and why.
If one of the instances of a service dies, Consul will notice and not All parts of a HCL file are important. However, the
return the address of that instance. If that instance becomes healthy most critical part of the file is where you define the
again, it will inform the Consul registry and it will return its address network configuration of the Vault server:
once more. The whole thing simplifies service-orientated listener “tcp” {
architectures because you do not have to keep track of the instances address = “192.168.1.10:8200”
that you put into the registry. You can also define which services are tls_disable = 1
allowed to talk to which services, which gives you security. }
For a server used for development, such as the Vault server we Using the presented HCL file, which is saved as
used in this tutorial, the backend storage usually uses the memory of my_Config.hcl, is as simple as executing:
your computer. In production systems, the storage would more likely $ vault server -config my_Config.hcl
be disk storage or Consul. The good thing is that HashiCorp tools If an HCL file has syntax errors or typos, which in this
work smoothly with each other. As well as the free version of Consul, case will be the absence of the storage block, you will
there is also a commercial version called Consul Enterprise. get an error message saying A storage backend must
Consul is an advanced tool and its target group is not the amateur be specified .
Linux user but professionals who want to automate things as much
as possible. However, you could always learn Consul by Using Vault with Go
experimenting with it in order to use it when the right time comes. You In this section we’ll look at how you can communicate
can learn more about it at www.hashicorp.com/products/consul. with a Vault server using the Go programming
language. For the purposes of this tutorial, the access

Manage your secrets TuTorials
$ go run usingVault.go root hello notThere

notThere: <nil>
So if everything is OK, usingVault.go will return the the Hashicorp
desired information; if the desired key cannot be found, configuration
you will get <nil> instead. language (Hcl)
tries to be both
Using Python 3 machine- and
human-
In order to work with Python 3 and Vault you will need
readable, which
to get the hvac library. Once again the access token will
means that it
be provided to the Python 3 program as a command should be easy
line argument. to understand
Before continuing, you will need to download the and modify by
Figure 4: An example of a configuration file written in the HashiCorp hvac Python 3 module using pip3 – note that you might humans and
Configuration Language – created by HashiCorp in order to be easy need to use sudo in order to execute the provided easy to parse
to work with. by computer
command with the required permissions:
$ pip3 install hvac programs. this
token that is needed for getting the required access to In the full code, note that the call to client.secrets. is the main
reason that
the Vault server will be passed to the Go program, kv.v2.create_or_update_secret() is mandatory because
Hashicorp
which is named usingVault.go, as a command line we are using KV v2. If you just call client.write() , the
products use
argument. Alternatively, you could use a YAML program will not work. Additionally, the value of the their own text
configuration file with the access token value stored in my_name key is found using read_response[‘data’] format for
it. You will also need to provide usingVault.go with the [‘data’][‘my_name’] . configuration
path and the key that interests you in order for it to Executing usingVault.py generates the following files. learn
return the value of the key. kind of output: more about
The address of the Vault server is hard-coded in the $ python3 usingVault.py root python LXF Hcl at https://
Go code for reasons of simplicity, but feel free to make Client authenticated: True github.com/
changes to it in order to provide the address of the {‘request_id’: ‘fc86fc72-e6af-4e5e-b3be-8b460c464a05’, hashicorp/hcl.
Vault server as a command line argument too. Figure 5 ‘lease_id’: ‘’, ‘renewable’: False, ‘lease_duration’: 0,
(bottom right) shows the entire Go code of our ‘data’: {‘data’: {‘my_name’: ‘LXF’}, ‘metadata’: {‘created_
program. Before we can continue you will need to time’: ‘2019-07-06T20:02:51.94874Z’, ‘deletion_time’: ‘’,
download the required Go package that enables you ‘destroyed’: False, ‘version’: 16}}, ‘wrap_info’: None,
to communicate with Vault using Go code: ‘warnings’: None, ‘auth’: None}
$ go get github.com/hashicorp/vault/api The value stored in my_name is: LXF
After that you can connect to Vault using: You can find more information about hvac at
config := &api.Config{ https://github.com/hvac/hvac and https://hvac.
Address: vault_addr, readthedocs.io/en/stable/overview.html. The
} security and the handling of sensitive information are
very important in modern software, and HashiCorp is
client, err := api.NewClient(config) here to help you – so you should definitely consider
So, first you will need to create an api.Config object using Vault in your applications.
that holds the address of the Vault server. What is
missing from the code is the client.SetToken(token)
that actually connects to the Vault server using the
authentication token.
Lastly, you can read data from Vault using Go
statements similar to the following:
secret, err := client.Logical().Read(“secret/data” + “/” +
path)
The secret variable holds all data from the given
path – it’s a Go structure that, among other things,
contains a field that is a Go map to store all data found
in the given path. Note that as we are using KV v2, the
returned JSON data has an additional layer – the use of
secret.Data[“data”] allows us to get that additional Figure 5: The
Go code of
layer and work with it. You can find more information
usingVault.go that
about the Go package and its structures at https:// demonstrates
godoc.org/github.com/hashicorp/vault/api. how to work with
Executing usingVault.go generates the following Vault with the
kind of output: Go programming
language and
$ go run usingVault.go root hello val1
the official Go
map[val1:s1 val2:s2] package offered by
val1: s1 HashiCorp.
decryptinG stuff is fun Subscribe now at http://bit.ly/LinuxFormat

TUTORIALS Lightweight system
SUCKLESS TOOLS
Compile it yourself
for performance
Mats Tage Axelsson guides you through creating an image that is the
smallest fully fledged system possible – and then expands on it.
re you worried that most of your software $ git checkout MyConfig
A sucks resources out of your system like a wet

sponge? Then you’ll be interested in Suckless
After you have run these two commands, you can
add your changes to your own git branch and then
Tools (https://tools.suckless.org). All the tools in this publish to GitHub or any git server. You can also send
series have been designed to be as small as possible, any brilliant changes to the Suckless Tools by using
even when some functionality is sacrificed. But when git’s send-email functionality.
OUR would you use them? Well, you can usually live with a In general, all you need is to have a great editor for
EXPERT regular system, but when you have a small system or a the command line and the particular development
Mats Tage background process such as mining, you might want to libraries. Finding the libraries you need may be a
Axelsson use Suckless Tools to have another machine available challenge because the developers assume you know
shows you what for commands. this or can find it easily. It is easy! With that said, these
even he can do In this tutorial, we’ll learn how to compile and patch tools need very little, since that’s the basic idea of the
using Linux to the most common parts of the Suckless Tools. You will whole project. To make sure you know which libraries
make the world be able to transition over to a smaller system without you need, open config.mk. In that file, you have all
a better place. killing your current system. This way you can get used statements that include libraries. The file also sets all
to the new ways of running your computer. the flags for the compiler process.
In most package managers you also have build-
Get set for sucking essential options, for example under Ubuntu:
Suckless Tools You need to have the essential development tools $ sudo apt install build-essential
are based on for compiling C: gcc is the most common choice. Due to the minimalist ideal of the developer
Plan 9, a system However, the project considers that a bloated piece community, there are very few libraries needed. For
developed by of software too, so don’t ask them for help with gcc. each package, there are just a few needed. We will point
Bell Labs that We’ll use gcc though, since it will probably already be out what’s required throughout this tutorial.
implements installed on your system. Otherwise, your best bet for
most of the getting the source is to set up a directory where you Libraries that suck
*Nix based
clone each package into its own directory. Then add a The exact libraries depend on the package you are
systems in a
patches directory and you are good to go. If you want to configuring. Suckless Tools needs only libx11-dev, the
more network-
centred way. publish your unique masterpieces, create forks with git: header files to get access to your X11 environment. You
$ git branch MyConfig need to check and possibly change two files before you
start compiling. The first is config.mk, which sets the
paths, libraries and flags for your compiler. The second
file is config.h, which is where you set features to be on
or off. This is also usually patched – more on that later.
$ sudo make clean install
If you leave all configurations as standard, the file will
end up in /usr/local/bin/. The new binary is also set
to the default one. Try it with the which command. You
may have created a mess at this point – don’t worry,
you can remove it with the uninstall option.
$ sudo make uninstall
This way you can experiment without destroying
your existing install. All packages can be installed this
way, so you can try it out before committing it to your
When you have run the patch command, Vimdiff is a great alternative to check what has been new system. To remove it, you can just erase the
rejected so you can correct it yourself. executable – though we recommended using the

Lightweight system TuTorials
earlier mentioned method.

The core package is used when you want to
minimise everything in your system. There are init
scripts to replace systemd, startup and SYS-VP. There
are parallel solutions for the init-scripts, so only go
down this route with experimental systems. Your live
systems should stay with something established until
you have tested carefully. With that said, it is definitely
worth playing around on a side system – a Raspberry
Pi, for instance.
Before you start patching, look through the values in
the config.h file to see if your needs are already met. All
the settings that with other programs you would usually
find in separate settings files are housed in config.h for
the Suckless Tools. Since the tools are made to be
minimal, you will probably miss a few features in the
original or base programs. The Simple Terminal st, for
example, does not have scrolling by default. This can be You can look up fonts with the font viewer that is built into Gnome. The results are not always
inconvenient if you don’t use tmux or similar. great, however.
For the extra features you might be after there are
patches – one example is adding scrolling to st. The are still many things that the terminal cannot do. If you
patches contain new settings in config.h and the C files. fancy any of the patches, try them out. The first feature
When you look through the patches, you may find many to add is probably scrolling – the patch is small and can Werc is a web-
interesting features but beware: the more patches, the be easily applied. With it comes a patch to let you scroll based attempt
at doing the
more problems getting them to work. Choose your with the mouse. To apply the two patches, take them in
same thing as
patches cautiously. order since they depend on each other. Go to the
plan 9, with a
source directory and run the following commands. heavier focus
Merging two files $ patch -p1 < st-scrollback-0.8.2.diff on web pages.
In principle, adding patches is really simple. Just use $ ls it uses plan9
the diff program when in the correct directory and the The result from your command will tell you which commands to
result is a number of files with the patches applied. It ‘hunks’ were successful and which were not. If you have install. Find the
doesn’t always work perfectly though – many ‘hunks’ failures you need to investigate the reject file or files to details at http://
may be rejected. You must learn to handle these see what you can do to fix it. werc.cat-v.org.
situations with grace and patience. Other patches you may want to use are:
Most times when it is rejected, it is trivial to open the st-copyurl-20190202-0.8.1.diff st-externalpipe-0.8.2.diff
resulting reject file and the new file next to each other to st-scrollback-mouse-0.8.2.diff st-boxdraw_v2-0.8.2.diff
see where it should be. In the file there are line st-copyurl-20190202-3be4cf1.diff st-alpha-0.8.2.diff
references, but they are not always correct. The file also When you’ve finished patching, you are ready to
contains lines that are not affected by the patch; they compile. If you have prepared your system correctly the
are there to guide the system or you about where to compile takes a few seconds and you have a new binary
add lines. ready. The commands are:
Fortunately, most developers are smarter than the $ make
logic in the diff program. Here is a sample command to
patch st. The command is executed in the source
directory of st. The Simple x hoT-key daemoN
$ patch -p1 < ../patches/st-alpha-0.8.2.diff
In the last example you can see the -p1 option, When you start using dwm, you will need shortcuts to do anything.
which means that the patch will remove directory levels The reason is that starting an application can only be done with a
from the patch file. The reason for this option is that terminal or dmenu – at least, this is the default behaviour. You may
some diff files contain too many levels of directories so also use vim, Emacs or something similar. Once you start using
it may not match your source directories. The patch keyboard shortcuts or key chords, you start looking for them
binary will look for the files mentioned in the diff file in everywhere: who needs a mouse to browse the web? Use vimify
the directory you are in, by default. You can also use the or similar to browse with vim keyboard shortcuts.
-d option to point to your source directory. The patch With sxhkd, you can define your own shortcuts for the whole
is in a directory called ../patches – this is a personal system. It runs as a daemon and has simple and powerful setting file.
choice. Patch doesn’t look at the directory where you To bind your favourite application to a specific key, add it to the
take the patch from when applying the patch. configuration file. The keyword to bind your keys are clear and the
format of the file is indented. To emulate what Gnome does, add this
The utilities to your sxhkdrc file:
If you truly want to stay slim, you will use the source #Close a window
code unmodified and only change a few settings. The super + q
settings are available in the config.h file. You can set WID=$(cat $X11FS/focused); \
the fonts at the top of the file. This includes the initial rmdir $X11FS/$WID
font size; you can change this size during run time with You can run simple scripts directly from the configuration file.
Ctrl+Shift+Page Up and Ctrl+Shift+Page Down. There

