Linux Voice [Issue 13]

Authors Linux Voice

Plaintext

THE BIGGEST AND BEST LINUX MAGAZINE IN THE WORLD

April 2015

Raspberry Pi 2 Six times the
processing
Same GPIO pins – power of your old
all your robots are Raspberry Pi
still belong to Pi

Still made in Wales/
Double the RAM! dal a wnaed yng
Nghymru

Still only $35

Run Chrome and
LibreOffice at the
same time!

Why you need the next-generation machine that’s changing everything

BRUCE SCHNEIER Cameron plan “completely idiotic”
A pril 2015 £5.99 Printed in the UK

DDRESCUE When disaster strikes, your data is not lost
PROFIT SHARING Cast your votes to help the FOSS community

GLOBAL XPRIZE FREEDOM FOR PHONES

JONO BACON CYANOGENMOD
How to harness a Take back control of your
worldwide community phone with the non-evil
of geeks to save the world Android alternative

36+ PAGES OF TUTORIALS SQUEEZELITE ANDROID DDRESCUE IRC PYTHON LANGUAGES ARDUINO QT ASSEMBLER
WELCOME

The future is penguin
The April issue

Linux Voice is different.
Linux Voice is special.
Here’s why… GRAHAM MORRISON
A free software advocate
At the end of each financial and writer since the late
1
year we’ll give 50% of our 1990s, Graham is a lapsed
profits to a selection of KDE contributor and author
organisations that support free of the Meeq MIDI step
software, decided by a vote among sequencer.
our readers (that’s you).

A SUBSCRIBE
s I write this, February’s frost is still biting the snowdrops
No later than nine months and yet 2015 has already been an exciting year for lovers
2
after first publication, we will
relicense all of our content under
of Free Software. In the UK, we’ve had politicians expound
their usual (and contrived? and wilful? and negligent?) ignorance of
ON PAGE 64
the Creative Commons CC-BY-SA technology, with their comments on end-to-end encryption. We’ve
licence, so that old content can witnessed a new and particularly awesome Raspberry Pi launch
still be useful, and can live on even (see page 20) and I’m heading off to London tomorrow for the
after the magazine has come off insiders’ launch of Canonical’s long-awaited and awesome-looking
the shelves. Ubuntu Phone. In the US, the Federal Communications
Commission has just backed Net Neutrality after a long fight to
We’re a small company, so ensure the internet remains a level playing field for our data.
3
we don’t have a board of Computer technology has obviously been vital for half a century
directors or a bunch of or more. But it finally feels like it’s becoming part of our social
shareholders in the City of London fabric, and Linux and open source is the facilitator for helping many
to keep happy. The only people people achieve what they want to achieve – it’s the keystone in the
that matter to us are the readers. technological arch. It’s corny, but it’s true.

THE LINUX VOICE TEAM Graham Morrison
Editor Graham Morrison Editor, Linux Voice
graham@linuxvoice.com
Deputy editor Andrew Gregory

What’s hot in LV#013
andrew@linuxvoice.com
Technical editor Ben Everard
ben@linuxvoice.com
Editor at large Mike Saunders
mike@linuxvoice.com
Games editor Liam Dawe
liam@linuxvoice.com
Creative director Stacey Black
stacey@linuxvoice.com
Malign puppetmaster Nick Veitch
nick@linuxvoice.com
Editorial contributors:
Mark Crutch, Andrew Conway, Liam
Dawe, Richard Delaney, Marco Fioretti, MAYANK SHARMA BEN EVERARD MIKE SAUNDERS
Juliet Kemp, John Lane, Vincent “I loved Andrew Conway’s tutorial “Mike was able to meet a “Ben does his usual exceptional
Mealing, Simon Phipps, Les Pounder, on using the command line to longtime hero of mine – Bruce job at dissecting the new
Mayank Sharma. grab share prices in an attempt Schneier. It was only brief chat, Raspberry Pi hardware – I can’t
to shed light on the markets.” p90 but truth is indivisible.” p28 wait to get mine!” p20

www.linuxvoice.com 3
CONTENTS

April LV013
Welcome to 114 pages of Linux and Free Software goodness.
20 REGULARS
SUBSCRIBE News
06
ON PAGE 64 LibreOffice comes to Android
and Systemd continues to
take over the world.
08 Distrohopper
Bodhi Linux makes a
welcome return to the Linux
distro landscape.

10 Gaming
The best time-wasters for
Linux – including a Syndicate
reboot. We can’t wait.
Speak your brains

Raspberry Pi v2
12
Email letters@linuxvoice.com
to share your words with the
Linux Voice hive mind.
Why you need one (or two, or three) of these brilliant 16 LV on tour
The Antipodes’ biggest Linux
little machines in your life. conference, live from the land
of the long white cloud.

28 Bonus interview
Security guru Bruce Schneier
40 on the flaws inherent in
banning encryption.
Jono Bacon 44 Inside the FSFE
The Free Software
Builds communities, Foundation’s European
cousin says hello.
solves problems, helps Group test
humanity and records 58
BSD distros – because Linux
isn’t the only alternative
music to scare small operating system.
children. Oh, and he 64 Subscribe!
used to be the Ubuntu Get Linux Voice every month,
plus all our back issues in
community chap. PDF format, from just £38.

66 Core technologies
Get more out of your terminal
sessions with two essential
tools – screen and tmux.
68 FOSSpicks
The freshest Free Software,
rounded up and herded into
six winning pages.
108 Masterclass
Keep unwanted packets out
30
CYANOGENMOD 34
PROFIT SHARING 38
FAQ: PULSEAUDIO of your network with the Linux
How one company is We promised to make The force at the heart kernel’s built-in firewall.
fighting back against a contribution to help of your Linux setup’s 114 My Linux desktop
Google’s attempts to Free Software – help sound system Kernel hacker and Pi tinkerer
Mark Einon show us the goods.
harvest every last bit us decide which unveiled, explained
of your phone’s data. projects to help. and demystified.

4 www.linuxvoice.com
TUTORIALS REVIEWS
76 78

50 KDE Plasma 5.2
This desktop environment
Stream audio with App Inventor 2: is getting slicker with each
release, and more stable too.
Logitech Media Server Create an Android app
Pipe your music through the Drag and drop blocks of code to
house from a central server. build a simple smartphone app.

82 86

52 LibreOffice 4.4
The “most beautiful” release yet
of our favourite office suite. It
even makes us better writers!

Get work off a broken IRC:
disk with ddrescue Internet Relay Chat
Know the tools that will save Understand the protocol, then
your hide when disaster strikes. write your own chat client.

90 94
53 Icaros Desktop 2.0.3
Re-live the glory days of the
Amiga with this simple, retro
operating system.

54 CubieBoard A20
The latest ARM board to
enhance your home hardware
hacking projects.
Python: Keep an eye on Olde Code:
Books Outside of a dog, a book
the stock market A languages primer
54

is man’s best friend. Inside of a
Analyse masses of financial data Brace yourself for a whirlwind dog it’s too dark to read.
with Free Software. tour through programming.
98
Arduino hardware 102
Code Ninja: 104
Assembly
enablement Python and Qt language
Write a driver for a Build a browser in Conditions, loops
cheap display. 20 lines of code. and variables.

www.linuxvoice.com 5
ANALYSIS

NEWSANALYSIS
The Linux Voice view on what’s going on in the world of Free Software.
Opinion

OSCON – a tradition endures
Welcome back to the European side of the Atlantic.

Simon Phipps of the LAMP stack –including the Perl Given the O’Reilly focus on programming
is president of the programming language. Perl’s creator Larry languages and tools, the conference
Open Source Initiative
Wall became an institution with his State Of has traditionally been arranged around
and a board member
of the Open Rights The Onion speeches. them. But the 2015 edition is going to be
Group and of Open different. Rather than arranging the event
Source for America. From Perl to open source around technology families, the organisers
In 1998 a gathering of people convened by have decided to pivot and organise
O’Reilly and concerned about helping around aspects of technology life. Rachel
businesses benefit from free software Roumeliotis, O’Reilly’s new content director
coined the term “open source” to avoid the and OSCON co-chair, says “our new track

T
he flagship conference of America’s ambiguous word “free” and describe the system is set to focus on issues that
open source communities is holding pragmatic embrace of software freedom. engineers face during a project and in their
its 16th event this year. Back in 1997, The term caught hold and in 1999, O’Reilly daily job. This reflects the open source world
Tim O’Reilly was making an impact with his renamed his conference “The Open Source that we see around us. Rarely is an engineer
technology books. His core business idea, Convention” – OSCON. Starting out as a solely using one language or framework–
built over a decade of publishing experience California event and then moving to these days, there are often several great
preceded by a decade of consulting, was to Portland, Oregon, the conference became a tools for the job, including SaaS, PaaS,
find the innovators who were writing the fixture in the American open source scene. proprietary and open source offerings.”
emerging software tools – usually for UNIX I’ve been attending it since the 2000
and its compadres – and getting them to edition in Monterey, CA, when Sun released Fresh start
write the sort of manuals that proprietary OpenOffice.org as open source for the first The content at OSCON comes from
vendors would issue with their software. time. While I’ve been a keynote speaker community experts and has historically
Having been one of the first businesses to more than once as well as a regular session been much more diverse than would be
benefit from what would become the web speaker, I attend because of who else is expected at conferences run by technology
bubble, after selling the Global Network there. It attracts a Who’s Who of open vendors. Traditionally the paper selection
Navigator search portal to AOL, O’Reilly source, and the “hallway track” – meeting process has involved a large volunteer
Media was ready for growth. people casually outside sessions – is the committee vetting proposals and then
As anyone building a software-related best value destination of open source the conference co-chairs shaping the
business soon realises, you have to run relationship building outside Europe’s final agenda based on their input. That
conferences for your customers to gather. enormous FOSDEM event. has often left a feeling that the content is
That attracts more people to become OSCON is showing renewed attendance somewhat random. But this year, O’Reilly
customers, as well as gathering people as a new generation of developers shows is introducing the concept of track chairs.
from the wider ecosystem. O’Reilly’s growth up to hear about a new generation of Roumeliotis reckons “Track chairing will
strategy was thus to start a conference technologies. These days, open source is involve managing the reviewing for that
to serve his community. Given the power the default rather than an exception, with track, setting the tone and schedule for the
of programmers to set the agenda in the open source components dominating every day or half day, and working to ensure that
emerging web industry, it was natural mainstream technology stack from bottom an attendee would be able to stay with one
to focus the event on the powerhouse to top. track from beginning to end.”
OSCON in 2015 is beginning to sound like
a conference reborn. More than that, OSCON
“OSCON is showing renewed attendance as a new Europe is back too, in Amsterdam at the
generation of developers show up.” end of October. It’s good to see that some
traditions are durable!

6 www.linuxvoice.com
ANALYSIS

Tizen • Laptops • Systemd • Compute Stick • LibreOffice for Android • Gnome

CATCHUP Summarised: the biggest news
stories from the last month

Samsung launches its Big vulnerability in Glibc Dell announces M3800
1 first Tizen smartphone 2 gethostbyname routine 3 laptop running Ubuntu
Samsung’s Android-based After Heartbleed and If the XPS 13 isn’t beefy
devices have largely been market Shellshock, it seems that all high- enough for you, Dell has announced
successes, but the company isn’t impact security vulnerabilities now a more powerful “mobile workstation”
hedging all its bets on a single OS. It has need catchy nicknames. “Ghost” is a with a 15-inch screen, Core i7 chip and
also been working on Tizen, another buffer overflow in the GNU C library’s up to 16GB RAM. We’re being sent
Linux-based platform, and has now gethostbyname routine, which is used one – stay tuned. http://tinyurl.com/
announced the first mobile phone to by a huge number of programs and kqmcvy6
ship it. The Z1 is only available in India could potentially lead to arbitrary code
right now, has a 1.2GHz dual-core CPU, execution. Strangely enough, this was
768MB RAM and a 4-inch screen, and actually fixed in the Glibc source code in
costs a smidgen over £60. So it’s not a 2013, but it wasn’t marked as a security
powerhouse, but an entry-level model. fix and therefore not backported to
http://tinyurl.com/samsungz1 older long-term-support distros.

Intel Compute Stick turns Systemd keeps growing; Party like it’s 1995: EISA
4 TVs into Linux boxes 5 gets a boot loader 6 support stays in Linux
It’s four inches long, plugs into If you’re not a fan of Systemd, A useful discussion came
a TV’s HDMI port, and contains pretty you might find this overkill, but there are up on the Linux kernel mailing list in
much everything you need in a basic technical arguments about linking the January: one developer posted a patch
computer: a quad-core Atom CPU, 1GB bootloader, PID 1 (init system) and basic to remove support for EISA, a bus
of RAM, 8GB of on-board storage, a low-level utilities together for a more standard for connecting add-on cards
micro-SD slot, Wi-Fi and a USB port. Not cohesive system. Lennart Poettering that was popular in the late 80s and
bad for $89. Intel is marketing these and Kay Sievers are considering adding early 90s. Linus Torvalds rejected the
gizmos at consumers (eg for browsing the Gummiboot loader into Systemd, to patch, however, stating: “If we actually
the web from your couch or watching “implement the full trust chain from the have a user, and it works, then no, we’re
streaming media services), embedded firmware to the host OS, if SecureBoot is not removing EISA support. It’s not like
devices (such as web kiosks) and available”. Here’s more on what’s to it hurts us or is in some way
businesses (thin-client solutions). come in Systemd this year: fundamentally broken”. So there’s the
http://tinyurl.com/nrmx5n2 http://tinyurl.com/systemd2015 proof: Linus can indeed be nice.

LibreOffice Viewer Gnome (briefly) takes first
7 available for Android 8 place in Arch statistics
It’s currently in beta, and Which is the most popular
it can’t do much aside from looking desktop among Arch Linux users?
at basic documents right now, but Something packed with features like
LibreOffice is gradually heading to KDE, or minimalist and keyboard-driven
our mobile devices. Support for like i3, right? Well, Gnome 3 managed
more complex documents – along to take the top spot for a while, which
with editing facilities – will follow. It’s surprised many due to that desktop’s
available as a free download in the focus on new users and limited
Google Play store, and is a joint effort customisation options. It certainly got
between Collabera and Smoose BV. plenty of debates raging on the web.
Early user reviews have been positive, KDE has since grabbed the top slot, but
despite the inevitable bugs. the other stats are worth a look: www.
http://tinyurl.com/lo4android archlinux.de/?page=FunStatistics

www.linuxvoice.com 7
DISTROHOPPER

DISTROHOPPER
Our pick of the latest releases will whet your appetite for new Linux distributions.

Evolve OS
A new distro with a new look.

T
here are two things that make
EvolveOS unique: The desktop and
the package manager. The Budgie
desktop environment takes the best of GTK 3
and brings it into one really good looking
desktop. If feels like the Budgie developers
have taken the good bits of Gnome 3 and
Unity and combined them with the simple
usability of Gnome 2 to create something
wonderful. They haven’t recreated all the
basic software; instead they rely on the
Gnome 3 software stack even for things as
integral as the file manager and the terminal.
Our one reservation is about the menu. At
the moment, it consists of all your software
in a big list with no hierarchy (although it is Evolve OS comes from Ikey Doherty, the man behind the excellent SolusOS.
grouped by type). We tend to have a lot of
software installed, and this approach feels Pardus (which has now dropped it in favour systems, leaving a simpler command
like it could get cumbersome quite quickly. of apt-get). The idea behind eopkg (and Pisi) syntax.
Hopefully this is something that will be is to build a new package manager that cuts We’re rarely excited about a new distro,
changeable in the final release. out the cruft that older package managers but we are about Evolve OS. It’s still in Beta
The package manager is called eopkg, and like Yum and apt-get have acquired from at the moment, but we’re expecting great
is a fork of Pisi, which was developed for themselves being wrappers over other things from it.

Netrunner
Regular or rolling releases: take your pick.

K
DE is a wonderful desktop Netrunner comes in two versions: the
environment, but it has terrible standard version is based on Ubuntu, and
default settings. That means you Netrunner is sponsored by the same
either have to find a distro that makes it look company as Kubuntu (Blue Systems), while
nice, or do it yourself. Netrunner comes with Netrunner Rolling is based on Arch (via
one of the best KDE configurations around. Manjaro) and is compatible with the Arch Want a good-looking KDE version without
The cashew is tucked out of the way and not User Repository. Which one is best depends spending hours configuring it yourself?
left to confuse users, the Homerun kicker on how you feel about rolling releases. Both Netrunner could be for you.
provides an easy way of launching have the same great KDE interface, but they
applications, and the blue and grey colour offer quite different experiences because the The rolling release, on the other hand, will
scheme is inoffensive without being boring. standard version is built on Ubuntu LTS, constantly chase the latest software giving
The one thing we’re not sure about is the which should remain fairly unchanged for you a more up-to-date system, but with a
transparent blue window decoration, but at the next four years (unless you want to higher potential for breaking things. The
least it’s better than the usual blue glow. update it sooner). choice, as they say, is yours.

8 www.linuxvoice.com
DISTROHOPPER

Bodhi 3.0.0
In search of Enlightenment.

I
n September 2014, Jeff Hoogland
stepped down from his role leading
Bodhi Linux. Others offered to take on
the job, but it seems that he just couldn’t
stay away. Jeff’s back at the helm of the
project, and version three is on the way. The
second release candidate of Bodhi 3 is out,
so we have a chance to see what’s in store.
Bodhi is based on the Enlightenment
desktop, so looks unlike almost any other
distro out there. It’s particularly well suited to
lower-specced computers, but still comes
with graphical flourishes. There’s a legacy
version designed to support older
computers, which is designed to work with
machines too old to support the PAE
processor feature. The legacy version also
has a slightly older version of Enlightenment.
Perhaps the most unusual thing about
Bodhi is the web-based App Centre, which
enables you to install software straight from Don’t let the eye candy fool you. Bodhi really does run well on older hardware.
your web browser. Actually, it’s not that
unusual. It comes to Bodhi from Ubuntu and really taken to the idea of installing software We’re glad to see Bodhi back, and Jeff
most Ubuntu derivatives have it. There’s also through a web browser, so we’re looking Hoogland at the helm. It’s a great distro, and
a similar feature in OpenSuse. The problem forward to seeing whether Bodhi can make the Linux world would be a poorer place
is that users of these distros have never this work where others have failed. without it.

Ubuntu 4.10 The birth of a new age

Back in the early years of the new millennium, Linux was a complex
beast to use. Things broke – a lot – it fixing them wasn’t easy. Even
installing most distros required more knowledge about your
computer than the average user had. One man set out to change this,
and create “Linux for human beings”. That man was Mark
Shuttleworth, and the distro was Ubuntu.
Warty Warthog, the first version, released in October 2004, came
as both a live CD and an installable distro. At the time, that was quite
a rare thing. There were live distros (such as Knoppix and Demo
Linux), and there were normal distros, but bringing the two together
meant you could try out Linux, then install exactly the same thing.
The earthy tones of the colour scheme may not have been to
everyone’s taste, but the Gnome 2 desktop worked well, and the
publicity the distro received attracted many people from outside the
Linux world. We meet many people today who trace their Linux using
back to Warty Warthog.
These days, Ubuntu is best known for the controversies over Mir
and Unity, but these are blips in its 10-year history. Ubuntu was – and
still is – Linux for regular people who want a distro to just work. By
focussing on this aspect, it changed the trajectory of desktop Linux
as a whole and made it more accessible. For this it should be
commended. We look forward to another 10 years.

In hindsight, shades of brown may not have been
the most flattering colour scheme, but they did
make Linux look less threatening.

www.linuxvoice.com 9
GAMING ON LINUX

GAMING ON LINUX
The tastiest brain candy to relax those tired neurons

R.I.P. ETHELRED
Planetary Annihilation
Strategy on the grandest scale we’ve ever seen.

P
lanetary Annihilation is a game we’ve Another highlight of the game is the minimap,
covered before, albeit quite briefly, and which is essentially the game being played again
since we last looked at it the real-time- in a small window that you can move around,
strategy game has come on in leaps and bounds and you can switch your main view to where
compared to the earlier releases. you’re looking on the minimap at any time.
This is the biggest strategy game Linux has, There’s a lot to like about Planetary Annihilation,
and now that we have been able to spend a lot with multiplayer lobbies enabling you to easily
Liam Dawe is our Games Editor and
the founder of gamingonlinux.com, of hours with it we can safely recommend it for join games with other players, and ranked
the home of Tux gaming on the web. strategy fans, as to put it simply it’s “smashing”. matchmaking to test your mettle against other
If you don’t get that pun here’s a tip: you can players, and gain places in the leaderboards.

O
penGL has been getting a lot smash entire moons into planets by building It turns out we are pretty pants at the game
of flak from some prominent massive engines on them, hence the use of the compared to most people. There are a couple
names, and a lot of people
word “smashing”. of rough edges, but it’s being polished up to be
have agreed that something needs to
be done, and soon. Luckily, Khronos One of the most recent updates added a a good experience, as with our testing we didn’t
Group, who oversee OpenGL building that fires units from one planet to find too many crashes for the Linux version at all.
development, have been listening, another, giving the game another possible You will also need a fairly decent gaming rig
and glNext will be unveiled this year strategy element. to get full enjoyment out of it, as even on one
at the Game Developer Conference.
It’s not for gamers looking to hop in and out, as of our best rigs the game became increasingly
The major problems with OpenGL
include vastly different driver support the average game will last at least half an hour sluggish as more units and buildings are created
across manufacturers like AMD, for anyone reasonably good at it. That’s actually on each side, and the problem gets worse with
Nvidia and Intel. AMD graphics card one of the highlights, as you get a lot of time to more players.
users will have seen this the most, plan your attack: are you going to conquer by
with the official Catalyst driver often Store http://store.steampowered.com/app/233250
land, sea, air or space?
performing far worse than Nvidia
across many games.
Luckily, glNext already has backing
Is that the death
from big companies like Valve, Unity
and Electronic Arts, so we could see
star? Oh god it’s
some bigger games coming to Linux firing at me!
if companies like EA are already
interested in the new API.
For gamers, glNext should mean
better performance, and that’s what
we all really care about, right? We
have some serious competition from
Microsoft with DirectX12 and AMD
with their Mantle API, so OpenGL has
a lot of catching up to do with glNext,
and plenty of developers hearts to
win over.
The problem with glNext is that it
needs driver support from the big
three (AMD, Nvidia and Intel), and it’s
not likely they will update a lot of
their older cards to support it, so it
will take a long time before it
becomes useful. It probably won’t
even be ready this year, but we’re
keeping an eye out.
“You get a lot of time to plan your attack: are you going
http://forums.linuxvoice.com to conquer by land, sea, air or space?”

10 www.linuxvoice.com
GAMING ON LINUX

Satellite Reign ALSO RELEASED…
The spiritual successor to Syndicate.

W
e have very fond memories of combinations each play-through will be
playing the original Syndicate different.
game on the Amiga, so this It’s played from a top-down perspective,
is a bit like walking down nostalgia lane, and anyone who has played class-based
but with prettier graphics and updated strategy games before should find it
game-play. pretty easy to manage. If you’ve played
It’s a real-time strategy game played Wasteland 2, XCOM or anything like that, it
with a team of four different agents with should seem pretty familiar. VoidExpanse
unique abilities, and it looks absolutely The developers have been quick to Do you miss playing Eve Online from your days
fantastic already. The graphics are vibrant, pump out new versions with new features as a Windows drone? Well miss it no longer!
and any fans of cyberpunk-styled games and bugfixes, so we feel it’s pretty safe to VoidExpanse is a great-looking 2D single-
and art will probably love it at first sight. pick up and play now. player and multi-player space sandbox game,
that feels a little bit like Eve Online. It’s a bit
You can customise your team with more fun too!
different abilities, and this is what makes Store http://store.steampowered.com/ You can fight, trade and mine your way
app/268870
it really fun, as with many different through the game, everything you would
expect in a sandbox space game.
http://voidexpanse.com
Satellite Reign isn’t
finished, as it’s in Steam’s
Early Access section, so
bugs are to be expected.

LISA
We know you love your quirky platformer
games, and LISA is one of the quirkiest we’ve
come across. It’s a side-scrolling RPG set in a

Audiosurf 2 bleak world, with a bleak character.
The opening scene sets the tone of the game
perfectly, and the small nod to the power
Music and Gaming fused together perfectly! rangers in one scene was highly amusing.

S
http://store.steampowered.com/app/335670
adly, Linux never gained a port
of the original Audiosurf, which is
arguably one of the best music-
orientated games around. Luckily, the
second iteration has been ported over
recently, so you can get your groove on to
your favourite tunes in this arcade game.
We can’t really compare this to anything
else, as there isn’t much out there like it –
which is one of the things we love about One of the truly great things about
it. The original was very unique and this Audiosurf 2 is that you can discover new
sequel carries that spirit on perfectly. music with it, as there is a feature where Desura
Desura is the online game store that has been
It may look a lot like a racing game, but they highlight a specific song each day, through a few different owners, and the new
it’s more like a single-player time trial that and doing this ourselves we have found a proprietors seem like a really good bunch.
goes with the flow of the current music few new loves and frustrations. Desura’s desktop client is once again open
track you’re listening to in the game. It’s It’s a little on the rough side at times, source under the GPL licence, and they have
not exactly easier either, as we found out and this goes with it being yet another released a Linux beta. It’s a little on the buggy
side right now, but it’s good to see the newer
when playing some rather fast music and game in Steam’s Early Access section. owners of Desura try to please us Linux
it gets a little intense when you’re trying gamers.
to dodge spikes and the game speeds up Website http://store.steampowered.com/ http://www.desura.com
app/235800
with the beats of the music.

www.linuxvoice.com 11
MAIL

YOUR LETTERS
Got something to say? An idea for a new magazine feature?
Or a great discovery? Email us: letters@linuxvoice.com

LINUX VOICE STAR LETTER
MANY GOOD IDEAS
I just want to write that I really could cover, for example, I2C
appreciate the magazine, and other general-purpose
I enjoy reading the Core protocols/applications?
Technology section as well as 3
How to free your hardware?
the community-related topics, I’m very interested in replacing
interviews and tutorials. I software in various devices
like the informal style of your with free alternatives. I know
writing and the broad range of about OpenWrt, but how about
topics – good job guys. putting Free Software on to a
For quite some time I TV set, car, fridge, house-entry
wanted to write on a few of system etc? A series on
my ideas for the magazine – setting free different hardware
mostly some topics you could would be nice.
cover in the future issues. 4
How to run a LUG? – I found
1
It would be nice to have a that the LUG that used to run
newbie-box in the tutorials to in my city is effectively dead, Once you’ve written a driver for one USB device, you pretty much know
get a clear distinction where is so I’m wondering how it could how to writer drivers for all sorts of other hardware.
the introductory part and be organised, how to make the
where is the main topic and to first meetings and so on. PS The word ‘free’ is of topics as possible, which is
give additional information to 5
How to talk about Free ambiguous not only in English. exactly what we’re trying to do.
newbies – eg on the one hand Software to people that are In Polish we’ve got the word There’s definitely more security
I know a thing or two about not technically-oriented? I’ve ‘wolne’ which can mean ‘free’ stuff on the Linux Voice radar, not
Python programming so I been recently amazed by what (as in freedom) but it can least next issue’s cover feature,
could happily skip the first Tim Bray said when also mean ‘slow’ :) So there is which will be a start-to-finish
part of the article on interviewed by Graham another level of difficulty when look at how to and we’ve always
Mandelbrot sets. On the other Morrison: “...I don’t think we talking about Free Software :) wanted to include more on the
hand I am not that good at should expect the general Linux kernel. I should get in touch
electronics so I sometimes population to have educated Andrew says: Wow, thanks Dawid! with Dr Sinitsyn (who wrote the
miss a thorough explanation opinions about internet safety We can all have a rest from USB control tutorial) and find
why do you use specific any more than they have thinking up ideas for a couple out if he’s in the mood to write
resistors or wiring. educated opinions about of months thanks to you. Sorry some more on the kernel. And to
2
Give us a fishing rod, not emission control systems in for cutting your letter short but everyone else: let us know what
only a fish! I liked the article automobiles ...” – I realised there’s a limit to how much of you want to see more of, and we’ll
about the USB-car controller that this is also true with your excellence we can fit in! do our best to provide it.
because, apart from showing regard do many other areas of With regard to flagging up the The community aspect
an example of reverse IT, maybe also with regard to newbie and advanced sections is another great idea – as it
engineering, it also explained a the computing as a whole. So of tutorials, I’m not sure this happens we do know an expert
little bit of the USB protocol so how to talk about Free is practical, as one man’s easy (who we interview on page 40)
one can try some other USB Software to people who don’t is another man’s difficult. The – I’m sure we can get something
devices – way to go! So know what software is? best we can do is make sure useful together for you in the
maybe some further tutorials Dawid Grzegorz Węckowski we include as diverse a range near future.

12 www.linuxvoice.com
MAIL

SHADOWS IN THE DARK
I just listened to the latest Linux their private encryption keys with
Voice podcast today, and listened the government, or else their
with interest to your discussion communications will be treated as
of David Cameron’s call for the an act of terrorism and prosecuted
elimination of encryption on the (Synthesis).
internet. While you all made very Lost in all of this is the question
valid points, I think you missed the of whether the government should
mark on what they’re really up to. have free and clear access to
Obviously the politicos don’t anybody’s communications (the
want to eliminate encryption on public is easily distracted and will
the net. That would stop all net/ lose sight of the actual question
web-based commerce, and would – similar to what you were
lead to a loss of tax revenue (VAT, saying about how the politicos
sales, wages, etc) and a potential have changed the role of the
collapse of the high-tech sector. government before our very eyes).
But the politicos also want to read I don’t know about the UK
everything we send over the web government, but the feds here
to maintain their power. So how in the US have floated the idea
are these two things reconciled? of government-run private key
Enter the Hegelian Dialectic. registries for years, which would
If in doubt, ban it.
The Hegelian Dialectic is as give them access to all of our Bridgewater admitted that “I’m not
follows: Problem, Antithesis, communications. This is what a tweeter. But we’ve got Facebook,
Synthesis. As Cameron stated, the they’re ultimately after and what we’ve got Twitter. The other day,
government can’t see everything must ultimately be resisted. somebody tried to explain to me
on the net but needs to under the Keep up the good work, what WhatsApp is. Somebody tried
guise of the fight against terrorism Paul Olson, Oklahoma USA to explain to me about Snapchat. But,
(the Problem). my Lords, I don’t know about them.
Cameron stands up in front of Andrew says: Ooh, this is brilliant. I What is absolutely clear is that the
everybody and says he wants can feel a dystopian novel brewing terrorists and jihadists do.” In other
to eliminate all encryption, the somewhere. “The public is easily words: “I don’t understand what we’re
worst possible solution to solve distracted” is brilliantly understated talking about, but I want to ban it
the problem (Antithesis). The and completely accurate, and your anyway because terrorism”.
public say they want to maintain idea of a legally enforced registry It’s easy to caricature the Lords
their encryption to keep out the of encryption keys is wearyingly as a place where out-of-touch
evil hackers and keep shopping plausible. However, I think you give establishment figures go for a nap
on Amazon. Parliament/ our lords and masters too much after a nice taxpayer-subsidised lunch,
Congress then passes a law credit. During a debate in January but Lord King is a former Secretary of
requiring everyone to register in the House of Lords, Lord King of State for Defence. Scary!

www.linuxvoice.com 13
MAIL

HAPPY BIRTHDAY TO US!
First, congratulations on your user guide on the desktop when
first year looking forward to many installing the PC and tell everyone
more Linux goodies from the Voice they can email me if they have
stable over the coming years. I any questions. Apart from the
started using Linux 8 years ago password questions, I’ve had zero
to enable me to give away fully calls for support. I have had emails
working older PC’s that I had thanking me for the PC my son/
refurbished from donated parts on daughter loves it kind of thing.
Freecycle (now freegle). The best was yesterday when
The reason for using Linux was a woman I gave a PC tower to a
that all donated items have to be couple of days previously, emailed and portable devises this will be Sometimes the old-
legal and many of the PC’s did me to ask if Linux could be Android or Unity as this works for fashioned way is the
not have a valid windows licence installed on her daughter’s laptop. those devices. best. The Mate desktop
Tony Hughes, Blackpool LUG/ is the perfect example
or had originally run windows Quote: “As she is getting fed up of
of this.
98/2000 (or horror of horrors, Windows updates that don’t work.” Makerspace
ME) So if I wanted to give away a Most people don’t care what OS
working PC ready to use it had to they’re using as long as it works Mike says: You’re a hero for spreading
have a Free/Libre OS on board. for them and does what they Linux to the good people of Blackpool,
I’ve recently given away five PCs want it to, so as long as we give but I wonder if anyone else has had
with Mint Mate on them, and apart them a system they can use; for a similar experience? Is Mate really
from forgetting to inform them some this will be Windows-like, as the best desktop for new Linux
of the password on a couple of that is what they are used to and users, or has anyone else had a good
occasions it seems that they are fits the hardware they are using. experience with Unity – or even a
getting on fine. I also put the Mint For others with touchscreens properly configured KDE?

DISCOVERY FIND OF THE ISSUE LIBERTY
I found out yesterday (January 25, I got my inspiration from a I totally agree with Simon Phipps
2015, Pacific Standard Time) that July 1984 issue of COMPUTE! in his News analysis piece about
typing Magazine (obtained via the the attack on Charlie Hebdo and
$ cat <<’EOF’ | tee input.sh | bash Internet Archive’s OpenLibrary the rush to make ‘security’ better
> lines Project), which likewise featured by restricting the liberties of
> of type-in programs. everyone.
> script If you (this means readers, too) I am reminded of the following
> EOF want to see my discussion with quote which I first saw in a
will cause the script reading “lines\ bug-bash, open your Internet newspaper article shortly after
nof\nscript” to be executed. browser and enter the URL http:// 9/11, but it is a quote from
This way, it can be possible lists.gnu.org/archive/html/bug- much earlier in the life of what
to execute the same kind of bash/2015-01/threads.html. It became the USA: “They who
program you’d read from a book should be near the top of the list. would give up an essential liberty
or magazine in the ’80s! (Only the Ryan Cunningham for temporary security deserve
program is in Bash’s language, neither liberty nor security”.
not BASIC. input.sh is the location Graham says: We’ve often discussed Benjamin Franklin (1706 – 1790)
where the script typed would be among ourselves the anachronism John Paton
saved for later execution and and usability of printing code in 2015,
editing.) but we all think it’s still a good way
I have had discussions with of digesting ideas and techniques,
Richard M. Stallman, founder of even if it’s not the best way of getting
the Free Software Foundation; things to run on your computer. That’s
and with fellow subscribers to the also why we try and include the code
bug-bash mailing list, about this online whenever possible. And I still
interesting discovery. fondly remember a summer spent
Simon’s right –
Therefore, I suggest that you typing in the code for the Mystery terrorism must not
begin publishing type-in programs, of Silver Mountain adventure game, become an excuse
at a rate of no more than twenty- only to lose it all when the cassette to make us give up
four pages thereof per issue. stopped saving the last save block. essential liberties.

14
MAIL

VIRTUAL DESKTOPS
I’m sure you’ll get quite a few on page 63). Version 3.x of the
emails about your Group Test NX libraries is open. Maybe there
of remote desktop client but is a difference between library
somehow you overlooked X2Go and protocol? Anyway, perhaps
in your list. A quick search will someone would be interested
uncover that X2Go is basically a in doing a follow-up for X2Go?
fork of the GPL’ed NoMachine NX X2Go is included in a few distro
3.x libraries with a custom client/ stock package repos (Fedora
server. It is generally used to for example) . One problem it
It’s proprietary, but
connect to a virtual desktop but does have is that it does not enterprise-version servers”… which
NoMachine NX was
they do offer a “desktop sharing” support anything that requires to me means the free download the clear winner of our
package to share an existing, 3D acceleration, so for example, version of NX 4.x doesn’t work remote desktops Group
physical X11 session. Gnome 3 can’t be used over X2Go. over SSH. Test.
NoMachine’s NX 4.x product Other than that, X2Go is full of Scott Dowdle, Belgrade, MT
is based on a completely new features.
protocol which is, to the best of BTW according to the Wikipedia Graham says: Thanks for bringing
my knowledge, not “open” (as page, NX 4 can use SSH but, “SSH that to our attention Scott, we’ll give
mentioned under the screenshot authentication is available only on it a look.

2015: THE YEAR OF LINUX
If only 2015 really were the asking them to run an article on
year of Linux. I worked most of alternative operating systems,
my working life in engineering again with no answer. I am not one
materials supply and purchasing, for conspiracy theories, but I am
and every so often some kind soul starting to wonder about the size
in the drawing office would design of Microsoft’s slush fund and who
into our product a component is bankrolling it.
only available from one company, The other problem Linux faces
thereby bringing the buyer face is simply a lack of knowledge of
to face with his worst nightmare the existence of the systems.
– a monopoly supplier. These If you buy a computer new and
companies are always expensive eventually replace it with a new
and nearly always have a one- one you never need to look
sided approach to dealing with the elsewhere. It’s only people who
customer. buy second-hand machines and
For the vast majority of need something better than an
computer users Microsoft has obsolete Windows XP system
managed to maintain a monopoly. who search for and find Linux.
This is partly done by ensuring The only bright point is that
that we cannot buy a computer there are an unknown number of
on the high street without a schoolchildren out there using a
Microsoft operating system. I tried Linux DVD to get around parental
to raise a people’s petition on the controls. I even came across two
government’s website to the effect young ladies who had managed
that shops must offer a choice to hide a Linux OS within the choice on the high street, but the There’s a load of great
of operating systems including Windows 7 partition and made it much-heralded death of the high stuff coming for Free
at least one Linux system; it was invisible until required by reducing street is making this less of a worry. Software this year; just
refused. the Grub menu’s countdown to 0. The advantages of having a bricks- don’t think that this is
The magazine that I first read John Bourne and-mortar shop are reducing, and as “the year of Linux on the
about Linux in back in 2010, more consumers buy their hardware desktop”.
Computeractive, has not mentioned Graham says: Sometimes we worry online, the barriers for entry will fall
Linux since being bought by about the youth of the nation, but if for the likes of PC Specialist and
Dennis Publishing. A letter to the those girls are anything to go by, the Zareason (which both offer excellent
editor has not been answered. I kids are all right. It is, as you say, a hardware with Linux pre-installed).
have written to Which magazine constant gripe that there’s so litle Have faith.

www.linuxvoice.com 15
LUGS ON TOUR

LUGS ON TOUR
linux.conf.au 2015
Daniel Rossbach reports from this year’s event in Auckland.

E
ach year during winter in the

photos: Simon Lyall CC BY-SA
places in which most open
source conferences are held
- which happen to be in the northern
hemisphere - some far warmer and
more sunny place in Australia or
New Zealand hosts one of the most
significant conferences in the Linux
world: linux.conf.au (LCA).
This year, from 12–16 January,
this place was Auckland in the
north of New Zealand, were the
conference was staged at the quite
flashy facilities of the University
of Auckland’s Business School.
Over those five days, roughly 170
presentations were given and
attended by almost 700 Linux
professionals and enthusiasts.
As in previous years, LCA
managed to attract many
prominent personalities as
speakers, with Eben Moglen
(Executive director of the Software
Freedom Law Center), Bob Young
(co-founder of Red Hat and
chairman of Lulu) and a certain
Linus Torvalds delivering keynote
Linux.conf.au is a
addresses. linux.conf.au 2015 was the range Examples for this at this year’s
refreshing antidote to
At the same time, LCA is a of opinions, interests and styles some of the corporate- LCA were numerous: The use
gathering of the regional Linux represented, all of which made sponsored events that of free and open software in
community and has a far less for a multi-faceted conference take place in the US. humanitarian aide was the topic
corporate atmosphere and programme, and some controversy of one of the 10 ‘miniconfs’ that
structure than most of the sparking discussions. make up the first two days of the
other equally well-known Linux schedule, which were given even
conferences around the world. Linux flying more prominence.
Organised each year by a team of While there were a large number of Political aspects of using FLOSS
volunteers, which changes along highly technical presentations on were discussed in multiple talks
with the host city and venue, the the inner workings of Linux and the concerned with the potential and
conference has a familial feel as (database and virtualisation) server- difficulties associated with its
regular attendees (who make up a side software commonly run on it, use inside and to interact with
large proportion of the audience) LCA also offers a forum for projects governments and bureaucracies.
meet up and some speaker’s in the wider world of ‘open culture’. And, unsurprisingly, there were
talks and surrounding events are Talks and interactive sessions reports on yet more embedded
traditional fixtures. belonging to the later group Linux deployments.
Fittingly for a community-centric seemed to be the most engaging One highlight of the week in this
conference, a defining marker of events within the conference. vein was an impressive demo in

16 www.linuxvoice.com
LUGS ON TOUR

Andrew Tridgell’s presentation
entitled “Flying with Linux”. In it,
he made a small plane fly on a
predetermined course and land
in one piece – with the plane
being hundreds of miles away (in
Canberra), and simultaneously
compiling the Linux kernel on the
BeagleBone Black unit inside the
aircraft.
Further fascinating avionics
were on show outside of the
conference schedule at a rocket-
launch organised as one of the
many ‘birds of a feather’ events
traditionally surrounding the
Judging by the
conference. The largest rockets, based on Linus’ appearance on first among them, set the tone
conference talks, Kiwis
launched at the New Zealand seem to be obsessed stage. Instead of giving a keynote for interaction in the community.
Rocketry Association in Taupiri with flight. Oh, the irony. speech, Torvalds invited questions The disappointment with Linus’
south of Auckland reached an from the audience. Reminiscing stance was shared by some of the
altitude of up to 10 kilometres! over a similar occasion twelve prominent advocates of a more
years ago, Torvalds was joined on concerted effort to make the Linux
Making things stage by the kernel developers and community open for people with a
Actually making things was LCA regulars Andrew Tridgell, Bdale background and identity that isn’t
the centre of two miniconfs, an Garbee and Rusty Russell. mainstream in the community.
open-radio session and a robotics While Linus went on to make One of these advocates is Karen
workshop. At the latter, attendees some interesting remarks on Sandler, former executive director
were given the opportunity to disclosure of security flaws (siding, of the Gnome Foundation and
assemble a robot-vehicle out of without naming names, with still co-organising its Outreach for
a Raspberry Pi (model B+), an Google in their recent argument Women programme.
Arduino and two servo engines with Microsoft), and documentation As Sandler, now in charge of the
before finally steering it over for the kernel (it is inherently Software Freedom Conservancy,
wireless with Node.js scripts. difficult but could and should be told Linux Voice in the aftermath
Beyond these specialised improved), the most quotable and of LCA, experiences of sexist
sections, the main conference controversial lines were delivered behaviour are still common for
programme was not short on regarding the social interactions in women at events in the open
interesting hardware projects the kernel community. source community. According to
either, as evident in presentations Challenged by Matthew Garrett her, prominent figures are called
on OneRNG, a successfully kick- on Torvalds’ abrasive comments upon to exert their influence in
started random number generator on the kernel mailing list and their the community to change the
(the campaign is still running), potentially chilling effects on people climate in such a way as that
deploying Linux in automotive getting involved with Linux, Linus bad experiences for women or
systems, and current developments 20% of speakers were replied that he feels under no minorities don’t occur.
and hacks in 3D-printing. women (which is far obligation to conduct himself more Where this development will lead
The biggest news story to come from parity but on an amicably. we will be able to see at the next
out of LCA 2015 turned out to be upward trajectory). For Torvalds, his less than polite few editions of LCA: in Geelong in
comments are solely directed at 2016, and Hobart in 2017.
the technical merits of the subject All the talks (https://linux.conf.au/
matter, and otherwise merely programme/schedule) from LCA
expressions of him being “a really 2015 are available online at http://
unpleasant person”. mirror.linux.org.au/pub/linux.conf.
Torvalds claimed that the task au/2015/ and on YouTube.
of making the Linux community
inclusive and conducive for TELL US ABOUT YOUR LUG!
diversity can be delegated among
the people who are influential in the We want to know more about your
Linux community. LUG or hackspace, so please write
to us at lugs@linuxvoice.com and
This reply was criticised by many
we might send one of our roving
as failing to acknowledge the way in reporters to your next LUG meeting
which prominent figures, and Linus

www.linuxvoice.com 17
SHOW REPORT CYBERSECURITY

The show floor was mostly filled with shiny
company stands trying to woo visitors.