TuTorials Lightweight system
$ sudo make install

The first make checks all libraries, parses the files
For an and finally creates the binary. The make install
interesting take command will also copy the binary to the current
on distributed directory. You can test this program from the source
operating code directory before you install, or just install and try
systems like it out.
plan 9, take
a look at Setting config.h
inferno at The file starts with an appearance section where you
www.vitanuova.
set values such as border pixels, fonts and the dmenu
com/index.
html. it runs as
font. The dmenu program acts as an application
a standalone chooser, in this instance. Note that dmenu is very
application, or versatile and useful for making choices – more about In the config.h file for dwm you define the key chords that you will use
as an oS. that later. The config.h file has appearance settings at to start applications. Consider using sxhkd to get more shortcuts.
the top. Choose your border size and three colours for
foreground, background and border. Next, further down Control and Shift. You can now compile it the same way
the file, you can lock your applications to a certain tag you did with the others but before you start using it,
and make it floating. There is a sample in the file for compiling dmenu is a good idea.
GIMP, which does not play well with tiling window Good patches to consider are the attach ones –
managers. It has menus that detach from the they change the way a new application is added to the
application, which makes no sense unless they screen. To choose, you need to be familiar with how
are floating. stacking works. The best bet is to try out dwm first and
With the MODKEY setting, you can change your then decide how you want them added. The default is
main controlling key. The default is Mod1Mask, which that a new application is added to the left, and the
is the Alt key. This is not a good choice if you use running one is pushed to the right and made smaller.
Emacs, since Alt+X starts new commands. You have Most other patches make tweaks to the same tiling
five alternatives for this key setting. The Windows system; some interesting ones are mpdcontrol and
(Super) key is Mod4Mask; the others are Num Lock, dualstatus. There is also a patch to remove the whole
status bar code. To add these patches, do the regular
dance and see what happens.
$ patch < ../patches/dwm-dualstatus-6.1.diff
$ patch < ../patches/dwm-r1615-mpdcontrol.diff
To make it a binary, run the make commands.
$ sudo make clean install
Now you can run dwm and control your music player
Once you have
compiled dwm, with the ModKey of your choice without opening mpv all
you can run it the time.
like any other You can use the dmenu program as is, especially for
software. It will dwm. Settings for this in the config.h control default
only run on its
own, though, so
colours and word delimiters, which can be overridden
you need to drop by command line options.
to the console first. Many of the patches can be set on the command line
but you may still use a few for your special needs. The
most important, and interesting, is to find the scripts
SWay: WhaT aBouT WaylaNd? available. Find your favourite and download it to a
directory in your path. You can then create a call to the
The dwm window manager is minimal and efficient. However, at the command and then define a key chord near the other
present time it runs on X exclusively. Efforts to port it to Wayland is command definitions in the config.h for dwm (rather
underway. Until that is stable, you can choose Sway. This is a tiling than dmenu):
window manager that has the slim build of dwm and its tiling magic static const char *websearch[] = { “dmenu_websearch”,
too. Sway is a fork of the i3 window manager. The big difference is NULL}
that it has support for, and relies on, the Lua programming language Further down, add a key chord definition.
for configuration. For simple configuration, you do not need to learn { MODKEY|ShiftMask, XK_w, spawn, {.v =
programming. It is simple to change what is already in the standard websearch } },
configuration to suit your needs. If you do want to have advanced You can call anything else in the same manner and
enhancements, you should use Lua. have a keyboard shortcut available. As for dmenu, you
The use of Lua might offend purists, and it is a bit heavier than can easily make your own drop-down list using a text file
dwm, but not dramatically so. If you don’t mind compiling and adding as input or any shell script. To compile it all, run the now
functions the way you have done in this tutorial, check out Sway or i3. familiar command:
They are pretty full of nice features from the initial install. $ sudo make clean install
If you insist on running Wayland, you have two options: port dwm The surf web browser is minimalist but highly
to Wayland and propose an update to the code, or find an alternative. capable. You should be able to do much of your web
Sway is a powerful and easy one to get used to. browsing without switching to better-known beasts.
This code is based, and relies, on GTK+ and Webkit/

Lightweight system TuTorials
GTK+ header files. Get all of these kits installed on

Ubuntu with the following command:
$ sudo apt install libgtk-3-dev libgcr-3-dev
libwebkit2gtk-4.0-dev
If you want a URL bar, it’s optional – you use the
dmenu program that you installed earlier. You can also
install tabbed, to make it possible to run with tabs.
What, did you thank that was mandatory? The tabbed
program also has a few features, but for the purpose of
this article, just compile it.
The top of surf’s config.h file defines the user agent
– you can set it to Mozilla if you want. Doing this can
take away annoying warnings on certain web pages but
also causes a whole lot of problems, so be cautious.
Next, the file defines the usual directories for styles,
cache and the like. Note that, by default, there is no Three applications
bookmarks file. Your best bet is to use a separate Type=Application running inside
bookmarks file or just pick the one you have in your Now when you log in from GDM3, you have the dwm – the
stacking method is
favourite browser. There are a bunch of settings for the option to start dwm. Configuration, however, may be
vertical. Find your
detailed behaviour of surf. Later in the file you choose very different from your current settings. This means favourite method
which video player you wish to use – mpv is the default. you may need to use your own start file. One simple yourself by picking
You also have a reference to the xdg-open binary for way to do this is to create a starter script that starts a patch from
files that needs to be opened that way. Look through everything the way .xsession would do it. To do this, suckless.org.
the GDK keys to see if they are to your taste, and finally change the /usr/local/bin/dwm entry to /usr/local/
compile surf. bin/dwm-start . Create the file and add the code below.
When searching, it is dmenu that collects the input #!/bin/sh
so you need surf to call it with Unicode. The ‘surf-0.6- # while loop to update statusbar with some goodies
dmenu-unicode.diff’ patch does precisely that. If you while true; do
are a big fan of vim, you want the ‘surf-modal’ patch. #battery
The patch adds an insert mode to surf so you can write battper=$(cat /sys/class/power_supply/BAT1/
without clashing with the keybindings of surf itself. capacity);
Apply your patches and compile. battery=$(cat /sys/class/power_supply/BAT1/status);
$ sudo make clean install #time
CLK=$( date +’%a %b %d %R:%S %Z’ )
Connecting the parts xsetroot -name “$battper% $battery | $CLK | “
To bundle all of this into your existing system, you can sleep 1
take two approaches; go clean, start your machine in done &
console and run startx to run dwm. The second #loop is done? :p
method is to add dwm to your desktop manager. In this
example, you will use GDM3. For GDM3 to recognise #traying
dwm, you need to add one file in /usr/share/ sleep 1
xsessions/dwm.desktop and fill it with the text in the /usr/bin/nm-applet &
code below. feh -z -Z --bg-scale /home/matstage/Pictures/
[Desktop Entry] Screenbackgrounds/Penguins.jpg
Encoding=UTF-8 #start dwm after loop
Name=dwm exec /usr/local/bin/dwm > /dev/null
Comment=This session starts dwm This code will initialise a few features, first the
Exec=/usr/local/bin/dwm battery and then the date and time. You can set the
time between updates with the sleep statement. Next,
the network manager is added and then the script sets
the background. Finally, the window manager is started.
Note that the loop is a separate process due to the &
sign. With this, the bar is kept updated. You can change
the bar to contain output from any shell command.
When you switch to Suckless Tools, you will end up
with a very small system. Getting there requires a bit of
work, so make sure you dedicate some time to it. Once
it is up and running, you can do most things with a very
small footprint indeed. There is one caveat: the more
advanced programs have a reason to exist. Do not
Dwm in action: the top bar shows the load average, memory, battery, dump the advanced graphics program or even your
volume and clock. To the right is the script that sets the statusbar. browser, they may be necessary for certain sites.
learN To SuCk leSS aT liNux Subscribe now at http://bit.ly/LinuxFormat

THE BEST NEW OPEN SOURCE SOFTWARE ON THE PLANET
HotPicks
Foliate F.U.S.S. CPU-X Chomper
Timeshift Jade Gifcurry Pentobi
Alexander Tolstoy
counted all the open
source he has ever written
about and thought that if
each title was a raindrop,
the whole list would create
Speed Dreams Libheif GoTTY a downpour.
EBOOK READER Your ePub books

have never looked
better, thanks to
Foliate
Foliate.
Version: 1.5.0 Web: https://github.

com/johnfactotum/foliate
ccording to J.K. Rowling, “If you don’t like to
A read, you haven’t found the right book”. But

it’s important to add that your attitude to
reading in electronic form is greatly impacted by the
software we use for it. There is a whole slew of ebook
readers for Linux that have existed for ages. Still, there
is a room for another even better ebook reader, and we
think we have found the one. Exploring the Foliate interface
Foliate is a sleek GTK3-based and JavaScript-
powered desktop application that was limited to the
ePub format, but the latest release adds Mobi and 2
Amazon Kindle formats (MOBI, AZW and AZW3). While
that means that you’ll need other software to handle
PDF or DjVu files, Foliate is perhaps the most polished
and comfortable to use application when it comes to
ePub. The secret is in the details, in those little things
that you mostly notice when you start reading. 1
A good example is the built-in word look-up. Many
applications have this feature, but few deliver word
definitions right inside the book-reading view, instead
of taking you away to a web browser window. When you
select a word in Foliate, a compact dialogue pops up 3
and instantly loads the word definition from Wiktionary.
Below it are the buttons for switching to Wikipedia and
Google Translate views. When reading ePubs that
contain some words you may not know, Foliate makes
it very easy to get definitions and to keep on reading.
The header bar in Foliate has buttons for searching 4
and accessing the main menu, and setting a custom 5
font, theme or layout. It is possible to adjust font size
and type (or stick to the publisher’s font), change Adjust the way your book looks Built-in highlighter
1 You can set our own font size and 4 The middle section in the sidebar lets you
brightness and adjust margins and hyphenation for a
margins, and also choose sepia or a dark theme. navigate between highlighted items.
perfect reading session. Use the lower slider to navigate
inside the book, and also the top-left button at the A handy sidebar Never get lost
header bar to switch between chapters. 2 Navigate inside the book using the index, 5 This slider indicates your total reading
If you close Foliate and run it again, it will ask if you highlighted items and bookmarks. progress. It also lets you jump back and forth
within a book.
want to open another file, or continue reading the Word look-up
previous book. Get Foliate on Flathub, or grab the DEB 3 Select a word and quickly get its
package from the GitHub page’s Releases section. definition, translation and Wikipedia article.