The French Ministry of the Interior was
one of the event’s biggest sponsors, and
had a huge stand to show it.

FIC 2015 Cybersecurity experts met in Lille to prepare for
upcoming attacks. Mike Saunders was there.

L
ille is a medium-sized town in northern France, killings, so issues around monitoring suspected
just a croissant’s throw away from the Belgian terrorists, encrypted communications and freedom of
border. It has cobbled streets, decent beer, and speech came up with many people we talked to. Most
for the last few years it has hosted FIC, the of the show stands were from small or medium sized
International Forum on Cybersecurity. This conference companies touting cybersecurity wares – usually
is organised in part by the French Gendarmerie and server-side programs, but some for end-users as well.
Interior Ministry, and is funded by the regional Some companies were offering Linux versions of
government of Nord-Pas de Calais along with various their solutions, although one we chatted to – Titania, a
sponsors such as Symantec, IBM and Sophos. And it’s vendor of security auditing software – spoke of the
serious business: security at the entrance was tight, frustration and complexity in dealing with the niggling
and there were plenty of well-armed guards keeping differences between distros. This is a recurring theme
tabs on the show. with third-party vendors who don’t have their software
Some big names in politics were there, such as the in distro repositories, and even Linus Torvalds has
Ministers of the Interior of France (Bernard ranted about it recently, so hopefully there will be
Cazeneuve) and Germany (Thomas de Maizière). We some progress in the future.
found the latter’s presence somewhat ironic, though,
given that he recently expressed support for David Challenge time
Cameron’s plans to have a back door in all end-to-end But our favourite (and by far the geekiest) section of
encryption. Many experts in computing security have the show floor was the challenge area. Here, teams
described these plans as ridiculous and impossible to worked together to perform forensic analysis of
implement, so hopefully de Maizière actually learned systems that had malware installed or other
something during his visit. vulnerabilities. This included Android phones that had
But anyway. On the show floor, the French Ministry unrequested software installed, databases with
of the Interior stand dominated, telling the world how suspicious entries, and USB keys that were trying to
it’s on top of cybercrime and security in general. FIC spread viruses. A number of tasks were set up (eg find
took place only a few weeks after the Charlie Hebdo out who is responsible from the logs, or work out what

18 www.linuxvoice.com
CYBERSECURITY SHOW REPORT

the malware is doing on this phone from a memory We’re not sure if we were
dump), and the first team to complete them won allowed to photograph this,
glittering prizes including consoles, quadcopters and but the army had lots of
fancy kit to look at.
Raspberry Pis.
The show floor was just one part of FIC though. We
attended a few fascinating presentations and talks,
such as “How to shut down a botnet”. In case you’re Over at the challenge
not aware, a botnet is a group of thousands of cracked area, geeks had some
computers (almost always running Windows) that are respite from the
scattered across the world, in homes and in corporate tone of the
conference and could
businesses, that are all controlled via back-doors from
get some white-hat
a single point. They are used by nefarious types in cracking done.
situations where having a large number of IP
addresses is beneficial, such as sending spam or
performing denial-of-service attacks.
This talk was given by a investigators working for
the FBI and the UK National Crime Agency, and
described Operation Tovar, an international operation
to shut down the Gameover Zeus botnet. You may
wonder if law enforcement agencies should be
worrying about botnets when there are bigger crimes
to solve, but Gameover Zeus had been used to
distribute CryptoLocker, a piece of “ransomware” for
Windows. CryptoLocker encrypts a user’s personal
files, and then demands money to be sent to an
anonymous address within a certain time limit – Lille is a pretty place, and
Belgian-style beers abound
otherwise it will delete them forever. And it has been
due to that country’s proximity.
successful: tens of thousands of people have been
affected, and it’s estimated that CryptoLocker’s
creators have netted over £3m.
So taking down the botnet that distributes it was a
worthy goal. But also a complicated one, which people are risk averse in this case, and would take the
involved various tricks such as registering 2,600 definite $1,000.
domain names to stop computers on the botnet from But turn this the other way round: you could either
being able to communicate with one another. (For the lose $1,000, or take a coin flip where one side means a
full technical lowdown on how Gameover Zeus was loss of $2,000, and the other side means you break
stopped, see http://tinyurl.com/kso7fea – it’s heavy even. Only 25% of people take the definite $1,000 loss
going in places, but a good read.) here – so people are more risk supportive in this
situation. This impacts how people look at security,
Head in the clouds and how IT middle management types don’t want to
Security expert Bruce Schneier (www.schneier.com) spend more money on securing their systems.
arrived in Lille just in time to give his speech in front of Schneier characterises the 1990s as the decade of
a packed auditorium. He described how companies protection, when anti-virus software boomed. The
are rushing to outsource 2000s were the decade
their infrastructure –
using “cloud” services,
“It’s estimated that the creators of detection, with
intrusion detection
hosting email on Google, of CryptoLocker have netted systems and forensic
and so forth. It may
seem attractive to hand
over £3 million.” analysis becoming more
widespread, while the
over the workload to 2010s will be the decade
someone else, but ultimately you lose control over of response. (We managed to get a quick interview
your security. with Bruce at FIC – see page 28.)
Schneier also attacked the security software FIC 2015 was a good opportunity for like-minded
market: “The stuff that wins isn’t the best stuff – it’s people to meet and share ideas about security, but
the easiest to use stuff, the cheapest stuff”. He there was something odd about a government-
referenced prospect theory, and how people are risk sponsored cybersecurity event, given how much they
adverse when it comes to gains, but risk supportive want to spy on us. We can only hope that our
when it comes to losses. Imagine someone offers you overlords have learnt from the talks and presentations,
$1,000, or a coin flip where one side gets you $2,000, and realise that we won’t defeat terrorism simply by
and the other means you end up with zero. 75% of giving them our encryption keys.

www.linuxvoice.com 19
RASPBERRY PI VERSION 2

GPIO pins to control Stick it behind your
your robot army television to make a
DIY smart TV

Still proudly
made in the land
of dragons
Quad-core ARM
CPU – lots more
processing power

More and faster
RAM – replace your
Pocket money old desktop machine
price – still no problem
only $35!

RASPBERRY PI
VERSION

T
The world’s most popular computer has
a brand-new version. Take a look!

he first Raspberry Pi launched on 29 February
2012. Over the next three years it was used as
the brains of a submarine, sent into space,
2
remains the same price – $35. New computers aren’t
about what’s the same though, they’re about what’s
different. The new board features a new processor
and even used to make delicious beer, but it didn’t and new memory, but it looks almost identical
really change, bar a tweak to the model B+ to improve to the older version. What does this mean to the
power handling. This has now changed – Raspberry performance, and how will it change the usability? Will
Pi version 2 is here! it still be used by tinkerers up and down the land, or
Version 2 is completely compatible with the old has the Raspberry Pi Foundation spoilt its creation?
board both in terms of hardware and software, and it Read on for our in-depth exploration…

20 www.linuxvoice.com
RASPBERRY PI VERSION 2

What has changed?
Don’t panic – the Raspberry Pi is the same machine we know and love.

A
t first glance, version 2 of the
Raspberry Pi looks very similar to Eben Upton with a box of the
the Model B+. It has the same new Raspberry Pis. 200,000
inputs and outputs, and an almost identical were available on the launch
layout. You’d have to look quite closely to day, and a similar number will
be made each month.
notice the difference, and that’s that the
RAM is no longer on top of the SoC (System
on Chip). It’s now on a separate chip
mounted on the underside of the PCB.
The reason they’re so similar is that the
model B+ was designed with this upgrade
in mind, and space was left on the board
to allow the new features. In fact, if you
compare the two devices, you can see that
there’s a patch of empty space beside the
SoC on the B+ that the memory now takes
up on version 2.
This similarity goes further than just looks,
and the GPIOs are the same. This means
that the new board should still work with
every circuit and expansion board that’s
worked with previous versions. Hardware
Attached on Top (HATs) should also still all
work, and the holes for bolting these onto
the Pi are still in the same place.
It’s not just the GPIOs that are the same.
All the physical connections on the board
are in the same place as on the model B+.
This means that cases and other enclosures
should still work without modification. a bit more power than the previous ARMv6 The architecture is now the more common
This particular aspect will be particularly single-core SoC. The RAM has doubled to ARMv7 rather than ARMv6-hardfloat. This
important for developers working on 1GB, and is also clocked slightly faster at change means it’s much less effort to port
embedded systems. 450MHz. Combined, these give the board other Linux distros to the Pi. This is unlikely
much more processing power. to mean we end up with the massive over-
So what’s new? On the software side of things, the latest abundance of distros like we have on the
The big changes are the SoC and the version of Raspbian has been updated to x86 architecture, but it could mean that a
memory. The first is upgraded to include support everything out-of-the-box, but other few more of the big names distros produce
four ARM Cortex A7 cores, which give quite distros may take a little time to catch up. Raspberry Pi versions.

Video Core IV Understanding the Raspberry Pi’s graphics engine
The Raspberry Pi version 2 features exactly the problems decoding high-definition files. All this is so most 3D software for Linux won’t run on the
same GPU as the version 1: Broadcom’s Video dependent on the compression format. Raspberry Pi.
Core IV. Currently, the driver for this is capable of There are also different container formats. This may be about to change. Eric Anholt, who
running OpenGL ES programs and decoding video The container is the bit that brings the video and works on open source graphics at Intel, is working
(it can decode H264 and MPEG4 videos at full audio together into a file. Therefore, the filename on a restructured driver for the Video Core IV. It
HD resolutions without problems). You can also corresponds to the container, not the video should mean a performance improvement, the
purchase additional licences for MPEG2 and VP1 compression method. If you want to know whether ability to run 3D applications in windows (rather
should you need them. a file will play well on your Pi, you need to know than just taking over a chunk of the screen) and
There are also codecs for VP8 and Theora. These what the underlying compression method is, not it should mean full OpenGL applications can run.
run on the GPU, but aren’t able to take advantage what file format it’s in. Potentially, this means much more software should
of the video-playing hardware in the GPU. This The Pi can run OpenGL ES 2.0 software. This be available for the Pi, but we will have to wait to
means that they are effectively software codecs is a stripped-down version of OpenGL designed find out what the performance is like. Eric gave an
that happen to run on the GPU rather than the CPU. specifically for Embedded Systems (ES). It’s the excellent overview of his work at Linux.conf.au, and
You should find that playing these files doesn’t graphics standard used on most mobile phones; you can watch it on YouTube at
significantly increase CPU usage, but you may get however, desktop machines use full OpenGL, https://www.youtube.com/watch?v=EXDeketJNdk.

www.linuxvoice.com 21
RASPBERRY PI VERSION 2

Raspberry Pi 2 model B in detail
The new components, and what it means for you.
4

You can now see the wave of the
Broadcom logo on the SoC as it’s no
longer obscured by the memory. [1]

1
2
3

Version 2 looks almost 9
identical to version 1 model B+. 6

The USB and
networking setup
remain unchanged,
so the speed for
networking and
external storage
haven’t increased
significantly.

The underside of the new Pi reveals
the new, higher-speed RAM. [10]

22 www.linuxvoice.com
RASPBERRY PI VERSION 2

1 Quad-core ARM Coretex A7 processor regulator introduced in the model B+. This same connection to the CPU. This limits
The shining jewel in the Pi version 2 is the offered a significant improvement on the the speed, especially when several USB
new System on a Chip (SoC). This consists linear regulator in the original version. ports are in use at the same time as the
of four ARM cores, each of which is by However, the increased power of the network (such as when you’re using a USB
itself more powerful than the single processors on version 2 means that power hard drive).
processor in the previous version. The consumption is increased by about 1 watt 9 Audio and analogue video out The

impact of this can be seen on the (or 0.2A at 5V). This means that it’s more analogue outputs run just as they did on
benchmarks on the next page. important to have a good power supply earlier versions, and we haven’t found any
2 Video Core IV GPU The graphics with the Version 2 than it is for the B+. problems with them.
processor is the same as on the previous 6 HDMI The main video output can also be 10 Memory The memory has come off the

incarnation of the Pi, so you can still expect used for digital audio. The HDMI bus is SoC, been beefed up to 1GB and increased
full HD video playback and smooth two-way and can be used to send in speed. All this means the new Pi is far
OpenGL ES 2.0 graphics. information from the display to the Pi more responsive when multi-tasking. Web
3 Display connector Although there is no through the Consumer Electronics Control browsing, in particular, is noticeably better
display yet released for the Raspberry Pi (CEC) protocol. This is most commonly on the new version.
that can use the display connector, the used in media centres to send instructions 11 Micro SD If you still have a version 1

Foundation tell us that they’re just making from a TV remote control to the Pi. model B (before B+) then you’ll need to
the final adjustments to the design and it 7 Camera connector This still connects switch from an SD card to a micro SD card,
should be released soon. In the meantime, with the normal and low-light cameras but otherwise you shouldn’t have a
you’ll have to make do with HDMI and RCA. from the Raspberry Pi Foundation. The problem. The latest version of Raspbian
4 GPIO There are 26 usable input or increased processing power of the new runs on both new and old RasPis, so you
outputs on the 40-pin GPIO header, which can still share storage
include UART, I2C and SPI buses. This is between different versions.
the same layout as the model B+, and is “The memory has come off the 12 USB There are still four

backwards-compatible with all Raspberry SoC, been beefed up to 1GB and USB ports, and the higher
Pis made since September 2012. The very power draw of the new SoC
first models had a slightly different pin increased in speed.” could lead to problems if you
numbering, so if you’re upgrading from an have several high-power USB
early Pi you’ll need to make sure that any model means that advanced picture peripherals and a weak power supply. This
expansions you have are compatible with processing will run faster. should be roughly comparable to the
revision 2.0 (almost all are). 8 Networking The one slight situation with the model B before the B+. A
5 Switching regulator The Raspberry Pi disappointment for us was the fact that powered USB hub will enable you to use
version 2 retains the same switching the USB and networking still share the more devices.

Understanding ARM cores Overloading on numbers and letters

There are many different ARM processors on the In general, as the numbers on Cortex A series operating system to select the lower-powered
market, and they each have different performance processors go up, the processors become more Cortex A7 cores to run more energy efficiently when
characteristics. The first Raspberry Pi features powerful. In this context, more powerful means the load is low, then dynamically switch to the
an ARMv6 processor (also known – somewhat capable of doing more in a single clock cycle. So, more powerful Cortex A15 cores to run faster when
confusingly – as ARM11), while the newer version for example, a Cortex A7 processor would perform there’s a higher load.
features ARMv7. These are different instruction most tasks about 20% faster than a Cortex A5 You may also come across ARM Cortex M series
sets. ARMv7 is backwards-compatible with v6, so processor at the same clock speed. Cortex A9s are chips. These are for microcontrollers, so they’re
you should be able to run software compiled for the also noticeably faster than A7s. not designed to run Linux (or any other OS). For
older processor on the newer one. However, there It isn’t always performance that differs between example, the Arduino Due has a Cortex M3.
are additional features in ARMv7 that software can differently numbered Cortex A series chips.
take advantage of to run faster . Sometimes it’s that one core has different features
Most ARM processors available today are (such as hardware virtualisation) than others.
ARMv7, but there are still significant differences When looking at the specifications of an ARM
between different chips, even when they understand SoC, it’s important to understand that even though
the same instructions. Almost all System-on-Chips Cortex chips are all ARMv7, they don’t all have the
(SoCs) that run Linux use ARM Cortex A cores (the same performance cycle-for-cycle or core-for-core.
A stands for application) – these are all ARMv7 or There is a counterpoint to the performance
higher. Within this designation the most common difference, and that’s that the lower-performance
cores for small Linux Computers are the Cortex A5 cores also tend to use less power, so it sometimes
(such as the Odroid C1), Cortex A7 (such as the makes sense to use a lower-powered chip if you’re
Raspberry Pi 2) or Cortex A9 (such as the Udoo). running off a battery.
A little confusingly, a company called AllWinner To make matters even more complex, some
makes SoCs that are also numbered with A’s. For newer SoC’s feature more than one type of core.
example, the AllWinner A20 is quite popular with For example, the AllWinner A80 SoC features eight
small Linux computers. However, in this case, the cores. Four of them are Cortex A15s and four are
A20 is the name of the chip, not the core, and the Cortex A7s. This combination of core types is Thanks to their low power draw, ARM chips
AllWinner A20 actually uses a Cortex A7 processor. know as the ‘big.LITTLE’ configuration, and allows are found in many smartphones.

www.linuxvoice.com 23
RASPBERRY PI VERSION 2

Benchmarking
Just how much faster is the new Pi?

M
oore’s law (as interpreted by
Performance comparison: Raspberry Pi version 1 vs version 2
David House) states that the
power of computer processors
should double every 18 months. If that’s Pi version 1
Pi version 1 with turbo

Raspberry Pi version 1 model B+
true, then the new Raspberry Pi should be overclocking enabled

Speedup factor cmpared to
Pi version 2
four times more powerful than the original,

with no overclocking
which was released three years earlier. To
find out what the actual difference is, we ran
a wide range of benchmarks to stress the Pi
in different ways. All the tests were carried
out at the default clock speed on both
versions of the Raspberry Pi (with different
levels of overclocking on version 1).
Our battery of CPU tests showed that Typical desktop workloads Single thread CPU Multiple thread CPU Memory Disk Network 3D acceleration

the combined processing cores on the Pi Test group
version 2 can crunch data about 6 times
the speed of the single core on version 1. The speedup of the extra processing power isn’t matched in other areas, but normal usage should
These tests were performed using highly see a significant improvement.
parallelisable tasks such as zipping and
unzipping files using the bzip2 algorithm splitting the load across the four cores in single core on a multi-core processor for a
(7.29 times faster) and calculating version 2. particular task. We also ran some single-
cryptographic hashes (an average of 5.54 Not all computing tasks are parallelisable threaded CPU tests from the hardinfo tool
times faster). All these tasks are efficient at like this, and often, you only end up using a that stressed just a single core of the Pi
version 2. However, the other cores were
Benchmarks for typical desktop workloads running, so background tasks could take
on Raspi versions 1 and 2 place on other cores. These tests weren’t
necessary a perfect comparison of the
Kraken JavaScript processing power of the cores, but a test
Benchmark to see how much of a speedup you should
Pi version 1 expect to see on single-threaded tasks.
Pi version 1 with turbo
overclocking enabled The results varied from a speed up of 1.87
Pi version 2
(Fast Fourier transforms) to 1.51 times
SunSpider JavaScript (Blowfish encryption). The average speed
benchmark improvement was 1.69 times.

Not just the CPU
Of course, there’s much more to a
Install Pygame
library from source computer’s speed than just raw CPU power.
The new Pi also has different memory,
which is clocked slightly faster. We were
able to write data to memory 1.50 times
LibreOffice time faster on the new model. One thing these
To open spreadsheet
tests don’t show is that the new Pi has
twice the amount of RAM as the old version.
This difference hasn’t show itself in any of
LibreOffice time these benchmarks, but can have a dramatic
To open Writer impact on RAM-heavy tasks, particularly if
you’re running several tasks as once, like
web browsing with multiple tabs open.
Both models use micro SD cards for
Speedup factor compared to RasPi version 1
storage, and a similar setup. Using identical
without overclocking SD cards, we found a modest 1.12 times
speedup on the new Pi.
Regular workloads tax almost all parts of the system from the CPU to memory to storage, The new Pi has the same network
and they do it in different ways. interface using the USB bus as the old Pi.

24 www.linuxvoice.com
RASPBERRY PI VERSION 2

Here we ran two tests: one to see how the Breakdown of multi-threaded performance
new Pi handled network throughput (using for RasPi version 1 and 2
wget), and another that tested how the Pi
coped with an encrypted download (via
compression
scp). In the unencrypted test, the new Pi (bpnzip2
performed about 14% faster than the old
Pi. There was relatively low CPU load, so
decompression
the more powerful SoC didn’t have much (bpunzip2 Pi version 1
advantage. However, in the encrypted Pi version 1 with turbo
Overclocking enabled
transfer, the older processor struggled to Pi version 2
keep up, and the new Pi performed 50% MD5 hash
Cracking
faster in the encrypted transfer (scp) test.
The new Pi has exactly the same
VideoCore IV graphics processor as the old Bcrypt hash
Pi, so we didn’t expect to see any difference Cracking
in performance here. We ran a range of tests
with a steadily increasing number of objects
in the 3D scene, and with varying levels of Speedup factor compared to RasPi version 1
texture. Across them all, we saw a fairly without overclocking
consistent 6% improvement in speed, which
we suspect is due to the CPU side of the The multithreaded CPU tests were perfect for version 2 to show off its processing power.
benchmark running faster. In other words,
we wouldn’t expect a noticeable increase in disk speeds all factor into the speed as well. improvement was opening LibreOffice
performance using accelerated graphics. We put together some benchmarks to try (3.78 times faster), while the smallest was
It’s telling to see how the two versions to capture the overall speed of the Pi under the Kraken JavaScript benchmark (3.03
compare on normal use. times improvement). Opening a complex
benchmarks This included spreadsheet in LibreOffice Calc came in 3.51
that target “The new Pi dramatically tests on times faster.
specific
subsystems,
outperformed the overclocked old LibreOffice,
web browsing
When we added them all up and averaged
them out, we found that the new Pi is 3.38
but most Pi in multithreaded benchmarks.” and installing times faster than the old Pi under common
computing software. loads. We’re confident that this is accurate
tasks run Despite for typical workloads, but obviously, different
across many of the different areas. They very different workloads, they all reported tasks will vary as they will depend on the
have some parallelisable aspects, and some a fairly similar speed up with the new speeds of the different parts of the Pi in
aspects that aren’t. The memory, CPU, and Pi, about a factor of three. The biggest different ways.
The speedup factors were calculated by
Network performance comparison comparing the new Pi to an old one at the
for Raspberry Pi versions 1 and 2
normal level of overclocking. However, it is
possible to overclock version 1, so we also
ran all the tests with turbo overclocking
enabled. In this case, we found that the
Encrypted data single-threaded performance was only
Transfer (scp)
slightly faster on version 2. However, the
Pi version 1
Pi version 1 with turbo new Pi still dramatically outperformed
Overclocking enabled
Pi version 2 the turbo overclocked Pi in multithreaded
benchmarks, and was almost twice as fast
at typical desktop tasks.
All of these benchmarks evaluate some
Unencrypted data form of measurable metric, but they also
Transfer (wget) hide the important but hard-to-measure
aspect of how the computer feels to use.
The biggest improvement in this area is the
responsiveness of the new version. The old
single-core machine was prone to locking
up and becoming unresponsive under heavy
Speedup factor compared to RasPi version 1 load. This aspect of the Pi is now gone.
without overclocking What does all this mean? Turn the page to
find out how the different performance will
The speedup in encrypted transfer came as a bit of a surprise to us, but is useful for many setups. affect different types of use.

www.linuxvoice.com 25
RASPBERRY PI VERSION 2

Popular projects
How the new performance profile will change the way you use the Pi.
Gaming
Party like it’s 1989.
There are only two common uses for the
Raspberry Pi in gaming: Minecraft and
console emulation. There hasn’t been an
update to Minecraft for the Pi since it was
first released, and we’ve no indication that a
new version is likely. Even if a new version
did come, the Pi 2 is unlikely to perform
significantly better. Perhaps the biggest
improvement here is for people writing
programs that interact with the Minecraft
world, as they now have significantly more
processing power to use.
Playing old games on the Pi is well
supported through distributions like
RetroPie. The original Pi handled the
emulation of most older consoles fairly well,
albeit with occasional jitters. The newer
version’s processor is only about 50% faster
on single-threaded tasks and only marginally
faster than a turbo-overclocked Pi 1. Since
most emulators don’t take advantage of
multiple cores, we wouldn’t expect the
new Pi to really shine here unless some of
the multi-core emulators are ported. That
said, the new Pi shouldn’t experience and
problems if background tasks start during
the emulation. Minecraft now has a more Pythonic Python 3 API for controlling the world from your programs.

Desktop computing Home theatre PC
A DIY smart telly that you control.
Desktop usage is probably the area where
the improved performance of the new Pi will The developers of XBMC (now known as
be most obvious. In our general-purpose Kodi) have done an excellent job of making
benchmarks on the previous page, we found a
sure the Pi version 1 can be used as a home
roughly 3.4 times increase in most tasks, which
is a huge difference. theatre PC (HTPC) to play videos and music.
The biggest difference, though, isn’t in the The Pi version 2 uses exactly the same GPU
time it takes to run a single task, but in multi- as version 1, so all that good work
tasking. Things like apt-getting software don’t automatically flows over and the Pi 2 should
render the machine unresponsive, and neither
make an excellent HTPC. Using the same
does a single JavaScript-heavy web page. The
increase in RAM is also important, because it GPU means that you shouldn’t expect any
means you can run a lot more software before significant improvement in the video We covered setting up a Kodi-based media
the system grinds to a halt as it shuffles playback. That said, video playback usually centre in issue 12.
memory in and out of swap space. works well on the Pi.
If you’re currently using a Pi as a desktop
The improvements on the new Pi should down to the instruction set and the memory
computer, we’d strongly recommend you
get a new Pi 2. The performance increase is be noticeable in other areas. Most media layout. This means that – in theory at least
definitely worth the $35. We can’t think of a centre interfaces aren’t accelerated, so the – it should be easier to build Android for the
time in the history of computing where such a improved speed of the new Pi should result Pi. There isn’t likely to be an official release
small amount of money could have such a big in a better user experience. Exactly how from the Foundation, but a community
performance impact.
much better will depend on what media project is possible. This would provide
We also expect both versions of the Pi to get
a noticeable performance improvement with player you’re using, and what skin it has. another option for HTPC interfaces, and
Wayland, which is currently under development. The Pi 2 has more in common with other should mean that streaming media services
ARM boards than the Pi 1 did. This is both like Netflix would work on the Pi.

26 www.linuxvoice.com
RASPBERRY PI VERSION 2

Robotics
More brains for your mechanical army.
Pure processing power is very rarely a
problem in hobbyist robotics. The first
version of the Pi easily has enough power to
control motors, fetch data from sensors, and
handle the camera. The limiting factor with
controllers for robots is almost always the
connectivity (GPIOs, I2C busses, UARTs,
etc). In this regard, version 2 offers no
advantages over the older B+. In fact, the
higher power usage could actually make it a
little worse in some cases. Generally, the A+
is the best board for robotics when power
consumption is at stake, and the A+ will
continue to use the same SoC as before.
There are, however, a few cases where
robots need more processing power. For
example, in machine vision. OpenCV, a
library written for object recognition, and
has some uses in robotics – we used it in
our face-tracking Nerf gun in issue 4. It does
run on the Raspberry Pi version 1, but only
just. You have to limit the resolution, and you
still get quite a slow framerate. This means
you don’t get as accurate recognition as on
more powerful computers. Version 2 should
significantly improve things here, and make
Raspberry Pi robots’ vision more powerful. Now your robot weaponry can have better vison, yet still have the portability of the Raspberry Pi.

Programming and more
The ultimate tool for teaching children to code? The road ahead
The primary purpose of the Raspberry Pi is and experienced coders. That said, it’s still We’re excited by the new version
to teach computing to school children. The not suitable for heavy programming tasks, of the Pi, and you should be too.
new version makes this task easier. A and it struggles to run heavyweight IDEs Part of this excitement, however, comes not
from what’s new, but from what has been
significant part of this is that general such as Eclipse.
retained from the last version. The Raspberry
desktop computing runs better. Pi’s video capabilities have always been
One task that always frustrated us with Personal server excellent and video is still excellent in the Pi
the earlier version was installing libraries. Then there’s the use of the Pi as a personal Version 2. The same goes for the layout of the
Sometimes it felt like we were waiting five server. At the simple end, this could be a GPIO pins. Countless hackers have built robots,
submarines, weather stations and more with
or 10 minutes before we could get back to machine hosting Samba shares; on the
Raspberry Pi, and the GPIO pins provide the
programming, and this was very off-putting other end, it could be a full LAMP stack interface between the brains of the computer
for beginners (and quite a problem when running a range of web applications. and whatever sensors, motors and servos are
teaching a class). The task also locked up The new model has the same network used. If this changed it would damage the work
the only core, so we couldn’t do anything and storage setup, so you should only see that third parties have put into building the
Raspberry Pi community, so we’re pleased to
while the libraries were installing. Version 2 fairly modest improvements in simple file-
see it stay the same.
ran 3.33 times faster than version 1 when sharing, unless you use encryption, in which What has changed though is the feel of using
compiling and installing the Pygame module. case you may see a 50%+ improvement. the Pi. Plug it into a keyboard and monitor and it
Obviously when coding in a compiled Most web servers (including Apache) are feels so much more like a grown-up PC, and we
language, you should expect similar speed good at splitting load across multiple cores, think that this will make it even more attractive
to schools who need cheap hardware to teach
ups in general compilation runs. so if you’re using a web front-end, you could
kids that computers aren’t mysterious black
Scratch, a graphical language for getting expect a more significant speed up. The boxes. Add to that the improved capabilities in
children interested in programming, should exact speedup will depend on how you use just about every area and the new Raspberry Pi
also perform significantly better on the the server, but the new Pi should be much Version 2 is on to a massive winner. We can’t
new Pi. The new model is all round a better better at serving more than one request at wait to see what’s next.
machine for people new to programming a time.

www.linuxvoice.com 27
A QUICK CHAT WITH BRUCE SCHNEIER

Schneier was at FIC 2015 to talk about
how companies lose control of security
when they outsource infrastructure.
(Photos: Laurine Dutot)

A QUICK CHAT WITH

BRUCE
SCHNEIER
One of the biggest names in security responds to government snooping plans.

B
ruce Schneier is one of the best feel safer, and he’s the first person we google You’ve no doubt heard that
known experts on security and when we want to find out the real truth Prime Minister David Cameron in
encryption issues. He has written behind the latest ‘think of the children’ the UK and now President Obama have
many books on security and cartography security scare. So we were delighted to get said that they want access to all
over the last two decades, and maintains a the chance to meet him at the FIC 2015 encrypted communication on the
well-followed blog at www.schneier.com. He cybersecurity conference in late January internet. What was your reaction when
coined the term ‘security theatre’ to describe (see page 18), to ask about Edward you read that?
the ludicrous hoops we have to jump Snowden, privacy and recent government Bruce Schneier: It’s completely idiotic!
through at airports that don’t actually make plans to spy even further into our We’ve heard about this idea since the mid
us safer, but are instead aimed at making us communications. 90s – it’s not new at all.

28 www.linuxvoice.com
BRUCE SCHNEIER A QUICK CHAT WITH

Is it workable in any way?
BS: Of course not. Only someone
who is not a technologist would say
such a thing. The problem is, I can’t
build a back door that only works for
people of certain morals. I just
technically can’t do that – I can’t design
a filter that filters for morality. So if the
US government can break in, anyone
else can break in.

Or someone from the
government leaves a laptop on
a train, containing the encryption
keys. It’s happened before…
BS: Right. So it’s unworkable and
impossible, but we heard FBI director
James Comey talk about this in
November. But this is like former FBI
director Louis Freeh in the 90s, this is You would expect, after the souped-up hacker tools. I thought
like the Crypto Wars*, and it’s back Snowden revelations, that there’d be something big, like a break on
again. Not only will it make us all everyone would be fighting more for AES [Advanced Encryption Standard].
insecure, it won’t even do what the privacy on the net.
government wants. BS: You know, some people are – the Do you think much has
IETF [Internet Engineering Task Force] changed in the meantime?
But politicians will always use is. Certainly Google is and Microsoft is. There’s a drive towards HTTPS
arguments like “think of the What Google is doing about the US everywhere, for instance.
children”, and people will keep data in Ireland – they are encrypting BS: I think there has been. It’s around
voting for them… more of their stuff. I think the Snowden the edges, but there have been
BS: Indeed they will, because fear sells. leaks caused the company to step back changes. WhatsApp is encrypted for
In the 90s I talked about the “four and say “we shouldn’t cooperate here”. instance – that’s 700 million people
horsemen of the internet apocalypse” encrypting. That’s amazing.
and they were: terrorists, drug dealers, You don’t think it’s just bluster
child pornographers and kidnappers. All from companies trying to keep Some services like Google Mail
this fear. So we have to win this. We hold of their customers? rely on being able to see
can’t say that we will all be insecure BS: I think it’s half bluster and half real. content, to sell advertising...
forever on the internet. That’s just crazy. But there is progress there – we are BS: I think Google could say: “You know,
seeing that companies are fighting. there’s not a lot of money in email
advertising, so let’s just encrypt it”. They
You worked with Glenn could do different sorts of advertising
Greenwald going through the – just not content-based.
Snowden documents. What Anyway, there’s a lot we can all do
surprised you the most? to make things better. Every time you
BS: The thing that was most surprising use encryption with nothing to hide,
was: there were no surprises. The someone else who needs encryption to
amazing thing about the NSA is that stay alive benefits, because he’s hiding
they’re not made of magic. You’d think, in a bigger pool of encrypted data. Just
with their budget and the amount of like every time you use Tor, you make it
personnel they have working for them, better for someone else who needs to
they’d have some magic in there. But use Tor. There’s safety in numbers.
they kind of don’t. We learnt that they
don’t have quantum computers doing * LV note: Louis Freeh was Director of
amazing things – they’re just better the FBI from 1993 to 2001, and
funded than the typical hacker. described encryption “one of the most
difficult problems for law enforcement
Like: wow, they’ve broken as the next century approaches”.
some encryption system that Crypto Wars refers to the US
looked almost impossible to break? government’s attempts to limit general
Schneier’s next book is due out in April – BS: Right. There was no “oh my god, access to encryption technologies
stay tuned for a review in a future issue. they can do that?” Their stuff is just that it couldn’t break itself.

www.linuxvoice.com 29
FEATURE CYANOGENMOD

Inside
CyanogenMod

Root your way inside the most popular
Android hack with Mayank Sharma.

T
he CyanogenMod project is the quintessential the technical know-how to replace the stock Android
open source success story. It’s got open with a customised flavour of their own built atop the
source code, an individual hacker burning the AOSP. This development spawned a community of
midnight oil, and community endorsement that led modders who showcased their mods at places like
the project to the big leagues. From a forum board to the XDA Developers forum. Steve Kondik was one
the executive board, the CyanogenMod project has such developer. He called himself Cyanogen online,
come a long way riding on the shoulder of its and therefore named his creation CyanogenMod.
community of users and developers. CyanogenMod quickly grew in popularity and
With over 12 million active users as of June 2014, started to attract modifications and improvements
CyanogenMod is the from other developers
most popular free and
open source aftermarket
“CyanogenMod is built on the as well. Kondik rallied
a bunch of active
firmware for Android open source release of Google’s contributors into the
smartphones and tablets.
The tricked-out version
Android operating system.” CyanogenMod Core
Team to accept code
of Android replaces the based on the feedback
stock OS that ships with your device and essentially from their community of users.
gives you more control over it.
CyanogenMod is built upon the open source release Anatomy of a hack
of Google’s Android, known as the Android Open CyanogenMod officially supports over 200 devices
Source Project (AOSP). In 2008, developers found a and there are experimental builds for a lot more, which
way to gain root access to the HTC Dream G1, which is an incredible achievement once you take into
shipped with Android 1.0. This allowed those with account the elaborate process it takes to get

30 www.linuxvoice.com
CYANOGENMOD FEATURE

CyanogenMod to run on a device. Add to this the fact
that the developers have to create a different version
of CyanogenMod for each new Android release, and
that each device has different hardware components,
and you have some idea of the scale of the job.
To keep up with the proliferation of Android devices,
the CyanogenMod team is divided into various device
maintainers, who manage the code for different
devices and make sure the device they’re in charge
of runs CyanogenMod properly. One such device
manager is Chirayu Desai, who is currently in the last
year of high school. The young padawan is in-charge
of “almost all” supported Sony devices. However, he
got his start with another device. Recounting the start
of his association with the project, which dates back
to before Android 4.0 Ice Cream Sandwich (ICS) was
released in 2011, Desai says “I had a Samsung Galaxy
Tab, which was one of the first Android tablets, and it
CyanogenMod’s co-founder
shipped with Android 2.3, which was not something for standard interfaces as needed.” Since the project
and CTO Steve Kondik (left)
you would like using on a tablet.” supports a lot of devices and many different hardware and CEO Kirt McMaster.
Desai almost immediately swapped out the stock platforms and shares code between them, Desai adds
Android and replaced it with CyanogenMod: “When that the developers also “have to keep in mind that
ICS was announced, I collaborated with some other if our device needs a ‘hack’ somewhere it should not
developers, and seeing that it was working on two affect the others. Every release breaks things in ways
other very similar devices (the Nexus S and Galaxy that can be fixed, worked around, or need a hack – it
S) we wanted to get it working on the Tab too.” varies a lot by device.”
That’s when he started porting the current release
of CyanogenMod: “When it was in a decent state, I The empire strikes back
contacted the CyanogenMod developers and was CyanogenMod owes its existence to the open source
able to get it officially supported.” vanilla Android, but Google adds a different flavour to
We asked Desai to outline the process a developer the mix. CyanogenMod initially bundled Google’s
needs to go through to port CyanogenMod to a device: proprietary apps, Gmail, Calendar, and others along
“One of the first things that you need to find out is with its software, but Google intervened with a
what hardware the device has, and what information cease-and-desist letter and prevented the project from
can you get about that – what System-on-Chip (SoC), distributing its mod until the project stopped including
which sensors, etc. Then you need to see what kind Google’s apps in CyanogenMod.
of source code is available from the concerned OEMs, The two also had an exchange over CyanogenMod’s
and for devices similar to the one you are working on, installer. The project pulled it voluntarily from the
which is to say, other devices that have the same or Play Store after Google communicated that it was at
a very similar SoC. Then you put everything together, odds with its terms, since it encouraged users to void
adapt it for the Android version you’re porting, and their warranty. Despite these run-ins, many mobile

Kondik rallying his troops,
startup style, in Cyanogen
Inc’s Seattle office.

www.linuxvoice.com 31
FEATURE CYANOGENMOD

Top The Oppo N1 has a
swivelling camera and commentators have said that Google has borrowed
includes CyanogenMod’s several features from its popular replacement.
advanced camera app. “Google’s methodology seems to be re-imagining
Top right The OnePlusOne community-driven features, much like we re-imagine
includes CyanogenMod’s their Android updates”, said Steve Kondik in an email
Trebuchet Launcher as the exchange with us. “One of the earliest examples of
default home screen. this was incognito mode on the Android browser, prior
to Chrome for Android. The implementations were settings (for example), whereas in CyanogenMod,
different, but the idea – privacy on mobile browsing – that same tap would immediately toggle Wi-Fi on or
was the same.” off. As we look at Google’s implementation in Android
Another feature Kondik points out is the Android Lollipop, you can see that they’ve adopted the same
Quick Shortcuts: “Not only did we have a working behavioural change.” In the end, he sums up, “it’s
implementation before Google, called Notification always nice to see this cycle of changes between
Power Widgets, but even after Google implemented community projects and Google alike.”
their own system in Android Jellybean, a single
tap in their implementation would launch the Wi-Fi An Inc.ling
One of the core issues that the project’s leadership
has been working to address is to simplify the process
of getting their mod onto a device. Given that the
process of replacing the firmware on a device requires
considerable technical expertise, the project is doing
well to have won such a large userbase. Also, the
CyanogenMod project has always been vocal about
its ambition of being more than just a software mod.
In a Wired article in 2011, Chris Soyers, who has been
associated with the project for a long time, said that
one of the project’s biggest dreams is to see a phone
ship with CyanogenMod on it.
In fact, these were the two main catalysts that
propelled Kondik to act on his plans to commercialise
CyanogenMod. Cyanogen Inc. was announced in
September 2013 and managed to raise $7 million
(about £4.6 million) from venture capitalists and
another $23 million (about £15 million) later that year.
Kondik says that having a company with full-time
staff and dedicated resources enables them to make
bets on larger projects, particularly those that would
take too high of an investment from the community
alone, or would be a challenge to coordinate.
“The enhanced theming capabilities that we
bought last year and the Encrypted Text Messaging
Feeling lazy? Borrow
(partnering with Open Whisper Systems) the year
a Windows machine
before are both examples of these larger long-term
and save yourself a
considerable amount and impactful projects,” he illustrates. Furthermore, he
of effort by installing adds that since the code is open source, these new
CyanogenMod with the additions are not only beneficial to the company but
graphical installer. to the community as well.

32 www.linuxvoice.com
CYANOGENMOD FEATURE

The CyanogenMod advantage
Why would millions of users go through the pain of
replacing the stock OS on their Android device with
CyanogenMod, at the risk of voiding the warranty? What
makes CyanogenMod so special?
While Android allows access to things that other vendors
(Apple) prevent, such as installing apps from unofficial
sources, CyanogenMod takes this control to a higher level.
For starters, CyanogenMod gives you root access to your
device, which enables you to remove any app, including
systems apps, from the device. The mod is also known for
its customisation and privacy-enhancing features.
CyanogenMod’s theme engine lets you modify the
look and feel of the entire OS. It also comes with privacy
features such as the Privacy Guard, with which you can
control the information your device shares with individual
The Replicant OS based
apps. The mod also includes a global blacklist that lets task of deciding where to use our resources, the other
you block messages and calls from unwanted contacts.
on CyanogenMod replaces
two platforms carry priority.” all proprietary Android
Furthermore, if you get yourself a CyanogenMod account
Since the formation of the for-profit enterprise, components with their free
you’ll have the ability to locate and wipe your device
remotely should it be stolen. There’s also a hardware instead of one product, the team now works on two software alternatives.
assisted disk encryption in the newer version. release branches – CyanogenMod and Cyanogen OS.
CyanogenMod is the open-source, community-driven
Android OS that’s supported by Cyanogen Inc. On
Having a company also allows them to impress the other hand, Cyanogen OS is the commercially-
upon device vendors their approach to total access distributed operating system that comes with
to the hardware “without voiding the warranty and proprietary features, services and enhancements.
preventing support for hardware issues,” explains Cyanogen OS is what you get when you buy a device
Kondik, adding that the community will “not only that ships with CyanogenMod pre-installed.
benefit from the tighter integration that such
partnerships naturally bring, but also gives them Going places
peace of mind and a larger value when they begin As CyanogenMod enters its second year of existence,
tinkering with their devices.” the company has inked deals with a bunch of device
Soon after the company’s formation there were vendors who are already shipping smartphones
concerns among the CyanogenMod community preinstalled with Cyanogen OS all around the world.
following the announcement that it plans to adopt Their latest handset, the Micromax Yureka Yu, has hit
closed-source licensing a chord in price-
for some of the future
developments. Kondik “Cyanogen OS is what you get conscious markets like
India, and Google is
responded to the when you buy a device that ships also aggressively
concerns and made it
clear that the company with CyanogenMod pre-installed.” targeting India with its
low-cost Android One
had no plans to close- devices, and
source any of the existing stuff. He also reaffirmed interestingly these devices are now officially
their commitment to the community and explain how supported by the CyanogenMod project.
the dual licensing model will offer “a stronger degree So can we expect a Cyanogen-branded phone in
of protection for contributors” and also gives the the near future? “We are very aware of our strengths,
company a competitive edge. and currently that is in the scope of software and web
One such closed-sourced product is the services around them,” explains Kondik adding that
CyanogenMod installer. It’s an easy-to-use app that “the hardware manufacturing market is a game of
lets you install CyanogenMod onto your device in volumes and margins, and not something we’d jump
a couple of simple steps. Kondik explains why the into without a team dedicated to figuring out all the
installer is currently only available for Windows and intricacies and hurdles around it.”
Mac OS X: “When we were building the installer For now, the team plans to stick to software and
we took a look at our user demographic from our relegate the hardware bits to experienced hardware
IRC support, user forums and community website. partners. “We want to see CyanogenMod, and our
By and large those who were hitting obstacles commercial offering Cyanogen OS, perceived as a
during a manual command-line install came from premium OS, a must-have, instead of the underdog
the Windows and Mac families – and as such, we perception that followed coming from a community
focussed our first releases of the installer to those project. [We’re] continuing to push forward what
platforms.” That said, Kondik adds that while a Linux makes CyanogenMod so great – that fearlessness to
version of the installer is on their roadmap, “given the innovate and improve upon the Android experience”.

www.linuxvoice.com 33
FEATURE GIVING MONEY BACK

WHERE SHOULD OUR
PROFITS GO?
This magazine donates
50% of its profits back to
the community. But who
should get the money?
You decide...

B
ack at the end of 2013, when we decided to growing the magazine in newsagents around the
create Linux Voice, we had many discussions world, we don’t have a huge pile of cash to throw
about what form the magazine should take. around. But after juggling the maths, we’ve worked
We all had various ideas about the content, the style out that we can give £3,000 back.
and the design, but one thing was absolutely clear: we It’s also important to us that you, the Linux Voice
wanted to give something back. We depend on Linux readers and subscribers, have a say in where this
and Free Software, and because many FOSS projects money should go. You’ve helped to get us off the
have little (or zero) outside funding, we wanted to help ground and build us up to a successful magazine, and
them somehow. We all use Linux and FOSS every day, we’re endlessly grateful to the awesome community
so it was important to us that we get involved in the that has talked about us on Twitter, recommended
community that serves us and you, the readers. Linux Voice to friends, and given us valuable feedback
We had several ideas about how do this, and to improve the magazine over the last 12 months.
eventually we settled on this: we will give 50% of our In late January we asked our website visitors to
year-end profits back to the software, services and come up with ideas for a shortlist of projects and
communities that help us. In this way we can really services that deserve our profits (http://tinyurl.com/
help some projects, and still keep some money to kt9hgnk). Over the next few pages we’ll explore the
grow our little company and hopefully win over more most popular suggestions, and then, at the end of the
people to Linux as the years go by. As this is our first article, we’ll invite you to cast your vote. So first of all,
year, where we’ve invested a lot in establishing and let’s see who could really benefit from our money…

34 www.linuxvoice.com
GIVING MONEY BACK FEATURE

Scribus
For a 100% FOSS-built magazine.

I
n making Linux Voice, we use Free It’s not a change we can make overnight,
Software extensively: Debian, Arch, but our art editor is learning its tricks and
Xubuntu, Fedora, Nano, Vim, LibreOffice, foibles, and we may be able to make the
Gimp, Inkscape and many other tools. There’s transition. Many commenters on our
one component in our workflow that’s not website suggested that we fund Scribus
FOSS, though, and it’s InDesign. Yes, we development for features and fixes we need
use Adobe’s proprietary tool for layout, and – but how doable is it?
we know that many readers would love us
to jettison it. It’s not a simple job, though: Money talks
InDesign (for all its proprietary badness) Fortunately, it looks very doable. We talked
is a hugely capable program, and most to Craig Bradney, one of the lead developers
designers are innately familiar with it. We of the program, who said: “We’d certainly
(the editorial team) are geeks focusing on appreciate some extra funds to help us be Scribus is the flagship FOSS DTP software –
tweaking and hacking our installations, so able to meet up more and develop and we’d love to be able to use it to make the mag.
when we set up Linux Voice, we needed a release faster etc, so if that were possible,
layout solution quickly. InDesign was the then great.” He suggested that during our is done over the net, it doesn’t seem like
sensible choice at the time. Scribus testing, we set up a bug tracker face-to-face meetings would make a big
But! Since then, we’ve started to account and use it to report problems difference in terms of code output. But as
investigate Scribus (www.scribus.net) we encounter, or features that we need in we’ve seen from countless meetups and
more and more. We know that Scribus is our workflow. hackathons around the globe, when a bunch
also a very versatile desktop publishing If our profits could also be used for a of coders get together in person, they spur
program, and has been used commercially Scribus developer meetup, that would also each other on and can get a huge amount of
in newsletters and other publications. be great. Because most FOSS development creativity out of just a few days.

Tor exit nodes
Free access to information for all.

L
inux Voice reader Félim Whiteley had Tor, “The Onion Router”, is a
an unusual idea: “Rent a beefy virtual vital weapon in the battle for
privacy and security online.
machine for a year to run some extra
Tor exit nodes. You are in a much stronger
position (freedom of press maybe!) than
a home connection to fight any frivolous
lawsuits if it were abused.” He has a great
point, and the more exit nodes there are in
existence, the more robust the Tor network
becomes. Tor provides an extra level of
security (and partial anonymity) when
browsing the web, by routing your HTTP(S)
traffic through a series of machines on the
Tor network. In this way, you can access
sites without telling them your IP address.
So, you connect to one Tor server (node),
which then passes on your web request to
another, which then passes it on to another, do so, but operating a web-facing exit node oppressive regimes, where they could get
and so forth. Your request goes through can be dangerous. If you have a Tor exit node into trouble for simply looking at resources
several different nodes before leaving an running in your house, and someone is using like Wikipedia. It also helps whistleblowers
“exit” node and going out onto the internet. it to access illegal material, it could look like spread information by giving them a certain
You can’t easily be traced back through the you are accessing that material yourself. level of anonymity. We could run an exit
sequence of Tor nodes, but you still have However, it would be possible for us to node, or donate to www.torservers.net,
to be careful. Many people operate the in- rent a virtual server and host an exit node. which looks after many exit nodes around
between Tor nodes, as it’s perfectly safe to Tor is immensely useful for people living in the world.

www.linuxvoice.com 35
FEATURE GIVING MONEY BACK

Software Freedom Conservancy
Promoting, developing and defending FOSS projects.

T
he Software Freedom Conservancy used in embedded devices, and the vendors
(www.sfconservancy.org) isn’t as don’t release the source code (which has
well known as the Free Software happened many times).
Foundation, but it does important work in The Conservancy also aims to help other
providing infrastructure and legal support non-profit organisations by developing
for Free Software projects. It’s a non-profit accounting software. This should “help all
organisation based in New York that looks non-profits (in free software and in other
after a bunch of well-known projects such as fields) to avoid paying millions of dollars
BusyBox, Inkscape, Git, Wine, Foresight Linux in licensing fees for sub-par accounting
and PhpMyAdmin. It’s also responsible for software”. The Conservancy also has
identifying GPL violations and coordinating backing from various large companies and Donations from big companies and individuals
legal responses – such as when the organisations such as Google, Samsung, alike help to promote FOSS and defend
BusyBox suite of command line utilities is Red Hat, and the Mozilla Foundation. copyright infringements in the courts.

Gimp
Maybe we can speed up the 3.0 release?

S
ometimes it looks like Gimp Then there are plans for Gimp 3.0, which
development is in the doldrums. will be ported to GTK 3. This will help it to
We’ve been waiting years for a full integrate well with Gnome 3 and Cinnamon
implementation of GEGL (the Generic desktops, and make the program look and
Graphics Library), which will bring in support work far better on high resolution displays,
for higher bit-depth images than the current which are increasingly popular among
release, along with non-destructive editing graphics artists.
operations. Gimp 2.10 is supposed to have A portion of our profits could help Gimp
mostly complete GEGL support, but when on the road to its 2.8 and 3.0 releases. The
will it arrive? The last major release, software accepts donations via the Gnome
Gimp 2.8, came out almost three years ago. Foundation, and a chunk of such money
And the project’s roadmap doesn’t help goes towards the annual Libre Graphics
much either – it hasn’t been updated for Meeting event, which brings developers It’s been a long while since a major Gimp
nearly two years. together to share ideas and hack on code. release – maybe we can speed up development!

Open Rights Group
Promoting rights in the digital age.

A
nother organisation that came up scrutinises the UK government’s recently
is the Open Rights Group (ORG, implemented web filters, which ostensibly
www.openrightsgroup.org). This is protect children from accessing adult
similar to the US-based Electronic Frontier material. But many other websites are
Foundation, but it operates out of the UK. being blocked as well, and we should all be
With UK Prime Minister David Cameron concerned that the government has the
suggesting that the government should have ability to simply block any site it doesn’t like.
access to all encrypted communication, the Another campaign is Don’t Spy On Us
ORG has plenty of work to do, convincing (www.dontspyonus.org.uk), which notes
politicians that people have a right to private that the UK intelligence agencies process
communications in their personal lives. a whopping 21 terabytes of data every day. The Open Rights Group hopes to make
The ORG runs a number of campaigns ORG is encouraging citizens to protest mass surveillance a critical issue during
to raise awareness of various issues. For against unwarranted mass surveillance, and this year’s UK elections.
instance, “Blocked!” (www.blocked.org.uk) to campaign about the situation.

36 www.linuxvoice.com
GIVING MONEY BACK FEATURE

Trisquel GNU/Linux
A distro with no binary blobs in sight.

T
risquel is one of our favourite “GNU/Linux” in the title), and while there are
distributions, even though we don’t other distros with the same goals, we think
run it on all our machines. It’s an Trisquel is the most polished. Its website
Ubuntu-based distro that takes a no- is slick, the desktop is attractive, and it
compromises approach to Free Software: shares Ubuntu’s solid installer. There’s no
everything is completely free and open. compromise in quality here.
Contrast this with most other desktop- Currently Trisquel is a part-time project for
oriented Linux distributions, which include its development team, and is funded entirely
various firmware binary blobs or provide by the community. However, the developers
access to non-free software such as Flash accept donations to cover hosting costs,
and video drivers. and there’s a long-term goal to pay people
Trisquel takes Ubuntu LTS (Long Term to work full-time on the project. Having a
Support) releases and strips out all of the newbie-friendly completely free distribution
non-free components, producing a very pure is important, we feel, even if most of us use
distro. It’s one of the few distros endorsed other distros, so Trisquel will be one of the Trisquel has no commercial backing; it depends
by the Free Software Foundation (hence the options in the vote. solely on donations from the community.

Other projects
Krita, KDE, Inkscape, Code Club…

W
e had many other great £120 donation from us would fund a club
suggestions as well. Some for 15 children.
readers asked that we put other Then there’s Ardour,
graphic and design tools on the list, such The Document
as the very awesome Krita and Inkscape. Foundation, GCompris,
KDE came up several times – Karl Ove GnuPG, OpenSSL (or one
Hufthammer noted that the desktop’s of its spin-offs), science
developers produce detailed quarterly apps, privacy tools and
reports of their activities, showing how much more. But to finish,
donations are used to improve the project we really have to give
(https://ev.kde.org/reports). a mention to HEGX64’s
Or perhaps we could fund the future, so idea: “I think some of the
to speak, by encouraging children to take up money should be spent
programming. Code Club (www.codeclub. on porting Systemd to
org.uk) provides a network of after-school MikeOS”. Well, if you insist…
programming clubs in the UK, targeted at
children aged 9–11. This might seem rather
young, but then many of us in our 30s and
40s cut our teeth on 8-bit computers such
as the ZX Spectrum and Commodore 64. A

Over to you!
So, those are just some of the potential recipients up for each category: the winner gets £1,000, To have your say, go to www.linuxvoice.com/
of our profits. Now it’s your turn to vote. We’ve second place £300, and third place £200. So in total, profitsvote1 and choose your favourites in each
decided to split up the recipients into two six organisations, distros or profits will receive some category. It’s important to us that our readers decide
categories: the first is for organisations, and also financial assistance from us. As mentioned earlier, the results, so you’ll also need to enter this code to
includes Linux distributions. The second is for it’s not a huge amount of money right now – it’s still confirm that you’ve got the magazine: LV3276XJA.
software projects. Because our donation pool is early days for us as a business, but hopefully as We will keep the voting open until all readers around
£3,000 in total, that’s £1,500 for each category. And the magazine grows we’ll be able to offer more and the world have the magazine, and then announce
then we want to have a main winner and two runners more at the end of each financial year! the results. Thanks for taking part!

www.linuxvoice.com 37
FAQ PULSEAUDIO

PULSEAUDIO
Don’t run away screaming in terror. Linux audio is easier to understand than
the, er, boot system, as these two pages will demonstrate.

to PCs since 1989. Things were simpler colours. Anti-aliasing, re-sampling, error
GRAHAM MORRISON then – you’d typically run only one thing rates and compression all have
at a time, and that one thing would talk analogous causes and solutions in
Hasn’t PulseAudio been with to your Sound Blaster directly. If you video and audio processing.
us since the dawn of time? had a competing Gravis Ultrasound
Yes, it’s been around for over a card, for example, you’d have to make But what has all this got to do
decade. PulseAudio has been sure that whatever you were running with PulseAudio?
quietly doing its job for years (we’re on supported it. And you also had to worry In those years since the Sound
the cusp of version 6.0 in February about IRQ and DMA addresses. Sound Blaster, and we know Linux came
2015) amid a cacophony of debate is more complex now, but at least we a few years later, Linux experimented
surrounding its complexity and don’t have to worry about IRQs. with all kinds of different audio
effectiveness. And that job is providing frameworks – OSS, ALSA, ESD, Jack,
to get sound out of your computer. But why has sound become so GStreamer, Xine and many more. To a
complicated? greater or lesser extent, they were all
Why have you chosen to cover We think the best way of trying to simplify audio by hiding the
it now? explaining this is to use a visual complexity of what they were doing
There are huge chunks of Linux metaphor. Both video and audio suffer from the user. PulseAudio encapsulates
that we think need demystifying, from many of the same problems. With some of these frameworks and ideas,
especially when the technology is vital video, the solution to running lots of and tries to augment them with a
and current and still being actively different applications at once is a modern network transparent framework
developed. Sound is one of computing’s desktop and window manager. These that’s responsive and powerful while
fundamental senses, along with video. surround the things you want to run remaining simple enough for anyone to
We’re also certain that lots of users and allow them all to share the same use. Mostly, it succeeds and it’s only
don’t appreciate what PulseAudio does screen. This is what PulseAudio does for when you need some specific
and why it’s so important. audio. It allows lots of different configuration that you notice its
applications and processes to share complexity, or its inability to play nicely
Didn’t the original Sound your audio hardware, allowing the user with other audio frameworks. That’s
Blaster sound card do a decent to change their position – or their when it helps to understand a little of
enough job for sound? relative level – in the final output mix. what it’s trying to do.
Ah, the venerable Sound Blaster This metaphor can be extended
expansion card – bringing audio indefinitely: audio sample rate is What is PulseAudio trying to do
synonymous with frame rate – 44100 that’s so special?
samples per second for compact discs. If PulseAudio had a mission
“PulseAudio allows lots of The number of bits used to store a
sample is equivalent to the bit depth of
statement, it would be something
simple like, “Initiate a sound and hear it.”
different applications to share your display. CDs use 16 bits, or 65536 And that’s what makes understanding
your audio hardware.” different levels. Most video hardware
outputs 24-bit depth – 16.7 million
what it does relatively difficult. You hear
the results, but you don’t see how

38 www.linuxvoice.com
PULSEAUDIO FAQ

they’ve been produced. To be able to
perform this one simple task,
PulseAudio needs to bridge the many
layers of Linux audio, some of which we
just mentioned, and it starts at the very
bottom – talking to the hardware.

Isn’t that where you’d normally
need a driver?
Exactly, yes. PulseAudio talks to
audio drivers directly. But these
drivers aren’t specific to PulseAudio.
Instead, it uses the part of the ALSA
framework that talks to your audio
hardware – the bit embedded within
the kernel. ALSA, like PulseAudio,
bridges several different layers, which
may be why there’s so much confusion.
Above the hardware/driver layer, ALSA
is replaced by PulseAudio, because only
one framework can access the
hardware at any one time. That means
your audio hardware only needs to
support ALSA, as used within the Linux
kernel, and it supports PulseAudio too.
This can lead to confusion as you can’t
run ALSA alongside PulseAudio, at least
not without some manual intervention.
So while both use the ALSA driver
element, only one framework can talk
to that driver. If you do want to use Get much better control over PulseAudio with the pavucontrol mixer.
ALSA-only, you have to run it through
PulseAudio or kill of PulseAudio’s access ensure that PulseAudio can be as will load a dynamic network discovery
to your hardware. compatible as possible with older module that will detect any AirPlay
Alongside drivers that talk to your systems, a library layer sits atop the devices on your network (as long as
hardware, PulseAudio is also capable of core, allowing applications that know roap is compiled into your version of
talking to your network. This is a nothing about PulseAudio to still play PulseAudio, which it should be).
little-used feature, but it means that you their audio through a compatibility layer. Pavucontrol should now list any AirPlay
should be able to use any of your This is how native ALSA applications devices, such as Kano or XBMC, and
machines running PulseAudio as audio behave, for example, as the ALSA library allow you to select these as outputs,
input and outputs for another machine is replaced by one that talks to enabling you to play music from one
on the network. You could have Spotify PulseAudio instead. But the main machine that outputs on another, and
installed on one machine, for example, desktops are also capable of talking there are many more different modules
and play its output via another directly to the core and managing and combinations.
machine. It’s also the perfect example which parts of their own sub-system
of how well engineered PulseAudio is are sending audio. This is what This sounds straightforward,
– the engine is running independently Ubuntu’s Unity is doing, for example, should I be worried if
of the input and output hardware. and that’s why you have a good degree PulseAudio no longer scares me?
of control over what applications are Not at all. When it works it’s
How does this all come currently playing back and how loud brilliant and you don’t have to
together on your desktop? they are. Gnome is the same. worry about it. But hopefully, you’ve got
On top of the driver layer there’s some appreciation of its complexity
PulseAudio’s core. This is where This is great, but it still doesn’t and how it’s performing all this magic,
the real work is done, connecting the give me access to all that as well as knowing it can be used for
capabilities of your hardware drivers to power you’ve been talking about. some advanced trickery too. If you
the software you’re running on the The ultimate in PulseAudio control want to know more about the advanced
desktop. Using our audio and video comes from the command line, stuff and grab version 6 as soon as it’s
metaphor, this is where all the images and specifically, a command called been released, PulseAudio lives at
are combined with the output pactl. For example, typing pactl www.freedesktop.org/wiki/Software/
capabilities and sent on their way. To load-module module-raop-discover PulseAudio/

www.linuxvoice.com 39
INTERVIEW JONO BACON

JONO BACON
He’s the Pharaoh of community management, but what led him to switch
from Ubuntu to the millionaire philanthropic prize fund, XPRIZE?

J
ono Bacon is the co-founder of bridge between the company and its the XPRIZE Foundation as its Senior
LUG Radio, LUG Radio Live and community of users, while at the same Director of Community. We sent
the brilliant Bad Voltage (www. time writing books about community Graham Morrison to find out where the
badvoltage.org) podcast. He was also and conflict, as well as founding the crossover might be, and what open
the Ubuntu Community Manager at Community Leadership Summit. Last source and XPRIZE could learn from
Canonical for eight years, providing a summer, he switched streams to join each other.

Has it felt like a natural and growing that out. But in a broader relevant level of moisture. A lot of the
progression, going from sense as well, I want to get people to pieces were already there for him
Canonical to XPRIZE? think about what we can do with because a community was already
Jono Bacon: I think so. When I joined communities and how well structured trying to automate ways of growing
XPRIZE and started to think about and organised communities can be weed [laughs] more effectively. So
building a new community that is world-changing. there’s this massive community of
designed to create a brighter future, the people who are building these
first thing I thought was that Will exponential growth advanced sprinkler systems basically
communities share many of the same happen outside of social driven by hydroponics. What was
principles, so I could pull from much of media? That’s a huge challenge. interesting was that he could build
my existing experience. JB: When I was thinking of going to something unique because a lot of the
The XPRIZE ethos is based on XPRIZE, I watched this talk that Peter pieces were created by different
solving problems with technology, and [Peter Diamandis – Chairman and CEO communities of people coming
that technology grows at an of XPRIZE] did in the Arab Emirates. He together. And that’s the reason why the
exponential rate. I then realised that said that as human beings we think in community piece is so important.
communities have this exponential this local and linear way, because our
growth curve in many ways too – we brains are designed that way, because Will you have room in your new
saw that with Wikipedia, we saw that a thousand years ago the changes in job to do that?
with open source, we’ve seen it technology or the surroundings JB: With an open source company,
politically with the Arab Spring. I never between one generation and another what a community looks like is fairly
really realised that communities were were very very small. But even the well defined. You have the technology
an exponential entity. With that in mind, difference between my dad’s generation and you get people involved in building
when we start socialising that as a and my generation is huge already, if that technology. What’s different with
concept, we can define these broader we think about what’s happened. XPRIZE is that there are going to be lots
goals. Much of this is inspired by open Take the maker movement, for of smaller communities because we
source and my work at Canonical, but I example. Chris Anderson, who used to have lots of different areas of focus,
think we can actually do way more in edit Wired, has written this book where from oceans to space to education to
the world in new and different areas. he talks about his granddad moving life sciences and more.
from Switzerland, and he basically The work I am doing is to provide an
Is this is the emergent invented an automated sprinkler on-ramp for anyone to have a practical
philanthropist in Jono Bacon? system in his garage. He spent some effect in changing the world. This
JB: [laughter] Worst philanthropist money on getting it patented, and he includes people writing code, running
ever! I believe that technology can solve sold it to a company and it made a little local XPRIZE Think Tank groups,
all these major problems but I also bit of money. But it didn’t really have designing user interfaces for teaching
believe that communities are a critical that much of an effect, and Chris kids literacy and more. What is fun
part of solving these major problems wondered whether he could do the about this is that it’s a totally new
too. They just need to be better same thing using 3D printing, Arduino, community. The job was pitched to me
organised. We’ve been through the dark and other pieces. by Peter and he said, “I want you to
ages of community management, now So he tried to do what his grandfather transform our progress at XPRIZE
we’re starting to see people write it did, but designed for today. He did it for ten-fold with communities.” We didn’t
down – we’re in the Renaissance a few hundred dollars. His sprinkler get into a lot of the details about how
period. My job at XPRIZE is obviously system would listen to weather.com exactly how it would work: he is the
focused on the XPRIZE community, and based upon that would apply the visionary, the big thinker, and he wanted

40 www.linuxvoice.com
JONO BACON INTERVIEW

“Technology can
solve all these
major problems,
but communities
are a critical part of
solving them too.”

me to come and disrupt our normal not assured. We just don’t know exactly will play a key role in what path we
way of working at XPRIZE to explore what it’s going to look like. Right now choose to follow; I want this to be a
how we make it more collaborative and we are starting with some logical really collaborative experience.
so anyone can play a role in building building blocks and I want to connect
this brighter future. my prior experience to see what makes It could be a great opportunity.
sense and what interesting ideas the JB: Exactly. But it’s challenging. I
That’s probably the best way… community comes up with for areas found out from one of my new
JB: It’s great but it’s a bit scary where people can collaborate and get colleagues, who is on the Google Lunar
because this is all new and success is involved. Importantly, our community XPRIZE to get a drone on the moon…

www.linuxvoice.com 41
INTERVIEW JONO BACON

“There’s a mantra at XPRIZE:
‘The day before something is a
breakthrough, it is a crazy idea’”.

That’s just so cool, the fact do. I know so many smart people that The goal here is not to build cool
that you can just drop that into aren’t currently connected. And when gadgets; it is to bring profound impact
the conversation… we connect them together, it is going to to the world.
JB: I know [laughs]… well, I said to my be pretty amazing. But it is also about creating new
colleague that one of the things I want industries. Creating great R&D is
to do is set up a forum in which teams What do you think the open nothing if we can’t get it to the market
can collaborate together on areas of source communities could and get people competing to drive
common interest, instead of all of them learn from XPRIZE communities? prices down. This is a big chunk of the
solving the same problems over and JB: The thing that XPRIZE does that I picture too.
over again. It would be interesting, for think is really interesting is evolve how A lot of that knowledge of the
example, to bring industry experts into you define incentives for solving these challenges in the world, and what we
the discussion to better support the issues. The prize development process can do to fix them, can bubble out in so
teams, and he said, that’s doable with is really expansive. There’s a lot that many different directions. Some of the
certain types of space research, but not goes into it. It is not just making sure work that’s gone into XPRIZE may
all. The challenge today with space is that the technology exists in the first provide inspiration for where developers
that if you’re building space technology place; you want to look at the may want to focus their efforts, for
over a particular size, then the technology where we are today, example, on software that could be
government makes you restrict how predictions around where technologies used as part of these solutions.
that information is shared; they are going in the next 3–5 years…
consider over a certain size to be It sounds like a dream job.
creating weaponised space technology. Is there a laboratory with JB: It is pretty neat. When I
It’s very difficult to build collaboration charts somewhere? started my career, I wanted to focus my
within that world, when the government JB: Yeah! They bring in industry efforts on having a contribution to
locks it down. But then that doesn’t experts, consultants, scientists, something that has a wider-reaching
apply to other areas such as oceans, business leaders and more. They have benefit to the world. Canonical was a
literacy or whatever else. I went into it these multiple phases about how a great place to do this focusing on
initially thinking we needed to create prize goes from being an idea to building free and open technology that
one massive XPRIZE community, like something more. empowers people to educate
we did with Ubuntu. Now I’m thinking a There are ideas around weather themselves, start small businesses,
little differently about that. I think it will control, building flying vehicles, curing create art, collaborate, and more.
manifest in lots of different areas. diseases, producing better cleanup I wasn’t really looking to leave
technologies, and more. Each idea goes Canonical, but when this thing came up
I guess you could start with through this process, but it’s not just – I’d heard of XPRIZE, but I didn’t really
small ideas and see which gain about if technology will get you there know what it was, so I started looking
any momentum? – is there an interest there? Does it at it and thought ‘wow.’ There’s a lot that
JB: Exactly. There’s so much we can affect hundreds of millions of people? could happen here, a lot of potential,

42 www.linuxvoice.com
JONO BACON INTERVIEW

but a lot of new and culturally different Are you still using Ubuntu? was following the Playstation 4
work to do. It seemed like the right mix JB: Yeah, but I do have to use a subreddit and there was post on there
of a great opportunity but also a real Mac for work, because XPRIZE has a at the top that said there was a guy live
challenge to get my teeth into. small IT team and a limited set of streaming right now who’s drunk and
platforms they can support within the he’s just kicked his dog and he’s hitting
What’s the most important remit of that team. I use Ubuntu for his wife or girlfriend – and the post said
lesson you’ve taken from everything else and I am working to get “He’s live streaming now, go and check
Canonical? Ubuntu into XPRIZE more. it out.”
JB: I think there’s probably two things; So I went to check it out and he was
one thing that Canonical really helped How do you think your ebook surrounded by cans of Bud Lite and he
me with is to think in a very strategic (Dealing With Disrespect) has was on the phone – this is a little bit
way. To really think about what we want been received? It was a brave thing funny – but basically, he gave his phone
to do; stating your case can often be number out on the live stream so

“The goal here is not to build asking for trouble and it’s so much
easier to just keep your head down.
people were prank calling him
pretending to be this MMA fighter or
cool gadgets; it is to bring JB: The thing I was most scared about something, Reddit had conspired

profound impact to the world.”
in writing that book was that people around this. On the one hand it was
might interpret it as tolerating bullying. I funny, and people were egging him on.
don’t think it’s about that. The book What was clear to me though was
to do. Where do we want to go? What’s touches on a big source of conflict that this guy was having a breakdown. I
it going to look like? I learnt a lot of which I think are the different started typing in, “Turn the Playstation 4
project and people management from ingredients that make up a human off. Go to bed and sober up. Just, stop
some amazing people. being. Age, culture, gender – all those this.” And people started giving me grief,
The most important thing for a lot of different pieces. As we all know, when saying, “What the hell is wrong with you.
this stuff is having the passion, and one you start talking about those kinds of This is brilliant, blah, blah…” People were
of the things I learnt most from Mark areas, it doesn’t matter what you say, insulting me and I was just trying to be
[Shuttleworth – Ubuntu founder and some people are going to read it in the a good citizen.
Earth’s second space tourist], is not that way they want to. I was really angered by this. These
we’re going to “try” to do this, we’re people are absolute idiots, and it got me
going to go out and “do it”. Having that Was there anything in thinking about the conduct of people on
level of confidence but not arrogance, particular that pushed you to the internet and how mean spirited
and not dominance, is critical. Ubuntu the point of writing it? people can be to serve their own
doesn’t go out to crush the competition, JB: Yeah. I can tell you exactly what it interests and opinions. And that was
it’s out to be better than the was, and this is going to sound a bit the night I had the idea for the book. I
competition, and I think that’s the right weird actually. I bought a Playstation 4 had the benefit of being the community
kind of approach, and I learnt a lot from – I was sadly one of those people who manager for a large open source
Mark in that regard. He’s got an lined up outside of a Best Buy at 7 project and I’d learned a set of things
unbending level of positivity and o’clock in the morning – what a nerd. that are now in the book. Most people
forward momentum – one of the There’s a feature on Playstation 4 called don’t go through that experience so
hardest things about leaving Canonical Playstation Live, and people can stream they’ve not had that opportunity to learn
is not working for Mark any more. videos live. I’m a big Reddit fan and I how to put things in context and
develop a thicker skin.

There’s some weird voyeurism
going on. They’ve got a games
console and they’re sitting with a
beer watching other people
watching other people.
JB: One of my goals for the book is that
when someone’s in that position and
someone has said something mean,
and it dings that person’s confidence, I
want someone else to say, “You should
read this book. It’s really quick and easy
– you can read it in a couple of hours.
That will help.” And that’s the reason
Jono says the worst thing about moving from why it’s free to download and it’s
Wolverhampton to California is being so far available online. I hope it helps people
away from the Black Country Living Museum. stay focused and positive on creativity
and not negativity.

www.linuxvoice.com 43
INSIDE THE FSFE

INSIDE THE

Mike Saunders and Graham Morrison popped by the FSFE
head office in Berlin to see how the organisation is spreading
the word about FOSS.

Y
ou’ve almost certainly heard of the Free related issues, he felt he was often dismissed. “They
Software Foundation before. This is a would think: who are these freaks, talking about
US-based non-profit organisation set up by source code and digital rights and stuff?” But as time
Richard Stallman, the creator of GNU, in 1985. went on, as more and more people started
Originally it was established to fund programmers, but approaching their local politicians and MEPs about
over the years it has moved into other realms, handling these issues, they had to take it more seriously – or at
legal issues and promoting Free Software. least, ask their staff to find out what it’s all about.
Since 2001, a European spin-off has existed: the Along with lobbying, the FSFE works to distribute
Free Software Foundation Europe (FSFE – www.fsfe. materials that help people to understand Free
org). It’s a sister organisation of the FSF, but also a Software and the importance of having control of your
financially and legally own data and
separate entity. On a recent
trip to Berlin, we poked our
“We have to fight for our freedoms… devices. The
Snowden
heads into the FSFE office but it’s important to recognise your revelations have
to see how they work on a
daily basis.
successes as well.” been particularly
important in this
We spoke to Matthias respect, and in
Kirschner, the Vice President, and asked him what the recent years the FSFE has moved from preaching to
organisation does: “Along with promotional materials the choir – that is, telling people who already use
like leaflets, which we provide to people who want to GNU/Linux about the importance of Free Software –
spread the word about Free Software, our other to spreading the word among the uninitiated:
activities include lobbying work. We go to Brussels, “We have started to go to more events where Free
participate in meetings, talk to people in the parliament Software is usually not represented. For instance, our
and the European Council. We explain digital Munich group has been to two street festivals, where
sovereignty, that you should control your own they have a pavilion and give out information about
infrastructure and talk about device ownership.” Free Software. We hand out thousands of leaflets at
Dealing with politicians is tough, though, especially street festivals in Düsseldorf too. Our Vienna group
when they’re not technically inclined. Matthias goes to a big game conference – they wanted to have
described how in the early 2000s, when he more general information about Free Software, for
approached politicians to talk about Free Software and people who don’t know what it is at all.”

44 www.linuxvoice.com
INSIDE THE FSFE

FSFE’s Berlin Office
When Citizenfour (a film covering the NSA spying campaign, but you should change X and Y and Z, and
For the 2014 European
scandal) hit the cinemas in Berlin, FSFE supporters that would make it better’.” elections, the FSFE created
stood in front of the cinemas, handing out leaflets But what would happen if Stallman were to step the “Free Software Pact” a
explaining the importance of email encryption and down? Matthias doesn’t think this is likely any time document that candidates
how to use GnuPG. In one cinema in the UK, these soon – he may go slower as the years roll on, but his for the European
leaflets were also handed out when people bought passion and enthusiasm are as strong as ever. But Parliament could sign
tickets, so this targeting is becoming increasingly Matthias also noted that Free Software has become saying that they favour
important to the FSFE. much bigger than just a single personality, and the Free Software and will
protect it from potentially
This good work can only happen if the organisation principles are what really drives the movement now.
harmful legislation (www.
is well funded. Thankfully, it is. “Around one third of our At the end of our visit, we asked Matthias if he was
freesoftwarepact.eu). 162
donations come from our Fellowship”, says Matthias, happy with what the Free Software Foundations have candidates signed up, and
“those are sustaining members. The rest is from achieved so far. He noted that a lot has been done, but 33 were elected.
company donations or one-time donations from it’s a long-term battle, comparing it to freedom of the
individuals. Sometimes we also have EU projects that press. That didn’t come in overnight, but was a long
provide funds. Then there are speaker fees and process and has to be maintained and fought for. Free
merchandise, but the main thing is donations.” Software is doing well, but to get it into more
government, schools and other public institutions, a
Join us now and share the software long slog is required.
We were also curious to learn about Richard “We have to fight for our freedoms, again and again
Stallman’s involvement in the FSFE today. Matthias and again. But it’s important to recognise your
explained that for daily jobs and short-term projects, successes as well. Look at all the devices around the
they don’t coordinate with him all the time. “But world running Free Software. Look at all those
sometimes Richard sees something and gets companies that thought Free Software was a virus in
involved. Like, we originally had a Free Your Android the IT field, and now they publish their work under Free
page on our website. It was just a simple wiki page. Software licences. Lots of companies now talk about
But Richard emailed and said: ‘This is a nice Free Software as if they invented it!”

www.linuxvoice.com 45
46
47
Email andrew@linuxvoice.com to advertise here
INTRO REVIEWS

REVIEWS
The latest software and hardware for your Linux box, reviewed
and rated by the most experienced writers in the business

On test this issue...
50 52

Andrew Gregory
Wise man say, the best way to start a new
project is to finish the old one.

T
he selection of reviews over the
next few pages illustrates a KDE Plasma 5.2 LibreOffice 4.4
truism of Linux and Free Ardent Prince fan Graham Morrison plays The Free Software world’s favourite office
Software: choice is good. Like the verse with the desktop environment formerly application is back, and Mike Saunders is
on Ozymandias’ plinth, these words will known as plain old KDE. here to put it through its paces.
reach down through the generations
long after all else is dust. Choice gave
us a fork of OpenOffice. Choice gave us 53 54
OpenOffice in the first place, when the
pragmatic majority would just have
stuck with Microsoft Office.
Choice gives us the CubieBoard.
Surely there’s no point launching an
ARM board in the teeth of the 4.5
million-selling Raspberry Pi? Oh but
there is – with a slightly different focus
on what users want, this little device will
carve out its own nice, and the two will Icaros Desktop 2.0.3 CubieBoard A20
live happily side by side. Mike Saunders investigates a retrostalgic ARM-based boards are all the rage at the
alternative desktop experience born out moment. John Lane tests one with huge
Let a hundred flowers bloom of the Amiga OS of the early 90s. amounts of potential.
Icaros may seem pointless to many.
But its ultra-low system requirements
mean that, despite its roots in a BOOKS AND GROUP TEST
20-years defunct OS, it could yet get a
Lawrence Lessig is a man well worth listening to, and
new lease of life in embedded, mobile
his book Free Culture is a great read. On the one hand
or otherwise Internet of Things it’s about copyright law; on the other, it’s a story of
appliances. And KDE? Once dominant, the way in which big companies are monopolising
it lost ground by failing to listen to its (ologopolising?) parts of our culture that have
users; it had to fight back to survive, traditionally always belonged to everyone.
In the Group Test we’re looking at the BSDs. This
and has now improved beyond
Unix-derived operating system very nearly grew to
measure to reclaim its position as king become the operating system that Linux is today, but
of the desktops. That’s what choice is a historical quirk has largely kept it in the server
about. We’re lucky to have it. room. Spin up a virtual machine and try one out!
andrew@linuxvoice.com

www.linuxvoice.com 49
REVIEWS KDE PLASMA 5.2

KDE Plasma 5.2
Graham Morrison finds another way of spreading the good word about KDE –
reviewing a release he can recommend.