hotpicks
A relaxation script
Post-iNstAll scriPt for Fedora fans!
Run it once and
F.U.S.S.
see how your
system acquires
extra software,
extensions and
popular tweaks.
Version: Git Web: http://bit.ly/
lxf254fuss
e all love to optimise routine tasks, automate
W monotonous actions and save our time for

better things. The hero of this review is a recording with Ctrl+Shift+Alt+R, restart the X.org
welcome script that helps with a lot of such routines session with Caps Lock+Backspace, create empty files
specifically for Fedora 29/30. Of course, the audience in Nautilus, see the date in the top bar and minimise and
is therefore limited to the users of this Red Hat-backed maximise windows.
Linux distribution, but we know that there are many FUSS contains few specific parts that may not suit
such users and that’s why we have the Fedora Ultimate everyone. For instance, there’s the Intel VAAPI driver,
Setup Script (FUSS). There’s no need to compile it – Visual Studio: Code topped with a dozen of extra add-
this is a plain Bash script constituting nearly 400 lines ons, and some custom Gnome Shell tweaks, such as
of functions and if/then/else conditions. automatic placing of Nautilus windows on the second
FUSS has several separate blocks. The first installs virtual desktop and terminal windows on the third. In
frequently used software such as general audio and any case, it takes very little effort to edit the fedora-
video codecs, Transmission, MPV, mount.exfat-fuse, ultimate-setup-script.sh file and change things back
Wine, Borg Backup, Chromium, Java and other titles. to the way you want them.
The next one adds extra GNOME Shell extensions Again, we admit that there is nothing in FUSS you
(auto-move windows, Pomodoro) and also some very can’t do yourself by hand, but FUSS is here to save a lot
useful Firefox extensions (uBlock Origin, HTTPS of your time if you let it. This script fixes a long-delayed
Everywhere and so on). release of Fedy for Fedora 30 – a nice GUI for post-
FUSS applies a handful of tweaks to the default install tweaks. As long as Fedora users are left without
Gnome shell desktop. As such, you can toggle screen Fedy, FUSS can stand in as a palliative replacement.
The search for

HArdWAre iNformAtioN tool CPU-Z for Linux
is finally over:
CPU-X
meet CPU-X!
Version: 3.2.4 Web: https://github.com/

X0rg/CPU-X
ver since we reviewed I-Nex way back in lXf191,
e we haven’t seen many other high-quality

system profilers and hardware information
tools. Now it’s time to correct that with the help of the
marvellous CPU-X.
Essentially, CPU-X is a clone of CPU-Z for Windows.
It is hard to underestimate the importance of this tool;
many people use it as an essential system accessory
for checking their CPU capabilities, running
benchmarks and showcasing the hardware setup to
others. CPU-X sports a very clean and finely crafted
tabbed interface that has a lot in common with CPU-Z.
The first two tabs list details of your system’s CPU configurable number of threads. These results are
with all its frequencies, caches, cores. sockets and so merely synthetic, but at least they enable you to
on. Next is mainboard information, system, graphics compare the performance of different Linux systems
and benchmark. There are also some Linux-only details, with each other without needing to run fully fledged test
such as full system information (kernel version, suites like the Phoronix Test Suite.
distribution details, uptime and C compiler details). Moreover, CPU-X can be useful for tasks such as
When it comes to benchmarking, CPU-X has a couple of comparing performance of different Linux distributions,
basic tests for stress-loading the processing unit in a kernel versions and custom kernel parameters that
given amount of time (one minute by default) with a power users append to the ‘linux...’ line in GRUB2.

hotpicks
Chomp your
screeN cAPture tool screen into parts.
They can be of
Chomper
any size and of
unlimited quantity
– mind the RAM
usage, though.
Version: GIT Web: https://github.com/

virtulis/chomper
riting about super-simple Linux applications
W has its pros and cons. On the one hand, users

appreciate simplicity and a clean minimalistic
design, this helps them feel confident and to never get
lost in any settings. But at the same time, apps like a re-capture the screen using another tool, like Spectacle,
stopwatch or a song-lyric fetcher are so simple there’s Flameshot, Shutter and so on.
not much to say about them. So here’s a rare case Building Chomper from sources requires a modest
when a very basic application is indeed extremely useful set of Qt5 development packages and a few seconds.
and fits into a previously vacant niche. Issue the following commands to compile the code and
Chomper is a one-man hobby project for grabbing install the application:
screenshots. The idea is that one can draw a random $ qmake-qt5 && make
selection over the screen and it will be placed inside a $ sudo make install
separate window. There are no other features that You can then find Chomper in your application menu
could otherwise introduce delays in the lightning-fast – look for an icon with a dashed frame. Launching the
screen grabbing. If you map the chomper command application immediately takes a full-screen picture of
to a key, you can do many such grabs, each in its own your current desktop view and lets you draw a selection.
window, without cluttering up your file system. Once you release you mouse, a new window is created
This is handy for things like grabbing a still image and the desktop returns to normal operation.
out of a movie or a video stream, cutting an image into So it’s easy as ABC and can be really helpful in case
a series of snippets or whatever. You can later arrange you feel that a conventional screenshot tool is overkill
those Chomper windows the way you like and for your needs.
Tell Timeshift how

system BAckuP & restore many snapshots
it will store and
Timeshift
define a schedule
for automatic
backups.
Version: 19.01 Web: https://github.

com/teejee2008/timeshift
aking regular backup copies of your data is
t crucial, but choosing the right backup software

is no less important. It’s no secret that the
Linux world abounds with such software, but since each
utility has its own pros and cons, it’s useful to get a
handle on some of the best tools.
Today’s top pick is Timeshift, a feature-rich,
powerful and easy to use backup tool, which looks like a
serious rival to commercial backup products available Timeshift requires root privileges to run and when
for Windows and macOS. The reference to these OSes you launch it for the first time, it asks if you want to use
is appropriate, because Timeshift was designed to be rsync-based or BTRFS backup. The latter uses the built-
similar to Microsoft’s System Restore and Apple Time in snapshot feature of the BTRFS file system; of course,
Machine. The focus is on the operating system’s files your root partition needs to use BTRFS for this to work.
(/), not your personal data (~/). The next steps include choosing a location for the
Timeshift is similar to rsnapshot, BackInTime and snapshots and setting the backup period for the cron-
TimeVault, but its goal is different: with Timeshift you based scheduler.
can roll back your system to an earlier state, but your Timeshift is completely transparent to the user.
private data will remain untouched. Therefore, it’s wise Snapshots are created silently in the background
to use another backup package such as BackInTime for according to the schedule, whereas the main Timeshift
your data, and let Timeshift handle the system files on GUI is just a manager for manually creating, restoring
its own. and browsing snapshots.

hotpicks
Jade is a powerful
diAgrAm editor diagram editor
for Linux and an
Jade
easier alternative
to LaTeX.
Version: GIT Web: https://github.com/

jaallen85/jade
he open-source world may have decent
t analogues to almost any commercial product,

be it a photo editor or an office suite, but what
it still lacks is a high-quality diagram editor – something
like Microsoft Visio which empowers Linux users to
create good-looking scientific, educational, or business can drag, remove and insert as in most vector editors.
graphics. In lXf244 we took a look at Heimer, a simple The right panel in Jade lets you define precise values
mind-mapping tool that partially does the same job, but for an object’s position, size and other properties.
it was still too basic. Objects can be scaled, grouped and rotated – but
Jade is more comprehensive. With its superb vector- only by 90 degrees. You can also move objects back
editing capabilities, curves, labels, symbols and the and forth to arrange them correctly, which seems to
classic grid in the background, Jade stands out as a be sufficient given that Jade doesn’t support layers.
powerful editor for diagrams, schemes, plans and many When your perfect scheme is ready, save it to the
other sorts of schematic drawings. Don’t confuse Jade internal Jade format (JDM), or export to PNG, SVG,
with the desktop environment from lXf240 – the two ODG, PDF and even VSDX (Visio)!
have nothing in common! Being an undeservedly less-known application,
As a one-person project, Jade is surprisingly feature- Jade is not packaged (yet) for mainstream Linux
rich. It provides tools for drawing lines, arcs, curves, distros. Make sure you have Qmake and a standard
simple shapes and text labels. If you need more, check set of Qt5 development packages, then grab Libjade
the Electric Items and Logic Items sections under the and Jade, put it side by side and finally compile Jade
Place menu. Each object has editable nodes that you using $ qmake-qt5 && make .
Master your own

Video editor videos, or alter
existing files
Gifcurry
with confidence
and ease, using
Gifcurry.
Version: 6.0 Web: https://github.com/

lettier/gifcurry
erhaps we are doing a favour to Gifcurry when
P we tag it as a ‘video editor’. Well, it really can

edit videos, although it’s clearly more
lightweight than Kdenlive, Flowblade, Pitivi and such.
Instead, Gifcurry is a perfect companion to Peek, a
handy screen recorder which is extremely useful for
creating small screencasts and instantly saving to GIF
or WebM (see lXf238). right is for the video, and the lower part has a
As its name suggests, Gifcurry is primarily a GIF timeline and a large Play/Pause button. But Gifcurry
editor. It’s a compact, colourful and relatively simple is not so basic as it seems to be from the first glance.
application for those who prefer a relaxed approach to Exploring the tools reveals quite a few subtle features,
doing things. With Gifcurry you can crop, resize and such as the ability to import external subtitles from a
dither videos, insert text captions and then re-save the file, alter a file’s duration, arrange text captions as
file as another GIF or a WebM video. Alternatively, go layers and so on. It’s possible to pick a custom font,
with the Upload button and push your animation to set up its placement, colour and outline thickness,
Giphy or Imgur. Under the bonnet, Gifcurry is powered and even do simple animations by switching between
by FFmpeg and ImageMagick, which means that the different captions. The command line has almost the
app can chew a great variety of video formats. same set of features, and it is great for scripting.
The GUI is easy to use and since it sports a limited It’s simple to take Gifcurry for a spin without
number of features, it’s hard to get lost. The left part of compiling anything: just grab the AppImage bundle,
the window contains expandable tool categories, the make it executable and run.

Games HotPicks
The ‘GembloQ’
BoArd gAme game mode turns
the board by 45
Pentobi
degrees and allows
sharp corners.
Version: 17.1
Web: https://github.com/enz/pentobi
hen Bernard Tavitian invented the board game
W Blokus nearly 20 years ago, he might have

thought that people should spend more time
playing tabletop games instead of staring at computer
monitors. But a twist of fate led Blokus to a digital form,
so now we have Pentobi, a logical board game for Linux will not always work, as it is often possible to
where you can play against a strong and configurable penetrate through besiegement, using those diagonal
Blokus AI. corner touches.
Pentobi implements the same rules as the traditional For those who want more than a classic Blokus
Blokus. Each player has a set of tiles of different shapes. one-to-one match, there are some great advanced
Each tile, except the first, can only be placed corner-to- options under the Game > Game Variant menu. It
corner with another tile of the same colour, so it’s not turns out that Pentobi has seven games in one! The
possible to stack same-coloured tiles too closely to size and shape of the playing field, the tile sets and
each other. The goal of the game is to occupy more also some rules differ.
squares of the playing area than your opponents. The game itself lets you play as the AI at any time.
The game is designed for two to four players and has If unsure what move to make, hit the Play button in
a lot of variations, but the default Pentobi settings imply the toolbar and see how the bot decided to move;
that you play against the built-in Blokus AI at level 1, the this instantly works as a basic tutorial for the game.
easiest. It’s not really that easy, we must say; Blokus is See https://repology.org/project/pentobi/
a very smart game, and Pentobi’s bot is indeed very packages to find out if Pentobi has already been
cunning. Surrounding an enemy’s tiles with your own packaged for your Linux distribution.
rAciNg simulAtor
Speed Dreams
Version: 2.2.2 Web: https://sourceforge.net/projects/
speed-dreams
here aren’t many 3D racing games for Linux
t with realistic graphics and a first-person view.

Speed Dreams is a bold example of such a pedals and joystick. Set keyboard and mouse Soft-braking before
high-quality game and it is certainly a terrific time-killer behaviour to your liking and go racing! turns usually
improve your
for everyone who loves cars. If something is ringing a Choose to practise, or join the championship with
chances for a
bell here, note that Speed Dreams is a fork of TORCS your favourite car, be it a historic model or a modern- prize position.
(lXf205) with some additions, updates and a more day Grand Prix race car. Press F1 at any time to
active community. Speed Dreams seems to outperform access a cheatsheet with useful key bindings. For
TORCS in terms of visual realism and physics example, use the F2-F11 keys to change camera view,
simulation, and it also provides more vehicles and from first-person view from the cockpit (F2) to a ‘TV
tracks, with a separate package available for download director’ view (F11 – fun, but pretty useless).
along with the base game file. Car dynamics are something that the Speed
Racing with AI opponents requires certain skills, but Dreams developers take seriously. The game has a
luckily, many things in Speed Dreams can be configured raft of driver and car profiles, and it’s all about
for novice users. Select Quick Race from the start accuracy and precision. As a side effect, the default
menu and try yourself on a sample track with control sensitivity is very high, so that driving a
computer-controlled contenders. The default controls powerful racing vehicle feels nearly as hard as driving
are a bit unusual: move your mouse to control the in real life. Along with that, you can choose weather
steering wheel, and press the Up/Down keys to conditions, time of day and also split the screen to
accelerate or brake. These defaults were designed to show more than one camera view at once (press
better fit external gear such as physical steering wheel, Shift+9 for that).

hotpicks
Encode a series
imAge formAt liBrAry of screenshots
into one .heic file
Libheif
and enjoy superb
compression!
Version: 1.4
Web: http://bit.ly/lxf254libheif
he times when JPEG was the epitome of lossy
t image compression, and PNG of lossless, are

long gone. Not only do we have the fabulous
FLIF and Lepton image formats (see lXf222 and lXf215)
that compress by up to 10-30 per cent further, here
comes another new format: High-Efficiency Image container format and therefore it can pack many
Format, or Heif. images into one file. The good news is that the encoder
Traditionally, modern image compression techniques finds similarities within the files and in some cases
are designed for efficient data storage for large-scale delivers a breathtaking overall compression!
enterprises – that’s why they are usually backed by Heif is already a part of many Linux distros, so
companies such as Google, Facebook or Dropbox. Heif you can easily find it in Ubuntu right away. There is
is backed by Struktur AG, a German enterprise for B2B the shared library (Libheif), binaries for encoding and
solutions. Since Heif involves encoding data using the decoding files (Libheif-examples), the thumbnailer for
H.265 codec, we can deduce that it is used for audio Gdk-pixbuf and even the Gimp plug-in. Seems like
and video communications to deliver better data everything we need to get started with Heif is already
throughput. For regular mortals Heif is a great open here. Let’s pack a series of PNGs into one .heic file:
source option that crushes an image file to be smaller $ heif-enc file1.png file2.png file3.png
than JPEG while retaining a nearly lossless picture – When file1.heic is opened in Gimp, it will display a
very close to PNG quality. dialogue and let choose which image(s) you’d like to
The compression ratio that Heif delivers for a single extract. To get your PNGs back, do this:
image is just the tip of the iceberg, though. Heif is a $ heif-convert file1.heic output.png
In many cases
commANd liNe tool Gotty can
safely replace
GoTTY
a heavyweight
monitoring system.
Version: 2.0.0-alpha3
Web: https://github.com/yudai/gotty
ou obviously need a terminal emulator in order
y to run CLI applications in Linux. But there’s a

lesser-known approach which enables a
terminal output to be turned into a web application.
GoTTY is the tool that we’ll use for this.
It’s a JavaScript and TypeScript-based package
that brings up a small webserver and translates the Don’t miss the entire list of helpful parameters
command output in it. All you need to do is open your ( $ gotty --help ) to get familiar with GoTTY.
browser and navigate to the address that GoTTY Interestingly, its default behaviour implies a read-only
provides. Let’s look closer at how it works. The syntax browser view, meaning that you can watch what is
for launching a webserver is very straightforward: just happening in the terminal, but not interact with it.
add a command you need to run as a parameter to However, there is a dedicated option ( -w ) that enables
GoTTY, such as: write access and makes your browser tab accept input
$ gotty top as long as the command keeps on running. Let’s now
GoTTY will fire up its webserver and show a list of run another GoTTY instance on a different port with
URLs you can use to access your command via web write access:
browser. By default port 8080 is used, so your URL will $ gotty -p 8081 -w htop
probably look like http://localhost:8080. Of course, it Now you can sort your processes by any column,
is possible to explicitly define the IP address and the interact with htop in any other way, and finally manually
port – the latter becomes obligatory once you need to close the GoTTY session with Ctrl+C. GoTTY is an
run more than one GoTTY instance. unmatched tool for remote monitoring.

CODING ACADEMY
Part One!
ASSEMBLY LANGUAGE Don’t miss
next issue,
subscribe on
Low-level kernel page 26!
access and coding

John Schwartzman shows how to write assembly language code
that calls Linux kernel services and the C run-time libraries.
earning assembly language won’t make you
L a faster programmer. It won’t enable you to

create portable, write-once run-anywhere
programs. It’s not object-orientated. It’s not new. So
why learn it? The answer is that it just might make you
OUR a better programmer. By learning just what a processor
can and can’t do, you’re on the way to a deeper
EXPERT understanding of computer science.
John A processor doesn’t just perform arithmetic – it also
Schwartzman performs Boolean logic operations. Understanding
is a long-time Boolean logic operations teaches you about the
engineering Boolean logic gates inside the CPU and how the CPU
consultant to uses these logic gates to make decisions. That just
business and might make you a more capable computer engineer
government. He as well as a better programmer.
also teaches Assembly language is a low-level language: it’s Figure 1: hello.c – the obligatory first program.
Computer specific to a particular processor. You use it to program
Science at a a specific processor at the hardware level. Compilers operate on data. But at the heart of every high-level
local college. understand assembly language, because that’s what language is assembly language.
they use to create the instructions in high-level The Linux boxes in our office use Intel x86-64
languages. C++ is used to create many different microprocessors, so we’re writing assembly language in
programming languages. The C++ compiler strings the Intel dialect. We’re using Linux and so the assembly
together lots of assembly language instructions to do language we write will use Linux kernel services. Even
its work. Every kind of program ultimately executes when we use the C library (glibc), the library methods
machine language on the computer. we call will, in many cases, be thin wrappers around the
Linux kernel services.
Assembly Some assembly required It has become obligatory to introduce every new
language is Assembly language is simply machine language with programming language with a program that prints
particularly
mnemonics. Mnemonics are names given to machine “Hello, world!” to the console, so let’s start there. Figure
useful for
language instructions, also known as op codes, so that 1 (above) shows the program hello.c, and Figure 2 (page
writing device
drivers and for we don’t have to remember hundreds of numeric 88) shows hello.asm, its assembly language equivalent.
writing methods values. It allows us to write a program using identifiers At the command line in your working directory, type
and functions like ADD, SUB, MOV and so on. make release . Make invokes the yasm assembler to
that control High-level languages make programs portable – they create the object file (hello.obj) from the hello.asm file
and interrogate enable you to program without worrying about the low- and the ld gnu linker to create the executable (hello)
hardware level details of how the CPU works. They provide the from the object file. It also uses the gcc C compiler to
(embedded abstraction that lets you think about problems at build and link hello.c into the executable file a.out
systems). It’s a higher level. Object-orientated languages like C++, (assembler output). make clean removes all of the
also very useful
Java, C#, Python and so on are ‘higher’ high-level build artefacts from the working directory.
to help learn
languages that enable you to incorporate the problem Figure 3 (page 89) shows the makefile for hello. Each
how computers
and compilers domain into your program. The programs you create project in this series has a similar makefile and all rely
work. with an object-orientated language ‘understand’ your on the Bash shell script named maketest.sh in the
application and not just the generic algorithms used to parent directory. There is also a makefile in the parent