T
he KDE desktop, or KDE Plasma 5 as it is now Wi-Fi signal or highlight any notifications. So too are
DATA known, is developing at quite a pace. The the global icons you find in the launch menu. They’re
Web
major 5.0 upgrade came in August 2014 with now all monochrome, pristine and perfectly scaled, as
kde.org this major update following less than six months later. befits their vector sources.
Developer In the past, this could signal that stability has been To go along with these, there’s an entirely new
Team KDE thrown out with the demands of adding new features. icon set which has been designed to complement
Licence But not this time. We’re very happy to report that the the minimal aesthetic. Design is always going to
LGPL/GPL
one new feature in this new release that you can’t see be subjective, but we love the new designs. They’re
– it’s stability – is the best reason for making the abstract and colourful with a kind of solarized 1980s
upgrade. After weeks of running KDE Plasma 5.2 on neon palette that gives an overall impression of
our two main machines, we’ve experienced fewer lightness and simplicity. Even better, there are dark
crashes and stability issues than with any previous versions for those of us who prefer a reversed colour
KDE release. The panel does occasionally crash, and a palette. In-keeping with appearances, we also really
few wayward widgets can force you to restart Plasma like the Breeze window decoration that retains the air
manually, but nothing caused us any loss of data or of minimalism while injecting a little character into
complete loss of our desktop session. your desktop.
Other than the sisyphean chore of bug squashing,
a huge amount of effort has been expended polishing Warm and GUI
the visuals. Not only does this make everything These icons also scale perfectly in the launch panel,
far prettier, we think it’s a great sign that the APIs which is brilliant for higher resolution or high-DPI
We experience a couple of
have reached maturity and that the developers displays, although the same doesn’t happen for the
glitches – such as option
selection in the launch have enough confidence in their capabilities to start bitmaps used by the task manager applet. We’re also
menu – but this is the fleshing out Plasma’s appearance. If you’ve got a slightly bemused by the lack of a higher resolution
most stable release of high-resolution display, the first you’ll notice of this are version of the desktop background image. The panel
KDE yet. the system tray icons in the panel. These show your itself has had some refinement, with the main feature

50 www.linuxvoice.com
KDE PLASMA 5.2 REVIEWS

Inside Digia and Qt 5.4
KDE Plasma 5.2 is built on Qt, can be run on either version
5.3 of Qt, or version 5.4, which was released in December
2014. We had a chance to visit the Qt/Digia offices in Berlin
at the same time, where were able to talk with Maurice
Kalinowski, one of Qt’s first two developers in Germany back
in 2006.
We asked how he balanced the commercial interests of Digia
and Qt with the obligation that Qt has to open source and
the KDE project.
“Everyone here in the company is an open source
advocate, but clearly we also need to see how we can make
a living out of that. The general idea is that, at least with
the basic offering, everyone should be able to use what we
do,” Maurice told us, adding that this means the project is
committed to both the GPL and the LGPL licences currently
used. Any licensing changes come afterwards, “when it
comes to very tailored user cases or very deep core user
cases – when it comes to deep profiling tools,
for example. We then make an offering that is then attractive
to somebody.” Maurice is referring to the QML compiler, first
released in Qt 5.3 only for paying users of Qt, along with an
additional profiler that’s being developed to speed up those
users’ code.
The non-free nature of these tools has caused some
criticism, with Aaron Siego saying in May 2014 that he
hoped there would be an open source version by the release
of 5.4, or that the community may have to provide one. But
other Digia/Qt initiatives, such as the open governance
model, have had a positive effect on Qt and its relationship
with KDE. Maurice told us that this in particular has helped We had a quick chat with the Senior Manager of Qt
KDE get closed to Qt core, simplifying KDE’s own libraries tools, Maurice Kalinowski, just as Qt 5.4 was being
and building a better experience for everyone. unleashed onto the world.

being the ability to undo the removal of a widget. We effects, but it does mean newer applications can take
appreciate this feature, but we feel it highlights a advantage of all the new developments. These include
problem with panel and widget placement in general. Kate, Konsole, Muon and Gwenview alongside new
It’s difficult to hit the target when you’re click-dragging tools for managing Bluetooth devices and SSH keys
something, and the addition of an undo only mitigates in this release. There are many more that need to be
this issue rather than providing a genuine solution. The ported, but this is firm progress and when you check
new ‘Add Widgets’ window, for example, is now shown the Git repositories for many of the other components,
vertically against the left edge of your screen, and it’s a you’ll often find versions using the newer frameworks.
long click and drag to install a widget from the top-left The old KDM login manager has been replaced by the
of your display to the bottom-right of your panel. long-recommended SDDM, which now includes its
Widget creation is now officially based on QML own configuration panel. And the reordering of results
2, and older 4.x widgets will need porting. This in our default application launcher, Kickoff, has finally
has left Plasma with very few widgets to choose made it usable again.
from, and the skeletal list that greets you when you This is the first KDE Plasma 5 release we’d
click on ‘Download New Plasma Widgets’ is very recommend to avid KDE 4.x users, because the
disappointing. The technical documentation that appearance, stability and refinements are worth
should describe how to create your own widgets braving the missing elements. More conservative
is also lacking, with only the guide to their abstract users will be better off waiting for a proper audio mixer
structure currently visible at techbase.kde.org. We applet and a fully populated configuration panel and
wanted to create our own ‘show the date’ widget, file manager, but if you enjoy using KDE for the sake of
which should be the simplest of the simple things it, this is the strongest release yet and one that fills us
to create. But with a missing tutorial and no real with excitement for the future of its development.
guidance, we had to postpone our plans. The lack of
decent guidance is also going to hinder adoption.
LINUX VOICE VERDICT
With each new release, more of KDE’s native
A great release that gets us excited
applications get ported to the new frameworks. about the next 18 months of KDE
Old applications aren’t a huge issue because it’s development.
now perfectly feasible to run both KDE 4 and KDE 5
applications side by side with no noticeable side-

www.linuxvoice.com 51
REVIEWS OFFICE SUITE

LibreOffice 4.4
It’s the “most beautiful” release yet, according to the developers,
but is it more usable? Mike Saunders investigates.

O
ver the years, we’ve had a love-hate
DATA relationship with LibreOffice (and its previous
Web
incarnation as OpenOffice.org). We love it
www.libreoffice.org because it’s a hugely versatile and well-integrated
Developer office suite that does 99% of typical jobs that people
The Document use MS Office for, and is therefore a great way to wean
Foundation people off Microsoft’s wares. We use it extensively in
Price
Free (open source
making this magazine – not just in writing articles, but
licences) in managing our subscriber database and other
non-editorial jobs.
So any improvement is most welcome, and
LibreOffice 4.4 – described as “the most beautiful
version ever” by The Document Foundation – is
one of the most ambitious releases we’ve seen in
a while, with some fairly significant changes to the It’s now possible to update and edit styles directly from
interface. No, LibreOffice hasn’t adopted the “ribbon” the drop-down list.
menu of Microsoft’s suite, but the toolbars have been
redesigned to remove rarely-used buttons and add happy with the changes: they’re significant enough
quick access to other features. to make the suite more pleasant to use, especially for
In Writer’s top toolbar, for instance, the “document newcomers, but they’re not too invasive that long-time
as email” and “edit file” buttons are gone, while users will feel like it’s an entirely different program.
buttons for adding page breaks and comments But there’s a lot more than just cosmetic changes.
have been added – very sensible decisions, we Document import and export has improved greatly:
feel. The second (formatting) toolbar has also been there are new import filters for Adobe Pagemaker,
redesigned, with easy access to extra formatting such MacDraw and RagTime (a German DTP program) files,
as strikethrough, superscript and subscript. Styles in while the existing filters for Microsoft Visio, Publisher
the drop-down list can now be edited in place, while a and Works spreadsheets have seen lots of work. The
sidebar is enabled by default to provide quick access OOXML filters have been tuned for greater fidelity
to properties for the current character or paragraph, to the original documents, and it’s now possible to
along with a document navigator and image gallery. connect LibreOffice directly to SharePoint installations
– a boon for enterprise users.
A comparison of Writer
toolbars between the Ch-ch-ch-ch-changes Another new feature is master document
current and previous Calc and Impress, LibreOffice’s spreadsheet and templates. Previously, master documents could be
release – and note the new presentation components, have seen overhauls of used to group a number of documents together, such
sidebar on the right. their toolbars and interfaces. And in general, we’re as chapters in a book. It’s now possible to create a
template from a master document based on some
initial content, so you can re-use it to create other
master documents with that content in the future.
Outside of these major changes, there have also
been hundreds of small tweaks across the whole
suite. The LibreOffice team has spent much of the
last five years cleaning up and refactoring old code –
doing a lot of work under the hood to make the suite
faster and easier to build – and while that was an
admirable job, we’re happy to see more user-facing
changes in this version. A brilliant future awaits.

LINUX VOICE VERDICT
The GUI changes are very welcome –
they make the suite more accessible
without baffling existing users.

52 www.linuxvoice.com
OPERATING SYSTEM REVIEWS

Icaros Desktop 2.0.3
The Amiga lives! Well, sort of. Mike Saunders explores this distribution of AROS,
an Amiga-ish open source operating system.

M
any of us at Linux Voice cut our teeth on
the Commodore Amiga, arguably the best
home computer of the late 80s and early
90s. When most PCs only had a buzzing piezo
speaker for sound and struggled to display more than
16 colours, the Amiga’s custom chipsets provided
fantastic audio and graphics. And then you had a
multi-tasking, lightning fast GUI operating system, a
wealth of games and productivity tools, and a
passionate community. Those were great days.
Still, Commodore was utterly abysmal at marketing
and made a bunch of inexcusable errors. Dangerous
Streets, for instance, was a detestably bad Street
Fighter II clone that received a 3% score in Amiga
Power – yet Commodore bundled it as the main
game with its CD32 console. In short, the Amiga was
awesome and everyone at the time ended up hating
Commodore for being so rubbish.
Today, we have an open source AmigaOS-like
operating system in the form of AROS (www.
aros.org). It’s small fry compared to other FOSS
Icaros has the basic Amiga
platforms like Linux and FreeBSD, but it has an active the glory days. If you never had the opportunity to
Workbench layout, and
development community and keeps the spirit of the play around with an Amiga (and our hearts go out spruces it up with extra
90s alive. AROS implements many AmigaOS 3.1 APIs, to you in that case), you’ll find that it’s not a difficult panels and utilities.
and the x86 PC version includes a Motorola 68k CPU OS to explore. Double-clicking the AROS live CD icon
emulator, making it possible to run some games and on the desktop opens a file manager; this provides
programs that were written for the original machines. access to the utilities and demos included with the
Icaros Desktop is a distribution of AROS, taking the Icaros distribution. There’s even a command line shell, DATA
core OS and adding various programs and desktop although it’s very different to those in Linux/Unix. Web
tweaks on top. You can burn it to a DVD and boot it on Icaros is supplied with a small collection of desktop http://vmwaros.
a real machine, and then install it to your hard drive – programs: a web browser, a media player, a simple blogspot.it
or test it out in a PC emulator such as VirtualBox. word processor and others. These applications are Developer
Icaros and AROS teams
rather limited compared to the likes of Firefox and Price
Down memory lane LibreOffice, as expected, but they run at a blistering Free (open source
If you’ve used Amiga Workbench before, AROS pace. Of course, there’s plenty more Amiga software licences)
will be immediately familiar: it’s prettier and more out there, some of which is open source and still being
colourful, but largely the same, with utilities and updated – see http://archives.aros-exec.org.
filesystem locations that have barely changed since AROS isn’t going to replace your favourite desktop
Linux distro any time soon, and it’s very lacking in
places. But it’s a fascinating project, and we want to
give it more recognition. As much as we feel at home
in the comfy combination of GNU and Linux, we’re
always intrigued by other OS projects with different
designs and goals. Maybe there are some things
Linux developers can learn from AROS, or indeed
other OS-recreation projects like Haiku OS…

LINUX VOICE VERDICT
Everything that we loved on the
Amiga, running on modern hardware.
Just don’t expect loads of features.
Amiga fans will remember Directory Opus – it was open
sourced in 2000 and runs on AROS/Icaros!

www.linuxvoice.com 53
REVIEWS CUBIEBOARD A20

CubieBoard A20
Looking for a little more power than the Raspberry Pi offers, John Lane wonders if
the CubieBoard A20 can deliver…

T
he Raspberry Pi is great, as you’ll know if but you can’t boot from the on-board SATA interface.
DATA you’ve not ben stuck under a rock for the past There is also a variant of the board that has a second
Web
three years. But there’s so much more out micro-SD card slot instead of the NAND flash ROM.
cubieboard.org there. You can now choose from loads of alternative An additional mini-USB On The Go port is provided
Price small-board computers, including many that are to connect the CubieBoard to a desktop PC to perform
£45.95 packed with additional features for not much more flash updates using AllWinner’s LiveSuit software. This
money than the Pi. One such board, the CubieBoard, mode of operation is called FEL mode and operates
was launched in 2012 with native Ethernet, a built-in similarly to the recovery mode available on some
SPECIFICATIONS 4GB NAND flash drive and an on-board SATA smartphones.
connector. An upgrade in 2013 giving it a dual-core The on-board NAND flash ROM comes pre-loaded
CPU Mali400mp2, CPU and 1GB of memory was released as the with Android, so you can plug in and use the device
OpenGL ES GPU
CubieBoard 2, sometimes referred to as the straight away. But you’ll most likely want to install a
RAM 1GB DDR3
@480MHz CubieBoard A20 after the AllWinner A20 chip at its Linux distro to use it for your own projects, and this is
Video out HDMI 1080p core. Although roughly twice the price of a Pi, it’s still where the fun begins…
Networking 10/100 affordable, and it can run Linux and Android.
Ethernet For your £45 you get the power, SATA and USB It’s good to keep talking
Storage 4GB NAND flash
Connectors 2 x USB
cables that you need to get started. You just need to Something to bear in mind is that, unlike the
Host, 1 x micro SD slot, add a power supply (a USB phone charger will do), Raspberry Pi, the primary way of communicating with
1 x SATA, 1 x infrared, keyboard, mouse and a HDMI display. the CubieBoard is over its serial port. You can activate
2 x 48-pin headers The underside of the board sports two 48-pin its HDMI port during boot, but a serial port is handy if
exposing I2C, SPI, RGB/ connectors among a you want to see early boot
LVDS, CSI/TS, FM-IN,
ADC, CVBS, VGA, SPDIF-
OUT, R-TP
heap of connection
options. One such is
“Those comfortable with a more messages, something we
found essential for
VGA video – you can bare-bones approach may prefer troubleshooting. We used
directly wire up a VGA
port and use any old
to use Arch Linux ARM.” a USB serial adapter and
the GNU screen tool for
VGA monitor, opening this. To install another
up a the possibility of using it with hardware that may operating system you’ll need an SD card; the easiest
otherwise be thrown away, which could potentially be way to get started is to download a prepared image
a huge factor when assessing total cost of ownership. for your chosen Linux distro. For those coming from a
Other nice touches include a reset button, audio line-in Pi background, the obvious choice is a distro called
and an infrared port that will come in handy if you Cubian, a Debian spin inspired by Raspbian. For a
The CubieBoard 2 is
marginally larger than the want to use a remote control with it. more hardcore experience, “ArchLinux ARM” supports
Raspberry Pi but offers a There is a micro-SD card slot, which is one of it too.
lot more connection several places the board will boot from – you can also Cubian comes in three flavours, a desktop version
options. boot from the NAND flash ROM or via the network with the Mate desktop or a text mode called Nano,
either with or without the HDMI display support; the
latter leaves more memory free for you to use. It’s a
2GB image that will require a micro SD card of at least
that size. The download is a 7-Zip archive so you’ll
need to install the appropriate tool to unpack it (try
apt-get install p7zip-full or pacman -S p7zip).
Install your chosen image onto a spare micro SD
card. Do this from another machine with dd (take the
usual precautions to ensure you write to the correct
device). Insert the card into the CubieBoard, attach a
keyboard and monitor and start it up.
You’re given the chance to change some options
when you start Cubian for the first time, and this is a
good time to localise your install and set a password.
You can then log in and you’ll find the usual gamut of
applications. The included SMPlayer gave good results
streaming full-screen standard video across the

54 www.linuxvoice.com
CUBIEBOARD A20 REVIEWS

network, but the device struggled with high definition
material, even after installing the more capable VLC.
Cubian includes a tool to transfer your installation
from an SD card onto the internal NAND ROM. All you
need to do is install and run the cubian-nandinstall
package, shut down, remove the SD card and then re-
start. However, this failed for us, and attempts to gain
answers via the forums were unfruitful.
Those comfortable with a more bare-bones
approach may prefer Arch Linux ARM. If you follow
the CubieBoard 2 install instructions to the letter,
you’ll be able to boot the board without any problems
and log in to Arch Linux over SSH. The default Arch
install leaves you on your own, however – you’ll have
to manually configure the HDMI output unless you’re
happy with the serial port and/or SSH. However, the
active forum is a haven when in need of support.
The inclusion of a powered SATA port sets it apart
from most of the other small-board computers
available, while having twice as many cores and
memory affords more acceptable performance.
Use the LiveSuit installer to
The CubieBoard and Linux-sunxi forums are good
upload images to the
but there is nothing like the ecosystem that has grown
LINUX VOICE VERDICT NAND Flash ROM.
up around the Pi. However, this has the greater impact
A well-capable board with varied
on beginners, and we feel that the CubieBoard isn’t connectivity options and good support
aimed at more advanced users. Experts can use Arch for Linux and Android.
Linux ARM and its forum, where there is a dedicated
AllWinner sub-forum.

BUY MUGS AND T-SHIRTS!

shop.linuxvoice.com www.linuxvoice.com 55
REVIEWS BOOKS

Clipping Through
Ben Everard saves £1,000 by reading about San Francisco instead of going there.

C
lipping Through is a travel book about the alcohol-fuelled bits. It’s a book for people
a computer games conference. We’ll who want to know what goes on behind the
be honest, that sounds like a strange scenes of games, but not the conventional
premise for a book. However, like many good behind-the-scenes coverage.
travel books, it’s not really about the place There’s no print version, but for $5 (with
– the Games Developer Conference is just the option to pay more), you get the book in a
the backdrop to Leigh Alexander’s treaty on range of digital formats (Epub, MOBI, PDF
the state of the video games industry. She and DOCX). We have serious concerns about
interweaves tales from her long journalistic anyone who wishes to read a book in DOCX
career in video games with a warts-and-all format. Oh, and before you ask, no, this isn’t
diary of the conference. a book about ethics in video games.
Actually, it’s less of a diary and more a
series of snapshots. These snapshots
include interviews, discussions on
LINUX VOICE VERDICT
interpretations of games, and the inequality Author Leigh Alexander
evident in San Fransisco. It’s well written, and Publisher Gum Road
ISBN None
surprisingly coherent given the wide range of Price $5+
subjects covered.
Surprisingly readable for its breadth of subjects,
This book is a view of all the aspects of the and very evocative of a place and time. Liz Ryerson, the artist featured on the
video games industry that don’t get covered cover, also wrote the afterword sharing her
elsewhere: The odds-and-ends, the ugly bits, experiences in the industry.

Free Culture: The nature and
future of creativity
You’ll never take Ben Everard’s freedom.

T
here are a few books that we would continued lengthening of copyright terms at
consider essential reading for a rate which appears to make them infinite.
anyone interested in open source, For anyone who is unsure which side of the
and Free Culture by Larry Lessig is one of debate they sit on, Lessig’s arguments in
them. It’s a decade old, but age hasn’t favour of freedom are compelling, at least to
lessened its importance. Perhaps the last 10 this reviewer. Free Culture puts the fight for
years have actually lead to the message of freedom in its historical context (it goes back
the book being more acute now. As you can to Shakespeare) and highlights the forces
probably tell from the title, it’s not about that are working against it. It shows the
software specifically, but about the ability to weapons and tactics that the enemies of
share any creative works. This should come freedom are using to bring all content into
as no surprise, since Lessig is one of the their protected domain.
authors of the Creative Commons licences.
Lessig is a lawyer by training, and that
inevitably means the book is heavily LINUX VOICE VERDICT
influenced by the legalities and legal Author Lawrence Lessig
challenges around sharing, particularly in Publisher Penguin Books
ISBN 978-0143034650
America. This may not sound like a great
Price £10.56
read, but let us assure you that it is. Lessig’s
Probably the most interesting book ever written
passion flows through every word in his on the subject of copyright law. We use Creative Common’s licences – co-
highly thought-out defence of the right to written by Lessig – when we free our issues
share. His primary argument is against the because we believe in Free Culture.

56 www.linuxvoice.com
REVIEWS BOOKS

Raspberry Pi for Dummies (2nd Edition) ALSO RELEASED…
Graham Morrison finds the perfect book for David Cameron.

D
espite the launch of a new
Raspberry Pi model, and the likely
glut of new book editions that are
going to flood the market, there’s nothing
in the new model that breaks compatibility
with the old, which means books like this
Mike Cook
will remain just as useful in the quad-core used to write
era of Raspberry Pi 2.0. Kathy Sierra is back
a column for
This is just as well, because this and she’s writing
Micro User in
about users!
Dummies title is an excellent introduction the 80s .
for the complete beginner to both the Badass: Making Users Awesome
hardware and Linux itself. A lot of pages Raspberry Pi was created to nurture, and It’s fantastic to see Kathy Sierra back.
are dedicated to setting up, for example, it’s good to see a well written book from We’ve loved many of her Head First titles, and
discussing what should be plugged in and such a successful brand taking the trouble she has a wonderful knack of writing insightful
things about users. This is a book about
where. There are chapters on using the to get this right.
creating successful users, and we can’t wait
desktop, and an introduction to the shell. to read it.
We also like the creativity of LINUX VOICE VERDICT
the sections dealing with Scratch Author Sean McManus & Mike Cook
programming, followed quite naturally Publisher Wiley
with some more advanced ideas written ISBN 978-1-118-90491-6
Price £17.99
in Python. The book is topped off with a
A comprehensive and gentle overview of
substantial section on building your own everything you need to get started.
circuits for more ambitious projects. It’s
exactly this kind of progression that the

Be the cool kid
in class with a
IPv6 Essentials (3rd edition) Beaglebone.

Pack this for the IPv4 apocalypse, says Graham Morrison BeagleBone for Dummies
After enjoying Raspberry Pi for Dummies (see

W
left), we’re now looking forward to the release
e’ve been told for a while that of this – hopefully the same treatment but for
IPv4 is untenable for the future the more open and equally cool BeagleBone
of the internet. It’s going to be hardware. Arguably, a book like this is more
impossible to have a shiny new Internet of important as there’s less help available online.
Things, with its conferences in California
and ear sensors, with IPv4’s pathetic 4.3
billion address limitation. But like ADSL,
it keeps hanging on and adapting to
whatever our crazy world of computers The end of
can throw at it. IPv4 is nigh.
IPv6 is the answer, and it’s finally
becoming more prevalent. Many ISPs to understand. That’s not a simple trick to
now provide compatible routers, even pull off with network concepts, and it’s the
if they’ve not turned the facility on, and reason why we’d recommend this book as
Google’s IPv6 adoption statistics have any reader’s first step to IPv6 migration. Shouldn’t that
started to ramp up – currently at 6% of be GNU/Linux?
internet traffic. This is where this book LINUX VOICE VERDICT How Linux Works
comes in. It’s not too long, and while its Author Silvia Hagen This is the second edition of a book we already
style is CompSci rather than entertaining, Publisher O’Reilly think is good. It’s ideal for those users who
ISBN 978-1-449-31921-2 want to take their Linux knowledge further, and
we liked the practical examples that used
Price 26.50 is perfect if you’ve been messing around with
WireShark to monitor IPv6 DNS traffic, even
A great overview that leaves you knowing the desktop and command line for a while and
when most chapters finish with a huge list what you need to do next. want to know what makes it all tick.
of RFCs for reference. But the best thing
about this book is that it’s relatively easy

www.linuxvoice.com 57
GROUP TEST BSD DISTROS

BSD DISTROS GROUP TEST
There’s more to open source than Linux. Mayank Sharma takes
an excursion to test some BSD distros.

On Test BSD Distros
F
or the distro hoppers among that was created at the University
FreeBSD us, a Linux distribution is just of California, Berkeley. In contrast to
URL www.freebsd.org a collection of applications UNIX, which was developed at Bell
VERSION 10.1 and utilities. We can be productive Labs, BSD was created by students
LICENCE Simplified BSD with any distro as long as it gives us and faculty at the University. BSD
Can the most prominent daemon access to our cherished and trusted was distributed as a package of
cast a spell on the rest?
tools. So how about a diversion into software enhancements for UNIX
the land of the BSDs? that made it useful in the real world,
OpenBSD While they haven’t caught the outside of a research laboratory.
URL www.openbsd.org fancy of the mainstream tech Over time, BSD evolved and
VERSION 5.6 press, the BSDs are known for their replaced every part of UNIX and
LICENCE ISC robustness, reliability and security became a usable operating system
Unflashy OS with an unrivalled and are fairly popular with system in itself. The current stable of BSD
focus on security. administrators. That said, you can distros are a family of OSes that are
slap popular open source apps derived from the original.
NetBSD on top and use BSDs for everyday
desktop computing tasks, such
The three most notable
descendants in current use are
URL www.netbsd.org
as browsing the web, listening to FreeBSD, OpenBSD and NetBSD.
VERSION 6.1.5
LICENCE Simplified BSD music, watching DVDs, playing The majority of current BSD OSes
One of the oldest BSDs in existence. games and reading PDFs. Also of are open source and available for
note is their devoted community of download for free under the BSD
developers and users. Licence, with Mac’s OS X being
The modern day BSDs that we the most notable exception. In
DragonFly BSD have on test in this feature can this group test we’ll evaluate the
URL www.dragonflybsd.org be traced back to the 1970s. BSD strengths of the most popular BSD
VERSION 4.0.2 stands for the Berkeley Software distros and help you pick one that’s
LICENCE Modified BSD
Distribution. It was the name of the both easy to use and can be used
Has this FreeBSD fork been able to
toolkit of enhancements for UNIX for a wide variety of applications.
carve a user-base?

GhostBSD “The modern day BSDs that we have
URL www.ghostbsd.org here can be traced back to the 1970s.”
VERSION 4.0
LICENCE BSD
Does this BSD designed for the desktop BSD vs Linux
offer anything of note?
Both Linux and the BSDs are free and kernel. On the other hand, a BSD project
open source, Unix-like operating maintains the entire OS and not only the
PC-BSD systems, and use much of the same kernel. Another significant difference is
software. So what sets them apart from the licensing. Linux uses the GPL, which
URL www.pcbsd.org
each other? For starters, Linux and BSD requires that developers release the
VERSION 10.1
have a different lineage. Technically source code for their modifications.
LICENCE BSD speaking, Linux is just a kernel. To BSDs, in contrast use the BSD Licence
Bucks theBSD convention with produce a usable OS, each distro must which allows modifications to be kept
a focus on usability. glue a bunch of software on top of the under wraps if the developer so requires.

58 www.linuxvoice.com
BSD DISTROS GROUP TEST

Popular products based on BSD
Daemons at work.

T
here are many open source as well proprietary OSes, OS X and iOS, are based. PlayStation 3, PlayStation 4 and PlayStation
as commercial products based on Darwin integrates a customised version of Vita gaming consoles.
BSD, due to its technical prowess BSD. BSD is also used as the basis for the FreeBSD seems to be the most popular
and permissive licensing. Popular open filesystems and networking of OS X. of the BSDs that is found powering both
source products include NAS distros like There are other commercial products open source and proprietary products.
FreeNAS and NAS4Free and firewall projects based on BSD by multinational hardware Juniper Network’s JUNOS is based on
such as the embedded Monowall distro and and software companies, such as Dell’s FreeBSD, and is also used in the Netflix Open
its fork for regular computers, PFSense. iSCSI SAN arrays. Silicon Graphics Connect appliance. FreeBSD also powers
Then there’s the open source Darwin International also uses FreeBSD in its the popular messaging app, WhatsApp, and
project by Apple, which produces the core ArcFiniti MAID (Massive Array of Idle the project received $1 million recently from
components upon which the company’s Drives) disk arrays and so does Sony in its WhatsApp’s co-founder.

OpenBSD
Is it open for all?

O
penBSD is regarded as one of the
safest operating systems. Thanks to
its rigorous code audit and security-
first development model, it’s a popular
option for security-conscious applications
such as firewalls, intrusion-detection
systems, and general-purpose servers.
OpenBSD is designed for experienced users
who know what they are getting themselves
into and are willing to tussle with its
peculiarities in order to get the job done. So
although it doesn’t ship as a desktop out of
the box, you can configure it as one if you’re
willing to spend time getting used to it. OpenBSD’s sole purpose is to be the most secure OS, which usually puts it at odds with convenience.
To get the distro on your machine you
have to labour through its text-based and MacBook Air laptops. OpenBSD now into a full-fledged desktop. Depending on
installer. It’s well laid-out and presents each also supports AMD Radeon graphics cards how fast your internet connection lets you
option with ample information, but does thanks to code ported from FreeBSD. fetch packages from OpenBSD’s mirrors,
require a competent and knowledgeable After installation you get a fairly you can set up a desktop in under an hour.
operator. That said, the default options are barebones (but incredibly fast) system But all said and done, OpenBSD isn’t
sensible and it even suggests an auto- with a handful of services enabled, and a designed to be a comfortable desktop distro.
partitioning scheme, which is a definite aid minimal desktop running the FVWM window It’s certainly possible to use it as desktop
for new users. manager, if you’ve selected it during the platform, but that isn’t a top priority for its
installation. This base has all the tools you developers. Unlike regular desktop distros,
Build from scratch need to transform it into a dedicated server OpenBSD isn’t meant to make decisions
Also, since it’s designed for specialised or a desktop. on your behalf or make your life easier with
usage, OpenBSD’s hardware support The latest version of OpenBSD includes automated routines. Rather, OpenBSD is
focuses more on enterprise-grade and even popular desktop software including KDE designed to be secure and reliable, and this
virtual hardware. Still, unless you’ve got 4.13, Gnome 3.12, Xfce 4.10, Firefox 31, is something it’s very adept at. The fact that
some exotic top-of-the line hardware or a LibreOffice 4.1.6 and others. As expected, the you can use such a system as a regular
brand-new device, you should be able to get thorough security vetting means that some desktop is an additional benefit.
it to work with OpenBSD. The developers of these are a couple of versions behind their
keep adding drivers and have recently latest iterations. OpenBSD is also popular for VERDICT
A stable OS with a
added a new touchpad driver that supports its documentation and you can find loads rock-solid foundation and
Broadcom multi-touch trackpads found of information on the web that’ll help you a security-first approach.
on newer Apple MacBook, MacBook Pro, transform this bare-bones OpenBSD install

www.linuxvoice.com 59
GROUP TEST BSD DISTROS

GhostBSD
I see desktop users!

H
ere’s a BSD that closely app for installing packages, so like
resembles a desktop Linux most others BSDs you can’t escape the
distro in form and function. command-line.
GhostBSD is available for 32-bit and That said, in contrast to most other
64-bit machines both as ISO and IMG BSDs, GhostBSD includes a multilingual
files for optical drives and flash disks graphical installer, which offers an
respectively. Unlike most of the other automated partitioning scheme if you
BSDs on test here, GhostBSD boots wish GhostBSD to take over the entire
straight into a live graphical desktop disk. Unfortunately, the installer is
environment. Earlier versions of the OS pretty buggy and crashed several times
shipped multiple desktops, but the without spitting any error messages.
current release is available with only the Also, GhostBSD includes older
lightweight Mate desktop. versions of some apps, such as its While the current release includes the Mate desktop, the
On the desktop, the live environment Mate desktop. It includes Mate 1.6 developer is looking at alternatives for future releases.
offers three different layouts. There’s while the latest version is 1.8. This
the classic look, with the menu on top version is available in its repositories, shipping a FreeBSD-based OS with the
and a panel at the bottom; a minimalist but again, upgrading it is easier for convenience of a familiar desktop. It’s
view; and a layout with a simple dock at someone familiar with FreeBSD’s pkgng lightweight and functional, but doesn’t
the bottom. Since GhostBSD is based utility. GhostBSD is a good attempt at really help new users escape the
on FreeBSD, it allows users to access clutches of the command-line utilities.
FreeBSD’s repository of packages via its
new command-line package manager, “GhostBSD boots straight VERDICT
pkgng. However, GhostBSD doesn’t into a live graphical desktop Lightweight BSD loaded

environment.”
with apps that ships as a
have a package management system live desktop.
of its own and also lacks a graphical

DragonFly BSD
Hovering on the desktop.

D
ragonFly BSD is a popular fork and check the compatibility of your
of FreeBSD that is now hardware from the command line. Once
developed in a direction of its you’re satisfied you can fire up the
own and is considered one of the main installer. DragonFly BSD also has a DragonFly BSD was started by Matt Dillon, who had earlier
BSD distros. The OS has diverged menu-driven text-based installer that’ll developed the Dice C compiler for the Amiga.
significantly from FreeBSD and is help you set up a single OS installation
popular for its implementation of virtual in a matter of minutes. There’s also a available on the project’s website.
kernels and a feature-rich 64-bit configuration tool that you must run Again, the saving grace is its support
filesystem called HAMMER, which has through at the end of the install to set for binaries and third-party apps.
built-in mirroring, instant crash recovery, up key aspects of the system such as DragonFly BSD uses FreeBSD Ports as
and historic access functionality. It’s the networking options. a base for its own ports collection
popular for its Sun ZFS-like features Like most BSDs, DragonFly doesn’t (called Delta Ports), and you can also
with a friendlier licence. However, since install a graphical desktop, but don’t install packages using FreeBSD’s
HAMMER doesn’t perform well on underestimate its graphical prowess. pkgng. DragonFly BSD focuses more
drives smaller than 50GB, DragonFly The latest version of the OS supports on the desktop users than some other
BSD’s installer also lets you use the GPUs from the Haswell family, and BSDs, it still requires considerable
BSD standard UFS filesystem. OpenGL acceleration is available out of dexterity on the command-line.
The installation medium for the OS is the box on supported i915 and Radeon
available for 64-bit architectures only. GPUs. There’s also a touchscreen driver VERDICT
The project releases an ISO image for for the Acer C720P notebook. Though it doesn’t ignore
desktop users, it’s best for
optical drives and an IMG file for To set up a desktop environment like stable server
installing via USB. Both boot into a live Xfce, KDE, Gnome or Mate, you’ll have deployments.

environment and let you log in as root to labour through the documentation

60 www.linuxvoice.com
BSD DISTROS GROUP TEST

NetBSD BSD-based distros
The Universal BSD.
Wait! There’s more?

T
here’s a long list of BSD-based OSes
that are under active development.
ArchBSD is a lightweight operating
system that aims to club the flexibility and
philosophy of Arch Linux with BSD-based
operating systems. Then there’s Debian GNU/
kFreeBSD, which swaps out the Linux kernel
and instead uses the FreeBSD kernel together
with GNU-based userland utilities and glibc. It’s
developed by the Debian project, which
maintains two ports based on the FreeBSD
kernel, ‘kfreebsd-i386’ and ‘kfreebsd-amd64’.
Similarly, there’s Gentoo/FreeBSD, which is a
subproject to port unique Gentoo features
NetBSD’s rock-solid foundation and portability were a big draw for NASA, which used it for a such as the Portage package management
project on the International Space Station. system to FreeBSD. There’s also the Evoke
project, which produces a small live FreeBSD

T
rue to its tagline, which reads “Of which you can install popular open environment geared toward developers and
course it runs NetBSD”, this BSD source desktops and apps. A couple of system administrators.
distro that’s been around since the years back there was news of a light- FreeBSD is also the basis for the popular
early 90s is very portable and runs on over desktop initiative to quickly turn a NetBSD Monowall embedded firewall distro that
50 different hardware platforms across 15 installation into a lightweight desktop provides a small image that users can put on
processor architectures. based on LXDE and modelled after CF cards. While you can use Monowall on a
Another major feature of the OS is that Lubuntu, but it seems to have died. generic PC, the PFSense project produces a
unlike typical desktop Linux releases that Furthermore, if you’re spoilt by graphical firewall designed for computers.
come out about every six months, new configuration tools on modern Linux MidnightBSD is a FreeBSD fork that aims
NetBSD releases are fairly infrequent. distros, you wouldn’t get very far with to create a desktop-friendly BSD operating
This release schedule is preferred by its NetBSD as it requires everything to be set system and has also forked FreeBSD’s ports
primary users, who wouldn’t want to pull up by hand. Editing files under package management system to create its
down their servers for upgrades often. /etc to get the wireless card to connect own called mports. There are several NetBSD-
However, you aren’t necessarily stuck bought back bittersweet memories. You’ll based projects as well, such as the Jibbed
with outdated software, as its package have to add users from the command bootable live CD. Another is BlackBSD, which
management system, pkgsrc, tracks the line and also create mount points and is a live CD that includes a bunch of security
latest version of upstream software. While mount optical discs manually. You’ll also tools such as Nmap, Nessus, Snort, Rapid7 and
it does give access to all kinds of software, have to get familiar with NetBSD’s use others.
the fact that it lacks a graphical package of the rc.d system to control services,
management app is rather limiting. which is similar to System V but without
NetBSD uses an ncurses-based menu- runlevels. In fact, you wouldn’t get very
driven installer, which is pretty simple far with NetBSD without having first read
to navigate and besides the partition through the very detailed NetBSD Guide.
management steps, shouldn’t pose any The project has extensive documentation
issues to experienced distro-hoppers. At and a detailed wiki that’ll help you get
the end of the installation, you’ll be asked familiar with its peculiarities. NetBSD isn’t
to configure some essential aspects. Also, the easiest of OSes to get started with,
while the Full installation scheme installs but its vanilla approach makes it ideal for
the basic X window system components, security-conscious users who like to be
it doesn’t include a graphical desktop. in charge of each and every component
running inside their computer.
Finger flexing
The default installation is pretty minimal. VERDICT
You’ll have to set up the package manager The open source distro
Bitrig is an OpenBSD fork that aims to be more
that can run on everything
and then install the required packages. from a toaster to the modern in development and support than
This isn’t much of a task thanks to space station. OpenBSD and has recently hit version 1.0.
NetBSD’s binary package, pkgin, using

www.linuxvoice.com 61
GROUP TEST BSD DISTROS

FreeBSD vs PC-BSD
The Jedi and his prodigious padawan.

F
reeBSD is the most used of the PC-BSD employs a graphical installer
BSDs. The OS had its first that’s easy to navigate. It offers good
release back in 1993. FreeBSD defaults for new users as well as plenty
uses a text-based installer that is also of options for advanced users,
used by several other derivatives as especially in the disk partitioning step.
well. It’s feature-rich and extensive with By default the OS installs the KDE
adequate defaults to aid first-time desktop on all machines that have
users. The installer hands off to a more than 2GB of RAM and LXDE on
post-installation configuration screen those with less. The installer gives you
from where you can set up important access to full-featured desktops such
aspects of your computer such as the as Gnome and Cinnamon as well as
network interfaces. lightweight alternatives such as Xfce,
FreeBSD doesn’t install a graphical Mate and even minuscule ones like
environment by default, but all the Openbox and IceWM. You can also FreeBSD is all about DIY. Heck, you’ll even have to install
popular ones are available in the install additional components such as the package management tool before pulling in packages!
FreeBSD ports collection. Because drivers for Nvidia cards, OpenJDK, the
of the ports collection, you can easily Chromium web browser and a lot more. installer (PBI) file format, which you can
configure and use FreeBSD as a web Post-installation, PC-BSD takes you install via its AppCafe graphical package
server, mail server, or a firewall. through a series of steps to set up your manager. AppCafe is a very modern
New users will have to follow the computer. The OS also includes several and user-friendly package manager. It
guides on the internet to turn their custom tools to ease management. Its displays latest releases, recommends
bare minimum FreeBSD install into Control Panel app helps you manage apps and also lets you search for
something useful since there’s nothing different aspects of your installation, particular apps. The tool also lets you
intuitive about the process. In addition such as adding new users, configuring know when newer versions for installed
to pulling in packages you’ll also have network connections, setting up the apps are available.
to tweak configuration files. This might firewall and more. Then there’s the Furthermore, if you wish to deploy a
sound cumbersome, but is actually backup tool, called Life Preserver, which BSD-based server instead of a desktop,
pretty straightforward and at the end can sync to a remote FreeNAS system

“PC-BSD has all the popular
produces a finely tuned aerodynamic securely, using rsync and SSH.
system that does exactly what you PC-BSD also has all the popular
want it to do and nothing else. open source desktop apps that you
desktop apps that you’ll find
on a typical Linux distro.”
can find on a typical Linux desktop
Angels and daemons distro. The Firefox browser is equipped
FreeBSD’s popularity has spawned to play Flash content and it includes
several derivatives. PC-BSD is one such the VLC media player to handle files you can use the PC-BSD installer to
descendant that’s made a name for in proprietary formats. PC-BSD uses setup TrueOS. This is basically a vanilla
itself by extending FreeBSD’s famed FreeBSD’s ports and also publishes FreeBSD installation with a bunch
stability to everyday desktop users. packages in its own push-button of extra PC-BSD packages for easier
management. One such tool is Warden,
which is used for creating isolated
instances of the OS that can each run
different services such as the Apache
web server, or the MySQL database
server. These isolated instances are
known as jails and are one of the
best examples of FreeBSD’s technical
superiority. PC-BSD’s Warden tool lets
you manage these jails both graphically
and from the command line.

VERDICT
FREEBSD The best PC-BSD Deliver the
enterprise-grade and same open source
proven BSD for your goodness with a
tuning pleasure. different base.

PC-BSD also lets you manage installed apps and jails from a remote machine.

62 www.linuxvoice.com
BSD DISTROS GROUP TEST

OUR VERDICT
BSD distros
D
espite them both being GhostBSD is a nice attempt, but PC-BSD is backed by iXsystems, a company that has strong ties
open source operating at its current stage it’s more of a with FreeBSD and also sponsors the development of FreeNAS.
systems that share a lot of teaser of what a FreeBSD-based
similar tools and utilities, finding a
BSD replacement for Linux isn’t a
lightweight desktop might look like.
FreeBSD has made a name for
1st PC-BSD
Licence BSD Version 10.1
straightforward task. It takes more itself with its stability and is used
effort to get the BSDs set up as a by internet-oriented companies www.pcbsd.org
desktop or even as a production- such as Yahoo and WhatsApp. If Drop-in replacement for Linux on the desktop and on the servers.
ready server when compared to you’re willing to spend some time
most Linux distributions. The with it, you can use FreeBSD as a 2nd FreeBSD
process is involved and manual: full-featured and stable desktop or Licence Simplified BSD Version 10.1
Mandriva and Ubuntu put a huge development workstation. Its ports
amount of work into making Linux package management system www.freebsd.org
more accessible in the mid-2000s, has eased software installation Put in a little time and effort to build a stable server
or a functional desktop.
but a similar change hasn’t considerably and has been adopted
happened yet in the BSD world. by several other BSD projects as
While the BSDs all share a well. FreeBSD also trumps the other
3rd GhostBSD
Licence BSD Version 4.0

“Finding a BSD replacement for Linux www.ghostbsd.org

isn’t a straightforward task.”
A usable lightweight desktop BSD.