coding academy Assembly language
The code
At linuxformat.
com/archives
directory that will make or clean all of the child projects and on the
at once. Execute a.out and hello and satisfy yourself DVD
to install, type that they do produce the same output.
gcc –-version $ make release # Build the program
at the command $ yasm -f elf64 -o hello.obj hello.asm # assemble
line to make $ ld hello.obj -o hello # link
sure that you $ gcc hello.c # compile and link C version (a.out)
have glibc
$ ./a.out # Run the C executable
installed. Install
Hello, world!
it if it’s not
installed. $ ./hello # Run the ASM executable
type gdb Hello, world!
–-version at The outputs are the same; let’s examine hello.asm.
the command We start with some constant definitions in lines 9
line to make to 13. The program has two sections, one for code
sure that you (section .text ) and the other for read-only data
have gdb (section .rodata ).
installed. Install Our code starts at the label _start (line 17). We load
it if it’s not
some of the processor’s registers in preparation for
installed.
calling the Linux kernel. A register is like a very fast
Install yAsm
Install ddd memory location that is built into the CPU. All of the Figure 2: hello.asm, the assembly language equivalent to hello.c.
and you’re done. registers have different names and we can think of them
as variables, each holding a piece of data or the address perform in the RAX register. Depending on the number
of data. We can move values into registers, perform of arguments a specific kernel service requires, it
arithmetic or logic operations on registers and ask always expects to find the first argument to the service
questions about the results of those operations. Finally, in the RDI register, the second in RSI, the third in RDX,
we can alter the flow of execution based on the results the fourth in R10, the fifth in R8 and the sixth in R9 –
of the questions we’ve asked. The values we move into six is the maximum number of arguments for a kernel
registers can come from other registers, from memory service. These register names are, of course, specific to
and from immediate values provided in the code. That’s the Intel x86-64 or AMD64 processor. If your Linux box
about all that a CPU does. uses a different manufacturer’s processor, the registers
In hello.asm, we set the values in the appropriate will have different names and the assembly language
registers and then invoke the kernel. How do we know may use somewhat different mnemonics, but the
what are the appropriate registers? The Linux kernel principals are the same. After you’ve learned one
specifies in its x86-64 Application Binary Interface (ABI) assembly language it’s not hard to learn another.
document exactly what it expects to find in each
register. Essentially we’re passing a series of arguments Getting stuff done
to the kernel in various registers and the kernel says Hello.asm invokes two Linux services, SYS_WRITE and
that it always expects the ID of the service it is to SYS_EXIT. Linux treats everything as a file, so SYS_
WRITE may write to the terminal or to a file or to some
device. In line 18, we move the value for SYS_WRITE (1)
the C CALLIng ConventIon into the RAX register ( MOV RAX, SYS_WRITE ). In line
19, we move the file descriptor for the write into the RDI
A CPU has a limited number of registers. In order for Linux, C/C++ register. The file descriptor for writing to the terminal is
and assembly language programs to play together nicely, you need to always STDOUT (1) and we place this value into the first
know which registers you can change and which you must preserve. argument passing register, RDI. Next, for our second
You need to know which registers will be changed by the functions argument, we specify what to write. In line 20 we set
you call and which will be preserved. You need to know which registers the RSI register to the address of message, which is the
will be used to pass arguments into your functions and in what order. starting memory address of the string of bytes shown
The same goes when you want to pass arguments to a function. Your in the read-only data section of the program (line 29).
assembly language programs will only work if you obey the same Notice that the string ends with two linefeed characters.
rules that the Linux kernel and C obey. The assembly code for this is LEA RSI, [msg] which
The six argument-passing registers, in order, are RDI, RSI, RDX, means Load the Effective Address of msg into the RSI
RCX (substitute R10 for Linux syscalls), R8 and R9. So the first register. Finally, for the third parameter to SYS_WRITE
argument is always passed in RDI and the six (if there is one) is (line 21) we specify the number of bytes to write in the
passed in R9. The Linux Kernel will only accept up to six arguments. RDX register. The value msglen is an immediate value
The C run-time library accepts more, but additional arguments must that is calculated for us by the assembler. It is defined
be passed on the stack. If arguments are passed on the stack, the in line 30 as the address of the current position in
caller is responsible for removing them from the stack. Single values memory ( $ ) minus the starting address of msg .
are returned in the RAX register. SYS_WRITE only accepts three arguments so we don’t
Registers that must be preserved across function calls are RBX, need to change the values of the other argument-
RSP, RBP, R12, R13, R14 and R15. So if your function needs to use passing registers.
RBX internally, you must restore it before your function returns. In Now we can invoke the SYS_WRITE service, which is
order to be as efficient as possible, functions will use all the registers done with the SYSCALL instruction in line 22. If the
they can and only preserve those they are required to preserve. write is successful, the number of characters actually
written is returned in the RAX register; if unsuccessful,

Assembly language coding academy
RAX will contain -1 after the return from SYSCALL . Figure 4:

We haven’t bothered to check for success or failure in uname.c – a
program to
hello.asm, since if we fail to write to the terminal
print system
there’s nothing we can do about it. After all, we can’t information.
provide an error message to the user if we can’t write
to the terminal.
The last task is to tell Linux that our program has
finished with the processor and that we want to return
control to Linux, so that Linux can handle our next
request given through the shell. We do this by invoking
SYSCALL again with the value for SYS_EXIT (which is
60) in RAX. There is one argument to SYS_EXIT. We
can pass EXIT_SUCCESS (0) to indicate success, or
EXIT_FAILURE (1) to indicate failure. We are assuming
success and accordingly we place the value of 0 in RDI,
our first argument-passing register.
You’ll notice, though, that we didn’t use the
instruction MOV RDI, EXIT_SUCCESS . It just so
happens that performing the Boolean exclusive-or
operation on a register with itself, XOR RDI, RDI (on
line 25), always sets the value of the register to 0. But
why use this less-than-obvious instruction instead?
Well, it turns out that the XOR operation saves a few
bytes of program space and may operate more quickly
than the immediate instruction. This is the kind of thing that it’s a file on disk in your current working directory.
that an optimising compiler might do automatically if It allocates RAM (read-write) memory to your program
you’re writing in a high-level language – you’ll see this and loads the program from disk into that memory. It the best way
done a lot. allocates more RAM memory for a stack and sets the to follow along
stack pointer register (RSP) to the top of the stack for with this guide
Follow the trail your program to use. Linux allocates still more memory is to get the files
What happens to the value you returned in RDI? The to your program for a heap. It then sets the processor’s for this tutorial
kernel put it in RAX and it’s available to any shell script instruction pointer register (RIP) to the memory from the dvd
or from https://
that might be running your program. The shell can location associated with the label _start and then lets
github.com/
check this return value and decide what to do or what the processor execute your program. jschwartzman/
not to do next. You can check your program’s return Your program writes to your own terminal and then asm-tutorial.
value yourself by typing echo $? at the prompt. transfers control back to Linux, which puts you back in
~/Development/asm/hello$ ./hello the shell at the command prompt. As far as you’re
Hello, world! concerned, it looks like you’re the only user on the
$ echo $? system. In fact, Linux may be servicing many other
0 users, processes (programs) and devices. It is also
The sequence of events looks like this. You start off handling interrupt requests from the keyboard, mouse,
in the shell, which is patiently waiting for you to do disk, hardware housekeeping timers and other devices,
something interesting. You type ./hello at the even as it is executing your program and others.
command prompt and Linux looks up ‘hello’ and finds
Uname it
When you have a problem with your computer or with
some software and you look online for help, you’re
often asked to provide information about your
environment using the shell’s uname command. Our
next program is uname.c, shown in Figure 4 (above),
and uname.asm, Figure 5 (page 90). The uname.asm
file is a little too large to display in its entirety, so please
get the programs from the DVD (or web archive) and
display it in a text editor with line numbers active.
These programs get and print the uname
information. Build uname.c and uname.asm and satisfy
yourself that they produce the same output.
~/Development/asm/uname$ make debug
yasm -f elf64 -g dwarf2 -o uname.obj uname.asm #
assemble
ld -g .uname.obj -o uname # link
gcc -g uname.c # compile and link C version (a.out)
~/Development/asm/uname$ ./a.out
OS name: Linux
Figure 3: Makefile. Assembles and links hello.asm and compiles hello.c. node name: hp-suse-tower

coding academy Assembly language
release: 5.1.2-1-default If we pass the test in line 28 we write a blank line to

version: #1 SMP Tue May 14 18:21:06 UTC 2019 the terminal and then prepare to write the contents of
When the gnu (08094c3) our buffer. We start with the sysname header and place
compiler gcc is $ machine: x86_64 its address in RSI in line 32. RSI holds the 2nd argument
used to compile ~/Development/asm/uname$ ./uname to the SYS_WRITE syscall. Its address is defined in our
a C program, OS name: Linux .rodata section in line 86. We then call the local
the output of node name: hp-suse-tower writeHeader method in line 33. There we set the other
gcc is actually
release: 5.1.2-1-default arguments to the SYS_WRITE service. We place the ID
assembly
version: #1 SMP Tue May 14 18:21:06 UTC 2019 number of the service in RAX. The first argument to
language. gcc
then calls the (08094c3) SYS_WRITE is the write destination which is the
gnu assembler machine: x86_64 constant STDOUT (1) – that is, our terminal.
As to convert Uname.c should not present any challenges. We The third argument to SYS_WRITE is the number of
the assembler declare a utsname structure and give it the name bytes we want to write and we place that in RDX in line
output into buffer in line 14, and in line 16 we invoke the C 67. We then issue the SYSCALL instruction, which is a
an object file. uname function to fill the utsname structure. After software interrupt that moves the action from user
We don’t see that we simply print the information found inside the space to kernel space. The kernel can do tasks that
the assembly buffer. Now let’s look at uname.asm. regular users aren’t allowed to do. Much of assembly
language unless
Uname.asm begins at the _start label on line 22. language programming involves setting up the
we ask for it.
There we prepare to invoke the Linux uname system arguments to a kernel service or C run-time library
the command
gcc -S hello.c service SYS_UNAME. In line 23 we place the service ID method and then invoking the kernel or the C method.
will produce in RAX. This service call (syscall) takes one argument, After the kernel returns control to our program we
the assembly the address of the buffer we want Linux to populate. return to the instruction following the call. We do this
language The first argument always goes in the RDI register and with the RET instruction in line 69. How does the RET
program hello.s. we populate the RDI register in line 24. Notice that the instruction know where to take us? In line 33 we issued
(.s and .asm address we pass in RDI is defined in our uninitialised the CALL instruction. This automatically pushes the
are both file data section. address of the next instruction (at line 34) onto the top
extensions used The beginning of the buffer is defined in line 94 with of the stack and decrements the stack pointer register
for assembly
the label sysname_res . Incidentally, we set up our (RSP) before beginning to execute the code of the
source code.)
buffer by looking at struct utsname defined in /usr/ writeHeader method. When the processor encounters
include/sys/utsname.h. In line 25 we invoke SYS_ the RET instruction that is the last instruction in the
UNAME and then check RAX. As is usually the case, writeHeader method, it automatically pops the
Linux returns a 0 for success and a non-zero integer for address at the top of the stack and places it into its
Figure 5: The failure. In line 26 we copy the return code from RAX to instruction pointer register.
beginning of RDI in case the call failed and we have to exit the The pop instruction increments RSP, so RSP is the
uname.asm (the
assembly language
program. In line 27, we compare the contents of RAX to same value after the CALL and RET . We then execute
equivalent to 0 and if the value is not 0 we make a conditional jump the code at line 34. The processor jumped to the
uname.c). ( JNZ exit ) to the exit label in line 60 to exit. method and executed the code it found there, and then
automatically jumped to the next instruction after the
call. It can do this because Linux provides every
program with a memory allocation for its own stack,
and populates the stack pointer register RSP with the
address of the top of the stack before handing the
starting address of your program to the processor
so it can execute it.
Still with us?

After writing the header, we prepare to write the
contents of the buffer to the terminal. In line 34 we load
the effective address of the buffer containing sysname_
res into the RSI register. RSI holds the second
argument to the Linux SYS_WRITE syscall. In line 35
we call the method writeData . This is very much like
writeHeader except that we will write the newline
character to the terminal after we have written our
data. The method writeData begins on line 71. It sets
up the argument passing registers with the required
data to invoke SYS_WRITE, which we do in line 75.
There is no RET instruction following line 75 so we
fall into the writeNewLine method, where we write a
linefeed character to the terminal. The RET instruction
on line 83 takes us to line 37, which is the line following
the CALL instruction. We then repeat the actions
Avengers AssembLy Code! Subscribe now at http://bit.ly/LinuxFormat

Assembly language coding academy
described above for the remaining values that we

populated by invoking the kernel service SYS_UNAME. settIng up ddd
Note that writeData is an alternate entry point to
writeNewLine . If all this calling and returning is getting The Data Display Debugger (DDD) is based on GDB, the GNU
you confused, try writing the assembly language debugger. We’ll use it in order to understand what our assembly
without the calls and returns. If we start at line 32, the language programs are doing and why.
code would look line this: First, make sure you have installed the software listed in the Quick
lea rsi [sysname] Tip on page 88. Next, copy the asm directory and its child directories
; inline code at line 32 to your hard drive and cd to the ../asm/hello/ directory. Please get
mov rax, SYS_WRITE ; CALL the files for this tutorial from the DVD or from https://github.com/
(line 33) puts you in the writeHeader method jschwartzman/asm-tutorial.
mov rdi, STDOUT Make sure that asm/maketest.sh is executable. If it’s not, run:
mov rdx, HEADER_SIZE ~/Development/asm/hello$ chmod +x maketest.sh
syscall ; invokes the kernel service SYS_ In the ../asm/hello/ directory, perform the following steps to
WRITE (line 68) configure ddd:
lea rsi, [sysname_res] ; RET make debug
(line 69) takes you back to line 34 yasm -f elf64 -g dwarf2 -o hello.obj hello.asm # assemble
mov rax, SYS_WRITE ; CALL ld -g hello.obj -o hello # link
(line 35) puts you in the writeData method gcc -g hello.c # compile and link C version (a.out)
mov rdi, STDOUT ~/Development/asm/hello$ ddd hello
mov rdx, UTSNAME_SIZE While ddd is running do the following:
syscall ; invokes the kernel service SYS_ Select Edit > GDB Settings Disassembly flavor = intel (default is
WRITE (line 75) att)
mov rax, SYS_WRITE ; no RET so fall into Select Edit > Preferences > Source > click ‘Display Source Line
writeNewLine method Numbers’ and set Tab width = 4 (our code has four-character tabs)
mov rdi, STDOUT ; line 78 Select Edit > Preferences > Startup > Keyboard and tick ‘Click to
lea rsi, [linefeed] type’
mov rdx, WRITELINE_SIZE Select Edit | Preferences > General > click ‘Suppress X Warnings’
syscall ; invokes the kernel service SYS_WRITE Edit ~/.ddd/init. Find the line set extended-prompt not set\n\ and
lea rsi, [nodename] ; RET (line 83) takes you change it to set extended-prompt\n\ . This will prevent ddd from
back to line 37 displaying an hourglass cursor and not responding to commands.
... You can also define and save an alias to to do this:
Let’s prove that it does what we said it should do by alias fix-ddd=’sed “/not set/d” -i ~/.ddd/init’
running in the debugger. Launch the debugger by typing
ddd uname at the command line.
WriteNewLine method or click the Step button to step
What the hell is going on? into the WriteNewLine method. After one Next click,
Your screen should look something like Figure 6 (below or several Step clicks, you’ll end up with the green
right). Select Status > Registers to show the Registers arrow pointing to the instruction on line 32.
window and View > Execution Window. You set a Continue to Step and Next through the program until
breakpoint by right-clicking the beginning of line 28 and you reach the end. Hopefully, with every Step and Next,
selecting Set Breakpoint. That puts the red stop sign on you ended up with the instruction pointer pointing to
line 28. You then click the Run button on the Command the instruction you expected. Make sure you
Window. The green arrow next to the stop button understand what each call to writeHeader and
shows you that the action has halted and you are about writeData causes to happen in the execution window.
to execute the instruction at line 28. Consider what Next issue, things get really interesting…
should happen next.
The SYSCALL instruction at line 25 told Linux to
perform the SYS_UNAME service. Linux indicates
success by placing a 0 in RAX before it returns to your
program. Look at RAX on the top line of the Registers
Window. You can see that it does contain 0. In line 27
you compare the contents of RAX to 0. The CMP
(compare) instruction is like performing a subtraction
without saving the result.
So where is the result? It’s in the eflags register at
the bottom of Figure 6. The ZF on that line tells you that
the Zero Flag is set. But our instruction on line 28 tells
us to Jump if Not Zero ( JNZ ) to the label at line 60. So
what’s the CPU going to do? If you said that it’s not
going to jump, you’d be correct!
Click the Step button and you’ll see that the green
arrow (which represents the instruction pointer register
RIP) is pointing to the instruction at line 30. We didn’t
take the jump. Click the Next button to step over the Figure 6: uname.asm opened in the DDD debugger.

CODING ACADEMY Minecraft and Python
Part One!
Credit: www.minecraft.net Don’t miss
next issue,
PYTHON subscribe on
page 26!
Building in Minecraft
powered by Python
Calvin Robinson hooks mods into the Minecraft API so that we can
directly interface to it with some Python programming.
inecraft is one of the most versatile video install python should suffice for any Debian-based
M games of all time: it offers an open

environment where the only limit is your
distro (after a sudo apt-get update , of course).
It’s always best to backup your Minecraft folder first,
imagination (well, plus your hardware and your patience before making any changes. It can be found hidden in
– Ed). It is not, however, open source, so the practical your Home as /.minecraft. The keyboard shortcut
OUR limitations are usually the building blocks and macros Ctrl+H can be used in most file explorers to show
available in-game. hidden directories, or use ls -la if you’re not a fan of the
EXPERT That was the case until the Raspberry Pi version of GUI. In a terminal window mv ~/.minecraft ~/minecraft-
Calvin Robinson Minecraft was released, which offers a pretty decent backup should suffice to save a hidden backup.
is a former API. A few hacks here and there with the help of a Extract the new .minecraft directory from
assistant couple of projects called Raspberry Jam and Forge, and McPiFoMo directly into your Home directory. You may
principal and we’re able to access the Minecraft API on Linux and need to sudo apt-get install unrar if your system
Computer hook directly into the game with Python code. doesn’t recognise the RAR file. unrar xe McPiFoMo.rar
Science teacher For the purposes of this tutorial we’re using a ~/.minecraft should then do the trick.
with a degree in pre-packaged toolset called McPiFoMo, which If you have worlds you’d like to carry over, copy the
Computer Games stands for Minecraft Pi Forge Mods (available at Saves directory from your backup .minecraft directory
Design and http://rogerthat.co.uk/McPiFoMo.rar). into the new one using cp –r ~/.minecraft-backup/
Programming Saves ~/.minecraft/ .
BSc (Hons). Getting started
First, download and install the appropriate version of Launch modded Minecraft
Minecraft for your distro of choice. Developer Mojang Launch Minecraft as you normally would, but after
offers pre-packaged solutions for Debian/Ubuntu and logging in select ‘Forge’ as the profile. This should load
Arch (DEB and AUR respectively), and a generic Java Minecraft 1.8 with Forge 11.14. You can play around with
version for everyone else, at www.minecraft.net/ the latest version of Minecraft and download and install
en-us/download/alternative. Next you’ll want to an updated Forge if you wish, but these are the versions
make sure you’ve got Python installed. sudo apt-get we’ve found to be most compatible with Raspberry
Jam. Do let us know if you get more recent versions
running smoothly.
You’ll know you’re running the correct profile when
Hello world you see the version numbers in the bottom left corner
indeed! of the window. Create a new ‘Superflat’ world in single-
player Creative mode, and you’re ready to begin coding.
We’ve included a single ‘Flat’ world pre-installed with
the McPiFoMo package. It might be worthwhile making
a few copies of this to experiment on: just copy the
~/.minecraft/Saves/world directory a few times.
Hello World! Chat commands

Using your favourite text editor, create a new
helloworld.py file and save it in ~/.minecraft/mcpipy
as a Python file (PY), inserting the following code:
from mc import *
mc = Minecraft()

Minecraft and Python coding academy
mc.postToChat(“Hello world!”)
Here we’ve imported the Minecraft module, created
a new instance of it and used the postToChat
command to push a string into the game’s chat. Return
to Minecraft and type /python helloworld . Minecraft
will now run your Python script, which should result in a
chat command saying “Hello world!”.
Of course, to make this code more efficient and
useful later on it might better to replace the string with
a variable, such as with mc.postToChat(chatText) ,
defining the variable chatText beforehand. This
method is particularly handy because Minecraft’s
postToChat function can only accept one parameter
as an input, so if you ever want to pass more than one
string you’ll need to plug them all into a single variable
beforehand. For example, chatText = “String1” +
variable1 + “String2” + variable2 would work fine.
A water-filled glass
By changing the blockID WATER_STATIONARY
doughnut created
Mmm, doughnuts… you can fill the doughnut with any object type within with a ‘for’ loop.
We’ve included some pre-fabricated example scripts in Minecraft. Try filling the glass with lava. Then try
the MCPiPy collection to demonstrate what the module changing the outer shell from glass to TNT.
is capable of. Some scripts of note are star.py,
snowflake.py, sphere.py and lforest.py. One of I like to move Steve, move Steve
these that nicely shows off block placing in specific We can directly control our player character’s position When you’re
coordinates is the donut script (with US spelling): using X, Y and Z coordinates. Create a new Python script coding an item
to appear near
from mc import * in your Python IDE and import the MC module again:
your player
from mcpi import minecraft
character you’ll
def draw_donut(mcx,mcy,mcz,R,r,mcblock): mc = minecraft.Minecraft.create() usually want
for x in range(-R-r,R+r): to add/minus
for y in range(-R-r,R+r): mc.player.setTilePos(20, 20, 20) a coordinate
xy_dist = sqrt(x**2 + y**2) Now we’re using player.setTilePos to directly on the x/y axis,
if (xy_dist > 0): change the position of our player character. Of course, or it’ll appear
ringx = x / xy_dist * R # nearest point on major we can replace these values with variables, to make inside you.
ring things even easier later on:
ringy = y / xy_dist * R x=20
ring_dist_sq = (x-ringx)**2 + (y-ringy)**2 y=20
z=20
for z in range(-R-r,R+r): mc.player.setTilePos(x, y, z)
if (ring_dist_sq + z**2 <= r**2): Now whenever we want to change the player’s
mc.setBlock(mcx+x, mcy+z, mcz+y, mcblock) position, we simply alter the x , y and z variables. Of
course, we’ll need to bear in mind exactly when the
mc = Minecraft()
playerPos = mc.player.getPos() take your tiMe

draw_donut(playerPos.x, playerPos.y + 9, playerPos.z, Python code is sequential, so things will happen pretty
18, 9, GLASS) instantaneously and consecutively, in the order that you’ve
mc.postToChat(“Glass donut done”) programmed them to take place. Whether you’re placing blocks in the
draw_donut(playerPos.x, playerPos.y + 9, playerPos.z, environment or moving your player character around the world, you
18, 6, WATER_STATIONARY) may want to space out your commands and do things at your own
mc.postToChat(“Water donut done”) pace rather than everything happening instantaneously.
To do this we can use Python’s ‘time’ module. Using the time.sleep
command, we can create an artificial gap in our code to temporarily
pause the program. time.sleep(10) would pause the program for 10
seconds before initiating the next line of code. This could be useful if
you wanted a certain block to appear every x amount of seconds, or if
you fancy moving a player around at specific intervals.
In order to use time.sleep , you will need import time code at the
top of your code directly above or below import mc , as with any
other Python module.
Combining time.sleep with a while or for loop is a great way of
automating your code. For example, you could create a bot to drop
random items every few minutes, a bit like having an in-game loot
Remember when all the kids were into Minecraft rather than Fortnite? lottery or airdrop.
It’s a fickle business, gaming.