4th OpenBSD
common ancestor, they have all BSDs with its strong community Licence ISC Version 5.6
diverged significantly over the and extensive documentation.
years and have managed to create www.openbsd.org
a niche for themselves. NetBSD is Double win Best suited for security-centric implementations.
similar to FreeBSD in many ways, But if you’re looking for
and the teams share developers point-and-click simplicity, there’s no 5th DragonFly BSD
and code. However, NetBSD’s main better bet than PC-BSD. This Licence 4.0.2 Version Modified BSD
purpose is to provide an OS that operating system is as close as
www.dragonflybsd.org
can be ported to any hardware BSD can get to Linux. It offers the Its kernel enhancements make it ideal for stable
platform. Then there’s OpenBSD, same functionality, convenience server-centric deployments.
which branched off from NetBSD and applications that Linux users
with the goal of becoming the most are used to. In addition to its skills 6th NetBSD
secure BSD, even if that comes at on the desktop, you can also use it
Licence Simplified BSD Version 6.1.5
the price of making it less user- to power your servers. PC-BSD
friendly. Another popular FreeBSD- proudly exposes its FreeBSD base www.netbsd.org
fork, DragonFly BSD, is popular and makes it accessible to new The most portable BSD that you can use on virtually all
for setting up virtual hosting users by adding convenient tools kinds of hardware.
environments on shared servers. for the administrators.

Kernel type Installer Default GUI Package management Config tools
FreeBSD Monolithic with modules Text None Ports None
OpenBSD Monolithic Text FVWM Ports Text
NetBSD Monolithic with modules Text None Pkgsrc None
GhostBSD Monolithic with modules Graphical Mate Ports None
DragonFly BSD Hybrid Text None DPorts None
PC-BSD Monolithic with modules Graphical KDE PBI Graphical

www.linuxvoice.com 63
SUBSCRIBE

SUBSCRIBE shop.linuxvoice.com
Get your regular dose
of Linux Voice, the
magazine that:
Gives 50% of its profits
back to Free Software
Licenses its content
CC BY-SA within 9 months
SUBSCRIBE TO

UK subs prices
TODAY! 12-month print & digital: £55
12-month digital only: £38

Get 114 pages Access our Save money on
of tutorials, rapidly growing the shop price
features, interviews back-issues archive and get each issue
and reviews – all DRM-free and delivered to
every month ready to download your door

Payment is in Pounds Sterling. 12-month subscribers will receive 12 issues of Linux Voice a year. 7-month
subscribers will receive 7 issue of Linux Voice. If you are dissatisfied in any way you can write to us to cancel your
subscription at subscriptions@linuxvoice.com and we will refund you for all unmailed issues.

64 www.linuxvoice.com
SUBSCRIBE

All subscribers get access to every
single digital back issue –
that’s about 1,000,000 words of
tutorials, reviews and free software
hackery at your fingertips

Overseas subs prices
12-month print & digital:
Europe: £85
US/Canada: £95
Rest of world: £99 DIGITAL
SUBSCRIPTION*
ONLY
*
£38
WHEREVER IN THE WORLD YOU
ARE – IT’S DIGITAL, SO THERE ARE
NO POSTAGE COSTS

www.linuxvoice.com 65
SYSADMIN

SYSADMIN:
TERMINAL
MULTIPLEXERS
We take a brief break from our normal our sysadmin coverage to reveal two of the most
important commands you should learn: screen and tmux.

M
any of us use the command line productive. The natural environment for a window management, although with a little
for lots of tasks – from the terminal multiplexer is the headless server. configuration, you can get close.
mundane to the complicated. But These are running somewhere remotely,
there’s one single type of command that, if and usually only accessible via SSH. You’re Screen test
you’re not already using it, will transform often connected for long periods and often This being open source there’s more than
every command you type. This is a class of want to do more than one task at the same one solution, and the two most popular are
command known as the humble terminal time. NAS boxes, Raspberry Pis, set-top- probably equally used and mostly matched
multiplexer. You might be thinking that boxes and family PCs are equally well suited for functionality. The first is the venerable
anything called a multiplexer might not targets. A terminal multiplexer will allow you GNU Screen and this is the command you’re
sound so humble, but bear with us. It’s not to open a single connection to any of these most likely to find pre-installed on your
difficult to understand and it can make a devices and use the same terminal session remote server or local NAS. Just type screen
huge difference to the way you use any for multiple tasks. They should also allow -h to check. If it’s not there, screen will
Linux machine. The term ‘multiplexer’ comes you to disconnect from a session, complete always be part of your distribution’s principle
from electronics jargon, where it’s used to with running processes, and re-connect at a repository or software archive. The other
describe a device that transforms multiple later time. popular alternative is called tmux, a more
inputs and a single output before being They’re synonymous with window descriptive name – terminal multiplexer.
‘demultiplexed’ into its composite parts at a managers in X – the part of your desktop We’re going to cover the basics of both so
destination. that remembers where Firefox is running that you get a good idea of what they’re
With a terminal multiplexor on the and lets you move the window around, capable of, and perhaps, which one you
command line, the multiple inputs are shell restore its position when you reconnect or prefer. They start off working in much the
sessions and the single output is your switch between running applications with same way before diverging slightly.
display or single physical terminal. When a keyboard combination. They could even If we had to recommend just one terminal
described like this, it might not sound like be thought of as the ultimate tiling window multiplexer, it would be tmux. It’s a project
the most exciting kind of command, but managers, albeit without visible tiles or that’s still actively developed and had a few
after you’ve got used to working within
its environment, it’s difficult to go back Screen and tmux shortcuts
to a terminal that doesn’t offer the same
features; among a huge list, our favourites Function screen tmux
are the ability to spawn other terminals New Window C C
dynamically, switch between terminal
Next Window N N
sessions at any point, split the screen into
Previous Window P P
different views and restore a running session
at any point, even after disconnecting from Jump to window 0-9 0–9
the session completely. If you like running Detach D D
command line applications like Mutt for Show shortcuts ? ?
email, or Irssi for IRC, they’re also perfect for List windows “ S
persistent remote sessions.
Split vertically Shift+S “
They work best when you don’t have
Next region Tab cursor keys
access to a windowed environment,
because it’s easier to open multiple Close region Shift+X X
shell windows, although we’d argue less

66 www.linuxvoice.com
SYSADMIN

more advanced features. But we’re also
covering screen because you might already
have it installed.
Learning something of both also means
that if you already know how to use one
you should be able to migrate to the other
tool by focusing on the similarities. This
is particularly useful if you’ve always used
screen and yet want to move to tmux. Tmux
is often considered the more modern option,
thanks to its better code and config files, but
the ubiquity of screen means that this is the
one you’re more likely to have used already,
and for that reason, this is the one most
people already know about, but there’s also
lots both tools have in common, and looking
at this commonality is the best place to start
if you want to learn how to use either.
Both screen and tmux are launched by
invoking their names on the command
line. Screen will display a text-based splash
screen asking you to press Space. After Both tmux and screen are similar, but tmux wins for splitting and user configuration.
you’ve pressed Space and you’re dropped
back to the normal command line, it gives might typically use either screen or tmux. re-attach to tmux. If more than one session
no other indication that screen is running in From this silent entry point, press C to create is running, screen will list them while tmux
the background, other than changing the a new session. If there was anything visible will simply connect to the first. If you want
name of the session, usually visible in the in your old session, this will disappear and to specify a session, add the number value
window border at the top. And unless you new blank session will appear. But worry from the list. You can list running sessions
use a special keyboard shortcut to summon not! That previous session is still running in tmux by typing tmux ls and connecting
screen’s control mode, the new session will and is still easily accessible. You may even to your chosen session with tmux a -t
perform exactly like a native session, and it’s have noticed that the status line at the session-name. And that’s all there is to
sometimes easy to forget whether you’re the basics of using both tools. You can
operating within the confines of screen, or now start sessions and do all your usual
you’ve not run screen yet. “You can use tmux like a command-line magic, safe in the knowledge
tiling window manager you can disconnect and resume, and switch
The tmux option between any number of persistent terminal
Tmux, by comparison, makes it much more for the terminal” sessions. It’s a serious upgrade to the way
obvious, because it places a coloured bar at the terminal normally behaves.
the bottom of the session. Like the launch bottom of tmux will have updated to show
bar of a desktop, this can be configured to the presence of the new Bash terminal. Taking it further
your preference, as much of the experience Enter the escape sequence combo and Both screen and tmux will allow you to split
can be after you’ve become acquainted with press N. This is the terminal equivalent to the display, for example, so you can see two
the way that tmux works. switching to the next virtual desktop, and as or more sessions at the same time. Use S
The super special secret escape we’ve only created two, this command will in screen and double quotes in tmux for this.
sequence keyboard shortcut that puts both take you back to the previous session. You Screen won’t automatically create a new
screen and tmux into their meta-command can switch between sessions directly by terminal though, so you need to press the
mode is slightly different: for screen, it’s entering a number instead – sessions start escape sequence followed by Tab to switch
pressing Ctrl and A together. For tmux, it’s at zero, and pressing P will take you back to focus to the new region and then the escape
Ctrl and B. What isn’t immediately obvious, your previous session. Now start something sequence again, followed by C to create a
and something that will catch you out the running, such as top and enter the escape new terminal.
first time you use either tool, is that there’s sequence followed by D. This will ‘detach’ the This is where tmux starts to pull ahead,
no feedback to indicate the change of input terminal from all the sessions running within because it’s more adaptable to both
mode that comes when you successfully screen and tmux. You can now disconnect horizontal and vertical splits and how you
hold down the keyboard shortcut. You just from the server, close the terminal, or go and can arrange them within sub-groups and
have to take it on faith that any further keys make a cup of tea. Everything you started in move between them. You really can use
you press will be interpreted by either screen your various sessions will keep executing. tmux like a tiling window manager for the
or tmux, rather than by the command line There’s some variation in the way that terminal, and it can be brilliant if you’re
session you’re running. screen and tmux re-attach to a running reconnecting to view a server’s logs, or
To give you some idea of what these tools session. Typing screen -r will re-attach to building and developing code, or even if
are capable of, we’ll run through how you the running screen session, while tmux a will you’re just copy files somewhere.

www.linuxvoice.com 67
FOSSPICKS

FOSSpicks Sparkling gems and new
releases from the world of
Free and Open Source Software

Hunting snarks is for amateurs – Ben Everard spends his time in
the long grass, stalking the hottest, free-est Linux software around.
IRC Client

Weechat
I
RC is so old it predates the web, IRC servers don’t save histories
yet it’s still extremely popular of chats. That means that if you’re
because it works well, and it’s client is not logged in to a server,
widely supported by open source then you can’t go back and see
software. This means that anyone what was said. This isn’t always
can quickly set up a server and ideal. One solution many people
have their own group chat. use is to run a terminal-based IRC
Alternatively, there are many public client on a server, then SSH into the
servers that you can create or join server to access IRC. This works
channels on. Almost every free provided you have an SSH client on
software project has an IRC every machine you want to access
channel for developers and users to IRC on. This is certainly possible Freenode is one of the most popular IRC servers, and most major
discuss the software. It’s also the given that even mobile phones can open source projects have a channel, including us (#linuxvoice).
method of choice we use at Linux use SSH, but it’s not always the
Voice for keeping in contact with give you access to your Weechat
each other while working on the
magazine.
“Almost every free software project session from any machine with a
web browser.
Weechat is a terminal-based has an IRC channel for developers There’s comprehensive
client for IRC. In this age of
graphical applications, a terminal-
and users to discuss the software.” documentation in English, French,
Japanese, German, Italian and
based client might sound old- Polish, so you should be able to get
fashioned, but actually, since IRC most convenient option on mobile started without any problems. You’ll
was designed as a text-based devices. Weechat can also act as a find them at https://weechat.org/
protocol in a world where graphical relay enabling you to connect doc/stable.
tools were a rare novelty, the another client to your Weechat One feature of IRC that’s missing
protocol works well in a terminal, session. For example, www. from most other chat protocols is
and many of the most widely used glowing-bear.org is a website that the support for scripting, and to this
IRC clients are terminal-based. can connect to a Weechat client and end Weechat supports six scripting
languages, so most programmers
should find at least one they’re
familiar with. There’s a repository of
scripts at https://weechat.org/
scripts that you can use if you don’t
want to write your own.
Although we have no figures to
support this, we get the impression
that Weechat is the fastest growing
IRC client in terms of users. In the
last couple of years, it’s become
widely talked about, and rightly so.
It’s an excellent client.

PROJECT WEBSITE
As well as the various user guides, there’s also built-in help that can be accessed
https://weechat.org/
with /help <command>.

68 www.linuxvoice.com
FOSSPICKS

Pretend computer manipulator

Virtual Machine Manager
T
here’s a wide variety of For example, if you use Qemu, you
virtualisation software can select from any of the
available. VirtualBox is great architectures your install supports.
because the graphical interface Once your machines are running,
makes it easy to learn to use. Qemu you can connect a display and use
and KVM are really powerful, but it their graphical output, or connect to
can take time to learn to use the their serial console to see what’s
command line tools. Linux going on.
containers (LXC) aren’t true Perhaps the biggest
virtualisation, but can also be really disappointment with virt-manager is
useful if you know how to use the documentation. Its website only
them. Wouldn’t it be great if there contains a single piece, the FAQ,
were a tool that brought VirtualBox’s and this just contains three trivial
ease of use to the power of Qemu, questions. There’s a bit more
KVM, LXC and others? Well there is, information on the man page, but
and it’s called virt-manager (or Virtual this doesn’t help much as it’s a GUI
Machine Manager). application. Frankly, we expect a
Red Hat developed virt-manager little better from Red Hat. Still, it’s
to help users easily take advantage fairly straightforward to use, and
of the full range of virtualisation most people should be able to get
options available on their enterprise started without any problems.
distro, but it’s open source and runs
on most other distros as well. Management layer
However, installing virt-manager can Virt-manager is in reality just a
be a bit tricky because you have to graphical layer that sits on top of
make sure all the requisite libvirt. It’s this library that manages
components are installed, and that the communication between all the
you have the right user permissions. different hypervisors. Since it
The huge range of
You should look for distro-specific doesn’t actually run the virtual configuration options in shut down the VM. This
information before getting started. machines (it’s just used to manage virt-manager allows you architecture also means that you
Once up and running, virt- them), it can distance itself from to tailor almost every can connect it to virtual machines
manager enables you to create new the virtual machines to a certain aspect of your virtual running on different physical
machines, edit their hardware, start degree. For example, you can use machines. computers, provided you have the
and stop them, and all the other virt-manager to start a virtual appropriate permissions. The
features you’d expect from a virtual machine, then close virt-manager machines don’t have to have been
machine manager. You can also and the virtual machine will created by virt-manager: as long as
use the specific options for the continue running. You can then they’re running on one of the
different types of virtual machine. reopen virt-manager and use it to supported platforms, then you can
connect to them.
While virt-manager is great for
setting up machines and getting
them running, it’s not so great for
managing whole groups of them.
There are whole other toolsets
designed for just this task (such as
the ones that come with CoreOS).
But for simple use, especially
desktop use, virt-manager is an
excellent tool for taking the pain out
of virtual machines.
Virtualisation allows
you to try out many
PROJECT WEBSITE
distros without
https://virt-manager.org/
rebooting your machine.

www.linuxvoice.com 69
FOSSPICKS

Python 3D library

Soya 3D
M
ost modern computers started with 3D programming. You
– and even most phones can get them from http://home.
– come with some form gna.org/oomadness/en/soya3d/
of 3D graphical acceleration. This tutorials. These take you through
hardware enables the computer to everything from creating a simple
render incredibly complex scenes in scene with just a single object in it,
real time. OpenGL is the standard to creating complex animated
rendering library for Linux, and it’s scenes with interacting objects and
very powerful, but it’s also quite varied lighting effects.
low-level and requires the
programmer to use vector-matrix Accessible modelling
Impress friends and
algebra to manipulate the scene. However, ‘tutorials’ is a bit of a understand the principals behind
colleagues with
Soya 3D is a Python library that misnomer. In reality, they’re very complex-looking 3D the library.
aims to free the programmer from well commented examples, but graphics – just don’t tell If you want to get into 3D
this low-level detail while still getting someone with basic knowledge of them how easy they are programming, Soya is a great place
the advantage of accelerated Python should find it quite easy to to code. to start, because while it abstracts
graphics. It lets you import models follow them and understand how out a lot of the detail, it follows the
created in 3D modelling software Soya works. The only caveat with same process as lower-level
(such as Blender) and manipulate the tutorials is that they haven’t toolkits, so if you want to move on,
them in your Python code. been updated in quite some time, you should find it quite easy.
Soya’s stand-out feature is the so they don’t include all the latest
number of really well commented features of Soya 3. However, they PROJECT WEBSITE
tutorials that make it easy for should include enough information www.lesfleursdunormal.fr/static/
informatique/soya3d/index_en.html
anyone who knows Python to get to get you started and help you

Disk-saving GUI

DDRescue-GUI
O
ne of our most-used Unless you’re very unlucky, you
command line tools when it won’t experience failing drives very
comes to manipulating often, and that means that you
disks is dd. This is a great tool for won’t need ddrescue very often.
copying data to and from block The problem with command line
devices such as hard drives and tools that you don’t use very often
USB sticks. It’s an old Unix tool, and is that it can be hard to remember
the origins of its name have been the correct options. In a situation
As well as recovering
lost in the mists of time (though where you’ve got a failing drive, use it, so it’s worth trying out this
data, you could use
some people claim it means ‘data missing an option can mean data is DDRescue-GUI as a software to make sure you’re
destroyer’ because a misplaced lost forever. DDRescue-GUI is a graphical tool for familiar with it should the worst
argument can wipe all the data off a simple GUI wrapper for ddrescue writing an ISO image to happen. When a drive fails, it can
disk. This tendency to wipe data, that enables you to view and select a USB stick to make a deteriorate rapidly, and the longer
provided the impetus for ddrescue, the appropriate options, thus live distro, or for you spend working out how to use
a newer program with more options eliminating the risk of forgotten backing up drives. the software, the more data you
to make it better suited to fetching options. could lose. Once you’ve got the data
data off a block device that’s in the As with all rescue tools, the worst off the broken disk, you can then
process of breaking. It enables you time to learn it is when you need to spend as long as you need figuring
to specify the read order, and try out how to extract the information
particular blocks multiple times you need from the image file.
until you get a successful read. It’s “The worst time to learn a rescue
arguably the best tool for recovering
data from a failing drive.
tool is when you need to use it.” PROJECT WEBSITE
https://launchpad.net/ddrescue-gui

70 www.linuxvoice.com
FOSSPICKS

JavaScript framework

IO.js
I
O.js describes itself as a spork working on it, the pace of releases
of Node.js, but that just adds has slowed down.
more confusion, not less. A For quite some time, Node.js has
spork – for those of you unfamiliar been based on an unsupported
with the term – is like a fork, but it’s version of Google’s V8 JavaScript
designed to supersede the original engine. The people behind IO.js
project so the two end up merging. hope to increase the pace of
This is in contrast to a true fork, releases, and they’re already
which is designed to take the working on a more up-to-date Forks, spoons and
codebase in a new direction. version of V8 including support for sporks? Cutlery gone Node.js and IO.js at the moment,
So that’s a spork, but what’s the latest features in EMCA Script 6 mad, or the spirit of although this may change if the two
Node.js, and why would anyone (ES6). Unlike Node.js, IO.js isn’t run democracy in open projects diverge further. It may be
want to spork it? Node.js is a by a company, but by developers source software? slightly confusing to some new
JavaScript runtime that’s designed from the community. The hope is users that Node.js (the older
for running event-driven, non- that this will mean the project will project) is on version 0.10, while
blocking applications. It’s become not be dominated by a single party. IO.js has just released version 1.0.
particularly popular for building the IO.js is compatible with the Node This isn’t intended to signify that
back-ends for interactive web apps. Package Manager, so many IO.js is more mature; they’re just
Node.js is open source, however, projects should work on both using a different release numbering
under the aegis of its current system and using 1.0 to show that
steward, an organisation called they’re a fully independent project.
Joyent, development of Node.js “The people behind IO.js hope to
appears to have stalled. Although
there still appear to be people
increase the pace of releases.” PROJECT WEBSITE
https://iojs.org

Music manager

Quod Libet
T
here are some really good Quod Libet works on the principal
music players for Linux, so that you know wha you want to
in order to stand out a listen to, so gives you the power to
player has to do something special. specify it. This is in direct contrast
In Quod Libet’s case, that something to some other music players that
special is its search feature. It try to guess what you want and
allows you to search tags, and also make the decision for you.
combine different tags, negate Of course, all this requires you to
particular search options and have a good source of properly
Powerful functionality,
others. Basically, it enables you to tagged music, otherwise Quod Libet better handling of diacritic marks in
not graphical frivolity, is
very easily specify exactly what will struggle to find the songs you what makes Quod Libet searches, easier access to song
music you want on your playlist. specify. Quod Libet does come with stand out. lyrics (via lyrics.wikia.com) and
For example, do you want all rock some tools to help you tag you files, support for more file formats.
music, but want to keep it short and but it doesn’t support automatic If you’ve been struggling to
snappy? Well, you can search for all tagging. Provided all your songs are manage a large audio collection on
songs that have the tag rock, but well tagged, Quod Libet will easily Linux, and you’re comfortable using
are less that five minutes long. How scale to collections with large text-based search tools, Quod Libet
about all pop music released before numbers of songs. In fact, its could be the music player you’ve
1979? No problem. This is all done powerful search features are been waiting for.
through Quod Libet’s text-based probably best suited to albums with
search language, detailed at thousands of songs or more.
https://quodlibet.readthedocs.org/ The latest version (3.3) comes PROJECT WEBSITE
https://code.google.com/p/quodlibet
en/latest/guide/searching.html with a few new features including

www.linuxvoice.com 71
FOSSPICKS

Image compressor

Mozjpeg
I
mages: without them, the web retaining as much detail as
would be a boring place. possible. The gains aren’t huge
Whether they’re cute kittens, (around 5–10%), but if images take
flashy logos, or textured up a significant portion of your web
backgrounds, images are what traffic, this could be a meaningful
change web page from piles of text difference. After all, a 5% reduction
into an enjoyable medium. in bandwidth bills and storage
However, they take up bandwidth, requirements could result in a huge
and that means they slow down saving for popular websites.
page loads, and cost more money. Similarly, a 5% speedup in page
You can – and should – load times will result in a better
One of these images is compressed 9% more than the other. Can
compress images. However, the experience for your users.
you tell which one? We can’t, but we know that one loads faster.
most common form of image The images from Mozjpeg are
compression is JPEG, and that’s completely compatible with normal
over 20 years old. There are better JPEG decoders, so you can view specifically tuned for web images,
options, but the nasty world of them in older web browsers without and isn’t intended as a general
patent enforcement means they’re any plugins or additional codecs. purpose JPEG tool. If you’re
rarely used. Mozilla, the creator of the tool, is planning on printing images, then
Mozjpeg isn’t a new compression keen to point out that Mozjpeg is you should stick with a standard
standard, but an optimised JPEG JPEG library, as this will give better
compression tool using newer images at this quality.
techniques behind the scenes to “Mozjpeg is an optimised JPEG
squeeze images down to the
smallest possible size while
compression tool for the web.” PROJECT WEBSITE
https://github.com/mozilla/mozjpeg

Graphical command tool

CmdLauncher
T
he Unix shell interface is an arcane command line tool, you can
amazingly powerful thing. quickly create a config file that
It’s arguably the most means they can use the tool in a
powerful interface ever created for friendly window without having to
computing. However, it can be know what’s going on underneath.
intimidating for new users. By deciding on the particular
CmdLauncher is a GUI for command options you make available, and
line tools to allow new users to use how you name them, you can help
things like grep without delving them use particular tasks. You
down into the text interface. could even use it to create an
CmdLauncher isn’t built for a interface for any shell scripts you
specific set of commands; instead create. If you do create useful
it uses configuration files created config files, be sure to share them
for each command. These are fairly as it would be helpful if the software
straightforward and can easily be came with more than the two
Never before has it been
created for new commands. It only examples. run the command line, but this is
so easy to get started
comes with two: grep and upx (a CmdLauncher can only be used with grep. just powerful enough to help some
tool for creating compressed for individual commands, and you people who aren’t interested in
executable files). can’t set up chains of CmdLauncher computing get things done without
Another way of looking at instances that each pipe data into making the plunge to the shell.
CmdLauncher is as a GUI builder for the next, so it’s not a complete
PROJECT WEBSITE
text-based tools. If you need to help replacement for the shell interface.
http://cmdlauncher.topbug.net
someone use some particular Advanced users will always have to

72 www.linuxvoice.com
FOSSPICKS

FOSSPICKS Brain Relaxers
https://launchpad.net/pybik/
Online card game

NetMauMau
T
he card game Mau Mau NetMauMau is a client–server
is similar to the game based game that you can play
Uno: you have to get rid of either with other players across the
all your cards by playing a card of internet, or with a computer AI on
the same suit or number as the the network, and there can be up to
one previously played. A few five people in each game.
cards have special rules, but We didn’t find the AI especially
there doesn’t seem to be a challenging, but we should point
general consensus on which out that the reviewer spent many
cards have what special rules. nights perfecting his Mau Mau The internet has a full NetMauMau is any way to search
Instead, it’s common for different skills in Tanzania where he didn’t list of optional rules, for public servers. If you fancy a
though few of them are
groups of people to play by have a TV or computer, so had game, you’re limited to either
implemented in
slightly different rules. The nothing else to do apart from create playing against AI, or locating
NetMauMau.
makers of NetMauMau outline increasingly complex techniques opponents for yourself. Perhaps
their rules on the GitHub page for shedding cards in Last Cardi (as this is for the best, as our
(https://github.com/velnias75/ Mau Mau is known in Swahili). The memory of Mau Mau is as a
NetMauMau) and far be it from trick, as with so many games, is to social game, and that would be
us to claim these are wrong. If always think not of what you can lost on people you didn’t know.
you disagree, there are a few play now, but what you’ll want to
command line options to change play in the future. There’s more to PROJECT WEBSITE
the rules to something that suits this game than it initially seems. nhttps://github.com/velnias75/
NetMauMau
you better. The one thing missing from

Racing game

Dust Racing 2D
C
ar racing games are hard so you don’t need a top-spec
to do well. To feel right, graphics card or proprietary blobs
they need to have smooth to play.
graphics, physics that work The controls are simple (by
properly, and AI players that default just the arrow keys), so it’s
present the right levels of quick to get started, even for people
difficulty. Dust Racing 2D is a not used to racing games. There
top-down car racing game that are five tracks to play by default
Car control isn’t our strong point, but what we lack in finesse,
gets all these right. (although only one is unlocked until
we more than make up pure speed.
It sometimes feels a little like you prove your racing chops), or
you’re driving on an oil slick, and you can design your own with the
learning to handle the car is a key level editor. to the finish. There are various
part of advancing in the game. It Overall, Dust Racing 2D isn’t a two-player options (regular race,
claims to be a 2D game, but this complex game, but it is great fun to duel and time trials), so you can
isn’t quite right. Although it slide around corners and bounce challenge your mates to some
doesn’t have full 3D, it does have off your competitors in a mad dash open-source racing fun.
some effects that gives a 3D feel
to the top-down view. Our test
system has Intel HD graphics “It’s great fun to slide round corners PROJECT WEBSITE
and no graphics card, and on this
it ran smoothly and looked great,
and bounce off your competitors.” http://sourceforge.net/projects/
dustrac/

www.linuxvoice.com 73
TUTORIALS INTRO

TUTORIALS
Dip your toe into a pool full of Linux knowledge with nine
tutorials lovingly crafted to expand your Linux consciousness

In this issue…
76 78 82

Ben Everard
is using technology as an excuse not to venture
out into the cold, dark world.

Squeezelite Easy Android ddrescue

T
his month I’ve been mostly Stream your favourite tunes Time to move to a Corrupt hard drive? Lost
playing with the new Raspberry to different devices around smartphone? Les Pounder hours of work and Apple
Pi. It’s quite an impressive piece the house, controlled reveals the easiest way to holding your disk hostage?
of kit, and it’s joined my collection of by your phone, just like develop applications for Let superhero Mark Crutch
small ARM boards along with the Udoo, Graham Morrison. Google’s Android OS. fix it with Linux.
Odroid, Matrix TBS, BeagleBone Black,
and others. In fact, I’ve owned more
ARM computers than x86 – and that’s
86 90 94
excluding embedded devices, mobile
phones and tablets.
This means most of my processors
were designed right here on this
precious stone set in the silver sea (as
Shakespeare put it). However, the fact
that they were designed in Britain isn’t
as important as the fact that they
IRC clients Shares Olde languages
weren’t designed in America. Protocols aren’t just for Tame the stockmarket Juliet Kemp takes a look
Has Silicon Valley lost its touch? To C-3PO. Richey Delaney and make millions using back at how programming
take just one example, the most uncovers the mysteries of just command line tools. languages evolved to
innovative new phone systems are no the IRC protocol and show Andrew Conway shows you become what they are
longer American (Sailfish from Finland, you how to build a client. how to get rich*. *your mileage may vary today.
Tizen from Korea and Ubuntu Touch
from the UK). OK, you could also
include Firefox OS in that list, but even PROGRAMMING
though Mozilla is based in America, it’s
international and the phones aren’t Arduino Code Ninja Assembly language
targeted at the USA. 98 Turn bytes into fonts and 102 As the only one of us in the 104 In part two of this series,
It’s starting to feel like the only things fonts into images to turn office to use the KDE we look at conditions, loops
noiseless electronic signals from desktop, Graham Morrison has a and libraries – the key to building
left in the Valley are outdated but
an Arduino into a readable responsibility to show the rest of blocks of more complex programs.
entrenched companies, and new interface – and do it all while us how good KDE and its graphical You’ll also get a better
startups creating overvalued websites. using as little memory as possible. toolkit, Qt can be. So here’s how to understanding of how to use
That doesn’t matter though, because Nick Veitch is the man with the build a fully functional web registers. Once you’ve mastered
the rest of the world is more innovative cheap microcontroller board, a lot browser with Qt and a few lines of these, you can graduate beyond
of patience and a smattering of Python. Oh, and the PyQt bindings hello world to make your programs
than it’s ever been.
C++ skills. to stick them together. do real work.
ben@linuxvoice.com

www.linuxvoice.com 75
TUTORIAL AUDIO STREAMING

SIX STEPS TO AUDIO
TUTORIAL
STREAMING PARADISE
Install and configure the best audio streaming solution we’ve
GRAHAM MORRISON
found: Logitech Media Server.

T
here used to be a product not so long ago that
WHY DO THIS?
enabled you to simply run a custom developed
• Stream music from one
and open source music server on a PC or
source throughout the
whole house. NAS and plug the player into an amplifier, and get
• Put dusty old hardware complete access to your music. The company was
to work as a music client. called Slim Devices and its product was called a
• Never be without your Squeezebox. In 2006, the company was bought by
faourite tunes.
Logitech, which continued to make lovely boxes until
last year, when the whole project was canned.
Fortunately, the server was open source and has
continued to be developed. This is a wonderful thing,
because it’s the best piece of music streaming
software we’ve found – and to demonstrate this, we’re Logitech Media Server (LMS) is a brilliant solution for
going to get it up and running in just six easy steps. controlling and playing music from an Android app.

Step by step: Music streaming with Logitech Media Server
1
Install the server 2
Setting up the server
The server component manages your local music If you point a local web browser at localhost:9000 (or
collection, streams your music to clients, and offers a replace localhost with the IP address of your server
web interface and a way to remotely control your for LAN access), you’ll be presented with the first page
music playback. We’re going to install the latest server of the startup wizard. The first page asks you to
package on Xubuntu 14.10, but you should find the create an account with mysqueezebox.com, but we’d
process similar for many other distributions, recommend skipping this step and pressing Next. The
especially as we’re installing the package ourselves. next page asks for the location of your music
As Logitech no longer supports the product, its collection, so you need to navigate to the root folder of
official repositories are now out of date, so we your files. You can also install plugins onto Media
grabbed the Debian Installer Package version of the Server to give you access to music from internet radio,
latest bleeding-edge community release (7.9.0) from iPlayer, YouTube and subscription services like Spotify.
http://downloads.slimdevices.com/nightly. This is a The next step asks where you keep your playlists, and
Deb file that can be installed on Ubuntu derivatives you can make this the same as your music folder.
with a simple click – though you’ll need to accept the Click on Finish and the server will start scanning your
caveat that you’re installing a package from an collection and creating a database.
insecure source. The command line equivalent is to
type sudo dpkg -i followed by the package name.

76 www.linuxvoice.com
AUDIO STREAMING TUTORIAL

3
Add some plugins 4
Install the client
The server’s web page should now transform itself It’s not time to connect your client hardware to your
into the playing interface with two panels. On the left network and your speakers and it would discover the
panel you’ll find your music sources, including your server and allow you access to your music through
own collection within ‘My Music’. to the right, you find the bundled remote control. Fortunately, there are two
the area that holds your dynamic playlist. It will show open source projects that re-create the hardware in
track names and images as you add and play them. If software, enabling you to add as many clients as you
you want to add extra sources, click on the Settings want. You can even install them into the same
button on the bottom-right. This is where you can machine as the server. One option is called
change everything about your server installation, but SoftSqueeze. This is a Java-based tool that recreates
for now, just click on Plugins. If you use Spotify, we’d the look and feel of the hardware. We like it. But we
highly recommend Triode’s unofficial plugin. If you’re prefer a more lightweight option called Squeezelite.
in the UK, the iPlayer plugin is also excellent for This is a command-line tool that takes little resources.
catching up on BBC radio. Some plugins will need the Most repositories will have Squeezelite available from
server to be restarted, and if you need to add login their default repositories and you’ll need to install this
credentials, such as for Spotify, you can do this by along with flac, libfaad2 and libmad0 packages for
clicking on Customise in this list afterwards. Flac, AAC and MP3 support.

5
Run the client 6
Playing the music
Our client of choice, Squeezelite, needs to be told what To get playing music, open up your web browser and
audio interface to use and the address of your server. point it again at port 9000 on the IP address of your
You can list all detected sound devices by typing server. In the top-right, next to the Logitech logo,
squeezelite -l. If your system is running PulseAudio, there’s a small drop-down menu and you’ll be able to
you should see this listed as ‘pulse’ and we’d select your Squeezelite player from here. You can add
recommend using it. The argument for telling players for different rooms and control them all from
Squeezelite which audio device to use is -o “EXACT_ here. With a player selected, use the left panel to
DEVICE_NAME’. While you can also tell Squeezelite the navigate through your music and either add tracks to
specifics of your audio interface’s capabilities, it the dynamic playlist or play whole albums. You can
always will try the best option based on the source play music from your other music sources in the
material. You’ll need to add -s IP_ADDRESS to tell the same way, and as soon as you click Play, the
client the IP address of your server – ‘localhost’ works Squeezelite client will make a sound – if MP3 sources
too if you’re running the client on the same machine don’t work, make sure you installed the libmad0 or
as the server, and we like to provide a name for the mpg123 libraries. You can remotely control the
player with the -n argument. Here’s our invocation for volume from the web browser and we’d also
reference: squeezelite -o pulse -s localhost -n recommend installing the free Squeezebox app in
xubuntu (adding -z will run the player in the Android for complete remote control.
background, silently as a daemon).

www.linuxvoice.com 77
TUTORIAL APP INVENTOR 2

CREATING AN ANDROID APP
TUTORIAL
WITH APP INVENTOR 2
Did you think that building your first Android app world be difficult?
LES POUNDER
Let us guide you through a tool that's as easy as Scratch.

S
ince the introduction of smartphones in the mid
WHY DO THIS?
2000s the world has been gripped by the latest
• We will learn the apps. From Angry Birds to lifestyle guides the
basics of building an
application using MIT app has become part of our daily lives. Typically an
App Inventor 2 and how application for the Android operating system is written
we can use coding using an application such as Android Studio, which
concepts within our
application. uses a traditional textual language that closely
resembles Java. For some this may prove daunting as
the editor is rather a large beast to deal with. So how
TOOLS REQUIRED can we enable children to learn the basics of creating
• A computer running a an app? Well by following this tutorial of course.
recent version of Firefox In this tutorial we will be using an online editor
or Chrome/Chromium. called MIT App Inventor 2, which enables anyone
• An Android device with a
to create their own Android application using an
camera.
interface that's not too different to Scratch.
• An internet connection.
First, open up a web browser and visit http://
• A barcode scanning
app installed on your appinventor.mit.edu then click on Create, which is in
Android device. We the top-right of the screen. In order to use App Inventor
used Barcode Scanner
you will need to register for an account; this enables
by ZXing Team. https://
play.google.com/store/ you to create and store your projects in the cloud
apps/details?id=com. enabling access from another machine.
google.zxing.client.
The first interface that you can see is the Designer
android
interface, and in here you will create the look and feel
for your application, for example adding images, text
and buttons. The Designer interface is split into four
panes, and they are from left to right:

Palette
Just like Scratch has a palette of commands, so does Our application is a QR code scanner app that triggers the
App Inventor. In here you'll find user interface playback of multimedia content.
components such as buttons, lists and picker applets.
There are also components for layout, working with storage formats for your projects data. In the last two
The Designer interface
media such as audio and video, canvas tools to create menus, Connectivity and Lego Mindstorms, you'll find
contains all of the
graphics. You can also utilise sensors such as components that enable your device to talk over
components that are
used to interact with the location, barcodes and accelerometer using this tool. Bluetooth and work with Lego Mindstorms devices.
application and other In the Social menu you have tools for accessing
forms of input, such as contacts, sending and receiving text messages and Viewer
sensors and cameras. even Twitter. In the Storage menu you'll find different Components from the palette can be dragged into the
centre of the screen, the Viewer, where there's a
simulation of a phone screen. Components such as
buttons, lists and images are known as visible
components, in that they can be seen on screen.
Non-visible components such as TextToSpeech or
Sound can be controlled using visible components.
To the right of the Android device simulation we can
see the Components pane, which shows all of the
components that are in use for our project. By clicking
on a component the final pane, labelled Properties,
changes focus to reflect the component that has

78 www.linuxvoice.com
APP INVENTOR 2 TUTORIAL

been selected. In the Properties pane we can alter
various aspects of components. Running and installing apps
So where the Designer interface provides a means MIT App Inventor 2 comes with two solutions based systems is made easier thanks to a
to alter the look of a project, our next interface will to test your apps. The first is a companion dedicated DEB file. For other Linux distros
enable us to program the behaviour of our project. app that can be installed via the Play Store, download the tar.gz archive and follow the
it’s called MIT AI2 Companion and it is a free instructions for installation.
Our project download. This app connects your Android Once installed the emulator should be
device to your app and enables you to test called from the terminal using the following
In our project we will be creating an application that and amend your app, with changes being command
can read QR codes and use the data contained in the instantly reflected on your Android device. /usr/google/appinventor/commands-for-
code to trigger the playback of audio, video and This is the best way to test your app as you Appinventor/aiStarter &
images. Potential use cases for this type of project will be testing on real hardware. For this The emulator will now work in the
can be interactive art installations, notice boards in tutorial I tested compatibility using two background, return back to the App Inventor
devices, an HTC Desire HD running Android interface and click on Connect > Emulator,
schools and public places and audio guides for 2.3 and a Motorola Moto G running Android found at the top centre on the screen. This
working with equipment in a makerspace. 4.4. will now enable your project to connect
The project works like this. If you do not have access to an Android to the Emulator and run a virtual Android
User presses button. device then you can use the Android device. On the home screen of the device is
Button is programmed to launch a barcode scanner app Emulator which can be found via their the MIT AI2 Companion app. Use your mouse
website http://appinventor.mit.edu/explore/ to activate the Companion app, and in a few
ai2/linux.html seconds your project will be on the virtual
A QR code is scanned and the value contained in the code is Installation of the emulator for Debian Android device.
translated.
The value is then compared to three known values using If...Else
If...Else If. For our project we will need the following visible
If the value is equal to “RPI”. components
Create a pop up window to display a message. Image x 3
Play audio. TableArrangement
Play a Youtube video. Button
WebViewer
Else If the value is equal to “Pibrella”. And the following non-visible components
Create a pop up window to display a message. BarcodeScanner
Play audio. Notifier
Play a Youtube video. Sound
ActivityStarter
Else If the value is equal to “ROBOT”
Create a pop up window to display a message. Visible components
Play audio. From the User Interface section of the Palette we will
Open an image on your phone. grab the image component and drag it into the Viewer
We’ll start by creating a new project, so make sure area, ensuring that the component is hovering over
that you're in the Designer interface. You can create a the Android screen. Let go of the image component
new project via the Projects drop-down at the top-left and it will snap to the top-left of the screen. This will
of the screen. Select Start New Project and give your be the image for the top of our app. If you would like
project a name followed by pressing OK to continue. the image to stretch across the screen look in the
After a few seconds the screen will update and Properties pane for the width option and change it to
present a blank representation of an Android device. Fill Parent. With the image in place our next
component is an invisible TableArrangement
component that can be found in the Layout section.
Place this underneath the image and change its
properties so that it has one row and three columns,
as this will help us later in the project. Next, insert a
Button component into the middle cell of the table
that you have just created, and change the text
property of the button so that it instructs the user to
press it.
Next we need to do a little hacking to ensure that
our button is centred. The best way to do this is to
create an image that is 100 pixels wide by 10 tall
using the Gimp image editor, upload it to App Inventor
and place it in each of the cells to the left and right of
Initially the if construction only has one possible the button using Image components. For each image
condition. You can add more using else if, which can be edit its properties so that it Fills Parent, and hey presto
found via the blue cog icon. your button will be centred.

www.linuxvoice.com 79
TUTORIAL APP INVENTOR 2

The companion app, which We’ll start with creating the Button Clicked event. In
enables you to test and the Blocks pane find Button 1(it will be under Screen
debug your application 1). Click on Button 1 and a new menu full of blocks
before installing it, can be
will appear. We're interested in the top block, which is
found in the Google Play
store. a C-shaped block labelled “When Button1.Click”. Click
and drag the block on to the viewer. C-shaped blocks
such as this are used for control and events, such as
pressing a button. Inside the “When Button1.Click”
block we need to add “call BarcodeScanner1.DoScan”
which is found inside the BarcodeScanner1 blocks
menu. So what have we just achieved? We have
created an event (the button press), and an output
that is triggered by the event (launching the barcode
scanner app).