coding academy Minecraft and Python
mc.player.setTilePos command is called. If it’s part

of an ongoing loop, we’ll be able to update our player’s
Module position at any given time. However, if we’re calling this
commands function once during a sequential piece of code, we’ll
setBlock and need to call it again to update our character’s location.
setBlocks
are mutually Coding blocks
exclusive. As well as moving the player character around, we also
remember if
have the ability to place and move blocks around our
you’re placing
world. By using the setBlock() command we can place
in the singular
or plural to use blocks with specific coordinates.
the correct aPi mc.setBlock(30,30,30,57) A pre-fabricated building created in a fraction of the time it would take
call, or your Again, variables make life easier, so in practicality to build manually. (Where’s the fun in that?!?–ED)
block(s) we’d probably arrange it like this:
won’t spawn. x=30 they’d like the block(s) placed:
y=30 relativeX = input(“How many blocks east of your
z=30 position would you like this block placed? “)
blockID=57 mc.setBlock(relativeX,y,z,blockID)
mc.setBlock(x, y, z,blockID) You can of course do the same for the Y and Z
In Minecraft, type the command /python coordinates.
<YOURSCRIPTNAME> . If you look down to the ground
below your player character, you should see a diamond Building in tables
block has been placed in your world at the fixed Placing blocks one at a time can slow down the process.
coordinates in the x , y and z variables. The blockID There may be instances where we want to place entire
for diamond is 57. You can try replacing this with any rows/columns of blocks at once. We can do this with
other Minecraft block ID such as dirt or grass). vector graphics-style algorithms.
After setting your playerPos and blockID (above),
Player position we need to add variables for rows/columns.
If we assign the player position to a variable, we can use eastWest = 20
it as coordinates for placing blocks, so that we can northSouth = 30
create something around our player. That way we won’t upDown = 40
have to find our diamond blocks – they’ll find us!
playerPos = mc.player.getPos() mc.setBlocks(x,y,z, x+eastWest, y+northSouth,
x=playerPos.x z+upDown, blockID)
y=playerPos.y mc.setBlocks(x+1,y+1,z+1, x+eastWest -1, y+northSouth
z=playerPos.z -1, z+upDown -1, 0)
mc.setBlock(x,y,z,blockID) Notice we’re now using setBlocks instead of
This will place a block exactly where our player is. setBlock . The latter command is for placing singular
You can then offset the coordinates accordingly: x+=1 . blocks whereas the former is for multiple. This function
Remember: x is east/west, z is north/south and y is takes two sets of X, Y and Z coordinates, one for a
up/down. The idea here is that we don’t necessarily starting point and one for an end point. It then places
want the block to appear exactly on our coordinates, blocks at every position between those two points –
as it would be inside our player character – ideally, we hence ‘vector’.
want it to spawn at least one square away from us.
Demolition man
Setting player input Now that we’re familiar with playerPos and setBlock ,
With the addition of a typical input command, we can we can combine the two to turn our player into a
ask the player what type of block they’d like to create. walking bomberman. By moving our earlier code into a
blockID = input(“Which blockID would you like to use? while loop, and with the addition of a simple Boolean,
“) we can make our player drop bombs with every step(s)
Taking that a step further, let’s ask the player where they take:
while True:
playerPos = mc.player.getPos()
x=playerPos.x
y=playerPos.y
z=playerPos.z
mc.setBlock(x,y,z,46)
time.sleep(0.1)
Adjusting the timer in the time.sleep() function will
alter the interval between TNT drops.
A Minecrafter’s
best friend: Talking back
imagine how
handy this
Now that our code is performing all kinds of funky
would be in automatic functions, from moving the player character
Survival Mode. to placing blocks in world, it might be worthwhile

Minecraft and Python coding academy
CoMMon errors
If you receive a ‘Script not found’ error, this probably means that you
don’t have the mod scripts installed in your Minecraft directory.
Check that you’ve replaced .minecraft with the one from McPiFoMo;
this should include mcpipy, which will be full of Python files
(identified by the extension .py).
If you receive a ‘Cannot run program “python”’ error, your game
cannot locate Python. Ensure you’ve got the latest version of Python
installed, and that it’s installed in Path. In a Bash shell, type export
Spawn TNT blocks with every step you take, and see how long it is PATH=”$PATH:/usr/local/bin/python” to check it.
before you ‘accidentally’ blow one up. Should you come into any problems with memory leakage or
infinite loops, you can stop a script that’s running by just typing
programming our game to respond to let us know /python again in Minecraft, as only one script can be run from the
what’s happening in-game. Create an empty text file in game at any given time. If you don’t want to be typing /python into
the same directory into which we’re saving our Python the game every time, you can always run your program directly from
scripts, with: the Python IDLE (using F5).
touch ~/.minecraft /mcpipy/textScript.txt Make sure Minecraft is not only running, but also logged into a
The touch command creates a file in the specified loaded world. It sounds obvious, but you’d be amazed how many
location without putting anything in it. ls -la ~/. times we kicked ourselves after tapping F5 in Python IDLE and
minecraft /mcpipy will show your directory contents wondering why nothing was happening – you need a player character
in a terminal window for confirmation. in a Minecraft world in order for the module to hook into the API.
Now we’ll program our Python script to provide
access to that file with read-only permissions:
textScript = open(”textScript.txt”, ”r”) with open(“script.txt”, ”a”) as textScript:
With the text file opened, we can read its contents textScript .write(”String1” + Variable1)
into a variable and push that straight into Minecraft. We can now use our text document to save all kinds if you see red
mc.postToChat(textScript) of functions and logs, including which blocks have been text stating
Minecraft or
textScript.close() given to the user and what location they were spawned
Python ‘Cannot
Placing the above code inside each function, we can in. For instance, we could replace Variable1 with
find script’ be
have pre-written text scripts to publish set messages variables we used earlier on, including playerPos , x , sure to check
into the game chat. If you want to read text in from your y , z and blockID . That way we can check our text doc the name and
document line by line, the best way is to use textScript after a game session and find out what our player has location of
.readline() . We can of course combine that with the been up to. These kinds of logs are essential when your .py file – it
postToChat function when we need to: creating admin tools, to monitor potential abuse. should be saved
textScript = open(”textScript.txt”, ”r”) We’re now able to get our player character’s in mcpipy.
perLine = textScript .readline() position, set individual or multiple blocks at once
mc.postToChat(perLine) (relative to that position, or absolute in the game
textScript.close() world), chat in game, and to create a script to log all
However, this will only read a single line. To read of these activities.
multiple lines of text from our document we’ll need to In the next issue we’ll be building on these
create a simple for loop: foundations – if you’ll pardon the pun – as we continue
for line in textScript.readline(): our series of tutorials on Python programming in
postToChat(line) Minecraft. Now get out there and cause some havoc…
in the game, that is.
Saving files
The next logical step is to use our text document to not
only print text, but to save it, too. Change our opening
statement from r for ‘read’ to r+ for ‘read and write’:
textScript = open(”~/.minecraft/mcpipy/textScript.txt”,
”r+”)
By specifying the full file path you can use a text
document saved anywhere on your system. This won’t
be very useful if you send your program to someone
else though, which is why it’s usually best to use a
relative filename and ensure the text document is saved
in the same directory as your Python file.
If you need to write a number of lines to your text Set the Y
coordinates to -1
file, for example for saving coordinates, it might be best and you’ll leave
to use the append option (change r+ to a ). You can a path of TNT
then feed in multiple lines at a time: underfoot.
get More Crafty Code tiPs Subscribe now at http://bit.ly/LinuxFormat

On the disc
Discover the highlights from this month’s packed DVD!
DownloaD
your DvD
Get codeand DVD images
www.linuxform
/archives
at.com
at:
a slick gallic spin

start Here min specs: 512KB RAm, 5GB HDD
Mageia 7.1 Plasma

using the lXFDvD
Using Linux for the first time can
be very confusing. It’ll be unlike 64-bit
anything that you’ve likely
operated before, especially if ne distro we feel doesn’t get enough If you’re not running Mageia, there are all
you’re used to Microsoft Windows
or Apple macOS.
Generally our DVDs are designed
o attention is Mageia. Its pedigree lineage
goes back to Mandrake, via Mandriva,
kinds of things you’re missing out on. It features
a 5.1 kernel so supports all the latest hardware,
to be run directly, which is to say
and its name evokes images of magic(k) and and can optionally use the proprietary Nvidia
that when you first power on your wizardry. Mageia comes in three editions: driver straight from the live environment. Just
PC (or Mac) it should ‘boot’ from Plasma, Gnome and Xfce. We’re continuing our choose the appropriate option from the boot
the DVD – so before Windows or dalliance with Plasma this month, because we menu. Check the documentation for tips on
macOS even starts to load – with
think more people need to check out all the hybrid graphics arrangements.
Linux running directly from the
DVD. This trick is known as a Live snazzy and jazzy features introduced recently, Mageia uses RPM packages, like Fedora,
Disc. It enables you to try out the as well as enjoy the generally awesome things and this release offers DNF – Fedora’s Yum
various versions of Linux without KDE Plasma has featured for the past few years. replacement – besides its own Urpmi package
having to install or change anything Mageia 7 was released in early July, too late manager. Of course, you can update everything
on your PC. Just remove the DVD,
restart your PC and it’ll be exactly
to be included on our DVD last issue – and also graphically from Plasma’s Discover or Gnome
as you left it. too early to feature support for Ryzen 3000 Software if you prefer. The Mageia repositories
While many systems will boot hardware. That point is remedied in this new now use zchunk delta compression, so checking
from a DVD when it finds one, release, which is otherwise much the same as for updates may be a lot faster than what you’re
many will not. See below for the its predecessor, so there’s no need to reinstall used to. The Nonfree repository, which gives
standard process for enabling if you’re running Mageia 7 already. Mageia will access to proprietary drivers and firmware, is
booting from a DVD on various
desktops and laptop PCs.
take care of itself till the end of the support enabled by default, and a further Tainted
period (which is until December 2020 at least), repository (not enabled by default) gives access
The alternative option is to
locate the ISO file on the DVD and and you’ll be able to upgrade to the next release to programs and codecs whose redistribution
write this to your own USB thumb long before then. may be legally questionable.
drive and attemp to run that. We
recommend using Etcher from
https://balena.io/etcher that’s
available for Windows, macOS and
Linux. Good luck!
boot the Disc

Many PCs should boot
automatically if they’re turned on
with a disc in the drive. If not, many
offer an early Boot Menu accessed
by tapping a key while powering up
from cold: F9 (HP), F12 (Dell,
Mageia’s
Lenovo), F8 (Amibios) or F11
Control Centre
(Award BIOS). Alternatively, use
is considerably
the BIOS/UEFI to adjust the boot
more stylish
order to start with the optical drive.
than your
Again, this is accessed by tapping a
average settings
key during power up, usually Del
panel.
but sometimes F1 or F2. Some new
UEFI PCs require access via
Windows: holding Shift select its
Restart option. If you’re still having important notice!
problems using the DVD visit: Defective Discs: For basic help on running the disc or in the unlikely event of your
www.linuxformat.com/
dvdsupport Linux Format coverdisc being in any way defective, please visit our support site at
www.linuxformat.com/dvdsupport. Unfortunately, we’re unable to offer advice on
Mac owners: Hold the C key
while powering on your system using the applications, your hardware or the operating system itself.
to boot from the disc.
96 LXf254 September 2019 www.linuxformat.com

anD more!
powerFul but ligHtweigHt
min specs: 1GHz cpU, 1GB RAm, 5GB HDD the lXF Library
Advanced Bash
Q4OS 3.8 Plasma

Scripting Guide
Go further with shell scripting.
64-bit
Bash Guide for Beginners
ow, it’s been a long time since Q4OS can’t (see below). Q4OS is built on the latest Get to grips with the basics
w last featured on our DVD – more than

a year, in fact. To remedy that we bring
Debian 10 Buster release, so features a 4.19
series kernel, coupled with a reasonably new
of Bash scripting.
Bourne Shell Scripting

you not one but two editions of the latest Plasma 5.14. This is an LTS release too, so will First steps in shell scripting.
Centaurus release: the flagship 64-bit Plasma be supported for at least five years. The Cathedral and
one, which you can try out straight from the Q4OS’s Desktop Profiler makes it easy to the Bazaar
Eric S Raymond’s classic text
DVD, and the 32-bit Trinity edition, which you install additional desktops, including but not
explains the advantages of
limited to MATE, LXQt and Xfce, as well as open development.
choose from predefined software bundles.
Proprietary codecs are much easier to install The Debian Book
than in Debian too; you can do it with a single Essential guide for sysadmins.
click from the Welcome screen. Various third- Dive Into Python
party applications can be easily installed from Everything you need to know.
here too, and the proprietary Nvidia driver is Introduction to Linux
likewise only a few clicks away. A handy guide full of pointers
for new Linux users.
We’d be hesitant to recommend Debian to
beginners, but have no such qualms with Q4OS. Linux Dictionary
Q4OS is great for seasoned Linux users too – The A-Z of everything to do
with Linux.
If you think about it, a centaur has two ribcages – and frankly you can start off with a lean install and add only
we find that terrifying. what you need. Linux Kernel in a Nutshell
An introduction to the kernel
written by master hacker
Greg Kroah-Hartman.
super ligHtweigHt The Linux System

Administrator’s Guide
min specs: 300mHz cpU (pAe not ReqUiReD), 128mB RAm, 3GB HDD Take control of your system.
Tools Summary
Q4OS 3.8 Trinity 32-bit

Overview of GNU tools.
GNU Emacs Manual
Six hundred pages of
essential information!
rinity (aka TDE) is the continuation of you’ll want to boot in Classic BIOS mode. If you
t ye olde – and, dare we say, Windows

XP-style – KDE 3.5 desktop, and can
have other OSes installed through UEFI, they
won’t be available until you re-enable it.
Producing Open
Source Software
Everything you need to know.
run on the most modest of hardware. There’s The Konqueror web browser is a nice bit of
no live edition, and sadly we couldn’t get the nostalgia, and is impressively fast, but you’ll Programming from
install ISO to work with the lXFDvD menu, so want to install something else for compatibility the Ground Up
Take your first steps.
you’ll need to write the ISO from the /Q4OS with the new-fangled websites of today.
directory on the DVD to a USB or optical
medium in the usual way.
Once you’ve done that you can enjoy desktop
Linux as it used to be, all built on a strong and
stable Debian base. The initial install occupies
a paltry 1.5GB, but if you add the common
applications bundle this will double. Trinity
comes with desktop effects turned off by
default, but if you have more capable hardware
turn them on to add a modern twist to your
classic desktop. Note that this edition is not They don’t make file managers like this any more. Actually
compatible with UEFI, so on newer systems they do, so this is a bit of a silly caption.
new to linuX? start Here…

Never used a Linux before? Here are some handy resources:
Read our quick-install guide http://bit.ly/LXFinstall Looking for an answer?
https://askubuntu.com Want to delve more deeply? https://linuxjourney.com
www.techradar.com/pro/linux September 2019 LXf254 97

LXF255
The #1 open source mag
Future Publishing Limited,
will be on sale
Quay House, The Ambury, Bath, BA1 1UA
Email [email protected]
Tuesday
EDITORIAL
Editor Neil Mohr
Hostage negotiator Jonni Bidwell
24 September Art editor Efrain Hernandez-Mendoza

Production editor Ed Ricketts
2019
Group editor in chief Graham Barlow
Senior art editor Jo Gulliver
Editorial contributors
Michael Bedford, Neil Bothwick, Christian Cawley,
Matthew Hanson, Jon Masters, Nick Peers, Aaron
Peters, Les Pounder, Mayank Sharma, Shashank
Sharma, Mihalis Tsoukalos, Alexander Tolstoy
Cartoons Shane Collinge
Cover illustration magictorch.com
Raspberry Pi is a trademark of the Raspberry Pi Foundation.
Tux credit: Larry Ewing ([email protected]) and The GIMP.
ADvERTIsIng
Media packs are available on request
Commercial sales director Clare Dove
[email protected]
Senior advertising manager Lara Jaggon
[email protected]
Head of commercial – Technology Dave Randall
[email protected]
Account director Andrew Tilbury
[email protected]
InTERnATIOnAL LIcEnsIng
Linux Format is available for licensing. Contact the
Licensing team to discuss partnership opportunities.
Head of Print Licensing Rachel Shaw
[email protected]
subscRIpTIOns & bAck IssuEs
Web www.myfavouritemagazines.co.uk
Email [email protected]
UK 0344 848 2852 World +44 (0) 344 848 2852
The perfect
cIRcuLATIOn
Head of newstrade Tim Mathers
pRODucTIOn AnD DIsTRIbuTIOn
Head of production UK & US Mark Constance
Production project manager Clare Scott
Advertising production manager Joanne Crosby
Digital editions controller Jason Hudson
Linux install
Production controller Nola Cokely
ThE mAnAgEmEnT
Chief content officer Aaron Asadi
Editorial director William Gannon
Brand director Andy Clough
Head of art & design Rodney Dive
Commercial finance director Dan Jotcham
Printed by Wyndeham Peterborough, Storey’s Bar
Road, Peterborough, Cambridgeshire, PE1 5YS
Distributed by Marketforce, 5 Churchill Place, Canary
Wharf, London, E14 5HU www.marketforce.co.uk
Anyone can install Linux, but only Jonni can Tel: 0203 787 9001
LINUX is a trademark of Linus Torvalds, GNU/Linux is abbreviated to Linux
throughout for brevity. Where applicable code printed in this magazine is licensed
install Linux perfectly… now he’ll show you how!

under the GNU GPL v2 or later. See www.gnu.org/copyleft/gpl.html.
All copyrights and trademarks are recognised and respected.
Disclaimer All contents © 2019 Future Publishing Limited or published under

licence. All rights reserved. No part of this magazine may be used, stored,
transmitted or reproduced in any way without the prior written permission of the
publisher. Future Publishing Limited (company number 2008885) is registered in
Light, lighter, lightest!

England and Wales. Registered office: Quay House, The Ambury, Bath BA1 1UA. All
information contained in this publication is for information only and is, as far as we
are aware, correct at the time of going to press. Future cannot accept any
responsibility for errors or inaccuracies in such information. You are advised to
contact manufacturers and retailers directly with regard to the price of products/
services referred to in this publication. Apps and websites mentioned in this
We put the lightest Linux distros through their paces to see publication are not under our control. We are not responsible for their contents or any
other changes or updates to them. This magazine is fully independent and not
affiliated in any way with the companies mentioned herein.
which is the best for running your older or slower systems. If you submit material to us, you warrant that you own the material and/or have
the necessary rights/permissions to supply the material and you automatically grant
Future and its licensees a licence to publish your submission in whole or in part in
any/all issues and/or editions of publications, in any format published worldwide and
on associated websites, social media channels and associated products. Any
Ubuntu web server

material you submit is sent at your own risk and, although every care is taken, neither
Future nor its employees, agents, subcontractors or licensees shall be liable for loss
or damage. We assume all unsolicited material is for publication unless otherwise
stated, and reserve the right to edit, amend, adapt all submissions.
All contents in this magazine are used at your own risk. We accept no liability for
It’s the idiot’s guide to setting up your own, reasonably any loss of data or damage to your systems, peripherals or software through the use
of any guide.
secured web server – for blogs, for fun and for profit! We are committed to only using magazine paper which is derived
from responsibly managed, certified forestry and chlorine-free
manufacture. The paper in this magazine was sourced and
produced from sustainable managed forests, conforming to strict
The Google Fuchsia future

environmental and socioeconomic standards. The manufacturing
paper mill and printer hold full FSC and PEFC certification and
accreditation.
Future is an award-winning international media group and

When Google writes its own open source kernel from scratch leading digital business. We reach more than 57 million
international consumers a month and create world-class
you have to sit up and take notice. Are Tux’s days numbered? content and advertising solutions for passionate consumers
online, on tablet & smartphone and in print.
Love Android
We continue our quest to make Android a more open source-
friendly place that plays nice with your Linux desktop. Future plc is a public Chief executive Zillah Byng-Thorne
company quoted on the Non-executive chairman Richard Huntingford
London Stock Exchange Chief financial officer Penny Ladkin-Brand
(symbol: FUTR)
www.futureplc.com Tel +44 (0)1225 442244
Contents of future issues subject to change – we might have lost Jonni to his sabbatical!
98 LXF254 September 2019

LXF - 254 - September 2019

Uploaded by

Copyright:

Available Formats

LXF - 254 - September 2019

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

LXF - 254 - September 2019

Uploaded by

Copyright:

Available Formats

9000 9001

TAKE NOTE! MINECRAFT

The #1 open source mag

DON’T PAY THE…

g sto len Bea t h ack ers

Robin Schumacher Connect Android devices

Win a secure Nitrokey Storage 2

www.techradar.com/pro/linux September 2019 LXF254 3

AMD Ryzen 3000

Text editors 28 Robin Schumacher 42

4 LXF254 September 2019 www.linuxformat.com

OLED display monitor 52

CODING ACADEMY DESIGN: Sweet Home 3D 64

CUSTOMISE: Suckless Tools 76

www.techradar.com/pro/linux September 2019 LXF254 5

Blender 2.80 arrives

lender (www.blender.org) is arguably engine, while the 3D Viewport

B the most popular open-source 3D

6 LXF254 September 2019 www.linuxformat.com

Valve’s on a mission to Linux vr

V games such as Half-Life and Portal (and

The Linux desktop moves to VR KDE desktop from VR.

V around, whether you like it or not,

www.techradar.com/pro/linux September 2019 LXF254 7

CREDIT: msykos, www.flickr.com/photos/

GREATER Kazakhstan internet

8 LXF254 September 2019 www.linuxformat.com

www.techradar.com/pro/linux September 2019 LXF254 9

10 LXF254 September 2019 www.linuxformat.com

LinuX useR gRoups

Find and Join a Lug Blackpool Raspberry Jam

Community events news

www.techradar.com/pro/linux September 2019 LXF254 11

A I too had a Logitech trackball. Mine

12 LXF254 September 2019 www.linuxformat.com

Mint and its brethren give the user that

Q Missing Mint modem

www.techradar.com/pro/linux September 2019 LXF254 13

Lastly, and this is actually the first thing

A You can do this, and the mechanism

Get help now!

14 LXF254 September 2019 www.linuxformat.com

Not compatible? Linux-compatible. There’s certainly a large range of

WIN A SECURE NITROKEY STORAGE 2

* For full terms and conditions see: www.futureplc.com/terms-conditions

16 LXF254 September 2019 www.linuxformat.com

parts, which you can and should look up beforehand,

Neil says 1Mbps region, so

www.techradar.com/pro/linux September 2019 LXF254 17

18 LXF254 September 2019 www.linuxformat.com

does beat Intel’s i9-9980XE, if you’re thinking about a

www.techradar.com/pro/linux September 2019 LXF254 19

20 LXF254 September 2019 www.linuxformat.com

coprocessor, the chip family used on Arduino boards,

www.techradar.com/pro/linux September 2019 LXF254 21

22 LXF254 September 2019 www.linuxformat.com

Sparky Linux 2019.08

www.techradar.com/pro/linux September 2019 LXF254 23

Ordering is easy. Go online at:

GamEPlay 8/10 lonGEVITy 7/10