Evaluate the QR code
With the barcode-scanning aspect of the project
complete, we need to build an algorithm that
evaluates the code presented and acts accordingly.
When the barcode scanner reads a QR code, the code
contained within is decoded into plain text. This is
then compared to the hard-coded values in our
algorithm. To start we need another C-shaped block
For our last visible component we'll use a from BarcodeScanner1 labelled “When
WebViewer from the User Interface section. The BarcodeScanner1.AfterScan” and inside it we will
WebViewer enables web content to be displayed store the algorithm to run after a successful scan. To
inside an app. We changed the HomeUrl property to start our algorithm open the Control Blocks and locate
the Linux Voice website. “If...Then” and drag it into the Viewer pane. You will
notice that there's only room for one condition and the
Non-visible components resulting output triggered by it. For our algorithm we
In the Sensors section we can see the need to have two further conditions to evaluate
BarcodeScanner component; drag this on to the against and to add them we need to click on the small
Viewer pane. The component will not rest in the blue icon located in the top-left of the C-shaped block.
Android device, rather it will drop to the bottom of the This will create a pop-up window that enables us to
Viewer pane due to it being a non-visible component. alter the structure of the block to accept further
From the User Interface section grab the Notifier conditions by dragging the else if into the smaller
component and drop it into the Viewer. Our next representation of the algorithm, once completed you
component is the Sound Player, which can be found in must click on another part of the screen to close the
the Media section. Drag this in the same way as the small pop up. Our C-shaped If block now has two
other components. With the Sound Player component further conditional checks that we can now use in our
highlighted you'll see the Properties panel change to code. Inside the first of our conditions, “If”, we set the
reflect the properties of this component. In this case first test
we see the Minimum Interval and the Source; we are If the results of the scan are the same as “RPI”
interested in the Source. Click on the white box under To create this test we need to use a number of
the source and a simple menu will pop up. Click on blocks. First, look inside the Logic blocks for '_ = _'.
“Upload File…” and select the audio file from your This block uses comparative logic to evaluate the left
computer. MIT App Inventor is compatible with WAV value to the right. If both are the same, the answer will
files and MP3. The last component to add to the app be True, and the condition is met. In the first blank we
is ActivityStarter, which can be found in the need to place the “BarcodeScanner1.Result” from the
Connectivity section. This component enables us to BarcodeScanner1 Blocks and in the second blank we
open other applications with our app, for example need to use a block from Text, which is just a blank
YouTube or Google Maps.
With the design of our app complete for now, let's
Project code
turn our attention to creating the code that will make
our app come to life. Change to the Blocks interface You can find the complete code for this project at our
via the button in the top-right of the screen. In the GitHub repository https://github.com/lesp/LinuxVoice_
Blocks interface we can see the blocks that we Issue13_AppInventor, or those of you unfamiliar with Git
can download the complete package as a ZIP file from
can use in our project – these comprise the built-
https://github.com/lesp/LinuxVoice_Issue13_AppInventor/
in programming concepts that are specific to the archive/master.zip.
components used in the Designer interface.

80 www.linuxvoice.com
APP INVENTOR 2 TUTORIAL

QR codes
QR codes have been with us for many years and have been
used to create an automated method of launching a web
browser to a specific page and been used to automatically
send an SMS to a specific number.
QR stands for Quick Response and was developed in
1994 by Denso Wave as a means to track vehicles during
the manufacture process for the Japanese motor industry.
In this project we created a series of QR codes that
stored a plain text value that was passed to our app once
the code was scanned. To create your own QR codes there
are many online resources; for this project we used the
resources at http://qrcode.kaywa.com, which are free of
charge. To use the site, select the type of code that you
require, in this case text, which can be found under the The blocks used to
external viewer application, in this case YouTube, and
More drop-down menu. In the white box type in the text – program your application
we used RPI for our first code – then click Generate. Hey pass it the URL for the video. should end up looking
presto you have created a QR code. For the next “Else If” condition we can duplicate like this. A high resolution
the code already written for “If” by right-clicking on version can be found in the
the code and selecting “Duplicate”; once you have the Github repository for this
string. Inside that string we need to type in the text duplicate blocks, arrange them inside of each “Else project.
that will be contained in our QR code. With the first If” section just like before. Remember to change the
condition created now we need to create the code text that we expect to see in the QR code, and the
that will run once it is met. We’d like to have a pop-up message contained in the pop up.
message appear on the screen. For this we can find For the last “Else If” condition the blocks contained
the block in Notifier1 called “call Notifier1.ShowAlert are a little different. The condition test, comparing the
notice”. Attach this block to the “then” section of the If QR code to a keyword is the same, but the code that
condition. Next we need to use a Text block labelled is run once this condition is true is different. A pop up
“ " (for a blank string) and attach it to the ShowAlert is still created and a sound is played, but rather than
block that we have just placed – remember to add call a YouTube video the app will open an image inside
your own text to the blank string. This now creates the app. To do this grab “call WebViewer1.GoToUrl”
a pop-up that will produce a message once a known from WebViewer1 palette, and grab a blank string
code has been scanned. Now we need to add the “Call from Text. Inside the blank string block paste a link to
Sound1.Play” block from Sound1 and attach it to the an image. This action will trigger an image to appear
pop-up message that we just created. This will play inside of our app. Well done: you've made an app!
the audio file that we earlier uploaded. To test your app on your Android device you'll need
Our next series of blocks inside of the If condition to connect your device to the internet and then start
control opening an external application, in this case the MIT AI2 Companion app on your Android device.
YouTube. From the ActivityStarter1 blocks use “set On your PC in the Blocks or Designer interface, click
ActivityStarter1.Action to” and also grab a blank string on Connect and then AI Companion. You can enter
block from Text. Inside the blank string box, type the the code from the PC into the Companion app on your
following. device or you can scan the QR code. The two should
android.intent.action.VIEW now connect up and your app will be on the screen of
This instructs the app to open an external your device. Once you're happy with your app you can
viewer application. Our next block is also from the build it into an installable file for use on many devices.
ActivityStarter1 palette and is “set ActivityStarter1. To do this, navigate to the Build menu and select
DataUri to”. Again, you will need a blank string block “App (provide QR code for .apk)”. This will build the
from the Text palette. Inside the blank string block, application on MIT's servers and provide you with a
paste in the link to a YouTube video. Our last block in QR code to download the app to your Android device.
the If condition is “Call ActivityStarter1.StartActivity” Use the barcode scanner app installed on your device
and this block will start the process of calling the to download the file.
Once downloaded you can simply click on the
file to install it on to your device. Typically apps are
installed from a “trusted” source, which is the Play
store. Installing your own apps requires that you allow
installation from “Unknown Sources”, and you can find
this option in your device's Settings > Security. Put a
tick in the box and retry installation of your app.

Les Pounder divides his time between tinkering with
hardware and travelling the United Kingdom training teachers
The final application should look something similar to this
in the new IT curriculum.
layout which we used in this tutorial.

www.linuxvoice.com 81
TUTORIAL DDRESCUE

DDRESCUE: SALVAGE DATA
TUTORIAL
FROM DAMAGED DISKS
How a GNU and a penguin rescued a bear from a broken hard drive
MARK CRUTCH
and the clutches of the evil empire.

C
ome with us, gentle reader, on an exciting mockingly intact Macs in Apple’s store, and proceeded
WHY DO THIS? adventure into the world of data recovery. to post to his blog.
• Earn respect and There will be loss and sadness, a hostage-
admiration by taking mega corporation, a triumphant recovery, and Chapter 2: A drive held hostage
recovering ‘lost’ data. lessons learned. Plus a comic book bear with an Meanwhile, at Linux Voice HQ, a Raspberry Pi was
• Learn about disk eye-patch. Welcome to the first draft of Bertie Bear and grepping its way through the internet. It paused to
images.
the Disk of Corruption… parse Andy’s message, before triggering the launch of
• Remind yourself that it’s
time to make another a foam dart and the careering dance of an ice-cream
backup! Chapter 1: An artist’s grief tub with wheels. This was our signal to leap tigerish
It seemed like any other day for independent artist into action.
Andy Clift, as he booted his Apple Mac to continue “Somebody on the internet’s got a hard drive
work on the latest instalment of his comic book problem!” cried our illustrious leader, his fingers
series, “Bertie Bear and the Dagger of a Thousand already walking over to a pile of Linux CDs as he
PRO TIP Souls”. But within seconds of hearing the familiar contemplated his rescue plan.
Some distros’ repositories start-up chime, his Apple turned sour. “Drive Error”, it “But it’s only a Mac user,” replied a cynical voice
contain both dd_rescue reported, refusing to proceed any further. Andy looked from the corner, rising on a column of solder fumes
and GNU ddrescue, so
double-check which one on in dismay, his mind churning with frantic thoughts; and flux.
you’re installing. Debian he knew he had backups of most of his files, but the “We’re better than that!” came the response. “We
derivatives use gddrescue latest drawings of Bertie’s adventures had yet to make should be prepared to help our fellow man wherever
as the package name for
the GNU version and their way off the reluctant drive. He packed his iMac we can. Besides, it’s a good opportunity to see how
ddrescue for into a box and headed off to the nearest Apple store’s effective Linux’s HFS+ support is.”
Kurt Garloff’s dd_rescue “Genius Bar”. So we contacted Andy to offer our meagre skills in
command.
Too late he found that the “Genius Bar” is something trying to recover his work from the drive, just as soon
of a misnomer. The staff there are better trained than as he received it back from Apple.
most sales assistants, but it transpires that there’s You might expect that, having paid Apple over
not even an IQ test required, let alone membership of £200 to replace the hard drive, the old disk would
Mensa, before a keen employee can be promoted to be returned with the refurbished machine. Instead
the position. Suffice to say that the “genius” failed to Apple demanded a ransom (our term, not theirs) of
The scorch marks show
where a single bad PSU demonstrate any advanced skills beyond the ability to an extra £90 for its return! At first Andy was reluctant
simultaneously destroyed send the machine to Apple’s service centre for a new to increase his spend to almost £300, but when we
the electronics of both drive to be fitted. Resigned to never seeing his latest pointed out that his credit card details, usernames
these drives. creations again, Andy made his way to one of the and passwords would soon be in the hands of some
third party salvage company, he decided to pay the
ransom and reclaim the drive. Any data we could get
off it would be a bonus.
When the disk arrived our first step was a visual
inspection. We’ve seen several drives rendered
useless by bad power supplies, but with no obvious
burn marks or charred components on the visible
side of the drive’s circuit board, we connected it to
our recovery machine. Attaching it straight to the
motherboard would give us the fastest transfer
speeds, but unseen electrical problems would be
more likely to damage the host machine. We chose,
instead, to place it into an external drive caddy,
to provide a little extra electrical insulation, at the
expense of limiting the data transfer to USB2 speeds.
We plugged in the USB connector and to our delight
the drive was picked up instantly, our Mate desktop

82 www.linuxvoice.com
DDRESCUE TUTORIAL

promptly opening a window showing the drive’s
contents. This told us that the device was basically
working, and we listened for the tell-tale sounds of
mechanical issues emanating from the disk’s moving
components. We also took the opportunity to examine
the structure of the drive using Mate’s ‘Disks’ program
and found that there were three partitions: ‘boot’, ‘data’
and ‘recovery’.
With everything appearing – and sounding – as a
good drive should, we guessed that the problem was
down to a few bad sectors that had been enough to
annoy OS X. With no idea where on the disk those bad
sectors might lie, it would be foolish to simply copy
the data using the normal desktop tools, so we opted
to create a full disk image to work with. Now we ask
you, honoured reader, to imagine the strumming of a
harp and a wobbly fade effect, as we take a break in
our narrative to switch to the flashback section…

Chapter 3: A tale of four DDs
As the soft sound of the harp dwindles to nothing, we
The first pass took 28
find ourselves at the dawn of time. Okay, a little after is definitely not what you want when dealing with a
hours. Thankfully the
the dawn of time, but still pretty early in the annals of suspect drive. subsequent runs only took
history. And, of course, we mean shortly after the Years later, building on the name and basic minutes.
dawn of “Unix time” – 1 January 1970. premise of dd, Kurt Garloff created dd_rescue, a tool
Back in those early days of Unix the dd command specifically designed to recover data from failing
was created as a means of copying blocks of data drives. It has error handling that enables it to keep
between devices. You can read more about it in Linux going where dd would fail. But that also means that
Voice #08, but it falls into our story because it’s a it can take a very long time to image a drive with
classic method for cloning from a drive to an image lots of read errors.
file. Because dd deals with blocks of data directly, it To speed up this “dd can be used to create a
can be used to create a sector-for-sector clone of a
drive even if it has foreign partitions. Unfortunately the
process, Valentin
Lab created a
sector-for-sector clone of a drive
way dd works makes it less than ideal for recovery Bash script called even if it has foreign partitions. ”
tasks: it aborts on read errors, for example, which dd_rhelp, which
optimises the way
Alternative tools in which dd_rescue performs its job. When dd_rescue
finds errors dd_rhelp makes it re-start at a later sector,
During this little adventure we used the Mate Disks hoping to find another good section of the drive,
application. This was formerly known as Gnome Disk
Utility or Palimpsest, and is available in most Gnome-
while keeping a log of the recovered parts of the drive
derived desktop environments. If you’re using a different so that it can work out which ones still need to be
environment you can still do everything in the article, but revisited. In this way it aims to recover the readable
you’ll need an alternative set of tools. parts of the drive as quickly as possible, before going
For simply looking at the partition structure of a disk or back to areas that may not yield any useful results.
mounted image, the venerable fdisk command line tool is
present on almost all distributions, as is the GNU parted
It seemed that the combination of dd_rescue and
application. If you prefer a GUI then GParted is a great dd_rhelp is just what we needed, but there was one
PRO TIP
GTK front-end to parted, or you might prefer the KDE more contender to consider: the confusingly named
Partition Manager, which also uses GNU’s libparted library Use Ctrl+C to stop
ddrescue (without the underscore).
under the hood. ddrescue. Provided you
Officially known as “GNU ddrescue”, ddrescue aims use a log file you can just
Mounting a partition within a full disk image is a little
to do the job of the dd_rescue/dd_rhelp combination, start it again later and it
more tricky, with a general lack of GUI tools. It is possible will resume from where it
to manually calculate the start position of your partition, but in a single application. It keeps a log file of its
left off. This even works
then use it as an offset to the mount command. A less progress, and attempts to speed through the readable if your machine crashes
masochistic option is the kpartx utility, which can list data on a drive as quickly as possible, coming back to mid-recovery!
partitions in a disk image and mount them all for you, bad areas later. It can be stopped and then resumed
without the need for maths.
kpartx -av hard_drive.img
at another time, and you can run it repeatedly without
This will mount all the partitions to devices under /dev/ affecting previously recovered blocks. On our Linux
mapper in the filesystem – see the kpartx man page for Mint box, sudo apt-get install gddrescue was the
more details. Once you’re done remember to delete the right invocation to install it. With our weapon of choice
partition mapping and unmount the image: in place, it’s time to return to our adventure. Cue harp
kpartx -d hard_drive.img
and wobbly fade as we head back to the present day…

www.linuxvoice.com 83
TUTORIAL DDRESCUE

Yes, that bit of text in the
corner that says “Disks” is Chapter 4: An ursine rescue sudo ddrescue -R -r3 /dev/sdb hard_drive.img rescue_log
actually a menu. With Andy’s drive showing up as /dev/sdb on our Almost 15kB was recovered by that approach,
penguin-powered machine it was time to send leaving us with only 5,120 bytes of unreadable data.
ddrescue stampeding in to flush out the easily We tried a few more passes, but no additional data
recoverable data. We just had to specify the source was forthcoming. Still, 5kB of bad data seemed pretty
drive followed by the names of the image and log files. good to us – and as it was all on the boot partition
Note that the command is ddrescue, even though the we were confident that Bertie Bear would live to fight
package we installed was gddrescue. another day. Had the errors been on the data partition
sudo ddrescue /dev/sdb hard_drive.img rescue_log then we might have persevered a little more. With
PRO TIP
To our dismay the first errors arrived quickly. The any suspect drive, however, there’s always a danger
Sometimes a damaged
drive is more cooperative errsize figure in the output grew rapidly. 40,000 that you’ll speed up the degradation of the device,
when it’s had a chance bytes… 50,000… then at just over 60kB the figure so the rule should usually be to get as much data as
to cool down. Stop stopped increasing. Could we really have been so possible, as quickly as you can, and only spend extra
ddrescue, detach the
drive for a while, then lucky? Was the damaged data confined solely to the time on stubborn sectors if you really need to.
reattach and resume a boot partition, meaning that Andy’s personal files
little later. were all intact? We wouldn’t know the answer for Chapter 5: A bear in a gilded cage
some time – over 28 hours at USB2 speed – when Although we now had an image of the drive to work
ddrescue finished its first pass. with, in some respects we’d actually taken a step
The errsize still stood at 60kB! backwards. Whereas we had previously been able to
We didn’t want anything from the boot partition, access the files on the drive directly from the desktop,
so there was no real need to continue. But we were now the crown jewels we sought were trapped inside
curious to discover just how much ddrescue might be a partition which was in turn inside a disk image.
able to recover from those damaged sectors. We let it We were only really interested in one of the three
PRO TIP run on, continuing through its remaining phases, and partitions. Had we imaged each one individually
dd, dd_rescue and quickly the errsize dropped to about 20kB. we would be able to mount it directly using Linux’s
ddrescue all use different
command line options
20kB of bad data after just a single run was loopback interface. But we’d imaged a whole drive,
and parameters, so make certainly impressive. But stubborn sectors can with partitions inside it. We needed a way to tell Linux
sure you know which one sometimes be persuaded to give up their data if you to mount the drive, then mount the partitions within it,
you’re using, as a mistake
could be disastrous.
just ask them often enough, so we ran ddrescue a before we could gain access to the files themselves.
second time, instructing it to retry each bad sector up It turns out that Mate’s Disks application has a
to three times. secret ability. It does such a god job of looking like
sudo ddrescue -r3 /dev/sdb hard_drive.img rescue_log a simple, single dialog application that few people
That recovered another half a kilobyte of data. notice it has a menu bar, hiding in plain sight. Clicking
Perhaps we could surprise the drive into responding on the lone menu reveals that it holds an entry that
by sneaking up on it from the other direction? Adding reads “Attach Disk Image”.
-R to the command told it to read the sectors in Using that option to attach our disk image
reverse order, working back into the damaged areas. immediately placed it into the list of drives alongside

84 www.linuxvoice.com
DDRESCUE TUTORIAL

When recovery gets tough
We were lucky with this recovery job because the damaged TestDisk (though the executable name is testdisk) can be
sectors were all in an unneeded partition. But what would we used to recover lost and damaged partitions by analysing the
have done if the damage had been to a partition we wanted? disk structure and recognising a number of partition types.
In any data recovery situation you should always make a If TestDisk is unable to recover the partition, PhotoRec can
disk image first, rather than working directly on the suspect often recover files at an even lower level. Despite its name,
drive, so the ddrescue step would be similar – but we would PhotoRec can find more than just photos: it understands an
probably have been a little more careful in our subsequent extensive list of file types, and it’s possible to add your own
runs to recover as much as possible. The most likely result file signatures should you need something more esoteric.
would be a readable disk image with some missing data. In It works by reading blocks from the disk or image directly,
that case it’s simply time to keep your fingers crossed that the so can recover files even if the partition format is unknown.
rogue bytes aren’t in any files you actually want. PhotoRec only works reliably on unfragmented data, though,
If the partition information itself is unrecoverable it’s time so don’t expect miracles when dealing with a well-used drive
to install TestDisk and PhotoRec, a pair of applications written that’s full to bursting.
by Christophe Grenier. These are often bundled together: You can find out more about TestDisk and PhotoRec,
installing them both on a Debian-based system just requires a including worked examples, at Christophe’s website:
single sudo apt-get install testdisk command. www.cgsecurity.org.

our other, physical devices. Selecting it populated the approach, so long as you thought that nobody was
rest of the window with the same overview of the looking?
partitions as we had previously seen with the real sudo caja --no-desktop
drive. Then we selected the data partition and clicked The external drive that Andy had sent us was
the “mount” button. A link appeared, proclaiming the formatted using Microsoft’s NTFS filesystem – which
path to the mount point. With some scepticism we doesn’t preserve Unix permissions. Knowing that
clicked the link, paused for a second, then released a OS X is quite capable of reading from such a drive, we
sigh of relief as a window opened before us, displaying just selected everything in Andy’s home directory and
the contents of Andy’s drive in all its Mac-based glory. dragged it straight to the external drive, assured that
You would be forgiven for thinking that the rest the pesky user ID wouldn’t be preserved, so wouldn’t
was easy. But this is the tale of data recovery across cause Andy a problem later. Finally Bertie Bear was PRO TIP
disparate operating systems, and for all the hubris of freed from captivity. You can use GNU
ddrescue as a
Silicon Valley the truth is that computers rarely make replacement for dd in
things that straightforward. Quickly we were stymied Epilogue a lot of cases – such
by permissions issues preventing us accessing all the A few days later we received news that Andy was able as writing an OS to an
SD card for use in a
files we wanted. to read the files from the backup drive. Andy’s files Raspberry Pi. They will
The problem is that Linux’s HFS+ support is a were intact, and he had learned a vital lesson about do the same job, but
little too good. As OS X is a Unix system at heart, so making backups. We had discovered a little more ddrescue provides more
feedback as it progresses.
its filesystem carries with it all the finer details of about ddrescue and how to recover data from inside a
ownership and access rights that you might expect partition in a disk image. And we had a rip-roaring
from a Linux-native format. On the Linux box our user adventure to write up for Linux Voice.
ID was 1000. Andy’s Mac had given him an ID of 500 Thanks to our efforts, Bertie Bear and the Dagger of a
– and that ID was gladly honoured by Linux, denying Thousand Souls, Volume 3 was released on schedule.
us access to many of the files. In a pique of laziness Interested readers can find this, and the previous two
we used sudo to launch Mate’s Caja file manager, instalments at http://bertiebear.bigcartel.com.
elevating ourselves to a position of computer But alas! as is so often the case in such tales, the
godhood, so that trivialities like file permissions would antagonist of our story still lives on and continues
no longer impede us. But ask yourself, dear reader, with their evil ways. Who knows how many drives are
who among you would not have taken the same being held hostage by Apple and their ilk? Despite our
slight dramatisation it really wasn’t too hard to get
Andy’s personal data from his drive. Imagine what
that means for all the “dead” drives that Apple has
sent for salvage, or for those that grace the listings of
Ebay, that fill the shelves of pawn shops, or that reside
in the carcasses of abandoned computers at rubbish
dumps across the land. Remember this tale the next
time you’re tempted to let an old hard drive out of your
hands. Oh, and one final thing: go and make a backup.
Now. We can’t always be there to save you.

Mark Crutch has been helping the world through Linux for a
while, but more importantly, he’s one half of the team that
At last Bertie could relax with a drink, now he was back at
creates the Elvie cartoon in our letters pages: peppertop.com.
home in Photoshop on Andy’s Mac.

www.linuxvoice.com 85
TUTORIAL IRC

INTERNET RELAY CHAT: GET TO
TUTORIAL
GRIPS WITH THE IRC PROTOCOL
Get to know the IRC protocol, using Telnet and coding a
RICHEY DELANEY
client in Python.

F
or whatever reason, humans seem to want to magazine founders are on IRC at #linuxvoice. It’s a
WHY DO THIS? communicate. Whether it’s snapping non-stop great means of sharing feedback and discussing what
• Communicate with like- selfies or handwriting beautifully crafted you enjoyed and perhaps didn’t enjoy about the latest
minded people across manuscripts to send to one another, expressing our issue or podcast. IRC is often a great way to start
the internet. opinions remains a staple part of the intellectual diet contributing to an open source project – projects will
• See inside the workings of most humans. IRC is an open protocol for group often have an IRC channel with some of the main
of a simple IRC client.
communication. It provides a way to transfer simple developers present who can likely help with any
plain text messages over the TCP protocol. issues you encounter.
The beauty of IRC is its simplicity: it’s a plain text
protocol, which means that you can experience IRC Getting started
without even having a dedicated client. Later in the The easiest way to demonstrate the IRC protocol is
tutorial, we’ll show how you can use a tool like Telnet using the very simplest of IRC clients, Telnet. Telnet, in
to use IRC at the socket level. It has clients on almost case you haven’t come across it, is a tool for logging
every platform imaginable, most with a list of useful into remote machines similar to SSH. It does not
plugins. default to a secure connection and therefore these
IRC had its inception in 1988, so it’s by no means a days it is more commonly used as a raw interactive
new technology. It was born of a need for a better TCP session. This enables the user to type the exact
instant communication mechanism when all that was data that they want to send and receive any raw data
available was bulletin board systems. There are other on the socket. We can use it as a very basic IRC client.
standards for messaging, both in a group and directly; For this example, and for further examples, the IRC
for example, in the open source world, XMPP is an network we’re using will be irc.freenode.org and the
open standard for real-time communication. Despite port we will be using will be 6667. The port for IRC is
these other standards, IRC still holds a special place in officially 194, however as this is a privileged port it
the open-source world. Many Linux distributions for means IRC server software cannot be run by anyone
example offer a lot of their customer support through other than root. As a result, the unofficial standard
IRC, and a lot of development discussion and port for IRC is 6667.
coordination happens on IRC channels. An example of To connect to the server, run Telnet as follows:
these would be the #linuxmint-help channel on the $ telnet irc.freenode.org 6667
spotchat IRC network: when a user first installs Linux After the connection, you will need to complete the
Mint, the welcome screen has the option of a “chat registration phase within a certain time frame or else
room” which directs the user to the IRC channel. the server will terminate the connection. If the
Go to #linuxvoice, then talk IRC is also a great way to get involved and up to connection is closed, just start over.
Linux on IRC with Pidgin or speed quickly with an open source initiative. Linux All interactions with the IRC server adhere to a
good old Telnet! Voice is a good example of this, as most of the structure. They are plain text messages, and take the
following format:
[<source>] <command> <parameters> <crlf>
Messages being sent from the IRC server to the
client will often have a ‘source’, for example when
someone sends a message using the PRIVMSG
command to a channel of which a user is a member,
the source portion of the message will be the user’s
details. The ‘command’ will be one of the supported
IRC commands. Examples of commands will be seen
in the registration phase such as NICK and USER.
Some commands optionally take parameters; for
example, the NICK command takes the user’s
nickname as a parameter. The crlf in the command
above stands for “carriage return line feed” which is
how each message is terminated. In some settings,

86 www.linuxvoice.com
IRC TUTORIAL

this is written as \r\n. servers. For now, we’ll join the #linuxvoice channel.
The registration phase of IRC connection consists JOIN #linuxvoice
of the following: :LinuxVoiceTest!~LinuxVoic@<IP ADDRESS> JOIN #linuxvoice
1 The NICK message is sent to register a nickname :verne.freenode.net 332 LinuxVoiceTest #linuxvoice :An exciting
for the user. new IRC channel for an exciting new dawn of exciting Linux
2 The USER message is sent to specify the MAGAZINES. It’s very exciting. In accordance with #linuxformat
username, hostname and real name of the user. tradition, the topic title will never, ever be changed.
In this example, the nickname and username :verne.freenode.net 353 LinuxVoiceTest = #linuxvoice
“LinuxVoiceTest” and real name “Linux Voice IRC :LinuxVoiceTest Manj-811-Xfce2 Newky1 ubiquitous1980 huw
TEST” will be used. hamgammon red_xanadu zmoylan-pi bkidwell Extremulus
$ telnet irc.freenode.org 6667 RavetcoFX skellat DonOregano1 nomad_dw flexiondotorg Dave2
Trying 185.30.166.38... popey grifferz kabads einonm Zeadar Cadair Stilvoid vertreko
Connected to chat.freenode.net. obXiDeJSFQ gregoriosw_vp M-Saunders nsc jaake Secret_
Escape character is ‘^]’. Hamster davel james_olympus pwaring IceMonkey blahdeblah
NICK LinuxVoiceTest N3wbs amoe quaisi thesilentboatman bdmc aptanet
USER LinuxVoiceTest 0 * :Linux Voice IRC Test Sammy8806 Cueball daswort dizzylizzy theru Devilment
In the USER command the first parameter after the brianhunter
command is used to set special user modes, such as :verne.freenode.net 353 LinuxVoiceTest = #linuxvoice :phil1
making the user invisible by default. For now, we use 0 Yenrabbi1 @degville NYbill benoliver999
to log in as a normal user. The IRC defines the third :verne.freenode.net 366 LinuxVoiceTest #linuxvoice :End of /
parameter as unused hence the, * parameter. The real NAMES list.
name is prefaced by a : character. Once the USER The server first echoes back the JOIN command
command has been sent successfully, you will get the with the source as our registered
normal message of the day from the freenode server
to signify a successful login.
user. It is followed by the topic
for the channel, followed by the
“IRC provides a way to
Congratulations, with these few commands you names of each user in the transfer simple plain text
have officially registered with the freenode IRC server.
This illustrates just how simple the protocol is, and
channel already. To find the
names of all users in a channel,
messages over TCP.”
how quickly you can get started. If the connection to use NAMES #linuxvoice.
the server has been left open but inactive for an Next, we finally get to share some thoughts with the
extended period of time, the server will eventually world. For communicating either privately or with a
terminate the connection. Before the connection was channel, the PRIVMSG command is used. The
disconnected, Telnet will report something like: command specification is simple:
PING :orwell.freenode.net PRIVMSG <msgtarget> <text to be sent>
:LinuxVoiceTest!~LinuxVoic@<IP ADDRESS> QUIT :Ping timeout: As always, the text to be sent should be prefaced
245 seconds with a : sign. To send a “Hello, World!” to the
ERROR :Closing Link: <IP ADDRESS> (Ping timeout: 245 #linuxvoice channel:
seconds) PRIVMSG #linuxvoice :Hello, World!
Connection closed by foreign host. If you are lucky enough that someone says Hi back,
At certain intervals, the server will send a PING to you should see something like the following:
inactive clients to establish whether they should be :Newky1!~<USERNAME>@<IP ADDRESS> PRIVMSG #linuxvoice
disconnected. The PING will contain some text after it, :Hello LinuxVoiceTest
prefaced with a : character. The client must return This message tells us that Newky1 has sent a
with a corresponding PONG message echoing the message to the #linuxvoice channel and with a
same text. In the above case, the connection could message text of “Hello LinuxVoiceTest”. If Newky1
have been kept alive by using the PONG command. decides that he wants to talk to us privately and not in
PONG :orwell.freenode.net front of everyone subscribed to a particular channel,
Now that the normal administration of registering the message target will be our nickname rather than
and maintaining an IRC connection is complete, the the channel.
next step is being able to talk to others on the server. :Newky1!~<USERNAME>@<IP ADDRESS> PRIVMSG
There are a number of different ways to talk on IRC. LinuxVoiceTest :Super secret
The two most common of these are private To reply, the PRIVMSG command is used with the
messages, which are one-to-one conversations with message target set to “Newky1”.
other people on the IRC network; and IRC channels, PRIVMSG Newky1 :Super secret reply
which are group conversations. You can start a To leave a channel, we can use the PART command
channel on freenode simply by using a channel that with the channel name as the only parameter as
doesn’t currently exist. To get a list of all the available follows:
channels and a short description of each, you can use PART #linuxvoice
the list command with no parameters. Exercise You can quit your IRC session altogether by using
caution with this, as the room list is large for popular the QUIT command, this will also disconnect you from

www.linuxvoice.com 87
TUTORIAL IRC

any channels that you are a part of. Both the QUIT and connects to the given host and port. This is the raw
the PART commands take a part message (part socket that will be used for all interaction after this
messages are displayed to others when you leave, for point. Once the connection is established, the
example “Gone to lunch”). program registers with the IRC server using the same
registration flow as was used with Telnet. The register
Coding a client function is used to send both a NICK and a USER
Although Telnet is a convenient and simple way to message. The actual message strings are handled by
experiment with the protocol, it’s clearly not ideal for separate functions nick_msg and user_msg.
anything but experimentation. The next section of this def nick_msg(nick):
tutorial will deal with using the IRC protocol in a return “NICK {}\r\n”.format(nick)
Python program. We will build the infrastructure for a
simple IRC bot. There are some very sophisticated def user_msg(nick, real_name):
IRC bots that perform a range of functions including return “USER {} 0 * :{}\r\n”.format(nick, real_name)
FAQs and helping out new channel members. There
are also bots that listen and aggregate links or other def register(sock, nick, real_name):
statistics from channels sock.send(nick_msg(nick))

“Our goal is to get a working conversations.
The entire source
sock.send(user_msg(nick, real_name))
Before the program enters the read_loop, it joins a
IRC client that registers on the code will be available at channel specified in the command line arguments.

server and responds to pings.” https://github.com/
Newky/irc_linuxvoice.
This is achieved in the join_channel function. This
sends the JOIN message, which is constructed in the
The code snippets here join_msg function.
will not necessarily appear in the order they appear in def join_channel(sock, channel):
the source code. sock.send(join_msg(channel))
The goal is to get a working IRC client that registers
on the server and responds to pings. First, we look at def join_msg(channel):
the high-level view from the main function, and then return “JOIN {}\r\n”.format(channel)
we’ll go into deeper detail on each function. A response is not read from the server at this point,
def main(): as this is handled next in the read_loop function. The
args = parse_args() read loop is an infinite loop, which will break if a
sock = create_irc_socket(args.host, args.port) keyboard interrupt (Control + C) is detected. Each loop
register(sock, args.nick, args.real_name) will read bytes from the socket, up to a maximum of
join_channel(sock, args.channel) 1024 bytes. However, if \r\n are not the last
read_loop(sock) characters received (meaning that the message is not
sock.close() complete) it will continue to read until it has got a \r\n
First, the Python module argparse is used for terminated string.
parsing command line arguments. The defaults are def read_loop(sock):
configured to connect as we did with Telnet. try:
parser = argparse.ArgumentParser() while 1:
parser.add_argument(“--host”, dest=”host”, data = sock.recv(1024)
help=”IRC host to connect to”, default=”irc.freenode.org”) # if the data ends with a \r\n everything is fine.
parser.add_argument(“--port”, “-p”, dest=”port”, # if it doesn’t we need to keep appending until it does
help=”IRC port to connect to”, default=6667) while not data.endswith(“\r\n”):
parser.add_argument(“--nick”, “-n”, dest=”nick”, data += sock.recv(1024)
help=”IRC nick to use.”, default=”LinuxVoiceTest”)
parser.add_argument(“--real-name”, “-r”, dest=”real_name”, for message in data.split(“\r\n”):
help=”IRC real name to use.”, default=”Linux Voice IRC # skip final empty string after split.
Test”) if not message:
parser.add_argument(“--channel”, “-c”, dest=”channel”, continue
help=”Channel for bot to join.”, default=”#linuxvoice”) source, command, rest = parse_message(part)
args = parser.parse_args() action_on_commands(sock, source, command, rest)
Once the location of the server is established, the except KeyboardInterrupt:
program establishes a connection with the IRC server. pass
This is done in the create_irc_socket function. The read buffer (in this case called data) is split into
def create_irc_socket(host, port): IRC messages using \r\n as the delimiter. Each
sock = socket.socket() message is then passed to the parse_message
sock.connect((host, port)) function, which splits it into source (if present),
return sock command and rest.
This creates a socket, by default using the IPv4 def parse_message(msg):
address family as the default argument, which then # get rid of newlines and whitespace.

88 www.linuxvoice.com
IRC TUTORIAL

msg = msg.rstrip()
# split by space RFC
components = msg.split() An RFC is a “Request for Comments” client, while also going into finer detail on
document, which is authored by engineers each of the supported commands. Given the
# if the first part starts with a : the message includes a or individuals involved with a specific scope of this article, we only cover the client
# source. technology. The IETF (Internet Engineering portion of IRC, and only concentrate on some
Task Force) adopts some of these of the most common commands.
if components[0].startswith(“:”):
documents as internet standards. They are The basic IRC RFC can be found at
source = components[0] in-depth documents which can help when http://tools.ietf.org/html/rfc1459.
command = components[1] writing an implementation of a standard Additionally, since new versions of the IRC
rest = ‘ ‘.join(components[2:]) such as IRC. protocol have been released, there have been
else: IRC has its own RFC as it is an open new RFCs released, but adoption of these
protocol. I encourage you to check it out if are not widespread among IRC servers and
source = None
this article has piqued your interest in IRC. clients. For your own interest, you can check
command = components[0] It is a document which has information on out RFC 2810, RFC 2811, RFC 2812 and RFC
rest = ‘ ‘.join(components[1:]) the general workings of an IRC server and 2813, which detail these new changes.

return source, command, rest
The purpose of an IRC bot is to carry out some stay on the network until the program exits via a
action based on certain messages. When the keyboard interrupt. But with this we can write some
program receives a message from the server, it has to nice action functions to react to messages. Below, we
decide what, if any, action must be taken. The add a way to greet people who join a channel. The
action_on_commands function handles this; it takes COMMANDS dictionary is modified to add an action
the socket and the three arguments of the parse_ for the JOIN command, and the corresponding action
message function as parameters and triggers an function join_msg_responder.
action based on how our program is set up. COMMANDS = {
COMMANDS = { “PING”: pong_msg_responder,
“PING”: pong_msg_responder, “JOIN”: join_responder
} }

def action_on_commands(sock, source, command, rest): def join_responder(sock, source, channel):
responder_func = COMMANDS.get(command) sock.send(
# command has no responder defined: priv_msg(
if not responder_func: channel,
return ‘Welcome to {}, {}!’.format(
channel,
return responder_func(sock, source, rest) source
)
Mission accomplished! )
The function uses the COMMANDS dictionary to react )
to certain commands. The dictionary has commands
as keys (such as PING) and functions as the values. def priv_msg(target, message):
This is one of the values of having functions as first return “PRIVMSG {} :{}\r\n”.format(target, message)
class citizens in Python. All the functions should take This is very similar to the PING example, but instead
source and rest as arguments. The action_on_ a PRIVMSG message is sent to the channel that the
commands function will look up the COMMANDS source has joined. To better illustrate this, an example
dictionary for the command; if it doesn’t exist (for of the original message would look like:
example if there is no LEAVE command configured), :Newky1~Newky1@127.0.0.1 JOIN #linuxvoice
no action is taken and the function returns. However, if Using this information, the program can craft a
it does exist, it passes the socket along with the PRIVMSG message to send back to the channel
source and rest into the function. specified in the parameters of the JOIN command.
Above, the PING command has been configured This is a very basic IRC bot. With some more
with the pong_msg_responder as its action function. commands added to the COMMANDS dictionary, it’s
This is a simple function which sends a pong possible to build a system which responds to
message to the server with the content of the ping keywords mentioned in users messages to channels.
message as its parameters. I look forward to seeing a range of IRC bots popping
def pong_msg(body): up on #linuxvoice which do all sorts of things.
return “PONG {}\r\n”.format(body)

def pong_msg_responder(sock, source, rest): Richy Delaney is a software engineer with Demonware
sock.send(pong_msg(rest)) Ireland, working on back-end web services using Python and
Linux. He has been an avid Linux user for the past five years.
With that, we have a working IRC client in that it will

www.linuxvoice.com 89
TUTORIAL SHARES

KEEP AN EYE ON SHARES WITH
TUTORIAL
SHARED CODE – PART 1
Take big data from the stockmarket and parse it into something
ANDREW CONWAY
human beings can understand.

M
any tools for processing data are based on consideration of whether speculating – frankly,
WHY DO THIS? free and open software (FOSS), especially if gambling – on shares is harmful to the economy,
• Make sense of the sea it’s available online. That’s because the causing bubbles that burst harming productive
of financial data. people who write the software are often interested in businesses. We’ll deftly dodge such thorny issues and
• Do better with your such things. A few numerate techno-geeks even end concentrate on working with the data.
savings than the paltry up working for banks in the city analysing all kinds of
1.5% offered by high
street banks. stock market data. They are paid handsomely Take the long view
• Fund an extensive because their bosses make a tidy profit from financial Before dipping your toe into the sea of data on the
collection of red braces. transactions involving shares. In fact, the image of web, let’s start by looking at the history of the FTSE
brace-wearing stockbrokers shouting and waving 100, which is an index tracking the share price of 100
slips of paper on the exchange floor has become a leading UK companies. It is calculated by taking the
thing of the past, having been largely superseded by average over the total value of shares available for
clever algorithms that sprawl across the internet. each of the 100 companies, and scaled so that it had
Before going any further, we’d like to be clear on one a value of exactly 1000 when it began in 1984.
point: this tutorial is not on how to get rich quick by A convenient place to get the data is Yahoo’s
coding and hacking the stock market. Instead, we’re finance pages. Fire up your web browser and go to
The share prices of AMD going to focus on getting started with stock market https://uk.finance.yahoo.com/q/hp?s=^FTSE and
and Intel. Buying shares data and examining the history of share price time you’ll see its present value, which will be updated live if
in either one in the early series. Given the quantity of data involved we’ll need trading is open on the London Stock Exchange. Select
1990s would have made to automate the process, and command line scripting Monthly from the options on the right, and leave the
you a great return if you is the ideal tool for the job. Next issue we’ll move on to date range on the left set at its default, which will
sold at the 2000 peak, and
constructing some basic algorithms and writing code get the entire history of FTSE 100 data, and click on
although both fell sharply
to evaluate trading strategies on past data. the Get Prices button. The table will now be updated
after the dot com bubble
burst, and again in 2008, The next step of trading on the real stock market to show recent monthly values, but let’s get the
the Intel shares have been requires either that you do some serious homework, spreadsheet: scroll down to the bottom of the table
on an upward trend in or, better still, take professional advice on the risks and click Download To Spreadsheet.
recent years. and responsibilities involved. There’s also the ethical You will now have a CSV (Comma Separated
Variable) file called table.csv in your Downloads folder,
but it’s a good idea to rename it to something more
meaningful, eg ftse100.csv. The structure is simple
enough that you can open it up for a quick look in a
text editor, such as Geany or Kate, or a pager on the
command line, such as less. Clicking on the icon
in your file manager will open it up in your default
spreadsheet application.
You’ll see that there are many rows, each one
having a date, which will be the first working day of the
month (stock exchanges are closed on weekends and
public holidays). It will list the price when the stock
exchange opened for trading, and when it closed,
along with the highest and lowest values between
times. For historical analysis, it’s recommended to
use the final column, which is called “Adj Close” – this
is the close price adjusted to account for important
information that came to light after trading.
We’ll start by graphing the data using the standard
spreadsheet approach because, for one thing,
it’s probably familiar to you, but also it highlights
how inefficient this workflow is compared with

90 www.linuxvoice.com
SHARES TUTORIAL

Stock market jargon
Shares The ownership of a company can be split into many certain companies, called public companies, have shares
small pieces called shares. For example, if MyCorps Inc has that can be bought and sold at stock exchanges, such as
a million shares and you have 500,000 of them, then you those in London and New York. We’ll concentrate on public
own half of MyCorps Inc. If the company makes a profit then companies because their data is released openly by the
it will pay out a share of the profit to you, called dividends, stock exchanges according to strict rules.
in proportion to your share ownership. So if the profit is Stock market index In order to judge how the stock market
$10m, you’ll get $5m of it. But this isn’t the only way you as a whole is behaving, indices are constructed that track
can make money. If a company is profitable, or people think the share prices of groups of large public companies. An
it will be so in the future, then they will pay more for a share. increasing index means that most companies have share
So shares in MyCorps that you bought for $1 might become prices that are rising, and likewise a falling index means
worth $2 and you can sell them and double your money. share prices are dropping. The most famous indices include
The stock market The stock market is a catch-all term for all the Dow Jones (USA), FTSE (UK), Nikkei (Japan) and
trading in shares. Some companies only trade in private, but NASDAQ (USA technology).

the command-line equivalent that we’ll describe you, then it’s possible that your portfolio will grow in
next. We’re using a recent version (4.x) version of value even when stock market indices are falling.
LibreOffice, but the procedure is common to many
spreadsheet applications. Click on the A at the top Building a portfolio
of the Date column, then hold the Ctrl key down and Extending a portfolio beyond the FTSE 100 is clearly
click on G at the top of the Adj Close column. These desirable. For example, if we chose to follow the FTSE
columns should now be highlighted, but not columns 250, the index tracking the next 250 most significant
B–F. Now click on the Chart button on the toolbar UK-based companies, then we’d have enjoyed seeing
(or the Insert > Object > Chart menu item). For us, its index rise from about 1,500 in 1986 to 16,000 in
LibreOffice chose sensible defaults for this data and late 2014. A portfolio minimises risks by keeping your
the graph it produced is shown in the boxout. eggs spread across many baskets, but also gives you
After inspecting the FTSE 100 graph, and especially the freedom to swap shares in and out to maximise
after accounting for inflation, you might conclude that your returns. Quite apart from any profit incentive,
investing in shares has been a mug’s game since the there is the enticing challenge of constructing PRO TIP
year 2000. But you might know that the wealthiest algorithms to manage the buying and selling of Yahoo finance allows
people have seen their wealth increase since 2000, shares. But, before we can do that, we need to mine you to access its data
service for free, but bear
and that they have their wealth invested in shares. the huge history of time series data for information.
in mind that being free
This is thoroughly documented in Thomas Piketty’s In case you’re wondering if you’ve picked up a copy it may change or be
famous book Capital in the Twenty-First Century. of Stock Market Voice by mistake, let’s get back to withdrawn with little or no
notice. Paid-for options
How can we explain this apparent contradiction? Linux – specifically, the command line. Clicking
are available if you need
The answer is in two parts. Firstly, remember that around on stock market web pages can soon give you defined terms of service.
shares pay dividends, ie they divide the profits to a headache from information overload, and that’s
shareholders, so there is a return even if the share assuming you can see the content – it’s often
price does not rise. Secondly, basing your portfolio on delivered via Flash, Java and Linux-unfriendly plugins
the FTSE 100 companies is a poor strategy; instead such as Silverlight. You can, as we did above,
it’s better to buy and sell shares from a wider pool to download CSV files from Yahoo and open them up as
maximise returns. If you have the know-how to do spreadsheets. But doing this for the thousands of
this, or the wealth to pay a fund manager to do it for shares available, and for many rows of data for each
one, will gobble time and cause repetitive strain
injuries to your mouse hand, eye and brain. Instead,
the command line offers a viable path to automation
of this workflow.
Let’s start by looking at a famous company – ARM
Holdings, which provides the CPUs for most phones
and also the Raspberry Pi. To get its data from Yahoo,
issue this command:
wget “http://ichart.finance.yahoo.com/table.csv?s=ARM.L” -O
ARM.L.csv
This sends a standard HTTP request asking for
data on the share with abbreviation ARM.L and writes
the returned data into the file ARM.L.csv. There will be
a row in the CSV file for every day the share has been
traded. As such, it’s rather large, but you can use any
There are a few free finance services out there; Yahoo is of the following commands, and their variants, to help
just one, but it’s particularly easy to extract data from. browse through the data:

www.linuxvoice.com 91
TUTORIAL SHARES

FTSE 100 history and inflation

This plot (generated by LibreOffice) shows that If you spent a sum of money buying a portfolio of break even if you sold them at any time thereafter.
shares generally rose in price until the dot com FTSE 100 shares in early 1984, when the FTSE was However, if you account for inflation – the effect of
crash in 2000, after which share prices recovered at 1000, you would have received about six times prices of everyday goods rising – a value of 6500
until crashing again in the recession of 2008. At the that amount back if you sold them in early 2000, today is not the same as 6500 in 2000. Correcting
time of writing, the FTSE is back up to about 6500, when it was about 6500. But if you’d bought them for inflation, the FTSE 100 would need to be 10,000
close to its all-time high. at the peak in 2000, then you would, at best, only if it were to equal its year 2000 peak in real terms.

The history of the FTSE 100 stock market index from when it began on 1 Jan 1984 to late 2014.

less ARM.L.csv BRCM
head -5 ARM.L.csv Next, create a file called download_shares.sh
tail -5 ARM.L.csv containing these lines:
cut -d, -f1,7 ARM.L.csv | less #!/bin/bash
The less command lets you page through the text URL=http://ichart.finance.yahoo.com/table.csv?s=
of the CSV file. The head -5 and tail -5 lines show for share in $(cat shares.txt)
you the first 5 and last 5 lines of the file. The cut do
command splits each line using a comma delimiter wget “$URL”$share -O $share.csv
and outputs only columns 1 (Date) and column 7 (Adj. sleep 2
close), which is then sent to less so you can page done
through it, though you could send it to head or tail. To run this Bash script you’ll need to make it
If you want to download data for another company, executable:
you need only replace ARM.L in the above wget chmod u+x download_shares.sh
command with its stock market abbreviation. For so you can run it with
example, Intel is INTC, and Apple is AAPL. The Yahoo ./download_shares.sh
Finance web interface has a Look Up field at its top The script takes each line of output from cat
left which will help you with this. shares.txt, so $share becomes the abbreviation used
Let’s take a first step in automating the data in the wget line, which is used both to append to
download. First, create a new directory and a list of $URL and also to name the CSV file for output. The
shares that you wish to download and save it into sleep 2 line means that the script waits at least
shares.txt. You can list as many shares as you wish, two seconds between sending requests – it’s a free
but here’s a concise example of just a few shares: service so a bit of courtesy won’t go amiss.
ARM.L Once the data is downloaded we can use standard
INTC text processing commands to make short work of
AMD extracting interesting information. To see all share

92 www.linuxvoice.com
SHARES TUTORIAL

prices for a particular date:
grep 2014-12-01 *.csv | cut -d, -f1,7
Or to compare the share prices between two dates:
grep “2014-12-01\|2010-12-01” *.csv | cut -d, -f1,7
The output from this last command suggests that
investing in ARM or Intel was a better bet than either
AMD or Broadcom in recent years.

Commanding graphs
We can draw some pretty cool graphs from the
command line with the venerable Gnuplot. If you don’t
have it, you can get it via your package manager for
Debian-based distros with sudo apt-get install
gnuplot or you can use yum install gnuplot for
RedHat derivatives.
You can run Gnuplot in interactive mode, but as our
goal is automation, we’ll get straight to writing a quick
script for it: A graph of the FTSE 100
set datafile separator “,” for share in $(cat shares.txt) data rendered by Gnuplot
set xdata time do in a terminal window. Much
set timefmt ‘%Y-%m-%d’ head -5 $share.csv detail is lost compared to
set xtics format “%Y” gnuplot -e “filename=’$share.csv’” gnuplotter.gp its graphical equivalent
(see above), but it clearly
set key off done
shows the long-term
plot filename every::1 using 1:7 Make it executable with chmod and run it, just like
trends of this time series.
pause -1 filename.” Hit any ENTER to continue” we did above for download_shares.sh. Each plot will
Save the file as gnuplotter.gp, then run the following be displayed in turn and you just hit the Enter key to
command, which tells it to plot the data for Broadcom show the next plot. The head -5 line shows the most
(though you can use any of the CSV files we’ve recent data to accompany the graph, but you can add
mentioned above) and you should see a window open lines to display whatever information you wish to see
with a plot of the data: on your portfolio.
gnuplot -e “filename=’BRCM.csv’” gnuplotter.gp
Note the single quotes inside the double quotes Next steps
around the filename. Although the command line tools such as grep and
In the first line of the script, we tell it to use commas cut are powerful, they deal only with text and can’t
to separate values on each line of data. The next two perform numerical operations such as finding
lines say that the horizontal axis will be used for time minimum and maximum values or calculating
data and the date format is specified. The xtics line averages. If you want to stay close to the command
tells it to display just the year (%Y) for labels, and the line and augment the above scripts to provide
next line tells it not to display a key. Next we have the statistics to accompany the graphs, then you could try
plot command, which instructs Gnuplot to graph the using awk – it can perform the text functions of grep
data with column 1 on the horizontal axis and column and cut but can also perform numerical operations.
7 on the vertical axis, and every::1 makes it to skip the Beyond that, using a full-blown programming language
first line of the file, which is a non-numerical header. such as Python, Ruby or Perl is probably best.
Finally, the pause command tells Gnuplot to wait There is a huge amount of information to digest on
until Enter is pressed before quitting – if you forget the Yahoo Finance pages, and we’ve only scratched
this line, the window with the graph will open then the surface of what’s on offer. It’s well worth spending
immediately close. time browsing through it, and if you’re database
If you are a command line die-hard and are minded you might find its YQL facility interesting, and
disappointed that you have to leave the terminal if you’re into web apps, there’s an API to play with. It’s
window, put this line at the start of gnuplotter.gp: also worth going to the horses’ mouths and visiting
set term dumb the websites of various stock exchanges. If you’d like
and a graph will be plotted with text characters. to experiment with simulated buying and selling of
shares using real data, there are mobile apps such
Bring it all together Stock Trainer that will give you a feel for the workings
Let’s put what we’ve seen above into one script so we of the stock market without risking any of your money.
can quickly review graphs of shares in your portfolio. Next issue we’ll turn to turn our attention to devising
Enter the following lines in a file called review_shares. algorithms to decide when to buy and sell shares.
sh and save it in the same directory as gnuplotter.gp
and your downloaded CSV files: Andrew Conway, millionaire philanthropist, tracks the stars to
predict the future – just like real economists!
#!/bin/bash

www.linuxvoice.com 93
TUTORIAL COMPUTER LANGUAGES

A BRIEF HISTORY OF COMPUTER
TUTORIAL
LANGUAGES
JULIET KEMP
Or: a whistle-stop tour through ways people have talked to
computers, before we kick off with more in-depth tutorials.

A
da Lovelace wrote the first ever computer today; but their successors, Fortran, Lisp and COBOL,
program without even having a computer. have all survived.
She wrote out a detailed description of how Fortran was created in 1957. It had 32 statements,
one would calculate Bernoulli numbers on Babbage’s and was of course stored on punchcards, one
Analytical Engine (sadly never built). She, and others, card per line of code. Compilers for many different
also considered punch cards as a means of encoding computers were rapidly developed due to its growing
the instructions to an Engine-like device. For more on popularity, making it arguably the first cross-platform
this, see LV001 (if you haven’t seen it yet, you can language. Here’s an example (save as hello.f95):
download the full PDF from here: www.linuxvoice. ! Hello World
com/download-linux-voice-issue-1-with-audio). program hello
The first computers that were successfully built, in print *,”Hello World”
the 1940s, were programmed in machine code, or at end program hello
best in assembly language, with mnemonics rather Install the gfortran package, and compile it with f95 -o hello
than numeric codes. Whilst this lent itself to a high hello.f95, then run it with ./hello.
degree of fine-tuning, it was also error-prone and very Lisp emerged in 1958. The name derives from
hard work. LISt Processing, and Lisp is heavily list-based (and,
Those early programmers were interested in famously, involves a lot of brackets). Here’s a Hello
developing high-level languages; languages that were World (save as hello.lisp):
abstracted from the details of the machine doing the (write-line “Hello World”)
work. This allows a programmer to specify what they Install sbcl (if you want to do much Lisp
want without worrying about the details of memory development you’ll also want to install and set up
location, chip instructions, and so on. The first high- Slime (the Superior Lisp Interaction Mode for Emacs)
level language ever designed was Zuse’s Plankalkül, and Emacs), and run this with sbcl --script hello.lisp.
but as he lacked a functional computer at the time it COBOL was designed in 1959–1960, by a steering
wasn’t implemented until over 50 years later. committee, and took a lot of features from FLOW-
The early 1950s saw several more attempts. MATIC. It was intended to be verbose and easy to
Short Code (designed by John Mauchley) was understand for non-experts, and to be highly flexible
implemented for UNIVAC, and aimed to make for multiple uses. Although it’s often derided, a
mathematical expressions easier to code. However, significant number of large organisations still have
it was interpreted rather than compiled, so had to be COBOL legacy code on mainframes. Here’s a Hello
translated every time, running about 50 times slower World example (save as hello-cobol):
than assembly. The first compiled language was IDENTIFICATION DIVISION.
Autocode, developed at the University of Manchester PROGRAM-ID. HELLO-COBOL.
for the Mark 1. Grace Hopper’s FLOW-MATIC was PROCEDURE DIVISION.
Fortran code and code a couple of years later, and was aimed at business DISPLAY ‘Hello World!’.
compiling/running, again. customers who might be uncomfortable with STOP RUN.
The ! line is a comment. mathematical notation. None of these are still in use Install the open-cobol package, compile with cobc
-free -x -o hellocobol-exe hello-cobol and execute.
After these first language pioneers, as the 1960s
and 1970s progressed, more languages, and more
programming theory, began to develop; along with
various distinctions and coding structures (some of
which overlap with one another).

Array programming
The basic idea of array programming is to apply an
operation to a range of values at the same time. So an
operation will, instead of adding two single numbers,
add two arrays (or vectors, or matrices, or other

94 www.linuxvoice.com
COMPUTER LANGUAGES TUTORIAL

grouped data, depending on the language and the
problem being handled). This is particularly useful for
mathematicians, who often want to deal with grouped
data like this.
Given that early computing was closely linked with
mathematics, it’s not surprising that dealing with
arrays was of immediate interest. Fortran had some
array handling from the start, but was more multi-
purpose, and full array handling wasn’t introduced
until Fortran 90. APL (A Programming Language), one
of the best-known array programming languages,
was developed between 1957 and 1967. It was
explicitly intended to provide a language for applied
mathematics. It uses a multi-dimensional array as
Our simple COBOL example
its basic data type, and has special characters to ease. Other modern array programming languages
running in the right-hand
represent specific operations. This makes for code include J, MATLAB, and S-Lang. window (note syntax error
which is concise, but baffling to read for the non- on first compile!).
expert. Here’s an example: Imperative vs declarative programming
#!/usr/bin/apl Imperative programming involves issuing a series of
a←123 commands to the computer. At the hardware level,
b ← (-2) 4 (-6) almost all computers operate in an imperative style,
a+b with machine code consisting of instructions
aЄb operating on memory contents. Initially, computer
a°.×b programmers were using machine language, and thus
APL uses ← (Unicode leftward arrow) for an imperative style; so the first high-level languages
assignment. a + b simply adds.The Є character (such as Fortran and COBOL) were similar. It does
(Unicode element of) returns 1 if the element make a certain cognitive sense to write your code as a
in position n is the same in both a and b, and 0 set of algorithmic steps.
otherwise. Finally, - . is the outer product operator, Declarative programming takes a different
which applies a specific operation to all the approach. Instead of telling the computer how to PRO TIP
combinations of the elements of the operands. So perform a task (what steps to take), it describes Reconfigurable
computing is not
here, we multiply (× – not the character x but the what computation should be carried out, and the imperative at machine-
Unicode multiplication character) b by each of the compiler then translates this into specific steps. Pure code level; there is a
elements of a in turn. declarative programming also avoids “side effects” main processor which
reconfigures subsidary
Run with ./test.apl, to get the output (functions that modify state rather than just returning systems on the fly to suit
-1 6 -3 something) and has immutable variables. Imperative the requirements of the
programming, on the other hand, makes frequent use instructions provided.
000 of side effects, and happily alters variables.
If you’ve ever written any SQL, that’s declarative:
-2 4 -6 you describe the result you want (a certain selection
-4 8 -12 of records), and the code chooses how it returns that
-6 12 -18 result. In general, many languages can be written in
The supercomputers of the 1960s and 1970s were either an imperative or a declarative style, although
designed to handle vectors and arrays with particular some are much more inclined one way than the other.
C, for example, is highly imperative; Haskell is highly
declarative (as are other functional languages).
If your main experience is in imperative
programming, the declarative approach can feel
awkward. Here’s a Python example of doing the same
thing in two different styles. You can try it out in a
browser at www.skulpt.org.
# Declarative
fours = [x for x in range(100) if x%4 == 0 ]
print fours

# Imperative
fours = []
Both Vim (using digraphs) and Emacs (using an for i in range(100):
appropriate Lisp file and chords) will support APL if i%4 == 0:
characters. fours.append(i)

www.linuxvoice.com 95
TUTORIAL COMPUTER LANGUAGES

x = “Me!”
helloworld = print (“Hello World from “ ++ x)
Compile and run it with ghc hello.hs; ./hello.
helloworld is a function, and x is a variable, but they
can both be defined in the same way. main is the
main program control structure (what runs when
you execute the compiled file). There’s lots more
information and tutorials on the Haskell web page.

Structured programming
Structured programming argues that programs are
composed of three control structures:
1 Sequence A set of statements or subroutines

ordered in a particular sequence.
Haskell is a functional,
print fours 2 Selection A statement or statements executed
rather than a declarative
language. (With thanks to Mark Rushakoff.) The first one says based on the program state (eg if/then structures).
what you want – numbers which are multiples of 4 (% 3 Iteration A statement executed until a certain

is the modulo operator) – and the implementation is condition is achieved (eg while, for, do/until).
up to the machine. The second one describes exactly Blocks and subroutines group statements together.
how to construct the required array. The structured program theorem states that these,
when combined, are sufficient to describe any
Functional programming computable function.
Functional programming is declarative; functional Non-structured programming simply has a
languages construct and evaluate functions and treat sequence of commands, although usually these are
data as unchangeable. So you can’t alter data in-place; labelled so that execution can jump to that point.
instead you have to apply a function to one data item Loops, branches, and jumps exist, and sometimes
and store the result in another data item. It’s based basic subroutines.
on lambda calculus, which is a theoretical Today, all high-level languages have some form of
PRO TIP mathematical framework for describing functions. It programming structure (including older languages like
The haskell-platform will also use higher-order functions (functions that Fortran, COBOL, and BASIC), and structured coding is
package is available via operate on functions) where an imperative language the norm. But early programmers were accustomed
the package repository
of several distributions; might use a loop. to machine code or assembly language, which had
check out the Haskell The avoidance of side-effects makes programs only an ordered sequence of commands. A single
platform webpage for easier to verify and to parallelise. However, some statement in a high-level language will be spread
details for your distro or
to build from source. things (I/O being one notable example) do seem best over multiple statements in assembler. Assembly
suited to some kind of state approach. Functional language coders were skilled at manipulating code
languages will ‘fake’ this in various ways: Haskell in complex and highly efficient ways and it seemed
uses monads; other languages use data structures to far from obvious that all of this was even conceivably
represent the current state of a thing. structurable. COBOL was notoriously unstructured
Lisp was the earliest functional-type language; it and made extensive use of GO TO statements. Edsger
was followed by APL (see above) and ML, which has Dijkstra’s letter Go To Statement Considered Harmful
various offshoots. Probably the best known modern is probably best-known contribution to the debate.
functional language is Haskell. There’s a Haskell Structured programming at its most basic means
example above; here’s another one (save as hello.hs): writing code that looks like this:
main = helloworld $a = 3;

Interpreted vs compiled
In the very early days, programs were neither interpreted nor execution happen at the same time. Parse a statement, run it,
compiled. Instead, programmers wrote machine code, which parse the next statement, and so on.
ran directly on the hardware. Once languages began to be In modern languages, the distinction can be quite blurry.
developed, the distinction between compiled and interpreted Some modern compilers can parse and execute in memory, so
developed alongside them. although the steps are distinct, the programmer issues only
Broadly speaking, a compiled language is one in which the one command. Other languages compile to virtual machine
instructions written by the programmer are translated (by bytecode, which is another step (or more!) away from the
the compiler) into machine code all at one go. The compiled metal. Ultimately, any program has to be translated into
program can then be run on the machine. Parse everything, machine code; the question is how that process occurs and
then run it. which steps occur in what order.
Interpreted languages, in contrast, are read at runtime by Interpreted and compiled languages both have their
another program, an interpreter, which then translates each advantages and disadvantages; as ever, it’s about using the
instruction, one at a time, into machine code. So parsing and best tool for the job.

96 www.linuxvoice.com
COMPUTER LANGUAGES TUTORIAL

$pi = 3.14;

sub area($_) { return $_[0] * $pi * $pi; }

print area($a);
instead of code that looks like this:
print 3 * 3.14^2;
The second might be shorter, but it is less reusable
and less maintainable.
Procedural programming is derived from structured
programming, and is based on the idea of procedures
(or methods, or functions), consisting of a series
of steps. It is often contrasted with object-oriented
programming (OOP).

Our HelloName example
Object-oriented programming public class HelloWorld {
in Java runs both with and
It’s nearly impossible these days not to have public static void main(String[] args) {
without a name provided
encountered OOP (whether or not you like it). Many HelloName name; on the command line.
modern languages are multi-paradigm and support if ((args == null) || (args.length == 0)) { name = new
OO alongside a more imperative style (eg Perl, PHP, HelloName(); }
Python). Java, in contrast, is exclusively OO. else { name = new HelloName(args[0]); }
The basic OOP idea is to fold both code and data System.out.println(“Hello World from “ + HelloName.
into objects with behaviour (code) and state (data). getName());
Code is executed by creating an object and causing it }
to behave in a particular way. So to add X and Y, you
would pass X into Y’s “add” method (Y.add(X)). private static class HelloName {
Objects can inherit methods and data from one private String name;
another, so OO languages have a class (object) HelloName() { this.name = “me”; }
hierarchy. OOP encourages modular programming HelloName(String name) { this.name = name; }
(though non-OO languages can also support public String getName() { return name; }
modules), intended to simplify code reuse, by bundling }
together objects and everything associated with them. }
Some of the advantages claimed for OOP are: This is deliberately a little verbose to demonstrate
Improved code reusability; great for modules and objects. The HelloName object stores a name; PRO TIP
code libraries. you could easily extend it to store more data. The Java is available from
Interfaces and encapsulation make it easier to use HelloWorld class creates the new object, then uses your distribution’s
others’ code; you need only understand the the getName() method to retrieve the string. Compile package manager or from
the Java website. Make
interface, not the details of the code. it with javac HelloWorld.java and run it with java sure you install the Java
Encapsulation makes it easy to hide values that HelloWorld NAME. Development Kit (JDK)
shouldn’t be changed. as well as the Runtime
Environment (JRE).
Improved code organisation and simpler syntax. More out there...
Forces better advance planning, and is easier to There are a bunch of types and areas of programming
maintain afterwards. language I haven’t been able to cover here, including
There are also, of course, disadvantages: systems programming, logic programming, reflection
OO programs tend to be large. This is less of a programming; ideas around modularity, security,
problem on modern machines with lots of memory concurrency, and other aspects of modern computing
and hard drive space. also inform current thinking.
Programs are often slower, although again with Language development continues at a fair old clip,
modern machine resources this is less important. to the point that any attempt to list languages
More effort required up-front, which some may available as I write would probably be out of date by
consider wasteful. The larger the project, the less the time we go to print. And all of them – all the
true this is, but for a small project the effort may be languages, all the paradigms, all the tweaks and
overkill. mechanisms and constructs – have their places
Lots of code boilerplate. (This is less hassle with a where they’re useful and their places where they don’t
decent IDE.) fit. One of the joys of programming is just how many
Both advantages and disadvantages are true; which options there are out there to explore.
way they balance will depend on the project and the
people working on it.
Here’s a brief Java example (save as HelloWorld. Juliet Kemp is a scary polymath, and is the author of
Apress’s Linux System Administration Recipes.
java):

www.linuxvoice.com 97
CODING ARDUINO

ARDUINO HARDWARE
TUTORIAL
ENABLEMENT (PART DEUX)
NICK VEITCH
In which we complete our project to connect a cheap OLED display
into our Arduino, while building a driver and learning some C++.

L
ast month, we covered the schematics of the
WHY DO THIS? project, using the I2C library as an interface and
• Learn how to plug writing some driver code to make it easy to
awesome displays into display things. Now we’re going to play around with
cheap hardware and the display, starting with the long-promised splash
code your own interface
using the Arduino IDE screen. This is non-essential, but nice, as it means
and a smattering of when the display starts up, you can see that it is
learner-level C++. actually working. It is also a useful way of breaking
into the topic of displaying stuff on the screen.
The first thing is to have some data to put on the
screen. We can convert an image into a bitmapped When you make your own font, you can choose how to
array of chars we can write to the screen (see Python represent a 7. And other things. Just make sure you use
To The Rescue box for how we generate this data). If consistent spacing.
you think that storing a huge array of chars rather flies
in the face of our intention to save runtime memory square, then move on to the next. When we get to the
then you are very right. That’s why we aren’t going to end of a line (after 16 blocks) we have to set the page
put it in runtime memory. We are going to store it in index to the next value. The command to address
the program memory, by using the PROGMEM macro page0 is ‘B0’, and thankfully, the other page address
(see the Memories boxout for why this works). commands follow sequentially, so we can simply loop
So, in our .cpp file, we simply need to define a giant and address ‘B0 + offset’ (literally, if we make ‘offset’ a
array of bitmap data: char value).
const char fb[1024] PROGMEM = { Each ‘page’ is then 16 x 8 bytes of data, or 128
B00000000, B00000000, B00000000, … bytes. We can make a loop that reads the next 128
... bytes from our declared array and sends it to the
} display. If we keep an independent index value, we
Obviously, we are not going to show the full don’t need to come up with complex maths to work
1k of data here; this is just to show you how it is out where in the data we should be. Like this:
constructed (think yourself lucky we aren’t still living for (int n=0;n<128;n++)
in the age where you had to type in listings from {
magazines. This way, it is only my fingers which hurt). sendByte(pgm_read_byte(&(fb[index++])));
All we need to do now is write a function that will }
read this data from the flash memory and send it This uses the special pgm_read_byte function
a byte at a time to the display. This is made slightly to read from flash memory (check the Memories
more complicated by a) the page addressing mode of boxout for more details on this and why we use the
the device and b) the fact that we stored the data in &( ) construct), and increments the index variable
flash memory. each time it is called so we can read the image data
The page mode means that we need to read the sequentially. The rest of this whole function is just
data 8-bit lines at a time until we have filled an 8x8 another loop which goes through the pages of display
memory, and the corresponding commands to the
display to set the usual stuff (page mode, start and
end of data, slave address and such):
void evilOLED::splash ()
{
int index = 0;
sendCmd(0x00);// -> page mode
It is a good idea to convert
to a bitmap first before sendCmd(0x00);// lower page
you run the converter, sendCmd(0x07);
otherwise the dither for (int p=0; p<8;p++){
patterns may surprise you. sendCmd(0xb0 + p);

98 www.linuxvoice.com
ARDUINO CODING

Buffered side down
So, what are framebuffers, why would you want one, extra code) and sometimes not actually possible. also consume a lot of RAM? in such circumstances,
and why do I specifically not want one? The particular display we are using doesn’t have a using half your RAM just to be able to display the
A framebuffer is a buffer, for a frame. In read mode for I2C communication – there is no way output is a little annoying.
this context, the frame is a graphical one. The of reading the display memory.
framebuffer is basically just an exact copy of the In that case, you may surmise, having a No buffers
memory containing the image or text you want to framebuffer is a good idea. You can keep a copy What is the answer then? It turns out that it is to
display. Framebuffers are often very useful and of what should be on the display, make your borrow an idea from the past, and simply writing
desirable. You may want to buffer video frames in adjustments to that and then just update the bits of to the screen in predefined graphical blocks or
order to display them quickly (you don’t have to the display memory that are required. characters. If we define characters we want to use
draw anything, just dump all the memory to the That is a reasonable suggestion, and one used by on screen, and imagine that we will never want to
display device) or for drawing effects which require many device enablement libraries. However, there combine characters in the same space, then we
knowing what is currently on the screen. is a problem with this approach. A 128x64 display can happily overwrite the contents of the display
As memory tends to be written in bytes (and requires a framebuffer capable of holding 8192 bits memory without needing a copy of it. Essentially,
the device we’re looking at here is no exception), of data, which is 1024 bytes of data. That doesn’t we take the 128x64 pixel display and turn it into
if you want to write a single pixel somewhere, you sound like a lot, but depending on which Arduino a 16x8 character display (although, of course you
need to know which other pixels in the same byte of you are using, you may have as little as 2560 bytes could define characters of any size if you wanted,
memory are already turned on (otherwise you will of dynamic memory available. That means the this is just assuming 8x8 characters). This does
be overwriting them). In many cases, you may find framebuffer will take up nearly half of your working mean you lose the ability to plot individual pixels
yourself communicating with a display device to memory. Sure, this isn’t too much of a problem if all or create arbitrary shapes, but on the plus side it
ask it what is in its display memory so you can then you are doing is displaying something on screen, saves a lot of memory and results in faster display
superimpose your pixel and write the whole byte but what if you’re trying to do something else with updates. There is also nothing stopping you from
back. This is time consuming (in terms of actual your project – what if you need to address other creating a font containing all sorts of useful
processor time, not just because you have to write hardware like GPS or network devices which can symbols or graphical elements if you want them.

sendCmd(0x00); but not the same procedure – in this case, you want
sendCmd(0x10); to fill one of those 8x8 blocks at a time. Of course, you
dataStart(); could choose a different size, but 8x8 is very
sendByte(0x78); convenient for the way the device memory is
sendByte(0x40); organised, and also a good size for a minimalist text
font. We can construct the font as a bitmap, in more
for (int n=0;n<128;n++) or less the same way as the splash screen, except this
{ time we want to have it only 8 pixels high by however
sendByte(pgm_read_byte(&(fb[index++]))); long we need.
However long we need may be a surprise, but it falls
} in line with our space-saving ethos. Sure, we could
dataStop(); implement a full ASCII-type character set. But fully
half of those characters are useless (SYNCHRONOUS
} IDLE anyone) and if we were to map them all, we’d be
} using up another 256x8 bytes, or, yes, another 1k of
So, as well as making a nice splash screen, that’s precious memory.
how you dump a whole screen of data to the display. If you want to do this, then there are plenty of fonts
you can crib from various libraries that already exist
Font pun goes here (check out www.henningkarlsen.com/electronics/r_
A screen of data is one thing, but we promised we’d fonts.php for some good examples, or fish through
cover character mapping the display. This is a similar https://github.com/adafruit/Adafruit-SSD1351-
library to find the Adafruit ones.
Defining your own font means you can make
your own symbols. If you want a battery or network
indicator, you can just draw one. Bar displays
become just 8 characters worth of progressively filled
blocks, and you can still have text and numbers. The
example font included with the source for this tutorial
has some strange symbols, but also the standard
numbers and upper case letters, and all in half the
amount of space a standard font would take up.
The only real trick here is that you want to make
it easy to convert from ‘normal’ text in your Arduino
code (which is ASCII) to your custom font. For the
example font, this is achieved by ignoring the first 47
Google a standard ASCII table and you will see most of characters and starting with ‘0’. This means that we
the characters are rubbish. And who needs lower case! can more or less easily convert from ASCII to custom

www.linuxvoice.com 99
CODING ARDUINO

font just by shifting everything so many spaces back. {
Ah. Space. The space character is one we have left c -= 0x30; //remove offset to match ASCII value
out, so we have to add a special capture routine to }
remap that. It isn’t as tricky as it sounds: dataStart();
void evilOLED::putChar(char c) sendByte(0x78);
{ sendByte(0x40);
//assumes cursor is set to correct place for (char i=0; i<8; i++)
if ( c == 0x20) // trap SPACE character {
{ sendByte(pgm_read_byte(&(font_bmap[8*c+i])));
c = 0x30; //this is where I put it }
} dataStop();
else }

Memories
Not all memory is created equal. For a start, there particularly useful tricks you can use on the the library we included earlier, and is the only way
are all different sorts of memory – SRAM, EEPROM, Arduino here: to read a byte from the flash memory. To do so we
DRAM, PSRAM and so on. There are enough need to supply it with an address, which we get with
different types to fill a few pages just defining PROGMEM the construct &( ), which basically means “address
them all. However, we are more interested in how The first of these is to use the flash RAM of the of”. So, by passing in the reference to the array, the
memory is used, and how in particular, your Arduino Arduino to store variables in. This means that function knows the address it needs to read data
handles memory. instead of using up your limited SRAM space for from. You can also iterate over this address in other
Depending on the model of Arduino, you will variables, you can store them in the substantially ways, but remember that the difference between
have a certain amount of EEPROM memory, an larger flash RAM instead. one data item and the next may vary depending on
amount of Flash program memory and some There are a few caveats to this though. For a the size of what is being stored.
dynamic memory – which, confusingly enough, start, reading and especially writing values to the Writing to the array is not easily possible – flash
uses SRAM (static random access memory) on the flash RAM is a slow process, partly due to the memory needs to be written in large blocks, so
AVR chip itself. The ‘Static’ here refers to the way different types of storage, but more to do with the aside from assigning values at runtime, you are
the memory is built; it uses bistable latches so it extra hoops that have to be jumped through to pretty much stuck with it. Thankfully, for a lot
doesn’t need to be refreshed periodically like DRAM. access memory that is outside of the architecture’s of the stuff we would like to use it for – storing
The standard ATmega328 chip, used in the stack. So, the flash RAM storage is not suitable for fonts, static arrays, maybe lookup tables – all the
second-generation Duemilanove and many other everything – loop counters, comms buffers and big users of storage, we don’t need to alter the
Arduino boards, has the following: things that need to change regularly and be both contents.
Flash memory 32kB (2kB used by bootloader) for read and written to are not good things to store in
storing the program flash. Big lookup tables that you only rarely need to F()ing strings
SRAM 2kB runtime memory, for dynamic lookup, or other arrays of data that only need to be Another handy macro is the F() function. One of
variables, etc. read infrequently are ideal for flash RAM. the biggest memory hogs is storing string values.
EEPROM 1kB persistent storage (but limited In order to use flash RAM, there is a macro Each character takes a byte, then there is a stop
lifespan). defined that takes care of storing data where byte at the end. You would be surprised how much
In general computing, there are two schools you want it – you just need to add the keyword memory they can take up. Strings though are ideal
of thought on how memory should be organised; PROGMEM at the end of your variable definition (if candidates to store in flash memory, at least the
the Von Neumann architecture (all memory is just you are using pre-1.5 versions of the Arduino IDE, kind of message strings that we might use.
memory) and the Harvard architecture (it’s more you may need to check the official documentation Fortunately, there is a macro for this too. Just
efficient to split memory into pools – one for the for your specific version), and include the relevant wrap the string in F() and it will be magically stored
program, and one for run-time memory the program header. For example: in flash memory and fetched from there when
will use. As it turns out, there are advantages and #include “Arduino.h” required. You can easily see this in action with
disadvantages on both sides. As a result, complex #include <avr/pgmspace.h> the following examples; enter this as a complete
computers (like your desktop or even your phone) const char fred[8] PROGMEM = { program in the Arduino IDE and press the tick
use a hybrid system – all memory seems to be 0xff, 0x00, 0xff, 0x00, 0xff, 0x00, 0xff, 0x00 button to compile it:
just memory, but at a low level it is cached and } void setup() {
organised in pools by the processor. The ATmega As you can see, just applying the PROGMEM Serial.begin(9600);
chips are designed for efficient, embedded and low- keyword is enough. Theoretically, it can go }
cost systems – there is no way complex memory anywhere on that line before the = sign. In practice,
management is going to be included, so you have different versions of the IDE and the underlying void loop() {
a fairly straightforward Harvard architecture. The compiler can throw up errors or strangeness. If you delay(1000);
SRAM contains the runtime memory, the flash RAM get any of these, just try moving the keyword to a Serial.println(“Hello, I am a string.”);
contains the program memory. different position. }
However, 2kB of RAM is not really very much, Declaring your data is one thing; you also have now replace the serial output line with:
and when you’re dealing with arrays and such, it to negotiate retrieving it. For example, to read this Serial.println(F(“Hello, I am a string.”));
gets eaten up very quickly. Also, because of the array back and do something to each byte, you …and press the tick again. If you check the compiler
way the memory stack and heap is organised and would need to do the following: output, you will see the second example uses 22
used, it doesn’t even have to get full to cause you char c; bytes less “dynamic memory” (SRAM) and 30 bytes
problems – it would be really painful to go into for (char i=0; i<8; i++) more of “program storage space” (flash RAM). the
the details here, but basically ‘freed’ memory isn’t { extra bytes are due to the additional operations
always returned in a useful way, and when the stack c = pgm_read_byte(&(fred[i])); required to fetch the string from flash, but that’s a
and heap collide, all bets are off. myFunction(c); pretty good exchange rate. Storing all your static
The solution to all of this is to try and be as } strings like this can make a huge difference if you
memory efficient as possible. There are two The pgm_read_byte function is one supplied by are running out of storage space.

100 www.linuxvoice.com
ARDUINO CODING

If you run out of ideas, you
can always sell advertising
space…

The Adafruit libraries (which are in general, excellent) are To go further than this, it is more useful to have
on GitHub too, and may be useful for further inspiration: a routine to print an actual string, rather than a
https://github.com/adafruit. character at a time. This is also in the source listing –
it merely adapts the above code to work from a string
This does assume the ‘cursor’ is in the correct pointer, looping through and printing each character.
place. This is simply a matter of setting up the Further, we can also overload this function to print
addressing modes correctly : integers too, by first converting to a string:
void evilOLED::setCursor(char x, char y) void evilOLED::putString(int s)
{ {
_row= ( char buffer[16];
(y >7) itoa(s, buffer,10);
?7 putString(buffer);
:y }
);
Wrapping it up
_col=( So, we have seen how we can manipulate bytes into
(x > 15) fonts, bytes into images and save a lot of precious
? 15 memory in the process. We have also seen how to do
:x some hardware enablement and write a functioning
); Arduino library. The overriding point here is that if you
are willing to get your hands dirty with some (quite
sendCmd(0xB0+_row); //set page from row complicated at times) manipulation of bits and bytes,
sendCmd(0x00+(_col & 0x01)*8); you can create a custom implementation of
sendCmd(0x10+(_col>>1)); something that exactly suits your needs.
} This code can be extended in so many ways – you
This may look like gibberish if you haven’t used the could just create different fonts for different scenarios.
ternary operators in C or C++ before, but it merely It would also be possible to display the fonts double-
forces the x,y values to be 0–15 and 0–7 respectively, size for example (just write each pixel twice in each
before doing some shift operations to set the row and direction) or even invert them (invert each byte before
page address. you write it).
And much though we weren’t keen on framebuffers,
you could maybe create a framebuffer for part of the
GitHub is great
screen, say the last two lines or whatever. If you were
Even if you are working on a particular library purely for cunning, this could be allocated on demand so it didn’t
yourself, there are great advantages to using some sort of waste memory if it wasn’t used. The possibilities are
online version control system. For a start, you will always
know where the latest version is, even if your local copies
limited only by the laws of physics and the endurance
get deleted by solar storms or eaten by the dog. And though of your typing fingers.
you may believe that you and only you are interested in your The complete code, including the utilities and
library, you may be surprised that other people are willing to sample font and splash screen, are conveniently
help out and add stuff/fix bugs too. located on GitHub for your delight. And mine. If you
GitHub is one of the most popular online versioning
systems, even if a lot of the Git commands might be
come up with some useful variants (or find any
strange and confusing. It is completely free for open source bugs!) please fork or contribute : https://github.com/
projects, and is great for Arduino libraries (you will find a evilnick/evilOLED
few on there), if only because it conveniently allows you to
download the latest version as a Zip file with one click (the Nick Veitch has edited computer magazines for 1,000 years.
Arduino IDE can automagically add Zip files). He now works at Canonical and collects gin bottles.

www.linuxvoice.com 101
CODING NINJA

BUILD A WEB BROWSER WITH
TUTORIAL
20 LINES OF PYTHON
Drag and drop your user interface and tie it all together with a
GRAHAM MORRISON
few simple lines of Python.

T
he Qt graphical toolkit has been at the heart of should also make sure you’ve got the package that
WHY DO THIS? the KDE desktop since its inception, and it’s includes the pyuic5 utility, as we’ll be using this to
• Learn how to quickly used by many other cross-platform generate Python from the user interface GUI designer
prototype ideas.
applications. It’s a great because it does so much of for added power. With all of that added to your
• Develop rich GUI
applications with a little the hard work for you, even at a low level. There’s a Qt distribution, it’s time to create some code.
Python. class for dealing with string manipulation, for To illustrate how easy it is to write a Python/Qt
• Delve into the Qt API. example, or sorting lists. There’s exceptional application, we’ll start off with a very simple and
networking support and transparency, file handling, self-contained web browser that loads a specific
native XML and image handling. Using Qt to perform page. Launch a text editor. The first thing we need to
all these tasks means you don’t have to re-invent the do is import the bits from Qt 5 that we’re going to need
wheel or import yet another library into your project. – just insert the following lines in the top of a new file:
But Qt is still best known for it’s high level user- from PyQt5.QtCore import QUrl
interface design, where you can quickly construct an from PyQt5.QtWidgets import QApplication
application from buttons, sliders, forms and images from PyQt5.QtWebKitWidgets import QWebView
and tie them all together from your code. import sys
Most developers have always used C++ to develop How do you know which parts you’re going to need
their Qt applications, but recent years have seen before you’ve written the code? You don’t. Normally
user-interface designers embrace Qt’s native QML when programming something like this you add to the
language for adding non-API functionality without the ‘from’ section as and when you need to add
formality of a C++ build environment. QML is much components. In the above three lines, we’re importing
like JavaScript and enables you to quickly fix the ability to handle a Qt datatype called QUrl. As you
components together. It’s the magic behind the new might expect, this is a type that holds a URL, or a
widgets in KDE 5, for instance, hopefully allowing lots location on the internet. The reason this is its own
more people to quickly add functionality to their type and not a text string is that Qt is able to test the
desktops. But there have always been other options value to make sure it’s valid, and add functions to the
too. In particular, and the focus for these two pages, data type so the programmer can do other things with
there are Python bindings provided by two separate the URL. Exactly what can and can’t be done can be
projects – PySide and PyQt. Unfortunately, PySide discovered from the Qt API documentation, which
development has slowed to a snail’s pace and the although it’s written for C++, is just as relevant to PyQt
project hasn’t been able to support Qt 5. Which leaves as all the methods and types are the same. QUrls has
us with PyQt. It’s a brilliant open source functions to return a plain string or a filename, for
implementation that’s slightly less liberal than PySide, instance, and it’s the same with everything else you
perhaps because of a commercial version, but it offers import from Qt. The other two components we import
a great community and documentation. And because here are for the GUI. QApplication is the main
it’s still open source, you can install it from almost any application class for the GUI and its associated
distribution. What we’re going to do with just 20 lines function and QWebView, as you might expect, is a Qt
of Python is create a fully interactive web browser, widget that uses WebKit to display websites. Finally,
hopefully showing Python and Qt are a brilliant match import sys adds a selection of system functions –
for quick and easy application development, with all we’ll be using one of these to parse command line
the advantages of both Python and Qt. arguments. Here’s the final section of code to add:
app = QApplication(sys.argv)
Get coding view = QWebView()
One of the best things about developing Qt Python view.show()
apps is that you don’t need a build system and you view.setUrl(QUrl(“http://linuxvoice.com”))
don’t need to compile anything. You could even use app.exec()
the Python interpreter if you wanted to – typing With the above short piece of code we create a fully
commands and seeing the results in real time. To get functional web browser, albeit one where you can’t
started, you’ll need Qt 5 installed, alongside the PyQt5 manually enter your own URL. The first line creates
packages. We’re using version 3.4.2 of Python. You the new application and window instance, passing the

102 www.linuxvoice.com
NINJA CODING

command line arguments for politeness (they’re not
used). After this, we instantiate the web view widget
and assign this to view. This is made visible with the
show() function, and updated with our own URL in the
following line. The use of QUrl like this is known as
casting because, we’re using QUrl to force format a
text string http://linuxvoice.com into a QUrl type
because that’s the only type accepted by the
QWebView widget. After this, we run the application.
Save this file with the .py extension and switch to
the command line. You can run the code by preceding
the name of the file with the word python or python3.
You should see a window appear and, as long as
you’ve got an internet connection, a few moments
later you’ll see our web page. You can now navigate
the site just as you would with any other browser.

GUI designer
The biggest problem with our program is that you
can’t enter your own URL. We’re going to solve this by
adding both a URL input box and a button that tells
your application to load the URL. But to make this
more interesting, we’re going to design this user-
interface with one application, export the design and
convert it into Python and then write another small
As Qt uses WebKit, your
script to add a little functionality. The application we’re from PyQt5.QtWidgets import QApplication, QWidget
browser will be able to
going to use to design the GUI is Qt Designer, and you from ui_output import Ui_Form
access almost any modern
should already have this installed as part of Qt. The next step is to add a block of code to manage website.
Launch Qt Designer and from the startup wizard our new class that inherits the user interface:
select a new design using QWidget as a base class. class MainWindow(QWidget, Ui_Form):
This will open an empty window into which you want def __init__(self, parent=None):
to drag the QLineEdit, QPushButton and QWebView super(MainWindow, self).__init__(parent)
widgets. Layout in Qt is a little weird to get your head self.setupUi(self)
around, but to create a dynamically scalable version of self.pushButton.clicked.connect(self.pressed)
a layout, place them into rough positions and select
the Layout Using Grid option from the Form menu. def pressed(self):
Layouts are usually a careful balancing act that self.webView.setUrl(QUrl(self.lineEdit.displayText()))
involves the horizontal and vertical grouping of All we’re doing here is creating a class we’re calling
objects that are again grouped together. We didn’t MainWindow that inherits its layout properties from
change the name of any of the widgets created, nor Ui_Form, which was imported from the user interface
the name of the main Form object. Usually you’d want file we converted earlier. We then define the function
to make these more descriptive. that handles its initation. The crucial line is self.
Save the project and make a note of where the .ui pushButton.clicked.connect because this is utilising
XML file, is stored – ideally in the same place you’re Qt’s SIGNAL/SLOT mechanism to call a function
going to write your next Python script. Go back to the called pressed when we click the button in the user
command line and navigate to that location. Now type interface. You can check what SIGNALs and SLOTs
pyuic5 input.ui > ui_output.py, changing the input and are supported by Qt’s functions from the API
output names to fit yours. We’d recommend keeping documentation. Following this, we write the short
the ui_ prefix though, as we’ll refer to this in the code. pressed function connected to the clicked event. This
The pyuic5 command will cleverly turn your user simply sets the QUrl used by the web view to the
interface file into a Python script – take a look at the contents of the lineEdit widget. The web view
contents of the file to see what it’s done. We’re going automatically reloads when it gets this signal.
to create a new script that inherits its properties from Finally, The only change to the main bit of code we
this and uses the form you create as the basis for the need is to make our main view use our new class
application. rather than QWebView:
The first section of our previous code needs a view = MainWindow()
couple of additions. Firstly, QWidget need to be added Saving and running this will now give you a very
after QApplication, because we use this in our functional web browser and also fill you with ideas of
inherited class. Secondly, we need to import the how to use this for rapidly developing Qt applications
Python file generated by the user interface: with Python.

www.linuxvoice.com 103
CODING MACHINE CODE

ASMSCHOOL: CONDITIONS,
TUTORIAL
LOOPS AND LIBRARIES
Part 2: Start to write full programs and create your
MIKE SAUNDERS
own library of useful subroutines.

L
ast month we took our first steps along the directly, without all that other fluff getting in the way.
WHY DO THIS? path of assembly language programming, and This issue we’ll look at program flow, including loops
• Learn what compilers do saw that it’s not as daunting as you might and conditions, to help you create more powerful
behind the scenes.
imagine. Yes, it feels rather alien when compared with programs. We’ll also show how to make your own
• Understand the
language of CPUs. high-level languages, and you don’t have lots of fancy subroutines to automate common tasks, and build up
• Fine-tune your code for data types and levels of abstraction to protect you a library of useful code chunks that you can use in
better performance. from juggling memory directly. But that’s what we love other programs. So, dim the lights, choose a retro
about assembly – it’s a very pure form of coding, green-on-black theme for your terminal emulator, and
letting you speak to the CPU and operating system let’s start hacking like in the good old days…

1 REUSE CODE WITH ROUTINES
It’s perfectly possible to make modular and reusable section .text
code in assembly language. You have to be careful global _start
that you don’t overwrite data used elsewhere in the
program, but with the right approach you can create _start:
little black-box routines that you write once and never mov ecx, mymsg
have to delve into again – you just call them when call lib_print_string
needed. For instance, in last month’s program we
used the kernel to print a text to the screen. If your mov eax, 1
program does lots of text printing, it could be a chore mov ebx, 0
(and a waste of space) to set up the registers each int 80h
time – if you remember, you have to put the system
call number in eax, the output stream in ebx, the section .data
length in edx and so forth. mymsg db ‘Pretty cool, huh?’, 10, 0
So let’s move the string printing code into its own
subroutine that we can call whenever we want. But! %include “lib.asm”
Let’s also make it easier to use, in that we don’t even This is similar to last month’s code, but the string
need to specify the length of the string in the edx printing part has changed. Instead of setting up all the
register. Our new subroutine can work that out itself. registers and calling int 80h, we just put the string
First of all, create a variant of last month’s sample location in ecx and then “call” a subroutine called lib_
program like this, and save it as test.asm: print_string. A “call” is a bit like a GOSUB in the basics
of yesterday – it hands control to another routine,
which will do its work and then return back into the
main program.
Now, whereabouts does this lib_print_string routine
live? Well, we haven’t written it yet, but we’re going to
place it in lib.asm, another assembly language source
file. In the listing above, you can see the %include line
at the bottom, which simply adds the contents of
lib.asm to the current code listing during the assembly
phase. So, you can write commonly accessed routines
in lib.asm and keep them separate, without them
clutting up the main part of your program.
Our lib.asm library will
grow to be a useful Another important thing to note here is the string of
resource of code snippets, bytes next to the mymsg label. This time, as well as
such as number-to-string appending a 10 for a newline character, we’ve also
conversion. added a zero. This turns it into a “null-terminated

104 www.linuxvoice.com
MACHINE CODE CODING

string” – and we can look for this zero in our code to
determine the string length. What is hexadecimal?
We use the base 10 (decimal) number system because
Building up the toolbox that’s how many fingers we’ve got, so it’s useful for
Let’s create the lib_print_string routine. This is longer counting. But it doesn’t make much sense in terms of a
and more complicated than the process we used last CPU, so in low-level programming you’ll often see base 16
instead – aka hexadecimal. This takes some time to get
month, which may leave you thinking: what’s the your head around if you’ve never used it before, but after a
point? Why not just do it manually each time? Well, if while you can switch your brain into hex mode.
you end up with a large program that has hundreds of Like decimal, hex digits go from 0 to 9. But for 10
string-printing parts, the overall code will be smaller if decimal, hex switches to A and then counts up to F (15
you use the same subroutine each time, rather than decimal). Then, for 16 decimal, it carries over – 10 in hex.
Makes sense? This chart should help:
setting up all the registers manually. And as we
mentioned earlier, this routine can work out string
Dec: 1 2 3 4 5 6 7 8
lengths too.
Put this code into lib.asm (you’ll also find it in Hex: 1 2 3 4 5 6 7 8
www.linuxvoice.com/code/lv013/lib.asm with some
Dec: 9 10 11 12 13 14
other routines you may find useful):
section .text Hex: 0 A B C D E

Dec: 15 16 17 18 19...
; Print text string
; In: ecx = string loc Hex: F 10 11 12 13...
; Out: Nothing
Hexadecimal 19 is followed by 1A, and FF is followed by
lib_print_string: 100, and so forth.
pusha ; Save all regs

mov eax, ecx ; Save ecx for later so we’ll go through it carefully. One important point to
mov edx, 0 ; Character counter note at the start: semi-colon characters are used to
.loop: denote comments, so anything after them (until the
cmp byte [eax], 0 ; Is it zero? end of the line) will be ignored by NASM. In assembly
je .done ; Jump ahead if so language, it’s a very good idea to be verbose with your
inc edx ; Increment counter comments, otherwise you may come back to the
inc eax ; And string loc code in several months and be completely
jmp .loop ; And carry on bamboozled.
So, we start this off by telling NASM that the
.done: following code should be in the “text” section of the
mov eax, 4 ; sys_write resulting binary file – that is, executable code and not
mov ebx, 1 ; stdout data. Then we have three lines of comments, saying
int 80h ; Call kernel what the subroutine does, which registers it uses, and
which registers it changes when it exits. We can see
popa ; Restore all regs here that our lib_print_string routine just needs the
ret ; Back to caller string location in ecx, and doesn’t change anything
There’s quite a lot going on here, but it introduces else – the registers will remain the same when control
various new concepts such as loops and conditionals, is handed back to the main program.

Other registers
Along with the four main general-purpose data registers, eax, register), and then the stosb instruction stores the byte in ah
ebx, ecx and edx, there are a few more that are worth knowing at the position pointed to by edi. So it copies “H” from one
about. Two are used primarily for string handling: esi and edi. string to another. But! To make string handling even easier,
The first can be used as a “source index” for strings – ie a lodsb automatically increments the esi register each time by a
pointer to a position inside a string that’s being read from byte (thereby pointing it to the next character), and stosb does
– while the latter is a “destination index” for storing data. the same thing for edi.
Consider this code: Meanwhile, the esp register points to the current location
mov esi, mystring on the stack. This moves around as you push items onto it and
mov edi, blankstring pop them off. The eip register is the “instruction pointer” – it
lodsb simply points to the current instruction in the code. This is
stosb changed when you do a jmp or call operation. And then there’s
Say that mystring points to a string containing “Hello” here, the EFLAGS register, also known as the status register, which
and blankstring just to a series of zeroed-out bytes. The lodsb has various bits set to show the results of operations (eg
instructions retrieves a byte from the location esi points to, whether the result was zero, or there was an overflow). This is
storing it in eax (specifically, the al byte portion of that used by many conditional instructions.

www.linuxvoice.com 105
CODING MACHINE CODE

2 LOOPS AND CONDITIONALS
The first instruction in the previous block is “pusha”,
which means “push all registers onto the stack”. You
may remember the stack from last issue: it’s a
temporary storage space where you can place
register contents when you need to use those
registers for something else. We push all of the
registers on to the stack at the start of the subroutine,
do our own work with them, and then pop them all
back off (with popa) just before we return back to the
main code (with ret). This means that the calling
program doesn’t need to save the registers – it
assumes they will be in the same state after the
subroutine has been executed.
Now, the string location has been provided in the
ecx register, but we want to keep that for later. We
need to count the characters in the string though, so
we copy ecx into eax and work with the former,
leaving the latter well alone. We’re going to go through
the string until we find a zero byte (remember, we’re
using zero-terminated strings), counting up along the In the next couple of issues, we’ll prepare for running
way to determine the string length. And the counter code on bare hardware – no OS required!
we’re going to use is the edx register. In pseudocode:
10 Look at byte in string the start means that it’s a local label. In other words, it
20 Is it a zero? expands to lib_print_string.local. Why do we need
30 If yes, exit the loop this? Well, it means we can use .loop as a label in
40 If not, increment the counter and string position other routines, which is very handy – otherwise you’d
50 Goto 10 need to come up with a different name each time. Of
Our loop begins with the .loop label, and the period at course, you can still only have one instance of .loop

Do the math
So far we’ve focused on moving numbers into registers, but we Note that you can’t use lib_print_string to print the contents
can also perform mathematical operations on registers as of registers directly, as they need to be converted into ASCII
well. For example, here’s some addition: text format first. This is beyond the scope of this tutorial, but
mov eax, 10 if you download www.linuxvoice.com/code/lv013/lib.asm
mov ebx, 15 you’ll see there are two extra routines: lib_int_to_string (which
add eax, ebx takes a number in eax, and returns the location of a string with
add eax, 7 the converted form in ecx), along with lib_print_registers,
Remember that operations go from right to left in assembly which simply shows the contents of all registers. So, try doing
language (at least, in NASM syntax). So what does eax contain some maths and then:
by the end? First of all we place 10 into it, and then 15 into call lib_print_registers
ebx. We add ebx on to eax, so the latter now contains 25. Then to see what the results are.
we add a number (7) so the result is 32. Subtraction can also
use registers and numbers:
mov eax, 100
sub eax, 99
Now eax just contains 1. Multiplication and division work in
a slightly different way – you’ll find a lot of these oddities in
x86 programming, due to the long history of the architecture!
For multiplication, you first need to place a number in eax;
then you multiply it using another register. For instance:
mov eax, 10
mov ebx, 5
mul ebx
After this, eax contains 50. Division works in a similar way,
with the remainder being stored in the edx register:
mov eax, 10
mov ebx, 4
div ebx
After this, eax contains 2 (as there are two fours in 10), and Use lib_print_registers from our lib.asm to quickly view
edx contains 2 as well, as that’s the remainder. the contents of the main registers.

106 www.linuxvoice.com
MACHINE CODE CODING

under each parent label.
So, we have the string position in eax. The first thing
we do is to get a byte from the string like so:
cmp byte [eax], 0
The cmp instruction means “compare one number
(or register) with another”, and the square brackets are
extremely important here. They mean: don’t compare
the number inside eax to zero, but the byte inside the
memory location that eax points to. You see, eax will
contain a big number pointing to a string somewhere
in memory, like 2187612. We’re not interested in that
location, but we’re interested in the exact byte stored
inside that location, which is why we’re using the
square brackets. So here we’re comparing a byte in
the string to zero. The next line, je .done, is a
conditional jump operation: it says, “if the numbers are
equal, jump to the specified point in the code”. There
are other conditional jump operations that you can do Early CPUs with tiny sets of instructions could still do a
after a cmp, such as jg (jump if first number is greater lot – look at Elite on the 6502 for instance.
than second), which works with signed numbers, or ja
(jump if above) which works with unsigned ones. We’ll ret instruction then retrieves that location from the
look at these in more detail next month. stack and places it inside the eip (instruction pointer)
Back to the code: if the byte from the current register, so execution continues from the previous
position in the string (pointed to by eax) is zero, it point. This is why you
means it’s the end of the string, so jump ahead to the
.done label. But if it’s not zero, the lines ahead of the je
have to be careful
when managing the
“Assembly language is very
instruction are executed instead. First we increment stack: if you pop off simple – it just takes time to
edx, our counter, by one byte, and then we increment
eax so that it points to the next character in the string.
more numbers than
you’ve pushed on, you
build up advanced functionality.”
Then we jump back up to our .loop label, and perform could end up popping
the next comparison. off the return address from a call instruction, and your
program will end up executing somewhere else!
Do more with less You can assemble and link the program with the
As we’ve mentioned before, this is exactly how CPUs same instruction as last month:
work: they move numbers around between memory nasm -f elf -o test.o test.asm
and registers, perform calculations on them, and then ld -m elf_i386 -o test test.o
jump to different parts of the code accordingly. Then run the program in place with ./test. Yes, it prints
Assembly language is actually very simple in some a string, just like last month! But it does much more
ways – it just takes time to build up advanced under the hood, and will prepare you for building up a
functionality from a relatively small set of instructions. library of useful routines in the future.
Look at Elite, the 8-bit space trading classic, for You now know how to repeat operations using
instance: it was originally written for a CPU (the 6502) loops, which is vital in more advanced programs, and
that had only 56 instructions. Yet with this small range you can also perform conditional operations
of instructions, it’s possible to create a complete 3D depending on the contents of a register. You can also
engine and an absorbing game around it! create your own subroutines to handle common
Anyway, at the .done label in our code, we have tasks, and make them sufficiently modular that they
everything we need to call the kernel. We need to put won’t interfere with the workings of the calling code.
the value 4 into eax to specify the sys_write kernel (This is why it’s a good idea to use pusha at the start
routine, and 1 into ebx to print the string to standard and popa at the end of a subroutine, when the
output, but we’ve already populated the other registers subroutine works with several registers – you can
accordingly. We left ecx alone since the start of the guarantee the calling code that everything will be in
routine, and our loop has calculated the length of the the same state when you ret back to it.
string in edx, so the kernel can use that too! So all we Next issue we’ll look at input and handling files, so
need to do is call int 80h and the job’s a good ’un, as you’ll be ready to write proper, functional (and
they say. blisteringly fast) programs. And we’ll get even closer
Then we pop the registers back off the stack, as to the ultimate goal of running code on the bare metal
described earlier, and use ret to return to the calling of your PC. See you then…
program. There’s something important to note here:
when you “call” a different piece of code, the current Mike Saunders has written a whole OS in assembly
(http://mikeos.sf.net) and is contemplating a Pi version.
location is placed onto the stack for later retrieval. The

www.linuxvoice.com 107
MASTERCLASS FIREWALL

MASTERCLASS
You wouldn’t want other people coming into your machine
BEN EVERARD and poking around – so set up a firewall!

FIREWALLING MADE EASY
Use the kernel’s network filter to block unwanted network traffic.

A
firewall is a security system that gives you A good way to get started is to keep things simple
JOHN LANE control over data that applications running on – something that ufw (the Uncomplicated Firewall),
your computer may send and receive across and its GTK application Gufw aims to do. In its own
any networks it’s connected to. This network traffic is words, it’s “an uncomplicated way to manage your
sent and received in chunks called “data packets” that firewall”. It’s part of the default Ubuntu installation but
can be inspected and filtered according to rules, a it’s in other distributions’ repositories too. You can
technique known as “packet filtering”. head over to gufw.org for the latest.
The Linux kernel has, since its early versions, had a You need privileged access to use iptables, so Gufw
built-in packet filter. The current implementation, requires you to enter the root password. You can
introduced with version 2.4 of the kernel, is called instead start it with sudo or while logged in as root.
Netfilter and, along with its command-line iptables The firewall is initially disabled and all network
tool, provides the foundation for firewalls on Linux. traffic is permitted. Switching the status to ‘on’ on the
Earlier kernels used now-superseded tools called main screen enables a basic firewall that allows
ipfwadm and ipchains. outbound network traffic but blocks anything coming
The easiest way to protect your computer is to use in. You can change this behaviour using the ‘incoming’
a firewall application. These sit above and use iptables and ‘ouggoing’ options at the top of the Gufw window.
so you don’t have to. They provide a more user- As firewalls go, it isn’t really get any much simpler
friendly way to create and maintain firewall rules, than that.
often through a GUI interface. There are several such
applications and, in this month’s Masterclass, we’ll Let me in
take a look at a few of them. You probably won’t want to be quite that black-and-
white, however, and this is where rules come in. Rules
enable you customise the firewall’s configuration. As
an example, imagine we have another machine and
want to use SSH to connect from it. With the firewall
enabled, that’s no longer possible – not until we add a
rule to allow it.
Click on the ‘Rules’ button to display the rules page
and then click on the plus sign to add a new rule.
There are preset configurations for many applications
and system services – use the available drop-downs
to locate what you want or type a name in the
Application Filter box. In our case, we want to allow
SSH, so search for that. Also choose the appropriate
direction and policy – one of “Allow”, “Deny”, “Reject” or
“Limit” – we want to allow inbound SSH.
You’ll see a warning that using a default Allow policy
is a security risk. These helpful messages make Gufw
Flick the status switch to a good choice for beginners. The default Allow policy
on to start your firewall. It accepts all connections, but it’s more secure to
doesn’t get much easier restrict access to the machine that we’ll SSH from. To
than Gufw. do this, click on either the Advanced tab or the

108 www.linuxvoice.com
FIREWALL MASTERCLASS

right-arrow button next to the search box to view the
advanced options. Here you can specify the IP
addresses to allow. Once you have your firewall
configured, you can use the Listening Report to
monitor it. This is on the Report tab and shows
listening TCP and open UDP ports.

Beyond the basics
If you want a little more control, fwbuilder (the Firewall
Builder), is another option that you can use to
configure and manage iptables as well as firewalls on
other platforms such as BSD, OS X and Windows as
well as some dedicated firewall hardware appliances.
It’s a Qt application and is therefore a little heavier than
Gufw. You should find it in your package repositories
and you can go to www.fwbuilder.org for more
information.
Starting Firewall Builder with a preconfigured firewall is a good place to begin, and the
A key difference between Firewall Builder and Gufw is
drag-and-drop interface makes customising easy.
that you can use it to prepare firewalls to be installed
on other computers or devices. You don’t need
privileged access to use it, so regular users can build this (it’s got a picture of a brick wall on it). Give it a
firewall configurations; however, installing them does name, choose the iptables firewall software and
require such access to wherever they will be installed. (obviously) the Linux operating system. There’s a
This build and install paradigm is one way that checkbox that you can enable if you want to start with
fwbuilder differs from Gufw, where changes take a preconfigured firewall; this is a good way to get
effect immediately. started because the basic rules will be added for you.
When you launch fwbuilder you’re offered the online When you’re happy with your configuration, press
quick start guide, which opens in your browser and the “install” button to compile and install it. This
introduces the main concepts. It’s a much more generates a shell script containing the iptables
comprehensive application than Gufw, so it’s worth commands that implement your configuration and
working through the guide. There’s also a then uses SSH to copy the generated script to the PRO TIP
comprehensive user manual and tutorial videos on firewall host and execute it (you’ll need to enter KDE users may wish to try
kcm-ufw as an alternative
the website. credentials for SSH when requested). to Gufw. It’s a KDE control
Firewall Builder uses “Objects” to represent the centre module for
things you’ll write rules for. They’re grouped into Be persistent configuring and
controlling ufw.
libraries and there are two of these object libraries by The kernel’s netfilter state doesn’t survive reboots, so
default: one is called “User” and is where user-created you’ll probably want your system to configure it each
objects are stored; the other one is called “Standard” time it boots. How you do this will depend on your
and is a read-only library that contains predefined distribution and choice of firewall. ufw has a service
objects such as common TCP and UDP services. that takes care of this for you – Ubuntu users can
You create a policy containing your firewall rules enable it with Upstart:
and compile this to convert your rules from the $ sudo ufw enable
Firewall Builder syntax into the command syntax used A similar service is provided for Systemd.
by the target firewall platform (on Linux, that’s Distributions that use Systemd also have generic
iptables). The policy needs to be compiled and iptables services that load its configuration from a file
re-installed whenever any changes are made to it. You stored in /etc/iptables. Firewall Builder makes it easy
begin by creating a new firewall – click the button for to use this without having to open a command-
prompt. Double-click the firewall entry and then press
“Firewall Settings” and select the “Prolog/Epilog” tab.
Firewall policies
Enter the following commands into the lower box;
The firewall policies determine the action when a packet they will be added verbatim to the generated
matches a rule. A packet may be accepted, which lets it configuration to save and restore your settings:
through, or not. In the latter case, the netfilter may or systemctl enable iptables ip6tables
may not send a rejection message to the source; such
iptables-save > /etc/iptables/iptables.rules
packets are said to be dropped and the port appears
closed to the source. ip6tables-save > /etc/iptables/ip6tables.rules
Unfortunately the firewall applications use different These tools make it easy to implement a firewall
terminology. Gufw has ‘policies’ called Accept, Reject and without needing to understand the inner workings of
Drop. In fwbuilder the so-called “Actions” are Accept, Reject netfilter and iptables. Gufw is sufficient to protect your
and Deny as well as a few others for logging and custom
own computer but if you if you have many machines
functionality.
or just want more control, fwbuilder is the way to go.

www.linuxvoice.com 109
MASTERCLASS FIREWALL

A LOOK AT COMMAND-LINE
TOOLS FOR NETWORK SECURITY
Build an uncomplicated firewall and pimp it up with iptables…

T
he “Uncomplicated Firewall” is the easiest way
JOHN LANE to create a firewall on your computer. We’ve
looked at its GUI application, but that’s just a
wrapper around its command line tool, ufw, which you
can use directly from the command line to quickly
establish a firewall.
$ ufw enable
Firewall is active and enabled on system startup
The default behaviour is to allow outbound
connections and block inbound ones. You can
explicitly set these or other behaviours:
$ ufw default deny incoming
$ ufw default allow outgoing
Writing custom rules is also straightforward. We
can allow inbound ssh like this:
PRO TIP $ ufw allow ssh The Shorewall firewall is well documented and contains all
Using ufw or iptables You’ll want to list your rules. You can list them with the information you’ll need to produce your ultimate
requires root privileges,
their numeric ID, which makes deleting them easier: firewall without having to learn iptables.
so log in as root or use
sudo. $ ufw status numbered
Status: active The kernel’s netfilter configuration is a collection of
To Action From “tables” comprising “chains” of “rules”. There are four
1 22 ALLOW IN Anywhere built-in tables: the Filter table is the default table for
You can then delete rules: packet filtering rules and is what we’ll focus on. The
$ ufw delete 1 other tables are NAT and Mangle for packet alteration,
Writing more specific rules follows a and a Raw table exists for configuration exemptions:
straightforward syntax that is described on the INPUT for inbound packets.
manual page (see man ufw for a complete OUTPUT for outbound packets.
description). You can, for example, add a rule for a FORWARD for packets routed through the local
specific host: server.
PRO TIP $ ufw allow from 192.168.5.10 to any port ssh Each chain can contain zero or more rules and has
Use ufw show added to Although ufw presents a very simple command line a default policy that defines what to do with packets
list your rules when the interface, it is capable of doing anything that netfilter that don’t match any of the chain’s rules. The default
firewall is stopped. can do because it uses the standard iptables policy is to accept.
configuration underneath, and you can modify this to Chains contain rules that are basically a condition
meet your needs. Before we can do this, it’s worth and a “target” that describes what happens when the
understanding iptables a little. condition is matched. The main targets are ACCEPT
and DROP, and only the first matching rule is applied.
Factory reset Rules should be ordered so that less-specific ones
come first, and rules in a chain oppose the chain’s
To reset netfilter to its default state, you have to delete all default policy – a chain with a default DROP policy
custom rules and chains and return the built-in chains’ usually contains ACCEPT rules. Rules should be
default policies to “Accept”. You can also reset its built-in
considered as exceptions to the default policy.
counters to zero. There isn’t a single reset command, but
here is a short script that you can use: A good place to start getting to know the netfilter is
#!/bin/sh to use iptables to list the current rules. A clean netfilter
[ $EUID == 0 ] || { sudo $0 “$@”; exit; } with no configuration would look like this:
for iptables in iptables ip6tables; do $ iptables -L
echo --flush --delete-chain --zero | xargs -n1 $iptables
Chain INPUT (policy ACCEPT)
echo -n INPUT OUTPUT FORWARD | xargs -n1 -I% -d\
$iptables --policy % ACCEPT target prot opt source destination
done Chain FORWARD (policy ACCEPT)
It must be run while logged in as root. target prot opt source destination
Chain OUTPUT (policy ACCEPT)

110 www.linuxvoice.com
FIREWALL MASTERCLASS

target prot opt source You can use a probing
You can see the three chains we previously service such as
described, each with a default ACCEPT policy but no ShieldsUP!! to check your
rules. We’ll add some rules to prevent inbound firewall from outside your
connections except for SSH; it goes like this: network.
$ iptables -A INPUT -i lo -j ACCEPT
$ iptables -A INPUT -m conntrack --ctstate
ESTABLISHED,RELATED -j ACCEPT
$ iptables -A INPUT -p tcp --dport 22 -j ACCEPT
$ iptables -P INPUT DROP
This illustrates the more complex nature of iptables.
We begin with some generic rules that are necessary
for the general operation of the system. The first
accepts any traffic on the loopback interface that
processes use to talk to other processes on the same
system. The next rule accepts packets that are part of
an already established session. It uses a netfilter
module called “conntrack” that inspects packets to
identify those associated with such sessions (the files that are applied before and after your own ufw
netfilter architecture is extendable through modules in rules, which are stored in the same format at /lib/ufw/
a similar fashion to the kernel and stateful packet user.rules – look there to see the iptables arguments
inspection is implemented as a module). The third rule generated by your ufw commands.
is what accepts new SSH connections, and the final As your knowledge of iptables develops, you can
thing we do is change the input chain’s default policy use it to customise your ufw rules while also retaining
so that it drops packets unmatched by our rules. the benefits of its easy-to-use command line tool. You
With these rules, the input chain now looks like this win both ways.
(iptables -vL for more verbose output):
Chain INPUT (policy DROP 0 packets, 0 bytes) The ultimate Linux firewall?
pkts bytes target prot opt in out source destination If you need more than what ufw offers yet see iptables
0 0 ACCEPT all -- lo any anywhere anywhere as a step too far, or if you need to configure firewalls
0 0 ACCEPT all -- any any anywhere anywhere ctstate for multiple computers, another popular choice is the
RELATED,ESTABLISHED Shorewall, command-line netfilter configuration tool
0 0 ACCEPT tcp -- any any anywhere anywhere tcp that can meet the needs of users with more complex
dpt:ssh requirements. It has a comprehensive website (http://
Any configuration that you perform using iptables is shorewall.net) where there’s lots of documentation
lost when you shut down or restart your system. including a Getting Started guide. There’s
These means that your firewall configuration needs to documentation for various scenarios, and its
be applied each time your system boots. There are “Universal Configuration” provides a default firewall
two tools provided to help you persist your netfilter similar to ufw. To use this basic Shorewall firewall
configuration; one saves and another restores: configuration, after installing the package from your PRO TIP
$ iptables-save > /etc/iptables/iptables.rules distro’s repository, copy the configuration into place
There are completely
$ iptables-restore < /etc/iptables/iptables.rules and start it: separate netfilters for
You still need to perform the restore process during $ cp -a /usr/share/doc/shorewall/Samples/Universal/* /etc/ IPv4 and IPv6, and
reboot, and there isn’t a consistent way to achieve shorewall separate iptables and
ip6tables commands to
this. Ubuntu users can look at the iptables-persistent $ shorewall start manage them. Remember
packagem and those using Systemd can use its to use the appropriate
iptables service (this loads rules from the file we used The lowdown tools when using either or
both protocols.
in the iptables-save example): All the firewall tools that we have looked at are built on
$ systemctl enable iptables top of iptables. They all create netfilter rules and apply
them using iptables, but they present a higher level of
Hacking ufw abstraction to the user that hides its complexity. While
If you look at the output of iptables-save, you’ll see the intention is to simplify things for the user, a
that it contains the command line arguments we used disadvantage of this approach is that some netfilter
to create our rules. You can use this knowledge to capabilities may not be available.
write rule files directly, and this brings us back to ufw: Whichever of these tools you eventually adopt, you’ll
its configuration files use the same iptables-save be better placed to implement secure systems.
format and are stored in the /etc/ufw directory.
Like iptables, ufw has separate configurations for John Lane provides technical solutions to business
IPv4 and IPv6. Each has before.rules and after.rules problems. He has yet to find something that Linux can’t
solve.

www.linuxvoice.com 111
SUBSCRIBE

SUBSCRIBE shop.linuxvoice.com

Get your regular dose
of Linux Voice, the
magazine that:
Gives 50% of its profits
back to Free Software
Licenses its content
SUBSCRIBE TO CC-BY-SA within 9 months
US/Canada subs prices
TODAY! 1-year print & digital: £95
12-month digital only: £38

112 www.linuxvoice.com
NEXT MONTH

NEXT MONTH IN

ON SALE EVEN MORE AWESOME!
THURSDAY
Eben Upton
26 MARCH The benign overlord
of the Raspberry Pi
Foundation gets us
all excited over

COMPLETE GUIDE TO
what’s to come after
the Raspberry Pi

HACKING
Version 2 fuss has
died down.

Ubuntu phones
We’ve been looking
forward to it for
ages, and now the
first smartphones to
ship Ubuntu’s phone
OS are with us at
last. Here’s how they
measure up.

Inside x86

ETHICAL HACKING Explore the inner
workings of the most
common PC
Learn how the bad guys work and use that architecture – the
ubiquitous x86 –
knowledge to protect yourself. Starring with our kernel
Ben Everard and the Metasploit framework. superstar
Dr Valentine Sinitsyn.

LINUX VOICE IS BROUGHT TO YOU BY
Editor Graham Morrison Editorial consultant Nick Veitch through the use of advice in this magazine. Copyright Linux is a trademark of Linus
graham@linuxvoice.com nick@linuxvoice.com Experiment with Linux at your own risk! Torvalds, and is used with permission.
Deputy editor Andrew Gregory Distributed by Marketforce (UK) Ltd, Blue Anything in this magazine may not be
andrew@linuxvoice.com All code printed in this magazine is licensed Fin Building, 110 Southwark Street, London, reproduced without permission of the editor,
Technical editor Ben Everard under the GNU GPLv3 SE1 0SU until November 2015 when all content
ben@linuxvoice.com Tel: +44 (0) 20 3148 3300 (including our images) is re-licensed CC-
Editor at large Mike Saunders Printed in the UK by BY-SA.
mike@linuxvoice.com Acorn Web Offset Ltd Circulation Marketing by Intermedia Brand ©Linux Voice Ltd 2014
Creative director Stacey Black Marketing Ltd, registered office North Quay ISSN 2054-3778
stacey@linuxvoice.com Disclaimer We accept no liability for any House, Sutton Harbour, Plymouth PL4 0RA
loss of data or damage to your hardware Tel: 01737 852166 Subscribe: shop.linuxvoice.com

www.linuxvoice.com
/DEV/RANDOM/

Final thoughts, musings and reflections
Nick Veitch
was the original editor
Lots of books on random subjects
of Linux Format, a – these cover the entire wall, and
role he played until he includes the obligatory collection
got bored and went of Linux Voices.
to work at Canonical Self-built RepRap
instead. Splitter! Eee PC – great 3D printer. Works
robust PC for great with Linux!
travelling.

I
PCIe cards for
have fallen out with my phone. I was never which I maintain
really that much into phones to be honest. I the kernel driver.
reluctantly joined the mobile-toting brigade Speccy 128k.
when I was travelling for work a lot and
Old Dell 9150 tower
apparently I had to have one in case I was PC, with audio
needed for something. It seemed to upset people breakout panel
that I rarely turned it on. As far as I was
concerned, the phone was for my convenience,

My Linux Setup Mark Einon
not theirs.
I only really started using a mobile phone
when I got my first smartphone. Well, I say
smart, it was I recall running some version of Software consultant, mainly with civil aviation software,
Windows. But it had a slide-out keyboard, and part-time kernel hacker and kernel maintainer, tinkerer.
that made it infinitely more useful.
What version of Linux are you What was the first Linux
Grumpiness amplifier using now? distribution you used?
These days I work from home. I don’t need a Left to right – Debian Wheezy on Fedora Core sometime around
phone, and even when I travel, I am more likely to the tower, along with many VMs – 2004, which I dumped when it got
be carrying a laptop or tablet, or both. They are CentOS, Arch and whatever else I’m harder to install your own kernels and I
just so much more useful (although they do playing with. Wheezy on the Eee PC, swapped to Ubuntu. Ubuntu was always
make more of a racket if you forget to turn them Wheezy on the battered i7 laptop. To troublesome to do kernel development on
off in the cinema). SMS messages are annoying summarise: Debian Wheezy. I also due to their random frequent userspace
(not to mention unreliable – do you know how have two RasPi’s in a cupboard, one changes, so I later moved to Debian which
they work? Don’t bother finding out, it will just running an email server and the is lovely, transparent and stable, and have
scare you). And if I really want to actually ‘talk’ to other irrsi/tmux, so I can keep up to date been using it ever since.
someone (which means it is a personal call) then with the #LinuxVoice channel.
I generally like to see them as well, which leaves Oh, also The Kernel on the VIC-20, What Free Software/open source
the phone as the worst option. The things it does Kickstart on the Amiga A600 with a CF can’t you live without?
well are things I don’t actually want to do. I card hardware mod. The bread-and-butter of the Linux
sometimes check what the time is on it… kernel. Everything else on top is jam.
So, really, the relationship is over. I don’t want a And what desktop are using on
phone, I want a computer. I want to do the things these machines? What do other people love but
a computer can do, I don’t care about the things Xfce for less capable machines, you can’t get on with?
a phone can do. I think ‘phones’ should go the otherwise the default Gnome. I’m This newfangled internet thing –
way of fax machines – only used by people you not a big desktop user, preferring a particularly social media sites and
are better off avoiding. Someone should make a terminal running tmux; with Mutt, Vim, their quest to monetise you. It’s very
computer that is sort of phone-sized for Taskwarrior, SSH etc, the setup for which I useful but can also be a waste of time. I
portability, then I might be interested again. And keep on GitHub and pull down when stopped using Twitter as it became more
could they do it soon? My contract is almost up… needed to any machine. wasteful than useful. G+ is OK though.

114 www.linuxvoice.com
This is what we’ve done in the last 12 issues.
Subscribe to the next 12 from just £38.

Every subscription includes access to every PDF, ePub and audio edition we’ve ever published.

shop.linuxvoice.com